VERY,VERY HOT READS, I Would Read The News In This Thread This Thead Is To post Any Thing Ye Want About The News,,NEWS WAS MOVED,READ MY FIRST POS...

Critical F-Secure ZIP, RAR flaw

p2p news / p2pnet: F-Secure says there's a critical cross-platform code execution flaw in ZIP- and RAR-archive handling for a number of anti-virus products for Windows and Linux.

It would allow malicious hackers to create specially crafted ZIP archives that would cause a buffer overflow which in turn would let them execute code of their choice on affected systems, says the company.

"It is in addition possible to create malformed RAR- and ZIP-archives that cannot be scanned properly," F-Secure states. "This can lead to a false negative scan result."

Research director Mikko Hyppönen warns, "Patch now before someone figures out how to exploit the vulnerability."

Affected are:

* F-Secure Anti-Virus for Workstation version 5.44 and earlier
* F-Secure Anti-Virus for Windows Servers version 5.52 and earlier
* F-Secure Anti-Virus for Citrix Servers version 5.52
* F-Secure Anti-Virus for MIMEsweeper version 5.61 and earlier
* F-Secure Anti-Virus Client Security version 6.01 and earlier
* F-Secure Anti-Virus for MS Exchange version 6.40 and earlier
* F-Secure Internet Gatekeeper version 6.42 and earlier
* F-Secure Anti-Virus for Firewalls version 6.20 and earlier
* F-Secure Internet Security 2004, 2005 and 2006
* F-Secure Anti-Virus 2004, 2005 and 2006
* Solutions based on F-Secure Personal Express version 6.20 and earlier
* F-Secure Anti-Virus for Linux Workstations version 4.52 and earlier
* F-Secure Anti-Virus for Linux Servers version 4.64 and earlier
* F-Secure Anti-Virus for Linux Gateways version 4.64 and earlier
* F-Secure Anti-Virus for Samba Servers version 4.62
* F-Secure Anti-Virus Linux Client Security 5.11 and earlier
* F-Secure Anti-Virus Linux Server Security 5.11 and earlier
* F-Secure Internet Gatekeeper for Linux 2.14 and earlier


"At the moment we are not aware of any attacks that would have used this vulnerability," says Hyppönen, crediting discovery of the flaw to Thierry Zoller.

Go here for the patch
http://p2pnet.net/story/7658

F-Secure Security Bulletin FSC-2006-1
Code execution vulnerability in ZIP and RAR-archive handling

Date issued 2006-01-19
Last updated 2006-01-19
Risk factor Critical (Low/Medium/High/Critical)
Brief description Specially crafted ZIP archives may be used to execute code on affected systems. Both RAR- and ZIP-archives can in addition be crafted to avoid successful scanning and obfuscate malicious code in the archive.
Software F-Secure's Anti-Virus products for Microsoft Windows and Linux
Affected versions F-Secure Anti-Virus for Workstation version 5.44 and earlier
F-Secure Anti-Virus for Windows Servers version 5.52 and earlier
F-Secure Anti-Virus for Citrix Servers version 5.52
F-Secure Anti-Virus for MIMEsweeper version 5.61 and earlier
F-Secure Anti-Virus Client Security version 6.01 and earlier
F-Secure Anti-Virus for MS Exchange version 6.40 and earlier
F-Secure Internet Gatekeeper version 6.42 and earlier
F-Secure Anti-Virus for Firewalls version 6.20 and earlier
F-Secure Internet Security 2004, 2005 and 2006
F-Secure Anti-Virus 2004, 2005 and 2006
Solutions based on F-Secure Personal Express version 6.20 and earlier
F-Secure Anti-Virus for Linux Workstations version 4.52 and earlier
F-Secure Anti-Virus for Linux Servers version 4.64 and earlier
F-Secure Anti-Virus for Linux Gateways version 4.64 and earlier
F-Secure Anti-Virus for Samba Servers version 4.62
F-Secure Anti-Virus Linux Client Security 5.11 and earlier
F-Secure Anti-Virus Linux Server Security 5.11 and earlier
F-Secure Internet Gatekeeper for Linux 2.14 and earlier
Affected platforms All platforms supported by the affected products
Bulletin location http://www.f-secure.com/security/fsc-2006-1.shtml
Issue: It is possible to create specially crafted ZIP archives that cause a buffer overflow. This allows an attacker to execute code of his choice on affected systems. It is in addition possible to create malformed RAR- and ZIP-archives that cannot be scanned properly. This can lead to a false negative scan result.
Products: F-Secure Internet Security 2004, 2005 and 2006
F-Secure Anti-Virus 2004, 2005 and 2006
Solutions based on F-Secure Personal Express version 6.20 and earlier
Risk Factor: Critical

These products contain the vulnerability but hotfixes are distributed automatically by the delivery system. Users of these products do not need to take any action. This means that virtually all affected systems in this category will be patched automatically shortly after publication of this advisory.
Products: F-Secure Anti-Virus for Workstations 5.44 and earlier
F-Secure Anti-Virus for Linux Workstations version 4.52 and earlier
F-Secure Anti-Virus Linux Client Security 5.11 and earlier
Risk Factor: Critical

These products contain the vulnerability but successful exploration requires the user to scan the exploit with archive scanning enabled. This can happen for example during on-demand scanning or if the on-access scanner's settings have been changed. The on-access scanner is not vulnerable in its default configuration.

F-Secure recommends all users of these products to install the hotfix or upgrade to a version that is not affected (if available).
Products: F-Secure Anti-Virus Client Security version 6.01 and earlier
Risk Factor: Critical

This product contains e-mail scanning functionality. This module is vulnerable in its default configuration. This fact makes it more likely that an attack against this product will succeed compared to other affected client products. The on-access scanner in this product is not vulnerable in its default configuration.

F-Secure recommends all users of these products to install the hotfix or upgrade to a version that is not affected (if available).
Products: Server and gateway products:

F-Secure Anti-Virus for Windows Servers 5.52 and earlier
F-Secure Internet Gatekeeper 6.42 and earlier
F-Secure Anti-Virus for Firewalls 6.20 and earlier
F-Secure Anti-Virus for MS Exchange version 6.40 and earlier
F-Secure Anti-Virus Linux Server Security 5.11 and earlier
F-Secure Anti-Virus for Linux Servers version 4.64 and earlier
F-Secure Anti-Virus for Linux Gateways version 4.64 and earlier
F-Secure Anti-Virus for Samba Servers 4.62
F-Secure Internet Gatekeeper for Linux 2.14
Risk Factor: Critical

Gateway installations that scan web (HTTP, FTP) and mail (SMTP, POP) traffic are vulnerable. These machines are typically scanning a large number of archive files with the scan inside archives setting enabled. Server products that are configured to use scheduled on-demand scans are also likely to be vulnerable. This makes products in this category the most likely target for attacks.

F-Secure recommends all users of the mentioned gateway and server products to install the hotfix or upgrade to a version that is not affected (if available).
Products: F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier
Risk Factor: Critical

This product is vulnerable but the Clearswift MIMEsweeper product performs the archive handling under normal circumstances. The vulnerability can however be exploited if the product is used to scan the local system or if MIMEsweeper fails to recognize an archive correctly and passes it on to the F-Secure scanner.

F-Secure recommends users to apply the hotfix or upgrade to a later version (if available).
Mitigating Factors:

* The vulnerability requires that the exploit is scanned with archive scanning enabled. This is typically the case in gateway environments and scheduled scans on servers. On-access scanning does not scan inside archives in a typical configuration. This makes successful exploration of the vulnerability less likely in client environments.
* Clearswift MIMEsweeper handles archive extraction and this reduces the risk in environments that use F-Secure Anti-Virus for MIMEsweeper.

