The Electronic Frontier Foundation has posted its annual report on which Internet vendors do the most to help protect their users's private information. And this year's two best protectors by the EFF's definition? Twitter and Internet Service Provider Sonic.net.

Each of these two vendors scored well within the EFF's six criteria used to judge online services in the organization's Who Has Your Back? 2013 report posted today.

For the EFF, the most privacy-oriented companies should comply with these policies:

• Requiring a Warrant for Content
• Telling Users About Government Data Requests
• Publishing Transparency Reports
• Publishing Law Enforcement Guidelines
• Fighting for Users’ Privacy in Court
• Fighting for Users’ Privacy in Congress

Each rated company gets a star when it does well with one of these criteria. Twitter and Sonic.net nailed it with six stars. LinkedIn, Dropbox and storage service SpiderOak received five stars, having each missed the fighting for users’ privacy in court category.

The worst performers in the EFF's round-up of privacy advocacy? Social media platform MySpace and cellular carrier Verizon, which were awarded no stars at all. Apple, AT&T and Yahoo, only received one start apiece, with the latter getting the award for pushing back in the courts and the other two companies achieving the fighting for users' privacy in Congress star.

Overall, the EFF thinks that things are getting better among these vendors that deal with so much user data.

"We’re happy to report that several of the companies included in last year’s report have significantly improved their practices and policies concerning government access to user data," the organization reported, "Comcast, Google, SpiderOak, and Twitter earned two new stars this year while Microsoft earned three new stars. Foursquare went from zero stars in 2012 to four in 2013."

The report might seem a bit disjointed in its approach, lumping a lot of companies in together with the only common thread being the handling of user data. Users' expectations on a social network like Facebook is much different than privacy concerns on Verizon or Amazon.

But this is a report about government overreach, not expectations of privacy. The government may be able to see your data on your Facebook page, but to use it in a trial or investigation, they should still use a warrant, the EFF is arguing. Users may be surprised to see so many large data handlers that don't even have that basic requirement.

Things are getting better, but there is still a long way to go.

How many times have you had a brainstorm on how to improve your local community? What about that dangerous intersection that needs more warning lights? Or an idea that could help your city become a magnet for fill-in-the-blank activities? Head to MindMixer, a platform that is helping organizations communicate more effectively with their communities.

One of the biggest roadblocks to implementing local community ideas is finding resources in city government or local organizations who might be able to help. More importantly, how can you involve like-minded individuals in the discussion?

MindMixer = A New Type Of Civic Engagement Platform

A new type of civic engagement platform - like MindMixer - can help. MindMixer is in essence a “virtual town hall,” a community forum where constituents can meet to discuss issues and share ideas. (Here’s an overview of how MindMixer works.)

Without time and location constraints, citizens can conveniently share ideas while managers gain community insights. According to the 2012 CivicPlus Digital Citizen Engagement survey, 40% of citizens want to provide input on municipal government.

From Los Angeles To Calgary

MindMixer COO Nathan Preheim tells me that the company has attracted more than 300 communities, including San Francisco and Los Angeles, plus its first Canadian client, the city of Calgary. Among civic, education and healthcare organizations that are using the service to engage their communities, the governor of Colorado is using it to better engage his entire state.

Here are a few examples of how municipals governments are using MindMixer:

Orlando, FL: When residents were asked how much more they would be willing to pay to have half of their food sourced from local farms, 36% of respondents said they would pay 10% more, and 22% said they'd pay 5% more. While the response rate was low, it shows the potential of civic engagement as the use of these platforms increases.

Boulder, CO: InspireBoulder held a Reusable Bag Design Competition on the MindMixer site. The winning design is set to be used on 30,000 reusable grocery bags to be distributed by the city.

Park City, UT: One resident’s idea to implement a community composting program became a reality when Park City’s Environmental Sustainability Manager approved the concept, which is similar to an ordinance passed by the city of San Francisco.

MindMixer Buys VoterTide

MindMixer recently acquired VoterTide, a social media intelligence company that specializes in activating audiences who follow hot topics for political campaigns, non-profits and special-interest groups. Preheim says the company’s thinking was, “How can we use social media to help our clients better engage topics?”

All existing clients will have access to Votertide audiences. Going forward, adds Preheim, “We are in the process of building an application framework, called Community Insights.”

Given the current pressure to shrink governments, the populace will have to take more active roles in the governance of their communities. Platforms like MindMixer could make it easier for people to take on and succees in those new roles.

If you haven't filed your taxes yet, you might want to triple-check your math before you do. That's because the IRS employs a more watchful eye than ever, thanks to Big Data analysis and digital information-gathering tactics. 

With the ongoing budget crisis, pressure for the IRS to recover lost revenue has never been higher. Conveniently enough, the agency has made massive investments in its computing power and tools for crunching big data, allowing for more automation and rapid analysis. That means a greater capacity for robo-audits and less room for honest mistakes.

It's not just the tools that have improved. The data itself is richer and more varied than ever, drawing increasingly from whatever details about our digital lives the IRS can get its hands on, including information that isn't publicly accessible. We don't know the full extent of the IRS's data-mining capabilities, but recent reporting has revealed new details. 

1. Analyzing Your Social Media Updates 

The social Web has been a boon for IRS investigators, who can use updates from Facebook, Twitter and other services to bolster its cases against alleged tax cheats. Information about work history, one's physical whereabouts and even purchases can be gleaned from social networks. Some of it, like tweets and certain details from Facebook, are public. But should the IRS want to take a closer look, it supposedly has the means to do so, with or without a warrant. 

According to recent reports, the IRS cross-references data from social networks with Social Security numbers and then works in a host of other private data to look for suspicious patterns. 

2. Monitoring Digital Payments and Credit Card Activity 

The rise of commerce and digital payments have also given the IRS new sets of data to mine and analyze. The agency has long looked at taxpayers' activity on ecommerce sites like Ebay, but are now going deeper and getting a look at credit card transactions and other online payments. 

The agency looks for potential auditing targets "by matching tax filings to social media or electronic payments," according to MSN Money. The exact mechanism of this monitoring isn't known, but MSN Money indicates that it includes examining credit card transactions "for the first time ever." 

It's not clear how detailed or widespread this monitoring is, and the IRS isn't likely to spill the beans (lest they tip off tax cheats), but suffice it to say that if the agency feels it has cause to take a peek at your online payment data, it won't have a problem doing so. 

3. Peeking At Your Email Usage 

Exactly when and how the IRS looks at email usage isn't entirely clear. The MSN Money report says the agency's big data analysis tools are used in part for "tracking individual Internet addresses and emailing patterns." That's pretty vague. In theory, the IRS could glean some details about email usage simply by looking at browsing activity, whether that insight comes from an ISP or email service provider. 

Does that mean that the IRS has blanket access to everybody's Gmail account for the purpose of feeding its data-crunching behemoth? That seems pretty unlikely. Instead, what it likely does is request access to individual accounts for people who are already suspected of wrongdoing. The American Civil Liberties Union recently uncovered documents that suggest the IRS doesn't feel a warrant is necessary to get such access. Good to know!

BlackBerry executives are used to bad news. Whether it's losing contracts with large enterprises or watching the company's stock price plummet, it has not been a pleasant couple of years for the company formerly known as Research In Motion.

One of the most consistent sources of good news to BlackBerry over the years has been the fact that the United States government remained addicted to BlackBerry smartphones and the security and reliability the platform provides. 

Scary Report

So imagine the shock echoing through the halls of Blackberry headquarters in Waterloo, Ontario, Thursday morning when a report surfaced that the U.S. Department of Defense was dropping Blackberry 10 smartphones in favor of iOS devices. Specifically, the DoD was said be ordering hundreds of thousands of iOS devices from Apple. According to a report from gadget blog Electronista, the DoD was set to buy 120,000 iPads, 100,000 iPad Minis, 200,000 iPod Touches and a 210,000 iPhones. This could have been a big blow to one of BlackBerry's last customer strongholds.

Good thing for BlackBerry that the report appears to be inaccurate and overblown. 

