Re: [liberationtech] Skype interception - Project Chess
Nathan, You've probably explained this before, but what is the difference between OSTN and RedPhone? Thanks. -Richard On 06/21/2013 10:30 AM, Nathan of Guardian wrote: On 06/20/2013 10:08 AM, Jacob Appelbaum wrote: To the Skype promoters, apologists and deniers - I encourage you to start using, and improving Jitsi - it needs a lot of love but it at least has a chance of being secure, whereas Skype is beyond repair. I also want to add to this, that in order to use Jitsi, you need a trustworthy, privacy-oriented SIP service provider [0], to go with it. This means someone that doesn't keep logs, doesn't require real name registration, defaults to secure, and that also offers features to help defend against traffic analysis and mass metadata gathering [1]. This is exactly what we have been working on at Guardian Project with our Open Secure Telephony Network [2] project and our public beta/testbed service at OStel.co. The base service platform we are using is Kamailio [3], which is a project that should be as equally supported as Jitsi. Ultimately, our goal is not to replace one single service with another single service, but rather to enable every user, organization, NGO, collective, cooperative, etc to run their own service, or at least have a variety of hosted service operators that run at a known quality and standard for privacy-oriented voice and video communications. +n [0] OSTel privacy policy https://ostel.co/privacy [1] more technical discussion here about our approach compared to a typical voice operator: https://guardianproject.info/2013/06/12/carrier-grade-verizon-and-the-nsa/ [2] OSTN/OStel source https://github.com/guardianproject/OSTel [3] Kamailio - Open Source SIP Server - http://www.kamailio.org/ -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- === R. R. Brooks Associate Professor Holcombe Department of Electrical and Computer Engineering Clemson University 313-C Riggs Hall PO Box 340915 Clemson, SC 29634-0915 USA Tel. 864-656-0920 Fax. 864-656-5910 email: r...@acm.org web: http://www.clemson.edu/~rrb -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype interception - Project Chess
+1 Nathan. Jitsi is great, but does need more love and attention from developers to be a real contender. Skype got its foot hold on various communities because it's useful, usable, and has (had?) an under-educated user base. The ongoing debate about their terrible security practices will likely lead to a small minority of their users jumping ship. What happens when one company totally dominates its sector in this way? How can we effectively fight against them? We need to come up with better strategies for convincing people to opt out of ubiquitous surveillance. At this point, it's still really easy for people to justify bad security decisions by drawing a distinction between themselves and paranoid security types. For people who are already convinced, the learning curve is pretty steep, this is true, but there is a legion of people out there who still think they aren't affected at all by this sort of revelation. We need to change that. ¿Griffin? -- Typing on a phone, please excuse fatfingers and grammatical errors. On Jun 21, 2013 10:31 AM, Nathan of Guardian nat...@guardianproject.info wrote: On 06/20/2013 10:08 AM, Jacob Appelbaum wrote: To the Skype promoters, apologists and deniers - I encourage you to start using, and improving Jitsi - it needs a lot of love but it at least has a chance of being secure, whereas Skype is beyond repair. I also want to add to this, that in order to use Jitsi, you need a trustworthy, privacy-oriented SIP service provider [0], to go with it. This means someone that doesn't keep logs, doesn't require real name registration, defaults to secure, and that also offers features to help defend against traffic analysis and mass metadata gathering [1]. This is exactly what we have been working on at Guardian Project with our Open Secure Telephony Network [2] project and our public beta/testbed service at OStel.co. The base service platform we are using is Kamailio [3], which is a project that should be as equally supported as Jitsi. Ultimately, our goal is not to replace one single service with another single service, but rather to enable every user, organization, NGO, collective, cooperative, etc to run their own service, or at least have a variety of hosted service operators that run at a known quality and standard for privacy-oriented voice and video communications. +n -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 03/30/2013 11:04 AM, Rich Kulawiec wrote: Microsoft, like many corporations, employs professional spokesliars who are very, very good at crafting wording that can be defended (should it come to that) but which doesn't present the truth in a straightforward fashion. That's their JOB. After all: anyone there could tell the truth -- it's not hard. But it takes a trained and practiced professional to evade it, obscure it, conceal it, dance around it in convincing fashion -- and even use it in limited ways when it serves the purpose. *** Too long for a tweet; awesome prose! That said, though, even if I'm right on all those points, that's not going to stop people from using it. And that's where *you're* right: I wish you weren't, but you are, and I don't know how to fix that situation. *** I don't know either, but Jitsi provides such a good alternative to Skype that the only blocking feature is the social network: when people using skype intensively decide to switch to Jitsi (or other SIP-compatible clients), it's done. Is it merely a matter of marketing and network effect? Is it a matter of promoting SIP services at ISP level? How to beat the inertia of a bad habit? == hk -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJRV4HxAAoJEDhjYTkcokoTjLwP/2KPgacaKxSWQc7JdxucMp33 crr49jj9Tz4Xd8LUASwZo+gjKRZezv6K8+ijyMHpjKS2n1noVGZzeOA3Oi/6jVm4 mWCzGwVlLeXpcrBtyo7RSRvMFD3ys+Cx1npW0fp0Kl6A49zKku8VVPXs9SLWU3i/ yQ41jKfFscgzDSrX+QwOEN1TnJIbCJ3SY3vQo1Ne/1XlNUBpCXSH4soNjr7iQoXL kDSyQVRtk4iaF7DDA3PmQrd827xgtb5/nz4UdiptZgLgVhpJZ1/Ar7cZ/aDCs44k GPfwILiiGbRZA3UtWn+A/aG12MKxxxJ+LRaaz1Vxa/XBNgPkO5a8Oyp2SGUTerlR QOq09j9436LKDClQszFnW7uUAPogsx0WuhCHeujoObRquW0oN/UmY7qqMcw+lkVJ Fjl65D5jgUhOQQoWgv3xe2NAC0bEokVZbqGx60HVKy4Zbe6Yc/gsxEX3ceRVSV+/ /sKPI74Qm/BIo4h0F9PWl9fMxiz68RrhTjbynybS89KFJGBwcscNIW060wDNYIMS RsWHfql+IGMCwLr20GHVNq02sIhB5vAiagaIboKOg3bPaVnqsKWRxwQRjV52yuPE KLVXxhi8IgDq8IAnvYtdrIQeN0qT+xMwJ0mTPynZGpRNoieJ/hqUZaZoIcMcTcEv x8Cwgy4s9Cjr3uDlJOAI =IWPk -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 03/30/2013 07:23 PM, hellekin wrote: That said, though, even if I'm right on all those points, that's not going to stop people from using it. And that's where *you're* right: I wish you weren't, but you are, and I don't know how to fix that situation. *** I don't know either, but Jitsi provides such a good alternative to Skype that the only blocking feature is the social network: when people using skype intensively decide to switch to Jitsi (or other SIP-compatible clients), it's done. Is it merely a matter of marketing and network effect? Is it a matter of promoting SIP services at ISP level? How to beat the inertia of a bad habit? Honestly, I don't think it's just a bad habit. It's apathy. Most people don't really *care* if Microsoft or law enforcement listens in or intercepts their communications. They've bought into the whole 'If they're monitoring people, then those people must be doing something wrong' and 'I have nothing to hide, why would I care?' mindsets. I think the first step is to educate people as to why they should even care. The next is to offer them a viable solution like Jitsi. Anthony -BEGIN PGP SIGNATURE- Comment: Need my public key? http://bit.ly/Y91VgY iQIcBAEBCgAGBQJRV4RSAAoJEAKK33RTsEsVCtQP/iECKyvJjtZqWgO1647UW+BB YTJfU6AmK9FQ7736Y8ELGjPs4OHYM2hqqbzRKaeFJwo1VmmAqZMSOXKrfUTSBWKM kajB6z7tUOQLQXJBkvf990VDuH1RFxrejxB9BlQ91N3d/IjdxhbrVksep52JmYkZ rKP92fQe1m9uX9ctFS4BH/Tu/OfgWAzWWCjsGS7CnSDNLXqrbmM+KF6WSpr+bMer +sTXRFP/vcKttxYwlcGKX4qDBI8QQU7wM72HiqiWPtNgBQOFxn9hd28UKZOg1A68 YIgHFSUqNBrPtLwIjBmFZJjEl/EaQhHC2W1Tq8rOC/EIFYBvF5diaNqnIxYD6ZX3 lDyfcAMJ/c/C2+12QvTcB60276Rj8+4N8lyNiDtN7ArZlIq8UWWs/NGORCi5yKIH BiXMJXG02t3lxpoTMG853zpOCqNzdLs0Ok6HnECQlPkZwq2mw7BXG1jfPpnF2wy7 HE9Wd5YvkvPVPGduCs1TSQdYErKZs+dFfzedAjfEOrVNDl1EB/VoLJF51IzH7PXj GozRmOgJ3A5r+YrZen8uwVYn9vIziVzinlogA8ZguBJgaknGXdM/17AGP2UFl9Gq sDS7HxbsSsr8BHEJrFhy29C6ODtf6WMPpmhIURsGFluFVeGgE7wqxPlPUdYZeXkE LZoMM8pfbLYYNLez+WoZ =mFtQ -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 03/22/2013 05:23 AM, Joseph Lorenzo Hall wrote: On 3/21/13 9:36 PM, Michael Carbone wrote: Anyone looked into the reports that Skype leaks your IP address? Apparently you do not have to interact with the person whose location you are interested in to be able to get their IP address. I think this is (still) the vulnerability Kieth Ross and his team at NYU-Poly found a few years ago... last I talked to him this particular flaw was still exploitable and hadn't been fixed: That is definitely true. Basically, you can get the IP address the account last logged in from. Do a search for 'Skype Resolver' and you'll find a bunch of services that do this. Here's one: http://www.anonware.net/index.php?page=resolver Put in the Skype username. If it fails, try again as it sometimes messes up the first time. Apparently, Microsoft has not fixed this yet. Anthony -BEGIN PGP SIGNATURE- Comment: Need my public key? http://bit.ly/Y91VgY iQIcBAEBCgAGBQJRTK3yAAoJEAKK33RTsEsVxNQP/RnhumLDw4j8+bfRzdvxvZty ypaPyhpbaDEqBK5SYugU4P5XBTNN129nFa2hOagsOg9yCOaj/EoBxKQCo5AiWpHY t6zX0+9MjwBTZnKFuhNnvtC/bHhdDwR2GdQOnkF8hUHYKJVD810QlhKb7SPYN0hd uz16a0bLPoErVRBnI9yBDwsLCyPNeodPD36Sf7ixq+JifYeGLJUaob0WmLd0U/bi tUhpYohbwfC/lN+3HWSdrjkPW+6mtoAGYe67qWBY4Jv+scnLGZB7f26FJDcQHPRP Gh0/IzLyfCYhrXt7stnP3pK6Jbf+5PrWqqmGQQclj8ECkc8nH9hoUqkLHgSXDVIR +8m3FD9c3btAJXOfuL9dnLOZfO32Pe41ZpvQkIC7Suyde0wq+OjEVjluzEcQTETO fsnUaEln/BuQ7ojE/ByMZ5K0P+u7PlN8fRz0ajhMbe4LKXtMmnQffFu96dW5Ejig 1i0ohxQfFLW+Wdsa/tjKvgwl9OkVfPEkZjSxV6YWRTYaek6hkheARQayn2MJ/XVs tguLuGut6OHwHGsMeTTHvsvaPHuy4m4mHqIKWMOBHyaJqfX3WItWJti91SHjOJN4 Zq1TKJFujmNcGIYx4RFtmEFZlXDGl/uJxkfAK5pES7cOoQpnOK3RrpyA/msTvHYw f2LSx8TXSdkgHuwpwHVU =zsvv -END PGP SIGNATURE- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
Anthony Papillion: On 03/22/2013 05:23 AM, Joseph Lorenzo Hall wrote: On 3/21/13 9:36 PM, Michael Carbone wrote: Anyone looked into the reports that Skype leaks your IP address? Apparently you do not have to interact with the person whose location you are interested in to be able to get their IP address. I think this is (still) the vulnerability Kieth Ross and his team at NYU-Poly found a few years ago... last I talked to him this particular flaw was still exploitable and hadn't been fixed: That is definitely true. Basically, you can get the IP address the account last logged in from. Do a search for 'Skype Resolver' and you'll find a bunch of services that do this. Here's one: http://www.anonware.net/index.php?page=resolver Put in the Skype username. If it fails, try again as it sometimes messes up the first time. Apparently, Microsoft has not fixed this yet. Is this the same Script Kiddie Hack that was available for IQC a few years ago? Don't you think that will solve itself? Andreas -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On 03/22/2013 02:21 PM, Andreas Bader wrote: Anthony Papillion: On 03/22/2013 05:23 AM, Joseph Lorenzo Hall wrote: On 3/21/13 9:36 PM, Michael Carbone wrote: Anyone looked into the reports that Skype leaks your IP address? Apparently you do not have to interact with the person whose location you are interested in to be able to get their IP address. I think this is (still) the vulnerability Kieth Ross and his team at NYU-Poly found a few years ago... last I talked to him this particular flaw was still exploitable and hadn't been fixed: That is definitely true. Basically, you can get the IP address the account last logged in from. Do a search for 'Skype Resolver' and you'll find a bunch of services that do this. Here's one: http://www.anonware.net/index.php?page=resolver Put in the Skype username. If it fails, try again as it sometimes messes up the first time. Apparently, Microsoft has not fixed this yet. Is this the same Script Kiddie Hack that was available for IQC a few years ago? Don't you think that will solve itself? Possibly. I've not read up on the details of it yet. But, regardless, it does show that Skype leaks information that could be used in an attack. How did it solve itself with ICQ? Anthony -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
Anthony Papillion: On 03/22/2013 02:21 PM, Andreas Bader wrote: Anthony Papillion: On 03/22/2013 05:23 AM, Joseph Lorenzo Hall wrote: On 3/21/13 9:36 PM, Michael Carbone wrote: Anyone looked into the reports that Skype leaks your IP address? Apparently you do not have to interact with the person whose location you are interested in to be able to get their IP address. I think this is (still) the vulnerability Kieth Ross and his team at NYU-Poly found a few years ago... last I talked to him this particular flaw was still exploitable and hadn't been fixed: That is definitely true. Basically, you can get the IP address the account last logged in from. Do a search for 'Skype Resolver' and you'll find a bunch of services that do this. Here's one: http://www.anonware.net/index.php?page=resolver Put in the Skype username. If it fails, try again as it sometimes messes up the first time. Apparently, Microsoft has not fixed this yet. Is this the same Script Kiddie Hack that was available for IQC a few years ago? Don't you think that will solve itself? Possibly. I've not read up on the details of it yet. But, regardless, it does show that Skype leaks information that could be used in an attack. How did it solve itself with ICQ? I will say it in an easy way: ICQ realized that they fucked up and fixed it. Don't know how, but they got it. But that happened 3 or 4 years before now. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On 03/22/2013 02:34 PM, Andreas Bader wrote: Is this the same Script Kiddie Hack that was available for IQC a few years ago? Don't you think that will solve itself? Possibly. I've not read up on the details of it yet. But, regardless, it does show that Skype leaks information that could be used in an attack. How did it solve itself with ICQ? I will say it in an easy way: ICQ realized that they fucked up and fixed it. Don't know how, but they got it. But that happened 3 or 4 years before now. Well, I certainly hope Microsoft realizes they 'fucked up' and follows ICQ's lead. We'll see, I suppose. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On 3/22/13 3:21 PM, Andreas Bader wrote: Is this the same Script Kiddie Hack that was available for IQC a few years ago? Don't you think that will solve itself? Not familiar with that hack... This one essentially omits a few steps of the Skype client handshake and the IP address is sent to the attacker without any notice to the target Skype user. This is one reason I only keep skype on when I'm using it and then make sure VPN before launching it. best, Joe -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On 03/22/2013 03:25 PM, Joseph Lorenzo Hall wrote: On 3/22/13 3:21 PM, Andreas Bader wrote: Is this the same Script Kiddie Hack that was available for IQC a few years ago? Don't you think that will solve itself? Not familiar with that hack... This one essentially omits a few steps of the Skype client handshake and the IP address is sent to the attacker without any notice to the target Skype user. This is one reason I only keep skype on when I'm using it and then make sure VPN before launching it. One thing to note is that this 'hack' gives the *last* IP that the user logged in from (which, of course, might be the current IP if the user is currently logged in). The user doesn't have to be logged in for it to work. I just resolved mine and it gave me my IP address but I haven't been logged on in two days. Anthony -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
