Tag: Paris

French Windows privacy slammed

c3f9850de05b9d4e64c50e5353a17117The French government is furious that Windows 10 appears to collect rather too much user data.

France’s National Data Protection Commission (CNIL) has order Microsoft to comply with the French Data Protection Act within three months. and “stop collecting excessive data and tracking browsing by users without their consent.”

In addition to this, the chair of CNIL has notified Microsoft that it needs to take “satisfactory measures to ensure the security and confidentiality of user data”. The notice comes after numerous complaints about Windows 10, and a series of investigations by French authorities which revealed a number of failings on Microsoft’s part.

Microsoft is accused of not only gathering excessive data about users, but also irrelevant data. The CNIL points to Windows 10’s telemetry service which gathers information about the apps users have installed and how long each is used for. The complaint is that “these data are not necessary for the operation of the service”.

The company is also criticised for its lack of sufficient security — such as the four-digit PIN used to protect payment information which does not have a limit on the number of guesses that can be made. The CNIL’s list of complaints does not end there. It also took exception to the activation of an advertising ID for tailored advertising without user consent, the lack of cookie blocking options, and the fact that data is being transferred out of Europe to the US.

In a statement, the CNIL said:

Given the above, the Chair of the CNIL has decided to issue a formal notice to Microsoft Corporation to comply with the Act within three months. This proceedings only commits French Data protection authority. The other data protection authorities belonging to the WP29 Contact group are continuing their investigations within their respective national procedures.

The purpose of the notice is not to prohibit any advertising on the company’s services but, rather, to enable users to make their choice freely, having been properly informed of their rights.

It has been decided to make the formal notice public due to, among other reasons, the seriousness of the breaches and the number of individuals concerned (more than ten million Windows users on French territory).

Vole is probably not too concerned. It fully expects the cheese munching surrender monkeys to back down when the three month deadline it is up, but if France’s objection is heard by the Germans, who are a lot more earnest about privacy then it might have a fight on its hands.

Top three net companies sued over Paris deaths

parisThe dad of one of the 130 people killed in the Paris shootings is suing Google, Facebook and Twitter claiming that they knowingly helped the terrorists.

Reynaldo Gonzalez’s daughter, Nohemi, was among the 130 killed when religious extremists attacked Paris last year.  He claims that Twitter, Facebook and Google for facilitating the spread of “extremist propaganda” after alleging the trio “knowingly permitted” ISIS to recruit, raise money and spread its message across each of the respective platforms.

The court documents say that for years, the companies have knowingly permitted the terrorist group ISIS to use their social networks as a tool for spreading extremist propaganda, raising funds and attracting new recruits.

“This material support has been instrumental to the rise of ISIS, and has enabled it to carry out numerous terrorist attacks, including the 13 November 2015 attacks in Paris, where more than 125 were killed, including Nohemi Gonzalez.”

Without Twitter, Facebook and Google-owned YouTube, religious extremists would not have the infrastructure to get their message to the masses, he claimed.

While we are sympathetic for his loss, the court does appear a bit unfair. Each company goes to great lengths to police its ranks and remove offending content. It is a game of “wack-a-rat”, which companies often lose because of it being the internet. The danger is that he might actually win which would leave internet companies open to massive lawsuits every time there is a terrorist act.

Blaming the Internet for the sins of humanity is not the best way to move forward on anything.  The big three are developing AI in an attempt to clamp down on extremist posts.  If they pull it off then there will be fewer extremist sites and posts. It is taking a while to get the tech right.

Tech Industry group weighs in on back doors

Backdoor_crop380wA leading US-based technology lobby group rejected calls to give US law enforcement authorities backdoor keys to let them circumvent encryption technology for mobiles.

The Information Technology Industry Council said in a statement that the post-Paris move to weaken encryption to help the government monitor electronic communications in the name of national security “simply does not make sense”.

Dean Garfield, president of the Washington-based organization, which represents Apple, Google, Microsoft and dozens of other blue-chip tech companies said that after “a horrific tragedy like the Paris attacks, we naturally search for solutions: weakening encryption is not a solution.”

