Two Kinds Of People is a clever blog created by Portuguese art director João Rocha that uses simple graphics to illustrate two different kinds of people. These are a few of examples. Obviously, I fall in the more unorganized party most of the time. My mom calls people like me "free-thinkers", which is a nice way of saying people who struggle at life, and there are a lot of them that live in Florida. It's weird the way different people have different needs and brains that work differently. When I was in college I volunteered for a brain study to earn a little extra money and the doctors found out my brain is actually a penis. I never got paid.
Thanks to Elizabeth B, who saw the icon for the 3,638 unread emails on my phone and almost had a nervous breakdown.
So happy to see McConnell keep getting smacked around.
Earlier this week, we noted that Senator Mitch McConnell, hot off of his huge flop in trying to preserve the NSA's surveillance powers, had promised to insert the dangerous "cybersecurity" bill CISA directly into the NDAA (National Defense Authorization Act). As we discussed, while many have long suspected that CISA (and CISPA before it) were surveillance bills draped in "cybersecurity" clothing, the recent Snowden revelations that the NSA is using Section 702 "upstream" collection for "cybersecurity" issues revealed how CISA would massively expand the NSA's ability to warrantlessly wiretap Americans' communications.
Thankfully, like his PATRIOT Act games from a few weeks ago, this latest McConnell move has fallen flat. The Senate rejected the attempt by a 40 to 56 vote. So, for now, it looks like the Senate isn't going to be able to ram CISA through either which is good news.
Still, expect Congress to keep trying. But, each time, it's important to ask some basic questions: what attacks would this bill actually stop (answer: none). And what laws are currently preventing the supposedly necessary "information sharing" from happening today? And, more importantly, why is the NSA getting access to this information and allowed to run backdoor searches on its upstream collections of all internet traffic exiting or entering the US? These all seem like relevant questions and they're all questions that the powers that be are ignoring.
Almost exactly a year ago we wrote about a troubling lawsuit in British Columbia, where a court ruled that Google needed to block access to a website globally. The case involved one company accusing another of selling counterfeit or copied equipment, and despite Google not even being a party to the case, said that Google needed to make sure no one could find the site in question via Google anywhere in the world. As we noted, this had tremendously problematic consequences. For example, China doesn't think anyone should be able to learn about the protests in Tiananmen Square. Can it now order Google to remove all links to such references globally? That result seems crazy. And, of course, there was a separate issue of how the court even had jurisdiction over Google, seeing as it does not have any operations, staff or servers in British Columbia. Google stepped in to protest the injunction at the appeals court.
Unfortunately, the court has now ruled against Google, using the same sort of logic the lower court did -- basically arguing that because Google is available in British Columbia, the court has jurisdiction, and because it's trying to stop what it deems to be illegal actions from reaching Canada's shores, it has every right to order Google to block things worldwide, lest someone from British Columbia decide to type "google.com" into their browser to avoid the "google.ca." On the question of "doing business" in BC, the appeals court basically accepts the lower court's confused understanding of things:
While Google does not have servers or offices in the Province and does not have resident staff here, I agree with the chambers judge’s conclusion that key parts of Google’s business are carried on here. The judge concentrated on the advertising aspects of Google’s business in making her findings. In my view, it can also be said that the gathering of information through proprietary web crawler software (“Googlebot”) takes place in British Columbia. This active process of obtaining data that resides in the Province or is the property of individuals in British Columbia is a key part of Google’s business.
Google says that even if it is concluded that it carries on business in British Columbia, the injunction was not properly granted, because it did not relate to the specific business activities that Google carries on in the Province. In my view, the business carried on in British Columbia is an integral part of Google’s overall operations. Its success as a search engine depends on collecting data from websites throughout the world (including British Columbia) and providing search results (accompanied by targeted advertising) throughout the world (including British Columbia). The business conducted in British Columbia, in short, is the same business as is targeted by the injunction.
In other words, if you don't want to be subject to the laws of BC (with control over your entire global operations) don't index websites based in BC? That's crazy. While I doubt it will happen, it's got to be tempting for some at Google to just say "okay, no more Google for BC or any website in BC."
Now as for the nutty idea that a court in BC has jurisdiction over all of Google's global operations, again, the court doesn't seem even remotely concerned about that. It's response is basically "yeah, so?"
Google raises the specter of it being subjected to restrictive orders from courts in all parts of the world, each concerned with its own domestic law. I agree with the chambers judge that it is the world-wide nature of Google’s business and not any defect in the law that gives rise to that possibility. As well, however, the threat of multi-jurisdictional control over Google’s operations is, in my opinion, overstated. Courts must, in exercising their powers, consider many factors other than territorial competence and the existence of in personam jurisdiction over the parties. Courts must exercise considerable restraint in granting remedies that have international ramifications.
And it notes that previous cases have said that, sure, BC courts have "worldwide jurisdiction."
At one time the courts of this Province refrained from granting injunctions that enjoined activities outside of British Columbia.... In 1988, however, the English Court of Appeal held that it had jurisdiction to issue a worldwide Mareva injunction.... It is now over 25 years since the Supreme Court of British Columbia first issued a worldwide injunction.... The jurisdiction to do so was re-confirmed .... and is, today, well-established.
Google, quite reasonably, points out that while injunctions make sense against parties that actually break the law, it makes no sense to issue an injunction against a third party that has nothing to do with the party that actually broke the law. The court goes on a long and winding road saying "sure, but... in this case, it's okay."
Finally, the court addresses another concern raised by the Canadian Civil Liberties Association, noting that banning access to a website worldwide has serious free speech consequences. Once again, the court says "sure, but, we don't care in this case."
For that reason, courts should be very cautious in making orders that might place limits on expression in another country. Where there is a realistic possibility that an order with extraterritorial effect may offend another state’s core values, the order should not be made.
In the case before us, there is no realistic assertion that the judge’s order will offend the sensibilities of any other nation. It has not been suggested that the order prohibiting the defendants from advertising wares that violate the intellectual property rights of the plaintiffs offends the core values of any nation. The order made against Google is a very limited ancillary order designed to ensure that the plaintiffs’ core rights are respected.
I note, as well, that the order in this case is an interlocutory one, and one that can be varied by the court. In the unlikely event that any jurisdiction finds the order offensive to its core values, an application could be made to the court to modify the order so as to avoid the problem.
In short, sure, banning speech around the globe from one court in British Columbia, Canada could have serious global free speech concerns, but... we really don't like this website, so we're not going to change the ruling. In fact, later in the ruling, the court basically says "hey, the idea that there may be some 'legitimate' speech on this website we're ordering blocked globally is totally speculative":
There has, in the course of argument, been some reference to the possibility that the defendants (or others) might wish to use their websites for legitimate free speech, rather than for unlawfully marketing the GW1000. That possibility, it seems to me, is entirely speculative. There is no evidence that the websites in question have ever been used for lawful purposes, nor is there any reason to believe that the domain names are in any way uniquely suitable for any sort of expression other than the marketing of the illegal product. Of course, if the character of the websites changes, it is always open to the defendants or others to seek a variation of the injunction.
And, thus, British Columbia believes it can order global blocking of any website its courts deem problematic in BC. One wonders if we'll start to see "censorship tourism" migrating to BC courts now that its doors are open for global censorship orders.
Two weeks ago, the House Agriculture Committee voted 38-6 to repeal country-of-origin-labeling. (COOL), and now it's the full House's turn. In a 300-131 vote yesterday the "country of Origin Labeling Amendments Act" (HR 2393) passed with the support of a significant number of Democrats as well as the majority of Republicans.
The bill's prompting and passage came after the World Trade Organisation ruled in favor of Canadian farmers, who sued claiming it was "discriminatory" and thus in violation of Free Trade Agreements. The problem? Cattle bought from abroad would have to be segregated from domestic cattle, increasing costs and making imports less desirable.
House Speaker John Boehner, R-Ohio, said after the vote that the last thing American farmers need "is for Congress to sit idly by as international bureaucrats seek to punish them through retaliatory trade policies that could devastate agriculture as well as other industries."
That is, of course, the same John Boehner that has been encouraging the President to get more support for Fast Track, in order to pass more of these "Free Trade" deals that impose more international bureaucrats and will almost certainly lead to more disputes that "require" Congress to "not sit idly by."
[TPP] critics warn that parts of this deal would undermine American regulation -- food safety, worker safety, even financial regulations. They're making this stuff up. (Applause.) This is just not true. No trade agreement is going to force us to change our laws.
Less than one month on, and we have exactly what he claimed 'is not true' happening. A trade agreement forcing a law change, and having what some would claim is an impact on food safety. And it's happening a day or so before the House is voting to create even more such situations while claiming that it won't do this. Do they not even recognize what it is they're voting on?
