Episode: 1245
Title: HPR1245: TGTM Newscast for 2013-06-05 for by Dann Washko and DeepGeek
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1245/hpr1245.mp3
Transcribed: 2025-10-17 22:17:37

---

You're listening to Toolkit Me News Number 96, recorded for Monday, May the 6th, 2013.
You're listening to the Tech Only Hacker Public Radio Edition.
To get the full podcast including political, commentary, and other controversial topics,
please visit www.toolkitme.us.
Here are the vials statistics for this program.
Your feedback matters to me.
Please send your comments to dg at deepgeek.us.
The webpage for this program is at www.toolkitme.us.
You can subscribe to me on Identica as the username DeepGeek.
Or you could follow me on Twitter.
My username there is dgtgtm.
As a deepgeek, talk geek to me.
This is Dan Waschko and now the tech roundup.
From torrentfree.com by Andy, Pirate Bay founder on trial next month facing societal damage
claims.
Earlier this month, prosecutor Henry Olin of the International Public Prosecution Office
in Stockholm announced that Godfrey's Forthome had been charged with several hacking-related
offenses, including serious fraud, attempted aggravated fraud, and aiding attempted aggravated
fraud.
The public heard of these charges via press statement on April 16th, but Godfrey discovered
the news only after watching TV in his mayor-frid present cell later that day.
According to computer Sweden, Godfrey then as alleged accomplices will now go on trial
starting May 20th.
At this stage, it appears that Godfrey will plead not guilty to what is emerging as a
sophisticated hack between January 2010 and April 2012 of Logica, a Swedish IT company
working with local tax authorities.
Much of the prosecution's evidence was obtained from a computer seized from Godfrey.
The Pirate Bay co-founder says that the information was placed there via the internet, but he won't
name the culprit out of fear of reprisals.
According to the indictment, Godfrey had an accomplices first gained access to an FTP
server on which scripts were run to obtain such things as password lists.
These were subsequently cracked, and the information was used to gain access to more systems.
This claimed that the attackers took steps to hide their identities by using compromised
wireless networks and relay servers around the world.
According to authorities, around 16 gigabytes of confidential data was copied by the hackers
and the transfer of such a large amount of data was one of the factors that led to their
discovery.
But it's the nature of the data and the weights being presented to the media by Swedish
authorities that is causing concern for Godfrey's mother, Christina Swarthome.
The prosecutor has claimed in the media that the hacking of Logica and the thus the
access to information emanating from the Swedish tax authorities has caused worries among
people who live with protected identities.
Some of them have even felt compelled to move from one place to another, according to
the prosecutor, Christina Tordorofrike.
I have recently been approached by people who have told me that they simply can't be
true.
Personally, I don't know much about how the system works, but since one of these persons
has protected identity or herself, I find it less plausible that I am totally misinformed
and quote.
Christina says that her sources report that there's no possibility that obtaining information
from the attacks authorities would be harmful to protected individuals in the way the prosecutor
has claimed, since their identities are protected both within and outside the system.
Quote, what was hacked and published on the internet were so-called personal numbers,
not to be mixed up with social security numbers, numbers that are public in themselves.
Some of them did belong to people that were protected and other numbers did not.
Anyhow, the numbers couldn't be used for finding out the identities and whereabouts
of anyone.
End quote.
Christina believes that if this scenario is true, the bleak picture now being painted
by authorities is the cause of anxiety among people.
She adds that one of the companies involved reported to the police that the publicity being
given to the data breach could be more harmful than the hacking itself.
Quote, my question is why the prosecutor wants to give this picture of severe damage
caused to individuals?
A picture quite different from what my sources have told me.
Unfortunately, it is well in line with what was communicated to Cambodian authorities
last year when the Swedish prosecutor asked for their help to pick up Godfried and quote,
Christina notes.
These documents haven't become public until now.
They show that the Swedish authorities presented daunting facts to Cambodia about Godfried,
no wonder that they placed him on their anti-terrorist locals and the phenomenon.
However, I can't see much of that information reflected in the prosecution presented two
weeks ago.
Finally, as further reading, researchers at Lund University Sweden had been commenting
on the hacks in subsequent prosecution.
Marcin Day Kemenenski asks what lessons can be learned and hack and hide in asks whether
the $4,200 Godfried is alleged to have transferred from a Danish bank account amounts to aggravated
fraud and abusing the public trust.
