Skip to main content

Home/ Future of the Web/ Group items matching "follows" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
11More

Cloud Computing: The Nine Features of an Ideal PaaS Cloud - 0 views

cloudcomputing.sys-con.com/...613436_p.htm cloud computing interop paas platform as a service
shared by Paul Merrell on 22 Jul 08 - Cached
  • What sort of cloud computer(s) should we be building or expecting from vendors? Are there issues of lock-in that should concern customers of either SaaS clouds or PaaS clouds? I’ve been thinking about this problem as the CEO of a PaaS cloud computing company for some time. Clouds should be open. They shouldn’t be proprietary. More broadly, I believe no vendor currently does everything that’s required to serve customers well. What’s required for such a cloud? I think an ideal PaaS cloud would have the following nine features:
  • 1. Virtualization Layer Network Stability
  • 2. API for Creation, Deletion, Cloning of Instances
  • ...7 more annotations...
  • 3. Application Layer Interoperability
  • 4. State Layer Interoperability
  • 5. Application Services (e.g. email infrastructure, payments infrastructure)
  • 6. Automatic Scale (deploy and forget about it)
  • 7. Hardware Load Balancing
  • 8. Storage as a Service
  • 9. “Root”, If Required
  • anonymous on 02 Oct 13
     
    Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com
7More

Sun's Advanced Datacenter (Santa Clara, CA) - System News - 0 views

sun.systemnews.com/...20168 data center container sun-msft cloud
shared by Paul Merrell on 11 Jul 08 - Cached
  • To run Sun’s award-winning data centers, a modular design containing many "pods" was implemented to save power and time. The modular design aids the building of any sized datacenter. Inside of each pod, there are 24 racks. Each of these 24 racks has a common cooling system as does every other modular building block. The number of pods is limited by the size of the datacenters. Large and small datacenters can benefit from using the pod approach. The module design makes it easy to configure a datacenter to meet a client's requirements. As the datacenter grows over time, adding pods is convenient. The module and pod designs make it easy to adapt to new technology such as blade servers. Some of the ways that Sun’s datacenter modules are designed with the future in mind are as follows:
  • To run Sun’s award-winning data centers, a modular design containing many "pods" was implemented to save power and time. The modular design aids the building of any sized datacenter. Inside of each pod, there are 24 racks. Each of these 24 racks has a common cooling system as does every other modular building block. The number of pods is limited by the size of the datacenters. Large and small datacenters can benefit from using the pod approach. The module design makes it easy to configure a datacenter to meet a client's requirements. As the datacenter grows over time, adding pods is convenient. The module and pod designs make it easy to adapt to new technology such as blade servers.
  • An updated 58-page Sun BluePrint covers Sun's approach to designing datacenters. (Authors - Dean Nelson, Michael Ryan, Serena DeVito, Ramesh KV, Petr Vlasaty, Brett Rucker, and Brian Day): ENERGY EFFICIENT DATACENTERS: THE ROLE OF MODULARITY IN DATACENTER DESIGN. More Information Sun saves $1 million/year with new datacenter Take a Virtual Tour
  • ...3 more annotations...
  • An updated 58-page Sun BluePrint covers Sun's approach to designing datacenters. (Authors - Dean Nelson, Michael Ryan, Serena DeVito, Ramesh KV, Petr Vlasaty, Brett Rucker, and Brian Day): ENERGY EFFICIENT DATACENTERS: THE ROLE OF MODULARITY IN DATACENTER DESIGN.
  • Take a Virtual Tour
  • Other articles in the Hardware section of Volume 125, Issue 1: Sun's Advanced Datacenter (Santa Clara, CA) Modular Approach Is Key to Datacenter Design for Sun Sun Datacenter Switch 3x24 See all archived articles in the
  • Paul Merrell on 11 Jul 08
     
    This page seems to be the hub for information about the Sun containerized data centers. I've highlighted links as well as text, but not all the text on the page. Info gathered in the process of surfing the linked pages: [i] the 3x24 data switch page recomends redundant Solaris instances; [ii] x64 blade servers are the design target; [iii] there is specific mention of other Sun-managed data centers being erected in Indiana and in Bangalore, India; [iv] the whiff is that Sun might not only be supplying the data centers for the Microsoft cloud but also managing them; and [v] the visual tour is very impressive; clearly some very brilliant people put a lot of hard and creative work into this.
4More

Is the W3C to Blame for the Breaking of the Web? | Continuing Intermittent In... - 0 views

alex.dojotoolkit.org/?p=687 w3c webkit
shared by Gary Edwards on 10 Jul 08 - Cached
Paul Merrell liked it
  • Consider the recent CSS features added by WebKit: transformations, animations, gradients, masks, et cetera. They’ve very nearly _run out_ of standards to implement, so they’re starting to implement the wouldn’t-it-be-cool-if stuff. If I’m not mistaken, this is the exact sort of thing you’re wishing for.
  • Changing the renderer (which is what we’re taking about when we talk about upgrading “the web”) goes hand-in-hand today with upgrading the *rest* of the browser as well, which requires the user to care…and users (to a one) don’t give a flying leap about CSS 2.1 support.
    • Gary Edwards
      Gary Edwards on 10 Jul 08
       
      Note to marbux: the browser is the layout/rendering engine for web applications and services. Nothing happens on the web unless and until the browser, or a browser RiA alternative, implements a compliant end user interface. Focus on the browser layout engines, and Web applications will follow.
  • Gary Edwards on 10 Jul 08
     
    Another article taking up the issue of "Blame the W3C" for what increasingly looks like a proprietary Web future. The author is an Ajax-DOJO supporter, and he tries to defend the W3C by saying it's not their job, they don't have the "power" or the "authority" to push the Web forward. About the best they can do is, at the end of the day, try to corral big vendors into agreement. Meanwhile, the Web has become the wild wild west with browser vendors innovating into their corporate web stacks where vast profits and future monopolies rest. For me, WebKit represents the best effort insisting that the Web remain Open. It's OSS with excellent big vendor support. And they are pushing the envelope. Finally!
4More