According to a statement emailed to ReadWrite from a spokesperson at the public affairs office of the U.S. Secretary of Defense:

The department is aware of recent reporting that asserts it is 'dropping' BlackBerry. This reporting is in error. The department recently released its mobility strategy and supporting implementation plan, which clarifies we are moving towards a mobile management capability that supports a variety of devices, to include BlackBerry. As clarified in the recent release of our Commercial Mobile Device Implementation Plan, we are working towards establishing a multi-vendor environment in support of the DoD mobility strategy.

Going Multivendor

Essentially, the DoD is going multi-vendor. That will include iOS, Android, Windows Phone and BlackBerry. This is not a new development, as many government agencies have been looking to break free of the BlackBerry bank and go multi-vendor for several years. Still not great news for Blackberry, but pretty much par for the course.

Reports claiming the DoD was going straight iOS can be very, very damaging for BlackBerry. Even if the report is basically wrong, as the DoD spokesperson insists. Smartphone platforms succeed as much on public perception as they do on quality, marketing and advertising. BlackBerry reacted to the story by issuing a statement through its public relations agency attempting to dispel the rumor.

Our work with the U.S. Department of Defense is going well and the U.S. Department of Defense is moving forward with testing of BlackBerry Enterprise Service 10 and the new BlackBerry Z10 smartphone.  We are currently working with the Defense Information Systems Agency (DISA) and anticipate Security Technical Implementation Guides (STIG) and Security Requirement Guide (SRG) approval for the BlackBerry Device Service, BlackBerry 10 and BlackBerry PlayBook by early April. BlackBerry was the first to go through the new SRG process by the Defense Department and will be the first to successfully come out of it.

Spin Control

This type of urgent spin control is unusual for BlackBerry. The company normally does not go out of its way to react to rumors. There have been dozens of instances in the past several years of large enterprises or government agencies “ditching BlackBerry” for the iPhone or Android and even Windows Phone. BlackBerry has not deigned to respond to the vast majority of those reports - true or not.

This one is different. Not only are we talking about the U.S. federal government, it is the Department of Defense, by far the largest of executive agencies. When it comes to IT at the federal level, many agencies follow the lead of the DoD. This is a story that BlackBerry needed to set straight before its other government partners decide they want to jump ship too. 

The DoD spokesperson said that the agency is in the process of implementing a system that will support 100,000 multi-vendor devices by February 2014. The department said that it currently has 600,000 commercial devices in use, including 470,000 BlackBerries, 41,000 “Apple operating systems” (not specified between Mac OS X and iOS but presumably those are iPhones and iPads) and 8,700 Android operating systems.

As if we needed more evidence that the hackers are winning, here is this: the National Vulnerability Database hosted by the National Institute of Standards and Technology has been stricken with malware and taken offline.

The NVD is a comprehensive database that integrates all of the United State’s government publicly available vulnerability resources. It is a resource to many security firms and security officers at enterprises for tracking day-to-day exploits that malicious hackers could use to breach secure systems.

In an email to security researcher Kim Halavakoski of Finland, NIST said that it had found multiple instances of malware on its public facing NVD websites and took the appropriate action to take the websites offline. 

“The National Vulnerability Database public-facing Web site and several other NIST-hosted Web sites are currently unavailable due to discovery of malware on two NIST Web servers,” wrote Gail Porter from the NIST Public Inquiries Office, according to a Google+ post by Halavakoski as reported by The Register.

Visits to the NVD website confirm that it is indeed unavailable as of 9:00 a.m. EST, March 14. 

The email from Porter to Halavokoski states that NIST’s firewall detected suspicious activity on Friday, March 8 and took steps to block the traffic from reaching the Internet. The malware on the NIST servers was traced to a software vulnerability. NIST said that there was no evidence its websites or the NVD contained or delivered any malware to users. 

“NIST continually works to maintain the integrity of its IT infrastructure and acts to limit the impact of malware on its systems. We regret the impact this has had on our services,” Porter wrote.

Nowadays, everything is a target. That goes for the public facing websites and servers of prominent government agencies such as the NIST and CIA. When it comes to the backbone of government systems (non-public facing servers), those are much harder to crack. That is why we see more distributed denial of service (DDoS) attacks on prominent websites than actual breaches. Much of this DDoS activity came from groups like Anonymous and LulzSec, but the global black hat hacker community has been stepping up its efforts in past years to actually breach internal servers. We have seen this through more advanced spear phishing techniques and the alleged hacker wing of the People’s Liberation Army of China. 

The NIST NVD site makes for an easy target. It is relied upon by many different groups and has a necessary public-facing websites that is, by basic Internet Protocol, vulnerable. NIST played the breach by the book and took the site down. 

At one time government IT was the last place to look to find innovation. With little incentive to save money or do much beyond keep the lights on, governments across the world have happily dumped money into a cabal of legacy IT vendors without much thought for consequences. All too often, those consequences were dire.

But something seems to have changed. Today, from the City of Chicago to the UK government's Government Digital Services group, government IT has become a hotbed of open innovation. For the first time, private industry has much to learn from government IT.

Yes, you read that right.

Uncle Sam's CIO

The Obama administration gets some credit for helping to kick things off. In March 2009, the U.S. named Vivek Kundra its first-ever chief information officer. Kundra then set to work with a cloud-first policy that saw him shutter dozens of resource-heavy datacenters, moving more workloads to the cloud, in an attempt to save taxpayers $18.8 billion by 2015. Kundra has since left, his legacy lives on.

It has also crossed the Pond. Years ago, the UK was roundly criticized for its too-cozy relationship with Microsoft. Today, the UK's Government Digital Services Group, which is tasked by the UK government with transforming its digital services, espouses a set of design principles that would be right at home within the most progressive of Silicon Valley startups, and which cut against the "buy-whatever-Ballmer-tells-us-to" mentality that sometimes pervaded UK procurement policies:

1. Start with needs
2. Do less
3. Design with data
4. Do the hard work to make it simple
5. Iterate. Then iterate again.
6. Build for inclusion
7. Understand context
8. Build digital services, not websites
9. Be consistent, not uniform
10. Make things open: it makes things better

These aren't merely mottos inscribed on the wall and forgotten. The government has actively been espousing them, in part by hosting its code on GitHub. But then, which governments aren't hosting code on GitHub? As O'Reilly's Alex Howard points out, GitHub is increasingly popular with the government IT crowd, with the total number of government repositories booming on the popular code-sharing site:

Source: GitHub. Chart by Alex Howard.

All of which is interesting, but becomes even more so when you dig into what is being hosted there. Take Chicago, which has not only open sourced code, but also datasets for things like building footprints, bike paths, etc. That's a great step toward open data, but Chicago is even more ambitious. The City's WindyGrid project, for example, a "real-time infrastructure for the publication of data that delivers information in the moment of need." Sounds promising, but what does that mean?

As The Wall Street Journal notes:

[As an] example, city officials might look at a high crime area, while also mapping out the number of liquor permits for a neighborhood, along with the amount of nearby abandoned buildings. Using transcripts from resident complaints or 911 calls, officials could also see trending concerns for the area, like broken lights or stolen garbage cans, and the times the incidents are occurring. If the high crime area also has a high number of liquor permits, for example, officials could then see if other neighborhoods also faced both issues, allowing them to create a more effective response for those areas.

Big Data being put to use in real time, at considerable cost savings and improved productivity for the City. Oh, and WindyGrid will be open sourced, too, so that other government organizations can use it.

This kind of project would be interesting no matter who was doing it, but the fact that it's a government organization is impressive. Same with GDS in the UK. Or with the US' own shift to cloud computing.

It's hard to pinpoint a particular reason for this. Perhaps the embrace of cloud and open source is simply a way to squeeze more productivity out of ever-tightening resources, given the global recession over the past few years. Or perhaps government IT got tired of seeing its private enterprise peers playing with all the shiny new toys. Either way, it's a welcome change to government as usual.

Image courtesy of Shutterstock.

The U.S Federal Trade Commission announced today that it is cracking down on text messaging spam. The FTC’s ire is targeted at affiliate marketers that use SMS to send spam messages intended to get consumers to visit deceptive websites promising “free” gift cards. The FTC charged 29 defendants with collectively sending 180 million unwanted text messages to consumers.

The messages promised consumers free gift cards worth as much as $1,000 to retailers like Best Buy, Target and Walmart, according to an FTC release. Consumers that clicked on the messages were prompted to provide personal information, apply for credit or pay to subscribe to get access to the supposedly free gift cards.

