[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips May 9, 2002

To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, CSSP <cssp@xxxxxxx>;, glee@xxxxxxxxxxxxx;, Charlie Oriez <coriez@xxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, computer_security_day@xxxxxxx;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;;
Subject: Clips May 9, 2002
From: Lillie Coney <lillie.coney@xxxxxxx>
Date: Thu, 09 May 2002 10:09:35 -0400
Cc: lillie@xxxxxxx

Clips May 9, 2002

ARTICLES

A Visual Rather Than Verbal Future
W.Va. Firm, IBM Plan for Millions of Players Online at Once
First Humans to Receive ID Chips
Eye-, Face-Recognition Systems Take a Few Steps Up
Judge Allows Electronic Copyright Case to Proceed
INS opens entry/exit door
Emergency program moving along
In Satellite Piracy War, Battles on Many Fronts
Commuters face smart card confusion
Flaw leaves MSN Messenger vulnerable to hackers
House privacy bill puts onus on consumers
VeriSign to auction domain names on eBay
Microsoft fined for piracy last year
'Cyber jihad' warning to terror experts
Macs' Last Stand on Capitol Hill
Bomb Suspect Traced by Cell Phone
Intel Drives Wireless Speed with New LAN Chipset
Wearable Biometric ID System Unveiled
Unfrozen funds to pay for linking of weapons systems
IBM unveils higher level of disaster recovery services
'Cute' Trojan horse attacks through e-mail

*****************
Washington Post
A Visual Rather Than Verbal Future
By Leslie Walker

With all due respect to fellow computing gurus around the world, the University of Maryland's Ben Shneiderman doesn't think speech will ever become the main way people communicate with computers. He's convinced our eyes will do better than our voices at helping us control the digital machinery of the 21st century.

His explanation seems so simple, so obvious, so testable, that you have to wonder why Microsoft, IBM and other research labs have been spending billions of dollars trying to let us talk to computers the way people did to HAL in "2001: A Space Odyssey."

"Hollywood and the image of HAL gave us this dream, this hope, this vision, but the reality is quite different," says Shneiderman, a computer science professor and well-known researcher, sitting in a College Park office more cluttered with books than computers. "It turns out speaking uses auditory memory, which is in the same space as your short-term and working memory," he adds.

What that means, basically, is that it's hard to speak and think at the same time. Shneiderman says researchers in his computer science lab discovered through controlled experiments that when you tell your computer to "page down" or "italicize that word" by speaking aloud, you're gobbling up precious chunks of memory -- leaving you with little brainpower to focus on the task at hand. It's easier to type or click a mouse while thinking about something else because hand-eye coordination uses a different part of the brain, the researchers concluded.

The upshot, Shneiderman contends, is that while speech may help blind and disabled people interact with computers, it's unlikely to become the dominant way people connect with them.

"It's the bicycle of user interfaces," he says of human voice, his own sounding a tad weary, as if he has said this many times before. "It gets you there . . . but it's not going to carry the heavy load that visual interfaces will."

Visualization, you see, is Shneiderman's thing. You can tell by how his voice springs to life when he starts talking about the visual interface projects underway at the University of Maryland's Human-Computer Interaction Lab, the research group he founded 19 years ago to develop novel ways of interacting with computers. When the public descends on his College Park lab for its annual symposium and open house May 30-31 (www.cs.umd.edu/hcil/soh), it will see an array of new graphical tools for exploring information.

Shneiderman thinks visual tools are what will let humans master computers. If he's right, the next-generation Internet may have fewer software "robots" than most pundits predict. Or if software agents do catch on, visual tools may be how we control them.

Control, after all, is what Shneiderman thinks is still missing from the computing experience. Computers and the Internet are too darned frustrating, he says, and the only way to put people back in control is through new software designs that are more human-centered, chiefly by leveraging our powerful visual sense.

His latest visual tool is the "timesearcher," a graphical box that lets people ask questions about massive amounts of data and see the answers visually. Instead of having to type each question using words and numbers ("show me all the stocks that rose in price more than 30 percent between January and April," for example), the timebox lets you drag around a box on the screen, shrinking or expanding it to explore complex relationships among data over time, with results displayed instantly in an adjacent panel.

Wall Street analysts are testing his timeboxes for technical stock analysis. "But our interest really is in genomic data, where you have 10,000 genes on a DNA microchip and you are looking for patterns over time," Shneiderman says.

His team of more than half a dozen researchers is led by Ben Bederson, a younger version of Shneiderman who has taken over as director of the College Park lab (colleagues call them Ben S. and Ben B.) and is equally committed to the power of visual tools.

Bederson developed software to browse the thousands of digital photographs he had taken of his 3-year-old daughter. The software, called PhotoMesa, lets people see a ton of image directories and thumbnails at once, then zoom in to get a bigger view of any particular image or group. After downloading the free software from the lab's Web site, I used it to find, in about 10 minutes, a photo I had searched for in vain for months among the thousands of digital photos I have stashed on my home computer.

The lab has had its share of commercial successes, notably with software that creates graphical sliders to let users quickly refine searches or try out what-if scenarios based on different variables. The so-called dynamic search query software was taken to market by a Massachusetts company called Spotfire and is being used by big drug companies and other businesses.

Many programs emerging from the lab (including funny-looking fish-eye menus where type starts small and gets bigger before turning small again) let users visually zoom in and out easily, the idea being that people grasp data better if they can associate it with the big picture. You can see for yourself at SmartMoney.com's online map of the stock market, which shows 500 stocks in a maze of overlapping rectangles, with green representing companies and sectors with rising stock prices and red depicting falling ones. It was developed with mathematical formulas for "treemaps" created in Shneiderman's lab.

Shneiderman is best known for inventing a form of hyperlinked text called "Hyperties" in the 1980s, a forerunner of the World Wide Web's hyperlinks. He was right about the power of visually linked text back then. There's no reason to think he isn't right now about how timeboxes, dynamic query sliders and similar graphical interfaces will one day let us discover startling truths -- much as Galileo shook up the 17th century when his telescope revealed craters on the moon and led to the discovery of galaxies far, far away.

"These tools are like telescopes and microscopes," Shneiderman says. "They are a new way of viewing things you couldn't see before."

For a Web video tour of the Human-Computer Interaction Lab, go to www.washingtonpost.com/walker. Leslie Walker's e-mail address is walkerl@xxxxxxxxxxxxx ****************** Washington Post 'Grid' Expands Game Universe W.Va. Firm, IBM Plan for Millions of Players Online at Once By Ellen McCarthy

Playing video games with a friend or two can be fun, but David Levine thinks it could be a lot more exciting with a couple of million people.

Levine's Butterfly.net Inc. today will launch a product that would allow millions of players who buy third-party software to participate in Internet video games at the same time -- an advance Levine believes will change the online gaming world.

"What we've done is radically different," Levine said. "It's going to be the difference between a niche geeky market and the mass market."

The product is being released with International Business Machines Corp., which provided the basic infrastructure and networks for the technology.

Butterfly's software is based on a computing system called "grids," which was developed for sharing data on the Internet. It will be sold to to major video-game publishers such as Vivendi Universal and Electronic Arts.

Scott Penberthy, vice president of business development for IBM's global services unit, said the use of grids in the gaming industry is a validation of the technology's potential commercial uses.

"We see tremendous potential for this across the industry," Penberthy said. "If you're a game developer, you want something that is going to be smooth and cost effective. They've created a system that does that -- it's just the first ray of light."

Current technology is limited by the number of players whom each server can accommodate, usually under 1,000, Levine said. Butterfly's software eliminates those restrictions by joining servers into clusters, allowing millions of players to interact simultaneously.

For example, if a new television show debuts and the 25 million people who are watching decide to play a game based on the show, everyone will be included in the same game, rather than split into factions.

Butterfly Grid can be used in both PC-based games and Internet console games.

