In response to a Freedom of Information Act request by the American Civil Liberties Union and the Electronic Frontiers Foundation, the Justice Department has sent back evidence that law enforcement officials can use Triggerfish pretty much whenever they want, without consulting the phone companies. This looks like the use of was could most charitably be called a giant goddamn loophole: secret Triggerfish deployment is OK because it only provides its users with rough location data by pairing serial numbers, phone numbers and other identifiers to a particular tower, rather than the actual content of conversations. The moral problems here are multifaceted, but the practical ones for, you know, fugitives, are easily solved: turn off your phone. You're welcome! [Ars]

It's available for download now, but be warned: this is an alpha release command line tool (read: newbies need not apply just yet). Serious code monkeys are encouraged to download and kick the tires a bit to see if it does as advertised. Mainly, that means detection of packet modifications or injections as they travel over IP networks. Past culprits in this category include anti-P2P tools from Sandvine (Comcast vs. BitTorrent), AudibleMagic, advertising injection systems like FairEagle, and censorship programs like those used in China.

Here's a little bit more on Switzerland from the EFF:

The software uses a semi-P2P, server-and-many-clients architecture. Whenever the clients send packets to each other, the server will attempt to determine if any of them were dropped, forged, or modified [...] Switzerland is a much more sophisticated successor to the pcapdiff software that we released last year. It automates many of the things that had to be done by hand with the earlier code.

One advantage this architecture has over other network testing tools is that it can spot arbitrary kinds of packet modifications in any protocol — it doesn't assume that the interference comes in the form of TCP reset packets or web page modifications, and it isn't limited to BitTorrent or any other specific application.

[EFF]

The EFF asked, "What's so bad about what Comcast's actions?"

One objectionable aspect of Comcast's conduct is that they are spoofing packets—that is, impersonating parties to an exchange of data. Comcast is essentially deploying against their own customers techniques more typically used by malicious hackers (this is doubtless how Comcast would characterize other parties that forged traffic to make it appear that it came from Comcast or its subscribers). In this sense Comcast is behaving worse than if they dropped a propor¬tion of packets under congested circumstances in order to throttle bandwidth usage, or even if they blocked certain ports on their network. In other words, Comcast is essentially behaving like a telephone operator that interrupts a phone conversation, impersonating the voice of one party to tell the other that "this call is over, I'm hanging up."

The patent explicitly describes the invention as a workaround for all of those pesky users who input incomplete, inaccurate or, God forbid, false demographic information. Of course, the thing will only work if the system can get ahold of a set of Web pages accessed by the user. That's probably right about the point where the EFF steps in.–Wilson Rothman

All-knowing browser [New Scientist]

Standing Up to the RIAA

Our first tip: be magnanimous about your impending victory.

The biggest trick the RIAA pulls is to convince legislators, the media and technology users that it's viewpoint is so compelling that there's no valid (or even legal) opposition to their behavior, and the general public should give up, and suck down burdens like DRM, endless lawsuits, patronizing anti-piracy warnings and consumer-unfriendly legislation.

In the language of the entertainment industry, fencing in legitimate activity like this is called "educating the end-user." But recently, those end-users have been doing some schooling of their own. Consumer-unfriendly practices get punished in the marketplace and every threat against an innocent child or a pensioner generates terrible publicity. Meanwhile non-paranoid business models succeed, and entertainers who treat their fans well do better than those who treat new opportunities like incoming missiles.

The RIAA's tactics are outdated and failing. It can't go on forever. Of course, it's gone on far too long already, and you're right to be frustrated at the collateral damage you have to suffer along the way. The good news is: There's plenty of ways to speed things up. It may be a downhill battle, but that doesn't mean you
still can't have fun oiling the sled.

Move the Market

Support for DRM is dying in the music industry. In tests, two-thirds of Euro music executives think about dropping DRM. Between being taunted by Steve Jobs, being sued in the face over rootkits and watching eMusic and its companions surround their lousy DRM offerings, they've been getting that message. Rub it in with your dollars.

Dig past the marketing, and learn about the DRM at your online music store. When buying hardware, find out and complain about copy controls and equipment that doesn't provide "unprotected" outputs. Encourage your favorite magazines and blogs to cover the downsides of burnt-in DRM. In short: Do what you do already. Then get your friends to do it too.

Fight for Copyright Reform

The greatest damage that the RIAA causes is when it whispers into the government's ear that even more legal shackles for technology and users are necessary. Read about what's being proposed—bills like The PERFORM Act, a backdoor assault on your right to record off the radio. Support reforms like the FAIR USE act. It doesn't cure all of copyright's ills, but it does get rid of statutory damages in cases against gadget makers. That means that the rightsholders can't hold the insane threat of $30,000 per infringement over innovators' heads.

