Tech company & telecom reactions to PRISM

Here’s the running list of comment the key players have given CNN on PRISM.

And here’s our explainer on the current state of speculation: How PRISM worked — 3 theories

Microsoft (also Skype): “We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis. In addition we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data we don’t participate in it.”

Yahoo: ”Yahoo! takes users’ privacy very seriously. We do not provide the government with direct access to our servers, systems, or network.”

Facebook: “We do not provide any government organization with direct access to Facebook servers. When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws, and provide information only to the extent required by law.”

Mark Zuckerberg has a longer post about the “outrageous press reports.” 

Apple:  “We have never heard of PRISM. We do not provide any government agency with direct access to our servers, and any government agency requesting customer data must get a court order.”

Google (also YouTube): "Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data."

Google has a blog post here: “What the …?

AOL: ”We do not have any knowledge of the Prism program. We do not disclose user information to government agencies without a court order, subpoena or formal legal process, nor do we provide any government agency with access to our servers.” (posted on AOL’s blog)

PalTalk: "We have not heard of PRISM. Paltalk exercises extreme care to protect and secure users’ data, only responding to court orders as required to by law. Paltalk does not provide any government agency with direct access to its servers."

Is it possible the intercepts are happening at the telecom level and the tech companies themselves really didn’t know? Here’s what the nation’s biggest ISPs had to say when we asked for their comments on PRISM involvement.

Verizon: “We have no comment.” 

AT&T: “We have no comment.”

Time Warner Cable: “We are not familiar with the NSA’s PRISM program.”

Comcast: “Comcast learned of the PRISM program in media reports.  We only respond to government requests for customer information pursuant to legal process and have not received any court orders or subpoenas related to PRISM.”

And to deal with one conspiracy theory that popped up this morning about Palantir, a government contractor deeply involved in spooky stuff: they say their Prism system is unrelated to NSA’s. Here’s the statement they gave CNN:

Palintir: “Palantir’s Prism platform is completely unrelated to any US government program of the same name. Prism is Palantir’s name for a data integration technology used in the Palantir Metropolis platform (formerly branded as Palantir Finance).  This software has been licensed to banks and hedge funds for quantitative analysis and research. You can read more about Palantir Metropolis on our website https://docs.palantir.com/metropolisdev/prism-overview.html and explore the platform here:  https://joyride.pfinance.com/welcome/

A fun Bitcoin statistic

17.6 petaflops: Computing power of Titan, the world’s top supercomputer 

162 petaflops: Combined computing power of all 500 of the world’s most powerful supercomputers

1,085 petaflops: Current computing power of the computers linked together in Bitcoin’s network

(Yes I know petaflops aren’t really a good measure of Bitcoin hashpower and that the new custom ASIC miners can’t do floating-point calculations and so technically run at 0 flops. It’s a thought experiment. Play along. -Stacy)

I bought my first (tiny fraction of a) bitcoin

image

 

I’ve been tracking and occasionally writing about bitcoin for a year, but I’d never actually bought or tried to spend one. Clearly, I wasn’t going to make it out of a weekend at Bitcoin 2013 without changing that.

People here are evangelical about the cyber currency and get really, really excited about showing newbies how easy it is to take the first step away from Ben Bernanke’s printing press. 

If you’re not surrounded by Bitcoin advocates, it’s not quite as simple as they’d like: Putting U.S. cash in and getting bitcoins out through an exchange service like Coinbase, BitInstant or Mt.Gox (hold off on that one for now) requires waiting a few days to link your bank account (Coinbase) or going to a bank or money-transfer point like a convenience store (BitInstant). 

If you’re buying directly from a bitcoin holder, though, you can do the whole thing in about five minutes. “I’ll show you how,” said my very patient guide and moneychanger, Julian Tosh of CoinBus.

First step: I needed a software “wallet” to hold my coin. There are dozens if not hundreds of options. Julian recommended I start with BitcoinSpinner, a free, well-regarded Android app with a very simple user interface. (Apple doesn’t allow Bitcoin wallets into the iTunes store, but a few people have made it through with sneaky workarounds. Hint: The “Paytunia” app stores more than just euros.) 

