-------- Original Message -------- Subject: EFFector 18.29: Help Reverse-Engineer the Secure Flight Database Date: Thu, 25 Aug 2005 12:14:14 -0700 (PDT) From: EFFector list <[EMAIL PROTECTED]> Reply-To: EFFector list <[EMAIL PROTECTED]> Organization: EFF To: [EMAIL PROTECTED] EFFector Vol. 18, No. 29 August 25, 2005 [EMAIL PROTECTED] A Publication of the Electronic Frontier Foundation ISSN 1062-9424 In the 346th Issue of EFFector: * Action Alert: Request Your File and Help Reverse-Engineer the Secure Flight Database! * Sun's "Open Media Commons" Is More Like a Gated Community * Digital Artists Deserve the Right to Copy Movies * EFF Wants You to Make Online Anonymity Easy: Announcing the Tor Graphical User Interface Competition * EFF Launches Cooperating Techs Listserv - Take Two * Thank You, LinuxWorld! * miniLinks (11): Court: DMCA Can't Prohibit Third-Party Repairs * Staff Calendar: 09.02.05 - 09.05.05 - Annalee Newitz speaks at DragonCon, Atlanta, GA * Administrivia For more information on EFF activities & alerts: <http://www.eff.org/> Help EFF protect privacy, innovation, and free speech. Make a donation and become a member today! <http://secure.eff.org/support> Tell a friend about EFF: <http://action.eff.org/site/Ecard?ecard_id=1061> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Action Alert: Request Your File and Help Reverse-Engineer the Secure Flight Database! Just what did the Transportation Security Administration (TSA) do with the more than 100 million personal data records it obtained while testing the Secure Flight air travel monitoring system? And whose personal travel records - including name, birth date, phone number, mailing address, itinerary, and credit card information - did TSA rifle through? When four Alaska residents filed a Privacy Act request to find out, officials said they couldn't locate the records. That same day, TSA announced they had already destroyed some of the records provided by the airlines. We sure hope that TSA isn't shredding the evidence! TSA says that 3 million of 15 million passenger records that were handed over by the airlines have already been deleted. The fate of the remaining 12 million records is unclear, as is the status of over 100 million commercial data files that private contractors later collected, based on variations of 42,000 passenger names plucked from eight airlines. The fact that the contractors collected and passed on this extra information means that TSA didn't just get travel records of people who flew in June of 2004. It matched travel records with commercial records that contained information supplied to credit bureaus, such as the credit cards you have and your credit history. Even more troubling is the fact that TSA collected commercial records for people who didn't even fly! *If your name is a variation on the name of one of the passengers in the initial database, TSA may have a file on you.* The four Alaska residents are requesting that the deletion of Secure Flight records stop until a search for their records - and any others seeking to discover what happened in Secure Flight - is complete. Right now, they're suing to stop the deletion. Here's how you can help. You can request your own records, pushing TSA to freeze any plans to purge the database until all your questions are answered. Your request will not only pressure TSA to come clean about Secure Flight's test phase, it will also help "reverse-engineer" the program - giving us a clear view of how TSA will treat your private information when Secure Flight is fully implemented. Don't let TSA continue to abuse the public's trust - request your file today: <http://action.eff.org/secureflight> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Sun's "Open Media Commons" Is More Like a Gated Community EFF Warns Consumers That Digital Rights Management Is Incompatible with Fair Use San Francisco, CA - On Monday, Sun Microsystems announced its new "Open Media Commons," a digital rights management (DRM) project that the company claims will foster sharing of media while protecting copyrights. However, Sun has offered no evidence that its DRM system will be any better than the Microsoft DRM that it's supposed to challenge. "No one woke up this morning and said, 'I wish Sun would figure out a way to let me do less with my music and movies,'" said Cory Doctorow, EFF's European Affairs Coordinator. "DRM doesn't sell hardware, software, or movies. The only reason to build DRM is to trade your users' freedoms for a bit of favor from the entertainment companies, a promise that they'll generously allow your record player to play their records - provided it meets with their approval. If Sun wants to ship technology that competes with Microsoft DRM, it should start by asserting that copyright holders never get to design the record players their records play on." Any software system, open or not, that blocks users from making legal use of digital content is not consumer friendly. And DRM systems are notorious for blocking people from making fair uses of content by preventing the duplication of all works, even if those works are in the public domain, are being copied for educational purposes, or