The FTC complaints targeted both the senders of the spam messages as well the owners of the deceptive websites. In addition, the FTC filed contempt charges against serial spammer Phil Flora, who was barred from sending spam text messages in 2011 and was found to be part of the recent complaints. 

Of the eight complaints the FTC issued, seven were against the text senders and one against a website operator. According to the FTC, the defendants that sent the text messages were paid by the operators of the free gift card websites based on how many people were eventually duped into entering their personal information. The FTC alleges that the sites violate the FTC Act by failing to tell consumers of all the conditions set forth to obtain the supposedly free gift cards. 

The complaints are levied against companies and individuals. The list of text spammers includes several marketing firms such as Superior Affiliate Management, Rentbro, Inc., Jason Q. Cruz (doing business as Appidemic, Inc.), AdvertMarketing, Rishab Verma (Verma Holdings) and Seaside Building Marketing. The one complaint against a website operator was made against SubscriberBase Holdings, Inc.

The FTC filings at this point are just complaints. The FTC notes that it, “files a complaint when it has 'reason to believe' that the law has been or is being violated and it appears to the Commission that a proceeding is in the public interest. The complaint is not a finding or ruling that the defendant has actually violated the law. The cases will be decided by the court.”

Image courtesy of Shutterstock.

A white paper issued last week by China’s Ministry of Industry and Information Technology could pose a significant threat to Android. According to the government paper, China's “mobile operating system research and development is too dependent on Android.” Reuters broke the story Tuesday. Should the Ministry take action to limit Android within the country, there could be a major impact on the world's most popular smartphone OS - and a potential big win for Apple and others.

As Reuters noted, the China Ministry was quite direct in its concern about Android:

While the Android system is open source, the core technology and technology roadmap is strictly controlled by Google.

What's behind  China's fears?

The world’s largest smartphone market could be worried that its homegrown companies will be unable to develop their own viable mobile OS. Or that Google’s control of Android might ultimately favor their Motorola division or other partners. While Android has become the dominant smartphone platform around the world, with an estimated 70% market share, Android commands an estimated 90% of the Chinese smartphone market.

Android's Bumpy Road To China

This is not the first time Google and China have locked horns over Android. Last May, China officially approved Google’s purchase of Motorola Mobility. As the Wall Street Journal noted at the time, the Chinese government required Google to keep the Android service open source and to make it broadly available to China’s handset manufacturers, including ZTE and Huawei. Despite this requirement, South Korea’s Samsung remains by far the dominant Android handset maker, both overall and inside China.

Late last year there was a highly publicized spat over Android between Google and China’s Alibaba Group, one of the world's largest e-commerce platforms. Alibaba had developed its own Aliyun mobile operating system and inked a deal with Acer to offer smarpthones using the new OS. At the time, more than 90% of Acer's smartphones ran on Google's Android. Under pressure from Google, however, Acer nixed the project right before launch.

Alibaba claimed that Aliyun was developed in-house using Linux, while Google claimed it was a "non-compatible" version  of Android. As a member of Google's Open Handset Alliance (OHA), Acer was prohibited from supporting non-compatible versions of Android. Andy Rubin, Google’s head of Android, posted comments on his public Google+ page that no doubt inflamed the situation:

The fact is, Aliyun uses the Android runtime, framework and tools. And your app store contains Android apps (including pirated Google apps). So there's really no disputing that Aliyun is based on the Android platform and takes advantage of all the hard work that's gone into that platform by the OHA.  

What Could Happen Next

This latest Ministry white paper could be a signal that the government will officially support Alibaba or other solutions over Google’s Android, or possibly seek ways to limit Android’s dominance of the Chinese market.

If so, this could have a significant impact on both the Android ecosystem and Google itself. Google’s hope is that Android will spur widespread adoption of Google services and generate significant mobile ad and mobile search revenues. Forbes, for example, estimates that mobile search ads contribute 35% to Google’s overall market value, “primarily because we expect mobile advertising revenues to increase.”

The latest actions by China could limit that potential. Google's services have a limited footprint in China even as China's low-cost smartphone manufacturers have helped quickly spread Android - and Google's mobile services - throughout the world. Should China take action to limit Android within the country, this could cause Chinese manufacturers to pull back on Android in China and around the world, perhaps opening doors for new operating systems.

Meanwhile, Apple continues its efforts to grow its sales in China. Earlier this year, Apple CEO Tim Cook predicted that China would become Apple’s number one market. "China is currently our second largest market, Cook said. "I believe it will become our first. I believe strongly that it will."

While in China, Cook met with a number of government officials and with China Mobile Chairman Xi Guohua. China Mobile is the world’s largest mobile phone carrier, with over 700 million subscribers. Anything that limits Android's appeal inside China will most likely help Apple. 

Along with Apple, of course, other smartphone OS companies may also benefit from China's growing concern over Android's market dominance. As TechCrunch has noted, for example, Jolla, the Finnish start-up whose OS is built atop the failed MeeGo operating system, is focusing its efforts on the massive China market. 

Top image courtesy of Android's Google+ page. 

Unless you listen to conservative talk radio, you might not have heard of the so-called "Obama Phone." (And no, it's not a direct line to the President.)

That's likely because there's no such thing as an  “Obama Phone," per se. Instead, "Obama Phone" is a term used both by proponents and opponents of the cellular version of the FCC's "Lifeline" program, which provides eligible recipients with a government-subsidized, low-cost or even free telephone service. The FCC refers to the program as: "Lifeline: Affordable Telephone Service for Income-Eligible Consumers" though frequently uses only the world "Lifeline."

The Lifeline Program

As part of the Telecommunications Act of 1996, the FCC formally authorized the Lifeline program to help defray the cost of landline phones. In 2008 - as cell phones became more capable, popular and affordable - the Lifeline program was extended to cell phones. Carriers that work with the Lifeline typically provide a cellular feature phone and 250 monthly minutes of airtime.  

While the specifics of the phones offered vary by carrier, the FCC says the typical subsidy averages $9.25 per month, but could cover the entire cost in some instances. 

Though the extension to Lifeline took place under President Bush, just prior to the election of Barack Obama, the program has grown during Obama's Presidency, rising from $819 million in 2008 to $2.2 billion in 2012.

While subsidized landlines for poor and rural dwellers was non-controversial for years, in today's highly charged partisan political environment, subsidizing cell phones in particular has become a right-wing talking point as an example of government waste and misplaced priorities. 

Approximately 8 - 10 million people have signed up for the Lifeline program - mostly for landline subisidies. The revenues to support the program come via the “Universal Service Fund” which receives its funding through a fee levied by telecom carriers on landlines and cell phones - not  from taxes. This fee is typically a few dollars per month, and was likewise codified as part of the Telecommunications Act of 1996. 

To be considered eligible to receive Lifeline subsidies, an applicant must have an income at or below 135-150% of the Federal Poverty Guidelines, depending upon the state they live in, or already be on some form of public assistance. This could include Medicaid, food stamps or public housing. Only one Lifeline service per household is allowed, either a landline or a wireless device. The complete guidelines are available via the FCC.

While the Lifeline program may sound innocuous to many, to some conservatives it's become a cause celebre, making the very name "Obama Phone" the stuff of urban lore. Angry emails - often confused with a dose of misinformation - about the Obama Phone have circulated across the Internet, such as the one below:

FW: Obamaphone… no joke!!
I had a former employee call me earlier today inquiring about a job, and at the end of the conversation he gave me his phone number. I asked the former employee if this was a new cell phone number and he told me yes this was his “Obama phone.” I asked him what an “Obama phone” was and he went on to say that welfare recipients are now eligible to receive (1) a FREE new phone and (2) approx 70 minutes of FREE minutes every month. I was a little skeptical so I Googled it and low and behold he was telling the truth. TAX PAYER MONEY IS BEING REDISTRIBUTED TO WELFARE RECIPIENTS FOR FREE CELL PHONES. This program was started earlier this year. Enough is enough, the ship is sinking and it’s sinking fast. The very foundations that this country was built on are being shaken. The age old concepts of God, family, and hard work have flown out the window and are being replaced with “Hope and Change” and “Change we can believe in.”

During the 2012 Presidential election, this video helped the term go viral.

Both Sides Call It The Obama Phone

Despite the negative connotations tied to the program, do not expect the “Obama Phone” moniker to die. The term is also used by organizations promoting the Lifeline service.