Once I had BitcoinSpinner installed, Julian suggested I immediately back up my private key. Bitcoin wallets have two key pieces of information: Your public key, which allows other people to send you coins, and your private key, which gives you access to your stash. It’s literally the keys to the kingdom. Anyone with your private key can spend your loot, and if you lose it, it’s irrevocably gone. The Web is filled with tales of sadness and woe related to lost or hacked private keys.

I backed mine up by copying the private-key QR code to my phone’s clipboard and emailing it to myself. All set.

Next, the purchase. BitcoinSpinner’s interface is very, very easy. It shows your Bitcoin address, your balance, and offers two options: Send Bitcoins and Transaction History. I tapped the QR code icon for my Bitcoin address to make it large and readable.

Julian hovered his phone over mine, opened his Bitcoin wallet software and snagged the code. His wallet offered two transfer options: You can specify an amount in bitcoins or in a traditional currency like U.S. cash. Julian told it to zap me $5. The software ran the conversion on the fly, using Mt. Gox’s rate, and sent me a sliver of a bitcoin: 0.04053244 BTC. (For that, it charged a transfer fee of 0.0005 BTC — about a nickel.) 

I set down my drink, fished a $5 bill out of my purse to give Julian, and admired my newly diversified financial portfolio. Now let’s see if Mint can track my BTC stash. -Stacy

pilhofer

Why Design Matters: If Snow Fall Were Published in a Standard Template

pilhofer:

I am in beautiful Bergen, Norway, this week for the Nordic Media Festival. I gave a talk this morning on digital storytelling and, of course, everyone wanted to talk about Snow Fall.

As part of the presentation — and to drive home my point about design — I mocked up what Snow Fall might have been had our brilliant design, graphics and video teams not taken this project on.

Since a couple people asked for it, I decided to post the images here.

image

Doesn’t really grab you like the actual piece, does it?

Read More

How to turn Bitcoin code into a Ben Bernanke portrait

image

 

Earlier this week I caught wind of a BitcoinTalk thread about coded messages in Bitcoin’s blockchain. How does that even work? I wondered. 

Many hours of technical geekery later, I had my head around the basics. For those who want to play along at home, here’s how you can de-code the messages hackers and pranksters have intentionally hidden in the Bitcoin chain. For my working test, I used Dan Kaminsky’s 2011 hack, when he embedded a tribute to his friend Len Sassaman in the blockchain.

First, I pulled up a record of the actual transaction Kaminsky made, as identified here in a BitcoinTalk thread. I used the raw transaction view so I could easily look at all the hashes at once.

I used a text editor to strip out all the extraneous stuff and get down to just the hex code. (I did it by hand. Not recommended.) That gives you this:

 

