Sure, maybe copyright prevented them from checking the Hacking Team archive. Or maybe not. Perhaps this is the researchers' way of avoiding a copyright lawsuit while still getting the message out, "Hey, y'all might want to look at that stuff. If I was allowed to look, that's sure the place I'd want to look. Yeah, right there in section 7.3. Just a guess."
I don't know how well Mattel is going to do at confirming the identity of the Barbie owners, but I suspect that guy in the apartment across the hall who plays loud music all the time and leaves his WIFI unsecured is gonna be really surprised when child services comes knocking.
Not that I would change a thing about Whitey Bulger's multiple life sentences, but I find more and more that I believe he's telling the truth that Government officials told him he would be immune to prosecution.
'Some may argue that this automated collection of license plates may be dragging some people under the "suspected criminals" umbrella that shouldn't really be there. That's likely true, but this is one of those inescapable outcomes of dragnet operations. They may also argue that turning over this information to the public may cause some of those listed to be subjected to harassment or put them in danger. Also, this may unfortunately be true as well.'
Boggles my mind how they think $15 is a good price point when they offer just a fraction of the number of titles available via Netflix for about half that cost. And, Game of Thrones is simply NOT worth $180 per year. Yikes!
I'd definitely recommend waiting for other providers to offer this at a hugely discounted rate.
The approach of symmetrically encrypting the message once and then encrypting the key multiple times for multiple readers is technically feasible but totally impractical for use as a Golden Key.
1. Why would you assume that you only need to include one Golden Key? If my email went from the US to the UK, wouldn't the GCHQ demand their own ability to read my mail? If I sent a message from the US to my US-citizen friend who happened to be on vacation in Japan, isn't Japan going to want a key? If the email was between two US citizens, maybe DHS and the FBI would someday need to read it, but who's going to stop the NSA from illegally reading my communication? They should have their own key, and my email system shouldn't apply it unless I'm sending the message to an international destination. How's it going to know that? Under current law, the IRS asserts that it doesn't even need a warrant to read emails stored for more than 18 months on an online server; do they get a key so that they can unlock the database of stored, encrypted emails once they're the right age? Where does it stop?
2. Assume there's a single key that can decrypt every email message originating in the US. Every country and bad-ass gang of evil-doers is going to be trying like hell to guess or steal the US public-private key pair. The private key simply won't be private for long. (see point #6, below)
3. Email is useful as an example, but the Government will want to access all communications, because it can't tell whether there's something nefarious happening until it reads the data. (Of course, the NSA just assumes that ALL encrypted messages are of interest.) So, every encrypted communications path will need to provide dozens of golden keys; HTTPS links, VPN channels, financial data links, EVERYTHING.
4. So, now my email system needs to manage not only the public keys for my friends, but also an undefined number of Golden Keys from the various agencies and foreign governments that might potentially, some day have a legal right to read my mail. Ignoring the concern that I now need to extend my trust to many entities to protect their Golden Keys and their stored copies of my emails, who is going to verify that all of these Golden Keys I've received are actually owned by the agencies that are allowed to get copies of my mail? How hard will it be for a bad guy to issue his own key under the guise of a valid eavesdropper, or to hack a government web page and insert his own key instead of the government's key?
6. How frequently will the Golden Keys roll over to a new key? The NSA recommendation for communications security of most classified links is to change the key daily. These Golden Keys are protecting so much data, they should probably be protected at least as high as Top Secret. So, now you need to reissue the government's public key(s) every day. But it's not good practice to store encrypted data when the encryption key has been superceded, so the data storage facility is going to want to decrypt everything as soon as it's intercepted and then maybe bulk encrypt it for long term storage. But heck, ya' might as well scan the info for trigger phrases as long as it's just sitting there in readable form, right? Anyone out there who trusts every government agency, foreign and domestic, to always ignore that temptation?
7. Finally, why would any government invest in such a scheme when it would so easily be thwarted. While reducing the privacy of law-abiding citizens and increasing the risk of HUGE data breaches, this scheme doesn't offer any greater insight into the encrypted communications of people who choose not to use a product that sends a copy of the data to the Golden Key recepients.
These points were framed against the straw man approach of using multiple public keys to share a symmetric key among multiple authorized (or potentially maybe someday authorized) recipients, but all of these issues would remain detractors of any approach that allows third-party access to encrypted communications.
My cellphone invoice and usage records have much more information than necessary for the billing purposes. The plan offers unlimited voice, unlimited text messages, and a multi-gigabyte cap on the data usage.
In the data category, I can view the time and quantity on my bill for my usage. That seems useful, and I can manually compare that with application usage records on my phone to see which application is hogging the bandwidth. No problems here.
But for the voice and text categories, I can view the number for every call or message. I don't need this information, and frankly, I don't see why the wireless company needs it. Sure, capture the total talk time and the total number of messages, but I really don't care to ever see the connection information.
