No Net Neutrality Protections.  Forget your feelings about the FCC’s formal Open Internet Rules.  An amendment by Rep. Marsha Blackburn would prevent any restrictions on network management, block any requirements to make connectivity available on a wholesale basis (which would increase competition), and stop the FCC from passing a rule allowing users to attach any non-harmful device to the network.  As a result, the winner of the spectrum auction would be able to throttle, block, and discriminate however it sees fit – something that runs counter to any definition of network neutrality.

No Safeguards Against Further Consolidation.  It is no secret that one of the reasons that there are only four nationwide wireless carriers (and two dominant ones) is that only a few companies control most of the available spectrum in the United States.  This amendment would prevent the FCC from making sure that new spectrum goes towards new or under-provisioned competitors instead of being further consolidated by AT&T and Verizon.   That’s probably why AT&T is pushing so hard for this amendment.

No Super-Wifi.  One of the greatest boons of the transition from analog to digital TV broadcasting was supposed to be the creation of unlicensed “whitespaces” or “super-wifi.”  This new spectrum – which is much better at communicating long distances and through walls than current wifi spectrum – would be used cooperatively by everyone and usher in a new era of wireless devices.  However, a third amendment would destroy the FCC’s power to allocate some of this great spectrum for unlicensed uses.  That means that opportunity would simply pass us by.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Verizon’s conduct undermines the Commission’s general approach towards mobile Internet openness by dismantling the protections for one part of the spectrum on which the FCC’s “incremental” approach to regulation in this space is built. Without enforcement, the openness conditions are effectively moot. Verizon violated these conditions earlier this year when it blocked tethering applications. Now it is blocking Google Wallet. This emerging pattern of disregard for its license conditions challenges the FCC to follow through on its pledges in the Open Internet Order to enforce the openness conditions in the 700 MHz band and to monitor the mobile Internet space for abuses by licensees.

Eckhart followed up by posting part two of his research, demonstrating some of his findings on video. Considerable discussion of that demonstration ensued, for example here and here and here. Some critics of Eckhart's research have opined that it's overblown or not rigorous enough. But further analysis and commentary suggests that the problem could well be worse than we currently know. Stephen Wicker of Cornell University has explored some of the implications, and his comments seem especially apropos given that Carrier IQ has publicly admitted holding a treasure trove of data. Dan Rosenberg has done further in-depth research on the detailed workings of Carrier IQ, leading to rather a lot of discussion about Carrier IQ's capabilities -- there's some disagreement among researchers over what Carrier IQ is doing versus what it could be doing, e.g.: Is Carrier IQ's Data-Logging Phone Software Helpful or a Hacker's Goldmine?

Meanwhile, the scandal grew, questions were raised about whether it violated federal wiretap laws, a least one US Senator noticed, and Carrier IQ issued an inept press release. Phone vendors and carriers have been begun backing away from Carrier IQ as quickly as possible; there were denials from Verizon and Apple . T-Mobile has posted internal and external quick guides about Carrier IQ. Some of the denials were more credible than others. There has been some skepticism about Carrier IQ's statements, given their own marketing claims and the non-answers to some questions. There's also been discussion about the claims made in Carrier IQ's patent.

Then the lawsuits started, see Hagens Berman and Sianna & Straite and 8 companies hit with lawsuit for some details on three of them.

Attempts to figure out which phones are infected with Carrier IQ are ongoing. For example, the Google Nexus Android phones and original Xoom tablet seem to not be infected, nor do phones used on UK-based mobile networks, but traces of are present in some versions of iOS, although their function isn't entirely clear. A preliminary/beta application that tries to detect it is now available. Methods for removing it have been discussed.

Meanhile, A Freedom of Information Act request's response has indicated (per the FBI) that Carrier IQ files have been used for "law enforcement purposes", but Carrier IQ has denied this. And there seems to be a growing realization that all of this has somehow become standard practice; as Dennis Fisher astutely observes, With Mobile Devices, Users Are the Product, Not the Buyer.

