[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips May 9, 2002
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, CSSP <cssp@xxxxxxx>;, glee@xxxxxxxxxxxxx;, Charlie Oriez <coriez@xxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, computer_security_day@xxxxxxx;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;;
- Subject: Clips May 9, 2002
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Thu, 09 May 2002 10:09:35 -0400
- Cc: lillie@xxxxxxx
Clips May 9, 2002
ARTICLES
A Visual Rather Than Verbal Future
W.Va. Firm, IBM Plan for Millions of Players Online at Once
First Humans to Receive ID Chips
Eye-, Face-Recognition Systems Take a Few Steps Up
Judge Allows Electronic Copyright Case to Proceed
INS opens entry/exit door
Emergency program moving along
In Satellite Piracy War, Battles on Many Fronts
Commuters face smart card confusion
Flaw leaves MSN Messenger vulnerable to hackers
House privacy bill puts onus on consumers
VeriSign to auction domain names on eBay
Microsoft fined for piracy last year
'Cyber jihad' warning to terror experts
Macs' Last Stand on Capitol Hill
Bomb Suspect Traced by Cell Phone
Intel Drives Wireless Speed with New LAN Chipset
Wearable Biometric ID System Unveiled
Unfrozen funds to pay for linking of weapons systems
IBM unveils higher level of disaster recovery services
'Cute' Trojan horse attacks through e-mail
*****************
Washington Post
A Visual Rather Than Verbal Future
By Leslie Walker
With all due respect to fellow computing gurus around the world, the
University of Maryland's Ben Shneiderman doesn't think speech will ever
become the main way people communicate with computers. He's convinced our
eyes will do better than our voices at helping us control the digital
machinery of the 21st century.
His explanation seems so simple, so obvious, so testable, that you have to
wonder why Microsoft, IBM and other research labs have been spending
billions of dollars trying to let us talk to computers the way people did
to HAL in "2001: A Space Odyssey."
"Hollywood and the image of HAL gave us this dream, this hope, this vision,
but the reality is quite different," says Shneiderman, a computer science
professor and well-known researcher, sitting in a College Park office more
cluttered with books than computers. "It turns out speaking uses auditory
memory, which is in the same space as your short-term and working memory,"
he adds.
What that means, basically, is that it's hard to speak and think at the
same time. Shneiderman says researchers in his computer science lab
discovered through controlled experiments that when you tell your computer
to "page down" or "italicize that word" by speaking aloud, you're gobbling
up precious chunks of memory -- leaving you with little brainpower to focus
on the task at hand. It's easier to type or click a mouse while thinking
about something else because hand-eye coordination uses a different part of
the brain, the researchers concluded.
The upshot, Shneiderman contends, is that while speech may help blind and
disabled people interact with computers, it's unlikely to become the
dominant way people connect with them.
"It's the bicycle of user interfaces," he says of human voice, his own
sounding a tad weary, as if he has said this many times before. "It gets
you there . . . but it's not going to carry the heavy load that visual
interfaces will."
Visualization, you see, is Shneiderman's thing. You can tell by how his
voice springs to life when he starts talking about the visual interface
projects underway at the University of Maryland's Human-Computer
Interaction Lab, the research group he founded 19 years ago to develop
novel ways of interacting with computers. When the public descends on his
College Park lab for its annual symposium and open house May 30-31
(www.cs.umd.edu/hcil/soh), it will see an array of new graphical tools for
exploring information.
Shneiderman thinks visual tools are what will let humans master computers.
If he's right, the next-generation Internet may have fewer software
"robots" than most pundits predict. Or if software agents do catch on,
visual tools may be how we control them.
Control, after all, is what Shneiderman thinks is still missing from the
computing experience. Computers and the Internet are too darned
frustrating, he says, and the only way to put people back in control is
through new software designs that are more human-centered, chiefly by
leveraging our powerful visual sense.
His latest visual tool is the "timesearcher," a graphical box that lets
people ask questions about massive amounts of data and see the answers
visually. Instead of having to type each question using words and numbers
("show me all the stocks that rose in price more than 30 percent between
January and April," for example), the timebox lets you drag around a box on
the screen, shrinking or expanding it to explore complex relationships
among data over time, with results displayed instantly in an adjacent panel.
Wall Street analysts are testing his timeboxes for technical stock
analysis. "But our interest really is in genomic data, where you have
10,000 genes on a DNA microchip and you are looking for patterns over
time," Shneiderman says.
His team of more than half a dozen researchers is led by Ben Bederson, a
younger version of Shneiderman who has taken over as director of the
College Park lab (colleagues call them Ben S. and Ben B.) and is equally
committed to the power of visual tools.
Bederson developed software to browse the thousands of digital photographs
he had taken of his 3-year-old daughter. The software, called PhotoMesa,
lets people see a ton of image directories and thumbnails at once, then
zoom in to get a bigger view of any particular image or group. After
downloading the free software from the lab's Web site, I used it to find,
in about 10 minutes, a photo I had searched for in vain for months among
the thousands of digital photos I have stashed on my home computer.
The lab has had its share of commercial successes, notably with software
that creates graphical sliders to let users quickly refine searches or try
out what-if scenarios based on different variables. The so-called dynamic
search query software was taken to market by a Massachusetts company called
Spotfire and is being used by big drug companies and other businesses.
Many programs emerging from the lab (including funny-looking fish-eye menus
where type starts small and gets bigger before turning small again) let
users visually zoom in and out easily, the idea being that people grasp
data better if they can associate it with the big picture. You can see for
yourself at SmartMoney.com's online map of the stock market, which shows
500 stocks in a maze of overlapping rectangles, with green representing
companies and sectors with rising stock prices and red depicting falling
ones. It was developed with mathematical formulas for "treemaps" created in
Shneiderman's lab.
Shneiderman is best known for inventing a form of hyperlinked text called
"Hyperties" in the 1980s, a forerunner of the World Wide Web's hyperlinks.
He was right about the power of visually linked text back then. There's no
reason to think he isn't right now about how timeboxes, dynamic query
sliders and similar graphical interfaces will one day let us discover
startling truths -- much as Galileo shook up the 17th century when his
telescope revealed craters on the moon and led to the discovery of galaxies
far, far away.
"These tools are like telescopes and microscopes," Shneiderman says. "They
are a new way of viewing things you couldn't see before."
For a Web video tour of the Human-Computer Interaction Lab, go to
www.washingtonpost.com/walker. Leslie Walker's e-mail address is
walkerl@xxxxxxxxxxxxx
******************
Washington Post
'Grid' Expands Game Universe
W.Va. Firm, IBM Plan for Millions of Players Online at Once
By Ellen McCarthy
Playing video games with a friend or two can be fun, but David Levine
thinks it could be a lot more exciting with a couple of million people.
Levine's Butterfly.net Inc. today will launch a product that would allow
millions of players who buy third-party software to participate in Internet
video games at the same time -- an advance Levine believes will change the
online gaming world.
"What we've done is radically different," Levine said. "It's going to be
the difference between a niche geeky market and the mass market."
The product is being released with International Business Machines Corp.,
which provided the basic infrastructure and networks for the technology.
Butterfly's software is based on a computing system called "grids," which
was developed for sharing data on the Internet. It will be sold to to major
video-game publishers such as Vivendi Universal and Electronic Arts.
Scott Penberthy, vice president of business development for IBM's global
services unit, said the use of grids in the gaming industry is a validation
of the technology's potential commercial uses.
"We see tremendous potential for this across the industry," Penberthy said.
"If you're a game developer, you want something that is going to be smooth
and cost effective. They've created a system that does that -- it's just
the first ray of light."
Current technology is limited by the number of players whom each server can
accommodate, usually under 1,000, Levine said. Butterfly's software
eliminates those restrictions by joining servers into clusters, allowing
millions of players to interact simultaneously.
For example, if a new television show debuts and the 25 million people who
are watching decide to play a game based on the show, everyone will be
included in the same game, rather than split into factions.
Butterfly Grid can be used in both PC-based games and Internet console games.
Butterfly, still a 12-person operation, was founded almost two years ago in
Shepherdstown, W.Va. The firm has worked on several game-related projects
to raise money, but Levine said developing the Butterfly Grid has remained
the company's primary focus.
