In a privacy policy shift, Google announced today that it will begin tracking users universally across all its services—Gmail, Search, YouTube and more—and sharing data on user activity across all of them. So much for the Google we signed up for.

The change was announced in a blog post today, and will go into effect March 1. After that, if you are signed into your Google Account to use any service at all, the company can use that information on other services as well. As Google puts it:



This has been long coming. Google's privacy policies have been shifting towards sharing data across services, and away from data compartmentalization for some time. It's been consistently de-anonymizing you, initially requiring real names with Plus, for example, and then tying your Plus account to your Gmail account. But this is an entirely new level of sharing. And given all of the negative feedback that it had with Google+ privacy issues, it's especially troubling that it would take actions that further erode users' privacy.

What this means for you is that data from the things you search for, the emails you send, the places you look up on Google Maps, the videos you watch in YouTube, the discussions you have on Google+ will all be collected in one place. It seems like it will particularly affect Android users, whose real-time location (if they are Latitude users), Google Wallet data and much more will be up for grabs. And if you have signed up for Google+, odds are the company even knows your real name, as it still places hurdles in front of using a pseudonym (although it no longer explicitly requires users to go by their real names).

All of that data history will now be explicitly cross-referenced. Although it refers to providing users a better experience (read: more highly tailored results), presumably it is so that Google can deliver more highly targeted ads. (There has, incidentally, never been a better time to familiarize yourself with Google's Ad Preferences.)

So why are we calling this evil? Because Google changed the rules that it defined itself. Google built its reputation, and its multi-billion dollar business, on the promise of its "don't be evil" philosophy. That's been largely interpreted as meaning that Google will always put its users first, an interpretation that Google has cultivated and encouraged. Google has built a very lucrative company on the reputation of user respect. It has made billions of dollars in that effort to get us all under its feel-good tent. And now it's pulling the stakes out, collapsing it. It gives you a few weeks to pull your data out, using its data-liberation service, but if you want to use Google services, you have to agree to these rules.

Google's philosophy speaks directly to making money without doing evil. And it is very explicit in calling out advertising in the section on "evil." But while it emphasizes that ads should be relevant, obvious, and "not flashy," what seems to have been forgotten is a respect for its users privacy, and established practices.

Among its privacy principles, number four notes:


This crosses that line. It eliminates that fine-grained control, and means that things you could do in relative anonymity today, will be explicitly associated with your name, your face, your phone number come March 1st. If you use Google's services, you have to agree to this new privacy policy. Yet a real concern for various privacy concerns would recognize that I might not want Google associating two pieces of personal information.

And much worse, it is an explicit reversal of its previous policies. As Google noted in 2009:



The changes come shortly after Google revamped its search results to include social results it called Search plus Your World. Although that move has drawn heavy criticism from all over the Web, at least it gives users the option to not participate.

[GoogleBlog via Washington Post]

(Reuters) - Symantec Corp took the rare step of advising customers to stop using one of its products, saying its pcAnywhere software for accessing remote PCs is at increased risk of getting hacked after blueprints of that software were stolen.

The announcement is the company's most direct acknowledgement to date that a 2006 theft of its source code put customers at risk of attack.

Symantec said it was only asking customers to temporarily stop using the product, until it releases an update to the software that will mitigate the risk of an attack.

It acknowledged that some customers would need to continue using the software for "business critical purposes," saying they should make sure they were using the most recent version of the product and "understand the current risks," which include the possibility that hackers could steal data or credentials.

Still, it is highly unusual for a software maker to advise customers to disable a product completely while engineers develop an update to fix bugs. Companies typically recommend mitigating factors that will reduce the risk of an attack.

"That's crazy. That's pretty much unheard of to just say 'Stop using it.' Especially a vendor as large as Symantec," said H.D. Moore, chief architect of Metasploit, a platform that security experts use to test whether computer systems are vulnerable to attack.

PcAnywhere is a software program that is also bundled with some titles in Symantec's Altiris line of software for managing corporate PCs, Symantec said in a white paper and note to customers released on its website overnight where it disclosed the warning.

Company spokesman Cris Paden said that Symantec has fewer than 50,000 customers using the stand-alone version of pcAnywhere, which was available for sale on its website for $100 and $200 as of early Wednesday afternoon.