GO HERE
Patch and upgrade availability:
http://www.f-secure.com/security/fsc-2006-1.shtml

 

Stardust delivers a mother lode of comet dust

* 18:02 19 January 2006
* NewScientist.com news service
* Maggie McKee

Print this pagePrint this page
Email to a friendEmail to a friend
RSS FeedRSS Feed

Some impacts from comet dust are visible to the naked eye (Image: NASA)
Enlarge image
Some impacts from comet dust are visible to the naked eye (Image: NASA)
Related Articles

* NASA's man-made meteor sets new standards
* 19 January 2006
* Stardust’s pristine capsule set to be opened
* 17 January 2006
* Pinch of comet dust lands safely on Earth
* 15 January 2006
* Search New Scientist
* Contact us

Web Links

* Stardust, NASA
* Don Brownlee, University of Washington
* Peter Tsou, JPL

Scientists examine Stardust's Aerogel collector in a clean room at Johnson Space Center in Houston, Texas (Image: NASA)
Enlarge image
Scientists examine Stardust's Aerogel collector in a clean room at Johnson Space Center in Houston, Texas (Image: NASA)


Scientists are elated at the quality, number, and size of cometary dust grains collected by NASA's Stardust mission.

Mission members opened a capsule containing the comet debris on Tuesday in an ultra-clean room at Johnson Space Center in Houston, Texas, US. Earlier that day, the capsule had been flown to Johnson from Utah, where it made a parachute landing on Sunday.

It contains dust collected from the wake of Comet Wild 2, which orbits the Sun between Mars and Jupiter, as well as interstellar dust blown into the solar system from nearby stars. The dust was captured in a tennis-racket shaped collector filled with a sponge-like substance called Aerogel, which is 99.9% empty space and so incredibly light.

When mission members opened the capsule, they found that every aerogel tile had survived the landing intact. They were also able to see hundreds of entry tracks and even some dust particles without the aid of a microscope – something they had not expected to be able to do.
Totally overwhelmed

"We were jumping up and down – we were totally overwhelmed by the ability to see this so quickly and so straightforwardly," principal investigator Don Brownlee of the University of Washington in Seattle, US, said at a news briefing on Thursday. "We were the first people in the history of the planet to see comet dust in hand."

Michael Zolensky, a Stardust team member at Johnson, echoed that enthusiasm. He said mission members were anxious about the state of the samples before the capsule was opened.

He said the capsule might not have opened properly, or the dust particles could have smashed the aerogel when they crashed into it at 6 kilometres per second, or the collector might have been "covered by gunk from outgassing of the spacecraft". "We were relieved to find out everything went exactly right," Zolensky said.

Mission scientists will next study the position and shape of the particle tracks and begin to study the particles while they are embedded in the Aerogel and also after they have been removed from it.
Great-great-grandparents

They will study the particles' chemical and mineralogical compositions to see the conditions that shaped the comet, which formed about 4.5 billion years ago in an icy ring of rocks beyond Neptune called the Kuiper Belt.

"The Earth has no memory whatsoever of its formation because of all the geological activity" and weathering it has undergone, says Brownlee. But Stardust should shed light on both the early solar system and the history of Earth, says Zolensky. "We think much of the Earth's water and organics – the molecules in our bodies – came from comets," he says. "It's like looking at our great-great-grandparents."

The team will begin distributing comet dust samples to more than 150 scientists around the world next week. They say the samples will provide a basis for understanding observations of Pluto and its moons by NASA's New Horizons mission, due to launch on Thursday, because both objects formed in the Kuiper Belt.

More than 65,000 volunteers have also signed up to search aerogel images for about 100 grains of interstellar dust collected on the "reverse" side of Stardust's Aerogel collector in an Internet project called Stardust@Home.

Stardust was launched in 1999 and flew within 236 kilometres of Comet Wild 2 in January 2004.
http://www.newscientistspace.com/article.ns?id=dn8610&feedId=online-news_rss10

 

IFPI file sharing report

p2p news / p2pnet: To read the latest Big Four record label IFPI release, you'd think there's a booming corporate online music business.

Echoing hollowly would be a more accurate phrase, and that's entirely due to the fact the Big Four - Sony BMG, Vivendi Universal, Warner Music and EMI – are sticking to their physical 1970s business model in the digital 21st century.

The cartel is trying desperately to compete with independent music sites and the p2p networks by selling low quality compressed digital music tracks at sky-high $1 and up prices. But music lovers continue to get their fixes for free on the networks, or for pennies and cents on one or other of the indie download sites.

But the Big Four must needs keep up their pretence that sales of their cookie-cutter product through the handful of sites they support and supply are significant, hence the outpourings of their IFPI (International Federation of the Phonographic Industries).

"Music fans downloaded 420 million single tracks from the internet last year," it boasts. Moreover, "legitimate digital music business is steadily pushing back on digital piracy," proudly declares IFPI boss John Kennedy.

However, during one month alone in 2005 - September - the average number of files available on the p2p networks for download at any given moment (average simultaneous files) was close to three billion, p2p research company Big Champagne told p2pnet. The exact figure was 2,789,154,393.

On the claimed diminution of file sharing, in a BBC interview Kennedy roundly contradicts himself, admitting his masters are merely "containing" the situation. And as the IFPI report itself states unequivocally, "Illegal activity on peer-to-peer networks has stayed static in the last year ..." In fact, in the IFPI 'report,' Kennedy admits, "The challenges we now face are far too big for any complacency".

In another bit of nonsense, in Europe's "two biggest digital markets, UK and Germany," new IFPI research, "indicates more music fans are legally downloading music than illegally file-swapping," it says.

"Two years ago, few could have predicted the extraordinary developments we are seeing in the digital music business today," says Kennedy in the report, going on, "Already in the UK and Germany - two of the biggest digital markets worldwide - legal buyers from sites like iTunes, Musicload and MSN actually exceed illegal file-swappers."

This is, of course, sheer, unadultrated blarney. But it'll be reported by the mainstream media as though it's accurate information from a credible source.

Meanwhile, "I would love to be sitting here telling you that it [file sharing] had gone down," says Kennedy in the BBC interview. But the Big Four are, "finding it difficult to persuade existing song-swappers to use legal download services such as iTunes instead".

Meanwhile, "A series of court judgements against unauthorised file-sharing services in late 2005 - in the US, Australia, Taiwan and Korea - has helped transform the market environment for digital music and consumer attitudes to illegal file-sharing," says the IFPI's 'study'.

They have indeed.

The publicity generated by the sue 'em all campaign has turned millions of otherwise uninformed people onto the possibilities offered by p2p and file sharing, as confirmed by the Big Four's own Nofree organization in Korea, since it singles Korea out for special mention.

"We were hoping that prosecutors would impose some strong measures so that people would see the consequences of getting caught distributing illegal music files, but now they've announced that it's permissible to download music for private listening," said Nofree's Kim Young-ki .

Instead, "People who didn't even think of doing so may start."

All the signs are, however, that the Big Four will continue their relentless and fruitless attempts to sue their own customers into buying product, and to again attempt to impose the same kinds of Consumer Control that's generating such terrible fallout for Sony BMG and its rootkit spyware DRM.

"Specifically, the music business needs support for Digital Rights Management, which is the key enabler of digital music services allowing new and flexible uses by consumers; it also needs more cooperation from Internet Service Providers (ISPs) in protecting music from piracy on their networks," says the IFPI."

Stay tuned.
http://p2pnet.net/story/7661

 

Imation to acquire Memorex


Posted by Wesley Novack on 20 January 2006 - 00:00 - Source: Email

The following text is a complete press release, unmodified by CD Freaks. If you don't want to view these kind of news posting you can disable them in your preferences page once logged in. Please send your press releases to news@cdfreaks.com

OAKDALE, MN (January 19, 2006) -- Imation Corp (NYSE:IMN) and Memorex International, Inc, today jointly announced that they have entered into a definitive agreement under which Imation will acquire Memorex International in an all cash transaction for $330 million. Additional cash consideration ranging between $5 million and $45 million would be paid out over a period of up to three years after close, contingent on financial performance of the purchased business. The Boards of both companies have approved the transaction.



A teleconference for the financial community and news media discussing the acquisition and Imation 2005 earnings is scheduled for 7:30 a.m. Central Standard Time (8:30 a.m. EST) tomorrow, January 20, 2006. (See full details below.)



“This acquisition is a major strategic milestone for Imation, as we implement our profitable growth strategy. It is also a win-win for both companies’ customers and shareholders,” said Bruce Henderson, Imation Chairman and CEO. “We are gaining a powerful consumer brand and global market share leader in recordable CDs and DVDs as well as an experienced management team under the leadership of Mike Golacinski. Added to our technology expertise, strong B2B brand, global footprint, broad product portfolio and industry experience, we are creating a new global powerhouse in the data storage industry.”



