MEDIA - Instagram

"How Instagram pictures the world" PBS NewsHour 5/1/2017

Excerpt

SUMMARY:  A startup no longer, Instagram boasts 700 million monthly active users and counting.  As it grows, the free, photo-sharing mobile app is grappling with how to innovate and stay relevant, as well as how to foster a safe community.  But with 95 million uploads a day, monitoring is a tall order.  Judy Woodruff reports from California.

WILLIAM BRANGHAM (NewsHour):  The rapid rise of one of the world's biggest social media networks, Instagram.

It's building up steam, with 700 million people now using it each month, and it just took four months to pick up its latest 100 million new accounts.

But along the way, the company has faced concerns over how it can be used, and even some criticism for the way it essentially copied ideas from its rival, Snapchat.

Judy Woodruff recently got an inside look during her trip to Silicon Valley.

JUDY WOODRUFF (NewsHour):  One of the first things that greets you inside Instagram is, no surprise, a place to take pictures.  The free photo-sharing mobile app was born in 2010 with its first post, a foot in a flip-flop alongside a stray dog.

Turns out it was taken in Mexico by co-founder Kevin Systrom.

KEVIN SYSTROM, CEO and Co-Founder, Instagram:  It's a mixture of teams.  So, we have got design teams, we have got partnership teams, we have got a community team, and then a bunch of engineers.  We don't really have an organization.

JUDY WOODRUFF:  Systrom showed us around Instagram's new offices in Menlo Park, California, designed to accommodate an ever-expanding staff.

You moved here six months ago; is that right?

KEVIN SYSTROM:  Yes, six months ago, we moved from the original campus.  And we designed this entire experience inside here to be cleaner, and a little bit more Instagrammy.  So we have got the hip wood walls, and the polished concrete floors.  It's very start-uppy, but it's in an Instagram way.

JUDY WOODRUFF:  A start-up no longer, Instagram was acquired by Facebook in 2012 for a cool billion dollars.  Then, the company had 13 employees.  Now it has more than 600 to keep up with a rapidly growing user base, 700 million monthly active users and counting, 80 percent of them outside the United States.

How do you explain the phenomenal, rapid growth of this?

KEVIN SYSTROM:  On Instagram, very early on, you would post an image, and anyone anywhere in the world could see that image, and understand what you were trying to say without speaking your language.

So, we like to say that Instagram was one of the first truly international networks in the world.  And I think that's what's allowed it to scale to the hundreds of millions of people that use it every day today.

TRUMP AGENDA - Robber Barons of the Internet

"FCC chair Ajit Pai explains why he wants to scrap net neutrality" PBS NewsHour 4/27/2017

First, as a retired Computer and IT Technician I understand the internet.  I support 'NET Neutrality' because the internet delivery businesses WILL eventually give in to greed, to wanting bigger profits, at internet users expense.

Also, the Trump Administration LIES!

Excerpt

SUMMARY:  Ajit Pai, President Trump's new FCC chairman, has plans to do away with net neutrality rules that have been in place for the last three years.  Pai argues the rules are too burdensome and that they stifle innovation and competition.  William Brangham discusses the changes in oversight with Pai.

JUDY WOODRUFF (NewsHour):  A political fight is brewing about access to the Internet.  The new head of the FCC, the Federal Communications Commission, wants to clear away regulations about who controls and polices the flow of content on the Internet.

William Brangham has that.

WILLIAM BRANGHAM (NewsHour):  We're talking here about what's known as net neutrality, not the easiest concept to grasp, so bear with me.

Almost all of us in America get our Internet access via one main provider.  These are the telecom and cable giants like Verizon, Comcast, Charter, Time Warner.  They provide the infrastructure that delivers the bounty of the Web to our homes and phones; sites and apps like Google, Netflix, Facebook, Instagram, you name it.

The telecoms build the highway.  The others guys are like the cars traveling that highway.

The idea of net neutrality is that the telecoms have to treat that highway as an open road.  They can't pick and choose which Web sites or services get to you faster or slower.  The fear is that, if they do have that power, they will be tempted to favor their content, their sites, their own videos over a competitor's.

But the telecoms argue that's not fair, they should be able to control that flow, and be able to charge more for faster access.

In 2014, the Federal Communications Commission under President Obama wanted to lock in these net neutrality rules, but it faced intense pushback by the industry.

The fight even spilled into pop culture, with this from HBO's John Oliver:

JOHN OLIVER, Host, “Last Week Tonight With John Oliver”:  If we let cable companies offer two speeds of service, they won't be Usain Bolt and Usain Bolt on a motorbike.  They will be Usain Bolt, and Usain bolted to an anchor.

(LAUGHTER)

WILLIAM BRANGHAM:  But those net neutrality rules did pass and have been in place for the last three years.

But Ajit Pai, President Trump's new FCC chairman, now wants to get rid of those rules, arguing they're too burdensome.  And this week, he began the process of rolling them back.

And FCC Commissioner Ajit Pai joins me now.

Welcome to the NewsHour.

AJIT PAI, Chairman, Federal Communications Commission:  Thank you for having me.

WILLIAM BRANGHAM:  So, you, I understand, are not a fan of these net neutrality rules from a few years ago.  What is your principal concern?

AJIT PAI:  Well, I favor a free and open Internet, as I think most consumers do.

My concern is with the particular regulations that the FCC adopted two years ago.  They are what is called Title II regulations developed in the 1930s to regulate the Ma Bell telephone monopoly.

And my concern is that, by imposing those heavy-handed economic regulations on Internet service providers big and small, we could end up disincentivizing companies from wanting to build out Internet access to a lot of parts of the country, in low-income, urban and rural areas, for example.

And that, I think, is something that nobody would benefit from.

WILLIAM BRANGHAM:  Is there evidence, though, that these rules have disincentivized those companies?  There are — businesses are doing very, very well.  They're spending billions on the spectrum.

AJIT PAI:  There is significant evidence that investment in infrastructure has gone down since the adoption of these rules.

For example, there is a study by a highly respected economist that says that among the top 12 Internet service providers in terms of size, investment is down by 5.6 percent, or several billion dollars, over the last two years.

