Re: [liberationtech] skype

2013-03-21 Thread Yosem Companys
That was one reason Diaspora did well initially. They focused on good
design and didn't open source that.  There should be a civic Pivotal,
like a Mozilla, to help sound technical projects do great design.

On Thu, Mar 21, 2013 at 7:36 PM, Griffin Boyce  wrote:
> Brian Conley  wrote:
>>
>> I don't think its always that superior technical solutions *can't* provide
>> better branding/usability, its that they choose NOT to, or in the past have
>> even demonized anyone who thinks there is value in such things.
>>
>> luckily this is changing!
>> B
>
>
>   I agree, but also some projects don't have capable graphics people on
> their staff (for whatever reason). Public-facing open-source projects in
> general need to get it together design-wise.
>
> ~Griffin
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] skype

2013-03-21 Thread Griffin Boyce
Brian Conley  wrote:

> I don't think its always that superior technical solutions *can't* provide
> better branding/usability, its that they choose NOT to, or in the past have
> even demonized anyone who thinks there is value in such things.
>
> luckily this is changing!
> B
>

  I agree, but also some projects don't have capable graphics people on
their staff (for whatever reason). Public-facing open-source projects in
general need to get it together design-wise.

~Griffin
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Eric S Johnson
> I wrote to them and asked these questions, as well as a few others.
> 
> What other questions should we pose to them, I wonder?

Why are RU and CN (most glaringly) absent from the first chart enumerating
the number (and type) of requests by country? It's hard to believe those
countries' security services have no interest in (non-Skype) Microsoft data.
Is MS defining those countries as having no legal standing to request MS
data, and therefore any requests from them would be rejected out-of-hand?

"We provide SSL encryption for Microsoft services and Skype-Skype calls on
our full client (for full function computers) are encrypted on a
peer-to-peer basis; however, no communication method is 100% secure. For
example ... users of the Skype thin client (used on smartphones, tablets and
other hand-held devices) route communications over a wireless or mobile
provider network."
--Is the implication that the Skype clients used on smartphones
don't provide the same end-to-end encrypted-by-session-specific-keys level
of security that the Skype for Windows client does?

"Skype received 4,713 requests from law enforcement. ... Skype produced no
content in response to these requests."
--It's hard to believe that LEAs never validly requested a record of
a Skype user's IM sessions. Perhaps LEAs don't know those data exist?

Best,
Eric

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] skype

2013-03-21 Thread Michael Carbone
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Anyone looked into the reports that Skype leaks your IP address?
Apparently you do not have to interact with the person whose location
you are interested in to be able to get their IP address.

https://krebsonsecurity.com/2013/03/privacy-101-skype-leaks-your-location/

http://blogs.wsj.com/cio/2012/05/01/skype-knew-of-security-flaw-since-november-2010-researchers-say/

Michael

On 03/21/2013 07:12 PM, Yosem Companys wrote:
> Yes.  I meant that the superior technical solution could not
> provide better branding/usability in my hypothetical example.
> There are plenty of examples of superior technologies having great
> branding. Case in point is Procter & Gamble, which is successful in
> part because it only makes marketing investments in products with
> superior technologies because its research has consistently shown
> that consumers aren't loyal to a product unless it demonstrates
> technical merit in use.  In other words, you can persuade people to
> try your product, but if it is not technically superior, they will
> use your competitor's,
> 
> On Thu, Mar 21, 2013 at 4:04 PM, Brian Conley
>  wrote:
>> +1 Yosem, except I take issue with the last point.
>> 
>> I don't think its always that superior technical solutions
>> *can't* provide better branding/usability, its that they choose
>> NOT to, or in the past have even demonized anyone who thinks
>> there is value in such things.
>> 
>> luckily this is changing!
>> 
>> B
>> 
>> On Thu, Mar 21, 2013 at 2:36 PM, Yosem Companys
>>  wrote:
>>> 
>>> Rich, that's because you're not thinking like the average
>>> non-technical user, who usually does the following:
>>> 
>>> The user hears from a friend that she can make calls for free
>>> over Skype. So she clicks on the Skype link.  Skype has
>>> millions of users, meaning it will be around for a while. The
>>> Skype website looks visually attractive, meaning that it must
>>> have a lot of developers.  More recently, it is owned by
>>> Microsoft, which the user trusts for similar reasons.  "Most
>>> large, stable, visually-striking brands can be trusted," the
>>> user thinks.  She doesn't think for she doesn't know that
>>> "Microsoft has been attacked a lot."
>>> 
>>> Now, the user installs Skype.  She clicks through a few steps,
>>> easy enough.  That's a low barrier to adoption.
>>> 
>>> Next, the user sees all their family and friends on there.
>>> "Great," she thinks. "Now I can call that friend who told me to
>>> install it."
>>> 
>>> After that, the user reads in a news article that Skype is
>>> insecure. "That sucks," she thinks. "But it's not like I do
>>> anything confidential on there anyway."  Or, perhaps, she
>>> thinks, "I haven't done anything wrong, so who cares if I'm
>>> being watched. I'm glad the government is looking out for those
>>> terrorists."
>>> 
>>> To the extent that the user cares about security, now she needs
>>> to figure out what's the best secure alternative out there.
>>> But notice what happens: There's no large, established
>>> competitor that is secure.  Those competitors don't have
>>> brands.
>>> 
>>> To the extent that the user finds a secure competitor, say
>>> because Consumer Reports published an article on it (for the
>>> average non-technical user may not know of EFF), then she might
>>> click and check it out.  She might ask her family and friends.
>>> But their family and friends have never heard of it and, even
>>> worse, are not on it.
>>> 
>>> "I care about my security," she may think. "So I will try it
>>> anyway."  But all the time it gnaws at her that she doesn't
>>> know the competitor's name and that she has to take a leap of
>>> faith to install it.  The company says it's open source.  "What
>>> the heck does that mean?"  She thinks.  "What if this company
>>> is untrustworthy?  What if this company goes under and sells
>>> my data?  What if..."  Too many barriers to adoption.
>>> 
>>> We always think, "let's make the most private and secure
>>> solution," forgetting that users care about many brand
>>> attributes that the most superior technical solution can't
>>> provide.
>>> 
>>> On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec 
>>> wrote:
 On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts
 wrote:
> One is tempted to suggest using other than Skype.
> Alternatives exist, and these are secure, at least
> according to their claims. As well, Skype's code is not
> transparent, in the way that other, open source, 
> applications' are.
 
 I'm more than tempted: I can't understand why anyone would
 even consider using Skype.  It's closed-source, therefore it
 must be presumed insecure. Nothing Microsoft says about it
 can be trusted.  There is reason to believe that it's been
 successfully attacked by third parties.  &etc.
 
 I dunno 'bout y'all, but I think that's enough to blacklist
 it permanently. Done.  Over.  Next?
 
 ---rsk -- T

Re: [liberationtech] reply-all

2013-03-21 Thread Griffin Boyce
I totally agree. I love the discussions that ensue (even if my replies tend
to be rather long)

Crazy-long signatures and the contents of the last few messages aren't
really necessary.

~Griffin

On Thu, Mar 21, 2013 at 11:41 AM, Courtney Radsch  wrote:

> I vote reply all (list) as default. I learn a lot from these discussions,
> although I wish people could erase as much as possible of the quoted email
> in their reply...
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Enrique Piraces
Reply to all.

Best,
Enrique Piracés
Human Rights Watch
https://www.hrw.org
https://www.twitter.com/epiraces

On Mar 20, 2013, at 9:17 PM, Yosem Companys wrote:

Dear Liberationtech list subscribers,

Several of you have petitioned to change Liberationtech mailing list's default 
"reply to" option from "reply-to-all" to "reply-to-poster."  Given the debate 
(see links below), we have decided to put the issue up for a vote:

  *   Do you want replies to Liberationtech list messages directed to 
"reply-to-all" or "reply-to-poster"?

Please vote by submitting your preference to me by 11.59 pm PST on Sunday, 
March 24, 2013.  Any votes received after this date and time will not be 
counted.

Thanks,

Yosem
One of your moderators

PS  To read a summary of the advantages and disadvantages of "reply-to-all", 
click on the corresponding links below:

  *   Reply-to-all considered useful: 
http://marc.merlins.org/netrants/reply-to-useful.html
  *   Reply-to-all considered harmful: 
http://www.unicom.com/pw/reply-to-harmful.html

If you'd like to read the entire debate on the Liberationtech list, please 
click on the links below:

http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing 
your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] skype

2013-03-21 Thread Yosem Companys
Yes.  I meant that the superior technical solution could not provide
better branding/usability in my hypothetical example.  There are
plenty of examples of superior technologies having great branding.
Case in point is Procter & Gamble, which is successful in part because
it only makes marketing investments in products with superior
technologies because its research has consistently shown that
consumers aren't loyal to a product unless it demonstrates technical
merit in use.  In other words, you can persuade people to try your
product, but if it is not technically superior, they will use your
competitor's,

On Thu, Mar 21, 2013 at 4:04 PM, Brian Conley  wrote:
> +1 Yosem, except I take issue with the last point.
>
> I don't think its always that superior technical solutions *can't* provide
> better branding/usability, its that they choose NOT to, or in the past have
> even demonized anyone who thinks there is value in such things.
>
> luckily this is changing!
>
> B
>
> On Thu, Mar 21, 2013 at 2:36 PM, Yosem Companys 
> wrote:
>>
>> Rich, that's because you're not thinking like the average non-technical
>> user, who usually does the following:
>>
>> The user hears from a friend that she can make calls for free over Skype.
>> So she clicks on the Skype link.  Skype has millions of users, meaning it
>> will be around for a while. The Skype website looks visually attractive,
>> meaning that it must have a lot of developers.  More recently, it is owned
>> by Microsoft, which the user trusts for similar reasons.  "Most large,
>> stable, visually-striking brands can be trusted," the user thinks.  She
>> doesn't think for she doesn't know that "Microsoft has been attacked a lot."
>>
>> Now, the user installs Skype.  She clicks through a few steps, easy
>> enough.  That's a low barrier to adoption.
>>
>> Next, the user sees all their family and friends on there.  "Great," she
>> thinks. "Now I can call that friend who told me to install it."
>>
>> After that, the user reads in a news article that Skype is insecure.
>> "That sucks," she thinks. "But it's not like I do anything confidential on
>> there anyway."  Or, perhaps, she thinks, "I haven't done anything wrong, so
>> who cares if I'm being watched. I'm glad the government is looking out for
>> those terrorists."
>>
>> To the extent that the user cares about security, now she needs to figure
>> out what's the best secure alternative out there.  But notice what happens:
>> There's no large, established competitor that is secure.  Those competitors
>> don't have brands.
>>
>> To the extent that the user finds a secure competitor, say because
>> Consumer Reports published an article on it (for the average non-technical
>> user may not know of EFF), then she might click and check it out.  She might
>> ask her family and friends.  But their family and friends have never heard
>> of it and, even worse, are not on it.
>>
>> "I care about my security," she may think. "So I will try it anyway."  But
>> all the time it gnaws at her that she doesn't know the competitor's name and
>> that she has to take a leap of faith to install it.  The company says it's
>> open source.  "What the heck does that mean?"  She thinks.  "What if this
>> company is untrustworthy?  What if this company goes under and sells my
>> data?  What if..."  Too many barriers to adoption.
>>
>> We always think, "let's make the most private and secure solution,"
>> forgetting that users care about many brand attributes that the most
>> superior technical solution can't provide.
>>
>> On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec  wrote:
>> > On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote:
>> >> One is tempted to suggest using other than Skype. Alternatives exist,
>> >> and these are secure, at least according to their claims. As well,
>> >> Skype's code is not transparent, in the way that other, open source,
>> >> applications' are.
>> >
>> > I'm more than tempted: I can't understand why anyone would even consider
>> > using Skype.  It's closed-source, therefore it must be presumed
>> > insecure.
>> > Nothing Microsoft says about it can be trusted.  There is reason to
>> > believe
>> > that it's been successfully attacked by third parties.  &etc.
>> >
>> > I dunno 'bout y'all, but I think that's enough to blacklist it
>> > permanently.
>> > Done.  Over.  Next?
>> >
>> > ---rsk
>> > --
>> > Too many emails? Unsubscribe, change to digest, or change password by
>> > emailing moderator at compa...@stanford.edu or changing your settings at
>> > https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>>
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
>
> --
>
>
>
> Brian Conley
>
> Director, Small World News
>
> http://smallworldnews.tv
>
> m: 646.285.2046
>
> Skype: brianjoelconley
>
>
>
> --
> Too many em

Re: [liberationtech] skype

2013-03-21 Thread Brian Conley
+1 Yosem, except I take issue with the last point.