US intelligence officials and lawmakers have seized on the assault to rekindle a debate about whether tech companies should cooperate with authorities by building “backdoors” into encrypted devices and platforms.

Government authorities have said the growing prevalence of encrypted email and messaging platforms, such as iMessage or WhatsApp, hamstring their ability to monitor criminal suspects and thwart militant plots.

The Paris attackers did not use any particular form of secure messaging and a mobile phone recovered by French authorities at the scene of one of the attacks was found with an unencrypted text message.

Last month, the White House abandoned an effort to lobby tech companies and Congress to allow law enforcement and intelligence officials backdoor access to encrypted messaging. The idea has re-emerged in the wake of Paris, but congressional aides say federal legislation on the issue remains unlikely.

Privacy advocates, tech companies and security researchers say backdoors would expose data to malicious hackers.

“Encryption is a security tool we rely on everyday to stop criminals from draining our bank accounts, to shield our cars and airplanes from being taken over by malicious hacks,” Garfield said in his statement.

“We deeply appreciate law enforcement’s and the national security community’s work to protect us, but weakening encryption or creating backdoors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys.”

Spooks use Paris atrocity to kill encryption

Despite the fact that IS terrorists were not using encryption to communicate their cunning plans, governments all over the world are bringing in laws to stop technology companies from offering the security option without providing the authorities with back-door keys.

Manhattan District Attorney Cyrus Vance called for federal legislation requiring tech companies such as Google and Apple to design smartphone operating systems so law enforcement can unlock data stored on them.

He urged Congress to pass a law mandating that information stored on phones built or sold in the United States incorporate weaker encryption standards than currently used so data are accessible to investigators.

Silicon Valley companies have moved to make strong encryption the default setting on their devices. Vance insisted that the moves from Apple and Google had a “severe” impact on public safety.

Vance said a new federal law to allow access for law enforcement “would not require new technology or costly adjustments.”

“It would require, simply, that designers and makers of operating systems not design or build them to be impregnable to lawful governmental searches,” he said.

Yet the proposal does not apply to encrypted conversations sent between devices so terrorists could use them for that. But if your bomb maker wanted to encrypt his stored emails or phone conversations he or she could be in trouble.

Little odd really given that most terrorists want to destroy any messages to prevent them being found by coppers.

Neema Singh Guliani, legislative counsel with the American Civil Liberties Union, called Vance’s proposal “just an extension of the same rhetoric that we’ve heard.”

Richard Burr, the Republican chairman of the Senate Intelligence Committee, have argued the Paris attacks show that concerns about encryption legitimate. We are not sure how because the Paris attackers didn’t use encryption

New York Times pulls Paris encryption story

6a00d8341d417153ef010535fdd087970b-800wiFor a while now the New York Times has blotted its street cred by printing Apple adverts pretending they are news, but it appeared that when it did the same thing for government spooks, it got out of its depth rather fast.

Earlier this week it ran a story which claimed that the Paris attackers were able to get away with their diabolical deeds because they used encrypted communications which the government could not spy on.

The story was straight from the hymn book that government spooks and their right-wing government cronies have been chanting from for ages. Namely that to protect people from terrorists, government spooks need encryption keys.

However there was one problem with the story – it was untrue.

On Sunday, the Times published a story citing unidentified “European officials” who told the outlet the attackers coordinated their assault on the French capital via unspecified “encryption technology.”

The “Euro officials” said it was unclear whether the encryption was part of widely used communications tools, like WhatsApp, which the authorities have a hard time monitoring, or something more elaborate.

The story was pulled and all references to the word and now a second story replaces it with the word “encrypt” removed. Politico published a story Sunday quoting Belgium Interior Minister Jan Jambon naming PlayStation 4 as a difficult communication platform to “decrypt”. French authorities said they confiscated at least one of the video game consoles from one attacker’s belongings.

“’The most difficult communication between these terrorists is via PlayStation 4,”’ the minister said, three days before the terrorist attacks in Paris. ‘”It’s very, very difficult for our services — not only Belgian services but international services — to decrypt the communication that is done via PlayStation 4.’”

