|
History
>
2014 > USA > Internet (I)
Sony Hacking Attack,
First a Nuisance,
Swiftly Grew Into a Firestorm
DEC. 30, 2014
The New York Times
By MICHAEL CIEPLY
and BROOKS BARNES
LOS ANGELES — It was three days before Thanksgiving, the
beginning of a quiet week for Sony Pictures. But Michael Lynton, the studio’s
chief executive, was nonetheless driving his Volkswagen GTI toward Sony’s lot at
6 a.m. Final planning for corporate meetings in Tokyo was on his agenda — at
least until his cellphone rang.
The studio’s chief financial officer, David C. Hendler, was calling to tell his
boss that Sony’s computer system had been compromised in a hacking of unknown
proportions. To prevent further damage, technicians were debating whether to
take Sony Pictures entirely offline.
Shortly after Mr. Lynton reached his office in the stately Thalberg building at
Sony headquarters in Culver City, Calif., it became clear that the situation was
much more dire. Some of the studio’s 7,000 employees, arriving at work, turned
on their computers to find macabre images of Mr. Lynton’s severed head. Sony
shut down all computer systems shortly thereafter, including those in overseas
offices, leaving the company in the digital dark ages: no voice mail, no
corporate email, no production systems.
A handful of old BlackBerrys, located in a storage room in the Thalberg
basement, were given to executives. Staff members began to trade text messages
using hastily arranged phone trees. Sony’s already lean technical staff began
working around the clock, with some people sleeping in company offices that
became littered with stale pizza. Administrators hauled out old machines that
allowed them to cut physical payroll checks in lieu of electronic direct
deposit.
Still, for days the episode was viewed inside Sony as little more than a
colossal annoyance. Though Sony executives were quickly in touch with federal
law enforcement officials, the company’s initial focus was on setting up
jury-rigged systems to let it limp through what was expected to be a few days or
weeks of inconvenience. The company’s first statement on the breach, made on
Nov. 24, seems almost absurdly bland in retrospect: “We are investigating an
I.T. matter.”
In fact, less than three weeks later Sony would be the focal point of a global
firestorm over a growing digital attack on its corporate identity and data; its
movie “The Interview,” about the fictional assassination of the North Korean
leader Kim Jong-un; and its own handling of the ensuing crisis.
Interviews with over two dozen people involved in the episode suggest that Sony
— slow to realize the depths of its peril — let its troubles deepen by mounting
a public defense only after enormous damage had been done. The initial decision
to treat the attack as largely an internal matter reflected Hollywood habit and
the executive sang-froid of Mr. Lynton, who can be cool almost to a fault. As
Mr. Lynton discovered, however, at a midpoint in the episode, this predicament
required a wholly different approach.
In truth, “There is no playbook for us to turn to,” Mr. Lynton told his staff at
one point. Mr. Lynton and his colleagues underestimated the ferocity of the
interaction between the news media and the hackers as the drama unfolded in
December. Hackers released the information to traffic-hungry websites, which
published the most embarrassing details, while Sony mostly stayed publicly
silent.
Hurt by a misstep when it announced the cancellation of a Christmas Day release
for “The Interview,” Sony was knocked about by criticism by the White House,
Hollywood stars and others who accused it of capitulating to extortionist
threats. The studio’s ultimate success in showing its film in face of a terror
threat came after Mr. Lynton’s natural reserve fell more in line with the
passion and grit of the studio’s co-chairwoman, Amy Pascal, who was undermined
early in the attack by the disclosure of embarrassing personal emails.
The son of a German Jew who served in British intelligence during World War II,
Mr. Lynton, 54, had weathered past corporate crises, including an inherited
accounting scandal when he ran the Penguin publishing house and a recent attempt
by the activist investor Daniel S. Loeb to force change at Sony. But neither of
those episodes matched the complexity and surreal twists of the hacking, which
ultimately became a test of national will, a referendum on media behavior and a
defense of free expression, even of the crudest sort.
“What it amounted to was criminal extortion,” Mr. Lynton said in an interview.
Rising Sense of Urgency
By Dec. 1, a week after Sony discovered the breach, a sense of urgency and
horror had penetrated the studio. More than a dozen F.B.I. investigators were
setting up shop on the Culver City lot and in a separate Sony facility near the
Los Angeles airport called Corporate Pointe, helping Sony deal with one of the
worst cyberattacks ever on an American company.
Mountains of documents had been stolen, internal data centers had been wiped
clean, and 75 percent of the servers had been destroyed.
Everything and anything had been taken. Contracts. Salary lists. Film budgets.
Medical records. Social Security numbers. Personal emails. Five entire movies,
including the yet-to-be-released “Annie.”
Later, it would become apparent through files stolen by the hackers and
published online that Mr. Lynton and Ms. Pascal had been given an oblique
warning. On Nov. 21, in an email signed by “God’s Apstls,” the studio was told
to pay money for an unspecified reason by Nov. 24. If the studio did not comply,
the bizarre missive said, “Sony Pictures will be bombarded as a whole.”
But the warning either did not find its way to Mr. Lynton or he missed its
importance in the daily flood of messages to his inbox. In the first days of the
attack, responsibility for which was claimed by a group calling itself
“Guardians of Peace,” the notion of North Korean involvement was little more
than a paranoid whisper.
In June, a spokesman for North Korea’s Ministry of Foreign Affairs said in a
statement said the country would take “a decisive and merciless countermeasure”
if the United States government permitted Sony to make its planned Christmas
release of the comedy “The Interview.”
At the time, the threat seemed to many almost as absurd as the film, which was
not mentioned in early communications from the hackers.
In the gossipy nexus that quickly connected Hollywood’s trade news media with
studio insiders and a growing circuit of information technology experts, talk
circulated of a “mole” — a Sony employee who was presumed by many to have been
instrumental in penetrating the computer systems and spotting the most sensitive
data.
The theory of violation by an ex-employee or disgruntled insider persists among
computer security experts who remain unpersuaded by the F.B.I.’s focus on
evidence pointing toward North Korea, which the agency made public in a news
release on Dec. 19.
But senior Sony executives, speaking on the condition of anonymity because the
investigation is incomplete, now say the talk of a rogue insider reflects a
misunderstanding of the F.B.I.’s initial conclusions about the hacking. Federal
investigators, they said, did not strongly suspect an inside job.
Rather, these executives said, the F.B.I. found that the hackers had used
digital techniques to steal the credentials and passwords from a systems
administrator who had maximum access to Sony’s computer systems. Once in control
of the gateways those items opened, theft of information was relatively easy.
Government investigators and Sony’s private security experts traced the hacking
through a network of foreign servers and identified malicious software bearing
the familiar hallmarks of a hacking gang known as Dark Seoul. Prodded for inside
information at a social gathering — long before the F.B.I. announced any
conclusions — Doug Belgrad, president of Sony’s motion picture group, responded,
“It’s the Koreans.”
Hackers Release Information
As the F.B.I. stepped up its inquiry, the hackers — who still had made no
explicit mention of “The Interview” — dropped the first in a series of data
bundles that were to prove a feast for websites like Gawker and mainstream
services like Bloomberg News for weeks.
And so was set a pattern. Every few days, hackers would dump a vast new group of
documents onto anonymous posting sites. Reporters and other parties who had
shown an interest in searching the Sony files were then sent email alerts —
essentially digital treasure maps from the hackers.
The files seemed to fulfill every Hollywood gossip’s fantasy of
what is said behind studio walls. Ms. Pascal was caught swapping racially
insensitive jokes about President Obama’s presumed taste in African-American
films. A top Sony producer, Scott Rudin, was discovered harshly criticizing
Angelina Jolie. Mr. Lynton was revealed to be angling for a job at New York
University.
Sony technicians privately started fighting back by moving to disrupt access to
the data dumps. But the studio — apart from public apologies by Ms. Pascal — was
largely silent on the disclosures.
In this, Mr. Lynton was perhaps betrayed by his own cool. While Ms. Pascal
alternately wept and raged about the violation, Mr. Lynton assumed the more
detached manner that had served him well in the publishing world. Mr. Lynton
engaged in debates with lawyers who rendered conflicting opinions as to whether
media outlets could in fact be stopped from trading in goods that were, after
all, stolen.
As a tough and seasoned executive in her own right, Ms. Pascal brought badly
needed expression to emotions that many, perhaps most, Sony employees were
feeling. Hoarse and humbled, she would eventually bring colleagues to her side
with an address at an all-hands gathering on the Sony lot in which she said:
“I’m so terribly sorry. All I can really do now is apologize and ask for your
forgiveness.”
Until shortly before that, Mr. Lynton was hesitant about confronting media
outlets with legal action. But the lawyer David Boies persuaded him there was a
case to be made against free trade in information that was essentially stolen
property. Mr. Boies on Dec. 14 began sending legal warnings to about 40 media
outlets using the stolen data.
On Dec. 15, while rallying the troops at that gathering on the Sony lot, Mr.
Lynton displayed flashes of anger and words of resolve — fighting spirit he had
not shown publicly. “Some of the reporting on this situation has been truly
outrageous, and is, quite frankly, disgusting,” he said. He urged employees not
to read the anticipated next waves of emails, lest they turn on one another.
“I’m concerned, very concerned, that if people continue to read these emails,
relationships will be damaged and hurt here at the studio,” he said.
A Crucial Threat
Shortly before 10 a.m. the next day, Dec. 16, the hackers made good on their
promise of a “Christmas gift,” delivering thousands of Mr. Lynton’s emails to
the posting sites. With the emails came a message that within minutes converted
the hacking from corporate annoyance to national threat and fully jolted Sony
from defense to offense.
“Soon all the world will see what an awful movie Sony Pictures Entertainment has
made,” it said. “The world will be full of fear. Remember the 11th of September
2001.” The message specifically cited “The Interview” and its planned opening.
Unfazed until then by Sony’s problems, exhibitors were instantly galvanized.
“When you invoke 9/11, it’s a game changer,” said one theater executive.
Within hours, the National Association of Theater Owners convened a board
meeting. Through the day, the exhibitors were briefed by Sony executives (though
not by Mr. Lynton), who took a position that infuriated some owners: The studio
would not cancel the film, but it would not quarrel with any theater that
withdrew it because of security concerns.
“Sony basically punted,” said one theater executive, speaking on
the condition of anonymity because of confidentiality strictures. “Frankly,” the
executive added, “it’s their movie, and their mess.”
Carmike Cinemas, one of the country’s four largest chains, was the first to
withdraw. By the morning of Dec. 17, owners of about 80 percent of the country’s
movie theaters — including Regal Entertainment, AMC Entertainment, and Cinemark,
already mired in legal fights over a 2012 theater shooting in Colorado — had
pulled out.
At the same time, Mr. Lynton was advised by George Rose, who is in charge of
human resources, that employees, for the first time since the initial attack,
were showing signs of being deeply shaken by the possibility of violence to
themselves and to the audience.
That afternoon, Sony dropped “The Interview” from its schedule. In theory, the
studio had gotten its way by putting the onus for cancellation on apprehensive
theater owners.
But Sony at that moment made a critical error. In a hasty statement, in some
cases delivered orally to reporters, the studio said it had “no further release
plan” for “The Interview.” In fact, Mr. Lynton had been talking with Google’s
chairman, Eric E. Schmidt, and others about an alternative online release —
discussions that Google would later confirm publicly. But Sony’s statement was
widely interpreted to mean Sony would shelve the movie for good, leaving an
impression that it had caved to the hackers and a terrorist threat.
The reaction was swift and furious. Hollywood stars and free speech advocates
sharply criticized the decision. On Friday, Dec. 19, President Obama used his
final news briefing of the year to rebuke Sony for its handling of the North
Korean threat: “We cannot have a dictator imposing censorship in the U.S.” For
Mr. Lynton, the president’s remarks became a personal low point in the entire
affair. He had expected support from Mr. Obama — of whom Mr. Lynton and his
wife, Jamie, were early and ardent backers in 2007. “I would be fibbing to say I
wasn’t disappointed,” Mr. Lynton told a CNN interviewer shortly afterward,
understating his reaction. (Mr. Lynton had already agreed to the CNN interview
and, in fact, watched the president’s news conference from a TV in a CNN
lounge.)
“You know, the president and I haven’t spoken,” Mr. Lynton added. “I don’t know
exactly whether he understands the sequence of events that led up to the movies’
not being shown in the movie theaters.”
The president’s decision to specifically — and harshly — criticize Sony was not
mapped before the news conference, according to two senior American officials.
But it was clear to Mr. Obama’s aides and national security staff that the
president felt passionately about the issue and was eager to push for the film’s
release, the officials said.
