Thursday, March 1, 2012

Key Bank, (in)Security & Datafarming

Today I logged into my bank account at Key Bank, and after answering my security questions (crafted with years of experience), instead of being sent to my account pages, I was thrown to this page:




I have no loans with Key Bank. I have no credit line with Key Bank. I have nothing with Key Bank but a checking account, with no Direct Deposit, no tie-ins, nothing; a plain old-fashioned manual checking account.

Look at what they are asking for: height (last time it was driver's license number), employment history information, car registration information...

This is the second time I have been forced to go through this "verification process" without ever having given Key Bank this information. Key Bank has absolutely no business having this information. I put money in; I take money out. I do not Direct Pay any bills; I maintain absolute manual control over my banking processes.


Not only is this bypassing my own crafted security, it is destroying my own security. They are linking my bank account to publicly-searchable information, which is no security at all; it is a menace to security. They are compiling my separate data in one place, which means if they are hacked, the crackers get all of my information in one nice package.

This is a security threat, Key Bank. This is irresponsible, reprehensible, stupid and way more intrusive than you are allowed to be as a handler of my money, which you make profits from. I am not your child; I am not your consumer. I am your customer, your client.

6e * 65 * 74 * 77 * 6f * 72 * 6b

Key Bank, you are history; I'll be changing bank accounts tomorrow and deleting you from my existence. You are also now the target of an information campaign to spread awareness of exactly how insecure your systems are, how inadequate and possibly-criminally negligent whatever unqualified bonehead "security IT person" injected this process into your verification system & are under suspicion of selling my data for profit in a way you were never authorized to do. Congratulations. Enjoy the feedback.


6e * 65 * 74 * 77 * 6f * 72 * 6b

Friday, January 27, 2012

In Defense of Twitter

*DISCLAIMER: Unlike usual, this is an OP-ED piece. It's a pain day for me, so I'm a bit scrambled on pain & meds - this post won't have the usual links to everything in it. You can trust me, or you can do your research to verify what I set forth as fact (which I recommend anyway).

6e * 65 * 74 * 77 * 6f * 72 * 6b


Why you should consider this post

There's a big wave of discontent against Twitter for announcing that it can/will be censoring tweets by country to comply with their legal requirements. People are "outraged" and want to "show Twitter who's boss" and "communication should be free" and...

Please listen to me now: I've been fully-involved in the internet and politically-aware of what concerns it both technically and legally since Operation Sun Devil & the Steve Jackson Games FBI raids. I happened to be a noobie on the net at that time, and SJG/Illuminati site was a place to go for game info and community revolving around Steve's excellent tabletop RPG games.

If you read my last post about #SOPA (or this entire site) you know that I know my stuff; I know a lot about the legal shenanigans the government & industry have been using to attempt to control the channels of communication for the last 25+ years. It has been my privilege and my pleasure to consider myself a Netizen (a citizen of the Internet) for longer than most people. Because I live here, more than most, I've considered it my civic duty to watch, learn, investigate and talk about the technology & the implications of it for evolutionary change and human freedom.

Also because I have spent as much time here as other people spend on "having a real life" - children, a home, a career - I do know things; I spend a lot of time learning about my environment, the people who live there and the forces arrayed against this historically-unique manifestation of free speech.

So now I must speak out in defense of Twitter.

6e * 65 * 74 * 77 * 6f * 72 * 6b


What Twitter Did (as opposed to what people think they did)

Twitter has announced that, in order to keep within the legal requirements of other countries in order to continue operating in those countries, their tech allows the company to block tweets or users on a country-by-country basis. Previously, blocking tweets had to be done globally, meaning if an oppressive regime asked Twitter to remove a tweet or block a user, it had to be done for everyone in the world. Now, Twitter can remove that tweet in that country, but allow the world to see it.

At the same time, Twitter slipped users a key to the lock. Think about that.

With all this chatter lately about "what companies are doing to suppress our rights," it's easy to get caught up in someone's gut reaction, their outrage or their political position. But that's playing the game we all want to get away from. That's the Polarity Game; the Chessboard with two opposing sides, in black and white. But that is not how things work. That is not the Network Model; "it's a trap!"

By slipping us the Key, Twitter is walking a minefield, and you should understand just what minefield Twitter is in before you start formulating adamantine black-and-white opinions.

6e * 65 * 74 * 77 * 6f * 72 * 6b


What's going on

If you're reading this, you're one of the people that have become aware of the attempts by governments and industries to contain, alter, geld and control the internet. There was a reason this was named "The Information Revolution" many years ago; it is only now that people are understanding this was no whim, no PR snappy soundbyte; no cute metaphor like "the information superhighway" - this was a dry, technical description of what this technological breakthrough meant/would mean. This is war.

The forces arrayed against an open Internet are formidable. This slowly-building, covert war against the technology and implications of an easily-accessible means of mass communication is coming to a head.

For a moment, compare Twitter's actions and speech to those of Google, AT&T, Viacom, Comcast & the rest of the Players. Google has not only told users to STFU and take what they offer, its been less-than-forthcoming about its compliance with the US Gov/TSA/DHS/NSA/spook crowd. The same goes for AT&T, who has not only folded and let the spooks install monitoring on every trunk line they own, they've used their muscle and weight to push legislation (hand-in-hand with government) for retroactive immunity for Constitutional violations and illegal operations. Rinse and repeat for the rest of the Players.

On the other hand, what Twitter has done is technically comply with these draconian measures to suppress speech, meanwhile dispersing the technical information necessary to route around these measures in order to keep the channel of communications that is Twitter open and in use.


