Future Tense
The Citizen's Guide to the Future

April 12 2016 4:43 PM

Facebook Live’s Big Problem Isn’t Porn. It’s Copyright.

If you believe some of what you read, Facebook’s Live video program has an intimacy problem: In Wired, for example, Julia Greenberg reports on the potential that the platform will be used for porn, writing that “the live broadcast of dick vids… and their ilk seems inevitable.” Greenberg is surely right to warn that Facebook’s community standards won’t enforce themselves.

But it’s unlikely that the site will devolve into a Chatroulette-style exhibitionist’s paradise anytime soon, partly because its controversial “real names” policy makes it hard for most to remain anonymous. Far more troublesome for Facebook will be videos like the clumsily filmed Orioles game I tuned into through Facebook’s map of current broadcasts on Monday afternoon. Whether or not the social network’s expanded investment in live video is just a trend, it promises to pose serious problems for our understanding of—and approach to—matters of intellectual property. And even as Facebook works to resolve some of these concerns, it may be creating new ones that will reshape the ways we distribute and consume media of all sorts.

Copyright issues are hardly new for streaming media companies: Justin.tv, the live streaming pioneer that later became Twitch, ran into legal trouble soon after its conception when users began employing the service to broadcast free streams of sports events airing on cable. Thanks to the Digital Millennium Copyright Act’s safe harbor protections, the company was mostly exonerated. Nevertheless, these struggles helped inspire the company’s shift away from streaming more generally and toward e-sports. Focusing on a largely untapped market—rather than video as such—proved a safer bet for the startup. (Disclosure: Twitch CEO Emmett Shear is a friend, though I did not consult him for this story and have not talked with him directly about these issues.)

Sporting events have remained a real concern for streaming services in the years since: Twitter’s Periscope featured a host of pirated fight night broadcasts during the Mayweather–Pacquiao bout last year, with users pointing their phones at their televisions. The company would later claim that it received 66 complaints during the match and that it pulled 30 streams after investigating them.

But it may be difficult to enforce claims against clips like the one from the Orioles game I watched, since it was filmed by a fan in the stadium itself. In an article on the legal status of streaming services, PC World’s Zach Miners writes that courts have held that sporting events aren’t always covered under copyright protections, because they aren’t typically authored in the way that, for example, a well-rehearsed play would be. That’s presumably part of why Major League Baseball made its peace with Periscope—and why it likely will with Facebook as well. It may also tie back to the online streaming deal that the NFL recently signed with Twitter.

Ultimately, however, such issues only hint at the real intellectual property issues at play, issues only amplified by Facebook’s entry into the arena. More clearly copyrighted materials introduce a variety of problems, and the solutions aren’t always clear: HBO, for example, lashed out at Periscope last year when users employed the app to stream Game of Thrones fifth-season premiere. Where YouTube has long had systems in place to detect infringement, the equivalent technologies for streaming content are still in their infancy. It’s easy to imagine similar concerns coming up if a user were to live stream a concert, and even harder to imagine how a technical solution could prevent any resulting loss of revenue.

As Greenberg reports, Facebook is largely counting on its own users to report objectionable content, since it doesn’t yet have plans in place to algorithmically filter out nudity and violence. Likewise, Facebook allows rights holders to make claims against infringing, in-progress streams, thereby triggering a review and take-down process, a process that it claims it resolves swiftly once alerted. Though the company proffers this as an optional form of recourse, it ultimately functions more as an obligation, compelling rights holders to protect their own products.

Where copyright is concerned, however, Facebook has also been working out more technical solutions. It’s already taken a step in this direction with its efforts to prevent “freebooting,” the act of uploading another creator’s videos without permission. To that end, Facebook has implemented image- and audio-matching systems that help flag duplicates of existing content, an option that has previously only been available for some users, according to the company.

On Tuesday, Facebook publicly debuted a rights management system that makes these tools more widely accessible. It primarily serves to help publishers decide how their videos circulate on the site, and gives them a centralized system for locating and reporting infringing videos by comparing new content against other materials in its database. Notably, it also works for streaming videos.

The company writes in its blog post:

We check every Facebook Live video stream against files in the Rights Manager reference library, and if a match surfaces, we’ll interrupt that live video. Video publishers and media companies can also provide reference streams of live content so that we can check live video on Facebook against those reference streams in real time.