A website, literally, ObamaPhone.net, helps potential recipients determine if they are eligible for an “Obama Phone" and if so, how they can get a device. The site is operated by the Free Government Cell Phone Program, whose website contains multiple direct links to the carriers that provide the phones and service to end user, including SafeLink Wireless, part of Tracfone, and Assurance, a subsidiary of Virgin Mobile USA.

Note: ReadWrite has reached out to both the ObamaPhone and Free Government Cellphones sites. Both have yet to respond. The phone number provided on the Free Government Cellphones site is a non-working number. 

Top image courtesy of the White House.

Earlier this year, the Library of Congress allowed an exemption to the Digital Millenium Copyright Act to expire, effectively making it illegal to unlock cellphones purchased after Jan. 26. A group of citizens outraged at the unlocking ban started a petition on the White House’s “We The People” website to fight the new law, garnering more than 114,000 signatures in 30 days.

Today, the White House responded. The verdict? The administration is firmly in support of ending the unlocking ban. Unfortunately, it can't do very much about it on its own.

David Edelmen, senior advisor for the Internet, innovation and privacy at the White House, wrote:

The White House agrees with the 114,000+ of you who believe that consumers should be able to unlock their cell phones without risking criminal or other penalties. In fact, we believe the same principle should also apply to tablets, which are increasingly similar to smart phones. And if you have paid for your mobile device, and aren't bound by a service agreement or other obligation, you should be able to use it on another network. It's common sense, crucial for protecting consumer choice, and important for ensuring we continue to have the vibrant, competitive wireless market that delivers innovative products and solid service to meet consumers' needs.

Which is great. Unfortunately, the Obama administration has to kick the can to Congress to really fix things. For instance, Edelman wrote, the White House would support a variety of legislative fixes:

The Obama Administration would support a range of approaches to addressing this issue, including narrow legislative fixes in the telecommunications space that make it clear: neither criminal law nor technological locks should prevent consumers from switching carriers when they are no longer bound by a service agreement or other obligation.

The odds of that at the moment? Probably not great.

In the short term, the best chance for quick action might lie with the Library of Congress itself. The LoC also released a statement today that, depending on how you squint at it, either seemed to open the door to reconsideration of the unlocking issue or to simply hedge its bets. Key sentence:

We also agree with the administration that the question of locked cell phones has implications for telecommunications policy and that it would benefit from review and resolution in that context.

The White House said that any users that own their cellphones and are not hindered by service contracts should be able to do what they please with their devices.

This is particularly important for secondhand or other mobile devices that you might buy or receive as a gift, and want to activate on the wireless network that meets your needs -- even if it isn't the one on which the device was first activated. All consumers deserve that flexibility.

The petition was started by Sina Khanifar, an entrepreneur that once owned a website called Cell-Unlock.com. Here is Khanifar's response to the White House's response:

A little earlier I received a call from David Edelman at the White House, and he gave me the news. I'm really glad to see the White House taking action on an issue that's clearly very important to people. As the White House said in the response, keeping unlocking legal is really "common sense," and I'm excited to see them recognizing this. David was enthusiastic about getting this fixed as quickly as possible.

This is a big victory for consumers, and I'm glad to have played a part in it. A lot of people reacted skeptically when I originally started the petition, with lots of comments to the effect of "petitions don't do anything."  The optimist in me is really glad to have proved them wrong. The White House just showed that they really do listen, and that they're willing to take action.

While I think this is wonderful, I think the real culprit here is Section 1201 of the DMCA, the controversial "anti-circumvention provision." I discussed with the White House the potential of pushing to have that provision amended or removed, and they want to continue that conversation. I'll have exciting news on the campaign to make this happen tomorrow.

Cybercriminals and the mayhem they can cause have become the leading concern of security experts in cloud computing. That's the takeaway from the Cloud Security Alliance's latest poll on the top nine threats the industry faces.

Changes In Security Priorities

The nonprofit's latest survey found a reshuffling of security priorities pointing to the growing danger posed by cyberattacks aimed at stealing corporate data. Data breaches and account hijackings that were in the middle of CSA's 2010 list of top threats rose to the number one and three spots, respectively, this year. At the same time, denial of service attacks made their debut as the fifth most worrisome threat.

The CSA report is meant to give cloud service providers and their customers a snapshot of what experts see as the greatest dangers to storing data and conducting business with customers in the cloud. Fueling fears is a steady stream of break-ins at service providers and Web sites owned by businesses, government and educational institutions.

So far this year, 28 breaches attributed to hackers have been made public, resulting in the loss of 117,000 data records, according to the Privacy Rights Clearinghouse. Service providers hacked included Zendesk and Twitter. In 2012 there were 230 publicly disclosed breaches for a loss 9 million records. Service providers that suffered breaches included Yahoo, eHarmony and LinkedIn.

Experts agree that no organization doing business on the Internet is immune from a break-in, particularly as the quality of software tools available to hackers through the underground development community continues to grow in sophistication.

"All the vulnerabilities and security issues that on-premise, non-virtualized and non-cloud deployments have still remain in the cloud," Lawrence Pingree, analyst for Gartner, said. "All that cloud and virtualization does is enhance the potential risks by introducing virtualization software and potentially mass data breach issues, if an entire cloud provider’s infrastructure is breached."

Hackers Not The Only Threat

Surprisingly, the second greatest threat in CSA's latest list is data loss not from cybercriminals, but from cloud service providers themselves. Accidental deletion happens more often than a lot of people may think.

In a survey released in January of 3,200 organizations, Symantec found that more than four in 10 had lost data in the cloud and have had to recover it through backups. "It's really kind of astounding," Dave Elliott, a cloud-marketing manager at the storage and security company, told Investor's Business Daily.

Whether from hackers or a service provider SNAFU, the loss of data is damaging to the reputation of all parties involved – customer and service provider -- no matter who is to blame, Luciano "J.R." Santos, global research director for the CSA, said. The potential financial impact from losing customer trust is why data loss is so high on the threats list.

"It's your reputation," Santos said. "A lot of folks are saying these are the things that if it happened to me or if it happened to me as a provider, they would have the most impact to the business."

The fourth top threat according to the CSA marks an improvement in internal security. In 2010, insecure application programming interfaces was the second greatest threat listed by experts.

APIs are what customers use to connect on premise applications with cloud services, as well as to manage the latter. While the technology is improving, the fact that it remains on the list indicates that cloud service providers still have a ways to go in locking down their APIs.

The Bottom Four

The remaining top threats, starting in order with number six, are malicious insiders, abuse of cloud services, insufficient planning on how to use cloud services and the vulnerabilities that may exist as a result of the way a cloud provider architects its infrastructure, so it can be shared among many customers.

Abuse of cloud services refers to hackers who rent time on the servers of cloud computing providers to perform a variety of nefarious acts, such as launching denial of service attacks and distributing spam. This along with the other bottom four threats was higher in 2010.

Overall, I see this year's list as a mixed bag for cloud security. While some areas show improvement, data protection needs to get a lot better. Gartner predicts public cloud services will reach $206.6 billion in 2016 from $91.4 billion in 2011. That much growth won't happen unless businesses are comfortable with data security.

The Notorious Nine: Cloud Computing Top Threats in 2013

1. Data Breaches
2. Data Loss
3. Account Hijacking
4. Insecure APIs
5. Denial of Service
6. Malicious Insiders
7. Abuse of Cloud Services
8. Insufficient Due Diligence
9. Shared Technology Issues

Image courtesy of Shutterstock

Guest author Steve Hamm is a strategist, writer and videographer in IBM's corporate communications department.

Last September, when Typhoon Sanba smashed into the Korean peninsula, it packed winds so strong that they sent rocks flying through the air like missiles and caused massive power outages. “Hwangsa” storms, carrying dense clouds of yellow dust from China’s Gobi Desert that are sometimes loaded with heavy metals and carcinogens, sweep across the peninsula from West to East.

9.3 Petabytes Of Storage For The KMA

Menaced by such destructive weather phenomena, South Korea is upgrading its national weather information system with the goal of understanding weather patterns better and predicting better the location and ferocity of weather events. The upgrade being installed by the Korean Meteorological Administration increases the agency’s data storage capacity by nearly 1,000% to 9.3 petabytes, making it Korea’s most capable storage system.

