The Iconoclast

A housing bailout bill that would also create a national fingerprint registry is facing some unexpected delays in the U.S. Senate and may not be voted on until next month.

We wrote about the proposed law last month after it had been approved by the Senate Banking Committee. After that, it was supposed to be on the fast track to President Bush's desk, but a fuss over an amendment for renewable-energy tax credits--which, of course, have nothing to do with foreclosures and the bursting of the housing bubble--is creating the delay.

The legislation would require any mortgage "loan originator" to furnish "fingerprints for submission to the Federal Bureau of Investigation" and a wealth of other unnamed government agencies. There are no explicit privacy protections, and a Nationwide Mortgage Licensing System and Registry would be created to provide "increased accountability and tracking of loan originators," implying a permanent database of fingerprints.

An alliance of privacy-minded groups, including the American Conservative Union, the American Civil Liberties Union, the Competitive Enterprise Institute, and the U.S. Bill of Rights Foundation, sent a letter to the Senate on Tuesday. It asks that the fingerprint registry be stripped from the housing bailout bill. (CEI has posted a copy of the letter.)

So far, there's been no response. When I talked to John Berlau of CEI this week, he suggested that senators don't seem willing to defend the fingerprinting plan publicly.

In case you're curious, here's the text of the legislation. (... Read more

Kicking the public out of a courtroom is an option that should be used rarely, and extremely judiciously, which is what makes U.S. District Judge James Ware's decision Monday disappointing.

Ware shuttered the doors to a San Jose, Calif., hearing pitting Facebook and Mark Zuckerberg, probably the world's youngest self-made billionaire, against Harvard University classmates who claim Zuckerberg stole ideas and source code from a similar venture called ConnectU. Ware took this extraordinary step without notice, without a formal request from either side, and without even specifying why it was necessary.

This is at odds with the law of the land--it views courtroom closings as extraordinary events--which is why CNET News.com is evaluating whether to file papers seeking access. Not only should the courtroom not have been closed, but any audio recording or transcript of the proceedings should be released.

It is long-established precedent in the 9th U.S. Circuit Court of Appeals, which is binding in San Jose, that two requirements be met before the public can be barred. First, the public and the press must be given "a reasonable opportunity to state their objections." Second, the "reasons supporting closure must be articulated."

Those requirements were conspicuously absent from Monday's hearing. Neither side formally asked Ware to bar the public. When he asked if there were objections -- and representatives of three different news organizations asked the hearing be delayed to give us a reasonable opportunity to raise them--Ware dismissed the idea. He said ... Read more

Verizon Communications confirmed on Thursday that it will stop offering its customers access to tens of thousands of Usenet discussion areas, including the alt.* groups that have been a free-flowing area for discussions for over two decades.

Eric Rabe, a Verizon spokesman, said only a subset of discussion groups, or newsgroups, would be offered to customers in the future. In Usenet parlance, those newsgroups are called the big 8; they include complex procedures for newsgroup creation and deletion and even boast a formal management committee.

Rabe had told us earlier in the week that some newsgroups would be restricted, but didn't have the details until we spoke with him on Thursday.

No law requires Verizon to do this. Instead, the company (and, to varying extents, Time Warner Cable and Sprint) agreed to restrictions on Usenet in response to political strong-arming by New York State Attorney General Andrew Cuomo, a Democrat.

Cuomo claimed that his office found child porn on 88 newsgroups--out of roughly 100,000 newsgroups that exist. In a press release, he took credit for the companies' blunderbuss-style newsgroup removal by saying: "We are attacking this problem by working with Internet service providers...I commend the companies that have stepped up today to embrace a new standard of responsibility, which should serve as a model for the entire industry."

Usenet is a pre-Web technology that, for most of its history, relied on companies, Internet service providers, and universities to operate servers that would exchange messages posted by ... Read more

An announcement this week by New York State Attorney General Andrew Cuomo that three Internet service providers would "block" sources of child porn has caused a surprising amount of confusion.

First, some news reports assumed that meant blocking, say, overseas Web sites that are deemed illegal. But Cuomo's press release talked only of broadband providers agreeing to "purge their servers of child porn websites"--which they've done for years, making this point mere public relations puffery.

