Is Skype Involved In Spying?

Luxembourg’s data protection authority is investigating Microsoft-owned Skype for its alleged cooperation with the U.S. NSA’s Prism spying program, according to the agency.

Luxembourg’s data protection authority, CNPD, is investigating Skype’s links to NSA spying programs after receiving several complaints, said Tom Kayser, a spokesman for the authority. “I can’t really talk about the details of the investigation because it is still ongoing,” he said.

Skype, which has its European headquarters in Luxembourg, allegedly cooperates with the NSA through a program exploring the legal and technical issues involved in making customer calls available to intelligence and law enforcement agencies. The Guardian newspaper first reported the investigation.

The CNPD has powers to ensure that multinational companies based in Luxembourg respect national law, and often receives complaints from the data protection authorities of other European Union member states.

Privacy campaign group Europe-v-Facebook filed one of the complaints in June. That filing was part of a barrage of complaints filed in various countries against European subsidiaries of tech companies that are allegedly involved in the NSA’s spying program, including Facebook, Apple, Microsoft and Yahoo.

Under Luxembourg data protection law service providers and operators are required to ensure the confidentiality of communications and related traffic data.

“No person other than the user concerned may listen to, tap or store communications or the traffic data relating thereto, or engage in any other kinds of interception or surveillance thereof, without the consent of the user concerned,” reads the law’s unofficial English translation.

Violators can face up to a year in prison and/or a fine up to a!125,000 ($170,000). The court dealing with the matter can also order companies like Skype to stop any processing that conflicts with the law on pain of a periodic monetary penalty determined by the court.

“We regularly engage in a dialogue with data protection authorities around the world and are always happy to answer their questions,” a Microsoft spokeswoman said in an email. “It has been previously widely reported that the Luxembourg DPA was one of the DPA’s that received complaints from the ‘Europe v Facebook’ group so we’re happy to answer any questions they may have.”

Source

FCC To Auction Spectrum

The U.S. Federal Communications Commission will sell 10 megahertz of spectrum in the 1900MHz band for commercial mobile services in an auction set to start on Jan. 14, the agency announced.

The agency on last  Friday set a minimum price for licenses in the so-called H block of $1.56 billion, with some of the money funding the First Responder Network Authority (FirstNet), a government board building a nationwide broadband network for public safety agencies.

The auction will help mobile providers address a predicted spectrum shortage, said Mignon Clyburn, the FCC’s acting chairwoman. The auction “will help close the spectrum gap as well as contributing to the goal of making mobile broadband available to our nation’s first responders,” she said in a statement.

Congress, in the Middle Class Tax Relief and Job Creation Act of 2012, required the FCC to license 65 megahertz of spectrum, including the 10 megahertz in the H block, by February 2015.

The FCC has considered auctioning the 1915-1920MHz and 1995-2000MHz spectrum in the past, but concerns about interference with a nearby PCS block kept the commission from moving forward. An FCC order adopted in June created technical rules to keep the H block from interfering with PCS signals.

Commissioner Ajit Pai praised Clyburn for scheduling the auction. The spectrum “will help deliver bandwidth-intensive mobile services and applications” over mobile networks, he said in a statement.

Source

U.S. Cloud Vendors Hurt By NSA

Edward Snowden’s public unveiling of the National Security Agency’s Prism surveillance program could cause U.S. providers of cloud-based services to lose 10% to 20% of the foreign market — a slice of business valued at up to $35 billion.

A new report from the Information Technology & Innovation Foundation (ITIF) concludes that European cloud computing companies, in particular, might successfully exploit users’ fears about the secret data collection program to challenge U.S. leadership in the hosted services business.

Daniel Castro, author of the report, acknowledges that the conclusions are based, so far, on thin data, but nonetheless argues that the risks to U.S. cloud vendors are real.

Indeed, a month prior, the Cloud Security Alliance reported that in a survey of 207 officials of non-U.S. companies, 10% of the respondents said that they had canceled contracts with U.S. service providers after Snowden’s leak of NSA Prism documents earlier this year.

“If U.S. companies lose market share in the short term, it will have long-term implications on their competitive advantage in this new industry,” said Castro in the ITIF report. “Rival countries have noted this opportunity and will try to exploit it.”

