PDA

View Full Version : Microsoft Spy Guide



Peter Presland
02-24-2010, 11:01 AM
Everyone's favourite software company doesn't want its customers to know how it spies on them.

John Young at Cryptome (http://cryptome.org/0001/ms-spy-takedown.htm) has been publishing a whole series of Company policy documents as they relate to legal obligations concerning surveillance of staff and customers. His publication of the Microsoft one entitled "Global Criminal Compliance Handbook "has now reached the stage of a 'take-down' demand forwarded to him from the legal department of his site host 'Network Solutions LLC'.

Note the by now customary tactic of targeting the host rather than the publisher:

23 February 2010

To; "DMCA" <DMCA[at]networksolutions.com>
Date: Tue, 23 Feb 2010 19:36 -0500
From: John Young <jya[at]pipeline.com>
Subject: Re: DN: www.cryptome.org; (http://www.cryptome.org;) Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
cc: "Microsoft Anti Piracy Investigator #4" <internet4[at]microsoft-antipiracy.com>
Dear Ms. Larsen,
My counterclaim is that the Microsoft document provides important information for the public to understand how Microsoft violates the trust placed in it by customers to protect their privacy and confidentiality of personal data and usage of Microsoft products.
Microsoft is improperly using copyright violation claim to conceal this violation of customer trust, a purpose not intended nor supported by copyright law.
The document will not be removed.
Sincerely,
John Young
Cryptome.org

Subject: DN: www.cryptome.org (http://www.cryptome.org/); Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS
Date: Tue, 23 Feb 2010 17:05:51 -0500
From: "DMCA" <DMCA[at]networksolutions.com>
To: <jya[at]PIPELINE.COM>
Cc: "Microsoft Anti Piracy Investigator #4" <internet4[at]microsoft-antipiracy.com>

VIA ELECTRONIC MAIL

February 23, 2010

Re: Potential Infringement of Copyrighted Material by www.cryptome.org (http://www.cryptome.org/)

As you are aware, Network Solutions, LLC provides hosting services in connection with your Web site, www.cryptome.org (http://www.cryptome.org/). We have received the below notice from Graeme Grant, Internet Investigator on behalf of Microsoft Corporation (“Microsoft”), claiming there is content on your Web site that is infringing on the copyrighted material of Microsoft (the “Claim”). Pursuant to the Digital Millennium Copyright Act (the "Act”), 17 U.S.C.S. §512, and our Acceptable Use Policy (the “AUP”), we will disable your Web site on Thursday, February 25, 2010, unless the dispute between the Notifying Party and yourself is resolved. We are not in a position to determine whether or not the allegations in the Claim are true, and therefore we take no position as to the accuracy of the Claim. If you immediately remove the content that is objectionable to the Notifying Party, or you otherwise resolve the matter with the Notifying Party, and the Notifying Party confirms that his Claim has been resolved, it might not be necessary for us to disable (or continue to disable) the Web site. If you dispute the substance of the Notifying Party’s Claim and wish to provide a counter-notification pursuant to the Act, please provide any such counter-notification (and the information required by Section 512(g)(3) of the Act) to my attention at dmca[at]networksolutions.com (dmca@networksolutions.com) and we will proceed accordingly. For your convenience, we have attached to this e-mail a copy of the Act. Please direct all questions regarding the allegedly infringing material to the Notifying Party, who is copied on this e-mail. If you are able to resolve this matter within the designated timeframe, please send via e-mail, being sure to include all involved parties, a notification to that effect.

Regards,

Linda L. Larsen, Designated Agent
Network Solutions, LLC
Telephone: 703.668.5615
Facsimile: 703.668.5959
Email: dmca[at]networksolutions.com (dmca@networksolutions.com)


From: Microsoft Anti Piracy Investigator #4 [mailto:internet4[at]microsoft-antipiracy.com]
Sent: Monday, February 22, 2010 7:34 PM
To: DMCA; Abuse
Subject: DN: www.cryptome.org; (http://www.cryptome.org;) Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
Importance: High


VIA EMAIL:

Demand for Immediate Take-Down: Notice of Infringing Activity

URL: http://cryptome.org/isp-spy/microsoft-spy.zip
Case #: 304277
Date: 23 February 2010

Dear Sir or Madam,

Microsoft has received information that the domain listed above, which appears to be on servers under your control, is offering unlicensed copies of, or is engaged in other unauthorized activities relating to copyrighted works published by Microsoft.

1. Identification of copyrighted works:

Copyrighted work(s):
Microsoft Global Criminal Compliance Handbook

Copyright owner:
Microsoft Corporation

2. Copyright infringing material or activity found at the following location(s):

http://cryptome.org/isp-spy/microsoft-spy.zip

The above copyright work(s) is being made available for copying, through downloading, at the above location without authorization of the copyright owner.

3. Statement of authority:

The information in this notice is accurate, and I hereby certify under penalty of perjury that I am authorized to act on behalf of Microsoft, the owner of the copyright(s) in the work(s) identified above. I have a good faith belief that none of the materials or activities listed above have been authorized by Microsoft, its agents, or the law.

We hereby give notice of these activities to you and request that you take expeditious action to remove or disable access to the material described above, and thereby prevent the illegal reproduction and distribution of this copyright work(s) via your company's network.

We appreciate your cooperation in this matter. Please advise us regarding what actions you take.