Anthony Papillion: On 03/22/2013 03:25 PM, Joseph Lorenzo Hall wrote: On 3/22/13 3:21 PM, Andreas Bader wrote: Is this the same Script Kiddie Hack that was available for IQC a few years ago? Don't you think that will solve itself? Not familiar with that hack... This one essentially omits a few steps of the Skype client handshake and the IP address is sent to the attacker without any notice to the target Skype user. This is one reason I only keep skype on when I'm using it and then make sure VPN before launching it. One thing to note is that this 'hack' gives the *last* IP that the user logged in from (which, of course, might be the current IP if the user is currently logged in). The user doesn't have to be logged in for it to work. I just resolved mine and it gave me my IP address but I haven't been logged on in two days. Anthony -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech Here in Europe IPs mostly change every 24h. Some need more time. If you are quick enough the IP change is no problem. Andreas -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On 03/22/2013 04:03 PM, Andreas Bader wrote: Here in Europe IPs mostly change every 24h. Some need more time. If you are quick enough the IP change is no problem. ISP's usually store the IP's they have assigned to customers for a certain period of time. Even if your IP changes, there is an entry in a database somewhere that notes what your IP was. At the very least, knowing your IP denotes what ISP you're on and (depending on how large your ISP is) your locale. I'm not trying to argue with you here. I just think it's a pretty big deal that *anyone* can get your IP. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
Louis Suárez-Potts: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. louis What alternative do you exactly mean? I know some of them running under Linux, but I rarely know people using them. On 13-03-20, at 22:39 , Eric S Johnson cra...@oneotaslopes.org wrote: Dear LibTechers, When Microsoft applied in 2009 for a patent on “recording agents” to surveil peer-to-peer communications, it was assumed they were talking about something they might implement in Skype. Skype in 2010 started rearchitecting its use of supernodes “to improve reliability.” MS stated in 2012 that the re-engineering is “to improve the user experience.” The recent report in the Russian media that MS can trigger individual users’ Skype instances to establish session-specific encryption key exchange not with “the other end” but with intermediate nodes (thus making possible inline surveillance of Skype communications—presumably VoIP, since MS already stores Skype IM sessions “for 30 days”)—dovetails nicely with suspicions that MS is making (or has made) Skype lawful-intercept-friendly. But wouldn’t the above evolution require changes in the Skype client, too? Does anyone know of any work to identify whether it’s possible to say “if you keep your Skype client below version 4.4 [for instance], any newer capability to remotely trigger individually-targeted surveillance-by-intermediate-node isn’t (as) there”? Best, Eric -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On 13-03-21, at 06:58 , Andreas Bader andreas.ba...@nachtpult.de wrote: Louis Suárez-Potts: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. louis What alternative do you exactly mean? I know some of them running under Linux, but I rarely know people using them. I was pointed to: http://wiki.ictd.asia/Secure_VoIP_Discussion_and_Tips It's a pretty good page and I thank the suggester! BTW, the issue that Eric mentioned to me off list was that, of course, even though everyone knows it's probably imperfect, and lack of certain knowledge leads to the anxiety of imperfection, we all still use it. When I worked for large corporations, the policy was not to use it, regardless of whatever security provisions were tacked on (for one, we used OTR). No way to scrutinize proprietary works. Oddly, telephone was preferred! (Perhaps b/c the anxiety was related to enduser recordings….) What I personally used to use, and still do, on occasion, is SIP, in particular, SIIP+ZRTP. It's not even a pain to use. But if one is doing journalism (or any other kind of communication where there are constraints, exigencies), then we're back with Skype. It's not bad. It's just not as verifiably not-bad as one would like. -louis On 13-03-20, at 22:39 , Eric S Johnson cra...@oneotaslopes.org wrote: Dear LibTechers, When Microsoft applied in 2009 for a patent on “recording agents” to surveil peer-to-peer communications, it was assumed they were talking about something they might implement in Skype. Skype in 2010 started rearchitecting its use of supernodes “to improve reliability.” MS stated in 2012 that the re-engineering is “to improve the user experience.” The recent report in the Russian media that MS can trigger individual users’ Skype instances to establish session-specific encryption key exchange not with “the other end” but with intermediate nodes (thus making possible inline surveillance of Skype communications—presumably VoIP, since MS already stores Skype IM sessions “for 30 days”)—dovetails nicely with suspicions that MS is making (or has made) Skype lawful-intercept-friendly. But wouldn’t the above evolution require changes in the Skype client, too? Does anyone know of any work to identify whether it’s possible to say “if you keep your Skype client below version 4.4 [for instance], any newer capability to remotely trigger individually-targeted surveillance-by-intermediate-node isn’t (as) there”? Best, Eric -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On 03/21/2013 05:58 AM, Andreas Bader wrote: Louis Suárez-Potts: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. louis What alternative do you exactly mean? I know some of them running under Linux, but I rarely know people using them. Take a look at Jitsi (it used to be SIP Communicator). Multiprotocol and allows you to encrypt voice and video chat. Completely cross platform. www.jitsi.org Anthony -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. I'm more than tempted: I can't understand why anyone would even consider using Skype. It's closed-source, therefore it must be presumed insecure. Nothing Microsoft says about it can be trusted. There is reason to believe that it's been successfully attacked by third parties. etc. I dunno 'bout y'all, but I think that's enough to blacklist it permanently. Done. Over. Next? ---rsk -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
Rich, that's because you're not thinking like the average non-technical user, who usually does the following: The user hears from a friend that she can make calls for free over Skype. So she clicks on the Skype link. Skype has millions of users, meaning it will be around for a while. The Skype website looks visually attractive, meaning that it must have a lot of developers. More recently, it is owned by Microsoft, which the user trusts for similar reasons. Most large, stable, visually-striking brands can be trusted, the user thinks. She doesn't think for she doesn't know that Microsoft has been attacked a lot. Now, the user installs Skype. She clicks through a few steps, easy enough. That's a low barrier to adoption. Next, the user sees all their family and friends on there. Great, she thinks. Now I can call that friend who told me to install it. After that, the user reads in a news article that Skype is insecure. That sucks, she thinks. But it's not like I do anything confidential on there anyway. Or, perhaps, she thinks, I haven't done anything wrong, so who cares if I'm being watched. I'm glad the government is looking out for those terrorists. To the extent that the user cares about security, now she needs to figure out what's the best secure alternative out there. But notice what happens: There's no large, established competitor that is secure. Those competitors don't have brands. To the extent that the user finds a secure competitor, say because Consumer Reports published an article on it (for the average non-technical user may not know of EFF), then she might click and check it out. She might ask her family and friends. But their family and friends have never heard of it and, even worse, are not on it. I care about my security, she may think. So I will try it anyway. But all the time it gnaws at her that she doesn't know the competitor's name and that she has to take a leap of faith to install it. The company says it's open source. What the heck does that mean? She thinks. What if this company is untrustworthy? What if this company goes under and sells my data? What if... Too many barriers to adoption. We always think, let's make the most private and secure solution, forgetting that users care about many brand attributes that the most superior technical solution can't provide. On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec r...@gsp.org wrote: On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. I'm more than tempted: I can't understand why anyone would even consider using Skype. It's closed-source, therefore it must be presumed insecure. Nothing Microsoft says about it can be trusted. There is reason to believe that it's been successfully attacked by third parties. etc. I dunno 'bout y'all, but I think that's enough to blacklist it permanently. Done. Over. Next? ---rsk -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
+1 Yosem, except I take issue with the last point. I don't think its always that superior technical solutions *can't* provide better branding/usability, its that they choose NOT to, or in the past have even demonized anyone who thinks there is value in such things. luckily this is changing! B On Thu, Mar 21, 2013 at 2:36 PM, Yosem Companys compa...@stanford.eduwrote: Rich, that's because you're not thinking like the average non-technical user, who usually does the following: The user hears from a friend that she can make calls for free over Skype. So she clicks on the Skype link. Skype has millions of users, meaning it will be around for a while. The Skype website looks visually attractive, meaning that it must have a lot of developers. More recently, it is owned by Microsoft, which the user trusts for similar reasons. Most large, stable, visually-striking brands can be trusted, the user thinks. She doesn't think for she doesn't know that Microsoft has been attacked a lot. Now, the user installs Skype. She clicks through a few steps, easy enough. That's a low barrier to adoption. Next, the user sees all their family and friends on there. Great, she thinks. Now I can call that friend who told me to install it. After that, the user reads in a news article that Skype is insecure. That sucks, she thinks. But it's not like I do anything confidential on there anyway. Or, perhaps, she thinks, I haven't done anything wrong, so who cares if I'm being watched. I'm glad the government is looking out for those terrorists. To the extent that the user cares about security, now she needs to figure out what's the best secure alternative out there. But notice what happens: There's no large, established competitor that is secure. Those competitors don't have brands. To the extent that the user finds a secure competitor, say because Consumer Reports published an article on it (for the average non-technical user may not know of EFF), then she might click and check it out. She might ask her family and friends. But their family and friends have never heard of it and, even worse, are not on it. I care about my security, she may think. So I will try it anyway. But all the time it gnaws at her that she doesn't know the competitor's name and that she has to take a leap of faith to install it. The company says it's open source. What the heck does that mean? She thinks. What if this company is untrustworthy? What if this company goes under and sells my data? What if... Too many barriers to adoption. We always think, let's make the most private and secure solution, forgetting that users care about many brand attributes that the most superior technical solution can't provide. On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec r...@gsp.org wrote: On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. I'm more than tempted: I can't understand why anyone would even consider using Skype. It's closed-source, therefore it must be presumed insecure. Nothing Microsoft says about it can be trusted. There is reason to believe that it's been successfully attacked by third parties. etc. I dunno 'bout y'all, but I think that's enough to blacklist it permanently. Done. Over. Next? ---rsk -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Brian Conley Director, Small World News http://smallworldnews.tv m: 646.285.2046 Skype: brianjoelconley -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