Butterfly, still a 12-person operation, was founded almost two years ago in Shepherdstown, W.Va. The firm has worked on several game-related projects to raise money, but Levine said developing the Butterfly Grid has remained the company's primary focus.

"The cost of what we're going to provide to publishers is so low that the games will become much more profitable -- this brings it to a new level," he said. "I really think we're going to change things with this." ********************** Los Angeles Times First Humans to Receive ID Chips Technology: Device implanted under skin will provide identification and medical information. By DAVID STREITFELD

Eight people will be injected with silicon chips Friday, making them scannable just like a jar of peanut butter in the supermarket checkout line.

The miniature devices, about the size of a grain of rice, were developed by a Florida company. They will be targeted to families of Alzheimer's patients--one of the fastest growing groups in American society--as well as others who have complicated medical histories.

"It's safety precaution," explained Nate Isaacson. The retired building contractor will enter his Fort Lauderdale doctor's office Friday as an 83-year-old with Alzheimer's. He'll leave it a cyborg, a man who is also a little bit of a computer.

The chip will be put in Isaacson's upper back, effectively invisible unless a hand-held scanner is waved over it. The scanner uses a radio frequency to energize the dormant chip, which then transmits a signal containing an identification number. Information about Isaacson is cross-referenced under that number in a central computer registry.

Emergency room personnel, for instance, could find out who Isaacson is and where he lives. They'd know that he is prone to forgetfulness, that has a pacemaker and is allergic to penicillin.

"You never know what's going to happen when you go out the door," said Isaacson's wife, Micki. "Should something happen, he's never going to remember those things."

Applied Digital Solutions Inc., the maker of what it calls the VeriChip, says that it will soon have a prototype of a much more complex device, one that is able to receive GPS satellite signals and transmit a person's location.

It's a prospect deeply unsettling to privacy advocates, no matter how voluntary the process may initially appear.

"Who gets to decide who gets chipped?" asked Marc Rotenberg, executive director of the Electronic Privacy Information Center. "Parents will decide that their kids should be implanted, or maybe their own aging parents. It's an easier way to manage someone, like putting a leash on a pet."

Applied Digital, which says it has a waiting list of 4,000 to 5,000 people who want a VeriChip, plans to operate a "chipmobile" that visits Florida senior citizen's centers. An estimated 4 million people nationally have Alzheimer's, with more than 10% of them in Florida.

Not Just for Those

With Alzheimer's

Jeffrey and Leslie Jacobs and their teenage son Derek, whose "chipping" will be a national media event, don't have problems with dementia. The Boca Raton, Fla., family has a mixture of ailments and interests: Jeffrey has been treated for Hodgkin's disease and suffers from other conditions for which he takes 16 medications, while Derek is allergic to certain antibiotics. Mostly, though, he's a computer buff who considers the procedure nifty. As for Leslie, she's merely hoping to feel more secure in an insecure world.

A third group readying themselves for the simple outpatient procedure Friday are executives of Applied Digital, a publicly traded company based in Palm Beach. Even their publicist is doing it.

Getting chipped is easy. Making it more useful than a piece of body art will be harder.

"There are a lot of practical issues here, as well as ethical and privacy issues," said Mark Pafford, associate executive director of the Alzheimer's Assn.'s Southeast Florida chapter. "If it were me, I would use something tried and proven, like a ID bracelet or a necklace that has an 800 number. This VeriChip seems like it would inhibit someone being returned home in a timely fashion. Who knows how to look under someone's skin?"

Applied Digital says nearly all the major hospitals in the West Palm Beach area will be equipped with the scanners. Yet St. Mary's Medical Center, a major trauma center approached at random by a reporter, said no one had contacted that hospital.

Isaacson's family says he has a bracelet. He also has a wallet with an ID.

"The VeriChip is more of a 'God forbid,'" said Sherry Gottlieb, Isaacson's daughter. "You feel you have to have it, but hope you never need it."

Applied Digital is charging $200 for a chip, plus a $10 monthly fee to store the information. As the first patients, Isaacson and the Jacobses are getting their VeriChips for free, but that's the only financial consideration they are receiving.

Isaacson's doctor, while agreeing to perform the insertion, has some qualms about it. He consented to be interviewed but asked that his name not be revealed until Friday. While protests against the VeriChip have been minimal, neither the doctor nor Applied Digital are eager to see demonstrations. A few religious groups say the chips are "the mark of the Beast" referred to in the Bible.

"I think this is going to be the cutting edge of the future, because quick information saves lives," Isaacson's doctor said. "I get calls 24 hours a day informing me that a patient has had a stroke or a heart attack and is in the hospital. I have to go to my office, get the chart, and then go to the hospital. All that takes time, while the patient is being treated with limited information."

And yet this family practitioner doesn't see himself chipping any youthful patients. While he believes the procedure is safe and the chip can always be removed, he's worried about long-term liability. "You do something to a young person, you may be responsible for years afterwards. He may be carrying this chip for 70 or 80 years."

Long before then--by the end of the year, in fact--the next generation of devices will be tested.

An embedded chip with GPS capabilities would be slightly larger than a quarter and require actual surgery to implant. Unlike the VeriChip, it also would require Food and Drug Administration approval. That will slow down its U.S. introduction.

"We believe we have solved the battery issue, which leaves the question of an antenna that can transmit through skin tissue," said Keith Bolton, Applied Digital's chief scientist. The devices will be powered by lithium ion batteries, which can be charged remotely from outside the body.

Interest in Device

in Brazil and Mexico

Applied Digital says it has already received considerable interest in the VeriChip from both commercial and government sources in Brazil and Mexico, and expects the embedded system to be big wherever there is a big threat of kidnapping.

The prospect of such sales is no doubt one reason Applied Digital stock, which traded as low as 11 cents in the last year, recently quadrupled to about $2.

Corporate insiders were sellers of the stock before the recent run-up, which might indicate a lack of faith in the company's viability.

The stock fell 6 cents to $2.01 on Wednesday on Nasdaq.

Applied Digital is heavily indebted but says it will have actual earnings this quarter before interest, taxes and depreciation are accounted for. ******************** Washington Post Eye-, Face-Recognition Systems Take a Few Steps Up By Carlos A. Soto Government Computer News

Vendors of biometric devices are betting that their face- and eye-recognition technologies can make a camera lens as efficient as a security guard's watchful eye. Far-fetched? Maybe not.

Just three years ago, facial and iris biometric scanners looked like James Bond film props but were cumbersome to set up and functioned poorly without ideal lighting and camera placement. Even worse, their software often interfered with other applications.

Although problems linger, biometrics has been improving rapidly. It can't yet replace human judgment, but it can replace the password.

The iris of the human eye develops before birth through a process called chaotic morphogenesis, and no two irises are the same. Even identical twins have four distinct irises, which is what makes iris scanning a sure method of authentication.

The GCN Lab used the $239 Authenticam, made by Panasonic Security and Digital Imaging Co., to test iris- and facial-recognition software. The setup was actually two cameras, one atop the other. The upper camera, originally developed by Iridian Technologies Inc., performed iris recognition only. We coupled the second camera, similar to a standard webcam, to Visionics Corp. facial-recognition software.

Iridian's KnoWho iris-recognition software, which costs $25 to $75 per user license, encodes a captured image of the iris for subsequent matching and verification. The KnoWho version we tested came with $49.95 SafLink 2000 biometric administration software from SafLink Corp.

Private ID, a second Iridian app, came bundled with the Panasonic Authenticam. Private ID captures the iris image for KnoWho. The Iridian products gave the most effective biometric security among the products we reviewed. They never misidentified a user and couldn't be tricked by environmental changes.

The Panasonic Authenticam had three light-emitting diodes at the bottom that projected safe infrared beams, allowing iris recognition to proceed at any level of ambient light. In the windowless lab, even with lights off, we could enroll users on a Pentium 4 PC with the Iridian software installed.

Our testers found iris verification a little awkward at first, but once they got used to it, they thought it worked as fast as fingerprint log-ins.

