Clay Shirky has the best overview I’ve seen/heard/read of PIPA and SOPA and the context from whence they emerged:

Bottom line: the legilsation’s about wanting us to be passive consumers, not producing and not sharing.

I put on my $DAYJOB CTO hat for Midas Green Tech and facilitated a conference call with Sean McLaughlin, the Chief of Staff for the Judiciary Committee, and executives from CoreNAP and DataFoundry today.

Sad to say, it’s not dead yet.  The “Internet experts hearing” that the Oversight committee was planning has apparently been canceled, so that’s a loud voice in opposition that the House probably won’t get to hear.

http://oversight.house.gov/index.php?option=com_jcalpro&Itemid=1&extmode=view&extid=363

The requirements to force ISPs to edit DNS results are apparently out, so that’s good.

Search engines will still be required to block results.

Visa and Mastercard will still be required to stop the financial flows.

Supposedly your hosting company won’t be required to look over your shoulder to see what’s going on on your site, but some legal eagles have noted that the only way for a hosting company to avoid penalty will probably be to….Look over your shoulder.

Now, to be fair, Sean did keep pounding on the point that “this applies only to foreign web sites.”  My problem is what’s really “foreign” in these days of the Internet / World Wide Web / globalization?

The next big event is the cloture vote on the 24th in the Senate.  For more info on that see

http://www.publicknowledge.org/blog/pipa’s-january-24th-vote-and-how-filibuster-w

EFF-Austin just received this press release from the Computer and Communications Industry Association:

Contact:
Heather Greenfield
202-783-0070 ext 113
hgreenfield@ccianet.org
Ed Black
202-783-0070 ext 110

FOR IMMEDIATE RELEASE:
January 12, 2012

Washington – Senate Judiciary Chairman Patrick Leahy has put out a statement may add a provision to study the impact of DNS blocking before that provision within the controversial PROTECT IP bill (PIPA) would take effect. The offer to suspend the timing of DNS blocking comes after cybersecurity experts in the Obama administration and those implementing the latest cybersecurity measure known as DNSSEC have warned PIPA and the latest cybersecurity measures the government has spent the last ten years developing are incompatible. Internet engineers and cybersecurity experts have written to Congress about their serious concerns.

The following can be attributed to Computer & Communications Industry Association President & CEO Ed Black:

“I hope this statement signals a recognition they didn’t understand this issue when the bill was drafted. We hope this means they will step back, talk to stakeholders, identify and focus on the real problem they’re trying to solve and target that. But it seems more likely to be aimed at newer opponents of the bill that haven’t absorbed how harmful the legislation would still be, even if there was a firm commitment to remove DNS blocking, which there isn’t.

“This DNS blocking was the tip of the iceberg in terms of the broad range of real problems with the approach of SOPA and PIPA. The DNS blocking was easy to understand and remove. Those who value the functioning of the Internet and the jobs that depend on it should now focus on the provisions of the legislation that still cause much collateral damage to the Internet.

“Those pushing this flawed bill discounted a lot of early concerns voiced by Internet experts about the bill. The DNS blocking was just one glaring flaw that would harm cybersecurity. There are a lot of other concerns they seem to continue to ignore about the collateral damage to the Internet that are also well founded. If the offer to further study the DNS blocking provision were a sign of real willingness to step back in general and rethink this bill, then it would be meaningful.”

About CCIA:
CCIA is an international, nonprofit association of computer and communications industry firms, representing a broad cross section of the industry. CCIA is dedicated to preserving full, fair and open competition throughout our industry. Our members employ more than 600,000 workers and generate annual revenues in excess of $200 billion.

Guest post by Mark Boyden

Found this recently (from July 2011, read article for full text, images, videos, documents, and deeper links):

Police To Begin Using Iris Scans From Controversial Iphone App, FED Forms “Center For Identity” At U-Texas Austin Campus

~ Alternative News Report – July 21, 2011

Representatives from private industry and the US federal government has already made a discreet presentation to college students in Austin Texas this spring where the concept of a series of “National Identity Management Centers” aka “The Center For Identity” was introduced to students.