Michael Golacinski, President and CEO of Memorex International, Inc, will head up Imation’s consumer business, maintaining the Memorex headquarters in Cerritos, CA. A consumer electronics industry veteran, Golacinski was an executive with Maxell Corporation prior to joining Memorex in 1997. He stated: “I am excited about the opportunity to join Imation and extend the Memorex brand -- which has built customer loyalty for over 40 years as a leader in high quality recordable media – as well as to strengthen the Imation brand in the consumer sector. Now with the focus and resources of a global data storage leader behind us, we can extend our reach into new regions – particularly in Europe -- enhance and expand the product portfolio and grow both brands.”



In Memorex’s fiscal 2005, ended March 31, the company reported revenue of $430 million and operating income of $30 million. In the subsequent two quarters, ending September 30, 2005, Memorex’s revenue totaled $205 million and operating income totaled $14 million. After completion of integration, Imation expects Memorex to be significantly accretive adding approximately $32 million to $36 million in annualized operating income and approximately $0.40 to $0.47 earnings per share. This estimate includes synergy benefits, purchase price amortization expenses and the assumed loss of interest income due to cash used in the acquisition. Imation anticipates significant synergy benefits, from operating efficiencies including expense reductions, purchasing, and supply chain benefits. The full integration of Memorex into Imation which will result in these benefits is anticipated to be completed by the end of 2006.



Transaction Details and Timing

Imation intends to fund the transaction with cash and has adequate cash on hand, which totaled $507.6 million at December 31, 2005, to both fully fund the acquisition and to meet current operating needs. Imation is in the process of establishing a new and expanded credit facility of $200 million to $250 million which is expected to be in place by the close of the transaction. The transaction is subject to customary closing conditions and regulatory approvals as well as approval by the shareholders of Hanny Holdings, a Hong Kong-based company listed on the Hong Kong Stock Exchange. Hanny Holdings and Investor Asia Ltd., a private equity firm, which together hold 67 percent of Memorex shares, have agreed to vote their shares in favor of the transaction. The sale is expected to close by the middle of the second quarter of 2006. Merrill Lynch acted as exclusive financial advisor and Dorsey & Whitney LLP as exclusive legal advisor to Imation in connection with the transaction.



Web cast and Replay Information

The management teams of both companies will host a teleconference for the financial community, news media and interested investors at 7:30 a.m. Central Standard Time (8:30 a.m. EST) tomorrow. Imation will also discuss fourth quarter 2005 earnings previously scheduled for January 25, at the same teleconference. The call-in number is 866-253-6509 (U.S.) or 703-639-1208 (outside U.S.) A live web cast, including presentation slides, of the teleconference will be available on the Internet on a listen-only basis at ir.imation.com or www.streetevents.com. A taped replay of the teleconference will be available beginning at 1:00 p.m. Central Standard Time on January 20, 2006, until 5:00 p.m. Central Standard Time on January 26, 2006, by dialing 866-219-1444 (access #841868). All remarks made during the teleconference will be current at the time of the call and the replay will not be updated to reflect any subsequent developments.



Additional Information and Where to Find It

Additional information about Imation and this transaction is available at www.imation.com. Additional information about Memorex is available at www.Memorex.com.



About Imation Corp

Imation is the world's leading provider of removable data storage media products designed to help customers capture, create, protect, preserve and retrieve valuable digital assets. Our business-to-business customers range from managers of large data centers to distributed network administrators to small business owners who rely on Imation tape cartridges for data processing, security, business continuity, backup and archiving applications. For their personal storage needs, our customers rely on Imation’s recordable optical discs, USB-enabled flash and removable hard drives to store, edit and manage business data, photos, video, images and music on professional and home desktops. With a legacy in data storage reaching back more than 50 years, Imation has the track record, technology capability, partnerships, and vision to lead the industry into the future.



About Memorex

Founded in 1961 as a manufacturer of recordable magnetic tape for data storage, Memorex launched the audiocassette in 1971 and created one of the most memorable brand images in advertising history with jazz singer Ella Fitzgerald’s voice breaking a glass and the tag line “Is it live or is it Memorex?” The success of that campaign put Memorex solidly in the American consumer brand memory where it still is among the most recognized and respected brands today. Memorex’s consumer business was acquired by Tandy Corp. in 1982 and then again by Hanny Holdings in 1993. In 1996 the Company launched recordable CDs into the mass consumer market. The current portfolio includes recordable CDs and DVDs, which constitute more than two thirds of the Company’s 2005 revenue; branded accessories at about 15 percent; USB flash drives at about 10 percent; with magnetic and optical drives at about five percent. The Company has been the North American market share leader in retail sales for the past six years in the CD category and four years in the DVD category.



Risk and Uncertainties

Certain information contained in this press release, which does not relate to historical financial information, including the business outlook, may be deemed to constitute forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Such statements are subject to certain risks and uncertainties that could cause the Company's actual results in the future to differ materially from its historical results and those presently anticipated or projected. The Company wishes to caution investors not to place undue reliance on any such forward-looking statements. Any forward-looking statement speaks only as of the date on which such statement is made, and the Company undertakes no obligation to update such statement to reflect events or circumstances arising after such date. Among these factors is the Company’s ability to close the acquisition of Memorex in a timely manner, integrate its operations and achieve anticipated benefits and cost synergies, continuing uncertainty in global economic conditions that make it particularly difficult to predict product demand, the Company's ability to meet its cost reduction and revenue growth targets, its ability to introduce new offerings in a timely manner either independently or in association with OEMs or other third parties, its ability to achieve the expected benefits in a timely manner from the Moser Baer and other strategic relationships, including the Global Data Media joint venture, the competitive pricing environment, foreign currency fluctuations, the outcome of litigation, its ability to secure adequate supply of certain high demand products, the ready availability and price of energy, availability of key raw materials or critical components, the market acceptance of newly introduced product and service offerings, the rate of decline for certain existing products as well as various factors set forth, from time to time, in the Company's filings with the Securities and Exchange Commission.
http://www.cdfreaks.com/news/12976

 

Pioneer's Senior VP Andy Parsons talks Blu-ray disc @ CES
Posted by Dan Bell on 19 January 2006 - 23:27 - Source: Digital Bits

Digital Bits has a most interesting CES 2006 interview with Andy Parsons, Senior Vice President of Pioneer Electronics. In this article we get to read his take on Sony's Blu-ray and a bit about it's affect on DVD in the future. Here is just a tiny snippet, this guy has some info to share!

BH: How does the transfer rate for Blu-ray Disc compare to HD-DVD?

AP: Well... on Blu-ray Disc, when you're playing a Blu-ray movie, the player is actually spinning at one and a half times normal speed. So you always have a guarantee of 54 megabits per second [Mbps]. And I believe the HD-DVD format runs at about 36Mbps. For a Blu-ray movie application, you've got 54Mbps. So that allocates for us 40Mbps just for the video alone. Right? Which is an awful lot of data. Now think about that. ATSC Standard high-def broadcasts are about 20Mbps, so we've doubled the available bitrate.

BH: Which should give Blu-ray Disc a significantly better image quality that the best broadcast high-definition signal.

AP: It should be absolutely crystal clear. We also have room for much better audio. We have six different audio codecs available: uncompressed PCM, standard Dolby Digital 5.1, DTS 5.1, DTS HD, Dolby Lossless... multiple different options are available to content providers.

So it's all about quality. It's all about providing an experience that greatly maximizes the best we can get out of our high-definition TV equipment. And Blu-ray Disc, to us, is really about providing the very best home theater experience we can provide.

Well, that sounds pretty good. You can check out the rest of the interview right here. This article also poses other great questions including one about Blu-ray's flavor of Managed Copy. Check it out!
http://www.cdfreaks.com/news/12977

 

This worries me, first phones then my comp habits.

Feds seek Google records in pornography probe
Bush administration wants details of what users look for with search engine

Updated: 11:32 a.m. ET Jan. 19, 2006
SAN JOSE, Calif. - The Bush administration, seeking to revive an online pornography law struck down by the U.S. Supreme Court, has subpoenaed Google Inc. for details on what its users have been looking for through its popular search engine.

Google has refused to comply with the subpoena, issued last year, for a broad range of material from its databases, including a request for 1 million random Web addresses and records of all Google searches from any one-week period, lawyers for the U.S. Justice Department said in papers filed Wednesday in federal court in San Jose.