Shortly after the president spoke, shocked Sony executives spoke with senior
members of the White House staff, asking whether they had known that the
president was going to criticize them. The staff members told the executives
that nothing had been planned.
In the end, the exchanges were constructive, as administration officials
persuaded Sony that an expanded electronic attack was unlikely; that gave the
studio cover to tell the distributors and theaters they were very likely safe to
show the film. But Mr. Obama played no direct role in pushing deals that, in
less than a week, would put “The Interview” online and in 331 smaller theaters.
Sony’s Christmas Eve triumph in announcing an immediate online release of “The
Interview” was more fragile than it looked. While Google had been committed for
a week, Microsoft and its Xbox service came aboard only late the night before.
In the end, the film may be seen by more viewers than if it had experienced an
unimpeded, conventional release, particularly if, as studio executives suspect,
those who paid for the film online were joined by friends and family. Sony said
“The Interview” generated roughly $15 million in online sales and rentals during
its first four days of availability.
Now, five weeks into the episode, Sony’s internal technology is still impaired.
Executives estimate that a return to normal is at least five to seven weeks
away.
But the studio’s spirit apparently remains intact. Showing up in the Sony
cafeteria for lunch last week, as a theatrical release and the Google and
Microsoft deals were announced, Mr. Lynton was surrounded by 30 to 40 employees
who told him they were proud to be at Sony and to get the movie out.
“If we put our heads down and focus on our work, I honestly think we can recover
from this in short order,” Mr. Lynton said on Sunday.
Michael S. Schmidt contributed reporting from Honolulu and Michael D. Shear from
Washington.
A version of this article appears in print on December 31, 2014, on page A1 of
the New York edition with the headline: Sony Attack, First a Nuisance, Swiftly
Grew Into a Firestorm.
Sony Hacking Attack, First a Nuisance, Swiftly
Grew Into a Firestorm,
NYT, 30.12.2014,
http://www.nytimes.com/2014/12/31/business/media/
sony-attack-first-a-nuisance-swiftly-grew-into-a-firestorm-.html
Countering Cyberattacks
Without a Playbook
DEC. 23, 2014
The New York Times
Asia Pacific | News Analysis
By DAVID E. SANGER
WASHINGTON — For years now, the Obama administration has warned
of the risks of a “cyber-Pearl Harbor,” a nightmare attack that takes out
America’s power grids and cellphone networks and looks like the opening battle
in a full-scale digital war.
Such predictions go back at least 20 years, and perhaps that day will come. But
over the past week, a far more immediate scenario has come into focus, first on
the back lots of Sony Pictures and then in back-to-back strategy sessions in the
White House Situation Room: a shadow war of nearly constant, low-level digital
conflict, somewhere in the netherworld between what President Obama called
“cybervandalism” and what others might call digital terrorism.
In that murky world, the attacks are carefully calibrated to be well short of
war. The attackers are hard to identify with certainty, and the evidence cannot
be made public. The counterstrike, if there is one, is equally hard to discern
and often unsatisfying. The damage is largely economic and psychological.
Deterrence is hard to establish. And because there are no international treaties
or norms about how to use digital weapons — indeed, no acknowledgment by the
United States government that it has ever used them itself — there are no rules
about how to fight this kind of conflict.
“Until now, we’ve been pretty ad hoc in figuring out what’s an annoyance and
what’s an attack,” James Lewis, a cyberexpert at the Center for Strategic and
International Studies, said last week. “If there’s a lesson from this, it’s that
we’re long overdue” for a national discussion about how to respond to
cyberattacks — and how to use America’s own growing, if unacknowledged, arsenal
of digital weaponry.
All those issues have been swirling in the background in the drama of North
Korea’s effort to intimidate Sony Pictures, and the retaliation by the United
States — if that was the case — against one of its oldest Cold War adversaries.
“If you had told me that it would take a Seth Rogen movie to get our government
to really confront these issues, I would have said you are crazy,” one senior
defense official said a few days ago, referring to the Sony Pictures film “The
Interview.” “But then again, this whole thing has been crazy.”
With Tuesday’s announcement that “The Interview,” a crude and poorly reviewed
comedy about a C.I.A. effort to hire two bumbling journalists to knock off Kim
Jong-un, the North Korean leader, will be shown in a limited number of theaters,
it is very possible that this confrontation with the least predictable of the
nine nations possessing nuclear weapons may not yet be over.
Like most cyberattacks, it started with a simple question: Who did it? But this
was no ordinary effort to steal credit card data, like what happened at Target
and Home Depot. What made the attack on Sony different was its destructive
nature. By some accounts, it wiped out roughly two-thirds of the studio’s
computer systems and servers — one of the most destructive cyberattacks on
American soil.
It took three weeks for Mr. Obama to take the extraordinarily rare step of
publicly identifying North Korea, and its leadership, as the culprit. And even
now, the F.B.I. refuses to release much of its evidence, presumably because it
could reveal the degree to which the United States had penetrated North Korea’s
networks and the Chinese systems through which they are routed. The president’s
decision to also mention the Chinese during a news conference last week in which
he responded to the Sony attack was “itself part of the effort to create some
deterrence,” one administration official said, “by making it clear we can cut
through the fog.”
But because the government will not make the evidence public, there will be
doubters.
“The N.S.A. has been trying to eavesdrop on North Korea’s government
communications since the Korean War, and it’s reasonable to assume that its
analysts are in pretty deep,” Bruce Schneier, one of the country’s leading
cyberexperts, wrote in The Atlantic, referring to the National Security Agency.
“The agency might have intelligence on the planning process for the hack. It
might, say, have phone calls discussing the project, weekly PowerPoint status
reports, or even Kim Jong-un’s sign-off on the plan.”
“On the other hand, maybe not,” he wrote. “I could have written the same thing
about Iraq’s weapons-of-mass-destruction program.”
But Washington’s declaration that North Korea was the source came paired with
Mr. Obama’s warning of a “proportionate response.” Within days, North Korean
Internet connections sputtered and went dead — and after briefly reviving, they
were out again on Tuesday.
An American attack? Did the Chinese pull the plug? Did the North Koreans take
themselves offline to protect themselves? No one in Washington will say. But it
is possible that to deter future attacks, the administration was not looking for
subtlety. Instead, it might have simply wanted to remind Mr. Kim that the United
States is training 6,000 “cyberwarriors” among its military units, and they all
have North Korea’s Internet Protocol address.
Still, if North Korea did bear the brunt of an American counterstrike — a
significant “if” — it will most likely prove more symbolic than anything else
and serve to remind Mr. Kim that his family has miscalculated before.
In the summer of 1950, gambling that the Americans were too distracted to
respond, the founder of the country, Kim Il-sung, invaded the South. It turned
out he was wrong, and the devastating three-year conflict that followed ruined
his nation. But, improbably, it left him and his family in power.
Over the past two years, his grandson — who has tailored his appearance to
closely resemble the North’s revered Great Leader, who died 20 years ago — has
embraced digital weapons precisely because they are far more subtle than sending
troops over the 38th Parallel. In fact, cyberweapons are perfect for a failing
state. Unlike North Korea’s small arsenal of six to 12 nuclear weapons, they can
be used without risking an annihilating response. Unlike North Korea’s missile
fleet, they are uncannily accurate. Just ask Sony, which is still trying to
figure out whether its attackers had inside knowledge or just got lucky.
But that leaves Mr. Obama with a “short of war” conundrum. How much American
power should be deployed to stop a cybervandal from becoming a cyberterrorist?
Until the past week, the president’s temptation has been to refrain from
responding at all. But the combination of the destructive attack, the effort to
silence American criticism of a brutal regime and the threats of attacks on
American theaters made this one different.
The mystery now is whether the young, untested Mr. Kim will back off, or
whether, like his grandfather, he will push ahead, figuring that an
unpredictable North Korea has kept enemies at bay for six decades, and that his
new weapon may extend the streak.
A version of this news analysis appears in print on December 24, 2014, on page
A3 of the New York edition with the headline: Countering Cyberattacks Without a
Playbook.
Countering Cyberattacks Without a Playbook,
NYT, 23.12.2014,
http://www.nytimes.com/2014/12/24/world/asia/
countering-cyberattacks-without-a-playbook.html
Obama Vows a Response
to Cyberattack on Sony
DEC. 19, 2014
The New York Times
By DAVID E. SANGER,
MICHAEL S. SCHMIDT
and NICOLE PERLROTH
WASHINGTON — President Obama said on Friday that the United
States “will respond proportionally” against North Korea for its destructive
cyberattacks on Sony Pictures, but he criticized the Hollywood studio for giving
in to intimidation when it withdrew “The Interview,” the satirical movie that
provoked the attacks, before it opened.
Deliberately avoiding specific discussion of what kind of steps he was planning
against the reclusive nuclear-armed state, Mr. Obama said that the response
would come “in a place and time and manner that we choose.” Speaking at a White
House news conference before leaving for Hawaii for a two-week vacation, he said
American officials “have been working up a range of options” that he said have
not yet been presented to him.
A senior official said Mr. Obama would likely be briefed in Hawaii on those
options. Mr. Obama’s threat came just hours after the F.B.I. said it had
assembled extensive evidence that the North Korean government organized the
cyberattack that debilitated the Sony computers.
If he makes good on it, it would be the first time the United States has been
known to retaliate for a destructive cyberattack on American soil or to have
explicitly accused the leaders of a foreign nation of deliberately damaging
American targets, rather than just stealing intellectual property. Until now,
the most aggressive response was the largely symbolic indictment of members of a
Chinese Army unit this year for stealing intellectual property.
The president’s determination to act was a remarkable turn in what first seemed
a story about Hollywood backbiting and gossip as revealed by the release of
emails from studio executives and other movie industry figures describing
Angelina Jolie as a “spoiled brat” and making racially tinged lists of what they
thought would be Mr. Obama’s favorite movies.
But it quickly escalated, and the combination of the destructive nature of the
attacks — which wiped out Sony computers — and a new threat this week against
theatergoers if the “The Interview,” whose plot revolves an attempt to
assassinate the North Korean leader, Kim Jong-un, opened on Christmas Day turned
it into a national security issue. “First it was a game-changer,” one official
said. “Then it became a question of what happens if we don’t respond? And the
president concluded that’s not an option.”
But as striking as his determination to make North Korea pay a price for its
action was his critique of Sony Pictures for its decision to cancel “The
Interview.” Mr. Obama argued that the precedent that withdrawing the movie set
could be damaging — and that the United States could not give in to
intimidation.
“I wish they had spoken to me first,” Mr. Obama said of Sony’s leadership. “I
would have told them, ‘Do not get into a pattern in which you’re intimidated by
these kinds of criminal attacks.’ ”
In a clear reference to Mr. Kim, he said, “We cannot have a society in which
some dictator someplace can start imposing censorship here in the United
States.” That would encourage others to do the same “when they see a documentary
that they don’t like or news reports that they don’t like.”
The chief executive of Sony Pictures, Michael Lynton, immediately defended his
decision and said Mr. Obama misunderstood the facts. He argued that when roughly
80 percent of the country’s theaters refused to book the film after the latest
threat, “we had no alternative but to not proceed with the theatrical release,”
Mr. Lynton told CNN. “We have not caved, we have not given in, we have not
backed down.”
In a follow-up statement, Sony said that it “immediately began actively
surveying alternatives” to theatrical distribution after theater owners balked.
But so far no mainstream cable, satellite or online film distributor was willing
to adopt the movie.
Mr. Obama did not pass up the opportunity to take a jab at the insecure North
Korean government for worrying about a Hollywood comedy, even a crude one.
“I think it says something about North Korea that they decided to have the state
mount an all-out assault on a movie studio because of a satirical movie,” he
said, smiling briefly at the ridiculousness of an international confrontation
set off by a Hollywood comedy.
The case against North Korea was described by the F.B.I. in somewhat generic
terms. It said there were significant “similarities in specific lines of code,
encryption algorithms, data deletion methods and compromised networks” to
previous attacks conducted by the North Koreans.
“The F.B.I. also observed significant overlap between the infrastructure used in
this attack and other malicious cyberactivity the U.S. government has previously
linked directly to North Korea,” the bureau said. “For example, the F.B.I.
discovered that several Internet protocol addresses associated with known North
Korean infrastructure communicated with I.P. addresses that were hard-coded into
the data deletion malware used in this attack.” An Internet protocol address is
the closest thing to an identifier of where an attack emanated.
Some of the methods employed in the Sony attack were similar to ones that were
used by the North Koreans against South Korean banks and news media outlets in
2013. That was a destructive attack, as was an attack several years ago against
Saudi Aramco, later attributed to Iran. While there were common cybertools to
the Saudi attack as well, Mr. Obama told reporters on Friday he had seen no
evidence that any other nation was involved.