I don't think its always that superior technical solutions *can't* provide
better branding/usability, its that they choose NOT to, or in the past have
even demonized anyone who thinks there is value in such things.

luckily this is changing!

B

On Thu, Mar 21, 2013 at 2:36 PM, Yosem Companys wrote:

> Rich, that's because you're not thinking like the average non-technical
> user, who usually does the following:
>
> The user hears from a friend that she can make calls for free over Skype.
>  So she clicks on the Skype link.  Skype has millions of users, meaning it
> will be around for a while. The Skype website looks visually attractive,
> meaning that it must have a lot of developers.  More recently, it is owned
> by Microsoft, which the user trusts for similar reasons.  "Most large,
> stable, visually-striking brands can be trusted," the user thinks.  She
> doesn't think for she doesn't know that "Microsoft has been attacked a lot."
>
> Now, the user installs Skype.  She clicks through a few steps, easy
> enough.  That's a low barrier to adoption.
>
> Next, the user sees all their family and friends on there.  "Great," she
> thinks. "Now I can call that friend who told me to install it."
>
> After that, the user reads in a news article that Skype is insecure.
>  "That sucks," she thinks. "But it's not like I do anything confidential on
> there anyway."  Or, perhaps, she thinks, "I haven't done anything wrong, so
> who cares if I'm being watched. I'm glad the government is looking out for
> those terrorists."
>
> To the extent that the user cares about security, now she needs to figure
> out what's the best secure alternative out there.  But notice what happens:
>  There's no large, established competitor that is secure.  Those
> competitors don't have brands.
>
> To the extent that the user finds a secure competitor, say because
> Consumer Reports published an article on it (for the average non-technical
> user may not know of EFF), then she might click and check it out.  She
> might ask her family and friends.  But their family and friends have never
> heard of it and, even worse, are not on it.
>
> "I care about my security," she may think. "So I will try it anyway."  But
> all the time it gnaws at her that she doesn't know the competitor's name
> and that she has to take a leap of faith to install it.  The company says
> it's open source.  "What the heck does that mean?"  She thinks.  "What if
> this company is untrustworthy?  What if this company goes under and sells
> my data?  What if..."  Too many barriers to adoption.
>
> We always think, "let's make the most private and secure solution,"
> forgetting that users care about many brand attributes that the most
> superior technical solution can't provide.
>
> On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec  wrote:
> > On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote:
> >> One is tempted to suggest using other than Skype. Alternatives exist,
> >> and these are secure, at least according to their claims. As well,
> >> Skype's code is not transparent, in the way that other, open source,
> >> applications' are.
> >
> > I'm more than tempted: I can't understand why anyone would even consider
> > using Skype.  It's closed-source, therefore it must be presumed insecure.
> > Nothing Microsoft says about it can be trusted.  There is reason to
> believe
> > that it's been successfully attacked by third parties.  &etc.
> >
> > I dunno 'bout y'all, but I think that's enough to blacklist it
> permanently.
> > Done.  Over.  Next?
> >
> > ---rsk
> > --
> > Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>



-- 



Brian Conley

Director, Small World News

http://smallworldnews.tv

m: 646.285.2046

Skype: brianjoelconley
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Andrew Lewis
Reply to all
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Nadim Kobeissi
Reply to all.


NK


On Thu, Mar 21, 2013 at 6:36 PM, Trinh Nguyen  wrote:

> reply-to-all
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Trinh Nguyen
reply-to-all
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread John Sullivan
Karl Fogel  writes:

> I vote that the list not munge the Reply-to header.
>

I would also support this option were it available. :)

-john

-- 
John Sullivan | Executive Director, Free Software Foundation
GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS

Do you use free software? Donate to join the FSF and support freedom at
.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Announcing a privacy preserving authentication protocol

2013-03-21 Thread Guido Witmond

On 03/21/2013 09:02 PM, Rich Kulawiec wrote:


True, but phishing is not currently a solvable problem anyway; it falls
into a class of problems that can't be solved no matter how much clever
technology is developed because all of that technology presumes that
end user systems are secure...and they're not.


Sir, you are entirely correct.

End user systems are insecure. That ship has left in 1980-1990 when 
everyone and their grandmother wanted a PC instead of an account on a 
managed main frame. We are suffering since.


My protocol relies on the *assumption* that the end user system is 
secure. But it's ITs dirty little secret that *every* other protocol 
relies that the end user system is secure!


- Passwords: no keylogger;
- password manager: no malware;
- encrypted password manager: no malware with sufficient patience;
- crypto smart cards: no malware in the crypto layer;
- TAN-generators for banks: I don't know if the transaction I'm 
authorising is the one that's displayed in my browser. One of my Dutch 
banks requires me to type in the amount in the tan-generator so the 
thieves are limited to that amount.



A substantial percentage of end user systems are already compromised
(in full or part) and more of them are being compromised while you're
reading this.  So unless this proposal or one like comes with a plan
to remediate a few hundred million systems, it may be beautiful in theory,
but it won't work in practice.


Acceptance is the first step on the road to recovery.

And I think the theory of my solution is more beautiful than the current 
ugly truth. If the only thing it gives is hope out of the current 
misery, I consider it a success. It may plant the seed for someone to 
change their current lousy operating system to something slightly more 
secure. That seed is what I want to plant.


Please see: [1] on how a computer should behave towards its owner.



In passing, let me note that banks and other financial institutions are
aiding and abetting phishers by doing extremely stupid things like
(a) sending email marked up with HTML (b) sending email with URLs (c) sending
email with with web bugs (d) outsourcing their email.  The irony is that
while those entities are busy *training* their customers to be phished,
they're constantly whining about how terribly awfully bad the situation is.

>

There is insufficient scotch to dull the pain of that much stupid.


Again, you're completely correct.

With my protocol, that problem is out of the way when the banks and 
customers deploy it. But it's only a little step on the journey.


The good thing, those who want can choose to use it. No need for the 
world to change.



Regards, Guido.


1: http://witmond.nl/blog/2012/11/09/asimovs-laws-for-security.html
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] skype

2013-03-21 Thread Yosem Companys
Rich, that's because you're not thinking like the average non-technical
user, who usually does the following:

The user hears from a friend that she can make calls for free over Skype.
 So she clicks on the Skype link.  Skype has millions of users, meaning it
will be around for a while. The Skype website looks visually attractive,
meaning that it must have a lot of developers.  More recently, it is owned
by Microsoft, which the user trusts for similar reasons.  "Most large,
stable, visually-striking brands can be trusted," the user thinks.  She
doesn't think for she doesn't know that "Microsoft has been attacked a lot."

Now, the user installs Skype.  She clicks through a few steps, easy enough.
 That's a low barrier to adoption.

Next, the user sees all their family and friends on there.  "Great," she
thinks. "Now I can call that friend who told me to install it."

After that, the user reads in a news article that Skype is insecure.  "That
sucks," she thinks. "But it's not like I do anything confidential on there
anyway."  Or, perhaps, she thinks, "I haven't done anything wrong, so who
cares if I'm being watched. I'm glad the government is looking out for
those terrorists."

To the extent that the user cares about security, now she needs to figure
out what's the best secure alternative out there.  But notice what happens:
 There's no large, established competitor that is secure.  Those
competitors don't have brands.

To the extent that the user finds a secure competitor, say because Consumer
Reports published an article on it (for the average non-technical user may
not know of EFF), then she might click and check it out.  She might ask her
family and friends.  But their family and friends have never heard of it
and, even worse, are not on it.

"I care about my security," she may think. "So I will try it anyway."  But
all the time it gnaws at her that she doesn't know the competitor's name
and that she has to take a leap of faith to install it.  The company says
it's open source.  "What the heck does that mean?"  She thinks.  "What if
this company is untrustworthy?  What if this company goes under and sells
my data?  What if..."  Too many barriers to adoption.

We always think, "let's make the most private and secure solution,"
forgetting that users care about many brand attributes that the most
superior technical solution can't provide.

On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec  wrote:
> On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote:
>> One is tempted to suggest using other than Skype. Alternatives exist,
>> and these are secure, at least according to their claims. As well,
>> Skype's code is not transparent, in the way that other, open source,
>> applications' are.
>
> I'm more than tempted: I can't understand why anyone would even consider
> using Skype.  It's closed-source, therefore it must be presumed insecure.
> Nothing Microsoft says about it can be trusted.  There is reason to
believe
> that it's been successfully attacked by third parties.  &etc.
>
> I dunno 'bout y'all, but I think that's enough to blacklist it
permanently.
> Done.  Over.  Next?
>
> ---rsk
> --
> Too many emails? Unsubscribe, change to digest, or change password by
emailing moderator at compa...@stanford.edu or changing your settings at
https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Director of NSF's Division of Advanced Cyberinfrastructure

2013-03-21 Thread Yosem Companys
The National Science Foundation CISE Directorate is pleased to
announce the formation of a search committee for the Director of the
Division of Advanced Cyberinfrastructure (ACI, formerly the Office of
Cyberinfrastructure). Dr. Alan Blatecky will be finishing his term as
ACI Division Director at the end of this summer – we greatly
appreciate his expertise and leadership for the coordination and
support of NSF’s cyberinfrastructure during his tenure!

Announcements for the search for his replacement can be found at
http://www.nsf.gov/cise/news/2013-ACI-Annoucement.jsp and on USAJOBS
at https://www.usajobs.gov/GetJob/ViewDetails/339364500?org=NSF.

Please feel free to contact any of the following search committee
members to nominate candidates; self-nominations are also invited:

Jim Bottum, Clemson University, j...@clemson.edu, Co-Chair
Katherine Yelick, Lawrence Berkeley National Laboratory,
kayel...@lbl.gov, Co-Chair
Fran Berman, Rensselaer Polytechnic Institute, ber...@rpi.edu
Sharon Glotzer, University of Michigan, sglotzer...@umich.edu
Bill Gropp, University of Illinois Urbana-Champaign, wgr...@illinois.edu
David Lifka, Cornell University, li...@cac.cornell.edu
Keith Marzullo, NSF Search Committee Liaison and Director of the
Division of Computer & Network Systems (CNS), kmarz...@nsf.gov
Thank you in advance for your help in identifying candidates for this
important position.  If you have any questions or comments, you are
also welcome to contact me directly.

Sincerely,

Farnam Jahanian

—

Farnam Jahanian

Assistant Director for CISE

National Science Foundation

email: fjaha...@nsf.gov

web: http://www.nsf.gov/cise/about.jsp
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Commotion Beta is out: Free Wireless Mesh Network Software

2013-03-21 Thread Andrew Reynolds
Thanks James,

The Commotion team is excited about the new developer release of the
Commotion platform. We have already received several bug reports and
feature requests following our initial DR1 binary upload a few days ago.
This has helped us take steps towards bringing this from the current,
unstable nightly build to a stable release.

The focus of this release has been to improve Commotion’s usability, so
that both developers and users without extensive background knowledge in
mesh networking can get a mesh network up and running. This lack of
usability has historically been a barrier to implementation and
experimentation.

The goal of this release is to provide opportunities for a wider
community of testers, including security and application developers, to
experiment with the Commotion platform. This release itself does not
have strong security, but contains tools and APIs to develop secure
applications. We are looking forward to working with developers in our
community to develop secure tools on top of this platform.

While we have implemented new security features that differentiate this
release from our last, users should carefully read the warning label,
located on our Download page, before using the software in a situation
where security is required. The warning will be updated to reflect the
current audits once we have completed thorough testing and evaluation of
the new release.

Commotion development is ongoing. We currently have a multi-year
development roadmap

that lays out all the planned features we will implement. We strongly
invite constructive feedback, contributions, and experimentation with
our software .
We are working hard towards our full version 1.0 release which we are
aiming to land towards the end of this year.