This is a shot of the lab culture grown from an 8-year old's handprint after playing outside. As you can see, there are all sorts of delicious microbes present. I like the ones on the palm and tip of the middle finger that look like snowflakes. Also, you see the one at the tip of the index finger? Those are booger microbes. Because kids pick their noses. So do I. Except if anyone catches me I tell them I was just scratching the inside of my nostril and a booger must have hopped onto my finger to escape. What? No I didn't just put it in my mouth!
Thanks to WBWBWB, which is the sound I make whenever I'm rubbing somebody's head for good luck.
An important bit of news from WWDC that deserves its own news item: you no longer need to be a licensed developer (i.e., paying) to test your applications on your own devices.
Xcode 7 and Swift now make it easier for everyone to build apps and run them directly on their Apple devices. Simply sign in with your Apple ID, and turn your idea into an app that you can touch on your iPad, iPhone, or Apple Watch. Download Xcode 7 beta and try it yourself today. Program membership is not required.
Of course, to distribute them, you still need to pay up.
LG G4 owners on AT&T are left scratching their heads after a mysterious software update was automatically installed on their devices without their consent. Normally when receiving an over-the-air update, the user will receive some sort of a prompt notifying them of an update, along with some form of a changelog listing the new changes. Some OTA updates can actually be postponed for so long before they auto-update but this one just kind of came out of the blue and installed it itself.
So, what was it? According to an AT&T software update page, it was a relatively small 26MB update (which lines up with reports) that began last week and was little more than an update to the AT&T Address Book app. The update is still Android 5.1 (build LMY47D) but updates the software to version H81010e. It’s not the first time AT&T has done something like this, and it probably wont be the last.
Anyone else see their LG G4 applying this update on its own?
not shocking but disappointing: "Its brief lapse notwithstanding, the USA FREEDOM Act also expressly extends the sunset of Section 215 of the USA PATRIOT Act, as amended, until December 15, 2019"
The Memorandum of Law the FISA Court ordered the DOJ to make public in response to Ken Cuccinelli/FreedomWorks' challenge to the immediate return of Section 215 "business as usual" following the expiration of the authority at the end of May. (Followed almost immediately thereafter by the passage of the USA Freedom Act, carrying with it a six-month "transitional" collection period.)
In it, the DOJ makes its case for uninterrupted bulk metadata collection, as if the authority a) hadn't been allowed to expire and b) hadn't had its legality challenged by the Second Circuit Court. Right now, it's all a very gray area and the DOJ aims to take advantage of it. Due to the fact the surveillance reform bill didn't pass until after the expiration of the authority, the six-month window granted may theoretically allow for an uninterrupted collection, but it's completely unclear as to what legal authority allows the government to do so -- at least in its present, unaltered form.
The DOJ claims in its late-night FISC filing that the USA Freedom Act itself gives it permission to run an unaltered Section 215 collection for the next six months.
The USA FREEDOM Act authorizes the Government to seek and this Court to issue an order under Section 1861 for the production of tangible things in bulk for 180 days in the same manner as authorized in docket number BR 15-24 and prior related dockets. The USA FREEDOM Act bans the bulk production of tangible things under Section 1861 effective 180 days from its enactment, which is when Sections 101 through 103 take effect. Id.§ 109(a). Its brief lapse notwithstanding, the USA FREEDOM Act also expressly extends the sunset of Section 215 of the USA PATRIOT Act, as amended, until December 15, 2019, id.§ 705(a), and provides that, until the effective date of the amendments made by Sections 101 through 103, it does not alter or eliminate the Government's authority to obtain an order under Section 1861 as in effect prior to the effective date of Sections 101 through 103 of the USA FREEDOM Act. Id.§ 109(b). Because the USA FREEDOM Act extends the sunset for Section 215 and delays the ban on bulk production under Section 1861 until 180 days from its enactment, the Government respectfully submits that it may seek and this Court may issue an order for the bulk production of tangible things under Section 1861 as amended by Section 215 of the USA PATRIOT Act as it did in docket number BR 15-24 and prior related dockets.
It cites comments Pat Leahy and Chuck Grassley made on May 22 (without, curiously, quoting either Rand Paul or legislative record from after Mitch McConnell caused the dragnet to lapse) showing that the intent of the bill was to extend the current dragnet.
What really makes the DOJ's memo worth reading is its off-hand dismissal of the Second Circuit Court's finding that the bulk collection is not actually authorized by existing law. It simply states that it finds this court's opinion less likable than the FISA Court's interpretation of this legal authority.
The Second Circuit's recent panel opinion in ACLU v. Clapper, No. 14-42 (2d Cir. May 7, 2015) does not bar this Court from authorizing the production in bulk of call detail records, notwithstanding its holding that Section 1861 does not authorize the bulk production of call detail records. The Government believes that this Court's analysis of Section 215 reflects the better interpretation of the statute, see, e.g., In Re Application of the FBI for an Order Requiring the Production of Tangible Things, docket no. BR 13-109, Amended Mem. Op., 2013 WL 5741573 (FISA Ct. Aug. 29, 2013) (Eagan, J.) and In Re Application of the FBI for an Order Requiring the Production of Tangible Things, docket no. BR 13-158, Mem. (FISA Ct. Oct. 11, 2013) (McLaughlin, J.), disagrees with the Second Circuit panel's opinion, and submits that the request for renewal of the bulk production authority is authorized under the statute as noted above.
In support of this "argument," it cites the FISA Court's own complicity in rubber-stamping order after order for several years in a row.
With respect to application of Section 1861 of FISA, as amended by Section 215 of the USA PATRIOT Act, following careful consideration of the law by nineteen different judges, this Court has authorized the bulk production of call detail records to NSA forty-one times since May 2006.
The DOJ's response to Cuccinelli's challenge has yet to arrive and, obviously, this memorandum was written before the challenge arrived at the FISA Court. But given this filing's dismissal of both the Second Circuit Court's decision and any legal vagueness surrounding the lapse of the Section 215 authority, it's likely its response will be more of the same.
You knew that Senate Majority Leader Mitch McConnell wasn't going to just leave things alone after his strategy to renew the bulk surveillance provision of the PATRIOT Act failed somewhat miserably. He's now announced that he's going to dump the absolutely terrible CISA bill into the NDAA (National Defense Authorization Act). CISA, as we've discussed, is the latest in a long line of "information sharing" bills, that are really surveillance bills in disguise.
While defenders of these "information sharing" bills insist that they don't open up new surveillance capabilities, as we discussed last week, the latest revelations from the Snowden documents, showing that the NSA uses its Section 702 "upstream" capabilities to monitor for "cybersecurity signatures", reveal that these bills may not grant any new authorities, but would massively expand their ability to do surveillance. That's because it now becomes clear that what the NSA is looking for is more of these "cybersecurity signatures" which it can then use against the "upstream" collection to collect all sorts of information, which is then designated as "incidental" collections that are then free to be searched.
In other words, last week's revelations about the NSA and using upstream for cybersecurity should completely change the debate over cybersecurity bills. But... instead, McConnell is relying on a different story that came out the same day: the hacking of the government's Office of Personnel Management. Of course, even McConnell seems to admit that having the cybersecurity bill in place wouldn't have stopped that (no one has ever shown how these bills would stop a single cybersecurity attack ever), but whatever, "cybersecurity":
“It might or might not deal with every aspect of what apparently happened a few days ago. But Congress is going to act on cybersecurity on this bill in the very near future.”
Actually, it wouldn't have dealt with any aspect of what happened last week. And "acting" on something just because "hacking" seems pretty stupid, but I guess that's how Congress works these days.
There's also some political garbage going on behind the scenes, with McConnell trying to do this in order to get more Democrats to support the NDAA, but it seems like that -- like his PATRIOT Act strategy -- could backfire in a big way.
This is a video of charismatic Youtuber styropyro showing off his homemade 40W laser shotgun. He uses it to set a bunch of stuff on fire because that's what powerful burning lasers are for (plus blinding your enemies in battle). The gun is actually eight 5W lasers in parallel though, not a single 40-watter. That's what I want. I also want a sausage egg and cheese biscuit and a body massage.
Keep going for the video.
Thanks to Bovis, who is going to make a billion watt laser gun and blow up the moon so it rains cheese down on earth and solves world hunger.
[A] small business that designs, installs and services digital video surveillance systems, 3rd Eye Surveillance, [has] sued the United States federal government for alleged patent infringement. The lawsuit, filed in the U.S. Court of Federal Claims, seeking damages exceeding $1 billion for unlawful use of the company’s three video and image surveillance system patents – U.S. Patent Nos. 6,778,085, 6,798,344, and 7,323,980. The surveillance system patents are owned by Discovery Patents, LLC of Baltimore Maryland, who is also a Plaintiff in the case, and exclusively licensed by 3rd Eye Surveillance.