To counter such efforts, the U.S. must challenge overstated claims about the program by foreign companies and governments, said Jason Weinstein, a partner in the Washington office of law firm Steptoe & Johnson and a former federal prosecutor and deputy assistant attorney general specializing in computer crime.

“There are a lot of reasons to be concerned about just how significant those consequences will be,” Weinstein said. “The effort by European governments and European cloud providers to cloud the truth about data protection in the U.S. was going on well before anyone knew who Edward Snowden was. It just picked up new momentum once the Prism disclosures came out.”

Weinstein contends that European countries have fewer data protection rules than the U.S.

For example, he said that in the U.K. and France, a wiretap to get content can be issued by a government official without court authority, but that can’t happen in the U.S.

“U.S. providers have done nothing other than comply with their legal obligations,” he said. But because of Snowden’s leaks, “they are facing potentially significant economic consequences.”

Gartner analyst Ed Anderson said his firm has yet to see any revenue impact on cloud providers since the Prism disclosures, but added, “I don’t think Prism does U.S. providers any favors, that’s for sure.”

Nonetheless, Anderson added, “I think the reality is [the controversy] is likely to die down over time, and we expect adoption to probably continue on the path that it has been on.”

One reason why U.S. providers may not suffer is because “the alternatives aren’t great if you are a European company looking for a cloud service,” he said.

Source

Google Encrypts Data

Google officially announced it will by default encrypt data warehoused in its Cloud Storage service.

The server-side encryption is now active for all new data written to Cloud Storage, and older data will be encrypted in the coming months, wrote Dave Barth, a Google product manager, in a blog post.

“If you require encryption for your data, this functionality frees you from the hassle and risk of managing your own encryption and decryption keys,” Barth wrote. “We manage the cryptographic keys on your behalf using the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing.”

The data and metadata around an object stored in Cloud Storage is encrypted with a unique key using 128-bit Advanced Encryption Standard algorithm, and the “per-object key itself is encrypted with a unique key associated with the object owner,” Barth wrote.

“These keys are additionally encrypted by one of a regularly rotated set of master keys,” he wrote. “Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage.”

Data collection programs revealed by former U.S. National Security Agency contractor Edward Snowden have raised questions about U.S. government data requests made to Internet companies such as Google for national security investigations.

A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.

“Our legal team reviews each and every request, and we frequently push back when the requests appear to be fishing expeditions or don’t follow the correct process,” she wrote. “When we are required to comply with these requests, we deliver it to the authorities. No government has the ability to pull data directly from our servers or network.”

Source

The DoD May Share Airwaves

The U.S. Defense Department is proposing to share some of its radio airwaves with private industry, a nod to growing pressure from the wireless industry and the Obama administration that federal agencies ease their control of valuable spectrum.

In a letter released by the Federal Communications Commission on Tuesday, the Department of Defense offers to share the airwaves it now dominates in the slice of frequencies from 1755 megahertz (MHz) to 1780 MHz with spectrum-hungry wireless and Internet companies.

The military would rearrange its systems within that slice of spectrum as well as the 2025-2110 MHz band and compress programs into the 1780-1850 MHz band that it would retain.

The Defense Department uses the airwaves for programs such as pilot training and drone systems and has faced criticism from some in the industry and in Congress for resisting efforts to open those airwaves for commercial use to satisfy growing demands posed by data-hungry gadgets and services.

The Pentagon had pointed to its own need for airwaves as its use of drones and other reliance on wireless technology grows. It also had estimated the process of moving its programs to new frequencies would cost more than $12 billion.

Under the new plan, the Defense Department drops the cost estimate to $3.5 billion by compromising on sharing slices of airwaves without completely clearing any of the spectrum bands.

In the letter, originally sent on July 17 to the National Telecommunications and Information Administration, which oversees federal airwaves, DOD Chief Information Officer Teresa Takai called the proposal “a workable balance to provide access to the 1755-1780 MHz band most desired by the commercial wireless industry while ensuring no loss of critical DoD capabilities.”