Those are the details; now what about the implications?

Debate continues about whether Carrier's IQ is a rootkit and/or spyware. Some have observed that if it's a rootkit, it's a rather poorly-concealed one. But it's been made unkillable, and it harvests keystrokes -- two properties most often associated with malicious software. And there's no question that Carrier IQ really did attempt to suppress Eckhart's publication of his findings.

But even if we grant, for the purpose of argument, that it's not a rootkit and not spyware, it still has an impact on the aggregate system security of the phone: it provides a good deal of pre-existing functionality that any attacker can leverage. In other words, intruding malware doesn't need to implement the vast array of functions that Carrier IQ already has; it just has to activate and tap into them.

Which brings me to a set of questions that probably should have been publicly debated and answered before software like this was installed on an estimated 150 million phones. I'm not talking about the questions that involve the details of Carrier IQ -- because I think we'll get answers to those from researchers and from legal proceedings. I'm talking about larger questions that apply to all phones -- indeed, to all mobile devices -- such as:

• What kind of debugging or performance-monitoring software should be included?
• Who should be responsible for that software's installation? Its maintenance?
• Should the source code for that software be published so that we can all see exactly what it does?
• Should device owners be allowed to turn it off/deinstall it -- or, should they be asked for permission to install it/turn it on?
• Will carriers or manufacturers pay the bandwidth charges for users whose devices transmit this data?
• Should carriers or manufacturers pay phone owners for access to the device owners' data?
• Where's the dividing line between performance-measuring data that can be used to assess and improve services, and personal data? Is there such a dividing line?
• Will data transmission be encrypted? How?
• Will data be anonymized or stripped or otherwise made less personally-identifiable? Will this be done before or after transmission or both? Will this process be full-documented and available for public review?
• What data will be sent -- and will device owners be able to exert some fine-grained control over what and when?
• Who is is responsible for the security of the data gathered?
• Who will have access to that data?
• When will that data be destroyed?
• Who will be accountable if/when security on the data repository is breached?
• What are the privacy implications of such a large collection of diverse data?
• Will it be available to law enforcement agencies? (Actually, I think I can answer that one: "yes". I think it's a given that any such collection of data will be targeted for acquisition by every law enforcement agency in every country. Some of them are bound to get it. See "FBI", above, for a case in point.)

Lots of questions, I know. Perhaps I could summarize that list by asking these three instead: (1) Who owns your mobile device? (2) Who owns the software installed on your mobile device? and (3) Who owns your data?

In cases where your security is at risk, or where we're required to do so for legal reasons, you may not be able to run apps or access content that you previously acquired or purchased a license for.

Dear Mr. Cook:

I write to express my concern with "License" by DriversEd.com, an application available for download in Apple's App Store which can be used to create counterfeit identity documents. I believe this application poses a threat to public safety and national security, and I request that you remove it from the App Store immediately.

By downloading "License", anyone with an iPhone or iPad can easily manufacture a fake driver's license by taking a photo and inserting it into one of fifty state driver's licenses' templates. Users then have a high quality image resembling an actual driver's license which they can easily print, laminate, and use for any number of illegal and fraudulent activities.

"Laminate?"

I may not have done any actual research on this, but I'm fairly sure laminated state IDs went the way of the mimeograph machine and the Fourth Amendment. I'm guessing the only place a laminated ID is valid is at the community college book store and even then, the student discount does not apply to textbooks.

Today's typical state ID is a modern marvel, chock-full of holograms, magnetic strips and a thinly disguised Mark of the Beast.* It takes a bit more than some purloined office supplies to create a passable fake these days and your average inkjet just isn't up to the task.
*Bible Belt only.

Moving on:

While DriversEd.com markets the app as a fun game, it can also be used in a way that allows criminals to create a new identity, steal someone else's identity, or permit underage youth to purchase alcohol or tobacco illegally.

National security systems depend on the trustworthiness of driver's licenses, yet with a counterfeit license created by this app, a terrorist could bypass identity verification by the Transportation Security Administration, or even apply for a passport.