Despite its Plano, Texas headquarters, 3rd Eye Surveillance appears to actually sell goods and services, rather than just litigate from an empty office bearing nothing more than the company name plate. Patent holder James Otis Faulkner pushed these patents through in the wake of the 9/11 attacks in order to give citizens and law enforcement better, faster connections to real-time surveillance footage.
In addition to contract work and direct sales, 3rd Eye also makes a bit of money litigating.
This trio of patents, which have been successfully used against more than 10 municipalities and private businesses, allows for the provision of real-time surveillance video, audio recognition, facial recognition and infrared images to emergency responders and defense agencies.
3rd Eye is claiming the US government's wide-ranging "exploitation" of its unlicensed patents is worth $1 billion. The suit names several agencies directly, while holding the option to name others as needed.
The Defendant is the United States of America, acting through its various agencies, including by way of example, and not limitation, the Department of Justice, the Department Of Homeland Security, USSTRATCOM, the Department of Defense, the United States Customs and Border Protection, the United States Army, the United States Navy, and the Defense Logistics Agency.
Basically, any agency deploying a surveillance system that can be monitored and/or utilizing voice/facial recognition software is a potential target. $1 billion seems to be the floor for damages. In addition to the government agencies named, the suit also alleges indirect infringement by private corporations through their contracts with the government. The list includes government contracting heavyweights Motorola and Booz Allen Hamilton, along with a few others -- again, just "by example" and "not limited" to those listed in the lawsuit.
Of course, this won't be shutting down any existing government surveillance systems. It may result in a payout for 3rd Eye, but the suit doesn't seek an injunction halting the use of the allegedly infringing tech while the court sorts it out. Possibly this is due to the patent owner's respect for a healthy surveillance state or, more likely, that an injunction encompassing multiple government agencies would never be granted, especially when it affects "public interest" hotspots like counterterrorism and law enforcement.
The government hasn't filed a response at this point, so the patents it claims to use in its surveillance gear have yet to be discussed. If this suit survives a motion for dismissal or isn't immediately settled, things could get interesting if the government is forced to discuss the specifics of its surveillance tech. Of course, "interesting" may be in theory only. If the discussion runs deep enough or lasts long enough, this lawsuit will soon be littered with sealed documents, ex parte presentations to the presiding judge and black ink all over the place.
wow, did not know sarbanes oxley applied to individual people :\
The "do something" resulting from the Enron scandal was Sarbanes-Oxley. To date, the law has done very little to curb corporate fraud -- its intended target. But it has become a handy tool for prosecutors looking to stack charges against defendants far removed from the financial world.
We've discussed this at length before. One of the stipulations of Sarbanes-Oxley is the preservation of evidence. Failing to do so, or purposefully destroying records, can result in felony criminal charges. This, unfortunately, doesn't even have to be willful destruction. The law forbids the destruction of evidence, regardless of personal knowledge of ongoing investigations, or even if no investigation has even commenced.
In a hypothetical posed recently (containing a real-world example), finding yourself in possession of child pornography poses a serious dilemma. Possession is a crime, but so is destruction of evidence. Sarbanes-Oxley demands the preservation of evidence in "foreseeable" investigations, and child porn possession is one of those crimes no law enforcement agency ignores.
This aspect of Sarbanes-Oxley is being used again, this time in relation to the Boston Marathon bombing. A cab driver who was friends with the Tsarnaev brothers is now facing multiple charges, including lying to investigators about his relationship with the Tsarnaevs, as well as destruction of records under Sarbanes-Oxley, the latter of which carries a 20-year prison sentence of its own.
Khairullozhon Matanov is a 24-year-old former cab driver from Quincy, Massachusetts. The night of the Boston Marathon bombings, he ate dinner with Tamerlan and Dhzokhar Tsarnaev at a kebob restaurant in Somerville. Four days later Matanov saw photographs of his friends listed as suspects in the bombings on the CNN and FBI websites. Later that day he went to the local police. He told them that he knew the Tsarnaev brothers and that they'd had dinner together that week, but he lied about whose idea it was to have dinner, lied about when exactly he had looked at the Tsarnaevs' photos on the Internet, lied about whether Tamerlan lived with his wife and daughter, and lied about when he and Tamerlan had last prayed together. Matanov likely lied to distance himself from the brothers or to cover up his own jihadist sympathies—or maybe he was just confused.
Then Matanov went home and cleared his Internet browser history.
The last sentence is a criminal act, despite being something millions of people do every day. Some even utilize built-in options in their browsers that dump history and/or clear the cache upon exit. And yet, the law states that this is illegal, should a person ever end up under investigation for anything. That's how broadly the law is written.
It was used to bring additional charges against David Kernell, who hacked into Sarah Palin's email account. The actual hacking resulted in misdemeanor charges. The cleanup processes deployed by Kernell (clearing browser cache, running a disk defragmenter, deleting downloaded photos) were treated as felony obstruction of justice under Sarbanes-Oxley. When these actions occurred, Kernell wasn't under investigation. At best, it could only be assumed that an investigation would result once the hacking attempt was discovered.
Some may feel this interpretation of the law is perfectly acceptable. People who engage in questionable and/or illegal activity shouldn't be allowed to "cover up" their actions in this fashion. But this defense of Sarbanes-Oxley's abused data retention stipulations suggests something very unpleasant about the government's view of who serves who.
Hanni Fakhoury, a senior staff attorney at the Electronic Frontier Foundation, says the feds' broad interpretation of Sarbanes-Oxley in the digital age is part of a wider trend: federal agents' feeling "entitled" to digital data.
Under this law -- and given the prevailing law enforcement/prosecutorial mindset -- US citizens are almost expected to hold onto everything, just in case. The government feels it has the right to dig into your hard drive, browser history, etc. at whatever point it opens an investigation. And if you've "destroyed" any data prior to the examination of your electronic devices, you could face felony charges for performing simple computer maintenance.
As more and more data are stored online, the government wants and believes it deserves access to that data for policing purposes. But Fakhoury disagrees.
"The idea that you have to create a record of where you've gone or open all your cupboards all the time and leave your front door unlocked and available for law enforcement inspection at any time is not the country we have established for ourselves more than 200 years ago."
This law has been on the books for thirteen years now. It hasn't managed to rein in corporate malfeasance, but it's proving to be having a negative effect on citizens who've never scammed a shareholder in their lives.
Usually, when we see clueless government lackeys discussing the need to backdoor encryption, they at least admit upfront that they think encryption is important in protecting private information. Even that nutty rambling speech by Homeland Security Appropriations chair Rep. John Carter recognized that there were important reasons to use encryption to protect privacy. And FBI boss James Comey usually does some hand waving to that effect as well. But apparently he forgot to tell one of his deputies.
While testifying before Congress, Michael Steinbach, assistant director in the FBI's Counterterrorism Division, just went to the levels of pure insanity, in arguing that above all else companies should work to prevent encryption. This was during a ridiculous grandstanding hearing held by the House Homeland Security Committee entitled "Terrorism Gone Viral", and Steinbach didn't waste the opportunity to make a ridiculously viral comment of his own:
So that’s the challenge: working with those companies to build technological solutions to prevent encryption above all else.
Above all else? Is he crazy? At least his written testimony isn't quite as crazy, but still has a bunch of fear-mongering about "going dark."
Unfortunately, changing forms of internet communication are quickly outpacing laws and technology designed to allow for the lawful intercept of communication content. This real and growing gap the FBI refers to as “Going Dark” is the source of continuing focus for the FBI, it must be urgently addressed as the risks associated with “Going Dark” are grave both in traditional criminal matters as well as in national security matters.
"There are 200-plus social media companies. Some of these companies build their business model around end-to-end encryption," said Michael Steinbach, head of the FBI's counterterrorism division. "There is no ability currently for us to see that" communication, he said.
"We're past going dark in certain instances. We are dark," he added.
While the head of the committee, Rep. Michael McCaul played along with this insanity, arguing about how these so called "dark spaces" are a "tremendous threat to the homeland" at least Rep. Ted Lieu -- the same Rep. who recently called out the push to backdoor encryption as "technologically stupid" -- has some more thoughts on the FUD and grandstanding by McCaul and Steinbach. As he told the Intercept:
“When they talk about dark places, ooooh it sounds really scary,” Lieu said. “But you have a dark place in your home you can talk, you can meet in a park –- there are a zillion dark places the FBI will never get to and they shouldn’t because we don’t want to be monitored in our home.” .....