What Twitter could have done

Twitter could have complied like Google and allowed whatever country(s) to dictate whether Twitter could be reached at all. By technically complying with these requests/dictates, Twitter remains open as a tool for communication in war time.

On the other hand, if Twitter did not bow to these "regulations" and gave the metaphorical Finger to these communications-fascists, Twitter could have easily been blocked/cut off/removed from an entire country's use (except in cases of VPN/ssh and other tools/techniques which require a bit of technical ability). At this point, I wouldn't trust our own government not to resort to dirty tricks, "business regulations," obscure lines buried in telcomm laws already passed or secret DHS/TSA "orders" to destroy Twitter as a business.


Think of the French Resistance, operating under cover in Vichy France. You might wish to run out into the street and scream "Fascist!" at any passing member of the ruling junta... which would get you shot; end of story. But what if communications with the Resistance depended on you to relay messages, supplies and information? Giving in to your (understandable) rage would hurt a lot more people than you... so you wouldn't; you'd bite the bullet, smile and nod to the Jackboots, serve their coffee and listen carefully for information that would be of use to the Resistance.

6e * 65 * 74 * 77 * 6f * 72 * 6b


This is war

This is war, and you have to think; the world is not black-and-white - that's the old revolving-gameboard, binary, dualistic model we're trying to get out from under. Twitter has not bent over like the others. Twitter has basically played by the letter of those rules in order to get around those rules with imagination, cleverness and technical know-how while striving to keep the ability to communicate freely open.

This took some guts, knowledge of their own system and knowledge of the ignorance of the enemy. Twitter was very clever... much more so than, say, Google. Twitter was also very transparent about what was going on; again in contrast to the Goog, the telcomms and the govt.


Twitter has openly danced on the plank like Capt. Jack Sparrow, putting on a good show for the Powers while flashing signals with a concealed mirror to Loyalists and Netizens to be aware, be ready and use the tools provided.


For these reasons, in this case, I commend Twitter and I put my experience, my technical, legal and historical knowledge behind that support. Twitter's gone much farther for netizen's rights than almost any other major company I can think of and it is important to me (as it should be to you) to recognize a clever ally in wartime.

For these reasons, I will not be participating in Op #Twitterblackout.

6e * 65 * 74 * 77 * 6f * 72 * 6b

Tuesday, January 17, 2012

SOPA & PIPA: An Internet Legal History Primer

Today, January 18, 2012, a huge amount of websites will be "going dark" as a protest and demonstration of the damage that the Stop Online Piracy Act [SOPA / HR 3261] and the and the Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 [P.R.O.T.E.C.T. IP Act -PIPA - S. 968] are prepared to do to the functionality of the internet in the name of "protecting intellectual property" at the behest of the media megacorps.

An incredible array of tech and internet sites are taking part in this protest/declaration/demonstration; your internet will not look the same at all [for a day]. The provisions in PIPA and SOPA can actually break the internet's functionality; this is being pushed by a coalition of media and entertainment companies to "protect their intellectual property from pirates." Yes; they'd rather break the internet's functionality than figure out why their old rapacious business models are failing.


You may not know it, but SOPA & PIPA are only the latest in a long line of laws attempting to limit, contain, channel and control the internet. I have lived through these times on the net and offer some historical outline below. Unfortunately, since Wikipedia will be blacked out today, you'll have to come back tomorrow if you want to explore these links in more depth.

6e * 65 * 74 * 77 * 6f * 72 * 6b


A History of Communications, Privacy and Internet Law


1984: Cable Communications Policy Act of 1984 - set forth strong protections for subscriber privacy by restricting the collection, maintenance and dissemination of subscriber data. The Act prohibited cable operators from using the cable system to collect "personally identifiable information" concerning any subscriber without prior consent, unless the information is necessary to render service or detect unauthorized reception. The Act also prohibited operators from disclosing personally identifiable data to third parties without consent, unless the disclosure is either necessary to render a service provided by the cable operator to the subscriber or if it is made to a government entity pursuant to a court order.

[The USA P.A.T.R.I.O.T. Act [Uniting (and) Strengthening America (by) Providing Appropriate Tools Required (to) Intercept (and) Obstruct Terrorism Act of 2001] has narrowed/gutted the CCPA privacy provisions considerably]



1986: The Electronic Communications Privacy Act (ECPA) was passed by Congress to expand the scope of existing federal wiretap laws, such as the the Omnibus Crime Control and Safe Streets Act of 1968 (Wiretap Act) to include protection for electronic communications and expanded the privacy protections of the Wiretap Act in five significant ways:
  1. ECPA broadened the scope of privileged communications to include all forms of electronic transmissions, including video, text, audio, and data.
  2. ECPA eliminated the requirement that communications be transmitted via common carrier to receive legal protection.
  3. ECPA maintained restrictions on the interception of messages in transmission and adds a prohibition on access to stored electronic communications.
  4. ECPA responded to the Supreme Court's ruling in Smith v. Maryland (June 1979) that telephone toll records are not private and restricts law enforcement access to transactional information pertaining to users of electronic communication services.
  5. ECPA broadened the reach of the Wiretap Act by restricting both government and private access to communications.

[The USA P.A.T.R.I.O.T. Act [Uniting (and) Strengthening America (by) Providing Appropriate Tools Required (to) Intercept (and) Obstruct Terrorism Act of 2001] narrowed/gutted the ECPA privacy provisions considerably]



1987: The Computer Security Act of 1987 reaffirmed that the National Institute for Standards and Technology (NIST) is responsible for the security of unclassified, non-military government computer systems. The main purpose of the Act is to protect unclassified information from military intelligence agencies. However, the Act has since been weakened, primarily as a result of the efforts of the National Security Agency and repealed with the Federal Information Security Management Act of 2002 [FISMA, see below]


1989
: The Secret Service is given authority by Congress over "access device fraud" as an extension of its "wire fraud" authority.


