A report released today by a large team of academics and non-government health organisations reveals that the Trans-Pacific Partnership Agreement (TPP) poses risks to the health of Australians in areas such as provision of affordable medicines, tobacco and alcohol policies and nutrition labelling. Many public health organisations have been tracking the progress of the TPP negotiations over the past several years and have expressed concerns about the potential impacts and lack of transparency.
Month: March 2015
The CIA Campaign to Steal Apple’s Secrets
RESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by The Intercept.
The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.
By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.
The CIA declined to comment for this story.
The security researchers also claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. Xcode, which is distributed by Apple to hundreds of thousands of developers, is used to create apps that are sold through Apple’s App Store.
The modified version of Xcode, the researchers claimed, could enable spies to steal passwords and grab messages on infected devices. Researchers also claimed the modified Xcode could “force all iOS applications to send embedded data to a listening post.” It remains unclear how intelligence agencies would get developers to use the poisoned version of Xcode.
Researchers also claimed they had successfully modified the OS X updater, a program used to deliver updates to laptop and desktop computers, to install a “keylogger.”
Australian Government Prosecuting Anonymous Member Who Allegedly Exposed The Major Flaw In Its Data Retention Demands
Find a security flaw, go to jail. That’s the general attitude of government entities around the world. Over in Australia, an Anonymous member and fundraising manager for a cancer support group is facing an ever-shifting number of charges for finding and testing security holes.
Adam John Bennett is a rather un-anonymous member of Anonymous. He also acts as an unofficial mouthpiece for Anonymous via his LoraxLive online radio show. His supposed participation in a large-scale hack saw him raided by Australian Federal Police in May of 2014. Since then, he’s been awaiting prosecution for a variety of charges — charges government prosecutors seem unable to pin down.
The data breach leading to Bennett’s arrest involved a target of Australia’s controversial data retention law, which requires ISPs to hold onto subscribers’ internet activity (including social network use and emails) for two years and grant extensive access to a variety of government agencies.
New Zealand Prime Minister Retracts Vow To Resign if Mass Surveillance Is Shown
In August, 2013, as evidence emerged of the active participation by New Zealand in the “Five Eyes” mass surveillance program exposed by Edward Snowden, the country’s conservative Prime Minister, John Key, vehemently denied that his government engages in such spying. He went beyond mere denials, expressly vowing to resign if it were ever proven that his government engages in mass surveillance of New Zealanders. He issued that denial, and the accompanying resignation vow, in order to re-assure the country over fears provoked by a new bill he advocated to increase the surveillance powers of that country’s spying agency, Government Communications Security Bureau (GCSB) – a bill that passed by one vote thanks to the Prime Minister’s guarantees that the new law would not permit mass surveillance.
Since then, a mountain of evidence has been presented that indisputably proves that New Zealand does exactly that which Prime Minister Key vehemently denied – exactly that which he said he would resign if it were proven was done. Last September, we reported on a secret program of mass surveillance at least partially implemented by the Key government that was designed to exploit the very law that Key was publicly insisting did not permit mass surveillance. At the time, Snowden, citing that report as well as his own personal knowledge of GCSB’s participation in the mass surveillance tool XKEYSCORE, wrote in an article for the Intercept:
Let me be clear: any statement that mass surveillance is not performed in New Zealand, or that the internet communications are not comprehensively intercepted and monitored, or that this is not intentionally and actively abetted by the GCSB, is categorically false. . . . The prime minister’s claimto the public, that “there is no and there never has been any mass surveillance” is false. The GCSB, whose operations he is responsible for, is directly involved in the untargeted, bulk interception and algorithmic analysis of private communications sent via internet, satellite, radio, and phone networks.
Elsevier Appears To Be Slurping Up Open Access Research, And Charging People To Access It
Oh, Elsevier. The publishing giant has quite the reputation for its desire to stop people from sharing knowledge unless Elsevier can put up a toll booth. A huge number of academics have signed pledges to boycott Elsevier and not allow their works to be published by the company. Also, in the last few years, there’s been a rapid growth in open access and requirements that research be distributed for free (often under a Creative Commons license).
Almost exactly a year ago, we had a story about Elsevier charging for open access content, and apparently the company hasn’t gotten any better. Ross Mounce recently noticed that Elsevier appeared to be selling a paper on HIV infection for $31.50 + tax (after which you have just 24 hours to download it, or just kiss that money goodbye)
The problem, however, is that the paper was actually published by competing publisher Wiley under an open access Creative Commons license (and is available free of charge on its website). The key author on the paper, Didier Raolt told Mounce that he had no idea why Elsevier was selling his paper, and that he had not given permission. The paper is under a Creative Commons license, but it’s a CC BY-NC-ND 4.0 license. And while I’m not a fan of NC/ND licenses, it’s pretty clear that this license does not allow someone to step in and start selling the paper.
Blackburn Bill Attempts To Gut New Net Neutrality Rules. You Know, For Freedom
During the last election cycle, Representative Marsha Blackburn received $15,000 from a Verizon PAC, $25,000 from an AT&T PAC, $20,000 from a Comcast PAC, and $20,000 from the National Cable and Telecommunications Association, according to the Center for Responsive Politics. Surely that funding is only coincidentally related to Blackburn’s recent decision to rush to the defense of awful state protectionist law written by the likes of AT&T and Comcast, preventing towns and cities from doing absolutely anything about their local lack of broadband competition.
