Microsoft's "Scroogled" campaign (no relation) boastfully compared Hotmail's privacy framework to Gmail's, condemning Google for "reading your mail." Now, Microsoft has admitted that it scoured the Hotmail messages belonging the contacts of a suspected leaker in order to secure his arrest, and points out that Hotmail's terms of service have always given Microsoft the right to read your personal mail for any of a number nebulously defined, general reasons.
The company says that is had an undisclosed "rigorous process" to determine when it is allowed to read and publish your private email. In a statement, it sets out what the process will be from now on (though it doesn't say what the process has been until now) and vows to include the instances in which it reads its users' mail in its transparency reports, except when it is secretly reading the Hotmail accounts of people who also work for Microsoft.
Here's a PGP tool that claims to work with Hotmail, and would theoretically leave your Hotmail messages unreadable to Microsoft, though the company could still mine your metadata (subject lines, social graph, etc).
Read the rest
An en banc (all the 11/20 judges together) decision from the 9th Circuit has affirmed that you have the right to expect that your laptop and other devices will not be forensically examined without suspicion at the US border. It's the first time that a US court has upheld electronic privacy rights at the border, and the court also said that using an encrypted device that can't be casually searched is not grounds for suspicion. The judges also note that the prevalence of cloud computing means that searching at the border gives cops access to servers located all over the world. At TechDirt, Mike Masnick has some great analysis of this welcome turn of events:
Read the rest
The ruling is pretty careful to strike the right balance on the issues. It notes that a cursory review at the border is reasonable:
Officer Alvarado turned on the devices and opened and viewed image files while the Cottermans waited to enter the country. It was, in principle, akin to the search in Seljan, where we concluded that a suspicionless cursory scan of a package in international transit was not unreasonable.
But going deeper raises more questions. Looking stuff over, no problem. Performing a forensic analysis? That goes too far and triggers the 4th Amendment. They note that the location of the search is meaningless to this analysis (the actual search happened 170 miles inside the country after the laptop was sent by border agents to somewhere else for analysis). So it's still a border search, but that border search requires a 4th Amendment analysis, according to the court.
Today on XKCD's "What If...?", Randall Monroe runs the numbers of when and whether the Internet's throughput will ever exceed FedEx's sneakernet file-transfer capacity (one interesting note here: why not treat FedEx's trucks and planes full of hard-drives and SD cards as part of the Internet? After all, you book your FedEx pickup over TCP/IP, track it over TCP/IP, and pay for it over TCP/IP).
Cisco estimates that total internet traffic currently averages 167 terabits per second. FedEx has a fleet of 654 aircraft with a lift capacity of 26.5 million pounds daily. A solid-state laptop drive weighs about 78 grams and can hold up to a terabyte.
That means FedEx is capable of transferring 150 exabytes of data per day, or 14 petabits per second—almost a hundred times the current throughput of the internet.
If you don’t care about cost, this ten-kilogram shoebox can hold a lot of internet
We can improve the data density even further by using MicroSD cards:
Those thumbnail-sized flakes have a storage density of up to 160 terabytes per kilogram, which means a FedEx fleet loaded with MicroSD cards could transfer about 177 petabits per second, or two zettabytes per day—a thousand times the internet’s current traffic level. (The infrastructure would be interesting—Google would need to build huge warehouses to hold a massive card-processing operation.)
So the interesting thing here is the implicit critique of cloud computers. Leave aside the fact that a cloud computer is like a home computer, except that you're only allowed to use it if the phone company says so. Read the rest
The cheaper Chromebooks that Google introduced last month don't deserve credit for being a cheap way to read e-mail and surf the web: any smartphone meets that specification. But the $249 Samsung model I've been testing for the past two weeks also plausibly replaces a low-end laptop.
The Pirate Bay has moved its servers into a network of cloud-based hosting services around the world, making it less vulnerable to police raids. I wonder how well this will work, though: cloud providers are very vulnerable to police threats, since the cops can always threaten to take down all the cloud's customers in order to seize a target's processes and data. More from TorrentFreak's Ernesto:
“Running on VMs cuts down operation costs and complexity. For example, we never need anyone to do hands-on work like earlier this month when we were down for two days because someone had to fix a broken power distribution unit,” The Pirate Bay says.
The setup also makes it possible for the BitTorrent site to take their business elsewhere without too much hassle.
“If one cloud-provider cuts us off, goes offline or goes bankrupt, we can just buy new virtual servers from the next provider. Then we only have to upload the VM-images and reconfigure the load-balancer to get the site up and running again.”
Pirate Bay Moves to The Cloud, Becomes Raid-Proof
Read the rest
Owners of Cisco/Linksys home routers got a nasty shock this week, when their devices automatically downloaded a new operating system, which locked out device owners. After the update, the only way to reconfigure your router was to create an account on Cisco's "cloud" service, signing up to a service agreement that gives Cisco the right to spy on your Internet use and sell its findings, and also gives them the right to disconnect you (and lock you out of your router) whenever they feel like it.
They say that "if you're not paying for the product, you are the product." But increasingly, even if you do pay for the product, you're still the product, and you aren't allowed to own anything. Ownership is a right reserved to synthetic corporate persons, and off-limits to us poor meat-humans.
Joel Hruska from ExtremeTech reports:
Read the rest
This is nothing but a shameless attempt to cash in on the popularity of cloud computing, and it comes at a price. The Terms and Conditions of using the Cisco Connect Cloud state that Cisco may unilaterally shut down your account if finds that you have used the service for “obscene, pornographic, or offensive purposes, to infringe another’s rights, including but not limited to any intellectual property rights, or… to violate, or encourage any conduct that would violate any applicable law or regulation or give rise to civil or criminal liability.”
