Twitter Blocks Intelligence Agencies

Twitter has prohibited a data-mining firm from providing analytics of real-time tweets to U.S. intelligence agencies, according to a Wall Street Journal report, quoting a person familiar with the matter.

Darkode Hacking Forum Shut Down

Law enforcement agencies from 20 countries collaborated to cripple a major computer hacking forum, and U.S. officials filed criminal charges against a dozen people associated with the website, the U.S. Department of Justice announced.

Darkode.com on is displaying a message saying the site and domain had been seized by the FBI and other law enforcement agencies.

Darkode, a password-protected online forum for criminal hackers, represented one of the gravest threats to the integrity of data on computers across the world, according to David Hickton, U.S. attorney for the Western District of Pennsylvania. “Through this operation, we have dismantled a cyber hornets’ nest of criminal hackers which was believed by many, including the hackers themselves, to be impenetrable.”

Five of the defendants face charges in Hickton’s district.

Darkode allowed hackers and other cybercriminals to sell, trade and share information and tools related to illegal computer hacking, the law enforcement agencies alleged.

Before becoming a member of Darkode, prospective participants were allegedly vetted through a process that included an invitation by a member, the DOJ said in a press release. The prospective member then pitched the skill or products he or she could bring to the forum.

Darkode members allegedly used each other’s skills and products to infect computers and electronic devices of victims around the world with malware, the DOJ said.

The takedown of the forum and the charges announced Wednesday came after the FBI’s infiltration of Darkode’s membership.

Source

Office 365 Goes Video Streaming

Microsoft unveiled Office 365 Video, a YouTube-like streaming service where enterprises and large organizations can post in-house video content for communication and training.

“Office 365 Video provides organizations with a secure, company-wide destination for posting, sharing and discovering video content,” said Mark Kashman, a senior product manager with the Office 365 team, in a blog posting.

Kashman touted Video as a tool for internal communications, citing the examples of new-employee orientation, management messaging and worker training. Employees will also be able to contribute to a “Community” section, though most companies will probably frown on cat antic clips.

The service rolls out over the next few days to companies that have registered for Office 365′s First Release early distribution program, then through early 2015 to others.

Video will be available only to subscribers of Office 365′s plans for enterprises — E1 through E4 — and universities (A2 through A4). It will not be offered to consumer subscribers or firms with small business-oriented plans like Business Essentials, Business and Business Premium.

Kashman also said Office 365 plans for government agencies will get Video at some point, but he did not proffer a timeline.

The other requirement is SharePoint Online, an off-premises component of the enterprise and academic plans, but missing from the increasingly popular Office 365 ProPlus, the rent-not-buy plan used by organizations that have decided to retain their back-end services, like SharePoint and Exchange, on premises.

Although Office 365 Video has elements of consumer streaming services like Google’s YouTube, it’s strictly an in-house affair: It will be available only to employees, and then only those whom IT administrators have assigned access rights.

Source

Microsoft Issues New Policies

Microsoft Corp, under fire for accessing an employee’s private Hotmail account to prove he was illegally passing computer code to a blogger, has said it will now refer all suspicious activity on its email services to law enforcement.

The decision, announced by head lawyer Brad Smith on Friday, reverses Microsoft’s initial reaction to complaints last week, when it laid out a plan to refer such cases to an unidentified former federal judge, and proceed to open a suspect email account only if that person saw evidence to justify it.

“Effective immediately, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property from Microsoft, we will not inspect a customer’s private content ourselves,” said Smith, in a blog post on the software company’s website. “Instead, we will refer the matter to law enforcement if further action is required.”

Microsoft – which has recently cast itself as a defender of customer privacy – was harshly criticized last week by civil liberties groups after court documents made public in the prosecution of Alex Kibkalo in Seattle federal court for leaking trade secrets showed that Microsoft had accessed the defendant’s email account before taking the matter to legal authorities.

The company said last week its actions were within its legal rights under the terms of use of its email services, but has now acknowledged that its actions raised concerns about customer privacy.

The issue is poignant for Microsoft, which routinely criticizes Google Inc for serving up ads based on the content of users’ Gmail correspondence.

It has also been campaigning for more transparency in the legal process through which U.S. intelligence agencies can get access to email accounts following the revelations of former National Security Agency contractor Edward Snowden.

“While our own search was clearly within our legal rights, it seems apparent that we should apply a similar principle and rely on formal legal processes for our own investigations involving people who we suspect are stealing from us,” said Smith in his blog. “Therefore, rather than inspect the private content of customers ourselves in these instances, we should turn to law enforcement and their legal procedures.”