-andrew

On 03/21/2013 03:47 PM, James Losey wrote:
> Hi All,
> 
> I wanted to share that OTI released Commotion Beta, free, open source,
> wireless networking platform this week. This “Developer Release #1” (DR1)
> makes Commotion’s technology available for testing and feedback and is
> freely available from the project website: www.commotionwireless.net. I
> would encourage you to check it out, but please head our caution that this
> release is BETA and thus should not be used for mission-critical and/or
> sensitive communications until version 1.0 is released. This release
> includes:
> 
>- A fully integrated web-interface in addition to traditional
>command-line access.
>- QuickStart setup wizard
>- A set of core libraries that will form the backbone of a common
>network management interface across Commotion platforms
>- An application portal that makes it easy to announce and discover
>authenticated local social applications
>- A debugging tool to provide one-click error reports for network
>maintainers
> 
> There are also security features including  basic network encryption, which
> brings mesh networking up to the level of security expected from today’s
> wireless networks.  Commotion adds an additional layer of security by
> allowing the use of network keys and application signing through the use of
> The Serval Project’s http://www.servalproject.org/ Serval daemon, making it
> easier to identify bad-agents posing as legtimate services. These features
> form the foundation for the Commotion security features under active
> development. Again, this is beta and *not* for sensitive communications at
> this time.
> 
> If you want to try setting up your own network, interested in providing
> feedback or just want to learn more head over over to
> www.commotionwireless.net.
> 
> Best,
> James
> 
> 
>  RELEASE: OTI Launches Commotion Beta: Free Wireless Mesh Network Software
> Commotion Technology Revolutionizes Community Wireless by Providing a Safe,
> Low-Cost Option
> *Published:  * March 20, 2013
> 
> Washington, DC — The New America Foundation's *Open Technology
> Institute 
> *(OTI) announced today the public release of Commotion Beta - a free, open
> source, wireless networking platform. This “Developer Release #1” (DR1)
> makes Commotion’s technology available for testing and feedback and is
> freely available from the project website:
> *www.commotionwireless.net
> *. Please note that Commotion is in Beta and should not be used for
> mission-critical and/or sensitive communications until version 1.0 is
> released.
> 
> Commotion is a cutting-edge open-source communications software platform
> that uses laptops, mobile phones, and other Wi-Fi devices to create
> decentralized, wireless “mesh” networks.  Commotion interconnects devices
> directly to one-another in a peer-to-peer manner to form a “spider web” of
> connectivity.
> 
> “Commotion Beta is a transformative technology - the culmination of years
> of research and develop

Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Fabio Pietrosanti (naif)
On 3/21/13 5:27 PM, Jacob Appelbaum wrote:
> I don't agree with that reading of the report. There is likely a lot of
> word-smithing here - for example, Does Skype include SkypeIn and
> SkypeOut or just Peer to Peer video, text and storage of (other)
> meta-data? Does CALEA happen on the Skype side of things or on the
> PTSN/VoIP service side of Skype{In,Out}? My guess is the latter rather
> than the former.
Nice consideration for SkypeIn/Out.

Just to say that if in Italy LEA ask a local provider for wiretapping
and it refuse to comply with the request, he is violating ministry of
communication licensing rules and he can be immediately revocated
telecommunication license.

And it's unreasonable to think that in a country with 60mln person like
Italy there was no requests done to Skype, especially considering the
special task force of prosecutors and lawyers that has been setup some
years ago (pre-microsoft acquisition) to make pressure on Skype at EU level.

So i'll add a question:
Does Microsoft/Skype transparency report consider also requests that are
done from non-US authorities to Microsoft Corporation or to non-US
branch of Microsoft (like Microsoft Italia) ?

Fabio
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Dan Auerbach
On 03/21/2013 10:37 AM, Jacob Appelbaum wrote:
> Joseph Lorenzo Hall:
>> > 
>> > 
>> > On Thu Mar 21 12:27:47 2013, Jacob Appelbaum wrote:
>>> >> Joseph Lorenzo Hall:
 >>> Two things seem particularly interesting: apparently zero requests for
 >>> content were fulfilled for Skype and the associated FAQ [1] says CALEA
 >>> (the US law that mandates intercept capability) does not apply to 
 >>> Skype.
 >>> That seems particularly encouraging to me.
 >>>
 >>> The FAQ is also interesting in that the non-content question mentions
 >>> "location" but then only lists state, country and ZIP code as fields
 >>> provided (I don't know how MSFT would have access to precise
 >>> geolocation, but that doesn't appear to be something they provide). 
 >>> Also
 >>> the NSL reporting in the FAQ is binned in terms of thousands of NSLs...
 >>> so in 2009 they report receiving 0-999 NSLs and in 2010 1000-1999 NSLs
 >>> (hard to tell if that was just one more NSL or a bunch).
 >>>
>>> >>
>>> >> I don't agree with that reading of the report. There is likely a lot of
>>> >> word-smithing here - for example, Does Skype include SkypeIn and
>>> >> SkypeOut or just Peer to Peer video, text and storage of (other)
>>> >> meta-data? Does CALEA happen on the Skype side of things or on the
>>> >> PTSN/VoIP service side of Skype{In,Out}? My guess is the latter rather
>>> >> than the former.
>> > 
>> > Ok, I certainly agree there is probably a lot of wordsmithing here. 
>> > CALEA certainly applies to PSTN interconnection but then presumably law 
>> > enforcement would just go to the phone company which has 
>> > CALEA-compliant switching hardware there. (I think.)
>> > 
>>> >> Also, note that Microsoft "Provided Guidance to Law Enforcement" - so
>>> >> when they say they didn't provide content, did they provide the
>>> >> credentials? If so, the guidance could have allowed the "Law
>>> >> Enforcement" to simply login and restore the account data. Or perhaps
>>> >> merely disclosing a key?
>> > 
>> > They certainly don't describe what that means, which is strange because 
>> > for a transparency report with quantitative data, one would want to 
>> > bound what the categories of quantitative data are! I would hope that 
>> > MSFT would consider providing ciphertext and session keys as "providing 
>> > content" and increment the zeros in that column, but there's no 
>> > definitive statement in all of this that I can see which would support 
>> > that.
> I wrote to them and asked these questions, as well as a few others.
>
> What other questions should we pose to them, I wonder?
Reading quickly through the documents, there seems to be no information
about US FISA court orders, so that might be something to ask them
about. I am concerned about the possibility that FISA is being abused to
access large swaths of user data (esp given FAA provisions and secret
interpretation of section 215 of Patriot Act). You could suggest general
rounded numbers for FISA like for NSLs. Doubt you'll get any info, though.

That said, kudos to MS for releasing this info and to people for pushing
them on Skype!

-- 
Dan Auerbach
Staff Technologist
Electronic Frontier Foundation
d...@eff.org
415 436 9333 x134

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] skype

2013-03-21 Thread Rich Kulawiec
On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote:
> One is tempted to suggest using other than Skype. Alternatives exist,
> and these are secure, at least according to their claims. As well,
> Skype's code is not transparent, in the way that other, open source,
> applications' are.

I'm more than tempted: I can't understand why anyone would even consider
using Skype.  It's closed-source, therefore it must be presumed insecure.
Nothing Microsoft says about it can be trusted.  There is reason to believe
that it's been successfully attacked by third parties.  &etc.

I dunno 'bout y'all, but I think that's enough to blacklist it permanently.
Done.  Over.  Next?

---rsk
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Announcing a privacy preserving authentication protocol

2013-03-21 Thread Rich Kulawiec
On Tue, Mar 12, 2013 at 06:31:56PM -0500, Kyle Maxwell wrote:
> A. This doesn't eliminate phishing because users will still enter
> their credentials at a site that doesn't actually match the one where
> the cert was previously signed. Otherwise, existing HTTPS controls
> would already protect them.

True, but phishing is not currently a solvable problem anyway; it falls
into a class of problems that can't be solved no matter how much clever
technology is developed because all of that technology presumes that
end user systems are secure...and they're not.  (Other problems in
that class: spam, email forgery, DDoS.)

A substantial percentage of end user systems are already compromised
(in full or part) and more of them are being compromised while you're
reading this.  So unless this proposal or one like comes with a plan
to remediate a few hundred million systems, it may be beautiful in theory,
but it won't work in practice.

In passing, let me note that banks and other financial institutions are
aiding and abetting phishers by doing extremely stupid things like
(a) sending email marked up with HTML (b) sending email with URLs (c) sending
email with with web bugs (d) outsourcing their email.  The irony is that
while those entities are busy *training* their customers to be phished,
they're constantly whining about how terribly awfully bad the situation is.

There is insufficient scotch to dull the pain of that much stupid.

---rsk
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] list reply-all

2013-03-21 Thread Rich Kulawiec
On Wed, Mar 20, 2013 at 05:48:20AM -0400, Michael Allan wrote:
> Pardon me, but that's not true.  GNU Mailman is a decent list server
> and it ships with reply-to-sender.  You must go out of your way to
> munge the Reply-to header.  They recommend against it:
> http://www.gnu.org/software/mailman/mailman-admin/node11.html

Correct.  (That is, (a) correct that they recommend against it
and (b) correct that they SHOULD recommend against it.)  [1]

Now it's true that there are broken email clients out there that don't
handle this gracefully.  The solution is not to accomodate broken email
clients, but to insist that users of broken email clients either fix them,
get them fixed, or abandon them for others.

I will also suggest, that in the context of this particular list,
everyone should be using a mail client that permits and even better,
encourages, full editing of the To:, Cc: and Bcc: fields and that members
get in the habit of double-checking those fields before sending.
That's just good email practice, along with things like not top-posting,
not full-quoting, and not sending mail marked up with HTML.

---rsk

[1] Mailman is more than "decent": it is, at the moment, the best
available software for running mailing lists, period.   Certainly all
closed-source software may be immediately dismissed from consideration,
which leaves us with things like ezmlm and majordomo, none of which
have Mailman's feature set, standards compliance, or ongoing track
record of bug fixes and improvements.  Oh, it's not perfect, and I sure
wish it wasn't written in Python: but it's the best-available, and its
authors have done an exemplary job of bug-fixing and enhancement.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


[liberationtech] Gentle reminder: Stanford STS Conference submissions due this Friday (tomorrow)

2013-03-21 Thread Morgan G. Ames
Greetings all,

There is just one day until the deadline to submit 250-word abstracts to
Stanford's first annual graduate STS conference.

This is a gentle reminder to submit (or encourage students/colleagues to
submit) abstracts and 50-word bios to governing.technol...@morganya.org.

The full CFP is below. Please forward widely!

Thank you, and we hope to see you in May!
- Morgan, Damien, Mark, and the rest of the GSST conference committee


--

Governing Technology: Material Politics and Hybrid Agencies
*Thursday, May 9 and Friday, May 10**, 2013*
*Stanford Humanities Center*
*http://governing.morganya.org *

This conference aims to bring together two communities of scholars: those
examining the ways that states and other institutions have sought to govern
technologies, and those examining the ways that technologies have
influenced the practice and form of governing. In the process, we will
revisit the concept of governance through the lens of *material politics*.

As some technologies promise the world and others threaten to overrun it,
scholars in the humanities and social sciences have turned a critical eye
to the agentive power and material effects of technology, as well as the
responses that this power invokes. Research on technology’s entanglements
with states, transnational organizations, and other powerful institutions
has often taken its cues from science and technology studies. In
particular, pioneering work in STS on materiality, on governmentality, and
on hybrid and nonhuman agency has become more and more a part of mainstream
work in history, geography, anthropology, communication, literary studies,
sociology, and beyond. Scholars from across these fields have, in turn,
developed new frameworks of analysis that go beyond classic conceptions of
governmentality and materiality to incorporate their own disciplinary
strengths.

Cornell professor Steve
Jackson
will
discuss the interplay between governance and technology in his keynote
lecture .
The conference will wrap up with a roundtable discussion on building the
STS community in the Bay Area and beyond, featuring STS professors from
Stanford and several nearby Universities of California.

Call for Participation

We invite papers that consider (or critique) the relevance of *material
politics* in understanding the relationship between governance and
technology: how states and other institutions respond to challenges imposed
by new and emerging technological developments and how technologies,
understood broadly, become part of governing.

Papers from any discipline or institution are encouraged. Possible topics
include, but are not limited to:

   - Natural resource management and extraction
   - The politics of environmental regulation and tourism
   - National or transnational policies on innovation and intellectual
   property
   - The regulation and development of biotechnology
   - The agency and role of non-governmental organizations
   - Governing dangerous materials
   - The politics of agricultural technologies
   - Medical innovation and regulation
   - The *un*governability of certain technologies
   - The politics of technology in public health or urban planning
   - Historical accounts of technological governance or agency
   - Theoretical discussions or critiques of material agencies
   - Theoretical discussions of governance through the lens of material
   politics

Please submit the following to *governing.technol...@morganya.org*:

   - *A submission abstract* of no more than 250 words
   - *A brief biography* of no more than 50 words to be included in the
   conference program

The deadline for submissions is *March 22, 2013*. Notifications will be
sent and the schedule posted by April 12, 2013.