And amongst smaller providers as well, just literally this week, 22 Internet service providers with 1,000 customers or less told us that these Title II regulations have kept them from getting the financing that they need to build out their networks.  And, as they put it, these net neutrality regulations hang like a black cloud over our businesses.

And so what we're trying to do going forward is figure out a way that we can preserve that free and open Internet that consumers want and need and preserve that incentive to invest in the network that will ultimately benefit even more consumers going forward.

SCIENTIFIC AMERICAN - Fear of Cyberattacks Should Not Lead Us to Destroy What Makes the Internet Special

"Freedom and Anonymity" by Jonathan Zittrain, Scientific American 2011

It’s starting to get weird out there.  When WikiLeaks released classified U.S. government documents in December, it sparked several rounds of online conflict.  WikiLeaks became the target of denial-of-service attacks and lost the support of its hosting and payment providers, which inspired sympathizers to counterattack, briefly bringing down the sites of MasterCard and a few other companies.  Sites related to the hackers were then attacked, and mirror sites sprang up claiming to host copies of the WikiLeaks documents—although some were said to carry viruses ready to take over the machines of those who downloaded the copies, for who knows what end.  Months before, an FBI official said disruption of the Internet was the greatest active risk to the U.S. “other than a weapon of mass destruction or a bomb in one of our major cities.”

Attacks on Internet sites and infrastructure, and the compromise of secure information, pose a particularly tricky problem because it is usually impossible to trace an attack back to its instigator.  This “attribution problem” is so troublesome that some law-enforcement experts have called for a wholesale reworking of Internet architecture and protocols, such that every packet of data is engraved with the identity of its source.  The idea is to make punishment, and therefore deterrence, possible.  Unfortunately, such a reworking would also threaten what makes the Internet special, both technologically and socially.

The Internet works thanks to loose but trusted connections among its many constituent parts, with easy entry and exit for new Internet service providers or new forms of expanding access.  That is not the case with, say, mobile phones, in which the telecom operator can tell which phone placed what call and to whom the phone is registered.  Establishing this level of identity on the Internet is no small task, as we have seen with authoritarian regimes that have sought to limit anonymity.  It would involve eliminating free and open WiFi access points and other ways of sharing connections.  Terminals in libraries and cybercafes would have to have verified sign-in rosters.  Or worse, Internet access would have to be predicated on providing a special ID akin to a government-issued driver’s license—perhaps in the form of a USB key.  No key, no bits.  To be sure, this step would not stop criminals and states wanting to act covertly but would force them to invest much more to achieve the anonymity that comes so naturally today.

The price to the rest of us would also be high.  The Internet’s distinct configuration may have made cyberattacks easy to launch, but it has also kindled the flame of freedom.  One repressive state after another has been caught between the promise of economic advancement through abundant Internet access and the fear of empowering its citizens to express themselves freely.  An Internet without the attribution problem would introduce a new issue: citizens could be readily identified and punished for their political activities.

We need better options for securing the Internet. Instead of looking primarily for top-down government intervention, we can enlist the operators and users themselves.  For example, Web site operators could opt into a system of “mirror as you link.”  Whenever their servers render a page, they cache the contents of the link.  Then, when someone tries to get to the site and can’t, he or she can go back to the original linking site and digitally say, “I can’t get that link you just directed me to.  Would you mind telling me what was there?”

Such a system of mutual aid would draw on the same cooperative and voluntary instinct behind the development of the Internet itself.  If I participate as a Web site, I will know that others linking to me will also mirror my material; we each help the other, not simply because it’s the right thing to do, but because we each benefit, spreading the risk of attack and cushioning its impact among all of us.  It’s a NATO for cyberspace, except it would be an alliance of Web sites instead of states.

A mutual aid framework could also make the Internet secure in other ways.  PCs can alert others not to run code that just sickened them, signaling health levels to others.  Internet providers could also develop technologies to validate their relationships to one another and ferret out misleading data, the way Wikipedia volunteers can quickly act to roll back thousands of acts of vandalism a day.

We rightly fear our networks and devices being attacked—but we should not let this fear cause us to destroy what makes the Internet special.  We have to become more involved and more subtle—and soon.

INTERNET - Ransomware

"The hack attack that takes your computer hostage till you pay" PBS NewsHour 4/18/2015

Excerpt

SUMMARY:  Ransomware, a type of software that computer hackers use to hold individuals' data hostage by blocking access to files unless they agree to pay a ransom, is on the rise.  And because anyone with an internet connection is vulnerable, the problem highlights a growing threat that consumers face on both their personal computers and mobile devices.

WILLIAM BRANGHAM (NewsHour):  Inna Simone is retired, a mother and grandmother from Russia who now lives outside of Boston.  Last November, her home computer started acting strangely.

INNA SIMONE:  My computer was working terribly.  It was not working, I mean, it was so slow.

WILLIAM BRANGHAM:  A few days later, while searching through her computer files, Inna saw dozens of these messages — they were all the same.   They read:  “Your files are encrypted.  To get the key to decrypt them, you have to pay $500 dollars.”  Her exact deadline — December 2nd at 12:48 pm – was just a few days away.

All her files were locked — tax returns, financial papers, letters — even the precious photos of her granddaughter Zoe.   Inna couldn’t open any of them.

INNA SIMONE:   It says, “If you won’t pay, within one week or whatever, your fine will double.  If you won’t pay by then, all your files will be deleted and you will lose them forever and never will get back."

INTERNET - My Latest Speed Test

Here my latest Speed Test on my Win7 Pro super-rig using AT&T U-verse broadband.

Here's the DU Meter results while viewing this post and some YouTube videos.

INTERNET - Net Neutrality Rules Update

THE PEOPLE ARE WINNING!  To understand, see short video at bottom.

"F.C.C. Net Neutrality Rules Clear Hurdle as Republicans Concede to Obama" by JONATHAN WEISMAN, New York Times 2/24/2015

Excerpt

Senior Republicans conceded on Tuesday that the grueling fight with President Obama over the regulation of Internet service appears over, with the president and an army of Internet activists victorious.

