Today I learned that on March 8 2012 the FBI will be shutting down some surrogate DNS resolvers and that could break the Internet for as much as 500 kilo Americans and many others in the world. These resolvers have been configured on computers that have been infected with some DNSChanger virus.

Wait, what ? Yeah so, this virus would replace the user's resolvers and point their DNS queries to malicious servers that would give whatever results they want, like point people to really fake banking sites and fake webmails etc etc with the difference to usual phishing being that they would have the correct URL in the address bar

So then I searched a bit and find out that the FBI has chased down the bad guys and replaced the malicious servers with one's that provide true DNS results so that no user's would be impacted, that was Operation Ghost Click.

The effect of this is that if you were infected, you probably still are. Indeed those infected had no idea because everything just continued functioning as usual. That was the goal it seems.

The obvious question is, why didn't they just redirect users to a page that explains that their systems have been infected, the FBI just saved the day, and eventually add a few links to help the user find a fix for their systems ? If I was a tiny bit paranoid I'd say it was a good opportunity to gather some user data.. . If I wasn't paranoid I would say that the "ruling class" is afraid of exposing their subjects to reality, fear of panic and all that stuff.

In some coffee shops you can easily get access to the Internet, what they do is just give you the password and voila. Neat right ? Anyway, these other coffee shops, chains to be precise, hire a 3rd party company to do it for them. So the other day I went in to one of them to get a coffee and an IP. This is what I noticed.. images.

And then, just to make sure I could feel the chilling effect of being censored... They blocked reddit.com/r/ACTA !!

Actually they blocked ALL of Reddit.

So there you go, the future of the Internet could be this.

Vic Toews wants to spy on underage children, and all other Canadians. At least that is what I understood from what I read today.

A Twitter user created the account vikileaks30 to enable others to get to know Vic Toews a bit better. It's an interesting demonstration of how it can be disturbing to have your personal life available to people you don't know.

One of the things that if find interesting in this proposal is: Force internet providers and other makers of technology to provide a "back door" to make communications accessible to police. It reminds me of Symantec's dodgy unpatched and perhaps intentional backdoor they let lay around for a few years.

Anyway, it's been hard keeping up with the torrents of laws that are being thrown around these days, but most of them lately are focused on the dying entertainment industry. The other thing being again, that this law seems to want to actively gather information about the users themselves, read their emails and all that stuff. Every Canadian's emails that is, and every Canadian child of course, hence Vic Toews wants to spy on underage children.

Update: This very short clip tells a long story..

If you don't now what ACTA is, search the Internet for ACTA, that should let you find your own sources. If you do know what it's about then you are likely to be against it (unless you are part of the 1%).

On February 11 2012 you can protest against ACTA with us. Get information about your local protest here and join in.

In the meantime, you can also do a couple of things while keep your rear end glued to your chair:

• Send a letter to your representatives(EU)
• Sign this massive Avaaz petition

I'll see you there.

EFF and Carpathia have joined forces to help Megaupload users who stored non-infringing files retrieve what they can. The only limitation is that this is only directed to users that are based in the United States (of America, North America).

If you are concerned by this than visit MegaRetrieval.com to see what can be done.

Now if you are NOT in the U.S.A. you might want to consider participating in this joint complaint organised by Pirates de Catalunya and endorsed by many other Pirate Parties as well as the EFF.

Stella GNU/Linux is finally born. It is a desktop focused, Gnome2 based Centos 6 remix (exact words of the maintainer). The features look really neat if you are looking for a CentOS/RPM based OS that is rock stable rather then bleeding (buggy) edge...

You can get it here (1 Gbps, IPv4, IPv6).

Yesterday (or still today in certain time zones) was Data Privacy Day.. I was made aware of this by a doodle on DuckDuckGo.

Of course I opened a new tab and rushed to see what the search engine that I used to use before they became evil had drawn for the event... And well, funny story, Google has totally avoided the subject and instead put up a doodle celebrating the 125th birthday of the biggest recorded snowflake.. p.s. please install Chrome.. Like WTF right ?

As you may know, if you have a Gaccount (Google account), Google has changed their terms of service so that now everything "G" is unified, and what you do in Youtube directly impacts the adverts in your emails, and things you search for.. . etc etc.. And all this with the magic wandish words like "simple", "easy" and "yada yada".

So why has Google omitted Data Privacy Day ? Maybe because data privacy is irrelevant in a system where your personal data lives across over 60 different services.. .. Perhaps I am wrong and it is just an innocent obsession with snowflakes..