-- 

Morgan G. Ames
http://morganya.org
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Commotion Beta is out: Free Wireless Mesh Network Software

2013-03-21 Thread James Losey
Hi All,

I wanted to share that OTI released Commotion Beta, free, open source,
wireless networking platform this week. This “Developer Release #1” (DR1)
makes Commotion’s technology available for testing and feedback and is
freely available from the project website: www.commotionwireless.net. I
would encourage you to check it out, but please head our caution that this
release is BETA and thus should not be used for mission-critical and/or
sensitive communications until version 1.0 is released. This release
includes:

   - A fully integrated web-interface in addition to traditional
   command-line access.
   - QuickStart setup wizard
   - A set of core libraries that will form the backbone of a common
   network management interface across Commotion platforms
   - An application portal that makes it easy to announce and discover
   authenticated local social applications
   - A debugging tool to provide one-click error reports for network
   maintainers

There are also security features including  basic network encryption, which
brings mesh networking up to the level of security expected from today’s
wireless networks.  Commotion adds an additional layer of security by
allowing the use of network keys and application signing through the use of
The Serval Project’s http://www.servalproject.org/ Serval daemon, making it
easier to identify bad-agents posing as legtimate services. These features
form the foundation for the Commotion security features under active
development. Again, this is beta and *not* for sensitive communications at
this time.

If you want to try setting up your own network, interested in providing
feedback or just want to learn more head over over to
www.commotionwireless.net.

Best,
James


 RELEASE: OTI Launches Commotion Beta: Free Wireless Mesh Network Software
Commotion Technology Revolutionizes Community Wireless by Providing a Safe,
Low-Cost Option
*Published:  * March 20, 2013

Washington, DC — The New America Foundation's *Open Technology
Institute 
*(OTI) announced today the public release of Commotion Beta - a free, open
source, wireless networking platform. This “Developer Release #1” (DR1)
makes Commotion’s technology available for testing and feedback and is
freely available from the project website:
*www.commotionwireless.net
*. Please note that Commotion is in Beta and should not be used for
mission-critical and/or sensitive communications until version 1.0 is
released.

Commotion is a cutting-edge open-source communications software platform
that uses laptops, mobile phones, and other Wi-Fi devices to create
decentralized, wireless “mesh” networks.  Commotion interconnects devices
directly to one-another in a peer-to-peer manner to form a “spider web” of
connectivity.

“Commotion Beta is a transformative technology - the culmination of years
of research and development by hundreds of developers around the globe,”
said New America Vice President and OTI Director Sascha Meinrath, who is
the founder of Commotion Wireless. “Commotion is an incredible resource for
empowering communities and constituencies worldwide, helping with a variety
of different needs, from spreading low-cost connectivity, securing
communications, and enhancing disaster-response.”

Commotion Beta adds new usability enhancements and features that simplify
mesh network setup and reduce the difficulty of network maintenance.  DR1
contains a fully integrated web-interface in addition to traditional
command-line access.  Among the new technical features in DR1 are a
QuickStart setup wizard, a set of core libraries that will form the
backbone of a common network management interface across Commotion
platforms, an application portal that makes it easy to announce and
discover authenticated local social applications, and a debugging tool to
provide one-click error reports for network maintainers. These features
will be ported to the Android, Linux, and OS X clients over the next
quarter.

The DR1 release also includes key security features, beginning with basic
network encryption, which brings mesh networking up to the level of
security expected from today’s wireless networks. Commotion adds an
additional layer of security by allowing the use of network keys and
application signing through the use of The Serval Project’s
http://www.servalproject.org/ Serval daemon, making it easier to identify
bad-agents posing as legtimate services. These features form the foundation
for the Commotion security features under active development.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] US State Dept Discourages Using Technology to Promote Democracy, Human Rights, and Citizen Engagement in Ukraine?

2013-03-21 Thread Yosem Companys
Fostering Civic Engagement in Ukraine (approximately $500,000
available): DRL’s objective is to support the role of civil society in
policy formation and enhancing accountability and responsiveness of
government officials in Ukraine. The program will support civil
society to foster an inclusive and participatory democratic system of
government and hold politicians and public officials more accountable
to constituents. In order to foster more unity among civil society
efforts, the program should support post-election advocacy on areas of
policy formation and implementation such as ongoing efforts related to
elections and election law reform; freedom of assembly legislation;
and/or reversing legislation restricting the rights of vulnerable or
marginalized populations. The program should also examine how well
existing laws are implemented and help civil society ensure that
citizens can use official institutions and mechanisms to exercise
their rights. Program activities could include, but are not limited
to: support for activities to encourage debate and advocacy by
citizens and civil society organizations, small grants to civil
society for monitoring and/or advocacy activities, creating regional
civil society partnerships to increase civil society unity on advocacy
efforts, or connecting Ukrainian civil society with their counterparts
in one or more countries in the region through NGO-to-NGO exchanges
and mentoring in order to take advantage of shared post-communist and
transition experiences. Successful proposals will demonstrate a strong
knowledge of civil society in Ukraine and an established ability to
work with regional civil society groups.

DRL strongly discourages health, technology, or science- related
projects unless they have an explicit component related to the
requested program objectives listed above.

http://www.state.gov/j/drl/p/206488.htm
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Jacob Appelbaum
Joseph Lorenzo Hall:
> 
> 
> On Thu Mar 21 12:27:47 2013, Jacob Appelbaum wrote:
>> Joseph Lorenzo Hall:
>>> Two things seem particularly interesting: apparently zero requests for
>>> content were fulfilled for Skype and the associated FAQ [1] says CALEA
>>> (the US law that mandates intercept capability) does not apply to Skype.
>>> That seems particularly encouraging to me.
>>>
>>> The FAQ is also interesting in that the non-content question mentions
>>> "location" but then only lists state, country and ZIP code as fields
>>> provided (I don't know how MSFT would have access to precise
>>> geolocation, but that doesn't appear to be something they provide). Also
>>> the NSL reporting in the FAQ is binned in terms of thousands of NSLs...
>>> so in 2009 they report receiving 0-999 NSLs and in 2010 1000-1999 NSLs
>>> (hard to tell if that was just one more NSL or a bunch).
>>>
>>
>> I don't agree with that reading of the report. There is likely a lot of
>> word-smithing here - for example, Does Skype include SkypeIn and
>> SkypeOut or just Peer to Peer video, text and storage of (other)
>> meta-data? Does CALEA happen on the Skype side of things or on the
>> PTSN/VoIP service side of Skype{In,Out}? My guess is the latter rather
>> than the former.
> 
> Ok, I certainly agree there is probably a lot of wordsmithing here. 
> CALEA certainly applies to PSTN interconnection but then presumably law 
> enforcement would just go to the phone company which has 
> CALEA-compliant switching hardware there. (I think.)
> 
>> Also, note that Microsoft "Provided Guidance to Law Enforcement" - so
>> when they say they didn't provide content, did they provide the
>> credentials? If so, the guidance could have allowed the "Law
>> Enforcement" to simply login and restore the account data. Or perhaps
>> merely disclosing a key?
> 
> They certainly don't describe what that means, which is strange because 
> for a transparency report with quantitative data, one would want to 
> bound what the categories of quantitative data are! I would hope that 
> MSFT would consider providing ciphertext and session keys as "providing 
> content" and increment the zeros in that column, but there's no 
> definitive statement in all of this that I can see which would support 
> that.

I wrote to them and asked these questions, as well as a few others.

What other questions should we pose to them, I wonder?

All the best,
Jacob

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Karl Fogel
I vote that the list not munge the Reply-to header.

Some call this "reply-to-poster", but it really means leave Reply-to
however the original poster set it.  If OP set it to the list, that's
fine; usually the OP sets it to their preferred personal address, of
course.

http://producingoss.com/en/mailing-lists.html#reply-to has all the
references I know of on this ancient and well-exercised debate :-).

Best,
-Karl

"Sarah A. Downey"  writes:
>Reply to poster as default. Thanks.
>
>On Thu, Mar 21, 2013 at 7:36 AM, Collin Sullivan
> wrote:
>
>I vote for reply-to-list as default.
>
>
>Yosem Companys:
>
>> Dear Liberationtech list subscribers,
>>
>> Several of you have petitioned to change Liberationtech mailing
>list's
>> default "reply to" option from "reply-to-all" to
>"reply-to-poster." Given
>> the debate (see links below), we have decided to put the issue
>up for a
>> vote:
>>
>
>> - Do you want replies to Liberationtech list messages directed
>to
>
>> "reply-to-all" or "reply-to-poster"?
>>
>> Please vote by submitting your preference to me by 11.59 pm PST
>on Sunday,
>> March 24, 2013. Any votes received after this date and time will
>not be
>> counted.
>>
>> Thanks,
>>
>> Yosem
>> One of your moderators
>>
>> PS To read a summary of the advantages and disadvantages of
>> "reply-to-all", click on the corresponding links below:
>>
>
>> - Reply-to-all considered useful:
>> http://marc.merlins.org/netrants/reply-to-useful.html
>> - Reply-to-all considered harmful:
>
>
>> http://www.unicom.com/pw/reply-to-harmful.html
>>
>> If you'd like to read the entire debate on the Liberationtech
>list, please
>> click on the links below:
>>
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.
>html
>>
>http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.
>html
>>
>>
>>
>
>> --
>> Too many emails? Unsubscribe, change to digest, or change
>password by emailing moderator at compa...@stanford.edu or
>changing your settings at
>https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>--
>
>Collin Sullivan
>Human Rights Program Associate
>Benetech Human Rights Program
>
>Email: colli...@benetech.org
>GPG: 0x78657D4D
>XMPP: collin.sulli...@riseup.net
>OTR: A0946621 68E641FA 4DFBF9F0 10B20AA9 88601348
>11C7957D 5A99DAF7 1D0DD4BC EE243287 943AD67A
>
>https://www.benetech.org - Technology Serving Humanity
>https://www.martus.org - Martus Human Rights Bulletin System
>https://www.hrdag.org - Human Rights Data Analysis Group
>
>
>
>--
>Too many emails? Unsubscribe, change to digest, or change password
>by emailing moderator at compa...@stanford.edu or changing your
>settings at
>https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change p

Re: [liberationtech] skype

2013-03-21 Thread Anthony Papillion
On 03/21/2013 05:58 AM, Andreas Bader wrote:
> Louis Suárez-Potts:
>> One is tempted to suggest using other than Skype. Alternatives exist, and 
>> these are secure, at least according to their claims. As well, Skype's code 
>> is not transparent, in the way that other, open source, applications' are. 
>>
>> louis
> 
> What alternative do you exactly mean?
> I know some of them running under Linux, but I rarely know people using
> them.

Take a look at Jitsi (it used to be SIP Communicator). Multiprotocol and
allows you to encrypt voice and video chat. Completely cross platform.
www.jitsi.org

Anthony



--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Travis McCrea
No, it just shows that people didn't understand the rules of voting. Nothing 
else.

Travis McCrea
Pirate Party of Canada
The Ultimate Ebook Library
Kopimist Church of Idaho

Phone: 1(206)552-8728 US Call/Text
IRC: irc.freenode.net, irc.pirateirc.net (TeamColtra or TravisMcCrea)
Web: travismccrea.com
IM: teamcol...@451.im (jabber) teamcoltra (AIM)

On 2013-03-21, at 12:42 PM, Guido Witmond  wrote:

> On 03/21/2013 05:33 PM, Trevor Timm wrote:
>> Man, I really wish even if people are voting reply-all that you vote by
>> just replying to Yosef. This is spamming everyone's in box with dozens
>> of emails.
>> 
> 
> Doesn't it prove the point of reply-to-poster?
> 
> Guido.
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Joseph Lorenzo Hall


On Thu Mar 21 12:27:47 2013, Jacob Appelbaum wrote:
> Joseph Lorenzo Hall:
>> Two things seem particularly interesting: apparently zero requests for
>> content were fulfilled for Skype and the associated FAQ [1] says CALEA
>> (the US law that mandates intercept capability) does not apply to Skype.
>> That seems particularly encouraging to me.
>>
>> The FAQ is also interesting in that the non-content question mentions
>> "location" but then only lists state, country and ZIP code as fields
>> provided (I don't know how MSFT would have access to precise
>> geolocation, but that doesn't appear to be something they provide). Also
>> the NSL reporting in the FAQ is binned in terms of thousands of NSLs...
>> so in 2009 they report receiving 0-999 NSLs and in 2010 1000-1999 NSLs
>> (hard to tell if that was just one more NSL or a bunch).
>>
>
> I don't agree with that reading of the report. There is likely a lot of
> word-smithing here - for example, Does Skype include SkypeIn and
> SkypeOut or just Peer to Peer video, text and storage of (other)
> meta-data? Does CALEA happen on the Skype side of things or on the
> PTSN/VoIP service side of Skype{In,Out}? My guess is the latter rather
> than the former.