"The cost of what we're going to provide to publishers is so low that the
games will become much more profitable -- this brings it to a new level,"
he said. "I really think we're going to change things with this."
**********************
Los Angeles Times
First Humans to Receive ID Chips
Technology: Device implanted under skin will provide identification and
medical information.
By DAVID STREITFELD
Eight people will be injected with silicon chips Friday, making them
scannable just like a jar of peanut butter in the supermarket checkout line.
The miniature devices, about the size of a grain of rice, were developed by
a Florida company. They will be targeted to families of Alzheimer's
patients--one of the fastest growing groups in American society--as well as
others who have complicated medical histories.
"It's safety precaution," explained Nate Isaacson. The retired building
contractor will enter his Fort Lauderdale doctor's office Friday as an
83-year-old with Alzheimer's. He'll leave it a cyborg, a man who is also a
little bit of a computer.
The chip will be put in Isaacson's upper back, effectively invisible unless
a hand-held scanner is waved over it. The scanner uses a radio frequency to
energize the dormant chip, which then transmits a signal containing an
identification number. Information about Isaacson is cross-referenced under
that number in a central computer registry.
Emergency room personnel, for instance, could find out who Isaacson is and
where he lives. They'd know that he is prone to forgetfulness, that has a
pacemaker and is allergic to penicillin.
"You never know what's going to happen when you go out the door," said
Isaacson's wife, Micki. "Should something happen, he's never going to
remember those things."
Applied Digital Solutions Inc., the maker of what it calls the VeriChip,
says that it will soon have a prototype of a much more complex device, one
that is able to receive GPS satellite signals and transmit a person's location.
It's a prospect deeply unsettling to privacy advocates, no matter how
voluntary the process may initially appear.
"Who gets to decide who gets chipped?" asked Marc Rotenberg, executive
director of the Electronic Privacy Information Center. "Parents will decide
that their kids should be implanted, or maybe their own aging parents. It's
an easier way to manage someone, like putting a leash on a pet."
Applied Digital, which says it has a waiting list of 4,000 to 5,000 people
who want a VeriChip, plans to operate a "chipmobile" that visits Florida
senior citizen's centers. An estimated 4 million people nationally have
Alzheimer's, with more than 10% of them in Florida.
Not Just for Those
With Alzheimer's
Jeffrey and Leslie Jacobs and their teenage son Derek, whose "chipping"
will be a national media event, don't have problems with dementia. The Boca
Raton, Fla., family has a mixture of ailments and interests: Jeffrey has
been treated for Hodgkin's disease and suffers from other conditions for
which he takes 16 medications, while Derek is allergic to certain
antibiotics. Mostly, though, he's a computer buff who considers the
procedure nifty. As for Leslie, she's merely hoping to feel more secure in
an insecure world.
A third group readying themselves for the simple outpatient procedure
Friday are executives of Applied Digital, a publicly traded company based
in Palm Beach. Even their publicist is doing it.
Getting chipped is easy. Making it more useful than a piece of body art
will be harder.
"There are a lot of practical issues here, as well as ethical and privacy
issues," said Mark Pafford, associate executive director of the Alzheimer's
Assn.'s Southeast Florida chapter. "If it were me, I would use something
tried and proven, like a ID bracelet or a necklace that has an 800 number.
This VeriChip seems like it would inhibit someone being returned home in a
timely fashion. Who knows how to look under someone's skin?"
Applied Digital says nearly all the major hospitals in the West Palm Beach
area will be equipped with the scanners. Yet St. Mary's Medical Center, a
major trauma center approached at random by a reporter, said no one had
contacted that hospital.
Isaacson's family says he has a bracelet. He also has a wallet with an ID.
"The VeriChip is more of a 'God forbid,'" said Sherry Gottlieb, Isaacson's
daughter. "You feel you have to have it, but hope you never need it."
Applied Digital is charging $200 for a chip, plus a $10 monthly fee to
store the information. As the first patients, Isaacson and the Jacobses are
getting their VeriChips for free, but that's the only financial
consideration they are receiving.
Isaacson's doctor, while agreeing to perform the insertion, has some qualms
about it. He consented to be interviewed but asked that his name not be
revealed until Friday. While protests against the VeriChip have been
minimal, neither the doctor nor Applied Digital are eager to see
demonstrations. A few religious groups say the chips are "the mark of the
Beast" referred to in the Bible.
"I think this is going to be the cutting edge of the future, because quick
information saves lives," Isaacson's doctor said. "I get calls 24 hours a
day informing me that a patient has had a stroke or a heart attack and is
in the hospital. I have to go to my office, get the chart, and then go to
the hospital. All that takes time, while the patient is being treated with
limited information."
And yet this family practitioner doesn't see himself chipping any youthful
patients. While he believes the procedure is safe and the chip can always
be removed, he's worried about long-term liability. "You do something to a
young person, you may be responsible for years afterwards. He may be
carrying this chip for 70 or 80 years."
Long before then--by the end of the year, in fact--the next generation of
devices will be tested.
An embedded chip with GPS capabilities would be slightly larger than a
quarter and require actual surgery to implant. Unlike the VeriChip, it also
would require Food and Drug Administration approval. That will slow down
its U.S. introduction.
"We believe we have solved the battery issue, which leaves the question of
an antenna that can transmit through skin tissue," said Keith Bolton,
Applied Digital's chief scientist. The devices will be powered by lithium
ion batteries, which can be charged remotely from outside the body.
Interest in Device
in Brazil and Mexico
Applied Digital says it has already received considerable interest in the
VeriChip from both commercial and government sources in Brazil and Mexico,
and expects the embedded system to be big wherever there is a big threat of
kidnapping.
The prospect of such sales is no doubt one reason Applied Digital stock,
which traded as low as 11 cents in the last year, recently quadrupled to
about $2.
Corporate insiders were sellers of the stock before the recent run-up,
which might indicate a lack of faith in the company's viability.
The stock fell 6 cents to $2.01 on Wednesday on Nasdaq.
Applied Digital is heavily indebted but says it will have actual earnings
this quarter before interest, taxes and depreciation are accounted for.
********************
Washington Post
Eye-, Face-Recognition Systems Take a Few Steps Up
By Carlos A. Soto
Government Computer News
Vendors of biometric devices are betting that their face- and
eye-recognition technologies can make a camera lens as efficient as a
security guard's watchful eye. Far-fetched? Maybe not.
Just three years ago, facial and iris biometric scanners looked like James
Bond film props but were cumbersome to set up and functioned poorly without
ideal lighting and camera placement. Even worse, their software often
interfered with other applications.
Although problems linger, biometrics has been improving rapidly. It can't
yet replace human judgment, but it can replace the password.
The iris of the human eye develops before birth through a process called
chaotic morphogenesis, and no two irises are the same. Even identical twins
have four distinct irises, which is what makes iris scanning a sure method
of authentication.
The GCN Lab used the $239 Authenticam, made by Panasonic Security and
Digital Imaging Co., to test iris- and facial-recognition software. The
setup was actually two cameras, one atop the other. The upper camera,
originally developed by Iridian Technologies Inc., performed iris
recognition only. We coupled the second camera, similar to a standard
webcam, to Visionics Corp. facial-recognition software.
Iridian's KnoWho iris-recognition software, which costs $25 to $75 per user
license, encodes a captured image of the iris for subsequent matching and
verification. The KnoWho version we tested came with $49.95 SafLink 2000
biometric administration software from SafLink Corp.
Private ID, a second Iridian app, came bundled with the Panasonic
Authenticam. Private ID captures the iris image for KnoWho. The Iridian
products gave the most effective biometric security among the products we
reviewed. They never misidentified a user and couldn't be tricked by
environmental changes.
The Panasonic Authenticam had three light-emitting diodes at the bottom
that projected safe infrared beams, allowing iris recognition to proceed at
any level of ambient light. In the windowless lab, even with lights off, we
could enroll users on a Pentium 4 PC with the Iridian software installed.
Our testers found iris verification a little awkward at first, but once
they got used to it, they thought it worked as fast as fingerprint log-ins.
