Interesting E-mail

[tg1911]

In an E-mail I got from EFF (Electronic Frontier Foundation)

* EFF Joins Forces with Tor Software Project

Civil Liberties Group to Support Development of Anonymous

Internet Communications System

San Francisco - Today EFF announced that it is becoming

a sponsor of Tor, a technology project that helps

organizations and individuals engage in anonymous

communication online.  Tor is a network-within-a-network

that protects communication from a form of surveillance

known as "traffic analysis."

Traffic analysis tracks where data goes and when, as well

as how much is sent, rather than the content of

communications.  Knowing the source and destination of

Internet traffic allows others to track a person's behavior

and interests.  This can impact privacy in obvious and

secondary ways.  For example, an e-commerce site could

choose to charge you more for particular items based on

your country or institution of origin.  It could also

threaten your job or physical safety by revealing who and

where you are.

"EFF is a great organization to work with," said Roger

Dingledine, Tor's project leader, who, along with Nick

Mathewson, is also a core developer.  "EFF understands the

importance of anonymity technology for everyone - from the

average web surfer, to journalists for community sites like

Indymedia, to people living under oppressive regimes.  With

their support and experience, we can focus on making Tor

useful and usable by everyone."

"The Tor project is a perfect fit for EFF, because one of

our primary goals is to protect the privacy and anonymity

of Internet users," said EFF Technology Manager Chris

Palmer.  "Tor can help people exercise their First

Amendment right to free, anonymous speech online.  And

unlike many other security systems, Tor recognizes that

there is no security without user-friendliness - if the

mechanism is not accessible, nobody will use it.  Tor

strikes a balance between performance, usability, and

security."

For the full press release:

http://www.eff.org/news/archives/2004_12.php#002174

Tor Project:

http://tor.eff.org/

Non-technical introduction to Tor:

http://tor.eff.org/overview.html

Technical research paper on how Tor works:

http://tor.eff.org/cvs/tor/doc/design-paper/tor-design.html

Some EFF victories, this year:

* We helped eVisa.com win its fight against the Visa

credit card dynasty over fair use of the word "visa"

in domain names.

* We (with your support) helped derail the government's

CAPPS II passenger-profiling system (although we need

your help to continue to fight its evil reincarnation,

Secure Flight).

* We won the Grokster case in the 9th Circuit. The

Supreme Court has decided to hear this case in March

2005.

* We helped individuals assert their due process rights

in cases brought against them by the recording

industry.

* We put forth our voluntary collective licensing proposal,

explaining how artists could get paid without suing

music lovers.

* We won the case that got Diebold punished for misusing

copyright law.

* We won the Bunner case, which held that republishing

information about reverse engineering was not

prohibited by trade secret law.

* We started a patent busting campaign and identified

the ten most egregious patent threats to technology

and freedom.

* We were a leader in the fight for a verifiable paper

trail on electronic voting machines.

* We expanded our international work, participating in

the Digital Video Broadcasting group and in WIPO.

* We defended Jibjab's fair use of "This Land Is Your

Land" in its presidential parody "This Land" and in

the process learned that the Woody Guthrie song had

fallen into the public domain.

* We defended technologists using smart card readers

from an overzealous DirecTV.

* We (with your support) helped make sure terrible

legislation like the PIRATE Act and the Induce Act

did not pass.

* We drafted a mock legal complaint to show how the

Induce Act would kill off technologies like the

iPod.

* We successfully challenged the Child Online Protection

Act at the Supreme Court.

* We wrote and circulated a paper on best practices for

Online Service Providers.

* We fought the expansion of the DMCA, writing amicus

briefs supporting Skylink's right to make interoperable

garage door openers and Static Control's right to make

aftermarket printer cartridges. (We helped win both

cases.)

* We represented (and continue to represent) Indymedia

in an effort to uncover why their servers were seized

and to assert their First Amendment rights.

* We formed an Advisory Board of some of the smartest

people working on these issues.

9/11 Legislation Launches Misguided Data-Mining and

Domestic Surveillance Schemes

On Friday, President Bush signed into law the Intelligence

Reform and Terrorism Prevention Act of 2004 (IRTPA),

launching several flawed "security" schemes that EFF has

long opposed. The media has focused on turf wars between

the intelligence and defense communities, but the real

story is how IRTPA trades basic rights for the illusion of

security. For instance:

~ Section 1016 - a.k.a. "TIA II" ~

A clause authorizing the creation of a massive "Information

Sharing Environment" (ISE) to link "all appropriate

Federal, State, local, and tribal entities, and the

private sector."

This vast network would link the information in public and

private databases, posing the same kind of threat to

our privacy and freedom that the notorious Terrorism

Information Awareness (TIA) program did. Yet the IRTPA

contains no meaningful safeguards against unchecked data

mining other than directing the President to issue

guidelines. It also includes a definition of "terrorist

information" that is frighteningly broad.

~ Section 4012 and Sections 7201-7220 - a.k.a. "CAPPS III" ~

A number of provisions that provide the statutory basis

for "Secure Flight," the government's third try at a

controversial passenger-screening system that has

consistently failed to pass muster for protecting

passenger privacy.

The basic concept: the government will force commercial

air carriers to hand over your private travel

information and compare it with a "consolidated and

integrated terrorist watchlist." It will also establish

a massive "counterterrorist travel intelligence"

infrastructure that calls for travel data mining

("recognition of travel patterns, tactics, and behavior

exhibited by terrorists").

It's not clear how the government would use the travel

patterns of millions of Americans to catch the

small number of individuals worldwide who are planning

terrorist attacks. In fact, this approach has

been thoroughly debunked by security experts. (See

http://www.schneier.com/essay-052.html.) What is

clear is that the system will create fertile ground

for constitutional violations and the abuse of private

information. The latest Privacy Act notice on

Secure Flight shows that the Transportation Security

Administration (TSA) still doesn't have a plan for

how long the government will keep your private

information, nor has it mapped out adequate

procedures for correcting your "file" if you are

wrongly flagged as a terrorist.

~ Section 6001 - a.k.a. "PATRIOT III" ~

Straight from the infamous "PATRIOT II" draft legislation

leaked to the public last year comes a provision that

allows the government to use secret foreign

intelligence warrants and wiretap orders against

people unconnected to any international terrorist

group or foreign nation. This represents yet another

step in the ongoing destruction of even the most basic

legal protections for those whom the government

suspects are terrorists.

~ Sections 7208-7220 - a.k.a. "Papers, Please" ~

Just as EFF, the ACLU, and a number of other civil

liberties groups feared, IRTPA creates the basis for

a de facto national ID system using biometrics. Driven

by misguided political consensus, the law

calls for a "global standard of identification" and

minimum national standards for birth certificates,

driver's licenses and state ID cards, and Social

Security cards and numbers. It also directs the

Secretary of Homeland Security to establish new

standards for ID for domestic air travelers.

Identification is not security. Indeed, the 9/11

Commission report revealed that a critical stumbling

block in identifying foreign terrorists is the

inability to evaluate *foreign* information and records.

Yet we are placing disproportionate emphasis on

domestic surveillance, opening the door to a

standardized "internal passport" - the hallmark

of a totalitarian regime.

For this piece online:

http://www.eff.org/deeplinks/archives/002172.php

For the Intelligence Reform and Terrorism Prevention Act

of 2004 (IRTPA):

http://news.findlaw.com/usatoday/docs/terr...m/irtpa2004.pdf

If you care about preserving your privacy and basic

constitutional freedoms, help us fight the good fight

by joining EFF today:

https://secure.eff.org/

It's a Small World After All

Ed Felten and Alex Halderman have written a P2P application

in only 15 lines of code to illustrate the futility of

regulating the software. It's called TinyP2P, and it

allows users to create "small world" networks for

sharing files:

http://www.freedom-to-tinker.com/tinyp2p.html

Putting the World's Greatest Libraries Online

Google is working with four university libraries - Stanford,

Michigan, Harvard, and Oxford - and the New York Public

Library in an ambitious plan to scan their holdings

and put them on the Internet:

http://www.eff.org/cgi/tiny?urlID=363

(San Francisco Chronicle)

Apple Makes iPods Incompatible with Harmony

RealNetworks' Harmony music service doesn't work with the

newest iPod software, leaving customers who upgrade with

unplayable files. Aren't the DRM wars great?

http://www.eff.org/cgi/tiny?urlID=357

(CNET)

Sony Picks on Blogger Over Jeopardy Spoiler

When blogger Jason Kottke posted an audio clip of Ken

Jennings' final appearance on Jeopardy, he wasn't

expecting the show's parent company to call in the

lawyers. Sony didn't send nastygrams to the

Washington Post or an ABC affiliate that

disseminated the same info:

http://www.eff.org/cgi/tiny?urlID=350

(Red Herring)