Yours sincerely,

Graeme Grant
Internet Investigator

on behalf of Microsoft Corporation
One Microsoft Way
Redmond, WA 98052
United States of America

E-mail: Internet4[at]microsoft-antipiracy.com

Magda Hassan
02-24-2010, 12:07 PM
Is that related to this Peter?
http://www.deeppoliticsforum.com/forums/showthread.php?t=2647&highlight=cofee

David Guyatt
02-24-2010, 12:35 PM
Cryptome could respond by placing the document on another ISP based in eastern Europe and linking to it and requesting other parties to mirror the document with attribution to Cryptome. If it became widely disseminated it would become uneconomical (if not impossible) for Microsoft to effectively challenge this.

I note that ISPs now widely adopt the policy that if a complaint is received, they insist the material be removed or will suspend the service. This, of course, is contrary to common law and free speech and, de facto, places complete authority in the complainants case. There is no defence. Someone should build a law case to insist the ISP's honour the principle that innocence stands tall until guilt is proven.

Peter Presland
02-24-2010, 01:07 PM
Is that related to this Peter?
http://www.deeppoliticsforum.com/forums/showthread.php?t=2647&highlight=cofee
Don't think it is Magda.

Cofee is MS proprietary software supplied to computer forensic investigators - at a price - as I understand it. Lots of versions and loads of chaff and waffle about what can and cannot be done with it.

As usual John Young cuts through all the crap and plonks a cat in the pigeon loft. Power to his elbow I say.

The spy manual thing is a company document that I believe is required by some recent law passed in the US - though I'm not certain about that. Anyway, seems to especially concern large computer/software service providers because the likes of IBM and Yahoo and a good few other have had theirs published on Cryptome too.

Peter Presland
02-24-2010, 01:19 PM
Cryptome could respond by placing the document on another ISP based in eastern Europe and linking to it .....
David

Not sure how much you know about John Young but he is one canny operator. He's been in the business of publishing anything and everything sent to him for a long time now and his site says it still maintains a 100% record against legal and take-down threats.

He's something or a hero of mine - not to say role model (at my age!!**??) too.
Here's his response to a question about Cryptome's privacy policy. It's a classic and right on the button (note my bold/italics).

A asks: What is Cryptome's privacy policy, is user data collected? Answer: No user data is collected by Cryptome. Logs are deleted several times a day. But read on.
This is not to promise there is nobody else doing the collecting. We periodically warn that covert snooping by ISPs, by network system operators, by spies public and private, by the host of predators of the vast Web, is rampant.
Log retention is endemic, on grounds it needed for system administration. Hah, just like the feds and the corps claim that is why they need to watch citizens and employees.
As you know there are many, many ways to snoop on traffic, so much that Cryptome asserts there is no trustworthy privacy policy, not for Cryptome, not for anybody else.
To be sure, if privacy policy means just enough privacy to keep users coming into the spider's web, then okay, that is the policy used by government's to assure the citizenry it acts in the public interest. As employers act in the interest of their employees, as corporations act in the interest of their stockholders, as religious and educational institutions and professionals act in the interest of their dutiful fee-payers.
Those who promise the most protection are out to skin you alive, those who promise the most privacy are selling your most private possessions.
Cryptome is not trustworthy, and lies. It's a free site, what else could it be but up to but no good?

David Guyatt
02-24-2010, 01:30 PM
Thanks Peter. I don't know much about him at all, but I like Cryptome very much. If he is able to avoid the threatened takedown then hats off to him. Someone has to make a stand against this fiendish corporate bullying.

I sympathize with him on the privacy issue also. But I suppose we must be careful about how privacy is used. I don't know if you watched the BBC4 "On Expenses" drama last night, but the thought of Parliamentarians using privacy laws to override the freedom of information law in order to conceal their corrupt and gross expenses, was enough to make steams escape from my ears.

Peter Presland
02-25-2010, 04:10 PM
It seems that the entire Cryptome site has been taken down as of yesterday.

This from Wikileaks (http://www.wikileaks.com/) where you can also download the offending document. Hopefully it will be widely distributed and the net result will be a bigger readership than if Cryptome had been left alone.


24. Feb. 2010: Cryptome.org takedown: Global Criminal Compliance Handbook, 24 Feb 2010 (http://file.wikileaks.org/files/microsoft-spy.pdf) Cryptome.org (http://cryptomeorg.siteprotect.net/) is a venerable New York based anti-secrecy site that has been publishing since 1999. On Feb 24, 2010, the site was forcably taken down following its publication Microsoft's "Global Criminal Compliance Handbook", a confidential 22 page booklet designed for police and intelligence services. The guide provides a "menu" of information Microsoft collects on the users of its online services. Microsoft lawyers threatened Cryptome and its "printer", internet hosting provider giant Network Solutions under the Digital Millennium Copyright Act (DMCA). The DMCA was designed to protect the legitimate rights of publishers, not to conceal scandalous internal documents that were never intended for sale. Although the action is a clear abuse of the DMCA, Network Solutions, a company with extensive connections to U.S. intelligence contractors, gagged the site in its entirety. Such actions are a serious problem in the United States, where although in theory the First Amendment protects the freedom of the press, in practice, censorship has been privatized via abuse of the judicial system and corporate patronage networks.

Peter Presland
02-25-2010, 04:23 PM
Further to my last post the following link is worth perusing. It is a temporary version of the latest cryptome stuff pending transfer of everything to a new ISP. There is a 'legal lock' on the Domain name pending dispute resolution which means it will have to make do with a different name (probably that in the referenced link) in the meantime.

Looks to me like the noose is tightening on us uppity sods on the internet so maybe DPF should have a good think about its hosting arrangements too - at least have a solid back-up regime and an alternative Domain Name and prospective ISP (in a different jurisdiction) on stand by.

http://cryptomeorg.siteprotect.net/

Peter Presland
02-25-2010, 04:45 PM
This links to a series of exchanges (http://cryptomeorg.siteprotect.net/0001/bbc-cryptome2.htm) between the BBC and John Young before, during and after a 'for radio' interview done at the BBC News Bureau in NYC a few days ago.