By automating the process, Facebook removes some of the burden from those who’ve had their efforts appropriated. It’s possible, however, that these solutions won’t be enough to solve the real concerns that Facebook Live creates. Despite the company’s efforts, freebooting remains a problem for many, and requires considerable, unpaid effort from creators if they want to protect themselves against pirates. Live content threatens to intensify such frustrations, especially for less well-resourced creators who can’t (or don’t want to) upload their work in advance for comparison. It would be difficult, for example, for a midlevel band or stand-up comedian to monitor streams of a concert while performing.

More troublingly, Facebook’s proposed technical solutions to copyright issues may do more to benefit Facebook itself than they do independent artists. Even if the company were to create a system that could consistently and correctly spot infringing streams, it would still need an original for comparison. Accordingly, performers and creators will have to give Facebook access to their work in the first place if they want to protect it, effectively blackmailing them into partnering with the social network.

Whether or not Facebook’s live video effort takes hold, this may be its true legacy. Even if the site’s massive user base doesn’t tune in, many of those who make the media we consume will have to.

April 11 2016 5:49 PM

Malware Found on Security Cameras Available Through Amazon

Security comes in many forms, and they’re not always compatible with one another.

That’s what a security researcher named Mike Olsen found when he went to set up an outdoor surveillance system that he had purchased on Amazon from a seller called Urban Security Group. As Olsen writes in a blog post, he found himself frustrated by the cameras’ configuration interface, so he looked at their administrative settings. What he found was a link to Brenz.pl, a site that has infected thousands of domains with malware.

Brenz.pl, as one recent post on Cyberconflict News explains, “is used by cybercriminals to infect unaware users with malware and Trojans which allow the cybercriminals to gain full control of the infected device.” In this case, the site appears to be accessed through iframe injection, a technique that loads elements of another webpage within the one a user has deliberately accessed. While this method is widely used across the web for legitimate purposes, it also has a wide range of malicious applications.

Though it’s not yet clear how the link to Brenz.pl showed up in the cameras’ firmware, Olsen isn’t the first person to have noticed it. As he points out, a Whirlpool Forums commenter discussed the troublesome redirect back in March, having found it in the firmware of a different model of camera. In an email to Slate, Olsen wrote that though it “looks like … some Chinese sites are hosting the [malicious] file,” it’s hard to know where and how it found its way onto the specific set of cameras that he purchased. “Since the distribution path of the device is unknown, it could have easily happened in transit,” he told me.

ZDNet’s Charlie Osborne, who called attention to Olsen’s post, writes, “The take-home from this is that any device, especially when it contains networking or Internet capabilities, can harbour threats to personal safety and data security. …” That’s long been true for the so-called Internet of Things more generally. As Slate’s Lily Hay Newman has repeatedly reported, all sorts of devices are hackable these days—tea kettles, baby monitors, and more. Those vulnerabilities may be even more meaningful, however, when they crop up in products meant to make us safer.

Olsen, for his own part, tells me that after he noticed the problem he reached out to Amazon, which hasn’t yet provided any “resolution or comment.” Meanwhile the seller has only “offered up a download to a replacement firmware file.”

By his own reckoning, Olsen was “lucky” to have noticed the troublesome redirect in the first place. But he has few recommendations for those looking to avoid such problems, apart from being careful about the source of your purchases. As he points out, the Amazon label may offer users a false sense of security, since any number of devices shipped through its fulfillment service can be subject to modification by malicious third-party sellers. “My suggestion is simple,” he told me. “retail stores are still more trustworthy than online [merchants]. They have solid product distribution networks and quality control on inventory.”

When I contacted the Brooklyn-based Urban Security Group, a representative assured me that none of its products have “spyware, viruses, or malware of any sort.” “We’ve sold about 200x cameras since the beginning of the year (we are a 2 person small business selling on Amazon) and NONE have had any issues,” he wrote. He pointed out that the forum posts Olsen referenced referred to cameras made by different companies and distributed by other merchants.

