It will probably come as little surprise, but the Justice Depatment has now made it official that it plans to appeal the ruling that found that the parts of the Patriot Act that expanded the power of so-called "National Security Letters" was unconstitutional. The issue here is that the Justice Department has been using these letters to get private info from telcos, ISPs and others without any oversight. Beyond not even needing to get a judge's approval, the FBI has apparently been so disorganized that it tracks the use of these NSLs on index cards and has had trouble keeping track of how often they're used.

It's yet to be explained why there isn't any oversight here at all. Given the opportunity for abuse when there's no oversight, can someone give a good reason why these things should be allowed? They can be just as effective with a judge approving them. However, with no oversight and the corresponding gag order, it seems like an open playing field for abuse of the system. Given that the FBI can't even track how they're using these tools, it seems even more dangerous.

To the unease of many in a country with a history of government spying through the era of the Gestapo and communist rule in East Germany, law enforcement authorities are using the suitcase bomb case to argue for measures that would significantly expand their ability to spy on the once-private realm of My Documents.

Now, along with several other European countries, Germany is seeking authority to plant secret Trojan viruses into the computers of suspects that could scan files, photos, diagrams and voice recordings, record every keystroke typed and possibly even turn on webcams and microphones in an attempt to gain knowledge of attacks before they happen.

It turns out that Comcast is not only throttling BitTorrent, but Gnutella and, strangely, Lotus Notes are also suffering.

I was also able to interview a Comcast Internet executive who would only speak on background. He bobbed and weaved, sticking to his talking points, yet a few things were clear: he would not deny that the company was sending out TCP RST packets, but stated that if it were being done, it was at a "low level" where average users would not see it.

A Comcast engineer who spoke to the Tech Liberation Front's Tim Lee confirmed this, stating that "most users wouldn't even be able to detect the traffic-shaping activities they use without special equipment and training."

"Comcast (doesn't) throttle on a user-by-user basis rather than a protocol-by-protocol basis, (as the company is) concerned with the privacy implications of that approach." Thats right folks, Comcast will sell network wiretaps to the feds for $1,000 a pop, but won't calculate a user's total bandwidth per month for "privacy reasons."

Brandon Enright, a network security analyst at UC San Diego, has been tracking Storm since July and said that, despite the intense publicity that the network of infected computers has received, it's actually been shrinking steadily and is presently a shadow of its former self.

In July, for example, he said that Storm appeared to have infected about 1.5 million PCs, about 200,000 of which were accessible at any given time.

Enright guessed that a total of about 15 million PCs have been infected by Storm in the nine months it has been around, although the vast majority of those have been cleaned up and are no longer part of the Storm network.

Lately Storm has been responsible for a large quantity of "pump and dump" spam, which tries to temporarily boost the price of penny stocks.

The company that controls the .name registry is charging for access to domain registration information, a step that security researchers say frustrates their ability to police the internet and creates a haven for hackers who run internet scams.

ICANN, which sets the rules for the internet's top-level domain names such as .com and .net, has traditionally required registrars to make Whois data publicly searchable as a condition of the companies' right to sell domain names.

But Global Name Registry, or GNR, which administers domain names ending in .name (that are intended for use by individuals e.g., johndoe.name), won the right to create tiered levels of Whois access, where public searches show very little information beyond what registrar sold the name and what name servers the site uses.

"What they have done is made sure the .name TLD is free haven for bad guys to lurk on," Evron said. "If I need to report 1,000 domains, I'm not going pay $2,000."

MediaDefender is now in damage control mode and hopes to slow the spread of the e-mails by intimidating P2P site operators.

Although MediaDefender president Randy Saaf was eager to tell us a fabricated cover story after the MiiVi incident, MediaDefender has not responded to our numerous requests for comment this week. Similarly, the New York General Attorney's office has declined to provide a response to our inquiries.