There is a video on the interview on YouTube here (http://www.youtube.com/watch?v=b08Klwhj-I4)

Both are vintage John Young - priceless stuff. The man certainly IS 'a minor institution' and should be given vigorous support in his battles with Authority - IMHO.

A snippet - Chris is the out-of-his-depth BBC interviewer (MY Bolding):

Chris asked if there was any information Cryptome would not publish, even top secret information that would threaten a nation.

Cryptome said those questions are often posed as bait, that there is slight chance that "nation-threatening" information will ever be sent to Cryptome, that instead it is authoritatives who release such information when it suits their purpose.
That authoritatives are the principal source of classified and confidential information released to the public through orchestrated freedom of information and "openness" programs to appear public-friendly, but which corrupt public discourse and comprehension with carefully prepared disinformation in concert with other authoritatives, especially those who traffic in official statements, deliberate leaks and disclosures by unidentified officials "not authorized to speak" but who do so avidly.

Chris asked if Cryptome recognized the danger of releasing unauthorized and unvalidated information, in particular using the Internet.

Cryptome said there was little danger in that, the danger comes from too much control of information by authoritatives in the classic one-to-many manipulation of the public. Many-to-many handling of information is far superior and the Internet can be highly effective for that purpose if the current initiative by authoritatives to clamp down its unruly nature is resisted.

Chris cited the need for reputation protection against anonymous attackers.

Cryptome said reputation is a pretentious conceit to overvalue, that it deserves sustained attack not protection, the greater the reputation the more need for challenge whether anonymous or open. Anonymous challenges guard against authoritative abuse to protect unquestioned privilege. Those attacked should counter attack by the same means rather than demand authoritative intervention, to continuously demonstrate capability not to hide its husk's emptiness under libel law -- the latter is a vestige of ancient inherited privilege of authoritatives.

David Guyatt
02-25-2010, 05:46 PM
Further to my last post the following link is worth perusing. It is a temporary version of the latest cryptome stuff pending transfer of everything to a new ISP. There is a 'legal lock' on the Domain name pending dispute resolution which means it will have to make do with a different name (probably that in the referenced link) in the meantime.

Looks to me like the noose is tightening on us uppity sods on the internet so maybe DPF should have a good think about its hosting arrangements too - at least have a solid back-up regime and an alternative Domain Name and prospective ISP (in a different jurisdiction) on stand by.

http://cryptomeorg.siteprotect.net/

I think you're right and that Cryptome is being designedly strangled.

Your precautionary suggestion strikes me also as very sensible. Mirroring in different jurisdictions may be the answer - not that I'm particularly au-fait with internet-thingy technicalities.

Peter Presland
02-26-2010, 09:10 AM
Microsoft has withdrawn it's take-down notice per the following exchanges - read in reverse order - bottom to top:

Subject: DN: www.cryptome.org; (http://www.cryptome.org;) Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
Date: Thu, 25 Feb 2010 12:22:59 -0500
From: "DMCA" <DMCA[at]networksolutions.com>
To: "John Young" <jya[at]pipeline.com>
We would like to notify you that Microsoft has contacted us regarding www.cryptome.org (http://www.cryptome.org). Microsoft has withdrawn their DMCA complaint. As a result www.cryptome.org (http://www.cryptome.org) has been reactivated and this matter has been closed. Please allow time for the reactivation to propagate throughout the various servers around the world.
Linda L. Larsen, Designated Agent
Network Solutions, LLC
Telephone: 703.668.5615
Facsimile: 703.668.5959
Email: dmca[at]networksolutions.com
_________
Subject: DN: www.cryptome.org; (http://www.cryptome.org;) Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
Date: Thu, 25 Feb 2010 13:09 -0500
To: "DMCA" <DMCA[at]networksolutions.com>
From: "John Young" <jya[at]pipeline.com>
Dear Ms. Larsen,
You may know we are publishing our email exchanges to help readers understand the process. Could you describe means by which Microsoft withdrew their DMCA complaint?
Regards,
John Young
__________
Subject: RE: DN: www.cryptome.org; (http://www.cryptome.org;) Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
Date: Thu, 25 Feb 2010 13:24:52 -0500
From: "DMCA" <DMCA[at]networksolutions.com>
To: "John Young" <jya[at]pipeline.com>
We received an email from Microsoft’s counsel withdrawing the complaint. Accordingly, we restored access and notified you of our action.
If you have any questions, please feel free to call me.
Linda L. Larsen, Designated Agent
Network Solutions, LLC
Telephone: 703.668.5615
Facsimile: 703.668.5959
Email: dmca[at]networksolutions.com
__________
Subject: RE: DN: www.cryptome.org; (http://www.cryptome.org;) Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
Date: Thu, 25 Feb 2010 13:42 -0500
To: "DMCA" <DMCA[at]networksolutions.com>
From: "John Young" <jya[at]pipeline.com>
Could we get a copy of the Microsoft email? For the public record.
Thanks, John
__________
Subject: DN: www.cryptome.org; (http://www.cryptome.org;) Registrar: Network Solutions; Host: Network Solutions - Demand for Immediate Take Down - Notice of Infringing Activity - MS Ref. 304277
Date: Thu, 25 Feb 2010 14:09:47 -0500
From: "DMCA" <DMCA[at]networksolutions.com>
To: "John Young" <jya[at]pipeline.com>
Mr. Young,
Pursuant to your request, attached please find the email correspondence containing Microsoft’s withdrawal of its “takedown request”.
Respectfully,
Linda L. Larsen, Designated Agent
Network Solutions, LLC
Telephone: 703.668.5615
Facsimile: 703.668.5959
Email: dmca[at]networksolutions.com
__________
X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: from opsmail.prod.netsol.com ([10.221.32.60]) by nsiva-exchange4.CORPIT.NSI.NET with Microsoft SMTPSVC(6.0.3790.3959); Wed, 24 Feb 2010 22:47:25 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----_=_NextPart_003_01CAB5CD.3E340480"
Received: from corpcm3 (corpcm3.mgt.netsol.com [10.221.32.102]) by opsmail.prod.netsol.com (8.12.10/8.12.10) with ESMTP id o1P3lOsM023759 for <dmca[at]networksolutions.com>; Wed, 24 Feb 2010 22:47:24 -0500 (EST)
Received: from [10.253.64.77] ([10.253.64.77:43581] helo=networksolutions.com) by corpcm3 (envelope-from <ecox[at]cov.com>) (ecelerity 2.2.2.41 r(31179/31189)) with ESMTP id E2/39-15380-3C2F58B4; Wed, 24 Feb 2010 22:47:15 -0500
Received: (qmail 23471 invoked from network); 25 Feb 2010 03:45:41 -0000
Received: from dchost2.cov.com (HELO CBIEXI02DC.cov.com) (216.200.93.137) by tip2.lb.netsol.com with SMTP; 25 Feb 2010 03:45:41 -0000
Received: from cbiexm02sf.cov.com ([172.16.160.88]) by CBIEXI02DC.cov.com with Microsoft SMTPSVC(6.0.3790.3959); Wed, 24 Feb 2010 22:46:57 -0500
Content-class: urn:content-classes:message
Subject: Re: Ticket Number 1-452132847
Date: Wed, 24 Feb 2010 22:46:56 -0500
Message-ID: <54F83DC1AC2D7443AA904FFD32E2DAA40877B437[at]cbiexm02sf.cov.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Re: Ticket Number 1-452132847
Thread-Index: Acq06IFo420gHHQPThWg1v/l3yM7TAAAjYcAAABtzJAAABl6EAAAmcd6ADcZlUA=
From: "Cox, Evan" <ecox[at]cov.com>
To: "DMCA" <dmca[at]networksolutions.com>
Cc: "internet4[at]microsoft-antipiracy.com" <IMCEAMAILTO-internet4+40microsoft-antipiracy+2Ecom[at]cov.com>
Dear Ms. Larsen:
I am outside counsel to Microsoft Corporation. I am writing to confirm my telephone message left with your nighttime operator at 7:45 PST this evening to withdraw Microsoft's takedown request with respect to the file available at http://cryptome.org/isp-spy/microsoft-spy.zip which is the subject of the correspondence below.
While Microsoft has a good faith belief that the distribution of the file that was made available at that address infringes Microsoft's copyrights, it was not Microsoft's intention that the takedown request result in the disablement of web acess to the entire cryptome.org website on which the file was made available.
Accordingly, on behalf of Microsoft, I am hereby withdrawing the takedown request and asking that Network Solutions restore internet access to http: cryptome.org as soon as possible.
I can be reached at 415-640-5145 if you wish to discuss this request.
Sincerely,
Evan Cox
Counsel to Microsoft Corporation
Here's the site's invitation to provide information generally.

Cryptome welcomes documents for publication that are prohibited by governments worldwide, in particular material on freedom of expression, privacy, cryptology, dual-use technologies, national security, intelligence, and secret governance -- open, secret and classified documents -- but not limited to those. Documents are removed from this site only by order served directly by a US court having jurisdiction. No court order has ever been served; any order served will be published here -- or elsewhere if gagged by order. Bluffs will be published if comical but otherwise ignored. 100% record just about intact :fight:
The man has a droll, deadpan sense of humour - I like it.

David Guyatt
02-26-2010, 09:15 AM
That's good news Peter. I wonder what sort of pressure Microsoft came under to change their corporate persons mind?

Peter Presland
02-26-2010, 09:41 AM
That's good news Peter. I wonder what sort of pressure Microsoft came under to change their corporate persons mind?
David

I'm heartened too.

The MS Counsel explanation for the withdrawal request is worth pondering too. Amusing, revealing and a few other unintended adjectives apply.

While Microsoft has a good faith belief that the distribution of the file that was made available at that address infringes Microsoft's copyrights, it was not Microsoft's intention that the takedown request result in the disablement of web acess to the entire cryptome.org website on which the file was made available.As though they had no idea that a threat against the host (rather than Cryptome itself whose address and contact details are displayed prominently on the site) would result in the site being suspended if Cryptome declined to comply.

For my money it's another welcome 'egg-on-face' episode for the powerful. They must be collectively scratching their heads in bewilderment at just how the hell they are ever going to crack down on all this uppity freedom to shine lights where they don't want it shined.

David Guyatt
02-26-2010, 10:42 AM
For my money it's another welcome 'egg-on-face' episode for the powerful. They must be collectively scratching their heads in bewilderment at just how the hell they are ever going to crack down on all this uppity freedom to shine lights where they don't want it shined.