Microsoft Loses E.U. Antitrust Case - washingtonpost.com - 0 views

www.washingtonpost.com/...AR2009011604570.html Microsoft Opera DG Competion MSIE Windows antitrust tying
shared by Paul Merrell on 17 Jan 09 - Cached
  • It ordered the software giant to untie the browser from its operating system in the 27-nation E.U.
  • The commission's investigation into Microsoft's Web-surfing software began a year ago, after the Norwegian browser-maker Opera Software filed a complaint. Opera argued that Microsoft hurt competitors not only by bundling the software, in effect giving away the browser, but also by not following accepted Web standards. That meant programmers who built Web pages would have to tweak their codes for different browsers. In many cases, they simply designed pages that worked with market-leading Internet Explorer but showed up garbled on competing browsers.
  • At the time of the complaint, Opera said it was asking E.U. regulators to either force Microsoft to market a version of Windows without the browser, or to include other browsers with Windows.
  • Paul Merrell on 17 Jan 09
     
    The Post too says that DG Competition ordered the unbundling of MSIE from Windows. But again no attribution for the statement. They also leave the impression that Opera's complaint regarding the undermining of open web standards was upheld, something not stated in either the Microsoft or DG Competition announcements. So the questions of the day are: [i] did the Commission order the unbundling of MSIE from Windows; and [ii] did the Commission also rule on the undermining of open web standards. The latter question could be of critical importance in the still ongoing proceeding regarding the ECIS complaint in regard to the undermining of ODF by Microsoft pushing OOXML.
3More

Microsoft Statement on European Commission Statement of Objections: Statement of Object... - 0 views

www.microsoft.com/...01-16statement.mspx Microsoft Opera DG Competion antitrust tying MSIE Windows
shared by Paul Merrell on 17 Jan 09 - Cached
  • REDMOND – Jan. 16, 2009 – “Yesterday Microsoft received a Statement of Objections from the Directorate General for Competition of the European Commission. The Statement of Objections expresses the Commission’s preliminary view that the inclusion of Internet Explorer in Windows since 1996 has violated European competition law. According to the Statement of Objections, other browsers are foreclosed from competing because Windows includes Internet Explorer.
  • The Statement of Objections states that the remedies put in place by the U.S. courts in 2002 following antitrust proceedings in Washington, D.C. do not make the inclusion of Internet Explorer in Windows lawful under European Union law.
  • Paul Merrell on 17 Jan 09
     
    Microsoft's version of events, notable for the statement that DG Competition included a specific ruling that it is not bound by the U.S. v. Microsoft decision in the U.S. That only states the obvious, but is perhaps intended to forestall somewhat Microsoft arguments that the legality of its bundling was conclusively determined in the U.S. case. If so, it may have worked; Microsoft makes no such claim in this press release.
3More

W3C releases Working Draft for Widgets 1.0: APIs and Events - 0 views

www.w3.org/...WD-widgets-apis-20090205 W3C widgets APIs events
shared by Paul Merrell on 12 Feb 09 - Cached
  • This specification defines a set of APIs and events for the Widgets 1.0 Family of Specifications that enable baseline functionality for widgets. The APIs and Events defined by this specification defines, amongst other things, the means to:access the metadata declared in a widget's configuration document, receive events related to changes in the view state of a widget, determine the locale under which a widget is currently running, be notified of events relating to the widget being updated, invoke a widget to open a URL on the system's default browser, requests the user's attention in a device independent manner, and check if any additional APIs requested via the configuration document's feature element have successfully loaded.
  • This specification defines a set of APIs and events for widgets that enable baseline functionality for widgets. Widgets are full-fledged client-side applications that are authored using Web standards. They are typically downloaded and installed on a client machine or device where they typically run as stand-alone applications outside of a Web browser. Examples range from simple clocks, stock tickers, news casters, games and weather forecasters, to complex applications that pull data from multiple sources to be "mashed-up" and presented to a user in some interesting and useful way
  • This specification is part of the Widgets 1.0 family of specifications, which together standardize widgets as a whole. The Widgets 1.0: Packaging and Configuration [Widgets-Packaging] standardizes a Zip-based packaging format, an XML-based configuration document format and a series of steps that user agents follow when processing and verifying various aspects of widgets. The Widgets 1.0: Digital Signature [Widgets-DigSig] specification defines a means for widgets to be digitally signed using a custom profile of the XML-Signature Syntax and Processing Specification. The Widgets: 1.0: Automatic Updates [Widgets-Updates] specification defines a version control model that allows widgets to be kept up-to-date over [HTTP].
4More

ZoooS Previews "OpenOffice.org 3.0 in a Browser" | Software Journal - 0 views

stuff.techwhack.com/4729-zooos cartel dead end technology ooo zoos
shared by Paul Merrell on 06 Sep 08 - Cached
  • ZoooS LLC today previewed ZoooS Office, a web-based office suite that puts OpenOffice.org 3.0 in a browser, targeting enterprise, SMB, and individual users alike with a blend of software-as-a-service (SaaS) and desktop advantages.
  • Other key ZoooS Office implementations will include Mozilla XULRunner; Firefox, Opera, Safari as well as the new Google Chrome web browser; social networking sites such as Facebook, MySpace, and Second Life; and Nintendo Wii and Sony PlayStation. Regardless of implementation, ZoooS applications run entirely on the client machine, performing all file operations locally to reduce network traffic, improve application performance, and support offline access.
  • Public availability of ZoooS Office is scheduled for the fourth quarter of 2008. Initially, ZoooS will deliver the Mozilla XULRunner version, a Firefox plug-in, an Opera widget, and an intranet server. ZoooS will follow up with a Vista gadget and Internet Explorer support in the first half of 2009. For more information on ZoooS, please visit www.zooos.com.
  • Paul Merrell on 06 Sep 08
     
