[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips May 22, 2002

To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, CSSP <cssp@xxxxxxx>;, glee@xxxxxxxxxxxxx;, Charlie Oriez <coriez@xxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, computer_security_day@xxxxxxx;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;;
Subject: Clips May 22, 2002
From: Lillie Coney <lillie.coney@xxxxxxx>
Date: Wed, 22 May 2002 14:00:19 -0400

Clips May 22, 2002

ARTICLES

GSA seeks comments on .gov
DoubleClick able to settle privacy suits
Canada's '.Ca' Authority Holds Second Board Election
OMB anticipates next round of GPEA reports
House Passes Child-Sex Crime Wiretap Bill
Waging war on computer viruses
Turning pictures into passwords
Computer virus spoofs State Dept.'s e-mail address
Senate panel creates cybersecurity programs, standards
Israeli troops warned against accepting Internet pizza
Drug delivery by microchip may not be far off
EC and mobile industry meet to discuss 3G
New worm spreads via Microsoft SQL Servers
Australian billionaire aids revival of Computer for Every Child
Tech consortium created to improve software reliability
Nonprofit to wire up rural Asian schools

*******************
Federal Computer Week
GSA seeks comments on .gov

The General Services Administration is looking for public comment on plans to extend the .gov domain to non-federal entities such as state and local governments and federally recognized Indian tribes.

In a proposed rule in the Federal Register May 16, GSA also said is it considering charging a one-time fee for new registrations, which will range from $250 to $1,000, depending on the level of assistance provided by GSA, and a recurring annual charge in the range of $100 to $500 for all .gov domains.

Currently, GSA does not charge for registration but is allowed to start charging at any time. The fees are "based on anticipated costs for operating the registration service and are consistent with industry charges," GSA said in its notice.

GSA has managed the .gov and .fed.us top-level domains since 1997. Last month it announced that it also accepts .gov registrations for native sovereign nations.

Indian tribes interested in the .gov domain must first apply to the Interior Department's Office of the Assistant Secretary for Indian Affairs. The process includes making a letter application, a tribal resolution, or submitting minutes of the meeting giving authority to the person making the written request. Tribes also can apply online at www.gov-registration.gov.

The end result for an entity acquiring a domain name would look like "www.tribesname-nsn.gov," where nsn stands for "native sovereign nation." The department hopes the move will enable e-government among Indian tribes. ******************* CNET DoubleClick able to settle privacy suits By Gwendolyn Mariano

DoubleClick on Tuesday received federal court approval to settle state and federal lawsuits that charged the Net advertising company with violating the privacy of Internet surfers. The U.S. District Court for the Southern District of New York granted final approval of the class-action settlement agreement, which requires DoubleClick to provide consumers with a privacy policy that will clearly describe in "easy-to-read sentences" its online ad-serving service, use of cookies, as well as other services and technologies.

The settlement also requires the company to purge certain data files of personally identifiably information, including names, addresses, telephone numbers and e-mail addresses. Among other provisions, the settlement requires DoubleClick to obtain permission, or so-called opt-in agreements, from Internet surfers before it can tie personally identifiable information with Web surfing history.

In addition, DoubleClick must conduct a public information campaign consisting of 33 million banner ads that educate consumers on Internet privacy. Moreover, the company will retain an independent accounting firm that will conduct an annual review regarding DoubleClick's compliance of the settlement.

The suit follows a preliminary approval granted to DoubleClick two months ago. The suit clears up state class-action lawsuits filed from California, Texas and New York, which were consolidated last year.

Ira Rothken, one of the lead plaintiffs' settlement counsel, said the settlement is "reasonable" under the circumstances because the plaintiffs were given limited tools under the law to prosecute the case.

"I believe that we have a good result that will protect Internet users' privacy on the Internet," Rothken said. "I'm hopeful that the Internet advertising community as a whole will look at this settlement agreement for guidance on how to conduct their business online, and I'm also hopeful that Congress will provide legislation in the near future that will fill any voids that are left in the settlement agreement."

DoubleClick declined to comment on Tuesday's hearing. However, in a previous statement regarding the settlement, DoubleClick said it would continue to provide "the same full range of marketing solutions for its clients" alongside protections and controls to "safeguard consumer information." ******************** Chronicle of Higher Education Scholars Rally Behind Online Publisher By ANDREA L. FOSTER

A diverse group of professors and academic groups filed briefs with the Supreme Court on Monday in support of Eric Eldred, an online publisher who is challenging the constitutionality of the Sonny Bono Copyright Term Extension Act.

The briefs say the act gives copyright holders too much control over the dissemination of creative works, constraining the ability of scholars and teachers to discuss and study literature, art, and movies.

In his lawsuit, Eldred v. Ashcroft, Mr. Eldred says the law fails to protect free expression guaranteed under the First Amendment, and also violates the original intent of copyright law. As written in Article I, Section 8 of the Constitution, the purpose of copyright is to "promote the progress of science and useful arts."

The Copyright Term Extension Act safeguards the copyright of material for 70 years after its creator's death. Before the law was enacted in 1998, copyright was protected for 50 years after the creator's death.