Privacy advocates have been increasingly scrutinizing Google’s practices as the company expands its offerings to include e-mail, driving directions, photo-sharing, instant messaging and Web journals.

Although Google pledges to protect personal information, the company’s privacy policy says it complies with legal and government requests. Google also has no stated guidelines on how long it keeps data, leading critics to warn that retention is potentially forever given cheap storage costs.

The government contends it needs the data to determine how often pornography shows up in online searches as part of an effort to revive an Internet child protection law that was struck down two years ago by the U.S. Supreme Court on free-speech grounds.

The 1998 Child Online Protection Act would have required adults to use access codes or other ways of registering before they could see objectionable material online, and it would have punished violators with fines up to $50,000 or jail time. The high court ruled that technology such as filtering software may better protect children.

The matter is now before a federal court in Pennsylvania, and the government wants the Google data to help argue that the law is more effective than software in protecting children from porn.

The Mountain View-based company told The San Jose Mercury News that it opposes releasing the information because it would violate the privacy rights of its users and would reveal company trade secrets.

Nicole Wong, an associate general counsel for Google, said the company will fight the government’s efforts “vigorously.”

“Google is not a party to this lawsuit, and the demand for the information is overreaching,” Wong said.

© 2006 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

 

Brain scans reveal men's pleasure in revenge

* 18:47 18 January 2006
* NewScientist.com news service
* Will Knight

A lust for vengeance may be hardwired into the male brain. Scans of brain activity suggest that men experience greater satisfaction than women in seeing cheaters get their comeuppance – at least when the punishment is physical.

Tania Singer of University College London and colleagues used a functional magnetic resonance imaging (fMRI) machine to analyse the brain activity of 32 volunteers after their participation in a simple game, called the Prisoner's Dilemma.

The game allows players to cooperate or double-cross one another, and so fosters camaraderie or enmity between players. Following the game, participants were placed inside an fMRI machine and then saw their fellow players zapped with electricity. The activity in their brain was recorded as they watched.
NS Forum
Is the feeling of delight at revenge just a man thing?
Discuss this story >>


The scans revealed changes in activity as players who had cooperated got zapped, compared with those who had double-crossed them in the game. The results suggest that men get a much bigger kick than women from seeing revenge physically exacted on someone perceived to have wronged them.

"It was very surprising," Singer told New Scientist. "I didn't expect such a strong difference."
Mirror neurons

The scans showed that both sexes experienced increased brain activity in the fronto-singular and anterior cingulate cortices – areas that the associated with the direct experience of pain – when watching other players receive a jolt of electricity. Researchers have previously shown that so-called mirror neurons will sometimes fire in empathy with another person's experience.

Both men and women also experienced slightly less activity in these areas when cheaters were given a shock, which suggests the feeling of empathy was dependent on social behaviour.

But tellingly, activity dropped much more in men when watching cheaters being buzzed. In addition, several other regions of male participants' brains "lit up" instead – areas linked to the experience of reward known as the ventral striatum/nucleus accumbens and orbito-frontal cortex.

The results suggest that men not only feel less empathy for cheaters but experience pleasure when they are punished.
Natural justice

The Prisoner’s Dilemma game lets contestants either cooperate for an equal share of a prize or double-cross their fellow players for a bigger payout. Unbeknown to the subjects, actors were also asked to take part and one was ordered to deliberately cheat other players.

"During breaks in the tests you could tell from the body language that both the male and female volunteers did not like the actors who had cheated them," Singer says. "They tried to stay away from them as much as possible."

Singer speculates that the disparity between men and women could mean men have evolved to have a key role in maintaining justice in human societies. However, she cautions that there could be other reasons for the difference.
Biology and culture

It might simply be that women are less affected by the economic cheating involved in the Prisoner's Dilemma game. Or Singer says it could be that women are less interested in exacting revenge through physical punishment. "This might not be the way women choose to take their revenge," she says.

David Sloan at Binghamton University in New York, US, says behavioural studies provide little evidence of a difference between the sexes when it comes to feelings of empathy and revenge, although women appear to take longer to react than men.

Sloan also notes that any difference could be entirely cultural, rather than biological. "Just because it happens in the brain, it doesn't mean it's innate."

Journal reference: Nature (DOI: 101038/nature04271)
Printable version Email to a friend RSS Feed
http://www.newscientist.com/article.ns?id=dn8605&feedId=online-news_rss10

 

And I wondered what I could do at the next family get together that would be fun and interesting.

 

FAQ: What does the Google subpoena mean?
By Declan McCullagh
Staff Writer, CNET News.com

Published: January 20, 2006, 4:00 AM PST
TalkBack E-mail Print
FAQ Preparing to defend a controversial Internet pornography law in court, the Justice Department has demanded search logs from Google, Microsoft, Yahoo and America Online.

The department asked the search giants to hand over millions of records involving what search terms people have used on the sites and what Web sites are accessible via the search engines.

On one level, the situation involves a straightforward question of whether the department's demands are too onerous and therefore not permitted under federal law. On another, the dispute raises novel questions about search engines' privacy protections and the relationship that four tech giants have with the federal government.

What does it all mean, and what happens next? Read on.

Q: What is the Justice Department demanding from search engines?
A: Federal prosecutors have asked Google, Microsoft, Yahoo and America Online to turn over two types of data: logs showing search terms used by people, and a list of Web sites indexed by the companies' search engines.

Q: Which companies have complied?
The Justice Department isn't talking, at least not yet. Google has opposed the request. Yahoo and AOL have acknowledged complying, saying that they went along with the government's request but did not turn over personally identifiable information. At the time this was written, Microsoft was refusing to say anything, but the ACLU has confirmed that the company did comply.

Q: What information was turned over?
We don't know. The Justice Department initially demanded that the four companies divulge "all URLs that are available to be located through a query on your company's search engine as of July 31, 2005." The subpoena also asked for "all queries that have been entered on your company's search engine between June 1, 2005 and July 31, 2005, inclusive."

But at least when trying to negotiate with Google, the Justice Department eventually narrowed that request to a "random sample of 1 million URLs" and "copies of the text of each search string entered onto Google's search engine over a 1-week period."

Q: So we don't know whether Microsoft, Yahoo and AOL went along with the initial request, or whether they negotiated a better deal?
Exactly. We just don't know, at least not yet, and they're not providing details.

AOL came the closest, saying it turned over a list of "aggregate and anonymous search terms, and not results, from a roughly 1-day period." But it refused to elaborate.

Q: Is there any law preventing a company from talking to the press?
Nope. If they chose, they could disclose all the negotiations that took place, release the correspondence they exchanged with prosecutors and so on. It's a little odd that they're being so tight-lipped.

Or they could have done what Google did and fought the Justice Department in court.

Q: I used those search engines in June and July. Should I be worried about my privacy?
It depends. If you typed in search terms that you consider to be private or confidential, you should be concerned. Such terms might include personal information about you, such as your name or street address.

But what's important to note is that the Justice Department has not been asking for any information that would link those search terms to your identity. It hasn't requested Internet Protocol addresses.

So if you typed in search terms indicating that you, say, have a healthy interest in marijuana cultivation, the data turned over won't implicate you.

Q: The subpoena came from the Justice Department's civil division. Will the attorneys there share the data with their colleagues at the department's criminal division or the FBI?
No law would appear to prohibit them from doing so. A protective order does say that only Justice Department attorneys "who have a need" for the information may receive it.

If the disclosed search logs show evidence of criminal activity, that language may be vague enough to let prosecutors return with a second subpoena to demand the identification of one or more Internet addresses linked with those search terms. Terror-related searches are another likely area of information-sharing--President Bush likes to talk about how "law enforcement officers should not be denied vital information their own colleagues already have."

There has, however, been no evidence that the Justice Department has or has not done this to date.

Q: So the Justice Department could end up using it in a prosecution?
Tim Wu, a law professor at Columbia University, says it may be fair game.

"That's one of the biggest questions in evidence law," Wu says. "It's like if you subpoena a book for another reason, and you find a murder note in it. Can you use it as evidence?"

If the records are in the hands of a third party such as a search engine, Wu says, "generally speaking they can use it to find out about other crimes."