One reason, I suspect, that we're seeing such polarities of events going on at the present. One the one hand we have the case where a US corporation is going to run for an elected office, and on the other, the British Court of Appeals has just dumped smelly rotten egg on the collective faces of our beloved Fuhrer-in-waiting, Milliband, and his brothers in deep mireshire, the intelligence and security services of Her Marmship (see my post No. 28 this morning: http://www.deeppoliticsforum.com/forums/showthread.php?t=3127&page=3

Peter Presland
03-05-2010, 04:08 PM
It seems that donations to the site through PayPal surged following the Microsoft take-down rucus. Paypal's auto-monitoring algorithms turned red and BINGO ! Cryptome account suspended!

That's the official version anyway - and it points squarely at what lies ahead. Also a peek at the workings of the PayPal version of that MS 'spy-guide' that started this thread - Cryptome posted it a couple of days ago. Now there's a coincidence theory for you.

5 March 2010
PayPal sends:
Date: Fri, 05 Mar 2010 04:03:37 -0800
to: cryptome[at]earthlink.net
subject: Update to Your Account, PP-910-103-553
From: <service[at]paypal.com> SIZE=1555 Dear John Young,
We have reviewed your PayPal Account, and due to the excessive risk involved, we would like to begin parting ways in a manner that is least disruptive to your business.
-----------------------------------
Disbursement options
-----------------------------------
Option 1. If you owe refunds to any of your buyers, you can use the money in your PayPal account to refund them.
To refund your buyers:
1. Log in to your PayPal account.
2. Click "Contact Us" at the bottom of any page.
3. Click "Contact Customer Service."
4. Under "Choose a Topic," select "Sending/Receiving Money."
5. Under "Choose a Subtopic," select "Refund/Cancel a Payment."
6. Click "Continue" and follow the instructions to refund payments.
Option 2. Money in your PayPal account will be held for 180 days. After 180 days, we'll email you information on how to receive your funds.
We regret any inconvenience this may cause.
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and click the Help link in the top right corner of any PayPal page.
Sincerely,
Jennifer
PayPal Account Review Department
PayPal, an eBay Company
Cryptome: Requests for Cryptome DVDs made through PayPal will be fulfilled despite the shutdown. Email notifications have been received through (US ET) 4:45AM, 5 March 2010, with shipping information. Any other requests through PayPal will be fulfilled until PayPal stops accepting transactions. Consider using cash, check or money order until other online payment has been arranged. Or just email a shipping address, forget about pay, pal.
PayPal shutdown shenanigans are amply and angrily covered on Google (a poster says, "look, its a banking service, expect to get screwed, first a beautiful welcome, then crap treatment;" another says "the shutdown reason is always secret if its government.") and the matter is addressed in line with Cryptome's public information on gov-com censorship topics.
Cryptome has published two of PayPal's lawful spying docs:
http://cryptome.org/isp-spy/paypal-spy.zip
http://cryptome.org/isp-spy/paypal-spy2.pdf
The DVDs were and are intended to get the archive widely distributed as beneficial public information and partial protection against the shutdown of the site. Donations are welcome but not essential to continued operation -- Natsios Young Architects (http://natsios-young.com/) has been since 1996 the primary funding source. Shortly the PayPal topic will sink into the archive swamp.
4 March 2010

A writes:
If you have not already done so, get another payment processor to handle your transactions. I went through exactly the same thing with PayPal, identical emails, etc. They froze the account for 6 months on the theory that they might have to refund all the transactions.
If you have any bank accounts, credit card/debit card accounts associated with your PayPal account be aware that PayPal will draw from those accounts without notice to you. Better to open new bank accounts/debit card accounts immediately and transfer all your funds out of your present accounts to your new accounts.
I use ProPay and recommend them. Also, Google has a great payment processing system which you can access with your Google account.
Probably best to abandon PayPal now and not rely on any efforts on their part to reinstate your account.

It appears that PayPal is responding to, or preparing, a Financial Crimes Enforcement Network (FinCEN (http://www.fincen.gov/)) Suspicious Activity Report (SAR (http://cryptome.org/0001/cryptome-sar.htm#sar)) about Cryptome. Cryptome's account was locked on March 3, 2010; money can come in, none can be withdrawn. PayPal has asked Cryptome to explain its "business model." The first email:
Date: Wed, 03 Mar 2010 09:45:04 -0800
From: service[at]paypal.com
To: cryptome[at]earthlink.net
Subject: Notification of Limited Account Access RXI034 Dear John Young,
As part of our security measures, we regularly screen activity in the PayPal system. During a recent screening, we noticed an issue regarding your account.
We have observed activity in this account that is unusual or potentially high risk.
Case ID Number: PP-910-103-553
For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause.
To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center. If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking "Contact Us".
We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
Sincerely,
PayPal Account Review Department
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and click the Help link in the top right corner of any PayPal page.
PayPal Email ID PP522

Cryptome provided the information at the website as requested on March 3. Nothing happened. An email request was sent to Paypal, which answered with these instructions (which had already been followed):
From: service[at]paypal.com
To: cryptome[at]earthlink.net
Date: 3 Mar 2010 19:02:05 -0600
Subject: Limited Account Dear John Young,
To view the details regarding your limited account access, please follow these steps:
1. Log in to your PayPal Account at https://www.paypal.com/ by entering your email address and password in the Member Log In box
2. Click on the 'Click to Resolve' link on your Account Overview page
3. Click the 'Why' link to view the Limited Account Access Details
You will be able to view what steps need to be taken to restore your account access
Please Note:
* Appeals cases and faxed documentation are worked in the order they are received
* If your account access is limited, please see the section entitled 'How can I restore my account access?' for information on how to restore your account access
If you have any further questions, please feel free to contact us again.
Thank you for using PayPal!
The PayPal Team
Please do not reply to this e-mail. Mail sent to this address cannot be answered.