Yes. I meant that the superior technical solution could not provide better branding/usability in my hypothetical example. There are plenty of examples of superior technologies having great branding. Case in point is Procter Gamble, which is successful in part because it only makes marketing investments in products with superior technologies because its research has consistently shown that consumers aren't loyal to a product unless it demonstrates technical merit in use. In other words, you can persuade people to try your product, but if it is not technically superior, they will use your competitor's, On Thu, Mar 21, 2013 at 4:04 PM, Brian Conley bri...@smallworldnews.tv wrote: +1 Yosem, except I take issue with the last point. I don't think its always that superior technical solutions *can't* provide better branding/usability, its that they choose NOT to, or in the past have even demonized anyone who thinks there is value in such things. luckily this is changing! B On Thu, Mar 21, 2013 at 2:36 PM, Yosem Companys compa...@stanford.edu wrote: Rich, that's because you're not thinking like the average non-technical user, who usually does the following: The user hears from a friend that she can make calls for free over Skype. So she clicks on the Skype link. Skype has millions of users, meaning it will be around for a while. The Skype website looks visually attractive, meaning that it must have a lot of developers. More recently, it is owned by Microsoft, which the user trusts for similar reasons. Most large, stable, visually-striking brands can be trusted, the user thinks. She doesn't think for she doesn't know that Microsoft has been attacked a lot. Now, the user installs Skype. She clicks through a few steps, easy enough. That's a low barrier to adoption. Next, the user sees all their family and friends on there. Great, she thinks. Now I can call that friend who told me to install it. After that, the user reads in a news article that Skype is insecure. That sucks, she thinks. But it's not like I do anything confidential on there anyway. Or, perhaps, she thinks, I haven't done anything wrong, so who cares if I'm being watched. I'm glad the government is looking out for those terrorists. To the extent that the user cares about security, now she needs to figure out what's the best secure alternative out there. But notice what happens: There's no large, established competitor that is secure. Those competitors don't have brands. To the extent that the user finds a secure competitor, say because Consumer Reports published an article on it (for the average non-technical user may not know of EFF), then she might click and check it out. She might ask her family and friends. But their family and friends have never heard of it and, even worse, are not on it. I care about my security, she may think. So I will try it anyway. But all the time it gnaws at her that she doesn't know the competitor's name and that she has to take a leap of faith to install it. The company says it's open source. What the heck does that mean? She thinks. What if this company is untrustworthy? What if this company goes under and sells my data? What if... Too many barriers to adoption. We always think, let's make the most private and secure solution, forgetting that users care about many brand attributes that the most superior technical solution can't provide. On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec r...@gsp.org wrote: On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. I'm more than tempted: I can't understand why anyone would even consider using Skype. It's closed-source, therefore it must be presumed insecure. Nothing Microsoft says about it can be trusted. There is reason to believe that it's been successfully attacked by third parties. etc. I dunno 'bout y'all, but I think that's enough to blacklist it permanently. Done. Over. Next? ---rsk -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Brian Conley Director, Small World News http://smallworldnews.tv m: 646.285.2046 Skype: brianjoelconley -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at
Re: [liberationtech] skype
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Anyone looked into the reports that Skype leaks your IP address? Apparently you do not have to interact with the person whose location you are interested in to be able to get their IP address. https://krebsonsecurity.com/2013/03/privacy-101-skype-leaks-your-location/ http://blogs.wsj.com/cio/2012/05/01/skype-knew-of-security-flaw-since-november-2010-researchers-say/ Michael On 03/21/2013 07:12 PM, Yosem Companys wrote: Yes. I meant that the superior technical solution could not provide better branding/usability in my hypothetical example. There are plenty of examples of superior technologies having great branding. Case in point is Procter Gamble, which is successful in part because it only makes marketing investments in products with superior technologies because its research has consistently shown that consumers aren't loyal to a product unless it demonstrates technical merit in use. In other words, you can persuade people to try your product, but if it is not technically superior, they will use your competitor's, On Thu, Mar 21, 2013 at 4:04 PM, Brian Conley bri...@smallworldnews.tv wrote: +1 Yosem, except I take issue with the last point. I don't think its always that superior technical solutions *can't* provide better branding/usability, its that they choose NOT to, or in the past have even demonized anyone who thinks there is value in such things. luckily this is changing! B On Thu, Mar 21, 2013 at 2:36 PM, Yosem Companys compa...@stanford.edu wrote: Rich, that's because you're not thinking like the average non-technical user, who usually does the following: The user hears from a friend that she can make calls for free over Skype. So she clicks on the Skype link. Skype has millions of users, meaning it will be around for a while. The Skype website looks visually attractive, meaning that it must have a lot of developers. More recently, it is owned by Microsoft, which the user trusts for similar reasons. Most large, stable, visually-striking brands can be trusted, the user thinks. She doesn't think for she doesn't know that Microsoft has been attacked a lot. Now, the user installs Skype. She clicks through a few steps, easy enough. That's a low barrier to adoption. Next, the user sees all their family and friends on there. Great, she thinks. Now I can call that friend who told me to install it. After that, the user reads in a news article that Skype is insecure. That sucks, she thinks. But it's not like I do anything confidential on there anyway. Or, perhaps, she thinks, I haven't done anything wrong, so who cares if I'm being watched. I'm glad the government is looking out for those terrorists. To the extent that the user cares about security, now she needs to figure out what's the best secure alternative out there. But notice what happens: There's no large, established competitor that is secure. Those competitors don't have brands. To the extent that the user finds a secure competitor, say because Consumer Reports published an article on it (for the average non-technical user may not know of EFF), then she might click and check it out. She might ask her family and friends. But their family and friends have never heard of it and, even worse, are not on it. I care about my security, she may think. So I will try it anyway. But all the time it gnaws at her that she doesn't know the competitor's name and that she has to take a leap of faith to install it. The company says it's open source. What the heck does that mean? She thinks. What if this company is untrustworthy? What if this company goes under and sells my data? What if... Too many barriers to adoption. We always think, let's make the most private and secure solution, forgetting that users care about many brand attributes that the most superior technical solution can't provide. On Thu, Mar 21, 2013 at 1:05 PM, Rich Kulawiec r...@gsp.org wrote: On Wed, Mar 20, 2013 at 11:17:03PM -0400, Louis Su?rez-Potts wrote: One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. I'm more than tempted: I can't understand why anyone would even consider using Skype. It's closed-source, therefore it must be presumed insecure. Nothing Microsoft says about it can be trusted. There is reason to believe that it's been successfully attacked by third parties. etc. I dunno 'bout y'all, but I think that's enough to blacklist it permanently. Done. Over. Next? ---rsk -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change
Re: [liberationtech] skype
That was one reason Diaspora did well initially. They focused on good design and didn't open source that. There should be a civic Pivotal, like a Mozilla, to help sound technical projects do great design. On Thu, Mar 21, 2013 at 7:36 PM, Griffin Boyce griffinbo...@gmail.com wrote: Brian Conley bri...@smallworldnews.tv wrote: I don't think its always that superior technical solutions *can't* provide better branding/usability, its that they choose NOT to, or in the past have even demonized anyone who thinks there is value in such things. luckily this is changing! B I agree, but also some projects don't have capable graphics people on their staff (for whatever reason). Public-facing open-source projects in general need to get it together design-wise. ~Griffin -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] skype
One is tempted to suggest using other than Skype. Alternatives exist, and these are secure, at least according to their claims. As well, Skype's code is not transparent, in the way that other, open source, applications' are. louis On 13-03-20, at 22:39 , Eric S Johnson cra...@oneotaslopes.org wrote: Dear LibTechers, When Microsoft applied in 2009 for a patent on “recording agents” to surveil peer-to-peer communications, it was assumed they were talking about something they might implement in Skype. Skype in 2010 started rearchitecting its use of supernodes “to improve reliability.” MS stated in 2012 that the re-engineering is “to improve the user experience.” The recent report in the Russian media that MS can trigger individual users’ Skype instances to establish session-specific encryption key exchange not with “the other end” but with intermediate nodes (thus making possible inline surveillance of Skype communications—presumably VoIP, since MS already stores Skype IM sessions “for 30 days”)—dovetails nicely with suspicions that MS is making (or has made) Skype lawful-intercept-friendly. But wouldn’t the above evolution require changes in the Skype client, too? Does anyone know of any work to identify whether it’s possible to say “if you keep your Skype client below version 4.4 [for instance], any newer capability to remotely trigger individually-targeted surveillance-by-intermediate-node isn’t (as) there”? Best, Eric PGP -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings athttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
Dear All Just to let you know, I've just been interviewed by a man from the NYT/IHT (European office) about the Skype Open Letter - he'll be writing a piece in a week to ten days. I hope I said the right kind of thing… Paul Dr Paul Bernal Lecturer UEA Law School University of East Anglia Norwich Research Park Norwich NR4 7TJ email: paul.ber...@uea.ac.ukmailto:paul.ber...@uea.ac.uk Web: http://www.paulbernal.co.uk/ Blog: http://paulbernal.wordpress.com/ Twitter: @paulbernalUK On 26 Jan 2013, at 09:16, francesca bosco bosco_france...@hotmail.commailto:bosco_france...@hotmail.com wrote: Well done Fabio and we, as Tech and Law Center, are very happy to help in supporting these initiatives. Francesca Il giorno 26/gen/2013, alle ore 09:41, Fabio Pietrosanti (naif) li...@infosecurity.chmailto:li...@infosecurity.ch ha scritto: Cool, this kind of media action cooperation worked very well. In Italy (and in Italian) we made a press-release of Hermes Center ( http://logioshermes.orghttp://logioshermes.org/ ) and broadcasted it to +50 journalists working on internet-stuff and to all the major organization active on internet privacy, digital rights and consumer protection. Now we got coverage on the following media sites, and it started a debate on the topic in several groups and areas: * http://www.corriere.it/tecnologia/social/13_gennaio_25/skype-privacy-lettera_705a794e-6704-11e2-95de-416ea2b54ab7.shtml * http://affaritaliani.libero.it/mediatech/skype-microsoft250113.html * http://www.corrierecomunicazioni.it/it-world/19251_skype-attivisti-in-campo-chi-accede-ai-nostri-dati.htm * http://www.federicoguerrini.com/privacy/lettera-aperta-a-skype-quanto-sono-private-le-conversazioni/ * http://www.bitmat.it/articolo/095720/48/20/Skype_spia_le_nostre_conversazioni.html * http://www.ilsoftware.it/articoli.asp?tag=Privacy-e-Skype-la-lettera-aperta-indirizzata-a-Microsoft_9567 * http://sportelloconsumatori.org/blog/2013/01/25/lettera-aperta-a-skype-quanto-sono-sicure-le-nostre-conversazioni/ * http://geeklino.com/2013/01/25/lettera-aperta-a-skype-spieghi-se-sono-sicure-le-conversazioni-degli-utenti/ Let's do it again :-) Fabio On 1/25/13 4:42 PM, Nadim Kobeissi wrote: What a great success, everyone! Congratulations! :-) More media coverage ( 31 news sources so far, discounting Reddit and Hacker News!) http://www.cbsnews.com/8301-205_162-57565690/activists-to-microsoft-who-is-requesting-our-skype-data/ http://www.telegraph.co.uk/technology/microsoft/9827215/Microsoft-urged-to-open-up-over-privacy-of-Skype-data.html NK On Fri, Jan 25, 2013 at 10:21 AM, Paul Bernal (LAW) paul.ber...@uea.ac.ukmailto:paul.ber...@uea.ac.uk wrote: It's on the BBC website too: http://www.bbc.co.uk/news/technology-21194801 Dr Paul Bernal Lecturer UEA Law School University of East Anglia Norwich Research Park Norwich NR4 7TJ email: paul.ber...@uea.ac.ukmailto:paul.ber...@uea.ac.uk Web: http://www.paulbernal.co.uk/ Blog: http://paulbernal.wordpress.com/ Twitter: @paulbernalUK On 25 Jan 2013, at 14:38, Russell Brandom russell.bran...@gmail.commailto:russell.bran...@gmail.com wrote: Also on NPR's Marketplace Tech Report: http://www.marketplace.org/topics/tech/tweeting-videos-through-vine-should-skype-be-more-google (Starting at 1:40) On Fri, Jan 25, 2013 at 12:14 AM, Kelvin Quee (魏有豪) kel...@quee.orgmailto:kel...@quee.org wrote: Congratulations on making it to Slashdot! :) http://yro.slashdot.org/story/13/01/24/231217/privacy-advocates-demand-transparency-from-skype Kelvin Quee (魏有豪) +65 9177 3635tel:%2B65%209177%203635 gpg: AB3DB8AC On Fri, Jan 25, 2013 at 12:42 PM, Fran Parker lilba...@gmail.commailto:lilba...@gmail.com wrote: I couldn't get there with the link provided so searched for Skype on The Verge and got this link: http://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-calls Martin Johnson wrote: Actually http://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-callswas faster. Martin Johnson Founder https://GreatFire.orghttps://greatfire.org/ - Monitoring Online Censorship In China. https://FreeWeibo.comhttps://freeweibo.com/ - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.comhttps://unblock.cn.com/ - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 10:32 AM, Kate Krausska...@critpath.orgmailto:ka...@critpath.org wrote: First press hit: http://www.theregister.co.uk/2013/01/25/activists_demand_skype_transparency/ -- Kate Krauss Executive Director AIDS Policy Project www.AIDSPolicyProject.orghttp://www.aidspolicyproject.org/ On Thu, Jan 24, 2013 at 8:31 PM, Martin Johnsongreatf...@greatfire.orgmailto:greatf...@greatfire.orgwrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.orghttps://greatfire.org/ - Monitoring Online Censorship In China. https://FreeWeibo.comhttps://freeweibo.com/ -
Re: [liberationtech] Skype Open Letter: Launch Date!
