IP Source

Thursday, 29 March 2012

6 Strikes

Starting this July, Internet service providers and the copyright industry will institute a "Copyright Alerts" system that they hope will curb online copyright infringement. Here's everything you need to know.

Starting July 1, the nation’s largest Internet service providers (ISPs) have agreed to adopt a “Graduated Response” program intended to cut down on illegal file sharing. The program, colloquially known as the “six-strikes” system, is the brainchild of the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA) — the same industry groups that conjured up SOPA and PIPA. The system will affect millions of Internet users across the country. Whether you download your music and movies from the Internet or not, it is important for everyone to understand what the plan is, and how it could affect your life. Here is everything you need to know about “six-strikes.”

How does it work, in a nutshell?

Anytime copyright holders find that their content is being illegally downloaded, they will contact the participating ISPs. The ISPs will then send out an initial “copyright alert” to accounts linked to the alleged infringement. If a subscriber’s account continues to be linked to infringement, his or her ISP will send out up to four written notices, the natures of which are sometimes vague and varying. If the alleged infringement continues still, the ISP will then take “mitigation measures,” which include bandwidth throttling (i.e. slowing down the accused subscriber’s connection), or even temporarily cutting off full Web browsing abilities. In cases where alleged infringement persists after the initial mitigation measure, the subscriber may face lawsuits from the copyright holder, and/or have their Internet access cut entirely, in accordance with section 512 of the Digital Millennium Copyright Act (DCMA).

Who is in charge of this system?

Administering “six strikes” is a new entity called the Center for Copyright Information (CCI), which was established by the entertainment industry and the ISP industry. (Internet users were not part of the negotiations.) The CCI will be governed by a six-person executive committee, made up of three representatives of the copyright industry, and three representatives of participating Internet service providers. There will also be a three-person advisory board, made up of people “from relevant subject matter and consumer interest communities,” who represent us, the Internet users, in all this. Though, from the looks of it, the advisory committee appears to be mostly ornamental.
The CCI develops the “educational material” part of the alerts, and develops a set of “best practices” for the copyright alerts system to abide by. According to the CCI’s FAQs, the CCI will also “benefit from guidance by consumer advocates and technical experts serving on its advisory committee or providing other expert services,” whatever that means.

Which ISPs are part of this plan?

The big ones. Those currently on board include AT&T, Cablevison, Comcast, Time Warner Cable, and Verizon. Smaller, local ISPs are not yet included in the plan. But more may climb aboard by the time the plan sets sail this summer.

What are these alerts?

Officially, the plan contains six levels of “copyright alerts,” and the consequences at each depth intensify. They are as follows:
  • First alert: An ISP will send a written alert (probably via email), which informs the subscriber that his/her account has been linked to infringing activities. This alert will also direct the subscriber to “educational resources” which will “(i) help him/her to check the security of his/her computer and any Wifi network, (ii) provide explanatory steps which will help to avoid content theft in the future and (iii) provide information about the abundant sources of lawful music, film and TV content,” according to the CCI. Of course, all of these “educational resources” are provided by the entertainment industry and their ISP cohorts, so you can guess what kind of advice these one-sided resources provide.
  • Second alert: This alert nearly mimics the first, but will “underscore the educational messages.” Also, ISPs may choose to simply skip this alert, and jump to option number three.
  • Third alert: At this level, things get creepy. Once an account is linked to infringing behavior a third time, the ISP will issue the alert through a “conspicuous mechanism,” like a pop-up window or landing screen, when the user goes online. The user must then explicitly acknowledge that he/she has seen the alert, which reminds that “content theft” is taking place through his/her account, and re-informs him/her the consequences of illegally downloading copyrighted content.
  • Fourth alert: The fourth alert is essentially identical to the third alert.
  • Fifth alert: Now the “mitigation measures” begin. In addition to sending an alert (probably the same alert as the third and fourth alerts), the ISP can choose to a) reduce Internet connection speeds (i.e. throttling); b) impose a landing page, which the accused subscriber cannot bypass until he/she contacts the ISP “to discuss the matter” — or reviews and responds to more of that enlightening “educational material.” According to the agreement, the ISPs have some freedom to choose which mitigation measures to take at this point in the alert process. And these measures may include some that are not listed here.
  • Sixth alert: At this point, the ISP may issue another mitigation measure. But the company could, legally, suspend the customer’s account altogether — though that is not an official part of the plan. Also, the subscriber could be sued by the copyright holders under DCMA. That said, the specific consequences at this stage remain dangerously unclear. (We’re putting our money on lawsuits.) The CCI does not expect many subscribers to reach this level of alert.

Is this the same as the “three strikes” laws overseas?

No. First, this plan is not a law at all. It is a voluntary agreement between copyright holders and ISPs. Second, this plan does not mandate that ISPs completely cut subscribers’ Internet access, as is the case with so-called “three strikes” laws. Moreover, the plan does not even include a temporary suspension of Internet access — unless, of course, you consider an impassable landing page a suspension of Internet access.

Who decides to send out these alerts?

The ISPs are in charge of sending out the alerts, as they are the only ones who can link the allegedly infringing activity to specific subscriber accounts. However, the ISPs take this action based entirely on the allegations of the copyright holders. In other words, Internet users can be punished because of accusations by the copyright industry, but no one is necessarily verifying the claims.

What do copyright holders hope to achieve with these alerts?

Studies show that many people do not know that downloading content from torrent sites, or other websites is illegal. Even if they do, many fail to realize the potentially severity of the consequences. By sending out these alerts, Big Entertainment and the ISPs hope that many will simply stop getting their entertainment illegally, and opt for legal distribution outlets.

What happens if my account is incorrectly linked to copyright infringement?