“The notion that encryption is somehow different than other forms of destroying and hiding things is simply not true,” Lieu told The Intercept. “Forty years ago, you could make the statement that paper shredders are one of the most damaging things to national security because they destroy documents that law enforcement might want to see.”
More Lieu, less McCaul and Steinbach, please.
The thing is, as we've noted before, what's equally as disturbing as the ignorant statements from folks like Steinbach is that now, security researchers and tech companies are going to have to waste tons of time and resources explaining why all of this is not just "technically stupid" but actively makes all of us less safe. And they need to do that, rather than building stronger encryption, which is what we really need.
It's become bizarrely trendy among some (especially on Reddit) to flat out hate on the USA Freedom Act, ignoring that it has some very useful reforms in it. It's absolutely true that they are small reforms that don't go far enough and don't touch on many other, more worrisome, programs, but there was plenty of useful stuff in there as well, in taking a first small step towards reform. However, in the comments to our post last Sunday about the three surveillance provisions briefly sunsetting until USA Freedom passed a few days later, someone asked if the USA Freedom Act still worked the same even after Section 215 expiring, since it modified Section 215. I really had no idea.
Over at Just Security, they're now discussing that issue, pointing out that things might be a bit messier than everyone expected. That's because, yes, USA Freedom modifies the text of existing law, but the existing law changed at midnight Sunday night, and the "changed" text might no longer make any sense:
Practically speaking, things aren’t so simple. For example, the US Code section that up until Monday morning had contained the business records provision was 50 USC § 1861. As of 12:00am on June 1, however, any parts of the US Code that had expired reverted back to how they read on October 25, 2001, per the terms of the 2005 and subsequent reauthorizations. But rather than containing the business records provision, the old version of Section 1861 contained definitions for terms (and Section 1862 was the FISA business records provision). This raises the second question of how the US Code will read now that the unaltered version of the USA Freedom Act is law.
The answer here is much less clear and is where the US Code is about to get a little weird. Section 601(b) of the USA Freedom Act, for example, amends Section 502(c) of FISA. But Congress' instructions for modifying that part of the US Code creates a number of blank spots in the text and several nonsequiturs. For example, Section 601(b) says that the word "and" should be struck in subparagraph (A), to insert a semicolon in subparagraph (B), and to add subparagraphs (C) through (E), but neither (A) nor (B) existed in the pre-Patriot Act text. As a result, here’s how it now reads:
1862. Access to certain business records for foreign intelligence and international terrorism investigations
(c) Ex parte judicial order of approval
(1) Upon application made pursuant to this section, the judge shall enter an ex parte order as requested, or as modified, approving the release of records if the judge finds that the application satisfies the requirements of this section.
(A) (B) ; (C) the total number of applications made for orders approving requests for the production of tangible things under section 501 in which the specific selection term does not specifically identify an individual, account, or personal device; (D) the total number of orders described in subparagraph (C) either granted, modified, or denied; and (E) with respect to orders described in subparagraph (D) that have been granted or modified, whether the court established under section 103 has directed additional, particularized minimization procedures beyond those adopted pursuant to section 501(g).
(2) An order under this subsection shall not disclose that it is issued for purposes of an investigation described in subsection (a) of this section.
Section 1862(c)(1)(A) and (B) are blank because they didn’t exist in the pre-Patriot Act version of the law. USA Freedom simply willed them into existence by calling for edits to them and by creating subparagraphs (C) through (E), which had to be preceded by something. And the rest of Section 1862(c)(1)? The FISA provision that explains the requirements for a court order after a successful application by the government to collect a company’s business records is now nonsensically melded with reporting requirements.
And that's not all. As the writeup by Megan Graham notes, this is true of many other sections as well. Basically, USA Freedom was designed to work relative to parts of existing law, but that existing law changed, and now everything's broken and the law, in places, makes no sense at all.
As Graham notes, most people are probably assuming that we can now pretend that USA Freedom is meant to amend not the law as it stood on Tuesday when USA Freedom passed, but the law as it stood two days earlier. And that's a reasonable assumption. But it may not be legally binding. And, thus, there's a half-decent chance that someone could actually challenge the law based on how it actually is supposed to be, rather than letting everyone get away with pretending that, before making the USA Freedom Act law, we first put the three surveillance provisions back in place.
Jason Leopold has so thoroughly aggravated naturally-secretive government agencies that he has earned the nickname "FOIA terrorist." He routinely files two dozen FOIA requests a week, along with MDRs (Mandatory Declassification Reviews), which force the government to more closely examine documents it has previously withheld in full.
In the course of these activities, Leopold has also filed numerous FOIA lawsuits against government agencies for withholding documents, not performing thorough searches or exceeding the statutory time limits for responses.
In his testimony in front of the House Committee on Oversight and Government Reform, Leopold gave up both the agency and its questionable offer.
Leopold: The Office of Net Assessment (ONA) is the Pentagon’s in-house think tank. They spend millions and millions of dollars putting together reports — reports that they contract out about perhaps some futuristic warfare, or what the situation in the Middle East is going to look like with regards to oil. I asked for those reports. I filed a FOIA request; they refused to comply with my FOIA request. They said it was too broad. I narrowed it, they still said it was too broad. I sued them. Recently they said that ‘We’ll give you some documents as long as you promise to never file a FOIA request again and don’t have anyone else file a FOIA request on your behalf.’
Rep. Mark DeSaulnier (D-Calif.): How is that legal?
Leopold: I don’t know but they put this in writing and I’m really looking forward to the day when I write this story up.
This is what one agency was prepared to do just to keep Leopold out of its file cabinets.
But it's not just overt actions like these. It's the little things agencies do to frustrate FOIA requesters, especially journalists like Leopold who are looking for timely information rather than just information. In his testimony, Leopold points out that agencies routinely stonewall journalists in hopes of discouraging them from making further inquiries. If they can delay a release past the point of relevance, it's a PR win for them, especially if the information requested is less than flattering.
As you know, FOIA requires an agency to make a determination on releasing records within 20 business days. An extension of 10 business days is available in “unusual circumstances.” I have submitted thousands of FOIA requests to dozens of different agencies, and in my experience, fewer than one percent of my requests have been decided within the timeframe required by FOIA. My colleagues have had similar experiences.
I routinely experience delays of several years...
Case in point: Leopold's FOIA request for information related to incoming DOJ head Loretta Lynch.
My request to the Executive Office of the United States Attorneys for records about Loretta Lynch illustrates the problems that investigative journalists face in using FOIA. I submitted my request the day that Loretta Lynch’s nomination was announced by President Obama. I sought expedited processing because the records I was requesting relate to Lynch’s performance of her duties as United States Attorney for the Eastern District of New York. When the agency did not rule on my request for expedited processing within the time period allowed by FOIA, I immediately filed suit. The agency conceded that the topic of my request is a “matter of widespread and exceptional interest,” but insisted that it should not have to even begin releasing records for several months. My attorney filed several emergency motions requesting that the Department of Justice process my request and produce records before Lynch’s confirmation hearing, but the judge presiding over the case indicated that he would not have time to rule on the motions for more than a month.
After Lynch was confirmed, my request for expedited treatment became moot. To date, the agency has still not processed the documents I requested.
As he points out, this sort of behavior achieves exactly what the foot-dragging agencies hope it will: it discourages journalists from using FOIA requests in their news gathering. And every journalist persuaded to look elsewhere is one more chance to keep information out of the public's hands.
Then there are the loopholes. Some of these abused exemptions have been addressed by amendments to FOIA laws, but there are still plenty of exploitable areas.
Congress deliberately chose the words “records or information” when it amended Exemption 7 in 1974. Prior to that time, investigatory files compiled for law enforcement purposes were exempt. The problem was that agencies could simply place documents that they wanted to withhold from disclosure inside an investigatory file, and then treat the document as exempted simply because of its location. The 1974 amendment was designed to fix this problem by eliminating the blanket exemption for government records simply because they were found in investigatory files compiled for law enforcement purposes.
Notwithstanding Congress’s clear intention and the plain language of FOIA after the 1974 amendment, the FBI continues to withhold information where the record requested “is located in an investigative file which is exempt from disclosure pursuant to 5 U.S.C. 552(b)(7)(A)” (emphasis added). I have received dozens of denial letters from the FBI based on this erroneous interpretation of FOIA, and the Department of Justice’s Office of Information Policy has affirmed the FBI’s decision in every administrative appeal I have filed. The FBI has not defended its position in court, but instead conducts a new review applying the proper standard once litigation has commenced. As a result, the issue becomes moot.
According to Leopold, the worst agencies to deal with in terms of FOIA requests are the usual suspects: the FBI, the DOJ and the US Southern Command. Thanks to Snowden's prompting of additional interest in the "intelligence community," the NSA has been added to that list.