Q: What does the Justice Department plan to do with this data, anyway?
A declaration (click here for PDF) by Philip Stark, a professor of statistics at the University of California at Berkeley, sheds some light on this.

Stark says he has been "involved in conversations" with attorneys and engineers at the companies targeted by the Justice Department to find "practical approaches to sampling their databases of URLs and user queries."

The point of the exercise, Stark said, is to evaluate "how often Web users" encounter pornographic material online, and "to measure the effectiveness of filters in screening those materials."

Q: Who cares about filtering software's effectiveness, anyway?
The Bush administration, for one. It's trying to defend a 1998 law called the Child Online Protection Act before a Philadelphia judge in a trial expected to begin in October.

When the U.S. Supreme Court ruled in the COPA case in June 2004, the majority voted to send it back down to the lower court for a full trial. That would, the majority said, "allow the parties to update and supplement the factual record to reflect current technological realities."

That's what the Justice Department aims to do--by arguing in court that filtering software is not a realistic alternative to a federal criminal law because the concept of filtering is flawed and unworkable in practice.

Q: Are my search terms private?
If they're unlinked from your identity, and just part of a list of anonymous searches scrolling across a screen, the privacy concerns are minimized.

Google even displays a list of live search terms on a screen that visitors can view in its Silicon Valley headquarters. That's probably one reason why the company's lawyers have been careful not to raise privacy arguments.

Instead, in a letter dated Oct. 10, 2005, Google lawyer Ashok Ramani objected to the Justice Department's request on the grounds that it could disclose trade secrets and was "overbroad, unduly burdensome, vague and intended to harass."

Q: Then why are privacy groups complaining? Your article includes I-am-outraged statements from the Electronic Privacy Information Center and the Electronic Frontier Foundation.
There are probably a few reasons. First, they'd say, private companies should not serve as convenient information repositories for trial attorneys hoping to win court cases. Second, it's not clear where this information will end up, and how far the protective order stretches.

Third, they simply believe that search engine companies are collecting too much information about their users. Google, Yahoo, AOL and Microsoft set cookies, collect personal information, and retain permanent logs that could be used to create a kind of dossier about a person's search habits.

Deleting cookies is one option. So is preventing your browser from accepting them in the first place. The Firefox browser, for instance, lets you block certain sites so they'll never set cookies.

Q: What will happen next?
The ball's in Google's court. The company will have to respond to the Justice Department's request, and then a federal judge in San Jose, Calif., will rule on the matter. Appeals are also a possibility.

Q: Will there be any political fallout?
Well, the U.S. Congress is controlled by Republicans, and the Bush administration made the request, so the political math is pretty simple. It would probably take more evidence of privacy invasion or wrongdoing for congressional Republicans to do anything substantial.

But the Democrats may. Sen. Daniel Inouye, a Democrat from Hawaii, on Thursday asked the Justice Department about this topic during a Senate hearing.

"On the Google case, what is your reaction to Google's position that (the Justice Department's request) is an invasion of their privacy?" Inouye asked. The Justice Department representative, Deputy Assistant Attorney General Laura Parsky, declined to comment.

Q: This law that the Justice Department is defending talks about "child protection." Is that related to child pornography?
No. Child pornography is already illegal, and the ACLU is not challenging that law in this case. Some of the initial news reports were wrong.

The Child Online Protection Act makes it a crime for a commercial Web site to post material that some jurors might find "harmful" if a minor stumbled across it.

That vague requirement has alarmed mainstream Web publishers and civil liberties groups, which have supported the ACLU's lawsuit. Plaintiffs in the COPA case include the American Booksellers Foundation for Free Expression, Salon.com, ObGyn.net, Philadelphia Gay News and the Internet Content Coalition. Founding members of the now-defunct Internet Content Coalition included CNET Networks (publisher of News.com), Adobe, Reuters New Media, Sony Online and the New York Times.

Q: What material might be viewed as "harmful to minors?"
The 3rd U.S. Circuit Court of Appeals looked into this when ruling the law was unconstitutional based on preliminary evidence (a full trial is scheduled for this fall).

The judges said that even portions of a "collection of Renaissance artwork" could be viewed as harmful to minors if a prosecutor was sufficiently zealous.

"Thus, in our opinion, the act, which proscribes publication of material harmful to minors, is not narrowly tailored to serve the government's stated purpose in protecting minors from such material," the judges said. (Click here for PDF).

Q: How long does Google have to respond to the government's motion in federal court?
In general, the defendant would have two weeks to reply and then the government would have one week for its response. This is an unusual case, however, because no hearing has been set. So the deadlines may be extended.

Q: Are my search results normally disclosed?
Yes, though generally in the context of "most popular search terms" totals. SearchEngineWatch.com has a long list of examples. Dogpile actually lets you review live search terms of the type that the Justice Department also wants to see.

 

The San Diego Police Department is looking into a toilet seat heist in Old Town, 10News reported.
`
When nature calls, most rely on the bare minimum. However, there are some who are willing to pay a pretty penny for a toilet seat.

A toilet seat worth $2,700 was stolen from a man's shed in Old Town.

"You can program it. Set temperatures of water in the morning and when you get up at 7:30, your toilet seat is warm and ready for you," said Hamid Shoushtari.

Shoushtari is talking about the Bidet Spa, which warms up the toilet seat with a touch of a button. He had one in his store shed.

"It was a product, they gave it to me. In order for me to promote it, I'd show it to clients. I lost it," said Shoushtari, who works for Best American Technology.

It turns out that someone stole the toilet seat and its case right out of the shed. He filed a police report and detectives are looking to flush out a suspect.

"I told them this is not your regular case. I told them I lost a high-tech toilet seat. The detectives contacted me and said they're going to try and find it," Shoushtari said.

He said he will be grateful to anyone who helps him recover the high-end toilet seat.

"The reward will be a thank-you," he said.

Since the suspect left no paper trail, police are hoping someone recognizes the container for the toilet seat, which looks like a Samsonite suitcase.

Shoushtari said the seat will not work unless it's properly installed.

 

that thing made out of crystal or gold or something !!

 

  for $2700 it should kiss you when you're done too ...

 

DRM and dead musicians

p2p special / p2pnet: I was out shopping last weekend and I ran into the most pathetic excuse for a sales pitch I've heard in a long time.

Being a fan of old jazz, blues and the big band sounds of the 1930s and 40s, I'm one of those people with a huge collection of bargain bin CDs. P2p is great, but sometimes I just can't be bothered searching for the old obscure stuff which, for some reason, seems to be popular with people on very unreliable 56k connections.

Having 40 or 50 half completed mp3s in my download queue for months is a real pain, so every now and then I just go out and buy the cheap compilation CDs. I figure five bucks for 30 odd tracks is pretty good for the amount of time and effort I save (hmm...wonder what would happen to the pirate hoards if all CDs were $5?)

So I walked into the local record shop, heading for the Jazz/Big Band section where I found a CD with a nice mix of old sounds. I took the five dollars out of my wallet, looked at the CD case again and, what did I see written in very small print on the back?

"This disc contains Copy Control technology. Problems may be enountered on some playback devices."

This was just stupid. All the musicians featured on the CD have been dead several decades, for a start. We're talking about the Count Basie, Duke Ellington, Glenn Miller kind of era, here. Normally, I refuse to buy any CD with DRM crapware, but I really wanted this one. Maybe I'd be lucky. Maybe it would play alright on my laptop.

I decided to ask the sales guy.

"Hey man, this says the CD might not play properly on some playback devices. What does that mean?" I asked him.

"Does it? Let me see", he looked at the small print, comfortingly entitled "WARNING". "Yeah that just means you can't copy it", was the answer.

"Yeah, but it says the CD might not play", I reminded him.

"Yeah, you might get that in car CD players", was the response.

"What about on a PC?"

"Yeah, you might get issues on a PC CD player too".

"Like what?"

"I don't know".

"Does it depend on the program I use to play it?"

"Yeah, maybe".

"Like, would I get problems on Windows Media Player".

"Maybe".

"Or WinAmp?"

"Dude, I don't know".

Now the situation was moving past stupid into the realms of ridiculous.

"Would it be related to the drive brand?", I asked. "Would a Teac DW-224E be okay?"

"Mate, I really don't know."

"Well, can I return it if it doesn't play on my laptop?"