Among those who filed papers in support of Mr. Eldred were 53 professors who teach intellectual-property law, constitutional-law professors, historians, several library groups, 17 economists, and college technology and art groups.

The prominent scholars supporting Mr. Eldred include Yochai Benkler, a professor at New York University School of Law; Jessica Litman, a law professor at Wayne State University who wrote Digital Copyright; and Milton Friedman, a Nobel Prize recipient who is a former economics professor at the University of Chicago.

Groups supporting Mr. Eldred include the Association of Research Libraries, the Digital Future Coalition, the College Art Association, the National Humanities Alliance, and the Consortium of College and University Media Centers.

The brief filed by library groups argues that the law "effectively prohibits non-copyright owners -- like librarians, curators, archivists, historians, and scholars -- from republishing and disseminating older works that may have no significant commercial value, but may be of strong historical or artistic interest."

But supporters of the law say it harmonizes U.S. copyright law with Europe's, encourages creation of new works, and is an appropriate response to longer human lifespans.

The Supreme Court has yet to schedule oral arguments in the case. But the arguments would be heard no sooner than October, when the court begins a new term.

Two lower courts, most recently the U.S. Court of Appeals for the District of Columbia Circuit, ruled against Mr. Eldred. The Supreme Court's decision to hear the case surprised many legal experts, because the justices usually intercede only when lower courts disagree. ****************** Canada's '.Ca' Authority Holds Second Board Election

While the powerful Internet Corporation for Assigned Names and Numbers (ICANN) rethinks the concept of democratic control over top-level domains like dot-com and dot-net, the Canadian agency in charge of that country's domain-name space is launching its second public election of board members. The Canadian Internet Registration Authority (CIRA), which took control of the country-code top level domain (ccTLD) known as dot-ca in late 2000 and held its first election of board members one year ago, will collect votes for three board seats during the second week in June.

Initially installed as a group, the nine elected members of the 12-person board were posted in threes to terms ranging from one to three years so that CIRA could hold annual elections for a third of the board each year.

ICANN, whose board is made up of 19 directors, has just five elected members, chosen during a trial online vote nearly two years ago.

While CIRA may appear more democratic than ICANN, the composition of its board appears to be of less interest to even Canadian domain-name registrants.

The current campaign has attracted eight candidates, but six of them were recommended by the current CIRA board, with rank-and-file members drumming up the required 50 endorsements for just two additional nominees.

Nominated by members was Richard Anderson, a well-known political advisor and president of the Ottawa-area management consulting firm ASCI-Anderson, and March Jeftovik, president of outsourced domain-name services (DNS) company EasyDNS Technologies in Toronto.

Those nominated by CIRA included two existing board members: Internet law expert Michael Geist and Web development company president Denis Tanguay.

A third current director, Bruce Firestone, a founder of the NHL's Ottawa Senators hockey club, is not running again.

Also recommended for the campaign by the CIRA board were intellectual property lawyer Daniele Boutet, Web-hosting company executive Eleanor Jang, National Capital FreeNet (Ottawa) director Ian MacEachern and e-commerce consultant Ramesh Venkat.

The election campaign, which began Thursday, is being conducted largely on the CIRA Web site where candidates are fielding questions from members on an online bulletin board.

Eligible to vote, CIRA says, are he 140,000 holders of dot-ca domain names.

Voting begins online between noon EDT June 7 and ends at 8 p.m. June 13. CIRA said results should be posted on its Web site by June 20.

More information can be found here: http://www.cira.ca/en/elections-2002.html .

Reported by Newsbytes.com, http://www.newsbytes.com .
*********************
Government Computer News
OMB anticipates next round of GPEA reports
By Patricia Daukantas

With one year to go before the Government Paperwork Elimination Act kicks in, the Office of Management and Budget is expecting agencies to show substantial progress in automating transactions, two speakers said today at the annual FedWeb conference.

Agencies are supposed to move customer transactions online by October 2003, but "there is not enough money in the world to do that," said Richard Kellett, director of emerging IT policies for the General Services Administration's Governmentwide Policy Office.

OMB understands that agencies can't do it all but will want to know what they are going to do, Kellett said.

In June or July, OMB will issue its guidance for the next data call, said Nora Rice, the CIO Council's program manager. GPEA status reports will be due in late September.

OMB officials looked closely at the status reports that agencies submitted at the end of fiscal 2001 and they expect to see substantial progress one year before the GPEA deadline, Rice said. ***************** Associated Press Ind. State Puts Private Info Online Tue May 21, 5:33 PM ET

Indiana State University accidentally posted personal information about 10,000 of its students including names and Social Security (news - web sites) numbers on the Internet for two weeks.

The information was available from April 30 to May 14 about ISU students enrolled in the 1996-97 school year, university spokeswoman Teresa Exline said.

Officials removed the information once they learned about the situation, and Exline said the university was in the process of notifying those students

"This is not a hacking incident. No one broke into our security," Exline said. "This is an incident that involves inadvertent exposure."

The university said the posting was an accident and no one will be disciplined, but it is reviewing procedures to make sure the problem does not occur again. ******************* Associated Press Bell to Study Research Allegations Tue May 21, 4:16 PM ET By LORI HINNANT, Associated Press Writer

TRENTON, N.J. (AP) - An independent panel that includes a Nobel Prize-winning physicist is examining accusations regarding the validity of impressive scientific achievements reported by Bell Labs.