    Yet another wrapper around OpenOffice.org, this time the 3.0 version still in beta. $99.90 per seat for 10 users, Lots of Javascript to give a web collaboration capability. Perhaps most notable so far: [i] a sniff that there's a fair amount of money behind this one; and [ii] an article by Eric Lai says they approached the OOo Project but were rebuffed because they compete with desktop OOo. Support for different browsers planned. an XULRunner plug-in the works. Several mashups mentioned. Claims 80 percent of OOo features available, which is another way of saying that 20 per cent of the features are not supported. Claim that oSays code will be released under GPL. Apparently that's just their custom stuff because OOo 3.0 beta is LGPL. Building a business atop a code base controlled by a malevolent branch of Sun Microsystems seems less than wise. More at zooos.com. Preliminary impression: Like OOo itself, dead end technology that sucks mind and market share from software that supports truly open standards. The world needs to figure out that the OpenDocument format is roughly as open as OOXML. Open standards are fully specified so anyone can implement them.
2More

Cover Pages: Open Web Foundation Formed to Support Community Specification Development. - 0 views

xml.coverpages.org/ni2008-09-22-a.html community-driven standards open web foundation
shared by Paul Merrell on 23 Sep 08 - Cached
  • The formation of the Open Web Foundation (OWF) was announced on July 24, 2008 at the OSCON 2008 Conference. OWF is "applying the open source model of seeing a common pain point and trying to patch the system by creating an 'organizational library' that makes it easier to go through a collaborative specification process and come out of it with clean IPR, leading to faster implementation and adoption.
  • According to the OWF web site: "The Open Web Foundation is an independent non-profit dedicated to the development and protection of open, non-proprietary specifications for web technologies. It is an attempt to create a home for community-driven specifications. Following the open source model similar to the Apache Software Foundation, the foundation is aimed at building a lightweight framework to help communities deal with the legal requirements necessary to create successful and widely adopted specification. The foundation is trying to break the trend of creating separate foundations for each specification, coming out of the realization that we could come together and generalize our efforts... The Open Web Foundation is made up of individuals who believe that the open web is built on technologies that are created in the open by a diversity of contributors, and which free to be used and improved upon without restriction."
2More

Tip: Use the new microformats API in your Firefox 3.0 Extensions - 0 views

www.ibm.com/...x-tipffoxmicroapi firefox3 microformats
shared by Paul Merrell on 05 Jun 08 - Cached
  • The upcoming Firefox 3.0 release has built-in support for microformats in the form of an API that you can access from a Firefox extension. In this tip, you follow a simple example of how to use this API from within your extension code. You take a skeleton Hello World extension and give it the ability to store an hCard from any Web page and then use that stored hCard to populate a Web form.
  • anonymous on 23 Sep 13
     
    Like this http://www.hdfilmsaati.net Film,dvd,download,free download,product... ppc,adword,adsense,amazon,clickbank,osell,bookmark,dofollow,edu,gov,ads,linkwell,traffic,scor,serp,goggle,bing,yahoo.ads,ads network,ads goggle,bing,quality links,link best,ptr,cpa,bpa
9More

Rapid - Press Releases - EUROPA - 0 views

europa.eu/...pressReleasesAction.do Intel antitrust DG Competion
shared by Paul Merrell on 13 May 09 - Cached
  • The Commission found that Intel engaged in two specific forms of illegal practice. First, Intel gave wholly or partially hidden rebates to computer manufacturers on condition that they bought all, or almost all, their x86 CPUs from Intel. Intel also made direct payments to a major retailer on condition it stock only computers with Intel x86 CPUs. Such rebates and payments effectively prevented customers - and ultimately consumers - from choosing alternative products. Second, Intel made direct payments to computer manufacturers to halt or delay the launch of specific products containing competitors’ x86 CPUs and to limit the sales channels available to these products.
  • Intel awarded major computer manufacturers rebates on condition that they purchased all or almost all of their supplies, at least in certain defined segments, from Intel: Intel gave rebates to computer manufacturer A from December 2002 to December 2005 conditional on this manufacturer purchasing exclusively Intel CPUs Intel gave rebates to computer manufacturer B from November 2002 to May 2005 conditional on this manufacturer purchasing no less than 95% of its CPU needs for its business desktop computers from Intel (the remaining 5% that computer manufacturer B could purchase from rival chip maker AMD was then subject to further restrictive conditions set out below) Intel gave rebates to computer manufacturer C from October 2002 to November 2005 conditional on this manufacturer purchasing no less than 80% of its CPU needs for its desktop and notebook computers from Intel Intel gave rebates to computer manufacturer D in 2007 conditional on this manufacturer purchasing its CPU needs for its notebook computers exclusively from Intel.
  • Furthermore, Intel made payments to major retailer Media Saturn Holding from October 2002 to December 2007 on condition that it exclusively sold Intel-based PCs in all countries in which Media Saturn Holding is active.
  • ...5 more annotations...
  • In its decision, the Commission does not object to rebates in themselves but to the conditions Intel attached to those rebates.
  • Intel structured its pricing policy to ensure that a computer manufacturer which opted to buy AMD CPUs for that part of its needs that was open to competition would consequently lose the rebate (or a large part of it) that Intel provided for the much greater part of its needs for which the computer manufacturer had no choice but to buy from Intel. The computer manufacturer would therefore have to pay Intel a higher price for each of the units supplied for which the computer manufacturer had no alternative but to buy from Intel. In other words, should a computer manufacturer fail to purchase virtually all its x86 CPU requirements from Intel, it would forego the possibility of obtaining a significant rebate on any of its very high volumes of Intel purchases. Moreover, in order to be able to compete with the Intel rebates, for the part of the computer manufacturers' supplies that was up for grabs, a competitor that was just as efficient as Intel would have had to offer a price for its CPUs lower than its costs of producing those CPUs, even if the average price of its CPUs was lower than that of Intel.
  • For example, rival chip manufacturer AMD offered one million free CPUs to one particular computer manufacturer. If the computer manufacturer had accepted all of these, it would have lost Intel's rebate on its many millions of remaining CPU purchases, and would have been worse off overall simply for having accepted this highly competitive offer. In the end, the computer manufacturer took only 160,000 CPUs for free.
  • Intel also interfered directly in the relations between computer manufacturers and AMD. Intel awarded computer manufacturers payments - unrelated to any particular purchases from Intel - on condition that these computer manufacturers postponed or cancelled the launch of specific AMD-based products and/or put restrictions on the distribution of specific AMD-based products. The Commission found that these payments had the potential effect of preventing products for which there was a consumer demand from coming to the market. The Commission found the following specific cases: For the 5% of computer manufacturer B’s business that was not subject to the conditional rebate outlined above, Intel made further payments to computer manufacturer B provided that this manufacturer : sold AMD-based business desktops only to small and medium enterprises sold AMD-based business desktops only via direct distribution channels (as opposed to through distributors) and postponed the launch of its first AMD-based business desktop in Europe by 6 months. Intel made payments to computer manufacturer E provided that this manufacturer postponed the launch of an AMD-based notebook from September 2003 to January 2004. Before the conditional rebate to computer manufacturer D outlined above, Intel made payments to this manufacturer provided that it postponed the launch of AMD-based notebooks from September 2006 to the end of 2006.
  • The Commission obtained proof of the existence of many of the conditions found to be illegal in the antitrust decision even though they were not made explicit in Intel’s contracts. Such proof is based on a broad range of contemporaneous evidence such as e-mails obtained inter alia from unannounced on-site inspections, in responses to formal requests for information and in a number of formal statements made to the Commission by the other companies concerned. In addition, there is evidence that Intel had sought to conceal the conditions associated with its payments.
  • Paul Merrell on 13 May 09
     