The KMA project dramatically illustrates today’s big data phenomenon and its impact on weather forecasting. Thanks to the rapid spread of sensors and satellites, and to the increase in computer number-crunching speeds, it’s possible to forecast weather changes more accurately and with improved detail – potentially saving thousands of lives and safeguarding property. 

Increasing evidence of climate change worldwide is prompting governments and scientists to take action to protect people and property from its effects. But to take effective action, they need to know understand a lot more about the weather – everything from what’s going to happen tomorrow to what’s coming next year. For instance, leaders of the city of Hoboken, N.J., in the United States, which flooded badly last fall during Hurricane Sandy, are considering building a wall around Hoboken to keep the tidal Hudson River at bay. The problem is, if they don’t build high enough the wall could end up turning the city into a giant bathtub rather than keeping rising waters out.

Listen To Deep Thunder

IBM Research scientists are working to bring the most sophisticated data analytics to bear on weather forecasting. Their long-term weather analysis project, called Deep Thunder, combines data with sophisticated mathematical algorithms and computing power.

The scientists established at test bed in the New York City metropolitan area, where they set up a three-dimensional grid of thousands of blocks. That makes it possible for them to run calculations that produce very precise weather forecasts for a particular locale. Using this capability, the team was able to predict with remarkable accuracy the snowfall totals in New York City during the mammoth snow storm that blanked the northeastern United States in February – and also to predict accurately when the snowfall would start and stop.

Blame It On Rio

The IBM Research team is putting their algorithms to work on behalf of cities around the world. For instance, Rio de Janeiro, because of its climate and terrain, has recurring flooding and landslide problems in many hilly neighborhoods. The researchers used data describing the physics of the atmosphere to create a mathematical model of how storms are likely to unfold in Rio. With it, they can predict up to 40 hours ahead of time how much rain will fall in a particular location — with 90% accuracy.

In recent months, the Deep Thunder team, lead by Lloyd Treinish, has developed new techniques for ingesting many more measurements from weather sensors. The team is also extending its technology to new applications, including agriculture and wind farming.

For detailed and super-accurate weather information to have maximum impact, it has to be accessible by a large number of people. That’s why IBM has created iPad and cloud applications that deliver the power of Deep Thunder to people’s hands wherever they may be. Hopefully, by the time Rio hosts the summer Olympics in 2016, practically everybody who attends will be able to get their hands on Deep Thunder data so they know exactly what to expect when they venture out to the various game venues.

Note: This post originally appeared on IBM's Smarter Planet blog. IBM provided the storage hardware and software for the KMA project. 

Image courtesy of Shutterstock.

In the past few weeks, I have written two stories about the menace the Internet represents, particularly in view of the hacking attacks almost certainly perpetrated by the Chinese Red Army. In particular, my contention that we need to develop a next generation Internet that's more secure and, preferably, walled in, drew a lot of heated commentary.

Here are just a few of the choicest ones:

• This is unmitigated isolationist idiocy.
• Seriously... is this a spoof article?
• This post should not appear in readwriteweb.

(See World War III Is Already Here - And We're Losing and Cyberwar Imperative: We Need A Next-Generation Internet.)

Hacking As Retaliation?

That's great, and maybe there really isn't any problem here. But the fact is that about 10 days after the first story ran - I got hacked.

A coincidence? I think not.

Or maybe it was my own doing, astutely observed one reader: "I asked for it." Now where have I heard that blame game before?

So what happened? Someone hacked my email password and sent thousands for spam messages using my account. I knew something was wrong when I suddenly was inundated with "Mail delivery failed" subject lines. My Twitter account was hacked, too, but that could just be Twitter's lax security measures.

Of course, there's no way to tell if the dirty deed was done by the Chinese, or even whether it was in retaliation for the articles. But the timing certainly seems suspect.

In his State of the Union address, President Obama ranked hackers and cyber attacks among the greatest economic and national U.S. security threats. The President's response was to issue an executive order calling for more sharing of cyber-attack and threat information between private and public sectors. Naturally, civil libertarians object to this executive order due to potential invasions of privacy.

Solution: Fix the Internet Itself

A far more practical idea comes form New England Complex Systems Institute, which is set to publish a report next week that agrees with my stated principles. The NECSI report blames the problem on the Internet itself, and says that the only solution is to redesign it.

"The current design of the Internet is inherently insecure," says NECSI President and co-author Yaneer Bar-Yam in a press release. "Any node can be attacked from any other node, requiring the entire network to be fortified against all possible attacks, an unrealistic goal," adds Bar-Yam.

That would require redesigning the Internet's architecture itself. The report proposes substantial changes to routers in charge of switching data packets between network nodes.

"Collective security-preventing attacks would require that the routers of the Internet themselves would need to have protocols that allow refusal of transmission based upon content or extrinsic information such as point of origin," according to the study's authors.

The study, Principles of Security: Human, Cyber and Biological, was developed at the request of a long-term military planning group, the Strategic Studies Group, which reports to the Chief of Naval Operations. The report is being released for the first time to the public next week.

As for me, I'm glad to see that other people are thinking about realistic solutions to make our Internet less vulnerable to attacks of all kinds.

Image of alleged Chinese hackers compound courtesy of Reuters.

When Will Davis and Evan Baehr met for the first time in Cambridge, Mass., in 2009, they already had a shared history. Though they didn't know each other then, both Davis and Baehr worked on Capitol Hill as legislative aides before enrolling in Harvard Business School. It was there, at Harvard, that the two men realized that business - and not politics - could be their avenue for instituting meaningful change.

"Peter Thiel picked up the idea of a passionate way of tackling public problems was by starting a business," says Baehr, who originally wanted to help solve the world's many problems through legislation after graduating from Princeton. "But I became frustrated with how government would try and solve problems."

Davis, on the other hand, arrived at a partnership with Baehr after becoming "a complete acolyte of disruptive theory." A series of investigations led him to the realization that the U.S. Postal Service was ripe for such disruption. "I needed a Dropbox for my snail mail," he recalls. 

An Inbox for Snail Mail

That idea - a way to organize, in the cloud, every aspect of your physical mail - is the crux of the two men's venture, called Outbox, that is opening up to public beta in San Francisco on February 26 after a 6-month test in Austin, Texas, in 2012.

Outbox seems remarkably simple - for $4.99 per mailbox per month, the company picks up your mail, scans it, and lets you access every item digitally, through your iPhone, iPad or computer. If you want the physical version of a piece of mail, you designate the item to be delivered, and Outbox drops it on your doorstep. That's it. 

Say you move frequently, or you simply are flooded with junk mail but can't help wasting time sorting through the mess. Outbox wants to change all that.

"We turn the model on its head, getting to a new system where the user has full control over their postal mail," Davis says. Disrupting the entire U.S. Postal Service might be a ways down the line, but the Outbox team is confident that it is the future of mail. 

Sights Set On The USPS

Here's a hint: The Outbox employee who picks up your mail in a white Toyota Prius is called an unpostman.

Davis remembers thinking, "We have actually got to attack this market at the core, which is the platform… and the platform is that little metal box." Postal mail is a $900 billion industry in the U.S. - in 2011 alone, 168 billion pieces of mail were delivered. According to the most pessimistic forecast they could find, Davis and Baehr will still be fishing in a sea of more than 100 billion pieces of mail in 2020.

"You come to the realization that it’s not a perfect market that is dealing with completely transparent and moveable participants," Davis says of the USPS. "You have one participant who is dealing in the bounds of the law and the constructs of a regulated monopoly, and everyone else has to engage with that monopoly power in different ways."

 "We decided, 'Hey, someone should go and build out what a postal network should look like,'" Davis adds. 

In Austin, Discovering A New Ad Platform

What began last summer in Austin was a careful attempt to find out what really bugged people about dealing with heaps of physical mail. The company spent months interviewing some 100 families about their mail. Then they began a 500-person closed beta to collect data and plan for the next phase.

The process taught them a great deal. For one, it taught then about junk mail. "The interesting thing though is that when you start talking to people about junk mail, it’s in the eye of the beholder," says Baehr. "Junk mail is made junky when it’s not targeted and not relevant." A long-term hope for Outbox is to dramatically shrink the amount of marketing content people receive in postal mail, from approximately five items a day down to one or two.