Iris enrollment took two steps. First, each user placed an eye in front of the camera lens and watched for a yellow dot to appear. Next the user moved away to about 18 to 22 inches from the Authenticam, at which point the yellow dot turned green.

Once that color transformation occurred, the user had to remain still while the software finished the enrollment.

Private ID and KnoWho worked fairly fast. Once an iris pattern was captured, enrollment took little more than a second -- one second slower than most fingerprint readers but hardly a noticeable difference.

Visionics' FaceIt calculated a digital identity code for each user by measuring 14 out of 80 possible landmarks -- facial features such as eyes, lips and nose. Such calculations should be unaffected by new facial hair or haircuts.

We had problems at first making the lighting consistent enough for FaceIt. If the camera moved, all the users had to be re-enrolled. The more often they enrolled, however, the more consistently FaceIt could identify them.

The software costs up to $30,000 for a three-camera system using FaceIt Argus, which is for large areas such as airports. A desktop version bundled with SafLink 2000 costs less than $50 per user.

Facial-recognition technology, unlike iris identification, can be fooled by similar measurements -- for example, faces of twins have nearly the same measurements.

AcSys Biometrics Corp. put what it calls holographic/quantum neural technology into its AcSys Face Recognition System Entry software to determine a user's most noticeable characteristics.

Unlike Visionics' FaceIt, which looked for facial landmarks, AcSys's engine compared the entire face in three dimensions against 20,000 images in a database. From the similarities and differences, it interpreted what made one face different from others.

Accuracy was affected by the environment, just as with the Visionics software. The lighting for AcSys's product had to be consistent.

If users re-enrolled under different lighting, FRS Entry could learn to recognize them in both environments. But that was time-consuming because the new images had to be transplanted into the users' profiles.

FRS Entry, unlike FaceIt, recorded a new image each time it verified a user. All the images went into the user's database template. A user who, for example, grew long hair would continue to be recognized.

As with the Visionics software, the more pictures of the user, the better. The longer we used FRS Entry, the better it got at distinguishing people who looked somewhat alike.

But once again, if a face could fool a human guard, it could fool FRS Entry.

In a one-to-many setting for identifying a face in a crowd, FRS Entry wrongly identified PostNewsweek Tech Media President David Greene as Editorial Vice President Thomas R. Temin. (PostNewsweek Tech Media is a unit of The Washington Post Co., which owns this newspaper.)

Its error was probably caused by an office lighting change. But as the software gathered more images of both men into its database, it learned to distinguish them even when Temin wore Greene's glasses.

Although AcSys designed FRS Entry for people to enter secure locations and not as a log-in tool, the same recognition engine is available in a stand-alone product.

AcSys FRS Entry requires a high-end camera and a dedicated, fast PC. The complex pricing structure depends on the number of users, physical infrastructure and number of doors monitored.

The company gave us a rough estimate of $10,000 per door, or $1,500 per user up to 99 users, not counting installation or hardware.

Facial-recognition technologies are still immature. But once they better adapt to lighting changes, we believe they stand a good chance of replacing quite a few security guards.

At the moment, iris scanning is more reliable than facial recognition, though that could change. Database storage and processing power requirements for facial recognition probably will remain higher than for iris scanning as both technologies mature. **************** Los Angeles Times Judge Allows Electronic Copyright Case to Proceed Technology: Digital Millennium Copyright Act is constitutional, the opinion says. By JON HEALEY TIMES STAFF WRITER

May 9 2002

In an important legal victory for publishers, movie studios and record companies, a federal judge ruled Wednesday that a controversial 1998 law bars the distribution of any tools that crack electronic locks on a copyrighted work.

U.S. District Judge Ronald M. Whyte held that the Digital Millennium Copyright Act is constitutional even though electronic locks could make it hard for consumers to make "fair use" of the copyrighted products they buy.

"That is part of the sacrifice Congress was willing to make in order to protect against unlawful piracy and promote the development of electronic commerce and the availability of copyrighted material on the Internet," Whyte wrote in a 32-page opinion. Critics of the DMCA, including some lawmakers, said it allows copyright owners to wipe out consumers' ability to copy music, books and movies for personal use. But Hollywood studios and record labels, alarmed by the flood of unauthorized copies online, are pushing for even stronger measures to limit what consumers can do.

In the first criminal prosecution under the DMCA, Russian programmer Dmitry Sklyarov was arrested last year for distributing a program that removes the electronic locks from Adobe Systems Inc.'s e-books. Charges against Sklyarov were dropped after he agreed to testify against his employer, Elcom Ltd.

Elcom's lawyers argued that the DMCA is unconstitutional, but Whyte dismissed their motion and let the case proceed to trial.

Federal copyright law gives the owners of a copyrighted work the exclusive right to copy and perform it publicly. The main exception is for "fair uses," such as making a back-up copy or printing excerpts in an academic paper. In the DMCA, Congress made it illegal for any person to manufacture, import or distribute technology whose main purpose is to circumvent the electronic locks that limit access to or use of a copyrighted work.

That provision covered such things as the anti-copying controls on DVDs and the software that prevents consumers from reading the Wall Street Journal online without a subscription.

Elcom's lawyers contend that the company's software lets e-book buyers do a host of legal things that Adobe's locks prevent, such as making back-up copies, using text-to-speech converters and printing out chapters.

But Whyte ruled that the law "bans trafficking in or the marketing of all circumvention devices," even if they could be used to support fair uses.

"The DMCA does not 'eliminate' fair use," Whyte wrote. "Although certain fair uses may become more difficult, no fair use has been prohibited." Besides, Whyte said, no law or court ruling guarantees a consumer "the right to the most technologically convenient way to engage in a fair use."

Cindy Cohn, legal director of the Electronic Frontier Foundation, said, "It's as if the judge ruled that Congress can ban the sale of printing presses, because the 1st Amendment right to publish speech was not attacked directly and quills and ink are still available. What good are the public's rights if the tools needed to make fair use or access works in the public domain are illegal?" *********************** Federal Computer Week INS opens entry/exit door

Tackling what is probably its largest and most complex technology project, the Immigration and Naturalization Service has taken the first step toward building an automated entry/exit system to keep track of foreign visitors.

The computer-based system, which is intended to register when foreign visitors enter and leave or fail to leave the United States, is considered a key to increasing the nation's ability to control its borders and improve homeland security.

In a presolicitation notice to potential builders, INS says it wants to rely as much as possible on off-the-shelf technology to "verify and record the identities of persons who enter and exit the United States by air, land or sea."

INS has asked Congress for $380 million to spend on the system in 2003, but the total cost is expected to be much higher.

Robert Mocny, director of the INS' Entry-Exit Project Office, compared the size and complexity of building the system to putting a man on the moon or constructing the Hoover Dam. "It's huge," he said.

INS statistics show that more than 7 million foreign visa holders and "hundreds of millions" of foreigners without visas enter the United States each year. In addition, a half million foreign students are enrolled in American schools. But for now, INS has no reliable means of tracking those visitors, and millions remain past the dates they are required to leave.

Some of the Sept. 11 terrorists were among those who overstay their visas, highlighting the danger that losing track of visitors poses for homeland security.

Among the requirements for the entry/exit system listed in the presolicitation notice are that it must be able to alert government officials if visitors overstay their approved visit periods and if visitors "are or become identified as national security threats."

After installation at air and sea ports in 2003, the system will be installed at the 50 largest land points of entry in 2004 and at all points of entry about 300 by the end of 2005.

The system must be able to "interface with multiple existing and potentially future government and commercial industry databases," INS says. Critical government databases include those operated by other Justice Department agencies and the departments of State, Treasury and Transportation, the notice says. Commercial databases include those operated by airlines and shipping lines, Mocny said.

In addition to interoperability, the system must be able to demonstrate "scalability, security and evolvability," the INS notice says.

Although it is not specifically required in law yet, the system also will be expected to read visas, passports or other identification documents that include biometric identifiers, Mocny said.