    This is an uncharacteristically strong press release from DG Competition. I still must read the order, but the description of the evidence is incredible, particularly the finding of concealment of its rebate conditions by Intel.
2More

Privacy Badger | Electronic Frontier Foundation - 0 views

www.eff.org/privacybadger privacy eff firefox chrome software browser tools extensions cookies monitor control
shared by Gonzalo San Gil, PhD. on 01 Jun 14 - No Cached
  • Gonzalo San Gil, PhD. on 01 Jun 14
     
    [Privacy Badger blocks spying ads and invisible trackers.]
  • Paul Merrell on 02 Jun 14
     
    I've been using it for about a month as a Chrome extension, which at least at the time was still in beta. It hasn't caused any problems on either the Linux or Windows boxes. It appears to be working as intended on both systems. The sliders discussed in the article only appear if you are viewing a page that has identified or candidate cookie tracking characteristics. Some it blocks itself. Others, you have to use a slider on to set whether it will be blocked or wait until the program acquires enough data about that site to make a decision to block. The program does not use a blacklist of sites, although it comes with a white list built in of sites that honor the do not track browser setting. But once a tracking cookie is blocked, it's blocked for all sites you visit. So this isn't instant complete tracking cookie security. It's designed to improve your experience with the number of sites whose tracking cookies follow your tracks around the Web. But this is not a mature program. Its effectiveness will improve with each update.
3More

ExposeFacts - For Whistleblowers, Journalism and Democracy - 0 views

exposefacts.org transparency whistle-blowers resources Wikileaks Tail
shared by Paul Merrell on 06 Jun 14 - No Cached
  • Launched by the Institute for Public Accuracy in June 2014, ExposeFacts.org represents a new approach for encouraging whistleblowers to disclose information that citizens need to make truly informed decisions in a democracy. From the outset, our message is clear: “Whistleblowers Welcome at ExposeFacts.org.” ExposeFacts aims to shed light on concealed activities that are relevant to human rights, corporate malfeasance, the environment, civil liberties and war. At a time when key provisions of the First, Fourth and Fifth Amendments are under assault, we are standing up for a free press, privacy, transparency and due process as we seek to reveal official information—whether governmental or corporate—that the public has a right to know. While no software can provide an ironclad guarantee of confidentiality, ExposeFacts—assisted by the Freedom of the Press Foundation and its “SecureDrop” whistleblower submission system—is utilizing the latest technology on behalf of anonymity for anyone submitting materials via the ExposeFacts.org website. As journalists we are committed to the goal of protecting the identity of every source who wishes to remain anonymous.
  • The seasoned editorial board of ExposeFacts will be assessing all the submitted material and, when deemed appropriate, will arrange for journalistic release of information. In exercising its judgment, the editorial board is able to call on the expertise of the ExposeFacts advisory board, which includes more than 40 journalists, whistleblowers, former U.S. government officials and others with wide-ranging expertise. We are proud that Pentagon Papers whistleblower Daniel Ellsberg was the first person to become a member of the ExposeFacts advisory board. The icon below links to a SecureDrop implementation for ExposeFacts overseen by the Freedom of the Press Foundation and is only accessible using the Tor browser. As the Freedom of the Press Foundation notes, no one can guarantee 100 percent security, but this provides a “significantly more secure environment for sources to get information than exists through normal digital channels, but there are always risks.” ExposeFacts follows all guidelines as recommended by Freedom of the Press Foundation, and whistleblowers should too; the SecureDrop onion URL should only be accessed with the Tor browser — and, for added security, be running the Tails operating system. Whistleblowers should not log-in to SecureDrop from a home or office Internet connection, but rather from public wifi, preferably one you do not frequent. Whistleblowers should keep to a minimum interacting with whistleblowing-related websites unless they are using such secure software.
  • Paul Merrell on 06 Jun 14
     
