Why is Reed Hastings bent on killing my privacy?

netflix-vpn-error-collage

“I don’t think we will see any impact.” — Reed Hastings, January 19

“The VPN crackdown is meeting fierce resistance from privacy activists and concerned users, with tens of thousands calling upon the streaming service to reverse its broad VPN ban.”Torrent Freak, Feb 26

~~~

Since Netflix came to Canada in September 2010, I’ve written 51 posts carrying the Netflix tag. I’ve sung the praises of Reed Hastings; objected to the anti-Netflix manipulation of data caps by our incumbents; defended Netflix’s right to operate in Canada over the self-serving protests of our media establishment; and sympathized with Netflix for the archaic treatment meted out to streaming services by the CRTC.

Netflix-6.0-for-iOS-app-icon-smallThe longest pair of posts I’ve ever written (about 6,000 words) was on the attempt by the CRTC and selected media barons to make life as difficult as possible in Canada for Netflix. That was 2011: Get yer grimy paws off my Netflix: Ottawa’s big OTT scam (part 1, June 16; and part 2, June 18).

There was a single exception. I fell off the wagon when Netflix linked arms with Facebook and produced one of the worst privacy policies I’ve ever read: Netflix showing way too much love – for your Facebook data (Oct 2011).

Which brings us to the much bigger privacy problem Netflix has created for itself. Continue reading

Updating the Sony hack: FBI story not selling to crypto experts

sony-hacked-again

***

Here in a nutshell is how things stand a week after my original comments on the hack and Sony’s culpability:

  • Sony Pictures chair Michael Lynton has even more pointedly dodged any responsibility for the damage caused on November 24.
  • FBI director James Comey insists more than ever that North Korea engineered the hack.
  • A high-profile crypto expert, Marc Rogers, has just published a detailed critique of the claims made by the FBI and Sony.

Lynton’s lapses. In an interview last week for ABC News, Chairman Lynton said the following:

“We are the canary in the coal mine, that’s for sure. There’s no playbook for this, so you are in essence trying to look at the situation as it unfolds and make decisions without being able to refer to a lot of you’ve had in the past or other peoples’ experiences. You’re on completely new ground.”

Talk about revisionist history. In case you haven’t read my previous post, I lay out the michael-lynton-sony-2sordid 10-year history of Sony’s experiences in the so-called “coal mine.” Needless to say, Lynton has a vested interest in getting the audience to believe the November 24 attack came out of the blue. That makes him look less like a failed leader, and probably prevents him sinking even further into legal liability. Here are three highlights of the backstory he conveniently overlooks:

  • Sony Pictures itself (not the parent company) was hacked – with many of the same awful results – in the summer of 2011. No, November 24 didn’t happen without any “playbook.”
  • IT consultants hired by Sony Pictures in the summer of 2014 warned of numerous security vulnerabilities in their netwok, which management apparenty ignored.
  • Sony Corp’s fight with the hacker community began all the way back in 2005, with the Sony rootkit scandal, which produced years of conflict and plenty of guideposts to refer to, if the Lynton squad had been paying attention.

Continue reading

The GOP hack: making Kim answer for Sony’s 10-year online war

theinterview-rogen-franco

***

Sony Pictures, the White House and the FBI should get a medal for the greatest political marketing triumph of 2014.

kimjungununiformAfter the horror show following the November 24 hack of Sony Pictures by the Guardians of Peace (GOP), America rallied behind Washington’s theory that Sony was the hapless victim of a Cold War cyberattack. Kim is certainly an easy guy to dislike and no friend of the Americans – no friend of anybody but Kim for that matter. (He comes by it legitimately. His dad and predecessor once had an actor hired to play grandpa Kim Il-sung in a movie role, for which the actor underwent plastic surgery to more closely resemble a Kim; once the shoot was over, the actor was shipped off to a concentration camp.)

The triumph of Cold War marketing over any hint of Sony’s bad behavior is all the more remarkable given the nasty quarrels that have embroiled US stakeholders, press and critics of all stripes. Not to mention the fact that as recently as New Year’s Eve, cryptographer Bruce Schneier and others were still casting doubt on the official claim that the hack was carried out by the Kim regime.

_____________________________________________________________________________

Lining up for The Interview as an exercise in patriotism

“The fact that they’re showing this movie shows that America still has a backbone regardless of the critics,” said Jay Killion, a golf pro who caught a screening at Tower City Cinemas in Cleveland.

Continue reading

The Internet in 2025: 12 reasons to fear our online future (Pew 5)

patel-theverge-internet-is-fuckedBe very afraid: see Nilay Patel’s hard-hitting post in The Verge last week

~~~

The trends are mostly about fragmentation

Or at least the triumph of depth of experience over outreach and a sense of commonality.

This is the 5th and last of my responses from the 2013-14 edition of the Pew/Elon experts survey on the future of the Internet. I only answered 5 of this year’s 8 questions; my four prior responses are these:

The final Pew question was the only one described as open-ended, i.e. it did not begin with the usual Yes/No binary choice. By the time I was done writing my relatively short response, I was seriously depressed. As Free Press president Craig Aaron said to The Verge’s Nilay Patel: “What we need right now is decisive action. We can still unfuck the Internet.” Sure, but where’s decisive action going to come from? The FCC? The CRTC? Questions for another time. Continue reading