"I don't think so. I'll have to check with the manager".

"Has nobody ever asked this before?'

"No. You're the first." He gave me a dirty look while saying that.

"Look mate", I said, (yes, we Aussies really do speak like that) "This CD has the little Compact Disc logo on it, so it should play in any CD player that also has the logo."

"Man, it's only $5. It's no big deal", was his reply.

Aha! The truth comes out. It doesn't have to be a good product. It doesn't even have to be a functioning product. Apparently, consumers (sorry, customers) are just going to keep handing over money for physical CDs, regardless of whether they can play the music contained on them and without thought for whatever software may be automatically installed on any device the DRM makers can get it to work on.

I have some suggestions for the retail sector on this:

1) To EMI ('cause it was their frickin' DRM) - Send out some kind of information pack to the poor schmuck behind the sales desk for when annoying customers (sorry, consumers) like me ask what the hell they're actually buying.

2) To the poor schmuck behind the sales desk - Don't be surprised if you get those kind of questions in the future. Not everyone is prepared to take a punt on whether the thing they fork out their cash for will actually work.

3) To the poor schmuck's manager - Get a "DRM returns" policy. CDs that can't be played on devices with the little Compact Disc logo aren't technically Compact Discs because they don't follow the Compact Disc standard, so don't try to hock off those pieces of plastic to an unsuspecting public. Oh, and read up on some some basic consumer law (or should that be customer law?) because I'm pretty sure you'll find something about not being allowed to sell products that don't fit their marketed description. Selling non-CDs in a CD shop could put you in a sticky legal situation.

As you can imagine, I didn't end up buying the big band compilation CD. Which was a pity. Luckily I had a stack of CDs and 8 gigabytes worth of old tunes at home to soothe my frustation.

But seriously now: is John Coltrane going to be pissed at me for downloading Blue Train? I'd hate to show disrespect for the dead.

Alex H, p2pnet - Sydney, Australia
[Alex is an operations manager for an ATM (automatic teller machine) supplier and he specialises in infrastructure development and maintenance, and logistics. He’s also an[other] active member of the Shareaza community who's just started his own blog called Tech Loves Art where you'll find past p2pnet posts, together with other goodies to come ; ]

(Friday 20th January 2006)
http://p2pnet.net/story/7666

 

Record labels threaten ISPs

p2p news / p2pnet: Internet service providers may soon find themselves in court unless they cave in to record label demands that ISPs become cartel cops, acting against customers believed to be using the p2p networks.

The latest Big Four disinformation puff piece spells bad news for ISPs, we suggested yesterday. "Increased pressure will be brought to bear on them" and, hence, "national judicial systems to try to force providers to reveal the identities of customers so the Big Four can try to turn them back into being fully compliant consumers," we wrote.

"Specifically, the music business needs support for Digital Rights Management, which is the key enabler of digital music services allowing new and flexible uses by consumers; it also needs more cooperation from Internet Service Providers (ISPs) in protecting music from piracy on their networks," said the cartel's IFPI (International Federation of the Phonographic Industries).

Now, "Record companies and internet service providers could be on a collision course as music executives continue to be frustrated by illegal downloading of music," says the Financial Times.

"It’s been a year since I asked for (the ISP’s) cooperation, and I’ve effectively had zero response,” it has IFPI boss John Kennedy saying.

This is the same Kennedy who in the IFPI 'report' claims, "legitimate digital music business is steadily pushing back on digital piracy," also stating in the same document, "Illegal activity on peer-to-peer networks has stayed static in the last year".

And in a BBC interview he said his employers, cartel owners EMI, Vivendi Universal, Warner Music and Sony BMG, were, "winning the war but we haven't won the war" against "piracy". He went on, "I would love to be sitting here telling you that it had gone down …"

With that in mind, he's threatening ISPs with court actions unless they fall in with Big Four demands.

"Mr Kennedy said he would continue to try and negotiate with the ISPs, but said that as a last resort, he could turn to litigation if the internet groups continued to turn a blind eye to illegal music downloading by their users," says the FT, going on:

"He said he wanted ISPs to send out warnings to customers who downloaded music illegally and then cut them off from using their services if they refused to stop. 'If it’s easy enough to cut them off if they don’t pay their bills, it’s easy enough to cut them off if they infringe copyright laws,' said Mr Kennedy, adding that the government should also increase their efforts to protect intellectual property."

Also See:
bad news for ISPs - IFPI file sharing report, January 19, 2006
Financial Times - Music groups and ISPs at odds over illegal downloading, January 19, 2006
pushing back on digital piracy - IFPI on p2p file sharing, January 19, 2006

(Friday 20th January 2006)
http://p2pnet.net/story/7667

 

Google, video and DRM

p2p news / p2pnet: Google needs to shape up, believes professor Ed Felten.

Because it's, "one or two privacy disasters away from becoming just another Internet company". >>>>>>>>>>>>>>>>>>>>>>>>

Google Video and Privacy
By Ed Felten - Freedom to Tinker

Last week Google introduced its video service, which lets users download free or paid-for videos. The service’s design is distinctive in many ways, not all of them desirable. One of the distinctive features is a DRM (anti-infringement) mechanism which is applied if the copyright owner asks for it. Today I want to discuss the design of Google Video’s DRM, and especially its privacy implications.

First, some preliminaries. Google’s DRM, like everybody else’s, can be defeated without great difficulty. Like all DRM schemes that rely on encrypting files, it is vulnerable to capture of the decrypted file, or to capture of the keying information, either of which will let an adversary rip the video into unprotected form. My guess is that Google’s decision to use DRM was driven by the insistence of copyright owners, not by any illusion that the DRM would stop infringement.

The Google DRM system works by trying to tether every protected file to a Google account, so that the account’s username and password has to be entered every time the file is viewed. From the user’s point of view, this has its pros and cons. On the one hand, an honest user can view his video on any Windows PC anywhere; all he has to do is move the file and then enter his username and password on the new machine. On the other hand, the system works only when connected to the net, and it carries privacy risks.

The magnitude of privacy risk depends on the details of the design. If you’re going to have a DRM scheme that tethers content to user accounts, there are three basic design strategies available, which differ according to how much information is sent to Google’s servers. As we’ll see, Google apparently chose the design that sends the most information and so carries the highest privacy risk for users.

The first design strategy is to encrypt files so that they can be decrypted without any participation by the server. You create an encryption key that is derived from the username and password associated with the user’s Google account, and you encrypt the video under that key. When the user wants to play the video, software on the user’s own machine prompts for the username and password, derives the key, decrypts the video, and plays it. The user can play the video as often as she likes, without the server being notified. (The server participates only when the user initially buys the video.)

This design is great from a privacy standpoint, but it suffers from two main drawbacks. First, if the user changes the password in her Google account, there is no practical way to update the user’s video files. The videos can only be decrypted with the user’s old password (the one that was current when she bought the videos), which will be confusing. Second, there is really no defense against account-sharing attacks, where a large group of users shares a single Google account, and then passes around videos freely among themselves.

The second design tries to address both of these problems. In this design, a user’s files are encrypted under a key that Google knows. Before the user can watch videos on a particular machine, she has to activate her account on that machine, by sending her username and password to a Google server, which then sends back a key that allows the unlocking of that user’s videos on that machine. Activation of a machine can last for days, or weeks, or even forever.

This design addresses the password-change problem, because the Google server always knows the user’s current password, so it can require the current password to activate an account. It also addresses the account-sharing attack, because a widely-shared account will be activated on a suspiciously large number of machines. By watching where and how often an account is activated, Google can spot sharing of the account, at least if it is shared widely.

In this second design, more information flows to Google’s servers — Google learns which machines the user watches videos on, and when the user first uses each of the machines. But they don’t learn which videos were watched when, or which videos were watched on which machine, or exactly when the user watches videos on a given machine (after the initial activation). This design does have privacy drawbacks for users, but I think few users would complain.

In the third design, the user’s computer contacts Google’s server every time the user wants to watch a protected video, transmitting the username and password, and possibly the identity of the video being watched. The server then provides the decryption key needed to watch that particular video; after showing the video the software on the user’s computer discards the key, so that another handshake with the server is needed if the user wants to watch the same video later.

