Washington Post

[Commentary] The Washington Post’s editorial on Comcast’s proposed takeover of Time Warner Cable [“Cable merger,” April 15] served up a rather tepid endorsement of the mega-deal, saying the government should okay the merger, but “keep a close eye” on the new company.

Considering the poor track record of these two cable and Internet giants and the power they would wield as a single company, this merger should be flatly rejected.

The editorial correctly raised concerns about the conflicts of interest that could lead Comcast to give preference to its own products on the wires it owns. But it dismissed the very real prospect that a bigger Comcast could discriminate heavily in negotiations with content creators, which would likely be passed on to consumers in the form of even higher prices.

[Derakhshani is policy counsel with Consumers Union, the advocacy arm of Consumer Reports]

Ever since the DC Circuit court ruled that the government can't ban Internet providers from blocking or prioritizing Web traffic, the Federal Communications Commission has been looking for a way to get around the ruling.

For network neutrality advocates, the few proposals that have emerged so far aren't satisfying; they're all a little risky, and they aren't guaranteed to produce the results that the FCC wants. Now a new recommendation has federal regulators sitting up. Under the proposal, regulators would surgically apply new rules on Internet providers that otherwise could only be imposed on phone companies. And with that, the FCC could solve some of the thorniest issues surrounding net neutrality, according to a paper co-written by Columbia Law scholars Tim Wu (who coined the term "net neutrality") and Tejas Narechania.

They argue that the FCC should selectively be able to apply more stringent, telecommunications-type regulations to certain aspects of an industry that tends to escape easy definition. From Wu and Narechania's perspective, this describes exactly what phone companies do: Establish the connection between a caller and a responder for the purposes of a transaction. And this telecommunications function is increasingly what we pay Internet providers to do -- unlike before, when they offered telecommunications as one of a bundle of features that together added up to an "information service."

Under these conditions, the authors say, the FCC would be completely justified in applying Title II of the Communications Act -- the part of the FCC's congressional charter that lets it apply blanket restrictions on phone companies -- to broadband companies, which are currently regulated lightly as Title I businesses.

If “Meet the Press” moderator David Gregory were a guest on his own show, he knows the kinds of questions he’d be asked.

Why have your ratings been falling? Is the show in trouble? Is your job in trouble?

During the first three months of 2014, the NBC program finished behind perennial rivals “Face the Nation” on CBS and “This Week With George Stephanopoulos” on ABC, despite being helped by two weeks of Winter Olympics hoopla. In the final quarter of 2013, viewing among people ages 25 to 54, the preferred group for TV news advertisers, fell to its lowest level ever.

The good news for all these news shows is that they remain among the most durable on TV, if perhaps less influential than they once were. Even as everything else on TV has lost viewers over time, the Big Three have held steady and even gained viewers. Collectively, about 9.6 million people watched them each week during the first three months of 2014, about the same number that watched Russert in 2005. This doesn’t count the audience for innumerable Sunday-morning competitors, from Fox News Sunday (hosted by former “Meet the Press” moderator Chris Wallace) to “Al Punto” on Univision. The shows can occasionally make news, too, if the interview subject is big enough.

Privacy advocates are warning that the legal gray area in a key court case may make it easier for the government to spy on Americans illegally.

By using what's called a pen trap order -- a type of judicially approved surveillance mechanism that's only supposed to capture metadata about electronic communications -- it appears that the government has the theoretical ability to capture the content of those communications as well. The case involves Lavabit, the secure e-mail service used by National Security Agency leaker Edward Snowden.

Broadly, the case is about whether the government can force an Internet company like Lavabit to hand over its encryption keys. In a ruling, a federal appeals court sided with law enforcement. But a closer look at just how the government can obtain the keys has civil liberties scholars very worried. If the government can use an order that's restricted to metadata to obtain keys it could then use to decrypt content, then a nefarious actor could gain access to content without jumping through the judicial hoops necessary for demanding content.

China has unfurled a vigorous new campaign to clean up the Internet, to purge it of everything from pornography to “rumors” that might undermine Communist Party rule, a crusade that critics say is a renewed attempt to silence grass-roots voices and stifle dissent.

Censorship of the media and Internet is routine in China, but the new campaign appears to represent a significant tightening of the screws, a bid to bend the Web to the will and values of the Communist Party -- to ensure, in the words of blogger Zhang Jialong, that “party organs, and not the Chinese grass roots, have the loudest voice on the country’s Internet.”

The drive, to “sweep out porn, strike at rumors,” will run from mid-April until November, the party’s news portal Seeking Truth declared that part of the stiffer controls on freedom of expression and the Internet that have been imposed since President Xi Jinping took power in 2013.