This is perhaps the most problematic part of this plan, as it puts the burden of proof on the Internet subscriber, who must prove that he did not illegally download copyrighted content. As it stands, all a copyright holder has to do is say — but not prove — that infringing activities are taking place in order for an ISP to alert or punish a subscriber with throttling or access disruption. In other words: Users are considered guilty unless they can prove themselves innocent. As the Electronic Frontier Foundation, a public rights advocacy group, notes, “This burden-shift violates our traditional procedural due process norms and is based on the presumed reliability of infringement-detection systems that subscribers haven’t vetted and to which they cannot object.”
If you do find that your account has been incorrectly targeted — or that your Wi-Fi was used by someone else to illegally download copyrighted works — you have only 10 days to challenge the accusation. As Ars Technica reports, there are six “pre-approved” methods for challenging these accusations. (Any method that strays from these six options is not acceptable.) Also, doing so will cost you a $35 “filing fee,” paid to the CCI, which will be refunded if you are found to be in the right. It is currently not clear which lawyers decide who is right and who is wrong in these cases. And it is entirely possible that they will have ties to the copyright industry.

Are there any consequences for copyright holders who wrongly accuse subscribers of infringement?


So, is this plan good or bad for Internet users?

It is good in that receiving an alert is better than getting hit with a lawsuit out of the blue. Also, by sending out multiple notices before a subscriber faces any punishments, the system gives people a chance to stop downloading copyrighted content illegally before facing any type of legal action.
However, it is bad because the entire system was constructed without any input from Internet users. It was also created entirely by big entertainment lobbyists (i.e. the MPAA and RIAA), and is constructed to serve their needs, regardless of whether those needs are at odds with individual users’ needs. Furthermore, all of the “educational material” passed out comes from the copyright industry, which is known to use false information and scare-mongering to describe the effects of unregulated intellectual property.
In short, the system is rigged in favor of the copyright industry.

Is there any way I can fight back against this plan?

The plan has not yet gone into effect, so time remains for things to change. That said, individuals can do very little. One option: tell your ISP that you plan to cancel your service if they move forward with this system. Another is to express your concern about the plan to your senators and representatives in Congress. Unfortunately, neither of these options stand much chance of working — unless the Internet community at large pushes back in concert

Friday, 9 March 2012

Mercedes Cloaking Device

It's not often that folks want to hide the fact that they're driving a Mercedes, what with plenty of them being among of the finest motorcars on the road. However, as part of a marketing plan to call attention to its zero-emissions F-Cell model, the German marque swathed a side of one in LEDs to give it the ultimate in camouflage.

You see, in addition to that makeshift display, a Canon 5D Mark II was mounted on the other side of the car so that video of its surroundings could be shown on the LED bodywork -- rendering the car all but invisible to onlookers, as long as they're staring at the left side, of course. More details and video here.

Thursday, 8 March 2012

DuQu - Mystery Code

VANCOUVER, British Columbia — DuQu, the malicious code that followed in the wake of the infamous Stuxnet code, has been analyzed nearly as much as its predecessor. But one part of the code remains a mystery, and researchers are asking programmers for help in solving it.

The mystery concerns an essential component of the malware that communicates with command-and-control servers and has the ability to download additional payload modules and execute them on infected machines.

Researchers at Russia-based antivirus firm Kaspersky Lab have been unable to determine the language in which the communication module is written and plan to discuss the mystery code Wednesday at the CanSecWest security conference in Vancouver in the hope of finding someone who can identify it.

They’ve also published a blog post providing more information about the language.

While other parts of DuQu are written in the C++ programming language and are compiled with Microsoft’s Visual C++ 2008, this part is not, according to Alexander Gostev, chief security expert at Kaspersky Lab. Gostev and his team have also determined that it’s not Objective C, Java, Python, Ada, Lua or many other languages they know.

While it’s possible the language was created exclusively by DuQu’s authors for their project and has never been used elsewhere, it’s also possible it’s a language that is commonly used, but only by a specific industry or class of programmers.

Kaspersky is hoping that someone in the programming community will recognize it and come forward to identify it. Identification of the language could help analysts build a profile of DuQu’s authors, particularly if they can tie the language to a group of people known to use this specialized programming language or even to people who were behind its development.

DuQu was discovered last year by Hungarian researchers at the Laboratory of Cryptography and System Security at Budapest University of Technology and Economics.

The researchers examined the code on behalf of an unidentified company that was infected by the malware. The Hungarian researchers discovered that the code was remarkably similar to Stuxnet and concluded that it had been written by the same team. But although Stuxnet was designed to sabotage centrifuges used in Iran’s uranium enrichment program, DuQu’s purpose was espionage. Researchers believe it’s designed to gather intelligence about targeted systems and networks in order for its authors to then design other malware, such as Stuxnet, to sabotage those systems.

Kaspersky researchers have been analyzing the code and its command-and-control structure on and off for months. In that time, they’ve been unable to determine very much about the language in which DuQu’s communication module is written, except that the language is object-oriented and is highly specialized.

The module is an important part of DuQu’s payload — which is the part of DuQu that performs malicious functions once it’s on an infected machine. The module allows DuQu’s DLL file to operate completely independent of other DuQu modules. It also takes data stolen from infected machines and transmits it to command-and-control servers and has the ability to distribute additional malicious payloads to other machines on a network, in order to spread the infection.

It’s unclear why this part of the malware was written in a different language, but Gostev says it could be that it was simply written by a different team than the team that wrote the rest of the code. This team may have used this language simply because it was more familiar with it, or it had special properties for the tasks the team wanted to accomplish.

But, Gostev says, it could also be that DuQu’s developers purposely used a customized language for this part of the malware in order to prevent researchers and anyone else who might discover the code from fully analyzing it and understanding its interactions with command-and-control servers.

Hackers Vie for More Than $1 Million

As alleged hackers from LulzSec and Anonymous contemplate the possibility of a life behind bars, other hackers are limbering up in Canada this week to vie for more than $1 million in prize money for their hacking prowess.
The annual Pwn2Own contest at the CanSecWest security conference is in its sixth year and aims to improve the security of the internet by challenging researchers to find zero-day vulnerabilities and develop exploits to attack them, while disclosing the findings to vendors to allow the companies to patch their products before the vulnerabilities can be exploited in the wild. The contest provides the makers of browser software and other applications with valuable information about security flaws in their products, without having to spend the time and resources to uncover the vulnerabilities themselves.