The five-member panel was formed last week after an outside researcher contacted Lucent (news - web sites) Technologies with information that caused enough concern to warrant an external review of the experiments, a Lucent spokesman said. Bell Labs is the prestigious research arm of Lucent.

Lucent has contacted the journals that published the work in question, which included a claim last fall by a Bell Labs team that it had created a transistor from a single molecule.

Other scientists have been unable to reproduce the experiments and have questioned the research results. Such skepticism is not unusual, and Lucent scientists have said that the technique for growing crystals is not easily mastered.

The company declined to provide many details about the accusations or say who brought them to Lucent's attention. Spokesman Bill Price said the accusations focused on data published in five research papers involving molecular electronics, superconductivity and molecular crystals.

"Our initial concern is with the validity of this data," he said.

Science executive editor Monica Bradford said Lucent has been open about the inquiry and has promised to keep publications updated about its results.

"We're waiting to find out what the investigation shows," Bradford said. "It would be upsetting if this would turn out to be a false lead because I think everybody was excited about the findings."

In 2000, scientists led by Bertram Batlogg, director of solid state physics research at Bell Labs, began publishing a series of articles on how the lab grew crystals out of organic molecules and then varied their electronic properties by applying electric fields from transistors attached to the crystals.

The research was published in the journals Science, Nature and Applied Physics Letters.

Batlogg no longer works for Lucent and a phone listing for him could not immediately be found. The transistor work was led by J. Hendrik Shon, who declined comment.

The panel of inquiry will be led by Malcolm R. Beasley, professor of applied physics at Stanford and the former dean of its School of Humanities and Sciences.

The other members are Herbert Kroemer, winner of the Nobel Prize in Physics in 2000 and a professor of electrical and computer engineering at the University of California at Santa Barbara; Supriyo Datta, a professor of electrical and computer engineering at Purdue University; Herwig Kogelnik, a Bell Labs scientist; and Donald Monroe, a scientist at Agere Systems, Lucent's microelectronics business, which the parent company plans to spin off by June 1. ******************* Washington Post House Passes Child-Sex Crime Wiretap Bill By Brian Krebs May 21, 2002; 2:27 PM

The U.S. House of Representatives today approved legislation that would give law enforcement new powers to eavesdrop on the telephone conversations of suspected child-sex predators.

Supporters say that the "Child Sex Crimes Wiretapping Act of 2001" is needed to snare potential child molesters who search for children in Internet chat rooms.

"Our children need our protection and these conversations on the Internet that lure and entice them lead them to telephone conversations that set up meetings," bill sponsor Nancy Johnson (R-Conn.) said in a speech on the House floor today.

Johnson said her bill could have helped investigators prevent the death of a 13-year-old Danbury, Conn., girl who was found raped and murdered on Monday after a rendezvous with a man she met in an online chat room.

Opponents of the bill, led by Rep. Bobby Scott (D-Va.), say the measure amounts to an unnecessary expansion of federal wiretap authority.

Originally created as a tool to investigate organized crime syndicates, wiretaps can now be obtained in investigations of roughly 50 different specific crimes, Scott said.

"Wiretaps are becoming routine rather than an extraordinary procedure used as a means of last resort," he said.

Scott asked that the bill be reopened for possible changes, as the proposal was being considered under rules that barred amendments from being considered.

The House passed the bill, 396-11. ****************** Los Angeles Times Army's New Message to Attract Recruits: Uncle 'Sim' Wants You Technology: The service will unveil video games to woo a media-savvy generation with a simulation of military life. By ALEX PHAM TIMES STAFF WRITER

May 22 2002

America's youth would rather play video games than do push-ups in the mud--a reality the Army wants to harness to its advantage.

Eager to prove it's not your grandfather's military, the Army is developing video games to recruit and build awareness among Generation Y.

Today at the Electronic Entertainment Expo in Los Angeles, the Army will unveil two games designed to appeal to a media-saturated, tech-bombarded generation. One is a sanitized version of "Unreal Tournament," a classic first-person shooting game known for its graphic, nonstop killing. The other is a take on "The Sims," a popular game that mimics life itself. But instead of dismembering mutants or pursuing romance, players can work on their organizational skills, free hostages and rise to the rank of first sergeant. The games are part of the Army of One marketing campaign, which stresses professionalism and the importance of the individual, themes marketers say resonate with youths.

Though the military has long used realistic video games as training tools, this is the first time the Army has relied on games to reach out to the public. The intent of the free games--which will be distributed starting in July at recruiting stations and on the Army Web site--is to sell the soldiering life.

Although interest in military careers rose after the Sept. 11 terrorist attacks, enlistments have changed little in recent years. And it's getting tougher to attract and retain soldiers, in part because there are fewer veterans to regale potential recruits with tales of their military exploits.

"The goal was to give them a synthetic experience of being in the Army in game form," said Michael Zyda, director of the Naval Postgraduate School's Modeling, Virtual Environments and Simulation Institute in Monterey, which developed both games.