With buzz building about Google's newest project, the build-it-yourself smartphone known as "Project Ara," it's worth noting that some company observers are concerned about what Google's side projects are doing to its profit margins.

The tech giant is set to report earnings for the first quarter of 2014, and while analysts expect that it will post solid revenue, a growing number of voices are asking whether the company is spending its money wisely.

Google is, primarily, a search and advertising company. But it's clearly happy to invest in a variety of other projects that aim to tackle big problems and new challenges. These, in turn, offer Google new ways to make money -- something that's particularly important as the average cost of an online ad drops, and Web users shift more heavily to mobile devices, where the ads aren't as lucrative.

The average American household connects to the Internet at a rate of 10 megabits per second. Not bad, but also not fantastic -- by way of comparison, a single HD Netflix stream takes up 5.8 Mbps of bandwidth.

Now with that as our baseline, consider the speeds of the country's fastest Internet connections today: 1 Gbps, or a gigabit per second. That's equivalent to 1,000 Mbps, or roughly 100 times faster than the national average.

But if you thought that was fast, wait until you hear about a new Wi-Fi router, from Quantenna, that's coming in 2015. It's capable of 10 Gbps -- 10 gigabits per second. That's a thousand times the rate of the average American broadband connection. It's mindboggling. You could theoretically stream 1,724 Netflix movies, all in HD, all at the same time and not see any lag.

But since the average household Web connection is still lagging at 10 Mbps, it'll be hard for most people to take advantage of the 10-gig router right away. They simply don't consume enough data to need the giant pipes provided by this new technology.

The Heartbleed bug has put many consumers' user names and passwords at risk. Undetected for two years, the bug quietly undermined the basic security of the Internet.

But on top of all that, security researchers have now confirmed that Heartbleed could have been used by hackers to steal sensitive data needed to set up fake Web sites posing as legitimate ones. Analysts say criminals could use Heartbleed to impersonate as many as 500,000 sites across the Web. Those sites have yet to replace the security certificates responsible for verifying their identity to Web browsers.

But even after the sites do update their security certificates, Web browsers may still be unable to tell the difference between a fake site and the real one. Consumers could easily fall victim to online fraud if they go to one of the fake sites. It gets worse. The expected flood of certificate revocations is likely to seriously degrade the speed of the Internet, primarily because the global system for tracking certificate revocations is not equipped to handle such a massive change.

[Commentary] Tens of millions of Americans have been affected by the theft of their personal information in the digital age. Then, it was discovered that a bug had crept into OpenSSL that could allow intruders to read encrypted data contained in memory, such as passwords or credit cards. The bug has been called “Heartbleed” and could allow attackers to eavesdrop on communications, steal data and even impersonate users and Web services. We’re tempted to say this ought to be a wake-up call, but we have already had so many wake-up calls.

To put it bluntly: As a country and as a society, we have come to depend on a vast, interconnected system; if one small part fails, the impact is widespread. As noted in a forthcoming Atlantic Council report, the Internet was created to be based on trust, not security. Yet we continue to discover that it is vulnerable to theft, intrusion and disruption on an appalling scale. We are living in an age of growing danger but reacting with complacency.

The Administration unveiled a useful initiative, promising that sharing cyberthreat information among companies would not bring on antitrust liability. But this, and President Barack Obama’s other measures, including his voluntary cybersecurity framework, represent only what is doable given a continued lack of a consensus in Congress and a failure in the private sector to take all threats more seriously. They are timid measures in the face of an epic heartburn that will be costly for us all.

Most of us have spent the last few days trying not to fall victim to the Heartbleed bug -- changing passwords, checking routers, making sure we're protected, and so on. But one company is actively inviting hackers to try to steal a secret key from a server that contains the vulnerability.

How can this possibly be a good idea?

Well, if the challenge works, it could help security researchers better understand Heartbleed and the danger it represents. Cloudflare, the Internet infrastructure company behind the hacking challenge, says that if somebody can prove that stealing that security key is possible, it would have tremendous implications for the Web's smooth performance.

So the company set up a dummy server with the Heartbleed vulnerability and is encouraging people to use it to break in.

The company's own tests suggest it's really hard to steal a certificate and impersonate someone. But it's impossible to be 100 percent sure; you can never really prove that something won't happen. So throwing more manpower at the problem will help tell us just how hard it is to steal a key. Cloudflare is now tracking "thousands" of people plugging away at the challenge. So far, nobody's solved it. Let's hope it stays that way.