The oversight committee has its eye on FOIA reform and the government could use a swift kick right in the exemptions. But whether or not a so-called "terrorist's" assertions about near-bribes and SOP stonewalling will push it in that direction remains to be seen.
baltimore apparently has a gross sounding hotdog :X
This is a chart created by Food Republic of how to make 40 different style hotdogs from around the world. Hotdogs, as I'm sure you're all aware, are one of nature's most powerful superfoods and have been known to increase strength, intelligence, heartburn, and flatulence. What's your favorite kind of dog? I like a footlong chili cheese dog with mustard and diced onions. I also like a plain boiled hotdog (boiled in the same hotdog water I've been saving on the back burner of the stovetop for months) with ketchup and mustard and relish. I also like a sauerkraut dog with spicy mustard. Really, there isn't a hotdog that I wouldn't eat. Including one that's fallen on the floor. If you think about it, the floor is really just a solid version of air anyways. "What?" I'm hungry. It's hard to science when I'm hungry.
Thanks to PizzaBites, who I have and will continue to eat for breakfast because I am long past caring.
Intelligence gathering on intelligence gatherers. Watching the watchers. Whatever you want to call it, Transparency Toolkit is doing it. It has gathered 27,000 publicly-posted resumes from members of the "intelligence community" and turned them into a searchable database.
The database -- ICWatch -- was put together using software specifically constructed by Transparency Watch (and posted at Github). Not only can the database be searched through TW's front end, but the data is also available in raw form for data-mining purposes.
"These resumes include many details about the names and functions of secret surveillance programs, including previously unknown secret codewords," Transparency Toolkit said.
"We are releasing these resumes in searchable form with the hopes that people can use them to better understand mass surveillance programs and research trends in the intelligence community."
What Transparency Watch has done is simplified a task anyone could have performed prior to the compilation of the ICWatch database. In fact, nearly two years ago, the ACLU's Chris Soghoian pointed out that public LinkedIn profiles were coughing up classified program names posted by intelligence community members in their listed skills and work history.
This is all Transparency Watch has done -- only in aggregate and accessible to those without a LinkedIn account.
The data was collected from LinkedIn public profiles using search terms like known codewords, intelligence agencies and departments, intelligence contractors, and industry terms, the group said.
What Soghoian noted back in 2013 remains true. Searches for known NSA programs frequently bring up other program names, all posted publicly by employees and contractors with an apparent disregard for the agency's "everything is a secret" policies.
Some may argue that this algorithmic collection of resumes and LinkedIn profiles may be dragging some people under the "intelligence community" umbrella that shouldn't really be there. That's likely true, but this is one of those inescapable outcomes of dragnet operations. They may also argue that turning over this information to the public may cause some of those listed to be subjected to harassment or put them in danger. Also, this may unfortunately be true as well.
But there's a simple solution, albeit one that can't be applied retroactively.
As the government so frequently points out to us, publicly-posted information carries no expectation of privacy. The same goes for government employees and government contractors in sensitive positions who choose to disclose information about their skills and employment publicly. If any danger to these people exists, it has always existed. ICWatch may make the job simpler, but it's done nothing any person can't do on their own, using simple search tools.
Not much of a game player but I might buy this one and check it out, definitely seems interesting.
Interesting experiment by the developers of Rust.
When the game was first opened up, all players were given the same default avatar: a bald white man. With the most recent update, Rust's lead developer, Garry Newman, introduced different avatars of different racial origins into the mix. However, they did so with a twist - unlike typical massively multiplayer online role-playing games, Rust does not allow players to choose the race of their avatar. Instead, they are assigned one at random.
Interestingly enough, the inability to choose skin colour only became a problem after a black skin colour was added to the game. I love experiments like this.
Brandon... our old friend discoveryd is going away!
After many complaints from the developer community about poor networking performance on Yosemite, the latest beta of OS X 10.10.4 has dropped the discoveryd in favor of the old process used by previous versions of Mac operating system. This should address many of the network stability issues introduced with Yosemite and its new networking stack.
A clearer sign that discoveryd was a mess, there is not.
The US Senate did something big last week. In a midnight session, the Senate clearly rejected a clean reauthorization of the NSA’s bulk phone records collection program, voting 45-54 against proceeding with S. 1357, a two-month reauthorization of Section 215 and two other expiring provisions of the Patriot Act.
Considering the fear-mongering and legislative quagmire NSA reformers have faced, that’s no small thing. We think it means that the voices of thousands of people who have contacted lawmakers are making a difference.
But the fight isn’t over. During the same session, the Senate also failed to come to an agreement to advance the USA Freedom Act (H.R. 2048), an NSA reform bill . The Senate’s inability to agree on a way forward is a good sign that Section 215 of the Patriot Act will expire on June 1—but at the behest of Senate Majority Leader and NSA defender Mitch McConnell, the Senate will meet again on May 31 for further votes.
It’s clear that Congress needs to get serious and—as we said Saturday after the failed votes—stop stalling and address the mass surveillance and secrecy abuses of our government.
The tl;dr on Saturday’s Votes
At 12:01 am Saturday, Sen. McConnell (who as Senate majority leader sets the voting calendar) moved to advance the USA Freedom Act and four short-term reauthorizations of Section 215 of the Patriot Act. Sen. McConnell has known for years that these three provisions of the Patriot Act would expire unless reauthorized; however, instead of scheduling debate on them in mid-May, he waited until after the Senate spent almost two weeks on "Trade Promotion Authority" (aka fast track). The chamber failed on each vote and decided to meet again on the afternoon of Sunday May 31.
What the Senate's Inability to Agree Means
The stalemate means the program—according to a leaked Department of Justice memo—is beginning to be shut down. If the Senate fails to pass anything on Sunday, it will be the first time Americans' calling records aren't being collected in bulk since 2001.
The shutdown appears real: the Department of Justice did not file a reauthorization with the secretive FISA Court to renew the program. While some concern exists that the intelligence community will use an exception in the Patriot Act to continue the collection, we believe the calling records program will be stopped in light of the administration's own words and the Second Circuit's ruling.
The Midnight Vote
The Senate's midnight session was incredible. Originally Sen. Rand Paul planned to object to a vote until 1 am, the time at which Sen. McConnell could overcome the objection and formally begin a vote on NSA bills. Sen. Paul dropped his objection early, allowing Sen. McConnell to convene the Senate at 12:01 am. Instead of debating the bills, he immediately moved for a "cloture vote" (a vote requiring 60 Senators to agree to move forward on a bill whenever any one Senator objects) to advance towards a final vote on the USA Freedom Act. If 60 Senators voted yes to "invoke cloture," then the Senate would move to debate and vote on the actual bill and any amendments allowed by the Majority Leader
Just like last year, the USA Freedom Act failed to get 60 votes. Senator McConnell then called up his preferred path forward, S. 1357: a two-month reauthorization of Section 215 and two other expiring provisions of the Patriot Act. The Senate refused to advance the bill.
Majority Leader McConnell's Mistake
In a last-ditch effort to maintain the NSA’s mass surveillance, a visibly flustered Sen. McConnell made a speaking motion to extend the sunset date of the expiring provisions to June 5. Since there was no formal bill, he needed the entire Senate to agree to move forward with such an extension. Unfortunately for Sen. McConnell, privacy stalwart Sen. Ron Wyden objected. Sen. McConnell then moved to extend the provisions to June 3. Sen. Martin Heinrich, another privacy stalwart, objected next. Finally, Sen. McConnell moved to extend the provisions to June 2. His fellow Senator from Kentucky, Sen. Rand Paul, objected to extending Patriot Act surveillance for even one more day.
And with that, Sen. McConnell's plan to reauthorize the program failed—at least temporarily. In a desperate last minute negotiation, he agreed with Senate Minority Leader Harry Reid to force the Senate to meet again on Sunday May 31.
What Will Happen Sunday?
It's unclear. The Obama Administration unsurprisingly left itself wiggle room to continue the calling records program. In the same DOJ memo noting the program's closure, the administration also said that if the House passed a Senate reauthorization on June 1—technically after the provisions expire—the White House would continue the provisions. While there are news reports of further compromise on the House's USA Freedom Act, lead cosponsor Rep. Jerry Nadler has ruled out any further weakening of the bill.
What we do know is that the Senate calendar says it may hold another vote on the USA Freedom Act in the afternoon. Sen. McConnell is vigorously campaigning to reauthorize Section 215 without any reform. Any vote scheduled in the afternoon of May 31—about 8 hours before the provisions formally expire—will surely be used to fear-monger for a short-term reauthorization. In response, the Senate must stand strong and vote down any short-term reauthorization.
Be sure to tune in to @EFFLive for live updates on Sunday. In the meantime, you can use the next few days to let Congress know that it must not pass a short term reauthorization.
