Episode: 1125
Title: HPR1125: TGTM Newscast for 11/21/2012
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1125/hpr1125.mp3
Transcribed: 2025-10-17 19:24:39

---

.
.
You're listening to Toa Geek to Me News.
Number 81, record for Wednesday, November 21, 2012.
You're listening to the Tech Only Hacker Public Radio
Edition to get the full podcast, including political,
commentary, and other controversial topics.
Please visit www.toageektoMe.us.
Here are the vials statistics for this program.
Your feedback matters to me.
Please send your comments to DG at deepgeek.us.
The webpage for this program is at www.toageektoMe.us.
You can subscribe to me on Identica as the username DeepGeek
or you could follow me on Twitter.
My username there is DGTGM, as in DeepGeek Toa Geek to Me.
Another tech roundup from EFF.log, dated November 8, 2012 by Henny Fakuri.
Court blocks Proposition 35's restriction on anonymous speech.
A few hours after EFF and the ACLU of North California filed a class action law
students in Francisco.
In San Francisco, federal court challenging California's
recently enacted Proposition 35, the court issued a temporary restraining
order blocking implementation of the initiative due to the existence of
serious questions about whether it violated the First Amendment.
Proposition 35 is ostensibly about increasing punishment for human
traffickers, but would also require all registered sex affairs in
California to turn over a list of all their internet identifiers
and service providers to law enforcement, leading up to the election
re-urge California voters to reject it, wearing this would result in a
significant restriction of free speech on the internet.
We want to loan a criticizing Proposition 35, newspapers like the LA Times
and Sacramento Bee spoke out against the initiative too.
Unfortunately, yet unsurprisingly, California voters overwhelmingly approved
the initiative on election night.
Wednesday morning, we filed suit, auging Proposition 35 violates the
First Amendment because requiring people, even unpopular people, to give up
their ability to speak freely and anonymously, chills free speech.
Proposition 35 eliminates the ability of a whole class of people, 73,000
individuals in California, to speak anonymously online by forcing them to
turn over any identifier they use, whether it's anonymous or Joan Jo, or their real name.
Plus, it requires disclosure of information about online accounts
unrelated to criminal activity, like Yelp or Amazon.com,
and most troubling it allows the government to monitor and record a wide
swath of innocent internet activity from a registrant with a fancy football
team to the one who comments on a political discussion group.
While we certainly believe that human trafficking is a terrible crime,
requiring registrants to turn over online identifiers
doesn't combat this issue.
Instead, it creates a dangerous slippery slope, like mandatory DNA collection
before it, what begins with sex offense inevitably expands as law enforcement
gets looked to accessing this online data and starts demanding more and more of it.
The temporary restraining order is an important first step in ensuring that
the First Amendment isn't the casualty of a well-intentioned but ultimately
overbroad and dangerous initiative.
In stopping the implementation of Proposition 35, the court recognized the important
issues that need to be considered before the law could go into effect.
A hearing is now scheduled for December 17th on whether the court should grant
a permanent injunction, striking down the law permanently.
From eff.log,
the end of November 14th, 2012 by Henny Fakuri and Kurt Opchall and Rainy Friedman.
When will our e-mail betray us?
An e-mail privacy primer in light of the proteus saga?
The unfolding scandal that led to the resignation of General David Patreus,
the director of the Central Intelligence Agency,
starred with some purportly harassing e-mail sent from pseudonymous e-mail
accounts to Jill Kelly.
After the FBI kicked its investigation into high gear,
it identified the sender as Polar Broadwell and, ultimately,
read massive amounts of private e-mail messages that uncovered an affair
between Broadwell and Patreus, and now the investigation has
expanded to include General John Allen's e-mails with Kelly.
We've received a lot of questions about how this works.
What legal process the FBI needs to conduct its e-mail investigation?
The short answer? It's complicated.
The Electronic Communications Privacy Act,
ECAPA, is a 1986 law that Congress enacted to protect U.S. privacy
in electronic communications like e-mail and instant messages.