The Federal Communications Commission is expected on Thursday to approve regulating Internet service like a public utility, prohibiting companies from paying for faster lanes on the Internet.  While the two Democratic commissioners are negotiating over technical details, they are widely expected to side with the Democratic chairman, Tom Wheeler, against the two Republican commissioners.

And Republicans on Capitol Hill, who once criticized the plan as “Obamacare for the Internet,” now say they are unlikely to pass a legislative response that would undo perhaps the biggest policy shift since the Internet became a reality.

“We’re not going to get a signed bill that doesn’t have Democrats’ support,” said Senator John Thune, Republican of South Dakota and chairman of the Senate Commerce Committee.  “This is an issue that needs to have bipartisan support.”

The new F.C.C. rules are still likely to be tied up in a protracted court fight with the cable companies and Internet service providers that oppose it, and they could be overturned in the future by a Republican-leaning commission.  But for now, Congress’s hands appear to be tied.

The F.C.C. plan would let the agency regulate Internet access as if it is a public good.  It would follow the concept known as net neutrality or an open Internet, banning so-called paid prioritization — or fast lanes — for willing Internet content providers.

In addition, it would ban the intentional slowing of the Internet for companies that refuse to pay broadband providers.   The plan would also give the F.C.C. the power to step in if unforeseen impediments are thrown up by the handful of giant companies that run many of the country’s broadband and wireless networks.

Republicans hoped to pre-empt the F.C.C. vote with legislation, but Senate Democrats insisted on waiting until after Thursday’s F.C.C. vote before even beginning to talk about legislation for an open Internet.  Even Mr. Thune, the architect of draft legislation to override the F.C.C., said Democrats had stalled what momentum he could muster.

And an avalanche of support for Mr. Wheeler’s plan — driven by Internet companies as varied as Netflix, Twitter, Mozilla and Etsy — has swamped Washington.

“We’ve been outspent, outlobbied.  We were going up against the second-biggest corporate lobby in D.C., and it looks like we’ve won,” said Dave Steer, director of advocacy for the Mozilla Foundation, the nonprofit technology foundation that runs Firefox, a popular Web browser, referring to the cable companies.  “A year ago today, we did not think we would be in this spot.”

The net neutrality movement pitted new media against old and may well have revolutionized notions of corporate social responsibility and activism.  Top-down decisions by executives investing in or divesting themselves of resources, paying lobbyists and buying advertisements were upended by the mobilization of Internet customers and users.

“We don’t have an army of lobbyists to deploy.  We don’t have financial resources to throw around,” said Liba Rubenstein, director of social impact and public policy at the social media company Tumblr, which is owned by Yahoo, the large Internet company, but operated independently on the issue.  “What we do have is access to an incredibly engaged, incredibly passionate user base, and we can give folks the tools to respond.”

Internet service providers say heavy-handed regulation of the Internet will diminish their profitability and crush investment to expand and speed up Internet access.  It could even open the web to taxation to pay for new regulators.

Brian Dietz, a spokesman for the National Cable & Telecommunications Association, said the pro-net-neutrality advocates turned a complex and technical debate over how best to keep the Internet operating most efficiently into a matter of religion.  The forces for stronger regulation, he said, became viewed as for the Internet.  Those opposed to the regulation were viewed as against the Internet.

The Internet companies, he said, sometimes mislead their customers, and in some cases, are misled on the intricacies of the policy.

“Many of the things they have said just belie reality and common sense,” he said.

In April, a dozen New York-based Internet companies gathered at Tumblr’s headquarters in the Flatiron district to hear dire warnings that broadband providers were about to obtain the right to charge for the fastest speeds on the web.

The implication:  If they did not pony up, they would be stuck in the slow lane.

What followed was the longest, most sustained campaign of Internet activism in history.  A swarm of small players, like Tumblr, Etsy, BoingBoing and Reddit, overwhelmed the giants of the broadband world, Comcast, Verizon Communications and Time Warner Cable.  Two of the biggest players on the Internet, Amazon and Google, largely stayed in the background, while smaller participants — some household names like Twitter and Netflix, others far more obscure, like Chess.com and Urban Dictionary — mobilized a grass-roots crusade.

“Our community is the source of our power,” said Althea Erickson, director of public policy at Etsy, an online craft market, where users embroidered pillows and engraved spoons promoting net neutrality.

INTERNET - Criminals Steal 1.2 Billion Web Credentials

"After criminals steal 1.2 billion web credentials, how to protect personal info from data breaches" PBS NewsHour 8/6/2014

Excerpt

GWEN IFILL (NewsHour):  Computer hacking and the breaches of privacy that come with them are becoming a regular and unwelcome feature of our wired world.

Now The New York Times and a security firm based in the Midwest are reporting a massive one that includes the collection of more than a billion username and password combinations and more than 500 million e-mail addresses.  What’s more, the perpetrators appear to be a shadowy Russian crime ring.

Details, including the names of the victims, are hard to come by.  But the news has raised eyebrows around the world.  So, how serious is it?

For that, we turn to Dmitri Alperovitch, co-founder and chief technology officer of CrowdStrike, a Web security firm.

Mr. Alperovitch, tell us just in context of all these other breaches we have had in the past year, say, how — relative to those, how big is this?

DMITRI ALPEROVITCH, CrowdStrike:  Well, the number is certainly striking; 1.2 billion credentials is a lot.  In the past, we have seen some big breaches that numbered in the hundreds of millions.

But this is certainly the biggest one that I — that I can remember.

INTERNET - The Impossible to Block Tracking Device

"Meet the Online Tracking Device That is Virtually Impossible to Block" by Julia Angwin, ProPublica 7/21/2014

Update: A YouPorn.com spokesperson said that the website was "completely unaware that AddThis contained a tracking software that had the potential to jeopardize the privacy of our users." After this article was published, YouPorn removed AddThis technology from its website.

A new, extremely persistent type of online tracking is shadowing visitors to thousands of top websites, from WhiteHouse.gov to YouPorn.com.

First documented in a forthcoming paper by researchers at Princeton University and KU Leuven University in Belgium, this type of tracking, called canvas fingerprinting, works by instructing the visitor’s Web browser to draw a hidden image.  Because each computer draws the image slightly differently, the images can be used to assign each user’s device a number that uniquely identifies it.