Normally, when we talk about companies and institutions looking to silence security researchers and their ilk who have tried to expose potential threats, the story ends without tragedy. United Airlines, for instance, went on the attack on Chris Roberts, who may well be an idiot, for exposing in-flight WiFi security concerns. CyberLock decides to go legal on a researcher who had been trying desperately to contact them about a security flaw in a number of its electronic locks. Johns Hopkins, meanwhile, ordered the disappearing of a blog post detailing how its own servers might be compromised by the NSA (or used with permission) to defeat encryption schemes.
But in all of those cases, even if some shenanigans were had, there was no real damage done as a result of ignoring the security advice that those organizations subsequently attempted to silence. So, what is the consequence of ignoring that device? Well, as it turns out, the consequence is anus. Very, very, tragically, unfortunately infamous anus.
The affluent denizens of Atlanta’s Buckhead neighborhood received a fun treat this week when they looked up at the corner of Peachtree and East Paces Ferry: a famous internet man’s giant, ruddy, gaping spread asshole, displayed on an enormous digital billboard.
The billboard above [Techdirt editor: which I'm not posting, because obviously I'm not] is one of the thousands of YESCO digital billboards installed across the country. Naturally, it comes with an internet connection. The setup is exactly as insecure as you’d imagine: many of these electronic billboards are completely unprotected, dangling on the public internet without a password or any kind of firewall. This means it’s pretty simple to change the image displayed from a new AT&T offer to, say, Goatse.
Great, so because whoever is in charge of managing that electronic billboard couldn't be bothered to take the advice any competent technology person who came across the setup, of which there must have been at least one, the great people of Atlanta were treated to one of the most disgusting images in human existence. I'm generally loathe to blame the victim, but the owner of a public-facing billboard must have some culpability when it comes to securing their display. And I say that there was at least one person who warned them about this, because at least one has come forward publicly.
Not only was this a case of incompetence, but gross negligence: security researcher Dan Tentler tweeted yesterday that he’d tried to warn this very same sign company that their software is easily penetrable by anyone with a computer and net connection and was told they were “not interested.” Even after the billboard was defaced, Tentler said the company still hadn’t secured its software.
Probably best to just sick the lawyers on Dan. After all, this all must be his fault, somehow.
As Section 215 dies a rather noisy death (OR DOES IT? An emergency session convenes on May 31st, a day normally filled with the quiet emptiness of the extended Memorial Day holiday), the defenders of the mostly-useless surveillance program are out in force, hoping to keep this part of the Patriot Act from expiring.
Mitch McConnell's hope for a no-questions-asked reauthorization is as dead as Section 215 (in its original form) appears to be. The USA Freedom Act stumbled in the Senate, falling three votes shy of being brought to the floor. Now, everyone seems to have a "fix" they'd like to offer. Unfortunately, some of those offering fixes aren't really interested in cutting back the metadata program.
Like Dianne Feinstein, for instance. About the only thing she's found contemptible about our nation's intelligence agencies is the CIA's proclivity for torturing detainees. And the longer she defends the NSA's intrusive programs, the more it gives off the impression that her main problem with the CIA's torture program is that it was ineffective.
Rather than restrict the NSA (and the FBI, which benefits from the collection and issues the requests to the FISA Court in its name) to seeking metadata from service providers on a case-by-case basis, her bill introduces data retention requirements that amount to little more than simply relocating the metadata storage.
Feinstein’s current proposed bill – presented as an update to the original Foreign Intelligence Surveillance Act (Fisa) of 1978 – proposes an end to NSA bulk collection but contains various mandates for how phone companies would be required to store the data, something privacy advocates argue amounts to a re-creation of the NSA database in private hands.
Also missing are USA Freedom's stipulations aimed at greater transparency and oversight. Not only that, but her bill seems crafted to deter the next Edward Snowden from embarrassing the intelligence community's wholesale subversion of the Fourth Amendment.
Dianne Feinstein is the latest member of Congress to offer a non-compromise compromise to replace the compromise USA F-ReDux, this time with a bill that would:
Impose a 2-year data mandate in some cases (which would affect Apple and Verizon most immediately)
Extend the current dragnet order — which is already 89 days old — for an entire year
Retain Richard Burr’s Section 215-specific Espionage Act imposing 10 year penalties on anyone who tells us what the intelligence community is really doing with the call records program
Retain Richard Burr’s counter-productive amicus provision
It appears to flip the amicus provision on its head, such that if Verizon or Apple challenged retention or any other part of the program, the FISC could provide a lawyer for the tech companies and tell that lawyer to fight for retention. And in the piece de la resistance, the bill creates its very own Espionage Act imposing 10 year prison terms for anyone who reveals precisely what’s happening in this expanded querying function at providers.
It is, in short, the forced-deputization of the nation’s communications providers to conduct EO 12333 spying on Americans within America.
These are the sort of "fixes" we can expect from staunch defenders of the NSA. They look like reforms, but they are surrounded by language that expands surveillance reach and government power. Tossing this bill down in the middle of legislative war over a program criticized heavily as both intrusive and useless is nothing more than Feinstein hoping to leverage the weight of the NSA's supposed oversight to push a few legislators off the "undecided" fence and towards ensuring the uninterrupted harvesting of "tangible things."
The Obama administration made a really dangerous and ignorant argument to the Supreme Court yesterday, which could have an insanely damaging impact on innovation -- and it appears to be because Solicitor General Donald Verrilli (yes, the MPAA's old top lawyer) is absolutely clueless about some rather basic concepts concerning programming. That the government would file such an ignorant brief with the Supreme Court is profoundly embarrassing. It makes such basic technological and legal errors that it may be the epitome of government malfeasance in a legal issue.
We've written a few times about the important copyright question at the heart of the Oracle v. Google case (which started as a side show to the rest of the case): are software APIs covered by copyright. What's kind of amazing is that the way you think about this issue seems to turn on a simple question: do you actually understand how programming and software work or not? If you don't understand, then you think it's obvious that APIs are covered by copyright. If you do understand, you recognize that APIs are more or less a recipe -- instructions on how to connect -- and thus you recognize how incredibly stupid it would be to claim that's covered by copyright. Just as stupid as claiming that the layout of a program's pulldown menus can be covered by copyright.
The judge in the district court, William Alsup, actually learned to code Java to help him better understand the issues. And then wrote such a detailed ruling on the issue that it seemed obvious that he was writing it for the judges who'd be handling the appeal, rather than for the parties in the case.
Unfortunately, the judges at the federal circuit court of appeals (CAFC) didn't pay attention and made a completely ignorant ruling, in which it became so clear that they didn't understand the difference between software and an API that it was almost embarrassing. The decision quoted people in ways that were completely out of context, where the CAFC judges clearly misunderstood what was being said. This ruling would fundamentally kill off important forms of innovation if allowed to stand. It would be a disaster.
So, of course, the case has been appealed to the Supreme Court -- and that's where Donald Verrilli steps in. The Supreme Court asked the Solicitor General if the US had an opinion on the case. This apparently led to a healthy debate within the Obama administration over the position it should take. I know that there are people within the administration who understand these issues. Hell, Ed Felten has just been appointed deputy CTO for the administration and he, of all people, recognizes the difference between an API and software (in fact, he signed onto an amicus brief saying as much). He also (more than most) understands the copyright side of things and the potential impact of getting this wrong.
But instead of listening to the people who actually understand the technology, it appears that Verrilli sided with the copyright maximilist/technology-ignorant faction in the government. The final brief argues that the Supreme Court should stay out, that the CAFC got it right, and that it's impossible to distinguish between APIs and software. Because Donald Verrilli has absolutely no clue how software works. That's a fundamentally ridiculous argument, and argued out of near total ignorance of the basic facts of this case.
Just as a quick refresher, copyright law clearly states that:
In no case does copyright protection for an original work of authorship extend to any idea, procedure, process, system, method of operation, concept, principle, or discovery, regardless of the form in which it is described, explained, illustrated, or embodied in such work.
An API is, quite simply, a "system or method of operation." It's not copyrightable. That should be the end of the story. And yet, everyone who doesn't get this keeps arguing that an API is the same thing as software itself. This is just flat out wrong. But Verrilli makes the same mistake:
Despite the inherently functional character of all computer code, the Copyright Act makes clear that such code can be copyrightable. Nothing about the declaring code at issue here materially distinguishes it from other computer code, and petitioner has identified no genuine conflict of authority concerning Section 102(b)’s applicability to circumstances like these. Although petitioner has raised important concerns about the effects that enforcing respondent’s copy-right could have on software development, those concerns are better addressed through petitioner’s fair-use defense, which will be considered on remand.