You can write a letter to your rep on these topics and more in two minutes with the EFF's Action Center (and while you're there, sign our petition against the RIAA lawsuits).

Been there and done that? Then pick up the phone and call your rep for a little personal chat. Just take a couple of minutes to write down what your concerns are — excessive RIAA lawsuits, the DMCA anti-circumvention rules, the new webcasting fees, the attempts to kill home recording by suing XM and Sirius. Politely spell out your concerns, and ask for a written reply that explains what your rep plans to do about it.

If you're really serious, meet your representative in person. It's not as hard as you think. If a politician visits your college or workplace ask a question about the music industry's behavior (and if a representative of the RIAA or MPAA turn up, try asking some of our Frequently Awkward Questions. They love 'em.) Google your congressperson's local town hall meeting hours. If you're in Washington on business during a session, mail them to say you'll drop in. Don't worry about the details of policy: Just talk about how it affects you (and your business, or your opportunities). At the end of your chat, send their staff to speak to us, or to Public Knowledge in Washington, or to the Digital Freedom campaign to find out more.

Be polite and respectful: Every ordinary-looking voter who says that this is
what they worry about makes politicians reconsider the propaganda they're
sent.

Use your social network. If everyone is six degrees away from everyone else, someone in your family or your social network is one hop closer to whoever represents you in Congress. The RIAA paints its opposition as evil, cutlass-wielding criminals. Five minutes talking sense with a friendly face makes congresscritters a lot harder to sway with its propaganda.

Stand by Your Rights

Use 'em or lose 'em. Demand products with the features that the music industry would love to ban: that make space-shifting, or analog output reproduction, or off-the-air recording, easy and affordable. Rip those CDs to within an inch of lives for use on your portable player or home computer. Learn and understand about [fair
use](http://www.chillingeffects.org/fairuse/faq.cgi "Chilling Effect's Fair Use FAQ"). Sample and excerpt away for parody or educational use, and use YouTube or another video-sharing site to share your works when you do. Support your local library: Librarians are a powerful voice in asserting reasonable copyright law. Buy sell, and trade those secondhand CDs: It will remind you of the power of the first-sale doctrine, and will make you madder than hell if they come to take it away. It also lets you buy RIAA-connected music without contributing to their sales figures.

If you don't exercise those rights, you're playing the game how the RIAA want you to play it: defensively. It's time to go on the offense.

It'll take more than a month, but we're in for a long haul, and time — and technology — is on your side.

The EFF is a nonprofit group dedicated to protecting digital rights, and they're the ones battling the RIAA on the front lines — in court. They need all the help they can get, and by taking money you would have given to the RIAA and giving it to them you'll be doubly screwing the RIAA. It feels so good, you've just gotta try it. –Adam Frucci

EFF.org [Electronic Frontier Foundation]

EFF and others have long warned that copyright claims could become an altar on which personal privacy is sacrificed. Now the RIAA wants your ISP to voluntarily wield the knife, and there's no telling what else the RIAA might ask for once this cut has been made.

So now the ball is in the ISPs courts. Will they bend over to this new demand from the RIAA? We definitely need to be putting pressure on ISPs to let them know that we're paying attention and that their customers won't stand having their private records sold out to thugs. –Adam Frucci

EFF [via Broadband Reports]

Apple has graciously decided to step away from its campaign to force bloggers to reveal sources of leaked information about secret products. Even though the first trial of this case was decided in favor of Apple, the Electronic Frontier Foundation challenged that decision in an appeals court, which ruled that the Cupertino Fruit Company couldn't force the blogging journalists to rat on that Apple employee who squealed about a secret digital music project Apple called "Asteroid."

For some reason, the headstrong and secret-obsessed Apple "thought police" decided to let that appeals court decision stand. So what do you know? Bloggers now have the same rights as traditional reporters when it comes to protecting valuable sources of secret information. Hee haa! Sure, when you get a new hammer, everything starts looking like a nail, but we promise to use these newly-confirmed First Amendment rights wisely. – Charlie White

Apple Won't Pursue Source of Leak [San Francisco Chronicle]

Granted, this is a pretty cute video. It basically talks about the broadcast flag, the RIAA suing XM radio, and the Copy Protection Ninja Chip that will eventually be embedded at the base of our spines. Cute stuff and well worth a look... unless your PC isn't keyed to watch EFF content, then you'll be sued.

Corruptables [EFF]

Apple pushes to unmask product leaker [News.com]