At a hearing on Capitol Hill on Wednesday that was being closely watched for how mega-mergers will be viewed in the coming Trump administration, members of a Senate Judiciary subcommittee that oversees regulatory agencies that decide on mergers said the deal merited tough scrutiny. The chief executives of AT&T and Time Warner were grilled at the hearing about a range of issues related to the deal.
But in a change from previous comments, lawmakers also questioned whether traditional ways of evaluating mergers are growing outdated as Silicon Valley companies like Facebook and Google become massive media platforms that threaten the television industry. Their tone was more circumspect than those that immediately followed the deal’s announcement, when lawmakers had been more critical.
ISPs say the "massive cost" of Snooper's Charter will push up UK broadband bills | Ars ... - 0 views
How much extra will you have to pay for the privilege of being spied on?
UK ISPs have warned MPs that the costs of implementing the Investigatory Powers Bill (aka the Snooper's Charter) will be much greater than the £175 million the UK government has allotted for the task, and that broadband bills will need to rise as a result. Representatives from ISPs and software companies told the House of Commons Science and Technology Committee that the legislation greatly underestimates the "sheer quantity" of data generated by Internet users these days. They also pointed out that distinguishing content from metadata is a far harder task than the government seems to assume.
Matthew Hare, the chief executive of ISP Gigaclear, said with "a typical 1 gigabit connection to someone's home, over 50 terabytes of data per year [are] passing over it. If you say that a proportion of that is going to be the communications data—the record of who you communicate with, when you communicate or what you communicate—there would be the most massive and enormous amount of data that in future an access provider would be expected to keep. The indiscriminate collection of mass data across effectively every user of the Internet in this country is going to have a massive cost."
Moreover, the larger the cache of stored data, the more worthwhile it will be for criminals and state-backed actors to gain access and download that highly-revealing personal information for fraud and blackmail. John Shaw, the vice president of product management at British security firm Sophos, told the MPs: "There would be a huge amount of very sensitive personal data that could be used by bad guys.
- ...2 more annotations...
The ISPs also challenged the government's breezy assumption that separating the data from the (equally revealing) metadata would be simple, not least because an Internet connection is typically being used for multiple services simultaneously, with data packets mixed together in a completely contingent way.
Hare described a typical usage scenario for a teenager on their computer at home, where they are playing a game communicating with their friends using Steam; they are broadcasting the game using Twitch; and they may also be making a voice call at the same time too. "All those applications are running simultaneously," Hare said. "They are different applications using different servers with different services and different protocols. They are all running concurrently on that one machine."
Even accessing a Web page is much more complicated than the government seems to believe, Hare pointed out. "As a webpage is loading, you will see that that webpage is made up of tens, or many tens, of individual sessions that have been created across the Internet just to load a single webpage. Bluntly, if you want to find out what someone is doing you need to be tracking all of that data all the time."
Hare raised another major issue. "If I was a software business ... I would be very worried that my customers would not buy my software any more if it had anything to do with security at all. I would be worried that a backdoor was built into the software by the [Investigatory Powers] Bill that would allow the UK government to find out what information was on that system at any point they wanted in the future."
As Ars reported last week, the ability to demand that backdoors are added to systems, and a legal requirement not to reveal that fact under any circumstances, are two of the most contentious aspects of the new Investigatory Powers Bill.
The latest comments from industry experts add to concerns that the latest version of the Snooper's Charter would inflict great harm on civil liberties in the UK, and also make security research well-nigh impossible here. To those fears can now be added undermining the UK software industry, as well as forcing the UK public to pay for the privilege of having their ISP carry out suspicionless surveillance.
Internet service providers from around the world are lodging formal complaints against the UK government's monitoring service, GCHQ, alleging that it uses "malicious software" to break into their networks.
The claims from seven organisations based in six countries – the UK, Netherlands, US, South Korea, Germany and Zimbabwe – will add to international pressure on the British government following Edward Snowden's revelations about mass surveillance of the internet by UK and US intelligence agencies.
The claims are being filed with the investigatory powers tribunal (IPT), the court in London that assesses complaints about the agencies' activities and misuse of surveillance by government organisations. Most of its hearings are held at least partially in secret.
The IPT is already considering a number of related submissions. Later this month it will investigate complaints by human rights groups about the way social media sites have been targeted by GCHQ.
The government has defended the security services, pointing out that online searches are often routed overseas and those deemed "external communications" can be monitored without the need for an individual warrant. Critics say that such a legal interpretation sidesteps the need for traditional intercept safeguards.
The latest claim is against both GCHQ, located near Cheltenham, and the Foreign Office. It is based on articles published earlier this year in the German magazine Der Spiegel. That report alleged that GCHQ had carried out an attack, codenamed Operation Socialist, on the Belgian telecoms group, Belgacom, targeting individual employees with "malware (malicious software)".
One of the techniques was a "man in the middle" attack, which, according to the documents filed at the IPT, bypasses modern encryption software and "operates by interposing the attacker [GCHQ] between two computers that believe that they are securely communicating with each other. In fact, each is communicating with GCHQ, who collect the communications, as well as relaying them in the hope that the interference will be undetected."
The complaint alleges that the attacks were a breach of the Computer Misuse Act 1990 and an interference with the privacy rights of the employees under the European convention of human rights.
The organisations targeted, the submission states, were all "responsible and professional internet service providers". The claimants are: GreenNet Ltd, based in the UK, Riseup Networks in Seattle, Mango Email Service in Zimbabwe, Jinbonet in South Korea, Greenhost in the Netherlands, May First/People Link in New York and the Chaos Computer Club in Hamburg.
- ...1 more annotation...
Among the programs said to have been operating were Turbine, which automates the injection of data and can infect millions of machines and Warrior Pride, which enables microphones on iPhones and Android devices to be remotely activated.