    A new resource site for whistle-blowers. somewhat in the tradition of Wikileaks, but designed for encrypted communications between whistleblowers and journalists.  This one has an impressive board of advisors that includes several names I know and tend to trust, among them former whistle-blowers Daniel Ellsberg, Ray McGovern, Thomas Drake, William Binney, and Ann Wright. Leaked records can only be dropped from a web browser running the Tor anonymizer software and uses the SecureDrop system originally developed by Aaron Schwartz. They strongly recommend using the Tails secure operating system that can be installed to a thumb drive and leaves no tracks on the host machine. https://tails.boum.org/index.en.html Curious, I downloaded Tails and installed it to a virtual machine. It's a heavily customized version of Debian. It has a very nice Gnome desktop and blocks any attempt to connect to an external network by means other than installed software that demands encrypted communications. For example, web sites can only be viewed via the Tor anonymizing proxy network. It does take longer for web pages to load because they are moving over a chain of proxies, but even so it's faster than pages loaded in the dial-up modem days, even for web pages that are loaded with graphics, javascript, and other cruft. E.g., about 2 seconds for New York Times pages. All cookies are treated by default as session cookies so disappear when you close the page or the browser. I love my Linux Mint desktop, but I am thinking hard about switching that box to Tails. I've been looking for methods to send a lot more encrypted stuff down the pipe for NSA to store. Tails looks to make that not only easy, but unavoidable. From what I've gathered so far, if you want to install more software on Tails, it takes about an hour to create a customized version and then update your Tails installation from a new ISO file. Tails has a wonderful odor of having been designed for secure computing. Current
1More

In Letter to Obama, Cisco CEO Complains About NSA Allegations | Re/code - 0 views

recode.net/...omplains-about-nsa-allegations surveillance state NSA Cisco Obama Greenwald-book
shared by Paul Merrell on 20 May 14 - No Cached
  • Warning of an erosion of confidence in the products of the U.S. technology industry, John Chambers, the CEO of networking giant Cisco Systems, has asked President Obama to intervene to curtail the surveillance activities of the National Security Agency. In a letter dated May 15 (obtained by Re/code and reprinted in full below), Chambers asked Obama to create “new standards of conduct” regarding how the NSA carries out its spying operations around the world. The letter was first reported by The Financial Times. The letter follows new revelations, including photos, published in a book based on documents leaked by former NSA contractor Edward Snowden alleging that the NSA intercepted equipment from Cisco and other manufacturers and loaded them with surveillance software. The photos, which have not been independently verified, appear to show NSA technicians working with Cisco equipment. Cisco is not said to have cooperated in the NSA’s efforts.
2More

Pro-Privacy Senator Wyden on Fighting the NSA From Inside the System | WIRED - 1 views

www.wired.com/...senator-ron-wyden-q-a Wyden senator US nsa fighting system inside wired
shared by Gonzalo San Gil, PhD. on 23 Oct 14 - No Cached
  • Gonzalo San Gil, PhD. on 23 Oct 14
     
    "Senator Ron Wyden thought he knew what was going on. The Democrat from Oregon, who has served on the Senate Select Committee on Intelligence since 2001, thought he knew the nature of the National Security Agency's surveillance activities. As a committee member with a classified clearance, he received regular briefings to conduct oversight."
  • Paul Merrell on 24 Oct 14
     
    I'm a retired lawyer in Oregon and a devout civil libertarian. Wyden is one of my senators. I have been closely following this government digital surveillance stuff since the original articles in 1988 that first broke the story on the Five Eyes' Echelon surveillance system. E.g., http://goo.gl/mCxs6Y While I will grant that Wyden has bucked the system gently (he's far more a drag anchor than a propeller), he has shown no political courage on the NSA stuff whatsoever. In the linked article, he admits keeping his job as a Senator was more important to him than doing anything *effective* to stop the surveillance in its tracks. His "working from the inside" line notwithstanding, he allowed creation of a truly Orwellian state to develop without more than a few ineffective yelps that were never listened to because he lacked the courage to take a stand and bring down the house that NSA built with documentary evidence. It took a series of whistleblowers culminating in Edward Snowden's courageous willingness to spend the rest of his life in prison to bring the public to its currently educated state. Wyden on the other hand, didn't even have the courage to lay it all out in the public Congressional record when he could have done so at any time without risking more than his political career because of the Constitution's Speech and Debate Clause that absolutely protects Wyden from criminal prosecution had he done so. I don't buy arguments that fear of NSA blackmail can excuse politicians from doing their duty. That did not stop the Supreme Court from unanimously laying down an opinion, in Riley v. California, that brings to an end the line of case decisions based on Smith v. Maryland that is the underpinning of the NSA/DoJ position on access to phone metadata without a warrant. http://scholar.google.com/scholar_case?case=9647156672357738355 Elected and appointed government officials owe a duty to the citizens of this land to protect and defend the Constitution that legallh
4More

Google Says Website Encryption Will Now Influence Search Rankings - 0 views

techcrunch.com/...-now-influence-search-rankings surveillance state NSA-reform NSA-blowback Google
shared by Paul Merrell on 08 Aug 14 - No Cached
  • Google will begin using website encryption, or HTTPS, as a ranking signal – a move which should prompt website developers who have dragged their heels on increased security measures, or who debated whether their website was “important” enough to require encryption, to make a change. Initially, HTTPS will only be a lightweight signal, affecting fewer than 1% of global queries, says Google. That means that the new signal won’t carry as much weight as other factors, including the quality of the content, the search giant noted, as Google means to give webmasters time to make the switch to HTTPS. Over time, however, encryption’s effect on search ranking make strengthen, as the company places more importance on website security. Google also promises to publish a series of best practices around TLS (HTTPS, is also known as HTTP over TLS, or Transport Layer Security) so website developers can better understand what they need to do in order to implement the technology and what mistakes they should avoid. These tips will include things like what certificate type is needed, how to use relative URLs for resources on the same secure domain, best practices around allowing for site indexing, and more.
  • In addition, website developers can test their current HTTPS-enabled website using the Qualys Lab tool, says Google, and can direct further questions to Google’s Webmaster Help Forums where the company is already in active discussions with the broader community. The announcement has drawn a lot of feedback from website developers and those in the SEO industry – for instance, Google’s own blog post on the matter, shared in the early morning hours on Thursday, is already nearing 1,000 comments. For the most part, the community seems to support the change, or at least acknowledge that they felt that something like this was in the works and are not surprised. Google itself has been making moves to better securing its own traffic in recent months, which have included encrypting traffic between its own servers. Gmail now always uses an encrypted HTTPS connection which keeps mail from being snooped on as it moves from a consumer’s machine to Google’s data centers.
  • While HTTPS and site encryption have been a best practice in the security community for years, the revelation that the NSA has been tapping the cables, so to speak, to mine user information directly has prompted many technology companies to consider increasing their own security measures, too. Yahoo, for example, also announced in November its plans to encrypt its data center traffic. Now Google is helping to push the rest of the web to do the same.
  • Paul Merrell on 08 Aug 14
     