are publicly owned materials such as government-gathered facts. Because the Digital Millennium Copyright Act (DMCA) makes it illegal to circumvent DRM, there is no lawful way for people to override DRM systems - even if they are doing it to make legal copies. Sun says one of its goals with Open Media Commons is specifying "open, royalty-free digital rights management and codec standards" to "[ensure] intellectual property protection." The problem with this approach is that making DRM "open" and "royalty-free" doesn't make it any less capable of restricting the public's rights under copyright. Using "commons" in the name is unfortunate, because it suggests an online community committed to sharing creative works. DRM systems are about restricting access and use of creative works. A better way to protect the public's ability to make fair use of their media is to support the Digital Media Consumers' Rights Act (DMCRA, HR 1201). That bill would permit people to circumvent DRM on media in order to make a legal use of that media. For this release: <http://www.eff.org/news/archives/2005_08.php#003929> Support DMCA Reform - Help Pass HR 1201! <http://action.eff.org/site/Advocacy?id=115> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Digital Artists Deserve the Right to Copy Movies EFF Asks Federal Court to Save Fair Use on "Intermediate Copies" Colorado - EFF this week asked the Colorado Federal District Court to rule that copying an entire movie to a computer to make a new, lawful work is fair use. The case, Huntsman v. Soderbergh, involves the companies Family Flicks and Play It Clean Video, which make and distribute copies of movies with sexual and violent content removed. To make these "clean" copies of popular films, the companies must first make an "intermediate copy" of the entire movie on a computer in order to edit it. Members of the Motion Picture Association of America (MPAA), along with several prominent film directors, claim that copying movies in order to make them "clean" is copyright infringement. In a friend-of-the-court brief, EFF argues that as long as making clean movies is not itself an infringing activity, the practice of making intermediate copies should be considered non-infringing also. This is a important point, because intermediate copies are crucial to the process of creating new copyrighted works. A documentary filmmaker, for instance, might need to make temporary intermediate copies of movies in order to get footage for a film. In the software industry, the process of duplicating a copyrighted work to make an original work is known as reverse engineering, and it has been ruled a fair use in several courts. "People who make movies should have the same rights software engineers have had for years," said EFF Staff Attorney Jason Schultz. "Fair use makes new art possible." For this release: <http://www.eff.org/news/archives/2005_08.php#003927> For the amicus brief: <http://www.eff.org/legal/cases/Huntsman_v_Soderbergh/20050822_eff_amicus.pdf> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * EFF Wants You to Make Online Anonymity Easy Announcing the Tor Graphical User Interface Competition San Francisco - Now information designers can make it easier for people to protect themselves online. The developers of Tor, a software tool for communicating anonymously online, this week announced the Tor graphical user interface (GUI) competition. Entrants will create a usable and aesthetically pleasing GUI for the Tor program, which will allow people to install and configure Tor easily and monitor the software's performance while it's running. "Security depends on knowing what's working correctly and what isn't," said Roger Dingledine, Tor project leader. "A good interface tells users what's going on so they can make smart decisions." Tor, which is currently being developed with support from EFF, helps anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features. The competition has two phases. First, there will be a design competition where entrants can submit mock-up sketches of good interfaces. Second, there will be a competition to create working implementations of good interfaces. People are encouraged to submit to either phase or both phases. Winning entries will be open source, exhibit strong graphic design, and include an intuitive and simple interface. Students, freelancers, and professionals at all levels are encouraged to enter. Everyone who enters will get a free Tor t-shirt, and the best sketches and working implementations will be published on the Tor website. The competition winners will be announced at the 2006 Symposium On Usable Privacy and Security (SOUPS) conference. For this release: <http://www.eff.org/news/archives/2005_08.php#003915> The Tor GUI competition rules: <http://tor.eff.org/gui/> SOUPS conference: <http://cups.cs.cmu.edu/soups/> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * EFF Launches Cooperating Techs Listserv - Take Two Not long ago we told you about our new "Cooperating Techs" listserv to help connect technologists with attorneys working on cases that are core to EFF's mission but beyond what we can handle in-house. After a couple of