Ok, I certainly agree there is probably a lot of wordsmithing here. 
CALEA certainly applies to PSTN interconnection but then presumably law 
enforcement would just go to the phone company which has 
CALEA-compliant switching hardware there. (I think.)

> Also, note that Microsoft "Provided Guidance to Law Enforcement" - so
> when they say they didn't provide content, did they provide the
> credentials? If so, the guidance could have allowed the "Law
> Enforcement" to simply login and restore the account data. Or perhaps
> merely disclosing a key?

They certainly don't describe what that means, which is strange because 
for a transparency report with quantitative data, one would want to 
bound what the categories of quantitative data are! I would hope that 
MSFT would consider providing ciphertext and session keys as "providing 
content" and increment the zeros in that column, but there's no 
definitive statement in all of this that I can see which would support 
that.

best, Joe

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Guido Witmond

On 03/21/2013 05:33 PM, Trevor Timm wrote:

Man, I really wish even if people are voting reply-all that you vote by
just replying to Yosef. This is spamming everyone's in box with dozens
of emails.



Doesn't it prove the point of reply-to-poster?

Guido.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Bill Best
On 21 March 2013 16:33, Trevor Timm  wrote:
> Man, I really wish even if people are voting reply-all that you vote by just
> replying to Yosef. This is spamming everyone's in box with dozens of emails.

I disagree. Like many people here I filter my emails.

I can handle plenty more.

Regards

Bill
-- 
Community Media Association
http://www.commedia.org.uk/
http://twitter.com/community_media
http://www.facebook.com/CommunityMediaAssociation

> On 3/21/13 9:30 AM, John Sullivan wrote:
>>
>> reply-to-all
>>
>> -john
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Trevor Timm
Man, I really wish even if people are voting reply-all that you vote by 
just replying to Yosef. This is spamming everyone's in box with dozens 
of emails.


On 3/21/13 9:30 AM, John Sullivan wrote:

reply-to-all

-john




--
Trevor Timm
Activist
Electronic Frontier Foundation
https://eff.org

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread John Sullivan
reply-to-all

-john

-- 
John Sullivan | Executive Director, Free Software Foundation
GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS

Do you use free software? Donate to join the FSF and support freedom at
.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Jacob Appelbaum
Joseph Lorenzo Hall:
> Two things seem particularly interesting: apparently zero requests for
> content were fulfilled for Skype and the associated FAQ [1] says CALEA
> (the US law that mandates intercept capability) does not apply to Skype.
> That seems particularly encouraging to me.
> 
> The FAQ is also interesting in that the non-content question mentions
> "location" but then only lists state, country and ZIP code as fields
> provided (I don't know how MSFT would have access to precise
> geolocation, but that doesn't appear to be something they provide). Also
> the NSL reporting in the FAQ is binned in terms of thousands of NSLs...
> so in 2009 they report receiving 0-999 NSLs and in 2010 1000-1999 NSLs
> (hard to tell if that was just one more NSL or a bunch).
> 

I don't agree with that reading of the report. There is likely a lot of
word-smithing here - for example, Does Skype include SkypeIn and
SkypeOut or just Peer to Peer video, text and storage of (other)
meta-data? Does CALEA happen on the Skype side of things or on the
PTSN/VoIP service side of Skype{In,Out}? My guess is the latter rather
than the former.

Also, note that Microsoft "Provided Guidance to Law Enforcement" - so
when they say they didn't provide content, did they provide the
credentials? If so, the guidance could have allowed the "Law
Enforcement" to simply login and restore the account data. Or perhaps
merely disclosing a key?

All the best,
Jacob
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Joanne Michele
I vote to retain reply-to-all. 
—
Sent from Mailbox for iPhone

On Wed, Mar 20, 2013 at 9:18 PM, Yosem Companys 
wrote:

> Dear Liberationtech list subscribers,
> Several of you have petitioned to change Liberationtech mailing list's
> default "reply to" option from "reply-to-all" to "reply-to-poster."  Given
> the debate (see links below), we have decided to put the issue up for a
> vote:
>- Do you want replies to Liberationtech list messages directed to
>"reply-to-all" or "reply-to-poster"?
> Please vote by submitting your preference to me by 11.59 pm PST on Sunday,
> March 24, 2013.  Any votes received after this date and time will not be
> counted.
> Thanks,
> Yosem
> One of your moderators
> PS  To read a summary of the advantages and disadvantages of
> "reply-to-all", click on the corresponding links below:
>- Reply-to-all considered useful:
>http://marc.merlins.org/netrants/reply-to-useful.html
>- Reply-to-all considered harmful:
>http://www.unicom.com/pw/reply-to-harmful.html
> If you'd like to read the entire debate on the Liberationtech list, please
> click on the links below:
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread James S. Tyre
Reply-to-all

--
James S. Tyre
Law Offices of James S. Tyre
10736 Jefferson Blvd., #512
Culver City, CA 90230-4969
310-839-4114/310-839-4602(fax)
jst...@jstyre.com
Policy Fellow, Electronic Frontier Foundation
https://www.eff.org


--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Stefan Geens
Re MSFT transparency, congrats on the result.

In its FAQ. MSFT seems to answer quite unequivocally that Skype still encrypts 
Skype-Skype calls on a peer-to-peer basis:

"We provide SSL encryption for Microsoft services and Skype-Skype calls on our 
full client (for full function computers) are encrypted on a peer-to-peer 
basis; however, no communication method is 100% secure. For example Skype 
Out/In calls route through the existing telecommunications network for part of 
the call and users of the Skype thin client (used on smartphones, tablets and 
other hand-held devices) route communications over a wireless or mobile 
provider network. In addition, the end points of a communication are vulnerable 
to access by third parties such as criminals or governments."

I don't see any wiggle room here, though perhaps it would be even better were 
MSFT to state that it therefore has no access to the contents of Skype-to-Skype 
peer-to-peer calls. 
 
Stefan
--

On 21 Mar, at 15:31, Joseph Lorenzo Hall  wrote:

> Two things seem particularly interesting: apparently zero requests for
> content were fulfilled for Skype and the associated FAQ [1] says CALEA
> (the US law that mandates intercept capability) does not apply to Skype.
> That seems particularly encouraging to me.
> 
> The FAQ is also interesting in that the non-content question mentions
> "location" but then only lists state, country and ZIP code as fields
> provided (I don't know how MSFT would have access to precise
> geolocation, but that doesn't appear to be something they provide). Also
> the NSL reporting in the FAQ is binned in terms of thousands of NSLs...
> so in 2009 they report receiving 0-999 NSLs and in 2010 1000-1999 NSLs
> (hard to tell if that was just one more NSL or a bunch).
> 
> best, Joe
> 
> [1]
> https://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/#FAQs1
> 
> On Thu Mar 21 10:07:16 2013, Nadim Kobeissi wrote:
>> We did it! Our Skype Open Letter worked!!!
>> 
>> *Pats self on back*
>> 
>> 
>> NK
>> 
>> 
>> On Thu, Mar 21, 2013 at 10:04 AM, James Losey  wrote:
>> 
>>> From the blog post:
>>> 
>>> "As noted in the data table (available in the PDF below) in 2012,
>>> Microsoft and Skype received a total of 75,378 law enforcement requests.
>>> Those requests potentially impacted 137,424 accounts. While it is not
>>> possible to directly compare the number of requests to the number of users
>>> affected, it is likely that less than 0.02% of active users were affected.
>>> The data shows that, after a careful review of each request by our
>>> compliance teams, 18% of law enforcement requests to Microsoft resulted in
>>> the disclosure of no customer data. Approximately 79.8% of requests to
>>> Microsoft resulted in the disclosure of only non-content information, and
>>> only a small number of law enforcement requests (2.2%) resulted in the
>>> disclosure of customer content. To further explain the data, we have
>>> included Frequently Asked Questions and Answers below."
>>> 
>>> Report page:
>>> http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
>>> Blog post:
>>> http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx
>>> PDF:
>>> http://download.microsoft.com/download/F/3/8/F38AF681-EB3A-4645-A9C4-D4F31B8BA8F2/MSFT_Reporting_Data.pdf
>>> NY Times:
>>> http://www.nytimes.com/2013/03/22/technology/microsoft-releases-report-on-law-enforcement-requests.html?pagewanted=all&_r=1&;
>>> 
>>> 
>>> 
>>> --
>>> Too many emails? Unsubscribe, change to digest, or change password by
>>> emailing moderator at compa...@stanford.edu or changing your settings at
>>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>> 
>>> 
>>> 
>>> We did it! Our Skype Open Letter worked!!!
>>> 
>>> *Pats self on back*
>>> 
>>> 
>>> NK
>>> 
>>> 
>>> On Thu, Mar 21, 2013 at 10:04 AM, James Losey >> > wrote:
>>> 
>>>From the blog post: 
>>> 
>>>"As noted in the data table (available in the PDF below) in
>>>2012, Microsoft and Skype received a total of 75,378 law
>>>enforcement requests. Those requests potentially impacted
>>>137,424 accounts. While it is not possible to directly
>>>compare the number of requests to the number of users
>>>affected, it is likely that less than 0.02% of active users
>>>were affected. The data shows that, after a careful review of
>>>each request by our compliance teams, 18% of law enforcement
>>>requests to Microsoft resulted in the disclosure of no
>>>customer data. Approximately 79.8% of requests to Microsoft
>>>resulted in the disclosure of only non-content information,
>>>and only a small number of law enforcement requests (2.2%)
>>>resulted in the disclosure of customer content. To further
>>>explain the data, we have included Frequently Asked Ques

Re: [liberationtech] reply-all

2013-03-21 Thread Dragana Kaurin

> I vote reply all (list) as default. I learn a lot from these
> discussions, although I wish people could erase as much as possible of
> the quoted email in their reply...
> Courtney C. Radsch
> crad...@gmail.com 
>
agree!
> Website: www.radsch.info 
> Blog: http://arab-media.blogspot.com
> Twitter: courtneyr
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] reply-all

2013-03-21 Thread Courtney Radsch
I vote reply all (list) as default. I learn a lot from these discussions,
although I wish people could erase as much as possible of the quoted email
in their reply...
Courtney C. Radsch
crad...@gmail.com

Website: www.radsch.info
Blog: http://arab-media.blogspot.com
Twitter: courtneyr
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Disturbing

2013-03-21 Thread Yosem Companys
That's right: Technology = Ideology + Materiality.  And ideology is not a
bad word, despite it's popular negative connotations.

On Thu, Mar 21, 2013 at 7:58 AM, Chris R Albon wrote:

>  As a political scientist: b.
> As a international relations guy: uh, okay.
>
> I am continually amazed that people continue to forget that STEM is
> embedded in a social, culture, economic, and yes, political context.
>
> Chris R. Albon
> ChrisRAlbon.com
>
> On Thursday, March 21, 2013 at 10:55 AM, Yosem Companys wrote:
>
> WASHINGTON, March 20, 2013 /PRNewswire-USNewswire/ -- The following is
> being released by the American Political Science 
> Association
> :
>
> (Logo: http://photos.prnewswire.com/prnh/20120604/DC18511LOGO-b )
>
> This afternoon, the United States Senate delivered a devastating blow to
> the integrity of the scientific process at the National Science Foundation
> (NSF) by voting for the Coburn Amendment to the Continuing Appropriations
> Act of 2013.
>
> Senator Coburn (R-OK) submitted an amendment (SA 65, as modified) to the
> Mikulski-Shelby Amendment (SA 26) to H.R. 933 (Full-Year Continuing
> Appropriations Act of 2013).  The amendment places unprecedented
> restriction on the national research agenda by declaring the political
> science study of democracy and public policy out of bounds.  The amendment
> allows only political science research that promotes "national security or
> the economic interests of the United States."
>
> Adoption of this amendment is a gross intrusion into the widely-respected,
> independent scholarly agenda setting process at NSF that has supported our
> world-class national science enterprise for over sixty years.
>
> The amendment creates an exceptionally dangerous slippery slope.  While
> political science research is most immediately affected, at risk is *any
> and all* research in *any and all* disciplines funded by the NSF.  The
> amendment makes all scientific research vulnerable to the whims of
> political pressure.
>
> Adoption of this amendment demonstrates a serious misunderstanding of the
> breadth and importance of political science research for the national
> interest and its integral place on the nation's interdisciplinary
> scientific research agenda.
>
> Singling out any one field of science is short-sighted and misguided, and
> poses a serious threat to the independence and integrity of the National
> Science Foundation.
>
> And shackling political science within the national science agenda is a
> remarkable embarrassment for the world's exemplary democracy.
>
> For the latest in political science research in the news, follow us on
> Facebook  and 
> Twitter
> .
>
> *About the American Political Science Association
> *Founded in 1903, the *American Political Science Association* 
> is
> the leading professional organization for the study of political science
> and serves more than 15,000 members in over 80 countries. With a range of
> programs and services for individuals, departments and institutions, APSA
> brings together political scientists from all fields of inquiry, regions,
> and occupational endeavors within and outside academe in order to expand
> awareness and understanding of politics.
>
> SOURCE American Political Science Association
>
>
> RELATED LINKS
> http://www.apsanet.org
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Alan Stewart

reply-to-all

Alan Stewart

On 3/20/2013 6:17 PM, Yosem Companys wrote:

Dear Liberationtech list subscribers,

Several of you have petitioned to change Liberationtech mailing list's 
default "reply to" option from "reply-to-all" to "reply-to-poster." 
 Given the debate (see links below), we have decided to put the issue 
up for a vote:


  * Do you want replies to Liberationtech list messages directed to
"reply-to-all" or "reply-to-poster"?