I have wondered WHY this presentation was made on a college campus to college students, most of whom are gullible and many are still innocent to the beguiling tactics of surreptitiously introduced socialism and mass population surveillance programs by the federal government. Restated: most college kids do not understand what “social engineering” means, or “mass indoctrination by media gradualism.”

Until just recently if you were to try to explain these mind control methods to college kids they would hop on their skateboards and laugh it off. But that en mass naivete is now changing. “The Center For Identity” on the University of Texas at Austin has already been planned and now has a web presence.

A close friend, college aged, and a student in Austin, who attended this presentation told me later the entire ambiance of the material was creepy, hard to understand and altogether very ambiguous.

Just exactly WHAT is a “national identity management center’? I examined the literature which was handed out at this presentation and it was all cloaked in well familiar magnanimous federal platitudes about ‘personal identity security” and so forth. There was even a letter included from President Obama. The specific term “RFID” was not referenced in the literature, but I had the very distinct feeling that once these federally staffed “national identity management centers” become operative, that RFID, Iris scans, facial recognition, DNA scans and a host of other high technology personal identification methods will be deployed through the centers. There is a partnership forming between high level corporations and the federal government to establish these “national identity management centers” for profit. That was made very clear in the documents that I examined. I have posted some of these documents at the end of this report.

Read the entire article, view the videos, and included documents, at Alternative News Report.

Former EFF-Austin Director Cory Doctorow thinks that there’s a war on general purpose computing.

Transcript at

https://github.com/jwise/28c3-doctorow/blob/master/transcript.md

But it’s not as bad as all that. It’s not a “war” on GP computers–in
fact things would grind to a halt rapidly without a continual supply of
the very speedy and infinitely mutable CPUs that make modern tech work
and progress.

What will happen–in fact is already happening–is the shift of data
storage and muscular data processing off of the commonplace
laptop/desktop model that we have today to the “cloud.” Aside from the
obvious privacy issues, this is not all bad. Take a look at the Google
ChromeOS model. Lose your ChromeBook? No big deal, just go get another
one, log in, and there’s your stuff. Viruses? Not your problem.
Apple’s Siri is another cloud app bellwether. A few milliseconds of
crunching on a CPU in a datacenter, plus some database dips provide
version 1.0 of an actual intelligent agent application that would be
impossible to implement in a meaningful way on a desktop. So the trend
is back toward centralization of data and processing, not a war on
computing. Great risks come with centralization though.

As for cars, aircraft, and the like, code signing and other security
tools _must_ be deployed in life safety and other critical applications.
Designers and developers who implement these systems using commercially
available and open source general purpose operating systems need to be
flogged. Yes, it’s cheap and fast, but it’s not good. Just ask Siemens
and the Iranians. We need to have a lot more R&D on building hardened
Real Time Operating Systems for critical applications to run on, and
have better testing and development procedures for those applications
and RTOS’s.

Centralization of personal data favors the oppressor and the marketer.
Implementing the centralization (which is going to happen, market
forces are too strong) without getting the security and privacy right
is a greater risk, and the real battle ground.

High-tech law enforcement under scrutiny

This post concludes EFF Austin’s investigation of DART’s #OpWardrive; here’s our initial post, announcement of operation cancellation, and update on the open records request.

In our last post, we summarized our inquiry into the City of Austin Police Department’s Digital Analysis Response Team’s (DART) Operation Wardrive, concluding that it was now up to the City to provide the documents responsive to our open records request which the Office of the Attorney General (OAG) declared were not exempt from disclosure. In a letter dated December 16th (notably well within the ten calendar day deadline initiated on December 13th), the City of Austin responded by postal mail with copies of the remaining documents.

