hpr-knowledge-base/hpr_transcripts/hpr1055.txt

Episode: 1055
Title: HPR1055: TGTM Newscast for 2012/8/15
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1055/hpr1055.mp3
Transcribed: 2025-10-17 18:01:12

---

You're listening to Talk Geek To Me News, number 72, record for August 15, 2012.
You're listening to the Tech Only Hacker Public Radio Edition, to get the full podcast,
including political, commentary, and other controversial topics.
Please visit www.talkGeekToMe.us.
Here are the vials statistics for this program.
Your feedback matters to me, please send your comments to dgatdeepgeek.us.
The webpage for this program is at www.talkGeekToMe.us.
You can subscribe to me on Identica as the username DeepGeek or you could follow me on Twitter.
My username there is dgtgtm as in DeepGeek Talk Geek To Me.
And now the tech roundup from techdark.com, dated Friday, August 3, 2012, by Glen Moody.
Europe already has draft standard for real-time gum and snooping on services like Facebook
and Gmail.
As the old joke goes, standards are wonderful things, that's why we have so many of them.
But who would have thought that ETSI, the European Telecommunication Stance Institute, has already
produced a draft standard on how European governments can snoop on cloud-based services
like Facebook and Gmail, even when encrypted connections are used.
ETSI DTR-101-567, to give it the full title, was pointed out to us by Eric Mukhel, who
has written an excellent exploration of its elements, originally in German.
Here is the summary from the draft standard that was given to this reporter in Microsoft's
Word format.
The present document provides an overview on requests for a handover and delivery of real-time
information associated with cloud virtual services.
The report identifies lawful interception needs and requirements in the converged cloud
virtual service environment.
And the challenges and obstacles of complying with those requirements, what implementations
can be achieved under existing ETSI lawful interception standards, and what new work may
be required to achieve need lawful interception capabilities.
Cloud services in whichever forms they take, infrastructure, software, platform, or combinations
of these are often trans-blowder in nature, and the information required to maintain lawful
interception capability or sufficient coverage for lawful interception support may vary in
different countries or within platforms of different security assurance levels.
This work aims to ensure capabilities can be maintained while allowing business to utilize
the advantages and innovations of cloud services and was undertaken cooperatively with the relevant
cloud security technical bodies.
As it makes clear, this is being presented as maintaining interception capabilities and
a world-work cloud computing makes previous approaches unapplicable.
The new stance specifically mentions social networking, file sharing, and video conferencing
as new areas that need to be addressed.
One key section spells out how this is to be achieved.
If the traffic is encrypted, the entity responsible for key management must ensure it can be decrypted
by the CSP, this communications service provider, or Leah, law enforcement agency, and order
to maintain LI coverage, the cloud service provider must implement a cloud lawful interception
function.
This can be by way of applications programming interface or more likely ensuring presentation
of information and a format recognizable to interception mechanisms.
Deep packet inspection is likely to be constituent part of this system.
As this makes clear along with the intercepted information, the stat and visages encryption
keys being handed over routinely, just to make things complete, DPI, deep packet inspection
is also regarded as a likely element of the system.
Since this is currently a draft, the threat it represents might be seen as purely theoretical,
but a recent article in the Guardian confirms that the UK government quietly agreed to measures
that could increase the ability of the security services to intercept online communication.
A reference to the ETSI draft, the Guardian also provides us with some explanation of why
this draft just happens to be available at precisely the moment when the UK government
is announcing a plan that seems likely to use it.
ETSI has faced criticism in the past for the preemptive inclusion of water taping capabilities,
a decision that critics say encouraged European governments to pass their water tapping laws
accordingly.
According to Ross Anderson, professor in security engineering at the University of Cambridge
computer laboratory, the institute has strong links with the intelligence agencies and
has a significant British contingent along with a number of US government advisers.
It's a classic case of policy laundering.
First up, we'll probably work.
The British government insists now that it will only gather communications data and
not content.
At the same time, it will require that ISPs adopt the new ETSI cloud intersection standard
once it's been finalized, and the black boxes that they must install under the proposed
snooping legislation.
That will put in place all the capabilities needed for accessing encrypted streams.
Since those providing cloud services will be required to hand over the encryption keys,
and hence the content, the UK government may not intend accessing content today, but
thanks to the wonders of function creep when it decides to do it tomorrow, the facility
will be there waiting for it.