    The Internet continues to harden in the wake of the NSA revelations. This is a nice nudge by Google.
3More

Verizon Will Now Let Users Kill Previously Indestructible Tracking Code - ProPublica - 0 views

www.propublica.org/...y-indestructible-tracking-code surveillance state Verizon tracking-cookies
shared by Paul Merrell on 01 Feb 15 - No Cached
  • Verizon says it will soon offer customers a way to opt out from having their smartphone and tablet browsing tracked via a hidden un-killable tracking identifier. The decision came after a ProPublica article revealed that an online advertiser, Turn, was exploiting the Verizon identifier to respawn tracking cookies that users had deleted. Two days after the article appeared, Turn said it would suspend the practice of creating so-called "zombie cookies" that couldn't be deleted. But Verizon couldn't assure users that other companies might not also exploit the number - which was transmitted automatically to any website or app a user visited from a Verizon-enabled device - to build dossiers about people's behavior on their mobile devices. Verizon subsequently updated its website to note Turn's decision and declared that it would "work with other partners to ensure that their use of [the undeletable tracking number] is consistent with the purposes we intended." Previously, its website had stated: "It is unlikely that sites and ad entities will attempt to build customer profiles.
  • However, policing the hundreds of companies in the online tracking business was likely to be a difficult task for Verizon. And so, on Monday, Verizon followed in the footsteps of AT&T, which had already declared in November that it would stop inserting the hidden undeletable number in its users' Web traffic. In a statement emailed to reporters on Friday, Verizon said, "We have begun working to expand the opt-out to include the identifier referred to as the UIDH, and expect that to be available soon." Previously, users who opted out from Verizon's program were told that information about their demographics and Web browsing behavior would no longer be shared with advertisers, but that the tracking number would still be attached to their traffic. For more coverage, read ProPublica's previous reporting on Verizon's indestructible tracking and how one company used the tool to create zombie cookies.
  • Paul Merrell on 01 Feb 15
     
    Good for Pro Publica!
6More

No, Department of Justice, 80 Percent of Tor Traffic Is Not Child Porn | WIRED [# ! Via... - 0 views

www.wired.com/...percent-tor-traffic-child-porn tor traffic pornography official statistics false lies stiffle people's right privacy spurious interests politics
shared by Gonzalo San Gil, PhD. on 31 Jan 15 - No Cached
  • The debate over online anonymity, and all the whistleblowers, trolls, anarchists, journalists and political dissidents it enables, is messy enough. It doesn’t need the US government making up bogus statistics about how much that anonymity facilitates child pornography.
  • he debate over online anonymity, and all the whistleblowers, trolls, anarchists, journalists and political dissidents it enables, is messy enough. It doesn’t need the US government making up bogus statistics about how much that anonymity facilitates child pornography. At the State of the Net conference in Washington on Tuesday, US assistant attorney general Leslie Caldwell discussed what she described as the dangers of encryption and cryptographic anonymity tools like Tor, and how those tools can hamper law enforcement. Her statements are the latest in a growing drumbeat of federal criticism of tech companies and software projects that provide privacy and anonymity at the expense of surveillance. And as an example of the grave risks presented by that privacy, she cited a study she said claimed an overwhelming majority of Tor’s anonymous traffic relates to pedophilia. “Tor obviously was created with good intentions, but it’s a huge problem for law enforcement,” Caldwell said in comments reported by Motherboard and confirmed to me by others who attended the conference. “We understand 80 percent of traffic on the Tor network involves child pornography.” That statistic is horrifying. It’s also baloney.
  • In a series of tweets that followed Caldwell’s statement, a Department of Justice flack said Caldwell was citing a University of Portsmouth study WIRED covered in December. He included a link to our story. But I made clear at the time that the study claimed 80 percent of traffic to Tor hidden services related to child pornography, not 80 percent of all Tor traffic. That is a huge, and important, distinction. The vast majority of Tor’s users run the free anonymity software while visiting conventional websites, using it to route their traffic through encrypted hops around the globe to avoid censorship and surveillance. But Tor also allows websites to run Tor, something known as a Tor hidden service. This collection of hidden sites, which comprise what’s often referred to as the “dark web,” use Tor to obscure the physical location of the servers that run them. Visits to those dark web sites account for only 1.5 percent of all Tor traffic, according to the software’s creators at the non-profit Tor Project. The University of Portsmouth study dealt exclusively with visits to hidden services. In contrast to Caldwell’s 80 percent claim, the Tor Project’s director Roger Dingledine pointed out last month that the study’s pedophilia findings refer to something closer to a single percent of Tor’s overall traffic.
  • ...1 more annotation...
  • So to whoever at the Department of Justice is preparing these talking points for public consumption: Thanks for citing my story. Next time, please try reading it.
  • Gonzalo San Gil, PhD. on 02 Feb 15
     
    [# Via Paul Merrell's Diigo...] "That is a huge, and important, distinction. The vast majority of Tor's users run the free anonymity software while visiting conventional websites, using it to route their traffic through encrypted hops around the globe to avoid censorship and surveillance. But Tor also allows websites to run Tor, something known as a Tor hidden service. This collection of hidden sites, which comprise what's often referred to as the "dark web," use Tor to obscure the physical location of the servers that run them. Visits to those dark web sites account for only 1.5 percent of all Tor traffic, according to the software's creators at the non-profit Tor Project."
  • Gonzalo San Gil, PhD. on 02 Feb 15
     
    [# Via Paul Merrell's Diigo...] "That is a huge, and important, distinction. The vast majority of Tor's users run the free anonymity software while visiting conventional websites, using it to route their traffic through encrypted hops around the globe to avoid censorship and surveillance. But Tor also allows websites to run Tor, something known as a Tor hidden service. This collection of hidden sites, which comprise what's often referred to as the "dark web," use Tor to obscure the physical location of the servers that run them. Visits to those dark web sites account for only 1.5 percent of all Tor traffic, according to the software's creators at the non-profit Tor Project."
6More