Iris enrollment took two steps. First, each user placed an eye in front of
the camera lens and watched for a yellow dot to appear. Next the user moved
away to about 18 to 22 inches from the Authenticam, at which point the
yellow dot turned green.
Once that color transformation occurred, the user had to remain still while
the software finished the enrollment.
Private ID and KnoWho worked fairly fast. Once an iris pattern was
captured, enrollment took little more than a second -- one second slower
than most fingerprint readers but hardly a noticeable difference.
Visionics' FaceIt calculated a digital identity code for each user by
measuring 14 out of 80 possible landmarks -- facial features such as eyes,
lips and nose. Such calculations should be unaffected by new facial hair or
haircuts.
We had problems at first making the lighting consistent enough for FaceIt.
If the camera moved, all the users had to be re-enrolled. The more often
they enrolled, however, the more consistently FaceIt could identify them.
The software costs up to $30,000 for a three-camera system using FaceIt
Argus, which is for large areas such as airports. A desktop version bundled
with SafLink 2000 costs less than $50 per user.
Facial-recognition technology, unlike iris identification, can be fooled by
similar measurements -- for example, faces of twins have nearly the same
measurements.
AcSys Biometrics Corp. put what it calls holographic/quantum neural
technology into its AcSys Face Recognition System Entry software to
determine a user's most noticeable characteristics.
Unlike Visionics' FaceIt, which looked for facial landmarks, AcSys's engine
compared the entire face in three dimensions against 20,000 images in a
database. From the similarities and differences, it interpreted what made
one face different from others.
Accuracy was affected by the environment, just as with the Visionics
software. The lighting for AcSys's product had to be consistent.
If users re-enrolled under different lighting, FRS Entry could learn to
recognize them in both environments. But that was time-consuming because
the new images had to be transplanted into the users' profiles.
FRS Entry, unlike FaceIt, recorded a new image each time it verified a
user. All the images went into the user's database template. A user who,
for example, grew long hair would continue to be recognized.
As with the Visionics software, the more pictures of the user, the better.
The longer we used FRS Entry, the better it got at distinguishing people
who looked somewhat alike.
But once again, if a face could fool a human guard, it could fool FRS Entry.
In a one-to-many setting for identifying a face in a crowd, FRS Entry
wrongly identified PostNewsweek Tech Media President David Greene as
Editorial Vice President Thomas R. Temin. (PostNewsweek Tech Media is a
unit of The Washington Post Co., which owns this newspaper.)
Its error was probably caused by an office lighting change. But as the
software gathered more images of both men into its database, it learned to
distinguish them even when Temin wore Greene's glasses.
Although AcSys designed FRS Entry for people to enter secure locations and
not as a log-in tool, the same recognition engine is available in a
stand-alone product.
AcSys FRS Entry requires a high-end camera and a dedicated, fast PC. The
complex pricing structure depends on the number of users, physical
infrastructure and number of doors monitored.
The company gave us a rough estimate of $10,000 per door, or $1,500 per
user up to 99 users, not counting installation or hardware.
Facial-recognition technologies are still immature. But once they better
adapt to lighting changes, we believe they stand a good chance of replacing
quite a few security guards.
At the moment, iris scanning is more reliable than facial recognition,
though that could change. Database storage and processing power
requirements for facial recognition probably will remain higher than for
iris scanning as both technologies mature.
****************
Los Angeles Times
Judge Allows Electronic Copyright Case to Proceed
Technology: Digital Millennium Copyright Act is constitutional, the opinion
says.
By JON HEALEY
TIMES STAFF WRITER
May 9 2002
In an important legal victory for publishers, movie studios and record
companies, a federal judge ruled Wednesday that a controversial 1998 law
bars the distribution of any tools that crack electronic locks on a
copyrighted work.
U.S. District Judge Ronald M. Whyte held that the Digital Millennium
Copyright Act is constitutional even though electronic locks could make it
hard for consumers to make "fair use" of the copyrighted products they buy.
"That is part of the sacrifice Congress was willing to make in order to
protect against unlawful piracy and promote the development of electronic
commerce and the availability of copyrighted material on the Internet,"
Whyte wrote in a 32-page opinion. Critics of the DMCA, including some
lawmakers, said it allows copyright owners to wipe out consumers' ability
to copy music, books and movies for personal use. But Hollywood studios and
record labels, alarmed by the flood of unauthorized copies online, are
pushing for even stronger measures to limit what consumers can do.
In the first criminal prosecution under the DMCA, Russian programmer Dmitry
Sklyarov was arrested last year for distributing a program that removes the
electronic locks from Adobe Systems Inc.'s e-books. Charges against
Sklyarov were dropped after he agreed to testify against his employer,
Elcom Ltd.
Elcom's lawyers argued that the DMCA is unconstitutional, but Whyte
dismissed their motion and let the case proceed to trial.
Federal copyright law gives the owners of a copyrighted work the exclusive
right to copy and perform it publicly. The main exception is for "fair
uses," such as making a back-up copy or printing excerpts in an academic
paper. In the DMCA, Congress made it illegal for any person to manufacture,
import or distribute technology whose main purpose is to circumvent the
electronic locks that limit access to or use of a copyrighted work.
That provision covered such things as the anti-copying controls on DVDs and
the software that prevents consumers from reading the Wall Street Journal
online without a subscription.
Elcom's lawyers contend that the company's software lets e-book buyers do a
host of legal things that Adobe's locks prevent, such as making back-up
copies, using text-to-speech converters and printing out chapters.
But Whyte ruled that the law "bans trafficking in or the marketing of all
circumvention devices," even if they could be used to support fair uses.
"The DMCA does not 'eliminate' fair use," Whyte wrote. "Although certain
fair uses may become more difficult, no fair use has been prohibited."
Besides, Whyte said, no law or court ruling guarantees a consumer "the
right to the most technologically convenient way to engage in a fair use."
Cindy Cohn, legal director of the Electronic Frontier Foundation, said,
"It's as if the judge ruled that Congress can ban the sale of printing
presses, because the 1st Amendment right to publish speech was not attacked
directly and quills and ink are still available. What good are the public's
rights if the tools needed to make fair use or access works in the public
domain are illegal?"
***********************
Federal Computer Week
INS opens entry/exit door
Tackling what is probably its largest and most complex technology project,
the Immigration and Naturalization Service has taken the first step toward
building an automated entry/exit system to keep track of foreign visitors.
The computer-based system, which is intended to register when foreign
visitors enter and leave or fail to leave the United States, is
considered a key to increasing the nation's ability to control its borders
and improve homeland security.
In a presolicitation notice to potential builders, INS says it wants to
rely as much as possible on off-the-shelf technology to "verify and record
the identities of persons who enter and exit the United States by air, land
or sea."
INS has asked Congress for $380 million to spend on the system in 2003, but
the total cost is expected to be much higher.
Robert Mocny, director of the INS' Entry-Exit Project Office, compared the
size and complexity of building the system to putting a man on the moon or
constructing the Hoover Dam. "It's huge," he said.
INS statistics show that more than 7 million foreign visa holders and
"hundreds of millions" of foreigners without visas enter the United States
each year. In addition, a half million foreign students are enrolled in
American schools. But for now, INS has no reliable means of tracking those
visitors, and millions remain past the dates they are required to leave.
Some of the Sept. 11 terrorists were among those who overstay their visas,
highlighting the danger that losing track of visitors poses for homeland
security.
Among the requirements for the entry/exit system listed in the
presolicitation notice are that it must be able to alert government
officials if visitors overstay their approved visit periods and if visitors
"are or become identified as national security threats."
After installation at air and sea ports in 2003, the system will be
installed at the 50 largest land points of entry in 2004 and at all points
of entry about 300 by the end of 2005.
The system must be able to "interface with multiple existing and
potentially future government and commercial industry databases," INS says.
Critical government databases include those operated by other Justice
Department agencies and the departments of State, Treasury and
Transportation, the notice says. Commercial databases include those
operated by airlines and shipping lines, Mocny said.
In addition to interoperability, the system must be able to demonstrate
"scalability, security and evolvability," the INS notice says.