By assisting in the creation of counterfeit driver's licenses, "License" threatens to ease deception by criminals and contribute to the rising problem of identity theft. Given these risks, I request that you remove this application from the App Store immediately, as well as any other available applications that allow users to create, steal or alter false identities.

"I urged Apple to take the responsible step of removing this dangerous app, and I'm pleased that the app is no longer available in the store," Senator Casey said. "As Pennsylvania and states across the country deal with the rising problem of identity theft, tools that facilitate breaking the law should not be available to potential criminals."

"I overreacted to something and now it is gone. We still have our work cut out for us dealing with the rising problem of identity theft and I am sure that pulling this app has done little to nothing towards fighting that problem. Instead, it has given the office of the Senator the appearance of Having Done Something, and in the end, isn't that what really matters?"

By the way, it cannot be turned off without rooting the phone and replacing the operating system. And even if you stop paying for wireless service from your carrier and decide to just use Wi-Fi, your device still reports to Carrier IQ.

It’s not even clear what privacy policy covers this. Is it Carrier IQ’s, your carrier’s or your phone manufacturer’s? And, perhaps, most important, is sending your communications to Carrier IQ a violation of the federal government’s ban on wiretapping?

And even more obvious, Eckhart wonders why aren’t mobile-phone customers informed of this rootkit and given a way to opt out?

"There are more than 1,600 words in the list including indecent language, expletives, swear words, slang etc, which have to be filtered. The filtering is not good for the system and may degrade the quality of network services-plus it would be a great inconvenience to our subscribers if their SMS was not delivered due to the wrong choice of words"

Inveterate masturbators will be thrilled to learn that many variations have been banned (mastabater, masterbate, mastrabator) but the original, correctly spelled version lives on. Sadly, inveterate jokesters will have to make do without their precious, um, "pun tang."

Neon Deon. Rae Carruth. (Apparently, the Pakistani government has something against flashy/homicidal football players, not to mention the defunct XFL ("he hate me/hehateme")).

"Tongue" gets twisted as well, appearing on the list as "tonge," "toung" and "tounge." #1072-1074 are apparently intentionally left blank.

All in all, a very dirty and plentiful list. One can almost imagine the censoring group giggling childishly long into the night while coming (I KNOW) up with this list.

Many Pakistanis have taken to the internet to express their displeasure with having their constitutional free speech rights violated. Of course, officials are quick to point out that this censorship is "for the children."

Mohammad Younis, a PTA spokesman claims the ban was a "result of numerous meetings and consultations with stakeholders," and went on to point out that "nobody would like this happening to their young boy or girl."

Mr. Younis also added that the list was never intended to be distributed publicly and was only intended to be used for testing purposes.

“Whatever content we distribute we want to be in control of that,” he said. “I think obviously, any company wants to be responsible for the information that gets distributed.”

With respect to your allegations of copyright infringement, Mr. Eckhart’s analysis and publication of Carrier IQ’s training materials is a classic fair use and, therefore, non-infringing. 17 U.S.C. § 107 (“the fair use of a copyrighted work . . . for purposes such as criticism, comment, news reporting . . . or research, is not an infringement of copyright.”). Courts generally consider four factors in a fair use analysis: 1) the purpose and character of the use, 2) the nature of the copyrighted work, 3) the amount and substantiality of the portion used, and 4) the effect of the use on the potential market for the work. Id.; Campbell v. Acuff-Rose Music, 510 U.S. 569, 577 (1994). Each of these factors favors Mr. Eckhart.

You also claim that Mr. Eckhart published “false allegations” that are “without substance,” “untrue,” and that Carrier IQ considers “damaging to [its] reputation and the reputation of [its] customers.” We have repeatedly asked you to specify the statements you believe are actionable. You have failed to do so, and have instead merely repeated your broad accusations. We believe you are not able to substantiate your allegations because Mr. Eckhart’s factual findings are true. If you are able to specify any statement that you believe is false, Mr. Eckhart will be happy to provide you with the documentation of that finding.