Cool, this kind of media action cooperation worked very well. In Italy (and in Italian) we made a press-release of Hermes Center ( http://logioshermes.org ) and broadcasted it to +50 journalists working on internet-stuff and to all the major organization active on internet privacy, digital rights and consumer protection. Now we got coverage on the following media sites, and it started a debate on the topic in several groups and areas: * http://www.corriere.it/tecnologia/social/13_gennaio_25/skype-privacy-lettera_705a794e-6704-11e2-95de-416ea2b54ab7.shtml * http://affaritaliani.libero.it/mediatech/skype-microsoft250113.html * http://www.corrierecomunicazioni.it/it-world/19251_skype-attivisti-in-campo-chi-accede-ai-nostri-dati.htm * http://www.federicoguerrini.com/privacy/lettera-aperta-a-skype-quanto-sono-private-le-conversazioni/ * http://www.bitmat.it/articolo/095720/48/20/Skype_spia_le_nostre_conversazioni.html * http://www.ilsoftware.it/articoli.asp?tag=Privacy-e-Skype-la-lettera-aperta-indirizzata-a-Microsoft_9567 * http://sportelloconsumatori.org/blog/2013/01/25/lettera-aperta-a-skype-quanto-sono-sicure-le-nostre-conversazioni/ * http://geeklino.com/2013/01/25/lettera-aperta-a-skype-spieghi-se-sono-sicure-le-conversazioni-degli-utenti/ Let's do it again :-) Fabio On 1/25/13 4:42 PM, Nadim Kobeissi wrote: What a great success, everyone! Congratulations! :-) More media coverage ( 31 news sources so far, discounting Reddit and Hacker News!) http://www.cbsnews.com/8301-205_162-57565690/activists-to-microsoft-who-is-requesting-our-skype-data/ http://www.telegraph.co.uk/technology/microsoft/9827215/Microsoft-urged-to-open-up-over-privacy-of-Skype-data.html NK On Fri, Jan 25, 2013 at 10:21 AM, Paul Bernal (LAW) paul.ber...@uea.ac.uk mailto:paul.ber...@uea.ac.uk wrote: It's on the BBC website too: http://www.bbc.co.uk/news/technology-21194801 Dr Paul Bernal Lecturer UEA Law School University of East Anglia Norwich Research Park Norwich NR4 7TJ email: paul.ber...@uea.ac.uk mailto:paul.ber...@uea.ac.uk Web: http://www.paulbernal.co.uk/ Blog: http://paulbernal.wordpress.com/ Twitter: @paulbernalUK On 25 Jan 2013, at 14:38, Russell Brandom russell.bran...@gmail.com mailto:russell.bran...@gmail.com wrote: Also on NPR's Marketplace Tech Report: http://www.marketplace.org/topics/tech/tweeting-videos-through-vine-should-skype-be-more-google (Starting at 1:40) On Fri, Jan 25, 2013 at 12:14 AM, Kelvin Quee (???) kel...@quee.org mailto:kel...@quee.org wrote: Congratulations on making it to Slashdot! :) http://yro.slashdot.org/story/13/01/24/231217/privacy-advocates-demand-transparency-from-skype Kelvin Quee (???) +65 9177 3635 tel:%2B65%209177%203635 gpg: AB3DB8AC On Fri, Jan 25, 2013 at 12:42 PM, Fran Parker lilba...@gmail.com mailto:lilba...@gmail.com wrote: I couldn't get there with the link provided so searched for Skype on The Verge and got this link: http://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-calls Martin Johnson wrote: Actually http://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-callswas faster. Martin Johnson Founder https://GreatFire.org https://greatfire.org/ - Monitoring Online Censorship In China. https://FreeWeibo.com https://freeweibo.com/ - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com https://unblock.cn.com/ - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 10:32 AM, Kate Krausska...@critpath.org mailto:ka...@critpath.org wrote: First press hit: http://www.theregister.co.uk/2013/01/25/activists_demand_skype_transparency/ -- Kate Krauss Executive Director AIDS Policy Project www.AIDSPolicyProject.org http://www.aidspolicyproject.org/ On Thu, Jan 24, 2013 at 8:31 PM, Martin Johnsongreatf...@greatfire.org mailto:greatf...@greatfire.orgwrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.org https://greatfire.org/ - Monitoring Online Censorship In China.
Re: [liberationtech] Skype Open Letter: Launch Date!
Also on NPR's Marketplace Tech Report: http://www.marketplace.org/topics/tech/tweeting-videos-through-vine-should-skype-be-more-google (Starting at 1:40) On Fri, Jan 25, 2013 at 12:14 AM, Kelvin Quee (魏有豪) kel...@quee.org wrote: Congratulations on making it to Slashdot! :) http://yro.slashdot.org/story/13/01/24/231217/privacy-advocates-demand-transparency-from-skype Kelvin Quee (魏有豪) +65 9177 3635 gpg: AB3DB8AC On Fri, Jan 25, 2013 at 12:42 PM, Fran Parker lilba...@gmail.com wrote: I couldn't get there with the link provided so searched for Skype on The Verge and got this link: http://www.theverge.com/2013/**1/24/3895002/an-open-letter-** asks-whos-listening-in-on-**skype-callshttp://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-calls Martin Johnson wrote: Actually http://www.theverge.com/2013/**1/24/3895002/an-open-letter-** asks-whos-listening-in-on-**skype-callswashttp://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-callswas faster. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 10:32 AM, Kate Krausska...@critpath.org wrote: First press hit: http://www.theregister.co.uk/**2013/01/25/activists_demand_** skype_transparency/http://www.theregister.co.uk/2013/01/25/activists_demand_skype_transparency/ -- Kate Krauss Executive Director AIDS Policy Project www.AIDSPolicyProject.org On Thu, Jan 24, 2013 at 8:31 PM, Martin Johnsongreatfire@greatfire.** org greatf...@greatfire.orgwrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 9:22 AM, Fran Parkerlilba...@gmail.com wrote: No worries, Nadim! What a great job as noted earlier! Thanks! Nadim Kobeissi wrote: My mistake! We do not have an HTTPS version. NK On Thu, Jan 24, 2013 at 8:39 AM, Fran Parkerlilba...@gmail.com wrote: 8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.**com/http://www.** skypeopenletter.com/http://**www.skypeopenletter.com/http://www.skypeopenletter.com/ **loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/** liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech https://**mailman.stanford.edu/mailman/listinfo/ liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.**edu/mailman/**listinfo/** liberationtechhttp://mailman.stanford.edu/mailman/**listinfo/liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/** liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech https://**mailman.stanford.edu/mailman/listinfo/ liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.**edu/mailman/**listinfo/** liberationtechhttp://mailman.stanford.edu/mailman/**listinfo/liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change
Re: [liberationtech] Skype Open Letter: Launch Date!