No, no, no and no. Everything about the declaring code distinguishes it from other computer code if you understand the first thing about computer programming. One is computer code. One explains an interface for communicating with computer code. They're fundamentally different things.
It's like arguing that there is fundamentally no difference between a recipe and a fully cooked meal.
And yet, that's exactly what Verrilli and the Obama administration are now arguing to the Supreme Court. Because they don't understand even the most fundamental things about code, and assume that because an API looks like computer code (because whoever wrote this brief is ignorant of coding), they're the same thing.
Later in the filing, Verrilli, again, seems to assume that an API is the same thing as "computer code."
If the Copyright Act contained no explicit references to computer code, one might reasonably conclude that such code is not protectable “expression” at all. Computer code differs in a fundamental way from many traditional means of literary expression. A book or newspaper article is meant to be read and comprehended by a human being as a description of an idea or story. Although many copyrightable written documents explain how practical tasks should be per-formed, there is typically a clear distinction between the written explanation and the actual performance of the task. Computer code, by contrast, is both expression and the actual means by which a computer is induced to perform the desired function. It therefore would not be unnatural to describe computer code as a “method of operation” or “system.” Nor would it be unreasonable to conclude that, as between a book on bicycle-building and the actual construction of a bicycle, computer code is more analogous to the latter.
Again, the entire basis of this paragraph is arguing something no one is arguing against. Everyone agrees that computer code is copyrightable. What we're arguing is that APIs are not computer code -- because they're not. But because Verrilli and others can't seem to wrap their head around this, they just lump it all together. And the argument, based on this faulty premise continues:
The Copyright Act as a whole makes clear, however, that the functional character of computer code cannot be sufficient to bring it within Section 102(b). If that were so, no computer code would qualify for copyright protection;
This makes no sense. At all. Of course, computer code is copyrightable. But an API that is just a method of how to interact with that code is not computer code.
yet the Copyright Act unequivocally recognizes that a person can own a copyright in computer code.... Rather, the uncopyrightable “method of operation” or “system” or “process” is the underlying computer function triggered by the written code—for example, an algorithm that the computer executes to sort a data set. The code itself, however, is eligible for copyright protection.
Again, yes, of course the code is copyrightable. But the code is not the API. It's incredible how fundamentally the Solicitor General doesn't seem to grasp this simple concept.
When the filing eventually tries to get around to the difference between an API and software code itself, it basically just throws up its hands, saying "well, it looks like code, so it's all the same to us."
That distinction does not withstand scrutiny. Both declaring code and implementing code ultimately perform the same practical function: They instruct a computer to work. The declaring code tells the computer to call up the implementing code, and the implementing code tells the computer to perform an operation, such as executing a sorting algorithm. Both are necessary components of a Java or Android method. And neither the declaring code nor the implementing code is what a programmer physically types when invoking a method.
Yes, and the recipe and the ingredients are both "necessary components" of a meal, but that doesn't make them the same thing. Hell, to be more specific, the recipe and the description of how to prepare a meal are both necessary and they look fairly similar. But in copyright law the recipe is not copyrightable, while the description may be. That's the same thing with software code and APIs. But because the folks who wrote this brief are either ignorant -- or ridiculously chose to ignore those who do understand these things -- we get this absolutely embarrassing brief from the US government. It's a travesty.
Furthermore, Verrilli seems to be suggesting that the important Lotus v. Borland case which found that the layout of a computer program's menu structure were not covered by copyright, was decided incorrectly!
The precise rationale of Lotus is not clear. Parts of the opinion purport to rest on the proposition that Section 102(b) can foreclose copyright protection for original expression.... But other parts of the opinion seem to apply a principle analo-gous to the merger doctrine, to the effect that, be-cause there was only one menu hierarchy that would allow users to operate the spreadsheet program in substantially the same way, the menu hierarchy (un-like the underlying code) could not acquire copyright protection.... Whatever the rationale of Lotus, however, the decision cannot reasonably be read to treat Sec-tion 102(b) as applicable to computer code itself, a form of expression that the Copyright Act clearly protects and that the First Circuit took pains to distinguish.
Also very wrong, is Verrilli's repeated claim that these are issues that can be handled by a fair use analysis, rather than the question of whether or not API's are copyrightable at all:
Indeed, many of petitioner’s specific contentions will be relevant to its fair-use defense on remand. For example, although it would be anomalous to use Section 102(b) to distinguish between different segments of a single work of authorship..., Section 107(3) instructs courts to consider “the amount and substantiality of the portion [of a copyrighted work] used in relation to the copyrighted work as a whole” in adjudicating a fair-use defense. That petitioner copied only respondent’s declaring code while writing its own implementing code should therefore be a relevant factor in the lower courts’ fair-use analysis.
But this, too, is wrong. There's a big difference in saying "this is not copyrightable" and "this can be used thanks to fair use." Fair use is (unfortunately) limited and dependent on a number of factors. Something that is not covered by copyright is open to all comers. The difference is really important and the Solicitor General doesn't even care at all.
Unfortunately, the Supreme Court often follows the Solicitor General's advice on cases (though, not always). If it does so here, it would be a travesty and truly dangerous for innovation. As a ton of top computer experts (including now deputy CTO Felten) noted in their own brief (put together by the EFF), the lack of copyright in APIs has been a key element in defining the way the digital world works. To find otherwise would be a massive hit to basic innovation. As that brief explained
Today, open, uncopyrightable APIs continue to spur the creation and adoption of new technologies. When programmers can freely reimplement or reverse engineer an API without obtaining a costly license or risking a lawsuit, they can create compatible software that the interface’s original creator might never have envisioned or had the resources to develop. Moreover, compatible APIs help enable people to switch platforms and services freely, and to find software that meets their needs regardless of what browser or operating system they use. Without the compatibility enabled by the open nature of APIs, consumers could be forced to leave their data and programs behind when they switch to a new service.
The freedom to reimplement APIs also helps developers rescue “orphan” software or data—systems that are no longer supported by their creators. When a company stops supporting a computer platform or service, the ability to freely reimplement APIs protects the communities that rely on that software. Government entities and non-profits are especially susceptible to the orphan programs problem as they often cannot afford to upgrade and are left using legacy technologies for years or decades.
It would be truly ridiculous that, just because the MPAA's former top lawyer is so ignorant that he can't comprehend the difference between an API and actual software, that the Supreme Court would allow such a terrible ruling as CAFC's to stand.
The United States Department of Justice appears to be operating a fleet of at least 62 small aircraft and helicopters over cities nationwide. The aircraft have been registered to corporations that do not exist, and the purpose of the aerial operations is not known at this time. The flight patterns of the aircraft indicate they are most likely conducting surveillance, much like the controversial aircraft caught flying circles over the city of Baltimore which has seen many protests recently. See examples from this investigation of similar flight patterns over New York City, Dallas, Minneapolis, Phoenix, Chicago, Seattle, and again, Baltimore.
Tail number N912EX registered to ‘OBR Leasing’ flying unknown mission over New York City.
Registering the aircraft to fake companies, such as ‘FVX Research,’ ‘KQM Aviation,’ and ‘OBR Leasing’ allows the government to hide behind plausible deniability. Initially upon investigating the links between these “companies” and the Department of Justice seemed obvious. A search of aircraft registration in Bristow, Virginia for example shows many three-letter acronym companies and a couple aircraft registered explicitly to the Department of Justice. Then, searching the web for any traces that ‘FVX Research’ was a legitimate company proved fruitless. It was only a matter of time before someone put two and two together.
ARGUS Technologies. Image courtesy spie.org
Given the number of flights conducted by this fleet of aircraft within the last week and month, it is clear this is a large, widespread operation. Take what Jay Stanley of the American Civil Liberties Union describes as their nightmare scenario; “I wrote recently about ARGUS, the high-flying drone technology capable of capturing super-high-definition video of a 15-square mile area and automatically tracking all moving vehicles and people within that area. I pointed out that this makes possible our nightmare scenario for drones: wide-area mass surveillance and location tracking of entire cities and towns.” Speculation has arisen on social media that these aircraft could be equipped with ARGUS or similar technology as well as the equally controversial StingRay, cell-phone exploitation technology or variations thereof, which the Feds maintain tight secrecy around. Speculation will only give way to facts once Freedom of Information Act (FOIA) requests delving into the matter are returned and examined.
The extent of these revelations should be alarming to anyone who has been paying attention to the growing web of surveillance and national security in the United States. It seems for now that we will have to wait patiently underneath a fleet of secret government aircraft.
Hrm... maybe worth trying this... NFC, scary, still more secure than magstripes
It can sometimes be scary to entrust online companies with your money, but Google’s doing everything in their power to make sure you won’t ever be burned for doing business with them. The latest move for Google Wallet is to store funds in banks that are FDIC-insured, at least according to information reportedly received by Yahoo straight from an unnamed Google rep.