Although it is not specifically required in law yet, the system also will
be expected to read visas, passports or other identification documents that
include biometric identifiers, Mocny said.
The system is complex because it involves tying so many databases, computer
systems and technologies together, Mocny said. "The scale and scope is
what's untried," but "it's doable," he said. "Let's say this, I haven't
heard from industry that we can't do it."
INS officials said they plan to issue a formal request for proposals in
June. At that point, companies are expected to present designs for
consideration.
*****************
Federal Computer Week
Emergency program moving along
Following a successful demonstration with some of the most high-tech state
and local agencies, the federal government is ready to move on to a tougher
test of the Domestic Emergency Response Information Services (DERIS)
program: working with rural governments.
The Defense Department, which is running the program, also is working to
transfer DERIS to the Federal Emergency Management Agency and the National
Guard Bureau, both of which are responsible for coordination with first
responders under the Bush administration's homeland security mandate, said
Rosanne Hynes, information technology adviser for DOD's Homeland Security
Task Force, which led the development of the program.
The second phase of DERIS will be conducted later this year with agencies
in rural Pennsylvania, said Hynes, speaking May 6 at the Government CIO
Summit in Broomfield, Colo.
DOD, working with FEMA, the National Guard and other federal agencies,
developed the program to provide a network, a collaboration portal and
training tools for bringing together first responders and all levels of
government during an emergency.
The successful Phase I demo occurred March 12 with agencies in Chicago, Los
Angeles, and San Diego county. However, most state and local agencies lack
the information technology infrastructure or expertise of such
jurisdictions, and that is what DERIS must focus on in the future, Hynes said.
The success of demonstration also means that DOD can start to hand over the
program to FEMA and the National Guard, the agencies that Hynes said should
be in charge.
FEMA's homeland security responsibilities include the development of a
collaboration portal, such as the one developed for DERIS, which will be
part of the transfer, Hynes said. Defense put up the resources to develop
DERIS because FEMA could not, but coordinating domestic emergency response
is not DOD's job, so the program and the portal will be moving over to FEMA
and the National Guard before the Phase II demonstration, she said.
In addition to DERIS, DOD is starting to migrate responsibility for its new
Consequence Management Interoperability Services (CMI-Services) program to
FEMA, and has formed a group of advocates within DOD, FEMA, the Office of
Management and Budget and the Office of Homeland Security to ensure that
the funds needed for first responder coordination go to the right agencies
instead of any political pet projects.
In November, the group also formed the Emergency Response Network
Initiative to bring together officials from all of the agencies involved in
homeland security to compare and coordinate IT investments in the emergency
response arena, Hynes said.
"We're really helping to put FEMA in the position it needs to be," she said.
******************
New York Times
In Satellite Piracy War, Battles on Many Fronts
By JENNIFER 8. LEE
INDSOR, Ontario -- THE palm-size cards started appearing last year at
border inspection points. They were stashed in glove compartments and
trunks. Tucked into pockets and wallets. Hidden in brown paper packages.
Drivers tried too hard not to appear nervous, and flubbed explanations when
questioned by American customs inspectors.
A new kind of contraband was trickling across the border from Windsor into
Detroit along with the pseudoephedrine and the Cuban cigars. Initially,
United States customs officials say, they found the cards puzzling. They
looked innocuous enough blue plastic cards imbedded with computer chips.
As the inspectors investigated further, it soon became clear to them that
Americans were flocking to Windsor for more than the second-rate casinos
and strip clubs. They were crossing the border to satisfy an illicit desire
of a different sort: one for pirated satellite television.
In the past few years, satellite TV piracy has become a multimillion-dollar
industry in the United States, with as many as one million households, by
some estimates, illegally obtaining programming from the nation's two big
satellite providers, DirecTV and EchoStar. The desire to tap into satellite
channels without paying the monthly fees has spawned a loose distribution
network of fly-by-night dealers and Web sites, raids by law enforcement
agencies, and an electronic cat-and-mouse game between the pirates and the
satellite companies.
But if piracy has become big business in the United States, it owes a lot
to Canada, where until recently it was legal to receive pirated satellite
signals. In border cities like Windsor, a mini-industry of pirate providers
flourished, selling the means for Americans, be they individuals or
dealers, to gain access to satellite programming.
For now, that industry is reeling from a Canadian Supreme Court ruling in
late April that it was illegal for Canadians to watch American satellite
television. Stores were closed and equipment removed, and several online
stores were shut down.
But dealers say that the demand is too great and the business too lucrative
for the industry to disappear entirely. It will either move offshore or
underground, many dealers predict, ensuring some sort of supply chain for
Americans.
"All they really do is push it below ground," said Adam Dicker, owner of
Satan's Playhouse, a chain of three satellite television stores in Toronto.
"It's the dealers they want to put out of business, but we only get more
business."
In satellite piracy, the cards are the keys. Inserted into an inexpensive
receiver, a card unlocks the streams of entertainment to a user who points
a small dish antenna in the right direction. Legitimate users pay a monthly
fee to unscramble the signals. But a satellite access card can be
transformed to a free card through reprogramming. What was once available
only by subscription basic channels and premium services like HBO,
pay-per-view movies and sports can be viewed for the one low price of
hiring someone to hack the card, anywhere from $20 to $50 a pop.
"It's like heroin," said Joann Kolonelos, a dealer at DSS Pirate, a
satellite piracy store in Windsor whose clientele has been approximately
one-third American. "Once you have access to all those channels, all those
movies, you can't give it up."
The satellite companies and law enforcement agencies call it theft, plain
and simple. The companies, which together have about 18 million paying
subscribers in the United States, hesitate to put a figure on the price of
satellite piracy. But cumulatively, the cost of enforcement, legal action
and lost revenue has probably run into the hundreds of millions of dollars,
according to industry experts. In 1997, DirecTV was awarded damages of $33
million as a result of a single lawsuit against 30 dealers in Seattle.
DirecTV, whose encryption system was cracked before EchoStar's, is pouring
money and people into its anti-pirating division, the Office of Signal
Integrity. The office helps law enforcement agencies conduct frequent raids
on satellite dealers across the country. In three raids on a single day in
May 2001, for example, police officers confiscated $4.5 million in
satellite piracy paraphernalia in Orange County in California. Since the
beginning of this year, there have been 33 seizures of satellite access
cards by customs inspectors in Detroit alone.
Satellite piracy is a federal crime punishable by up to five years in
prison for dealers and one year for viewers, in addition to fines. But many
scoff at the idea of getting caught.
"There are so many people doing it, it becomes socially acceptable for you
to do it too," said a hotel manager from Detroit who spoke on the condition
that he not be identified. The manager, who went to Windsor to obtain cards
and satellite equipment, started pirating signals in 2000 when he became
frustrated with his high cable bills.
He crossed the border because Canadians were able to exploit a discrepancy:
government jurisdictions stop at borders, but satellite signals do not.
Piracy of American satellite television could not be challenged here
because the companies are not licensed in Canada. And while there are two
Canadian satellite broadcasting providers, the appetite for American
programming is overwhelming.
Today, an estimated one million Canadian households about 10 percent of
the population are watching American satellite TV, in most cases without
paying DirecTV or Echostar. Satellite dishes have sprung up on Canadian
houses like gray mushrooms after a spring shower. Piracy Web sites
flourished, and hundreds of stores opened as legitimate tax-paying
businesses. In Windsor alone, 40 piracy stores emerged from 2000 to 2002.
Classified ads were filled with offers to hack satellite cards.
By serving as wholesalers to dealers in the United States or selling to
individuals who crossed the border into Canada, hackers and piracy shops
nurtured the temptation for Americans to steal satellite signals.
How far are people willing to go for television? Windsor dealers say that
customers have driven from as far as Oklahoma, West Virginia and Texas.
Some have bought dozens of cards to sell or give to friends. Some Americans
who could not get to Canada mailed their cards to friends in the Detroit
area with pleas that they be returned before the big game, said the hotel
manager.
The access cards are a valuable commodity. One Satan's Playhouse store was
held up at gunpoint last year, said the owner, Mr. Dicker. The thieves made
off not with cash but with hundreds of satellite cards worth tens of
thousands of dollars.