The F.B.I.’s announcement was carefully coordinated with the White House and
reflected the intensity of the investigation; just a week ago, a senior F.B.I.
official said he could not say whether North Korea was responsible.
Administration officials noted that the White House had now described the action
against Sony as an “attack,” as opposed to mere theft of intellectual property,
and that suggested that Mr. Obama was now looking for a government response,
rather than a corporate one.
The F.B.I.’s statements “are based on intelligence sources and other conclusive
evidence,” said James A. Lewis, a cybersecurity expert at the Center for
Strategic and International Studies in Washington. “Now the U.S. has to figure
out the best way to respond and how much risk they want to take. It’s important
that whatever they say publicly signals to anyone considering something similar
that they will be handled much more roughly.”
While American officials were circumspect about how they had collected evidence,
some has likely been developed from “implants” placed by the National Security
Agency. North Korea has proved to be a particularly hard target because it has
relatively low Internet connectivity to the rest of the world, and its best
computer minds do not move out of the country often, where their machines and
USB drives could be accessible targets.
Private security researchers who specialize in tracing attacks said that the
government’s conclusions matched their own findings. George Kurtz, a founder of
CrowdStrike, a California-based security firm, said that his company had been
studying public samples of the Sony malware and had linked them to hackers
inside North Korea — the firm internally refers to them as Silent Chollima — who
have been conducting attacks since 2006.
In 2009, a similar campaign of coordinated cyberattacks over the Fourth of July
holiday hit 27 American and South Korean websites, including those of South
Korea’s presidential palace, called the Blue House, and its Defense Ministry,
and sites belonging to the United States Treasury Department, the Secret Service
and the Federal Trade Commission. North Korea was suspected, but a clear link
was never established.
But those were all “distributed denial of service” attacks, in which attackers
flood the sites with traffic until they fall offline. The Sony attack was far
more sophisticated: It wiped data off Sony’s computer systems, rendering them
inoperable.
“The cyberattack against Sony Pictures Entertainment was not just an attack
against a company and its employees,” Jeh C. Johnson, the secretary of the
Department of Homeland Security, said in a statement. “It was also an attack on
our freedom of expression and way of life.”
David E. Sanger and Michael Schmidt reported from Washington, and Nicole
Perlroth from San Francisco. Michael Cieply and Brooks Barnes contributed
reporting from Los Angeles.
A version of this article appears in print on December 20, 2014, on page A1 of
the New York edition with the headline: Obama Vows a Response to Cyberattack on
Sony.
Obama Vows a Response to Cyberattack on Sony,
NYT, 19.12.2014,
http://www.nytimes.com/2014/12/20/world/
fbi-accuses-north-korean-government-in-cyberattack-on-sony-pictures.html
Facebook’s Profit Propelled by Mobile
JULY 23, 2014
The New York Times
By VINDU GOEL
SAN FRANCISCO — Once again demonstrating its mastery of the
mobile computing wave, Facebook dazzled Wall Street on Wednesday by posting
significant growth in revenue and profits for the second quarter, driven largely
by ads shown in the news feeds of a billion Facebook users checking the service
on their mobile phones.
Shareholders celebrated, sending the stock of the company to a record high in
after-hours trading.
But Facebook’s chief executive, Mark Zuckerberg, wasn’t basking in what he
modestly described as a “good quarter.” Instead, he was looking ahead to the
next wave.
In a conference call with investors, Mr. Zuckerberg warned that the company
would be spending heavily for years on newer services like private messaging,
virtual reality and Facebook search without any near-term prospects of making
money from them.
“We think it is going to be years of work before those are huge businesses for
us,” he said. “I really can’t underscore this enough that we have a lot of work
to do. We could take the cheap and easy approach and put ads in and do payments
and make money in the short-term, but we’re not going to do that.”
Right now, he doesn’t have to.
Facebook, based in Menlo Park, Calif., said it had about 1.32 billion monthly
users around the world in June, with more than a billion of those people using
the service at least partly on mobile devices.
Revenue was $2.91 billion, up 61 percent from $1.81 billion during the same
period last year. Net income was $791 million, or 30 cents a share, compared
with $333 million, or 13 cents a share, a year ago. The company’s operating
profit margin hit a record 48 percent in the second quarter, reflecting
increased cost efficiencies.
Mobile devices accounted for nearly two-thirds of Facebook’s revenue, which at
this point mostly comes from ads shown on the Facebook website and apps.
However, the company is beginning to supplement that with ads on other sites.
“These are just phenomenal numbers,” said Ben Schachter, an Internet analyst
with Macquarie Capital. “The core business is so strong that it’s buying them
time to be more conservative and deliberate in bringing out new products.”
Analysts had expected Facebook to report revenue of $2.8 billion. Wall Street
had also projected that the company would post a profit of 32 cents a share,
after excluding compensation-related expenses, according to consensus estimates
collected by several services. On that basis, the company blew past the
expectations with a profit of 42 cents a share, up from 19 cents a year earlier.
The quarter’s results sent Facebook shares up 5.6 percent in after-hours trading
to more than $75, well above its highest closing price.
In the conference call, Facebook executives offered few details about the
performance of nascent products like new video ads that play automatically in
the news feed, image ads on its Instagram photo-sharing app or its experiments
in mobile payments.
But Mr. Zuckerberg did get enthusiastic about Oculus VR, a maker of virtual
reality headsets that Facebook bought for $2 billion in a deal that closed this
week.
“We can help define what the next generation of computing is going to be.
Virtual reality, augmented reality, will play into this in an important way,” he
said.
The Oculus purchase and Facebook’s proposed $19 billion purchase of WhatsApp,
the leading text messaging app, are examples of the kind of long bets Mr.
Zuckerberg is making without expecting any immediate returns.
Richard Greenfield, an analyst with BTIG Research, said that investors would be
patient because Facebook was trying to reinvent display advertising, making it a
formidable rival to Google, the king of search ads.
“They are clearly focusing on the quality of the creative, getting more into
video, doing things like Instagram ads, that have real emotional connection with
users,” he said. “I think they’re just trying to temper expectations so that
expectations don’t get ahead of themselves.”
Indeed, Facebook continues to gain ground in digital advertising, particularly
in mobile.
The company accounted for 5.8 percent of the world’s estimated $120 billion in
digital ad revenues in 2013, and it captured 17.77 percent of mobile ad
spending, according to the research firm eMarketer.
This year, eMarketer predicts, Facebook will garner nearly 8 percent of the
world’s digital ad revenue and 22.3 percent of mobile ad revenue, which the firm
projects will nearly double globally as people turn increasingly to phones as
their primary on-ramp to the Internet.
“If you’re just out there fishing for new customers, Facebook is by far the most
efficient channel,” said Bob Buch, chief executive of SocialWire, a San
Francisco company that helps retailers market on Facebook.
One long-running concern is whether Facebook users are tiring of the service and
turning to other apps. In the United States, the company’s websites and apps
account for about one out of every six minutes that people spend online,
according to comScore data.
Facebook said that about 63 percent of its users logged on daily in June,
roughly the same as at the end of the first quarter.
Melissa Parrish, vice president and research director at Forrester Research,
said Facebook clearly did well last quarter. Her one complaint was that the
company was essentially selling display ads and doing little to help marketers
capitalize on the social connections of Facebook users. But “I suppose I’m being
a bit of a tiger mom,” she said. “My kids are getting all A’s, and I’d really
like to see them get all A-pluses.”
A version of this article appears in print on July 24, 2014,
on page B1 of the New York edition with the headline: Facebook’s Profit
Propelled by Mobile.
Facebook’s Profit Propelled by Mobile, NYT,
23.7.2014,
http://www.nytimes.com/2014/07/24/technology/
facebooks-profit-soars-past-expectations-fueled-by-mobile-ads.html
Facebook Tinkers With Users’ Emotions
in News Feed Experiment, Stirring Outcry
JUNE 29, 2014
The New York Times
By VINDU GOEL
To Facebook, we are all lab rats.
Facebook routinely adjusts its users’ news feeds — testing out the number of ads
they see or the size of photos that appear — often without their knowledge. It
is all for the purpose, the company says, of creating a more alluring and useful
product.
But last week, Facebook revealed that it had manipulated the news feeds of over
half a million randomly selected users to change the number of positive and
negative posts they saw. It was part of a psychological study to examine how
emotions can be spread on social media.
The company says users consent to this kind of manipulation when they agree to
its terms of service. But in the quick judgment of the Internet, that argument
was not universally accepted.
“I wonder if Facebook KILLED anyone with their emotion manipulation stunt. At
their scale and with depressed people out there, it’s possible,” the privacy
activist Lauren Weinstein wrote in a Twitter post.
On Sunday afternoon, the Facebook researcher who led the study, Adam D. I.
Kramer, posted a public apology on his Facebook page.
“I can understand why some people have concerns about it, and my co-authors and
I are very sorry for the way the paper described the research and any anxiety it
caused,” he wrote.
Facebook is hardly the only Internet company that manipulates and analyzes
consumer data. Google and Yahoo also watch how users interact with search
results or news articles to adjust what is shown; they say this improves the
user experience. But Facebook’s most recent test did not appear to have such a
beneficial purpose.
“Facebook didn’t do anything illegal, but they didn’t do right by their
customers,” said Brian Blau, a technology analyst with Gartner, a research firm.
“Doing psychological testing on people crosses the line.”
In an academic paper published in conjunction with two university researchers,
the company reported that, for one week in January 2012, it had altered the
number of positive and negative posts in the news feeds of 689,003 randomly
selected users to see what effect the changes had on the tone of the posts the
recipients then wrote.
The researchers found that moods were contagious. The people who saw more
positive posts responded by writing more positive posts. Similarly, seeing more
negative content prompted the viewers to be more negative in their own posts.
Although academic protocols generally call for getting people’s consent before
psychological research is conducted on them, Facebook didn’t ask for explicit
permission from those it selected for the experiment. It argued that its 1.28
billion monthly users gave blanket consent to the company’s research as a
condition of using the service.
But the social network’s manipulation of its users’ feelings without their
knowledge stirred up its own negative reaction. Some Facebook users and critics
suggested that the company had crossed an ethical boundary.
Mr. Kramer wrote that changing the emotional makeup of the news feeds had a
minimal impact, prompting users to produce an average of one fewer emotional
word per thousand words over the following week.
“The reason we did this research is because we care about the
emotional impact of Facebook and the people that use our product,” Mr. Kramer
wrote. “We felt that it was important to investigate the common worry that
seeing friends post positive content leads to people feeling negative or left
out. At the same time, we were concerned that exposure to friends’ negativity
might lead people to avoid visiting Facebook.”
He added, “In hindsight, the research benefits of the paper may not have
justified all of this anxiety.”
The uproar highlights the immense control Facebook exerts over what its users
see. When someone logs in, there are typically about 1,500 items the company
could display in that person’s news feed, but the service shows only about 300
of them.
What you see is chosen by a mysterious algorithm that takes into account
hundreds of factors, such as how often you comment on your Aunt Sally’s photos,
how much your friends are talking about a colleague’s post about her new job,
and whether you always watch those cat videos.
Facebook also solicits direct feedback. On the desktop version, for example, if
you click on the arrow at the top right corner of every post, there is an option
to “Make news feed better” by rating your satisfaction with various posts.
The goal of all of this, Facebook says, is to give you more of what you want so
that you spend more time using the service — thus seeing more of the ads that
provide most of the company’s revenue.
“Ultimately, we’re just providing a layer of technology that helps people get
what they want,” Chris Cox, chief product officer of Facebook, said during an
interview in February about changes made to the news feed to show more news
articles and fewer viral videos. “That’s the master we serve at the end of the
day.”
Mr. Blau, the analyst, said that Facebook should have informed its users about
the emotion study. “They keep on pushing the boundaries, and this is one of the
reasons people are upset.”
A version of this article appears in print on June 30, 2014, on page B1 of the
New York edition with the headline: Outcry Greets Facebook’s Emotion Test.
Facebook Tinkers With Users’ Emotions
in News Feed Experiment, Stirring Outcry, NYT, 29.6.2014,
http://www.nytimes.com/2014/06/30/technology/facebook-tinkers-
with-users-emotions-in-news-feed-experiment-stirring-outcry.html
N.S.A. Collecting Millions of Faces
From Web Images
MAY 31, 2014
The New York Times
By JAMES RISEN
and LAURA POITRAS
The National Security Agency is harvesting huge numbers of
images of people from communications that it intercepts through its global
surveillance operations for use in sophisticated facial recognition programs,
according to top-secret documents.