Please vote by submitting your preference to me by 11.59 pm PST 
on Sunday, March 24, 2013.  Any votes received after this date and 
time will not be counted.


Thanks,

Yosem
One of your moderators

PS  To read a summary of the advantages and disadvantages of 
"reply-to-all", click on the corresponding links below:


  * Reply-to-all considered useful:
http://marc.merlins.org/netrants/reply-to-useful.html
  * Reply-to-all considered harmful:
http://www.unicom.com/pw/reply-to-harmful.html

If you'd like to read the entire debate on the Liberationtech list, 
please click on the links below:


http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html



--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Disturbing

2013-03-21 Thread Devon M T Loffreto
STEM? whats that?
Difficult to drive educated outcomes in a Society that uses an employment
model & mandate to operate its education system.
Devon
NoizIvy.org


On Thu, Mar 21, 2013 at 10:58 AM, Chris R Albon wrote:

>  As a political scientist: b.
> As a international relations guy: uh, okay.
>
> I am continually amazed that people continue to forget that STEM is
> embedded in a social, culture, economic, and yes, political context.
>
> Chris R. Albon
> ChrisRAlbon.com
>
> On Thursday, March 21, 2013 at 10:55 AM, Yosem Companys wrote:
>
> WASHINGTON, March 20, 2013 /PRNewswire-USNewswire/ -- The following is
> being released by the American Political Science 
> Association
> :
>
> (Logo: http://photos.prnewswire.com/prnh/20120604/DC18511LOGO-b )
>
> This afternoon, the United States Senate delivered a devastating blow to
> the integrity of the scientific process at the National Science Foundation
> (NSF) by voting for the Coburn Amendment to the Continuing Appropriations
> Act of 2013.
>
> Senator Coburn (R-OK) submitted an amendment (SA 65, as modified) to the
> Mikulski-Shelby Amendment (SA 26) to H.R. 933 (Full-Year Continuing
> Appropriations Act of 2013).  The amendment places unprecedented
> restriction on the national research agenda by declaring the political
> science study of democracy and public policy out of bounds.  The amendment
> allows only political science research that promotes "national security or
> the economic interests of the United States."
>
> Adoption of this amendment is a gross intrusion into the widely-respected,
> independent scholarly agenda setting process at NSF that has supported our
> world-class national science enterprise for over sixty years.
>
> The amendment creates an exceptionally dangerous slippery slope.  While
> political science research is most immediately affected, at risk is *any
> and all* research in *any and all* disciplines funded by the NSF.  The
> amendment makes all scientific research vulnerable to the whims of
> political pressure.
>
> Adoption of this amendment demonstrates a serious misunderstanding of the
> breadth and importance of political science research for the national
> interest and its integral place on the nation's interdisciplinary
> scientific research agenda.
>
> Singling out any one field of science is short-sighted and misguided, and
> poses a serious threat to the independence and integrity of the National
> Science Foundation.
>
> And shackling political science within the national science agenda is a
> remarkable embarrassment for the world's exemplary democracy.
>
> For the latest in political science research in the news, follow us on
> Facebook  and 
> Twitter
> .
>
> *About the American Political Science Association
> *Founded in 1903, the *American Political Science Association* 
> is
> the leading professional organization for the study of political science
> and serves more than 15,000 members in over 80 countries. With a range of
> programs and services for individuals, departments and institutions, APSA
> brings together political scientists from all fields of inquiry, regions,
> and occupational endeavors within and outside academe in order to expand
> awareness and understanding of politics.
>
> SOURCE American Political Science Association
>
>
> RELATED LINKS
> http://www.apsanet.org
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Disturbing

2013-03-21 Thread Chris R Albon
As a political scientist: b. 
As a international relations guy: uh, okay.

I am continually amazed that people continue to forget that STEM is embedded in 
a social, culture, economic, and yes, political context. 

Chris R. Albon
ChrisRAlbon.com (http://ChrisRAlbon.com)



On Thursday, March 21, 2013 at 10:55 AM, Yosem Companys wrote:

> 
> WASHINGTON, March 20, 2013 /PRNewswire-USNewswire/ -- The following is being 
> released by the American Political Science Association 
> (http://www.apsanet.org/index.cfm):
> 
> 
> (Logo: http://photos.prnewswire.com/prnh/20120604/DC18511LOGO-b )
> 
> 
> This afternoon, the United States Senate delivered a devastating blow to the 
> integrity of the scientific process at the National Science Foundation (NSF) 
> by voting for the Coburn Amendment to the Continuing Appropriations Act of 
> 2013.
> 
> 
> Senator Coburn (R-OK) submitted an amendment (SA 65, as modified) to the 
> Mikulski-Shelby Amendment (SA 26) to H.R. 933 (Full-Year Continuing 
> Appropriations Act of 2013).  The amendment places unprecedented restriction 
> on the national research agenda by declaring the political science study of 
> democracy and public policy out of bounds.  The amendment allows only 
> political science research that promotes "national security or the economic 
> interests of the United States." 
> 
> 
> Adoption of this amendment is a gross intrusion into the widely-respected, 
> independent scholarly agenda setting process at NSF that has supported our 
> world-class national science enterprise for over sixty years.
> 
> 
> The amendment creates an exceptionally dangerous slippery slope.  While 
> political science research is most immediately affected, at risk is any and 
> all research in any and all disciplines funded by the NSF.  The amendment 
> makes all scientific research vulnerable to the whims of political pressure. 
> 
> 
> Adoption of this amendment demonstrates a serious misunderstanding of the 
> breadth and importance of political science research for the national 
> interest and its integral place on the nation's interdisciplinary scientific 
> research agenda. 
> 
> 
> Singling out any one field of science is short-sighted and misguided, and 
> poses a serious threat to the independence and integrity of the National 
> Science Foundation.
> 
> 
> And shackling political science within the national science agenda is a 
> remarkable embarrassment for the world's exemplary democracy.
> 
> 
> For the latest in political science research in the news, follow us on 
> Facebook (https://www.facebook.com/PoliticalScienceNews) and Twitter 
> (http://twitter.com/PoliSciNews).  
> 
> 
> About the American Political Science Association
> Founded in 1903, the American Political Science Association  
> (http://www.apsanet.org/index.cfm)is the leading professional organization 
> for the study of political science and serves more than 15,000 members in 
> over 80 countries. With a range of programs and services for individuals, 
> departments and institutions, APSA brings together political scientists from 
> all fields of inquiry, regions, and occupational endeavors within and outside 
> academe in order to expand awareness and understanding of politics.
> 
> 
> 
> 
> 
> SOURCE American Political Science Association
> 
> 
> 
> RELATED LINKS
> http://www.apsanet.org (http://www.apsanet.org/) 
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
> 


--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Disturbing

2013-03-21 Thread Yosem Companys
WASHINGTON, March 20, 2013 /PRNewswire-USNewswire/ -- The following is
being released by the American Political Science
Association
:

(Logo: http://photos.prnewswire.com/prnh/20120604/DC18511LOGO-b )

This afternoon, the United States Senate delivered a devastating blow to
the integrity of the scientific process at the National Science Foundation
(NSF) by voting for the Coburn Amendment to the Continuing Appropriations
Act of 2013.

Senator Coburn (R-OK) submitted an amendment (SA 65, as modified) to the
Mikulski-Shelby Amendment (SA 26) to H.R. 933 (Full-Year Continuing
Appropriations Act of 2013).  The amendment places unprecedented
restriction on the national research agenda by declaring the political
science study of democracy and public policy out of bounds.  The amendment
allows only political science research that promotes "national security or
the economic interests of the United States."

Adoption of this amendment is a gross intrusion into the widely-respected,
independent scholarly agenda setting process at NSF that has supported our
world-class national science enterprise for over sixty years.

The amendment creates an exceptionally dangerous slippery slope.  While
political science research is most immediately affected, at risk is *any
and all* research in *any and all* disciplines funded by the NSF.  The
amendment makes all scientific research vulnerable to the whims of
political pressure.

Adoption of this amendment demonstrates a serious misunderstanding of the
breadth and importance of political science research for the national
interest and its integral place on the nation's interdisciplinary
scientific research agenda.

Singling out any one field of science is short-sighted and misguided, and
poses a serious threat to the independence and integrity of the National
Science Foundation.

And shackling political science within the national science agenda is a
remarkable embarrassment for the world's exemplary democracy.

For the latest in political science research in the news, follow us on
Facebook  and
Twitter
.

*About the American Political Science Association
*Founded in 1903, the *American Political Science Association*
is
the leading professional organization for the study of political science
and serves more than 15,000 members in over 80 countries. With a range of
programs and services for individuals, departments and institutions, APSA
brings together political scientists from all fields of inquiry, regions,
and occupational endeavors within and outside academe in order to expand
awareness and understanding of politics.

SOURCE American Political Science Association


RELATED LINKS
http://www.apsanet.org
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Mozilla Persona - Getting rid of passwords on the web

2013-03-21 Thread Petter Ericson
Greetings,

Though the video is very light on cryptographic background, it does do a
good job of introducing the Mozilla ideas for a password-free web
(except for your e-mail provider). Definitely worth watching, and
potentially implementing, imo:

http://pyvideo.org/video/1764

Best

/P

-- 
Petter Ericson (pett...@acc.umu.se)
Telecomix Sleeper Jellyfish
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Paul Bernal (LAW)
Well done!!

Sent from my iPhone

On 21 Mar 2013, at 14:10, "Nadim Kobeissi" 
mailto:na...@nadim.cc>> wrote:

We did it! Our Skype Open Letter worked!!!

*Pats self on back*


NK


On Thu, Mar 21, 2013 at 10:04 AM, James Losey 
mailto:lo...@newamerica.net>> wrote:
>From the blog post:
"As noted in the data table (available in the PDF below) in 2012, Microsoft and 
Skype received a total of 75,378 law enforcement requests. Those requests 
potentially impacted 137,424 accounts. While it is not possible to directly 
compare the number of requests to the number of users affected, it is likely 
that less than 0.02% of active users were affected. The data shows that, after 
a careful review of each request by our compliance teams, 18% of law 
enforcement requests to Microsoft resulted in the disclosure of no customer 
data. Approximately 79.8% of requests to Microsoft resulted in the disclosure 
of only non-content information, and only a small number of law enforcement 
requests (2.2%) resulted in the disclosure of customer content. To further 
explain the data, we have included Frequently Asked Questions and Answers 
below."

Report page: 
http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
Blog post: 
http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx
PDF: 
http://download.microsoft.com/download/F/3/8/F38AF681-EB3A-4645-A9C4-D4F31B8BA8F2/MSFT_Reporting_Data.pdf
NY Times: 
http://www.nytimes.com/2013/03/22/technology/microsoft-releases-report-on-law-enforcement-requests.html?pagewanted=all&_r=1&;



--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing 
your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing 
your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Joseph Lorenzo Hall
Two things seem particularly interesting: apparently zero requests for
content were fulfilled for Skype and the associated FAQ [1] says CALEA
(the US law that mandates intercept capability) does not apply to Skype.
That seems particularly encouraging to me.