The isoHunt administrator explains that Gerber failed to adequately specify the allegedly infringing content as required by law. The administrator also helpfully provides a link to a valid sample complaint so that SMR&H will be less likely to send the improper information in their second attempt.

"Despite us being located in Canada, if you do actually figure out how to compose a valid DMCA notice, we will honor it," he concedes, "just as soon as we're done laughing at you."

The organization behind the leak, MediaDefender-Defenders, has set up a web site with an HTML archive that includes all of the e-mails, largely uncensored, but with minor modifications to protect MediaDefender employees from identity theft.

The site has been running intermittently since its launch, and the disruptions are thought to be the result of massive traffic coupled with a denial of service attack apparently launched by MediaDefender.

MediaDefender's entire business model has been based on recognition of the inescapable fact that litigation cannot stop the spread of content on the Internet, so it is ironic that the company has turned to legal threats.

The newly revealed attacks threaten to turn what started as an embarrassing e-mail leak into a full-blown security meltdown for the company.

At least two more MediaDefender hacks have emerged since Saturday. In one, hackers obtained a copy of an internal company database identifying some of the decoy files the company has slipped onto peer-to-peer networks. In the other, intruders released a digital recording of a private phone call that appears to be a discussion between MediaDefender personnel and staff at the New York attorney general's office.

It's unclear how the conversation was recorded by the hackers, but a note from the person who posted the audio file on BitTorrent claims that intruders have been monitoring MediaDefender's phone system for nine months.

The e-mails reveal many aspects of MediaDefender's elaborate P2P disruption strategies, illuminate previously undisclosed details about the MiiVi scandal, and bring to light details regarding MediaDefender's collaboration with the New York Attorney General's office on a secret law enforcement project.

The MediaDefender e-mails leaked this weekend confirm beyond doubt that the company intentionally attempted to draw traffic to MiiVi while obscuring its own affiliation with the site. The e-mails also show that MediaDefender immediately began to recreate the site under a different name and corporate identity soon after the original plan was exposed.

In the collection of leaked e-mails, there are several discussions with representatives of the New York Attorney General's office, including intelligence analyst Bradley J. Bartram and senior special investigator Michael G. McCartney. MediaDefender is in the process of devising a system that will enable the Attorney General's office to remotely access MediaDefender's data about P2P users.

One of the most informative documents included in the leaked e-mails is a draft of MediaDefender's confidential contract with Universal Music Group. The contract reveals exact details of MediaDefender's pricing structure and services and provides insight into which P2P networks the company is targeting. MediaDefender charges $4,000 for one month of protection for an album, and $2,000 for one month of protection for a track.

Prince is planning to make some doves cry over at YouTube headquarters. The symbol-loving singer has announced that he wants to go after the video-sharing site, along with eBay and the Pirate Bay, for hosting unauthorized versions of his music and merchandise.

This is the man who once changed his name to a symbol and currently runs an official web site (3121.com, of course) that looks to be written in a Princified version of "lolcat," telling members to "use their 4mer login and password 2 update ur in4mation."

Prince might not have much of a case, anyway. Unless courts find that the DMCA does not apply to YouTube, it continues to have a "safe harbor" that shelters it from these sorts of legal cannonballs so long as it complies with proper takedown requests. eBay, which has faced problems with counterfeit goods for years, is also used to dealing with such situations, and The Pirate Bay has so far proved impervious to attack.

After its launch in 2004 the open source browser took around a year to reach 100m downloads in February 2005 before hitting the 200m milestone in July 2006. The number, of course, does not represent the actual number of Firefox users. Even disregarding failed downloads, many users have downloaded multiple copies of the open source browser.

However, it is generally agreed that Firefox is obtaining a steadily increasing share of the browser market, which remains dominated by Microsoft's Internet Explorer web browser. Firefox represents 17.4 per cent of the browser market, up 5.6 percentage points from 11.8 per cent in September 2006, according to figures from US consultancy firm Janco and the IT Productivity Center.