From tornfreak.com by handy dated April 29th, MPAA executive tampered with IFPI evidence
in internet piracy case.
More than five years ago, an investigation was launched into Angel Falls, a system of
servers used by the so-called Weir scene for storing and distributing copyright content.
Following an undercover investigation in 2007, rights holders filed an official complaint
and two months later, the site was rated by authorities in Aulu, Finland.
A total of 15 servers were discovered containing a range of copyrighted materials, including
music, movies, TV shows, video games, and software.
Represented by anti-piracy group CIA PC, known locally as TTVK, rights holders said that
the individuals running the Angel Falls top site had caused damages to their businesses
totaling 6 million euros.
The developing copyright case was to be the largest in Finland's history.
Earlier this month, the trial concluded, four member found guilty and two were cleared
per our earlier report.
However, according to Herkeko Heitonen, a defense lawyer in the case from the TURLegal
firm, the case has somewhat interesting feature.
During the trial, an IFPI investigator was called upon as a witness, but during his testimony
something unusual came to light.
Quote, after his presentation, the defense counsels pointed out how the information shown
on the video of his investigations did not match with the printed log files.
Heitonen informs Tornfreak.
The video, a screencast of the investigation, showed a particular username accessing an
Angel Falls FTP server.
However, the corresponding text log for the same event showed a completely different username.
Quote, when the IFPI investigator was asked about this, he acknowledged that the names
did not match.
He said that the Finnish anti-piracy people in the IFPI had collected the information
together, but there was also an MPAA executive in the room while the evidence gathering took
place and, quote, Heitonen explains.
The IFPI investigator was then asked to reveal the name of the MPAA executive.
He declined, but did offer to an explanation for the inconsistencies in the evidence.
In a parent attempt to hide the identity of one of their spies, the MPAA executive edited
the evidence gathered during the session.
Quote, the IFPI investigator handed over the evidence material to the MPAA senior executive
who then changed the text file before the anti-piracy organization hand over the evidence
to the Finnish police, and, quote, Heitonen says.
No one from the MPAA informed the defense that the edits had been made, and the tampering
was revealed at the worst possible time during the trial.
This resulted in the prosecutor ordering a police investigation into the changes that
had been made.
Quote, police then proceeded by comparing the work copy that the IFPI investigator produced
with the material that the police and the defendant councils had received.
Police found out that the material had differences in over 10 files, and, quote, Heitonen reveals.
Considering the effort that had gone into the case, the outcome was somewhat of a disappointment.
Two members were completely cleared and four who were found guilty escaped with suspended
jail sentences.
The six million euros in damages claimed by the rights holders were reduced to only 45,000
euros.
The fate of the MPAA investigator is unclear, but since his username was revealed in court,
it seems likely that if he used the same one on other sides, that will no longer be possible.
From eff.org dated May 1st by Daniel Naser, eff to federal judge.
Don't let the DMCA be a tool for censorship.
Together with the digital media law project, we filed an amicus brief today in federal
court and Massachusetts.
We are urging the court to ensure that the Digital Millennium Copyright Act provides
protection for victims of abusive takedown notices, specifically that the DMCA requires
copyright owners to consider fair use before sending takedowns.
The takedown procedure of the DMCA provides a quick, cheap, extra-judicial way to get
speech removed from the internet.
As we've written many, many times before, this makes it a tempting tool for those who
wish to remove speech they happen to dislike.
To prevent such abuse, Section 512F of the DMCA provides victims of wrongful takedowns
with a remedy, allowing them to file a lawsuit for misrepresentation under the DMCA.
This latest Section 512F, case out of Massachusetts, has a curious history.
It began as an online battle between two bloggers.
Doologyna Crosley-Corcoran, an OB-GYN, Dr. Amy Tutier, about the safety of home birth.
After an exchange of critical posts, Crosley-Corcoran posted a photo of herself making a well-known
finger-related gesture to Tutier, and writing, I don't want to leave you without something
you can take back to your blog and obsess over.
So here's a picture of me.
Tutier responded with a post of her own that included the photo with some commentary.
The photo is now removed from this post, a clear case of fear of use.
Crosley-Corcoran then sent a DMCA takedown notice of the hosts of Tutier's blog alleging
copyright infringement of the finger photo.
After Tutier changed hosts, Crosley-Corcoran sent another takedown notice to the new
host.
Following the Tutier, the second notice was sent after Crosley-Corcoran's attorney
admitted that there was no valid copyright claim.