Cryptome went to the PayPal site and found that there were no open items to be answered. Another email was sent and PayPal responded with this:
Date: Thu, 04 Mar 2010 06:16:55 -0800
From: service[at]paypal.com
to: cryptome[at]earthlink.net
subject: Request for additional information PP-910-103-553 RXI034 Dear John Young,
Your account access limitation cannot be lifted at this time. PayPal requests that you provide additional information regarding the transactions you are processing.
Please explain your business model.
We would like to obtain as much information as possible about the above transaction(s), in order to expedite this investigation.
Sincerely,
Anna
PayPal Account Review Department
PayPal, an eBay Company

Cryptome sent Anna by email information about the site. The email bounced. This morning Cryptome telephoned PayPal and spoke to an agent, who directed Cryptome to the PayPal site where she had added a new item for Cryptome to provide information. The information was entered in a form along with other explanations of transactions:
The PayPal transactions are donations to Cryptome.org a public service, non-commerical, website, for DVD copies of the open, free, archive. It is not a business. See the Wikipedia entry: http://en.wikipedia.org/wiki/Cryptome
During the past two weeks there have been news reports about Cryptome.org that has led to an unusual increase of donations. Usually donations come in once or twice a week, as you can see from our PayPal account. Most recently donations have dropped to a customary small number after the recent surge.
Expenses for operating Cryptome.org are not fully covered by donations, by far most are paid by me.
I am a professional architect in New York City, and have provided unpaid public service parallel to professional practice since 1968. Cryptome.org is part of that contribution.
Sincerely,
John Young

The information requested by PayPal appears to fit that required to file a Suspicious Activity Report.
http://en.wikipedia.org/wiki/Suspicious_activity_report Suspicious Activity Report
The purpose of the Suspicious Activity Report is to report known or suspected violations of law or suspicious activity observed by financial institutions subject to the regulations of the Bank Secrecy Act (BSA). In many instances, SARs have been instrumental in enabling law enforcement to initiate or supplement major money laundering or terrorist financing investigations and other criminal cases.[citation needed] Information provided in SAR forms also presents FinCEN with a method of identifying emerging trends and patterns associated with financial crimes. The information about those trends and patterns is vital to law enforcement agencies and provides valuable feedback to financial institutions.[citation needed]
[edit] Who reports suspicious activity
The report can start with anyone at a bank, from a teller to a back office clerk to a manager. They are generally trained to be alert for suspicious activity, such as people trying to wire money out of the country without identification, or someone with no job who starts depositing large amounts of cash into an account. Employees are trained to communicate their suspicion up their chain of command where further decisions are made about whether to file a report or not.
Many different financial industries are now required to file SARs. Each SAR form was specifically designed to accommodate respective institution types such as depository institutions, money services businesses (MSBs) or the securities and futures industry.
For example, MSBs such as check cashing establishments and money remitters use the SAR-MSB form, while casinos use the SARC form.
[edit] When is a SAR filed?
FinCEN requires a SAR report to be filed by a financial institution when the financial institution suspects: insider abuse by an employee; violations of law aggregating over $5,000 or more where a subject can be identified; violations of law aggregating over $25,000 or more regardless of a potential subject; transactions aggregating $5,000 or more that involve potential money laundering or violations of the Bank Secrecy Act; computer intrusion; or when a financial institution knows that a customer is operating as an unlicensed money services business.
SAR confidentiality
Unauthorized disclosure of a SAR filing is a federal criminal offense.[1] In other words, any bank employee who has a suspicion is trained to only discuss the suspicion with their supervisors, and not anyone else, including the customer who is under suspicion and coworkers. The fact that an SAR has been filed is also supposed to be a secret.
An individual or organization is precluded from discovering the existence of a SAR filed that includes their name. Financial institutions undertake an investigation process prior to filing a SAR to assure that the information reported is appropriate, complete, and accurate. This process will often include review by financial investigators, management and/or attorneys prior to filing.
One technique used by money launderers is to transfer money in small amounts to avoid triggering the amount for a SAR. The surge in small donations to Cryptome fit that pattern.
There is a possibility that a SAR was initiated by another party for suspicions about activities other than money laundering. Or the PayPal lock is the result of some other aggression. The website shows no open complaints about Cryptome (one complaint led to a refund and was closed).
Cryptome will report PayPal's determination to maintain the lock, shut the account, and the funds confiscated by forfeiture to FinCEN. Or re-open it as if all is well following the Microsoft-NetSol-Gov invasive spying business model.
PayPal's policy for disclosing customer information and for cooperating with law enforcement:

http://cryptome.org/isp-spy/paypal-spy.zip
http://cryptome.org/isp-spy/paypal-spy2.pdf

Ed Jewett
03-14-2010, 10:36 PM
Sunday, March 14, 2010

Beyond Orwell: The Electronic Police State, 2010 (http://antifascist-calling.blogspot.com/2010/03/beyond-orwell-electronic-police-state.html)


A truism perhaps, but before resorting to brute force and open repression to halt the "barbarians at the gates," that would be us, the masters of declining empires (and the chattering classes who polish their boots) regale us with tales of "democracy on the march," "hope" and other banalities before the mailed fist comes crashing down.

Putting it another way, as the late, great Situationist malcontent, Guy Debord did decades ago in his relentless call for revolt, The Society of the Spectacle (http://www.bopsecrets.org/SI/debord/):

"The reigning economic system is a vicious circle of isolation. Its technologies are based on isolation, and they contribute to that same isolation. From automobiles to television, the goods that the spectacular system chooses to produce also serve it as weapons for constantly reinforcing the conditions that engender 'lonely crowds.' With ever-increasing concreteness the spectacle recreates its own presuppositions."

