eff
Latest
PA school district issued order to refrain from webcam spying (video)
Why a school district would ever think it was acceptable to secretly snap pictures of its students -- in their own homes, no less -- is totally beyond us, but with any luck the Lower Merion School District webcam caper will soon have its day court. Yesterday, an attorney for plaintiff Blake Robbins' confirmed that an agreement was reportedly finalized to stop the school from spying on its students while preserving evidence for the lawsuit. "What gets me in this situation is that I can't imagine there's a parent anywhere who would support the school district's actions here," said ACLU of Pennsylvania Legal Director (and all around good guy) Vic Walczak. "[W]hat the school allegedly has done here is the equivalent of the principal breaking into the house, hiding in the child's closet, and then watching him or her from there." Yuck! For more info on the technical aspects of this case, peep the video after the break. Update: Seems that someone dug up some of the school's policies surrounding the webcam surveillance, and suffice it to say, the bullet points listed here are downright crazy. How crazy? How's about "possession of a monitored MacBook was required for classes, and possession of an unmonitored personal computer was forbidden and would be confiscated." Oh, and "disabling the camera was impossible."
Macworld 2010: Adam Savage re-enacts the EFF's history
We visited a lot of parties last night (and the TUAW bloggers are nursing hangovers because of it), but the best was undoubtedly the Electronics Frontier Foundation's 20th anniversary bash at the DNA Lounge. It wasn't strictly Mac-related, but Mythbuster Adam Savage was in the house, and he led a hilarious re-enactment of some of the major moments in the EFF's history, assisted by various objects and people "found around the club". Of course, since there were quite a few luminaries in the house (including the founders of the EFF, the crew from Steve Jackson Games, and other tech who's whos), the re-enactment actually ended up being re-enacted by most of the actual participants. We captured video of the event, and it's both informational and hilarious -- you can catch it in two segments after the break below. Stay tuned for more from Macworld 2010 all this week -- the floor opens today, and we'll have live streaming video right here on the site, as well as hands-on, interviews, and news from the show in San Francisco all week long. For the iPhone-friendly YouTube video, click here.
E-reader privacy policies compared: Big Kindle is watching you
It's definitely shaping up to be the year of e-book readers: the Amazon Kindle is flying off (virtual) shelves, and we'd expect the Barnes & Noble Nook to start moving at a decent clip once the kinks get worked out. But any device with an always-on 3G connection to a central server raises some privacy questions, especially when it can broadcast granular, specific data about what you're reading -- data that's subject to a wide spectrum of privacy laws and regulations when it comes to real books and libraries, but much less so in the digital realm. We'd say it's going to take a while for all the privacy implications of e-books to be dealt with by formal policy, but in the meantime the best solution is to be informed -- which is where this handy chart from our friends at the Electronic Frontier Foundation comes in. As you'd expect, the more reading you do online, the more you can be tracked -- and Google Books, the Kindle, and the Nook all log a ton of data that can be shared with law enforcement and various other third parties if required. Of course, we doubt the cops are too interested in your Twilight reading habits, but honestly, we'd rather users weren't tracked at all. Check the full chart and more at the read link. [Thanks, Tom]
Sprint handed customer GPS data to law enforcement over 8 million times last year
Privacy advocates and career criminals alike are in a lather over reports that between September 2008 and October 2009, Sprint Nextel ponied up customer location data to various law enforcement agencies more than 8 million times. Speaking at ISS World 2009 (a conference for law enforcement and telecom industry-types responsible for "lawful interception, electronic investigations and network Intelligence gathering"), Sprint Nextel's very own Paul Taylor, Manager of Electronic Surveillance, lamented on the sheer volume of requests the company's received in the past year for precise GPS data for Sprint customers. How did the company meet such high demand? Apparently, his team built a special "web interface" which "has just really caught on fire with law enforcement." We're glad that Sprint's plans to streamline the customer service experience don't stop short of those who serve and protect, but as the EFF points out, plenty of nagging questions remain, including: How many individual customers have been affected? Is Sprint demanding search warrants? How secure is this web interface? Check out an excerpt from Taylor's speech after the break.
Apple: Jailbreaking encourages cell tower terrorism, "catastrophic results"
If trashing your push messaging wasn't enough to steer you clear of using your iPhone in unauthorized ways, this next bit of news might have you back on the straight and narrow. According to Wired, Apple's latest salvo in the fight over jailbreaking is a claim that pernicious, iPhone wielding techno-hackers at home or abroad could modify the baseband and use it to attack cellphone towers, "rendering the tower entirely inoperable to process calls or transmit data." Of course, the idea that this would become more likely if the legal status of jailbreaking changes is totally absurd, but why let that stand in the way of a legal argument?In a related note, one of our editors (whose jailbroken iPhone shall remain nameless) got a strange baseband pop-up error this morning -- the very same morning that AT&T is suffering a "massive connectivity outage" throughout the northeast and midwest. Coincidence? Yeah, probably.Read - iPhone Jailbreaking Could Crash Cellphone Towers, Apple ClaimsRead - Anyone Experience the AT&T Outage?
Apple says jailbreaking is illegal
The Electronic Frontier Foundation has posted the news that Apple has filed comments with the US Copyright Office stating that the act of jailbreaking your iPhone is a copyright infringement and a DMCA violation, and therefore illegal. The EFF says that Apple is claiming that jailbreak apps still require modified versions of Apple's software, and Apple apparently believes that those versions are infringing on their copyrights. The EFF responds, in turn, that "reverse engineering is a fair use when done for purposes of fostering interoperability with independently created software," saying that yes, even though jailbreakers are using Apple's copyrighted code, they are doing so in a way that allows them functionality that Apple doesn't provide access to on their own.At this point, of course, this is just a complaint in the copyright office, and Apple hasn't made any legal moves yet against anyone responsible for jailbreaking. As the EFF states, it would be extremely hard for them to go after individual jailbreakers -- if you buy an iPhone, it should be your right to "get under the hood," as they say, and do what you want.But (and keep in mind that this is TUAW, not The Unofficial Legal Weblog, and we are not lawyers) it seems Apple may be able to try and make a case against anyone offering software that does modify or otherwise "misuse" their copyrighted code. We'll have to see if they explore that position more in the future. You can read Apple's full response here (27 pages). You can see the EFF's initial filings here.Stay tuned for more news and analysis on the issue.
Apple and EFF spar over iPhone jailbreaking and the DMCA
Uh oh, Ashton, it looks like Apple might have a thing or two to say about that jailbroken iPhone of yours. Every three years the Copyright Office asks for proposed exemptions to the Digital Millenium Copyright Act's rules against breaking access protections, and this time around the lovable scamps at the Electronic Frontier Foundation have asked that jailbreaking phones -- like, yes, the iPhone -- be classified as one of those exceptions. As you might have guessed, Apple's response to the EFF isn't exactly supportive of the idea: it says the proposed rule will "destroy the technological protection of Apple's key copyrighted computer programs in the iPhone device itself and of copyrighted content owned by Apple that plays on the iPhone." Both sides have filed long briefs supporting their positions with extremely detailed legal arguments, but the main takeaways are that the EFF thinks that allowing jailbreaking will result in more apps and innovation, and Apple points out that the App Store is already hugely successful and that jailbroken phones are technically running unauthorized modifications of Apple's copyrighted iPhone code that allows them to run pirated applications. Interestingly, Apple's convoluted App Store approval process is the center of a lot of discussion, and Apple is totally disengeniuous about it, saying there's no "duplication of functionality" rule and as proof claims to have allowed "multiple general web browsers... and multiple mail programs." Note to the Copyright Office: if you believe this we have a very nice bridge to sell you. Now, let's be clear: while we're definitely hoping the EFF pulls this one out, the worst thing that can result of all this is the status quo -- Apple isn't asking for jailbreaking to specifically be ruled illegal, it's just asking that it not be specifically ruled legal. If that sounds like a fuzzy distinction, well, it is, but that's the sort of gray area that keeps everyone else out of court for the time being. We'll find out more in the spring, when the Copyright Office holds hearings -- final rulings are due in October. Read - EFF page on the jailbreaking debate Read - EFF's brief (PDF) Read - Apple's reply (PDF) Read - EFF's second brief (PDF)
iPhone 2.1 SDK Disappointments
Something is rotten in the state of Cupertino. Mr. Jobs, TEAR DOWN THIS NDA. If the new iPhone 2.1 beta firmware is anything, it's a perfect excuse to say: "I told you so." It explains why the NDA failed to disappear on schedule. Apple kept its promise -- "Ve shall delivah the 2.0 iPhone und SDK on Yuly 11th" -- while working around the fact that that SDK was half baked at best. It was certainly not ready for prime time. The NDA simply expands the beta period. It offers cover to Apple, as they scramble to finish developing ready-to-ship software. In retrospect, there really was no need for the NDA in the first place, nor this second new 2.1 NDA that just debuted. Anyone, including Apple's competitors -- even the really evil "big brother" ones -- can sign up and download the SDK for free. Apple isn't exactly keeping things hush hush on the down low. All the NDA does right now is keep developers from talking to each other and blogs, magazines and book authors from publishing how-to articles. Said articles, etc., could actually help Apple reduce its tech support overhead. It would certainly help solidify the brand and allow third parties to make better, stronger App Store entries. It made no sense then. It makes no sense now. But that's not where the grumbling ends. Our TUAW tipsters have been busy. They tell us that Apple is busy rejecting Applications from the App Store for grammar mistakes in onboard help files (not a joke) and for not presenting the user with the best playability options (also not a joke). Many of these frustrated developers tell us that some of their products have been waiting for review for four weeks and up and that their updates are getting caught in the gears. One wrote that his apps are getting poor reviews while fixes can't see the light of day. And if the TUAW tipsters' tips are true (thanks TUAW tipsters), the new SDK throws a further wrench into the gears. 2.0 SDK Applications will not be immediately compatible with version 2.1 (although that could change between beta and release). Other tremendously terrific tipsters tell us that the newest beta program isn't fully open. Apparently only a subset of iPhone SDK development members have been granted access. That once again puts some developers at a tremendous financial disadvantage. All in all, the buzz in developer circles is not happy. While some look forward to their first August paychecks from App Store, others remain waiting and frustrated in the wings. As always, please continue to use our tip line if you have anything you want to add anonymously to the discussion. Otherwise, feel free to opine in our comments.
NBC admits "inadvertent" broadcast flag use, still doesn't explain why it actually worked
Just an update on the broadcast flag controversy: NBC has copped to an "inadvertent mistake" in flagging the broadcast of American Gladiators as content prohibited from recording, while Microsoft stated it is only following the FCC's rules, and "fully adheres to flags used by broadcasters". This conveniently ignores the fact that there is no legal requirement for Windows Vista Media Center to recognize the broadcast flag and disable recording, but it does. Errant metadata can and does happen, but for such a "feature" to be buried within one's software unknowingly is troubling. Expect to hear more from the EFF and others questioning why Media Center unnecessarily turns parts of itself off at a broadcaster's command, and rightly so. What's most disturbing, and likely to go sadly without protest is that someone out there is actually watching, and trying to record for later, American Gladiators. The more you know indeed.[Via Techdirt]
Broadcast Flag rides again, courtesy of NBC & Microsoft?
Just like efforts to close the analog hole, our old friend the broadcast flag (don't remember what that is and how it was defeated? Take a quick trip back to 2005 with us) has reared its ugly head again. Displaying the kind of tenacity rarely seen outside of horror movie villains and potential presidential candidates, some Vista Media Center users have apparently gotten the above popup while trying to record broadcast TV from NBC. Since the FCC regulation giving the broadcast flag its power to remotely disable your recording ability was overturned, not only should it not be enabled, there's no reason the system should respond if it were. The EFF's working with the makers of the HDHomeRun to find out why this happened at all (although it's not the first time); whether it's an honest mistake somewhere or if Microsoft slipped a bit of extra DRM into its latest OS.[Via EFF]
Peering Inside: Linden Lab, the DMCA, and content
Linden Lab reports that it is putting more 'resources' on to DMCA duty to deal with improper duplication of content in Second Life. This would be a significant improvement over reports of one person, not even performing the DMCA processing full-time. We don't think the new people will be full-time either, but more person-hours either way. Well, that's all assuming that 'resources' means people. Maybe it means the rumored part-time DMCA processor is now full-time.
Comcast backs off BitTorrent, will continue to manage internet traffic
Although Comcast has been beating around the proverbial bush about its data-meddling ways, it seems the pressure from the recent FCC investigation efforts have forced it to play nice. Reportedly, the firm is getting set to (begrudgingly, we presume) announce that it will "stop targeting BitTorrent on the internet." More specifically, the cable company will purportedly "boost broadband capacity" in order to make things speedier all around, but details on this tidbit were unsurprisingly absent. Nevertheless, BitTorrent has also agreed to make its software "more efficient," but those hoping that Comcast would leave well enough alone are in for even more disappointment. The outfit still plans on managing traffic on the 'net (standard practice, we know), but Tony Werner, executive VP and CTO, noted that it was "working hard on a different approach that is protocol-agnostic during peak periods."[Thanks, Mike and Kenneth]
EFF, ALC sue Homeland Security over laptop, gadget searches
The EFF sure has set it sights high with its latest lawsuit, with it now teaming up with the Asian Law Caucus (ALC) to sue the Department of Homeland Security over laptop and gadget searches and other alleged infringements of civil liberties at U.S. borders. Specifically, the two groups are asking for the DHS to disclose its policies on questioning travelers on First Amendment-protected activities, including the photocopying of individuals' papers, and the searching of laptops and other electronic devices. According to the EFF, that rather drastic move was prompted by the DHS's failure to meet a 20-day time limit Congress had set for responding to public information requests. Needless to say, the DHS itself doesn't seem to have a whole lot to say on the matter at the moment, and we're guessing that situation won't be changing anytime soon.[Via The Register, image courtesy of WhiteHouse.gov]
EFF claims that Comcast is still meddling with data
According to a report released by the Electronic Frontier Foundation (EFF), Comcast has yet to relinquish its data discriminating habits, and users attempting to share content via P2P could still face slowdowns and unexpected delays. Of course, Comcast's Charlie Douglas proclaimed that the firm "does not, has not, and will not block any web site or online application, including peer-to-peer services," but followed up by stating that it did engage in "reasonable network management to serve all of its customers with a good internet experience." The EFF, however, saw things differently. During its own tests, it was reportedly able to confirm conclusions drawn earlier this year by the AP, and it also exclaimed that Comcast was "essentially deploying against its own customers techniques more typically used by malicious hackers." Pretty strong words, to say the least, but we're curious to know if the continued Comcast bashing is indeed legitimate. So, dear readers / Comcast users, are you still (or have you ever, for that matter) experiencing sketchy P2P performance, or is this all just one overblown mess?
Song Sender sends iPhone tunes to email and ringtones
%Gallery-6205% Song Sender allows you to pick a song from your iPhone's song library and send it to a friend via email. If you'd like to use a song from your library as a ringtone, you can do that too. Install the package into your iPhone using your favorite installer application. When run, the software reads through your library, creating a scrolling list of your songs. Tap any song and you'll be prompted with three choices: play it, send it by email, or add it to your ringtones. It practically reaches Zune-levels of squirting functionality! Small print: Fair use only. This software is not intended for pirating purposes. Use your powers for good, not evil. Do not take internally. Software is not a substitute for advice provided by a doctor, lawyer, or the EFF. In case of rash, itching, or swelling seek medical attention immediately. This software was brought to you by the letters E. r. i. c. and a. Do not use SendSong to install iTMS-purchased tracks as ringtones.Update: Version that does not rely on whether you've installed /bin/cp is found here.
Who Killed TiVoToGo?
It is nearly impossible to be a HDTV fan and to boycott DRM, because DRM is embedded in almost every type of HD programming. As with all DRM it is very complicated and almost impossible to keep track of all the limitations and restrictions. Every time we turn around we learn of another form and the only HDTV without restrictions is OTA HD, which was almost locked down via the Broadcast Flag. The latest feature to fall victim to DRM is TiVoToGo on the Series3 and right around the corner are some of our favorite Vista Media Center features, like rolling your own HD DVR. While none of this is a surprise to most of us you may not know the whole story and the Electric Frontier Foundation has done a great job of laying it all out and even providing everyone with a list of things that you can do to make a difference.[Via TiVoCommunity.com]
Asteroid a Hoax?
Anne Onymus (get it? hehe!) over at LowEndMac is hypothesizing that the entire Asteroid fiasco was all part of an evil Apple plan to quash rumor sites. The assumption is based on the fact that two years after the Asteroid leak, Apple still hasn't released a GarageBand breakout box. If Apple had actually put work into Asteroid, surely Jobs wouldn't be so petty as to shut down the entire project because of a leak? (Jobs is rumored to have pulled some product announcements at the last minute during MWSF2006 as a way of punishing the development teams for the leak.) Despite the fact that Apple's competitors then knew what was brewing in Cupertino, the company still had a good head start, and could surely have pushed the product to market well before anyone else. Anne postulates that Apple never had the slightest intention to release Asteroid, and created the product for the precise purpose of the leak. After the leak, Apple expected it would be a piece of cake to squash the rumor mill with a flood of law suits requesting the names of the mole. Instead, the EFF took over the case of the rumor sites, and a federal district court recently ruled that online journalists have all the rights and protections as the traditional media, effectively destroying Apple's claims.While an interesting idea, I think LowEndMac might have the paranoia meter set a bit high this week. Apple may be secretive, but until I see evidence to the contrary, I'm sticking with Occam's razor.
How to get HDTV on your Linux PC
Because Windows Media Center owners shouldn't have all the fun. The instructions are a little complicated but dude, if you're running Linux that should be par for the course. The EFF recommends you build your own HD PVR while you still can, since for the moment at least the "Broadcast flag" legislation is DOA.Any HDBeat readers currently getting HDTV on their non-Windows/Mac box?[Via digg]
EFF says buy a DTV tuner card NOW!
Fred von Lohmann from the Electronic Frontier Foundation suggests a proactive approach to counteract the digital lockdown of devices in the future: buy a DTV tuner card now. Fred wants you to spend your money now, just in case the dreaded HDTV broadcast flag is raised up on the ugly flagpole again.We're all for snapping up a DTV tuner card; heck, we just did that last month for our WMCE machine. Is a proactive purchase really going to help us if the copyright standards are reviewed and implemented? Fred, we're not sure if you're a grandfather or not, but we don't think an early purchase will grandfather us under a broadcast flag ruling. If you're in the market for a DTV tuner, go for it, but trying to purchase technology to circumvent the future usually don't work. That's why we recently passed on a flux-capacitor purchase; it doesn't matter, we didn't have the DeLorean to go with it.
Privacy Watch: Tor
With the nonsense on Capitol Hill this week, and discussion of DMCA revision and funding ramping up, I thought it would be a good time to talk about Tor, the award-winning privacy protocol and software from the EFF. Unlike other anonymizers that work by encrypting or proxying particular services and protocols, Tor's TLS-over-onion routing scheme works by re-routing all TCP traffic through a complex network of Tor nodes. Packets, including routing information, are encrypted between each node and each node has access to only very limited information about the next hop. Furthermore, packets pass through a random number of nodes (the more the merrier) and not all packets from a single session need follow the same route. This makes it very, very difficult (it's tempting to say impossible, but that's probably not quite true) to trace the ultimate origin or destination of any packet on the network unless the contents of the packet divulge revealing information.There are drawbacks, of course. Although the onion routing algorithms are good, onion routing certainly has the potential for higher latency that traditional RIP and OSPF routing. Tor is also not an end-to-end solution. If the ultimate destination of a packet is a machine that doesn't support Tor, the packet is in the open from the time it leaves the Tor exit point and using traditional end-to-end encrytption on top of Tor is advisable.The gains are significant, though, and as the protocol becomes more widely adopted the advantages will become even more pronounced. Aside from privacy protection, Tor's "next hop" TLS encryption virtually eliminates the potential for traditional "man in the middle" attacks within the network because such attacks rely on knowing the origin and destination of packets, and capturing a usable data stream. Tor, particularly if combined with end-to-end encryption, also makes encrypted data less susceptible to brute force attacks; it is much more difficult to capture a complete data stream, and data is encrypted multiple times with short-lived session keys.Even though Tor is still in beta, it's well worth a download (The Windows version already won a PCWorld "Best Products of 2005, Security" Award). Take a look, and if you have a public IP, think about setting up a server.