But the PS4 method of communication is not really encryption. It forces spooks to monitor in game conversations or coded methods like spelling words with dropped items or shooting walls. These are hard to monitor.

But what the New York Times and its ilk are unaware of is that there are moves afoot in the intelligence community to get the government to reverse its stance on mass surveillance using Paris as an excuse.

Former CIA Deputy Director Michael Morell said he suspects the Paris attacks will weigh heavily on the encryption fight.

“I think what we’re going to learn is that these guys are communicating via these encrypted apps, the commercial encryption, which is very difficult, if not impossible, for governments to break, and the producers of which don’t produce the keys necessary for law enforcement to read the encrypted messages,” Morell said on CBS’ “Face the Nation” Sunday.

“We need to have a public debate about this,” he continued. “We have in a sense had a public debate — that debate was defined by Edward Snowden, and the concern about privacy. I think we’re now going to have another debate about that — it’s going to be defined by what happened in Paris.”

French government wants a Dailymotion

OrangesFrance’s Orange has promised to look at all offers for its Dailymotion video-sharing site after being leaned on by the government.

The French Economy Minister Emmanuel Macron said that France was seeking to promote a strong European digital sector.

Speaking on BFM Business, Macron denied that he was opposed to an alliance with Asia’s PCCW, presumably because they did not know how to cook outside of a giant frypan.

“I did not say ‘no’ … They have an industrial project which is excellen… What I said was: ‘Should we enter into exclusive negotiations?’ The answer is no. We should look at all the offers,” he said.

Macron when asked about media reports that he favoured a European alliance for the operation.

He said: “We (France) are a state and we have a European digital policy.” Yes, but are you in favour of the sale, you could easily have just answered “I like Langue de boeuf for all the relevance that answer contained.

Part of Macron’s problem is that Dailymotion is one of those rarities – a French startup which did really well. The company, founded in 2005, has managed to attract funding and expand globally, but Orange has argued for years that to catch up with Google Inc.’s YouTube, it needs to find partners.

In 2013, then-Industry Minister Arnaud Montebourg prevented Orange from selling a majority stake in the site to U.S. Web giant Yahoo Inc. After the deal fell apart, Mr. Montebourg said the U.S. tech firm might have “devoured” a French jewel.

French revolting over Google's privacy policy

The French have revolted against Google’s new privacy rules and have launched an inquiry into their application.

According to Reuters, France’s data protection watchdog thinks the new privacy rules are dodgier than an entire cookbook of English cuisine and wonders if they breach European laws.

The CNIL regulator has written a stiff letter to Google saying that it will lead a European-wide investigation of the web giant’s latest policy and would send it questions by mid-March.

At the beginning of the year, Google said it was simplifying its privacy policy, consolidating 60 guidelines into a single one that will apply for all of its services, including YouTube, Gmail and its social network Google+.

However, it added that it plans to pool data it collects on individual users across its services, allowing it to better tailor search results and improve service. Users cannot opt out of the new policy if they want to continue using Google’s services.

The French regulator said that CNIL and EU data authorities are “deeply concerned” about the combination of personal data across services and have strong doubts about the lawfulness and fairness of such processing, and its compliance with European data protection legislation.

Google planned to put the changes into effect in March and has told European regulators to go forth and multiply for asking for a delay.

Writing in its bog, Google said it was happy to answer questions from Europe’s data protection authorities, however privacy policies will change today, 

Software bundling faces liquidation in the European Union

Hardware makers who insist on installing software that their punters don’t want might find themselves having to offer refunds.

A French court has ordered Lenovo to write a cheque to one of its customers who did not want Windows installed.

According to the French campaign group No More Racketware,  Stéphane Petrus’s four year court battle could open the way for PC buyers elsewhere in Europe to obtain refunds for bundled software they don’t want,

Petrus bought a Lenovo 3000 N200 laptop from French retailer Cybertek in December 2007. The PC had Microsoft Windows Vista and other software installed on it, none of which Petrus wanted.