To create the finished product, Canadians have had to look to the United
States for the original cards. Last year the Canadians found a new source
across the border for large volumes of low-priced cards: Wal-Mart, which
like many retailers was selling DirecTV systems, which consist of a
satellite dish and a black-box receiver, for a heavily subsidized $50.
Canadians printed out maps of Wal-Mart locations from the Internet and
headed for the border, said David Fuss, the president of Incredible
Electronics, a major Canadian wholesaler. They bought the systems by the
dozens and the hundreds. What Canadian dealers wanted were the included
satellite cards, which could be hacked and sold for $150, a handsome profit.
DirecTV's accounting showed that hundreds of thousands of cards disappeared
into the vortex of piracy during that period. Last fall the satellite
company started shipping systems to Wal-Mart without the card. "It was
costing us a lot of money," said Larry Rissler, the head of DirecTV's
Office of Signal Integrity. Now subscribers who buy from Wal-Mart have to
order the card separately from DirecTV.
Last year DirecTV hired five law firms to mail cease-and-desist letters to
American addresses obtained from raids on dealers. To date it has mailed
over 7,500 letters. "We are going after the users," Mr. Rissler said. "We
are trying to teach them a lesson."
The company is also fighting fire with fire, with its engineers hacking to
fight the hackers. The Office of Signal Integrity designs little bits of
code with a name that evokes cold war weaponry: Electronic Counter
Measures, or E.C.M.'s. The E.C.M.'s, which travel up to the satellite and
down to the cards, are the equivalent of heat-seeking missiles. When they
find a card that has been hacked, they destroy the programming on it.
A few months ago, DirecTV stepped up its E.C.M. attacks to two or three a
week. Within minutes of each attack, dealers said, their phones would start
ringing and people would begin lining up in front of the Windsor stores to
get their cards reprogrammed.
"It's television," marveled Patrick Reid, manager of Pirate Satellite,
another store in Windsor. "It's supposed to be entertainment. But for some
people it's critical."
Some viewers have found a remedy to the E.C.M. attacks: they are buying the
hardware to program and fix the cards themselves. The devices, called
loaders and unloopers, hook up to a PC. After an attack, hackers devise a
software remedy and distribute it on the Internet. Within a day, most
people are up and running again.
With a PC and an Internet connection, anyone can now be a pirate. The price
of hardware has plummeted as competing manufacturers have flooded the
market. Equipment that used to cost several thousand dollars has dropped to
$100 or $150.
"Everybody and their neighbor has a programmer these days," said Rod
Freire, a satellite installer in Windsor who has five satellite dishes on
his house.
Still, the Canadian Supreme Court decision on April 26 changed the picture.
The ruling that it was illegal for Canadians to watch American satellite
television came on a Friday, and over the weekend, satellite piracy in
Canada came to a stumbling halt. Storefronts were shuttered and Web sites
were pulled down. Apologetic signs went up. Customers panicked. What would
they do without their satellite TV? On the Monday after the ruling, the
shelves and tables in one Windsor store were bare. The owner had stripped
out all his equipment over the weekend. But customers kept calling.
"I can't talk to you on the phone," the owner said. "You can come here and
we can talk face to face."
Customers wandered into the store one by one. An older man pulled a small
envelope out of his pocket and took out a card. "Do you still . . . ?" he
asked.
"We don't program anymore," the proprietor said firmly. Well, at least not
officially. The owner then asked the man to leave his name and number on a
piece of paper.
"We'll contact you," the owner said. "We'll work something out." The owner,
who spoke to a reporter on the condition that he not be identified, said he
would probably start making house calls but that his prices would go up.
There is currently an injunction on the enforcement of the ruling. But no
matter the outcome, satellite piracy will continue, dealers say, with Web
sites moving to offshore servers and more viewers buying the hardware
themselves. Decoder News (decodernews.com), for example, a site that had
been operating out of Toronto, plans to move its server to the Caribbean.
"If you never give kids candy in the first place, they'll be O.K.," said
Mr. Dicker, the owner of Satan's Playhouse. "But you can't give kids a
bunch of candy and then take it away. The same is true for satellite."
*********************
BBC
Commuters face smart card confusion
Tube travellers in London will soon be able to swap their paper tickets for
a smart card but technical incompatibilities could cause confusion for
commuters.
London Underground is developing a smart card system dubbed Prestige but it
will not be compatible with standards being developed for other transport
services, the technology news magazine Computing reported.
For commuters who travel to the capital on a mainline train, a smart card
may be more trouble than it is worth.
"We are hoping that mainline stations will upgrade their ticketing services
but for the time being it might mean having two tickets or being issued
with a paper ticket," said a London Underground spokesperson
The Department of Transport admits that the London Underground system is
not compatible with standards being developed by the Integrated Transport
Smartcard Organisation (ITSO).
"It is true that London is not using the ITSO standard but that is because
the contracts for the specification and supply of the London card scheme
were placed before work on the ITSO standard was completed," said a
spokesman for the Department of Transport.
All parties are " jointly working on a study to see how London and the rest
of the UK can be made interoperable", he said
The £1.2bn Prestige project is due to be piloted this summer and it is
hoped it will bring benefits for Londoners.
"It will cut down on queuing and ticket fraud and instead of fumbling
around in your bag you will in theory be able to simply point your ticket
at the gate," said a London Underground spokesperson.
Integration vital
Analysts say commuters have to put up with the inconvenience resulting from
competing standards for new technology.
"It is a general trend to have two or three standards and there is a slow
convergence," said manager of the technology group at Anderson Consulting,
Sati Bains
"Eventually London Underground has to be integrated with other rail and
transport systems but it is unlikely to change in the short term."
ITSO is hoping its specification will be used to develop a smart card with
far wider uses than just transport.
"The ultimate dream is to replace all the cards in your wallet and have a
card that can be used on transport systems and pay your poll tax," said
ITSO's general manager Peter Stoddard.
"The ITSO specification would allow that. It was born out of transport but
could be used on a much wider front and there has been a lot of interest
around the world."
Government led
Smart cards have long been talked about as a way of allowing consumers to
pay for a variety of services.
Most credit cards have an embedded chip which could turn the plastic in
your wallet into a smart card.
But it may be government rather than financial services that drives usage,
said Mr Bains.
"The government could save billions on social service fraud by using smart
cards," he said.
It would be a logical step to also integrate public transport payments on
such cards he added.
"You would be able to catch a bus without having to take the card out of
your pocket. The card could also interact with screens at the bus-stop to
let you know when the next one was coming," he said.
******************
USA Today
Flaw leaves MSN Messenger vulnerable to hackers
SEATTLE (AP) Users of the latest versions of Microsoft's popular MSN
Messenger program are vulnerable to computer hackers, the company warned.
The "critical" flaw in the Internet-based program, which has millions of
users, is the latest serious security flaw to be discovered in a program
from the world's dominant software company. Microsoft said Wednesday that
hackers could exploit the vulnerability to run their own malicious commands
on a user's computer. Affected is a feature that allows users to gather in
a single virtual location or "chat room" to exchange messages across the
Internet in near real time.
The affected software includes Microsoft MSN Chat Control, Microsoft MSN
Messenger versions 4.5 and 4.6, and Microsoft Exchange Instant Messenger
4.5 and 4.6.
Microsoft has been trying to make inroads into the market, which is
dominated by AOL's Instant Messenger.
The vulnerability was discovered as Microsoft undergoes an intensive
companywide campaign to stamp out security problems, an effort ordered by
chairman and chief software architect, Bill Gates.
The Redmond, Wash.-based software maker issued a critical security bulletin
to users advising them to upgrade by visiting an MSN Chat site and
downloading an upgraded new chat control, or by upgrading on the site to
the latest version of MSN Messenger or Exchange Instant Messenger.
The company said that to its knowledge no user had been hacked via the
flaw, Microsoft Security Program Manager Christopher Budd said, though he
cautioned users not to be complacent about downloading the upgrades.
The chat control feature is not automatically included in Windows
Messenger, which is installed with the XP version of Windows, Microsoft's
flagship operating system.
Budd said it is automatically included only in the two latest versions of
MSN Messenger, which has some 46 million users. The first of those versions
was released last October.