Second, some readers thought that the three companies involved in the deal--Verizon Communications, Time Warner Cable, and Sprint--would block access to Usenet newsgroups hosted elsewhere. That would include blocking pay-per-Usenet services like Supernews, Giganews, and Usenet.com.

As far as I know, that's not the case, and it's worth setting the record straight. What's happening, as we reported on Tuesday, is that the three companies are changing policies about what newsgroups they offer to their customers through their own Usenet servers:

Time Warner Cable will cease to offer Usenet. Sprint is cutting off the alt.* hierarchy, Usenet's largest, which will primarily affect its business customers. A Verizon spokesman said he didn't know details, saying "newsgroups that deal with scientific endeavors" will stick around but admitted that all of the alt.* hierarchy could be toast.

In the future, perhaps, a constitutionally impaired, censor-happy New York attorney general could try to force these companies to block access to Usenet completely (ports 433 and 119, for instance). Or only connections ... Read more

A secretive Washington, D.C., group linked to an anti-Google letter signed by corn farmers says cable providers, which have retained it as a client, have nothing to do with its attempts to convince Congress to hold hearings critical of the search company.

Guillermo Meneses, previously a press secretary for the Democratic National Committee, is now a senior vice president at the LawMedia Group. He said that he was "unaware" of any communications between the American Corn Growers Association--which has no history of being interested in the antitrust implications of online advertising--and the National Cable and Telecommunications Association.

We reported on Wednesday that the anti-Google letter to Congress, signed by a number of farmers' groups who insisted they were the only ones to write it, included the name of a LMG staffer in the PDF metadata. Meneses said that the staffer, Alexandra Esser, "merely PDF'd a copy before distributing it."

Meneses, who refused to disclose the identities of other LMG clients, added that: "LMG is a public relations firm, not a lobbying firm. I want to make that very clear...We're simply a public relations firm like any other PR firm that you've dealt with in the past."

An advertisement for LMG on Democrats.org lists Meneses by name and shows "grassroots lobbying" as a service that both he and the firm provide. The ad lists "government relations" as another LMG specialty. An old version of LMG's Web site saved by Archive.org--the current site is ... Read more

If you think there's something a little odd about a bunch of corn farmers lobbying Congress to hold hearings on the details of a Google-Yahoo advertising deal, you may be right.

A letter (PDF) that the American Corn Growers Association and other farmers' groups sent to the U.S. Congress on Monday appears to be linked to a Washington, D.C., lobby group that does work for cable providers, some of Google's most potent political adversaries.

The letter warned Senate and House committee chairmen that any such deal would "create a monopolistic concentration of power in the market for online search and related advertising."

Excerpt from PDF of anti-Google letter signed by a corn farmers' group. The author's name is the same as a staffer for a secretive D.C. lobby shop used by Google's adversaries.

An examination of the metadata in the PDF version of the letter shows that the author was Alexandra Esser. That's the name of a staffer at a secretive Washington, D.C., lobby organization called the LawMedia Group, which currently counts the National Cable and Telecommunications Association as a client and counted AT&T as one in the past.

The LawMedia Group was founded by Julian Epstein, a former high-ranking House Democratic aide who The Washington Post once called a "dashing bachelor, a hip-hop aficionado who drives a soft-top Jeep Sahara and lives in an Adams-Morgan loft he designed himself." LMG once described itself as providing "... Read more

[Update 6/12 11:40 a.m. Verizon has offered more details on what newsgroups will be removed. And here's background on whether or not Usenet is being blocked.]

New York Attorney General Andrew Cuomo announced on Tuesday that Verizon Communications, Time Warner Cable, and Sprint would "shut down major sources of online child pornography."

What Cuomo didn't say is that his agreement with broadband providers means that they will broadly curb customers' access to Usenet--the venerable pre-Web home of some 100,000 discussion groups, only a handful of which contain illegal material.

Time Warner Cable said it will cease to offer customers access to any Usenet newsgroups, a decision that will affect customers nationwide. Sprint said it would no longer offer any of the tens of thousands of alt.* Usenet newsgroups. Verizon's plan is to eliminate some "fairly broad newsgroup areas."

