Tuesday, March 6, 2012

Wired's "Uncle Sam: If It Ends in .Com, It’s .Seizable"

Wired on coercive measures the US government is taking to control the internet
(Source link)

By David Kravets
March 6, 2012

When U.S. authorities shuttered sports-wagering site Bodog.com last week, it raised eyebrows across the net because the domain name was registered with a Canadian company, ostensibly putting it beyond the reach of the U.S. government. Working around that, the feds went directly to VeriSign, a U.S.-based internet backbone company that has the contract to manage the coveted .com and other “generic” top-level domains.

EasyDNS, an internet infrastructure company, protested that the “ramifications of this are no less than chilling and every single organization branded or operating under .com, .net, .org, .biz etc. needs to ask themselves about their vulnerability to the whims of U.S. federal and state

But despite EasyDNS and others’ outrage, the U.S. government says it’s gone that route hundreds of times. Furthermore, it says it has the right to seizeany .com, .net and .org domain name because the companies that have the contracts to administer them are based on United States soil, according to Nicole Navas, an Immigration and Customs Enforcement spokeswoman.

The controversy highlights the unique control the U.S. continues to hold over key components of the global domain name system, and rips a Band-Aid off a historic sore point for other nations. A complicated web of bureaucracy and Commerce Department-dictated contracts signed in 1999 established that key domains would be contracted out to Network Solutions, which was acquired by VeriSign in 2000. That cemented control of all-important .com and .net domains with a U.S. company – VeriSign – putting every website using one of those addresses firmly within reach of American courts regardless of where the owners are located – possibly forever.

The government, Navas said, usually serves court-ordered seizures on VeriSign, which manages domains ending in .com, .net, .cc, .tv and .name, because “foreign-based registrars are not bound to comply with U.S. court orders.” The government does the same with the non-profit counterpart to VeriSign that now manages the .org domain. That’s the Public Interest Registry, which, like VeriSign, is based in Virginia.

Such seizures are becoming commonplace under the Obama administration. For example, the U.S. government program known as Operation in Our Sites acquires federal court orders to shutter sites it believes are hawking counterfeited goods, illegal sports streams and unauthorized movies and music. Navas said the U.S. government has seized 750 domain names, “most with
foreign-based registrars.” VeriSign, for its part, said it is complying with U.S. law.

“VeriSign responds to lawful court orders subject to its technical capabilities,” the company said in a statement. “When law enforcement presents us with such lawful orders impacting domain names within our registries, we respond within our technical capabilities.”

VeriSign declined to entertain questions about how many times it has done this. It often complies with U.S. court orders by redirecting the DNS (Domain Name System) of a domain to a U.S. government IP address that informs online visitors that the site has been seized (for
example, ninjavideo.net.)

“Beyond that, further questions should be directed to the appropriate U.S. federal government agency responsible for the domain name seizure,” the company said.

The Public Interest Registry did not immediately respond for comment.

Bodog.com was targeted because federal law generally makes it illegal to offer online sports wagering and to payoff online bets in the United States, even though online gambling isn’t illegal globally. Bodog.com was registered with a Canadian registrar, a VeriSign subcontractor, but the United States shuttered the site without any intervention from Canadian authorities or companies.

Instead, the feds went straight to VeriSign. It’s a powerful company deeply enmeshed in the backbone operations of the internet, including managing the .com infrastructure and operating root name servers. VeriSign has a cozy relationship with the federal government, and has long had a contract from the U.S. government to help manage the internet’s “root file” that is key
to having a unified internet name system.

Still, the issue of the U.S.’s legal dominion claim over all .com domains wasn’t an issue in the January seizure of the domain of megaupload.com, which is implicated in one of the largest
criminal copyright cases in U.S. history
. Megaupload.com was registered in the United States with a registrar based in Washington state.

The United States would have won even more control over the internet with the Stop Online Piracy Act and the Protect IP Act. But the nation’s biggest online protest ever scuttled the measures, which would have allowed the government to force internet service providers in the U.S. to prevent Americans from being able to visit or find in search engines websites that the U.S. government suspected violated U.S. copyright or trademark law.

But as the Justice Department demonstrated forcefully with the takedown of Megaupload, just a day after the net’s coordinated anti-SOPA protest, it still has powerful weapons to use, despite the deaths of SOPA and PIPA.

So how does International Corporation for Assigned Names and Numbers, the global body that oversees the domain-naming system, feel about the U.S. government’s actions? ICANN declined comment and forwarded a 2010 blog post from it’s chief Rod Beckstrom, who said ICANN has “no involvement in the takedown of any website.”

ICANN, a non-profit established by the U.S., has never awarded a contract to manage the .com space to a company outside the United States — in fact VeriSign has always held it — despite having a contentious relationship with ICANN that’s involved a protracted lawsuit. But, due to contract terms, VeriSign is unlikely to ever lose control over the immensely economically valuable .com handle.