Meanwhile, European government will be able to point to the UK's adoption of the ETSI
standard as just good practice.
They will ask their own ISPs to implement it, while insisting that they too have no
intention of accessing the contents of people's internet streams either.
Until that is the day comes, probably in the wake of some terrorist attack or pedophiles
scandal, when the government will note that since the capability is available, it would
be irresponsible not to use it to tackle these terrible crimes.
The US government will then be mowing the fact that Europe is taking better care of citizens
than it can, and will therefore pass laws requiring US ISPs to install similar real-time
access to their systems.
And for cloud-based services to hand over the encryption keys, luckily there will be
a well-tried European standard that can serve as a model.
From EFF.org, date August 2, 2012 by Rainey Wrightman, victory over cyber-spying.
This morning, the US Senate defeated Cybersecurity Act of 2012, a bill that would give companies
new rights to monitor our private communications and pass that data to the government.
The bill's sponsors were 8 votes short of the 60 votes necessary to end the bill.
This is a victory for internet freedom advocates everywhere.
Hundreds of thousands of individuals emailed tweeted cold and sent Facebook messages to
senators asking them to defend privacy in the cyber security debate.
Those voices were heard loud and clear in the halls of Congress today.
EFF extends a heartfelt thanks to everyone who fought with us on this issue.
We can all be proud of today that there was no law enacted on our watch that would have
compromised the online privacy rights of internet users in the name of cybersecurity.
Pressure from civil liberties groups and internet users didn't just defeat the bill, it changed
the conversation around cybersecurity in fundamental ways.
Looking together, we convinced the bill's sponsors to put privacy protections into the
final versions of the Cybersecurity Act, which made its period to any of the other cybersecurity
bills being considered by Congress.
While the bill still had big problems, there were new privacy protections such as limitations
that prevent data collected for cybersecurity purposes from being used to prosecute unrelated
crimes.
Those privacy protections will create as a direct result of pressure from the net roots.
Internet users also found they had powerful friends in the Senate.
Senators Al Franken, Richard Durbin, Chris Coons, Bernie Sanders, Daniel Akeka, Ron Wyden,
and Richard Blumenthal, championed civil liberties fixes to the bill.
Senator Wyden, in particular, opposed the bill on privacy grounds stating, quote,
today's vote was one in which centers were asked to sacrifice internet users' privacy
and civil liberties for weak proposals to improve cybersecurity.
I voted no, and Senators Al Franken and Rand Paul sponsored an amendment that would
have removed the most privacy-invasive provisions of the bill.
These champions of online rights helped us in the cybersecurity fight, and will hopefully
stand with us again in defending civil liberties the next time this issue arises.
To read the rest of this article, follow links in the show notes.
Remove democracy now that org did 8 3 2012, US to oppose UN regulation of internet.
The Obama administration has confirmed that will oppose any proposal to hand regulatory
control of the internet to the United Nations.
Proposals have circulated to bring the internet under UN auspicious at the conference of the
international telecommunications regulations in Dubai later this year, but in a new position
paper the United States said it would reject UN authority and continue with its current
system of oversight by the Department of Commerce.
From allgov.com, did August 4, 2012.
There's a good chance your friends or phonies.
Facebook has nearly 1 billion profiles.
It also has tens of millions of phony ones too.
The social media giant has admitted that nearly 9% of all users on Facebook are not real.
That translates into 83 million fake profiles out of 955 million total.
Of the 83 million nearly 46 million duplicate profiles that users maintain in addition to
their regular account.
Another 23 million or misclassified profiles which include those created on behalf of non-persons,
such as pets.
The remaining 14 million undesirable profiles created by spammers to spread unwanted messages
and content.
From torrentfreak.com, dated August 3, 2012 by Ernesto.
Has your ISP joined the six strikes anti-piracy scheme?
Later this year, the Center for Copyright Information will start to track down pirates
as part of an agreement all major US internet providers struck with the MPAA RIA.
The boys agreed on a system food which copyright infringers are warned that they are breaking
the law after six warnings ISPs may then take a variety of repressive measures.
Which includes slowing down offense connections and temporary disconnections.
While we've written a fair number of articles on the topic, many people assume that all ISPs
are part of the agreement.
However, this is certainly not the case.