The wireless company may state that they need certain data to accurately model their rate structures, but I suspect they could just as effectively set their rates using random samples of anonymized data plus the larger sets of conglomerate data. Surely they'd save money in several places, especially when printing and mailing my monthly bill (yeah, I'm a dinosaur who wants a paper bill, but I still don't need to be silly wasteful about getting a huge pile of papers that just gets immediately fed to the shredder).
Further, the same logic applies to all the other data they seem to collect, such as which cell towers my phone pings and any other location data shared by my phone. It's not needed for billing me, and they could evaluate tower operations just fine without being able to trace every ping and call back to a specific phone. The irony is that if I ever wanted to view that data about my own devices, I'd probably need to submit more paperwork than they require from the cops.
Already, the popularity is increasing among email services that offer increased privacy. When will I be able to pay a few bucks more (because, of course!) so that my phone company won't regularly store any more data than what is truly needed for billing purposes?
I think we agree; names are not sufficient to indicate a match. Use Soundex, and you'll get too many false positives and piss off the proletariat (the current approach, I believe). My point was that any decent designer of the database would have used a unique identifier, such as the passport or student visa ID. You simply have to have one to travel across the US border. Why are we all going to the trouble and expense of getting passports (with RFIDs, no less), if the system is just going to ignore them in favor of whatever some airline call center operator typed on a flight ticket?
This story doesn't meet the smell test. I find it impossible to believe that the DHS terrorist tracking system isn't using a passport ID or a student visa ID as a key field. Just cannot believe it.
Name misspellings are all too common, even within the english heritage. Barbara or Barbra? Jamie or Jaime? McDonald or MacDonald?
No, this wasn't a typographical error; any halfway decent system would have caught the error by cross-referencing the travel documentation with the DOS database, triggering an alert to double-check the entries just moments after the typo was made. This kind of error only comes from a truly broken system. Or, we're being fed yet another fabricated excuse by an agency that's well known for covering up its mistakes.
Imagine the ugly offspring when you combine this ruling with the recent Texas ruling that the state can request a search warrant after the search is over.
No longer any need to write the secret legal interpretations ahead of time. Keep everything quiet and then only write retroactively effective policies to paper over those situations where the public discovers something fishy. And then keep the details secret, just because you can! Bwaa ha ha ha haaaaah! [/cue maniacal laugh track]
Perhaps an interesting parallel. In the run-up to the Whitey Bulger trial, he wanted to use as a defense that the FBI authorized him to commit murder. The judge responded that it didn't matter whether they did so or not, because it would not have been legal for them to make such a commitment. Therefor, regardless of what he may have been promised by the FBI, he can be prosecuted for the murders.
Would be nice to see Microsoft, Google, Facebook and the telcos finding themselves similarly under the gun in the future. Even though congress passed a law stating that the corporations have immunity (and retroactively, at that!), it would be far from the first time that a law has been overturned when it was found to be unconstitutional.
I carry my blackberry in my front pocket with the keyboard locked, and I still manage to butt dial 911 nearly every month. The phone allows making an "Emergency Call" even when it's supposed to be "locked", a feature that cannot be disabled. Doesn't require pushing any of the keyboard buttons, just the big roller ball. I'm sure it's supposed to be a "feature," but it's sure embarrassing when a very loud voice comes from my pocket asking me the nature of my emergency. Happened three times in one hour, once. I've since learned of a second way to lock the phone, but it gets disabled after receiving a call, so I still make an occassional accidental call to 911 when I forget to re-engage the lockout.
"Your Honor, I would never intentionally infringe upon copyright. I read a news story about warning messages that the studios were posting. I wanted to download one and read it, but I just kept getting these other movies. I watched the whole show, but never saw the warning messages. How could I know what was in the file until after I downloaded it and watched it? I'll never figure out why the studios tried to hide their important message by giving it the same filename as popular movies. Don't they want people to be able to find their message? Of course, I deleted those popular movie files after meticulously confirming that the content I was looking for wasn't part of the files. I guess I'll just have to keep trying."
According to the source article, "Visitors to those sites now are greeted with a banner educating them about how willful copyright infringement is a federal crime, ICE stated."
Awfully nice of ICE to attempt to educate us about Copyright Infringement. Too bad that copyright law has nothing to do with the majority of the sites they shuttered. Selling counterfit merchandise is a Trademark violation. You'd think ICE would be smart enough to recognize that.
Except, repeated demonstrations to the contrary have shown us otherwise.
As noted in several comments, something just doesn't add up in this story. Sure, the library could digitize and then exclusively offer or sell those digitizations. But it just doesn't seem like there's any law, in France or elsewhere, that would prevent any other entity from digitizing another copy of the book(s) or other form of media and then offering that version to the public for free or for sale.
Sounds like the BnF wants to be a bookstore, not a library.
Beyonce could engender huge amounts of popularity if she worked with the Marine Corps Band to release the song into the public domain. The goodwill would probably even spill over to President Obama. Thousands of little league games, high school basketball games, and other venues could use the track to kick off events.
It's not as if she'd ever try to sell this track; might as well make it available in exchange for a long-lasting boost to her name recognition. Might even start a trend.