If that light, the problem may actually be more widespread, an issue with security cameras more generally rather than with those sold by Urban Security Group in particular. Though Olsen still argues that the seller should take responsibility, he agrees that the malware probably originates with the manufacturer or manufacturers producing these cameras. That’s a disquieting possibility, not least of all because it might mean that the very devices we use to keep ourselves safe may be making us less so.

April 7 2016 6:03 PM

Netizen Report: U.S.–Iran Tensions Rise Over Cyber Conflict, Human Rights

GVA logo

The Netizen Report offers an international snapshot of challenges, victories, and emerging trends in Internet rights around the world. It originally appears each week on Global Voices Advocacy. Mahsa Alimardani, Ellery Roberts Biddle, Weiping Li, Elizabeth Rivera, and Sarah Myers West contributed to this report.

The continued detention of Iranian technologists and Internet activists such as Arash Zad, Hossein Ronaghi Maleki, and Saeed Malekpour had many tweeting during last week’s RightsCon gathering of Internet freedom advocates in Silicon Valley.

At a panel on U.S. tech sanctions in Iran, London-based Iranian Internet researcher Nariman Gharib asked State Department representative Emily Norris about the department’s efforts to pressure the Iranian government to free imprisoned Iranian bloggers and entrepreneurs. Norris responded:

[T]here are over 900 political prisoners in Iran, so we can’t call out each of them by name, but we [can]… call on the Iranian government to release those political prisoners. ... Our main recourse in highlighting these cases, in addition to sanctions, is to call on the international community and call on the Iranian government through UN mechanisms….It’s really important for us from the State Department to hear from activists and [nongovernmental organizations] who know what’s going on so we can highlight these cases and talk about them.

So one section of the U.S. government appears eager to support the work of independent Iranian technologists. But the U.S. has also dedicated substantial resources to interfering with Iranian government technical infrastructure and preventing the Iran from doing the same in the States.

Last week, the Department of Justice indicted seven Iranians who allegedly helped carry out cyber attacks against US computer systems that controlled things including a dam in New York state and parts of the U.S. financial sector. (In Future Tense, Lily Hay Newman explained “Google dorking,” a technique reportedly used by one of the hackers.)

According to the Washington Post, this marked the first time that the government has charged state-sponsored individuals with hacking to disrupt the networks of key U.S. industries. Further investigations into the work and background of the hackers reveals that they may also have been part of government operations to deface the website of former Iranian presidential candidate and Green Movement leader Mehdi Karroubi.

Death toll rises yet again for secular Bangladeshis
A 28-year-old law student was murdered by three assailants in Dhaka, Bangladesh, on April 7. The young man was most likely targeted for his critiques of religious conservatism in the blogosphere and on Facebook. Nazimuddin Samad was a student of law in the Jagannath University who had served as an organizer with Ganajagaran Mancha, the group that has been demanding justice for the war crimes of 1971 and the banning of religious politics in the country. In 2013, his name appeared on a list of 84 bloggers and activists accused of writing against Islam by conservative Muslim clerics.

Egyptian authorities may be exploiting two-step verification
Technical researchers in Egypt are reporting that multiple high-profile human rights activists have been targeted by government surveillance mechanisms that exploit two-step verification processes for online platform logins on sites like Facebook, Yahoo, and Hotmail.

For these and other services, users are often given the option of using a mobile phone number as a second way to prove or cross-reference their identity. If a user forgets her password, she can ask the company to send a code to her mobile that she can then enter into the platform to verify her identity. In Egypt, however, thanks to strong state control over telecommunications infrastructure, it appears that state actors have been attempting to access activists’ accounts by selecting the “forgot password” option, intercepting the code sent to the activist’s mobile phone, and then resetting the password and effectively taking over the account. Learn more about what is happening from Cairo-based digital security expert Ramy Raoof.

Kazakh authorities use Facebook to police speech
Two Kazakh citizens are facing legal challenges due to their activities on Facebook. Journalist Alexander Baranov has been charged with libel for a post alleging that his employer mistreated workers and was involved in illegal activity, an accusation that could leave him responsible for paying nearly $29,000 in damages. Another woman was fined about $185 for alleging on Facebook that criminal activity was taking place in an apartment next to her.