What a great success, everyone! Congratulations! :-) More media coverage ( 31 news sources so far, discounting Reddit and Hacker News!) http://www.cbsnews.com/8301-205_162-57565690/activists-to-microsoft-who-is-requesting-our-skype-data/ http://www.telegraph.co.uk/technology/microsoft/9827215/Microsoft-urged-to-open-up-over-privacy-of-Skype-data.html NK On Fri, Jan 25, 2013 at 10:21 AM, Paul Bernal (LAW) paul.ber...@uea.ac.ukwrote: It's on the BBC website too: http://www.bbc.co.uk/news/technology-21194801 Dr Paul Bernal Lecturer UEA Law School University of East Anglia Norwich Research Park Norwich NR4 7TJ email: paul.ber...@uea.ac.uk Web: http://www.paulbernal.co.uk/ Blog: http://paulbernal.wordpress.com/ Twitter: @paulbernalUK On 25 Jan 2013, at 14:38, Russell Brandom russell.bran...@gmail.com wrote: Also on NPR's Marketplace Tech Report: http://www.marketplace.org/topics/tech/tweeting-videos-through-vine-should-skype-be-more-google (Starting at 1:40) On Fri, Jan 25, 2013 at 12:14 AM, Kelvin Quee (魏有豪) kel...@quee.orgwrote: Congratulations on making it to Slashdot! :) http://yro.slashdot.org/story/13/01/24/231217/privacy-advocates-demand-transparency-from-skype Kelvin Quee (魏有豪) +65 9177 3635 gpg: AB3DB8AC On Fri, Jan 25, 2013 at 12:42 PM, Fran Parker lilba...@gmail.com wrote: I couldn't get there with the link provided so searched for Skype on The Verge and got this link: http://www.theverge.com/2013/**1/24/3895002/an-open-letter-** asks-whos-listening-in-on-**skype-callshttp://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-calls Martin Johnson wrote: Actually http://www.theverge.com/2013/**1/24/3895002/an-open-letter-** asks-whos-listening-in-on-**skype-callswashttp://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-callswas faster. Martin Johnson Founder https://GreatFire.org https://greatfire.org/ - Monitoring Online Censorship In China. https://FreeWeibo.com https://freeweibo.com/ - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com https://unblock.cn.com/ - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 10:32 AM, Kate Krausska...@critpath.org wrote: First press hit: http://www.theregister.co.uk/**2013/01/25/activists_demand_** skype_transparency/http://www.theregister.co.uk/2013/01/25/activists_demand_skype_transparency/ -- Kate Krauss Executive Director AIDS Policy Project www.AIDSPolicyProject.org http://www.aidspolicyproject.org/ On Thu, Jan 24, 2013 at 8:31 PM, Martin Johnsongreatfire@greatfire.** org greatf...@greatfire.orgwrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.org https://greatfire.org/ - Monitoring Online Censorship In China. https://FreeWeibo.com https://freeweibo.com/ - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com https://unblock.cn.com/ - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 9:22 AM, Fran Parkerlilba...@gmail.com wrote: No worries, Nadim! What a great job as noted earlier! Thanks! Nadim Kobeissi wrote: My mistake! We do not have an HTTPS version. NK On Thu, Jan 24, 2013 at 8:39 AM, Fran Parkerlilba...@gmail.com wrote: 8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.**com/http://www.** skypeopenletter.com/http://**www.skypeopenletter.com/http://www.skypeopenletter.com/ **loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/** liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech https://**mailman.stanford.edu/mailman/listinfo/ liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.**edu/mailman/**listinfo/** liberationtechhttp://mailman.stanford.edu/mailman/**listinfo/liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/** liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissi na...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.com/ loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
My mistake! We do not have an HTTPS version. NK On Thu, Jan 24, 2013 at 8:39 AM, Fran Parker lilba...@gmail.com wrote: 8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.**com/http://www.skypeopenletter.com/loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
Is there a hashtag for this letter? Maybe just #skype to get the attention of Skype users? On Jan 24, 2013 5:32 PM, Martin Johnson greatf...@greatfire.org wrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 9:22 AM, Fran Parker lilba...@gmail.com wrote: No worries, Nadim! What a great job as noted earlier! Thanks! Nadim Kobeissi wrote: My mistake! We do not have an HTTPS version. NK On Thu, Jan 24, 2013 at 8:39 AM, Fran Parkerlilba...@gmail.com wrote: 8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.com/http://www.** skypeopenletter.com/ http://www.skypeopenletter.com/loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
First press hit: http://www.theregister.co.uk/2013/01/25/activists_demand_skype_transparency/ -- Kate Krauss Executive Director AIDS Policy Project www.AIDSPolicyProject.org On Thu, Jan 24, 2013 at 8:31 PM, Martin Johnson greatf...@greatfire.orgwrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 9:22 AM, Fran Parker lilba...@gmail.com wrote: No worries, Nadim! What a great job as noted earlier! Thanks! Nadim Kobeissi wrote: My mistake! We do not have an HTTPS version. NK On Thu, Jan 24, 2013 at 8:39 AM, Fran Parkerlilba...@gmail.com wrote: 8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.com/http://www.** skypeopenletter.com/ http://www.skypeopenletter.com/loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
It's had much wider coverage that just the Register the Verge (see a selection below). I expect there will be a few more tomorrow, too, and there will also be follow-ups when (if?) Microsoft substantively responds. CNET: http://news.cnet.com/8301-1009_3-57565610-83/surveillance-a-la-skype-eff-others-seek-answers/ Forbes: http://www.forbes.com/sites/andygreenberg/2013/01/24/letter-from-forty-four-digital-rights-groups-demands-skype-detail-its-surveillance-practices/ NBC: http://www.nbcnews.com/technology/technolog/skype-prodded-privacy-advocates-over-transparency-vulnerabilities-1C8103618 Huffington Post: http://www.huffingtonpost.com/2013/01/24/skype-surveillance-microsoft_n_2545646.html Slate: http://www.slate.com/blogs/future_tense/2013/01/24/skype_urged_to_come_clean_on_eavesdropping_capabilities_and_policies_in.html ReadWriteWeb: http://readwrite.com/2013/01/24/microsoft-needs-to-come-clean-on-skype-privacy ZDNet: http://www.zdnet.com/eff-others-to-microsoft-whos-requesting-our-skype-data-710268/ PCAdvisor: http://www.pcadvisor.co.uk/news/photo-video/3422347/groups-raise-questions-about-privacy-on-skype/ On 25 January 2013 02:32, Kate Krauss ka...@critpath.org wrote: First press hit: http://www.theregister.co.uk/2013/01/25/activists_demand_skype_transparency/ -- Kate Krauss Executive Director AIDS Policy Project www.AIDSPolicyProject.org On Thu, Jan 24, 2013 at 8:31 PM, Martin Johnson greatf...@greatfire.orgwrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 9:22 AM, Fran Parker lilba...@gmail.com wrote: No worries, Nadim! What a great job as noted earlier! Thanks! Nadim Kobeissi wrote: My mistake! We do not have an HTTPS version. NK On Thu, Jan 24, 2013 at 8:39 AM, Fran Parkerlilba...@gmail.com wrote: 8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.com/http://www.** skypeopenletter.com/ http://www.skypeopenletter.com/loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: Launch Date!
I couldn't get there with the link provided so searched for Skype on The Verge and got this link: http://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-calls Martin Johnson wrote: Actually http://www.theverge.com/2013/1/24/3895002/an-open-letter-asks-whos-listening-in-on-skype-callswas faster. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 10:32 AM, Kate Krausska...@critpath.org wrote: First press hit: http://www.theregister.co.uk/2013/01/25/activists_demand_skype_transparency/ -- Kate Krauss Executive Director AIDS Policy Project www.AIDSPolicyProject.org On Thu, Jan 24, 2013 at 8:31 PM, Martin Johnsongreatf...@greatfire.orgwrote: Thanks a lot Nadim! Great work! Now let's spread this widely and force Microsoft to respond. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Fri, Jan 25, 2013 at 9:22 AM, Fran Parkerlilba...@gmail.com wrote: No worries, Nadim! What a great job as noted earlier! Thanks! Nadim Kobeissi wrote: My mistake! We do not have an HTTPS version. NK On Thu, Jan 24, 2013 at 8:39 AM, Fran Parkerlilba...@gmail.com wrote: 8:36 AM EST and https://skypeopenletter.com will not load. Times out. However, http://www.skypeopenletter.com/http://www.** skypeopenletter.com/http://www.skypeopenletter.com/loads fine. https not working I guess. Nadim Kobeissi wrote: It's out, everyone! NK On Wed, Jan 23, 2013 at 10:00 PM, Nadim Kobeissina...@nadim.cc wrote: The Open Letter to Skype is launching *Thursday, January 23rd 2013 at 9:00AM Eastern Time.* Thanks to everyone who helped, with special thanks to Eva Galperin from EFF. The petition will be available at: *https://skypeopenletter.com* Share widely! (Facebook and Twitter Share buttons will be embedded onto the site at launch.) For the Internet! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtechhttps://mailman.stanford.edu/**mailman/listinfo/**liberationtech https://**mailman.stanford.edu/mailman/**listinfo/liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open letter translation
Hi Percy! I actually did a Chinese translation and put it here: https://docs.google.com/document/d/1Kqo47jbMIZIcqjA9JuWGgSVzV_M_GQYGIa9Jewwsm68/edit (I posted the text on my Google+ page http://goo.gl/IZLwQ and Sina Weibo.) We can definitely collaborate on improving the translation! Best, 2013/1/24 Percy Alpha percyal...@gmail.com Hi. I'm a member of greatfire team and I'm willing to translate the open letter to Chinese because the Tom-skype is really prevailing in China and thus makes the situation very dangerous. Then the admin could probably put it into a subdomain or sub-directory. Can someone tell me whom should I send my translation to? Percy Alpha -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 2013.01.23 01.09, Nadim Kobeissi wrote: OpenITP will sign. Put me down individually, too. E. - -- Ideas are my favorite toys. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (MingW32) iF4EAREIAAYFAlD/4JgACgkQQwkE2RkM0wpMtAD+N/z+ydCj3RMJmJEVE0r4Zxwg cZ53YZc4Btn8GcaQJ70A/0zSDkNSvvxV+e1GNIMbutYTYuT5h/MJGqChLMpvCIYs =/3RJ -END PGP SIGNATURE- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
On Wed, Jan 23, 2013 at 4:01 PM, Jochai Ben-Avie joc...@accessnow.orgwrote: and the basis for rejecting those requests it does not comply with. Jochai, Thanks for your helpful additions! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Hello Nadim, Can you add me as an individual, please. Thanks for the great work. Ophelia Noor On 21 January 2013 22:31, Nadim Kobeissi na...@nadim.cc wrote: Everyone has been added, thank you! NK On Mon, Jan 21, 2013 at 1:16 PM, Fran Parker lilba...@gmail.com wrote: Can you add Fran Parker as an individual please. Thanks. Nadim Kobeissi wrote: Added. Thank you! NK On Fri, Jan 18, 2013 at 10:18 PM, Martin Johnsongreatfire@greatfire.** org greatf...@greatfire.orgwrote: GreatFire.org would like to sign. Thanks very much for doing this. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Sat, Jan 19, 2013 at 8:56 AM, Nadim Kobeissina...@nadim.cc wrote: Amazing :) Thanks for your support, everyone! NK On Fri, Jan 18, 2013 at 3:31 PM, Petter Ericsonpett...@acc.umu.se** wrote: Hi! Good work :) First: some nitpicking: third-parties in the second paragraph should probably lose the hyphen. Second: I would be very happy to see a Telecomix signature on this letter :) Best regards /P On 18 January, 2013 - Nadim Kobeissi wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.**com/draft/http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pougetgrego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Bordershttp://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/**clapper/http://epic.org/amicus/fisa/clapper/ ) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
I would also be pleased to sign as an individual. Chip Pitts From: liberationtech-boun...@lists.stanford.edu [mailto:liberationtech-boun...@lists.stanford.edu] On Behalf Of Ophelia Noor Sent: Tuesday, January 22, 2013 6:34 AM To: liberationtech Subject: Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES Hello Nadim, Can you add me as an individual, please. Thanks for the great work. Ophelia Noor On 21 January 2013 22:31, Nadim Kobeissi na...@nadim.cc wrote: Everyone has been added, thank you! NK On Mon, Jan 21, 2013 at 1:16 PM, Fran Parker lilba...@gmail.com wrote: Can you add Fran Parker as an individual please. Thanks. Nadim Kobeissi wrote: Added. Thank you! NK On Fri, Jan 18, 2013 at 10:18 PM, Martin Johnsongreatf...@greatfire.orgwrote: GreatFire.org would like to sign. Thanks very much for doing this. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Sat, Jan 19, 2013 at 8:56 AM, Nadim Kobeissina...@nadim.cc wrote: Amazing :) Thanks for your support, everyone! NK On Fri, Jan 18, 2013 at 3:31 PM, Petter Ericsonpett...@acc.umu.sewrote: Hi! Good work :) First: some nitpicking: third-parties in the second paragraph should probably lose the hyphen. Second: I would be very happy to see a Telecomix signature on this letter :) Best regards /P On 18 January, 2013 - Nadim Kobeissi wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pougetgrego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Bordershttp://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Nadim, Valuable and much appreciated work. Please add my name as an individual signatory. --Keith Hazelton On Wed, Jan 16, 2013 at 10:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- ___ Keith Hazelton (khazel...@gmail.com) UW-Madison; Internet2 MACE -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Hi Nadim, Could you please add TagMeNot project TagMeNot.info to the organizations list. Best regards, Alberto Cammozzo -- Alberto Cammozzo founder, TagMeNot.info On 01/16/2013 05:58 PM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Reporters Without Borders will stay signed on. Good work ! Grégoire Pouget, New Media Desk | Bureau Nouveaux Médias GPG ID : 2BBC1ECE Tel : +33 1 44 83 84 71 Reporters Without Borders http://en.rsf.org | Reporters sans frontièreshttp://fr.rsf.org Twitter (en) https://twitter.com/fightcensors_en | Twitter (fr)https://twitter.com/fightcensors_fr| Facebook https://www.facebook.com/WeFightCensorship 2013/1/18 Nadim Kobeissi na...@nadim.cc Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.net wrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.ccwrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire Pouget, New Media Desk // Bureau Nouveaux Médias Reporters Without Borders // Reporters sans frontières @fightcensors_en @fightcensors_fr GPG ID : 2BBC1ECE -- Unsubscribe, change to