Source

FTC Pushes For Security Standards

Despite growing resentment from companies and powerful industry groups, the Federal Trade Commission continues to insist that it wants to be the nation’s enforcer of data security standards.

The FTC, over the past years, has gone after companies that have suffered data breaches, citing the authority granted to it under a section of the FTC Act that prohibits “unfair” and “deceptive” trade practices. The FTC extracted stiff penalties from some companies by arguing that their failure to properly protect customer data represented an unfair and deceptive trade practice.

On Thursday, FTC Chairwoman Edith Ramirez called for legislation that would bestow the agency with more formal authority to go after breached entities.

“I’d like to see FTC be the enforcer,” Law360 quoted Ramirez as saying at a privacy event organized by the National Consumers League in Washington. “If you have FTC enforcement along with state concurrent jurisdiction to enforce, I think that would be an absolute benefit, and I think it’s something we’ve continued to push for.”

According to Ramirez, the FTC supports a federal data-breach notification law that would also give it the authority to penalize companies for data breaches. In separate comments at the same event, FTC counsel Betsy Broder reportedly noted that the FTC’s enforcement actions stem from the continuing failure of some companies to adequately protect data in their custody.

“FTC keeps bringing data security cases because companies keep neglecting to employ the most reasonable off-the-shelf, commonly available security measures for their systems,” Law360 quoted Broder as saying.

An FTC spokeswoman was unable to immediately confirm the comments made by Ramirez and Broder but said the sentiments expressed in the Law360 story accurately describe the FTC’s position on enforcement authority.

The comments by the senior officials come amid heightening protests against what some see as the FTC overstepping its authority by going after companies that have suffered data breaches.

Over the past several years, the agency has filed complaints against dozens of companies and extracted costly settlements from many of them for data breaches. In 2006 for instance, the FTC imposed a $10 million fine on data aggregator ChoicePoint, and more recently, online gaming company RockYou paid the agency $250,000 to settle data breach related charges.

Source

Does The Cloud Need To Standardize?

Frank Baitman, the CIO of the U.S. Department of Health and Human Services (HHS), was at the Amazon Web Services conference  praising the company’s services. Baitman’s lecture was on the verge of becoming a long infomercial, when he stepped back and changed direction.

Baitman has reason to speak well of Amazon. As the big government system integrators slept, Amazon rushed in with its cloud model and began selling its services to federal agencies. HHS and Amazon worked together in a real sense.

The agency helped Amazon get an all-important security certification best known by its acronym, FedRAMP, while Amazon moved its health data to the cloud. It was the first large cloud vendor to get this security certification.

“[Amazon] gives us the scalability that we need for health data,” said Baitman.

But then he said that while it would “make things simpler and nicer” to work with Amazon, since they did the groundwork to get Amazon federal authorizations, “we also believe that there are different reasons to go with different vendors.”

Baitman said that HHS will be working with other vendors as it has with Amazon.

“We recognize different solutions are needed for different problems,” said Baitman. “Ultimately we would love to have a competitive environment that brings best value to the taxpayer and keeps vendors innovating.”

To accomplish this, HHS plans to implement a cloud broker model, an intermediary process that can help government entities identify the best cloud approach for a particular workload. That means being able to compare different price points, terms of service and service-level agreements.

To make comparisons possible, Baitman said the vendors will have to “standardize in those areas that we evaluate cloud on.”

The Amazon conference had about 2,500 registered to attend, and judging from the size of the crowd it certainly appeared to have that many at the Washington Convention Center. It was a leap in attendance. In 2012, attendance at Amazon’s government conference was about 900; in 2011, 300 attended; and in 2010, just 50, Teresa Carlson, vice president of worldwide public sector at Amazon, said in an interview.

Source

The DoD May Share Airwaves

The U.S. Defense Department is proposing to share some of its radio airwaves with private industry, a nod to growing pressure from the wireless industry and the Obama administration that federal agencies ease their control of valuable spectrum.

In a letter released by the Federal Communications Commission on Tuesday, the Department of Defense offers to share the airwaves it now dominates in the slice of frequencies from 1755 megahertz (MHz) to 1780 MHz with spectrum-hungry wireless and Internet companies.

The military would rearrange its systems within that slice of spectrum as well as the 2025-2110 MHz band and compress programs into the 1780-1850 MHz band that it would retain.

The Defense Department uses the airwaves for programs such as pilot training and drone systems and has faced criticism from some in the industry and in Congress for resisting efforts to open those airwaves for commercial use to satisfy growing demands posed by data-hungry gadgets and services.

The Pentagon had pointed to its own need for airwaves as its use of drones and other reliance on wireless technology grows. It also had estimated the process of moving its programs to new frequencies would cost more than $12 billion.