"When I registered for the draft during the Vietnam War, I asked veterans of the Korean War what it was like," he said. "They were easy to find. Today, the Army is much smaller. There aren't as many people around today to answer that question."

The game project started two years ago, when the economy was bursting at the seams and dot-coms beckoned young people with the promise of riches and freewheeling offices in which they could skateboard. The Army spent $5 million to develop video games to show Army life. Like unscripted TV shows, the games show mostly action, leaving out the boring parts.

"Soldiers," for example, takes gamers from basic training to career development. Spit-shining shoes and peeling potatoes are not among the list of activities. Players going through sniper training in the more action-oriented "Operations" game don't have to camp out for hours waiting for terrorists to show up.

The games depict an Army that is precise, organized and technically advanced. Tactical missions and advanced weaponry are the focus of the game's missions, not violence.

In a survey this year by Northwestern University of 1,000 college students, the No. 1 concern about joining the military was danger, said Charles Moskos, professor of sociology at Northwestern and an expert on public attitudes toward the military.

"It's something recruiters just don't talk about," Moskos said. "But being in the Army is as dangerous as being a taxicab driver, which is considered to be one of the most hazardous occupations."

Because of such concerns, the armed forces have a difficult time replenishing their ranks. The military spends twice as much recruiting each soldier today--about $10,000--as it did 10 years ago.

Although the Army met its recruitment targets in three of the last five years--about 80,000 a year--those goals are far lower than in the past, Moskos said.

Given the current global climate, America is "likely going to need more people in the armed forces in the coming years," he said. "That's when the recruitment shortfalls will come."

Although store shelves are bulging with video games that have military themes, some of which are so realistic they are used by the military to train soldiers, commercial games such as "Halo" lack the realism of being in the Army, Zyda said.

Technical realism, in fact, is one of the biggest selling points of the two new games.

To make "Operations," developers rode tanks and Blackhawk helicopters, parachuted from airplanes and shot rifles and machine guns. They brought in soldiers from the Army's Special Forces to critique scenes and levels. They scanned images of 12 weapons and programmed their recoils, accuracies and bullet speeds into the game. For "Soldiers," developers videotaped real soldiers and drill sergeants.

Will that be good enough?

"It can't hurt," Moskos said. "But a video game isn't going to be as good as real personal contact."

Or like doing push-ups in the mud.

More E3 coverage is at www.latimes.come3.
********************
Los Angeles Times
AT&T Spam Filter Blocks Its Notice of Rate Increase
From Associated Press

May 22 2002

SEATTLE -- AT&T Broadband offered high-speed Internet users an e-mail filter to block spam--unwanted mass e-mail solicitations--and then discovered it also blocked the company's notice of a rate increase.

Spokesman Steve Kipp acknowledged the problem Monday after hearing from customers who had read elsewhere that higher rates were on the way.

He said he didn't know how many customers were affected. "If there is a silver lining, it appears our spam filtering system works so well that it even deletes mass e-mails from our own company," Kipp said.

Last week the Seattle Post-Intelligencer and the Seattle Times reported that at least 64,000 Puget Sound-area customers with cable Internet links to AT&T Broadband's network would face rate increases of 8% to 15% in June.

The stories said customers were notified by e-mail, but some told the company they did not receive those notices.

The filtering problem was detected after some test e-mail messages were sent in a check of the system, and the notices will be re-sent once the glitch is fixed, Kipp said. ******************** BBC Waging war on computer viruses

New net technologies present opportunities for more than just entrepreneurs and venture capitalists. Virus writers like them, too. Almost every novel internet technology, from e-mail to peer-to-peer networks, has been exploited by virus writers and vandals keen to cause havoc.

Virus writers are locked in an endless struggle with anti-virus and security companies who are trying to guess which advance will be taken advantage of next.

Many anti-virus companies are adapting their tactics to protect customers and catch new viruses before they do too much damage.

Copycat killer

Whenever novel viruses appear, anti-virus companies work to produce a "pattern" file that tells their software how to spot and stop the malicious program.

One successful virus usually leads lots of other people to produce copycat programs that differ only slightly from the original.

Many anti-virus programs use rule-based techniques, called heuristics, to spot these variants.

Natasha Staley, a consultant at anti-virus firm Sophos, said these techniques helped limit the spread of the "H" version of the Klez e-mail worm.

This rule-based approach has also proved useful in combating the many e-mail viruses created after the Melissa outbreak in 1999.

"Melissa was one of the defining moments of virus writing," said Ms Staley.

Current figures show that 90% of all viruses in the wild are e-mail viruses that spread by using weaknesses in Microsoft mail programs.

But, said Ms Staley, if the rules used by anti-virus programs got too broad they would cause too many false alarms.

"There are an endless number of combinations available to virus writers," she said, "which is one of the reasons that heuristics are so difficult to do well."

Handy help

Andrew Armstrong, UK managing director of Trend Micro, said anti-virus companies were trying to break out of the infection-reaction cycle and help consumers and companies prevent virus infections spreading.

"The speed with which viruses are going around the world on the internet means that having a fix two hours later is a help, but it's too long," he said.

According to figures from the Cooperative Association for Internet Data Analysis, the Code Red worm was infecting more than 2,000 new computers per minute at its peak.

