Electronic Frontier Foundation – Page 2

Jailbreaking to Become a Criminal Act Again

All legislation creates new crimes where none existed before. Some of these new crimes are absolutely moronic such as the ones created by the Digital Millenium Copyright Act (DMCA), which made it illegal to circumvent copyright protection. A couple of years ago the Copyright Office made an exemption to the DMCA for jailbreaking devices but the Electronic Frontier Foundation (EFF) is warning us that the exemption is about to expire:

The Problem – Smartphones, tablets, and video game consoles are powerful computers with lots of untapped potential. Yet many of these devices are set up to run only software that’s been approved by the manufacturer. Modifying a device to run independent software – known as jailbreaking – is important to programmers, enthusiasts, and users. But jailbreaking creates legal uncertainty. Some device manufacturers claim that jailbreaking violates Section 1201 of the Digital Millennium Copyright Act (DMCA), which carries stiff penalties.

The Solution – EFF is asking the U.S. Copyright Office to declare that jailbreaking does not violate the DMCA, and we need your help. In 2010, the Copyright Office said jailbreaking smartphones doesn’t violate the DMCA. This year, we’re asking them to renew that exemption (otherwise it will expire) and expand it to cover tablets. We’re also asking for a new exemption to allow jailbreaking of video game consoles.

Personally I don’t give a shit what Apple or any other company things; if I purchase a device it is mine and I will do with it as I damn well please. On the other hand it would be nice not having the threat of prison looming over my head because I decided to modify my device.

The EFF Files Suite Against FAA Regarding Drone Flights

The Electronic Frontier Foundation (EFF) has filed a suit against the Federal Aviation Administration (FAA) regarding drone flights in the United States:

Today, EFF filed suit against the Federal Aviation Administration seeking information on drone flights in the United States. The FAA is the sole entity within the federal government capable of authorizing domestic drone flights, and for too long now, it has failed to release specific and detailed information on who is authorized to fly drones within US borders.

Up until a few years ago, most Americans didn’t know much about drones or unmanned aircraft. However, the U.S. military has been using drones in its various wars and conflicts around the world for more than 15 years, using the Predator drone for the first time in Bosnia in 1995, and the Global Hawk drone in Afghanistan in 2001.

[…]

Now drones are also being used domestically for non-military purposes, raising significant privacy concerns. For example, this past December, U.S. Customs and Border Protection (CBP) purchased its ninth drone. It uses these drones inside the United States to patrol the U.S. borders—which most would argue is within its agency mandate—but it also uses them to aid state and local police for routine law enforcement purposes. In fact, the Los Angeles Times reported in December that CBP used one of its Predators to roust out cattle rustlers in North Dakota. The Times quoted local police as saying they “have used two unarmed Predators based at Grand Forks Air Force Base to fly at least two dozen surveillance flights since June.” State and local police are also using their own drones for routine law enforcement activities from catching drug dealers to finding missing persons. Some within law enforcement have even proposed using drones to record traffic violations.

The FAA, having total control over all aerial flights in the United States, are the only entity who is likely to both know where drones are flying and be unable to hide behind various military classifications. Obtaining this information would be of great value because it would allow us peasants to know if the government is using drones to spy domestically as well as abroad.

The State Protects Its Cronies

Fascism is basically socialism with the facade of private business kept in place. Whereas many claim our country is moving towards socialism I see it as a trip to fascism as we’re enacting many socialist programs but maintaining the appearance of a capitalistic economy. In fascist economies private industries that obey the demands of the state are rewarded while those that resist are punished. Evidence of such activities exists everywhere in the United States with the government’s granting of immunity to telecommunications companies who allow warrantless wiretapping of their customers:

Also today, the court upheld the dismissal of EFF’s other case aimed at ending the illegal spying, Hepting v. AT&T, which was the first lawsuit against a telecom over its participation in the dragnet domestic wiretapping. The court found that the so-called “retroactive immunity” passed by Congress to stop telecommunications customers from suing the companies is constitutional, in part because the claims remained against the government in Jewel v. NSA.

“By passing the retroactive immunity for the telecoms’ complicity in the warrantless wiretapping program, Congress abdicated its duty to the American people,” said EFF Senior Staff Attorney Kurt Opsahl. “It is disappointing that today’s decision endorsed the rights of telecommunications companies over those over their customers.”

Today’s decision comes nearly exactly six years after the first revelations of the warrantless wiretapping program were published in the New York Times on December 16, 2005. EFF will now move forward with the Jewel litigation in the Northern District of California federal court. The government is expected to raise the state secrets privilege as its next line of defense but this argument has already been rejected in other similar cases.