1990: Operation Sun Devil, Steve Jackson Games, Inc. v. United States Secret Service

These two raids and subsequent court cases resulted in the creation of the Electronic Frontier Foundation and provided law enforcement with evidence to convince the US Congress of the need for additional funding, training and overall expansion of Federal law enforcement.

The great hacker witch hunt hysteria begins in earnest; "hackers are going to destroy your word perfect documents and steal your credit cards!!!!!"


1991: Telephone Consumer Protection Act of 1991 amended Title II of the Communications Act of 1934 and requires the Federal Communications Commission ("FCC" or "Commission") to promulgate rules "to protect residential telephone subscribers' privacy rights." In 2002, a federal judge ruled that the TCPA's ban on sending unsolicited fax advertisements was an unconstitutional restriction on commercial speech.


1994: Communications Assistance for Law Enforcement Act of 1994 [CALEA] aka "Digital Telephony Act" was passed by Congress to preserve the Government's ability, pursuant to court order or other lawful authorization, to intercept communications over digital networks. The Act requires phone companies to modify their networks to ensure government access to all wire and electronic communications as well as to call-identifying information. The law also included several provisions enhancing privacy, including a section that increased the standard for government access to transactional data.

6e * 65 * 74 * 77 * 6f * 72 * 6b

1996: The Telecommunications Act of 1996 [TCA] and Title V of that Act - Communications Decency Act [CDA]


Signed into law on February 8, 1996 by then-President Bill Clinton, this bill purported to foster competition among companies sharing the underlying infrastructure of networked technologies. Buried in that legislation was an amendment - Title V - The Communications Decency Act of 1996 [CDA] - which proposed to "regulate pornographic material on the Internet". This amendment is the precursor to the Child Online Protection Act [COPA] of 1998; the Children's Internet Protection Act [CIPA] of 2000 and the current pending PROTECT IP Act as well as scores of bills passed in the intervening 15 years, using the specter of pornography (later switched to child pornography), terrorism and fear to push through legislation that favors media cartels and the government's interest in strangling the free flow of information.

[Section 230 of the CDA added protection for online service providers and users from actions against them based on the content of third parties, stating in part that "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider". Effectively, this section immunizes both ISPs and Internet users from liability for torts committed by others using their website or online forum, even if the provider fails to take action after receiving actual notice of the harmful or offensive content. We'll return to this important proviso later.]


Promises, promises

The TCA was actually a deregulation of the 1975 FCC cross-ownership rules put in place to limit media concentration and monopolies in the radio and television space, preventing companies from denying accessibility of airspace and broadcast space to other companies through the conglomeration and consolidation of media and denial of the common carrier infrastructure built with US tax dollars as the telegraph and later telephone copper wiring.


The TCA was supposed to foster competition, fairly distribute the use of infrastructure paid for by the public and allow for the collection of a levy handed to the telcos to upgrade and improve the national backbone and fiber-optic cables, requiring "fiber to the curb" by 2006. The Bell companies — SBC, Verizon, BellSouth and Qwest, claimed that they would step up to the plate and rewire homes, schools, libraries, government agencies, businesses and hospitals, with a fiber (and coax) wire capable of at least 45 Mbps in both directions, and could handle 500+ channels... if they received financial incentives. This wiring was to be done in rich and poor neighborhoods, in rural, urban and suburban areas equally and would be open to ALL competitors, not a closed-in network or deployed only where the phone company desired.

[This was not DSL, which travels over the old copper wiring and did not require new regulations. This is not Verizon's FIOS or SBC’s Lightspeed fiber optics, which are slower, can't handle 500 channels, are not open to competition, and are not being deployed equitably. This was NOT fiber somewhere in the network ether or only on the intranets of the telcos but directly to homes. The FCC now defines broadband as 200 kilobytes per second in one direction — 225 times slower than what was promised in 1992]

In exchange for building these networks, the Bell companies ALL received changes in state laws that handed them excessive profits, tax savings, and other perks to be used in building these networks. It is estimated that $300 billion dollars in excess profits and tax deductions has been collected for this purpose.



(not) Built on lies

But there was a problem with this - the networks couldn't be built at the time the commitments were made. TELE-TV and Americast, the Bell companies' fiber optic front groups, spent about $1 billion and were designed to make America believe these deployments were real in order to pass the TCA.

Instead of spending the money on these promised networks, the Bell companies used the money to enter long distance markets, roll out wireless and inferior ADSL services: customers paid for a fiber optic wire and got ADSL over the old copper wiring with old and failing routers, switches and exchanges. Network capacity was lied about and the network was oversold.

[Verizon and SBC are rolling out new fiber optic services but want the laws changed again. These services are crippled, closed networks. FIOS’s top speed is only 35% of the Asian standard, and yet it cost $199 vs $40 for 100 Mbps in many European countries]


What the TCA really was about was deregulation and an open invitation to telcos, media conglomerates and lobbyists to swoop into the vacuum left by the breakup of ATT on antitrust grounds in 1982-1984. On the promises of the telcos, the FCC succumbed to lobbyist cash and sold out the protected common carrier infrastructure to corporations to use as they saw fit.