Companies like Trend Micro now tell companies how to avoid infection before the patch for anti-virus software is finished.

Mr Armstrong said this advice usually took minutes to draw up and distribute. He likened the difference between giving advice and producing a patch to that between using a mosquito net and producing a cure for malaria.

Trend Micro is also producing tools for customers that help them work out the extent of a virus outbreak and clean up all the machines that have been infected.

Unfortunately, one of the main allies that virus writers have in their bid to spread the malicious programs are computer users themselves.

Exposed again

Ms Staley from Sophos said viruses that were years old regularly re-appeared because users did not do enough to protect themselves.

Even boot sector viruses that travel by floppy disk still occasionally break out.

"The Kak worm appeared in 1999 but is still infecting people," she said. "That's pretty incredible because every anti-virus program detects it."

Although many companies were putting anti-virus programs on e-mail gateways, web servers and desktop machines, said Ms Staley, the malicious programs still occasionally slipped through.

She urged people to regard with suspicion e-mail messages from strangers bearing attachments or with odd subject lines. ******************* BBC Turning pictures into passwords

As we become ever more reliant on computers, remembering your passwords or coming up with one obscure enough to be secure can be a huge headache. If your password is as simple as the word, password, then logging on via a picture might be the answer.

Microsoft is one of several firms working on image-based password systems.

One such system being developed at Microsoft's research lab in the US uses a single image on which the person makes a series of clicks. A painting with plenty of detail is the most suitable.

Researchers are also working on a system which uses a library of faces.

A person has to choose half a dozen in a particular order as their password.

Smart passwords

Microsoft researcher Michael Roe believes such systems could be useful for people who prefer pictures to text.

"People don't remember passwords but they are good at remembering faces," he said. But he is not convinced that it will be the way forward.

"It is interesting research but I'm not sure it will end up being deployed as a product," he said.

Instead a smart card system, in which users simply swipe a card at a reader attached to the computer, could be the way passwords go in future.

The big advantage is that it does not rely on human memory, although one drawback is that some people will inevitably lose their cards.

Microsoft is so keen on the idea that it has already moved half of its staff to smart card security cards.

Mr Roe believes many other firms will develop similar systems over the next five years or so.

"The problem is that PCs don't have readers at the moment. Organisations would also have to be able to issue such cards and have a system in place for loss or theft," he said.

Fingerprinting

However, experts still see potential uses for picture passwords.

Chief Technology Officer with anti-virus firm Cryptic Software, Dave Duke, believes picture-based passwords could play a part in everyday life, such as at ATM machines.

"It would be harder for people to steal a picture password," he said.

Although pictures might prove popular with users there would not be much advantage to having them online, he said.

"It is as easy for a hacker to take a picture off a machine as it is to take a text password," said Mr Duke.

He thinks the next stage for passwords will lie in identifying users by their fingerprints.

Such biometric systems have gained ground since 11 September and an increasing interest in security both off and online.

Computer chips that contain information about fingerprints, iris pattern, hand geometry or voice print could be fitted in passports within four years.

Text is best

But research fellow at the London School of Economics Peter Sommer questions whether biometrics are the way forward for password security.

"Large scale systems will have to cope with tens of millions of images and data. It is going to take up significant processing time," he said.

"It's not going to be that great if each recognition takes three minutes."

Despite the problems of coming up with a good password and remembering it, Mr Sommer thinks it will remain the predominant security method for the foreseeable future.

"The advantage of passwords is that you are completely reliant on yourself," he said.

For those that do not trust their memories, there is plenty of help at hand, he points out.

Free software is available on the internet to store passwords, though you still have to remember the password to open the programme.

Handheld computers can also be encrypted to store all passwords.
******************
BBC
May 17, 2002
Doubt cast on fingerprint security

The artificial fingers and prints were created with gelatine by Japanese researchers who used the digits to trick biometric systems into thinking they were seeing the real thing.

Not only was it possible to fool the security systems with casts of fingers, the researchers found they could make convincing fakes using fingerprints lifted from glass.

Experts say the experiments cast serious doubt on any claims that this type of biometric system can be made fully secure.

'Impressive work'

The work was done by engineering professor Tsutomu Matsumoto and his colleagues at the Graduate School of Environment and Information Sciences at the University of Yokohama.

The first set of experiments used fake fingers formed when gelatine was poured into a mould created by pushing a finger into a malleable plastic often used by model makers.

The fingers created this way fooled the fingerprint readers 80% of the time.

Making the fingers took only a few minutes and used raw materials that cost less than £10. The researchers also developed a way to create fake fingers using prints left on glass.

First, the latent print was hardened using glue that sticks to the ridges of bodily detritus, such as sweat and skin cells, left behind when a finger touches a hardened surface.

'Impressive' work

This improved print was photographed using a digital camera and was then enhanced using Adobe Photoshop software to emphasise the difference between its ridges and gaps.

The image was transferred to a photosensitive sheet, etched into copper to turn it from a flat image into a three-dimensional print, and then used to create another mould.

Again the fake fingers fooled the biometric readers 80% of the time.

Security expert Bruce Schneier wrote of Dr Matsumoto's work: "Impressive is an understatement."