Microsoft was informed of the flaw by a security firm about a month ago but
did not disclose it until late Wednesday because it was developing the
fixes or "patches" for customers to download, Budd said.
"Software always will have flaws," Budd said. "We always do our best to
ensure we do not have flaws or vulnerabilities, but while we strive for
perfection, we know we're not always going to achieve perfection."
Gates announced a "Trustworthy Computing" initiative in January after a
series of embarrassing security incidents involving Microsoft software that
prompted criticism the software giant had been giving security short shrift
as it piled new feature upon new user-friendly feature in its operating
systems.
The most serious was a vulnerability affecting a Web server program
included in corporate Windows operating systems.
That flaw could let a hacker take over someone else's server.
Like the Web server flaw, the newest vulnerability was caused by what is
known as a "buffer overflow problem."
Buffer overflows occur when software is programmed to accept information
but not given the ability to validate or limit it. That allows hackers to
send commands that an operating system is not expecting but that end up in
a computer's memory and are executed.
In February, Microsoft warned of an unrelated flaw in MSN Messenger that
could allow a hacker to gain access to screen names and e-mail addresses.
*****************
USA Today
House privacy bill puts onus on consumers
WASHINGTON (Reuters) Several U.S. lawmakers introduced a long-awaited
privacy bill Wednesday that would allow U.S. businesses to share
information about customers who have not explicitly forbidden them to do so.
More than a year in the making, the privacy bill unveiled in the House
differs from a competing bill making its way through the Senate that would
require businesses to get consumers' explicit permission before sharing
sensitive information such as income level, religious affiliation or
political interests.
U.S. Rep. Cliff Stearns' bill would instead leave companies free to share
customer profiles unless customers specifically forbade them.
The bill would cover transactions both on the Internet and in the "offline"
world, and would override state laws that place more restrictions on
commercial use of personal information. Sponsors said the bill would
establish basic privacy protections for consumers while minimizing the
impact on business.
Stearns, a Florida Republican whose consumer-protection subcommittee held
six hearings on privacy last year, said the free flow of consumer data has
been a cornerstone of the modern information-based economy.
"The underlying principle that anchors this bill is, 'do no harm,' " he said.
Consumers would have no right to sue if their privacy was violated.
Enforcement would be left in the hands of the Federal Trade Commission,
which usually does not impose fines on a first offense.
Companies submitting to a self-regulatory privacy regime such as TRUSTe or
BBBonline would enjoy protection from FTC actions.
While lawmakers have introduced dozens of privacy bills in the House since
the beginning of last year, none has attracted as much support as Stearns'
measure. The bill has lined up 22 co-sponsors from both sides of the aisle,
among them Rep. Billy Tauzin, the Louisiana Republican who chairs the House
Energy and Commerce Committee.
Rep. Rick Boucher, a Virginia Democrat, said businesses would be free to
set more restrictive privacy practices on their own as a way to market
themselves.
"I'll predict a much greater level of Internet usage with these privacy
policies in place," Boucher said.
Initial reaction to the bill was mixed.
A group of business leaders from high-tech firms said the bill struck the
right balance between consumers and businesses, while the U.S. Chamber of
Commerce said it was not needed because businesses could handle privacy
concerns on their own.
Privacy advocates said the bill was a step backward, especially by not
providing extra protection for sensitive information.
"Americans care about sensitive information. This bill does not address
those issues," said Ari Schwartz, a senior policy analyst at the Center for
Democracy and Technology.
******************
USA Today
VeriSign to auction domain names on eBay
SAN FRANCISCO (Reuters) Security and Web address provider VeriSign, which
has seen layoffs and missed its sales target partly as a result of
lower-than-expected Web address sales, on Wednesday announced it will
auction domain names on eBay.
The auctions of dot-bz domain names will be targeted at businesses,
Verisign said in a statement. Other domain names are likely to follow, a
spokesman said.
With 46 million users, eBay offers a ready market for everything from
vintage baseball cards and diet pills to airline tickets and used computers.
The dot-bz domain is the top-level domain for the Central American country
of Belize and is different from the dot-biz domain, which is one of the new
generic top-level domains that will be entering the dot-com dominated market.
VeriSign is overseeing the registry for the dot-bz domain.
Separately on Tuesday, VeriSign Chairman and Chief Executive Stratton
Sclavos, speaking at the J.P. Morgan H&Q technology conference in San
Francisco, could not tell analysts when he thought sales of domain names
might pick up.
Those sales dropped off last year after the dot-com speculative bubble
burst in 1999 and 2000. Until then, buyers gobbled up Web addresses in a
frenzied attempt to stake a claim in the Internet.
Also under the eBay partnership, VeriSign will provide services to verify
the identification of sellers on eBay to help cut down on fraud.
Currently, sellers provide credit card information to register on eBay and
customers can rate the sellers following transactions.
"We're always finding people who have been suspended in the past and who
are trying to re-register," said Kevin Pursglove, an eBay spokesman. "Or
they're providing inaccurate information and are coming to the site to
engage in nefarious activity."
VeriSign will handle the registration process and validate the identity of
sellers by confirming phone numbers and addresses, said Anil Pereira,
executive vice president and general manager of VeriSign's enterprise and
service provider division.
For higher ticket items, VeriSign will also verify credit and other
information on potential sellers as part of its Authentication Service
Bureau, he said.
*******************
Sydney Morning Herald
Microsoft fined for piracy last year
Microsoft was convicted of software piracy by a French court last year,
according to reports at numerous websites.
The company was fined three million francs in damages and interest for
violation of intellectual property because of the illegal inclusion of
another company's proprietary source code in SoftImage 3D, an animation
package.
A report on the conviction was carried in the French paper, Le Monde
Informatique.
No technology magazine or Website cottoned on to the fact at the time. It
was left to a Peruvian Congressman, Dr Edgar David Villanueva Nuñez, to
raise this point in a letter to the general manager of Microsoft Peru, Juan
Alberto González. Dr Nuñez was replying to a letter from Mr González
wherein the latter had stated the official position of Microsoft relative
to Bill Number 1609, Free Software in Public Administration, passed by Peru.
Within Dr Nuñez's reply was this paragraph:
"Questions of intellectual property fall outside the scope of this bill,
since they are covered by specific other laws. The model of free software
in no way implies ignorance of these laws, and in fact the great majority
of free software is covered by copyright. In reality, the inclusion of this
question in your observations shows your confusion in respect of the legal
framework in which free software is developed.
"The inclusion of the intellectual property of others in works claimed as
one's own is not a practice that has been noted in the free software
community; whereas, unfortunately, it has been in the area of proprietary
software. As an example, the condemnation by the Commercial Court of
Nanterre, France, on 27th September 2001 of Microsoft Corp. to a penalty of
3 million francs in damages and interest, for violation of intellectual
property (piracy, to use the unfortunate term that your firm commonly uses
in its publicity)."
Newsforge has a story, detailing a timeline of the events that led to the
conviction. See http://newsforge.com/newsforge/02/05/07/2234251.shtml?tid=3
*******************
Sydney Morning Herald
'Cyber jihad' warning to terror experts
Hobart
A "cyber jihad" could be launched against the West as terrorists moved from
the real world to an Internet-based virtual world, a US expert warned today.
Michele Zanini, a consultant with the think-tank McKinsey and Company, said
terrorist groups such as al-Qaeda were already making huge use of the web
for communications, propaganda, recruitment and target data.
Another expert, Rand Europe senior policy analyst Kevin O'Brien said there
was potential for terrorists to cause huge losses to the West by damaging
information technology systems.
Dr Zanini and Dr O'Brien were speaking at an international conference on
global terror in Hobart.
Dr O'Brien said Western-developed IT had become the "great equaliser" as it
was exploited by terrorists and rogue states.
He said the cyber world was chaotic and without boundaries and Western
security agencies were traditionally ill-equipped to deal with its threats.
Both experts said newer terrorist groups like al-Qaeda and Hamas were
different to earlier ones that had been hierarchical and bureaucratic.
Al-Qaeda was a fluid network of semi-autonomous groups, hard to pin down
and with links to about 20 other groups.