New Research
•    “Tightening the Net: Iran's National Internet Project”—Article 19
•    “Services Unavailable to Iranian Users”—ASL19
•    “The Transparency Reporting Toolkit”—The Berkman Center for Internet Society and the Open Technology Institute
•    “Unfriending Censorship: Insights from four months of crowdsourced data on social media censorship”—Onlinecensorship.org

April 7 2016 4:49 PM

Doctors Used an ER Patient's FitBit Data to Figure Out How to Treat Him

If your fitness tracker motivates you to walk/exercise more, that’s a good thing. But providing critical life-saving data in the emergency room would be a whole other level of usefulness. And for a 42-year-old New Jersey man who had a seizure at work, Fitbit data helped ER doctors choose the best treatment and possibly save his life.

It’s the first time a fitness tracker has been used in this way, according to the Annals of Emergency Medicine, where the case report was published. (H/T to Gizmodo for spotting it.) The patient’s seizure lasted about one minute and may have occurred because he had forgotten to take his usual seizure-controlling medication that morning. Emergency medical services arrived and began treating him for rapid, irregular pulse rate while en route to Our Lady of Lourdes Medical Center in Camden, New Jersey. By the time he reached the ER, the patient’s mental state was normalizing and his only acute symptom was continuing rapid, irregular heartbeat.

ER doctors were considering using electrocardioversion (that is, using low-voltage electric current to reset heart rhythm) to address his rapid heartbeat. It wasn’t clear, though, when it had started, and Our Lady of Lourdes administers this treatment only if the arrhythmia began within the last 48 hours because of the risk of complications. Enter Fitbit. The doctors used the patient’s Fitbit app (seemingly with his permission and help) to check his recent heart rate data. 

The application was accessed on the patient’s smartphone and revealed a baseline pulse rate between 70 and 80 beats/min, with an immediate persistent increase to a range of 140 to 160 bpm at the approximate time of the patient’s seizure. The pulse rate remained elevated until administration of the diltiazem in the field. Once the patient’s onset time for his atrial fibrillation was established as 3 hours before ED presentation, he was considered a candidate for rhythm conversion.

The doctors point out that most consumer-grade activity monitors measure only pulse rate, and don’t differentiate between types of arrhythmias. In this case, though, that was enough information to affect treatment decisions and possibly overall outcome. As they are now, and certainly as they get more sophisticated, fitness trackers will almost inevitably be used in these types of situations again.

It’s a good example of why it’s so important for health wearables to give accurate readings. Just three months ago, Fitbit customers in three states filed a lawsuit against the company alleging that two Fitbit models (including the one the 42-year-old seizure patient was wearing) don’t give accurate heart rate readings. Things seem to have worked out at Our Lady of Lourdes, but faulty data could have endangered the patient. It’s not all calorie counting and step goals anymore.

April 7 2016 11:31 AM

Trust but Verify: The Crisis in Biomedicine. A Future Tense Event.

Fool me once, shame on me. Fool me twice, shame on scientific research? Research studies investigating other research studies—yes, it’s very meta—have diagnosed a “reproducibility” crisis in biomedicine. Simply put, it’s shockingly difficult to reproduce the results of many laboratory research studies relied upon as authoritative and definitive.

As a result, the reliability of a large share of the research published about medicine and the biology of medicine is in question. The reasons vary from poor training of young scientists engaged in ever more complex and esoteric inquiries to perverse incentives that reward researchers for flashy findings but don’t penalize them for being wrong. Some errors are inevitable—in fact, it’s a part of science. But today’s reproducibility crisis is challenging the very idea that scientific knowledge expands by research studies that build upon each other. Is a transformation of the underlying culture of biomedical research necessary? How difficult will it be to accomplish?

Reliable studies show you should join Future Tense on Thursday, April 21, in Washington, D.C., to explore this crisis in biomedicine. For more information and to RSVP, visit the New America website, where the event will also be webcast.