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Alright everyone, the list has again been updated for today. Keep in mind that I am updating the list once every 24 hours. Deadline is Thursday! NK On Tue, Jan 22, 2013 at 8:53 AM, A.Cammozzo a.cammo...@gmail.com wrote: Hi Nadim, Could you please add TagMeNot project TagMeNot.info to the organizations list. Best regards, Alberto Cammozzo -- Alberto Cammozzo founder, TagMeNot.info On 01/16/2013 05:58 PM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.**com/draft/http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/**mailman/listinfo/**liberationtechhttps://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
You can add my name. Greg Norcie - PhD Student, Privacy Researcher -- Greg Norcie (g...@norcie.com) GPG key: 0x1B873635 On 1/16/13 11:58 AM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Can you add Fran Parker as an individual please. Thanks. Nadim Kobeissi wrote: Added. Thank you! NK On Fri, Jan 18, 2013 at 10:18 PM, Martin Johnsongreatf...@greatfire.orgwrote: GreatFire.org would like to sign. Thanks very much for doing this. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Sat, Jan 19, 2013 at 8:56 AM, Nadim Kobeissina...@nadim.cc wrote: Amazing :) Thanks for your support, everyone! NK On Fri, Jan 18, 2013 at 3:31 PM, Petter Ericsonpett...@acc.umu.sewrote: Hi! Good work :) First: some nitpicking: third-parties in the second paragraph should probably lose the hyphen. Second: I would be very happy to see a Telecomix signature on this letter :) Best regards /P On 18 January, 2013 - Nadim Kobeissi wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pougetgrego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Bordershttp://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissina...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at:
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire Pouget, New Media Desk // Bureau Nouveaux Médias Reporters Without Borders // Reporters sans frontières @fightcensors_en @fightcensors_fr GPG ID : 2BBC1ECE -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Looks good, Nadim. Abine will stay signed on (it's just Abine, not Abine Software, though). And I'd like to sign as an individual (Sarah A. Downey, Esq.). Thanks! -Sarah On Fri, Jan 18, 2013 at 11:26 AM, Nadim Kobeissi na...@nadim.cc wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.net wrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.ccwrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire Pouget, New Media Desk // Bureau Nouveaux Médias Reporters Without Borders // Reporters sans frontières @fightcensors_en @fightcensors_fr GPG ID : 2BBC1ECE -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at:
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
On Fri, Jan 18, 2013 at 11:35 AM, Sarah A. Downey sa...@getabine.comwrote: (Sarah A. Downey, Esq. Done! NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Good idea. I've added Bates's name as a recipient. NK On Fri, Jan 18, 2013 at 11:51 AM, Ryan Gallagher r...@rjgallagher.co.ukwrote: Good work, more concise than the previous version and something about the general tone of the thing has been improved. Might it be worth also publicly CCing Tony Bates on the letter (he's pres of the Skype division at Microsoft)? On 18 January 2013 16:26, Nadim Kobeissi na...@nadim.cc wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.orgwrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.net wrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.ccwrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire Pouget, New Media Desk // Bureau Nouveaux Médias Reporters Without Borders // Reporters sans frontières @fightcensors_en @fightcensors_fr GPG ID : 2BBC1ECE -- Unsubscribe, change to
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
I like it - keep me on the letter. Many thanks for all your work. Paul Dr Paul Bernal Lecturer UEA Law School University of East Anglia Norwich Research Park Norwich NR4 7TJ email: paul.ber...@uea.ac.ukmailto:paul.ber...@uea.ac.uk Web: http://www.paulbernal.co.uk/ Blog: http://paulbernal.wordpress.com/ Twitter: @paulbernalUK On 18 Jan 2013, at 16:26, Nadim Kobeissi na...@nadim.ccmailto:na...@nadim.cc wrote: Okay everyone, the final draft has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.orgmailto:grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Bordershttp://rsf.org/ would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netmailto:ch...@soghoian.net wrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.ccmailto:na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire Pouget, New Media Desk // Bureau Nouveaux Médias Reporters Without Borders // Reporters sans frontières @fightcensors_en @fightcensors_fr GPG ID : 2BBC1ECE -- Unsubscribe, change to digest, or change
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
I speak with people regularly at Microsoft, including their CPO. It is my understanding that Microsoft's chief privacy officer doesn't have the power to do what you ask for. Scott Charney, the VP of Trustworthy Computing, will be much more central to any internal debates over this issue than Brendon Lynch. Ultimately though, I think you probably want to address this to Brad Smith, Microsoft's General Counsel. On Fri, Jan 18, 2013 at 11:26 AM, Nadim Kobeissi na...@nadim.cc wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.net wrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.ccwrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire Pouget, New Media Desk // Bureau Nouveaux Médias Reporters Without Borders // Reporters sans frontières @fightcensors_en @fightcensors_fr GPG
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
I think your section on law enforcement stuff could still use some work. I really think you should get rid of some of the text in the references. Specifically, delete this text: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters.[3] IMHO, it isn't the HQ in Redmond that raises CALEA questions, but rather, the interconnection to the US telecommunications network. If Skype has to be CALEA complaint, those requirements kicked in long before Microsoft owned them, Thus, Instead of: Skype’s current interpretation of the applicability of the Communications Assistance for Law Enforcement Act (CALEA), National Security Letters (NSLs), and other lawful intercept policies to its users’ communications in the countries in which Skype is used. What about instead: Skype's interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA) [1], its policies related to the disclosure of call metadata in response to subpoenas and National Security Letters (NSLs) [FN2], and more generally, the policies followed when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere. [FN1] In May 2006, the FCC issued a Second Report and Order that required facilities-based broadband Internet access providers and providers of interconnected Voice over Internet Protocol (VoIP) service to come into compliance with CALEA obligations no later than May 14, 2007. See: http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-06-56A1.pdf [FN2] Existing US law surveillance law is unclear regarding the specific form of legal process required for law enforcement agencies to compel the production of metadata associated with Internet based text messaging services. See http://www.aclu.org/blog/national-security-technology-and-liberty/us-surveillance-law-may-poorly-protect-new-text . On Fri, Jan 18, 2013 at 11:26 AM, Nadim Kobeissi na...@nadim.cc wrote: -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Chris, Your suggestions and references have been implemented. Thank you! NK On Fri, Jan 18, 2013 at 1:57 PM, Christopher Soghoian ch...@soghoian.netwrote: I think your section on law enforcement stuff could still use some work. I really think you should get rid of some of the text in the references. Specifically, delete this text: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters.[3] IMHO, it isn't the HQ in Redmond that raises CALEA questions, but rather, the interconnection to the US telecommunications network. If Skype has to be CALEA complaint, those requirements kicked in long before Microsoft owned them, Thus, Instead of: Skype’s current interpretation of the applicability of the Communications Assistance for Law Enforcement Act (CALEA), National Security Letters (NSLs), and other lawful intercept policies to its users’ communications in the countries in which Skype is used. What about instead: Skype's interpretation of its responsibilities under the Communications Assistance for Law Enforcement Act (CALEA) [1], its policies related to the disclosure of call metadata in response to subpoenas and National Security Letters (NSLs) [FN2], and more generally, the policies followed when Skype receives and responds to requests for user data from law enforcement and intelligence agencies in the United States and elsewhere. [FN1] In May 2006, the FCC issued a Second Report and Order that required facilities-based broadband Internet access providers and providers of interconnected Voice over Internet Protocol (VoIP) service to come into compliance with CALEA obligations no later than May 14, 2007. See: http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-06-56A1.pdf [FN2] Existing US law surveillance law is unclear regarding the specific form of legal process required for law enforcement agencies to compel the production of metadata associated with Internet based text messaging services. See http://www.aclu.org/blog/national-security-technology-and-liberty/us-surveillance-law-may-poorly-protect-new-text . On Fri, Jan 18, 2013 at 11:26 AM, Nadim Kobeissi na...@nadim.cc wrote: -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Hi! Good work :) First: some nitpicking: third-parties in the second paragraph should probably lose the hyphen. Second: I would be very happy to see a Telecomix signature on this letter :) Best regards /P On 18 January, 2013 - Nadim Kobeissi wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire Pouget, New Media Desk // Bureau Nouveaux Médias Reporters Without Borders // Reporters sans frontières @fightcensors_en @fightcensors_fr GPG ID : 2BBC1ECE -- Unsubscribe, change to digest, or change password at:
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Amazing :) Thanks for your support, everyone! NK On Fri, Jan 18, 2013 at 3:31 PM, Petter Ericson pett...@acc.umu.se wrote: Hi! Good work :) First: some nitpicking: third-parties in the second paragraph should probably lose the hyphen. Second: I would be very happy to see a Telecomix signature on this letter :) Best regards /P On 18 January, 2013 - Nadim Kobeissi wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Grégoire
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
GreatFire.org would like to sign. Thanks very much for doing this. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Sat, Jan 19, 2013 at 8:56 AM, Nadim Kobeissi na...@nadim.cc wrote: Amazing :) Thanks for your support, everyone! NK On Fri, Jan 18, 2013 at 3:31 PM, Petter Ericson pett...@acc.umu.sewrote: Hi! Good work :) First: some nitpicking: third-parties in the second paragraph should probably lose the hyphen. Second: I would be very happy to see a Telecomix signature on this letter :) Best regards /P On 18 January, 2013 - Nadim Kobeissi wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Added. Thank you! NK On Fri, Jan 18, 2013 at 10:18 PM, Martin Johnson greatf...@greatfire.orgwrote: GreatFire.org would like to sign. Thanks very much for doing this. Martin Johnson Founder https://GreatFire.org - Monitoring Online Censorship In China. https://FreeWeibo.com - Uncensored, Anonymous Sina Weibo Search. https://Unblock.cn.com - We Can Unblock Your Website In China. On Sat, Jan 19, 2013 at 8:56 AM, Nadim Kobeissi na...@nadim.cc wrote: Amazing :) Thanks for your support, everyone! NK On Fri, Jan 18, 2013 at 3:31 PM, Petter Ericson pett...@acc.umu.sewrote: Hi! Good work :) First: some nitpicking: third-parties in the second paragraph should probably lose the hyphen. Second: I would be very happy to see a Telecomix signature on this letter :) Best regards /P On 18 January, 2013 - Nadim Kobeissi wrote: Okay everyone, the *final draft* has been posted online, with the gracious collaboration of the EFF. Please take a look at it, make sure you want to keep your signature there (or add it!) http://www.skypeopenletter.com/draft/ We'll be publishing next week. NK On Thu, Jan 17, 2013 at 4:29 AM, Grégoire Pouget grego...@rsf.org wrote: We'd like to see the final / rewritten version of the letter first but Reporters Without Borders http://rsf.org would be happy to sign it. Best, Le 17/01/2013 08:01, Nadim Kobeissi a écrit : Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon.