The Internet in 2025: security, liberty, privacy (Pew 1)

forster-csec-comic

CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents CBC News, Jan 30, 2014

 ~~~

All I was going to do in this post, as previously advertised, was paste in my reponse to the security, liberty, privacy question on the recent Pew/Elon survey on the future of the Internet (please see previous post if this makes no sense).

Many clusters will resolve to other Airports! Awesome! And no spying on Canadians! Continue reading

The NSA and an escalating battle over Internet privacy

post-beach

Beach at Brighton, UK, August 2013

~~~~

“I would rather have a rectal examination on live TV by a fellow with cold hands than have a Facebook page.” — George Clooney, Sept 2009

“To the engineers, I say this: we built the Internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it.” — Bruce Schneier, Sept 2013

~~~

Update (Sept 9). More evidence of the damage to online privacy politicians can cause without any help from spooks or decryption… TorrentFreak is running a story about British PM David Cameron and his alarming online content filter. Mobile carriers in the UK must have the filter turned on by default to block content that may be considered “harmful” to children. As the story points out: “The filter mainly targets adult-oriented content, but one provider now says that VPN services also fall into this category as they allow kids to bypass age restrictions.” In other words, the use of a VPN service like WiTopia, which I describe at the end of this post, may turn out to be illegal. Without the anonymity provided by tools like VPNs (virtual private networks), the public cannot expect to have any reasonable measure of privacy on the Internet.

Update 2 (Sept 9). ISOC has issued a statement strongly condemning the US government’s attack on the Internet’s core encryption technologies. An excerpt:

“The Internet Society believes that global interoperability and openness of the Internet are pre-requisites for confidence in online interaction; they unlock the Internet as a forum for economic and social progress; and they are founded on basic assumptions of trust. We are deeply concerned that these principles are being eroded and that users’ legitimate expectations of online security are being treated with contempt. … Security is a collective responsibility that involves multiple stakeholders. In this regard, we call on:

  • Those involved in technology research and development: use the openness of standards processes like the IETF to challenge assumptions about security specifications.
  • Those who implement the technology and standards for Internet security: uphold that responsibility in your work, and be mindful of the damage caused by loss of trust.
  • Those who develop products and services that depend on a trusted Internet: secure your own services, and be intolerant of insecurity in the infrastructure on which you depend.”

ssl-3

This summer, the Snowden NSA revelations greatly altered priorities in the battle for an otherwise enduring goal: keeping the Internet secure and open for use by us ordinary folk.

VerizonLogo1True, some things never change. Persistently the enemy of reason and fair play, Verizon will have its day in court on September 9, when it begins arguments before the D.C. Circuit as to why the FCC’s network neutrality rules should be torn up into little pieces, cremated and cast into the Chesapeake Bay. The carrier claims the FCC has no possible grounds for imposing such rules; is acting capriciously by trying to do so; and is threatening Verizon’s First Amendment rights into the bargain. As Harold Feld of Public Knowledge wrote in his policy blog:

“Just like Verizon FiOS decides whether or not to carry Al Jazeera America, and on what terms, Verizon argues it has the right to decide whether or not to go to AlJazeera.com, and on what terms.”

Abuse as a feature, privacy as a bug

fb-like-2Which brings us to Facebook and another unsettling story about risks to privacy. Facebook has once again given not just movie stars and world-renowned cryptographers like Bruce Schneier but a billion other people compelling reasons to worry about their privacy. Not that this is news. Abusing everyone’s privacy – in part by changing the abuse policy regularly – is a Facebook feature not a bug. This month it’s not even changing policy, just “clarifying” it. As the LA Times noted:

“The new language says users automatically give Facebook the right to use their information unless they specifically deny the company permission to do it. At the same time, Facebook made it more complicated to opt out.”

Continue reading

Infringement assault on TekSavvy: Voltage Trolls come north

Mandatory mittens for men on casual Fridays has been shown to reduce sexual harrassment at Voltage*

***

Some updates and changes (Thursday, December 13)

Monday’s court hearing. Voltage has managed to schedule a hearing at the Federal Court for Monday, December 17, which leaves little time for targeted TekSavvy subscribers to organize their defence. TekSavvy couldn’t notify these customers until it had churned through a huge pile of logs, in order to correlate subscribers with the thousands of numeric IP addresses Voltage dumped on them. And it wasn’t until December 7 that TekSavvy was served with the final Notice of Motion, the document that compels TekSavvy to attend at court where, Voltage hopes, it will be ordered to turn over all relevant customer information so the bullying can proceed.

Many people I’ve talked to seem to have missed the crucial point that TekSavvy itself is not a defendant in this case as it is not liable for any putative infringing activity on its network. In Canada, when a customer requests a file from, say, The Pirate Bay, and the customer’s ISP simply provides the platform over which to have the file delivered, that ISP is deemed to be acting as a mere carrier. The ISP is not deemed to be a “user” nor considered to be “authorizing” the download. Hence TekSavvy is not a defendant in the Voltage claim. I raise this point simply so that interested parties, especially possible defendants, are clear on TekSavvy’s legal standing in this action. Continue reading

Sorry, no meds for you today

***

***

On hiatus

<and we’re back, despite the hack>

Appearances in your recent Google searches notwithstanding, no, I have not been operating an online pharmaceutical venture offering you controlled substances without all the fuss and bother of consulting a physician, not to mention coughing up the money to pay for them. Not enough fun in your life? Need a lift? You’ve come to the wrong place.

Imagine my surprise the other day when I was testing out some key words I use in this blog – and discovered a stream of first-page Google hits directing visitors to hot deals on Vic*din and Vi*gra. Suddenly, entering the semantic field surrounding www.davidellis.ca was like getting a free trip to Mexico, if you get my drift. I got hacked, but good.

(Nor can I help with your birth control needs...)

Continue reading