mytrip and several other readers let us know that a judge in Boston has lifted the gag order — actually let it expire — against three MIT students who discovered flaws in the security of the local transit system, the MBTA. We've discussed the case over the last 10 days. "Judge O'Toole said he disagreed with the basic premise of the MBTA's argument: That the students' presentation was a likely violation of the Computer Fraud and Abuse Act, a 1986 federal law meant to protect computers from malicious attacks such as worms and viruses. Many had expected Tuesday's hearing to hinge on First Amendment issues and what amounts to responsible disclosure on the part of computer security researchers. Instead, O'Toole based his ruling on the narrow grounds of what constitutes a violation of the CFAA. On that basis, he said MBTA lawyers failed to convince him on two points: The students' presentation was meant to be delivered to people, and was not a computer-to-computer 'transmission.' Second, the MBTA couldn't prove the students had caused at least $5,000 damage to the transit system."

Anti-Globalism sends in Ars coverage of a speech by Jim Griffin, who is a consultant for Warner, one of the big four music labels. Griffin is encouraging dialog on the idea of blanket licensing of music — a topic heretofore more likely to be heard from the EFF or the Barenaked Ladies. "Taking music without paying for it may not be 'morally voluntary,' Griffin says, but he admits it has become 'functionally voluntary.' No civilized society, he adds, can endure 'purely voluntary payment for art, knowledge, and culture.' So Griffin's job is to help Warner monetize digital music, and he's convinced that the issue of payment for music is nothing less than 'our generation's nuclear power.' Griffin's most intriguing idea, and one he's been pitching for some time now, is a voluntary, blanket music license; essentially, bringing the collection society model to end users. In this model, consumers would pay royalties into a pot (by paying an extra monthly fee to their ISPs, for instance) and would then have access to all the music from all the labels that participate in the scheme."

I Don't Believe in Imaginary Property writes "Ever wonder about all those groups claiming Google had a 'search monopoly' (as if there are no other search engines), or worse, coming out against Net Neutrality? CNet has a story about a shady DC lobbying group called LawMedia Group, being paid by Microsoft and Comcast, that is behind many of these attacks. That said, it's a mystery why they weren't able to pay more authoritative groups than the American Corn Growers Association or the League of Rural Voters to weigh in on technical matters. As a computer geek from corn country, I wouldn't solicit their opinion on tractor repair, let alone Internet policy."

I Don't Believe in Imaginary Property writes "John McCain has finally released a technology platform. Most of it is the same old stuff; lower corporate taxes, protect children from porn, and avoid Internet regulation unless 'necessary.' Alas, in his view, helping the RIAA's War on Sharing is necessary to stop the 'global epidemic' of piracy, while Net Neutrality is something he 'does not believe in.' Ars Technica has a review of McCain's platform." A brief analysis is also available from Federal Computer Week. In addition to the technology policy, McCain has also released a paper describing his stance on security and privacy. We've previously contrasted his views with those of Barack Obama. Obama's technology policies are also available online.

jvatcw writes "The Boston subway hack case has exposed a familiar rift in the security industry over responsible disclosure standards. Many see the temporary restraining order preventing three MIT undergrads from publicly discussing vulnerabilities they discovered in Boston's mass transit system as a violation of their First Amendment rights. Others, though, see the entire episode as yet another example of irresponsible, publicity-hungry security researchers trying to grab a few headlines." We discussed the temporary restraining order last weekend, and later the EFF's plans to fight it. CNet reports that another judge has reviewed the order and left it intact. Reader canuck57 contributes a related story about recent comments by Linus Torvalds concerning his frustration over the issue of security disclosure.

snydeq sends along InfoWorld coverage of the EFF's plans to appeal a US District Court order that kept three MIT students from presenting detailed flaws in the Massachusetts Bay Transportation Authority e-ticketing system at Defcon. And an anonymous reader points out that the MBTA, in addition to triggering the Streisand Effect, released in open court more information on vulnerabilities (PDF) than the students had any intention of presenting. See Exhibit 1 to this court filing.