Like other tracking tools, canvas fingerprints are used to build profiles of users based on the websites they visit — profiles that shape which ads, news articles, or other types of content are displayed to them.

But fingerprints are unusually hard to block.  They can’t be prevented by using standard Web browser privacy settings or using anti-tracking tools such as AdBlock Plus.

The researchers found canvas fingerprinting computer code, primarily written by a company called AddThis, on 5 percent of the top 100,000 websites.  Most of the code was on websites that use AddThis’ social media sharing tools.  Other fingerprinters include the German digital marketer Ligatus and the Canadian dating site Plentyoffish. (A list of all the websites on which researchers found the code is here).

Rich Harris, chief executive of AddThis, said that the company began testing canvas fingerprinting earlier this year as a possible way to replace “cookies,” the traditional way that users are tracked, via text files installed on their computers.

“We’re looking for a cookie alternative,” Harris said in an interview.

Harris said the company considered the privacy implications of canvas fingerprinting before launching the test, but decided “this is well within the rules and regulations and laws and policies that we have.”

He added that the company has only used the data collected from canvas fingerprints for internal research and development.  The company won’t use the data for ad targeting or personalization if users install the AddThis opt-out cookie on their computers, he said.

Arvind Narayanan, the computer science professor who led the Princeton research team, countered that forcing users to take AddThis at its word about how their data will be used, is “not the best privacy assurance.”

Device fingerprints rely on the fact that every computer is slightly different: Each contains different fonts, different software, different clock settings and other distinctive features. Computers automatically broadcast some of their attributes when they connect to another computer over the Internet.

Tracking companies have long sought to use those differences to uniquely identify devices for online advertising purposes, particularly as Web users are increasingly using ad-blocking software and deleting cookies.

In May 2012, researchers at the University of California, San Diego, noticed that a Web programming feature called “canvas” could allow for a new type of fingerprint — by pulling in different attributes than a typical device fingerprint.

In June, the Tor Project added a feature to its privacy-protecting Web browser to notify users when a website attempts to use the canvas feature and sends a blank canvas image.  But other Web browsers did not add notifications for canvas fingerprinting.

A year later, Russian programmer Valentin Vasilyev noticed the study and added a canvas feature to freely available fingerprint code that he had posted on the Internet.  The code was immediately popular.

But Vasilyev said that the company he was working for at the time decided against using the fingerprint technology.  “We collected several million fingerprints but we decided against using them because accuracy was 90 percent,” he said, “and many of our customers were on mobile and the fingerprinting doesn’t work well on mobile.”

Vasilyev added that he wasn’t worried about the privacy concerns of fingerprinting.  “The fingerprint itself is a number which in no way is related to a personality,” he said.

AddThis improved upon Vasilyev’s code by adding new tests and using the canvas to draw a pangram “Cwm fjordbank glyphs vext quiz” — a sentence that uses every letter of the alphabet at least once.  This allows the company to capture slight variations in how each letter is displayed.

AddThis said it rolled out the feature to a small portion of the 13 million websites on which its technology appears, but is considering ending its test soon.  “It’s not uniquely identifying enough,” Harris said.

AddThis did not notify the websites on which the code was placed because “we conduct R&D projects in live environments to get the best results from testing,” according to a spokeswoman.

She added that the company does not use any of the data it collects — whether from canvas fingerprints or traditional cookie-based tracking — from government websites including WhiteHouse.gov for ad targeting or personalization.

The company offered no such assurances about data it routinely collects from visitors to other sites, such as YouPorn.com.  YouPorn.com did not respond to inquiries from ProPublica about whether it was aware of AddThis’ test of canvas fingerprinting on its website.

INTERNET - Internet Giants vs Spy Agencies

"Internet Giants Erect Barriers to Spy Agencies" by DAVID E. SANGER and NICOLE PERLROTH, New York Times 6/6/2014

Just down the road from Google’s main campus here, engineers for the company are accelerating what has become the newest arms race in modern technology:  They are making it far more difficult — and far more expensive — for the National Security Agency and the intelligence arms of other governments around the world to pierce their systems.

As fast as it can, Google is sealing up cracks in its systems that Edward J. Snowden revealed the N.S.A. had brilliantly exploited.  It is encrypting more data as it moves among its servers and helping customers encode their own emails.  Facebook, Microsoft and Yahoo are taking similar steps.

After years of cooperating with the government, the immediate goal now is to thwart Washington — as well as Beijing and Moscow.  The strategy is also intended to preserve business overseas in places like Brazil and Germany that have threatened to entrust data only to local providers.

Google, for example, is laying its own fiber optic cable under the world’s oceans, a project that began as an effort to cut costs and extend its influence, but now has an added purpose: to assure that the company will have more control over the movement of its customer data.

A year after Mr. Snowden’s revelations, the era of quiet cooperation is over.  Telecommunications companies say they are denying requests to volunteer data not covered by existing law.  A.T.&T., Verizon and others say that compared with a year ago, they are far more reluctant to cooperate with the United States government in “gray areas” where there is no explicit requirement for a legal warrant.

But governments are fighting back, harder than ever.  The cellphone giant Vodafone reported on Friday that a “small number” of governments around the world have demanded the ability to tap directly into its communication networks, a level of surveillance that elicited outrage from privacy advocates.

Vodafone refused to name the nations on Friday for fear of putting its business and employees at risk there.  But in an accounting of the number of legal demands for information that it receives from 14 companies, it noted that some countries did not issue warrants to obtain phone, email or web-searching traffic, because “the relevant agencies and authorities already have permanent access to customer communications via their own direct link.”

The company also said it had to acquiesce to some governments’ requests for data to comply with national laws.  Otherwise, it said, it faced losing its license to operate in certain countries.

Eric Grosse, Google’s security chief, suggested in an interview that the N.S.A.'s own behavior invited the new arms race.

“I am willing to help on the purely defensive side of things,” he said, referring to Washington’s efforts to enlist Silicon Valley in cybersecurity efforts.  “But signals intercept is totally off the table,” he said, referring to national intelligence gathering.

“No hard feelings, but my job is to make their job hard,” he added.