Here’s the cover letter and documents:

Operation Wardrive Open Records Request – City of Austin Response – December 16, 2011

Included were two new documents: an “Operational Briefing” and a “Synopsis of Operation.” The operation objective is worth reproducing in full:

Operation Objective
Crack down on unsecured wireless networks in residential neighborhoods.

The Austin Police DART Unit plans to conduct a ‘wardriving’ mission around select Austin neighborhoods in an effort to educate its citizens to secure their wireless networks.

‘Wardriving’ refers to the technique of searching for unsecured wireless networks by driving the streets armed simply with a laptop or smartphone seeking network connections. When unsecured networks are found, the Police detectives will pay a friendly visit to the household or small business, informing them of the risks they are exposing themselves to and attempt to assist in securing their wireless network.

The Synopsis provides a little additional information:

Detectives should log the locations where they have made contact with residents and identify them on provided activity sheet.

There are a few items worth emphasizing here:

1. EFF Austin requested “All documents and communications related to the selection and identification of Austin locations, neighborhoods, and/or individual citizens that will be targeted by ‘Operation Wardrive’”. The Briefing specifies target locations as “Austin Neighborhoods,” while the objective mentions “select Austin neighborhoods.” We are left to presume the neighborhoods selected would be left to the recognizance of DART detectives or decided and communicated off-the-record, perhaps during the 30-minute briefing on September 22nd prior to the operation.
2. EFF Austin requested “All documents and communications related to the devices, software, and other technologies that will be utilized to identify Austin locations with unencrypted broadband networks.” The Briefing indicates wardriving may be practiced “simply with a laptop or smartphone seeking network connections” but does not explicitly declare this as the tools or techniques DART would be deploying.
3. EFF Austin requested “All documents and communications related to the policies governing the protection and security of the information obtained during ‘Operation Wardrive’”. The Synopsis instructs detectives to log the names and addresses of individual citizens they paid “friendly visit[s]” to, thus creating public records of open wireless access points – one of EFF Austin’s original concerns.
4. Perhaps most revealingly, EFF Austin requested “All documents and communications related to The City of Austin’s, Austin Police Department’s, the Digital Analysis Response Team’s, or other Austin governmental agency’s recommendations and/or suggested practices for securing wireless broadband networks.” We did not receive a single document, nor can we find a single sentence responsive to this inquiry, leaving one to ask: how could DART “Crack down on unsecured wireless networks in residential neighborhoods” if the City of Austin was unable to locate a single document explaining how citizens or detectives are supposed to go about securing those networks?

Perhaps DART detectives have received special training towards that end…

Standard Operating Procedures

The last document included in the City’s response was an unredacted version of the APD DART Standard Operating Procedures (SOP), available in the embed above. The City provided EFF Austin with a redacted version of the SOP while appealing to the Office of the Attorney General, insisting that disclosure might interfere with law enforcement and crime prevention efforts. The OAG disagreed, forcing the City to release the complete document. It is an interesting read we encourage you to review, revealing the marching orders of one of the most venerable computer forensics and cybercrime prevention units in the country.

Within the previously censored sections of the document, EFF Austin found an item that might be worth further exploration.

The duties of the Sergeant of DART, the ranking officer of what appears to be a team of five detectives, are described in section .05.C.1 under “Personnel Duties, Authority, and Responsibilities.” Item “aa” on page 5 states:

Act as unit coordinator with the Austin Metro High Tech Foundation (AMHTF) Board of Directors:

1. Prepare annual budget for December meeting which projects anticipated expenditures of the AMHTF monies over the upcoming calendar year.
2. Supervise expenditures of these budgeted monies over the budget year and authorize all expenditures from these monies.
3. Prepare annual reports for the board of directors meetings itemizing budgeted expenditures for the previous year.
4. Prepare reimbursement request(s) for the AMHTF, as needed, to recover monies from authorized expenditures. Provide a receipt for all items in the reimbursement request.
5. Authorize disbursements from and provide accounting on the travel and training fund provided by the AMHTF.

What is the Austin Metro High Tech Foundation? Some historical perspective can be found at what appears to be the Foundation’s most recent website, a lonely Geocities relic worthy of review for its quirky mid-90′s Internet aesthetic alone. Quoting from the site:

The Austin Metro High Tech Foundation (AMHTF) is an organization founded by local companies and law enforcement personnel to battle high-tech crime in the Austin Metro area. The Foundation began in mid-1994, when seven area security managers decided to join with local law enforcement to form a policing unit dedicated to investigating high-tech crimes.

Since 1994, the Foundation membership has grown, along with the expertise of the law enforcement personnel assigned to high-tech crimes.

And what does the Foundation do – or rather what did the Foundation do at this time?

Foundation members provide funds, training and in-kind donations to support the law enforcement community’s high-tech crime efforts. The funds are used for education, equipment and travel required by law enforcement personnel. The benefit to members is the increase in prosecutions and restitution associated with high-tech crimes.

This 1999 LA Times story (“Tech Firms Pay Police Agencies to Fight Cyber Crime”) mentions the Austin foundation, and its byline (“Law enforcement: Intel funds sheriff’s unit that chases computer pirates. Some fear conflict of interest.”) hints at reasons why AMHTF may opt for a low profile.

This is not to say funding from the Foundation is without cause or merit; from the article:

When losses mounted from armed robberies at computer chip plants in Austin in the early ’90s, the city’s high-tech companies decided to finance a private nonprofit group to train officers to deal with the problem. Through the Austin Metro High Tech Foundation, firms including IBM and Dell Computer Corp. annually donate up to $10,000 each for investigators’ training, travel and equipment.

In return, businesses–including Applied Micro Devices, National Instruments and Motorola Corp.–say they expect law enforcement to treat computer crime as seriously as drugs and gang violence.

In 1999, according to the article’s author, public sentiment was decidedly mixed on the appropriateness of private corporations funding specific law enforcement efforts narrowly focused on crime prevention within their business sector. Is that the cause for AMHTF deciding to assume a low public profile? Is that the reason why public servants of the City of Austin attempted to perpetuate the Foundation’s low profile through selective application of the secrecy attendant on the darkness of redaction?

In the cleansing sunlight, perhaps we’ll see.

Official seal of the Office of the Attorney General of Texas

In late September, the Austin Police Department (APD) aimed to identify open residential wireless access points around the city and educate their owners about the risks of providing free Internet access. The initiative, dubbed Operation Wardrive, was announced by an APD Public Information Office press release which was quickly picked up by local ABC-affiliate KVUE. Word circulated throughout the community and back to local officials, who quashed the nascent effort by APD’s Digital Analysis Response Unit (DART) prior to deployment. It remains uncertain whether the project will be restarted.

One facet of the community response to #OpWardrive was an open records request filed by EFF Austin with the City of Austin’s Communications and Public Information Office on September 21st. We made ten distinct requests for information, ranging from details about the inception and planning of the initiative, to the technologies and techniques DART intended to employ to reliably associate an omnidirectional access point signal with a particular residence in a densely populated metropolitan area.

Why did we make these requests? If the Austin Police Department gathers data about open wireless access points operated by local citizens and organizations, we think it’s important to have a full and complete understanding of both intention and process. How will this data be used? Where will it be stored? Will it be retained and mapped? Is there a surveillance aspect to this activity? IF this activity is limited in scope, as suggested by one email we acquired suggesting that the wardrive would be only one time for a few hours, what is the target area, and why was it selected?

As compared to other states, Texas has admirable Open Records laws defined in Chapter 552 of the Texas Government Code. Conforming with § 552.301(b), the City of Austin (CoA) responded to our request on October 5th (within 10 business days) providing a handful of documents responsive to our inquiry while simultaneously requesting a decision from the Office of the Attorney General (OAG) on the disclosure of additional records.

Operation Wardrive Open Records Request – City of Austin Response (Oct 5, 2011) – Letters

The documents withheld are alleged to fall under the protection of the attorney-client privilege (§ 552.107(1)) or potentially interfere with law enforcement and crime prevention efforts (§ 552.108(b)(1)). The documents provided to EFF Austin included emails discussing the Operation Wardrive press release and a heavily redacted document detailing APD DART’s Standard Operating Procedures (SOP).

Operation Wardrive Open Records Request – City of Austin Response (Oct 5, 2011) – Records

The Texas Attorney General had 45 business days to issue a ruling on the CoA’s request, and dutifully responded on December 13th (EFF Austin opted not to exercise its right to comment in support of the release of the requested materials as described in § 552.304). The Office of the Attorney General concurred with the City of Austin concerning records protected by attorney-client privilege, but did not entirely agree with the assertion that the remaining documents could be withheld for fear of disrupting law enforcement efforts. The remaining documents include an “operational briefing” and the redacted sections of the SOP (with the exception of the cellular phone numbers of DART detectives, which are wisely protected pursuant to Open Records Decision 506 at 2 (1988)).

Operation Wardrive Open Records Request – Attorney General Response (Dec 13, 2011)

The City of Austin now has ten calendar days to either provide the requested information or access to it, or contest the OAG’s decision in court. We’ll post updates as the story unfolds.

EFF-Austin is joining the rest of the Austin web community for a giant geek holiday party. Come escape from the stress of end-of-year deadlines and impending familial obligations with some great drinks and awesome people.

Each year participation has grown, and what started out as a small gathering now includes 14 active groups spanning a wide swatch of the Austin Web and Tech community. In line with participation from so many groups, an array of awesome local businesses have stepped up to sponsor the event, picking up a sizable bar tab and covering other party-related costs.

Austin is an amazing town filled with inspiring people and groups. You should come party with all of them on December 13th.

Event Details
www.refreshaustin.org/bash/
RSVP on Facebook: http://j.mp/bash2011 (not required, but it helps us plan)
7 – 9pm, Tuesday, December 13th, 2011
Buffalo Billiards (6th and Brazos)

Admission: At least one canned good for the Capital Area Food Bank.
(Last year we collected 200 pounds of canned goods and $200 cash!)

The Community
Austin.rb
Austin All-Girl Hack Night
Austin JavaScript
Austin Lean Startup Circle
Austin on Rails
Austin PHP Meetup
Austin Web Design Meetup
Austin Web Python Users Group
EFF-Austin
Hacks/Hackers ATX
IxDA-Austin
Refresh Austin
WordPress Austin
Young Woman’s Roundtable

Our Amazing Sponsors
Austin Ventures – www.austinventures.com
BuildASign – www.buildasign.com
CoSpace – www.cospaceatx.com
HTML5 Cookbook – www.amazon.com/dp/1449396798
Taecho Group – www.taechogroup.com
WP Engine – www.wpengine.com

We hope that you’ll come on out to catch up with old friends and make some new ones on December 13th!

Steven Levy

Steven Levy, author of In the Plex: How Google Thinks, Works, and Shapes Our Lives, will give a free talk in Austin this Thursday, November 10, at 7pm at the Jewish Book Fair.Orignally Steven was going to give a second talk to EFF-Austin Friday, but he couldn’t stay over, so EFF-Austin supporters are encouraged to attend the Thursday event, which is at 7300 Hart Lane.

Steven sent this description of this planned talk: “I will be talking about everything Google, but am more than happy to talk about the issues that arise from the company’s considerable power. During the time that I was immersed in the company, it was completing its unwilling morph from a feisty David into an intimidating Goliath. This caused considerable cognitive dissonance in areas like privacy, market power, and book search. EFF’ers are encouraged to ask plenty questions!”