He said the fact the systems were fooled using easily available ingredients should be enough to end the use of fingerprint-based security systems.

"If he could do this, then any semi-professional can almost certainly do much, much more," wrote Mr Schneier.

Dr Matsumoto and his colleagues first presented their work in January at the Electronic Imaging 2002 conference organised by the International Society for Optical Engineering. ********************** USA Today Source Associated Press Computer virus spoofs State Dept.'s e-mail address

WASHINGTON (AP) The State Department's e-mail identity was forged by a computer virus that sent itself to law enforcement and media outlets across the country, a department official said Tuesday.

Variants of the virus, called Klez, have been spreading since the late 1990s and are transmitted through e-mails and attachments. Klez does not destroy computer files but can clog up mail systems and corporate networks.

Saturday, the virus sent hundreds of e-mails with the return address of the State Department's public affairs office, said a State Department official, speaking on the condition of anonymity.

A computer is infected with Klez the moment a computer user opens an e-mail attachment containing the virus.

Once loose, the virus seeks out and copies e-mail identities stored in the computer user's programs. The virus spreads by sending itself to the addresses contained on stolen "listservs," or electronic mailing lists.

The virus could have gained a copy of the State Department's listserv from any computer it infected on which a user had received an e-mail from the department. It may have infected a computer at the State Department, the State official said.

The process is called "spoofing" by Internet hackers.

"The virus would never had to have had access to a single State Department computer to have spoofed the address," said Steve Trilling, senior director of research at the Internet security firm Symantec. "It's like tacking on a false return address on a letter and sending it to someone who is used to receiving mail from that address. They are much more likely to open it than if it came from a stranger."

The State Department sent an apology to those who received the e-mail.
*******************
Government Executive
Senate panel creates cybersecurity programs, standards

By Molly M. Peterson, National Journal News Service

Legislation to create new cybersecurity research programs at the National Science Foundation and the National Institute of Science and Technology won quick approval Friday from the Senate Commerce, Science and Transportation Committee.

The Cyber Security Research and Development Act (S. 2182), which the panel approved by unanimous consent, aims to improve information sharing and collaboration among government, industry and academic cybersecurity researchers, while increasing the number of U.S. workers with expertise in that field.

Under a managers' amendment adopted by unanimous consent, the bill also would establish standards for cybersecurity technologies used by federal agencies. Technology industry representatives oppose the provision. They say federal standards would make it more difficult for government and industry to respond quickly to emerging cybersecurity threats.

"Such requirements are both inappropriate and unworkable, as cybersecurity threats are always changing and technologies must rapidly evolve to meet them," said Robert Holleyman, president and CEO of the Business Software Alliance, whose members include Microsoft, IBM, Intel and other high-profile technology companies. ******************* MSNBC Chat room rendezvous not so rare 13-year-old's death shines light on parents' problems with Net By Bob Sullivan

May 21 It is every parent's nightmare. Your perfect, grade-A student, cheerleader child has a double-life in Internet chat rooms. She consents to meet one of her virtual pals; he ends up being a 25-year-old killer. The death of 13-year-old Christina Long this week, allegedly at the hands of an Internet lover, was perhaps the first child murder directly linked to a chat room meeting. But the conditions for her murder are far more common than most parents realize, experts say. One recent study says about 1 in 10 teens admit they've followed through on a rendezvous with someone they first met in a chat room.

LONG FIT THE classic profile for a child at risk. She lived with her aunt; she had been taken away from her parents due to their substance abuse problem. She lived in suburbia, in fact, in a relatively affluent neighborhood. She was between 11 and 15; old enough to know her way around the Internet, but not old enough to understand the real-world risks. She was a girl with self-esteem issues. And she was crying out for attention. According to the News-Times of Dansbury, she had a Web site full of enticing language, even inviting sexual chatting. Investigators believe she had other sexual rendezvous with men she had met online before her fateful meeting on Friday with Saul Dos Reis, according to Robert Paquette, police chief of Danbury, Conn. But Long is hardly alone, nor is her case as extreme as it might initially appear. About 12 percent of teen-agers will admit meeting someone in the real world who they first met online, according to Parry Aftab, director of Wired Patrol. Wired Patrol was until recently known as CyberAngels, a global organization of volunteers who try to protect kids while they surf by looking for suspicious behavior online. Despite a constant deluge of warnings from the parents, the media, and schools, kids frequently cross the line between the virtual and real world all the time. "When parents aren't around they admit it. They do it all the time," Aftab said. A Wired Patrol study unearthed 11,000 teens who had done so most between 11.5 and 15 years old. About 55 percent were girls. THOUSANDS OF CASES Many of those rendezvous are harmless, with other kids looking for friendships, Aftab said. But many aren't. Thousands of kids each year agree to meet online friends they think are other children only to discover they are adults. Others, like Long, knowingly agree to meet adults to experiment with sex. Hard numbers are hard to come by, since authorities believe many incidents go unreported. But the hundreds of known incidents offer a chilling glimpse of what may really be going on. The National Center for Missing and Exploited Kids has charted 5,700 reported cases of online enticement in the past four years, and those are only cases that were intercepted by parents. Meanwhile, the FBI's Innocent Images program open 540 cases last year, about a third of them involving "travelers" adults who arrange to meet with a child for sex, only to find an FBI agent waiting. There's not yet any way to compile federal, state, and local cases involving sex, children, and the Internet, but Aftab said she suspected there were 4,000-5,000 each year. "There are so many sex acts with young kids that are happening," she said. "I talk with schools all the time, and I have found so many victims." Local newspapers are full of such stories like the tale of a 13-year-old girl from Pittsburgh found tied to 38-year-old Scott W. Tyree's bed in January, surrounding by sex toys, three days after she had gone missing. Tyree allegedly met the girl in a chat room, drove to Pittsburgh for her birthday, picked her up, then took her back to his Fairfax County, Va., apartment. On his Internet page, Tyree said he was "looking for young slavegirls to train in real life." The girl was safely returned to her parents. "Like Long, she had her own Web site. She wanted to be a model," said Ruben Rodriguez, director of the Exploited Child Unit at the National Center for Missing and Exploited Children. The site came complete with photographs including provocative phrases and pictures. "People need to know: Children on the Net have met people and then run away to meet them in real life," Ruben said. He wasn't sure how many current cases of missing children stem from an Internet introduction, but he said the figure was probably in the hundreds.