The spy agency’s reliance on facial recognition technology has grown
significantly over the last four years as the agency has turned to new software
to exploit the flood of images included in emails, text messages, social media,
videoconferences and other communications, the N.S.A. documents reveal. Agency
officials believe that technological advances could revolutionize the way that
the N.S.A. finds intelligence targets around the world, the documents show. The
agency’s ambitions for this highly sensitive ability and the scale of its effort
have not previously been disclosed.
The agency intercepts “millions of images per day” — including about 55,000
“facial recognition quality images” — which translate into “tremendous untapped
potential,” according to 2011 documents obtained from the former agency
contractor Edward J. Snowden. While once focused on written and oral
communications, the N.S.A. now considers facial images, fingerprints and other
identifiers just as important to its mission of tracking suspected terrorists
and other intelligence targets, the documents show.
“It’s not just the traditional communications we’re after: It’s taking a
full-arsenal approach that digitally exploits the clues a target leaves behind
in their regular activities on the net to compile biographic and biometric
information” that can help “implement precision targeting,” noted a 2010
document.
One N.S.A. PowerPoint presentation from 2011, for example, displays several
photographs of an unidentified man — sometimes bearded, other times clean-shaven
— in different settings, along with more than two dozen data points about him.
These include whether he was on the Transportation Security Administration
no-fly list, his passport and visa status, known associates or suspected
terrorist ties, and comments made about him by informants to American
intelligence agencies.
It is not clear how many people around the world, and how many Americans, might
have been caught up in the effort. Neither federal privacy laws nor the nation’s
surveillance laws provide specific protections for facial images. Given the
N.S.A.’s foreign intelligence mission, much of the imagery would involve people
overseas whose data was scooped up through cable taps, Internet hubs and
satellite transmissions.
Because the agency considers images a form of communications content, the N.S.A.
would be required to get court approval for imagery of Americans collected
through its surveillance programs, just as it must to read their emails or
eavesdrop on their phone conversations, according to an N.S.A. spokeswoman.
Cross-border communications in which an American might be emailing or texting an
image to someone targeted by the agency overseas could be excepted.
Civil-liberties advocates and other critics are concerned that the power of the
improving technology, used by government and industry, could erode privacy.
“Facial recognition can be very invasive,” said Alessandro Acquisti, a
researcher on facial recognition technology at Carnegie Mellon University.
“There are still technical limitations on it, but the computational power keeps
growing, and the databases keep growing, and the algorithms keep improving.”
Continue reading the main story
State and local law enforcement agencies are relying on a wide range of
databases of facial imagery, including driver’s licenses and Facebook, to
identify suspects. The F.B.I. is developing what it calls its “next generation
identification” project to combine its automated fingerprint identification
system with facial imagery and other biometric data.
The State Department has what several outside experts say could be the largest
facial imagery database in the federal government, storing hundreds of millions
of photographs of American passport holders and foreign visa applicants. And the
Department of Homeland Security is funding pilot projects at police departments
around the country to match suspects against faces in a crowd.
The N.S.A., though, is unique in its ability to match images with huge troves of
private communications.
“We would not be doing our job if we didn’t seek ways to continuously improve
the precision of signals intelligence activities — aiming to counteract the
efforts of valid foreign intelligence targets to disguise themselves or conceal
plans to harm the United States and its allies,” said Vanee M. Vines, the agency
spokeswoman.
She added that the N.S.A. did not have access to photographs in state databases
of driver’s licenses or to passport photos of Americans, while declining to say
whether the agency had access to the State Department database of photos of
foreign visa applicants. She also declined to say whether the N.S.A. collected
facial imagery of Americans from Facebook and other social media through means
other than communications intercepts.
“The government and the private sector are both investing billions of dollars
into face recognition” research and development, said Jennifer Lynch, a lawyer
and expert on facial recognition and privacy at the Electronic Frontier
Foundation in San Francisco. “The government leads the way in developing huge
face recognition databases, while the private sector leads in accurately
identifying people under challenging conditions.”
Ms. Lynch said a handful of recent court decisions could lead to new
constitutional protections for the privacy of sensitive face recognition data.
But she added that the law was still unclear and that Washington was operating
largely in a legal vacuum.
Laura Donohue, the director of the Center on National Security and the Law at
Georgetown Law School, agreed. “There are very few limits on this,” she said.
Congress has largely ignored the issue. “Unfortunately, our privacy laws provide
no express protections for facial recognition data,” said Senator Al Franken,
Democrat of Minnesota, in a letter in December to the head of the National
Telecommunications and Information Administration, which is now studying
possible standards for commercial, but not governmental, use.
Facial recognition technology can still be a clumsy tool. It has difficulty
matching low-resolution images, and photographs of people’s faces taken from the
side or angles can be impossible to match against mug shots or other head-on
photographs.
Dalila B. Megherbi, an expert on facial recognition technology at the University
of Massachusetts at Lowell, explained that “when pictures come in different
angles, different resolutions, that all affects the facial recognition
algorithms in the software.”
That can lead to errors, the documents show. A 2011 PowerPoint showed one
example when Tundra Freeze, the N.S.A.’s main in-house facial recognition
program, was asked to identify photos matching the image of a bearded young man
with dark hair. The document says the program returned 42 results, and displays
several that were obviously false hits, including one of a middle-age man.
Similarly, another 2011 N.S.A. document reported that a facial recognition
system was queried with a photograph of Osama bin Laden. Among the search
results were photos of four other bearded men with only slight resemblances to
Bin Laden.
But the technology is powerful. One 2011 PowerPoint showed how the software
matched a bald young man, shown posing with another man in front of a water
park, with another photo where he has a full head of hair, wears different
clothes and is at a different location.
It is not clear how many images the agency has acquired. The N.S.A. does not
collect facial imagery through its bulk metadata collection programs, including
that involving Americans’ domestic phone records, authorized under Section 215
of the Patriot Act, according to Ms. Vines.
The N.S.A. has accelerated its use of facial recognition technology under the
Obama administration, the documents show, intensifying its efforts after two
intended attacks on Americans that jarred the White House. The first was the
case of the so-called underwear bomber, in which Umar Farouk Abdulmutallab, a
Nigerian, tried to trigger a bomb hidden in his underwear while flying to
Detroit on Christmas in 2009. Just a few months later, in May 2010, Faisal
Shahzad, a Pakistani-American, attempted a car bombing in Times Square.
The agency’s use of facial recognition technology goes far beyond one program
previously reported by The Guardian, which disclosed that the N.S.A. and its
British counterpart, General Communications Headquarters, have jointly
intercepted webcam images, including sexually explicit material, from Yahoo
users.
The N.S.A. achieved a technical breakthrough in 2010 when analysts first matched
images collected separately in two databases — one in a huge N.S.A. database
code-named Pinwale, and another in the government’s main terrorist watch list
database, known as Tide — according to N.S.A. documents. That ability to
cross-reference images has led to an explosion of analytical uses inside the
agency. The agency has created teams of “identity intelligence” analysts who
work to combine the facial images with other records about individuals to
develop comprehensive portraits of intelligence targets.
The agency has developed sophisticated ways to integrate facial recognition
programs with a wide range of other databases. It intercepts video
teleconferences to obtain facial imagery, gathers airline passenger data and
collects photographs from national identity card databases created by foreign
countries, the documents show. They also note that the N.S.A. was attempting to
gain access to such databases in Pakistan, Saudi Arabia and Iran.
The documents suggest that the agency has considered getting access to iris
scans through its phone and email surveillance programs. But asked whether the
agency is now doing so, officials declined to comment. The documents also
indicate that the N.S.A. collects iris scans of foreigners through other means.
In addition, the agency was working with the C.I.A. and the State Department on
a program called Pisces, collecting biometric data on border crossings from a
wide range of countries.
One of the N.S.A.’s broadest efforts to obtain facial images is a program called
Wellspring, which strips out images from emails and other communications, and
displays those that might contain passport images. In addition to in-house
programs, the N.S.A. relies in part on commercially available facial recognition
technology, including from PittPatt, a small company owned by Google, the
documents show.
The N.S.A. can now compare spy satellite photographs with intercepted personal
photographs taken outdoors to determine the location. One document shows what
appear to be vacation photographs of several men standing near a small
waterfront dock in 2011. It matches their surroundings to a spy satellite image
of the same dock taken about the same time, located at what the document
describes as a militant training facility in Pakistan.
A version of this article appears in print on June 1, 2014,
on page A1 of the New York edition with the headline:
N.S.A. Collecting Millions of Faces From Web Images.
N.S.A. Collecting Millions of Faces From
Web Images,
NYT, 31.5.2014,
http://www.nytimes.com/2014/06/01/us/
nsa-collecting-millions-of-faces-from-web-images.html
YouTube Removes Video
Posted by Shooting Suspect
MAY 24, 2014
The New York Times
By ALAN FEUER
As news spread of a shooting in California that left at least
seven people dead, YouTube on Saturday afternoon took down a video clip that the
police have connected to the rampage. The website was seemingly caught between
its mission and its morals, between making information available to all and
spreading material that could be construed as offensive, even dangerous.
The video, titled “Elliot Rodger’s Retribution,” was uploaded by Mr. Rodger on
Friday, the day of the shooting. In it, Mr. Rodger, sitting in his car and
speaking to the camera, bemoans the fact that he is still a virgin and promises
to take revenge on women for rejecting him. (He also posted the video on his
Facebook page and on his blog.) He was tentatively identified by a family lawyer
on Saturday as the gunman who was found dead after shooting six people in the
Isla Vista section of Santa Barbara.
A spokeswoman for Google, which owns YouTube, said the video had been removed
because it violated the service’s guidelines against acts like stalking,
intimidating behavior and making threats. The spokeswoman said that most videos
marked for removal are first flagged by viewers and then examined by special
review teams that determine whether they meet the site’s guidelines.
YouTube has a slightly different policy for videos that are posted in the
context of news or as documentary artifacts because, the spokeswoman said, the
website wants to be a place “where people come to understand what happened.”
YouTube prohibits hate speech, which it defines in its community guidelines as
speech that “attacks or demeans a group” based on race, religion or other
defining characteristics. Facebook, too, prohibits hateful postings that attack
others on the basis of their identity.
It was not the first time — nor is it likely to be the last — that social media
has found itself at the center of a violent and rapidly developing news story.
In 2012, for example, an anti-Islamic video posted on YouTube ignited anger
across the Muslim world and was subsequently removed from the site.
Technology companies have in the past censored themselves, and others. Two years
ago, for instance, both Apple and Google discontinued a smartphone app produced
by Hezbollah. And in 2010, YouTube removed links to several speeches by the
radical Islamic cleric Anwar al-Awlaki in which he advocated violence.
Mr. Rodger’s videos on YouTube did not counsel others to act violently, but his
language in them was disturbing enough that his parents, according to their
lawyer, contacted the police about a month ago to express concern. The other
videos remain on his YouTube channel. In one clip posted shortly before the
shootings, Mr. Rodger recorded himself parked in his BMW at the beach, observing
an unsuspecting couple as they kiss on a park bench.
In the final video he posted, he looks into the camera and says, “After I’ve
annihilated every single girl in the sorority house, I’ll take to the streets of
Isla Vista and slay every single person I see there.” At another point,
seemingly addressing women who rejected him, he says, “If I had it in my power,
I would stop at nothing to reduce every single one of you to mountains of skulls
and rivers of blood.”
In addition to their violent imagery and misogyny, Mr. Rodger’s videos were
marked by his self-loathing. The title of one: “Why Do Girls Hate Me So Much?”
YouTube Removes Video Posted by Shooting
Suspect,
NYT, 24.5.2014,
http://www.nytimes.com/2014/05/25/business/
youtube-removes-video-posted-by-shooting-suspect.html
U.S. Case Offers Glimpse
Into China’s Hacker Army
MAY 22, 2014
The New York Times
By EDWARD WONG
BEIJING — One man accused of being a hacker for the Chinese
military, Wang Dong, better known as UglyGorilla, wrote in a social media
profile that he did not “have much ambition” but wanted “to wander the world
with a sword, an idiot.”
Another, Sun Kailiang, also known as Jack Sun, grew up in wealthy Pei County in
eastern China, the home of a peasant who founded the ancient Han dynasty and was
idolized by Mao.
They and three others were indicted by the United States Justice Department this
week, charged with being part of a Chinese military unit that has hacked the
computers of prominent American companies to steal commercial secrets,
presumably for the benefit of Chinese companies.
Much about them remains murky. But Chinese websites, as well as interviews with
cybersecurity experts and former hackers inside and outside China, reveal some
common traits among those and other hackers, and show that China’s hacking
culture is a complex mosaic of shifting motivations, employers and allegiances.