Moreover, your client is a public figure. Under well-established Supreme Court precedent, commentary and criticism regarding Carrier IQ’s professional activities receive additional protections under the First Amendment, because there is a heightened public interest in facilitating such speech. See, e.g., New York Times Co. v. Sullivan, 376 U.S. 254, 270 (1964); Hustler Magazine v. Falwell, 485 U.S. 46 (1988).

As, of today, we are withdrawing our cease and desist letter to Mr. Trevor Eckhart. We have reached out to Mr. Eckhart and the Electronic Frontier Foundation (EFF) to apologize. Our action was misguided and we are deeply sorry for any concern or trouble that our letter may have caused Mr. Eckhart. We sincerely appreciate and respect EFF’s work on his behalf, and share their commitment to protecting free speech in a rapidly changing technological world.

When the government requests records from cellular services, data disclosing the location of the telephone at the time of particular calls may be acquired only by a warrant issued on probable cause. U.S. Const., amend. 4. The records show the date, time, called number, and location of the telephone when the call was made. These data are constitutionally protected from this intrusion. The standard under the Stored Communications Act, 18 U.S.C. § 2703(d), is below that required by the Constitution.

The patents, we read, "cover only arbitrary, outmoded and non-essential design features" and yet Microsoft is demanding "prohibitively expensive licensing fees", in effect asserting "veto power" over Android's features. One aspect of the license, Barnes & Noble tells us, was a demand to control design elements, requiring designers to adhere to specific hardware and software specifications in order to obtain a license. That, Barnes & Noble says, is "oppressive and anticompetitive". I think it's accurate to say that the company believes it is illegal.

Barnes & Noble asserts that Microsoft is attempting "to use patents to drive open source software out of the market," saying it, in essence, is acting like a patent troll, threatening companies using Android with a destructive and anticompetitive choice: pay Microsoft exorbitant rates for patents, some trivial and others ridiculously invalid or clearly not infringed, or spend a fortune on litigation.

Instead of focusing on innovation and the development of new products for consumers, Microsoft has decided to invest its efforts into driving open source developers from the mobile operating systems market. Through the use of offensive licensing agreements and the demand for unreasonable licensing fees, Microsoft is hindering creativity in the mobile operating systems market.... Through the use of oppressive licensing terms that amount to a veto power over a wide variety of innovative features in Android devices of all kinds, as well as its prohibitively expensive licensing fees, Microsoft is attempting to push open source software developers out of the market altogether.

Carrier IQ is used to understand what problems customers are having with our network or devices so we can take action to improve service quality.

It collects enough information to understand the customer experience with devices on our network and how to devise solutions to use and connection problems. We do not and cannot look at the contents of messages, photos, videos, etc., using this tool

“I’m mad,” he says. “I report bugs to them all the time. Being part of the developer program helps me do that. They’re hurting themselves, and making my life harder.”

First, there are over eight hundred relevant patents that precede the ‘721 by a year, that both Apple and Mr. Gutierrez fail to cite, though 38 of these are owned by Apple themselves. The entities in this relevant space are displayed visually to the right.

In addition, we have a list of 120 related patents, with priority dates of a year before both slide-to-unlock patents, that are in the public domain (read: this technology is FREE TO USE and NOT PATENTABLE AGAIN). A sample of these can be found in Appendix A.

But we’re not done. Going back to the patents the examiner used as evidence to reject the claims of the ‘721 patent – the Tokkonen patent, which is owned by Nokia, and the Gauthey patent, which is owned by Asulab (the R&D division of Swatch Group) – we see that they both deal with either inputting a security code or controlling lock functions. We look at one patent that is never acknowledged by Apple (though it’s been cited by IBM, Microsoft and Nokia in their touch-screen patents), U.S. 6,209,104 which actually provides context for the innovations that the examiner thought to be relevant against Apple – patents that include but are far from limited to the patents the examiner actually considered.