BTW, this does not affect you if you do not have any account with Google, so for those rare people out there, bravo. : ]

Demand Progress has started an open letter to twitter and asked its subscriber's to sign it, the letter is short and as follows:

While I am against any for of censorship I am also against telling Twitter how to run their business. In this case they aren't abusing employees, nature or other such things. If you (Demand Progress or anyone else) are not happy with their new terms and conditions you are always free to not use their services.

That said, after reading Twitter's Tweets still must flow post it seems almost kosher.. They claim they will attempt (that is the word I dislike) to mark censored posts as such, so to inform the user they are being censored according to their government's laws. If true it could actually somehow have a positive effect, imagine people's reaction when clearly seeing how much information is withheld from them.

I would also like to correct Demand Progress on one point, Twitter is not an "Open Platform", I cannot interact with twitter users in any way unless I create an account with Twitter. Open platforms are services that use Status.net (Like Identi.ca), Friendica, Diaspora and the like, they allow users to communicate between independent nodes and hence avoid any central policing and/or control of it's users and their personal data.

In conclusion I must add that if Twitter's new rules upsets anyone it's actually a good reminder that Twitter does not belong to its users nor is it a public service. Their terms of service clearly stipulate that users accept that Twitter reserve the right to remove any content, and all of Twitter's users have accepted those terms.

Source code for Symantec's pcAnywhere has been borrowed.. . back in 2006, but they have finally had time to get around to that and now are advising their clients to disable the software.

Why ? What is the security problem with having your source code exposed ? There are many users, including myself, who use software for which the source code is published all over the Internet.

In this case it seems like Symantec had a security breach that they were aware of and only decided to address because they heard about a leak of their source code. Something obviously doesn't add up, either they don't bother to patch their products, even when they know it's insecure OR they have their reasons for making insecure products..

Moral of the story, using non-Free software is a very big security issue. You never know what it really does nor who it's intended to really serve.

O2, a UK phone operator, seems to be sending along in the HTTP headers of their clients http requests the user's mobile phone number! Lewis Peckover has discovered this and set up a test page for people to see what information their mobile ISP is actually sending to websites.

To test, disable your mobile phone's Wifi and visit this page. There you should see the usual stuff, user-agent, IP, languages, etc.. If you see other things like your mobile phone number you might want to ask your ISP for explanations.

Another thing that Lewis notes is that O2 modifies content, he claims they downgrade images and insert JavaScript links. If true, this is really really bad, this is basically tampering and altering private communications. It's just like if the post office opened your letters, made reduced photocopies so your letters are lighter and then passed that on to you.

I am guessing this shouldn't work using HTTPS, however I would like to ask Lewis what is the deal on this as I do not have a mobile phone and hence cannot test this at all. I also don't have a Twitter account so... . If you do, ask him. Khtxbye : ]

Update: I found this old thread about the same sort of thing affecting other customers on other mobile networks. This is really not new and this is not an 02 issue but rather a mobile phone ISP issue.

How can the USA authorities take down a Hong-Kong based company and arrest people in New-Zealand ? Ars Technica explains, it turns out that the actions are based on the fact that Megaupload's clients were often in the USA, they ran adverts there and interacted with the USA market actively. In a way they are considered to have been running at least part of their business on USA grounds.

Fair or not, it seems that that is how the cookie crumbles, and crumbling it is. Personally I don't care for such websites and Kim Dotcom, aka Kimble Special Agent, seems far from being an angel. However it's still hard to accept that they can be taken down in an instant drug lord style. It doesn't seem like the accusations are half as bad as some towards companies that have either leaked petrol all over the world or have bankrupted families.. ...(insert long list of companies that messed up way more seriously and have in some cases even been bailed out).

In reaction to such news, an other "upload" service provider called Uploaded.to has decided to close it's service to the USA, this should help avoid breaking USA law on USA territory.

This whole abusive world policing attitude could earn the USA some Interweb censorship, but not from SOPA/PIPA this time, but simply from websites that do not want to have to deal with USA law. It's true that this Megaupload takedown happened right after the anti-SOPA strike, the what when why questions have been talked about all over the Internet, but now I am wondering if this isn't exactly what the USA wants, a censored Internet, like China and Iran, but censored voluntarily by website owners in fear of a possible breach of USA law and it's possible effects on one's postal address.

Update: In the past couple of days, many companies that provide the same services as Megaupload have either limited their services, closed their services to the U.S.A. or even just plain closed. Torrentfreak's report on the disturbance in the ecosystem.

A new book to be released in a few hours (I think this is on USA time): No Safe Harbor. This book is released by the United States Pirate Party, it features many interesting people and ideas.... .. and yes, it's licensed under the Creative Commons license. You can buy it or download it. Etc. You can even read it.