The company last week warned customers of the 2006 theft of the source code, or blueprints, to pcAnywhere and several other titles: Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities and Norton GoBack.

It made the announcement after a hacker who goes by the name YamaTough released the source code to its Norton Utilities PC software and had threatened to publish its widely used anti-virus programs. Authorities have yet to apprehend that hacker.

At the time, Paden said that the theft of the code posed no threat as long as customers were using the most recent versions of Symantec's software, with one exception: users of pcAnywhere might face "a slightly increased security risk."

In the white paper published early on Wednesday morning, the company indicated the situation was more serious.

"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," it said in the white paper. (bit.ly/wPzX7v)

The company also reiterated its previous guidance that users of its other software titles were not at heightened risk because of the breach in 2006.

"The code that has been exposed is so old that current out-of-the-box security settings will suffice against any possible threats that might materialize as a result of this incident," it said on its website. (bit.ly/wqtxTI)

Justice Department Charges Leaders of Megaupload with Widespread Online Copyright Infringement
U.S. Department of Justice January 19, 2012

Office of Public Affairs (202) 514-2007/TDD (202)514-1888

WASHINGTON—Seven individuals and two corporations have been charged in the United States with running an international organized criminal enterprise allegedly responsible for massive worldwide online piracy of numerous types of copyrighted works through Megaupload.com and other related sites, generating more than $175 million in criminal proceeds and causing more than half a billion dollars in harm to copyright owners, the U.S. Justice Department and FBI announced today.

This action is among the largest criminal copyright cases ever brought by the United States and directly targets the misuse of a public content storage and distribution site to commit and facilitate intellectual property crime.

The individuals and two corporations—Megaupload Limited and Vestor Limited—were indicted by a grand jury in the Eastern District of Virginia on Jan. 5, 2012, and charged with engaging in a racketeering conspiracy, conspiring to commit copyright infringement, conspiring to commit money laundering, and two substantive counts of criminal copyright infringement. The individuals each face a maximum penalty of 20 years in prison on the charge of conspiracy to commit racketeering, five years in prison on the charge of conspiracy to commit copyright infringement, 20 years in prison on the charge of conspiracy to commit money laundering, and five years in prison on each of the substantive charges of criminal copyright infringement.

The indictment alleges that the criminal enterprise is led by Kim Dotcom, aka Kim Schmitz, and Kim Tim Jim Vestor, 37, a resident of both Hong Kong and New Zealand. Dotcom founded Megaupload Limited and is the director and sole shareholder of Vestor Limited, which has been used to hold his ownership interests in the Mega-affiliated sites.

In addition, the following alleged members of the Mega conspiracy were charged in the indictment:

Finn Batato, 38, a citizen and resident of Germany, who is the chief marketing officer;
Julius Bencko, 35, a citizen and resident of Slovakia, who is the graphic designer;
Sven Echternach, 39, a citizen and resident of Germany, who is the head of business development;
Mathias Ortmann, 40, a citizen of Germany and resident of both Germany and Hong Kong, who is the chief technical officer, co-founder and director;
Andrus Nomm, 32, a citizen of Estonia and resident of both Turkey and Estonia, who is a software programmer and head of the development software division;
Bram van der Kolk, aka Bramos, 29, a Dutch citizen and resident of both the Netherlands and New Zealand, who oversees programming and the underlying network structure for the Mega conspiracy websites.

Dotcom, Batato, Ortmann, and van der Kolk were arrested today in Auckland, New Zealand, by New Zealand authorities, who executed provisional arrest warrants requested by the United States. Bencko, Echternach, and Nomm remain at large. Today, law enforcement also executed more than 20 search warrants in the United States and eight countries, seized approximately $50 million in assets, and targeted sites where Megaupload has servers in Ashburn, Va., Washington, D.C., the Netherlands, and Canada. In addition, the U.S. District Court in Alexandria, Va., ordered the seizure of 18 domain names associated with the alleged Mega conspiracy.

