Category Archives: Technology and information policy

This is the category for legal and public policy issues about technology.

The War of the Androids

Google vs. Samsung

Samsung owns the vast majority of the market share for Android, 29.6% in fact.  That may not seem like a big number, but it dominates the competitors: in Q4 2013 alone Samsung shipped 86 million phones.  That’s on top of a platform that already owns the vast majority of smartphone OS market share at a good 81%.  This puts Samsung in a very good position to dictate what the current state of Android is….and it’s very far removed from creator Google’s vision.

It starts with Touchwiz as pointed out in a recent Forbes article.  A Samsung technology to provide a new user experience and frontend to Android that replaces or adds many different features to the Android smartphone.  Some good, some bad….while many critics argue that Touchwiz is a terrible and bloated interface, you can’t argue with sales numbers and hardware.  This extended to other Samsung products including it’s popular television sets and a new OS in development at Samsung to replace Android: Tizen.  But that hides the core of the “Android experience” as it’s been dubbed in the media.  And Google wants Samsung to sit down, shut-up and keep licensing Google technology.

This is where Motorola came into play.

Acquiring Motorola for 12.5 billion dollars and then selling it for 2.91 billion on the surface seems like a bad business decision.  And surely enough there were many pundits that made that call.  But what the majority are forgetting are the numerous patents acquired from the sale for mobile technology (around 17,000 to be precise).  This sale occurred in 2011.  A few years later, Google decided to use Motorola to teach Samsung a lesson.

Enter the Motorola Droid RAZR, X and G.  Three popular phones that run almost bare stock Android.  The purpose of these phones were simple, show users what fast, simple Android could do on it’s own.  Google also began focusing more effort on the Nexus line, dropping Samsung as the manufacturer and taking on LG to release the Nexus 4.

Clearly the growing popularity of these phones and the market share of Motorola under Google was threatening to Samsung.  So they decided to cut a deal in which they would license Google technology for 10 years.  Effectively cutting off Tizen and with promises that Samsung would stop cutting out stock Android apps for it’s own Touchwiz interface.

The next day, Lenovo bought Motorola from Google for 2.91 billion dollars.

TPP and What Could Come From It

TPP stands for the Trans-Pacific Partnership, which is a trade agreement between Australia, Brunei, Chile, Canada, Japan, Malaysia, Mexico, New Zealand, Peru, Singapore, Vietnam, and the United States. Many people draw similar to this international trade agreement to the controversial NAFTA agreement. NAFTA was known to provide little benefit to signatories Mexico and Canada, but assisted major US corporations greatly. Much of the negotiation behind TPP has been dealt in secrecy, from even the majority of Congress, and have been conducted by the White House and lobbyists. Sen. Wyden, who is the chairman of the International Trade subcommittee, stated, “The majority of Congress is being kept in the dark as to the substance of the TPP negotiations, while representatives of U.S. corporations – like Halliburton, Chevron, PHRMA, Comcast, and the Motion Picture Association of America – are being consulted and made privy to details of the agreement.” A good portion of the public was kept in the dark about these negotiations until portions of the treaty’s draft have been leaked through Wikileaks, in November of 2013. TPP is major agreement with many different provisions, however, what is subjectively most concerning is how it would affect ISPs, intellectual property, and all Internet users.

The major points of concern behind TPP:

-The TPP will alter existing US intellectual property laws.

-Copyright holders now have control over temporary copies, holding ISPs responsible for cached versions of files, despite the difficulty in controlling those.

-Copyright holders do not have to prove irreparable harm in court.

-Using software to bypass a software lock, even for what is currently legal use, could now be criminalized

-TPP’s intellectual property laws are also of concern in the medical field, particularly those developing pharmaceuticals and medical technology.

-Signatories of these treaties will have intellectual property laws similar, and consequently just as strict, to the US’s legal code

This is just a brief summary of what could stem from TPP, however, I am interested in hearing your opinions on the subject. If there is any information I got wrong or missed, please feel free to contribute that as well.

ACLU: https://www.aclu.org/blog/free-speech-technology-and-liberty-national-security/biggest-threat-free-speech-and

Russia Today: http://rt.com/usa/wikileaks-tpp-ip-dotcom-670/

Wikileaks TPP: http://wikileaks.org/tpp/

Electronic Frontier Foundation: https://www.eff.org/issues/tpp

Here is an infographic I found, however I cannot vouch for its accuracy.

1389983446853

 

 

For OSU, Android APK files should be available outside Google Play

It’s been a long time since anyone has posted, and a lot has happened since the end of Spring semester (i.e., NSA leaks, Snowden, etc.). However, I just had a small thing that I thought belonged here.

I have a tablet on which I am running CyanogenMod, which is the most widely-used open-source distribution of an Android-like system. On Cyanogenmod, you can install all the standard Google apps, like GMail, Google Maps, and the Play Store, but you don’t have to. One thing about the Google apps is that, for full functionality, most require that you associate your device with a Google account. I don’t really want to do that with this device. Hence, I don’t use the Play Store. Most of the apps I want are available on F-Droid anyway. For the few remaining apps I want, I have been able to download the APK files from elsewhere.

To get on the OSU Wireless Network, the recommended method is to use the OSU Wireless Setup utility. However, this is available only through the Google Play Store. (I assume that manual configuration is also possible, though I have not tried.) I think this is inappropriate. So, I just filed this complaint with the OSU IT service desk:

Dear service desk,

Please do not require the OSU community to use the Google Play Store to get the OSU Wireless Setup app for Android. You should provide users with the APK file so that, if they choose, they can download and install the app themselves without the Play Store. The Play Store should be an option, not a requirement.

As you know, the Google Play Store requires users to sign up for a Google account and register their Android devices with Google. I realize that most people do this anyway, but some of us do not want to do this. The recommended method of connecting to the OSU wireless network should not require users to have a relationship with any specific corporation.

Please make the APK file for the wireless setup utility available for all users on an OSU website.

In the mean time, could you please e-mail me the APK file for the OSU Wireless Setup utility for Android?

Thanks,
Owen

Note that OSU does offer Android-specific instructions for connecting to osuwireless. (In fact, it looks like the screenshots are taken from a device running CyanogenMod!) However, at the bottom of the page it says, “Important: If you were unable to connect successfully with the instructions above, please try using the wireless configuration utility for Android.”

This is part of a disturbing trend of organizations assuming reliance on Google. There are many free apps that should be available outside the Play Store, but aren’t — simply because developers assume everyone will use the Play Store. If it ever got to the point where use of University services required use of Google, that would be worrisome.

Konomark

When I was doing research for my paper, I came across the Konomark mark on Museum of Intellectual Property website.

Most rights sharable. Just e-mail me and ask. Learn more at konomark.org

Instead of using something like the Creative Commons, where you provide a set licenses for your work, the Konomark serves as a signal that you would be open to sharing if contacted but allow you to deny any requests. Making it a case by case version of the creative commons license instead of blanket sharing.

What is the konomark philosophy?

The konomark philosophy is that it’s often a good idea to share copyrighted content for free, even though there are many circumstances under which even extremely generous people understandably deny permission. For example, if someone wants to use your snapshot from your trip to London to illustrate a blog post, you’re probably fine with that. But if some high-end fashion magazine wanted to use your photo, you’d probably want them to pay you for it.

I wondered if anyone else has see this symbol before or any other versions of Creative Commons like projects with Intellectual property.

(This blog post is now “license” under Konomark. (C) 2013 Most Rights Sharable.)

Printer Unique Identification Technology

According to this article the Electronic Frontier Foundation (EFF) has been aware of and alerting the public to unique printer identification or “printer dots” since about 2004. It goes on to state that the companies who have implemented this have done so of free will and in collusion with the United States government. The EFF has kindly provided a list of printers that have been tested for “anomalous yellow dots” that indicate unique identification. This article explains what the results mean and how they were obtained as to expose their methodology to as much scrutiny as possible. According to this document obtained by the EFF through a Freedom of Information Act request Canon, Brother, Casio, Hewlett-Packard, Konica, Minolta, Mita, Ricoh, Sharp, and Xerox are complicit in these acts.

The implementation of a tracking device, especially without informing the citizen/consumer of its existence, is very troubling because it directly violates the right to anonymous, free speech, a pillar of our cultural identity. A more troubling idea is that not only can the government read and interrupt this data, but so can anybody with the knowledge to do so which includes _AT LEAST_ the a handful of people in each of the above mentioned companies. This also opens the door for a person or persons to forge a paper from another persons printer and use it against them while being much harder to detect or disprove.

Interestingly enough act utilitarianism could plausibly used to justify this, especially since most people are ignorant of this fact, but the more applicable idea of moral rights theory is in a strange stalemate depending on who is asked. Founding father Ben Franklin stated “[s]ell not virtue to purchase wealth, nor Liberty to purchase power,” or more colloquially, “[h]e who sacrifices freedom for security deserves neither.”

Are the freedoms sacrificed worth the security gained?

Violating Terms of Service could be criminal

The Department of Justice has in the past taken the stance that violating the terms of service of a website is a criminal act, such as in the cases US v. Drew and US v. Nosal. With this, many underage people would be violating the law when on the internet, even when they are on news websites. Due to the Children’s Online Privacy Protection and for other reasons, many news sites have it in their terms of service that one has to be 18 or over to view their articles. While this has not yet become legal precedent, there’s a proposal in the House Judiciary Committee to make this a modification to the Computer Fraud and Abuse Act.

Many consider the law as it is too broad and vague, as it allows selective persecution, such as with Aaron Swartz. With the suggested changes, this would make the law extremely prone to abuse, as it applies to such a broad part of the population. I think that this proposal speaks a lot about the disparity between legal policy and technology, and that it goes against the Kantian view of individuals as autonomous moral agents. People should be able to decide for themselves if they want to view the content of a website, though there should exist a method that allows them to know what they might be viewing beforehand, which I think that the terms of service currently exist to fulfill.

Forget about the CyberBunker attack—here’s how to take an entire continent offline

This post is kind of in response to the CyberBunker post. I saw this article somewhere. I don’t remember where?? Anyway, the article mentions how the CyberBunker attack at 300 gigabits per second is being considered the biggest cyber attack in history. However, according to the article three men in Egypt tried to take down 1.28 terabits of the Internet – four times as much bandwidth –  with nothing but an axe. Their identities and motives are unknown at the time of the article, but according to Reuters the Egyptian coastguard intercepted three men trying to cut the SEA-ME-WE 4 undersea cable. It’s one of the major cables connecting Europe to North Africa to Asia.

It’s important to remember that the Internet is not some abstract thing that exists in the cloud always. The connections between countries are very real concrete things. These connections are hundreds of cables that exist beneath the sea floor, and they are susceptible to damage. There are multiple of these connections between countries and continents, but when one is cut the others have to pick up the traffic. This causes congestion.

I think this is an important story. It really shows how fragile somethings we as a modern society are. If I was a bad guy, all I need to do is go into the Atlantic where the ocean isn’t very deep. I just trawl the ocean, find the cable, and make the cut. A few more of those cuts and boom. It’s all over, and that’s not a quick and easy fix. I would imagine that would take quite a while to get things back to normal. We need to make sure we protect our Internet.

Documentary explores 3D printed guns

I know it’s been a while since we’ve talked about this but I recently stumbled on a documentary about the potential of printing assault rifles and high capacity magazines that I don’t believe we’ve talked about yet.

The documentary found here takes a realistic view on the potential of the new and rapidly developing technology. The documentary focus on a 25-year old who is advocating the creation and open distribution of CAD blueprints for various weapon parts and demonstrates their functionality. His main argument is that gun control and bans are futile and pointless due to the availability of new these new technologies(internet + 3D printing). The self-described crypto anarchist uses his own website, along with friends in the field, to host and create new and better pieces available to the open public. Anyone with internet can access these files and anyone with a 3D printer can create these objects. There is a chilling resemblance between his methods of addressing a situation and that of firesheeps’s. He has also recently been approved for a federal firearms license. This means that he will be able to sell his printed guns, as well as host blueprint of the files via his website. No one can predict the impact of this new technology but everyone agrees it is getting easier and cheaper to do. It’s only a matter of time until 3D printers become common household items.

Obviously new technologies bring change but what is the potential for this new technology? Do you think the danger lies with the ability to create a gun at home, the open source nature of the blueprints or both?

Do you agree with Cody’s methods of spreading awareness or do you think he is going too far?

 

 

Two-Step verification added to Apple IDs

While I was perusing the USA Today on my iPhone app today, I saw the article about car privacy, but I also saw this article on apple changing its verification policy for access to purchases on  iTunes or the App Store. Currently users can look around the App Store and select to buy something. Then, so long as users have a credit card linked to their account or money in their Account, they just need to enter in their Apple ID password and the purchase is made. Now, with the new changes when users need to make a purchase they will be sent a four-digit random code to a trusted device they have linked to their account. Then, the users enter in the code to complete the transaction.

I’m not sure how I feel about these new changes. Obviously the intentions of this move are quite code. No body wants to have money stolen from them, but I’m not sure how well these extra security measures actually help. For myself if I want an app odds are I’m away from my computer so they will send me a text message to the phone that I’m ordering the app for, which more than anything else seems just like an inconvenience. I would also like to say that in general I’m not too sure how extra security measures help. Whenever I have to choose a security question for an account, I can either pick a really obscure question, which means that it might be difficult for me to get exactly right later if I lost my password, or I can pick a simple question that anyone could guess if they knew anything about me. I think we as people in the computer industry have a duty to protect our users, but I don’t know how far that duty needs to go. I don’t know? I’m not the most forward thinking person when it comes to my accounts, so I would like to hear what you all have to say.

Facebook withdraws support of CISPA

I found this article on CNET and believe it ties in very nicely with our class discussions about privacy. The Cyber Intelligence Sharing and Protection Act (CISPA) is a proposed law in the USA which would allow the government to “investigate cyber threats and ensure the security of networks against cyberattack” by allowing the government to have access to Internet traffic information from many U.S. companies. The bill would overrule all existing federal and state laws by saying “notwithstanding any other provision of law.” Opponents of the bill say that the bill will “waive every single privacy law ever enacted in the name of cybersecurity” and U.S. Representative Ron Paul has even gone so far as to call the bill “Big Brother writ large.” The bill is supported by many telecommunications and information technology companies such as AT&T, IBM, INTEL, Oracle Corporation, Symantec, and Verizon. Facebook supported the bill until very recently when they withdrew support to promote consumer privacy.

 

I find this bill to be offensive and very much so an invasion of individual privacy. I am supportive of Facebook withdrawing from the bill as I believe it is detrimental to the quality of privacy for American citizens,  although I question Facebook’s motive for withdrawing as they did not withdraw until they went under the heat of a petition created to convince Mark Zuckerberg otherwise. I think it is very possible that Mark Zuckerberg may still support the petition, but is afraid to admit it due to consumer backlash and Facebook’s privacy issues in the past.

 

I think that if you look at the bill from a utilitarian point of view, it results in decreased happiness for all involved. Although some may argue that the decrease in cybercrime may increase happiness for all involved, I do not believe that the bill would be that effective in preventing or stopping crime and would mostly serve to annoy and scare many U.S. citizens.  I believe the bill would be used to prosecute people committing less threatening cybercrimes (downloading illegal music, movies, etc.) much, much more than it would ever have the potential to stop greater cybercrimes (overseas hacking, child abduction, etc.).

I am interested to hear what the rest of you think about this. Also, If you do think this bill would be effective, I encourage you to convince me otherwise.

The State of Cybersecurity in the U.S. Military

TechNewsWorld recently posted an article in which it states that US cybersecurity has shaky foundations and it is not reliable that our “critical information technology systems will work under attack from a sophisticated opponent with good resources.” The Office of Management and Budget (OMB) has just released its 2011 fiscal year report on the implementation if the Federal Information Security Management Act (FISMA) in which it makes the claim that our U.S. Military has major cybersecurity gaps. OMB reports that controlled incidents of attack in 2011 were only detected 49 percent of the time compared to 70 percent in 2010, a staggering decrease. They also report that only 58 percent of the agencies surveyed used email validation technology, compared to 46 percent the in 2010.

 

This article makes me shudder to think how much more vulnerable the cybersecurity of the U.S. government has become since the span of this report (it only covers through 2011 so I am assuming they release these reports a year late). We spend absurd amounts of money on the defense department, so why is it that we are so digitally compromised? Shouldn’t every government agency be using email validation technology? What are the downfalls of using the technology as this report shows that only a little over half of the agencies are using it?  Maybe you guys can answer some of these questions as I am not the most informed in this subject, but this article has definitely made me start to worry what countries like China and North Korea could do if they attempted to penetrate our defenses over the web.

DMCA Has Pushed Its Limits

Recently CNET posted an article exclaiming that Congress may be looking into “defang”-ing DMCA law after a recent incident in which it has angered many members of the American public. According to the article, Congress declared that unlocking your cellphone to use it on another network other than the one you bought it from is illegal. This brought forth incredible opposition from many citizens, so much that a petition was created, got 100,000 signatures, and was received.  The White house is now obliged to respond as 100,000 signatures is the threshold to get the White House to review a petition. CNET believes that this may be the final straw with the DMCA as it goes to show how ridiculous some of the sections of the law are.

 

I personally find it outrageous that it is now illegal to unlock your phone. It is like buying a new car, and being told that if you drive your car with any brand of tire other than Goodyear, you are committing a felony. You own the car. You should have the right to do with it or modify it however you please. It’s one thing to say that the car manufacturer may void your warranty if you use parts not approved for use with your car, but it is outrageous that the government could consider you a felon and fine or jail you because you decided that you like Michelin tires better than Goodyear.

 

That is just my two cents. Let me know what you guys think.

The Foreign Intelligence Surveillance Act of 2008 . . .2012 . . .2017

By a vote of 73 to 23, the US Senate, on December 29, 2012, voted to extend the FISA Amendments Act for five years a.k.a. until December 31, 2017.