FIRST CHAT ROOM DEATH But Long's death Friday raises the stakes another level. It may be the first child death that can be directly linked to a chat room. There have been murders of college-age adults where the Internet had a role: Amy Boyer's case is perhaps the most famous, often called the "Internet murder." The 20-year-old from New Hampshire was shot in 1999 after being tracked by a stalker through the Internet. Her eventual murderer had posted a Web site indicating his intentions to kill her. The next year, a 20-year-old Texas A&M sophomore was shot and killed by 31-year-old Kenny Wayne Lockwood, who had posed as a female law student online and arranged a meeting. Then last year, a 16-year-old Israeli named Ofir Rahum was apparently the victim of a politically motivated murder last year, after being lured to a meeting in a Palestinian city by a person posting as a 20-year-old female tourist in a chat room.

WHO'S AT RISK MOST But Long's story stands out not only because of her death, but also because she willingly consented to the meeting. Don't be surprised, said Peter A. Gulotta, who has been with the Innocent Images task force since it was opened in 1993. "Our second case was about a girl in her middle teens and an individual who was an attorney for the government. ... after we talked to her a while, she admitted she had met this guy, went to a park, and talked about sex. He showed her pictures. She chose to not once but several times travel with this guy," he said. "It was really eye opening. I thought, 'Whoa, this girl actually got in a car with this guy. There are people out there who actually do this stuff.' " Most at risk, said Aftab: kids who have just reached the age when they are allowed to leave the house for three hours at a time. Girls are slightly more at risk than boys, she said. And suburban kids, with perhaps less street smarts, are also at higher risk. "That's because they believe in happily ever after," Aftab said. "Talk to inner city kids, they think that what these kids are doing is crazy. But suburban kids, they are in houses with burglar alarms, they [think they] are safe." And girls in particular "believe that there's magic out there," Aftab said. They think "that the boy they meet in real life is going to be the one." PEDOPHILES ARE PATIENT Rob Douglas, CEO of American Privacy Consultants and expert in the Amy Boyer cases, said the Internet is a powerful tool for pedophiles because it allows them to slowly peck away at a child's natural defenses. "The Internet provides a place where a pedophile can begin to entice the child. It allows a more extended period of time where the seduction can begin to take place," Douglas said. "Pedophiles are manipulative, patient people. ... The child and the pedophile could have extended discussion to where child's normal resistance could already be overcome by the time the first in person meeting takes place." By the time a meeting takes place, the children may be confused, said Aftab. Many of the rendezvous cases are somewhat in between a clear-cut case of a teen expecting to meet another child only to be duped, and a teen who's actively looking for a sexual encounter with an adult. "Many of the kids I talk to only describe the shoes of the person they meet," she said. "That's because they don't want to look them in the face. Sometimes, they want to still believe he's a teen-ager."

DETERMINED KIDS FIND A WAY Authorities from the FBI, U.S. Customs, and private agencies all agree the problem of Internet-related pedophilia is getting worse, for no other reason than pure statistics. There are now 29 million children online, half above age 13, said Aftab. And it's nearly impossible to keep a determined child away from potential pedophiles. Gulotta described a recent case where parents took away a child's keyboard to prevent her from engaging in chat with a suspicious person. She just went to a friend's house and continued the conversation, which eventually culminated in a rendezvous in an Albuquerque hotel. It's impossible to guess how many such rendezvous occur each year that parents don't report; or that parents never discover. Christina Long had met with her alleged murder once prior to the night she died, investigators say, and apparently had other chat-room-initiated encounters with other adults. In the wake of the Long case, local authorities offered up the same advice to parents they're been repeating since 1994, when the World Wide Web made the Internet a popular tool: Know where you kids spend their time online; keep the computer in a common room, where all surfing is relatively public; tell your kids never to give out personal information; and convince them never to cross virtual and real worlds, never to meet anyone you've only chatted with online. But now the words have graver authority, spoken by a police chief investigating a murder. "The story here is that the Internet is a fertile environment for children to get themselves in trouble," Paquette said. "She didn't deserve to end up at the bottom of a ravine" ********************** Nando Times Israeli troops warned against accepting Internet pizza

JERUSALEM (May 22, 2002 10:42 a.m. EDT) - The army has barred soldiers serving in the West Bank and Gaza Strip from accepting pizza deliveries they did not order themselves, for fear the packages might be booby-trapped, the army said Wednesday.