And on her blog, Crosley-Corcoran wrote that she would be prepared to settle the matter
if Tutier would agree to stop personally attacking me.
As others have concluded, the chain of events suggested that Crosley-Corcoran was using
a DMCA to silence a critic.
Tutier responded by filing a federal lawsuit Massachusetts, disturbing a DMCA section
512F claim.
On its own initiative, the court issued an order to show cause suggesting that it seriously
questions whether Tutier had stated a viable section 512F claim.
The core of the Crosley-Corcoran is that a fair use is an affirmative defense.
The judge questioned whether the DMCA requires the senator of a takedown notice to consider
fair use.
This is an important question.
If the DMCA did not require copyright owners to consider fair use, it would be an open
invitation for private censorship.
For example, an author could send a takedown notice to remove a critical book review based
on just a few quoted words.
Fortunately, other courts that have considered this issue have found that the DMCA does require
consideration of fair use.
For example, in Lens vs. Universal, when EFS represents the plaintiff, the court ruled
that content owners must consider fair use before sending takedowns.
The case of Tutier vs. Crosley-Corcoran is not about the relative merits of the bloggers
views on childbirth.
Rather, it is about the alleged misuse of the DMCA to silence a critic.
The case of a two-year versus Crosley-Corcoran is not about the relative merits of these bloggers
views about childbirth.
Rather, it is about the alleged misuse of the DMCA to silence a critic and the crucial
legal issues of whether the DMCA requires senders of takedown notices to consider fair
use.
Today, we urge the court to reach the right result and ensure that the DMCA protects
free expression.
From EFF.org dated April 29th by Katica Rodriguez and Mera Sutton, what is TPP?
Biggest global threat to the Internet since Acta.
The United States and 10 governments from around the Pacific are meeting yet again to
hash out the secret Trans-Pacific Partnership Agreement on May 15th to 24th in Lima, Peru.
The TPP is one of the worst global threats to the Internet since Acta, since the negotiations
have been secretive from the beginning.
We mainly know what is in its current version of this trade agreement because of a leaked
draft PDF from the February 2011.
Based upon that text, some other leaked notes and the undemocratic nature of the entire process,
we have every reason to be alarmed about the copyright enforcement provisions contained
in this multinational trade deal.
The TPP is likely to explore some of the worst features of U.S. copyright law to Pacific
rim countries.
A broad ban on breaking digital locks on devices and creative works, even for legal purposes,
a minimum copyright term of the lifetime of the creator plus 70 years, the current international
norm is the lifetime plus 50 years.
Privatization of enforcement for copyright infringement, ruinous statutory damages with
no proof of actual harm and government seizures of computers and equipment involved in the
alleged infringement.
Moreover, the TPP is worse than U.S. copyright rules.
It does not export the many balances and exceptions that favor the public interest and act as
safety valves in limiting rights holders' protection.
Adding insult to injury, the TPP's temporary copies provision will likely create chilling
effects on how people with and companies behave online and their basic ability to use
and create on the web.
The stated goal of the TPP is to unite the Pacific rim countries by harmonizing tariffs
and trade rules between them, but in reality it is much more than that.
The intellectual property chapter in this massive trade agreement will likely force changes
to copyright and patent rules in each of the signatory countries.
Accepting these new rules will not just rewrite in and rewrite national laws, but will also
restrict the possibility for countries to introduce more balanced copyright laws in the future.
The strategy may end up harming other countries' more proportionate laws, such as Chile,
where judicial orders require for ISPs to be held liable for copyright infringement and
takedown content.
Such systems better protect users and intermediaries from disappro- just proportionate or censorship
like driven takedowns.
If the final TPP takes forces countries to adopt the privatized notice and takedown
regime, this could imply the end of the Chilean system.
It would also undermine Canada's notice and notice regime.
The content industry can and will continue to buy and lie to get their way to get laws
to protect their interests, and what they want more than anything is for us to remain
passively ignorant.
They did it with SOPA ACTA announced TPP.
It's going to be a challenge to defeat these policies, but we can do it.
The TPP is slated for the conclusion this October, but our goal is to get the worst of these
copyright provisions out of it.
The way to flight back is to show that we will not put up with this, to demand an open
transparent process that allows everyone including experts from civil societies to analyze
questions and probe any initiatives to regulate the internet.
The secrecy must be stopped once and for all.
Take this action and join over 26,000 people to send a message to your elected representatives.