2d2d2d424547494e20545249425554452d2d2d20

232e2f4269744c656e2020202020202020202020

3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a3a20

3a3a3a3a3a3a3a2e3a3a2e3a3a2e3a2e3a3a3a20

3a2e3a203a2e272027202720272027203a203a20

3a2e3a2727202c2c7869572c2234782c20272720

3a20202c6457575758585858692c3457582c2020

2720645757575858583722202020202060582c20

206c5757575858372020205f5f2020205f205820

3a575757585837202c785858372720225e5e5820

6c57575758372c205f2e2b2c2c205f2e2b2e2c20

3a575757372c2e20605e222d22202c5e2d272020

205757222c583a2020202020202020582c202020

2022375e5e586c2e202020205f285f7837272020

206c2028203a583a202020202020205f5f205f20

20602e202220585820202c787857575757583720

202029582d20222220345822202e5f5f5f2e2020

2c57205820202020203a586920205f2c2c5f2020

5757205820202020202034586979585757586420

2222202c2c202020202020345857575757585820

2c205237582c20202020202020225e3434375e20

522c20223452586b2c2020202020205f2c202c20

54576b20202234525858692c20202058272c7820

6c54576b2c202022345252523727203420584820

3a6c5757576b2c20205e22202020202060342020

3a3a5454585757692c5f2020586c6c203a2e2e20

3d2d3d2d3d2d3d2d3d2d3d2d3d2d3d2d3d2d3d20

4c454e20227261626269222053415353414d4120

2020202020313938302d32303131202020202020

4c656e20776173206f757220667269656e642e20

41206272696c6c69616e74206d696e642c202020

61206b696e6420736f756c2c20616e6420202020

6120646576696f757320736368656d65723b2020

68757362616e6420746f204d6572656469746820

62726f7468657220746f2043616c76696e2c2020

736f6e20746f204a696d20616e64202020202020

44616e61204861727473686f726e2c2020202020

636f617574686f7220616e642020202020202020

636f666f756e64657220616e6420202020202020

53686d6f6f20616e6420736f206d756368202020

6d6f72652e202057652064656469636174652020

746869732073696c6c79206861636b20746f2020

4c656e2c2077686f20776f756c64206861766520

666f756e64206974206162736f6c7574656c7920

68696c6172696f75732e20202020202020202020

2d2d44616e204b616d696e736b792c2020202020

54726176697320476f6f64737065656420202020

502e532e20204d792061706f6c6f676965732c20

426974436f696e2070656f706c652e2020486520

616c736f20776f756c6420686176652020202020

4c4f4c276420617420426974436f696e27732020

6e657720646570656e64656e63792075706f6e20

2020204153434949204245524e414e4b45202020

3a273a3a2e3a3a3a3a3a2e3a3a3a2e3a3a2e3a20

3a203a2e3a2027202720272027203a203a273a20

3a2e3a20202020205f2e5f5f20202020272e3a20

3a2020205f2c5e22202020225e782c2020203a20

7157d72f88812b481892298cc42830e1ca2532c2

272020783727202020202020202060342c202020

20c2b45e202020202020202020202020205e5e20

2058583720202020202020202020202034585820

2058582020202020202020202020202020585820

20586c202c7878782c2020202c7878782c585820

282027205f2c2b6f2c207c202c6f2b2c22202020

2034202020222d5e27205820225e2d2722203720

206c2c20202020202820292920202020202c5820

203a58782c5f202c7858585878782c5f2c585820

20203458586958272d5f5f5f2d60585858582720

202020345858692c5f2020205f69585837272020

20202c2060345858585858585858585e205f2c20

202058782c202022225e5e5e5858372c78582020

572c22345757782c5f205f2c5878575758372720

5877692c202234575737222234575737272c5720

54585857772c205e3720586b203437202c574820

3a5458585857772c5f2022292c202c7757543a20

3a3a54545858575757206c586c205757543a2020

2d2d2d2d454e4420545249425554452d2d2d2d20

Then I went hunting for a hex-to-text viewer. I found one on String-Functions.com. Plug the hex string in there and hit convert, and you get the text & ASCII art Dan designed.

I used the same method to check this week’s much more serious allegations that someone had used dummy transactions to encode porn links into the blockchain. Using the transactions scintill identified in his technical analysis post, and my same hex-to-text converter, I confirmed that yep, there’s bad things hiding in those bitcoin transactions.

The full list of all the hidden messages in the Bitcoin blockchain is pretty hysterical. “I LIKE TURTLES” is probably my favorite for its sheer randomness, but I also love the back-and-forth tussle with the hacking Christian evangelist. In response to a long, long deluge of religious propaganda (“O my God! I firmly believe that Thou art one God in three Divine persons, …”), people started coding messages barking back at the alleged perpetrator: “FFS Luke-Jr leave the blockchain alone!” -Stacy

The coolest Yahoo rap you’ve ever heard


Earnings season can get a bit tedious for reporters, who end up staying late (at least on the east coast!) to field after-the-closing-bell conference calls that run for about an hour.

So we take the laughs where we can get them! Last week’s earnings amusement came courtesy of Yahoo CEO Marissa Mayer, who joked about the lame hold music before the call (she didn’t realize her mic was live).

Don’t worry, Marissa: Your knight in shining armor is here! It’s — who else? — Snow, the rapper whose claim to fame is the 1992 one-hit wonder “Informer.”

According to the New York Post, music licensing company Jingle Punks (creators of music for NBC show“The Voice”) commissioned the bizarre project.

Listen above to the song (which isn’t really rap, I guess) and sing along to the chorus, which has wormed its way into my brain on loop: “You’re on hold / Hold at Yahoo / Gimme a second / While I patch you through.” - Julianne