For packages, especially ones like Netflix DVDs or Amazon orders, the Outbox team assumes people wanted them delivered to their doorsteps right away.

They also discovered that for people to trust them with something as sensitive as paper mail, they would need a very carefully constructed security system. They began with $1 million in identity theft insurance, and invested in secure encryption of the files Outbox was creating from scanned mail. The company shreds any item not requested for delivery within 60 days.

Moving Beyond The Post Office

But junk mail and packages were only the beginning for Outbox. "What we are building is not dependent on the physical postal system," Davis claims.

Outbox' long term vision is to create a unique new marketing platform to replace junk mail in a way that saves them money and provides better insight. "We've looked at all the digital catalog apps and they're failing miserably in terms of engagement," says Baehr. "The way people discover that content is through serendipitous arrival. They found it because they went to their mailbox."

What they didn't do, adds Baehr, is go to the app store and see if the catalog was pushed to her device, or go find it and download it. "The first important thing is discoverability, so by grabbing hold of the tradition of checking mail, we can build a communication channel where people actually expect to get marketing content."

Outbox envisions a day when advertisers can target a specific subscriber with an offer via mail, say for a sample of makeup, and the customer can find the ad in their Outbox app and request the sample for delivery. "We're creating this delivery platform where we are in neighborhoods delivering content," says Baehr. "You begin in the digital and it translates to the physical."

National Ambitions

With $2.2 million in funding from investors like Peter Thiel and Mike Maples of Floodgate, the company chose San Francisco for a full-blown launch. "It was the tougher logistical choice to make to come to San Francisco over New York City," says Davis. "New York, from a postal perspective is easier to service," with higher population density and a more regimented system of mailboxes.

The decision to move to the West Coast boiled down to the desire to get Outbox in the hands of early adopters. "When you think of hyper local distribution networks, think TaskRabbit or Uber, those [services found acceptance] from early adopters in San Francisco, so we decided to come here," Davis says. After onboarding their first customers in just four weeks, the company is already looking at new markets. "Once we get this nailed, San Francisco really does translate well into New York," Davis says, "and then Chicago, Boston, DC." 

When not sleeping in the Outbox warehouses to ensure everything runs smoothly, Davis and Baehr are busy thinking big. "When you start enabling the receiver to have full control of what can be sent to them," Davis says, "everything falls with a domino effect - if you can scale it."

Images courtesy of Outbox.

Recent reports of Chinese cyberspying have revealed hacking operations with a shocking scale and level of sophistication. China's hackers appear to be stealing massive amounts of intellectual property and proprietary information from U.S. companies, including those connected to the nation's critical infrastructure, such as waterworks, the electrical power grid and oil and gas pipelines. A recent study  by security company Mandiant has shown that, in all probability, some of the snooping has been done by an arm of the Chinese military.

The revelations of China's misbehavior have led some writers to rashly declare that the U.S. is at war with our Asian rival, at least in cyberspace. This could not be further from the truth, and here's why.

There's No War

First, something obviously needs to be done to punish China for its thievery. But to describe the current state as war or cyberwar draws emotions at the expense of rational thinking. We are not at war with China, either in or out of cyberspace.

Real cyberwar would start with an attack that destroys something valuable or vital, kills people, or both. If the recipient labels the strike an act of war then time for negotiations is over. "Reacting diplomatically and legally to an act of cyberwar is inadequate," says Stewart Baker, a partner at Steptoe & Johnson and a former assistant secretary for policy at the Department of Homeland Security. "It's an act of war, we need to treat it as such and respond with our own acts of war."

An example of a true cyberattack was the Stuxnet malware that destroyed centrifuges in Iran's nuclear facilities. Discovered in 2010, Stuxnet was designed by the U.S. and Israel, according to media reports.

We are not under attack by China. The country is not our enemy. It is our economic and political rival. There is no evidence China wants to destroy anything. What it wants is information that provides a trade advantage, and at the moment there's no better way to get data from U.S. competitors than to let your spies loose on the Internet.

Most experts assume the U.S. also hacks China's computers to gather intelligence. The Brookings Institution, a Washington think tank, has identified two growth areas in the U.S. defense industry, drone manufacturing and the development of malware capable of exploiting software vulnerabilities not yet known to the developer.

Governments have always spied on each other, so it's no surprise that China, the U.S. and many other countries are using the Internet to steal information. Where China goes too far is in hacking U.S. companies. By law, the U.S. government cannot break into the computers of private companies for the sole purpose of taking intellectual property. China has no such restrictions.

What We Can Do

So the U.S. is within its rights to use every diplomatic, political, legal and economic tool at its disposal to pressure China to stop hacking private companies – or to at least negotiate an informal agreement that sets limits. While it's true China holds $1.2 trillion in U.S. debt, the U.S. is also the biggest buyer of Chinese goods. The U.S. is not without leverage here.

The Obama administration has already put China on notice. On Wednesday, the White House released its strategy for preventing the theft of U.S. trade secrets. The plan includes ratcheting up diplomatic efforts and making prosecution of foreign companies a top priority.

Such pressure could eventually lead to informal agreements that start small and grow in scope as trust builds. A starting point for the U.S. and China could be a ban on the destruction or disruption of critical infrastructure or technology driving the global economic system.

In the past, nations have reached understandings governing maritime transportation, air transport, the behavior of navies and international trade well in advance of formal treaties on these subjects, according to a recent paper by Richard Clarke, a former White House adviser on cybersecurity and cyberterrorism, entitled "Securing Cyberspace Through International Norms." For example, the U.S. and Russia are in discussions to establish a cyber hotline in order to prevent cyberspace activity from escalating into a conflict.

In the meantime, the U.S. should move much faster to adopt regulations for securing critical infrastructure and corporate networks. A good start would be passage of the Cyber Intelligence Sharing and Protection Act (CISPA), which would establish rules for sharing cyberthreat information between private industry and government agencies. Such information is important in strengthening defenses.

Eventually, China and the U.S. will draw lines in cyberspace that neither will cross. To get there, we should avoid nonsensical discussions of war that paint China as the enemy, and look for areas of agreement from which we can move forward.

Photo by Shutterstock

So Burger King's Twitter account got hacked on Monday. Apple and Facebook got attacked too. And so it goes. Within a few years, the Internet will be engulfed by "nuclear" warfare, but the bombs will be entirely created in plain ASCII text. What can be done?

We need a new Internet, that’s all. One designed from the ground up to be far more secure than what we have today. A few weeks ago, I wrote an article about the Chinese hacking into The New York Times, The Wall Street Journal and Bloomberg. All because they delved too deeply into the affairs of some Chinese government officials.

On Tuesday, Mandiant released two reports that not only provided more evidence to support its allegations that many hacking attacks originate in China, but also pinpointed the exact location, a 12-story building on the outskirts of Shanghai. As The New York Times put it, that building is the “People’s Liberation Army base for China’s growing corps of cyberwarriors.”

The hacking underground is teeming with activity, as witnessed by the Apple and Facebook attacks. In Apple’s case, a worm was unleashed when employees visited a site called iPhoneDevSDK.

No Evidence?

I shuddered at the foregone conclusion of some media outlets: “there was no evidence that any data left Apple.”

Really?

They can break in at will but they have to leave evidence that they took stuff? Then there was the wholesale hacking of the Burger King Twitter account, which resulted in a string of profane tweets.

Like I wrote in World War III Is Already Here - And We're Losing, we’re smiling the enemy in the face. In that article, I proposed that America ramp up its investment spending in cyber security and robotics dramatically, by boosting cyber-security investment to $5 billion and robotics to $20 billion, annually.

As Steve Blank observes, “We are getting our asses handed to us by the Chinese. Almost irrationally we have decided not to have a National Industrial policy — leaving that to private capital.”

Who Will Lead The Charge?

So it’s up to us pundits in the media to lead the charge for disruptive change. And one thing that clearly has to go, in its current form, is the Internet. I propose the U.S. create a next-generation Internet, a superset, or n-th layer if you will, that make our critical Internet infrastructure, which is now largely powering the U.S. economy, less massively vulnerable to hacking attacks.

We have already seen what Russia did to Estonia in 2007 and to Georgia in 2008. Now imagine what a full-blown war would look like today - or in 2015?