The Net Speaks Back

Written in outraged response to government's intrusion on the development of the internet through the passage of the TCA, John Perry Barlow, an early and influential voice on the web, published the Declaration of the Independence of Cyberspace on Feb. 8, 1996. Although strident and anthemic, Barlow's opinion was shared by many of the top technicals, theorists and legal scholars of that time, who saw in the TCA and the embedded CDA the beginnings of censorship and control over the channels of communication the net was opening. They also saw the first attempts by corporations to use Congress and lobbyists to shape the net for the convenience and profit of the entrenched entertainment industry, who had already begun consolidating companies and muscling out new businesses built around the net with bagsful of cash to attorneys, congressmen and the FCC.


Barlow was not alone in his perception that something underhanded was going on. Articles began appearing online and in print media pointing to something rotten in all this quickly-moving legislation:


The Telecommunications Act of 1996:A Commentary on What Is Really Going on Here

The Telecommunications Act of 1996 - Mauer School of Law


Will The New Telecommunications Act Promote Monopoly? Yes, It Will


Digital Robber Barons?

... and countless others. Search "Telecommunications Act of 1996" for more information and some awareness that these rats were smelled early by many respectable journalists and newspapers.


Those few who protested and claimed the Act would lead to mass media consolidations were surprised by how quickly that consolidation happened. Within just a few years, radio stations, over the air TV stations, cable TV stations and telephone companies were eaten up by the larger, richer companies in a feeding frenzy that has resulted in the limited, false "choices" we are forced into today. Rather than "encouraging competition," the TCA allowed consolidation of the media and control of all information received by people to a small group of sources, all of them incestuously feeding content to their own networks in a war for eyeballs (and click-throughs).


Some Further Reading on the TCA:

1997-2002

False Premises, False Promises: A Quantitative History of Ownership Consolidation in the Radio Industry


Lessons from 1996 Telecommunications Act: Deregulation Before Meaningful Competition Spells Consumer Disaster [Consumer Reports]


Fallout from the 1996 Telecommunications Act [PDF file - Common Cause]


Moyers on America . The Internet @ Risk . Resources . Timeline


Com101- Intro to Mass Communication: Media Economics [Cabrini College]


A Little Analytical Honesty Please...


6e * 65 * 74 * 77 * 6f * 72 * 6b


1998
: Child Online Protection Act [COPA] passed by Congress to protect children's personal information from its collection and misuse by commercial Web sites [the law, however, never took effect, as three separate rounds of litigation led to a permanent injunction against the law in 2009]... but that didn't seem to be enough, as Congress then passed the Children's Online Privacy Protection Act of 1998 (COPPA) - the "think of the children!" spectre was first being pushed as a way to make people fear the internet.


1999: The Gramm–Leach–Bliley Act (GLB), aka Financial Services Modernization Act of 1999 regulates the privacy of personally identifiable, nonpublic financial information disclosed to non-affiliated third parties by financial institutions. The Act requires written or electronic notice of the categories of personal information collected, categories of people the information will be disclosed to, the consumer's opt-out rights, and the company's confidentiality policy. The Act also requires administrative, technical, and physical safeguards to protect the security and privacy of information.


The Wireless Communication and Public Safety Act of 1999 required all mobile telephones created after 2000 to have the capability to map the user's location through the use of global positioning systems. The primary benefit of such a system is that it enables 9-11 operators to locate callers in distress. However, such systems also raise major privacy concerns since they allow mobile telephone users to be located at any time. The Act clarified that telephone companies' must obtain the customer's opt-in consent to collect location information in any non-emergency situation.


2000: Children's Internet Protection Act [CIPA] - proposed to limit children's exposure to pornography and explicit content online. Both of Congress's earlier attempts at restricting indecent Internet content, the Communications Decency Act and the Child Online Protection Act, were held to be unconstitutional by the U.S. Supreme Court on First Amendment grounds.


2002: E-Government Act of 2002 - expanded e-government initiatives in the executive branch. The Act contained privacy protections, such as prohibitions on the secondary disclosure of information obtained for statistical purposes. This Act included the Federal Information Security Management Act of 2002 [FISMA; Title III], which recognized the importance of information security to the economic and national security interests of the United States, and the Confidential Information Protection and Statistical Efficiency Act [CIPSEA; Title V], which establishes uniform confidentiality protections for information collected for statistical purposes by US statistical agencies. The law guides standardized approaches to the idea that a respondent's information should not be exposed in ways that lead to inappropriate or surprising identification of the respondent. By default the respondent's data is used for statistical purposes only. If the respondent gives informed consent, the data can be put to some other use.

6e * 65 * 74 * 77 * 6f * 72 * 6b

Reading the above laws in light of current knowledge, you can see a pattern of stretching interpretation, ignoring provisions stated explicitly in those laws regarding privacy and the responsibility of both government and private corporations to protect consumer's privacy, limit the sharing and pooling of information and identifying records.

You know this has not happened. You know that these laws have been exploited, twisted or ignored by both government and private corporations. This is the danger of SOPA and PIPA and their ilk; proponents of the law say "trust us!" when there is ample evidence for the last 28 years that such assertations are not to be believed; that any loophole, clever lawyer word-games or outright bribery or intimidation will be used to turn these laws into a bludgeon against free speech under the rubric of "protecting intellectual property."

6e * 65 * 74 * 77 * 6f * 72 * 6b


To the people who would say the government "has a right" to do this because "DARPA created the internet" or "companies pay for the servers and lines," let me make a very important point:

The government did not pay for the lines the internet uses, nor did the communications companies. Those (mostly) copper lines were paid for by your parents and grandparents in taxes, surcharges and easements given to The Bell System, AT&T and the rest of the corps, who then taxed you (through Congress) to lay those lines.