ECAPA provides scant protection for your identifying information,
such as the IP address used to access an account.
While Polar Broadwell reportedly created a new pseudonymous account
for the allegedly harassing e-mails to Jill Kelly,
she apparently did not take steps to disguise the IP number
her messages were coming from.
The FBI could have obtained this information with Justice
Appena to the service provider,
but obtaining the account's IP address alone
does not establish the identity of the e-mail sender.
Broadwell apparently accessed the e-mails from hotels
and other locations, not her home,
so the FBI cross-reference the IP addresses
of these Wi-Fi hotspots against guest lists
from other cities and hotels looking for common names.
If Broadwell wanted to stay anonymous,
a new e-mail account combined with Open Wi-Fi was not enough.
The ACLU has an in-depth write-up of the surveillance
and security lessons to be learned from this.
After the FBI identified Broadwell, they searched her e-mail.
According to news reports, the affair between Portrayus
and Broadwell lasted from November the 2011 to July 2012.
The harassing e-mails sent by Broadwell to Jill Kelly
stored in May of 2012 and Kelly notified the FBI shortly thereafter.
Thus in the summer of 2012, when the FBI was investigating
the bulk of the e-mails would be less than 180 days old.
This 180 day old dividing line is important for determining
how ECPA applies to e-mail.
Compared to identifying information,
ECPA provides more legal protection for the contents of your e-mail
but with gaping exceptions.
While a small but increasing number of federal courts have found
that the Fourth Amendment requires a warrant for all e-mail,
the government claims ECPA only requires a warrant for e-mail
that is stored for 180 days or less.
But as the Department of Justice manual for searching
and seizing e-mail makes clear, the government believes
this only applies to unopened e-mail.
Other e-mail is fair game, with only a subpoena,
even if the messages are less than 180 days old.
According to reports, Betrayus and Broadwell
adopted a technique of drafting e-mails
and reading them in the draft folder rather than sending them.
The DOJ would likely consider draft messages as open e-mail
and therefore not entailed to the protection of a search warrant.
In a nutshell, although ECPA requires a warrant
for the government to obtain the contents of an e-mail
stored online for less than 180 days,
the government believes the warrant requirement doesn't apply for e-mail
that was opened and left on the server,
the typical scenario for web mail systems like Gmail.
Even if the messages are less than 180 days old,
so under the government's view, so long as the e-mails
had been opened or were saved in the draft folder,
only a subpoena was required to look at the contents
of Broadwell's e-mail account.
Confused? Well, here's where things get really complicated.
The government's view of the law was rejected by a 9th Circuit Court of Appeals,
the Federal Appellate Court that covers the Western United States,
including California, and the home to many online e-mail companies,
and the service that hosts their messages.
As a result, the DOJ manual notes that agents outside of the 9th Circuit
can therefore obtain such e-mail and other stored
electrical wire communications in electronic storage,
more than 180 days using a subpoena,
but reminds agents in the 9th Circuit to get a warrant.
News reports show that the FBI agents involved in the portrayal scandal
were in Tampa, Florida.
Thus, according to the DOJ manual,
they did not need to get a warrant,
even if the e-mail provider was in California,
like, for example, Gmail.
Law enforcement elsewhere may continue to apply
the traditional narrow interpretation of electronic storage,
even when the data sort is within the 9th Circuit.
A subpoena for e-mail content would generally require notice
to the subscriber, though another section of Equipa
allows for delayed notice for up to 90 days.
The FBI interviewed Broadwell for the first time in September,
about 90 days after the investigation began in June.
However, many providers nevertheless
protect their users by following the 9th Circuit rule
and insist upon a warrant for the contents of all e-mail.
In EFF's experience, the government will seek a warrant
rather than litigate the issue.
Thus, assuming the service provider stepped up,
it is likely that the government used a warrant
to obtain access to the e-mails at issue.