In Washington, officials acknowledge that covert programs are now far harder to execute because American technology companies, fearful of losing international business, are hardening their networks and saying no to requests for the kind of help they once quietly provided.

Robert S. Litt, the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy agencies, said on Wednesday that it was “an unquestionable loss for our nation that companies are losing the willingness to cooperate legally and voluntarily” with American spy agencies.

“Just as there are technological gaps, there are legal gaps,” he said, speaking at the Wilson Center in Washington, “that leave a lot of gray area” governing what companies could turn over.

In the past, he said, “we have been very successful” in getting that data.  But he acknowledged that for now, those days are over, and he predicted that “sooner or later there will be some intelligence failure and people will wonder why the intelligence agencies were not able to protect the nation.”

Companies respond that if that happens, it is the government’s own fault and that intelligence agencies, in their quest for broad data collection, have undermined web security for all.

Many point to an episode in 2012, when Russian security researchers uncovered a state espionage tool, Flame, on Iranian computers.  Flame, like the Stuxnet worm, is believed to have been produced at least in part by American intelligence agencies.  It was created by exploiting a previously unknown flaw in Microsoft’s operating systems.  Companies argue that others could have later taken advantage of this defect.

Worried that such an episode undercuts confidence in its wares, Microsoft is now fully encrypting all its products, including Hotmail and Outlook.com, by the end of this year with 2,048-bit encryption, a stronger protection that would take a government far longer to crack.  The software is protected by encryption both when it is in data centers and when data is being sent over the Internet, said Bradford L. Smith, the company’s general counsel.

Mr. Smith also said the company was setting up “transparency centers” abroad so that technical experts of foreign governments could come in and inspect Microsoft’s proprietary source code.  That will allow foreign governments to check to make sure there are no “back doors” that would permit snooping by United States intelligence agencies.  The first such center is being set up in Brussels.

Microsoft has also pushed back harder in court.  In a Seattle case, the government issued a “national security letter” to compel Microsoft to turn over data about a customer, along with a gag order to prevent Microsoft from telling the customer it had been compelled to provide its communications to government officials.  Microsoft challenged the gag order as violating the First Amendment.  The government backed down.

Hardware firms like Cisco, which makes routers and switches, have found their products a frequent subject of Mr. Snowden’s disclosures, and their business has declined steadily in places like Asia, Brazil and Europe over the last year.  The company is still struggling to convince foreign customers that their networks are safe from hackers — and free of “back doors” installed by the N.S.A.  The frustration, companies here say, is that it is nearly impossible to prove that their systems are N.S.A.-proof.

Most American companies said they never knowingly let the N.S.A. weaken their systems, or install back doors.  But Mr. Snowden’s documents showed how the agency found a way.

In one slide from the disclosures, N.S.A. analysts pointed to a sweet spot inside Google’s data centers, where they could catch traffic in unencrypted form.  Next to a quickly drawn smiley face, an N.S.A. analyst, referring to an acronym for a common layer of protection, had noted, “SSL added and removed here!”

Google was already suspicious that its internal traffic could be read, and had started a program to encrypt the links among its internal data centers, “the last chink in our armor,” Mr. Grosse said.  But the slide gave the company proof that it was a regular target of the N.S.A.  “It was useful to have proof, in terms of accelerating a project already underway,” he said.

Facebook and Yahoo have also been encrypting traffic among their internal servers.  And Facebook, Google and Microsoft have been moving to more strongly encrypt consumer traffic with so-called Perfect Forward Secrecy, specifically devised to make it more labor intensive for the N.S.A. or anyone to read stored encrypted communications.

One of the biggest indirect consequences from the Snowden revelations, technology executives say, has been the surge in demands from foreign governments that saw what kind of access to user information the N.S.A. received — voluntarily or surreptitiously.  Now they want the same.

At Facebook, Joe Sullivan, the company’s chief security officer, said it had been fending off those demands and heightened expectations.

Until last year, technology companies were forbidden from acknowledging demands from the United States government under the Foreign Intelligence Surveillance Act.  But in January, Google, Facebook, Yahoo and Microsoft brokered a deal with the Obama administration to disclose the number of such orders they receive in increments of 1,000.

As part of the agreement, the companies agreed to dismiss their lawsuits before the Foreign Intelligence Surveillance Court.

“We’re not running and hiding,” Mr. Sullivan said.  “We think it should be a transparent process so that people can judge the appropriate ways to handle these kinds of things.”

The latest move in the war between intelligence agencies and technology companies arrived this week, in the form of a new Google encryption tool.  The company released a user-friendly, email encryption method to replace the clunky and often mistake-prone encryption schemes the N.S.A. has readily exploited.

But the best part of the tool was buried in Google’s code, which included a jab at the N.S.A.'s smiley-face slide.  The code included the phrase: “ssl-added-and-removed-here-; - )”

MICROSOFT - Successfully Challenges FBI

"Microsoft Successfully Challenges FBI Order For User Info" by Amy Lee, Cruxial 5/23/2014

Documents related to Microsoft's successful challenge of a governmental request for information about one of the company's customers have been unsealed.

The order, a Federal Bureau of Investigation National Security Letter, sought "basic subscriber information" about one of Microsoft's enterprise customers, according to according to a post by Microsoft’s general counsel and executive VP of Legal and Corporate Affairs, Brad Smith on the company's TechNet blog.

A federal court in Seattle unsealed the documents on May 22 2014.

"This marks an important and successful step to protect Microsoft's enterprise customers regarding government surveillance," Smith wrote.

Microsoft challenged the nondisclosure provision of the Letter in June 2013, arguing that it would violate the First Amendment.

"It did so by hindering our practice of notifying enterprise customers when we receive legal orders related to their data," Smith wrote.

After the petition was filed, the FBI withdrew the Letter.  According to Smith, governmental requests for information related to enterprise customers are "extremely rare."

In the previous cases where similar requests for information occurred, Microsoft was able to obtain permission from the customer in question, or to ask directly.  In this case, the FBI was able to get the info from the customer, according to the notice of withdrawal.

Microsoft, along with major tech firms like Apple, Facebook and Google, have ramped up their efforts to gain greater abilities to disclose the government's requests for data to their customers.

"As more users migrate from locally installed software and locally stored data to cloud-based computing platforms, Microsoft increasingly is entrusted to store its customers' data safely and securely," the petition states.

In December 2013, Smith wrote a post on the TechNet blog reaffirming Microsoft's commitment to protecting customer data, and promising to inform customers of any legal orders Microsoft receives or to challenge any gag orders prohibiting them from doing so.

Smith also stated the company’s belief that when seeking information, government agencies should go directly to customers except in exceptional circumstances, "just as they did before customers moved to the cloud."

With cloud services, such as Microsoft's Office 365, customer data is stored in Microsoft data centers, rather than on the customer's own systems.

"As more users migrate from locally installed software and locally stored data to cloud-based computing platforms, Microsoft increasingly is entrusted to store its customers' data safely and securely," the petition states.

Earlier this month, Glenn Greenwald, who has been a key part of disclosures related to how the National Security Administration collects information, published documents including details of Microsoft's relationship with the agency.

Greenwald had previously claimed in July 2013 that Microsoft had worked with the NSA to circumvent encryption on Outlook and had also worked with the FBI to help them better collect information from OneDrive.  Microsoft responded to the allegations shortly after, with the basic message that the company complies with data requests only when legally necessary.

"This new capability will result in a much more complete and timely collection response [...] for our enterprise customers.  This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established," the recently revealed document states.

NET NEUTRALITY - A Myth?

"Net Neutrality Fans Aren't Going To Like This Chart" by Gerry Smith, Huffington Post 5/22/2014

When news broke in February that streaming giant Netflix would pay Comcast for direct access to the cable company's broadband network, some experts said it marked the beginning of the end of net neutrality.

Yet a new report says that such deals are far more widespread than many realized at the time.

Many large tech companies -- including Google, Microsoft, Apple, Amazon and Facebook -- have quietly brokered deals with Internet providers to ensure their content is not slowed as it travels through their networks, according to a blog post published Wednesday by telecom analyst Dan Rayburn.

It's unclear whether these deals were brokered before or after a federal court in January struck down rules that maintained net neutrality, which is the principle that all Internet traffic should be equally accessible to consumers.  But Rayburn, an analyst at the research firm Frost & Sullivan, said such arrangements between web companies and Internet providers are nothing new.

"There are a lot of these deals in the market and have been for many, many years," he wrote on his blog.

Google, Microsoft, Apple, Amazon and Facebook did not return requests for comment.

Netflix, for example, accounts for roughly 30 percent of all web traffic.  Because data-heavy videos can create traffic jams on broadband networks, the company is paying Comcast to ensure its videos are streamed to customers more smoothly.

Such deals pertain to how Internet traffic flows between your Internet provider and third-party middlemen who operate the backbone of the web.

Those deals are technically beyond the scope of the Federal Communications Commission's recent proposal to allow Internet providers to charge web companies more to deliver their content via a "fast lane."  The FCC's proposed fast lanes only relate to the so-called last mile of online traffic that flows directly to customers' homes.

On Tuesday, FCC Chairman Tom Wheeler told a congressional panel that the FCC would start looking more closely at the type of deals that Rayburn highlighted.

In his blog post, Rayburn said the deals are fair.  If companies like Netflix didn't pay extra to ensure their content was delivered smoothly, Internet providers would be forced to raise prices on customers by passing on the extra cost of handling the increased traffic from all of Netflix's streaming videos.

This chart from Rayburn's blog indicates deals between tech companies and Internet providers:

INTERNET - FCC Goes For Non-Neutrality

Consumers, bend over and spread cheeks.

"F.C.C., in a Shift, Backs Fast Lanes for Web Traffic" by EDWARD WYATT, New York Times 4/23/2014

Excerpt

The principle that all Internet content should be treated equally as it flows through cables and pipes to consumers looks all but dead.

The Federal Communications Commission said on Wednesday that it would propose new rules that allow companies like Disney, Google or Netflix to pay Internet service providers like Comcast and Verizon for special, faster lanes to send video and other content to their customers.

The proposed changes would affect what is known as net neutrality — the idea that no providers of legal Internet content should face discrimination in providing offerings to consumers, and that users should have equal access to see any legal content they choose.

The proposal comes three months after a federal appeals court struck down, for the second time, agency rules intended to guarantee a free and open Internet.

Tom Wheeler, the F.C.C. chairman, defended the agency’s plans late Wednesday, saying speculation that the F.C.C. was “gutting the open Internet rule” is “flat out wrong.”  Rather, he said, the new rules will provide for net neutrality along the lines of the appeals court’s decision.

Still, the regulations could radically reshape how Internet content is delivered to consumers.  For example, if a gaming company cannot afford the fast track to players, customers could lose interest and its product could fail.

The rules are also likely to eventually raise prices as the likes of Disney and Netflix pass on to customers whatever they pay for the speedier lanes, which are the digital equivalent of an uncongested car pool lane on a busy freeway.

Consumer groups immediately attacked the proposal, saying that not only would costs rise, but also that big, rich companies with the money to pay large fees to Internet service providers would be favored over small start-ups with innovative business models — stifling the birth of the next Facebook or Twitter.

“If it goes forward, this capitulation will represent Washington at its worst,” said Todd O’Boyle, program director of Common Cause’s Media and Democracy Reform Initiative.  “Americans were promised, and deserve, an Internet that is free of toll roads, fast lanes and censorship — corporate or governmental.”

If the new rules deliver anything less, he added, “that would be a betrayal.”

Mr. Wheeler rebuffed such criticism.  “There is no ‘turnaround in policy,’ ” he said in a statement.  “The same rules will apply to all Internet content.  As with the original open Internet rules, and consistent with the court’s decision, behavior that harms consumers or competition will not be permitted.”

Broadband companies have pushed for the right to build special lanes.  Verizon said during appeals court arguments that if it could make those kinds of deals, it would.

Under the proposal, broadband providers would have to disclose how they treat all Internet traffic and on what terms they offer more rapid lanes, and would be required to act “in a commercially reasonable manner,” agency officials said.  That standard would be fleshed out as the agency seeks public comment.

"Consumer groups warn dismantling net neutrality could stymie startup innovation" PBS NewsHour 4/24/2014

Excerpt

SUMMARY:  The Federal Communications Commission is on the brink of changing the longstanding net neutrality principle, which allows consumers unfettered access to web content, and limits the ability of Internet service providers to block or filter material.  New guidelines would allow some companies to charge more (to the content provider, like YouTube) for faster service.  Gwen Ifill talks to Cecilia Kang of The Washington Post about what’s at stake.

INTERNET - Comments as Venues For Rudeness or Insults

"Taming the ‘Wild West’ of online comments" PBS NewsHour 4/20/2014

Excerpt

SUMMARY:  More and more websites are including online commenting as a feature for their visitors.  But sometimes the comment boards become venues for rudeness and insults.  These comments can influence how a reader perceives the story.  Hari Sreenivasan speaks with web experts who help manage online communities and comments in different ways.

WORLD WIDE WEB - 25th Birthday

"25 years on, still adapting to life tangled up in the Web" PBS NewsHour 3/12/2014

Excerpt

JUDY WOODRUFF (NewsHour):  The World Wide Web turns 25 years old today.  The date marks the publication of a paper that originally laid out the concept, which eventually led to the vast system of Internet sites we now use.

Jeffrey Brown looks at how it’s changed the world we live in.

JEFFREY BROWN (NewsHour):  One way to do that is to look at how individual Americans think about the Internet and its impact on their lives.

The Pew Research Internet Project did that in a survey just out.  Among much else, it finds that 87 percent of American adults now use the Internet, and the number goes up to 97 percent for young adults from 18 to 29.  Ninety percent of Internet users say the Internet has been a good thing for them personally, though the number drops to 76 percent when asked if the Internet has been a good thing for society generally, with 15 percent saying it’s been bad for society.

And 53 percent of Internet users say the Internet would be, at minimum, very hard to give up.

We’re joined by three people who’ve watched the growth of the Internet from different angles.  Xeni Jardin is a journalist and editor at the Web blog Boing Boing, which covers technology and culture.  Catherine Steiner-Adair is a clinical and consulting psychologist at Harvard Medical School, and author of “The Big Disconnect: Protecting Childhood and Family Relationships in the Digital Age.”  And Daniel Weitzner teaches computer science and Internet public policy in at MIT.  From 2011 to 2012, he was U.S. deputy chief technology officer in the White House.

And welcome to all of you.

And, Daniel Weitzner, I will start with you, because you worked with Tim Berners-Lee, who — one of the main people that started all this 25 years ago.  What has — what surprises you now, sitting here 25 years later, about where we’re at?

DANIEL WEITZNER, Massachusetts Institute of Technology:  Well, it does surprise me how tremendously the Internet and the Web has grown into every aspect of our lives.

I think that a lot of us who were involved in the early days of the Internet and the Web had hoped that it could really reach the whole world.  And there’s no question that Tim Berners-Lee, who — whose architecture for the World Wide Web really helped it to grow, had the ambition that it in fact cover the whole world — represent everything in the world.  But I think it’s amazing how far we have actually come in that direction.

INTERNET - FCC Net Neutrality Rules

"Will end of net neutrality rules impact future innovation?" PBS Newshour 1/15/2014

Excerpt

HARI SREENIVASAN (Newshour):  Net neutrality is the idea that broadband Internet service providers, Comcast, Time Warner Cable, Verizon and others, should treat everything that flows across the Internet equally.  That means preventing service providers from creating fast lanes for sites they have business ties with, such as streaming video services like Hulu or Netflix, and slowing access to others, like Amazon.

It also means not charging more for YouTube and other sites based on their heavier bandwidth use or in exchange for faster speeds, all of which could affect what consumers see online, how fast, and at what price.  The principles were set out by the Federal Communications Commission nearly a decade ago.

The agency enshrined them in its Open Internet Order adopted in 2010.  But Verizon sued to challenge the agency's authority, and, yesterday, the U.S. District Court of Appeals for the District of Columbia found the FCC acted improperly.  The 81-page ruling said the agency is wrong to classify Internet service providers as information services, but at the same time regulate them as common carriers, meaning as it does telephone and utility companies.

While the FCC decides whether to appeal, Amazon and others are watching to see if the broadband networks impose their own rules, favoring some content companies over others.

For its part, Verizon issued a statement yesterday that said, in part:  "Verizon has been and remains committed to the open Internet.  This will not change in light of the court's decision."

The ruling doesn't apply to wireless services accessed through mobile devices, which represent a growing share of the market.

INTERNET - Secret Weapon Against Hacking

"Secret weapon against hacking:  College students" PBS Newshour 10/26/2013

Excerpts

SUMMARY:  Inside the high-tech criminal mind. It's no secret that cybercriminals are stealing personal information and credit card numbers by hacking into corporate and government computers.  One school in Pittsburgh is training the next generation of cybersecurity experts to fight off the bad guys by teaching them to think the same way.

RICK KARR:  The bad guys stole more than three million Social Security numbers from the State of South Carolina.  As many as seventy million credit card numbers from Sony PlayStation.  They got access to all of the personal details of some customers of a nationwide mortgage lending firm.  But cybercriminals aren’t just looking to steal personal information and credit card numbers when they break into corporate computers -- they’re looking for other valuable information.
----
RICK KARR:  All those flaws that Carnegie Mellon’s undergrads find every semester ... don’t necessarily mean that the software on your P-C or your bank’s web site is badly written.  Almost every piece of software, every computer system has vulnerabilities that can be exploited -- it’s virtually impossible to make anything that’s connected to the internet perfectly secure.  And today -- compared to 10 or 20 years ago, all of us have just so many more computers and smartphones and tablets -- all of them connected and vulnerable.  So we’re vulnerable, too.

Carnegie Mellon’s students are so good at exploiting those vulnerabilities ... that the NSA enlisted them to create a game that teaches hacking skills to high-school-aged students -- and paid for the job.  Cylab, the university’s cybersecurity institute, is home to the to-ranked competitive hacking team in the world: the Plaid Parliament of Pwning -- “pwn” is hacker-speak for “own”, as in the hacker takes a computer over and owns it.  For third straight year, the team won top honors at international contests that pit teams of hackers against one another ... and utterly demolished the competition at a prestigious contest in Las Vegas.