It then continues “we reserve the right to take such action as we (i) deem necessary or (ii) are otherwise required to take by a third party or court of competent jurisdiction, in each case in relation to your access or use or misuse of such content or data.
Mark sez, "Charity Engine
has a new twist on volunteer computing: using surplus, wasted PC resources to raise money for major charities including Oxfam, Amnesty, MSF and CARE - and also for huge prize draws for everyone running it. Based on UC Berkeley's famous BOINC software, the Charity Engine grid is hired to science and industry as a super-cheap supercomputer, then the profits given to the charities and volunteers. It's already paid out over $30,000. The app only uses a tiny bit of electricity and generates far more for the good causes - and the prize draws - than it costs to run. Free to download, Charity Engine is available now for PC and Mac." Read the rest
If you're one of the millions of MegaUpload customers whose data is endangered by the entertainment industry's legal action against the company, EFF wants to help you get your files back. They've teamed up with Carpathia Hosting, the company that hosts MegaUpload's servers, and created Megeretreival.com. The US DoJ's plan to destroy the files -- and the evidence! -- hosted on MegaUpload's servers has been delayed by two weeks, and the Electronic Frontier Foundation will use that gap to advocate on behalf of users whose financial data, personal files, movies, videos, writing, and creative work were hosted on MegaUpload.
EFF is troubled that so many lawful users of Megaupload.com had their property taken from them without warning and that the government has taken no steps to help them. We think it's important that these users have their voices heard as this process moves forward.
~ Julie Samuels
Staff Attorney at EFF
Carpathia does not have access to any data for Megaupload customers. We support the EFF and their efforts to help those users that stored legitimate, non-infringing files with Megaupload retrieve their data.
~ Brian Winter
CMO of Carpathia Hosting
Megaupload's hosting company teams up with EFF to identify legal files
Read the rest
Server farms generate so much heat that they have to run air conditioning year round. That requires energy, which costs money and tends to mean burning more fossil fuels. Meanwhile, in winter, a lot of houses are cold. The people who live there have to turn on the heat, which costs money and tends to mean burning more fossil fuels.
So here's an idea: Why not distribute the hardware from a server farm, putting heat-producing equipment in houses that actually need the heat?
Read the rest
If a home has a broadband Internet connection, it can serve as a micro data center. One, two or three cabinets filled with servers could be installed where the furnace sits and connected with the existing circulation fan and ductwork. Each cabinet could have slots for, say, 40 motherboards — each one counting as a server. In the coldest climate, about 110 motherboards could keep a home as toasty as a conventional furnace does.
The rest of the year, the servers would still run, but the heat generated would be vented to the outside, as harmless as a clothes dryer’s. The researchers suggest that only if the local temperature reached 95 degrees or above would the machines need to be shut down to avoid overheating. (Of course, adding a new outside vent on the side of the house could give some homeowners pause.)
According to the researchers’ calculations, a conventional data center must invest about $400 a year to run each server, or about $16,000 for a cabinet filled with 40 of them.
The Tor project, whose network tool helps people avoid online censorship, works by bouncing traffic around several different computers before it reaches its destination. The more computers there are in the Tor network, the better it works. Now, Tor's developers want its supporters to set up Tor "bridges" on Amazon's cloud computing platform, EC2. EC2 has a free introductory offer and there's an easy Tor image that is configured and ready to go -- but if you don't qualify for the free offer, you can donate a powerful Tor bridge for as little as $30 a month, and help people all over the world who want to be more anonymous and more private.
Setting up a Tor bridge on Amazon EC2 is simple and will only take you a couple of minutes. The images have been configured with automatic package updates and port forwarding, so you do not have to worry about Tor not working or the server not getting security updates.
You should not have to do anything once the instance is up and running. Tor will start up as a bridge, confirm that it is reachable from the outside, and then tell the bridge authority that it exists. After that, the address for your bridge will be given out to users.
Run Tor as a bridge in the Amazon Cloud
Read the rest
Robert Spahr, an assistant professor at Southern Illinois University Department of Cinema & Photography, writes,
I wanted to let you know that we are not only in the
middle of a labor strike, but most importantly, a public university has
shown by their actions, the dangers of Cloud Computing.
The University has disabled faculty email, and locked them out of their
personal work contained in Blackboard (a course
management system) as well as censoring pro-union comments from the
official University Facebook page.
Myself, and some fellow faculty and students quickly produced a blog
and Twitter feed to combat this censorship.
Turns out the uni isn't just nuking pro-union statements, but any questions about the labor dispute posted by its students and other stakeholders.
Read the rest
Jesse Anderson set out to recreate every single work of Shakespeare at the same time by means of virtual monkeys that are simulated on Amazon's cloud computing platform. One million virtual monkeys create virtual text around the clock, and if any of that text matches any of Shakespeare, it is saved to the repository.
On September 23d, the monkeys recreated A Lover's Complaint.
For this project, I used Hadoop, Amazon EC2, and Ubuntu Linux. Since I don’t have real monkeys, I have to create fake Amazonian Map Monkeys. The Map Monkeys create random data in ASCII between a and z. It uses Sean Luke’s Mersenne Twister to make sure I have fast, random, well behaved monkeys. Once the monkey’s output is mapped, it is passed to the reducer which runs the characters through a Bloom Field membership test. If the monkey output passes the membership test, the Shakespearean works are checked using a string comparison. If that passes, a genius monkey has written 9 characters of Shakespeare. The source material is all of Shakespeare’s works as taken from Project Gutenberg.
Read the rest