Way back in August 2006, Bloomberg BusinessWeek cited a counterintelligence report that found at least 108 countries engaged in “collection efforts against sensitive and protected U.S. technologies),” up from 37 a decade ago. Now that’s a trend. Among the few countries specifically mentioned, China and Russia were among “the most aggressive” in targeting the U.S.

The Fiscal Times, a publication funded by Peter Peterson, agrees with my bleak assessment: Chinese Attacks Reveal an Undeclared Global Cyber War.

Next-Generation Internet: Wants & Needs

So how should this Next-Generation Internet be architected?

I will give you my wish list and you, tech wizards, can write the spec:

• Secure: It should be extremely secure, from day one. I know some will say that anything can be hacked, but let’s put the fence up high enough so that climbing it becomes a relatively esoteric art.
• Real ID: Everyone using it in an official U.S. capacity should be readily identifiable. I propose some type of next-generation eye-recognition technology using a computer or mobile camera. This will help sites like LinkedIn and Facebook in their endless battle against identity fraud. It will also help deter spamming because each business will need to use its “eyeD” to launch a marketing campaign.
• America Only: It should be accessible by Americans only, for obvious reasons. Americans are free to leave the Next Gen Internet, but they do so as their own discretion.

I’m sure many people can’t believe I would even propose such a thing. I know that things are going to have to get a lot worse before anyone takes my proposals seriously.

That's OK. I've already called this World War III, and it's only beginning to escalate. To win, we'll need to innovate. And that means staying ahead of the pack.

Image courtesy of Shutterstock.

Hypemarks was a Los Angeles social sharing startup that after about a year of failing to gain traction and turn a profit, changed course, moved to San Francisco and became Tint, an embeddable social-feed service.

The story of pivoting direction is common in the U.S. start-up world. But what's different about this story are the players involved. One of the company's four employees, its software engineer, is not an American citizen. He works legally in the country on a student visa. But if he were to lose his job, the developer would face the prospect of being forced to return to his native India, relinquishing his toehold in the States.

While the fate of startups like Tint are yet to be determined, the status of their foreign-born nationals could be solidified should the third iteration of the new Startup Act become law. The proposed bill would plug a brain drain causing the U.S. to fail to retain some of the best minds its universities educate.

Startup Act Update No Sure Thing

The road from proposal to legislature is full of potholes. Introduced by Senator Jerry Moran (R-Kan.) a few weeks ago, this is the third attempt of the bill, which Senator John Kerry (D-Mass.) introduced in 2010. That version failed to gain traction, as did a 2011 proposal that didn't get far either.

To be eligible to receive an extended visa under this bill, a candidate would have to be a H-1B non-immigrant worker or F-1 student visa holder, already raising at least $100,000 in funding at their startup, and must employ at least two people (should they be the proprietor or principal). With those visas, workers would then be able to stay in the U.S. for up to three years. Also available is a new five-year visa for students studying STEM fields (science, technology, engineering, math), allowing an easier road to legal residency.

Beyond visas, the bill's second major incentive for startups is a series of tax breaks, specifically a research and development credit for companies less than five years old and with less than $5 million in annual receipts — a move geared toward helping companies expand and hire.

Weighing In

Startups are estimated to face more than a 90% failure rate. While this bill isn't a cure all for the challenges of building a new digital business, many in the community believe it could help spur innovation and open the door to an estimated 75,000 new entrepreneurs.

Howard Marks The immigration debate has always been polarizing, making it easy to forget that this country was birthed by foreigners searching for a better life. Howard Marks, the co-founder of game giant Activision, and the current co-chair at the Los Angeles accelerator Start Engine, was born in Santa Monica to European parents, grew up in France and came back to the states for college. He retains both French and British citizenship. Marks thinks the bill would spur innovation and growth and encourage the retention of a very talented crop of foreign-born entrepreneurs.

"Our country is founded on entrepreneurs, especially those who come from abroad and are looking to live the American dream," Marks says. "We need it badly. To remain competitive, we need more engineers and scientists. We are not getting enough from our own citizens."

Jeff Solomon, the co-founder and executive director of Amplify.la, a Venice, California-based accelerator, agrees that the bill could be a shot in the arm for businesses -as long as the tax breaks and visas aren't tied up behind too much red tape. "Absolutely it would make an impact," Solomon says.

While neither Marks or Solomon think the bill will significantly curb the sharp failure rate of startups, that's not really the issue. "Most entrepreneurs go through failed startups before they succeed," Marks noted. "I do not think we need to fix that.  Most entrepreneurs who are tenacious and resourceful will succeed at some point."

Not everyone is a fan of giving benefits to foreigners, of course. Aaron Abram, the co-founder and vice president of business development for the mobile research service OSURV, says we should be focusing on giving benefits to our citizens. "Shouldn’t the focus be on giving incentives to people already in America," Abram asks. "There are plenty of talented Americans who shift away from entrepreneurship because the current government is punishing them with high taxes."

Tint's Story

Tim Sae Koo For Tint, founder and chief executive Tim Sae Koo says his focus is building a strong team. And with only four members, including himself, keeping and growing that team is vital - which makes any residency issues a big potential problem. If Sae Koo was confident foreign nationals could attain visas with this new program, he says, he'd have more confidence to hire them and expand. 

"That has been a big struggle for us and a constant headache," Sae Koo explains. "If I want to hire them onto our team, it feels like a dark cloud looms over my head because I think of all the time, paperwork and troubles I will have to go through to sponsor their visa."

Sae Koo says his engineer is really excited about the bill. But the situation is far from finalized. And should the engineer lose his ability to legally work in the U.S., he could take the route of many entrepreneurs turned away from this country and end up operating a business in his home country.

We have to find a way to legally keep these talented people, Sae Koo says. Because at the end of the day, we in the U.S. are missing out on innovation and growth without them.

"I just shake my head and think of the lost opportunity the U.S. could have benefited from them, like more jobs and growth in the economy," he says.

Lead image courtesy of Shutterstock.

Tinkerers, open source ideologues, mobile developers and enthusiasts and even plain old mobile consumers who want a bit of choice, you got some bad news earlier this year: It is now illegal to unlock your smartphone. 

Through a decree from the Library Of Congress through the Digital Millennium Copyright Act, as of Jan. 26, 2013, the exception explicitly allowing consumers to unlock any new smartphones they purchase has been ended.

Unlocking smartphones is a way for consumers to change the SIM cards in their devices so they can use it on a different carrier. For instance, if you unlocked your Samsung Galaxy S 3 you could then change carriers from AT&T to T-Mobile by replacing the SIM card.

What Is The Unlocking Petition All About?

A petition has been presented to the White House on its “We the People” website, which allows U.S. residents to entreat the U.S. government to address particular concerns. The White House is committed to respond to any petition that gets 100,000 signatures.

Here is the text of the petition:

The Librarian of Congress decided in October 2012 that unlocking of cell phones would be removed from the exceptions to the DMCA.

As of January 26, consumers will no longer be able unlock their phones for use on a different network without carrier permission, even after their contract has expired.

Consumers will be forced to pay exorbitant roaming fees to make calls while traveling abroad. It reduces consumer choice, and decreases the resale value of devices that consumers have paid for in full.

The Librarian noted that carriers are offering more unlocked phones at present, but the great majority of phones sold are still locked.

We ask that the White House ask the Librarian of Congress to rescind this decision, and failing that, champion a bill that makes unlocking permanently legal.

The petition is now nearly a month old, having been started on Jan. 24 this year. It has until Feb. 23 to garner 100,000 signatures. As of the afternoon of Feb. 20, the petition was still about 12,000 votes short of obliging the White House to respond. 

Why Is Unlocking Important?

Consumers can face financial hurdles and loss of choice if the unlocking ban remains in effect. The most obvious problem is for overseas travelers who want to unlock their phones so they can use a local SIM card and avoid the exorbitant voice and data charges that domestic carriers like AT&T charge for foreign use. Consumers may also want to unlock their phones to switch carriers or if they want to sell their phones to independent third parties. 

The carriers and manufacturers, meanwhile, stand to benefit from the unlocking ban. If consumers are forced into contracts when they buy their phones, they cannot easily switch carriers without hefty early termination fees. Manufacturers benefit because if somebody wants to join a new carrier, they have to buy a new phone. Wireless trade groups like the CTIA look out for the interests of manufacturers and carriers (especially the carriers) and have endorsed the unlocking ban.