It's not quite the death of Usenet (which has been predicted, incorrectly, countless times). But if a politician can pressure three of the largest Internet providers into censorial acquiescence, it may only be a matter of time before smaller ones like Supernews, Giganews, and Usenet.com feel the squeeze.

Cuomo's office said it had "reviewed millions of pictures over several months" and found only "88 different newsgroups" containing child pornography.

"We are attacking this problem by working with Internet service providers to ensure they do not play host to this immoral business," Cuomo said in a statement released after a press conference in ... Read more

One of the more interesting tidbits from News.com's survey published this morning on instant messaging privacy came from Skype.

The eBay-owned company says it is unable to comply with court-authorized wiretap requests.

We asked Skype: "Have you ever received a subpoena, court order or other law enforcement request asking you to perform a live interception or wiretap, meaning the contents of your users' communications would be instantly forwarded to law enforcement?"

Jennifer Caukin, Skype's director of corporate communications replied to us: "We have not received any subpoenas or court orders asking us to perform a live interception or wiretap of Skype-to-Skype communications. In any event, because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request."

This isn't entirely a surprise. Skype, which claims something like 300 million user accounts, has said in the past that it "cooperates fully with all lawful requests from relevant authorities" but that it is not subject to the U.S. must-provide-a-wiretapping-backdoor law called the Communications Assistance for Law Enforcement Act. Police in Germany, for instance, already have complained of Skype's lack of ready wiretappability.

Because the company's SkypeIn and SkypeOut services send data through the traditional telecommunications network, they presumably can be wiretapped at that point. But voice communications that flow exclusively through the company's peer-to-peer network--and are encrypted using AES--are a different story.

There's no guarantee that Skype's AES encryption is implemented properly or ... Read more

The number of interested parties eager to listen in on your online conversations, including what you type through instant messaging, has never been higher.

It's trivial to monitor unencrypted wireless networks and snatch IM passwords as they flow through the ether. Broadband providers and their business partners are enthusiastically peeking into their customers' conversations. A bipartisan majority in Congress has handed the FBI and shadowy government agencies greater surveillance authority than ever before.

The need, in other words, for secure IM communication has never been greater. But not all IM networks offer the same privacy and security. To chart the differences, CNET News.com surveyed companies providing popular IM services and asked them to answer the same 10 questions.

One focus was how secure the IM service was--in other words, does it protect users against eavesdropping? It's been 12 years since the introduction of ICQ in 1996, and 20 years since the Usenix paper (PDF) describing the Zephyr IM protocol that spread to MIT and Carnegie Mellon University. By now, encryption should be commonplace.

We found that only half of the services provide complete encryption: AOL Instant Messenger, Google Talk, IBM's Lotus Sametime, and Skype do. To their credit, not one service says it keeps logs of the content of users' communications (a certain lure for federal investigators or snoopy divorce attorneys). For connection logs, Microsoft alone said it keeps none at all--though Google and Skype said their logs were deleted after a short time.

Encryption is ... Read more

A series of statements about immunizing telecommunications companies that violated federal wiretapping laws have become something of an embarrassment, and perhaps even a problem, for John McCain's presidential campaign.

The statements revolve around whether McCain, like President Bush, supports legislation that could be voted on this month extending retroactive immunity to those companies and perhaps many more. The problem for the onetime captain of the Straight Talk Express is that his varying statements at different times are starting to seem -- dare we say it? -- almost Clintonian.

John McCain (left) meets with President Bush on March 5. In endorsing McCain's presidential bid, Bush said "he's not going to change when it comes to taking on the enemy. He understands this is a dangerous world."

(Credit: White House photo by Chris Greenberg)

When news about the National Security Agency's warrantless wiretapping program became public years ago, McCain was critical of it. McCain told the Associated Press that he wanted to know more about the program but "theoretically, I obviously wouldn't like it." He agreed with Matt Lauer on The Today Show that "it is up to a court of law to find out if someone broke the law here and where punishment should be handed out."

That seems pretty clear. In 2005, at least, McCain was in favor of letting the courts decide whether AT&T and other telecos violated the law.

Last fall, while preparing our Tech Voter's Guide, ... Read more