The targets this year are four browsers — Microsoft’s Internet Explorer, Apple Safari, Mozilla Firefox and Google Chrome. Contestants aim to own a browser — or “pwn” in hackerspeak — by using exploits to get the browser to run arbitrary code of the hacker’s choice.

The browsers being targeted will be running on systems with fully patched versions of the Windows 7 or Lion operating systems.

Contestants earn points for various levels of exploits and the amount of time it takes to develop them, with the top three point-earners winning money awards. A working zero-day exploit against the latest version of any of the browsers, for example, earns the hacker or his team 32 points.

The person or team with the most points at the end of the contest will receive $60,000 from Hewlett-Packard, which sponsors the contest. Second place brings $30,000 and third place, $15,000. Additionally, the winners will receive the laptops on which the browsers were running during the contest. This year the laptops include two Asus Zenbooks and a Macbook Air.

The first year the contest was held in 2007, it took a contestant just five hours to discover an exploitable flaw in the Safari browser, and another four hours to write an exploit to attack it.
This year, Google has sweetened the pot with its own parallel contest focusing just on its Chrome browser. Although Chrome was one of the target browsers in last year’s contest, no contestant took aim at it, leaving Google to go home with an empty exploit bag. This year to entice researchers, Google decided to sponsor its own contest, with up to $1 million in cash awards to anyone who can uncover vulnerabilities and develop working exploits for Chrome.

Google has pledged to pay multiple awards in the amounts of $60,000, $40,000 and $20,000, depending on the severity and characteristics of the exploits, up to $1 million. Winners will also receive a Chromebook.

“[W]e have a big learning opportunity when we receive full end-to-end exploits,” Google’s Chrome security team wrote in a blog post last month. “Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing. This enables us to better protect our users.”

The breakdown for Chrome exploit awards is as follows:

$60,000 — “Full Chrome exploit”: Chrome / Win7 local OS user account persistence using only bugs in Chrome itself.

$40,000 — “Partial Chrome exploit”: Chrome / Win7 local OS user account persistence using at least one bug in Chrome itself, plus other bugs. For example, a WebKit bug combined with a Windows sandbox bug.

$20,000 — “Consolation reward, Flash / Windows / other”: Chrome / Win7 local OS user account persistence that does not use bugs in Chrome. For example, bugs in one or more of Flash, Windows or a driver. These exploits are not specific to Chrome and will be a threat to users of any web browser. Although not specifically Chrome’s issue, we’ve decided to offer consolation prizes because these findings still help us toward our mission of making the entire web safer.

 All winners will also receive a Chromebook.

Running parallel to the two contests will be a full schedule of security talks from Wednesday to Friday, focusing on such topics as vulnerabilities in the HDMI (High-Definition Multimedia Interace), bypassing firewall filtering and the legal issues around security research of mobile devices.
How stupid is that? Does this sound like the Golden Arrow offered to Robin Hood if he could win the archery contest?

Uncle Sam: If It Ends in .Com, It’s .Seizable

When U.S. authorities shuttered sports-wagering site Bodog.com last week, it raised eyebrows across the net because the domain name was registered with a Canadian company, ostensibly putting it beyond the reach of the U.S. government. Working around that, the feds went directly to VeriSign, a U.S.-based internet backbone company that has the contract to manage the coveted .com and other “generic” top-level domains.
 EasyDNS, an internet infrastructure company, protested that the “ramifications of this are no less than chilling and every single organization branded or operating under .com, .net, .org, .biz etc. needs to ask themselves about their vulnerability to the whims of U.S. federal and state lawmakers.”

But despite EasyDNS and others’ outrage, the U.S. government says it’s gone that route hundreds of times. Furthermore, it says it has the right to seize any .com, .net and .org domain name because the companies that have the contracts to administer them are based on United States soil, according to Nicole Navas, an Immigration and Customs Enforcement spokeswoman.

The controversy highlights the unique control the U.S. continues to hold over key components of the global domain name system, and rips a Band-Aid off a historic sore point for other nations. A complicated web of bureaucracy and Commerce Department-dictated contracts signed in 1999 established that key domains would be contracted out to Network Solutions, which was acquired by VeriSign in 2000. That cemented control of all-important .com and .net domains with a U.S. company – VeriSign – putting every website using one of those addresses firmly within reach of American courts regardless of where the owners are located – possibly forever.

The government, Navas said, usually serves court-ordered seizures on VeriSign, which manages domains ending in .com, .net, .cc, .tv and .name, because “foreign-based registrars are not bound to comply with U.S. court orders.” The government does the same with the non-profit counterpart to VeriSign that now manages the .org domain. That’s the Public Interest Registry, which, like VeriSign, is based in Virginia.

Such seizures are becoming commonplace under the Obama administration. For example, the U.S. government program known as Operation in Our Sites acquires federal court orders to shutter sites it believes are hawking counterfeited goods, illegal sports streams and unauthorized movies and music. Navas said the U.S. government has seized 750 domain names, “most with foreign-based registrars.”

VeriSign, for its part, said it is complying with U.S. law. “VeriSign responds to lawful court orders subject to its technical capabilities,” the company said in a statement. “When law enforcement presents us with such lawful orders impacting domain names within our registries, we respond within our technical capabilities.”

VeriSign declined to entertain questions about how many times it has done this. It often complies with U.S. court orders by redirecting the DNS (Domain Name System) of a domain to a U.S. government IP address that informs online visitors that the site has been seized (for example, ninjavideo.net.)

“Beyond that, further questions should be directed to the appropriate U.S. federal government agency responsible for the domain name seizure,” the company said.

The Public Interest Registry did not immediately respond for comment.

Bodog.com was targeted because federal law generally makes it illegal to offer online sports wagering and to payoff online bets in the United States, even though online gambling isn’t illegal globally.

Bodog.com was registered with a Canadian registrar, a VeriSign subcontractor, but the United States shuttered the site without any intervention from Canadian authorities or companies.
Instead, the feds went straight to VeriSign. It’s a powerful company deeply enmeshed in the backbone operations of the internet, including managing the .com infrastructure and operating root name servers. VeriSign has a cozy relationship with the federal government, and has long had a contract from the U.S. government to help manage the internet’s “root file” that is key to having a unified internet name system.

Still, the issue of the U.S.’s legal dominion claim over all .com domains wasn’t an issue in the January seizure of the domain of megaupload.com, which is implicated in one of the largest criminal copyright cases in U.S. history. Megaupload.com was registered in the United States with a registrar based in Washington state.

The United States would have won even more control over the internet with the Stop Online Piracy Act and the Protect IP Act. But the nation’s biggest online protest ever scuttled the measures, which would have allowed the government to force internet service providers in the U.S. to prevent Americans from being able to visit or find in search engines websites that the U.S. government suspected violated U.S. copyright or trademark law.

But as the Justice Department demonstrated forcefully with the takedown of Megaupload, just a day after the net’s coordinated anti-SOPA protest, it still has powerful weapons to use, despite the deaths of SOPA and PIPA.

So how does International Corporation for Assigned Names and Numbers, the global body that oversees the domain-naming system, feel about the U.S. government’s actions? ICANN declined comment and forwarded a 2010 blog post from it’s chief Rod Beckstrom, who said ICANN has “no involvement in the takedown of any website.”

ICANN, a non-profit established by the U.S., has never awarded a contract to manage the .com space to a company outside the United States — in fact VeriSign has always held it — despite having a contentious relationship with ICANN that’s involved a protracted lawsuit. But, due to contract terms, VeriSign is unlikely to ever lose control over the immensely economically valuable .com handle.

ICANN is also seeking to distance itself from the U.S. government by being more inclusive, including allowing domain names in a range of written, global languages, ending the exclusivity of the Latin alphabet in top-level domains.

Still, many outside the United States, like China, India and Russia, distrust ICANN and want control of the net’s naming system to be turned over to an organization such as the International Telecommunications Union, an affiliate of the United Nations. Last year, Russian Prime Minister Vladimir Putin met with Hamadoun Toure, the ITU’s chief, and said he wanted international control over the internet “using the monitoring capabilities of the International Telecommunication Union.”
“If we are going to talk about the democratization of international relations, I think a critical sphere is information exchange and global control over such exchange,” Putin said, according to a transcript from the Russian government.

Just last week, Robert McDowell, a Federal Communications Commission commissioner, blasted such an idea. “If successful, these efforts would merely imprison the future in the regulatory dungeon of the past,” he said. “Even more counterproductive would be the creation of a new international body to oversee internet governance.”

ICANN was established in 1998 by the Clinton administration, and has been under global attack to internationalize the control of the Domain Name System ever since. A United Nations working group in 2005 concluded that “no single government should have a pre-eminent role in relation to international internet governance.”

But those pressures don’t seem to have registered with President Barack Obama’s Justice Department. Hollywood was a big donor to Obama, and Obama reciprocated by naming at least five former Recording Industry Association of America attorneys to posts in the Justice Department, which has been waging a crackdown on internet piracy. The Justice Department is looking for even more money in next year’s budget to hire more intellectual-property prosecutors.

Without SOPA or PIPA, the Justice Department lacks any mechanism to prevent Americans from visiting sites that are on a domain not controlled by a U.S. corporation. Knowing that, the world’s leading BitTorrent site, The Pirate Bay, recently switched its main site from a .org domain to .se, the handle for Sweden.

The Pirate Bay’s lead is unlikely to be followed by the millions of non-U.S. companies that rely on .com, which remains the net’s beachfront real estate, even if it is subject to being confiscated by the U.S.

But it is possible that the U.S. government’s big-footing over dot-com domains in the name of fighting copyright could add more weight to the arguments of those who want to put the U.N. in charge of the internet’s naming system. While that’s not inevitably a bad thing, it could lead to a world where any .com might be seizable by any country, including Russia, Libya and Iran.

Wednesday, 7 March 2012

GPS Spectrum Wars

The Federal Communications Commission (FCC) announced in mid February that it would ask for public comment on its intention to revoke its conditional waiver granted to LightSquared in January 2011 to build a network of L-band ground stations to augment broadband data communications satellites. LightSquared’s proposed ground-to-ground and satellite-to-ground network would have supported a new generation of mobile broadband communication devices, such as smart-phones, laptops and PDAs.Several federal agencies objected to LightSquared’s plan on the grounds that it had the potential to degrade or deny GPS signal reception. So, they recently petitioned FCC to pull the plug on LightSquared. FCC’s intended revocation of the LightSquared waiver is a major setback to the Commission because it wants to open up as much as 500 MHz of bandwidth for broadband connectivity by 2020 according to its“Connecting America: The National Broadband Plan”.

The strategic plan was published in March 2010 at the behest of the U.S. Congress and the Obama administration with a prime goal of ensuring every American has access to broadband connectivity at competitive prices. In June 2010, the White House released a memorandum directing the heads of executive branch departments and agencies to work with the FCC to make
possible this goal.

The Plan states that wireless broadband is critical to achieving this objective and that the federal government must ensure “efficient allocation and management of . . . spectrum . . . to encourage network upgrades and competitive entry.” This requires identifying and freeing up radio frequency spectrum. At present, the FCC only has 50 MHz in free spectrum inventory, a tiny slice of what will be needed to provide coast-to-coast high-speed wireless connectivity.

The Plan, though, potentially collides with several civil aviation radio frequency uses within the 225- to 3700-MHz band, including emergency locator transmitters, ILS glidepath transmitters and ADS-B universal access transceivers for light air–craft, plus flight test telemetry, ATCRBS and Mode S transponders and Inmarsat satcoms, along with GPS and other global navigation satellite system receivers.

The FCC intends to license up to 90 MHz in the L-band Mobile Satellite Spectrum for wireless ground stations and that has the aircraft industry deeply concerned. This is an ultra-quiet niche of the L-band spectrum shared by global navigation satellite systems, along with Inmarsat and Iridium satcom systems. Satcom and satnav systems rely upon ultra-sensitive receivers to detect extremely weak signals transmitted from satellites orbiting 420 nm to 19,300 nm above the earth’s surface.

GPS space vehicles, for instance, only transmit about 20 watts in the 1575.42-MHz L1 frequency band and the satellites rotate in mid-earth orbit just under 11,000 nm away. By the time the signal reaches GPS receivers, it can be as weak as 10 -16 watt. That’s roughly comparative to sitting across a stadium from someone who is whispering to you and yet you’re able to hear the message in spite of background noise from flags waving, flies buzzing and birds chirping. That requires very sensitive and selective hearing. Your ears have to be able to filter out background noise that’s at least as strong as the whisper, if not stronger.

If crowds in the stadium start cheering, then it drowns out the whisper. Similarly, if strong signals are broadcast in L-band frequencies near the GPS frequencies, then they drown out the faint signal received from the navigation satellites. High-precision GPS receivers use 20.46 MHz of bandwidth centered on 1575.42 MHz in the 1559- to 1610-MHz band reserved for most satellite navigation systems. Current generation, civil aviation TSO-C145/C146 WAAS receivers are designed and certified to have peak sensitivity from 1585.19 MHz to 1585.65 MHz.

The next generation of GPS receivers, which will be compatible with Galileo among other satnav systems, will need at least 24 MHz of bandwidth centered on the same L1 frequency because they will provide higher precision position fixing and other advanced features. They will have peak
sensitivity from 1560.42 MHz to 1590.42 MHz, thus using 50% more bandwidth than today’s aviation spec GPS systems.

The highest precision GPS systems, such as those used for survey work, actually use wider bandwidth receivers. In essence, higher precision GPS receivers need greater bandwidth. These systems look at signals in adjacent bands outside of the satnav spectrum, but they have filters that prevent weak broadcast signals in neighboring bands from causing interference.

Aviation grade GPS receivers are tuned to reduce receiver sensitivity above and below the 1559- to 1610-MHz band to minimize interference. Receiver sensitivity is linearly and gradually decreased outside of 1575.42 MHz ±10.23 MHz with so-called “shadow mask” filters in order to earn TSO C145/C146 certification. The shadow mask filter is carefully engineered to enable the GPS receiver to use a broad range of L-band frequencies in neighboring bands to maximum position fixing precision and yet reject noise in those bands that would degrade or disrupt performance. Below and above the 1559- to 1619-MHz band, for instance, an aviation-grade GPS receiver is able to filter out signals from low-power L-band Inmarsat and Iridium satcom systems. Well-designed civil GPS receivers actually use 30 to 40 MHz of bandwidth centered on 1575.42 MHz.

But the shadow mask filters for aviation GPS receivers were not designed to provide immunity from extremely strong signal sources in neighboring L-band sectors, such as those that might come from high-power ground stations rather than satellites. It’s as though they’re trying to listen to a whisper from across a jammed stadium during a Super Bowl touchdown.

New York-based Harbinger Capital has been buying stock in wireless companies for several years, including a start-up venture called SkyTerra that planned to develop a hybrid 4G wireless network that would primarily use geostationary satellites with 40-watt transmitters augmented by very-low-power ground stations called ancillary terrestrial components, or ATCs for short. The ATCs are similar to the ground booster stations used by Sirius satellite radio to fill in dead spots
in urban areas within its broadcast coverage area. The FCC granted SkyTerra the authority to use ATCs to boost signal strength in 2005.

In 2010, Harbinger bought all the stock in SkyTerra and renamed it LightSquared. The business plan called for LightSquared to use to frequency bands, 1526 to 1536 MHz and 1454.2 to 1555 MHz, for space-to-earth downlinks. SkyTerra’s downlinks would have to share spectrum with Inmarsat, also licensed to use frequencies in the 1525- to 1559-MHz band. The firm paid millions of dollars to Inmarsat to reach an agreement to shift some of its satcom frequencies to make
room for LightSquared’s two downlink channels.

Few eyebrows in the GPS community were raised while all this was going on because engineers saw virtually no threat from LightSquared’s 40-watt satellite transmitters. Just as importantly, GPS engineers knew that the ATCs, used to fill in coverage gaps, would have to be limited to very low power so as not to jam reception from LightSquared’s own satellite transmissions. A side benefit was that the low-power ATCs would not cause GPS interference.

All that changed in January 2011 when LightSquared applied to the FCC for a waiver to offer terrestrial-only service for its 4G network. Freed of the need to limit ATC ground station signal strength to a whisper to safeguard 4G reception from satellites, the terrestrial-only service would have allowed transmissions that would be millions of times stronger — a roar that could have deafened GPS receivers in the neighboring band, as well as other L-band devices with sensitive receivers.

How strong would the signal from the ATCs be? LightSquared’s waiver potentially allowed it to crank up power to nearly 16 kilowatts per station. But the FCC required LightSquared to prove that there would be no significant interference with GPS. It quickly became apparent that such strong transmitters would be problematic, so LightSquared soon dialed back the peak power of the ATCs to just under 1,600 watts. It subsequently offered to use temporarily only the lower of its two L-band downlink channels in order to move farther away from the satnav band.

However, even using much lower power, the new ground station plan quickly got the attention of the GPS community, which united and created an uproar of its own. LightSquared planned to create a network of up to 40,000 ATCs, each of which could produce more than a billion times the signal strength of GPS depending upon receiver distance and elevation angle relative
to the ground station antenna. Even the most-robust aviation-grade GPS shadow mask filters operating nearby would go deaf in the presence of such a roar in a neighboring sector of L-band.

American farmers joined the protest against LightSquared, expressing concern that LightSquared’s L-band ground stations would interfere with agricultural GPS receivers they use to guide the application of fertilizers and pesticides. The charge was led by John Deere, a high-profile manufacturer of agricultural GPS devices.

International opposition to the LightSquared plan also mounted. The European Commission expressed opposition because it feared the high-powered ground stations would interfere with reception of its Galileo satnav system signals aboard aircraft fitted with that satnav system operating in U.S. airspace.

LightSquared responded by claiming that GPS receiver manufacturers design and build defective equipment, making it susceptible to interference outside of the protected 1559- to 1610-MHz frequency band. The firm said that “properly designed” GPS systems would suffer no such performance loss.

GPS manufacturers responded that the entire L-band sector from 1525 to 1559 MHz below the 1559- to 1610-MHz satellite navigation band, as well as the 1610 to 1660.5 MHz above the band, always was intended to be a “quiet” or low signal strength spectrum neighborhood. There was consensus among legacy L-band licensees that all users would whisper signals, not roar them.

As an aside, Inmarsat was noticeably absent from the LightSquared versus GPS battles even though it would share L-band spectrum with LightSquared if its system becomes operational. Inmarsat already had reaped sizable revenues from its agreements with LightSquared to shift frequencies to avoid interference from its ground station network. Because Inmarsat primarily serves users who operate in overwater and remote areas, LightSquared’s proposed network of higher-powered ground stations in the U.S. posed no threat of interference.

United Defense, Uncertain Outcome

GPS interference tests were conducted in 2010 by a technical working group, commissioned by the National Telecommunications
and Information Administration (NTIA). The group included RTCA GPS experts and LightSquared representatives. It concluded that LightSquared’s high-powered ATCs indeed could pose a threat to GPS. Further research would be needed to quantify the

In January 2012, the National Executive Committee for Space-Based Positioning, Navigation and Timing (PNT), wrote a letter to the FCC and NTIA stating that the nine federal departments and agencies it represents had reached a “unanimous conclusion” that LightSquared’s original and subsequently scaled-back plans for ATCs “would cause harmful interference to many GPS receivers.” Moreover, the letter also stated that the FAA concluded that the ATCs would interfere with GPS-based TAWS boxes as well as GPS navigation systems.

With no “practical solutions or mitigations” available, PNT said that “no additional testing is warranted at this time.” It also added that PNT fully supports the White House’s plan to open up 500 MHz of spectrum for wireless broadband. The letter was signed by deputy secretaries of Defense and Transportation Ashton Carter and John Porcari, respectively, who are executive committee co-chairmen.

LightSquared immediately complained that the GPS interference tests were rigged to put its proposed system at a disadvantage. But the firm now isn’t just battling Trimble, Garmin, Deere and other GPS manufacturers. It’s going up against the federal government.

If the FCC and NTIA disapprove LightSquared’s plan, the company financially plunges into very hot water. Billions have been invested in the technology by Harbinger Capital Partners and time is running out before marketing partners lose patience and possibly back out of agreements. Sprint, for instance, set a Jan. 31, 2012, deadline for LightSquared to gain necessary approvals to proceed with network development.

With so much at stake on both sides, the outcome of the battle between LightSquared and the GPS community is uncertain. The FCC and the White House want to make broadband as universally available to homes in the 21st century as electricity became available in the 20th century during the FDR administration.

“Politically, there’s a high degree of design to put Internet into every home,” comments one GPS expert. And LightSquared stands to reap billions in profits from wholesaling wireless broadband connectivity using the L-band spectrum.

GPS users, particularly the aviation community, have staked their future on L-band satnav. The standards for aviation grade WAAS receivers have been in place for more than a decade and thousands of boxes are in service today. Aviation industry groups claim it would take 10 to 15 years to develop and certify new GPS avionics that would be immune to interference from
LightSquared’s ground stations. Retrofitting the fleet with new gear would cost several billion dollars.

“The FCC jumped on approving LightSquared’s request before it considered the implications,” says another source. “You can’t just throw away safety services and the FAA’s next generation air traffic management system.”

“Effectively, the FCC is directing that a quiet-spectrum neighborhood be rezoned for concert rock bands at the threshold of pain. It is being suggested that its current neighbors should simply add more insulation and foot-thick windows to their houses,” says Bradford Parkinson, GPS pioneer and emeritus professor at Stanford University.

“Radio frequency spectrum is a limited natural resource. You can’t make more of it,” adds another source. L-band is appealing for wireless broadband because it suffers less signal loss in precipitation than Ku or Ka band. The demand for L-band could make the LightSquared versus GPS battle a zero sum game. One side has to lose for the other side to win.

But the battle over GPS is just one of many frequency spectrum struggles facing the aviation community. Civil users, for instance, are quietly gaining L-band spectrum near the 1435- to 1525-MHz band used for flight-test telemetry.

The military also has plenty of history on spectrum wars. Years ago, the FCC had to sort out a frequency use battle between DirectTV and Hughes Radar Systems, developer of the APQ-181 radar aboard the B-2 bomber. Later the FCC accidentally sold off that military-use frequency band to a multinational organization, requiring the U.S. Air Force to retrofit all 20 B-2
aircraft in service with a new radar. The loss of the B-2 radar band license is emblematic of problems the military is having with holding onto spectrum it needs for new technology systems while civilian users are demanding more capacity for video-capable PDAs and other high-speed wireless broadband applications.

Modern military aircraft, operating with airborne data links such as the Joint Tactical Information Distribution System, have need for large amounts of bandwidth. JTIDS, for instance, operates on 51 channels in the 969- to 1206-MHz range in the bottom of L-band. Neighboring L-band frequency spectrum being bought by civil users has the military scrambling for additional spectrum in other bands, potentially costing the Pentagon billions of dollars for new data link systems.

There also is a threat to aviation users from bandwidth hunters looking for spectrum above the 3.7-MHz upper limit specified in the National Broadband Plan. Now the spectrum neighborhood around the 4.2- to 4.4-GHz radio altimeter band is being eyed for other uses. Precise and reliable radio altimetry is vital to the functioning of GPWS boxes. It also is used by some digital flight control systems to trigger certain changes in control laws during landing.

But potential L-band encroachment remains the main concern for civil aviation users. The next generation of civil GPS receivers will use both the L-1 channel centered at 1575.42 MHz and the L-2 channel at 1227.6 MHz to increase position fixing precision.

The dual frequency system will enable receivers to detect and correct for ionospheric signal distortion. Eventually a third GPS channel, L-5 centered at 1176.45 MHz, will become available for safety services. Each channel will require 20 to 30 MHz bandwidth to be available to assure proper GPS receiver performance. That means there will be triple the number of L-band GPS frequencies that must be protected from encroachment from other users, particularly wireless broadband network service providers.

The message is clear. The LightSquared versus GPS battle was a harbinger of huge spectrum wars ahead. The aviation community initially was slow to respond to this latest threat to GPS operability, but it cannot afford to relax even as it, along with other GPS stakeholders, prevails on this single non-compatible frequency use issue.

Aviation users better be vigilant so that they can detect future frequency invaders in the early stages. They must mount a vigorous defense to prevent encroachment by the wireless broadband industry, among other non-aviation interests, if they are serious about building a 21st century air traffic management system.


FBI Shutdown March 8 (Top 10 Review)

Will the FBI Shut Down My Computer on March 8? Questions and Answers
You may have heard recently that the FBI will be "turning off the Internet" on March 8 for millions of computer users. That's not quite the case, but it's still a serious situation.
To clear up the misunderstandings about this problem, here is a list of frequently answered questions.

Will I lose Internet access on March 8?
Probably not. But to be sure, point your Web browser to http://dns-ok.us/ to find out. If you see green, you're fine.

What if I see red?
Then you've got a problem. The first thing to do will be to change some technical settings on your computer. Click here for instructions on how to do so. That will make sure you still have Internet access when the fateful day comes.

The second thing to do will be to update and run strong anti-virus software that will clean up your machine, because these particular malware infections are pretty nasty. You'll probably have to pay for the software. Here's a list of recommended anti-virus software.

 I'm using a Mac. Do I need to worry?
Yes. There are many forms of malware involved, and some affect Macs as well. Here's a list of Mac anti-virus software.

Any chance the deadline will be extended beyond March 8?
Yes. The government has asked a judge to extend it to July 9 — you can read the motion here — but many security professionals would like to stick to the original deadline.

Why? That seems awfully mean.
It's not really. The infected computers have to be cleaned up sometime, and it might as well be sooner rather than later.

But I'm only hearing about this now!
The mainstream press started reporting on this last week. In any case, you've still got time to fix the problem.

I'm still confused. What exactly happened?
(Deep breath.) For about five years, a cybercriminal ring based in Estonia ran a "clickjacking" scam that paid it every time people clicked on online ads it had placed. To boost revenue, the gang used various kinds of malware to infect millions of computers worldwide.

I don't get it.
Follow me here. The malware changed the infected machines' settings so that people searching for various things online would be redirected to webpages that the criminals controlled, and on which the criminals had placed the ads that made them money. Here's a YouTube video that shows how it worked. (Despite what happens in the video, the malware affects Firefox too.)

So what's wrong with that?
It doesn't sound so bad at first, but the gang defrauded online ad-placement companies of about $14 million over five years. Even worse, the gang's malware often disabled anti-virus and operating-system updates on the infected computers, leaving them vulnerable to other kinds of infection.

Wow. How many people were affected?
About four million computers were infected worldwide, including about a million in the U.S. The FBI explains it all here.

How did the malware infect computers?
Through "drive-by downloads" from infected Web pages, and through Trojan horses such as phony online-video software downloads.

How many people are still infected?
We don't know for certain. One estimate is that 500,000 U.S. users could lose Internet access on March 8. Another oft-cited figure states that half of the Fortune 500 companies have at least one infected computer, but if you read between the lines that could mean as few as 250 PCs.

I still don't get it. How did the infection affect Internet access?
When you type in a Web address, your computer doesn't actually understand what you're asking for. Instead, it looks up what you typed in on what's called a Domain Name System server, which tells your computer where to go. Most computers use the DNS server supplied by their Internet service providers.

I'm lost already. DNS what?
Think of a DNS server as a phone book that every Internet service provider has a copy of.

Okay. So the bad guys changed the phone books?
Exactly. And the fake phone books took infected computers to rogue websites where the bad guys put up ads.

Will this affect email as well?
Yes. DNS servers also translate Internet addresses for email software.

So what does the FBI have to do with this?
The Estonian gang was finally busted in early November of last year in what was called "Operation Ghost Click." Here's the indictment if you want to read it.
The FBI shut down the rogue DNS servers — there were about 100 of them — but in order to keep all those infected users online, it got a court order to keep the fake phone books in place for another four months.

And that court order expires March 8?

So what happens then?
The fake phone books get taken offline and, because they'll no longer be able to translate Web addresses, so will all the infected machines still relying on them.

Why can't the FBI just keep them up longer without a court order? After all, they're part of the government.
The FBI isn't actually running those servers. That's being handled by a non-profit company in Silicon Valley which isn't in the business of law enforcement, and it doesn't want to step into murky legal territory

Sabu and the FBI

The FBI has reportedly beheaded infamous hacker group LulzSec thanks to the group's leader, Hector "Sabu" Monsegur, who turned informant after his arrest last summer.

The Federal Bureau of Investigation has arrested three alleged members of the hacker group Lulz Security, and charged two others with conspiracy to commit crimes. According to Fox News, which broke the story, the international takedown was made possible by none other than Hector Xavier Monsegur, better known as “Sabu,” the alleged leader of LulzSec.

Monsegur reportedly turned FBI informant this summer after he was arrested and charged on 12 counts of hacking-related crimes. The 28-year-old resident of New York City, who Fox News describes as a “computer genius” and “one of the world’s most wanted criminal masterminds,” opted to betray his fellow hackers to avoid having to leave his two young children, according to the FBI.

One of the two agents who spoke with Fox News also characterized Monsegur as “brilliant, but lazy.”

Those charged include: Ryan Ackroyd, aka “Kayla” and Jake Davis, aka “Topiary,” both  of whom are from London; Darren Martyn, aka “pwnsauce” and Donncha O’Cearrbhail, aka “palladium,” both of Ireland; and Jeremy Hammond, aka “Anarchaos,” of Chicago. These individuals are allegedly the remaining top bass of LulzSec, and operated under Sabu/Monsegur.

After news of Monsegur’s reported betrayal, Anonymous spokesman Barrett Brown said on Twitter that his apartment “was raided this morning by the FBI,” and that agents “came to another residence where I actually was.” Brown was not arrested, but he said that the FBI “wanted laptops” instead.

“Sabu is a traitor,” he added.
LulzSec, a nefarious offshoot of the hacktivist collective Anonymous, began its digital campaign of chaos in late May of last year by hacking PBS.org, and posting a fake story that said deceased rapper Tupac Shakur was alive and living in New Zealand.

The “lulz” lasted for 50 days before the group called it quits. In that time, LulzSec successfully hit Web properties of Nintendo, FBI affiliate Infragard Atlanta, more than 50 porn sites, Bethesda software, 4Chan.org, CIA.gov, Senate.gov, a variety of websites owned by Sony, and various law enforcement agencies in Arizona. Some reported estimates put the damage caused by LulzSec in the billions of dollars, though we have not seen specific evidence to support this claim.

Sunday, 4 March 2012

Wikileaks Pairs with Anonymous to Publish Intelligence Firm’s Dirty Laundry

In an unprecedented collaboration between Anonymous and WikiLeaks, the secret spilling site began leaking Sunday night portions of a massive trove of e-mails from the private intelligence firm Stratfor that Anonymous obtained by hacking the company in December.

WikiLeaks did not mention the source of the reported five gigabytes of e-mails in its press release, but did say it has been working for months with 25 media outlets from around the world to analyze the documents.

The first batch of leaked e-mails purport to show that Stratfor monitored the political prankster group known as The Yes Men on behalf of Dow Chemical, which has been targeted by The Yes Men over the company’s handling of the Bhopal disaster. The e-mails also purport to show Stratfor’s attempt to set up an investment fund with a Goldman Sachs director to trade on the intelligence Stratfor collects, as well as give insight into how the private intelligence firm acquires, and sometimes pays for, information.

Stratfor, which bills itself as a private intelligence organization, sells its analyses of global politics to major corporations and government agencies.

Members of Anonymous with direct knowledge of the hack and transfer of data to WikiLeaks told Wired that the group decided to turn the information over to WikiLeaks because the site was more capable of analyzing and spreading the leaked information than Anonymous would be.

“WikiLeaks has great means to publish and disclose,” the anon told Wired. “Also, they work together with media in a way we don’t.”

“Basically, WL is the ideal partner for such stuff,” the anon continued. “Antisec acquires the shit, WL gets it released in a proper manner.” Antisec is the arm of Anonymous that is known for hacking into servers.

According to Antisec participants, Stratfor was targeted not just for its poor security, but also because of its client list, which includes major companies and government entities.

“We believe police and employees who work for the most significant fortune 500 companies are the most responsible for perpetuating the machinery of capitalism and the state,” said one Antisec participant in December, “That there will be repercussions for when you choose to betray the people and side with the rich ruling classes.”

Anons also told Wired that future collaborations with WikiLeaks could involve a series of hacks that will be announced, one after another, every Friday for the foreseeable future. If that happens, the Stratfor e-mail release could be the first sign of a new, powerful alliance between the two groups, each of which has vexed and angered the world’s most powerful governments and corporations.

When WikiLeaks received the documents on a server it controlled, it acknowledged the successful transfer with a coded, public Tweet, according to an anon with direct knowledge of the collaboration.

A document provided to Wired that could not be authenticated indicated that the media partners of WikiLeaks agreed to parcel out stories on the leaks over the coming week and a half. Those media partners do not include previous partners such as the Guardian and U.S. partners The New York Times and the Washington Post.

According to the document, e-mails about WikiLeaks and Anonymous will be disclosed Wednesday, followed by separate disclosures on Italy, the Middle East and then Asian countries including Pakistan, Afghanistan and India, among others. The project, code-named Rock Guitar, is officially named “The Global Intelligence Files.”

Stratfor had been aware that the e-mails would likely be published in some form by Anonymous, but said in January that the e-mails should not embarrass the company.

The collaboration between WikiLeaks and Anonymous is an odd couple pairing. WikiLeaks has largely crumbled over the last 18 months, due to internal disagreements over the management style and legal problems of its outspoken leader Julian Assange. By contrast, Anonymous is an amorphous group with no leadership structure.

If Anonymous continues feeding WikiLeaks with documents, the secret spilling site could return to a prominence that seemed lost due to technical difficulties, legal troubles, in-fighting and public fallings out with media partners in the wake of the site’s publication of a massive trove of U.S. documents in 2010 and 2011.

WikiLeaks’s alleged source for those documents, Pfc. Bradley Manning, is facing a U.S. army court martial and a possible sentence of life imprisonment.

As for how the collaboration between the two groups went, an anon with direct knowledge of it indicated that the new relationship had some tough moments.

“There were some natural tensions as usually can happen inside partnership,” the anon said. ”I hope this was only the beginning of a beautiful relationship.”