The NTIA, in its own letter to the FCC, said it had not had enough time to review the proposal and could not yet endorse it.

The FCC, with NTIA’s help, is preparing for several auctions of airwaves to take place in coming years, including one that would sell off chunks of federally controlled spectrum. They will be the first reshuffling of airwave ownership since 2008.

Congress has required the FCC to auction off the 2155-2180 MHz band by February 2015 and the industry has sought to pair up that slice of spectrum with the valuable 1755-1780 MHz band, arguing it would collect more money. Lawmakers in the House of Representatives have introduced a bill to ensure such pairing.

The FCC has been drafting a notice of proposed rulemaking that would seek public comments on how the FCC should auction those federally owned or already cleared airwaves to the wireless companies and an FCC official said the agency’s notice will address the Pentagon’s new proposal.

President Barack Obama last month directed federal agencies to look for ways eventually to give up or share more of their airwaves with the private sector. This followed his June 2010 call to open up 500 MHz of federal spectrum for commercial use.

Source

Is This A Mobile First World?

Judging from the number of people engrossed in activities with their smartphones on the sidewalk, in their cars and in public places, mobile seems to have stolen our attention away from the wired Internet and traditional TV.

However, there is a ways to go before mobile platforms become the primary place where consumers turn for entertainment and getting things done, players at  CTIA Wireless trade show said.

Nokia Siemens Networks announced new capabilities in its network software to make video streams run more smoothly over mobile networks. Among other things, the enhancements can reduce video stalling by 90 percent, according to the company. But even Sandro Tavares, head of marketing for NSN’s Mobile Core business, sees “mobile-first” viewing habits as part of the future.

“Now that the networks are providing a better capacity, a better experience with mobile broadband, mobile-first will come,” Tavares said. “Because the experiences they have with the devices are so good, these devices … start to be their preferred screen, their first screen.

“This is a trend, and this is something that will not change,” Tavares said. But he thinks it’s too early to build networks assuming consumers will turn to tablets and phones as their primary sources of entertainment. “Do you have to be prepared for mobile-first now? Probably not. You have to be able to keep the pace.”

For AT&T, mobile-first is a top priority for its own internal apps, ensuring employees can do their jobs wherever they are, said Kris Rinne, the carrier’s senior vice president of network technologies. But to make it possible over the network, a range of new technologies and relationships may have to come together, she said.

For example, giving the best possible performance for streaming video and other uses of mobile may require steering traffic to the right network if both cellular and Wi-Fi are available. AT&T is developing an “intelligent network selection” capability to do this, Rinne said. When AT&T starts to deliver voice over LTE, it will stay on the cellular network — at least in the early days — because the carrier has more control over quality of service on that system, she said.

Other issues raised by mobile-first include security of packets going over the air and rights for content that subscribers are consuming primarily on mobile devices instead of through TV and other traditional channels, Rinne said.

Source

Broadcom Goes UltraHD

As TV manufacturers show off UltraHD TVs at CES, communications chip maker Broadcom is introducing the guts of future gateways that will be able to deliver video for those sets into viewers’ homes.

Broadcom’s BCM7445 silicon platform, announced just hours before the show opened on Tuesday morning, will be able to process incoming video from cable, carrier and satellite services that has four times the resolution of typical 1080p video offered today, according to the company.

Like the eye-catching but expensive TVs on the show floor in Las Vegas, the BCM7445 is just one of the first of many steps to consumers watching UltraHD shows at home. New content, displays and delivery technologies will all be required for the new resolution, which is also known as 4K.

Broadcom expects its chip to be in volume production by the middle of next year, in time for mainstream UltraHD TVs that will probably hit the market for the late 2014 holiday season, said Joe Del Rio, associate product line manager at Broadcom. However, service providers, which will probably be the distributors of most of the gateways built with the BCM7445, may take longer to start sending UltraHD video to their subscribers, Del Rio said.

Source…

Rackspace Goes Openstack

Rackspace has finally deployed an Openstack based cloud, playing down claims that it benefits the most from the alliance.