The FAQ is also interesting in that the non-content question mentions
"location" but then only lists state, country and ZIP code as fields
provided (I don't know how MSFT would have access to precise
geolocation, but that doesn't appear to be something they provide). Also
the NSL reporting in the FAQ is binned in terms of thousands of NSLs...
so in 2009 they report receiving 0-999 NSLs and in 2010 1000-1999 NSLs
(hard to tell if that was just one more NSL or a bunch).

best, Joe

[1]
https://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/#FAQs1

On Thu Mar 21 10:07:16 2013, Nadim Kobeissi wrote:
> We did it! Our Skype Open Letter worked!!!
>
> *Pats self on back*
>
>
> NK
>
>
> On Thu, Mar 21, 2013 at 10:04 AM, James Losey  wrote:
>
>> From the blog post:
>>
>> "As noted in the data table (available in the PDF below) in 2012,
>> Microsoft and Skype received a total of 75,378 law enforcement requests.
>> Those requests potentially impacted 137,424 accounts. While it is not
>> possible to directly compare the number of requests to the number of users
>> affected, it is likely that less than 0.02% of active users were affected.
>> The data shows that, after a careful review of each request by our
>> compliance teams, 18% of law enforcement requests to Microsoft resulted in
>> the disclosure of no customer data. Approximately 79.8% of requests to
>> Microsoft resulted in the disclosure of only non-content information, and
>> only a small number of law enforcement requests (2.2%) resulted in the
>> disclosure of customer content. To further explain the data, we have
>> included Frequently Asked Questions and Answers below."
>>
>> Report page:
>> http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
>> Blog post:
>> http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx
>> PDF:
>> http://download.microsoft.com/download/F/3/8/F38AF681-EB3A-4645-A9C4-D4F31B8BA8F2/MSFT_Reporting_Data.pdf
>> NY Times:
>> http://www.nytimes.com/2013/03/22/technology/microsoft-releases-report-on-law-enforcement-requests.html?pagewanted=all&_r=1&;
>>
>>
>>
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>>
>>
>> We did it! Our Skype Open Letter worked!!!
>>
>> *Pats self on back*
>>
>>
>> NK
>>
>>
>> On Thu, Mar 21, 2013 at 10:04 AM, James Losey > > wrote:
>>
>> From the blog post: 
>>
>> "As noted in the data table (available in the PDF below) in
>> 2012, Microsoft and Skype received a total of 75,378 law
>> enforcement requests. Those requests potentially impacted
>> 137,424 accounts. While it is not possible to directly
>> compare the number of requests to the number of users
>> affected, it is likely that less than 0.02% of active users
>> were affected. The data shows that, after a careful review of
>> each request by our compliance teams, 18% of law enforcement
>> requests to Microsoft resulted in the disclosure of no
>> customer data. Approximately 79.8% of requests to Microsoft
>> resulted in the disclosure of only non-content information,
>> and only a small number of law enforcement requests (2.2%)
>> resulted in the disclosure of customer content. To further
>> explain the data, we have included Frequently Asked Questions
>> and Answers below."
>>
>> Report
>> page: 
>> http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
>> Blog
>> post: 
>> http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx
>> PDF: 
>> http://download.microsoft.com/download/F/3/8/F38AF681-EB3A-4645-A9C4-D4F31B8BA8F2/MSFT_Reporting_Data.pdf
>> NY
>> Times: 
>> http://www.nytimes.com/2013/03/22/technology/microsoft-releases-report-on-law-enforcement-requests.html?pagewanted=all&_r=1&;
>>
>>
>>
>> --
>> Too many emails? Unsubscribe, change to digest, or change
>> password by emailing moderator at compa...@stanford.edu
>>  or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>>
>>
>>
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by 
>> emailing moderator at compa...@stanford.edu or changing your settings at 
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
-- 
Joseph Lorenzo Hall
Senior 

Re: [liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread Nadim Kobeissi
We did it! Our Skype Open Letter worked!!!

*Pats self on back*


NK


On Thu, Mar 21, 2013 at 10:04 AM, James Losey  wrote:

> From the blog post:
>
> "As noted in the data table (available in the PDF below) in 2012,
> Microsoft and Skype received a total of 75,378 law enforcement requests.
> Those requests potentially impacted 137,424 accounts. While it is not
> possible to directly compare the number of requests to the number of users
> affected, it is likely that less than 0.02% of active users were affected.
> The data shows that, after a careful review of each request by our
> compliance teams, 18% of law enforcement requests to Microsoft resulted in
> the disclosure of no customer data. Approximately 79.8% of requests to
> Microsoft resulted in the disclosure of only non-content information, and
> only a small number of law enforcement requests (2.2%) resulted in the
> disclosure of customer content. To further explain the data, we have
> included Frequently Asked Questions and Answers below."
>
> Report page:
> http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
> Blog post:
> http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx
> PDF:
> http://download.microsoft.com/download/F/3/8/F38AF681-EB3A-4645-A9C4-D4F31B8BA8F2/MSFT_Reporting_Data.pdf
> NY Times:
> http://www.nytimes.com/2013/03/22/technology/microsoft-releases-report-on-law-enforcement-requests.html?pagewanted=all&_r=1&;
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Microsoft Releases 2012 Law Enforcement Requests Report

2013-03-21 Thread James Losey
>From the blog post:

"As noted in the data table (available in the PDF below) in 2012, Microsoft
and Skype received a total of 75,378 law enforcement requests. Those
requests potentially impacted 137,424 accounts. While it is not possible to
directly compare the number of requests to the number of users affected, it
is likely that less than 0.02% of active users were affected. The data
shows that, after a careful review of each request by our compliance teams,
18% of law enforcement requests to Microsoft resulted in the disclosure of
no customer data. Approximately 79.8% of requests to Microsoft resulted in
the disclosure of only non-content information, and only a small number of
law enforcement requests (2.2%) resulted in the disclosure of customer
content. To further explain the data, we have included Frequently Asked
Questions and Answers below."

Report page:
http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency/
Blog post:
http://blogs.technet.com/b/microsoft_on_the_issues/archive/2013/03/21/microsoft-releases-2012-law-enforcement-requests-report.aspx
PDF:
http://download.microsoft.com/download/F/3/8/F38AF681-EB3A-4645-A9C4-D4F31B8BA8F2/MSFT_Reporting_Data.pdf
NY Times:
http://www.nytimes.com/2013/03/22/technology/microsoft-releases-report-on-law-enforcement-requests.html?pagewanted=all&_r=1&;
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread elham gheytanchi
Reply to all. 
Sent on the Sprint® Now Network from my BlackBerry®

-Original Message-
From: Yosem Companys 
Date: Thu, 21 Mar 2013 01:17:39 
To: 
Subject: [liberationtech] Please Vote on "Reply to" Question


Dear Liberationtech list subscribers,


Several of you have petitioned to change Liberationtech mailing list's default 
"reply to" option from "reply-to-all" to "reply-to-poster."  Given the debate 
(see links below), we have decided to put the issue up for a vote: 

* Do you want replies to Liberationtech list messages directed to 
"reply-to-all" or "reply-to-poster"?  

Please vote by submitting your preference to me by 11.59 pm PST on Sunday, 
March 24, 2013.  Any votes received after this date and time will not be 
counted. 


Thanks,


Yosem
One of your moderators



PS  To read a summary of the advantages and disadvantages of "reply-to-all", 
click on the corresponding links below: 

* Reply-to-all considered useful: 
http://marc.merlins.org/netrants/reply-to-useful.html
* Reply-to-all considered harmful: 
http://www.unicom.com/pw/reply-to-harmful.html 

If you'd like to read the entire debate on the Liberationtech list, please 
click on the links below:


http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html 
http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Jillian C. York
reply to list/all.

On Thu, Mar 21, 2013 at 2:17 AM, Yosem Companys wrote:

> Dear Liberationtech list subscribers,
>
> Several of you have petitioned to change Liberationtech mailing list's
> default "reply to" option from "reply-to-all" to "reply-to-poster."  Given
> the debate (see links below), we have decided to put the issue up for a
> vote:
>
>- Do you want replies to Liberationtech list messages directed to
>"reply-to-all" or "reply-to-poster"?
>
> Please vote by submitting your preference to me by 11.59 pm PST on Sunday,
> March 24, 2013.  Any votes received after this date and time will not be
> counted.
>
> Thanks,
>
> Yosem
> One of your moderators
>
> PS  To read a summary of the advantages and disadvantages of
> "reply-to-all", click on the corresponding links below:
>
>- Reply-to-all considered useful:
>http://marc.merlins.org/netrants/reply-to-useful.html
>- Reply-to-all considered harmful:
>http://www.unicom.com/pw/reply-to-harmful.html
>
> If you'd like to read the entire debate on the Liberationtech list, please
> click on the links below:
>
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>



-- 
US: +1-857-891-4244 | NL: +31-657086088
site:  jilliancyork.com * | *
twitter: @jilliancyork* *

"We must not be afraid of dreaming the seemingly impossible if we want the
seemingly impossible to become a reality" - *Vaclav Havel*
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Sarah A. Downey
Reply to poster as default. Thanks.


On Thu, Mar 21, 2013 at 7:36 AM, Collin Sullivan wrote:

> I vote for reply-to-list as default.
>
>
> Yosem Companys:
> > Dear Liberationtech list subscribers,
> >
> > Several of you have petitioned to change Liberationtech mailing list's
> > default "reply to" option from "reply-to-all" to "reply-to-poster."
>  Given
> > the debate (see links below), we have decided to put the issue up for a
> > vote:
> >
> >- Do you want replies to Liberationtech list messages directed to
> >"reply-to-all" or "reply-to-poster"?
> >
> > Please vote by submitting your preference to me by 11.59 pm PST on
> Sunday,
> > March 24, 2013.  Any votes received after this date and time will not be
> > counted.
> >
> > Thanks,
> >
> > Yosem
> > One of your moderators
> >
> > PS  To read a summary of the advantages and disadvantages of
> > "reply-to-all", click on the corresponding links below:
> >
> >- Reply-to-all considered useful:
> >http://marc.merlins.org/netrants/reply-to-useful.html
> >- Reply-to-all considered harmful:
> >http://www.unicom.com/pw/reply-to-harmful.html
> >
> > If you'd like to read the entire debate on the Liberationtech list,
> please
> > click on the links below:
> >
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html
> >
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html
> >
> >
> >
> > --
> > Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> --
> Collin Sullivan
> Human Rights Program Associate
> Benetech Human Rights Program
>
> Email:  colli...@benetech.org
> GPG:0x78657D4D
> XMPP:   collin.sulli...@riseup.net
> OTR:A0946621 68E641FA 4DFBF9F0 10B20AA9 88601348
> 11C7957D 5A99DAF7 1D0DD4BC EE243287 943AD67A
>
> https://www.benetech.org - Technology Serving Humanity
> https://www.martus.org - Martus Human Rights Bulletin System
> https://www.hrdag.org - Human Rights Data Analysis Group
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>



-- 
*Sarah A. Downey*
Privacy Analyst  |  Attorney
Abine , Inc :  Online privacy
starts here.

Twitter:  @SarahADowney 
Office:  617.345.0024
Mobile: 860.717.7304
Skype: Sarah.Anne.Downey
Blogging on privacy at Abine.com/Blog
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Paul Bernal (LAW)
Reply to list, if possible.

Kind regards

Paul

Dr Paul Bernal
Lecturer
UEA Law School
University of East Anglia
Norwich Research Park
Norwich NR4 7TJ

email: paul.ber...@uea.ac.uk
Web: http://www.paulbernal.co.uk/
Blog: http://paulbernal.wordpress.com/
Twitter: @paulbernalUK

On 21 Mar 2013, at 12:36, Walid AL-SAQAF 
mailto:ad...@alkasir.com>>
 wrote:

reply-to-all

Sincerely,

Walid

-

Walid Al-Saqaf
Founder & Administrator
alkasir for mapping and circumventing cyber censorship
https://alkasir.com

PGP: https://alkasir.com/doc/admin_alkasir_pub_key.txt


On Thu, Mar 21, 2013 at 8:26 AM, Tom Ritter 
mailto:t...@ritter.vg>> wrote:

Reply to all

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing 
your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing 
your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread xek3149
Reply to all (reply to list)

() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Walid AL-SAQAF
reply-to-all

Sincerely,

Walid

-

Walid Al-Saqaf
Founder & Administrator
alkasir for mapping and circumventing cyber censorship
https://alkasir.com 

PGP: https://alkasir.com/doc/admin_alkasir_pub_key.txt


On Thu, Mar 21, 2013 at 8:26 AM, Tom Ritter  wrote:

> Reply to all
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Jacob Appelbaum
Yosem Companys:
> Dear Liberationtech list subscribers,
> 
> Several of you have petitioned to change Liberationtech mailing list's
> default "reply to" option from "reply-to-all" to "reply-to-poster."  Given
> the debate (see links below), we have decided to put the issue up for a
> vote:
> 
>- Do you want replies to Liberationtech list messages directed to
>"reply-to-all" or "reply-to-poster"?

reply-to-all or as one of my mail clients says 'reply-to-list' - it is
useful and it promotes a larger discussion. I find replies offlist to be
rude, sometimes annoying and rarely is such a reply beneficial for the
rest of the group.