The system is complex because it involves tying so many databases, computer systems and technologies together, Mocny said. "The scale and scope is what's untried," but "it's doable," he said. "Let's say this, I haven't heard from industry that we can't do it."

INS officials said they plan to issue a formal request for proposals in June. At that point, companies are expected to present designs for consideration. ***************** Federal Computer Week Emergency program moving along

Following a successful demonstration with some of the most high-tech state and local agencies, the federal government is ready to move on to a tougher test of the Domestic Emergency Response Information Services (DERIS) program: working with rural governments.

The Defense Department, which is running the program, also is working to transfer DERIS to the Federal Emergency Management Agency and the National Guard Bureau, both of which are responsible for coordination with first responders under the Bush administration's homeland security mandate, said Rosanne Hynes, information technology adviser for DOD's Homeland Security Task Force, which led the development of the program.

The second phase of DERIS will be conducted later this year with agencies in rural Pennsylvania, said Hynes, speaking May 6 at the Government CIO Summit in Broomfield, Colo.

DOD, working with FEMA, the National Guard and other federal agencies, developed the program to provide a network, a collaboration portal and training tools for bringing together first responders and all levels of government during an emergency.

The successful Phase I demo occurred March 12 with agencies in Chicago, Los Angeles, and San Diego county. However, most state and local agencies lack the information technology infrastructure or expertise of such jurisdictions, and that is what DERIS must focus on in the future, Hynes said.

The success of demonstration also means that DOD can start to hand over the program to FEMA and the National Guard, the agencies that Hynes said should be in charge.

FEMA's homeland security responsibilities include the development of a collaboration portal, such as the one developed for DERIS, which will be part of the transfer, Hynes said. Defense put up the resources to develop DERIS because FEMA could not, but coordinating domestic emergency response is not DOD's job, so the program and the portal will be moving over to FEMA and the National Guard before the Phase II demonstration, she said.

In addition to DERIS, DOD is starting to migrate responsibility for its new Consequence Management Interoperability Services (CMI-Services) program to FEMA, and has formed a group of advocates within DOD, FEMA, the Office of Management and Budget and the Office of Homeland Security to ensure that the funds needed for first responder coordination go to the right agencies instead of any political pet projects.

In November, the group also formed the Emergency Response Network Initiative to bring together officials from all of the agencies involved in homeland security to compare and coordinate IT investments in the emergency response arena, Hynes said.

"We're really helping to put FEMA in the position it needs to be," she said.
  ******************
New York Times
In Satellite Piracy War, Battles on Many Fronts
By JENNIFER 8. LEE

INDSOR, Ontario -- THE palm-size cards started appearing last year at border inspection points. They were stashed in glove compartments and trunks. Tucked into pockets and wallets. Hidden in brown paper packages.

Drivers tried too hard not to appear nervous, and flubbed explanations when questioned by American customs inspectors.

A new kind of contraband was trickling across the border from Windsor into Detroit along with the pseudoephedrine and the Cuban cigars. Initially, United States customs officials say, they found the cards puzzling. They looked innocuous enough blue plastic cards imbedded with computer chips.

As the inspectors investigated further, it soon became clear to them that Americans were flocking to Windsor for more than the second-rate casinos and strip clubs. They were crossing the border to satisfy an illicit desire of a different sort: one for pirated satellite television.

In the past few years, satellite TV piracy has become a multimillion-dollar industry in the United States, with as many as one million households, by some estimates, illegally obtaining programming from the nation's two big satellite providers, DirecTV and EchoStar. The desire to tap into satellite channels without paying the monthly fees has spawned a loose distribution network of fly-by-night dealers and Web sites, raids by law enforcement agencies, and an electronic cat-and-mouse game between the pirates and the satellite companies.

But if piracy has become big business in the United States, it owes a lot to Canada, where until recently it was legal to receive pirated satellite signals. In border cities like Windsor, a mini-industry of pirate providers flourished, selling the means for Americans, be they individuals or dealers, to gain access to satellite programming.

For now, that industry is reeling from a Canadian Supreme Court ruling in late April that it was illegal for Canadians to watch American satellite television. Stores were closed and equipment removed, and several online stores were shut down.

But dealers say that the demand is too great and the business too lucrative for the industry to disappear entirely. It will either move offshore or underground, many dealers predict, ensuring some sort of supply chain for Americans.

"All they really do is push it below ground," said Adam Dicker, owner of Satan's Playhouse, a chain of three satellite television stores in Toronto. "It's the dealers they want to put out of business, but we only get more business."

In satellite piracy, the cards are the keys. Inserted into an inexpensive receiver, a card unlocks the streams of entertainment to a user who points a small dish antenna in the right direction. Legitimate users pay a monthly fee to unscramble the signals. But a satellite access card can be transformed to a free card through reprogramming. What was once available only by subscription basic channels and premium services like HBO, pay-per-view movies and sports can be viewed for the one low price of hiring someone to hack the card, anywhere from $20 to $50 a pop.

"It's like heroin," said Joann Kolonelos, a dealer at DSS Pirate, a satellite piracy store in Windsor whose clientele has been approximately one-third American. "Once you have access to all those channels, all those movies, you can't give it up."

The satellite companies and law enforcement agencies call it theft, plain and simple. The companies, which together have about 18 million paying subscribers in the United States, hesitate to put a figure on the price of satellite piracy. But cumulatively, the cost of enforcement, legal action and lost revenue has probably run into the hundreds of millions of dollars, according to industry experts. In 1997, DirecTV was awarded damages of $33 million as a result of a single lawsuit against 30 dealers in Seattle.

DirecTV, whose encryption system was cracked before EchoStar's, is pouring money and people into its anti-pirating division, the Office of Signal Integrity. The office helps law enforcement agencies conduct frequent raids on satellite dealers across the country. In three raids on a single day in May 2001, for example, police officers confiscated $4.5 million in satellite piracy paraphernalia in Orange County in California. Since the beginning of this year, there have been 33 seizures of satellite access cards by customs inspectors in Detroit alone.

Satellite piracy is a federal crime punishable by up to five years in prison for dealers and one year for viewers, in addition to fines. But many scoff at the idea of getting caught.

"There are so many people doing it, it becomes socially acceptable for you to do it too," said a hotel manager from Detroit who spoke on the condition that he not be identified. The manager, who went to Windsor to obtain cards and satellite equipment, started pirating signals in 2000 when he became frustrated with his high cable bills.

He crossed the border because Canadians were able to exploit a discrepancy: government jurisdictions stop at borders, but satellite signals do not. Piracy of American satellite television could not be challenged here because the companies are not licensed in Canada. And while there are two Canadian satellite broadcasting providers, the appetite for American programming is overwhelming.

Today, an estimated one million Canadian households about 10 percent of the population are watching American satellite TV, in most cases without paying DirecTV or Echostar. Satellite dishes have sprung up on Canadian houses like gray mushrooms after a spring shower. Piracy Web sites flourished, and hundreds of stores opened as legitimate tax-paying businesses. In Windsor alone, 40 piracy stores emerged from 2000 to 2002. Classified ads were filled with offers to hack satellite cards.

By serving as wholesalers to dealers in the United States or selling to individuals who crossed the border into Canada, hackers and piracy shops nurtured the temptation for Americans to steal satellite signals.

How far are people willing to go for television? Windsor dealers say that customers have driven from as far as Oklahoma, West Virginia and Texas. Some have bought dozens of cards to sell or give to friends. Some Americans who could not get to Canada mailed their cards to friends in the Detroit area with pleas that they be returned before the big game, said the hotel manager.

The access cards are a valuable commodity. One Satan's Playhouse store was held up at gunpoint last year, said the owner, Mr. Dicker. The thieves made off not with cash but with hundreds of satellite cards worth tens of thousands of dollars.

To create the finished product, Canadians have had to look to the United States for the original cards. Last year the Canadians found a new source across the border for large volumes of low-priced cards: Wal-Mart, which like many retailers was selling DirecTV systems, which consist of a satellite dish and a black-box receiver, for a heavily subsidized $50.

Canadians printed out maps of Wal-Mart locations from the Internet and headed for the border, said David Fuss, the president of Incredible Electronics, a major Canadian wholesaler. They bought the systems by the dozens and the hundreds. What Canadian dealers wanted were the included satellite cards, which could be hacked and sold for $150, a handsome profit.

DirecTV's accounting showed that hundreds of thousands of cards disappeared into the vortex of piracy during that period. Last fall the satellite company started shipping systems to Wal-Mart without the card. "It was costing us a lot of money," said Larry Rissler, the head of DirecTV's Office of Signal Integrity. Now subscribers who buy from Wal-Mart have to order the card separately from DirecTV.

Last year DirecTV hired five law firms to mail cease-and-desist letters to American addresses obtained from raids on dealers. To date it has mailed over 7,500 letters. "We are going after the users," Mr. Rissler said. "We are trying to teach them a lesson."

The company is also fighting fire with fire, with its engineers hacking to fight the hackers. The Office of Signal Integrity designs little bits of code with a name that evokes cold war weaponry: Electronic Counter Measures, or E.C.M.'s. The E.C.M.'s, which travel up to the satellite and down to the cards, are the equivalent of heat-seeking missiles. When they find a card that has been hacked, they destroy the programming on it.

A few months ago, DirecTV stepped up its E.C.M. attacks to two or three a week. Within minutes of each attack, dealers said, their phones would start ringing and people would begin lining up in front of the Windsor stores to get their cards reprogrammed.

"It's television," marveled Patrick Reid, manager of Pirate Satellite, another store in Windsor. "It's supposed to be entertainment. But for some people it's critical."

Some viewers have found a remedy to the E.C.M. attacks: they are buying the hardware to program and fix the cards themselves. The devices, called loaders and unloopers, hook up to a PC. After an attack, hackers devise a software remedy and distribute it on the Internet. Within a day, most people are up and running again.

With a PC and an Internet connection, anyone can now be a pirate. The price of hardware has plummeted as competing manufacturers have flooded the market. Equipment that used to cost several thousand dollars has dropped to $100 or $150.

"Everybody and their neighbor has a programmer these days," said Rod Freire, a satellite installer in Windsor who has five satellite dishes on his house.

Still, the Canadian Supreme Court decision on April 26 changed the picture. The ruling that it was illegal for Canadians to watch American satellite television came on a Friday, and over the weekend, satellite piracy in Canada came to a stumbling halt. Storefronts were shuttered and Web sites were pulled down. Apologetic signs went up. Customers panicked. What would they do without their satellite TV? On the Monday after the ruling, the shelves and tables in one Windsor store were bare. The owner had stripped out all his equipment over the weekend. But customers kept calling.

"I can't talk to you on the phone," the owner said. "You can come here and we can talk face to face."

Customers wandered into the store one by one. An older man pulled a small envelope out of his pocket and took out a card. "Do you still . . . ?" he asked.

"We don't program anymore," the proprietor said firmly. Well, at least not officially. The owner then asked the man to leave his name and number on a piece of paper.

"We'll contact you," the owner said. "We'll work something out." The owner, who spoke to a reporter on the condition that he not be identified, said he would probably start making house calls but that his prices would go up.

There is currently an injunction on the enforcement of the ruling. But no matter the outcome, satellite piracy will continue, dealers say, with Web sites moving to offshore servers and more viewers buying the hardware themselves. Decoder News (decodernews.com), for example, a site that had been operating out of Toronto, plans to move its server to the Caribbean.

"If you never give kids candy in the first place, they'll be O.K.," said Mr. Dicker, the owner of Satan's Playhouse. "But you can't give kids a bunch of candy and then take it away. The same is true for satellite." ********************* BBC Commuters face smart card confusion

Tube travellers in London will soon be able to swap their paper tickets for a smart card but technical incompatibilities could cause confusion for commuters. London Underground is developing a smart card system dubbed Prestige but it will not be compatible with standards being developed for other transport services, the technology news magazine Computing reported.

For commuters who travel to the capital on a mainline train, a smart card may be more trouble than it is worth.

"We are hoping that mainline stations will upgrade their ticketing services but for the time being it might mean having two tickets or being issued with a paper ticket," said a London Underground spokesperson

The Department of Transport admits that the London Underground system is not compatible with standards being developed by the Integrated Transport Smartcard Organisation (ITSO).

"It is true that London is not using the ITSO standard but that is because the contracts for the specification and supply of the London card scheme were placed before work on the ITSO standard was completed," said a spokesman for the Department of Transport.

All parties are " jointly working on a study to see how London and the rest of the UK can be made interoperable", he said

The £1.2bn Prestige project is due to be piloted this summer and it is hoped it will bring benefits for Londoners.

"It will cut down on queuing and ticket fraud and instead of fumbling around in your bag you will in theory be able to simply point your ticket at the gate," said a London Underground spokesperson.

Integration vital

Analysts say commuters have to put up with the inconvenience resulting from competing standards for new technology.

"It is a general trend to have two or three standards and there is a slow convergence," said manager of the technology group at Anderson Consulting, Sati Bains

"Eventually London Underground has to be integrated with other rail and transport systems but it is unlikely to change in the short term."

ITSO is hoping its specification will be used to develop a smart card with far wider uses than just transport.

"The ultimate dream is to replace all the cards in your wallet and have a card that can be used on transport systems and pay your poll tax," said ITSO's general manager Peter Stoddard.

"The ITSO specification would allow that. It was born out of transport but could be used on a much wider front and there has been a lot of interest around the world."

Government led

Smart cards have long been talked about as a way of allowing consumers to pay for a variety of services.

Most credit cards have an embedded chip which could turn the plastic in your wallet into a smart card.

But it may be government rather than financial services that drives usage, said Mr Bains.

"The government could save billions on social service fraud by using smart cards," he said.

It would be a logical step to also integrate public transport payments on such cards he added.

"You would be able to catch a bus without having to take the card out of your pocket. The card could also interact with screens at the bus-stop to let you know when the next one was coming," he said. ****************** USA Today Flaw leaves MSN Messenger vulnerable to hackers

SEATTLE (AP) Users of the latest versions of Microsoft's popular MSN Messenger program are vulnerable to computer hackers, the company warned. The "critical" flaw in the Internet-based program, which has millions of users, is the latest serious security flaw to be discovered in a program from the world's dominant software company. Microsoft said Wednesday that hackers could exploit the vulnerability to run their own malicious commands on a user's computer. Affected is a feature that allows users to gather in a single virtual location or "chat room" to exchange messages across the Internet in near real time.

The affected software includes Microsoft MSN Chat Control, Microsoft MSN Messenger versions 4.5 and 4.6, and Microsoft Exchange Instant Messenger 4.5 and 4.6.

Microsoft has been trying to make inroads into the market, which is dominated by AOL's Instant Messenger.

The vulnerability was discovered as Microsoft undergoes an intensive companywide campaign to stamp out security problems, an effort ordered by chairman and chief software architect, Bill Gates.

The Redmond, Wash.-based software maker issued a critical security bulletin to users advising them to upgrade by visiting an MSN Chat site and downloading an upgraded new chat control, or by upgrading on the site to the latest version of MSN Messenger or Exchange Instant Messenger.

The company said that to its knowledge no user had been hacked via the flaw, Microsoft Security Program Manager Christopher Budd said, though he cautioned users not to be complacent about downloading the upgrades.

The chat control feature is not automatically included in Windows Messenger, which is installed with the XP version of Windows, Microsoft's flagship operating system.

Budd said it is automatically included only in the two latest versions of MSN Messenger, which has some 46 million users. The first of those versions was released last October.

Microsoft was informed of the flaw by a security firm about a month ago but did not disclose it until late Wednesday because it was developing the fixes or "patches" for customers to download, Budd said.

"Software always will have flaws," Budd said. "We always do our best to ensure we do not have flaws or vulnerabilities, but while we strive for perfection, we know we're not always going to achieve perfection."

Gates announced a "Trustworthy Computing" initiative in January after a series of embarrassing security incidents involving Microsoft software that prompted criticism the software giant had been giving security short shrift as it piled new feature upon new user-friendly feature in its operating systems.

The most serious was a vulnerability affecting a Web server program included in corporate Windows operating systems.

That flaw could let a hacker take over someone else's server.

Like the Web server flaw, the newest vulnerability was caused by what is known as a "buffer overflow problem."

Buffer overflows occur when software is programmed to accept information but not given the ability to validate or limit it. That allows hackers to send commands that an operating system is not expecting but that end up in a computer's memory and are executed.

In February, Microsoft warned of an unrelated flaw in MSN Messenger that could allow a hacker to gain access to screen names and e-mail addresses. ***************** USA Today House privacy bill puts onus on consumers

WASHINGTON (Reuters) Several U.S. lawmakers introduced a long-awaited privacy bill Wednesday that would allow U.S. businesses to share information about customers who have not explicitly forbidden them to do so.

More than a year in the making, the privacy bill unveiled in the House differs from a competing bill making its way through the Senate that would require businesses to get consumers' explicit permission before sharing sensitive information such as income level, religious affiliation or political interests.

U.S. Rep. Cliff Stearns' bill would instead leave companies free to share customer profiles unless customers specifically forbade them.

The bill would cover transactions both on the Internet and in the "offline" world, and would override state laws that place more restrictions on commercial use of personal information. Sponsors said the bill would establish basic privacy protections for consumers while minimizing the impact on business.

Stearns, a Florida Republican whose consumer-protection subcommittee held six hearings on privacy last year, said the free flow of consumer data has been a cornerstone of the modern information-based economy.

"The underlying principle that anchors this bill is, 'do no harm,' " he said.

Consumers would have no right to sue if their privacy was violated. Enforcement would be left in the hands of the Federal Trade Commission, which usually does not impose fines on a first offense.

Companies submitting to a self-regulatory privacy regime such as TRUSTe or BBBonline would enjoy protection from FTC actions.

While lawmakers have introduced dozens of privacy bills in the House since the beginning of last year, none has attracted as much support as Stearns' measure. The bill has lined up 22 co-sponsors from both sides of the aisle, among them Rep. Billy Tauzin, the Louisiana Republican who chairs the House Energy and Commerce Committee.

Rep. Rick Boucher, a Virginia Democrat, said businesses would be free to set more restrictive privacy practices on their own as a way to market themselves.

"I'll predict a much greater level of Internet usage with these privacy policies in place," Boucher said.

Initial reaction to the bill was mixed.

A group of business leaders from high-tech firms said the bill struck the right balance between consumers and businesses, while the U.S. Chamber of Commerce said it was not needed because businesses could handle privacy concerns on their own.

Privacy advocates said the bill was a step backward, especially by not providing extra protection for sensitive information.

"Americans care about sensitive information. This bill does not address those issues," said Ari Schwartz, a senior policy analyst at the Center for Democracy and Technology. ****************** USA Today VeriSign to auction domain names on eBay

SAN FRANCISCO (Reuters) Security and Web address provider VeriSign, which has seen layoffs and missed its sales target partly as a result of lower-than-expected Web address sales, on Wednesday announced it will auction domain names on eBay.

The auctions of dot-bz domain names will be targeted at businesses, Verisign said in a statement. Other domain names are likely to follow, a spokesman said.

With 46 million users, eBay offers a ready market for everything from vintage baseball cards and diet pills to airline tickets and used computers.

The dot-bz domain is the top-level domain for the Central American country of Belize and is different from the dot-biz domain, which is one of the new generic top-level domains that will be entering the dot-com dominated market.

VeriSign is overseeing the registry for the dot-bz domain.

Separately on Tuesday, VeriSign Chairman and Chief Executive Stratton Sclavos, speaking at the J.P. Morgan H&Q technology conference in San Francisco, could not tell analysts when he thought sales of domain names might pick up.

Those sales dropped off last year after the dot-com speculative bubble burst in 1999 and 2000. Until then, buyers gobbled up Web addresses in a frenzied attempt to stake a claim in the Internet.

Also under the eBay partnership, VeriSign will provide services to verify the identification of sellers on eBay to help cut down on fraud.

Currently, sellers provide credit card information to register on eBay and customers can rate the sellers following transactions.

"We're always finding people who have been suspended in the past and who are trying to re-register," said Kevin Pursglove, an eBay spokesman. "Or they're providing inaccurate information and are coming to the site to engage in nefarious activity."

VeriSign will handle the registration process and validate the identity of sellers by confirming phone numbers and addresses, said Anil Pereira, executive vice president and general manager of VeriSign's enterprise and service provider division.

For higher ticket items, VeriSign will also verify credit and other information on potential sellers as part of its Authentication Service Bureau, he said. ******************* Sydney Morning Herald Microsoft fined for piracy last year

Microsoft was convicted of software piracy by a French court last year, according to reports at numerous websites.

The company was fined three million francs in damages and interest for violation of intellectual property because of the illegal inclusion of another company's proprietary source code in SoftImage 3D, an animation package.

A report on the conviction was carried in the French paper, Le Monde Informatique.

No technology magazine or Website cottoned on to the fact at the time. It was left to a Peruvian Congressman, Dr Edgar David Villanueva Nuñez, to raise this point in a letter to the general manager of Microsoft Peru, Juan Alberto González. Dr Nuñez was replying to a letter from Mr González wherein the latter had stated the official position of Microsoft relative to Bill Number 1609, Free Software in Public Administration, passed by Peru.

Within Dr Nuñez's reply was this paragraph:

"Questions of intellectual property fall outside the scope of this bill, since they are covered by specific other laws. The model of free software in no way implies ignorance of these laws, and in fact the great majority of free software is covered by copyright. In reality, the inclusion of this question in your observations shows your confusion in respect of the legal framework in which free software is developed.

"The inclusion of the intellectual property of others in works claimed as one's own is not a practice that has been noted in the free software community; whereas, unfortunately, it has been in the area of proprietary software. As an example, the condemnation by the Commercial Court of Nanterre, France, on 27th September 2001 of Microsoft Corp. to a penalty of 3 million francs in damages and interest, for violation of intellectual property (piracy, to use the unfortunate term that your firm commonly uses in its publicity)."

Newsforge has a story, detailing a timeline of the events that led to the conviction. See http://newsforge.com/newsforge/02/05/07/2234251.shtml?tid=3

*******************
Sydney Morning Herald
'Cyber jihad' warning to terror experts
Hobart

A "cyber jihad" could be launched against the West as terrorists moved from the real world to an Internet-based virtual world, a US expert warned today.

Michele Zanini, a consultant with the think-tank McKinsey and Company, said terrorist groups such as al-Qaeda were already making huge use of the web for communications, propaganda, recruitment and target data.

Another expert, Rand Europe senior policy analyst Kevin O'Brien said there was potential for terrorists to cause huge losses to the West by damaging information technology systems.

Dr Zanini and Dr O'Brien were speaking at an international conference on global terror in Hobart.

Dr O'Brien said Western-developed IT had become the "great equaliser" as it was exploited by terrorists and rogue states.

He said the cyber world was chaotic and without boundaries and Western security agencies were traditionally ill-equipped to deal with its threats.

Both experts said newer terrorist groups like al-Qaeda and Hamas were different to earlier ones that had been hierarchical and bureaucratic.

Al-Qaeda was a fluid network of semi-autonomous groups, hard to pin down and with links to about 20 other groups.

In the wake of September 11, it was clear terrorists were using the Internet as a weapon of war, the experts said.

Terrorists used the Net to gather intelligence, including target information, and counter-intelligence.