Telecommunications companies are willing to play ball because the state, who controls the courts, said no prosecution will be allowed against said telecommunication companies. On top of the telecommunication companies are unlikely to fight warrantless wiretapping orders in court because they have immunity and therefore no harm can come to them for playing the state’s game.

Companies Don’t Like Getting Caught Doing Shady Things

The company I mentioned a couple days ago that specializes in making root kit software for today’s smart phones isn’t taking the news about their little business being publicized very well:

A data-logging software company is seeking to squash an Android developer’s critical research into its software that is secretly installed on millions of phones, but Trevor Eckhart is refusing to publicly apologize for his research and remove the company’s training manuals from his website.

Though the software is installed on millions of Android, BlackBerry, and Nokia phones, Carrier IQ was virtually unknown until the 25-year-old Eckhart analyzed its workings, recently revealing that the software secretly chronicles a user’s phone experience, from its apps, battery life and texts. Some carriers prevent users who actually find the software from controlling what information is sent.

[…]

When Carrier IQ discovered Eckhart’s recent research and his posting of those manuals, Carrier IQ sent him a cease-and-desist notice, saying Eckhart was in breach of copyright law and could face damages of as much as $150,000, the maximum allowed under US copyright law per violation. The company removed the manuals from its own website, as well.

So Carrier IQ doesn’t like the fact that their little software has become very public. This is likely because people who have heard this news haven’t been taking it very well and I’m sure complaints have been rolling into the customer support lines of AT&T, T-Mobile, Verizon, and Sprint. While it sucks that Carrier IQ are such dicks that they have threatened legal action against Eckhart for bringing their shenanigans to light it’s good to hear Eckhart’s cavalry has arrive:

On Monday, the Electronic Frontier Foundation announced it had came to the assistance of the 25-year-old Eckhart of Connecticut, whom Carrier IQ claims has breached copyright law for reposting the manuals.

This is why I give money to the Electronic Frontier Foundation. Hopefully this case is quickly resolved so Eckhart can continue his research unmolested.

The Stop Online Piracy Act Hearing Looks a Little Bias

The Electronic Frontier Foundation (EFF) has sent out a notice alerting people to the fact that today’s hearing on the Stop Online Piracy Act (SOPA) is a wee bit on the bias side:

The House Judiciary Committee will meet today for a hearing on the controversial Stop Online Privacy Act (SOPA). What could have been an opportunity for the committee to hear from a variety of stakeholders has devolved into parade of pro-SOPA partisans. Scheduled to testify are representatives from the Register of Copyrights, Pfizer Global Security, the Motion Picture Association of America, the AFL-CIO, and Mastercard Worldwide—many of which helped to draft this legislation in the first place, and didn’t let anyone else into the room. The only scheduled witness in opposition to the bill is Katherine Oyama, policy counsel on copyright and trademark law for Google.

It’s almost as if the government wants to push SOPA through and are trying to control the message to that end. One way debates can be won is by stacking the deck in your favor. Excuse me while I travel down a side road to make an important point.

In the past the Federal Communications Commission (FCC) had a regulation on the books known as the Fairness Doctrine. The regulation required holders of broadcast licenses to present both sides of an issue which resulted in the practice of having three people in a debate; one for the issue, one against the issue, and one neutral party.

Today many are asking the FCC to reinstate the Fairness Doctrine because they feel news today is too bais. What these same people fail to realize is the news was equally bias while the Fairness Doctrine was in effect but the game was played differently. For instance if you wanted to present an pro-gun control message you would get one person from the Brady Campaign (for the issue), one neutral party, and then a third pro-gun individual who was either crazy or just sounded crazy to the public (for instance you might get a self-declared militia leader who advocates the overthrow of the government to talk on the side against gun control). That way people the pro-gun control advocate would appear reasonable and sane so people would be more likely to side them him or her. Even with the Fairness Doctrine in place bias existed and that allowed the media to control the message.

Now that I’ve traveled down that side road let’s return to the topic at hand. The government wants SOPA to pass and they believe part of passing it requires controlling the message. Since many people don’t know the major players in this legislation the government has stacked the deck with numerous people who represent a pro-SOPA stance but appear neutral on paper (after all most people would believe Mastercard is a neutral party in this debate as their income isn’t derived from copyright). Most people will look at the list of testifiers and believe a large majority will be neutral and only a handful will speak for or against the legislation. In reality the government has simply stacked the deck in a rather underhanded manner so they can claim extensive support to justify passing the bill.

A majority of people don’t even realize that we’re being fucked over by our government since the methods being used to fuck us over aren’t blatant.