In fact, only five internet providers have agreed to send warnings to their customers.
And alphabetical order, these are AT&T, cable vision, Comcast, Time Warner, cable and Verizon.
In total, the ISPs above cover roughly 75% of all US broadband internet customers.
This is significant, but nonetheless begs the question, why are the rest of the providers
not involved?
Quite a few prominent names are not listed.
Century link, charter, and cocks all have millions of subscribers, but are not taking
part in the six-track scheme.
Not to forget the 100-plus smaller providers across the United States who are also missing
an action.
Torrent-free contacted several of the larger internet providers above to find out why,
but they were reluctant to comment on their motivations.
A cocks spokesperson was most vocal and said that they have decided not to participate
for internal reasons.
Luckily, Dane Jasper, CEO of the much smallestsonc.net, was willing to comment on the efforts to make
ISPs responsible for online privacy.
He told Torrent Freak that ISPs are not set up to police the internet and that the entertainment
industries should look for a solution closer to home.
Quote, ISPs provide an essential utility, connection.
We are not equipped to police the actions of individuals.
End of quote.
Jasper says,
I think history has shown that you cannot self-piracy by force, but that industries need to adapt
around it with business models that allow consumers to access the content.
They want easily and at a not unreasonable cost.
However, the above is not the reason why signed a net isn't taking part in the six-track
scheme, as it turns out, the RIA and MPAA never bought to ASSONIC and many other smaller
internet providers to join in.
It isn't because we refused, but because we were not asked.
I know at least 100 small to mean ISPs through my trade association memberships and have
heard of no independent ISPs being approached at all, Jasper says.
It's not clear why they were left out, but it's likely that it would have been too much
trouble to reach consensus with so many powers involved.
When it comes to finding a solution to online privacy, signed that net CEO is clear, the
entertainment industries should ensure their legal offering is superior in terms of convenience
and availability compared to that offered by pirates.
Jasper believes that taking away people's incentive to pirate is key, and he mentions Pandori
and Spotify as good examples of services that are able to deflate piracy.
The point is that the music business has had to evolve to survive, moving away from albums
and record stores to more innovative methods of distribution that consumers have responded
to rather than turning to piracy out of an unwillingness to participate in the old model,
he says.
I suspect that Apple TV, Roku and Netflix have similar beneficial effects on video, but
a lack of uniform availability plus rather high prices and restrictive viewing terms hold
back this solution.
Jasper concludes.
The MPA and RAA would not directly disagree that innovation is an important factor to
curb piracy, but nonetheless they hope that warning emails will also help.
That people can bypass the scheme by using a VPN cyber lockers or even switching ISPs
doesn't change a thing.
At this point it is still unknown when the first warning letters will be sent, is expected
that the ISPs will start later this year and each will roll out their participation at
their own pace.
News from techdirt.com have had times at a log and allgov.com used under a range permission.
News from torrentfreak.com and eff.log used under permission of the creative commons
by attribution license.
News from democracynow.log and peoplesworld.log used under permission of the creative commons
by attribution non-commercial, no-dervous license, news sources retain their respective
copyrights.
Thank you for listening to this episode of Talk Geek To Me.
Here are the vials statistics for this program.
Your feedback matters to me, please send your comments to dgatdeepgeek.us.
The web page for this program is at www.talkgeektoMe.us.
You can subscribe to me on identica as the username deepgeek or you could follow me on Twitter.
My username there is dggtm as in deepgeek talk geek to me.
This episode of talk geek to me is licensed under the creative commons attribution share
like 3.0 on port license.
This license allows commercial reuse of the work as well as allowing you to modify the
work so long as you share alike the same rights you have received under this license.
Thank you for listening to this episode of Talk Geek To Me.
You have been listening to Hacker Public Radio or Hacker Public Radio those are.
We are a community podcast network that releases shows every weekday Monday through Friday.
Today's show, like all our shows, was contributed by a HBR listener by yourself.
If you ever consider recording a podcast, then visit our website to find out how easy
it really is.
Hacker Public Radio was founded by the digital dog pound and the infonomicum computer
cloud.
HBR is funded by the binary revolution at binref.com.
All binref projects are crowd-responsive by linear pages.
From shared hosting to custom private clouds, go to lunarpages.com for all your hosting
needs.
Unless otherwise stasis, today's show is released under a creative commons attribution share