And when those "presuppositions" reproduce ever-more wretched clichés promulgated by true believers or rank opportunists, take your pick, market "democracy," the "freedom to choose" (the length of one's chains), or even quaint notions of national "sovereignty" (a sure fire way to get, and keep, the masses at each others' throats!) we're left with a fraud, a gigantic swindle, a "postmodern" refinement of tried and true methods that would do Orwell proud!

Ponder Debord's rigorous theorem and substitute "cell phone" and "GPS" for "automobile," and "Internet" for "television" and you're soon left with the nauseating sense that the old "infobahn" isn't all its cracked up to be. As a seamless means for effecting control on the other hand, of our thoughts, our actions, even our whereabouts; well, that's another story entirely!

In this light, a new report published by Cryptohippie, The Electronic Police State: 2010 National Rankings (https://secure.cryptohippie.com/pubs/EPS-2010.pdf), delivers the goods and rips away the veil from the smirking visage of well-heeled corporate crooks and media apologists of America's burgeoning police state.

"When we produced our first Electronic Police State report" Cryptohippie's analysts write, "the top ten nations were of two types:

1. Those that had the will to spy on every citizen, but lacked ability.
2. Those who had the ability, but were restrained in will.But as they reveal in new national rankings, "This is changing: The able have become willing and their traditional restraints have failed." The key developments driving the global panopticon forward are the following:

? The USA has negated their Constitution's fourth amendment in the name of protection and in the name of "wars" against terror, drugs and cyber attacks.
? The UK is aggressively building the world of 1984 in the name of stopping "anti-social" activities. Their populace seems unable or unwilling to restrain the government.
? France and the EU have given themselves over to central bureaucratic control.In France, the German newsmagazine Spiegel (http://www.spiegel.de/international/europe/0,1518,678508,00.html) reported that a new law passed by the lower house of Parliament in February "conjures up the specter of Big Brother and the surveillance state."

Similar to legislation signed into law by German president Horst Köhler last month, police and security forces in France would be granted authority to surreptitiously install malware known as a "Trojan horse" to spy on private computers. Remote access to a user's personal data would be made possible under a judge's supervision.

While French parliamentarians aligned with right-wing President Nicolas Sarkozy insist the measure is intended to filter and block web sites with criminal content or to halt allegedly "illegal" file sharing, civil libertarians have denounced the legislation.

Sandrine Béllier, a member of the European Parliament for the Green Party, said that "when it comes to restrictions, this text is preparing us for hell."

Additionally, the new law will include measures that will further integrate police files and private data kept by banks and other financial institutions. French securocrats cynically insist this is a wholly innocent move to "maintain the level and quality of service provided by domestic security forces," Interior Minister Brice Hortefeux told Spiegel.

Generalized political measures such as these that hinder free speech and expression, whilst enhancing the surveillance capabilities of the state, also indicate that so-called "Western democracies" are not far behind beacons of freedom such as China, North Korea, Belarus and Russia when it comes to repressive police measures. Indeed, Cryptohippie's rankings place the United States a mere 2/100ths of a point behind Russia when it comes to Internet and other forms of electronic spying.

The top ten scofflaws in 2010 are: 1. North Korea; 2. China; 3. Belarus; 4. Russia; 5. United States; 6. United Kingdom; 7. France; 8. Israel; 9. Singapore and, 10. Germany.

A Profit-Driven Panopticon

In a capitalist "democracy" such as ours where the business of government is always business and individual liberties be damned, grifting North American and European telecommunications and security firms, with much encouragement and great fanfare from their national security establishments and a lap-dog media blaze the path for Western versions of the sinister "Golden Shield."

Recently in the United States, whistleblowing web sites such as Cryptome (http://cryptome.org/) and Slight Paranoia (http://paranoia.dubfire.net/) have come under attack. Both sites have been hit by take down notices under the onerous Digital Millennium Copyright Act for posting documents and files that exposed the close, and very profitable arrangements, made by giant telecommunications firms and ISPs with the American secret state.

In Cryptome's case, administrator John Young had his site shuttered for a day when the giant software firm, Microsoft, demanded that its so-called "lawful spying guide" be removed by Young. All five files are currently back on-line as Zipped files at Cryptome and make for a very enlightening read.

But the harassment didn't stop there. When Young published PayPal's "lawful spying guide," the firm froze Cryptome's account, in all likelihood at the behest of America's spy agencies, allegedly for "illegal activities," i.e., offering Cryptome's entire archive for sale on two DVDs!

Why would the secret state's corporate partners target Young? Perhaps because since 1996, "Cryptome welcomes documents for publication that are prohibited by governments worldwide, in particular material on freedom of expression, privacy, cryptology, dual-use technologies, national security, intelligence, and secret governance--open, secret and classified documents--but not limited to those. Documents are removed from this site only by order served directly by a US court having jurisdiction. No court order has ever been served; any order served will be published here--or elsewhere if gagged by order. Bluffs will be published if comical but otherwise ignored."

In previous reports (https://secure.cryptohippie.com/pubs/EPS-2008.pdf), Cryptohippie characterized an electronic police state thusly:

1. It is criminal evidence, ready for use in a trial.
2. It is gathered universally ("preventively") and only later organized for use in prosecutions.Silent and seamless, our political minders have every intention of deploying such formidable technological resources as a preeminent--and preemptive--means for effecting social control. Indeed, what has been characterized by corporate and media elites as an "acceptable," i.e. managed political discourse, respect neither national boundaries, the laws and customs of nations, nor a population's right to abolish institutions, indeed entire social systems when the governed are reduced to the level of a pauperized herd ripe for plunder.