Under the new plan, the Defense Department drops the cost estimate to $3.5 billion by compromising on sharing slices of airwaves without completely clearing any of the spectrum bands.

In the letter, originally sent on July 17 to the National Telecommunications and Information Administration, which oversees federal airwaves, DOD Chief Information Officer Teresa Takai called the proposal “a workable balance to provide access to the 1755-1780 MHz band most desired by the commercial wireless industry while ensuring no loss of critical DoD capabilities.”

The NTIA, in its own letter to the FCC, said it had not had enough time to review the proposal and could not yet endorse it.

The FCC, with NTIA’s help, is preparing for several auctions of airwaves to take place in coming years, including one that would sell off chunks of federally controlled spectrum. They will be the first reshuffling of airwave ownership since 2008.

Congress has required the FCC to auction off the 2155-2180 MHz band by February 2015 and the industry has sought to pair up that slice of spectrum with the valuable 1755-1780 MHz band, arguing it would collect more money. Lawmakers in the House of Representatives have introduced a bill to ensure such pairing.

The FCC has been drafting a notice of proposed rulemaking that would seek public comments on how the FCC should auction those federally owned or already cleared airwaves to the wireless companies and an FCC official said the agency’s notice will address the Pentagon’s new proposal.

President Barack Obama last month directed federal agencies to look for ways eventually to give up or share more of their airwaves with the private sector. This followed his June 2010 call to open up 500 MHz of federal spectrum for commercial use.

Source

FTC Defends Google Decision

The FTC defended its decision to let Google carry on with its anti-trust-like antics, while other regulations in civilized nations are planning to put the boot in.

The US Federal Trade Commission reached a settlement with Google which really did little to stop the company using its dominance to push down search results from its competitors. The move attracted considerable criticism because it followed a letter from US senators to go easy on the search engine because it was good for US jobs.  We guess they mean the jobs of US senators who Google paid campaign contributions.

Google promised to change the ways it presents some search results and runs search advertising, but was exonerated of the results bias claims. Rivals including Yelp and Microsoft claimed that Google had favored its own product results over those of its competitors and called for the anti-trust case. What makes the case look more suspect is that the EU is less frightened of actually fining Google or forcing it to behave. Indeed indications from Brussels are that it has not only agreed with the rival’s complaints but will do something about it if Google does not pull finger.

But FTC chairman Jon Leibowitz told Talking Points Memo that the agency’s decision was legally sound and would be beneficial to competition and consumers. Under facts we found, all five of us, from liberal Democrat to conservative Republican, agreed that the evidence militated against an anti-trust case,” Leibowitz told TPM.

The fact that we managed to have both Google and Google’s rivals unhappy, in an odd way that’s maybe unique to Washington, that puts us in the right place substantively, he claimed. When asked if Google’s $25 million lobbying budget for the duration FTC’s investigation helped, he said that lobbying makes the companies feel good and lobbyists feel good.

“At the end of the day, whether you want to say lobbying had any influence, or cancelled itself out because there was lobbying on both sides, if you’re going to do what lobbyists want you to do in a regulatory agency, you’re not doing your job.”

Source…

Poor Get Online With Cloud Phone

Start up firm Movirtu has made plans to help 3 million or more people in poor countries use mobile services by giving them personal phone numbers, not phones.

Working with a U.N.-affiliated initiative called Business Call to Action (BCtA), Movirtu will offer the numbers, which it calls mobile identities, through commercial carriers in developing countries in Africa and South Asia. People in those countries who typically borrow phones from others will be able to log into the carrier’s network and use their own prepaid minutes and bits of data. The service is called Cloud Phone, though it operates within a carrier’s own infrastructure rather than on the Internet as a classic cloud service would.

Having a personal mobile identity can save users money in two ways, according to Ramona Liberoff, executive vice president of marketing, strategy and planning at Movirtu. First, they can use mobile services without buying a phone, which is a luxury even at US$15 or $20 for people making $1 or $2 per day. Second, the cost of prepaid service from a carrier typically is less than what consumers in those countries pay someone to borrow a phone, she said.

Though it’s customary in many of these countries to lend a phone to someone in need, the borrower is also expected to pay the lender for the usage. The average savings from using regular prepaid service instead is estimated at about $60 per year, Liberoff said.

The service will help people to use mobile banking, insurance and farming assistance services as well as make phone calls, Liberoff said.

Some of these services currently can only be delivered to individuals and not to someone sharing a phone. Personal mobile identities could be a boon to NGOs (non-governmental organizations) that want to use mobile technology. “In many cases, there are great NGO programs that can’t reach 80 percent of their base,” because those people don’t have their own phones, Liberoff said.

Read More…