They made and moved money on it and were suspected of even manipulating stocks for profit.

They could also use it for worldwide planning and coordination, propaganda, psychological terrorism and rumour-mongering.

Rogue states could equally use it and China and Taiwan were already battling a cyber war, according to the experts.

Dr O'Brien said the danger to business was of great concern, with some websites particularly vulnerable.

An interruption of a few seconds on the New York foreign exchange market could cost billions of dollars.

Companies could also be damaged through extortion, brand destruction and fraud.

Dr O'Brien said much more cooperation and information-sharing between governments and business was needed to combat the threats.

Australia, Britain and Canada had moved in this direction, but the US response was still hampered by agency turf wars and personal rivalries, he said.

However, on the wild world of the web, there's an unlikely ally in the war against terror.

Dr Zanini said traditional hackers had a quite different culture to terrorists and the two did not mix well.

There was even an organisation called Hackers Against Terrorism, a sort of virtual vigilante group, he said. ******************* Wired News Macs' Last Stand on Capitol Hill By Mark Baard

She'd rather take a ride in Strom Thurmond's wheelchair than use a Windows PC, but Amelia Dungan has little choice: Macs are not welcome on Capitol Hill.

Dungan is the assistant to the director of Sen. Edward Kennedy's Health Committee in Washington. To her chagrin, she is forced to use a PC running Microsoft's Windows.

She got a taste for Mac living last fall, when an anthrax scare forced Kennedy's staff out of the their usual building. The staff was given space in an adjacent building and Apple iBooks, which they used to hammer out the Frist-Kennedy bioterrorism bill.

"The iBooks were wonderful," Dungan says. "A lot of people in my office are science people: neuroscientists, mathematicians and economists. For them, the iBooks were a return to normal."

But Kennedy's staff had to surrender their iBooks once they returned to their decontaminated offices. Dungan is back to using her Compaq Pentium III PC, which she describes as "an awful computer."

Mac lovers like Dungan have few champions on the Hill these days. The Senate Office of the Sergeant at Arms (SAA), which makes technology recommendations to senators, has eliminated almost all Macs on Capitol Hill with the exception of three offices: Kennedy's, Sen. Tim Johnson (D-South Dakota), and the office of the Democratic Policy Committee.

The SAA's recommendations aren't mandatory, but those that follow them are provided with follow-up hardware and software, and technical support.

According to critics, those who decline the SAA's advice are ostracized: Requests for support go unanswered, and suggestions for new technologies are ridiculed,

"There aren't many Mac users left," says Jeff Hecker, a systems admininstrator at the Democratic Policy Committee, which uses Macs to analyze data and create visual displays for Senate debates. "The PC bigots [at the SAA] have, for the most part, driven them out of the Senate."

Hecker said he has given up fighting for the Mac cause, but there is one Mac proponent who is digging in his heels and taking a last stand for Macs on Capitol Hill.

The rebel's name is Ngozi Pole. He is the office and systems administer at Kennedy's Boston and Washington offices. He got Dungan and the other staffers their iBooks during the anthrax scare. And for years, Pole has been locking horns with anti-Mac administrators at the Senate Office of the Sergeant at Arms.

"Instead of seriously considering my suggestions, [the SAA has] tried to ruin my reputation," Pole complained.

According to Pole, he only wants to replace the Senate's current e-mail dinosaur, Lotus cc:Mail, with Web browser-based applications, and those using Java and Macromedia Flash. That way, a user can choose to work with a Mac, or virtually any other computer.

The SAA maintains the Senate's e-mail and Web servers, and administrates the senate.gov domain.

"The stuff we do is very basic," Pole says. "All we need is e-mail, the Internet, a word processor and the ability to create output. Why shouldn't we be able to use Macs if we want to?"

But according to Pole, the SAA is reluctant to support the Mac OS, as well as any Flash or Java-based applications.

Instead, the SAA is pushing toward an easy-to-maintain, Microsoft-only upper branch.

The SAA has few Mac support staff, and crushes the hopes of Mac proponents each time it recommends technologies that are not cross-platform compatible in its requests for information and proposals (RFIs and RFPs).

"The SAA writes crappy RFIs and RFPs," Pole said. "They have never written one that talks about cross-platform solutions."

That approach is costing the Senate money, according to Pole. By seeking a Windows-only workplace, the SAA is locking the Senate into expensive product development cycles precipitated by each new release of Microsoft's Windows.

Wired News tried to get the SAA on record but repeated requests for an interview were unsuccessful. An SAA spokeswoman at first granted an interview request, but then ignored follow-up requests for a date and time.

Regardless of the SAA's recommendations, Pole plans go his own way, without the support of the SAA.

The SAA allocates $250,000 per six-year term to each senator. The department had hoped Pole would use the budget to replace aging Macs in Kennedy's offices. Instead, Pole will spend the remainder of his budget through 2003 filling Senator Kennedy's Washington office with new flat-panel iMacs.

Pole also wants to hand out iBook notebooks, with Airport wireless networking cards, which staffers will use in the conference rooms and at home. Airport Base Stations will be placed near each conference room in the senator's Washington office.

Amelia Dungan says she can't wait to get her hands on one of those iBooks.

"Our location and situation [during the anthrax scare] were less than ideal," she says. "But the Macs were wonderful. They never crashed, even with two people to a computer, 14 hours a day. We all wished we could bring them back to the Hart Building."

Added Dungan: "Ngozi Pole is pretty high up on the SAA's list of revolutionaries the days." ******************** Wired News Bomb Suspect Traced by Cell Phone

SAN JOSE, California -- Mailbox bomb suspect Luke Helder made a crucial mistake while on the run: He turned on his cell phone.

As soon as he activated it, FBI agents quickly triangulated his position between two rural towns and had him in handcuffs within an hour Tuesday, according to Nevada authorities.

The fact that another motorist spotted Helder in passing helped authorities, but the cell phone signal like a locator beacon was a dead giveaway.

"We got a call from the FBI at approximately 3:20 p.m. that the cell phone that (Helder) had been known to have had been activated somewhere between Battle Mountain and Golconda," said Maj. Rick Bradley of the Nevada Highway Patrol. "We started hitting Interstate 80."

The Highway Patrol flooded the area with officers and quickly had Helder in custody, Bradley said Wednesday.

Bradley said tracking down Helder without the pinpoint location provided by the FBI would have made the task tougher, given the sprawling region.

"It's really a rural area. There's not that much police presence," Bradley said.

Helder also placed a call to his parents' Minnesota home, and spoke with an FBI agent they handed the phone to. But the technology trick used by the FBI helped seal Helder's fate.

Gayle Jacobs, a spokeswoman for the FBI's Las Vegas office, refused to go into detail about how the bureau did it, or even to acknowledge what it did.

"As far as investigative technique, we don't disclose that information," Jacobs said.

Cell phone triangulation is a well-known tracking method within the wireless industry, said Michael Barker, an equipment sales manager for Cell-Loc, based in Calgary, Alberta. His company provides tracking services to help people who are incapacitated and unable to dial for help.

"Every time the cell phone is on, it periodically sends a little registration message to the phone company, 'Here I am! Here I am!'" Barker said. That message contains the cell phone's electronic serial number and tells the service provider when the phone has drifted in and out of cell tower range.

Federal agents then easily can get in contact with the cell phone service company and get the location of the nearest cell tower in contact with the activated phone, Barker said.

Law enforcement then can equip agents with devices designed to triangulate the signal and determine its location within about a third of a mile and the direction it was traveling in, Barker said. Handheld equipment for such a search is not sold to the general public, he said.

Robin Gross, an attorney at the Electronic Frontier Foundation, warned that the technology could be abused. She said cell phone tracking could be used to follow the movements of political dissenters or politicians and other people in power.