weeks with only a few responses, we realized we made a technical mistake with the email alias for signing up! Now that we've recognized our error - as well as the irony - we've corrected the problem. If you're a technologist who'd like to apply your skills to the fight for digital civil liberties, please send - or re-send - an email to [EMAIL PROTECTED] We promise that this time, your request will get through - and you'll even get a confirmation notice to prove it! For more information about how the list will work, see: <http://www.eff.org/effector/18/25.php#VI> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Thank You, LinuxWorld! Many, many thanks to all who stopped by the EFF booth at the San Francisco LinuxWorld Conference & Expo. And an extra THANK YOU to everyone who gave to support our work. Donations at the conference totaled just over $13,000 - every penny of which will go to defending free speech, fair use, innovation, and privacy online! If you didn't get a chance to join EFF at LinuxWorld, it's not too late - become a member today! <http://secure.eff.org/support> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * miniLinks miniLinks features noteworthy news items from around the Internet. ~ Court: DMCA Can't Prohibit Third-Party Repairs A federal court has reversed the decision that said that StorageTek, which makes tape library backups, could use the DMCA to sue anyone who serviced its devices: <http://fedcir.gov/opinions/04-1462.pdf> EFF's own Jason Schultz picks out the good bits: <http://www.eff.org/cgi/tiny?urlID=529> (Copyfight) ~ Thomas Congressional Database to Be Revamped All kinds of rumored new features. One thing's for sure - it'll probably break all those web-scrapers: <http://www.fcw.com/article90072-08-17-05-Web> ~ The Web of Law Legal cites have the same scale-free network topology as scientific papers, the Web, and that dumb social- networking site you joined once: <http://papers.ssrn.com/sol3/papers.cfm?abstract_id=642863> ~ The Section 108 Study Group The Library of Congress has convened a group of experts to deliberate on the future of copyright exemptions for libraries and archives - not an easy gig: <http://www.loc.gov/section108/> ~ The Broadcast Flag Should Be Scrapped, Not "Fixed" The Center for Democracy & Technology is waffling on the "broadcast flag" technology mandate, which was defeated in court but threatens to return in Congress: <http://news.com.com/2061-10796_3-5842143.html> Here's our take: <http://www.eff.org/deeplinks/archives/003930.php> ~ Customers of UK ISP Get to Share all the Sony Music They Want And the *artists get paid.* What a great idea! <http://www.boingboing.net/2005/08/22/customers_of_new_uk_.html> ~ Convoluted Copyright Regime Made Slightly Easier Want to know whether something is in the public domain? Simply follow this six-deep, sixteen-node, seven-footnoted flowchart: <http://www.bromsun.com/practice/copyrights/flowchart.html> ~ And that Diaper Pin - Definitely a Concealed Weapon Babies as young as two years old are being identified and detained as potential terrorists by TSA officials just following the rules: <http://sfgate.com/cgi-bin/article.cgi?file=/n/a/2005/08/15/national/w115806D06.DTL&type=printable> ~ Muni Electricity, Muni Broadband National Journal compares the current fight for municipal broadband with the fight for municipal utilities in the 1900s: <http://njtelecomupdate.com/lenya/telco/live/tb-YXUG1123795635336.html> ~ Umm - Is She a Munition, Too? ACM comments on the refusal to allow the researcher who broke SHA-1 into the US: <http://www.acm.org/usacm/weblog/index.php?p=310> ~ Fasten Your Seatbelts Ed Hasbrouck with an overview of what's happening with the increasingly troubled Secure Flight program: <http://hasbrouck.org/blog/archives/000731.html> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Staff Calendar For a complete listing of EFF speaking engagements (with locations and times), please visit the full calendar: <http://www.eff.org/calendar/> September 2-5 - Annalee Newitz speaks at DragonCon, Atlanta, GA <http://www.dragoncon.org/> : . : . : . : . : . : . : . : . : . : . : . : . : . : . : * Administrivia EFFector is published by: The Electronic Frontier Foundation 454 Shotwell Street San Francisco CA 94110-1914 USA +1 415 436 9333 (voice) +1 415 436 9993 (fax) http://www.eff.org/ Editor: Donna Wentworth, Web Writer/Activist [EMAIL PROTECTED] Membership & donation queries: [EMAIL PROTECTED] General EFF, legal, policy, or online resources queries: [EMAIL PROTECTED] Reproduction of this publication in electronic media is encouraged. Signed articles do not necessarily represent the views of EFF. To reproduce signed articles individually, please contact the authors for their express permission. Press releases and EFF announcements & articles may be reproduced individually at will. Current and back issues of EFFector are available via the Web at: <http://www.eff.org/effector/> Click here to change your email address: http://action.eff.org/addresschange -- Paul G. Allen Owner, Sr. Engineer, Security Specialist Random Logic/Dream Park www.randomlogic.com -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
