Sony Pushes the Envelope

Orin Kerr eviscerates Sony’s legal maneuvers against the people who broke the PS3’s encryption:

I realize the complaint characterizes the defendants as hackers, and the CFAA is supposed to be about hacking. But think for a moment about the nature of this claim. You bought the computer. You own it. You can sell it. You can light it on fire. You can bring it to the ocean, put it on a life raft, and push it out to sea. But if you dare do anything that violates the fine print of the license that the manufacturer is trying to impose, then you’re guilty of trespassing onto your own property. And it’s not just a civil wrong, it’s a crime. And according to the motion for a TRO, it’s not just a crime, it’s a serious felony crime.

The FBI Wants to Monitor Your Web Browsing

Declan McCullagh has a detailed analysis of FBI Director Robert Mueller’s recent Congressional testimony in which he asked for greatly expanded surveillance powers. Currently the FBI has the technical ability to monitor just about everything that goes over the Internet, but they need to get a warrant (or a secret National Security Letter) in order to do so.

Mueller wants to convince the Internet Service Providers to change they Terms of Service to force their customers to “consent” to having the FBI monitor everything they do without a warrant. If the ISPs refuse (as they probably would for fear of lawsuits) then he wants Congress to pass legislation requiring it.

He justifies this by invoking the usual suspects (terrorism and cyberattacks) but of course the surveillance would be quickly extended to cover lesser crimes like copyright violation. It is amusing to imagine the FBI locking up millions of file sharers, but probably they would just prosecute a small number of people to serve as examples.

E-voting vendor blocks security audit with legal threats

Problem: the voting machines report numbers that don’t add up.

Attempted solution: local authorites commision an independent audit of the machines to determine the source of the problem.

Checkmate: the vendor prevents the audit by threatening to sue to protect its “Intellectual Property.”

Story on Ars Technica.

This is exactly why all voting machines should be required to use open source software throughout: to make sure that effective audits will always be possible. Of course no commercially available voting machines actually do this. As always the industry’s motto is “Trust us. Shut up. Just trust us.”

UPDATE: A judge orders the review to proceed, although the report won’t be available in time to do anything about it before the November elections.

Comcast Packet Forgery

The latest flap about “net neutrality” started with a test by the Associated Press which found evidence that Comcast is slowing BitTorrent traffic over its network.

If this were really a story about “net neutrality” the report would say that Comcast is identifying BitTorrent packets and transmitting them with lower priority so that they arrive more slowly. But what they actually found is much more disturbing. Comcast actually appears to be generating forged TCP Reset packets from the sender and receiver to trick them into dropping the connection.
Continue reading