e dot dot dot
a mostly about the Internet blog by

May 2018
Sun Mon Tue Wed Thu Fri Sat
   
   


Real Security Begins At Home (On Your Smartphone)

Furnished content.


When the FBI sued Apple a couple of years ago to compel Apple's help in cracking an iPhone 5c belonging to alleged terrorist Syed Rizwan Farook, the lines seemed clearly drawn. On the one hand, the U.S. government was asserting its right (under an 18th-century statutory provision called the All Writs Act) to force Apple to develop and implement technologies enabling the Bureau to gather all the evidence that might possibly be relevant in the San Bernardino terrorist-attack case. On the other, a leading tech company challenged the demand that it help crack the digital-security technologies it had painstakingly developed to protect users a particularly pressing concern given that these days we often have more personal information on our handheld devices than we used to keep in our entire homes.What a difference a couple of years has made. The Department of Justice's Office of Inspector General (OIG) released a report in March on the FBI's internal handling of issue of whether the Bureau truly needed Apple's assistance. The report makes clear that, despite what the Bureau said in its court filings, the FBI hadn't explored every alternative, including consultation with outside technology vendors, in cracking the security of the iPhone in question. The report also seemed to suggest that some department heads in the government agency were less concerned with the information that might be on that particular device than they were with setting a general precedent in court. Their goal? To establish as a legal precedent that Apple and other vendors have a general obligation to develop and apply technologies to crack the very digital security measures they so painstakingly implemented to protect their users.In the aftermath of that report, and in heartening display of bipartisanship, Republican and Democratic members of Congress came together last week to introduce a new bill, the Secure Data Act of 2018, aimed at limiting the ability of federal agencies to seek court orders broadly requiring Apple and other technology vendors to help breach their own security technologies. (The bill would exclude court orders based on the comparatively narrow Communications Assistance to Law Enforcement Acta.k.a. CALEA, passed in 1994--which requires telecommunications companies to assist federal agencies in implementing targeted wiretaps.)This isn't the first time members of Congress in both parties have tried to limit the federal government's ability to demand that tech vendors build "backdoors" into their products. Bills similar to this year's Secure Data Act have been introduced a couple of times before in recent years. What makes this year's bill different, though, is the less-than-flattering light cast by the OIG report. (The bill's sponsors have expressly said as much.) At the very least the report makes clear that the FBI's own bureaucratic handling of the research into whether technical solutions were available to hack the locked iPhone led to both confusion as to what was possible and to delays in resolving that confusion.But worse than that is the report's suggestion that some technologically challenged FBI department heads didn't even know how to frame (or parse) the questions about whether the agency possessed, or had access to, technical solutions to crack the iPhone's problem. And even worse is the report's account that at least some Bureau leaders may not even have wanted to discover such a technical was already availablebecause that discovery could undermine litigation they hoped would establish Apple's (and other vendors') general obligation to hack their own digital security if a court orders them to. As the report puts it:

After the outside vendor successfully demonstrated its technique to the FBI in late March, [Executive Assistant Director Amy] Hess learned of an alleged disagreement between the CEAU [Cryptographic and Electronic Analysis Unit] and ROU [Remote Operations Unit] Chiefs over the use of this technique to exploit the Farook iPhone - the ROU Chief wanted to use capabilities available to national security programs, and the CEAU Chief did not. She became concerned that the CEAU Chief did not seem to want to find a technical solution, and that perhaps he knew of a solution but remained silent in order to pursue his own agenda of obtaining a favorable court ruling against Apple. According to EAD Hess, the problem with the Farook iPhone encryption was the "poster child" case for the Going Dark challenge.
There's a lot to unpack here, and one key question is whether "capabilities available to national security programs" that is, technologies used for FBI's counterintelligence programs can and should be used in pursing criminal investigations and prosecutions. (If such technologies are used in criminal cases, the technologies may have to be revealed as part of court proceedings, which would bother the counterintelligence personnel in the FBI who don't want to publicize the tools they use.) But the case against Apple Inc. was based on a blanket assertion by FBI that neither its technical divisions nor the vendors the agency works with had access to any technical measures to break into Farook's company-issued iPhone. (Farook had destroyed his personal iPhones, and the FBI's eventually successful unlocking of his employer-issued phone apparently produced no evidence relating to the terrorist plot.)Was the problem just bureaucratic miscommunication? The OIG report concludes that this was the fundamental source of internal misunderstandings about whether FBI did have access to technical solutions that didn't require drafting Apple into compelled cooperation to crack their own security. (The report recommends some structural reforms to address this.) And certainly there's evidence in the report that miscommunication plus the occasional lack of technical understanding did create problems within the Bureau.But the OIG report also suggests that some individuals within the Bureau actually may have preferred to be able to argue that the FBI didn't have any alternative but to seek to compel Apple's technical assistance:
The CEAU Chief told the OIG that, after the outside vendor came forward [with a technical solution], he became frustrated that the case against Apple could no longer go forward, and he vented his frustration to the ROU Chief. He acknowledged that during this conversation between the two, he expressed disappointment that the ROU Chief had engaged an outside vendor to assist with the Farook iPhone, asking the ROU Chief, "Why did you do that for?" According to the CEAU Chief, his unit did not ask CEAU's partners to check with their outside vendors. CEAU was only interested in knowing what their partners had in hand - indicating that checking with "everybody" did not include OTD's trusted vendors, at least in the CEAU Chief's mind.
I have to note here, of course, that the FBI has consistently opposed strong encryption and other essential digital-security technologies since the "Crypto Wars" of the 1990s. This isn't due to any significant failures of the agency to acquire evidence it needs; instead, it's due to the FBI's fears that its ability to capture digital evidence of any sort may someday be significantly hindered by encryption and other security tech. That opposition to strong security tech has been baked into FBI culture for a while, and it's at the root of agency's fears of "the Going Dark challenge."Let's be real: it's not clear that encryption will ever be the problem the FBI thinks it is, given that we live in what law professor Peter Swire has called "The Golden Age of Surveillance." But if the day that digital-security technology significantly hinders criminal investigations ever does come, then it would be appropriate for Congress to consider whether CALEA should be updated, or whether a new CALEA-like framework for technology companies like Apple should be enacted.But that day hasn't come yet. That's why I favor passage of the Secure Data Act of 2018 it would limit federal agencies' ability to impose general-purpose technology mandates through the courts' interpretation of a two-century-old ambiguous statute. (Among other features, the Act also would effectively clarify that that the All Writs Act, general-purpose statutory provision from 18th century can't be invoked all by itself to compel technology companies to undermine the very digital security measures they've been working so hard to strengthen.) In the long term, our security (in both cyberspace and meatspace) is going to depend much more on whether we all have technical tools that protect our information and data than it will depend on the FBI's has a legal mandate compelling Apple to hack into our iPhones.Of course, I may be wrong about this. But I share Apple CEO Tim Cook's argument that this public-policy issue ought to be fully debated by our lawmakers, which is a better venue for policy development than a lawsuit filed based on a single dramatic incident like the terrorist attack in San Bernardino.Mike Godwin (@sfmnemonic) is a Distinguished Senior Fellow with R Street Institute.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 22-May-2018
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



HBO Wins Stupid Copyright, Trademark Lawsuit Brought By Graffiti Artist Over 2 Seconds Of Background Scenery

Furnished content.


Whenever a company like HBO gets targeted with a lawsuit over intellectual property concerns, you might think we find it tempting to jump all over them in each and every case. After all, HBO has the distinction of being notably horrible when it comes to enforcing its own IP, from shutting down viewing parties, to offering streaming options, to abusing the the DMCA process just to keep spoilers from existing, as though that could possibly work.But the truth is the fun we have in cases where these types are found to be in legal trouble over intellectual property only extends to when that legal trouble is in some way warranted. When its not, we find that there is a helpful other party on which to heap our ire. That's the case in a lawsuit HBO recently won against graffiti artist Itoffee R. Gayle, who complained about his work appearing in a scene of the HBO show Vinyl. The court ruled that HBO's use was de minimis, or so fleeting so as to cause no injury and therefore not be actionable.But just how fleeting was HBO's use? Well...

One episode of the show included a scene of a woman walking down a street in New York City where she passes by a dumpster tagged with graffiti that says “art we all.” The graffiti artist, Itoffee R. Gayle, claims that this depiction violated his copyright and trademark rights. According to his complaint, HBO never tried to contact him or license the graffiti. Of course, as the court agreed, HBO didn’t actually need to try to contact Gayle and no license fee was needed because not all copying is unlawful.Looking at the use of the graffiti art in the episode, the court notes that Gayle’s claims “are premised on a fleeting shot of barely visible graffiti painted on what appears to be a dumpster in the background of a single scene” and that the art appears for no more than two to three seconds. Two to three seconds. Of an entire episode. Yup, sounds pretty de minimis to me. The court goes on, noting that the graffiti is not pictured by itself or close-up, plays no role in the plot, and “is hard enough to notice when the video is paused at the critical moment. It is next to impossible to notice when viewing the episode in real time.” The judge seems pretty annoyed by the copyright infringement claim, noting that “Gayle’s [claims] border on frivolous.”
I'll say this: the court showed far more patience and restraint than an Honorable Judge Geigner would have to Gayle. To waste the court's time with an argument over both copyright and trademark rights dealing with the background scenery of 2 seconds worth of film is so plainly absurd that anger is the only proper response. This was a clear money-grab and, frankly, one based on a premise of silly. It only takes a moment of backing up and thinking about what motivation HBO had here in using this scenery in this shot to know that nothing untoward was done with Gayle's art. It wasn't a theme, it wasn't featured, it wasn't referenced beyond barely being in the shot. It was entirely incidental.The trademark claim fell for the same reason.
While Gayle attempts to argue that HBO intentionally picked this particular piece of graffiti art to use in the background, the court concludes, “HBO’s motive in depicting the graffiti is irrelevant to the de minimis inquiry.” The copying is not actionable, because its use was so small, even if there was a thematic reason for it. For similar reasons, the court also rejects Gayle’s trademark claims.
It's long past time that courts start issuing some punishment to those that gum up the court system with this sort of bullshit. If nothing else, putting me in the corner of HBO deserves some sort of punitive action.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 22-May-2018
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



May 2018
Sun Mon Tue Wed Thu Fri Sat
   
   







RSS (site)  RSS (path)

ATOM (site)  ATOM (path)

Categories
 - blog home

 - Announcements  (0)
 - Annoyances  (0)
 - Career_Advice  (0)
 - Domains  (0)
 - Downloads  (3)
 - Ecommerce  (0)
 - Fitness  (0)
 - Home_and_Garden  (0)
     - Cooking  (0)
     - Tools  (0)
 - Humor  (0)
 - Notices  (0)
 - Observations  (1)
 - Oddities  (2)
 - Online_Marketing  (0)
     - Affiliates  (1)
     - Merchants  (1)
 - Policy  (3743)
 - Programming  (0)
     - Bookmarklets  (1)
     - Browsers  (1)
     - DHTML  (0)
     - Javascript  (3)
     - PHP  (0)
     - PayPal  (1)
     - Perl  (37)
          - blosxom  (0)
     - Unidata_Universe  (22)
 - Random_Advice  (1)
 - Reading  (0)
     - Books  (0)
     - Ebooks  (0)
     - Magazines  (0)
     - Online_Articles  (5)
 - Resume_or_CV  (1)
 - Reviews  (2)
 - Rhode_Island_USA  (0)
     - Providence  (1)
 - Shop  (0)
 - Sports  (0)
     - Football  (0)
          - Cowboys  (0)
          - Patriots  (0)
     - Futbol  (0)
          - The_Rest  (0)
          - USA  (0)
 - Technology  (1000)
 - Windows  (1)
 - Woodworking  (0)


Archives
 -2024  March  (115)
 -2024  February  (168)
 -2024  January  (146)
 -2023  December  (140)
 -2023  November  (174)
 -2023  October  (156)
 -2023  September  (161)
 -2023  August  (49)
 -2023  July  (40)
 -2023  June  (44)
 -2023  May  (45)
 -2023  April  (45)
 -2023  March  (53)
 -2023  February  (40)


My Sites

 - Millennium3Publishing.com

 - SponsorWorks.net

 - ListBug.com

 - TextEx.net

 - FindAdsHere.com

 - VisitLater.com