"I think it's inappropriate to be tracking people under some kind of assumption that they might do something illegal," Gross said. "I just think it's ripe for abuse by law enforcement and by government." *************** News Factor Intel Drives Wireless Speed with New LAN Chipset By Brian McDonough www.WirelessNewsFactor.com,

Wi-Fi5 remains a more expensive option, but one that is expected to grow as home-entertainment uses for wireless broadband, such as relaying DVD signals, become available. 'When I hear Wi-Fi5 talked about for the home, it's in connection with those consumer electronics applications,' Intel spokesperson Scott McLaughlin told Wireless NewsFactor. For the complete story see: http://www.newsfactor.com/perl/story/17646.html#story-start ***************** News Factor Wearable Biometric ID System Unveiled By Jay Lyman

The companies claim the biometric system will allow faster security screening in fixed locations and the ability to stage mobile security checkpoints at vital installations. For the complete story see: http://www.newsfactor.com/perl/story/17636.html#story-start ******************* Taipei Times Unfrozen funds to pay for linking of weapons systems By Brian Hsu STAFF REPORTER The legislature's defense committee yesterday reached an agreement to unfreeze two separate classified budgets of the military, worth NT$5.2 billion in total, for the construction of an intra-service communication system and an inter-service command, control and communication system.

The budgets include NT$2.6 billion for the Anchieh (¦w±¶) project, which will include the army's purchase of a second unit of the US-made IMSE (improved mobile subscriber equipment) tactical communication system -- and another NT$2.6 billion for the Posheng (³Õ³Ó) project, which is the first stage of a long-term plan to construct an inter-service command, control and communication system based on equipment that will be bought from the US.

These budgets had been frozen since the last session of the legislature because of opposition by some lawmakers to the two projects, which were criticized as being "too expensive" and as being "outdated technology."

In yesterday's closed-door meeting of the defense committee, lawmakers with the committee reached agreement after several hours' discussion on unfreezing the two budgets.

The agreement was reached on condition that the military will meet several requests by the committee regarding the two projects.

One request is that the US has to transfer to Taiwan technology for the IMSE and the inter-service command, control, and communication system, which is to be based on the US' Link 16, said PFP lawmaker Chao Liang-yen (»¯¨}¿P), a member of the defense committee.

Another request is that, if Taiwan is to sign a contract with the US on either of the deals, the contract has to be signed in Taiwan and it must be written in both Chinese and English, Chao said.

"We also asked the military to build a link with the army's IMSE and the Posheng system, although we know the two systems cannot be linked together at the moment," she said.

The unfrozen budgets are only part of the money that the military intends to spend on the two projects.

The army plans to spend another NT$11.3 billion on the purchase of several other units of the IMSE to build a nation-wide communication network.

As for the Posheng project, the NT$2.6 billion budget unfrozen yesterday is only for a preliminary study of the workability of the Link-16 system in Taiwan.

It is estimated that construction of the Link-16 system will cost around NT$47.3 billion.

The Link-16 system is expected to greatly enhance the joint-operation capabilities of the military because it forms data links between a variety of weapons systems -- of all the three services.

For the air force alone, the data link will enable different fighter planes to share and transmit real-time information -- this will, for instance enable information-sharing between the F-16 and Mirage 2000-5 fighter planes.

The domestically-built IDF is to be excluded from the data-link system due to budgetary considerations and tactical concerns.

The state-run Aerospace Industry Development Corporation (AIDC), the developer of the IDF, is trying to persuade the military to include the IDF into the system -- and to award AIDC the contract to integrate the plane into the system. ****************** Computerworld IBM unveils higher level of disaster recovery services

To help customers be better prepared in the event that a disaster strikes their IT operations, IBM today is launching a new services unit that focuses on quickly getting businesses back on their feet after their IT infrastructure is damaged or destroyed. In an announcement today, IBM said the new applications and data continuity practice are being established within IBM's Global Services arm and will bring together new and existing technologies to help customers prepare for the unexpected. Instead of getting affected businesses back in operation within several days, the new methods should allow businesses to resume operations within about 20 minutes by maintaining linked remote systems that are fully synchronized with the main IT systems, IBM said.

A key part of the new practice is ensuring that customer applications and data files are available from a remote location if disaster strikes a main data center, said Roger Schwanhausser, director of storage services at IBM Global Services. Too often, he said, customers think that if their data is backed up remotely, getting back into operation after a disaster is as simple as flicking a switch.

Instead, he said, data isn't usually available quickly from a redundant data center if the system has to first be fired up and prepared for use.

IBM will now help customers create parallel remote data centers that feature cluster management capabilities on servers or mainframes, depending on the needs of the businesses. By organizing the remote data centers as offshoots of the main data facilities, all specified data and applications can be mirrored in a "shadow infrastructure" and be available in an emergency, Schwanhausser said. The remote centers can be located thousands of miles away.

"There have been pieces of this total solution in place in the past," he said, but few businesses have prepared themselves for fast redeployment in case of an emergency.

The new services unit comes at a time when more businesses are looking over contingency plans just eight months after the terrorist attacks on the U.S., he said. Before Sept. 11, "there wasn't the heightened interest and concerns about business continuity," Schwanhausser said. "Not to overstress it, but [Sept. 11] caused us all to re-evaluate a lot of things."

The new services are targeted at financial, travel and retail businesses -- where immediate recovery is critical and can mean the difference between continued sales and huge revenue losses.

Pricing for the consulting and configuration services will likely range from the hundreds of thousands of dollars for businesses with modest needs to tens of millions of dollars for businesses with large needs. Once established, the facilities will be run by the IT staffs of the client companies.

Dianne McAdam, an analyst at Illuminata Inc. in Nashua, N.H., said IBM's approach is sensible because it prepares for disaster recovery from many angles, not just data recovery. "What happens sometimes is customers tend not to think of the bigger picture," she said. "What they're doing is sitting down with a customer and piecing it all together."

The IBM approach will allow customers to put into effect a multiphase disaster recovery plan, with critical applications and data restored quickly and less important applications and data restored later using traditional tape restoration, which is far less costly, McAdam said.

Customers often forget about applications as they plan their backup programs, she said, adding, "Every customer wants to do business continuity and recovery planning, but they don't know where to get started."

Jim Garden, an analyst at Technology Business Research Inc. in Hampton, N.H., said IBM's new services are "expanding the envelope on disaster recovery" in a field that is maturing. "It makes sense from a business point of view," he said. ***************** Computerworld 'Cute' Trojan horse attacks through e-mail

A pair of antivirus companies is warning users to look out for an e-mail worm that could allow attackers to take over their machines and try to damage firewall and security programs. Santa Clara, Calif.-based Network Associates Inc.'s McAfee.com Corp. unit and Cupertino, Calif.-based Symantec Corp. are both warning computer users to watch out for an e-mail message with a subject line: "Thoughts..."

Inside, users find a short note reading: "I just found this program, and, i dont know why... but it reminded me of you. check it out." Inside the message is an attachment called Cute.exe.

Statements released by both Symantec and Sunnyvale, Calif.-based McAfee say the package will unleash a Trojan horse worm that will look for security programs inside a user's machine and attack them. Both companies have labeled the worm a "low" risk and offer instructions on their Web sites on how to remove it.

The program will also allow attackers to do the following:

Send instant messages from an infected machine using either MSN Messenger or AOL Instant Messanger

Send e-mail

Initiate denial-of-service attacks

Access, move, copy or delete files

Access, move, copy or delete file transfer protocol files The program will copy itself to the Windows directory and create two registry keys, according to McAfee's statement. Two INI keys are also created. Then "the worm looks for E security programs (including antivirus and firewall programs) in memory and terminates them if found," the statement said. ******************

Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 507
1100 Seventeenth Street, NW
Washington, D.C. 20036-4632
202-659-9711

Prev by Date: ACM TechNews - Wednesday, May 8, 2002
Next by Date: Clips May 13, 2002
Previous by thread: ACM TechNews - Wednesday, May 8, 2002
Next by thread: Clips May 13, 2002
Index(es):
- Date
- Thread