Speakers

Emma Frow
Assistant professor, School of Biological and Health Systems Engineering and School for the Future of Innovation in Society, Arizona State University

Brian Nosek
Professor, Department of Psychology, University of Virginia
Executive director and co-founder, Center for Open Science

Lawrence A. Tabak
Principal deputy director, National Institutes of Health

Carolyn Johnson
Business of health reporter, the Washington Post

Arturo Casadevall
Alfred & Jill Sommer professor and chair, W. Harry Feinstone Department of Microbiology and Immunology, Johns Hopkins University
Bloomberg distinguished professor, Department of Medicine, Johns Hopkins University

Carolyn Compton
Professor, life science, Arizona State University
Professor, laboratory medicine and pathology, Mayo Clinic School of Medicine
Chief medical officer, Complex Adaptive Systems Institute, Arizona State University

Richard Harris
Science correspondent, National Public Radio (on leave)
Visiting scholar, Consortium for Science, Policy & Outcomes, Arizona State University

Rachel Gross
Editorial assistant, Slate
Board member, D.C. Science Writers Association

April 7 2016 9:23 AM

Study: People Feel Weird About Touching Robots’ Genital Areas

You probably wouldn’t think of your Roomba as having genitals, but humanoid robots seem, well, human. They have hands, they have legs, they have faces, and they have ... other stuff. To examine people’s attitudes toward anthropomorphic robots, researchers at Stanford University put skin conductance sensors on (the human) test subjects and recorded their reactions when asked to touch different parts of robots. And it turns out that asking people to touch a robot’s butt kind of freaks them out!

Subjects sat alone in a room with a humanoid robot that can finely control its body motions—the NAO from Aldebaran Robotics (a pretty cute robot). The robot asked them to point at or touch its different body parts one by one, following each point or touch with the medical name for the body part. Meanwhile, sensors recorded the subjects’ physiological arousal and response time. (“Physiological arousal” relates generally to alertness and stimulation without sexual connotations.)

The subjects had low arousal and quick response times when they were asked to touch areas like the neck or an ear—areas that are common for humans to touch on other humans. The researchers, Jamy Li, Wendy Ju, and Byron Reeves, ranked body parts in terms of accessibility, and those areas, along with places like hands and arms, are referred to as high accessibility. But when the NAO asked them to touch its genital area, physiological arousal increased and response times went down. The same was true of touching breasts or butts, all low accessibility areas.

“People respond to robots in a primitive, social way,” Li said in a statement. “Social conventions regarding touching someone else’s private parts apply to a robot’s body parts as well.”

It probably makes intuitive sense to most people. If you just imagine being asked to touch a robot’s genitals, you may feel an immediate sense of awkwardness or self-consciousness. Angelica Lim, a software engineer at Aldebaran, told IEEE Spectrum that this reaction is totally understandable but that it was highlighted by the study’s design. “People grab NAO’s bum when they carry it like a baby, but when the robot is sitting up, shoulders back, staring at you, and talking, we put the robot’s IQ at a higher level, project maturity, and recreate the social constructs that we have between adult humans,” she said.

The researchers will present their paper, “Touching a Mechanical Body: Tactile Contact With Intimate Parts of a Human-Shaped Robot is Physiologically Arousing” in June at the International Communication Association Conference.

As humanoid robots become increasingly convincing, their human-ness will continue to impact how actual people relate to them. And the social contracts between humans may carry over more and more to human-robot interactions. In the meantime, some humans—like the ones who built the Scarlett Johansson robot—are starting to figure out the sexual parameters of these relationships for us. Just in case you’re into that sort of thing.

April 6 2016 10:32 AM

Future Tense Newsletter: Wearables, Webcams, and Writs

Greetings, Future Tensers,

It’s hard to believe that we’re already in our fourth month of Futurography. We’ve covered geoengineering, algorithms, and cyberwar, and now we’ve moved on to A.I., looking into whether it’s really likely to kill us all. As always, we’ve started with a conversational introduction to the topic and a cheat sheet that lays out key players, further readings, and more. We’ll have other articles and materials coming in the days and weeks ahead, but for now we’d invite you to try out our quiz on cyberwar from last month and to check in with this write-up of reader responses to our survey on that course.

If you want to see why we think it’s important to understand these issues, read up on the problem of “Google dorking,” a search technique that may have given an Iranian hacker access to a dam in New York. Dorking, which involves searching for very specific information, has been possible for years, and in that regard it offers an important reminder that these problems aren’t new. Neither, for that matter, are governmental attempts to use the 1789 All Writs Acts to get information from technological devices: In fact, the government had done just that dozens of times, long before they tried to pry open the San Bernardino shooter’s phone. That’s all the more reason to celebrate WhatsApp’s implementation of end-to-end encryption, a system that makes it difficult for the company itself to access information sent by users.

