carapace – Not your father's america

By Patrick Lambert

May 3, 2013

Takeaway: A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

Patents can be signs of things to come. Of course, all large companies file patents on a regular basis, and they don’t always indicate upcoming products. Sometimes those patents simply show ideas that the company researchers had and that they want to protect in case they ever turn out to be good. But sometimes, patents can show what is about to be implemented, and this might just be the case in a new McAfee patent called “Detect and prevent illegal consumption of content on the internet.” As the name suggests, it describes a method that the anti-malware giant may implement to help fight online piracy, and what makes it more credible than a lot of other patents is the use of dialog mockups which could well be part of its current security suite.

The patent itself describes a way that a security software could scan URLs as they are entered by the user into a web browser, email client, or anywhere on their system. These addresses would be sent to a central database server and compared with lists of suspected pirate sites, and if they are a match, then the addresses could be handled in a number of ways. One way would be to simply block access, displaying a message saying the address is not available. Another way would be to offer a warning about copyright infringement, and allow an option for the user to keep going anyway. A final method would be to instead offer legal alternatives to buy content.

This type of blocking system is hardly new, with parental software or services like OpenDNS, but up until now the copyright policy has mostly been handled by the RIAA, and MPAA along with these types of industry groups, and those companies have been pushing on Internet providers to implement checks and blocks at the ISP level. But with solutions like this, the Internet censorship could now be done at the user level instead. Obviously, this would require McAfee to be installed, but it already is one of the most popular security solutions out there. It is unlikely that this patent would be implemented as a new product; instead, it would become part of the existing solution. While a computer owner may be able to turn off this system, there are many cases when a user may not be able to do so, whether it is a minor who does not have administrative access to his computer, a school setting, public wi-fi, or any business environment which typically deploys anti-malware solutions from a central server, and employees have no access to modify behavior.

Of course, the question then becomes whether or not this is a good thing. There is no question that many parties out there would like the Internet to become a more walled off garden. Networks and traditional content creators would prefer the Internet to work like cable TV; portal sites and social networks want their users to stay in their own environments; governments want the ability to track and monitor everyone; and so on. The main issue with any type of spying or content filtering at the ISP level is that encryption such as using a VPN or Tor makes it impossible for illegal content to be detected. So having the ability to do this filtering right on the user’s computer can be a useful thing. Administrators already use various solutions to do filtering as well, but typically this is done as an added solution. By implementing this feature in something like an anti-malware suite that is as popular as McAfee is, this then allows the concept to become much more widespread. By presenting alternate URLs in a friendly way, it may become an accepted method by the general public as well.

The critics on the other hand will point at the invasion of privacy, since all URLs have to be sent off to a remote server in order for this type of blocking to work. Also, content filtering never works perfectly. There are false positives, and the web changes far too quickly for any list to be always up to date. The Internet was started as an open, free and liberating platform. But as money and powers came into the equation, it has become more walled off every year, whether that is to catch criminals, monitor suspected terrorists, make more money, or prevent copyright infringement. I believe it is only a matter of time before all commercial anti-malware solutions have these types of filtering built-in. If you want to use the core features of the product, you may even one day have to leave this turned on. This would certainly please Hollywood studios.

Whether this is something you should be looking into as a business admin or IT pro is too early to say; it depends how it is implemented. But someday we may no longer need extra software to do packet filtering, should clients ask for it. This may become a well known and accepted feature of any security suite.

FROM: http://www.techrepublic.com/blog/security/new-mcafee-patent-hints-at-a-more-walled-off-online-world/9449

Citizen Lab [University of Toronto] "released a new report, For Their Eyes Only: The Commercialization of Digital Spying. The report features new findings, as well as consolidating a year of our research on the commercial market for offensive computer network intrusion capabilities developed by Western companies. Our new findings include:

• We have identified FinFisher Command & Control servers in 11 new
• Countries. Hungary, Turkey, Romania, Panama, Lithuania, Macedonia, South Africa, Pakistan, Nigeria, Bulgaria, Austria.
• Taken together with our previous research, we can now assert that FinFisher Command & Control servers are currently active, or have been present, in 36 countries.

National Security Agency Tasked with Targeting Adversaries’ Computers for Attack Since Early 1997, According to Declassified Document

For more information contact:
Jeffrey T. Richelson 202/994-7000 or nsarchiv@gwu.edu

________________________________________________________
THE NATIONAL SECURITY ARCHIVE is an independent non-governmental research institute and library located at The George Washington University in Washington, D.C. The Archive collects and publishes declassified documents acquired through the Freedom of Information Act (FOIA). A tax-exempt public charity, the Archive receives no U.S. government funding; its budget is supported by publication royalties and donations from foundations and individuals.

Cybersecurity: Selected Legal Issues, April 17, 2013.

"The federal government’s role in protecting U.S. citizens and critical infrastructure from cyber attacks has been the subject of recent congressional interest. Critical infrastructure commonly refers to those entities that are so vital that their incapacitation or destruction would have a debilitating impact on national security, economic security, or the public health and safety. This report discusses selected legal issues that frequently arise in the context of recent legislation to address vulnerabilities of critical infrastructure to cyber threats, efforts to protect government networks from cyber threats, and proposals to facilitate and encourage sharing of cyber threat information among private sector and government entities. This report also discusses the degree to which federal law may preempt state law. It has been argued that, in order to ensure the continuity of critical infrastructure and the larger economy, a regulatory framework for selected critical infrastructure should be created to require a minimum level of security from cyber threats. On the other hand, others have argued that such regulatory schemes would not improve cybersecurity while increasing the costs to businesses, expose businesses to additional liability if they fail to meet the imposed cybersecurity standards, and increase the risk that proprietary or confidential business information may be inappropriately disclosed."

2013 Internet Security Threat Report – "Key Findings:

• 42% increase in targeted attacks in 2012.
• 31% of all targeted attacks aimed at businesses with less than 250 employees.
• One waterhole attack infected 500 organizations in a single day.
• 14 zero-day vulnerabilities.
• 32% of all mobile threats steal information.
• A single threat infected 600,000 Macs in 2012.
• Spam volume continued to decrease, with 69% of all email being spam.
• The number of phishing sites spoofing social networking sites increased 125%.
• Web-based attacks increased 30%.
• 5,291 new vulnerabilities discovered in 2012, 415 of them on mobile operating systems."

Cloud Computing: Constitutional and Statutory Privacy Protections, March 22, 2013:

http://www.fas.org/sgp/crs/misc/R43015.pdf