Re: [liberationtech] Skype letter strategy
On Thu, Jan 17, 2013 at 4:09 PM, Andre Rebentisch tabe...@gmail.com wrote: Definitely not. It is an organisation that does not care at all about its public image in the field of public policy. Quite exceptional, I may add. Could you please be more specific? For instance, from what I remember, whenever someone sets up an interview with a Microsoft employee, that person is briefed by a team of professional PR people whose purpose is to dig any information they can find on the interviewer, and design a complete interview behavior / answers strategy based on that. That doesn't come across as a behavior of a company that does not care about its public image in some area. Of course there are exceptions to the scheme, e.g. an ip enforcement case in Russia a few years ago to which the company applied very professional damage control. Are you referring to the the time when police would accuse people and companies of using pirated Microsoft software, and Microsoft would then distance itself from the investigation and claim they don't have direct demands against the accused? I think all companies do that, it's a win-win for them. Even Adobe “withdrew its support for the criminal complaint against Dmitry Sklyarov” in 2001. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype letter strategy
There is no harm in taking Kate's advice to heart - they also do care, you may perceive a complete lack of care through their legal wrangling and maneuverings and I wouldn't suggest anyone there is a warm heart about these issues - but just like Security issues and Linux before, they care because the sysadmins and cloud architects of tomorrow care - and Microsoft needs them (just like a period before when concerns about Office licensing waiving). Targeting the Board, major journalists, major Fortune 100 companies that use the services - it's all sound and worthwhile and costs nothing. Worst case, nothing changes - everything from there is an improvement. -Ali On Thu, Jan 17, 2013 at 11:46 AM, André Rebentisch tabe...@gmail.comwrote: Am 17.01.2013 15:31, schrieb Maxim Kammerer: Could you please be more specific? Hiring the worst tobaccos, disrespectful communication about competition authorities, mass-taking over standard committees by ISV, unreasonable communication, undue interference in non-domestic nations, bullying tactics. Just take DCI as an example. http://www.sourcewatch.org/index.php?title=DCI_Group It became wider known to a general audience when the McCain campaign was alluded to their lobbying for Burma. --- A -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
This is very well written!! One comment - given that the Tom-Skype operations mainly affect just Chinese users, I feel it makes sense to call out China explicitly in that sentence. Best, 2013/1/16 Nadim Kobeissi na...@nadim.cc Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Hey Nadim, The letter looks great. Thanks for driving this. Please add Aspiration (www.aspirationtech.org) to the signatories peace, gunner On 01/16/2013 08:58 AM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Allen Gunn Executive Director, Aspiration +1.415.216.7252 www.aspirationtech.org Aspiration: Better Tools for a Better World Read our Manifesto: http://aspirationtech.org/publications/manifesto Follow us: Facebook: www.facebook.com/aspirationtech Twitter: www.twitter.com/aspirationtech -- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
The Free Network Foundation will sign. As far a copy edits: voice communications software, Skype continues to be the first choice for many whose lives depend on strong communications privacy. Regretfully, Skype continues to ignore repeated, reasonable requests to clarify the basic principles of its privacy policies.[6] http://www.skypeopenletter.com/draft/#references The first clause (voice communications software) should either be taken out, or capitalized and the trailing comma removed. Well said, Nadim. imw On 01/16/2013 11:10 AM, x z wrote: This is very well written!! One comment - given that the Tom-Skype operations mainly affect just Chinese users, I feel it makes sense to call out China explicitly in that sentence. Best, 2013/1/16 Nadim Kobeissi na...@nadim.cc mailto:na...@nadim.cc Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Do all signatories need to be affiliated/part of an organisation? On 16 Jan 2013, at 16:58, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech - -- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJQ9uHXAAoJENsz1IO7MIrrbKEIAMYUBZsvcdaGihSRAxI30tPn CYKEv9O7FQxo1zSSfjbqi16nJ6ZCdt8R4meELwTmk0KnGIJyd+zPOWqd6fb4GhoH uw/csLwT1kaPc0WI3/44e13TW/HdjfsmjRnzHF73GJltr7WEtFlhNluDCWxqcTjY sGBX8x6wgPTbBwqr8KaOUbL53m5cf0EC7syZ4lil73aadLgIDbePZgD78s3uyjaY iij7hhezV/vb5U4nAEpPl5Djs3uoAbycIYZifZmFEqA6E73heZ28j4qzhZmYrVHR Doi9h3EUCWkVg9FzUxF8h2T8ad79PoxnQAjTwNXJJGregng5i+Ku74itlhr9M1Q= =4FPl -END PGP SIGNATURE- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Nice job. I'll sign as an individual and on behalf of Abinehttps://www.abine.com(we're an online privacy startup). -Sarah On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- *Sarah A. Downey* Privacy Analyst | Attorney Abine http://goog_822727389, Inc https://www.abine.com: Online privacy starts here. t: @SarahADowney https://twitter.com/#/SarahADowney | p: 800.928.1987 Blogging on privacy at Abine.com/Blog Like us? Spread the word! http://abine.com/likeus.php -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
On 16 January 2013 17:31, Nadim Kobeissi na...@nadim.cc wrote: It's already open for individuals. Excellent, thanks Nadim. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
I'd like to sign too, if you'd like it! Paul Dr Paul Bernal Lecturer UEA Law School University of East Anglia Norwich Research Park Norwich NR4 7TJ email: paul.ber...@uea.ac.ukmailto:paul.ber...@uea.ac.uk Web: http://www.paulbernal.co.uk/ Blog: http://paulbernal.wordpress.com/ Twitter: @paulbernalUK On 16 Jan 2013, at 16:58, Nadim Kobeissi na...@nadim.ccmailto:na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
I'd like to sign it as well, if I am eligible :) Amin On 16 January 2013 17:58, Paul Bernal (LAW) paul.ber...@uea.ac.uk wrote: I'd like to sign too, if you'd like it! -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Digital Rights Foundation, Pakistan would like to sign the letter too. www.digitalrightsfoundation.pk Best, Nighat Dad On Wed, Jan 16, 2013 at 11:06 PM, Amin Sabeti aminsab...@gmail.com wrote: I'd like to sign it as well, if I am eligible :) Amin On 16 January 2013 17:58, Paul Bernal (LAW) paul.ber...@uea.ac.uk wrote: I'd like to sign too, if you'd like it! -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
(first post!) While CDT can't sign[1], I wanted to ask a question. (Since we can't sign on, I don't want you to feel like you have to answer!) I was wondering: why the focus on Skype and MSFT? If I were to answer my own question, I'd probably say the focus is simply due to the wide usage base of Skype, its' relative usability and the fact that it was at one time considered very e2e-secure. However, I wonder if this isn't more powerful as a more general open letter that talks about the principles you note and what kinds of measures (propreitary?) e2e communication technologies can take, using Skype as an example. Maybe another good answer is a letter has to have an audience and making it more general might make it more of a less-powerful statement than a directed letter with asks at the end. best, Joe [1] CDT rarely signs on to things. On 1/16/13 11:58 AM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org PGP: https://josephhall.org/gpg-key -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
On Wed, Jan 16, 2013 at 3:05 PM, Joseph Lorenzo Hall j...@cdt.org wrote: (first post!) While CDT can't sign[1], I wanted to ask a question. (Since we can't sign on, I don't want you to feel like you have to answer!) I was wondering: why the focus on Skype and MSFT? I must admit that your asking this question as a CDT staffer is suspect; isn't CDT funded by Microsoft? If I were to answer my own question, I'd probably say the focus is simply due to the wide usage base of Skype, its' relative usability and the fact that it was at one time considered very e2e-secure. However, I wonder if this isn't more powerful as a more general open letter that talks about the principles you note and what kinds of measures (propreitary?) e2e communication technologies can take, using Skype as an example. Maybe another good answer is a letter has to have an audience and making it more general might make it more of a less-powerful statement than a directed letter with asks at the end. best, Joe [1] CDT rarely signs on to things. On 1/16/13 11:58 AM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org PGP: https://josephhall.org/gpg-key -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Joe, My experience has been that when a general letter is written with no particular recipient, it ends up being received and acted on by *no one*. Skype represents such a significant portion of the concern, even measured based on traffic to this list, that it warrants direct questions and focused efforts by civil society. I would add in that Skype's failures have not only been ambiguity regarding transport security, but this last particularly dark year in terms of infrastructure and client security. The acquisition of the company by MSFT, who has strong commitments to GNI and others, represents an unexplored opportunity to take up outstanding concerns, and poke at this TOM issue. However, I respect and share your broader concerns as equally legitimate, and assure you that efforts won't be spared elsewhere. Here I think CDT might make for a great bridge, even if it cannot participate at this moment. Cordially, Collin (Signed, jealous Nadim did this before me.) On Wed, Jan 16, 2013 at 12:05 PM, Joseph Lorenzo Hall j...@cdt.org wrote: (first post!) While CDT can't sign[1], I wanted to ask a question. (Since we can't sign on, I don't want you to feel like you have to answer!) I was wondering: why the focus on Skype and MSFT? If I were to answer my own question, I'd probably say the focus is simply due to the wide usage base of Skype, its' relative usability and the fact that it was at one time considered very e2e-secure. However, I wonder if this isn't more powerful as a more general open letter that talks about the principles you note and what kinds of measures (propreitary?) e2e communication technologies can take, using Skype as an example. Maybe another good answer is a letter has to have an audience and making it more general might make it more of a less-powerful statement than a directed letter with asks at the end. best, Joe [1] CDT rarely signs on to things. On 1/16/13 11:58 AM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org PGP: https://josephhall.org/gpg-key -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Suggested changes (all near the beginning): Is: Many of these users rely on secure communications - whether they are activists operating under authoritarian governments or journalists dealing with sensitive sources. Suggest: Many of these users rely on secure communications - whether they are activists, journalists, doctors, lawyers, counselors -- or anyone. Is: Many trust Skype to be secure by default and others don't have access to security advice. Suggest: Nearly all trust Skype to be secure by default; almost none have access to security advice. Is: Due to Skype's lack of transparency and repeated policy violations, these activists and journalists may be putting themselves in jeopardy. Suggest: Due to Skype's lack of transparency and repeated policy violations, these people may be putting themselves, the people with whom they interact, and the information they exchange in jeopardy. Comment: I wanted to broaden the scope beyond activists and journalists, in order to show that this affects a far larger number of people -- e.g., doctors discussing a case with colleagues via Skype *may* be violating HIPAA as well as their own professional code of ethics as well as state laws/regulations as well as their own institution's policies if that conversation isn't known-confidential. (I am not an attorney, this is not legal advice, contents may settle during shipping.) I also wanted to emphasize that hardly anyone has the ability to discern for themselves whether the software/service is actually secure and to what degree. They are simply shifting the expectations that they have for things called phones from land lines to cell phones to VOIP, and in nearly all cases, they are doing so uncritically. I'm not sure whether I'll sign this yet or not. I support the idea of transparency, don't get me wrong. But I see no reason at all to believe anything in any answer that comes back. And if I ask myself one of my favorite questions (What would Machiavelli do?) (That's a book, by the way, recommended reading) then in Skype/Microsoft's place I would use my excellent staff of attorneys and PR people to craft a beautiful but useless response, full of sound and fury -- signifying...nothing. ---rsk -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Hi NK and all, I'd like to make a suggestion about the letter itself, specifically the 'From' bit: From Concerned Privacy Advocates, Internet Activists and Journalists I'd suggest you go broader and make it from civil society organisations, Internet Activists and Journalists ... If the letter is seen to come from a specific type of advocate it'll be ignored. It'd actually make it come from 'citizens' broadly. Great initial step. Best, Sam. On 17/01/2013, at 7:44 AM, Nadim Kobeissi wrote: I've just spoken with Eva from EFF and it seems the letter might be undergoing some significant rewrites before being published next week. Will keep you all updated. NK On Wed, Jan 16, 2013 at 3:33 PM, Joseph Lorenzo Hall j...@cdt.org wrote: That makes a lot of sense. best, Joe On 1/16/13 3:25 PM, Collin Anderson wrote: Joe, My experience has been that when a general letter is written with no particular recipient, it ends up being received and acted on by /no one/. Skype represents such a significant portion of the concern, even measured based on traffic to this list, that it warrants direct questions and focused efforts by civil society. I would add in that Skype's failures have not only been ambiguity regarding transport security, but this last particularly dark year in terms of infrastructure and client security. The acquisition of the company by MSFT, who has strong commitments to GNI and others, represents an unexplored opportunity to take up outstanding concerns, and poke at this TOM issue. However, I respect and share your broader concerns as equally legitimate, and assure you that efforts won't be spared elsewhere. Here I think CDT might make for a great bridge, even if it cannot participate at this moment. Cordially, Collin (Signed, jealous Nadim did this before me.) On Wed, Jan 16, 2013 at 12:05 PM, Joseph Lorenzo Hall j...@cdt.org mailto:j...@cdt.org wrote: (first post!) While CDT can't sign[1], I wanted to ask a question. (Since we can't sign on, I don't want you to feel like you have to answer!) I was wondering: why the focus on Skype and MSFT? If I were to answer my own question, I'd probably say the focus is simply due to the wide usage base of Skype, its' relative usability and the fact that it was at one time considered very e2e-secure. However, I wonder if this isn't more powerful as a more general open letter that talks about the principles you note and what kinds of measures (propreitary?) e2e communication technologies can take, using Skype as an example. Maybe another good answer is a letter has to have an audience and making it more general might make it more of a less-powerful statement than a directed letter with asks at the end. best, Joe [1] CDT rarely signs on to things. On 1/16/13 11:58 AM, Nadim Kobeissi wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org mailto:j...@cdt.org PGP: https://josephhall.org/gpg-key -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- *Collin David Anderson* averysmallbird.com http://averysmallbird.com | @cda | Washington, D.C. -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Joseph Lorenzo Hall Senior Staff Technologist Center for Democracy Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 j...@cdt.org PGP: https://josephhall.org/gpg-key -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech Sam de Silva skype: samonthenet s...@media.com.au +61 412 238 041 -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Well that is a job welldone Libtech amiga-os! Keep up the great work I look forward to seeing final. On Wed, Jan 16, 2013 at 10:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- -- Lisa M. Brownlee, Esq. Mexico Skype: lisa.m.brownlee lmbscholar...@gmail.com lmbconta...@yahoo.com Author's website at West Thomson Reutershttp://west.thomson.com/store/authorbio2.aspx?r=4889product_id=15033039aurec=217572Auth About my Law Journal Press treatisehttp://www.lawcatalog.com/product_detail.cfm?productID=15196setlist=0return=search_resultsCFID=20088542CFTOKEN=b6ddabf982b888e4-2F42CE2A-B3D2-E07B-503BCB3A910E5EEC Facebook: Lisa M Brownleehttp://www.facebook.com/#%21/profile.php?id=1691642784sk=info Author of: Intellectual Property Due Diligence in Corporate Transactions: Investment, Risk Assessment and Management (West Thomson Reuters) Assets Finance: Audits and Valuation of Intellectual Property (West Thomson Reuters) Federal Acquisition Regulations: Intellectual Property and Related Rights (Law Journal Press) -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.netwrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Open Letter: CALL FOR SIGNATORIES