CYBER SECURITY - Cyberattacks on U.S. Universities

"Universities Face a Rising Barrage of Cyberattacks" by RICHARD PÉREZ-PEÑA, New York Times 7/16/2013

Excerpt

America’s research universities, among the most open and robust centers of information exchange in the world, are increasingly coming under cyberattack, most of it thought to be from China, with millions of hacking attempts weekly.  Campuses are being forced to tighten security, constrict their culture of openness and try to determine what has been stolen.

University officials concede that some of the hacking attempts have succeeded.  But they have declined to reveal specifics, other than those involving the theft of personal data like Social Security numbers.  They acknowledge that they often do not learn of break-ins until much later, if ever, and that even after discovering the breaches they may not be able to tell what was taken.

Universities and their professors are awarded thousands of patents each year, some with vast potential value, in fields as disparate as prescription drugs, computer chips, fuel cells, aircraft and medical devices.

“The attacks are increasing exponentially, and so is the sophistication, and I think it’s outpaced our ability to respond,” said Rodney J. Petersen, who heads the cybersecurity program at Educause, a nonprofit alliance of schools and technology companies.  “So everyone’s investing a lot more resources in detecting this, so we learn of even more incidents we wouldn’t have known about before.”

Tracy B. Mitrano, the director of information technology policy at Cornell University, said that detection was “probably our greatest area of concern, that the hackers’ ability to detect vulnerabilities and penetrate them without being detected has increased sharply.”

Like many of her counterparts, she said that while the largest number of attacks appeared to have originated in China, hackers have become adept at bouncing their work around the world.  Officials do not know whether the hackers are private or governmental.  A request for comment from the Chinese Embassy in Washington was not immediately answered.

Analysts can track where communications come from — a region, a service provider, sometimes even a user’s specific Internet address.  But hackers often route their penetration attempts through multiple computers, even multiple countries, and the targeted organizations rarely go to the effort and expense — often fruitless — of trying to trace the origins.  American government officials, security experts and university and corporate officials nonetheless say that China is clearly the leading source of efforts to steal information, but attributing individual attacks to specific people, groups or places is rare.

The increased threat of hacking has forced many universities to rethink the basic structure of their computer networks and their open style, though officials say they are resisting the temptation to create a fortress with high digital walls.

“A university environment is very different from a corporation or a government agency, because of the kind of openness and free flow of information you’re trying to promote,” said David J. Shaw, the chief information security officer at Purdue University.  “The researchers want to collaborate with others, inside and outside the university, and to share their discoveries.”

Some universities no longer allow their professors to take laptops to certain countries, and that should be a standard practice, said James A. Lewis, a senior fellow at the Center for Strategic and International Studies, a policy group in Washington.  “There are some countries, including China, where the minute you connect to a network, everything will be copied, or something will be planted on your computer in hopes that you’ll take that computer back home and connect to your home network, and then they’re in there,” he said.  “Academics aren’t used to thinking that way.”

Bill Mellon of the University of Wisconsin said that when he set out to overhaul computer security recently, he was stunned by the sheer volume of hacking attempts.

“We get 90,000 to 100,000 attempts per day, from China alone, to penetrate our system,” said Mr. Mellon, the associate dean for research policy.  “There are also a lot from Russia, and recently a lot from Vietnam, but it’s primarily China.”

Other universities report a similar number of attacks and say the figure is doubling every few years.  What worries them most is the growing sophistication of the assault.

Being a computer expert and a retired IT Technician the comment "free flow of information you’re trying to promote" does NOT mean that universities should not have very high network security.  Network security does not mean restricting free flow of information between AUTHORIZED users.

CYBERWAR - About Chinese Cyber Theft

"US Government, Industry Fed up with Chinese Cyber Theft; What’s Being Done?" PBS Newshour 7/8/2013

Excerpt

SUMMARY:  As U.S. and Chinese officials meet this week in Washington to discuss cyber issues -- as well as broader strategic and economic issues -- a number of Congress members and computer security experts say they are fed up with China stealing proprietary data from American companies.  Ray Suarez reports.

INTERNET - Spam or Not to Spam Cyber War

"Cyber War Over Spam Slows Access for Internet Users" PBS Newshour 3/27/2013

Excerpt

SUMMARY:  A dispute between an online company that sends spam emails and a company trying to mitigate spam has led to the one of the largest reporter cyber attacks in history, creating slow access to common sites like Netflix for millions of web users.  Hari Sreenivasan talks over the case with Nicole Perlroth of the New York Times.

HARI SREENIVASAN (Newshour):  One company fights spam; the other is said to be behind sending those pesky e-mails.  A dispute between the two has led to one of the largest reported cyber-attacks in Internet history, the result, widespread congestion that's slowing access for millions of users to sites like Netflix.

Nicole Perlroth has been covering the story for The New York Times, joins me now.

NOTE:  For users, this is what eMail client filters are for.  Delete spam eMails, or move spam to a [Spam] folder.

INTERNET - What Happens to Your Online 'Estate' After You Die?

"Law Lags Behind in Defining Posthumous Protocol for Online Accounts" PBS Newshour 3/11/2013

Excerpt

JEFFREY BROWN (Newshour):  Billions of people around the world now live part of their lives online, sharing photographs, information on relationships and careers, tweets and more.

But what happens when physical lives end and life in cyberspace goes on?  Of the one billion people who use the social network site Facebook, for example, an estimated three die every minute.  And that can lead to some painful problems.  For one thing, there's no one method or law on the books for how beneficiaries gain access to a deceased person's digital records.

Virginia dairy farmer Ricky Rash ran into that problem after his 15-year-old son Eric committed suicide in 2011.

RICKY RASH, Father:  It was a complete shock, as any suicide is.  But we had absolutely no warning.  Eric kissed his mom good night the night before.  He did his homework.  He Armor All-ed the seats in that Oldsmobile that was his.  He did everything under the sun to show us it was a normal night.

So, with no answers from home, no answers from school, we were just hoping that there may be something that would give us some insight as to why he chose to make the decision he did.  And Facebook was literally the last frontier that we had to investigate.