Wanted Man
4th July 2008, 12:02
Judge orders YouTube user viewing records be handed over to ViaCom
4th July 2008 9:47 am
The Viacom/YouTube case has major implications for video & music sharing sites the world over but yesterday’s developments will have far reaching implications for the world in general. Judge Louis Stanton of the U.S. District Court for the Southern District of New York, the judge presiding over the case, has ordered that YouTube’s owners Google hand over the complete record of all it’s users viewing records.
The judgement has lead to an outcry by privacy and data protection activists. The Electronic Frontier Foundation have said that this ruling “erroneously ignores the protections of the federal Video Privacy Protection Act (VPPA), and threatens to expose deeply private information about what videos are watched by YouTube users“.
Viacom have issused statments reassuring YouTube users that their data will be secure. They say “It is unfortunate that we have been compelled to go to court to protect Viacom’s rights and the rights of the artists who work with and depend on us. YouTube and Google have put us in this position by continuing to defend their illegal and irresponsible conduct and profiting from copyright infringement, when they could be implementing the safe and legal user generated content experience they promise.
The Court’s recent decision has triggered concern about what information will be disclosed and how it will be used. Viacom has not asked for and will not be obtaining any personally identifiable information of any user. Any information that we or our outside advisors obtain — which will not include personally identifiable information — will be used exclusively for the purpose of proving our case against You Tube and Google, will be handled subject to a court protective order and in a highly confidential manner.”
Whether Google wins or loses this case it’s clear that internet users data is not as secure and confidential as it once was.
Read the full Reuters article here : Court order on YouTube user data fans privacy fears
http://www.hitsearchlimited.com/news/999876/
I've Seen the Future, and It Has a Kill Switch
Bruce Schneier Email 06.26.08
It used to be that just the entertainment industries wanted to control your computers -- and televisions and iPods and everything else -- to ensure that you didn't violate any copyright rules. But now everyone else wants to get their hooks into your gear.
OnStar will soon include the ability for the police to shut off your engine remotely. Buses are getting the same capability, in case terrorists want to re-enact the movie Speed. The Pentagon wants a kill switch installed on airplanes, and is worried about potential enemies installing kill switches on their own equipment.
Microsoft is doing some of the most creative thinking along these lines, with something it's calling "Digital Manners Policies." According to its patent application, DMP-enabled devices would accept broadcast "orders" limiting capabilities. Cellphones could be remotely set to vibrate mode in restaurants and concert halls, and be turned off on airplanes and in hospitals. Cameras could be prohibited from taking pictures in locker rooms and museums, and recording equipment could be disabled in theaters. Professors finally could prevent students from texting one another during class.
The possibilities are endless, and very dangerous. Making this work involves building a nearly flawless hierarchical system of authority. That's a difficult security problem even in its simplest form. Distributing that system among a variety of different devices -- computers, phones, PDAs, cameras, recorders -- with different firmware and manufacturers, is even more difficult. Not to mention delegating different levels of authority to various agencies, enterprises, industries and individuals, and then enforcing the necessary safeguards.
Once we go down this path -- giving one device authority over other devices -- the security problems start piling up. Who has the authority to limit functionality of my devices, and how do they get that authority? What prevents them from abusing that power? Do I get the ability to override their limitations? In what circumstances, and how? Can they override my override?
How do we prevent this from being abused? Can a burglar, for example, enforce a "no photography" rule and prevent security cameras from working? Can the police enforce the same rule to avoid another Rodney King incident? Do the police get "superuser" devices that cannot be limited, and do they get "supercontroller" devices that can limit anything? How do we ensure that only they get them, and what do we do when the devices inevitably fall into the wrong hands?
It's comparatively easy to make this work in closed specialized systems -- OnStar, airplane avionics, military hardware -- but much more difficult in open-ended systems. If you think Microsoft's vision could possibly be securely designed, all you have to do is look at the dismal effectiveness of the various copy-protection and digital-rights-management systems we've seen over the years. That's a similar capabilities-enforcement mechanism, albeit simpler than these more general systems.
And that's the key to understanding this system. Don't be fooled by the scare stories of wireless devices on airplanes and in hospitals, or visions of a world where no one is yammering loudly on their cellphones in posh restaurants. This is really about media companies wanting to exert their control further over your electronics. They not only want to prevent you from surreptitiously recording movies and concerts, they want your new television to enforce good "manners" on your computer, and not allow it to record any programs. They want your iPod to politely refuse to copy music to a computer other than your own. They want to enforce their legislated definition of manners: to control what you do and when you do it, and to charge you repeatedly for the privilege whenever possible.
"Digital Manners Policies" is a marketing term. Let's call this what it really is: Selective Device Jamming. It's not polite, it's dangerous. It won't make anyone more secure -- or more polite.
---
Bruce Schneier is chief security technology officer of BT, and author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.
http://www.wired.com/politics/security/commentary/securitymatters/2008/06/securitymatters_0626
4th July 2008 9:47 am
The Viacom/YouTube case has major implications for video & music sharing sites the world over but yesterday’s developments will have far reaching implications for the world in general. Judge Louis Stanton of the U.S. District Court for the Southern District of New York, the judge presiding over the case, has ordered that YouTube’s owners Google hand over the complete record of all it’s users viewing records.
The judgement has lead to an outcry by privacy and data protection activists. The Electronic Frontier Foundation have said that this ruling “erroneously ignores the protections of the federal Video Privacy Protection Act (VPPA), and threatens to expose deeply private information about what videos are watched by YouTube users“.
Viacom have issused statments reassuring YouTube users that their data will be secure. They say “It is unfortunate that we have been compelled to go to court to protect Viacom’s rights and the rights of the artists who work with and depend on us. YouTube and Google have put us in this position by continuing to defend their illegal and irresponsible conduct and profiting from copyright infringement, when they could be implementing the safe and legal user generated content experience they promise.
The Court’s recent decision has triggered concern about what information will be disclosed and how it will be used. Viacom has not asked for and will not be obtaining any personally identifiable information of any user. Any information that we or our outside advisors obtain — which will not include personally identifiable information — will be used exclusively for the purpose of proving our case against You Tube and Google, will be handled subject to a court protective order and in a highly confidential manner.”
Whether Google wins or loses this case it’s clear that internet users data is not as secure and confidential as it once was.
Read the full Reuters article here : Court order on YouTube user data fans privacy fears
http://www.hitsearchlimited.com/news/999876/
I've Seen the Future, and It Has a Kill Switch
Bruce Schneier Email 06.26.08
It used to be that just the entertainment industries wanted to control your computers -- and televisions and iPods and everything else -- to ensure that you didn't violate any copyright rules. But now everyone else wants to get their hooks into your gear.
OnStar will soon include the ability for the police to shut off your engine remotely. Buses are getting the same capability, in case terrorists want to re-enact the movie Speed. The Pentagon wants a kill switch installed on airplanes, and is worried about potential enemies installing kill switches on their own equipment.
Microsoft is doing some of the most creative thinking along these lines, with something it's calling "Digital Manners Policies." According to its patent application, DMP-enabled devices would accept broadcast "orders" limiting capabilities. Cellphones could be remotely set to vibrate mode in restaurants and concert halls, and be turned off on airplanes and in hospitals. Cameras could be prohibited from taking pictures in locker rooms and museums, and recording equipment could be disabled in theaters. Professors finally could prevent students from texting one another during class.
The possibilities are endless, and very dangerous. Making this work involves building a nearly flawless hierarchical system of authority. That's a difficult security problem even in its simplest form. Distributing that system among a variety of different devices -- computers, phones, PDAs, cameras, recorders -- with different firmware and manufacturers, is even more difficult. Not to mention delegating different levels of authority to various agencies, enterprises, industries and individuals, and then enforcing the necessary safeguards.
Once we go down this path -- giving one device authority over other devices -- the security problems start piling up. Who has the authority to limit functionality of my devices, and how do they get that authority? What prevents them from abusing that power? Do I get the ability to override their limitations? In what circumstances, and how? Can they override my override?
How do we prevent this from being abused? Can a burglar, for example, enforce a "no photography" rule and prevent security cameras from working? Can the police enforce the same rule to avoid another Rodney King incident? Do the police get "superuser" devices that cannot be limited, and do they get "supercontroller" devices that can limit anything? How do we ensure that only they get them, and what do we do when the devices inevitably fall into the wrong hands?
It's comparatively easy to make this work in closed specialized systems -- OnStar, airplane avionics, military hardware -- but much more difficult in open-ended systems. If you think Microsoft's vision could possibly be securely designed, all you have to do is look at the dismal effectiveness of the various copy-protection and digital-rights-management systems we've seen over the years. That's a similar capabilities-enforcement mechanism, albeit simpler than these more general systems.
And that's the key to understanding this system. Don't be fooled by the scare stories of wireless devices on airplanes and in hospitals, or visions of a world where no one is yammering loudly on their cellphones in posh restaurants. This is really about media companies wanting to exert their control further over your electronics. They not only want to prevent you from surreptitiously recording movies and concerts, they want your new television to enforce good "manners" on your computer, and not allow it to record any programs. They want your iPod to politely refuse to copy music to a computer other than your own. They want to enforce their legislated definition of manners: to control what you do and when you do it, and to charge you repeatedly for the privilege whenever possible.
"Digital Manners Policies" is a marketing term. Let's call this what it really is: Selective Device Jamming. It's not polite, it's dangerous. It won't make anyone more secure -- or more polite.
---
Bruce Schneier is chief security technology officer of BT, and author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.
http://www.wired.com/politics/security/commentary/securitymatters/2008/06/securitymatters_0626