Many hackers working directly for the Chinese government are men in their 20s
and 30s who have been trained at universities run by the People’s Liberation
Army and are employed by the state in myriad ways. Those working directly for
the military usually follow a 9-to-5 weekday schedule and are not well paid,
experts and former hackers said. Some military and government employees
moonlight as mercenaries and do more hacking on their own time, selling their
skills to state-owned and private companies. Some belong to the same online
social networking groups.
“There are many types of relationships,” said Adam Segal, a China and
cybersecurity scholar at the Council on Foreign Relations in New York. “Some
P.L.A. hackers offer their services under contract to state-owned enterprises.
For some critical technologies, it is possible that P.L.A. hackers are tasked
with attacks on specific foreign companies.”
The Obama administration makes a distinction between hacking to protect national
security, which it calls fair play, and hacking to obtain trade secrets that
would give an edge to corporations, which it says is illegal. China and other
nations accuse the United States of being the biggest perpetrator of both kinds
of espionage.
In what may be Chinese retaliation for the indictments, a state agency announced
plans on Thursday for tighter checks on Internet companies that do business in
China. The State Internet Information Office said the government would establish
new procedures to assess potential security problems with Internet technology
and with services used by sectors “related to national security and the public
interest,” reported Xinhua, the state-run news agency.
In the indictments, unsealed on Monday, the United States accused Mr. Wang, Mr.
Sun and three others of working in the Chinese Army’s Unit 61398, which a report
last year by Mandiant, a cybersecurity company in Alexandria, Va., said operated
out of a 12-story white tower on the outskirts of Shanghai. That unit is now the
most infamous of China’s suspected hacking groups, and the Western cybersecurity
industry variously calls it the Comment Crew, the Shanghai Group and APT1.
Some members are active on Chinese social media. Mr. Wang, Mr. Sun and another
of the men indicted, Wen Xinyu, are part of a group on QQ, a social networking
and messaging tool, that calls itself “Poor Folks Fed by Public Funds,”
according to an Internet search.
Continue reading the main story
The group, which has 24 members, also includes Mei Qiang, a hacking suspect
named in the Mandiant report whose alias is SuperHard. Another member, Xu
Yaoling, has the same name as someone from the P.L.A. University of Science and
Technology, a military institution in Nanjing, who has written papers on hacking
and cybersecurity.
Mr. Wang posted messages on an official Chinese military forum in 2004 under the
alias Green Field. He called himself a “military enthusiast” and asked in one
thread, “Does our military have the capabilities to fight against American
troops?” His forum profile listed an English name, Jack Wang, and an email
address; messages sent this week to that address went unanswered. He has been
known to leave a signature, “ug,” on malware he has created.
“I think they’re soldiers with some training in computer technology, not
technology people drafted into the military,” said a former hacker who has done
what he calls defensive work for the Chinese Army and security agencies.
The Comment Crew is not the only big player in China, where hacking is as common
in the corporate and criminal worlds as in the government. It is even promoted
at trade shows, in classrooms and on Internet forums.
Western cybersecurity experts usually focus on hackers with state ties. FireEye,
a cybersecurity company in Milpitas, Calif., that bought Mandiant in January, is
tracking at least 25 “active Chinese-based threat groups,” of which 22 support
the state in some way, said Darien Kindlund, the company’s manager of threat
intelligence. At least five appear to be tied directly to one or more military
groups, Mr. Kindlund said, adding that this was a conservative estimate.
Joe Stewart, a cybersecurity expert at Dell SecureWorks, said that as of last
year, the Comment Crew and a unit he called the Beijing Group were using “the
lion’s share” of 25,000 suspicious online domains he had been tracking. The
Beijing Group, he said, used a dedicated block of I.P. addresses that could be
traced to the Chinese capital and to the network of China Unicom, one of the
three biggest state-owned Internet telecommunications companies.
“There’s espionage activity coming out of that,” Mr. Stewart said, though he
added that he had seen no evidence of the Beijing Group’s working with China
Unicom or any other state entity.
A man who answered a China Unicom spokesman’s cellphone declined to comment.
The targets pursued by the Comment Crew and the Beijing Group overlap — both go
after foreign corporations and government agencies, for example — but the
Beijing unit also takes aim at “activist types,” Mr. Stewart said, including
ethnic Tibetan and Uighur exile groups. The two units are responsible for
creating most of the world’s 300 known families of malware, he added.
Western cybersecurity experts saw a surge of online espionage attacks on
corporations starting in late 2006. Before that, attacks had been aimed mostly
at government agencies or contractors. The experts said much of the initial wave
of corporate espionage was traced to China, and specifically to the Comment
Crew. About a year later, the Beijing Group appeared on the scene.
A smaller unit, the Kunming Group, whose attacks have been traced to I.P.
addresses in Kunming, the capital of Yunnan Province, seemed focused on targets
in Vietnam, Mr. Stewart said. It deployed malware and so-called spear phishing
attacks that tried to entice victims to click on messages and links in
Vietnamese.
It is unclear exactly what the Kunming Group sought to achieve, but tensions
between China and Vietnam have been rising in recent years over territorial
disputes in the South China Sea. China moved an oil rig near Vietnam this month,
an action Vietnam has protested. Vietnam is also working with foreign oil
companies to drill and explore in that sea.
Though the Obama administration has focused on exposing corporate espionage,
hackers suspected of working for the Chinese government have breached a wide
range of foreign government agencies, cybersecurity experts say.
For example, FireEye said it had observed spying attacks on Taiwanese government
agencies and on a professor in India who held pro-Tibet views. The company
called the attackers the Shiqiang Gang. A mainland Chinese group also carried
out attacks on Japanese government agencies and companies last September by
putting commands on Japanese news media websites that would infect users.
Mr. Kindlund, the FireEye executive, said people in his industry looked at a
variety of factors to determine whether a hacker was a state employee or private
contractor. One is the hacker’s security methods: Military hackers are less
sloppy. Another is the victims: A hacker who jumps among wildly divergent
victims, he said, is likely to be a contractor. In recent months, FireEye
observed a hacker who took aim at foreign defense and aerospace companies, then
hacked an online entertainment company. It appeared the hacker was a private
contractor, Mr. Kindlund said.
There is no proven method of getting a Chinese hacking unit to back down. In
early 2013, American officials hoped that the release of the Mandiant report and
loud criticism of Chinese cyberespionage by the Obama administration would
silence the Comment Crew. The unit went dormant but resurfaced within five
months, Mr. Kindlund said. Now, its attacks have returned to pre-2013 levels.
“They’re using similar tactics but launching attacks from different
infrastructure,” Mr. Kindlund said. “The tools are only slightly modified. Over
all, most of the changes are very minor.”
Jonathan Ansfield and Chris Buckley contributed reporting,
and Kiki Zhao and Mia Li contributed research.
A version of this article appears in print on May 23, 2014,
on page A1 of the New York edition with the headline:
U.S. Case Offers Glimpse Into China’s Hacker Army.
U.S. Case Offers Glimpse Into China’s
Hacker Army, NYT, 22.5.2014,
http://www.nytimes.com/2014/05/23/world/asia/
us-case-offers-glimpse-into-chinas-hacker-army.html
Don’t Force Google to ‘Forget’
MAY 14, 2014
The New York Times
The Opinion Pages | Op-Ed Contributor
By JONATHAN ZITTRAIN
CAMBRIDGE, Mass. — THE European Court of Justice ruled on
Tuesday that Europeans have a limited “right to be forgotten” by search engines
like Google. According to the ruling, an individual can compel Google to remove
certain reputation-harming search results that are generated by Googling the
individual’s name. The court is trying to address an important problem — namely,
the Internet’s ability to preserve indefinitely all its information about you,
no matter how unfortunate or misleading — but it has devised a poor solution.
The court’s decision is both too broad and curiously narrow. It is too broad in
that it allows individuals to impede access to facts about themselves found in
public documents. This is a form of censorship, one that would most likely be
unconstitutional if attempted in the United States. Moreover, the test for
removal that search engines are expected to use is so vague — search results are
to be excluded if they are “inadequate, irrelevant or no longer relevant” — that
search engines are likely to err on the safe side and accede to most requests.
But the decision is oddly narrow in that it doesn’t require that unwanted
information be removed from the web. The court doesn’t have a problem with web
pages that mention the name of the plaintiff in this case (Mario Costeja
González) and the thing he regrets (a property foreclosure); it has a problem
only with search engines that list those pages — including this article and
possibly the court’s own ruling — as results to a query on the basis of Mr.
González’s name. So nothing is being “forgotten,” despite the court’s stated
attempt to protect such a right.
How an individual’s reputation is protected online is too important and subtle a
policy matter to be legislated by a high court, which is institutionally
mismatched to the evolving intricacies of the online world.
Progress has been limited perhaps by a shortfall of imagination by Google,
Microsoft’s Bing and the handful of other powerful intermediaries who stand
between what we ask and what we’re told is relevant. Search engines generally
treat personal names as search terms like any others: Data is data. Google and
company have not internalized just how significant that first page of search
results has become to someone whose name has been queried. What they place on
that page may do more than anything else in the world to define a stranger in
others’ estimations.
What if search engine companies were to think more creatively about how such
searches might work? In 2007, Google admirably experimented in this area,
introducing a feature to its Google News aggregator that allowed people quoted
or mentioned in a news article indexed by Google News to add a comment next to
that article in the search results. Such participants could offer readers of
Google News an explanation, an apology, or a reason to discount whatever it was
they were about to read. (Academics were among the first users of the feature,
often adding a comment to contextualize something a newspaper reporter had
quoted them as saying.) But Google ultimately abandoned the feature.
That’s too bad. If search engines allowed for such comments generally, they
might be able to give you more influence over the information about you online —
without giving you the power to censor. Perhaps querying someone’s name would
result in an initial page of search results in which some form of curating was
permitted for people sharing that name; the subsequent pages of results would
provide the unvarnished material that a regular search now generates.
For those who believe in a right to “be forgotten,” such a proposal would of
course fall short. But I suspect that in many cases, the desire for such a right
is merely the desire not to have your life presented to the world
mechanistically and without review, with nothing more than a search term and a
single click. This is a legitimate desire that the sort of proposal I have in
mind would satisfy.
Whatever the solution, the status quo is no longer stable. In the wake of the
decision by the European Court of Justice, search engine companies now face a
potential avalanche of requests for redaction. And whatever the merits of the
court’s decision, Europe cannot expect to export its new approach to countries
like the United States. (Even in Europe, search engine users will no doubt
cultivate the same Internet “workarounds” that Chinese citizens use to see what
their government doesn’t want them to see.)
Google, Bing and Yahoo should devote their considerable resources to mitigating
this problem. If they don’t, search engine results may become increasingly
dependent on where your keyboard is, rather than what you’re looking for. And
the search engines may find themselves in a cat-and-mouse game of censorship and
evasion, leading only to a fragmentation, not an improvement, of the web.
Jonathan Zittrain, a professor of law and computer scienc
at Harvard, is the author of “The Future of the Interne
— And How to Stop It.”
A version of this op-ed appears in print on May 15, 2014,
on page A29 of the New York edition with the headline:
Don’t Force Google to ‘Forget’.
Don’t Force Google to ‘Forget’, NYT,
14.5.2014,
http://www.nytimes.com/2014/05/15/opinion/dont-force-google-to-forget.html
White House Details
Thinking on Cybersecurity Flaws
APRIL 28, 2014
The New York Times
By DAVID E. SANGER
WASHINGTON — In a rare insight into the government’s thinking
on the use of cyberweapons, the White House on Monday published a series of
questions it asks in deciding when to make public the discovery of major flaws
in computer security or whether to keep them secret so that American
intelligence agencies can use them to enable surveillance or an attack.
The discussion came not in a presidential policy directive or a speech, like the
kind President Obama gave when describing the criteria for conducting drone
attacks, but in a blog post on the White House website. The item was posted by
Michael Daniel, the White House cybersecurity coordinator, and appeared to be
distilled from a far more detailed classified document giving guidance to the
National Security Agency, the F.B.I. and others who often exploit flaws in
Internet security.
Mr. Daniel repeated the N.S.A.’s declaration several weeks ago that “we had no
prior knowledge of the existence of Heartbleed,” a security vulnerability that
created widespread fears that passwords or other delicate information
transmitted by millions of computer users may have been revealed. But he
acknowledged that the Heartbleed incident had cast a light on a balancing test
the White House has until now declined to discuss in any detail: When should the
government reveal flaws that it discovers, and when should it use them for its
still-unacknowledged “stockpile” of flaws that would help it penetrate foreign
computer networks?
It is a heated issue inside the N.S.A. and the Pentagon. The United States made
use of four so-called zero-day vulnerabilities — flaws that had been known for
zero days to the outside world — to attack and disable elements of Iran’s
nuclear program in an operation called Olympic Games. The United States and
Israel, which mounted that campaign, have never acknowledged their involvement,
and most of the time such vulnerabilities are exploited for more routine
actions, especially the interception of email or other Internet traffic.
But the intelligence agencies, along with the F.B.I., have argued that giving up
a key weapon in that arsenal would amount to unilateral disarmament. The White
House seems to agree.
“In the majority of cases, responsibly disclosing a newly discovered
vulnerability is clearly in the national interest,” Mr. Daniel wrote, because of
the need to keep Internet transactions, on which the world economy heavily
depends, as secure as possible. “This has been and continues to be the case.”
But he spent the rest of his blog entry describing what conditions might lead to
a decision not to publish the details of a flaw — perhaps for a short time,
perhaps for much longer. “Disclosing a vulnerability can mean that we forego an
opportunity to collect crucial intelligence that could thwart a terrorist
attack, stop the theft of our nation’s intellectual property, or even discover
more dangerous vulnerabilities that are being used by hackers or other
adversaries to exploit our networks,” Mr. Daniel wrote, describing the review
that has taken place at the White House in the past few months.
“This is an acknowledgment of the need to do offensive cyber, both espionage and
attack,” said Jack Goldsmith, a Harvard law professor who served in the Bush
administration and has written extensively on the legal rationales for the use
of cyberweapons. “What’s notable is that the White House has now agreed that
these issues have to be considered at a higher level, that often it’s a hard
call, and it’s not an issue that should just be left to the N.S.A. or the
F.B.I.”
Mr. Daniel wrote that the administration has now “established a disciplined,
rigorous and high-level decision-making process for vulnerability disclosure.”
He did not say who would participate, or whether the hardest questions would be
bounced to the president, much as he sometimes reviews the details of drone
strikes or other covert operations that could have diplomatic implications. Mr.
Daniel did not say who runs that process, but administration officials say it is
largely directed by the National Security Council, and often by Mr. Daniel
himself.
That group would weigh at least nine questions that Mr. Daniel enumerated.
The first was: “How much is the vulnerable system used in the core Internet
infrastructure, in other critical infrastructure systems, in the U.S. economy,
and/or in national security systems?” That seemed to suggest that a
vulnerability that had potentially wide impact on the American economy, its
utilities or the cellphone networks, for example, would be more important than
one with narrow implications.
Another question for the group to consider, he wrote, was how much harm “an
adversary nation or criminal group” could do with the vulnerability and whether
it would be possible to know that such a nation or group was exploiting it. In
the case of Heartbleed, the government was apparently unaware of the flaw, even
though it had existed for roughly two years.
Other questions turned to the issue of whether intelligence agencies think the
information is necessary, for surveillance or an attack, and whether there are
other ways to get it. Among the most interesting questions on the list was this
one: “Could we utilize the vulnerability for a short period of time before we
disclose it?”
That suggests an option to allow the White House to split the difference between
its intelligence needs and the principle of public disclosure.
A version of this article appears in print on April 29, 2014
on page A15 of the New York edition with the headline:
White House Details Thinking on Cybersecurity Flaws.
White House Details Thinking on
Cybersecurity Flaws, NYT, 28.4.2014,
http://www.nytimes.com/2014/04/29/us/
white-house-details-thinking-on-cybersecurity-gaps.html
With Move to Limit Gun Sales,
Facebook Is Caught in Debate
March 5, 2014, 12:00 pm
The New York Times
Bits
By DAVID STREITFELD
Facebook wants to unite the world so everyone can talk about
everything. One of the big things people want to talk about, it seems, is guns.
The social network is one of the world’s largest marketplaces for guns. A
DoubleStar AR-15 is offered for $650. A raspberry-colored Taurus pistol can be
had for $239.95, a Bushmaster M4 “fresh from the box” for $1,200. “We’ve got
over 550 guns and we need buyers!” posts a Louisiana seller.
Under pressure from law enforcement and advocacy groups, Facebook took steps
Wednesday to regulate gun sales on its site as well as on its photo-sharing app
Instagram. Pages advertising guns for sale, for instance, will be shielded from
minors.
Facebook does not want its growing prominence as a private gun mall to alienate
users. Nor does it want to squelch free speech. But if the company hoped its
announcement would satisfy everyone and make the issue disappear, the plan
backfired.
Gun control groups applauded the changes. So did Michael R. Bloomberg, who is
making gun control one of the most visible elements of his career after serving
as New York mayor. But the National Rifle Association said the changes were so
insignificant that Mr. Bloomberg had “failed.”
And Daniel Gross, president of one of the largest gun control groups, the Brady
Campaign to Prevent Gun Violence, said little had been achieved.
“I wouldn’t even call this a meaningful first step,” Mr. Gross said. “There’s a
simple solution here. Facebook should be prohibiting any post that advertises
the unlicensed sale or transfer of firearms in the U.S.”
Some large Internet sites have gone further. Craigslist, the informal community
website for all sorts of transactions, prohibits the sale of weapons as does the
auction site eBay. “We made the unilateral decision to ban all guns in 1999 as
part of our commitment to being a responsible online marketplace,” Ryan Moore,
an eBay spokesman, said Wednesday.
Facebook and Instagram are not e-commerce sites, but with over a billion users
they encourage a lot of conversations that establish a framework for offline
deals. In some ways, the lack of an actual storefront promotes a willingness to
believe there are no rules.
Eric T. Schneiderman, the New York attorney general, sent Mark Zuckerberg,
Facebook’s chief executive, a letter in November saying that “a recent review of
Facebook found a number of groups in which users promoted the sale of assault
rifles, handguns, rifles, shotguns and gun parts.” He noted that a new New York
law requiring background checks could easily be skirted by Facebook users.
Facebook says it strives to be mindful of the needs of all its members.
“Our goal here is to balance people’s interest in sharing things that they care
about while making sure our community is a safe and responsible one,” said Matt
Steinfeld, a Facebook spokesman.
The specific changes Facebook is putting in place include deleting posts that
seek to circumvent gun laws. It will restrict minors from viewing pages that
sell guns. And it will inform potential sellers that private sales could be
regulated or prohibited where they live.
But Facebook will be able to take action only when a member of its community
alerts it. On Instagram, the process will be a little more automatic. Someone
searching for a hashtag like #gunsforsale will get a “content advisory.”
Mr. Gross, of the Brady group, said blocking children was the “only tangible
thing here.” Otherwise, he said, “I don’t think Facebook has delivered on what
can be done, and what our supporters want to be done.”
Facebook’s changes came after it had been talking to gun-control groups for as
long as a year. Among them are Sandy Hook Promise, Moms Demand Action for Gun
Sense in America, Mr. Bloomberg’s Mayors Against Illegal Guns, Americans for
Responsible Solutions and the Brady group. Mr. Schneiderman joined the
discussion as well.
Mr. Bloomberg said, “We are grateful that Facebook was willing to listen to the
Moms, look at the information and adapt its policies to help make sure that
people who shouldn’t have guns — like minors, felons and other dangerous people
— aren’t able to get guns via their platform.”
There are many competing interests. The group Moms Demand Action received
225,000 signatories to a petition asking Facebook to crack down on illegal gun
sales. But the N.R.A. tried to frame its demands as a free-speech issue.
“Bloomberg and the gun-control groups he funds tried to pressure Facebook into
shutting down discussion of Second Amendment issues on its social media
platforms,” Chris W. Cox, executive director of the N.R.A.’s Institute for
Legislative Action, said in a statement. “Bloomberg failed.”
Siva Vaidhyanathan, a professor of media studies at the University of Virginia
who has written often about Internet culture, said Facebook was “entering its
adolescence facing all of these moral and political challenges about what to
filter and what standards to apply.”
He added, “It will need a linguist and a roomful of lawyers to come up with a
workable policy to allow some posts about guns to go through and some not to go
through.”
Already, however, he could see the site taking on more responsibility for what
happens on it.
“The moment Facebook gets into the business of blocking what it identifies as
gun sales to minors, it is assuming responsibility if something horribly goes
wrong,” Mr. Vaidhyanathan said.
That almost happened last fall, when a 15-year-old Kentucky boy used Facebook to
buy a handgun from an Ohio man. Federal law prohibits the sale of guns across
state lines except by licensed dealers, while minors cannot buy handguns in any
case.
The youth was arrested with the loaded weapon outside his school’s homecoming
football game. He said he had bought the gun to be cool. The seller was charged
last month with transferring a firearm to an out-of-state resident.
A version of this article appears in print on 03/06/2014,
on page A1 of the NewYork edition with the headline:
With Move to Limit Gun Sales, Facebook Is Caught in Debate.
With Move to Limit Gun Sales, Facebook Is
Caught in Debate,
NYT, 5.3.2014,
http://bits.blogs.nytimes.com/2014/03/05/
facebook-to-crack-down-on-illegal-gun-sales/
Has Privacy Become a Luxury Good?
MARCH 3, 2014
The New York Times
By JULIA ANGWIN
LAST year, I spent more than $2,200 and countless hours trying
to protect my privacy.
Some of the items I bought — a $230 service that encrypted my data in the
Internet cloud; a $35 privacy filter to shield my laptop screen from coffee-shop
voyeurs; and a $420 subscription to a portable Internet service to bypass
untrusted connections — protect me from criminals and hackers. Other products,
like a $5-a-month service that provides me with disposable email addresses and
phone numbers, protect me against the legal (but, to me, unfair) mining and sale
of my personal data.
In our data-saturated economy, privacy is becoming a luxury good. After all, as
the saying goes, if you aren’t paying for the product, you are the product. And
currently, we aren’t paying for very much of our technology.
Not long ago, we would have bought services as important to us as mail and news.
Now, however, we get all those services for free — and we pay with our personal
data, which is spliced and diced and bought and sold.
Consider Google, which scans what you write in Gmail to offer advertisers a
chance to promote their items based on your missives. Or a visit to an online
news site where your data is secretly auctioned and sold before the page loads.
Or Facebook, which allows marketers to turn your status updates into ads for
their products.
Those who aren’t bothered by that exchange should keep in mind that our data is
used not just for advertisements. It has also been used to charge people
different prices based on their personal information. It has been used to
provide different search results to different people based on their political
interests. It has been used by the government to identify possible criminal and
terrorist suspects. Just last week, we learned that the British government had
intercepted and archived still images from millions of Yahoo webcam chats around
the world, whether or not the participants were suspected of wrongdoing.
The more we learn about how our data is being harnessed — and how it may be
exploited in the future — the more likely we are to re-evaluate the true cost of
these supposedly free services. And some of us will start trying to buy our way
out of the trade-your-data-for-services economy.
But, as I have learned, it isn’t cheap or convenient to start buying privacy. I
spend annoying amounts of time updating software or trying to resolve technical
difficulties when my different privacy-protecting services conflict with one
another.
It all reminds me of the early days of the organic food movement, when buying
organic often meant trekking to inconveniently located, odd-smelling stores and
paying high rates for misshapen apples. Only the devoted few were willing to
suffer the hassles.
Over time, however, the number of people worried about chemicals in their food
grew large enough to support a robust market. The stores eventually became
better looking, the apples were less misshapen, and organic food entered the
mainstream of American life.
A similar evolution in the personal-data-protection market is underway. Traffic
to the privacy-protecting search engine DuckDuckGo has more than doubled since
Edward J. Snowden revealed vast government surveillance programs last June. The
Blackphone, a $629 not-yet-released Android-based smartphone that will have
privacy-protecting software installed to allow users to send encrypted texts and
make encrypted calls, is being pre-ordered by the thousands. And last year, a
New York entrepreneur, Adam Harvey, sold out of his first run of the OFF Pocket
— an $85 cellphone case that blocks signals to and from the phone. “My vision is
that privacy won’t be given to you as a law completely,” he told me. “You have
to commercialize it so people can speak with their money.”
Standing in the way of the widespread adoption of these tools, however, is the
problem of verification. I have Mr. Harvey’s OFF Pocket and it seems to block
the cell signals, but I don’t know for sure that it works as promised. The same
is true with the Blackphone, or DuckDuckGo’s privacy policies. I hope their
claims are true, but there are few trusted third parties to verify them.
This was brought home to me when I signed up for a service from TrustedID. For
$35, the company promised to opt me out of some of the biggest American data
brokers. A few months later, I contacted those brokers to confirm that my
information had been removed from their databases. It turned out that TrustedID
had failed to process more than half of the opt-outs. The service has since been
suspended.
As more privacy-protecting services pop up, we need to consider two important
questions: Can we ensure that those who can afford to buy privacy services are
not being deceived? And even more important, do we want privacy to be something
that only those with disposable money and time can afford?
The food industry can offer some possible answers to those questions. Our
government enforces baseline standards for the safety of all food and has strict
production and labeling requirements for organic food. It may be time to start
doing the same for our data.
Julia Angwin is a senior reporter at ProPublica
and the author of “Dragnet Nation: A Quest for Privacy,
Security, and Freedom in a World of Relentless Surveillance.”
A version of this op-ed appears in print on March 4, 2014,
on page A23 of the New York edition with the headline:
Has Privacy Become a Luxury Good?.
Has Privacy Become a Luxury Good?, NYT,
3.4.2014,
http://www.nytimes.com/2014/03/04/opinion/has-privacy-become-a-luxury-good.html
Revenue and Profit Rise at Google,
but Mobile Is a Persistent Challenge
By CLAIRE CAIN MILLER
The New York Times
JAN. 30, 2014
SAN FRANCISCO — There is no denying that Google has become a
mobile company. Now, Google — along with shareholders, industry partners and
advertisers — is trying to figure out what that means.
In mobile advertising, Google is wrestling with how to make as much money on
phones as it has on the ads that appear on desktop computers. Its fourth-quarter
earnings report on Thursday showed that it is continuing to struggle with lower
ad prices on phones. Yet some of the new types of ads it has introduced have
paid off handsomely, as have mobile businesses like the Play store for Android
devices.
But in other areas, like manufacturing smartphones, Google has decided that the
business is better left to someone else. On Wednesday, it announced that it
would sell Motorola Mobility, which it bought less than two years ago for $12.5
billion, to Lenovo for $2.91 billion. Motorola’s $384 million loss in the fourth
quarter contributed to Google’s failure to meet analysts’ earnings expectations
for the quarter.
Google's stock activity over the last three months.
Google executives would prefer that people stop talking about mobile at all.
“People aren’t distinguishing what they’re doing on different screens, so
advertisers should be more agnostic about where they reach the user,” Nikesh
Arora, Google’s chief business officer, said on a conference call with analysts.
“The fundamental tenet is not to speak about mobile, mobile, mobile. It’s really
about living with the users. What device are you on? What’s your question? How
can we assist you? That’s a much broader and richer set of activities for us.”
And while everyone else is still obsessing about smartphones, Google has moved
on to new kinds of devices and even robots. Eyewear with tiny computers called
Google Glass is expected to be sold to consumers this year, and the company
recently bought robotics companies and agreed to acquire Nest Labs, which makes
Internet-connected thermostats and smoke detectors.
“While Apple hasn’t even put out a bigger phone, Google is leading in wearables
with Google Glass. It’s got driverless cars. It’s wiring up homes with
tremendous Internet speed connections,” said Colin Gillis, an analyst at BGC
Partners. “Something’s got to pay off.”
To shore up their control and acquire new companies, Google’s founders, Larry
Page and Sergey Brin, proposed in 2012 a new class of nonvoting shares.
On Thursday, Google announced that its board had approved the stock deal. Though
some finance experts have doubted whether it would benefit shareholders, the
news contributed to an increase of about 4 percent in Google shares in
after-hours trading.
“It’s a little bit like, ‘This is my company; if you don’t like it, hit the
highway,’ ” Mr. Gillis said.
Shareholders and equity analysts are also trying to figure out how to value
today’s Google. Its stock price rose 25 percent since its last quarterly
earnings announcement, yet Google has performed below analysts’ expectations
more often than not in the last two years, and it did so again in the fourth
quarter.
The company reported fourth-quarter revenue of $16.86 billion, an increase of 17
percent over the year-ago quarter. Net revenue, which excludes payments to the
company’s advertising partners, was $13.55 billion, up from $11.34 billion. Net
income rose 17 percent to $3.38 billion, or $9.90 a share. Excluding the cost of
stock options and the related tax benefits, Google’s profit was $12.01 a share,
up from $10.65 a year ago.
Analysts had expected revenue of $16.75 billion and earnings, excluding the cost
of stock options, of $12.26 a share.
The fourth quarter is generally Google’s strongest because it makes money from
retail advertisers during the holiday shopping season. Last quarter, that was
even more pronounced because of the success of Google’s product listing ads, a
new kind of ad with photos that Google requires retailers to buy to be included
in its shopping listings.
In the fourth quarter, the price advertisers paid each time someone clicked on
one of those ads rose 80 percent from the year before, compared with 11 percent
growth in typical text search ads, according to Adobe, which manages ad spending
for 1,200 advertisers.
Another new type of ad program from Google, called enhanced campaigns, lumps
mobile ads with desktop ones and is expected to help Google’s mobile ad business
grow. Nonetheless, the price advertisers pay when people click on smartphone ads
is still about a third of the price of desktop ads, in part because people make
purchases from mobile ads a quarter as often as they do on computers.
In the fourth quarter, the cost per click on ads declined 2 percent from the
quarter before and 11 percent from the year before, continuing a two-year trend
of declining prices.
Despite Google’s mobile challenges, among web businesses it might be the biggest
beneficiary so far of consumers’ shift to mobile devices. Google services are
the top web property on smartphones, reaching 87 percent of the mobile audience
through apps and mobile browsing, according to comScore. (Facebook is next with
85 percent.)
And Google earned 42 percent of all mobile ad revenue in the United States last
year, significantly more than any other company, according to eMarketer. Its
share of mobile revenue, however, was down from 50 percent the year before and
is not growing as quickly as that of Twitter, Apple and Facebook.
“It’s safe to say they figured out mobile advertising,” said Jordan Rohan, an
analyst at Stifel Nicolaus. “Google’s problem is it’s 50 percent of online
advertising, so it’s hard to grow as fast.”
Google benefited in the quarter from a brisk business in its Play store for
buying things like apps and music on Android devices, and from widely
distributing Google’s services on Android phones, which have a 52 percent market
share in the United States, according to comScore. On YouTube, 40 percent of the
time spent watching videos comes from mobile devices.
In November, Google announced that Nielsen would measure its traffic the way it
does on TV channels, which is expected to help YouTube court advertisers.
“From a longer-term perspective, every piece of advertising becomes digital,”
Mr. Arora said.
A version of this article appears in print on January 31, 2014,
on page B4 of the New York edition with the headline:
Revenue and Profit Rise at Google,
but Mobile Is a Persistent Challenge.
Revenue and Profit Rise at Google, but
Mobile Is a Persistent Challenge,
NYT, 30.1.2014,
http://www.nytimes.com/2014/01/31/technology/
revenue-and-profit-rise-at-google-but-mobile-struggles-continue.html
A Sneaky Path
Into Target Customers’ Wallets
JAN. 17, 2014
The New York Times
By ELIZABETH A. HARRIS,
NICOLE PERLROTH,
NATHANIEL POPPER
and HILARY STOUT
It was, in essence, a cybercriminal’s dream.
For months, an amorphous group of Eastern European hackers had been poking
around the networks of major American retailers, searching for loose portals
that would take them deep into corporate systems.
In early November, before the holiday shopping season began, the hackers found
what they had been looking for — a wide path into Target and beyond.
Entering through a digital gateway, the criminals discovered that Target’s
systems were astonishingly open — lacking the virtual walls and motion detectors
found in secure networks like many banks’. Without those safeguards, the thieves
moved swiftly into the company’s computer servers containing Target’s customer
data and to the crown jewel: the in-store systems where consumers swipe their
credit and debit cards and enter their PINs.
For weeks, the invasion went undetected; the malware installed by hackers
escaped whatever antivirus protections Target had. Shoppers flooded Target
stores over Thanksgiving weekend and into the following weeks of holiday deals,
unwittingly sending millions of bits of their data into the corners of
cyberspace controlled by a band of sophisticated thieves.
Target had no clue until the Secret Service alerted the company about two weeks
before Christmas. Investigators who had been tracking these criminals overseas
and monitoring suspicious credit activity spotted in December one common thread:
charges and payments made at Target.
At least one major bank noticed a similar pattern. On Dec. 12, JPMorgan Chase
alerted some credit card companies that fraudulent charges were showing up on
cards used at Target, people involved in the conversation said.
An examination by The New York Times into the enormous data theft, including
interviews with people knowledgeable about the investigation, cybersecurity and
credit experts and consumers shows that Target’s system was particularly
vulnerable to attack. It was remarkably open, experts say, which enabled hackers
to wander from system to system, scooping up batches of information.
Investigators have been piecing together the timetable of the attack and
continue to monitor the potential for additional fraud, especially since experts
say that batches of stolen credit card data have yet to be dumped on the black
market. The theft involved confidential credit and debit card data of as many as
40 million Target customers, and personal information, such as phone numbers and
addresses, of as many as 70 million more.
With Secret Service agents in Minneapolis investigating the extent of the fraud,
Javelin Strategy & Research, a consulting firm, estimates the total damage to
banks and retailers could exceed $18 billion. Consumers could be liable for more
than $4 billion in uncovered losses and other costs. Investigators also say they
believe that the invasive hack at Target was part of a broader campaign aimed at
least half a dozen major retailers. So far, one other retailer, Neiman Marcus,
has said that its system was breached at the in-store level, not through online
shopping, and people with knowledge of the investigations have been reluctant to
discuss whether the two are related.
Investigators have seen some malicious software similar to that installed at
Target in recent years, but they described the design of this malware on
point-of-sale systems as particularly wily. The coding was written in a way that
was adaptive and persistent.
Grabbing Data
Once installed, the hackers’ malware snatched customers’ data — directly off the
card’s magnetic strips of credit and debit cards — that is normally sent for
processing to banks and credit card companies. The stolen data was then lifted
and stored on an infected server inside Target, awaiting an order from the
criminals. The coding was easily manipulated so that it could receive
instructions from its handlers in real-time, changing at their command.
Four miles from Target’s headquarters in Minneapolis and more than a week before
the public learned of the data breach, Patrycia Miller looked at the bill for
the American Express account she and her husband used in their dog day care
business.
The usual charges appeared, including some from Target, where they shop a couple
of times a week. But a few stood out — a membership fee to Match.com and a
$1,291.58 plane ticket on South African Airways from Lagos, Nigeria, to
Johannesburg and Nairobi, Kenya.
She asked her husband what he was up to.
Puzzled, Mr. Miller assured her he had not signed up for an online dating
service and had not booked an African flight — “Not for that price,” he said.
Launch media viewer
A screen indicates that a buyer is entering a PIN. Joe Raedle/Getty Images
American Express swiftly credited their account and issued new cards.
But it wasn’t until Target confirmed the breach on Dec. 19 that the Millers
learned what had happened.
Gregg Steinhafel, Target’s chief executive, declined to be interviewed for this
article, and requests for interviews with other company officials involved in
the theft investigation were denied. On Friday evening, Mr. Steinhafel released
a statement, saying: “When the breach was confirmed, I was devastated. I
resolved in that moment to get to the bottom of it, and my top priority since
then has been our guests. We’ve worked for 51 years to build a real relationship
with them, and I am determined to do whatever it takes to secure their trust.”
Mr. Steinhafel said in an interview with CNBC earlier this week that he first
learned of the data break-in when he received a phone call at home on Dec. 15, a
Sunday morning, as he was drinking coffee with his wife. Secret Service and
Justice Department officials had already met with Target employees a few days
earlier to notify them of their suspicions.
By then, credit and debit cards were showing up on the black market, and
shoppers like the Millers were seeing unauthorized charges on their bills.
It was not the first time criminals had managed to get inside a store’s
point-of-sale systems at their registers. Nearly a decade ago, Albert Gonzalez,
one of the most prolific cybercriminals in American history, was stealing credit
card data from T. J. Maxx and Marshalls clothing chains in much the same way.
But recently, criminals’ techniques have evolved. At the Federal Bureau of
Investigation, a former official said there had been instances where criminals
had managed to physically implant malicious code into point-of-sale systems on
the factory floor. In most cases, however, criminals installed the malware
remotely after breaking into an organization through other means.
This time, the code the criminals instructed Target’s registers to send customer
data back to the infected Target server once every hour, on the hour, and to
cover its own tracks. After siphoning the data back to the infected server, the
malicious code immediately deleted the file where it had been stored, so there
was no memory of it, according to iSight Partners, a security firm currently
working with the Secret Service to investigate the attacks.
The malware, known as a memory scraper, has been coined “Kaptoxa” after a word
in its code — Kaptoxa is Russian slang for “potato” and is often used by
underground criminals to refer to credit cards. Its developers ensured the code
would evade regular antivirus products — even a month after Target’s breach was
made public most antivirus products still fail to catch it. To avoid setting off
any alarms, the criminals waited six days after moving the data from the
infected server to a web server that was itself infected with malware, and from
there to a server in Russia that served as a proxy to mask the criminals’ true
whereabouts, according to Aviv Raff, the chief technology officer at Seculert, a
security company headquartered in Israel that has been investigating the malware
used on Target’s systems.