You continue to pay for a 1997 grant of $93 billion dollars to the communications companies to roll fiber out to the home by 2004. None of that has happened; the telcos took that money, in violation of the terms of the deal made with Congress for that purpose, and instead used it to invest in their own wireless market. You have been, and are being, ripped off [check your phone bill; see those "federal excise taxes" and "surcharges"? That's the debt you're paying for something not rendered].

You own the internet. You paid for it; you still pay for the infrastructure.The government does not own the internet, nor do the telcos.


46 75 63 6b 20 53 4f 50 41

46 75 63 6b 20 50 49 50 41

46 75 63 6b 20 74 68 65 20 52 49 41 41

46 75 63 6b 20 74 68 65 20 4d 50 41 41

46 75 63 6b 20 43 6f 6e 67 72 65 73 73

Monday, December 19, 2011

Holiday Carols for Netizens & OWS

Deck the Halls with Dox of Folly

Deck the halls with dox of folly!
tralalalala lala la la!
Lulzy Xmas should be jolly
falalalala, lala la la!

Don we now our Guy Fawkes gas masks
lalala, lalala, la la la!
Poke the plutarchs in their asses
lalalalala, lala la la!


O Google +

O Google+ O Google+
How tricky are thy branches
You promised us some neato stuff
To get us in your clutches

You signed me up, and led me in
then killed my posts when I used a nym

O Google+, you suckered us
Now do I post my ranting cuss.

O Google+ O Google+
Your motto, "don't be evil"
Was just the words of market turds
The slogan of some weasels

You want to rule identity
So you can then cash in on me

O Google+ O Google+
We see now how
You've betrayed us


Occupy Ride

I hear those cop belts jinglin'
Ring-ting-tinglin' too
Oh ho, it's lovely weather to go
Occupy Together with you!

Outside there's tear gas flying
and friends are crying, boohoo
Come on, it's lovely weather
to go Occupy Together with you!

     Giddyup, giddyup, giddyup, let's go
     We're streaming the show
     Protesting in a wonderland of snow
     Giddyup, giddyup, giddyup, it's grand
     they're cuffing our hands
     We're tweeting it all with a call
     To our Occupy bre-ther-en!

Our tents are nice and rosy
And comfy cozy are we
We're rounded up together
Like free birds of a feather would be

Outside the sirens calling
And pepper spray's falling now too
Oh ho, it's lovely weather to go
Occupy Together with you!

     There's an Occupation at the home of Mayor Grey
     It'll be the perfect ending to a perfect day
     We'll be chanting the songs we love to sing without a single stop
     As we run from the Casually Pepper Spraying Cop!
     Pop-diddly-Op!

     There's a happy feeling nothing in the world can buy
     As we see how many people come to Occupy
     It'll nearly be like a picture print from Revolution times
     These wonderful things are the things
     Our democracy gives our lives

Outside there's tear gas flying
and friends are crying, boohoo
Come on, it's lovely weather
to go Occupy Together with you!

I hear those cop belts jinglin'
Ring-ting-tinglin' too
Oh ho, it's lovely weather to go
Occupy Together with you!


Lulz Xmas

I'm dreaming of a Lulz Xmas
Just like the ones I used to know
Where Anon masks glisten
And children listen
To hear pastebins in the snow

I'm dreaming of a Lulz Xmas
With every oligarch I dox
May your days be lulzy and bright
And may all your nfo-grabs be right



God Rest Ye Merry, Netizens

God rest ye merry, netizens
Let nothing you dismay
Remember that the Congressmen
Are noobies and are lame
They threaten us with SOPA's power
But do not know our ways
Oh, tidings of comfort and joy
Comfort and joy
Oh, tidings of comfort and joy.

In DNS and TCP they do not understand
They think that they can block us out
And use their iron hand
To keep us all from pirate sites
And pages that they ban
Oh, tidings of comfort and joy
Comfort and joy
Oh, tidings of comfort and joy

For we are ones who built the net
Who live it every day
We let the men of commerce run
For 10 years with their way
But now it's time we claim our power
And show them it's our game
Oh, tidings of comfort and joy
Comfort and joy
Oh, tidings of comfort and joy

Saturday, November 19, 2011

Operation Blackout & protect the Internet



SOPA & PIPA

EMERGENCY ACTION AUTHORIZED. ORGANIZATION OF LOCAL PROTESTS IS NEEDED. CONVERGE AT FREEWAYS AND HIGHWAYS. LIBRARIES, MALLS, GOVERNMENT BUILDINGS, SCHOOLS...ALL ARE ACCEPTABLE AREAS! STARTING TODAY!

This is the most important operation in the history of Anonymous. No operation will be executed until we make sure this operation is successful. Any videos uploaded will be updates on this operation.

TRANSCRIPT

Citizens of the United States, We are Anonymous.

This is an urgent emergency alert to all people of the United States. The day we've all been waiting for has unfortunately arrived. The United States is censoring the internet. Our blatant response is that we will not sit while our rights are taken away by the government we trusted them to preserve. This is not a call to arms, but a call to recognition and action!

The United States government has mastered this corrupt way of giving us a false sense of freedom. We think we are free and can do what we want, but in reality we are very limited and restricted as to what we can do, how we can think, and even how our education is obtained. We have been so distracted by this mirage of freedom, that we have just become what we were trying to escape from.

For too long, we have been idle as our brothers and sisters were arrested. During this time, the government has been scheming, plotting ways to increase censorship through means of I S P block aides, D N S blockings, search engine censorship, website censorship, and a variety of other methods that directly oppose the values and ideas of both Anonymous as well as the founding fathers of this country, who believed in free speech and press!

The United States has often been used as an example of the ideal free country. When the one nation that is known for its freedom and rights start to abuse its own people, this is when you must fight back, because others are soon to follow. Do not think that just because you are not a United States citizen, that this does not apply to you. You cannot wait for your country to decide to do the same. You must stop it before it grows, before it becomes acceptable. You must destroy its foundation before it becomes too powerful.