This is an excellent effort, but I would explain all acronyms within the body of the letter, as it is intended as an open letter on behalf of all Skype users, many of whom will be unable to grasp its import as is. Best, Michael Sent from my iPhone On Jan 16, 2013, at 11:01 PM, Nadim Kobeissi na...@nadim.cc wrote: Thanks for your expert advice, Chris. We're currently in the process of reworking the letter with assistance from the EFF and we'll take what you said into consideration. NK On Thu, Jan 17, 2013 at 1:58 AM, Christopher Soghoian ch...@soghoian.net wrote: You may want to consider rewriting your law enforcement/government surveillance section: As a result of the service being acquired by Microsoft in 2011, it may now be required to comply with CALEA due to the company being headquartered in Redmond, Washington. Furthermore, as a US-based communication provider, Skype would therefore be required to comply with the secretive practice of National Security Letters. You don't articulate why being subject to CALEA is bad. Are the people signing the letter arguing that law enforcement should never have access to real-time intercepts of skype voice/video communications? If so, say that, and why. If not, CALEA merely mandates access capabilities, it doesn't specify under what situations the government can perform an interception, Also, if you want to raise the issue of secretive surveillance practices, NSLs wouldn't be at the top of my list (yes, they don't require a judge, but they can at best be used to obtain communications metadata). I would instead focus your criticism of the fact that US surveillance law does not sufficiently protect communications between two non-US persons, and in particular, the government can intercept such communications without even having to demonstrate probable cause to a judge. Specifically, non-US persons have a real reason to fear FISA Amendments Act of 2008 section 702 Section 702 of the FISA Amendments Act of 2008 (FAA), codified as 50 U.S.C. 1181a, which allows the Attorney General and the Director of National Intelligence (DNI) to authorize jointly the targeting of non-United States persons for the purposes of gathering intelligence for a period of up to one year. 50 U.S.C. 1881a(1). Section 702 contains restrictions, including the requirement that the surveillance may not intentionally target any person known at the time of acquisition to be located in the United States. 50 U.S.C. § 1881a(b)(1). The Attorney General and DNI must submit to the FISC an application for an order (mass acquisition order) for the surveillance either before their joint authorization or within seven days thereof. The FAA sets out a procedure by which the Attorney General and DNI must obtain certification from FISC for their program, which includes an assurance that the surveillance is designed to limit surveillance to persons located outside of the United States. However, the FAA does not require the government to identify targets of surveillance, and the FISC does not consider individualized probable cause determinations or supervise the program. (from: http://epic.org/amicus/fisa/clapper/) While I am happy to provide feedback, I'm in no way authorized to sign on to this letter on behalf of the ACLU. On Wed, Jan 16, 2013 at 11:58 AM, Nadim Kobeissi na...@nadim.cc wrote: Dear Privacy Advocates and Internet Freedom Activists, I call on you to review the following draft for our Open Letter to Skype and present your name or the name of your organization as signatories: http://www.skypeopenletter.com/draft/ The letter will be released soon. Feedback is also welcome. Thank you, NK -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype redux
I think Moxie hit the nail on the head especially with the two trends he pointed out. A team of three developers can leverage global low-latency infrastructure if they know how, while WhatsApp's entire engineering team is stuck implementing *unusually* bad crypto. NK On Sun, Dec 23, 2012 at 11:29 PM, Moxie Marlinspike mo...@thoughtcrime.orgwrote: On 12/22/2012 04:49 AM, Brian Conley wrote: That said, thus far, neither redphone nor those over listed rivals skype or Google hangouts quality of transmission. Depends. RedPhone's audio quality is (in general) substantially better on Android than Skype's has been. Skype's desktop audio quality is probably better than RedPhone's, however. I see this more as a desktop vs. android thing rather than a skype vs. redphone thing. Low-latency audio on Android is just hard, particularly over mobile data networks. It is true, however, that Skype has a much larger engineering team than we do. I like to think that RedPhone is getting better all the time, but if this is something that you or anyone on this list is interested in, we'd obviously welcome help improving things in any way that you can contribute. Please don't be shy about filing issues in the GitHub issue tracker for the project, even if they are user experience type things rather than strictly bugs. We need the feedback. This is not meant to detract from them, its more a question, is a revenue based model the only option to ensure high enough quality to attract users and grow? I agree that it's a problem. I've pointed out before that user expectations for these types of apps are set by things like WhatsApp, which is an entire company focused *just* on a single chat app, with an engineering team that is larger than the number of developers in the whole privacy enhancing technology community put together. I think there are at least a couple of trends working in our favor though: 1) Mobile apps are a huge opportunity for us. It's difficult to do much in the security/privacy area strictly within the browser, and the barrier to installing native desktop apps is high enough that you need something like the network effect of skype to make it happen. The barrier to having users install mobile apps is much lower, and what we can do within that framework is much greater. 2) Infrastructure continues to get easier to deploy, manage, and scale. As depressing as it is that there are companies developing insecure communication tools with engineering teams larger than our entire community, there are also examples of very small teams that have done some really highly scalable stuff. The engineering team at Instagram, for instance, was quite small. They were able to leverage AWS to scale up without many problems, while focusing most of their effort on user experience and core features. Right now RedPhone has a global set of POPs deployed that offer less than 100ms RTT to a relay from almost anywhere in the world, and we don't have a dedicated infrastructure team. That would have been really hard to do in the past. - moxie -- http://www.thoughtcrime.org -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype redux
I wonder if the same team is still working on skype. On Fri, Dec 21, 2012 at 9:42 PM, Christopher Soghoian ch...@soghoian.net wrote: Unfortunately, I've not been able to learn anything from my existing contacts at Microsoft about Skype. That part of the company seems to be continuing their long practice of secrecy regarding surveillance issues. I wonder if the same team is still working on skype. If so, once the team diversifies, it could change how open they are with regards to their security/surveillance/secrecy issues. On Sat, Dec 22, 2012 at 2:42 AM, Nadim Kobeissi na...@nadim.cc wrote: Skype is not only dangerous from a security by policy perspective, but is also dangerous from a security by design perspective — whereas they promise that conversations are encrypted, due to their closed-source nature this encryption cannot be studied or verified. Skype is the perfect storm of terrible security by policy, closed source, documented vulnerabilities, and a large dependent userbase. Going open source doesn't solve everything, but it's a great start. ~Griffin -- What do you think Indians are supposed to look like? What's the real difference between an eagle feather fan and a pink necktie? Not much. ~Sherman Alexie PGP Key etc: https://www.noisebridge.net/wiki/User:Fontaine -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype redux
You should also include Guardian's projects: Gibberbot Ostel/ostn no? That said, thus far, neither redphone nor those over listed rivals skype or Google hangouts quality of transmission. This is not meant to detract from them, its more a question, is a revenue based model the only option to ensure high enough quality to attract users and grow? If not, what else can be done to increase the quality of these tools and ensure ongoing responsiveness to a user base that will demand more and better features in future? On Dec 22, 2012 2:43 AM, Nadim Kobeissi na...@nadim.cc wrote: Skype is not only dangerous from a security by policy perspective, but is also dangerous from a security by design perspective — whereas they promise that conversations are encrypted, due to their closed-source nature this encryption cannot be studied or verified. There are certain other projects have unverifiable encryption claims (no security by design,) but that go uncriticized due to good security by policy. One of those projects has so far also avoided criticism, even though it advocates itself as a secure Skype alternative *marketed especially at activists in dangerous situations*, due to its creators being good personal friends of many of the main critics in the security community. That being said, there still does remain a few projects that offer Skype-like functionality with *both* security by design and security by policy: Jitsi: https://jitsi.org/ Lumicall: http://www.lumicall.org/ RedPhone: http://www.whispersys.com/ NK On Sat, Dec 22, 2012 at 4:42 AM, Christopher Soghoian ch...@soghoian.netwrote: Jake, The section of Skype's privacy policy that describes (with no real detail) the assistance they provide to law enforcement agencies is exactly the same text that was present before Microsoft bought the company. (See, for example: http://web.archive.org/web/20100701074213/http://www.skype.com/intl/en-us/legal/privacy/general/ ) I am just as skeptical of Skype's security as anyone else on this list. This lack of trust pre-dates the purchase by Microsoft. I've tried, and failed over the years to get any data at all about Skype and law enforcement surveillance from the company. I have better relationship with Microsoft, who are surprisingly open with me when discussing privacy and surveillance issues relating to hotmail/live/outlook and Bing. Unfortunately, I've not been able to learn anything from my existing contacts at Microsoft about Skype. That part of the company seems to be continuing their long practice of secrecy regarding surveillance issues. Regards, Chris On Fri, Dec 21, 2012 at 2:49 AM, Jacob Appelbaum ja...@appelbaum.netwrote: Hi, In light of the recent thread on journalism, I wanted to share this link about Skype: https://en.greatfire.org/blog/2012/dec/china-listening-skype-microsoft-assumes-you-approve With 250 million monthly connected users, Skype is one of the most popular services for making phone calls as well as chatting over the Internet. If you have friends, family or business contacts abroad, chances are you are using Skype to keep in contact. Having said that, you are probably not aware that all your phone calls and text chats can be monitored by the censorship authorities in China. And if you are aware, chances are that you do not consent to such surveillence. Microsoft, however, assumes that you do consent, as expressed in their Privacy Policy: Skype, Skype's local partner, or the operator or company facilitating your communication may provide personal data, communications content and/or traffic data to an appropriate judicial, law enforcement or government authority lawfully requesting such information. Skype will provide reasonable assistance and information to fulfill this request and you hereby consent to such disclosure. All the best, Jacob -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype redux
Skype is not only dangerous from a security by policy perspective, but is also dangerous from a security by design perspective — whereas they promise that conversations are encrypted, due to their closed-source nature this encryption cannot be studied or verified. There are certain other projects have unverifiable encryption claims (no security by design,) but that go uncriticized due to good security by policy. One of those projects has so far also avoided criticism, even though it advocates itself as a secure Skype alternative *marketed especially at activists in dangerous situations*, due to its creators being good personal friends of many of the main critics in the security community. That being said, there still does remain a few projects that offer Skype-like functionality with *both* security by design and security by policy: Jitsi: https://jitsi.org/ Lumicall: http://www.lumicall.org/ RedPhone: http://www.whispersys.com/ NK On Sat, Dec 22, 2012 at 4:42 AM, Christopher Soghoian ch...@soghoian.netwrote: Jake, The section of Skype's privacy policy that describes (with no real detail) the assistance they provide to law enforcement agencies is exactly the same text that was present before Microsoft bought the company. (See, for example: http://web.archive.org/web/20100701074213/http://www.skype.com/intl/en-us/legal/privacy/general/ ) I am just as skeptical of Skype's security as anyone else on this list. This lack of trust pre-dates the purchase by Microsoft. I've tried, and failed over the years to get any data at all about Skype and law enforcement surveillance from the company. I have better relationship with Microsoft, who are surprisingly open with me when discussing privacy and surveillance issues relating to hotmail/live/outlook and Bing. Unfortunately, I've not been able to learn anything from my existing contacts at Microsoft about Skype. That part of the company seems to be continuing their long practice of secrecy regarding surveillance issues. Regards, Chris On Fri, Dec 21, 2012 at 2:49 AM, Jacob Appelbaum ja...@appelbaum.netwrote: Hi, In light of the recent thread on journalism, I wanted to share this link about Skype: https://en.greatfire.org/blog/2012/dec/china-listening-skype-microsoft-assumes-you-approve With 250 million monthly connected users, Skype is one of the most popular services for making phone calls as well as chatting over the Internet. If you have friends, family or business contacts abroad, chances are you are using Skype to keep in contact. Having said that, you are probably not aware that all your phone calls and text chats can be monitored by the censorship authorities in China. And if you are aware, chances are that you do not consent to such surveillence. Microsoft, however, assumes that you do consent, as expressed in their Privacy Policy: Skype, Skype's local partner, or the operator or company facilitating your communication may provide personal data, communications content and/or traffic data to an appropriate judicial, law enforcement or government authority lawfully requesting such information. Skype will provide reasonable assistance and information to fulfill this request and you hereby consent to such disclosure. All the best, Jacob -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
Re: [liberationtech] Skype Manager Chinese
I am not a lawyer but legally they would be hers, I think, confidentiality notices notwithstanding. But again, I am not a lawyer. Technologically, shouldn't she save them to pass them to someone who can safely inspect them? (Would make a good story on NPR if something were discovered!) Finally, haste makes waste. ___ liberationtech mailing list liberationtech@lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click yes (once you click above) next to would you like to receive list mail batched in a daily digest? You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech