Showing posts with label over. Show all posts
Showing posts with label over. Show all posts
Monday, April 3, 2017
Stop the Obama administration from surrendering authority over the Internet
Stop the Obama administration from surrendering authority over the Internet
The "IANA Transition" took a big step forward this month and we are one step closer to the US government handing control over the DNS and IP numbering to a vaguely-defined group accountable, effectively, to nobody.
What with the weirdest Presidential election in my lifetime going on its easy to imagine important public policy events going unnoticed. One of them is that the Obama administration is moving closer to surrendering the US governments stewardship of the Internets numbering and naming systems.
To put it bluntly, I dont understand why we would do this. The only changes it could bring are bad ones. Once our authority over the parties administering core Internet infrastructure is gone, ultimate political control over it is gone. I think this is a bad thing. The US has done an admirable job of supervising the development of the Internet and theres no evidence that it has ever exerted untoward influence over the processes. I like the idea that the administrative bodies are clearly accountable to some clearly independent body.
We all know now that the Internet began as a US government project. Administration of parts of it was eventually outsourced, first to Network Solutions Inc and then to a non-profit corporation created just for the task: ICANN (the Internet Corporation for Assigned Names and Numbers). ICANN operates autonomously, but under a contract from the US government, specifically from the NTIA (National Telecommunications and Information Administration) in the US Department of Commerce.
In early March Lawrence E. Strickling, Assistant Secretary for Communications and Information and NTIA Administrator, reiterated the Obama administrations commitment to transfer their authority over the IANA, the part of ICANN which controls the numbering system, to "the global multistakeholder community." The community he names, in the form of the IANA Stewardship Transition Coordination Group (ICG), has delivered to the NTIA a formal proposal for the transition. Strickling says that the NTIA will be reviewing the proposal to make sure it meets their requirements, some of which are pure bureaucratic blather and some uncontroversial niceties.
This particular agreement deals only with the numbering system, not naming. Naming, in the form of control of the DNS root zone, is run by Verisign under a separate agreement with the NTIA, in cooperation with ICANN. But the administration has also announced their intention to surrender that authority.
The NTIA is much more directly involved in the DNS administration process (see image below). All changes to the root zone, the root-servers.net zone, and the root hints file must be approved by the NTIA acting as Root Zone Administrator.
The processes shown in the diagram have been significantly modernized in recent years, and public input is always sought when changes are proposed.
The NTIA function as Root Zone Administrator is just an extra check and so Verisigns proposal is simply to remove it. As a test, parallel authentication processes would be run for a time and compared for consistency. If there are none for some agreed period of time , success is declared and the new system goes hot.
This leaves ICANN and Verisign as the authoritative bodies controlling the DNS. A new agreement would be needed between ICANN and Verisign or, theoretically, whatever other body ICANN and the vaunted global multistakeholder community choose to operate as Root Zone Maintainer. No such agreement has yet been revealed.
Who is the "global multistakeholder community" to which the NTIA refers? Its basically the same shifty technocracy that has been running ICANN for a while, the one that makes gobs of money for themselves by creating top-level domains like .christmas and .florist. To replace the NTIA oversight functions they will create new entities, all part of ICANN. In other words, ICANN will police itself. The supervisory bodies will, in theory, have the ability to change operators for the numbering or naming systems, but Im skeptical.
There are potential legal problems with the proposed transition. See section 539(a) of the "Consolidated Appropriations Act, 2016" (i.e. the Federal budget), which forbids funds from being used "to relinquish the responsibility of the National Telecommunications and Information Administration, during fiscal year 2016..."
Then theres Article IV, Section 3 of the US Constitution: "The Congress shall have Power to dispose of and make all needful Rules and Regulations respecting the Territory or other Property belonging to the United States." Is the NTIAs authority over the naming and numbering systems on the Internet "Property belonging to the United States?" To my mind, obviously yes. Its certainly valuable and there are plenty of parties who would pay a lot of money to have it.
But Im not a lawyer. Internet law scholar and retired law professor David Post, blogging at the Volokh Conspiracy, disagrees with me, basically arguing that this authority is not "property" in any relevant sense. Obviously there is more than one way to look at this.
Many of you non-Americans are wondering why the US gets such authority. Easy. We made the Internet. Weve made sure that it could be as free and open as it is. Dont like it? Call your congressman. Its a good thing that the US government and not (oh, for example) the United Nations, has been in charge. The plan is not to put them in charge, but once clear authority is gone, who knows where it will end up.
Available link for download
Monday, March 20, 2017
Tips How To Enable Facetime Over 3g ios 5
Tips How To Enable Facetime Over 3g ios 5
How To Enable Facetime Over 3g ios 5 - As we know, FaceTime does not work over 3G on the iPhone. It works only on WiFi. Now the good news is that you can activate FaceTime over 3G on your iPhone running iOS 5.
You do not need WiFi to make FaceTime video calls on your iPhone and also you do not need to install any jailbreak tweak on your iPhone. FSM has found a way to use that you can enable FaceTime over 3G feature on the iPhone. The most interesting is that iOS 5 includes FaceTime over 3G feature by default, but Apple has disabled this feature. Now you can activate this feature. FaceTime Over 3G you should note that you will need to have a jailbroken iPhone to enable FaceTime over 3G feature.
If you do not have jailbroken iPhone then you can follow the steps posted here to jailbreak your iPhone on iOS 5 using Redsn0w or you can follow the steps posted here to jailbreak your iPhone on iOS 5.0.1 using Redsn0w. After jailbreaking your iPhone, follow the steps posted below to activate FaceTime over 3G on your iPhone How to Enable FaceTime Over 3G Feature in iOS 5
1. First you have to buy iFile from Cydia.
2. You must go to the following address on your iPhone filesystem using iFile:
/ System / Library / CoreServices / SpringBoard.app /
3. Search N90AP.plist
4. Open the plist file and add the following line at the top of the line 720p </ key>.:
3Gvenice </ key>
You do not need WiFi to make FaceTime video calls on your iPhone and also you do not need to install any jailbreak tweak on your iPhone. FSM has found a way to use that you can enable FaceTime over 3G feature on the iPhone. The most interesting is that iOS 5 includes FaceTime over 3G feature by default, but Apple has disabled this feature. Now you can activate this feature. FaceTime Over 3G you should note that you will need to have a jailbroken iPhone to enable FaceTime over 3G feature.
If you do not have jailbroken iPhone then you can follow the steps posted here to jailbreak your iPhone on iOS 5 using Redsn0w or you can follow the steps posted here to jailbreak your iPhone on iOS 5.0.1 using Redsn0w. After jailbreaking your iPhone, follow the steps posted below to activate FaceTime over 3G on your iPhone How to Enable FaceTime Over 3G Feature in iOS 5
1. First you have to buy iFile from Cydia.
2. You must go to the following address on your iPhone filesystem using iFile:
/ System / Library / CoreServices / SpringBoard.app /
3. Search N90AP.plist
4. Open the plist file and add the following line at the top of the line
Available link for download
Thursday, December 29, 2016
US government pushed tech firms to hand over source code
US government pushed tech firms to hand over source code
Obtaining a companys source code makes it radically easier to find security flaws and vulnerabilities for surveillance and intelligence-gathering operations.
The US courthouse in Washington DC which houses the secret Foreign Intelligence Surveillance Court, which authorizes the governments surveillance operations.
NEW YORK -- The US government has made numerous attempts to obtain source code from tech companies in an effort to find security flaws that could be used for surveillance or investigations.
The government has demanded source code in civil cases filed under seal but also by seeking clandestine rulings authorized under the secretive Foreign Intelligence Surveillance Act (FISA), a person with direct knowledge of these demands told ZDNet. Were not naming the person as they relayed information that is likely classified.
With these hearings held in secret and away from the public gaze, the person said that the tech companies hit by these demands are losing "most of the time."
When asked, a spokesperson for the Justice Dept. acknowledged that the department has demanded source code and private encryption keys before. In a recent filing against Apple, the government cited a 2013 case where it won a court order demanding that Lavabit, an encrypted email provider said to have been used by whistleblower Edward Snowden, must turn over its source code and private keys. The Justice Dept. used that same filing to imply it would, in a similar effort, demand Apples source code and private keys in its ongoing case in an effort to compel the companys help by unlocking an iPhone used by the San Bernardino shooter.
Asked whether the Justice Dept. would demand source code in the future, the spokesperson declined to comment.
Its not uncommon for tech companies to refer to their source code as the "crown jewel" of their business. The highly sensitive code can reveal future products and services. Source code can also be used to find security vulnerabilities and weaknesses that government agencies could use to conduct surveillance or collect evidence as part of ongoing investigations.
Given to a rival or an unauthorized source, the damage can be incalculable.
We contacted more than a dozen tech companies in the Fortune 500. Unsurprisingly, none would say on the record if they had ever received such a request or demand from the government.
Cisco said in an emailed statement: "We have not and we will not hand over source code to any customers, especially governments."
IBM referred to a 2014 statement saying that the company does not provide "software source code or encryption keys to the NSA or any other government agency for the purpose of accessing client data." A spokesperson confirmed that the statement is still valid, but did not comment further on whether source code had been handed over to a government agency for any other reason.
Microsoft, Juniper Networks, and Seagate declined to comment.
Dell and EMC did not comment at the time of publication. Lenovo, Micron, Oracle, Texas Instruments, and Western Digital did not respond to requests for comment. (If this changes, we will provide updates.)
Apples software chief Craig Federighi said in a sworn court declaration this week alongside the companys latest bid to dismiss the governments claims in the San Bernardino case that Apple has never revealed its source code to any government.
"Apple has also not provided any government with its proprietary iOS source code," wrote Federighi.
"While governmental agencies in various countries, including the United States, perform regulatory reviews of new iPhone releases, all that Apple provides in those circumstances is an unmodified iPhone device," he said.
The declaration was in part to allay fears (and the US governments claims) that it had modified iPhone software to agree to Chinas security checks, which include turning over source code to its inspectors.
But even senior tech executives may not know if their source code or proprietary technology had been turned over to the government, particularly if the order came from the Foreign Intelligence Surveillance Court (FISC).
The secretive Washington DC-based court, created in 1979 to oversee the governments surveillance warrants, has authorized more than 99 percent of all surveillance requests. The court has broad-sweeping powers to force companies to turn over customer data via clandestine surveillance programs and authorize US intelligence agencies to record an entire foreign countrys phone calls, as well as conduct tailored hacking operations on high-value targets.
FISA orders are generally served to a companys general counsel, or a "custodian of records" within the legal department. (Smaller companies that cant afford their own legal departments often outsource their compliance to third-party companies.) These orders are understood to be typically for records or customer data.
These orders are so highly classified that simply acknowledging an orders existence is illegal, even a companys chief executive or members of the board may not be told. Only those who are necessary to execute the order would know, and would be subject to the same secrecy provisions.
Given that Federighi heads the division, it would be almost impossible to keep from him the existence of a FISA order demanding the companys source code.
It would not be the first time that the US government has reportedly used proprietary code and technology from American companies to further its surveillance efforts.
Top secret NSA documents leaked by whistleblower Edward Snowden, reported in German magazine Der Spiegel in late-2013, have suggested some hardware and software makers were compelled to hand over source code to assist in government surveillance.
The NSAs catalog of implants and software backdoors suggest that some companies, including Dell, Huawei, and Juniper -- which was publicly linked to an "unauthorized" backdoor -- had their servers and firewall products targeted and attacked through various exploits. Other exploits were able to infiltrate firmware of hard drives manufactured by Western Digital, Seagate, Maxtor, and Samsung.
Last year, antivirus maker and security firm Kaspersky later found evidence that the NSA had obtained source code from a number of prominent hard drive makers -- a claim the NSA denied -- to quietly install software used to eavesdrop on the majority of the worlds computers.
"There is zero chance that someone could rewrite the [hard drive] operating system using public information," said one of the researchers.
Available link for download
Subscribe to:
Posts (Atom)