He applied for a refund from Lenovo under a French law forbidding the sale of one product to be tied to the sale of another. However in November 2008, the court rejected his request, telling him that if he didn’t want to pay for the copy of Windows, he should have returned the PC.

But this was overturned by the Court of Cassation two years later on appeal, and sent back to the court in Aix en Provence for retrial, on the grounds that the lower court had not considered whether the case was covered by the provisions of the 2005 European Union directive on unfair commercial practices.

Judge Jean-Marie Dubouloz ordered Lenovo to pay Petrus legal costs of €1,000 (around US$1,300), damages of €800 and to refund the cost of the Windows license.

Petrus thought the cost of the software was €404.81, but the court found that excessive, given that he had paid €597 for the PC and software.

No More Racketware welcomed the ruling, saying it symbolised the crumbling of the bundling of hardware and software in France.

However it pointed out that since the case was won using an European directive regulating unfair commercial practices, it meant that it could set a legal precedent in other EU countries too.

Writing in his bog Frédéric Cuif, attorney for Petrus, said that the the ruling was a step in the right direction. 

The Japanese are what they eat

The Japanese are fast becoming what they eat, according to a team of scientists.

Apparently the traditional Japanese diet transfers the genes of “sushi-specific” digestive enzymes into the human gut.

The upshot is that sushi mutates the DNA of the gut so that it can actually be digested.

According to the journal Nature, a team, led by Jan-Hendrik Hehemann from Universite Pierre et Marie Curie (UPMC) in Paris, France, was studying red algae known as Porphyra.

Porphyra is the nori seaweed traditionally used raw to wrap sushi rolls and the team isolated the new enzyme, which they called porphyranase, from the bacteria living on the seaweed.

These enzymes digest or break down the tough walls that encapsulate each algal cell – allowing the bacteria to feed.

Dr Mirjam Czjzek , also from UPMC, was a senior member of the research team.searched through hundreds of databases of genes – looking for where else this unusual new enzyme might occur.

They found that the enzyme existed in the gut bacteria of a group of 13 Japanese people.

Five out of the 13 people had this same gene and the rest had similar genes that coded for enzymes with a similar function – to break down the algal cell wall, she noted.

When the team looked at the ample guts of Americans they didn’t find the gene. This means you must have eat a lot of sushi for it to have an effect.

While mutation is not good if you are going to transform yourself into a fly, having seaweed-digesting genes could be beneficial. It means that you can extract nutrition from plant material they otherwise would not be able to digest.

Still if you are what you eat, then the Japanese better start worrying about becoming whales and the Americans should fear becoming cheeseburgers.

Aircrash prompts law suits against Airbus, Intel, Motorola, others

A large number of complaints against parties alleged to be involved in the Air France Flight 447 aircrash on June 1st 2009 have been filed in US district courts.

All of them name Airbus, Honeywell, Thales, Motorola, Intel, Rockwell Collins, Hamilton Sundstrand, General Electric, Goodrich, Rosemount Aerospace, Dupont, Judd Wire and Raychem as defendants in the cases.

The Airbus  A330-200 departed Rio De Janeiro headed for Paris and crashed into the Atlantic Ocean, 680 miles off the coast, killing all 216 passengers and 12 crew.

The plaintiffs are family and other individuals related to those who died.

The complaints allege that there were design and manufacturing defects in the aircraft and its components.

It’s alleged that the radar system didn’t give accurate data and weather information, and pitot tubes gave inaccurate speed information to the plane’s air data inertial reference units (ADIRU) and flight control computers.  

The computers could not prevent “dangerous, erroneous and unauthorized flight control movements” and the software failed to  filter out inaccurate data. The microprocessors on the plane prevented the installed software from working properly and created inaccurate data, it’s alleged. Also, the aircraft wiring was defective and caused inaccurate information to be sent to the ADIRUs and flight control computers, it’s alleged.

Both Motorola and Intel are accused of making components including microprocessors and flight control computers that were defective. In total, 18 separate filings were made between the 18th and the 19th of March, last.

The US legal system will probably consolidate all the cases into one.