ICANN is also seeking to distance itself from the U.S. government by being more inclusive, including allowing domain names in a range of written, global languages, ending the exclusivity of the Latin alphabet in top-level domains. Still, many outside the United States, like China, India and Russia, distrust ICANN and want control of the net’s naming system to be turned over to
an organization such as the International Telecommunications Union, an affiliate of the United Nations. Last year, Russian Prime Minister Vladimir Putin met with Hamadoun Toure, the ITU’s chief, and said he wanted international control over the internet “using the monitoring capabilities of the International Telecommunication Union.”

“If we are going to talk about the democratization of international relations, I think a critical sphere is information exchange and global control over such exchange,” Putin said, according to a transcript from the Russian government.Just last week, Robert McDowell, a Federal Communications Commission commissioner, blasted such an idea.

“If successful, these efforts would merely imprison the future in the regulatory dungeon of the past,” he said. “Even more counterproductive would be the creation of a new international body
to oversee internet governance.”

ICANN was established in 1998 by the Clinton administration, and has been under global attack to internationalize the control of the Domain Name System ever since. A United Nations working group in 2005 concluded that “no single government should have a pre-eminent role in relation to international internet governance.”

But those pressures don’t seem to have registered with President Barack Obama’s Justice Department. Hollywood was a big donor to Obama, and Obama reciprocated by naming at least
five former Recording Industry Association of America attorneys
to posts in the Justice Department, which has been waging a crackdown on internet piracy. The Justice Department is looking for even more money in next year’s budget to hire more intellectual-property prosecutors.

Without SOPA or PIPA, the Justice Department lacks any mechanism to prevent Americans from visiting sites that are on a domain not controlled by a U.S. corporation. Knowing that, the world’s leading BitTorrent site, The Pirate Bay, recently switched its main site from a .org domain to .se, the handle for Sweden.

The Pirate Bay’s lead is unlikely to be followed by the millions of non-U.S. companies that rely on .com, which remains the net’s beachfront real estate, even if it is subject to being confiscated by the U.S. But it is possible that the U.S. government’s big-footing over dot-com domains in the name of fighting copyright could add more weight to the arguments of those who want to put the U.N. in charge of the internet’s naming system. While that’s not inevitably a bad thing, it could lead to a world where any .com might be seizable by any country, including Russia, Libya and Iran. Still, don’t expect Uncle Sam to give up its iron grip on .com without a fight.

Bust Reveals Government Runs Hacking Groups

Infowars contributor Kurt Nimo covers the FBI's provocateur project to infiltrate and instigate rogue civil society crackers.

Kurt Nimmo
March 6, 2012

(Source link)

The establishment media has characterized the leader of LulzSec ratting out his hacktivist comrades as betrayal, but the incident reveals something far more sinister – government is responsible for creating and unleashing computer hacker groups.

Hector Xavier Monsegur, said to be the leader of LulzSec, worked for the FBI, according to news reports. He was reportedly arrested in Puerto Rico last June, pleaded guilty to hacking charges, and then began working with the FBI – or so the cover story would have it.

Monsequr, aka Sabu, decided what targets to attack and who would participate in the attacks, more than likely at the direction of this FBI handlers. It is believed he participated in the Anonymous effort to hack HBGary, the security firm that works closely with the CIA, NSA, FBI, and the Pentagon.

Sabu’s Lulz Security, commonly abbreviated as LulzSec, claimed responsibility for taking the CIA website offline. It also attacked Fox News, PBS, Sony, and a number of gamer sites. LulzSec claims to have hacked local InfraGard chapter sites, the organization affiliated with the FBI, and released the emails and passwords of a number of users of senate.gov.

LulzSec and Anonymous attacks have provided the government with an excuse to push their cyber security agenda and propaganda campaign, including the proposal for a “kill switch” that would have allowed Obama to shut down the internet (due to public outrage, the proposal was dropped from a House bill in February).

Government and corporate groups cited LulzSec and Anonymous lawlessness last June to push the so-called Protect IP Act (known as PIPA). The introduction of a House version of the bill, dubbed SOPA (Stop Online Privacy Act), was met with public outrage and widespread activism that forced Congress to reconsider the legislation.

In October, Mother Jones revealed that the FBI is notorious for
creating supposed terrorist groups from scratch and then framing patsies in
order to claim the government is protecting the United States from terrorists
and also breathe life into an otherwise moribund war on mostly nonexistent

Sabu’s role as an FBI provocateur working inside LulzSec reveals the government is attempting to do the same in order to push its so-called cybersecurity agenda. The establishment is eager to pass a raft of legislation to closely regulate the internet, strip the medium of its anonymity, and close it down as an activism and alternative media tool.