(some history real quick)

In 2008, congress passed The Foreign Intelligence Surveillance Act (abbreviated FISA) Amendments Act.  This act by congress was basically seen by the public as yet another link in a long chain-of-reactions aimed at the terrorist attacks that occurred on September 11th, 2001. At its core, the main function of this amendment was to extend the – similar but not quite carbon copy – provisions encompassed by the Protect America Act of 2007. Similar to how certain components of the Patriot Act – particularly ones condemned by the public – have survived thru bill-rehashing and manipulation; it seems that the Protect America Act of 2007 is also becoming an undead bill.

No matter how we argue or protest, the original intent and purpose of this act have survived by taking on the mask of FISA, FISA amendments and now the FISA amendments extension.  And I’m not saying that the entire act is bad or that every provision is controversial, I just want to point out that our words are not being heard and change is not coming anytime soon.

In its most recent context – a 5-4 vote nation’s highest court that definitively ended the case of a group of individuals who said “said their communications were likely being scooped up by the government’s expanded spying powers in violation of their constitutional rights”.  The court ruled – based on the recent extension of the FISA Amendments – that these groups don’t have the right to sue at all, because they can’t prove they were being spied on.

This is a silent problem that affects few United States citizens – but that’s how every landslide starts. I firmly believe that if we don’t stick up for the little guys, we’ll soon all be in their shoes – cursing our ignorance. What do you guys think? Can you think of any other laws or other political agendas that have been similarly manipulated  by The Man?

Koozoo

As technology increases and people get smarter, there will always be a new technology or service that pushes the limits of what is “acceptable” in society. Today, I was reading an article about an new app called Koozoo. Basically, it allows people to stream live video from a phone to anyone using the Koozoo app. Other people can also “tune in” to a video feed to watch what is being broadcasted. Sounds intriguing, right? The creator of Koozoo based this app upon an old website that had a live video stream of a bar in Michigan that people could log onto in order to see if the bar was busy that day or something. Koozoo seeks to be similar, but less complicated doing so. They want you to take an old smartphone (“There are billions of dollars of smartphones sitting in sock drawers all over the world”), download the app, and set up a live stream of whatever using that phone. It could be a stream of a city intersection, the outside of a library, whatever. They just want it to be a stream of a public place.

The cool thing about Koozoo is that a 24/7 feed is not actually being streamed, but your phone is actually taking a picture every few minutes to use as a thumbnail, then takes a live feed once someone “tunes in.” The stream is geo-tagged so people know where it originates from. Also, no audio is streamed, only the video itself. However, I believe that Koozoo is already doomed to privacy struggles. In Koozoo’s terms of service it states that only public spaces can be streamed. Koozoo’s founders said “unless a front yard is obscured in some way, it is visible to the general public.” According to this rule, if people can see my backyard from the street, they can stream me swimming.. This would be considered a public spot, and could be streamed. Koozoo says that they are going to be working hard to make sure that only acceptable content is streamed, but how successful will they be? Already, it sounds like privacy can be infringed here and Koozoo will not have a problem with it. What do you think? Is Koozoo a bad idea that will cause privacy concerns, or will it be a beneficial app?

Don’t Get Scroogled

Reading Google’s privacy policy reminded me of Microsoft’s recent ad campaign “Don’t Get Scroogled” trying to get people switch to outlook.com using privacy as a selling point.

The campaign includes newspaper ads, billboards and videos ranging from creepy,very creepy, and sometimes funny, very funny (or as funny as an ad made by Microsoft can get).

As part of the ad campaign Microsoft has a petitioned to get Google to stop reading email to sell ads which has gotten over 100,000+ people sign it.

Microsoft has comment on the ad campain saying

“Privacy of email services is a fair subject for a petition, and 6,000 people have said so in just a few days. Over 500,000 people have visited our website and tens of thousands have tried Outlook.com. It is a serious public policy issue a lot of people care about.”

In Microsoft press release on their “educational campaign”

“Outlook.com believes your privacy is not for sale,” Weitz said. “We believe people should have choice and control over their private email messages, whether they are sharing banking information or pictures of their family or discussing their medical history.”

Weitz added, “Outlook.com does not scan the contents of your personal email to sell ads. Outlook.com is an email service that prioritizes your own and your family’s privacy. You wouldn’t let the post office look inside your mail, so why would you let Google?”

The irony is Microsoft is using target ads to get it message across that Gmail reads your email to generate targeted ads. Also both Outlook and gmail  “read” your email to filter out spam anyway.