In the wake of September 11, it was clear terrorists were using the
Internet as a weapon of war, the experts said.
Terrorists used the Net to gather intelligence, including target
information, and counter-intelligence.
They made and moved money on it and were suspected of even manipulating
stocks for profit.
They could also use it for worldwide planning and coordination, propaganda,
psychological terrorism and rumour-mongering.
Rogue states could equally use it and China and Taiwan were already
battling a cyber war, according to the experts.
Dr O'Brien said the danger to business was of great concern, with some
websites particularly vulnerable.
An interruption of a few seconds on the New York foreign exchange market
could cost billions of dollars.
Companies could also be damaged through extortion, brand destruction and
fraud.
Dr O'Brien said much more cooperation and information-sharing between
governments and business was needed to combat the threats.
Australia, Britain and Canada had moved in this direction, but the US
response was still hampered by agency turf wars and personal rivalries, he
said.
However, on the wild world of the web, there's an unlikely ally in the war
against terror.
Dr Zanini said traditional hackers had a quite different culture to
terrorists and the two did not mix well.
There was even an organisation called Hackers Against Terrorism, a sort of
virtual vigilante group, he said.
*******************
Wired News
Macs' Last Stand on Capitol Hill
By Mark Baard
She'd rather take a ride in Strom Thurmond's wheelchair than use a Windows
PC, but Amelia Dungan has little choice: Macs are not welcome on Capitol Hill.
Dungan is the assistant to the director of Sen. Edward Kennedy's Health
Committee in Washington. To her chagrin, she is forced to use a PC running
Microsoft's Windows.
She got a taste for Mac living last fall, when an anthrax scare forced
Kennedy's staff out of the their usual building. The staff was given space
in an adjacent building and Apple iBooks, which they used to hammer out the
Frist-Kennedy bioterrorism bill.
"The iBooks were wonderful," Dungan says. "A lot of people in my office are
science people: neuroscientists, mathematicians and economists. For them,
the iBooks were a return to normal."
But Kennedy's staff had to surrender their iBooks once they returned to
their decontaminated offices. Dungan is back to using her Compaq Pentium
III PC, which she describes as "an awful computer."
Mac lovers like Dungan have few champions on the Hill these days. The
Senate Office of the Sergeant at Arms (SAA), which makes technology
recommendations to senators, has eliminated almost all Macs on Capitol Hill
with the exception of three offices: Kennedy's, Sen. Tim Johnson (D-South
Dakota), and the office of the Democratic Policy Committee.
The SAA's recommendations aren't mandatory, but those that follow them are
provided with follow-up hardware and software, and technical support.
According to critics, those who decline the SAA's advice are ostracized:
Requests for support go unanswered, and suggestions for new technologies
are ridiculed,
"There aren't many Mac users left," says Jeff Hecker, a systems
admininstrator at the Democratic Policy Committee, which uses Macs to
analyze data and create visual displays for Senate debates. "The PC bigots
[at the SAA] have, for the most part, driven them out of the Senate."
Hecker said he has given up fighting for the Mac cause, but there is one
Mac proponent who is digging in his heels and taking a last stand for Macs
on Capitol Hill.
The rebel's name is Ngozi Pole. He is the office and systems administer at
Kennedy's Boston and Washington offices. He got Dungan and the other
staffers their iBooks during the anthrax scare. And for years, Pole has
been locking horns with anti-Mac administrators at the Senate Office of the
Sergeant at Arms.
"Instead of seriously considering my suggestions, [the SAA has] tried to
ruin my reputation," Pole complained.
According to Pole, he only wants to replace the Senate's current e-mail
dinosaur, Lotus cc:Mail, with Web browser-based applications, and those
using Java and Macromedia Flash. That way, a user can choose to work with a
Mac, or virtually any other computer.
The SAA maintains the Senate's e-mail and Web servers, and administrates
the senate.gov domain.
"The stuff we do is very basic," Pole says. "All we need is e-mail, the
Internet, a word processor and the ability to create output. Why shouldn't
we be able to use Macs if we want to?"
But according to Pole, the SAA is reluctant to support the Mac OS, as well
as any Flash or Java-based applications.
Instead, the SAA is pushing toward an easy-to-maintain, Microsoft-only
upper branch.
The SAA has few Mac support staff, and crushes the hopes of Mac proponents
each time it recommends technologies that are not cross-platform compatible
in its requests for information and proposals (RFIs and RFPs).
"The SAA writes crappy RFIs and RFPs," Pole said. "They have never written
one that talks about cross-platform solutions."
That approach is costing the Senate money, according to Pole. By seeking a
Windows-only workplace, the SAA is locking the Senate into expensive
product development cycles precipitated by each new release of Microsoft's
Windows.
Wired News tried to get the SAA on record but repeated requests for an
interview were unsuccessful. An SAA spokeswoman at first granted an
interview request, but then ignored follow-up requests for a date and time.
Regardless of the SAA's recommendations, Pole plans go his own way, without
the support of the SAA.
The SAA allocates $250,000 per six-year term to each senator. The
department had hoped Pole would use the budget to replace aging Macs in
Kennedy's offices. Instead, Pole will spend the remainder of his budget
through 2003 filling Senator Kennedy's Washington office with new
flat-panel iMacs.
Pole also wants to hand out iBook notebooks, with Airport wireless
networking cards, which staffers will use in the conference rooms and at
home. Airport Base Stations will be placed near each conference room in the
senator's Washington office.
Amelia Dungan says she can't wait to get her hands on one of those iBooks.
"Our location and situation [during the anthrax scare] were less than
ideal," she says. "But the Macs were wonderful. They never crashed, even
with two people to a computer, 14 hours a day. We all wished we could bring
them back to the Hart Building."
Added Dungan: "Ngozi Pole is pretty high up on the SAA's list of
revolutionaries the days."
********************
Wired News
Bomb Suspect Traced by Cell Phone
SAN JOSE, California -- Mailbox bomb suspect Luke Helder made a crucial
mistake while on the run: He turned on his cell phone.
As soon as he activated it, FBI agents quickly triangulated his position
between two rural towns and had him in handcuffs within an hour Tuesday,
according to Nevada authorities.
The fact that another motorist spotted Helder in passing helped
authorities, but the cell phone signal like a locator beacon was a dead
giveaway.
"We got a call from the FBI at approximately 3:20 p.m. that the cell phone
that (Helder) had been known to have had been activated somewhere between
Battle Mountain and Golconda," said Maj. Rick Bradley of the Nevada Highway
Patrol. "We started hitting Interstate 80."
The Highway Patrol flooded the area with officers and quickly had Helder in
custody, Bradley said Wednesday.
Bradley said tracking down Helder without the pinpoint location provided by
the FBI would have made the task tougher, given the sprawling region.
"It's really a rural area. There's not that much police presence," Bradley
said.
Helder also placed a call to his parents' Minnesota home, and spoke with an
FBI agent they handed the phone to. But the technology trick used by the
FBI helped seal Helder's fate.
Gayle Jacobs, a spokeswoman for the FBI's Las Vegas office, refused to go
into detail about how the bureau did it, or even to acknowledge what it did.
"As far as investigative technique, we don't disclose that information,"
Jacobs said.
Cell phone triangulation is a well-known tracking method within the
wireless industry, said Michael Barker, an equipment sales manager for
Cell-Loc, based in Calgary, Alberta. His company provides tracking services
to help people who are incapacitated and unable to dial for help.
"Every time the cell phone is on, it periodically sends a little
registration message to the phone company, 'Here I am! Here I am!'" Barker
said. That message contains the cell phone's electronic serial number and
tells the service provider when the phone has drifted in and out of cell
tower range.
Federal agents then easily can get in contact with the cell phone service
company and get the location of the nearest cell tower in contact with the
activated phone, Barker said.
Law enforcement then can equip agents with devices designed to triangulate
the signal and determine its location within about a third of a mile and
the direction it was traveling in, Barker said. Handheld equipment for such
a search is not sold to the general public, he said.
Robin Gross, an attorney at the Electronic Frontier Foundation, warned that
the technology could be abused. She said cell phone tracking could be used
to follow the movements of political dissenters or politicians and other
people in power.