To either ask this far call, follow links in the show notes.
From torrentfreak.com, by Ernesto Day, November 18, 2012,
mega-uploads search warrant requests ignored, massive,
non-infringing use.
In the wake of the January shutdown of mega-upload,
many of the site's legitimate users complained
that their personal files had been lost.
Among these users are many people in the US military
who used the site to share pictures and videos with family.
Torrentfreak learned that at least 15,634 soldiers
had accounts at mega-upload between them
sharing hundreds of thousands of files.
One of the users, entrepreneur Kyle Goodwin,
asked the court to return his files.
As part of this request, his attorneys filed
a motion to unseal the mega-upload search warrant
so they can see on what grounds the data was taken.
This week, Judge O'Grady granted the request
and ordered the release of the warrants
and their applications albeit redacted.
This means we can now see how the US put forward its request
to seize the domains and servers.
The search warrant applications don't offer any new facts
and mostly recite what has already been written in the indictment.
The government describes mega-upload as nothing more than a place
where copyright infringing files are stored
and this is what the judge signed off on.
However, what is striking is that none of the release records
even mentioned legitimate use of the site.
In other words, the rights of mega-uploads
legitimate users were never taken into consideration.
Speaking with Torrentfreak, Kim.com shares our surprise
knowing that nearly half of all files stored mega-upload
were never downloaded.
Quote, the legitimate use was completely ignored
in the seizure warrant applications.
Almost 50% of the files stored mega-upload
didn't have a single download.
There was massive, non-unfringing use
by those who just wanted to store data in the cloud.
Unquote.com says.
The lack of discussion about the many legitimate users
of mega-upload is concerning.
Several of the allegations made against mega-upload
could easily apply to other hosting and video services.
The FBI, for example, explains in detail
how their undercover agent was able to upload
view and download copyright videos,
something that's also quite common on YouTube.
More direct allegations against mega-upload
are misleading.com.
For example, that the mega-upload team failed
to delete infringing files that were pointed out
in a criminal search warrant back in 2010.
Quote, a member of the mega-conspiracy
informed several of his co-conspirators at that time
that he located the named files using internal searches
of the mega-conspiracy systems.
As of November 18, 2011,
36 of the 39 infringing copies of the copyright motion pictures
were still being stored on service controlled
by the mega-conspiracy, the DOJ rights.
However, .com now explains that they didn't touch the files
because they were never asked to do so
and didn't want to interfere with evidence
in a criminal case.
A document seen by Torrent Freak acts this up.
Quote, the FBI asked us for uploader information
regarding 39 files and told us to keep
their investigation confidential.
We assisted and obviously didn't touch the uploader accounts
or files because of the ongoing investigation.com.
Quote, to use this against us and to tell a judge
that the mega-upload domain seizures justified
because we have not removed those 39 files
is totally unethical and misleading.
Quote, he adds, to read the rest of this article
following in the show notes.
From Torrent Freak.com, by our nestoded number 15th, 2012,
Verizon will reduce speeds of repeated Bitcoin Torrent Pirates.
Last year, the MPAA and RIA teamed up
with five major internet providers
in the United States to launch a center
for copyright information, the CCI.
The prize agreed on a system
through which subscribers all warned
that their copyright infringements have been observed
by rights holders after several warnings,
ISPs may then take a variety of repressive measures
to punish the alleged infringers.
From leaked AT&T training documents,
we learned that the company will block users' access
to popular websites until they complete
a copyright education course.
However, none of the participating internet providers
have publicly commented on the measures
they plan to take until now.
During a panel discussion hosted by the New York Chapter
of the Internet Society, Verizon and Time Warner Cable
unveiled details of their plans.
Link, hoeing, vice president of Internet
and Technology Issues for Verizon,
said his company will employ a three-stage process,
the first to alert the result in a simple notification email,
informing the users that their connection has been flagged
for copyright infringements.
After the second warning comes the acknowledgement phase,
and which a pop-up is delivered to users.