MojoKid writes with this excerpt from HotHardware: "According to the Electronic Frontier Foundation (EFF), a dangerous legal precedent has just been set that can potentially unravel existing federal privacy protections for e-mail and Internet usage. The alert from the EFF is not just to sound a general warning, but it also takes the form of an Amicus curiae (friend of the court) brief, filed with the federal 9th US Circuit Court of Appeals, asking for the court's legal finding to be overturned... The findings of this case could become the foundation of a legal precedent upon which other similar cases can subsequently be based. If that were to be the case, then the unauthorized retrieving of e-mails from an e-mail server would not be considered a violation of the federal Wiretap Act, which will then open the door for government-sponsored snooping."

I Don't Believe in Imaginary Property writes "William Patry, noted copyright expert and Google's top copyright lawyer, has decided to close his personal blog. (For no reason that he has explained, the archives are gone too.) Ordinarily, that wouldn't be very newsworthy, but that little blog has made a lot of news, outing the ACTA treaty and discussing lots of other important pending legislation. Mr. Patry gives two reasons for the closure: his personal views were being attributed to Google, and the current trends in copyright law are too depressing. Though I am not the only one to have done so, as someone who has contributed to that misunderstanding by listing his credentials without a disclaimer, I would like to publicly apologize to him. Unfortunately, there's nothing I can do to reverse the depressing trends in copyright law that I'm not doing already."

Naturalist recommends a piece up at Ars about a friend-of-the-court brief filed by the EFF, CDT, Public Citizen, and a group of 14 law professors in the case of Lori Drew, who posed as a teenage boy to harass another teen online, eventually driving her to suicide. (We've discussed the case a few times.) "[The amicus brief argues] that violating MySpace's Terms of Service agreement shouldn't be considered criminal offense under the Computer Fraud and Abuse Act. The groups believe that if the mother, Lori Drew, is prosecuted using CFAA charges, the case could have significant ramifications for the free speech rights of US citizens using the Internet."

Bridge to Nowhere writes "ZDNet is reporting that Microsoft will start sharing details on software vulnerabilities with security vendors ahead of Patch Tuesday under a daring new program aimed at reducing the window of exposure to hacker attacks. The new Microsoft Active Protections Program (MAPP) will give anti-virus, intrusion prevention/detection and corporate network security vendors a head-start to add signatures and filters to protect against Microsoft software vulnerabilities."

Placid notes that the EFF has announced Switzerland, a tool for testing if your ISP is interfering with your Net connection (e.g. by resetting BitTorrent transfers). It's command-line only at this point. Of course the tool is FOSS, and you can contribute to it via its SourceForge project. From the announcement: "Developed by the Electronic Frontier Foundation, Switzerland is an open source software tool for testing the integrity of data communications over networks, ISPs, and firewalls. It will spot IP packets which are forged or modified between clients, inform you, and give you copies of the modified packets."

An anonymous reader brings news that the College Opportunity and Affordability Act has passed in the US Senate and now awaits only the President's signature before becoming law. Hidden away in the lengthy bill are sections which tie college funding to "offering alternatives to illegal downloading or peer-to-peer distribution of intellectual property as well as a plan to explore technology-based deterrents to prevent such illegal activity." The EFF issued a statement expressing concern over the bill earlier this year, shortly before the House of Representatives approved it. We discussed the introduction of the bill last November. The Senate vote was 83-8, with 9 not voting. The full text of the bill is available. The relevant section is 494, at the end of the general provisions.

I Don't Believe in Imaginary Property writes "Whether they're mad at the Republicans for creating the mess, the Democrats for caving in, or both, many are still pissed off over the grant of retroactive immunity for spying on American citizens for no reason. And now some of them are trying to do something about it — they're buying an advertisement on cable TV. While it's not entirely clear what good, if any, this will do given that it's too late, at least it's cheap to participate — they're looking for $6 donations. The ideas is that, if more grass-roots groups do this kind of thing, their 'representatives' won't be able to afford to blow them off as easily."

I Don't Believe in Imaginary Property writes "Senators Patrick Leahy (D-VT) and Arlen Specter (R-PA) have just sponsored a new bill, the Enforcement of Intellectual Property Rights Act of 2008, which would combine the worst parts of the PRO-IP Act and the PIRATE Act. The basic idea is pretty simple: expand the Federal government to create something like the Department of Homeland Security for IP. The Copyright Czar then polices the internet and clogs the courts with thousands of civil lawsuits against individual infringers so the RIAA doesn't have to. Feel free to contact your representatives with your feelings about this bill. Right now, they believe the bill (PDF) will 'protect jobs.'"

Brad Templeton writes "I (whom you may know as EFF Chairman, founder of early dot-com Clari.Net and rec.humor.funny) have just released a new series of futurist essays on the amazing future of robot cars, coming to us thanks to the DARPA Grand Challenges. The computer driver is just the beginning — the essays detail how robocars can enable the cheap electric car, save millions of lives and trillions of dollars, and are the most compelling thing computer geeks can work on to save the planet. Because robocars can refuel, park and deliver themselves, and not simply be chauffeurs, they end up changing not just cars but cities, industries, energy, and — by removing dependence on foreign oil — even wars. I, for one, welcome our new robot overlords." (More below.)

An anonymous reader writes "A group of researchers from the University of Colorado and University of Washington could face both civil and criminal penalties for a research project (PDF) in which they snooped on users of the Tor anonymous proxy network. Should federal prosecutors take interest in the project, the researchers could also face up to 5 years in jail for violating the Wiretap Act. The researchers neither sought legal review of the project nor ran it past their Institutional Review Board. The Electronic Frontier Foundation, which has written a legal guide for Tor admins, strongly advises against any sort of network monitoring."

I Don't Believe in Imaginary Property writes "A Florida patent troll called Channel Intelligence is suing everyone from Lemonade to Remember the Milk for infringing on patent 6,917,941, which covers storing a wishlist in a database. Amazon and eBay are absent from the list of targets, even though they very likely store users' wishlists in a database. With any luck, perhaps one of the defendants will get to use that precedent PJ found the other day from In re Lintner, which said, '[c]laims which are broad enough to read on obvious subject matter are unpatentable even though they also read on non-obvious subject matter.'"

I Don't Believe in Imaginary Property brings us an analysis of several organizations' goals for the Anti-Counterfeiting Trade Agreement, which we've discussed previously. In particular, he points out the anti-privacy views of the Business Software Alliance: "While the ACTA itself is not public, the US Trade Representative has at least released the ACTA comments. While many of them are to be expected, such as the RIAA & co. wanting copyright filters, one item on the BSA's wish list really stands out: 'In a number of European countries one of the biggest impediments to efforts by rights holder to enforce their IP rights on the Internet is the overbroad interpretation of privacy laws by some European authorities.' They want ACTA to 'fix' that by neutering the privacy laws. Given the BSA's other questionable activities, it couldn't hurt to tell their member companies what you think of their participation. After all, organizations like the BSA exist in part to shield their members from bad PR." Full documents of comments from the various organizations are available at Public Knowledge.

I Don't Believe in Imaginary Property writes "EU Commissioner Charlie McCreevy has unveiled a plan to retroactively extend musical copyrights by 45 years, which would make EU musical copyrights last 95 years total. Why? They're worried that musicians won't continue to collect royalties when they retire and this will give them an additional 45 years during which they won't have to produce any new music. Perhaps the only good point is that the retroactive extensions won't take effect for any works which aren't marketed in the first year after the extension. Additionally, while there are many non-musical retirees wishing they could get paid for 95 years after they finish working, McCreevy has not announced any new plans to help them."

I Don't Believe in Imaginary Property writes "With SCO in Chapter 11 bankruptcy and there being little to read other than status reports and the boring financial details of how the company is wasting its last few dollars, one could be excused for thinking the SCO lawsuits had lost their zip. But things just got a bit more interesting. Jonathan Lee Riches has asked the court to take over. Yes, the man also known as inmate #40948-018 is now bringing his legal experience to the table, having previously filed pro se lawsuits against such entities as Michael Vick, Michael Jordan, Mickey Mantle, the Lincoln Memorial, the Thirteen Tribes of Israel, 'Various Buddhist Monks,' Mein Kampf, Denny's, George W. Bush, the Soviet Gulag Archipelago, Bellevue Hospital, Iran's Evin Prison, Auschwitz, and Plato. In his hand-written pro se motion (PDF), he asks to intervene as Plaintiff pursuant to FRCP 24(a)(2). As best anyone can read the motion, it appears that he offered Novell some 'royalty payments' and they refused them, so he wants to protect his UnixWare rights. He also claims to have proof of SCO's claims, but he wants take over part of the case via FRCP 24 because SCO isn't competent, and allegedly he could do a better job. To be fair, between him and Darl, it's something of a toss-up."