Rackspace is one of the leaders of the Openstack alliance, an open source cloud initiative that aims to break Amazon’s stranglehold on the industry by offering open application programmable interfaces (APIs). Until now Openstack has largely been all talk, but Rackspace has deployed a production Openstack cloud that the firm claims will help it sell Openstack to the enterprise.

Fabio Torlini, VP of cloud at Rackspace said the firm has been “going flat out to make the code production ready”. Torlini said Rackspace’s decision to deploy an Openstack based cloud could be a tipping point in deployment. “It’s going to be the catalyst for many other companies deploying Openstack,” said Torlini.

Rackspace has been the largest contributor to Openstack and the fact that it has the first major Openstack deployment support claims that Rackspace is getting the most out of Openstack.

However Torlini said, “For us, we’re able to be the first one to launch a large scale Openstack compute platform because, yes, we are one of the main providers of the original code and we are a founder of Openstack, so we have tried to develop Openstack as a neutral foundation and it is a foundation to provide a service to all its members. But we’re lucky enough to be one of the founder members, to be able to drive it, and get there [deployment] first.”

Torlini defended Rackspace’s role in the Openstack alliance, claiming the strong leadership shown by the firm is good for the community. Torlini said, “Openstack is beneficial to the product itself but that’s the whole point. The whole idea of many more providers going onto Openstack helping develop the Openstack cloud, helping advance the actual products and code is the whole point of Openstack. On the counter side of that argument is if it’s beneficial for us it is just as beneficial for any other member of Openstack because they have access to the same code and they are able to provide.”

Torlini admitted that Openstack and the community is an advantage for the firm but claimed it wasn’t possible for Rackspace to dominate. “You have companies in Openstack that are far larger than Rackspace enabled to put much more resources into Openstack as well, it’s impossible for us to dominate Openstack – it’s an independent foundation. Is it advantageous from a product perspective? I should damn well hope so,” said Torlini.

Source…

Are Cloud Services A Risk?

Security experts have warned that the cloud could suffer the same kind of collapses that plague the financial system. Bryan Ford at Yale University in New Haven says that the full risks of this migration have yet to be explored. Complex systems, such as the Cloud, can fail in many unexpected ways and outlines various simple scenarios in which a cloud could come unstuck.

He said that a cloud could experience a full meltdown that could threaten any business. Ford said that while individual systems on a cloud might play nice, if you have other application providers in the same cause problems for another. He came up with a scenario were two conflicting load balancing programs operate with the same refresh period and when these periods coincide, the control loops start sending the load back and forth between the virtual servers in a positive feedback loop.

He said that “This simplistic example might be unlikely to occur in exactly this form on real systems—or might be quickly detected and “?xed” during development and testing—but it suggests a general risk.” Ford said that similar problems happened during ?nancial industry crashes.

Source…

PayPal Wooing SMB’s With Payments Service

PayPal is focusing on small businesses, service providers, and casual sellers on the move with its new PayPal Here service which allows vendors to process a variety of payments including checks and cards using their mobile phones.

The new service unveiled Thursday includes a free app and encrypted thumb-sized card reader, which allows merchants with an iPhone, and later Android smartphones, to process payments.

Merchants can accept payments by swiping cards in the card reader, scanning cards and checks using their phone cameras, or by entering card information manually into the app, the eBay unit said. They can also send an invoice and set payment terms, and accept PayPal payments from the app. The check facility is however only available in the U.S.

An iPhone version of the card reader and merchant app is available from Thursday to select merchants in the U.S., Canada, Australia and Hong Kong, with general availability in those countries scheduled for April. PayPal also plans to have an Android version of the merchant app by then. It will announce the availability of the service in more countries soon, it said.

Merchants pay a flat rate of 2.7 percent for card swipes and PayPal payments, while checks will be processed free of charge. Scanning of cards or typing the card information will be charged extra. PayPal Here merchants will also receive a business debit card for access to cash and 1 percent cash-back on eligible purchases.

PayPal will be competing with mobile payment systems from other providers such as Square and Intuit.

The key differentiator for PayPal Here in comparison to other small business mobile payment services is that it comes from a trusted brand in the online payments industry, with more than 100 million customers globally, David Marcus, vice president of mobile at PayPal said in a blog post.

« Previous Page — Next Page »