Once received, subscribers are required to read
and confirm a process designed to ensure
that they are aware of the unauthorized sharing
that's taken place via their account.
If the infringements continue,
punishments become a reality on the 5th and 6th alerts.
Hearing said that these repeated infringers
will have their internet connections throttled,
resulting in significantly slower download speeds.
This throttling is temporary and will be lifted after two
or three days to read the RSSOGLE follow links in the show notes.
From TechDirt.com by Timothy Gagna,
date November 16, 2012.
Taliban spokesman accidentally copies mailing lists
on press release email.
You know that mistake you make where you want to send an email
to a bunch of people,
typically annoying chain letters about finding love next week
if they forward it to 20 people immediately.
Luck just doesn't wait around you now.
But you don't want to expose all of your friends
and family's emails so you blind copy everyone,
except you didn't.
Now you're the jackass sending emails with 40 addresses,
listed and your grandmother hates you for spamming her?
Well, funny story.
It turns out that one of the few things
we frame loving folks in the states
haven't common without Taliban enemies
is an amusing and capacitive check
to whom we're sending our emails.
Take a look at the oops Taliban spokesperson,
Kari Husef Hamedi made,
when he accidentally c-seed rather than b-c-seed,
the Taliban's mailing list on a press release email
this past Saturday.
Quote,
In a Dilbert-esque faux pas,
a Taliban spokesperson sent out a routine email
last week with one notable difference.
He publicly c-seed the names
of everyone on his mailing list.
The names were disclosed in an email
by Kari Husef Hamedi,
an official Taliban spokesperson on Saturday.
The email was a press release he received from the account
of Zabahula Mushad-Muhadid,
another Taliban spokesperson.
Kari Husef Hamedi then forward Muhadid's email
to the full Taliban mailing list,
but rather than using the b-c-seed function
or blind-carbon copy which keeps email addresses private,
Kari Husef Hamedi made the addresses public.
I'm sure years from now,
when the CIA has once again employed the Taliban
to fire on our behalf against the Chinese,
Australian, alien alliance,
we'll look at back on this
and have a nice laugh.
But there's no understanding that this is a massive screw-up.
Sure, most of the folks on the distribution list
were journalists,
but exposing their names that way,
particularly for those that are working
within Afghanistan,
isn't a good thing.
Besides that,
not all the people who were exposed were journalists.
Quote.
The list also includes an address
appearing to belong to a provincial governor,
an Afghan legislature,
several academics and activists,
an Afghan consultative committee,
and a representative of Gul Budin,
Hekbata,
an Afghan warlord whose outlawed group,
Hezboe Islami,
is believed to be behind several attacks
against coalition troops.
Somehow, I don't see this making the Taliban brass very happy,
and Senator Joe Lieberman wants the internet services
to block Taliban messages.
Why?
Let them keep making these kind of mistakes.
News from tector.com,
in these times.com,
iSinViv.com,
used under a range permission.
News from torrentfreak.com,
and eff.org,
used under permission of the creative comments
by attribution license.
News from Venezuelananalysis.com
and democracynow.org,
used under permission of the creative comments
by attribution,
non-commercial, no-durabous license.
News sources retain their respective copyrights.
Here are the vials statistics for this program.
Your feedback matters to me.
Please send your comments to
DG at deepgeek.us.
The webpage for this program
is at www.talkgeektome.us.
You can subscribe to me
on Identica as the user name DeepGeek.
Or you could follow me on Twitter.
My username there is DGTGM.
As an DeepGeek talk geek to me.
This episode of Talk Geek to me
is licensed under the creative comments
attribution share like 3.0
unpoored license.
This license allows
commercial reuse of the work
as well as allowing you to modify the work
as long as you share a like
the same rights you have received
under this license.
Thank you for listening to this episode of Talk Geek to me.
You have been listening to
DGTGM.
Thank you for listening to this episode of Talk Geek to me
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name
on Identica as the user name