Has the U.S. government not learned from the past? Has it not seen the 2011 revolutions? Has it not seen that we oppose this wherever we find it and that we will continue to oppose it? Obviously the United States Government thinks they are exempt. This is not only an Anonymous collective call to action. What will a Distributed Denial of Service attack do? What's a website defacement against the corrupted powers of the government? No. This is a call for a worldwide internet and physical protest against the powers that be. Spread this message everywhere. We will not stand for this! Tell your parents, your neighbors, your fellow workers, your school teachers, and anyone else you come in contact with. This affects anyone that desires the freedom to browse anonymously, speak freely without fear of retribution, or protest without fear of arrest.

Go to every I R C network, every social network, every online community, and tell them of the atrocity that is about to be committed. If protest is not enough, the United States government shall see that we are truly legion and we shall come together as one force opposing this attempt to censor the internet once again, and in the process discourage any other government from continuing or trying.

We are Anonymous.
We are Legion.
We do not forgive censorship.
We do not forget the denial of our free rights as human beings.
To the United States government, you should've expected us.

6e * 65 * 74 * 77 * 6f * 72 * 6b


Anonymous on Protect IP Bill

404 FREEDOM NOT FOUND - Message From Anonymous On The IP Act

Message From Anonymous: Protect IP Act

Kill the "Protect IP" Bill!

6e * 65 * 74 * 77 * 6f * 72 * 6b

Please see the Legal and Resource Material sections of the sidebar here for other legislation designed to break fundamental functions of the Internet. Get active if you love your nets.

6e * 65 * 74 * 77 * 6f * 72 * 6b

Tuesday, November 8, 2011

The Implacable Iron Fist of Google

Yesterday, after a nice walk in the autumn woods, I came home and found several emails and Twitter notices from friends that my blogs were gone. I checked the addresses and this is what I received:

"This blog is no longer accessible. The name is unavailable for new accounts."

WTF?!?!

After following the breadcrumb trail left for me by Blogger, I got to a page that informed me:

"There has been suspicious activity related to this account. To confirm you are the account holder, Google must send you either a text message or a voice message with a code you must enter..."

After I entered a phone number and got the Confirm Code, my blogs were immediately accessible again.

66:75:63:6b:20:47:6f:6f:67:6c:65


Google pretends to be helpful

For the past two weeks, every time I logged in to post on my blogs I've had an interrupt page from Google, stating that "for my convenience should I lose my passwords" it would be handy to have a phone number to use as another confirmation. There's also been a link in that page that said "skip this step" so of course I did; my password is very strong, nonverbal and would be pretty hard to break unless under a sustained and targeted attack. No robo-sniffer or password dictionary cracker is going to get it.

With Google suggesting it would be a good idea and also offering me a link to skip this step, it's implied that this is not a required condition of using Google products (in this case my blogs on Blogger, unfortunately snapped up by Google recently).


The real deal

This morning's research session was dedicated to what Google calls "Two-step Verification Process" which was launched in mid-February and is just getting around to all your Google accounts.

"Over the next few days you should see a link on your Google Account Settings page that allows you to enabled 2-step verification. This new feature adds an extra layer of security to your Google account by requiring a special passcode in addition to your normal password."

Google Adds 2-Factor Security to Gmail, Apps [Krebs]

Here's a big blah-blah page from Google about "two-step verification"

"2-step verification helps protect a user’s account from unauthorized access should someone manage to obtain their password. Even if a password is cracked, guessed, or otherwise stolen, an attacker can’t sign in without access to the user’s verification codes, which only the user can obtain via their own mobile phone. Requirements: a mobile phone that can receive the verification code via text message or phone call, or an Android, BlackBerry, or iPhone. These devices use the Google Authenticator mobile app to generate the verification code. "

"You enable 2-step verification for your domain in your Google Apps control panel. The user enrolls in 2-step verification... Note: You can’t force your users to use 2-step verification, they must opt-in themselves."

66:75:63:6b:20:47:6f:6f:67:6c:65

Real security

I've talked before about secure passwords: 16-character non-word, alphanumeric+special characters passwords kept on a single password-protected file on your computer/usb key and using copy/paste for logins, or using something like Passkey to hold your passwords.

I've also spoken about the "security measure" of "secret questions" - giving an associated (in your mind) answer to such questions as "What was your childhood pet's name?" in light of social networking and the fact that once something is posted to the net, it's out there forever (using tools like the Wayback Machine). So I recommend choosing your question (if this alternative is offered) or using an answer that is completely unrelated to the questions but associated in your mind with the question:


Q. What was your childhood pet's name? A. Squanomish
Q. Where were you born? A. inmymotherswomb
Q. What was your favorite sport? A. escapingbullies

Combine those with the ASCII and spelling variants: Squ@nomiish, inmeyem0therzw0mb, ezkapeingbullieyes and you have a second layer of security, not easily guessed.

And the final simple rule: never use the same password for more than one service.

So the password:
6D9F1$%&3[invisible space/ascii character Alt + 255]15~>#b+

is going to be pretty hard to crack by an automated dictionary-cracker. Combined with the type of answer to the above typical "security questions" and the best-practice of never using the same password for more than one service, your account is going to be much more secure than someone using the password "Fluffy" for all their accounts.

The fact is that, like a house, you can never be completely secure, but you can make it very difficult for a burglar to break in. Given that option most burglars, especially the random, doorknob-turning kind, will go elsewhere to much easier targets. Like a house, if you are the specific target of a dedicated cracker, nothing is going to stop them, but such cases are a lot rarer than you think. I mean, unless you're a multi-billion-dollar CEO, an attorney in a messy divorce case or a bank, who is going to specifically target you?