Monday, March 5, 2012

2600: "More Active Gamers Should Become Activist Hackers"

In this article featured in the Winter 2011/2012 edition of The Hacker Quarterly, Snugglepuff argues that young people should abandon gaming in fantasy worlds and instead et their minds to something more useful like hacking to make the world a better place. Source link.

By: Snugglepuff
snugglepuff (at) operamail (dot) com

I am fortunate to personally know many talented thinkers, many of whom are avid gamers. Some are also particularly brilliant and have solved programmatic problems I can barely understand. Some spend countless hours shut off from the realities of a world they admit is broken to play in a world that mostly isn't. For so many people I associate with, the understanding of a problem and the talent to tackle it with software coexist but remain separated from any effort to do so. Some won't care until a problem reaches them personally, others just don' t give much thought to the idea that problems like corruption, censorship, and the digital divide can be tackled with code.

Far outside the scope of most of the intelligent programmers I know are the growing number of people I know because of my involvement with writing software for privacy activists. Despite having few technical skills, they are passionate about doing anything in their very limited power to make the only world they live in a better one. Armed with nothing but hope and drive, they read and comment on news articles and write letters to their elected officials (and when was the last time you did that?). They spend countless hours blogging and podcasting their ideas into the ether hoping that someone will listen and do something -- anything.

The world is run by machines. They aren't using us as batteries because there's no reason to, with us being so willing to bum coal for them. Decisions are made with data which is or should be transformed into meaningful information and whether that information is accessible or not is less a matter of policy and more a matter of engineering. Elections in democratic countries are won by a fickle "swing vote" of voters with no ideology to predict their vote with. Their decision is composed slowly by a trickle of information about their choices until literal bits of information pull them harder in one direction than others. The control of information by censorship, misinformation, media bias, and lack of basic access to and understanding of technology resources are by and large engineering problems with engineering solutions. In a post-Wikileaks world, to believe that one can't make a serious impact in a world increasingly governed by software as a software developer is completely ridiculous and illustrates a disconnect from reality that seems to grow the longer one escapes from it.

Serious coding takes time. So does serious gaming. Both can be enjoying and frustrating, but ultimately the act of creating something leaves behind it a measurable value of utility that can be shared with the world as infinitely as people can access it. When someone has the ability to do one or the other, that person should realize, with whatever part of their conscience isn't governed by virtual currencies, that they are choosing to neglect the potential use of their skills for more than a few meaningful purposes. If you're already spending your weekends or weeknights helping people help each other, whether by programming or traditional volunteering, good for you. Welcome to the choir! For everyone else, hear ye:

People desperate to see change happen in their lifetimes across the world don't give a shit about your level 60 night e l f. Time is life. If you value your life outside of gameplay, it might be time to start looking for ways to prove that value in the greater context of history. Start hacking.

2600 Reflecting on the Role Hackerdom Played on the Rise of 2011's Social Movements

The following editorial I copied and pasted from the Winter 2011/2012 edition of 2600 The Hacker Quarterly. The source link here is not from the official 2600 website b/c they don't post the articles up online. The source link is from some random site I found with Google.

Original Title: "Movement"
2600 Editorial Team

While we can only speculate on what 2012 will bring, it seems fairly certain that 2011 will be remembered as a year when individuals worldwide began to feel empowered and when, more than ever before, the old guard was put on notice that its policies need to adapt and change with the times - or risk becoming extinct.

We've gone on at length before about the value of the individual, how we all have so much more power than we're led to believe, and how it serves the status quo to have us all convinced that we can't possibly make any difference. Our belief in this has never wavered, but it's essential to have it borne out in practice, as the theoretical can only go so far. After the last year, we can point with certainty towards various key examples that show how much individuals can accomplish with a little dedication, coupled with a degree of mastery in the world of technology. We can also point to the reaction these people get from those in charge as proof of the threat they pose to their power structure.

Freedom and empowerment are concepts that, once unleashed, spread quite rapidly. We saw that earlier in the year, as the Arab Spring took hold. I t all started with Mohamed Bouazizi, a street vendor in Tunisia who became so fed up with the constant corruption and humiliation that made it impossible for him to earn a living that he sacrificed his own life as the ultimate form of protest. The outrage from fellow citizens mushroomed and led to massive protests and the actual fall of the government less than a month later. According to The New York Times, "The protesters, led at first by unemployed college graduates... and later joined by workers and young professionals, found grist for the complaints in leaked cables from the United States Embassy in Tunisia, released by WikiLeaks, that detailed the self-dealing and excess of the president's family." The government had its state-run media to whitewash the news. The people had social networking and cell phones to get and share updates. I t was no contest.