How then, does this repressive metasystem work? What are the essential characteristics that differentiate an Electronic Police State from previous forms of oppressive governance? Cryptohippie avers:

"In an Electronic Police State, every surveillance camera recording, every email sent, every Internet site surfed, every post made, every check written, every credit card swipe, every cell phone ping... are all criminal evidence, and all are held in searchable databases. The individual can be prosecuted whenever the government wishes."

"Long term" Cryptohippie writes, the secret state (definitionally expanded here to encompass "private" matters such as workplace surveillance, union busting, persecution of whistleblowers, corporate political blacklisting, etc.), "the Electronic Police State destroys free speech, the right to petition the government for redress of grievances, and other liberties. Worse, it does so in a way that is difficult to identify."

As Antifascist Calling and others have pointed out, beside the usual ruses deployed by ruling class elites to suppress general knowledge of driftnet spying and wholesale database indexing of entire populations, e.g., "national security" exemptions to the Freedom of Information Act, outright subversion of the rule of law through the expansion of "state secrets" exceptions that prohibit Courts from examining a state's specious claims, one can add the opaque, bureaucratic violence of corporations who guard, by any means necessary, what have euphemistically been christened "proprietary business information."

In a state such as ours characterized by wholesale corruption, e.g., generalized financial swindles, insider trading, sweetheart deals brokered with suborned politicians, dangerous pharmaceuticals or other commodities "tested" and then certified "safe" by the marketeers themselves, the protection of trade secrets, formulas, production processes and marketing plans are jealously guarded by judicial pit bulls.

Those who spill the beans and have the temerity to reveal that various products are harmful to the public health or have deleterious effects on the environment (off-loaded onto the public who foot the bill as so-called "external" costs of production) are hounded, slandered or otherwise persecuted, if not imprisoned, by the legal lackeys who serve the corporatist state.

How does this play out in the real world? According to Cryptohippie, the objective signs that an electronic net has closed in to ensure working class compliance with our wretched order of things, are the following:

Daily Documents: Requirement of state-issued identity documents and registration.

Border Issues: Inspections at borders, searching computers, demanding decryption of data.

Financial Tracking: State's ability to search and record all financial transactions: Checks, credit card use, wires, etc.

Gag Orders: Criminal penalties if you tell someone the state is searching their records.

Anti-Crypto Laws: Outlawing or restricting cryptography.

Constitutional Protection: A lack of constitutional protections for the individual, or the overriding of such protections.

Data Storage Ability: The ability of the state to store the data they gather.

Data Search Ability: The ability to search the data they gather.

ISP Data Retention: States forcing Internet Service Providers to save detailed records of all their customers' Internet usage.

Telephone Data Retention: States forcing telephone companies to record and save records of all their customers' telephone usage.

Cell Phone Records: States forcing cellular telephone companies to record and save records of all their customers' usage, including location.

Medical records: States demanding records from all medical service providers and retaining the same.

Enforcement Ability: The state's ability to use overwhelming force (exemplified by SWAT Teams) to seize anyone they want, whenever they want.

Habeas Corpus: Lack of habeas corpus, which is the right not to be held in jail without prompt due process. Or, the overriding of such protections.

Police-Intel Barrier: The lack of a barrier between police organizations and intelligence organizations. Or, the overriding of such barriers.

Covert Hacking: State operatives copying digital evidence from private computers covertly. Covert hacking can make anyone appear as any kind of criminal desired, if combined with the removing and/or adding of digital evidence.

Loose Warrants: Warrants issued without careful examination of police statements and other justifications by a truly independent judge.

Sound familiar? It should, since this is the warped reality manufactured for us, or, as Debord would have it: "The spectacle cannot be understood as a mere visual excess produced by mass-media technologies. It is a worldview that has actually been materialized, a view of a world that has become objective."

That such a state of affairs is monstrous is of course, an understatement. Yet despite America's preeminent position as a militarist "hyperpower," the realization that it is a collapsing Empire is a cliché only for those who ignore history's episodic convulsions.

If, as bourgeois historian Niall Ferguson suggests in the March/April 2010 issue of Foreign Affairs (http://www.foreignaffairs.com/articles/65987/niall-ferguson/complexity-and-collapse?page=show), the American Empire may "quite abruptly ... collapse," and that this "complex adaptive system is in big trouble when its component parts lose faith in its viability," what does this say about the efficacy of an Electronic Police State to keep the lid on?

Despite the state's overwhelming firepower, at the level of ideology as much as on the social battlefield where truncheons meet flesh and bullets fly, Marx's "old mole" is returning with a vengeance, the "specter" once again haunting "rich men dwelling at peace within their habitations," as Churchill described the West's system of organized plunder.

Against this loss of "faith" in the system's "viability," Debord points out, although the working class "has lost its ability to assert its own independent perspective," in a more fundamental sense "it has also lost its illusions." In this regard, "no quantitative amelioration of its impoverishment, no illusory participation in a hierarchized system, can provide a lasting cure for its dissatisfaction."

Forty years on from Debord, sooner rather later, an historical settling of accounts with the system of global piracy called capitalism will confront the working class with the prospect of "righting the absolute wrong of being excluded from any real life."

As that process accelerates and deepens, it will then be the "watchers" who tremble...
Posted by Antifascist at 1:03 PM (http://antifascist-calling.blogspot.com/2010/03/beyond-orwell-electronic-police-state.html)

David Guyatt
03-15-2010, 09:50 AM
I think the description of "digital Panopticon" nicely sums up what is going on. Not least because the Panopticon used fear as an instrument of control.