Within two weeks, criminals had taken 11 gigabytes worth of Target’s customer
data: less than the amount of memory on Apple’s iPad Mini, but enough to contain
40 million payment card records, encrypted PINs and 70 million records
containing Target customers’ information.
Shortly after, company executives flocked to headquarters and onto conference
call lines to begin coordinating the response.
The Search Begins
Forensics experts were brought in from Verizon, led by Bryan Sartin, and from
Mandiant, a computer security firm that responds to breaches, extortion attacks
and economic espionage campaigns. (Mandiant has since announced it is being
bought by FireEye.) They began digging through Target’s firewall logs, web
traffic logs and emails, looking for digital fingerprints and trying to
determine how the criminals got in, what they took, and how to stop the
bleeding.
Investigators went about plugging Target’s security holes, wiping malware from
the company’s point-of-sales systems and changing passwords. It was important to
do everything at once.
It is a process that Kevin Mandia, the founder of Mandiant, has described as
akin to excising a malignancy: “If you only remove the cancer in your leg, but
you have it in your arm, you might as well have not had the operation in your
leg,” he said in an interview before the Target breach.
Likewise, if Target missed one back door or one compromised password, the
criminals could come right back in.
Others in the company started planning just how, and when, to disclose the news
to the public. Then, they set about trying to determine the impact of the
breach, so they could notify affected customers, determine liability and get
ahead of the news cycle.
They wouldn’t get so lucky.
On the morning of Dec. 18, voice messages started popping up on Target’s public
affairs line from Brian Krebs, a prominent security blogger. Mr. Krebs, 41, who
specializes in cybercrime, was asking about a big data breach.
In underground criminal forums, criminals had been bragging that they had
obtained a huge, very fresh batch of cards. And banks were dealing with a spike
of fraudulent purchases.
Mr. Krebs said in an interview that one contact at a large bank he would not
name said he had visited one of the more reliable underground credit card sites
— a site called Rescator — and bought a large batch of cards.
The common point of purchase was Target, and all the purchases had been made
between Thanksgiving and mid-December. After further investigation, Mr. Krebs
began leaving messages with the company for comment.
Officials say the company’s plan was always to go public quickly. By the time
Mr. Krebs’s story was posted, a news release had already been written and the
portion of Target’s website devoted to the breach was already being built. The
company decided not to immediately make a public comment or issue a news
release. Instead, they waited until the website was ready and everyone who would
be answering questions, either at call centers or for the media, would have the
same answers on hand. A team of people worked all night to have the response
ready.
On Dec. 19, the team on the front lines of the response arrived at headquarters
before the local Starbucks had opened. Before the sun was up, the release was
sent out.
A Deluge of Anger
Customers jammed the company’s website and phone lines and continue to be
angered by the violation of their privacy. On Target’s Facebook page, shoppers
keep leaving furious messages.
“I am broke because someone used all my money to go on their shopping spree,”
Shannon Smith wrote. Another customer, Melissa Milligan Gunter, wrote: “Dear
Target, thanks for making me (and so many others) have to go through and change
everything that I use my debit and credit cards for because you can’t keep your
customer’s information private.”
Nearly 70 lawsuits have already been filed against Target, many of them seeking
class-action status. Credit card companies and banks have replaced many
customers’ cards and accounts in the wake of the breach, but warn that people
should still vigilantly scrutinize their statements and account charges.
In Minneapolis, hundreds of Target employees — from the legal, technology,
finance and consumer and public relations departments — continue to be involved
in the company’s response, working out of the 32nd floor of the corporate
headquarters. Earlier this month, when a polar vortex plunged the city into
temperatures below zero for several days, the company suspended its dress code,
and senior executives gathered around the boardroom table to address the crisis
in the sweatshirts of their college alma maters.
Down the hall, packs of other employees colonized nearby rooms, rearranging
movable desks and rolling chairs. Several television screens played multiple
news networks. Surfaces were littered with extension cords, chargers,
newspapers, cups of coffee and soda.
Outside the corporation, attorneys general in several states are also
investigating Target’s data breach, along with federal authorities who would not
comment publicly on the status of the investigation.
But it appears that the hackers left a few clues behind that may aid
investigators. One was a small word embedded in the code: Rescator. Despite the
sophistication of the malware, this was, by several accounts, a rookie mistake.
The name was left there when the criminals were debugging their code.
It was the same name of the underground carding site, Rescator.la, where a bank
official had first purchased a large number of cards before tipping off Mr.
Krebs, he said.
Mr. Krebs scoured the Web for clues to Rescator’s identity. In a deleted comment
from August 2011, he noted that Rescator introduced himself as “Hel,” one of the
three founders of a defunct hacker forum called darklife.ws. Mr. Krebs posted
some of the information he learned about aliases that may be related to
Rescator, tracing one of them to Odessa, Ukraine.
But investigators have not publicly pinpointed the location of the criminals’
nerve center, suggesting instead that the hackers tend to move around, gather,
disband and regroup.
But they are monitoring the shadowy chat forums and other netherworlds where
snippets of information about fake credit cards surfaces and is shared for sale
on the black market, where the stolen data promises rich returns.
“We’re expecting this to be a major contributor, if not the primary driver of
card fraud for the next 12 months,” said Alphonse R. Pascual, of Javelin
Strategy & Research. “Those cards will continue to have value for quite a while.
These cards will still be available for purchase a year from now.”
Elizabeth A. Harris reported from Minneapolis,
Nicole Perlroth from San Francisco,
and Nathaniel Popper and Hilary Stout from New York.
Matt Apuzzo contributed reporting from Washington.
A version of this article appears in print on January 18, 2014,
on page A1 of the New York edition with the headline:
A Sneaky Path Into Target Customers’ Wallets.
A Sneaky Path Into Target Customers’
Wallets, NYT, 17.1.2014,
http://www.nytimes.com/2014/01/18/business/
a-sneaky-path-into-target-customers-wallets.html
Blogger’s Incarceration
Raises First Amendment Questions
By CAMPBELL ROBERTSON
The New York Times
JAN. 11, 2014
BIRMINGHAM, Ala. — For over six years, Roger Shuler has
hounded figures of the state legal and political establishment on his blog,
Legal Schnauzer, a hothouse of furious but often fuzzily sourced allegations of
deep corruption and wide-ranging conspiracy. Some of these allegations he has
tested in court, having sued his neighbor, his neighbor’s lawyer, his former
employer, the Police Department, the Sheriff’s Department, the Alabama State Bar
and two county circuit judges, among others. Mostly, he has lost.
But even those who longed for his muzzling, and there are many, did not see it
coming like this: with Mr. Shuler sitting in jail indefinitely, and now on the
list of imprisoned journalists worldwide kept by the Committee to Protect
Journalists. There, in the company of jailed reporters in China, Iran and Egypt,
is Mr. Shuler, the only person on the list in the Western Hemisphere.
A former sports reporter and a former employee in a university’s publications
department, Mr. Shuler, 57, was arrested in late October on a contempt charge in
connection with a defamation lawsuit filed by the son of a former governor. The
circumstances surrounding that arrest, including a judge’s order that many legal
experts described as unconstitutional and behavior by Mr. Shuler that some of
the same experts described as self-defeating posturing, have made for an
exceptionally messy test of constitutional law.
“You’ve got a situation where sometimes there’s no good guys,” said Ken White, a
former federal prosecutor in Los Angeles who writes about and practices First
Amendment law.
Mr. Shuler is no stranger to defamation suits, as one might surmise from reading
his blog. He started it in 2007 to document a property dispute with his neighbor
that blew up into a legal war and ended with the neighbor’s lawyer becoming a
part-owner of Mr. Shuler’s house, which is in Birmingham. Later, the blog
branched out to expose what he alleged were the corrupt machinations of powerful
figures, mostly Republicans, and with a particular animus toward former Gov. Bob
Riley.
His allegations are frequently salacious, including a recent assertion that a
federal judge had appeared in a gay pornographic magazine and a theory that
several suicides were actually a string of politically motivated murders.
Starting in January 2013, Mr. Shuler, citing unidentified sources, began writing
that Robert Riley Jr., the son of the former governor, had impregnated a
lobbyist named Liberty Duke and secretly paid for an abortion. Both denied it,
and Ms. Duke swore in an affidavit that they had never even been alone in the
same room.
In July, Mr. Riley and Ms. Duke sought an injunction in state court against such
posts, citing Mr. Shuler and his wife, Carol, in defamation suits. A judge
issued a temporary restraining order in September barring the Shulers from
publishing “any defamatory statement” about Mr. Riley and Ms. Duke and demanding
that the offending posts be immediately removed.
Such a sweeping order struck some lawyers as far too broad, and Mr. Shuler says
he did not even know about it.
The Shulers refused to answer the door when officials came to serve court
papers, stating their suspicions in blog posts that the visits were part of an
“intimidation and harassment campaign” stemming from the reporting on another
topic.
One afternoon as the Shulers drove to the local library, where Mr. Shuler had
been writing his blog since they could no longer pay for their Internet
connection, a member of the Sheriff’s Department pulled them over, saying they
had run a stop sign. The officer then served them the papers, which the Shulers
refused to accept, contending that service under such a pretext was improper.
“We were both throwing the papers out of the windows as we were driving off,”
Ms. Shuler said in an interview.
House hunting near ... the Jura Mountains
The Shulers missed a hearing the next day, and the restraining order was
superseded by a similarly worded preliminary injunction, which some free-speech
advocates saw as a clear violation of Mr. Shuler’s First Amendment rights.
“It seems to me that the judge’s order was really way out of bounds,” said David
Gespass, a civil rights lawyer in Birmingham, who was further troubled by the
judge’s initial decision to keep the case under seal.
Mr. Shuler continued blogging. On Oct. 23, the police followed Mr. Shuler as he
pulled into his driveway, arrested him in his garage and took him to jail on
charges of contempt and resisting arrest.
In the hyperpartisan corners of the blogosphere where Mr. Shuler was already
known, there was shock. Even some of his dedicated foes were alarmed.
The National Bloggers Club, a group led by the Republican activist Ali Akbar,
who has also threatened to sue Mr. Shuler for defamation, released a statement
condemning Mr. Shuler’s “rumormonger cyberbullying” but also criticizing the
injunction as creating a potential chilling effect on blogging.
The state chapter of the American Civil Liberties Union filed a “friend of the
court” brief, and the Reporters Committee for Freedom of the Press sent a letter
to the judge.
On Nov. 14, the judge held a hearing, and Mr. Shuler, who was representing
himself, took the stand, insisting that the court had no jurisdiction over him
and calling the court a joke. The judge decided that the hearing had “served as
a trial on the merits” and made his final ruling: Mr. Shuler was forbidden to
publish anything about Mr. Riley or Ms. Duke involving an affair, an abortion or
payoffs; was to pay them nearly $34,000 for legal fees; and was to remove the
offending posts or remain in jail.
Mr. Riley said Mr. Shuler’s refusal to engage with the legal process had given
the judge the leeway to make a final ruling.
“If someone can continually ignore the judge just by saying, ‘You don’t have
jurisdiction over me,’ then the whole system breaks down,” Mr. Riley said,
adding that Mr. Shuler could not plead ignorance of the legal process. “This is
not the first time Roger Shuler has been in court.”
But Mr. White and others say that before a judge can take the step of banning
speech, libel must be proved at trial, or at least over a litigation process
more involved than a quick succession of hearings, with the only evidence
presented by the plaintiffs.
“Idiocy is not a zero-sum game,” Mr. White said. “I think you can say that what
the court is doing is unconstitutional and troublesome and also that Shuler is
his own worst enemy.”
So while the furor has all but dissipated, Mr. Shuler remains in jail, unwilling
to take down his posts but also unwilling to hire a lawyer and contest his
incarceration in the state courts.
“This is flat-out court corruption, and it’s criminal,” he said in an interview
from prison.
His wife spoke of collecting damages when this is over, but Mr. Shuler is
thinking beyond civil remedies this time: He is planning to bring federal
criminal charges against the judge.
A version of this article appears in print on January 12, 2014,
on page A14 of the New York edition with the headline:
Blogger’s Incarceration Raises First Amendment Questions.
Blogger’s Incarceration Raises First
Amendment Questions,
NYT, 11.1.2014,
http://www.nytimes.com/2014/01/12/us/
bloggers-incarceration-raises-first-amendment-questions.html
|