Here are some of the other stories that we read while comparing the size of data leaks:

  • Wearables: Tech companies are trying to sell more gadgets to women, but too many of those products still rely on stereotypes that have little to do with the ways real women live and work.
  • Webcams: Though live-streamed video might seem like a poor substitute for truly exploring nature, it can actually amplify our encounters with wildlife—and complement conservation efforts in the process.
  • Copyright: Companies are trying to claim ownership of the interfaces we use to access their software and devices. Charles Duan argues that those efforts can only lead to confusion.
  • Social media: Miitomo, the first mobile app from Nintendo, augurs bizarre, troubling things about the ways we’re being trained to interact online.

Perfecting my avatar,

Jacob Brogan

for Future Tense

April 6 2016 10:14 AM

Chinese Censors Erase #PanamaPapers Evidence From Web

GVA logo

The whole world is talking about the Panama Papers, the giant leak of confidential documents from a Panama-based firm that aided scores of politicians in hiding money by setting up offshore shell companies around the world. Yet the majority of mainland Chinese don't know that the papers have anything to do with China.

The leaked files, which were compiled by International Consortium of Investigative Journalists, reveal offshore companies linked to the family of China's top leader, Xi Jinping, who has vowed to fight “armies of corruption.”

China's Web censor has blocked #PanamaPapers from major search engines and deleted all discussions about the leak on social media since April 4 in an effort to keep the majority of mainland Chinese people from finding out that (according to ICIJ) “family members of at least eight current or former members of China's Politburo Standing Committee, the country’s main ruling body, have offshore companies arranged through Mossack Fonseca.” Netizens are reporting that even emails referencing the leak have been tampered with.

China-based netizens have been posting regular updates on the censorship measures on Twitter. First, the Chinese translation of the phrase “Panama Papers” vanished from the top three search engines in China.

The screen-captured images show the pop-up notice that appears when users search the sensitive term: “Search results may not comply with relevant laws, regulations and policies, not displayed. It is recommended to try searching other related terms.”

All other related terms, news, and discussions were deleted in a matter of a few seconds on Weibo:

Within the Great Fire Wall, the most ridiculous [censorship is happening]. Even the news about people in Iceland throwing eggs and banana at the Legislative Building were deleted. All posts that touched up secrecy, bank, money laundry and panama were deleted within a few seconds! The web censors are nuts, they keep deleting. I just added a like to a post and it vanished. It seems that the Chinese Communist Party is filling up all holes in the wall. I suggest those outside the wall help your fellow from inside to know the truth.

Even private emails appear to be under sensitive-word filtering:

Web administrators have to self-censor and delete all contents related with @Panamapapers from all Weibo comments and Wechat. Some reporters from mainland China just complained that their media organizations had stopped them from “climbing over the wall”. For those who can access wikipedia, they attempted to circulate the information through email attachment, but their friends within the wall said they could not download the files (as the emails are filtered), even attachments via WeChat are filtered.

Leaked censorship instructions indicated that the propaganda authorities are acting in full gear (via China Digital Times):

X Province Internet Information Office: Find and delete reprinted reports on the Panama Papers. Do not follow up on related content, no exceptions. If material from foreign media attacking China is found on any website, it will be dealt with severely. This directive was delivered orally to on-duty editors. Please act immediately. (April 4, 2016)
X Website: Please withdraw the article “Panama Papers Leaked, Putin in USD 200 Million Money Laundering Scandal” and related stories from the dual homepages [site-wide and news] (including [social media] clients), and move articles to the backend of the site. (April 4, 2016)

The ICIJ report implicates the brother-in-law of current Chinese President Xi Jinping; the daughter of former Chinese Premier Li Peng; the granddaughter of Jia Qinglin, who stepped down from the Politburo Standing Committee in 2012; and the business partner of Gu Kailai, who is the wife of former Chinese politician Bo Xilai and was sentenced to life imprisonment for corruption in 2013.