Google hasn’t revealed whether or not they send the identity of the video to the server. There are two pieces of evidence to suggest that they probably do send it. First, sending it is the simplest design strategy, given the other things we know about Google’s design. Second, Google has not said that they don’t send it, despite some privacy complaints about the system. It’s a bit disappointing that they haven’t answered this question one way or the other, either to disclose what information they’re collecting, or to reassure their users. I’d be willing to bet that they do send the identity of the video, but that bet is not a sure thing.

This third design is the worst one from a privacy standpoint, giving the server a full log of exactly where and when the user watches videos, and probably which videos she watches. Compared to the second design, this one creates more privacy risk but has few if any advantages. The extra information sent to the server seems to have little if any value in stopping infringement.

So why did Google choose a less privacy-friendly solution, even though it provided no real advantage over a more privacy-friendly one? Here I can only speculate. My guess is that Google is not as attuned to this kind of privacy issue as they should be. The company is used to logging lots of information about how customers use its services, so a logging-intensive solution would probably seem natural, or at least less unnatural, to its engineers.

In this regard, Google’s famous “don’t be evil” motto, and customers’ general trust that the company won’t be evil, may get Google into trouble. As more and more data builds up in the company’s disk farms, the temptation to be evil only increases. Even if the company itself stays non-evil, its data trove will be a massive temptation for others to do evil. A rogue employee, an intruder, or just an accidental data leak could cause huge problems. And if customers ever decide that Google might be evil, or cause evil, or carelessly enable evil, the backlash would be severe.

Privacy is for Google what security is for Microsoft. At some point Microsoft realized that a chain of security disasters was one of the few things that could knock the company off its perch. And so Bill Gates famously declared security to be job one, thousands of developers were retrained, and Microsoft tried to change its culture to take security more seriously.

It’s high time for Google to figure out that it is one or two privacy disasters away from becoming just another Internet company. The time is now for Google to become a privacy leader. Fixing the privacy issues in its video DRM would be a small step toward that goal.

(Friday 20th January 2006)
http://p2pnet.net/story/7669

 

AACS to support forced down-converting on analog outputs
Posted by Johnny on 20 January 2006 - 11:38 - Source: videobusiness.com

It’s now clear that AACS, the copy protection system both Blu-ray Disc and HD DVD are going to use, will support a function called ICT (Image Constraint Token). This is bad news if you have an HDTV without an HDMI input (or a DVI input with HDCP support) because if the ICT flag is set on a disc the player needs to down-convert the high definition video to max 960x540p when sending the signal to the analog outputs. That means that you will only get a quarter of the original resolution if it’s 1920x1080p.



It will however be up to the movie studios to decide if they want to use the ICT function or not. Fox, which was the major force behind Blu-ray Disc’s extra BD+ protection, is somewhat surprisingly reported to be one of the few studios against the use of ICT:



No studio would comment on whether it plans to take advantage of the Image Constraint option.



Within the AACS consortium, however, Warner Home Video was consistently the strongest proponent of the idea, according to sources familiar with the negotiations.



20th Century Fox Home Entertainment is not a member of AACS, but has argued against the idea in other forums.



AACS-member Disney, as well as non-member NBC Universal are likely to take advantage of the option, according to sources.



Although Sony is a member of AACS, where it sometimes clashed with Warner on the issue, sources said it is still unclear whether Sony Pictures Home Entertainment will take advantage of the ICT option now that it is in place.



Non-memberParamount also has not indicated which way it will go, according to AACS sources.

You can read the complete article at videobusiness.com here.
http://www.cdfreaks.com/news/12978

 

Students demand i2hub operator pay their RIAA claims
Posted by Dan Bell on 20 January 2006 - 14:18 - Source: Boston.com

DamnedIfIknow used our news submit to tell us "Could this be the start of a trend? Kazaa made me do it, so they should pay." It seems that the recent lawsuit that addressed a file sharing network on the ultra fast Internet2 network is stirring up some interesting legal arguments.
Students are demanding that the operator behind the now-defunct i2hub online file-sharing network pay to settle copyright infringement claims against them by the recording industry. Founded by Wayne Chang in 2003 while he was a student at the University of Massachusetts-Amherst, the i2hub network linked students and others over the super-fast Internet2 network. In a letter to Chang dated Monday, attorneys with the Student Legal Services Office claimed i2hub placed ads on campus to deceive UMass students into believing the software was approved by the university.

The Student Legal Service has claimed that if the students had known that they were exposing themselves to legal action, they would not have used the hub software. Mr. Chang has been offered a settlement by the Student Legal Service, all he has to do is pay all 42 students fines...about 157,000 dollars. Chang argues that in the software end user license agreement or EULA it includes warnings about potential liability from using it to swap copyrighted content. Chang says that if they hold his feet to the fire on this issue and he loses, then EULA are useless and have no meaning.
http://www.cdfreaks.com/news/12979

 

How to Squelch Your Inner Jackass


By Tony Long | Also by this reporter

Waiting in line recently at my local coffeehouse -- an establishment as renowned for its leisurely service as for its place in San Francisco history -- I was blown away by the absolute arrogance of a young woman standing two or three places ahead of me.

She had already irritated everyone within earshot by conducting a very animated cell-phone conversation in her singsong, Valley girl, yuppie voice. But now it was her turn to order and the cafe's irritation turned to cold fury as she impatiently waved off the barista to complete her thought (which no doubt required a herculean effort). Alas for young Brie, or whatever her name was, she picked the wrong guy to trifle with. Our barista tossed her out of line and took the next person's order. She huffed off, still tethered to her phone, to our general delight.

Today, we consider the mobile phone. More than the personal computer and, now, the iPod, this is the technology that even the most technophobic of cats is likeliest to possess. In other words, they're all over the place. It's understood why people use cell phones. What we're concerned with here is how they use 'em.

Too often the answer is "rudely." Yeah, "rude cell-phone user" columns have been done to death over the years. But those columns keep getting written for a reason: There are still far too many of you thoughtless blockheads out there. So let's try it again.

Not everyone who uses a mobile phone is as willfully thoughtless as our friend Brie. But the level of rudeness isn't the issue. It's the mere fact of rudeness itself -- that's the issue.

Mobile phones have helped to make a crass and vulgar society even more crass and more vulgar. Portability makes it possible for anyone to take a private conversation public and that's never a good idea. In its way, some moron babbling into a mobile phone is as obtrusive and obnoxious as the idiot who plays his boombox at full throttle in the park.

Look, the world is not your personal playground. Do not share with us your musical tastes; do not share with us your latest wheelings and dealings. In public places, you have an obligation to hold up your end of the implied social contract by not imposing yourself on those around you. This is crucial to a civilized society and just because technology allows you to act like a braying ass in public doesn't mean you should do it. Quite the contrary, in fact. You need to be more aware of your surroundings than ever.



That said, it's understood that you will use your phone away from hermetically sealed rooms and the solitude of your studio apartment. So, please, observe these little niceties:

* Don't use your phone in obvious situations where your one-sided conversation can only be disruptive: at the movies, at a concert, in a public auditorium, on an elevator, in a crowded waiting room, etc. I would add city buses to the list, but those are already rolling prison yards for the most part. Use your phone if you must, but use at your own peril.


* If you're in the middle of a face-to-face conversation with someone, don't take a phone call. It's disrespectful. You can go on the theory that if the incoming call is important enough, the caller will leave you a message. You can then return said call at a more convenient moment, and nobody is offended.


* If you're expecting an important call and somebody stops by to chat you up, let your buddy know that you might have to take a call. That's fair.


* Ditch the ring tone and put the phone on vibrate. The only person who cares about an incoming call on your phone is you. Don't worry, you'll feel it. (It feels go-o-o-od.) Most ring tones are not only intrusive, they're inane.


* Don't have emotional phone conversations in my face. In other words, don't break up with your boyfriend publicly. (Besides, we can't see him and being able to see his reaction is half the fun.) Wait until you get home and then toss his sorry ass out the door.


* Don't talk on the phone while you're grocery shopping. For whatever reason, the acoustics of a shopping aisle seem to amplify your voice. Also, talking on the phone tends to distract you from what's going on in your immediate vicinity and I need to get around you to reach the Cocoa Puffs.


* When you're in my cafe, turn off your phone and don't use it at all.


