Webware

For the last decade or so, Internet service providers have been dealing with requests to block access to pornographic or copyright-infringing Web sites, or in China, ones that dare to criticize the government.

Now a U.S. House of Representatives bill is taking the unusual step of requiring Internet providers to block access to online financial scams that fraudulently invoke the Securities Investor Protection Corporation--or face fines and federal court injunctions.

The House Financial Services Committee approved the legislation on Wednesday by a 41 to 28 vote.

If you've never heard of the SIPC, you're not alone. It's a government-linked entity that aids investors when funds are missing from their accounts, up to a limit of $500,000 for stocks, bonds, and mutual funds. Only investor accounts that investors have opened with members of the SIPC--here's a list--qualify for its protection.

It turns out that occasionally, Internet fraudsters, scamsters, and other assorted malcontents have posed as legitimate brokerage firms that are SIPC members, often with a similar name or domain name. The scam may be a too-good-to-be-true offer to buy securities that asks the unwitting customer to pay fees in advance, or schemes involving fraudulent checks that eventually bounce.

That seems to be in part what prompted Rep. Paul Kanjorski, a Pennsylvania Democrat and chairman of a key subcommittee, to introduce the Investor Protection Act a few weeks ago. Section 508 of that bill says:

Any Internet service provider that, on or through a system or network controlled or operated by the Internet service provider, transmits, routes, provides connections for, or stores any material containing any misrepresentation (of the SIPC) shall be liable for any damages caused thereby, including damages suffered by the SIPC, if the Internet service provider...is aware of facts or circumstances from which it is apparent that the material contains a misrepresentation.

That section isn't mentioned in Kanjorski's press release dated October 1, which is why Internet providers were a bit taken aback when they found out about it a few days ago. The Internet Commerce Coalition sent a letter to Kanjorski before Wednesday's vote raising concerns with the bill, but the industry isn't terribly optimistic.

One potential problem with Kanjorski's bill is that most Internet providers simply don't have a good way to block access to any electronic "material" containing fake SIPC data. That wording is broader than just Web pages: it includes blocking certain e-mail, IM conversations, VoIP chats, and so on. And even the more straightforward task of blocking Web sites can be overly broad and problematic, which is why a federal judge in Pennsylvania declared a child porn filtering law to be unconstitutional in a landmark 2004 ruling.

Internet providers are also worried that Kanjorski's requirement--and the accompanying civil penalties and injunctions--would apply even if the blocking is not technically feasible. Or if it's impossible. (Other questions: Would this blocking requirement apply to private-sector employers? Schools and universities? Locally owned coffee shops that provide Internet service through Wi-Fi?)

Fraudulent Web sites have bedeviled the SIPC, off and on, for at least six years. In 2003, the group distributed a public warning against "brokerage identity theft" and followed up by asking the FBI to investigate a fake site that resembled the SIPC's own.

The SIPC does have a searchable database of its members, listing street addresses, but it doesn't take the obvious step of listing members' official Web sites, which other certification programs like Truste do.

Searching on San Francisco shows, for instance, that SIPC-listed Whitehall-Parker Securities has an address on Pacific Avenue. But an investor can't easily tell whether whitehall-parker.com is the actual site; a scammer could easily set up a fake site at whitehallparker.com (which, as of this writing, is available to be registered).

The Treasury Department's version of the Investor Protection Act of 2009 released in July doesn't seem to include the Internet-filtering section, meaning that the Obama administration concluded that it was unnecessary. So what prompted Kanjorski to insert it?

Addendum at 11:30 a.m. PT: Abigail McDonough, Kanjorski's spokeswoman, told me that her boss is open to modifying the language of the bill to reflect industry concerns. It also turns out that the language from the Investor Protection Act was borrowed from H.R. 2798, which was introduced in June by Rep. Michael Arcuri, D-N.Y., as part of a post-Bernie Madoff scandal effort to increase the level of SIPC guarantees for investors.

One Capitol Hill source says the SIPC asked for that language to be included in the Investor Protection Act. And a representative of SIPC says the organization may not have a response until Thursday because its president, Stephen Harbeck, is traveling from China.

Comcast's Web-based broadband meter, which was rumored to be released back in January, is still not available to consumers. According to a Comcast representative whom I spoke with earlier Tuesday, it's still not ready for prime time, and is undergoing further employee trials before being released to the public.

Once released, the meter will let customers of Comcast's high-speed Internet service monitor how much of their 250GB monthly bandwidth quota has been used. This will help keep them from going over that limit--something that results in a termination of their service upon the second offense.

Comcast imposed the monthly usage limits back in October as a way to keep network hogs from slowing down speeds for other customers. However, the only tool that was provided to help customers keep an eye on how much they were using was McAfee's Security Suite. While free, the software tool could only track bandwidth use on the machine it was installed on, and not from networked mobile phones, game consoles, or other household computers.

Comcast's monthly bandwidth cap for consumers is 250GB.