66:75:63:6b:20:47:6f:6f:67:6c:65

The Google Two-Step

It's obvious by now that all this blah-blah about "enrolling" and "allowing" and "opt-in" is plain bullshit. So is the supposed "security" offered.

The 30-day browser cookie set by users that click the "Remember verification for this computer" checkbox means that if your computer is stolen, the thief can still access your account without having to provide the second step of verification, and likely not even the password if your computer was just sleeping and browser already open.

You'll have to repeat this process every 30 days, meaning Google's going to require a constant correlation between your username and your phone number. Change numbers? You're going to have to go through hoops to restore access to your accounts. Change computers between laptop, desktop, netbook or tablet? Delete all cookies on browser close to get rid of trackers, spies and supercookies? Same deal. Google wants to know where you are and what phone number you are using every 30 days.


Go ahead; try to opt-out, sucker

From more than a dozen posts explaining how to "turn off two-step verification" from both Google and many bloggers, you get this information:

Q.16) How can I turn off 2-step verification on my Google Account
A.16) You can turnoff 2-step verification, by going to Google Accounts –> Using 2-step verification –> click on Turn off 2-step verification…


Here's the separate section on "how to turn off two-step verification"

Another article telling you how to turn off two-step verification


"In order to turn off two-step verification, visit this page or log in to your Google account and go to Settings >> Account Recovery Options >> Recovering your password. That page will tell you you can "add more information to your account to increase your account-recovery options."

Both ways will take you to this:

click the picture for the Big Picture


Notice that if you have not "opted-in" or "enrolled" or "allowed" this process previously, you will still have to fork over a phone number, receive a verification code and enroll in the program in order to reach the settings page where you can turn off the process, which will happen every 30 days.

Remind you of Facebook much? It should. There's no way to opt-out currently without first opting-in, and all Google's fanboy press and mealy-mouthing about "opting-in" or "enrolling" or "allowing" are straight-out lies. The interrupt-page I was receiving for the previous two weeks whenever I logged in offering to be "helpful" and offering me a link to "skip this step" was a smokescreen.

66:75:63:6b:20:47:6f:6f:67:6c:65

FSCK Google


Am I alarmed by this? I certainly am. I am alarmed by Google pretending this is an opt-in service, repeating that idea in various words and meaning absolutely the opposite.

fsck: a Unix-based system utility for checking the consistency of a file system. Generally, fsck is run automatically at boot time when the operating system detects that a file system is in an inconsistent state. [fsck is analogous to the Windows utility chkdsk]

I am alarmed by Google's persistent and consistent efforts to delete anonymity from the net; to consolidate its holdings and bring them into line with its stated mission of becoming an "Identity Provider"; Google's connection to OpenID and the National Strategy for Trusted Identities in Cyberspace [PDF link to whitehouse paper], which Google calls the Kantara Initiative (shades of the D.H.A.R.M.A. Initiative!).

I'm not the only one.

Identity Crisis: The Delusion of NSTIC

Real Names: Google+, Government & The Identity Ecosystem

Google & NSTIC Leading the March to Digital Totalitarianism?

Botgirl's curated “Nymwars News and Commentary” site

66:75:63:6b:20:47:6f:6f:67:6c:65

After yesterday's little adventure and today's research, I am accelerating my efforts to completely remove myself from the Google ecosystem by using viable alternatives to every single product Google offers. I do not like liars and Google has proven to be no better than Facebook in regarding me as a slab of meat to be bought and sold for their profit, telling press about "optional" services that are in fact compulsory now.

Google has now proven to me that they are in fact dead-set on "doing evil."

Google must have forgotten everything it knew about the net; I can think of a dozen ways to get around this type of forced identification and access off the top of my head and during the coming weeks I will be researching even more ways to keep my electronic privacy protected. What you do is up to you.

66:75:63:6b:20:47:6f:6f:67:6c:65

[double-posted at My So-called Virtual Life]

66:75:63:6b:20:47:6f:6f:67:6c:65

Friday, November 4, 2011

Internet Under Fire

Top news for netizens: The Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011, aka P.R.O.T.E.C.T. IP Act,[S.968] now known as the "Enforcing and Protecting American Rights Against Sites Intent on Theft and Exploitation Act" ie E-Parasites Act [HR 3261] and Stop Online Piracy Act [SOPA] and unofficially known as the Blacklist Bill [watch the name-shifting; confusing eh? It's supposed to be] which also lumps in a House version of the felony streaming bill [S 978] that will make huge swaths of Americans felons for streaming content online is scheduled to be heard in the House Judiciary Committee on Nov. 16.

You can sign the petition on We The People, the White House's "outreach" petition program, here. In order to warrant a response from the White House, it has to reach 25,000 signatures by November 30th.

Also under threat from Google

If you need reasons, you might want to read this Professors’ Letter in Opposition to 'Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011' from July, 2011 by 108 law professors.

6e * 65 * 74 * 77 * 6f * 72 * 6b


Meanwhile, Net Neutrality, the First Amendment of the digital age, is under fire in the Senate; a vote scheduled next week on a “resolution of disapproval”; a measure in Congress that would strip the FCC of the authority to enforce Net Neutrality rules or any other safeguards for the open Internet.

6e * 65 * 74 * 77 * 6f * 72 * 6b


The elephant in the room

These measures are no joke, seeing as how the Net has become the Free Press of the digital age. Given the interaction between social networking and popular uprisings, these measures would go far towards suppressing free speech under the cloak of "preventing piracy" and are sponsored by the huge media companies, whose revenues are plummeting not because of "piracy" but because of garbage product, broken DCMA software and trying to dictate "culture" and "popular taste."