* Personal note to my son: Using part of a rap song as a voicemail greeting, where the only intelligible words are "bitch" and "fuckah," is not a felicitous way of welcoming an incoming caller. While your friends may find this the height of wit, your employer and professors and parole officer almost certainly will not.


A final thought: I kind of like those Bluetooth earpieces where you don't use your hands. The ones that hang from your ear and have you talking off into the ether. You look like a crazy guy wandering down the street, the only difference being that a real crazy guy usually has something interesting to say.

- - -
Tony Long is copy chief of Wired News. He's working his way through his second cell phone.
http://www.wired.com/news/columns/0,70041-0.html?tw=rss.index

 

Another RIAA victim says No!

p2p news / p2pnet: The numbers of people challenging Big Four record label cartel continue to grow.

The latest person to refuse to give in to spurious RIAA 'settlement' demands is Duanne McCall from White Bear Lake in Minnesota.

The RIAA (Recording Industry Association of America) is owned by Sony BMG, Vivendi Universal, Warner Music and EMI who are using it to try to sue their own American customers, including children, into buying 'product'.

Through the Elektra Entertainment Group, the same outfit that's harassing Patti Santangelo, they're accusing McCall of continuing copyright infringement.

Santangelo will be the first of the more than 17,000 Americans currently being victimized by the Big Four to actually appear before a jury in a civil, or any other, court.

Clearly, her trial will have major ramifications for new and existing cases. But at this point Santangel, who lives in Nrew York and who's the mother of five children, is representing herself .

The Patti Santengelo Fight Goliath donation campaign currently stands at $5,490.54 and you can help by donating whatever you can afford via Pay Pal (below) or by snail-mailing your contribution to:

Patti Santangelo
c/o Ray Beckerman
Beldock Levine & Hoffman LLP
99 Park Ave (16th Fl)
New York, NY 10016


Go here for updates of amounts contributed to date, and for a list of sites from North America and Europe (so far) carrying donation buttons. And we'll be hearing from Beckerman on contributions sent to Patti by regular mail.

If you'd like to include a button on your site, get the code here. For now, spread the news in any way you can think of - like Todd in New Jersey whose first podcast features the Patti campaign.

Meanwhile, we've just heard from another woman who's being pilloried.

"Their case uses a program called Kazaa and an account I have never even heard of, and accuses me of downloading music I would never in my LIFE listen to!" she says in an email.

Stay tuned.

Directory of lawyers defending RIAA lawsuits

Below is Recording Industry vs The People's list of lawyers who are actively defending RIAA lawsuits. If you'd like to be added to this, or if you know of someone who should be included, please email musiclitigation@earthlink.net:

United States

Alaska

Elizabeth A. Cooper
Lybeck Murphy, LLP
500 Island Corporate Center
7525 SE 24 Street
Mercer Island, WA 98040-2336
(206) 230-4255

Massachusetts

Attorney Charles J. DiMare, Director
Attorney Lisa Kent, Senior Staff Advisor
Student Legal Services Office
University of Massachusetts
Amherst, MA 01002
413-545-1995

Michigan

Hermann, John
2684 West Eleven Mile Road
Berkley, MI 48072
248-591-9291

Minnesota

Toder, Brian N.
Chestnut & Cambronne, P.A.
204 North Star Bank
4661 Highway 61
White Bear Lake, MN 55110
651.653.0990
Email: btoder@chestnutcambronne.com

Wojtalewicz, Brian E.
Wojtalewicz Law Firm
139 N. Miles Street
PO Box 123
Appleton, MN 56208-0123
Phone 320-289-2363 or 800-377-1812
Fax 320-289-2369
-and-
625 Broadway
Alexandria, MN 56308
Phone 320-762-8382 or 800-377-1812
Email: brian@wojtalewiczlawfirm.com

New York

Beckerman, Ray
Rogers, Morlan Ty
Beldock Levine & Hoffman LLP
99 Park Avenue (16th Floor)
New York, NY 10016
(212) 490-0400

Oklahoma

Barringer-Thomson, Marilyn D.
4901 Richmond Square
Oklahoma City, OK 73118
(405)840-3101
Fax (405)842-3843

Oregon

Lybeck, Lory R.
Lybeck Murphy, LLP
500 Island Corporate Center
7525 SE 24 Street
Mercer Island, WA 98040-2336
(206) 230-4255

Texas

Browning, John G.
Browning & Fleishman, P.C.
701 Commerce St., Suite 510
Dallas, Texas 75202
214-752-4130 phone
469-227-9010 fax
Email browninglaw@sbcglobal.net

Sunstrom, Katherine L.
Goldstein & Faucett, LLP
1177 West Loop South Suite 400
Houston, Texas 77027
Phone: (713) 877-1515
Fax: (713)877-1145
Email: ksunstrom@gfiplaw.com

Washington

Lybeck, Lory R.
Lybeck Murphy, LLP
500 Island Corporate Center
7525 SE 24 Street
Mercer Island, WA 98040-2336
(206) 230-4255

France*

Hugot, Olivier
HugotAvocat
44 Rue Coquilliere
Paris 75001
France
+33 (0)1 55 80 72 50
Email: olivier@hugot.fr

Israel

Lichtenstein, Yoram
3a Jabotinsky st.,
Ramat Gan
Israel 52520
Tel.: 972-3-6133333
Fax.: 972-3-6133334

Netherlands

Alberdingk Thijm, Christiaan
SOLV Advocaten
P.O. Box 75538
1070 AM Amsterdam
Schippersgracht 1-3
1011 TR Amsterdam
The Netherlands
T +31 20 5300160
F +31 20 5300170
M +31 6 25017 235
E thijm@solv.nl

Additional attorneys may be found at Electronic Frontier Foundation Subpoena Defense

Also See:
the first - Fight Goliath fund breaks $5,000, January 16, 2006

(Friday 20th January 2006)
http://p2pnet.net/story/7671
________________________________________________________________________

Thursday, January 19, 2006

New Contested Case in Minnesota: Elektra v. McCall

Another defendant has chosen to fight back, this time in federal court in Minnesota.

Copies of the complaint and answer in Elektra v. McCall are set forth below:

Complaint
http://www.lifeofalawyer.com/riaa/elektra_mccall_complaint.pdf

Answer
http://www.lifeofalawyer.com/riaa/elektra_mccall_answer.pdf

The defendant, Mr. McCall, is represented by Brian N. Toder of
Chestnut & Cambronne, P.A. in White Bear Lake, Minnesota. (email: btoder@chestnutcambronne.com)
http://recordingindustryvspeople.blogspot.com/2006/01/new-contested-case-in-minnesota.html

 

Swiss file share 'grace period'

p2p news / p2pnet: If you're in Switzerland, did you know the Big Four record label cartels IFPI had a "grace period" for p2p file sharers?

No?

Well, it did but now it's been terminated, says Heise Online, going on:

"According to media reports, the Swiss International Federation of Producers of Phonograms and Videograms (IFPI) is now filing suit to stop the illegal propagation of music files. The industry is thus making good on its promise of March 2004, which was repeated in November of 2005 in the "Game over" campaign, to take legal action."

Apparently, the Big Four, Vivendi Universal, EMI, Sony BMG and Warner Music, "wanted to use its 'Game Over' campaign as a way to offer all private 'pirates' a way to settle the matter out of court. The people affected would have had to agree to delete all illegal music files and pay costs and damages ranging from 3000-9000 Swiss francs (5800 euros).

"But this approach proved pointless when Internet providers refused to pass on the cease-and-desist demands to users of peer-to-peer networks. IFPI therefore filed suit against users of peer-to-peer networks with the state prosecutor's office in the Swiss Canton of Zurich. According to reports, the providers are only obligated to provide the authorities with such information by court order."

Heise says rhe IFPI, which recently released its latest disinformation report, has been spamming IM and the p2p nets with "final warnings" since the beginning of November last year.

"Just before Christmas, the providers received mail from IFPI Switzerland calling on them to hand over the personal data of any suspicious users of peer-to-peer networks and to send cease-and-desist requests to file sharers who were breaking the law," adds the story.

Also See:
Heise Online - IFPI Switzerland files suit against users of peer-to-peer networks?, January 19, 2006
disinformation report - Record labels threaten ISPs, January 20, 2006

(Friday 20th January 2006)
http://p2pnet.net/story/7674