Let's call on Congress to demand for the immediate release of the text and the TPP, and
make this process become democratic and transparent once and for all.
And there's a take action button that you can link to that's linked to in the show
notes on the website.
Below is our infographic highlighting the most problematic aspects of TPP.
Please spread the word about how this agreement will impact you in your country.
Right click and save the image for the PNG file, or you can download the PDF version below.
This is referring to their website.
Remix it, build upon it, and get the word out.
Let's protect and defend the internet from the secret trade deal.
So to get that information and the graphics and design the proposal, head on over to the
eff.org website that's linked to in the show notes.
From hyawathawebserver.org, dated April 15th by Hugo Blesinick, hyawatha 9.1 has been
released.
This brings two interesting new security features.
Wifersweet selection based on protocol.
A while ago, vulnerability called beast was discovered in CBC ciphers in TLS 1.0.
Many experts advised to use RC4 instead.
However, a vulnerability was recently also discovered in RC4.
The best solution is to switch to TLS 1.1 with CBC ciphers.
But that will cause problems for many users because Firefox still doesn't support TLS
1.1 and an operand internet explorer support for TLS 1.1 is disabled by default.
What to do then?
Many believe that using RC4 is still the best choice when using TLS 1.0.
However, using RC4 gives lower security to TLS 1.1 and TLS 1.2 users, then while using
CBC ciphers.
But using CBC ciphers makes TLS 1.0 users vulnerable for the beast attack.
Iawatha has the best answer thanks to Polar SSL.
Iawatha will use RC4 and SSL 3.0 and TLS 1.0 CBC ciphers for TLS 1.1 and GCM or CBC ciphers
for TLS 1.2.
As far as I know, no other SSL library and therefore no other web server can offer this
solution.
Protection against uploaded malware.
Via the new file hash's option, you can specify a list of files and the hash of their
contents.
Before serving a file, Iawatha checks that hash of that file with the one in the list.
If the hash doesn't match or the file is not listed, access is denied.
This prevents against unauthorized file changing or uploading.
Newsflash, this just end.
The Debian project proudly announces the release of Debian 7.0 codenamed Weezy.
This new version of Debian includes various interesting features such as multi-arch support,
several specific tools to deploy private clouds and improved installer and a complete
set of multimedia codecs and front ends which remove the need for third party repositories.
The installation process has been greatly improved.
Debian can now be installed using software speech, above all by visually impaired people
who do not use a brailed device.
And also, the release features more than 36,000 ready-to-use software packages built
from nearly 17,500 source packages.
Staff them produced by the TGTM News Team, editorial selection by DeepGeek, views of the
story authors reflect their own opinions and not necessarily those of TGTM News.
News from Megan McNeil.wordpress.com, in these times.com, and higherwaterwebserver.org,
used under a range permission.
News from Tornfreak.com, and EFF.org, used under permission of the Creative Commons
by Attribution License.
News from DemocracyNow.org, and People's World.org, used under permission of the Creative
Commons by Attribution, non-commercial, no derivative license, news sources retain
their respective copyrights.
Thank you for listening to this episode of Talk Geek To Me.
Here are the vials statistics for this program.
Your feedback matters to me.
Please send your comments to DG at deepgeek.us.
The webpage for this program is at www.talkgeektoMe.us.
You can subscribe to me on Identica as the username DeepGeek, or you could follow me on Twitter.
My username there is DGTGM, as in DeepGeek Talk Geek To Me.
This episode of Talk Geek To Me is licensed under the Creative Commons Attribution Share
Like 3.0 on Port License.
This license allows commercial reuse of the work, as well as allowing you to modify the
work, so long as you share a like the same rights you have received under this license.
Thank you for listening to this episode of Talk Geek To Me.
You have been listening to Hacker Public Radio at Hacker Public Radio.
We are a community podcast network that releases shows every weekday Monday through Friday.
Today's show, like all our shows, was contributed by a HBR listener by yourself.
If you ever consider recording a podcast, then visit our website to find out how easy
it really is.
Hacker Public Radio was founded by the Digital Dog Pound and the Infonomicom Computer
Club.
HBR is funded by the Binary Revolution at binref.com, all binref projects are crowd- Exponsored
by Lina Pages.
From shared hosting to custom private clouds, go to LinaPages.com for all your hosting
needs.
Unless otherwise stasis, today's show is released under a Creative Commons Attribution Share
and Like.
The Digital Dog License.