All the best,
Jacob
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] skype

2013-03-21 Thread Jacob Appelbaum
Eric S Johnson:
> Dear LibTechers,
> 
>  
> 
> When Microsoft applied in 2009 for a patent on "recording agents" to surveil
> peer-to-peer communications, it was assumed they were talking about
> something they might implement in Skype.
> 

Perhaps.

> Skype in 2010 started rearchitecting its use of supernodes "to improve
> reliability."
> 

It is a matter of total control as much as anything, I think.

> MS stated in 2012 that the re-engineering is "to improve the user
> experience."
> 
> The recent report in the Russian media that MS can trigger individual users'
> Skype instances to establish session-specific encryption key exchange not
> with "the other end" but with intermediate nodes (thus making possible
> inline surveillance of Skype communications-presumably VoIP, since MS
> already stores Skype IM sessions "for 30 days")-dovetails nicely with
> suspicions that MS is making (or has made) Skype lawful-intercept-friendly.
> 

I believe that Skype has been interception friendly in various meanings
of the phrase for quite some time, if not always.

>  
> 
> But wouldn't the above evolution require changes in the Skype client, too?
> Does anyone know of any work to identify whether it's possible to say "if
> you keep your Skype client below version 4.4 [for instance], any newer
> capability to remotely trigger individually-targeted
> surveillance-by-intermediate-node isn't (as) there"?
> 


No, I don't think so.

As a side note, older versions of Skype have the added benefit of being
targets for attack that will allow someone to use it as a malware vector.

All the best,
Jacob
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] skype

2013-03-21 Thread Louis Suárez-Potts

On 13-03-21, at 06:58 , Andreas Bader  wrote:

> Louis Suárez-Potts:
>> One is tempted to suggest using other than Skype. Alternatives exist, and 
>> these are secure, at least according to their claims. As well, Skype's code 
>> is not transparent, in the way that other, open source, applications' are. 
>> 
>> louis
> 
> What alternative do you exactly mean?
> I know some of them running under Linux, but I rarely know people using
> them.

I was pointed to: 
http://wiki.ictd.asia/Secure_VoIP_Discussion_and_Tips

It's a pretty good page and I thank the suggester! 

BTW, the issue that Eric mentioned to me off list was that, of course, even 
though everyone knows it's probably imperfect, and lack of certain knowledge 
leads to the anxiety of imperfection, we all still use it. 

When I worked for large corporations, the policy was not to use it, regardless 
of whatever security provisions were tacked on (for one, we used OTR). No way 
to scrutinize proprietary works. Oddly, telephone was preferred! (Perhaps b/c 
the anxiety was related to enduser recordings….) What I personally used to use, 
and still do, on occasion, is SIP, in particular, SIIP+ZRTP. It's not even a 
pain to use. But if one is doing journalism (or any other kind of communication 
where there are constraints, exigencies), then we're back with Skype. It's not 
bad. It's just not as verifiably not-bad as one would like.

-louis

> 
>> On 13-03-20, at 22:39 , "Eric S Johnson"  wrote:
>> 
>>> Dear LibTechers,
>>> 
>>> When Microsoft applied in 2009 for a patent on “recording agents” to 
>>> surveil peer-to-peer communications, it was assumed they were talking about 
>>> something they might implement in Skype.
>>> Skype in 2010 started rearchitecting its use of supernodes “to improve 
>>> reliability.”
>>> MS stated in 2012 that the re-engineering is “to improve the user 
>>> experience.”
>>> The recent report in the Russian media that MS can trigger individual 
>>> users’ Skype instances to establish session-specific encryption key 
>>> exchange not with “the other end” but with intermediate nodes (thus making 
>>> possible inline surveillance of Skype communications—presumably VoIP, since 
>>> MS already stores Skype IM sessions “for 30 days”)—dovetails nicely with 
>>> suspicions that MS is making (or has made) Skype lawful-intercept-friendly.
>>> 
>>> But wouldn’t the above evolution require changes in the Skype client, too? 
>>> Does anyone know of any work to identify whether it’s possible to say “if 
>>> you keep your Skype client below version 4.4 [for instance], any newer 
>>> capability to remotely trigger individually-targeted 
>>> surveillance-by-intermediate-node isn’t (as) there”?
>>> 
>>> Best,
>>> Eric
> 
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Tom Ritter
Reply to all
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Bill Best
I vote for reply-to-all.

Regards

Bill Best
-- 
Community Media Association
http://www.commedia.org.uk/
http://twitter.com/community_media
http://www.facebook.com/CommunityMediaAssociation

On 21 March 2013 01:17, Yosem Companys  wrote:
> Dear Liberationtech list subscribers,
>
> Several of you have petitioned to change Liberationtech mailing list's
> default "reply to" option from "reply-to-all" to "reply-to-poster."  Given
> the debate (see links below), we have decided to put the issue up for a
> vote:
>
> Do you want replies to Liberationtech list messages directed to
> "reply-to-all" or "reply-to-poster"?
>
> Please vote by submitting your preference to me by 11.59 pm PST on Sunday,
> March 24, 2013.  Any votes received after this date and time will not be
> counted.
>
> Thanks,
>
> Yosem
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread lilo
On 21/03/2013 12:36, Collin Sullivan wrote:
> I vote for reply-to-list as default.

reply-to-all


> Yosem Companys:
>> Dear Liberationtech list subscribers,
>>
>> Several of you have petitioned to change Liberationtech mailing list's
>> default "reply to" option from "reply-to-all" to "reply-to-poster."  Given

-- 
lilo
http://wiki.debian.org/LILO

-Da grande faro' il cattivo esempio, questo e' uno stage formativo-
bit in rebels
GnuPG/PGP Key-Id: 0x5D172559
FINGERPRINT: AB62 DC0E 3CB3 2B83 6333 5DF4 9674 A4B3 5D17 2559
server: pgp.mit.edu


--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Collin Sullivan
I vote for reply-to-list as default.


Yosem Companys:
> Dear Liberationtech list subscribers,
>
> Several of you have petitioned to change Liberationtech mailing list's
> default "reply to" option from "reply-to-all" to "reply-to-poster."  Given
> the debate (see links below), we have decided to put the issue up for a
> vote:
>
>- Do you want replies to Liberationtech list messages directed to
>"reply-to-all" or "reply-to-poster"?
>
> Please vote by submitting your preference to me by 11.59 pm PST on Sunday,
> March 24, 2013.  Any votes received after this date and time will not be
> counted.
>
> Thanks,
>
> Yosem
> One of your moderators
>
> PS  To read a summary of the advantages and disadvantages of
> "reply-to-all", click on the corresponding links below:
>
>- Reply-to-all considered useful:
>http://marc.merlins.org/netrants/reply-to-useful.html
>- Reply-to-all considered harmful:
>http://www.unicom.com/pw/reply-to-harmful.html
>
> If you'd like to read the entire debate on the Liberationtech list, please
> click on the links below:
>
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech

-- 
Collin Sullivan
Human Rights Program Associate
Benetech Human Rights Program

Email:  colli...@benetech.org
GPG:0x78657D4D
XMPP:   collin.sulli...@riseup.net
OTR:A0946621 68E641FA 4DFBF9F0 10B20AA9 88601348
11C7957D 5A99DAF7 1D0DD4BC EE243287 943AD67A

https://www.benetech.org - Technology Serving Humanity
https://www.martus.org - Martus Human Rights Bulletin System
https://www.hrdag.org - Human Rights Data Analysis Group


--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] skype

2013-03-21 Thread Andreas Bader
Louis Suárez-Potts:
> One is tempted to suggest using other than Skype. Alternatives exist, and 
> these are secure, at least according to their claims. As well, Skype's code 
> is not transparent, in the way that other, open source, applications' are. 
> 
> louis

What alternative do you exactly mean?
I know some of them running under Linux, but I rarely know people using
them.

> On 13-03-20, at 22:39 , "Eric S Johnson"  wrote:
> 
>> Dear LibTechers,
>>  
>> When Microsoft applied in 2009 for a patent on “recording agents” to surveil 
>> peer-to-peer communications, it was assumed they were talking about 
>> something they might implement in Skype.
>> Skype in 2010 started rearchitecting its use of supernodes “to improve 
>> reliability.”
>> MS stated in 2012 that the re-engineering is “to improve the user 
>> experience.”
>> The recent report in the Russian media that MS can trigger individual users’ 
>> Skype instances to establish session-specific encryption key exchange not 
>> with “the other end” but with intermediate nodes (thus making possible 
>> inline surveillance of Skype communications—presumably VoIP, since MS 
>> already stores Skype IM sessions “for 30 days”)—dovetails nicely with 
>> suspicions that MS is making (or has made) Skype lawful-intercept-friendly.
>>  
>> But wouldn’t the above evolution require changes in the Skype client, too? 
>> Does anyone know of any work to identify whether it’s possible to say “if 
>> you keep your Skype client below version 4.4 [for instance], any newer 
>> capability to remotely trigger individually-targeted 
>> surveillance-by-intermediate-node isn’t (as) there”?
>>  
>> Best,
>> Eric

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Guilherme Andrade
Reply-to-poster.


Cheers,

On 21/03/13 01:17 , Yosem Companys wrote:
> Dear Liberationtech list subscribers,
>
> Several of you have petitioned to change Liberationtech mailing list's
> default "reply to" option from "reply-to-all" to "reply-to-poster."
>  Given the debate (see links below), we have decided to put the issue
> up for a vote:
>
>   * Do you want replies to Liberationtech list messages directed to
> "reply-to-all" or "reply-to-poster"?  
>
> Please vote by submitting your preference to me by 11.59 pm PST
> on Sunday, March 24, 2013.  Any votes received after this date and
> time will not be counted.
>
> Thanks,
>
> Yosem
> One of your moderators
>
> PS  To read a summary of the advantages and disadvantages of
> "reply-to-all", click on the corresponding links below:
>
>   * Reply-to-all considered
> useful: http://marc.merlins.org/netrants/reply-to-useful.html
>   * Reply-to-all considered
> harmful: http://www.unicom.com/pw/reply-to-harmful.html
>
> If you'd like to read the entire debate on the Liberationtech list,
> please click on the links below:
>
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03767.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03768.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03769.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03771.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03772.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03773.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03774.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03775.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03776.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03777.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03778.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03779.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03780.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03781.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03782.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03783.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03788.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03789.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03790.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03791.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03799.html
> http://www.mail-archive.com/liberationtech@lists.stanford.edu/msg03801.html
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech

-- 
Guilherme Andrade


--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Amin Sabeti
I'd like reply-to-all

On 21 March 2013 09:10, Guido Witmond  wrote:

> Dear Yosem,
>
> I vote for reply-to-poster.
>
> Your message really points out the problem: You ask us to connect to you,
> however, the reply button replies to the list.
>
>
> My 2cts. Guido Witmond.
>
>
>
>
> On 03/21/2013 02:17 AM, Yosem Companys wrote:
>
>> Dear Liberationtech list subscribers,
>>
>> Several of you have petitioned to change Liberationtech mailing list's
>> default "reply to" option from "reply-to-all" to "reply-to-poster."
>>   Given the debate (see links below), we have decided to put the issue
>> up for a vote:
>>
>>   * Do you want replies to Liberationtech list messages directed to
>> "reply-to-all" or "reply-to-poster"?
>>
>>
>  --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/**mailman/listinfo/**liberationtech
>>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/**mailman/listinfo/**liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Please Vote on "Reply to" Question

2013-03-21 Thread Guido Witmond

Dear Yosem,

I vote for reply-to-poster.

Your message really points out the problem: You ask us to connect to 
you, however, the reply button replies to the list.



My 2cts. Guido Witmond.



On 03/21/2013 02:17 AM, Yosem Companys wrote:

Dear Liberationtech list subscribers,

Several of you have petitioned to change Liberationtech mailing list's
default "reply to" option from "reply-to-all" to "reply-to-poster."
  Given the debate (see links below), we have decided to put the issue
up for a vote:

  * Do you want replies to Liberationtech list messages directed to
"reply-to-all" or "reply-to-poster"?




--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech


--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech