Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

EFF: the Final Leaked TPP Text Is All That We Feared ( 181

An anonymous reader writes: Wikileaks has released the finalized Intellectual Property text of the Trans-Pacific Partnership (TPP), which international negotiators agreed upon a few days ago. Unfortunately, it contains many of the consumer-hostile provisions that so many organizations spoke out against beforehand. This includes the extension of the copyright term to life plus 70 years, and a ban on the circumvention of DRM. The EFF says, "If you dig deeper, you'll notice that all of the provisions that recognize the rights of the public are non-binding, whereas almost everything that benefits rightsholders is binding. That paragraph on the public domain, for example, used to be much stronger in the first leaked draft, with specific obligations to identify, preserve and promote access to public domain material. All of that has now been lost in favor of a feeble, feel-good platitude that imposes no concrete obligations on the TPP parties whatsoever." The EFF walks us through all the other awful provisions as well — it's quite a lengthy analysis.

Comment Re:Wow. Talk about misreading, and missing the poi (Score 0) 103

Yeah, and guess what?

Smith v Maryland (1979) says that phone call records, as "business records" provided to a third party, do not have an expectation of privacy, and are not covered by the Fourth Amendment. And the only data within that haystack that we care about are the foreign intelligence needles. I know that's difficult to comprehend, but it's the law of the land, unless and until SCOTUS reverses that ruling. And they very well may.

Until that happens, "We're pretty aggressive within the law. As a professional, Iâ(TM)m troubled if I'm not using the full authority allowed by law." -- General Michael Hayden

Comment Re:Correct. Including the US government. (Score -1, Troll) 103

Here's your mistake, and the mistake of everyone who thinks the way you do:

You cherry-pick examples of abuse -- and that's exactly what it is, illegal abuse -- and extrapolate it, in your mind, to being a systemic problem. You imagine it's happening all the time, and that people just sit around at their desks looking up their friends, girlfriends, neighbors, and ex-spouses for fun.

You then cherry-pick completely unrelated, long-ago-condemned examples of things that happened decades ago under the Hoover FBI, which is about 180 degrees opposite from what NSA does for foreign intelligence, and before there was any semblance of anything that could remotely be called intel oversight, and pretend it's exactly the same.

Your mistake is that you think isolated examples of abuse are not isolated, without proof; then you believe that any such examples indicate what, to you, is obviously a systemic, widespread problem. Abuse will ALWAYS happen, and it will never stop. This is true at all levels of government, and anywhere a human being exists. The answer to that is oversight (something you also think doesn't exist, but is actually so overbearing and restrictive that if you could actually witness it, you wouldn't believe it), not removing any authority that "could" be abused, because then we would necessarily have to remove them all.

Yes, intentional abuse, unintentional abuse, simple mistakes, human or machine error, and all manner of things happen in intelligence work. And those errors are such a vanishingly small proportion of what NSA does that it is nearly zero -- and they are still taken seriously. In fact, this is one of the single most important things drilled into anyone doing foreign SIGINT, military or civilian, every single day. It's not some kind of a joke.

I hate to break it to you, but how things actually work might disappoint you if you think there is rampant abuse everywhere.

Comment Wow. Talk about misreading, and missing the point. (Score 0, Troll) 103

And there you have it ladies and gentlemen ... you have nothing to fear if you have nothing to hide.

No. That's not what I said, at all.

What I said was -- all arguments about crypto aside -- was precisely what I said:

If you're an American (or frankly, any innocent person) anywhere in the world who isn't an active member of a foreign terrorist organization or an agent of a foreign power, the Intelligence Community DOES NOT CARE ABOUT and actually DOES NOT WANT your data.

That is in no way, shape, or form akin to saying, "you have nothing to fear if you have nothing to hide." It is not making an argument that the government "should" have your data. It is saying that the Intelligence Community, in the form of the foreign intelligence agencies, does not want your data -- doesn't want to touch it, doesn't want to see it, doesn't want to read it, whether it's encrypted or not. And no, using crypto does not "make you a suspect". (And the FBI doesn't want the data of innocent people, either. What the FBI wishes for is a state of affairs where criminals for whom exist actual individualized warrants wouldn't be able to employ the digital equivalent of an impenetrable fortress, out of reach of the legitimate authority of enforcement mechanisms in a democratic society. But it may have to come to terms with that reality.)

If you believe you defend these things by undermining what they actually mean, then I'm afraid you don't deserve to have these things defended since you've already given up on them.

Talk about missing the point. You are basing your entire argument on a false premise, and false assumption of what you believe my argument to be; namely, that we should be giving up our rights in order to protect them. Not only am I not making that argument, I am making the precise opposite: that if you believe those rights are important, you need to understand that we can and do take steps to execute military and intelligence actions against our adversaries, whether they be terrorists or nation-states.

You crow about all these rights you think you and Americans, collectively, have "given up", when in reality, nothing substantive has actually changed (oh, I realize you think it's changed, and that you're living in a borderline police state). You believe your rights are being trampled, when you are, from a real and practical standpoint, more free while living in organized, civil society than any other people throughout history -- at least as free as is possible without living in a vacuum with no connection to humanity.

You hold out WWII codebreakers as heroes, practically idolizing them, and vilify the modern day equivalent, while ignoring the reality that US adversaries coexist in the same web of global digital communications as we do, utilizing the same devices, systems, services, networks, operating systems, encryption standards, and so on, and then act surprised when elements of the US government actually dare develop ways to exploit those systems, just because Americans also happen to use them -- totally misunderstanding the landscape.