The EFF Looks at the Three Most Dangerous Provisions of the PATRIOT Act

To celebrate 10 years of tyranny under the USA PATRIOT Act the Electronic Frontier Foundation (EFF) has posted an article that looks into the three most dangerous provisions of this blatant power grab of legislation:

1. SECTION 215 – “ANY TANGIBLE THING”

Under this provision, the FBI can obtain secret court orders for business records and other “tangible things” so long as the FBI says that the records are sought “for an authorized investigation . . . to protect against international terrorism or clandestine intelligence activities.” The Foreign Intelligence Surveillance Court must issue the order if the FBI so certifies, even when there are no facts to back it up. These “things” can include basically anything—driver’s license records, hotel records, car-rental records, apartment-leasing records, credit card records, books, documents, Internet history, and more. Adding insult to injury, Section 215 orders come with a “gag ” prohibiting the recipient from telling anyone, ever, that they received one.

It’s always nice when the federal government can go on a fishing expedition without even having so much as factual evidence to back up their accusation. The most egregious part of Section 215 though is that those who are targeted with the order to provide evidence are forbidden from ever telling anybody.

2. NATIONAL SECURITY LETTERS

Among the most used — and outright frightening — provisions in the PATRIOT Act are those that enhanced so-called National Security Letters (NSLs). The FBI can issue NSLs itself, without a court order, and demand a variety of records, from phone records to bank account information to Internet activity. As with 215 orders, recipients are gagged from revealing the orders to anyone.

This is another piece of the PATRIOT Act that allows the federal government to obtain personal information and gag the information provider. When the federal government wants information about you they can issue a National Security Letter, have the information provided to them, and prevent the provider from informing you that the information was handed over. For instance if the Federal Bureau of Investigations (FBI) want any e-mail messages received by or sent from to your GMail account Google would have to provide them but would be prohibited from informing you that government agents demanded the data.

3. SNEAK AND PEEK WARRANTS

Section 213 of the PATRIOT Act normalized “sneak-and-peek” warrants. These allow law enforcement to raid a suspect’s house without notifying the recipient of the seizure for months. These orders usually don’t authorize the government to actually seize any property — but that won’t stop them from poking around your computers. Again, sneak-and-peek warrants could be used for any investigation, even if the crime was only a misdemeanor.

This provision is the reason all of my data is encrypted at all times. The drives in my computer and the external backup drives are all entirely encrypted. Data can’t be retrieved from or written to my drives without the decryption keys (technically an agent could wipe my drive, reinstall the operating system, and include key-logging software but all my data would be missing which would raise some serious red flags). I advise everybody to use disk encryption technology on their systems.

There you have it, a nice overview of three provisions of the PATRIOT Act that shit all over our supposedly Constitutionally guaranteed rights of protection.

Meta Censorship

South Korea seems to be a bastion of free speech these days:

In South Korea, even the censors are being censored. Professor K.S. Park, who sits on South Korea’s nine-member Internet content regulatory board, has found his own blog under threat of censorship when he used it as platform to speak out for transparency and free expression.

Did you get that? Even the censors are being censored. That’s about a meta as you can get without being censored in South Koera.

If anybody can read this blog in South Korea let me know because I’ll have to step up efforts to get on their censor list. It’s not because I don’t want people from South Korea reading my blog, it’s because I want to get on as many government lists as possible around the world.

Data Encryption and The Fifth Amendment

Yesterday I mentioned that I keep all of my personal data encrypted meaning outside of being compelled to reveal my keys nobody would be able to obtain that data. Then I mentioned in the case of government entities stealing my equipment I would avoid revealing my encryption keys by simply stating my fifth amendment right, well apparently the Department of Justice (DoJ) believes that right is null and void (like all of our other so-called rights):

The Colorado prosecution of a woman accused of a mortgage scam will test whether the government can punish you for refusing to disclose your encryption passphrase.

The Obama administration has asked a federal judge to order the defendant, Ramona Fricosu, to decrypt an encrypted laptop that police found in her bedroom during a raid of her home.

Because Fricosu has opposed the proposal, this could turn into a precedent-setting case. No U.S. appeals court appears to have ruled on whether such an order would be legal or not under the U.S. Constitution’s Fifth Amendment, which broadly protects Americans’ right to remain silent.

Although this turn of events isn’t at all surprising it is depressing. The justification being used by the DoJ is completely idiotic as well:

Prosecutors stressed that they don’t actually require the passphrase itself, meaning Fricosu would be permitted to type it in and unlock the files without anyone looking over her shoulder. They say they want only the decrypted data and are not demanding “the password to the drive, either orally or in written form.”

Let’s stop and take a look at what the fifth amendment states:

No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.

I’ve emphasized the important part for this post. Our supposed fifth amendment right is against being forced to bear witness against yourself. Note how the amendment doesn’t state in what way you’re protected from being a witness against yourself. What the DoJ is arguing is the fifth amendment states you can’t be compelled to speak against yourself or write information that could be used against you. What the fifth amendment actually says is that you can’t be compelled to be a witness against yourself, period. By having to enter encryption keys you would in fact be a witness against yourself as it would reveal potentially self-incriminating information.