(Credit: CNET)

Back in December, DSL Reports posted leaked screenshots of what the online meter looked like at the time, along with specifics on how often the reports were being updated to reflect recent usage. Their sources noted that it not only tracked the past three months of use, but also let users break down where use was coming from, right down to the device. This could be used to help track down devices that may be using more than their fair share, be it computers or other networked home electronics.

Comcast would not provide any further details on the unreleased utility, but given the fast-approaching one-year anniversary of the cap, it's fair to expect its release sometime this fall. In the meantime, there are several ways to keep an eye on household bandwidth using a variety of software tools, which we've listed in this handy guide.

Digitization has a disruptive effect on a wide range of industries, from music to software to publishing to...you name it. If it can be digitized, it can be disrupted.

It's therefore encouraging to see the music seemingly converging on a cool new-old model: an ASCAP (American Society of Composers, Authors, & Publishers)-like tax from one's Internet service provider that allows unlimited downloading of music.

Gerd Leonhard's recent presentation on the subject is the best I've seen yet, one that I'd recommend you review, even if you never stray from the software world to think about music:

Leonhard argues that digitization has made a control-based music economy impossible, forcing the industry to seek other ways to monetize music--ways that conform to digitization's abundance, rather than to the old idea of scarcity.

In a sign of things to come, the Isle of Man just approved "a single blanket fee (that) will cover unlimited download activity for all 80,000 or so...residents," as Ars Technica reports.

This follows a new trend toward "free" services, in which the music industry hides the cost of the music in the price of a separate service or device. It's oddly similar to trends I'm seeing in software.

This isn't the only model. As the Future of Music blog points out, some musicians, like Corey Smith, are finding that giving away music to drive more concert ticket sales can be a winning recipe. But while $4.2 million last year for Smith is a great return for an individual artist or band, it's not a great way to build an industry. I'd liken it to "lifestyle" software businesses that generate great revenue for their founders but provide little in the way of equity for other participants in the company's success.

So I think the "adoption tax" model is promising. The future is flat-rate: you subscribe, you forget about paying for individual transactions, you enjoy more music than you ever have before.

The Electronic Frontier Foundation has released an open-source, cross-platform program designed to track your packets and determine if your ISP is throttling your connection to torrents, VoIP, and other legal, high-bandwidth consuming communications. Called "Switzerland" and licensed under the GPL, it's very much in an alpha state and is only a command-line tool at the moment. Also, you're going to have to compile it yourself--that's not the most challenging task, but this isn't a simple self-extracting app.

According to the EFF, Switzerland works by spotting IP packets that have been forged or modified between clients, informing you of the change, and providing you copies of the modified packets. "The software uses a semi-P2P, server-and-many-clients architecture. Whenever the clients send packets to each other, the server will attempt to determine if any of them were dropped, forged, or modified," says the Switzerland Web site.

As far as usage goes, the EFF says that Switzerland is compatible with NAT firewalls, although some NAT firewalls may have to be disabled to test the ISP in front of it, because of the modifications that some firewalls make to packets.

I do wonder at the logic of the name, though. Referencing the "neutral" country is cute, but what's going to happen when somebody tries to find the program through a search engine? Googling "Switzerland" returns 234 million results, give or take.

Anyway, Switzerland is not the first packet-testing program around. What is special about it, though, is that unlike, for example, the plug-in for the Vuze/Azureus torrent client, Switzerland isn't tied to any host program. The open-source license, combined with the backing of a visible group like the EFF and the building awareness in both politicians and the general public of what Net Neutrality is about, could have serious ramifications for combating false promises of Net Neutrality from ISPs like Comcast.

• Brightcove and CBS News parner up. CBS' News division has teamed up with Brightcove to play popular news content like CBS Evening News on Brightcove.com. This is one of the many sites and services CBS is partnering with as part of their "Interactive Audience Network," which is marketing speak for taking their shows off the television and putting them online. They've also been working with YouTube and AOL to expand online offerings of CBS programming. (CNET News.com)

• MySpace sexual preference bug causes stir. A small bug on MySpace that removed the option for users to select "Gay" as their sexual preference led to a small uproar last night. MySpace figurehead and founder Tom Anderson posted a bulletin acknowledging the bug, and noted that not only would it be fixed, but that "MySpace does not hate gay people..duh."

• Microsoft closes Tellme Deal. Tellme is now officially owned by Microsoft after the initial announcement of the purchase back in May. Tellme is working on a variety of voice and telephone related projects, including their slick mobile phone app which we chose as one of our Top 5 offerings at the Web 2.0 Expo last month. (CNET News.com Blog)

• AOL slips to No. 3 on Internet. AOL is now the third most popular Internet Service Provider (ISP) behind AT&T and Comcast. The company's focus on providing a portal service (one that looks quite familiar) as of last year has moved them away from offering a connection to the internet and towards content like music and news. (CNET News.com)