The dirty little elephant in the room is not college students using P2P software to trade cool music because of the destruction of real radio at the hands of those who would dictate what you should listen to regardless of your own preferences but Chinese and Taiwanese factories that pump out 10,000 factory-sealed discs daily, complete with top-of-the-line graphics and cd/dvd pressings. This counterfeiting far surpasses any losses from casual tune-swapping or ripping to hard drives for convenience.

Because of our "trade agreements" with these countries, even Microsoft will not go after them despite huge shipments of counterfeit discs from these countries being seized repeatedly both at Customs and already inside country borders.

The facts remain: many studies and factual reports indicate that not only are musicians making more money than ever, dvd movie and cd music sales are actually up. It's the middlemen, the parasites, that are losing what they consider their rightful, obscene profit margins.

6e * 65 * 74 * 77 * 6f * 72 * 6b

The RIAA and MPAA lie

I personally remember making "mix tapes" off the radio when I was younger; I'd listen to them, decide if I really liked a song enough to buy the album or if I only wanted the 45 single. I'd still buy as much music as I did before; in fact, radio helped me find out about artists I didn't know about and encourage me to buy more product (as cassette tapes didn't have nearly the fidelity of vinyl).

Well, the Industry killed the 45/single format, went to CDs that they told us would cost far less "once we retooled our vinyl factories to produce CDs" and never reduced the selling prices although the cost for producing digital goods has plummeted to a fraction of the cost of vinyl production and shipping, and made back catalog (classic tunes, movies and albums many people would willingly buy) unavailable.

Why did they do this? Because older material has better contracts, balanced between profit for the artist and for the company; new contracts all but impoverish artists while the Company rakes in profit, plays dirty accounting tricks and fraud to show "losses" on multi-platinum releases and makes a mockery of "supporting artists."

For the same reason, they squeezed radio stations with piratical "performing rights" legislation, dictated playlists and ended up reducing radio to a handful of songs endlessly ground into your ears in the attempt to tell you what's cool and what you should buy, because they geared a whole advertising and backscratching tie-in campaign in order to drive culture, not to celebrate or distribute it.

In fact, the RIAA and MPAA statistics have been repeatedly debunked.

6e * 65 * 74 * 77 * 6f * 72 * 6b


Breaking the internet - c
olluding interests

This collusion between lawmakers and the entertainment industry is being used to not only limit our selections of what and where we want to see or hear something we've paid for [like ripping a cd or dvd to a hard drive] but to set dangerous precedent in law, allowing commercial interests to trump consumer rights. These subversions and twistings of law are then taken up by government interests, who use these precedents to further attack the open and free flow of information and discussion on the Net.

The entertainment industry is funneling enormous amounts of money into lobbying Congress to pass these bills. In many cases, motions and bills are presented in last-minute "midnight sessions" with little or no public notice or debate. The semantic shift from "copyright violation" and "counterfeiting" to "piracy" is being used to equate digital copying with terrorism, stifling debate and questions as to the figures being presented by the RIAA and MPAA as to their "loss of profits."

The exposes of the entertainment industry's shady and misleading accounting practices are manifold. The reports of the underhanded tactics of their lobbyists and bribed Congresscritters are also legion.

Lawmakers are being bought by the entertainment and communications companies, which are playing into the interests of a government that would like to see free speech curtailed and the Internets "brought to heel," incidentally breaking fundamental functions of the nets:

Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill [PDF]

6e * 65 * 74 * 77 * 6f * 72 * 6b


Protect your Internets

The Internets are the democratic free press of our age. Cost-of-entry is within reach for a majority of people. No media has been this accessible to the common man since the invention of the printing press and the distribution of books (which the Church tried vainly to suppress).

Given the recent global dialogues/uprisings started with the 'los indignados' movement in Spain earlier this Spring and the continuing communications sweeping the globe, the free Internet is crucial to the future of this planet. The distribution of information regarding corporate collusion with lawmakers, bribery through lobbyists, facts and data now accessible and distributable can go a long way to untangling and uncovering some of the mechanisms that have resulted in this current global meltdown.

Please take a few moments to learn what you can do to protect the Internets that you love. Follow the links at the top of this page; look over the links in the right sidebar under 'Legal' and 'Resource Material' and get involved; it's your home.

6e * 65 * 74 * 77 * 6f * 72 * 6b

Clouting Klout (and etc)

Finally, just a little post I liked about Klout, social metrics and why the hell I'd follow someone just because "they have a huge Klout score" instead of what they have to say:

Stop the Social Puppetry for Klout and Other Influence Metrics!
[Social Media Today]

I've been aware of this since the early days of ICQ, AIM, MSN Messenger and hit counters, "badges" and other early web cruft. I read a lot of heavy science, networking and other esoteric posts I consider interesting, informative and backed with skill and insight; I don't need a scorecard or number to tell me they are important or have something viable and useful to say. I'm sure a lot of what I seek out and read would have a low "Klout" or "social metric" score.

On the same issue, I resent some company trying to tell me how to use my friendships and networks to cash in. My friends are not for sale. I Follow someone because of what they have to say, not because they have a big "score." That kind of thing went out for me sometime in my freshman/sophomore high school years.

6e * 65 * 74 * 77 * 6f * 72 * 6b

70:72:6f:74:65:63:74:20:74:68:65:20:69:6e:74:65:72:6e:65:74:73

6e * 65 * 74 * 77 * 6f * 72 * 6b