In case you aren’t aware, the FDIC is a government-spawned insurance agency that was put in place to protect citizens’ fortunes in the unfortunate event that a bank crashes.
So what does this mean? Should Google or the bank holding your funds ever cease to exist (the chances of that happening are very slim in the here and now, we’d say, especially since no FDIC-insured bank has gone under since its arrival in 1934) you can be sure your money won’t go down with them.
On the outside looking in, life with Google Wallet will go on as it always has, but now you get just a bit of added peace of mind knowing your money is just as safe with Google as it is with your favorite big bank.
He calls himself an idiot… we’d say he’s brilliant.
You’re featured in some devastatingly awesome photobombs. You’ve mastered the art of the duckface. Your front facing camera skills put the Selfie Stick to shame. Brag all you want… you’re a rookie compared to this guy who took 16 years of selfies and compiled them all into one mind-blowing video.
He calls himself an idiot (probably to generate more clicks) but I’d say moreso a self-depracating genius. It takes a lot of foresight and vision to start such a project before mobile phones were popular. Heck, before modern day selfies were invented.
His name is JK Keller and here are some interesting facts from this truly interesting project:
He used Adobe After Affects Image Stabilization Plugin to maintain consistency across photos
The project started out of spite when his girlfriend mocked his expensive purchase (Nikon Coolpix 900) by sarcastically asking, “Are you going to use it every day?”
He was 22 years old when he started the project on October 1st, 1998
He plans on continuing the project (and updating the videos) until the day he dies
He doesn’t smile so the images are objective and similar across days, months, years, and decades
There is 8 months of missing data during which time JK was a janitor in Antarctica. This is not a joke.
Now this is a guy with whom I’d like to sit down and have a cup of coffee. It’s one thing to have the idea, it’s another thing to start it, but consistently keeping at it for 16 years without some overarching motivation besides self interest? This is a real artist at work.
That being said, JK readily admits that he’s not the first to pursue such projects and acknowledges he won’t be the last. He has even compiled a list of related photo projects for those who enjoy his own.
Do you now feel inspired to dream up a project of long-term creativity of your own? Because I sure do…
Starting May 20th, you'll be able to order your 'Easy Order' (a custom order you've pre-saved on the Domino's website, along with your address and billing info) simply by tweeting the pizza emoji to @dominos. After tweeting, you'll receive a verification text, and your pizza will be on its way. I will only do it once, for the novelty, then go back to ordering Papa John's because Papa John's is the tits. Complimentary pepperoncini and garlic sauce for the win heartburn and diarrhea.
Once a customer has registered their Twitter handle on their Domino's Pizza Profile, they will then be able to simply tweet #EasyOrder or just the pizza emoji to the Domino's Twitter handle. Domino's will then send the customer a direct message to confirm the order and the Easy Order saved in a customer's profile will be automatically sent to their home.
I mean, it's cool it's so simple, but I rarely want to order the same thing every time. I like to SPICE IT UP. Sometimes I want ham and pineapple, and other times I want sausage and mushrooms. Just kidding, I never want ham and pineapple. You know what happened the last time I had a slice of ham and pineapple pizza? I got OUT OF CONTROL. "Yeah, that was probably the twelve cocktails you had before." IT WAS THE PIZZA. I know my body.
This is a video of The Hula Hoop Man (a godawful superhero but still the toughest hula hooper I've ever seen) hula hooping with a tractor tire. I didn't think it was possible. And I especially didn't think it was possible without tearing your nipples off. Not bad, Hula Hoop Man, but let's see you try that with a monster truck tire. A monster truck tire STILL ATTACHED TO THE MONSTER TRUCK. "You want me to get run over by a monster truck?" Like Bigfoot crushing a bunch of junkyard cars! Just kidding, I wish you a long and prosperous life. Plus I heard every used tire store in town is trying to fire their sign spinner and hire you.
Keep going for the video, then meet me in the parking lot at lunch and we'll
Thanks to Lizzy, who can hula hoop and juggle at the same time and is officially hired for my next birthday party.
This is a chronological video of the daily selfie that JK Keller has taken for the past sixteen years. SIXTEEN YEARS. That is dedication. I haven't done anything everyday for the past sixteen years but been surprised when I woke up, and regretted yesterday's decisions. Still, I liked how his beard and mustache pulsate on and off as he gets older. He shaves, but only every couple days. Also, I'm fairly certain I could pinpoint all his relationship breakups and periods of unemployment.
Keep going for a video 16 years in the making. Think that new Mad Max movie, but way less exciting.
Two Kinds Of People is a clever blog created by Portuguese art director João Rocha that uses simple graphics to illustrate two different kinds of people. These are a few of examples. Obviously, I fall in the more unorganized party most of the time. My mom calls people like me "free-thinkers", which is a nice way of saying people who struggle at life, and there are a lot of them that live in Florida. It's weird the way different people have different needs and brains that work differently. When I was in college I volunteered for a brain study to earn a little extra money and the doctors found out my brain is actually a penis. I never got paid.
Thanks to Elizabeth B, who saw the icon for the 3,638 unread emails on my phone and almost had a nervous breakdown.
This is a shot of the lab culture grown from an 8-year old's handprint after playing outside. As you can see, there are all sorts of delicious microbes present. I like the ones on the palm and tip of the middle finger that look like snowflakes. Also, you see the one at the tip of the index finger? Those are booger microbes. Because kids pick their noses. So do I. Except if anyone catches me I tell them I was just scratching the inside of my nostril and a booger must have hopped onto my finger to escape. What? No I didn't just put it in my mouth!
Thanks to WBWBWB, which is the sound I make whenever I'm rubbing somebody's head for good luck.
This is a video of charismatic Youtuber styropyro showing off his homemade 40W laser shotgun. He uses it to set a bunch of stuff on fire because that's what powerful burning lasers are for (plus blinding your enemies in battle). The gun is actually eight 5W lasers in parallel though, not a single 40-watter. That's what I want. I also want a sausage egg and cheese biscuit and a body massage.
Keep going for the video.
Thanks to Bovis, who is going to make a billion watt laser gun and blow up the moon so it rains cheese down on earth and solves world hunger.
This is a chart created by Food Republic of how to make 40 different style hotdogs from around the world. Hotdogs, as I'm sure you're all aware, are one of nature's most powerful superfoods and have been known to increase strength, intelligence, heartburn, and flatulence. What's your favorite kind of dog? I like a footlong chili cheese dog with mustard and diced onions. I also like a plain boiled hotdog (boiled in the same hotdog water I've been saving on the back burner of the stovetop for months) with ketchup and mustard and relish. I also like a sauerkraut dog with spicy mustard. Really, there isn't a hotdog that I wouldn't eat. Including one that's fallen on the floor. If you think about it, the floor is really just a solid version of air anyways. "What?" I'm hungry. It's hard to science when I'm hungry.
Thanks to PizzaBites, who I have and will continue to eat for breakfast because I am long past caring.
Starting May 20th, you'll be able to order your 'Easy Order' (a custom order you've pre-saved on the Domino's website, along with your address and billing info) simply by tweeting the pizza emoji to @dominos. After tweeting, you'll receive a verification text, and your pizza will be on its way. I will only do it once, for the novelty, then go back to ordering Papa John's because Papa John's is the tits. Complimentary pepperoncini and garlic sauce for the 
This is a video of The Hula Hoop Man (a godawful superhero but still the toughest hula hooper I've ever seen) hula hooping with a tractor tire. I didn't think it was possible. And I especially didn't think it was possible without tearing your nipples off. Not bad, Hula Hoop Man, but let's see you try that with a monster truck tire. A monster truck tire STILL ATTACHED TO THE MONSTER TRUCK. "You want me to get run over by a monster truck?" Like Bigfoot crushing a bunch of junkyard cars! Just kidding, I wish you a long and prosperous life. Plus I heard every used tire store in town is trying to fire their sign spinner and hire you.
Keep going for the video, then meet me in the parking lot at lunch and we'll
Thanks to Lizzy, who can hula hoop and juggle at the same time and is officially hired for my next birthday party.
This is a chronological video of the daily selfie that JK Keller has taken for the past sixteen years. SIXTEEN YEARS. That is dedication. I haven't done anything everyday for the past sixteen years but been surprised when I woke up, and regretted yesterday's decisions. Still, I liked how his beard and mustache pulsate on and off as he gets older. He shaves, but only every couple days. Also, I'm fairly certain I could pinpoint all his relationship breakups and periods of unemployment.
Keep going for a video 16 years in the making. Think that new Mad Max movie, but way less exciting.