"I think it's inappropriate to be tracking people under some kind of
assumption that they might do something illegal," Gross said. "I just think
it's ripe for abuse by law enforcement and by government."
***************
News Factor
Intel Drives Wireless Speed with New LAN Chipset
By Brian McDonough
www.WirelessNewsFactor.com,
Wi-Fi5 remains a more expensive option, but one that is expected to grow as
home-entertainment uses for wireless broadband, such as relaying DVD
signals, become available. 'When I hear Wi-Fi5 talked about for the home,
it's in connection with those consumer electronics applications,' Intel
spokesperson Scott McLaughlin told Wireless NewsFactor.
For the complete story see:
http://www.newsfactor.com/perl/story/17646.html#story-start
*****************
News Factor
Wearable Biometric ID System Unveiled
By Jay Lyman
The companies claim the biometric system will allow faster security
screening in fixed locations and the ability to stage mobile security
checkpoints at vital installations.
For the complete story see:
http://www.newsfactor.com/perl/story/17636.html#story-start
*******************
Taipei Times
Unfrozen funds to pay for linking of weapons systems
By Brian Hsu
STAFF REPORTER
The legislature's defense committee yesterday reached an agreement to
unfreeze two separate classified budgets of the military, worth NT$5.2
billion in total, for the construction of an intra-service communication
system and an inter-service command, control and communication system.
The budgets include NT$2.6 billion for the Anchieh (¦w±¶) project, which
will include the army's purchase of a second unit of the US-made IMSE
(improved mobile subscriber equipment) tactical communication system -- and
another NT$2.6 billion for the Posheng (³Õ³Ó) project, which is the first
stage of a long-term plan to construct an inter-service command, control
and communication system based on equipment that will be bought from the US.
These budgets had been frozen since the last session of the legislature
because of opposition by some lawmakers to the two projects, which were
criticized as being "too expensive" and as being "outdated technology."
In yesterday's closed-door meeting of the defense committee, lawmakers with
the committee reached agreement after several hours' discussion on
unfreezing the two budgets.
The agreement was reached on condition that the military will meet several
requests by the committee regarding the two projects.
One request is that the US has to transfer to Taiwan technology for the
IMSE and the inter-service command, control, and communication system,
which is to be based on the US' Link 16, said PFP lawmaker Chao Liang-yen
(»¯¨}¿P), a member of the defense committee.
Another request is that, if Taiwan is to sign a contract with the US on
either of the deals, the contract has to be signed in Taiwan and it must be
written in both Chinese and English, Chao said.
"We also asked the military to build a link with the army's IMSE and the
Posheng system, although we know the two systems cannot be linked together
at the moment," she said.
The unfrozen budgets are only part of the money that the military intends
to spend on the two projects.
The army plans to spend another NT$11.3 billion on the purchase of several
other units of the IMSE to build a nation-wide communication network.
As for the Posheng project, the NT$2.6 billion budget unfrozen yesterday is
only for a preliminary study of the workability of the Link-16 system in
Taiwan.
It is estimated that construction of the Link-16 system will cost around
NT$47.3 billion.
The Link-16 system is expected to greatly enhance the joint-operation
capabilities of the military because it forms data links between a variety
of weapons systems -- of all the three services.
For the air force alone, the data link will enable different fighter planes
to share and transmit real-time information -- this will, for instance
enable information-sharing between the F-16 and Mirage 2000-5 fighter planes.
The domestically-built IDF is to be excluded from the data-link system due
to budgetary considerations and tactical concerns.
The state-run Aerospace Industry Development Corporation (AIDC), the
developer of the IDF, is trying to persuade the military to include the IDF
into the system -- and to award AIDC the contract to integrate the plane
into the system.
******************
Computerworld
IBM unveils higher level of disaster recovery services
To help customers be better prepared in the event that a disaster strikes
their IT operations, IBM today is launching a new services unit that
focuses on quickly getting businesses back on their feet after their IT
infrastructure is damaged or destroyed.
In an announcement today, IBM said the new applications and data continuity
practice are being established within IBM's Global Services arm and will
bring together new and existing technologies to help customers prepare for
the unexpected. Instead of getting affected businesses back in operation
within several days, the new methods should allow businesses to resume
operations within about 20 minutes by maintaining linked remote systems
that are fully synchronized with the main IT systems, IBM said.
A key part of the new practice is ensuring that customer applications and
data files are available from a remote location if disaster strikes a main
data center, said Roger Schwanhausser, director of storage services at IBM
Global Services. Too often, he said, customers think that if their data is
backed up remotely, getting back into operation after a disaster is as
simple as flicking a switch.
Instead, he said, data isn't usually available quickly from a redundant
data center if the system has to first be fired up and prepared for use.
IBM will now help customers create parallel remote data centers that
feature cluster management capabilities on servers or mainframes, depending
on the needs of the businesses. By organizing the remote data centers as
offshoots of the main data facilities, all specified data and applications
can be mirrored in a "shadow infrastructure" and be available in an
emergency, Schwanhausser said. The remote centers can be located thousands
of miles away.
"There have been pieces of this total solution in place in the past," he
said, but few businesses have prepared themselves for fast redeployment in
case of an emergency.
The new services unit comes at a time when more businesses are looking over
contingency plans just eight months after the terrorist attacks on the
U.S., he said. Before Sept. 11, "there wasn't the heightened interest and
concerns about business continuity," Schwanhausser said. "Not to overstress
it, but [Sept. 11] caused us all to re-evaluate a lot of things."
The new services are targeted at financial, travel and retail businesses --
where immediate recovery is critical and can mean the difference between
continued sales and huge revenue losses.
Pricing for the consulting and configuration services will likely range
from the hundreds of thousands of dollars for businesses with modest needs
to tens of millions of dollars for businesses with large needs. Once
established, the facilities will be run by the IT staffs of the client
companies.
Dianne McAdam, an analyst at Illuminata Inc. in Nashua, N.H., said IBM's
approach is sensible because it prepares for disaster recovery from many
angles, not just data recovery. "What happens sometimes is customers tend
not to think of the bigger picture," she said. "What they're doing is
sitting down with a customer and piecing it all together."
The IBM approach will allow customers to put into effect a multiphase
disaster recovery plan, with critical applications and data restored
quickly and less important applications and data restored later using
traditional tape restoration, which is far less costly, McAdam said.
Customers often forget about applications as they plan their backup
programs, she said, adding, "Every customer wants to do business continuity
and recovery planning, but they don't know where to get started."
Jim Garden, an analyst at Technology Business Research Inc. in Hampton,
N.H., said IBM's new services are "expanding the envelope on disaster
recovery" in a field that is maturing. "It makes sense from a business
point of view," he said.
*****************
Computerworld
'Cute' Trojan horse attacks through e-mail
A pair of antivirus companies is warning users to look out for an e-mail
worm that could allow attackers to take over their machines and try to
damage firewall and security programs.
Santa Clara, Calif.-based Network Associates Inc.'s McAfee.com Corp. unit
and Cupertino, Calif.-based Symantec Corp. are both warning computer users
to watch out for an e-mail message with a subject line: "Thoughts..."
Inside, users find a short note reading: "I just found this program, and, i
dont know why... but it reminded me of you. check it out." Inside the
message is an attachment called Cute.exe.
Statements released by both Symantec and Sunnyvale, Calif.-based McAfee say
the package will unleash a Trojan horse worm that will look for security
programs inside a user's machine and attack them. Both companies have
labeled the worm a "low" risk and offer instructions on their Web sites on
how to remove it.
The program will also allow attackers to do the following:
Send instant messages from an infected machine using either MSN Messenger
or AOL Instant Messanger
Send e-mail
Initiate denial-of-service attacks
Access, move, copy or delete files
Access, move, copy or delete file transfer protocol files
The program will copy itself to the Windows directory and create two
registry keys, according to McAfee's statement. Two INI keys are also
created. Then "the worm looks for E security programs (including antivirus
and firewall programs) in memory and terminates them if found," the
statement said.
******************
Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 507
1100 Seventeenth Street, NW
Washington, D.C. 20036-4632
202-659-9711