This is exactly what I am talking about when I say people need to gain some perspective on history, or reality. Either would do.

Comment Correct. Including the US government. (Score 1, Troll) 103

And two former DIRNSAs agree.

So does ADM Rogers -- except that every interpretation of various US officials' arguments on encryption wildly conflate multiple issues (such as domestic law enforcement, which can and does sometimes have a foreign intelligence connection, and foreign signals intelligence purposes), or utterly misunderstand the purpose, function, and targets of foreign intelligence.

Yes, I know you (not OP, the "royal you") think you know it all, because you have taken things you think of as "proof" utterly out-of-context with zero understanding about things like foreign SIGINT actually works, and have seen 3-4 unrelated pieces of a 1000 piece puzzle, with some of those pieces actually parts of different puzzles, and believe you have the full picture.

People continually and willfully seem to want to forget or ignore that actual, no-shit foreign intelligence targets also -- gasp! -- use things like iPhones, Gmail, Hotmail, WhatsApp, and so on. And, when foreign intelligence targets use these modes of communication, amazingly, we actually want to target them.

If you're an American (or frankly, any innocent person) anywhere in the world who isn't an active member of a foreign terrorist organization or an agent of a foreign power, the Intelligence Community DOES NOT CARE ABOUT and actually DOES NOT WANT your data. Sounds crazy and bizarre for foreign intelligence agencies to care about things like foreign intelligence, I know, but it's true. Weird!

I guess it's easier to believe that functioning democracies* all are constantly looking for ways to illegally spy on their own citizens who have done nothing wrong, rather than to believe that intelligence work in the digital age where the only distinction is no longer the physical location or even the technology used, but simply the target -- the person at the other end, is actually extremely complicated, and not fun.

* If you don't think the Western liberal democracies of the world are worth a shit, or laugh at the term "functioning democracies" when used in reference to the US, warts and all, that simply means you have lost all perspective of reality, and are part of the problem. And it will be to our peril, because there actually are governments in the world who do spy on their own citizens, and wherein the people don't have anywhere NEAR the level of freedoms we have, no matter how terrible you think we are. And guess what? It's our national security and intelligence apparatus that we use to defend ourselves. If you're now so jaded that you don't actually believe the US and its allies, and their principles, are something worth defending and fighting for, then everything I have said here means nothing to you anyway. Just be advised that your perception of history and reality is fatally skewed.

Comment Re: ZFS is nice... (Score 1) 269

But it's combined by the user at runtime, not by canocal. The GPL allows an end users to do this.

This is a way that people kid themselves about the GPL. If the user were really porting ZFS on their own, combining the work and never distributing it, that would work. But the user isn't combining it. The Ubuntu developer is creating instructions which explicitly load the driver into the kernel. These instructions are either a link script that references the kernel, or a pre-linked dynamic module. Creating those instructions and distributing them to the user is tantamount to performing the act on the user's system, under your control rather than the user's.

To show this with an analogy, suppose you placed a bomb in the user's system which would go off when they loaded the ZFS module. But Judge, you might say, I am innocent because the victim is actually the person who set off the bomb. All I did was distribute a harmless unexploded bomb.

So, it's clear that you can perform actions that have effects later in time and at a different place that are your action rather than the user's. That is what building a dynamic module or linking scripts does.

There is also the problem that the pieces, Linux and ZFS, are probably distributed together. There is specific language in the GPL to catch that.

A lot of people don't realize what they get charged with when they violate the GPL (or any license). They don't get charged with violating the license terms. They are charged with copyright infringement, and their defense is that they have a license. So, the defense has to prove that they were in conformance with every license term.

This is another situation where I would have a pretty easy time making the programmer look bad when they are deposed.

Comment Re:ZFS is nice... (Score 1) 269

Uh, that doesn't work. The problem is that doing exactly what you've written down is contriving to avoid your copyright responsibility by deliberately creating a structure in someone else's work which you believe would be a copyright insulator. If you went ahead and did this (I'm not saying that you personally would be the one at Ubuntu to do so), I'd love to be there when you are deposed. Part of my business is to feed attorneys questions when they cross-examine you. I have in a similar situation made a programmer look really bad, and the parties settled as soon as they saw the deposition and my expert report. See also my comment regarding how Oracle v. Google has changed this issue. You can't count on an API to be a copyright insulator in any context any longer.

Comment Re:ZFS is nice... (Score 1) 269

I think you need to look at this in the context of the appeal of Oracle v. Google. We had a concept of an API being a boundary of copyright based on 17 CFR 102(b) and elucidated by Judge Walker's finding in CAI v. Altai. That stood for a long time. But Oracle v. Google essentially overturned it and we're still waiting to see what the lower court does in response.

Comment CDDL and GPL don't mix (Score 3, Informative) 269

Regardless of what Ubuntu has convinced themselves of, in this context the ZFS filesystem driver would be an unlicensed derivative work. If they don't want it to be so, it needs to be in user-mode instead of loaded into the kernel address space and using unexported APIs of the kernel.

A lot of people try to deceive themselves (and you) that they can do silly things, like putting an API between software under two licenses, and that such an API becomes a "computer condom" that protects you from the GPL. This rationale was never true and was overturned by the court in the appeal of Oracle v. Google.

Don't sweat it -- it's only ones and zeros. -- P. Skelly