Below is a detailed description of the Chinese power players from the ICIJ report:

Li Xiaolin is the second child and only daughter of former Chinese Premier Li Peng. She was the vice president of China Power Investment Corporation, a state-run power company and served as a delegate to the Chinese People’s Political Consultative Conference or CPPCC, an advisory body to the Chinese legislature. She has been called China’s “Power Queen.”
Deng Jiagui, who has made a fortune in real estate development, became “Red Nobility” in 1996 when he married Qi Qiaoqiao, the daughter of Xi Zhongxun, one of China's revolutionary heroes and a former top official. Qi Qiaoqiao’s younger brother is Xi Jinping, who is president of China and head of China’s Communist Party. An investigative report by Bloomberg News in 2012 revealed that Deng and his wife had hundreds of millions of dollars in real estate, share holdings and other assets.
Jasmine Li became famous in China after she was photographed attending a debutante ball in Paris in 2009 with other wealthy and politically connected young female friends. Li attended boarding school in the United States and completed a bachelor’s degree at Stanford University in California. After leaving the university, Li began working in the art world as an assistant for the New York-based Chinese artist Cai Guoqiang and later as an “gallery relations liason” for the online art retailer Artsy in New York and Hong Kong. Her grandfather, Jia Qinglin, was China's fourth-ranking official on the ruling Politburo Standing Committee until he stepped down in 2012.
French architect Patrick Henri Devillers was a business partner of Gu Kailai, the wife of former high-flying Chinese politician Bo Xilai. Devillers met the Gu when her husband was a Communist Party official in charge of the industrial port town of Dalian in far northeastern China. Devillers and Gu were co-directors of Adad Limited, a company registered in the United Kingdom, but Devillers also helped Gu set up a secret offshore company that was used to purchase a luxury villa in the south of France. Devillers was detained in June 2012 at his home in Cambodia at Beijing's request and spent several weeks in custody in China before being released. His testimony was used in the 2013 corruption trial of Bo Xilai.

According to BBC's latest report, two more members from the Politburo Standing Committee, Zhang Gaoli and Liu Yunshan, have relatives-in-law holding off-shore firms in the leaked files. Liu Yunshan is the head of propaganda in China.

Thus far, there has been no official response to the Panama Papers, but the party-affiliated mouthpiece Global Times stressed that “powerful forces” are operating behind the scenes, denouncing the leak as a conspiracy against leaders from non-Western countries and suggesting that Russian President Vladimir Putin was a primary target of the leak.

Read more of Slate’s coverage of the Panama Papers.

April 5 2016 5:33 PM

WhatsApp Adds End-to-End Encryption for Its 1 Billion Users

With more than 1 billion users, WhatsApp is the second biggest communication environment in the world after its owner Facebook. So when the messaging, talk, and video service makes a change, it affects a whole lot of people. And on Tuesday, WhatsApp announced that it will now provide end-to-end encryption for every communication on the platform.

The service has been working on expanding this security feature since it announced end-to-end encryption for chat messages in November 2014. Now, beyond just messages, every type of WhatsApp communication will be encrypted locally by the sender, travel in encrypted form, and be decrypted only by the receiver. It all happens automatically to make it easy on users, and WhatsApp itself won't have the keys to decrypt any of the data moving across its network.

Law enforcement agencies have long brought warrants to tech companies asking for user data. Companies have generally complied, but there is sometimes tension as Apple's recent fight with the FBI shows. Though it is not a protection in every scenario, end-to-end encryption is seen as a way for companies to avoid many instances in which they might be asked to act as an intermediary. If a company can't itself decrypt user communications, it can't do it for law enforcement.

WhatsApp founders Jan Koum and Brian Acton wrote on Tuesday:

Recently there has been a lot of discussion about encrypted services and the work of law enforcement. While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people's information to abuse from cybercriminals, hackers, and rogue states.
While WhatsApp is among the few communication platforms to build full end-to-end encryption that is on by default for everything you do, we expect that it will ultimately represent the future of personal communication.

The company and its parent Facebook have already been tested on these issues. In March, Facebook's vice president for Latin America, Diego Dzodan, was arrested in São Paulo, Brazil, for "repeated non-compliance with court orders" to provide communications from WhatsApp. A Brazilian judge ordered Dzodan's release a day later, noting that "the extreme measure of imprisonment was hurried," according to the Agence France-Presse. WhatsApp said in a statement at the time that, "We are disappointed that law enforcement took this extreme step. WhatsApp cannot provide information we do not have."

whatsapp
Lock it down.