Proposed changes to US data collection fall short of NSA reformers' goals | US news | T... - 0 views

www.theguardian.com/...-data-collection-nsa-reformers surveillance state NSA-reform DNI Clapper voluntary-reforms
shared by Paul Merrell on 05 Feb 15 - No Cached
  • The US intelligence community has delivered a limited list of tweaks to how long it can hold information on ordinary citizens and hide secret trawls for data, responding to Barack Obama’s call for reform of its surveillance practices in the wake of revelations about NSA practices. Published by the office of the director of national intelligence, James Clapper, just six days before a recently announced visit to Washington by the German chancellor, Angela Merkel, the report is the culmination of a year-long effort to respond to revelations by whistleblower Edward Snowden.
  • But the report does not appear to address the role of telecommunications companies in collecting metadata and the use of encryption to prevent hacking, and privacy critics were quick to pounce on a year of promises with little reform to show. “It’s hard to see much ‘there’ there,” Senator Ron Wyden said in a statement. “When it comes to reforming intelligence programs and protecting Americans’ privacy, there is much, much more work to be done.” The outline from the intelligence community also appears to fall short of the legislative changes attempted by campaigners in Congress, focusing instead on measures to tighten internal guidelines and provide foreigners with some of the protections allowed for US citizens. These measures include:
  • Other measures outlined in the new report include steps to clarify the protection given to whistleblowers if they follow internal rules and a requirement that “any significant compliance incident involving personal information, regardless of the person’s nationality” be reported to Clapper.
  • ...3 more annotations...
  • Limiting how long personal data gathered from non-US citizens can be held to five years, so long as it is deemed not relevant to ongoing intelligence investigations. Asking Congress to provide some foreign nationals access to legal redress if their private information has been wilfully disclosed by US intelligence agencies. Limiting to three years how long the FBI can prevent disclosure of its surveillance activities using so-called national security letters, unless a special agent deems otherwise.
  • The official results of Obama’s call for surveillance reform also appear to have failed to address encryption. The FBI director, James Comey, and other officials have been highly critical of the use of encryption by tech companies such as Apple to protect their users’ information. Comey has argued that stronger encryption, baked in to some technology after the Snowden revelations, will aid criminals and terrorists and shut out law enforcement.
  • The intelligence report itself acknowledges that further reforms called for by the president, such as ending the collection of bulk data by the government, have not been implemented, possibly due to stalled legislative efforts in Congress.
4More

The Newest Reforms on SIGINT Collection Still Leave Loopholes | Just Security - 0 views

justsecurity.org/...lection-leave-plenty-loopholes surveillance state NSA-reform DNI Clapper voluntary-reforms
shared by Paul Merrell on 05 Feb 15 - No Cached
  • Director of National Intelligence James Clapper this morning released a report detailing new rules aimed at reforming the way signals intelligence is collected and stored by certain members of the United States Intelligence Community (IC). The long-awaited changes follow up on an order announced by President Obama one year ago that laid out the White House’s principles governing the collection of signals intelligence. That order, commonly known as PPD-28, purports to place limits on the use of data collected in bulk and to increase privacy protections related to the data collected, regardless of nationality. Accordingly, most of the changes presented as “new” by Clapper’s office  (ODNI) stem directly from the guidance provided in PPD-28, and so aren’t truly new. And of the biggest changes outlined in the report, there are still large exceptions that appear to allow the government to escape the restrictions with relative ease. Here’s a quick rundown.
  • National security letters (NSLs). The report also states that the FBI’s gag orders related to NSLs expire three years after the opening of a full-blown investigation or three years after an investigation’s close, whichever is earlier. However, these expiration dates can be easily overridden by by an FBI Special Agent in Charge or a Deputy Assistant FBI Director who finds that the statutory standards for secrecy about the NSL continue to be satisfied (which at least one court has said isn’t a very high bar). This exception also doesn’t address concerns that NSL gag orders lack adequate due process protections, lack basic judicial oversight, and may violate the First Amendment.
  • Retention policy for non-U.S. persons. The new rules say that the IC must now delete information about “non-U.S. persons” that’s been gathered via signals intelligence after five-years. However, there is a loophole that will let spies hold onto that information indefinitely whenever the Director of National Intelligence determines (after considering the views of the ODNI’s Civil Liberties Protection Officer) that retaining information is in the interest of national security. The new rules don’t say whether the exceptions will be directed at entire groups of people or individual surveillance targets.  Section 215 metadata. Updates to the rules concerning the use of data collected under Section 215 of the Patriot Act includes the requirement that the Foreign Intelligence Surveillance Court (rather than authorized NSA officials) must determine spies have “reasonable, articulable suspicion” prior to query Section 215 data, outside of emergency circumstances. What qualifies as an emergency for these purposes? We don’t know. Additionally, the IC is now limited to two “hops” in querying the database. This means that spies can only play two degrees of Kevin Bacon, instead of the previously allowed three degrees, with the contacts of anyone targeted under Section 215. The report doesn’t explain what would prevent the NSA (or other agency using the 215 databases) from getting around this limit by redesignating a phone number found in the first or second hop as a new “target,” thereby allowing the agency to continue the contact chain.
  • ...1 more annotation...
  • The report also details the ODNI’s and IC’s plans for the future, including: (1) Working with Congress to reauthorize bulk collection under Section 215. (2) Updating agency guidelines under Executive Order 12333 “to protect the privacy and civil liberties of U.S. persons.” (3) Producing another annual report in January 2016 on the IC’s progress in implementing signals intelligence reforms. These plans raise more questions than they answer. Given the considerable doubts about Section 215’s effectiveness, why is the ODNI pushing for its reauthorization? And what will the ODNI consider appropriate privacy protections under Executive Order 12333?
8More

