Email to my usual UM Law address has been down for the last 24 hours due to multiple hardware failures of the law school’s network hardware. Barring miracles, latest projections don’t have it up until Monday if then.
If you need to reach me, or have tried recently to reach me, please use the following formula until further notice:
where you make the appropriate substitutions for “myfirstname” (michael) and “mylastname” (starts with an “f”).
EFF and other fine groups announce DETEKT, a spyware detection tool. It’s a joint project with Amnesty International, Digitale Gesellschaft, and Privacy International. Read the disclaimers and instructions carefully.
Note also that they seem to be on a very short release cycle: I downloaded version 1.1 at work yesterday (nothing detected), and just downloaded version 1.3 at home today.
Disclosure: I’m a proud member of the Electronic Frontier Foundation Advisory Board.
Here, via Marty Lederman, is the opinion of the Office of Legal Counsel underlying President Obama’s new ‘deferred action policy’ on certain classes of undocumented immigrants.
Spoiler alert: the President is exercising powers delegated to him by Congress plus a dose of prosecutorial discretion. This really isn’t as if a future President were to say, “we will not enforce the estate tax.”
Electric shock study suggests we’d rather hurt ourselves than others:
[A] new study that forced people into the dilemma of choosing between pain and profit finds that participants cared more about other people’s well-being than their own. It is hailed as the first hard evidence of altruism for the young field of behavioral economics.
I just joined Ello, the ad-free, public-spirited, clean-design alternative to Twitter.
It’s pretty, and I like the spirit of the thing, but I’m not sure yet what I’ll do with it — many of the accounts there seem much more graphics-oriented than I am. Not to mention cooler.
Looks like the IAB is being all Habermasian again:
IAB Statement on Internet Confidentiality
In 1996, the IAB and IESG recognized that the growth of the Internet depended on users having confidence that the network would protect their private information. RFC 1984 documented this need. Since that time, we have seen evidence that the capabilities and activities of attackers are greater and more pervasive than previously known. The IAB now believes it is important for protocol designers, developers, and operators to make encryption the norm for Internet traffic. Encryption should be authenticated where possible, but even protocols providing confidentiality without authentication are useful in the face of pervasive surveillance as described in RFC 7258.
Newly designed protocols should prefer encryption to cleartext operation. There may be exceptions to this default, but it is important to recognize that protocols do not operate in isolation. Information leaked by one protocol can be made part of a more substantial body of information by cross-correlation of traffic observation. There are protocols which may as a result require encryption on the Internet even when it would not be a requirement for that protocol operating in isolation.
We recommend that encryption be deployed throughout the protocol stack since there is not a single place within the stack where all kinds of communication can be protected.
The IAB urges protocol designers to design for confidential operation by default. We strongly encourage developers to include encryption in their implementations, and to make them encrypted by default. We similarly encourage network and service operators to deploy encryption where it is not yet deployed, and we urge firewall policy administrators to permit encrypted traffic.
We believe that each of these changes will help restore the trust users must have in the Internet. We acknowledge that this will take time and trouble, though we believe recent successes in content delivery networks, messaging, and Internet application deployments demonstrate the feasibility of this migration. We also acknowledge that many network operations activities today, from traffic management and intrusion detection to spam prevention and policy enforcement, assume access to cleartext payload. For many of these activities there are no solutions yet, but the IAB will work with those affected to foster development of new approaches for these activities which allow us to move to an Internet where traffic is confidential by default.