Saturday, November 19, 2011

Operation Blackout & protect the Internet



SOPA & PIPA

EMERGENCY ACTION AUTHORIZED. ORGANIZATION OF LOCAL PROTESTS IS NEEDED. CONVERGE AT FREEWAYS AND HIGHWAYS. LIBRARIES, MALLS, GOVERNMENT BUILDINGS, SCHOOLS...ALL ARE ACCEPTABLE AREAS! STARTING TODAY!

This is the most important operation in the history of Anonymous. No operation will be executed until we make sure this operation is successful. Any videos uploaded will be updates on this operation.

TRANSCRIPT

Citizens of the United States, We are Anonymous.

This is an urgent emergency alert to all people of the United States. The day we've all been waiting for has unfortunately arrived. The United States is censoring the internet. Our blatant response is that we will not sit while our rights are taken away by the government we trusted them to preserve. This is not a call to arms, but a call to recognition and action!

The United States government has mastered this corrupt way of giving us a false sense of freedom. We think we are free and can do what we want, but in reality we are very limited and restricted as to what we can do, how we can think, and even how our education is obtained. We have been so distracted by this mirage of freedom, that we have just become what we were trying to escape from.

For too long, we have been idle as our brothers and sisters were arrested. During this time, the government has been scheming, plotting ways to increase censorship through means of I S P block aides, D N S blockings, search engine censorship, website censorship, and a variety of other methods that directly oppose the values and ideas of both Anonymous as well as the founding fathers of this country, who believed in free speech and press!

The United States has often been used as an example of the ideal free country. When the one nation that is known for its freedom and rights start to abuse its own people, this is when you must fight back, because others are soon to follow. Do not think that just because you are not a United States citizen, that this does not apply to you. You cannot wait for your country to decide to do the same. You must stop it before it grows, before it becomes acceptable. You must destroy its foundation before it becomes too powerful.

Has the U.S. government not learned from the past? Has it not seen the 2011 revolutions? Has it not seen that we oppose this wherever we find it and that we will continue to oppose it? Obviously the United States Government thinks they are exempt. This is not only an Anonymous collective call to action. What will a Distributed Denial of Service attack do? What's a website defacement against the corrupted powers of the government? No. This is a call for a worldwide internet and physical protest against the powers that be. Spread this message everywhere. We will not stand for this! Tell your parents, your neighbors, your fellow workers, your school teachers, and anyone else you come in contact with. This affects anyone that desires the freedom to browse anonymously, speak freely without fear of retribution, or protest without fear of arrest.

Go to every I R C network, every social network, every online community, and tell them of the atrocity that is about to be committed. If protest is not enough, the United States government shall see that we are truly legion and we shall come together as one force opposing this attempt to censor the internet once again, and in the process discourage any other government from continuing or trying.

We are Anonymous.
We are Legion.
We do not forgive censorship.
We do not forget the denial of our free rights as human beings.
To the United States government, you should've expected us.

6e * 65 * 74 * 77 * 6f * 72 * 6b


Anonymous on Protect IP Bill

404 FREEDOM NOT FOUND - Message From Anonymous On The IP Act

Message From Anonymous: Protect IP Act

Kill the "Protect IP" Bill!

6e * 65 * 74 * 77 * 6f * 72 * 6b

Please see the Legal and Resource Material sections of the sidebar here for other legislation designed to break fundamental functions of the Internet. Get active if you love your nets.

6e * 65 * 74 * 77 * 6f * 72 * 6b

Tuesday, November 8, 2011

The Implacable Iron Fist of Google

Yesterday, after a nice walk in the autumn woods, I came home and found several emails and Twitter notices from friends that my blogs were gone. I checked the addresses and this is what I received:

"This blog is no longer accessible. The name is unavailable for new accounts."

WTF?!?!

After following the breadcrumb trail left for me by Blogger, I got to a page that informed me:

"There has been suspicious activity related to this account. To confirm you are the account holder, Google must send you either a text message or a voice message with a code you must enter..."

After I entered a phone number and got the Confirm Code, my blogs were immediately accessible again.

66:75:63:6b:20:47:6f:6f:67:6c:65


Google pretends to be helpful

For the past two weeks, every time I logged in to post on my blogs I've had an interrupt page from Google, stating that "for my convenience should I lose my passwords" it would be handy to have a phone number to use as another confirmation. There's also been a link in that page that said "skip this step" so of course I did; my password is very strong, nonverbal and would be pretty hard to break unless under a sustained and targeted attack. No robo-sniffer or password dictionary cracker is going to get it.

With Google suggesting it would be a good idea and also offering me a link to skip this step, it's implied that this is not a required condition of using Google products (in this case my blogs on Blogger, unfortunately snapped up by Google recently).


The real deal

This morning's research session was dedicated to what Google calls "Two-step Verification Process" which was launched in mid-February and is just getting around to all your Google accounts.

"Over the next few days you should see a link on your Google Account Settings page that allows you to enabled 2-step verification. This new feature adds an extra layer of security to your Google account by requiring a special passcode in addition to your normal password."

Google Adds 2-Factor Security to Gmail, Apps [Krebs]

Here's a big blah-blah page from Google about "two-step verification"

"2-step verification helps protect a user’s account from unauthorized access should someone manage to obtain their password. Even if a password is cracked, guessed, or otherwise stolen, an attacker can’t sign in without access to the user’s verification codes, which only the user can obtain via their own mobile phone. Requirements: a mobile phone that can receive the verification code via text message or phone call, or an Android, BlackBerry, or iPhone. These devices use the Google Authenticator mobile app to generate the verification code. "

"You enable 2-step verification for your domain in your Google Apps control panel. The user enrolls in 2-step verification... Note: You can’t force your users to use 2-step verification, they must opt-in themselves."

66:75:63:6b:20:47:6f:6f:67:6c:65

Real security

I've talked before about secure passwords: 16-character non-word, alphanumeric+special characters passwords kept on a single password-protected file on your computer/usb key and using copy/paste for logins, or using something like Passkey to hold your passwords.

I've also spoken about the "security measure" of "secret questions" - giving an associated (in your mind) answer to such questions as "What was your childhood pet's name?" in light of social networking and the fact that once something is posted to the net, it's out there forever (using tools like the Wayback Machine). So I recommend choosing your question (if this alternative is offered) or using an answer that is completely unrelated to the questions but associated in your mind with the question:


Q. What was your childhood pet's name? A. Squanomish
Q. Where were you born? A. inmymotherswomb
Q. What was your favorite sport? A. escapingbullies

Combine those with the ASCII and spelling variants: Squ@nomiish, inmeyem0therzw0mb, ezkapeingbullieyes and you have a second layer of security, not easily guessed.

And the final simple rule: never use the same password for more than one service.

So the password:
6D9F1$%&3[invisible space/ascii character Alt + 255]15~>#b+

is going to be pretty hard to crack by an automated dictionary-cracker. Combined with the type of answer to the above typical "security questions" and the best-practice of never using the same password for more than one service, your account is going to be much more secure than someone using the password "Fluffy" for all their accounts.

The fact is that, like a house, you can never be completely secure, but you can make it very difficult for a burglar to break in. Given that option most burglars, especially the random, doorknob-turning kind, will go elsewhere to much easier targets. Like a house, if you are the specific target of a dedicated cracker, nothing is going to stop them, but such cases are a lot rarer than you think. I mean, unless you're a multi-billion-dollar CEO, an attorney in a messy divorce case or a bank, who is going to specifically target you?

66:75:63:6b:20:47:6f:6f:67:6c:65

The Google Two-Step

It's obvious by now that all this blah-blah about "enrolling" and "allowing" and "opt-in" is plain bullshit. So is the supposed "security" offered.

The 30-day browser cookie set by users that click the "Remember verification for this computer" checkbox means that if your computer is stolen, the thief can still access your account without having to provide the second step of verification, and likely not even the password if your computer was just sleeping and browser already open.

You'll have to repeat this process every 30 days, meaning Google's going to require a constant correlation between your username and your phone number. Change numbers? You're going to have to go through hoops to restore access to your accounts. Change computers between laptop, desktop, netbook or tablet? Delete all cookies on browser close to get rid of trackers, spies and supercookies? Same deal. Google wants to know where you are and what phone number you are using every 30 days.


Go ahead; try to opt-out, sucker

From more than a dozen posts explaining how to "turn off two-step verification" from both Google and many bloggers, you get this information:

Q.16) How can I turn off 2-step verification on my Google Account
A.16) You can turnoff 2-step verification, by going to Google Accounts –> Using 2-step verification –> click on Turn off 2-step verification…


Here's the separate section on "how to turn off two-step verification"

Another article telling you how to turn off two-step verification


"In order to turn off two-step verification, visit this page or log in to your Google account and go to Settings >> Account Recovery Options >> Recovering your password. That page will tell you you can "add more information to your account to increase your account-recovery options."

Both ways will take you to this:

click the picture for the Big Picture


Notice that if you have not "opted-in" or "enrolled" or "allowed" this process previously, you will still have to fork over a phone number, receive a verification code and enroll in the program in order to reach the settings page where you can turn off the process, which will happen every 30 days.

Remind you of Facebook much? It should. There's no way to opt-out currently without first opting-in, and all Google's fanboy press and mealy-mouthing about "opting-in" or "enrolling" or "allowing" are straight-out lies. The interrupt-page I was receiving for the previous two weeks whenever I logged in offering to be "helpful" and offering me a link to "skip this step" was a smokescreen.

66:75:63:6b:20:47:6f:6f:67:6c:65

FSCK Google


Am I alarmed by this? I certainly am. I am alarmed by Google pretending this is an opt-in service, repeating that idea in various words and meaning absolutely the opposite.

fsck: a Unix-based system utility for checking the consistency of a file system. Generally, fsck is run automatically at boot time when the operating system detects that a file system is in an inconsistent state. [fsck is analogous to the Windows utility chkdsk]

I am alarmed by Google's persistent and consistent efforts to delete anonymity from the net; to consolidate its holdings and bring them into line with its stated mission of becoming an "Identity Provider"; Google's connection to OpenID and the National Strategy for Trusted Identities in Cyberspace [PDF link to whitehouse paper], which Google calls the Kantara Initiative (shades of the D.H.A.R.M.A. Initiative!).

I'm not the only one.

Identity Crisis: The Delusion of NSTIC

Real Names: Google+, Government & The Identity Ecosystem

Google & NSTIC Leading the March to Digital Totalitarianism?

Botgirl's curated “Nymwars News and Commentary” site

66:75:63:6b:20:47:6f:6f:67:6c:65

After yesterday's little adventure and today's research, I am accelerating my efforts to completely remove myself from the Google ecosystem by using viable alternatives to every single product Google offers. I do not like liars and Google has proven to be no better than Facebook in regarding me as a slab of meat to be bought and sold for their profit, telling press about "optional" services that are in fact compulsory now.

Google has now proven to me that they are in fact dead-set on "doing evil."

Google must have forgotten everything it knew about the net; I can think of a dozen ways to get around this type of forced identification and access off the top of my head and during the coming weeks I will be researching even more ways to keep my electronic privacy protected. What you do is up to you.

66:75:63:6b:20:47:6f:6f:67:6c:65

[double-posted at My So-called Virtual Life]

66:75:63:6b:20:47:6f:6f:67:6c:65

Friday, November 4, 2011

Internet Under Fire

Top news for netizens: The Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011, aka P.R.O.T.E.C.T. IP Act,[S.968] now known as the "Enforcing and Protecting American Rights Against Sites Intent on Theft and Exploitation Act" ie E-Parasites Act [HR 3261] and Stop Online Piracy Act [SOPA] and unofficially known as the Blacklist Bill [watch the name-shifting; confusing eh? It's supposed to be] which also lumps in a House version of the felony streaming bill [S 978] that will make huge swaths of Americans felons for streaming content online is scheduled to be heard in the House Judiciary Committee on Nov. 16.

You can sign the petition on We The People, the White House's "outreach" petition program, here. In order to warrant a response from the White House, it has to reach 25,000 signatures by November 30th.

Also under threat from Google

If you need reasons, you might want to read this Professors’ Letter in Opposition to 'Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011' from July, 2011 by 108 law professors.

6e * 65 * 74 * 77 * 6f * 72 * 6b


Meanwhile, Net Neutrality, the First Amendment of the digital age, is under fire in the Senate; a vote scheduled next week on a “resolution of disapproval”; a measure in Congress that would strip the FCC of the authority to enforce Net Neutrality rules or any other safeguards for the open Internet.

6e * 65 * 74 * 77 * 6f * 72 * 6b


The elephant in the room

These measures are no joke, seeing as how the Net has become the Free Press of the digital age. Given the interaction between social networking and popular uprisings, these measures would go far towards suppressing free speech under the cloak of "preventing piracy" and are sponsored by the huge media companies, whose revenues are plummeting not because of "piracy" but because of garbage product, broken DCMA software and trying to dictate "culture" and "popular taste."

The dirty little elephant in the room is not college students using P2P software to trade cool music because of the destruction of real radio at the hands of those who would dictate what you should listen to regardless of your own preferences but Chinese and Taiwanese factories that pump out 10,000 factory-sealed discs daily, complete with top-of-the-line graphics and cd/dvd pressings. This counterfeiting far surpasses any losses from casual tune-swapping or ripping to hard drives for convenience.

Because of our "trade agreements" with these countries, even Microsoft will not go after them despite huge shipments of counterfeit discs from these countries being seized repeatedly both at Customs and already inside country borders.

The facts remain: many studies and factual reports indicate that not only are musicians making more money than ever, dvd movie and cd music sales are actually up. It's the middlemen, the parasites, that are losing what they consider their rightful, obscene profit margins.

6e * 65 * 74 * 77 * 6f * 72 * 6b

The RIAA and MPAA lie

I personally remember making "mix tapes" off the radio when I was younger; I'd listen to them, decide if I really liked a song enough to buy the album or if I only wanted the 45 single. I'd still buy as much music as I did before; in fact, radio helped me find out about artists I didn't know about and encourage me to buy more product (as cassette tapes didn't have nearly the fidelity of vinyl).

Well, the Industry killed the 45/single format, went to CDs that they told us would cost far less "once we retooled our vinyl factories to produce CDs" and never reduced the selling prices although the cost for producing digital goods has plummeted to a fraction of the cost of vinyl production and shipping, and made back catalog (classic tunes, movies and albums many people would willingly buy) unavailable.

Why did they do this? Because older material has better contracts, balanced between profit for the artist and for the company; new contracts all but impoverish artists while the Company rakes in profit, plays dirty accounting tricks and fraud to show "losses" on multi-platinum releases and makes a mockery of "supporting artists."

For the same reason, they squeezed radio stations with piratical "performing rights" legislation, dictated playlists and ended up reducing radio to a handful of songs endlessly ground into your ears in the attempt to tell you what's cool and what you should buy, because they geared a whole advertising and backscratching tie-in campaign in order to drive culture, not to celebrate or distribute it.

In fact, the RIAA and MPAA statistics have been repeatedly debunked.

6e * 65 * 74 * 77 * 6f * 72 * 6b


Breaking the internet - c
olluding interests

This collusion between lawmakers and the entertainment industry is being used to not only limit our selections of what and where we want to see or hear something we've paid for [like ripping a cd or dvd to a hard drive] but to set dangerous precedent in law, allowing commercial interests to trump consumer rights. These subversions and twistings of law are then taken up by government interests, who use these precedents to further attack the open and free flow of information and discussion on the Net.

The entertainment industry is funneling enormous amounts of money into lobbying Congress to pass these bills. In many cases, motions and bills are presented in last-minute "midnight sessions" with little or no public notice or debate. The semantic shift from "copyright violation" and "counterfeiting" to "piracy" is being used to equate digital copying with terrorism, stifling debate and questions as to the figures being presented by the RIAA and MPAA as to their "loss of profits."

The exposes of the entertainment industry's shady and misleading accounting practices are manifold. The reports of the underhanded tactics of their lobbyists and bribed Congresscritters are also legion.

Lawmakers are being bought by the entertainment and communications companies, which are playing into the interests of a government that would like to see free speech curtailed and the Internets "brought to heel," incidentally breaking fundamental functions of the nets:

Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill [PDF]

6e * 65 * 74 * 77 * 6f * 72 * 6b


Protect your Internets

The Internets are the democratic free press of our age. Cost-of-entry is within reach for a majority of people. No media has been this accessible to the common man since the invention of the printing press and the distribution of books (which the Church tried vainly to suppress).

Given the recent global dialogues/uprisings started with the 'los indignados' movement in Spain earlier this Spring and the continuing communications sweeping the globe, the free Internet is crucial to the future of this planet. The distribution of information regarding corporate collusion with lawmakers, bribery through lobbyists, facts and data now accessible and distributable can go a long way to untangling and uncovering some of the mechanisms that have resulted in this current global meltdown.

Please take a few moments to learn what you can do to protect the Internets that you love. Follow the links at the top of this page; look over the links in the right sidebar under 'Legal' and 'Resource Material' and get involved; it's your home.

6e * 65 * 74 * 77 * 6f * 72 * 6b

Clouting Klout (and etc)

Finally, just a little post I liked about Klout, social metrics and why the hell I'd follow someone just because "they have a huge Klout score" instead of what they have to say:

Stop the Social Puppetry for Klout and Other Influence Metrics!
[Social Media Today]

I've been aware of this since the early days of ICQ, AIM, MSN Messenger and hit counters, "badges" and other early web cruft. I read a lot of heavy science, networking and other esoteric posts I consider interesting, informative and backed with skill and insight; I don't need a scorecard or number to tell me they are important or have something viable and useful to say. I'm sure a lot of what I seek out and read would have a low "Klout" or "social metric" score.

On the same issue, I resent some company trying to tell me how to use my friendships and networks to cash in. My friends are not for sale. I Follow someone because of what they have to say, not because they have a big "score." That kind of thing went out for me sometime in my freshman/sophomore high school years.

6e * 65 * 74 * 77 * 6f * 72 * 6b

70:72:6f:74:65:63:74:20:74:68:65:20:69:6e:74:65:72:6e:65:74:73

6e * 65 * 74 * 77 * 6f * 72 * 6b