Obviously the actors of the state are going to go with an analogy that best benefits them in incriminating anybody they wish so they are going to claim that encryption keys are the same as safe combinations which you can be forced to provide. Here’s the thing, as written the fifth amendment would protect you against even providing a safe combination because that would make you a witness against yourself.

Thankfully the Electronic Frontier Foundation (EFF) has filed an amicus brief arguing that being forced to provide encryption keys is a direct violation of fifth amendment protections. Their argument is sound albeit against the desires of the state so will likely be ignored:

Decrypting data on a computer is a testimonial act that receives the full protection of the Fifth Amendment. This act would incriminate Fricosu because it might reveal she had control over the laptop and the data there. The government has failed to show that the existence and location of the information it seeks is a foregone conclusion. Furthermore, the limited immunity offered by the government is not coextensive with the scope of Fricosu’s privilege. The Court should therefore find that the government has failed to take the steps necessary to secure Fricosu’s Fifth Amendment rights and deny the application.

You should read the entire amicus brief as it makes for interesting reading and presents several previous court cases that favor the EFF’s argument.

Following the wording of the fifth amendment and the spirit in which it was written logical conclusion would be that you are not required to do anything for the state that would allow it to prosecute you. Of course being the government gets to rule on the scope of protections against the government the amendments in the Bill of Rights has little meaning. This is why jury nullification is such an important right, even if the government rules that the fifth amendment doesn’t apply a jury could rule in favor of the defendant on grounds that being forced to reveal encrypted information is a violation of fifth amendment protections.

The Wall Street Journal and Al-Jazeera Offering False Anonymity to Whistle Blowers

Lately people have been holding Al-Jazeera up as some kind of Greek god of journalism. I never subscribed to that idea and find Al-Jazeera to be yet another news source with commercial interests (which I have absolutely nothing against). As a commercial entity Al-Jazeera have to play by certain rules of the state will take away their ability to do business.

When I heard that both the Wall Street Journal and Al-Jazeera were going to offer means for whistle blowers to submit documents anonymously I assumed there was some kind of catch and the Electronic Frontier Foundation (EFF) once again proved my concerns correct:

Despite promising anonymity, security and confidentiality, AJTU can “share personally identifiable information in response to a law enforcement agency’s request, or where we believe it is necessary.” SafeHouse’s terms of service reserve the right “to disclose any information about you to law enforcement authorities” without notice, then goes even further, reserving the right to disclose information to any “requesting third party,” not only to comply with the law but also to “protect the property or rights of Dow Jones or any affiliated companies” or to “safeguard the interests of others.” As one commentator put it bluntly, this is “insanely broad.” Neither SafeHouse or AJTU bother telling users how they determine when they’ll disclose information, or who’s in charge of the decision.

So if you submit any information to either of these services they reserve the right to turn your ass in upon request. If you wish to submit anonymous information as a whistle blower you’re better off using WikiLeaks as they have a pretty good track record of keeping their sources anonymous and have no terms or agreements that state they will turn your ass over to anybody upon request. In addition to reserving the right to turn your ass in both sites also lack anonymity:

Despite their public claims to the contrary, both SafeHouse and AJTU disclaim all promises of confidentiality, anonymity, and security.

SafeHouse offers users three upload options: standard, anonymous, and confidential. The “standard” SafeHouse upload “makes no representations regarding confidentiality.” Neither does the “anonymous” upload which, as Appelbaum pointed out, couldn’t technically provide it anyway. For “confidential” submissions, a user must first send the WSJ a confidentiality request. The request itself, unsurprisingly, is neither confidential nor anonymous. And until the individual user works out a specific agreement with the paper, nothing is confidential.

Similarly, AJTU makes clear that “AJTU has no obligation to maintain the confidentiality of any information, in whatever form, contained in any submission.” Worse, AJTU’s website by default plants a trackable cookie on your web browser which allows them “to provide restricted information to third parties.” So much for anonymity!

Yes neither of these systems allow for anonymity or legal protection against government (and in the case of the Wall Street Journal any third-party) requests for personal information about submitters. If you want to blow the whistle on something make sure you don’t use either the Wall Street Journal’s or Al-Jazeera’s services.

Reinforcements Have Arrived

You know those scum bags over a Righthaven who are causing many so much grief? Good news the Electronic Frontier Foundation (EFF) is getting involved and will help bloggers being targeted by Righthaven.

Just contact Eva Galperin at eva@eff.org if you’re currently being targeted for a lawsuit by those vulture bastards.