Who's Behind The Unlocking Petition?

One of the petition’s organizers is Sina Khanifar. He started a website while at college in 2004 called Cell-Unlock.com that sold software that unlocked consumers’ cellphones. Shortly thereafter he was hit by a cease-and-desist letter from Motorola alleging that he was circumventing DMCA rules that prohibit unlocking phone.. With the help of the founder of Stanford's Cyberlaw Clinic, Jennifer Granick, an exemption was created in the DMCA that specifically allowed consumers to unlock their phones. That exemption expired on Jan. 26.

Khanifar does have some incentive to make cellphone unlocking legal. The Cell-Unlock website is still active and is being run by his brother, Sohail. 

The other organizer of the petition is Derek Khanna, a former staff member of the Republican Study Committee who was infamously terminated from the group after releasing a memo on copyright and intellectual property legislation that was not well received by the Grand Old Party. Before his termination, Khanna was regarded as a tech-savvy young member of the Republican party. He is now a visiting law fellow at Yale University.

Want to end the unlocking ban? Sign the petition by Friday to ensure the White House responds. 

When you're looking for a job, success often comes down to who you know. And if you're a company hoping to make government work for you, success may come down to who you pay. Even as the total sum spent on lobbying has declined for the second year in a row, tech vendors – with Google leading by a wide margin – have poured more money into D.C. pockets, largely to fend off government meddling in technology markets.

Good luck with that.

For decades the technology industry largely ignored Washington, D.C., believing itself immune from Federal lawmakers' meddling. At the same time, government mostly ignored technology. United States vs. Microsoft served as a wake-up call to both, however, and ever since the tech industry lobby has grown, even as overall lobbying by other industries has declined, as recent data from OpenSecrets.org highlights.

The biggest spender of all? Google, which more than doubled the donations of second-place Microsoft:

Chart: ReadWrite. Source: OpenSecrets.org. Spending in millions.

Why was Google such a big spender in 2012? Two reasons: the Stop Online Piracy Act (SOPA) and the Protect Intellectual Property Act (PIPA). Both bills were big news in 2012, and Google lobbied hard against them.

Indeed, more money has been coming from the Internet firms - Facebook's contributions are up 200% year-over-year - as they seek to carve out breathing room from federal regulators. This makes sense in light of technology's, and particularly the web's, rising impact on GDP, as McKinsey has found:

Old-school technology vendors have had less need to buy a seat at the federal table, and have mostly trimmed their lobbying outlays. When it comes to direct donations to political candidates, however, the legacy technology vendors outpace their Internet peers:

Source: OpenSecrets.org.

What's most interesting in all this is the sides the different technology companies are taking. As Greylock partner and former Mozilla CEO John Lilly argued in the wake of SOPA, we're seeing the technology industry take positions along generational lines:

Existing industries are always oriented towards self-preservation....[T]here’s a funny thing that happens: the most progressive companies of today who become successful and dominant will become reactionary in the future, oriented themselves towards self-preservation....[Y]ou can see it even in the current situation – the companies who are most outspoken are the modern Internet companies: LinkedIn, Mozilla, Zynga, Google, etc etc. Mostly on the sidelines are the most progressive technology companies of the past decades, even including Apple. So this is not, fundamentally, a techie v content type of issue at all, but more of a progressive v conservative technology issue.

Over time, we should expect to see technology vendors spend more on buying government influence, as technology's impact on the economy deepens. There's simply no way that government will take a hands-off approach to such a critical influence on GDP. 

The most fascinating aspect of this spending, as Lilly intimates, will be which technology vendors support which causes. Today Google is lobbying hard to defend Internet freedom and its business model. Tomorrow it may simply be fighting to defend its business model.

Same as it ever was.

Image courtesy of Shutterstock

Even as IT departments in enterprises work to keep up with the demands of cloud computing and bring your own device, Federal IT shops are struggling to meet these same demands - while laboring under sometimes Byzantine rules and regulations.

It's a big problem: in 2012, the United States spent approximately $79.2 billion for government information technology services.

And Federal IT programs impact all of us, with systems like my SocialSecurity accounts, which has personally given me trouble when trying to create an account. I suspect others have many examples of government systems that do not work when we need them.

Still, with all this at stake, the government spends an unbelievable amount of money to contractors who sometimes deliver software many IT professionals would have hard time accepting.

Vivek Kundra, a former Federal CIO, speaking at Ingram Micro’s Cloud Summit, summed up the problem well last summer.

“My first day at work I was told there were $27 billion in projects years behind schedule and we were hundreds of millions of dollars over budget," Kundra told his audience.

Steven VanRoekel, the current Federal CIO, is in similar straits. And, having visited former Federal CIO Karen Evans a few times, I saw first-hand just how tough a job she had.

The problems of IT at the Federal level are compounded by budgetary restrictions that are daunting at best. For instance, most business CIOs would be surprised to learn, there is only one Federal department-level CIO, the Veterans Administration CIO who actually has budgetary authority.

It's Not All Bad

Some things have gotten better. It has been years since I heard of a government site requiring Internet Explorer. That's significant because getting a government website fixed is not an easy task; just getting the initial meetings started often took a couple of months.

Internet Explorer's former lock on web sites highlights what still may be the biggest challenge for government technology: the decades-long dominance of Microsoft.

When I picked up the remnants of Apple’s Federal team in 1995, one of the first things I had to deal with was the planned elimination of Macintoshes in favor of Windows 95 at NASA’s Johnson Space Center. Fortunately for Apple (and NASA), pressure from NASA Macintosh users and the efforts of our team working with the government resulted in a 1996 Office of the Inspector General report condemning the decision to eliminate Macs for the space agency.

But Microsoft and Windows still had a strong hold - eight years later I got an invitation to visit the Johnson Space Center with one of our Apple account executives, who was still trying to revive Mac sales there.

Federal computing, I have learned, is not easy to change or even examine. Transparency is a myth.

Game Changers

There are a few technologies with the potential to change the federal IT market.

• Cloud Computing. Federal agencies are currently operating under a mandate to create a “Cloud First” policy.

• Virtualization. Here the Federal government appears to be running behind commercial enterprises.

• Open Source Software. There have been a few Federal open source successes, most notably the VistA project within the Veterans’ Administration and the White House using Linux and Apache to run its Web site.

• “BYOD” or bring your own device. There is already a Bring Your Own Device policy page. iPads and tablets can play a big role but also create a huge security challenge. The USDA has a very successful iPad implementation that seems to have managed security issues.

These are four key technologies that could give government IT managers room to innovate and expand their services.

Heading For The Future

The recent announcement of a $617M joint enterprise licensing agreement between Microsoft and the Department of Defense gives the strong impression that not much has changed. Will the agreement offer real flexibility that will change the complaint that are Federal users are over a Microsoft barrel when it comes time to renew licensing? Time will tell.

One operating system vendor owning my desktop makes me uncomfortable. So how could one company’s hold on the United States government's desktops possibly be a good thing?

It's not just the desktop. Server architecture, email services and directory services have all been tied together in one neat bundle by Microsoft. And once you subscribe to that bundle, it is hard to get free.

Despite the media hype, I find little evidence that the government has embraced Linux servers as enthusiastically as the world in general. While the White House Web site is running on Linux servers and the Navy has subs using Linux servers for sonar, those are pretty minor in the big picture.

A few Federal agencies are moving to a Gmail-based email architecture, which is a sign of cracks in Microsoft's monopoly. GSA’s mail architecture is a notable win for Google, for instance.

The fact is, the world of Federal computing is different than the world of commercial computing, where the Microsoft monopoly is gone. Government technology has been derisively called trailing edge in recent years, and this is one of the reasons why.

Yet the government has a history of being a force that moves information technology forward. Though some would have us believe differently, the United States government did have a big role in developing the Internet.

I personally witnessed the government’s role in developing HDTV. On calls to the Naval Research Lab, I got to see some of the first HDTV broadcasts long before the technology was commercially available.

We must be aware of our government’s use of technology and be prepared to work with administrators and legislators to get Federal IT moving in the right direction again. Not just for their sake, but for all our sakes.

Image courtesy of Shutterstock.