That money surely is also only tangentially related to the fact that Blackburn has also just introduced the “Internet Freedom Act” (pdf), aimed at gutting the FCC’s recently unveiled Title II-based net neutrality rules and prohibiting the agency from trying to make new ones. Whereas most of us thought net neutrality is about protecting consumers and smaller competitors from the incumbent ISP stranglehold over the last mile, Blackburn’s website informs readers that net neutrality rules harm innovators, jobs, and err — freedom:
Hollywood’s Anti-Piracy Secrets Must Be Revealed, Court Rules
More than a year has passed since the MPAA defeated Hotfile, but the case has still been stirring in the background.
Hoping to find out more about Hollywood’s anti-piracy policies the Electronic Frontier Foundation (EFF) previously asked the court to make several sealed documents available to the public.
These documents are part of the counterclaim Hotfile filed, where it accused Warner of repeatedly abusing the DMCA takedown process. In particular, the EFF wants the public to know how Hollywood’s anti-piracy policies and tools work.
District Court Judge Kathleen Williams sided with the EFF and ruled that it’s in the public interest to unseal the information. The MPAA, however, argued that this may hurt some of its members.
Information regarding Columbia Pictures’ anti-piracy policies, in particular, would still be beneficial to pirates for decades to come, the Hollywood group argued.
“Defendants have cited two specific pieces of information regarding Columbia’s enforcement policies that, if revealed to the public, could compromise Columbia’s ability to protect its copyrighted works,” the MPAA’s lawyers wrote.
In addition, anti-piracy vendor Vobile feared that having its pricing information revealed could severely hurt the company.
Judge Williams has now reviewed these and other arguments but ruled that sealing records indefinitely is not an option. In this case, the public interest in the records outweighs the concerns of the MPAA.
Movie Group To “Kill Piracy” By Not Releasing Movies For Months
This is not how this works… This is not how anything works.
Entertainment companies all around the globe bemoan the fact that their creations cost millions to create and often require years of preparation, but all that can be undone in an instant by pirates.
It’s certainly true that any media – whether movies, music or software – can be instantly cloned and distributed to a potential audience of hundreds of millions. According to the industry the doomsday scenario of this position is that filmmakers, musicians, authors and coders will eventually give up the game and go do something else more profitable instead.
Of course, this hasn’t happened yet, largely due to the fact that the public is still digging deep. Hollywood, for example, is having its best year on record. But what if all content suddenly stopped appearing on physical and digital shelves. What would the pirates do then?
Well, if the threats of India’s Tamil Film Producer’s Council (TFPC) come to fruition, we won’t have long to find out. Plagued by the menace of persistent and large scale piracy of their movies, the Council is close to making the most radical stand against copyright infringement ever seen.
Yesterday the TFPC held their general meeting and of course piracy was high on the agenda. Several solutions were reportedly discussed but one came to the forefront – a complete boycott on releasing films for the foreseeable future.
“Some groups wanted a six-month ban, while others wanted a three-month ban,” said council president Kalaipuli S Thanu.
The producer and distributor, who regained control of TFPC in January following allegations of corruption against his rivals, said that something drastic needs to be done.
“The basic fact is that all producers are suffering losses and we have to look into that. We have asked them for some time to call in all the parties concerned and try to reach a resolution that is beneficial to everybody.”
In addition to promising the establishment of a dedicated anti-piracy unit compromised of ex-police officers, Thanu says that not releasing movies at all will be the best way to hit pirates.
“Piracy will automatically stop when there’s no content. When we stop film releases, say for three months, the movie pirates will go out of business. We are looking into this option because film producers have suffered heavily in the last 24 months,” Thanu said.
Aussie Anti-Piracy Plans Boost Demand for Anonymous VPNs
Australia has been called out as the world’s piracy capital for several years, a claim that eventually captured the attention of the local Government.
After negotiations between ISPs and entertainment companies bore no fruit, authorities demanded voluntary anti-piracy measures from Internet providers. If that failed, the Government threatened to tighten the law.
Faced with an ultimatum the telecoms body Communications Alliance published a draft proposal on behalf of the ISPs, outlining a three-strikes notification system.
Titled ‘Copyright Notice Scheme Industry Code‘, the proposal suggests that ISPs start to forward infringement notices to their subscribers. After the initial notice subscribers are warned that copyright holders may go to court to obtain their identities.
Several groups have voiced their concerns in response. Australia’s leading consumer group Choice, for example, warns over the potential for lawsuits and potentially limitless fines.
These threats haven’t gone unnoticed by the general public either. While the proposals have not yet been implemented, many Australians are already taking countermeasures.
Over the past two weeks many file-sharers have been seeking tools to hide their IP-addresses and bypass the proposed monitoring system. By using VPN services or BitTorrent proxies their sharing activities can no longer be linked to their ISP account, rendering the three-strikes system useless.
Data from Google trends reveals that interest in anonymizing services has surged, with searches for “VPN” nearly doubling in recent days. This effect, shown in the graph below, is limited to Australia and appears to be a direct result of the ISPs proposals.
Google Keeps Rejecting Hollywood’s Broad Takedown Requests
The MPAA and Google are not on speaking terms, to say the least.
In recent years the Hollywood group has pushed Google and other search engines to increase their anti-piracy efforts.
This prompted the search giant to filter certain keywords and update its algorithms to downrank pirate sites, but the MPAA is still not happy. Ideally, they want Google to de-list pirate sites entirely.
In a related effort, the group has been sending very targeted takedown requests. Instead of linking to individual download or streaming pages, they ask for the removal of the homepages of various pirate sites.
While these homepages often list links to infringing movies, as shown here, they also include a lot of other content that’s not specified in the takedowns. As a result, Google refuses to take action.
The MPAA’s most recent request lists 43 allegedly infringing URLs and Google refused to take 36 out of its search results, a total of 86 percent.