WhatsApp

The company still uses some careful language to hedge what it's doing, though. As Micah Lee, a founder of the Freedom of the Press Foundation, pointed out on Twitter, WhatsApp's legal information page still says that it reserves the right to collect message metadata. "WhatsApp may retain date and time stamp information associated with successfully delivered messages and the mobile phone numbers involved in the messages, as well as any other information which WhatsApp is legally compelled to collect." Similarly, in its mobile app's security section, WhatsApp says that it uses end-to-end encryption for communications "when possible."

There may be things WhatsApp can do to heighten its user security even more, but implementing end-to-end encryption at all is an ambitious project. It has clearly been a priority for WhatsApp given the timeframe in which the company delivered it. Now, WhatsApp's 1 billion international users may become guinea pigs as the debate over strong encryption continues.

April 5 2016 3:07 PM

What Slate Readers Think About the State of Cyberwar

FT_futurography-logo

Throughout March, Future Tense focused on the question of cyberwar for our third Futurography course. Though we published articles by wide range of experts, we’re always also interested in your thoughts and opinions. We’ve written up some of your responses to our survey on the topic below, and we hope you’ll stick around as we investigate the realities of killer A.I. this month.

Most respondents to our cyberwar survey agreed that there is reason to worry about developments in the area. “Our operational lives are increasingly dependent on equipment vulnerable to some form of cyberattack,” one wrote. Another added to this that the United States is especially vulnerable, thanks to its extensive reliance on communications technologies.

Many of these respondents, however, seemed less concerned about direct conflict between nation-states than about rogue actors. “Sooner or later some terrorist is going to … disrupt a hospital or a power plant, manipulate an auto control system, or interfere with an aircraft flight system, possibly result[ing] in deaths,” a reader suggested. Acknowledging that the risks of cyberwar are complex, another reader stressed that it is important to “protect the people[‘s] intellectual property as well as” more traditional forms of infrastructure.

Slate readers also seemed to agree that new technologies are transforming the ways we think about warfare, though they were generally split on whether this was a good thing. “Better to have a cyberwar than a real one,” a reader observed, adding that cyber conflict might help discourage the proliferation of more conventional weapons. This same reader also worried, however, that the rise of cyberwar could make life more complicated by muddying our understanding of what counts as a potential target. Others echoed this concern, as did one who wrote that cyberwar “adds levels of complication to aspects of life that weren’t there before, which adds potential latency and cost to help assure protection.”

Despite that increasing complexity, many readers proposed that we should find ways to discriminate between cyberattacks and more conventional forms of militaristic aggression. We will, one wrote, have to learn to draw lines between the two much “as we now distinguish forms of weaponry.” Others weren’t so sure: Summing up a growing sense of unease, one objected that there’s “no such thing as a ‘traditional’ conflict anymore. The ‘rules’ are constantly changing, and cyberwar is but one of those changes.” Meanwhile, another held that the false equivalence between cyberwar and older warfare might incorrectly led us to focus on death and material destruction. In such a climate, it might be harder to take actual cyberattacks seriously, especially if they don’t result in loss of life.

For some readers, the relatively benign quality of contemporary cyberwar remains its greatest selling point. Taking a stance along these lines, one described it as “a substantially bloodless way to neutralize an opponent’s war-making capabilities.” Simultaneously, others warned it lowers the threshold of participation, since its fundamentally “asymmetric nature” means that “nation-states and NGOs of all sizes can produce effective cyberwar campaigns.” But, as many others argued, where we stand on the merits of cyberwar may be less relevant than the simple fact that “It’s coming whether you like it or not.”

This article is part of the cyberwar installment of Futurography, a series in which Future Tense introduces readers to the technologies that will define tomorrow. Each month from January through June 2016, we’ll choose a new technology and break it down. Read more from Futurography on cyberwar:

Future Tense is a collaboration among Arizona State University, New America, and Slate. To get the latest from Futurography in your inbox, sign up for the weekly Future Tense newsletter.

READ MORE STORIES