European Lawmakers Demand Answers on Phone Key Theft - The Intercept - 0 views

firstlook.org/...gemalto-heist-shocks-europe surveillance state Gemalto SIM-card-keys
shared by Paul Merrell on 24 Feb 15 - No Cached
  • European officials are demanding answers and investigations into a joint U.S. and U.K. hack of the world’s largest manufacturer of mobile SIM cards, following a report published by The Intercept Thursday. The report, based on leaked documents provided by NSA whistleblower Edward Snowden, revealed the U.S. spy agency and its British counterpart Government Communications Headquarters, GCHQ, hacked the Franco-Dutch digital security giant Gemalto in a sophisticated heist of encrypted cell-phone keys. The European Parliament’s chief negotiator on the European Union’s data protection law, Jan Philipp Albrecht, said the hack was “obviously based on some illegal activities.” “Member states like the U.K. are frankly not respecting the [law of the] Netherlands and partner states,” Albrecht told the Wall Street Journal. Sophie in ’t Veld, an EU parliamentarian with D66, the Netherlands’ largest opposition party, added, “Year after year we have heard about cowboy practices of secret services, but governments did nothing and kept quiet […] In fact, those very same governments push for ever-more surveillance capabilities, while it remains unclear how effective these practices are.”
  • “If the average IT whizzkid breaks into a company system, he’ll end up behind bars,” In ’t Veld added in a tweet Friday. The EU itself is barred from undertaking such investigations, leaving individual countries responsible for looking into cases that impact their national security matters. “We even get letters from the U.K. government saying we shouldn’t deal with these issues because it’s their own issue of national security,” Albrecht said. Still, lawmakers in the Netherlands are seeking investigations. Gerard Schouw, a Dutch member of parliament, also with the D66 party, has called on Ronald Plasterk, the Dutch minister of the interior, to answer questions before parliament. On Tuesday, the Dutch parliament will debate Schouw’s request. Additionally, European legal experts tell The Intercept, public prosecutors in EU member states that are both party to the Cybercrime Convention, which prohibits computer hacking, and home to Gemalto subsidiaries could pursue investigations into the breach of the company’s systems.
  • According to secret documents from 2010 and 2011, a joint NSA-GCHQ unit penetrated Gemalto’s internal networks and infiltrated the private communications of its employees in order to steal encryption keys, embedded on tiny SIM cards, which are used to protect the privacy of cellphone communications across the world. Gemalto produces some 2 billion SIM cards a year. The company’s clients include AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers. “[We] believe we have their entire network,” GCHQ boasted in a leaked slide, referring to the Gemalto heist.
  • ...4 more annotations...
  • While Gemalto was indeed another casualty in Western governments’ sweeping effort to gather as much global intelligence advantage as possible, the leaked documents make clear that the company was specifically targeted. According to the materials published Thursday, GCHQ used a specific codename — DAPINO GAMMA — to refer to the operations against Gemalto. The spies also actively penetrated the email and social media accounts of Gemalto employees across the world in an effort to steal the company’s encryption keys. Evidence of the Gemalto breach rattled the digital security community. “Almost everyone in the world carries cell phones and this is an unprecedented mass attack on the privacy of citizens worldwide,” said Greg Nojeim, senior counsel at the Center for Democracy & Technology, a non-profit that advocates for digital privacy and free online expression. “While there is certainly value in targeted surveillance of cell phone communications, this coordinated subversion of the trusted technical security infrastructure of cell phones means the US and British governments now have easy access to our mobile communications.”
  • For Gemalto, evidence that their vaunted security systems and the privacy of customers had been compromised by the world’s top spy agencies made an immediate financial impact. The company’s shares took a dive on the Paris bourse Friday, falling $500 million. In the U.S., Gemalto’s shares fell as much 10 percent Friday morning. They had recovered somewhat — down 4 percent — by the close of trading on the Euronext stock exchange. Analysts at Dutch financial services company Rabobank speculated in a research note that Gemalto could be forced to recall “a large number” of SIM cards. The French daily L’Express noted today that Gemalto board member Alex Mandl was a founding trustee of the CIA-funded venture capital firm In-Q-Tel. Mandl resigned from In-Q-Tel’s board in 2002, when he was appointed CEO of Gemplus, which later merged with another company to become Gemalto. But the CIA connection still dogged Mandl, with the French press regularly insinuating that American spies could infiltrate the company. In 2003, a group of French lawmakers tried unsuccessfully to create a commission to investigate Gemplus’s ties to the CIA and its implications for the security of SIM cards. Mandl, an Austrian-American businessman who was once a top executive at AT&T, has denied that he had any relationship with the CIA beyond In-Q-Tel. In 2002, he said he did not even have a security clearance.
  • AT&T, T-Mobile and Verizon could not be reached for comment Friday. Sprint declined to comment. Vodafone, the world’s second largest telecom provider by subscribers and a customer of Gemalto, said in a statement, “[W]e have no further details of these allegations which are industrywide in nature and are not focused on any one mobile operator. We will support industry bodies and Gemalto in their investigations.” Deutsche Telekom AG, a German company, said it has changed encryption algorithms in its Gemalto SIM cards. “We currently have no knowledge that this additional protection mechanism has been compromised,” the company said in a statement. “However, we cannot rule out this completely.”
  • Update: Asked about the SIM card heist, White House press secretary Josh Earnest said he did not expect the news would hurt relations with the tech industry: “It’s hard for me to imagine that there are a lot of technology executives that are out there that are in a position of saying that they hope that people who wish harm to this country will be able to use their technology to do so. So, I do think in fact that there are opportunities for the private sector and the federal government to coordinate and to cooperate on these efforts, both to keep the country safe, but also to protect our civil liberties.”
  • Paul Merrell on 24 Feb 15
     
    Watch for massive class action product defect litigation to be filed against the phone companies.and mobile device manufacturers.  In most U.S. jurisdictions, proof that the vendors/manufacturers  knew of the product defect is not required, only proof of the defect. Also, this is a golden opportunity for anyone who wants to get out of a pricey cellphone contract, since providing a compromised cellphone is a material breach of warranty, whether explicit or implied..   
« First ‹ Previous 161 - 180 of 229 Next › Last »
Showing 20 items per page