According to the indictment, for more than five years the conspiracy has operated websites that unlawfully reproduce and distribute infringing copies of copyrighted works, including movies—often before their theatrical release—music, television programs, electronic books, and business and entertainment software on a massive scale. The conspirators’ content hosting site, Megaupload.com, is advertised as having more than one billion visits to the site, more than 150 million registered users, 50 million daily visitors, and accounting for four percent of the total traffic on the Internet. The estimated harm caused by the conspiracy’s criminal conduct to copyright holders is well in excess of $500 million. The conspirators allegedly earned more than $175 million in illegal profits through advertising revenue and selling premium memberships.

The indictment states that the conspirators conducted their illegal operation using a business model expressly designed to promote uploading of the most popular copyrighted works for many millions of users to download. The indictment alleges that the site was structured to discourage the vast majority of its users from using Megaupload for long-term or personal storage by automatically deleting content that was not regularly downloaded. The conspirators further allegedly offered a rewards program that would provide users with financial incentives to upload popular content and drive web traffic to the site, often through user-generated websites known as linking sites. The conspirators allegedly paid users whom they specifically knew uploaded infringing content and publicized their links to users throughout the world.

In addition, by actively supporting the use of third-party linking sites to publicize infringing content, the conspirators did not need to publicize such content on the Megaupload site. Instead, the indictment alleges that the conspirators manipulated the perception of content available on their servers by not providing a public search function on the Megaupload site and by not including popular infringing content on the publicly available lists of top content downloaded by its users.

As alleged in the indictment, the conspirators failed to terminate accounts of users with known copyright infringement, selectively complied with their obligations to remove copyrighted materials from their servers and deliberately misrepresented to copyright holders that they had removed infringing content. For example, when notified by a rights holder that a file contained infringing content, the indictment alleges that the conspirators would disable only a single link to the file, deliberately and deceptively leaving the infringing content in place to make it seamlessly available to millions of users to access through any one of the many duplicate links available for that file.

The indictment charges the defendants with conspiring to launder money by paying users through the sites’ uploader reward program and paying companies to host the infringing content.

The case is being prosecuted by the U.S. Attorney’s Office for the Eastern District of Virginia and the Computer Crime & Intellectual Property Section in the Justice Department’s Criminal Division. The Criminal Division’s Office of International Affairs, Organized Crime and Gang Section, and Asset Forfeiture and Money Laundering Section also assisted with this case.

The investigation was initiated and led by the FBI at the National Intellectual Property Rights Coordination Center (IPR Center), with assistance from U.S. Immigration and Customs Enforcement’s Homeland Security Investigations. Substantial and critical assistance was provided by the New Zealand Police, the Organised and Financial Crime Agency of New Zealand (OFCANZ), the Crown Law Office of New Zealand,and the Office of the Solicitor General for New Zealand; Hong Kong Customs and the Hong Kong Department of Justice; the Netherlands Police Agency and the Public Prosecutor’s Office for Serious Fraud and Environmental Crime in Rotterdam; London’s Metropolitan Police Service; Germany’s Bundeskriminalamt and the German Public Prosecutors; and the Royal Canadian Mounted Police-Greater Toronto Area (GTA) Federal Enforcement Section and the Integrated Technological Crime Unit and the Canadian Department of Justice’s International Assistance Group. Authorities in the United Kingdom, Australia, and the Philippines also provided assistance.

This case is part of efforts being undertaken by the Department of Justice Task Force on Intellectual Property (IP Task Force) to stop the theft of intellectual property. Attorney General Eric Holder created the IP Task Force to combat the growing number of domestic and international intellectual property crimes, protect the health and safety of American consumers, and safeguard the nation’s economic security against those who seek to profit illegally from American creativity, innovation, and hard work. The IP Task Force seeks to strengthen intellectual property rights protection through heightened criminal and civil enforcement, greater coordination among federal, state, and local law enforcement partners, and increased focus on international enforcement efforts, including reinforcing relationships with key foreign partners and U.S. industry leaders. To learn more about the IP Task Force, go to www.justice.gov/dag/iptaskforce.

Hey all...

Been a long while but I finally made it around again...

Been very busy with work and the family...

Sigh... I swear I'll never get caught up with life.

Another promotion / title added to resume to make me twice as busy.


Hope all of you have been getting along well... and


Happy New Year To All

Happy New Year to all of IX