The unrest spread to neighboring countries, leading to significant conflicts in no less than 16 of them, the most significant being Egypt, Libya, and Syria. The tensions had always been there. But once the fuse was lit, there was no turning back.

Domestically, we've witnessed much in the way of stress and hardship, but nothing that comes close to events in other parts of the world. However, while we may not have had security forces killing demonstrators or a repressive regime that tolerates no dissent at all, we, like all humans, have a sense of justice and can only be pushed around so much before something snaps. That appears to have been the case with September's Occupy Wall Street movement, a simple protest inspired by our friends over at Adbusters magazine, which wound up getting bigger and bigger before eventually spreading to hundreds of sites throughout the country and across the world. While the mass media initially mocked, ridiculed, and basically ignored these protests, supposedly due to the lack of a clear list of "demands" from the demonstrators, the movement actually became strengthened as a result. Since there wasn't a clear agenda, anyone who felt that the system wasn't working was able to join and help determine what path to take. Alliances were thus formed that wouldn't have been possible had all of the answers been laid out from the beginning, as would be expected in a typical political movement. It was an unusual tactic, but clearly an effective one. And the media's agenda of ignoring what was going on became painfully visible, which led to more outrage and an eventual about face on their part. Suddenly, the movement became front page news everywhere.

The concept of a group that had no leadership was very similar to that of Anonymous, an online entity which has become increasingly active in the "real world" as well as on the net. The Guy Fawkes masks they embraced were quite visible worldwide at many of the Occupy sites. But anonymity was only an option, not a main ingredient in what was going on. The lack of a hierarchy and the development of the
Occupy Wall Street General Assembly enabled any individual to speak to the crowd through the ingenious use of a "human microphone," created out of necessity due to an arbitrary ban on megaphones. This adaptability and desire to bypass unfair restrictions using clever tactics
is something we're all familiar with in the hacker world.

At press time, there have been a number of violent crackdowns on these groups by the authorities. While all kinds of excuses were given, ranging from health concerns to reports of crimes and illegal activities within the camps (much of which was echoed almost verbatim by mainstream media), many firsthand accounts dispute the degree of such problems. Actions caught on video clearly show that the people targeted were posing no threat to anyone, other than refusing to obey orders. Whenever we see this kind of reaction displayed by an authority figure, we know what it means, whether it's a high school principal expelling a student for some mischief on a computer, a corporation firing an employee for discovering a security hole, or a parent sending their kid to reform school or feeding them drugs because they're "out of control." It means the authority figure is desperately afraid of no longer being in charge of the situation. They begin to act increasingly irrational and they view the individual as the sole source of the problem. This is always the wrong course of action.

Listening to, learning from, and opening a dialogue with an individual is the only way to take positive steps. This is true regardless of how much or how little we agree with what they're saying or doing. For us in the hacker world, this is old news. But what's different is seeing this sort of thing playing out on
a different stage and seeing how those in charge are truly afraid of the kind of dialogue that empowers individuals. That alone is a milestone.

We've also seen tremendous growth in the use of technology by individuals for truly worthwhile goals. While social networking and smart phones were never designed to foment civil unrest, used properly they are invaluable tools in a movement gathering steam. Overseas, people used Facebook and Twitter to quickly organize mass demonstrations before the authorities knew what was happening. Attempts to restrict access to these services backfired badly. In the States, similar tactics were used by demonstrators, with the addition of numerous live video feeds from cities all over the country. When something happened, the whole world could literally be watching. Live. When the crackdown occurred in New York City, there were no less than four separate live streams being fed by people's smart phones, all with surprisingly good video quality and relatively decent audio. Well over 50,000 people were tuned in to these feeds, with many more picking them up from secondary sources. As interest in what was going on swelled, the mass media even joined in, simulcasting these streams since they hadn't been able to get behind the police barricades themselves. The people had literally
become the media.

We've learned a great deal from these events. The hacker world, the ideals of full disclosure, the distrust of governments and corporations, the embracing and manipulation of high tech, the desire for free speech, the empowerment of the individual….these are all intrinsically linked together. It really does all

But there's a flipside. There will always be people and entities who see all of this as a threat and who will try and control it. That's a battle that will never end and which will be fought in a variety of arenas. We see it every day in the form of corporate copyright abuses, antiquated business practices that fight technological advances, increased government secrecy, or the suspicion that's injected into the populace towards anyone who doesn't quite think, act, or look like everyone else.

In other words, individuals may have shown their ability to manipulate technology in a way that benefits them with these actions of 2011 . But those opposed to this sort of thing have been taking notes and will be better prepared to counter this ingenuity the next time around. As hackers and developers of new technology, we need to always have this on our minds, as the true future of freedom, both here and abroad, can be greatly affected by what we choose to consider as a priority.