Last month, Israeli pizzerias began delivering to soldiers via an Internet site where people place the orders as gifts for soldiers.

More than 4,000 pizzas have been sent, said Shimon Aharon, a British-born Israeli reservist who created the Web site.

Ninety percent of the pizzas were sent by Americans, with the remainder coming from Europe, South America, Australia and New Zealand.

The site allows people to send "Pizza and Pepsi for a patrol" or order up to six pizzas to feed an entire platoon. Several restaurants in Jerusalem and Jewish settlements in the West Bank and Gaza deliver the pizzas to army bases, foot patrols and military checkpoints.

This week, however, military commanders decided to bar soldiers from accepting pizzas they did not order, "due to concern that hostile elements may exploit the pizza deliveries to soldiers," the army said in a statement. ******************* Nando Times Drug delivery by microchip may not be far off

CAMBRIDGE, Mass. (May 20, 2002 9:31 p.m. EDT) - John Santini is building implantable microchips that he hopes someday will replace needles and complicated drug regimens.

He isn't there yet, but three years after attracting attention by demonstrating an early version of the device in a laboratory beaker, he insists that his company, MicroCHIPS, is making progress and will have a product out in five years.

The company has made the device work in a lab rat, and because it's a device, not a drug, Santini says that means it would almost certainly work in a person as well.

The chip - fingernail-sized, attached to a battery and wrapped in titanium - would be inserted just under the skin, likely in the abdomen. It contains hundreds of tiny reservoirs which would be filled by a drug, or several drugs. Software would instruct the chip when and how much of each drug to release, automatically and precisely.

On Monday, the company plans to announce a second round of venture financing - $16 million Santini claims will carry it into clinical trials. The other good news: Santini, 29, has been named one of the top 100 innovators under 35 by the Massachusetts Institute of Technology's Technology Review magazine. The winner will be announced Thursday.

Santini's is a field that requires a mind for biochemistry, electronics and engineering. But for him, the inspiration also came partly from the heart.

Diagnosed at age 12 with lupus, an immune system disease, he spent several years in and out of hospitals. He's in remission now, but he learned that a patient's drug delivery can be as important as the drugs themselves.

"I learned early on that if you can find better ways to deliver these drugs, (reduce) these side effects, it improves quality of life," he said.

Before his senior year at the University of Michigan, Santini spent a summer at MIT and hooked up with nanotechnology and drug delivery experts Robert S. Langer and Michael Cima.

They wanted to build a microchip that could solve many of the problems of drug delivery. Their first attempt left room for improvement.

"It was a really ugly looking device," says Santini, sitting in his office surrounded by sports paraphernalia of his beloved Detroit teams. "It was a glass slide with holes drilled in it and lots of apoxy gooped on it. It didn't work, but it gave us a lot of confidence it could."

Santini came to MIT for graduate school, worked with Langer and Cima, and became president of MicroCHIPS. Now 21 employees are tweaking the device, preparing it for clinical trials in about two years.

The chip works like this: each of the tiny, drug-filled reservoirs is sealed with gold, which is virtually corrosion-proof.

But if surrounded by chloride - found in the body's natural saltiness - the gold dissolves when a single-volt current from the device's battery is run through it. The gold harmlessly slips into the body and the drug is released; by subbing a fluorescent die into the reservoirs one can watch the process through a microscope.

Santini says it will be safe; the chip faces backward in the body and about the only thing that could shatter it and release all the drugs would be a bullet.

The technology could make drugs not only easier to manage, but more effective. That's because research is veering toward smaller proteins that focus on particular tasks and draw less attention from the immune system. But those molecules are also more fragile.

"This stuff ... has to be the wave of the future," says Doug Munch, a pharmaceutical and drug delivery consultant in Basking Ridge, N.J., "because of the control that may be required for future high-tech drugs may exceed what you can achieve by giving these orally and having them chopped up in the GI (gastro-intestinal) tract."

Chips also have the advantage of what economists call a "precommitment device" - locking patients into a drug regimen they may be tempted to slip out of. That could be especially useful for a disease like Hepatitis C, where the symptoms can be less unpleasant than the toxic effects of the treatment.

Obvious candidates are patients suffering from diabetes, which can require daily injections, and HIV/AIDS, which requires a complicated daily regimen of several medications.

But uses for those diseases are far down the road, Santini says, because insulin and HIV drugs cannot yet be made in sufficient concentration to fit in the reservoirs. For now, the most likely early uses are for delivering steroids, hormones, cancer drugs and pain killers.

Santini said he isn't worried about rivals. MicroCHIPS has partnered with one pharmaceutical company, whom he declined to identify. There could be a threat if such companies decide to push their own research in the field. Last year, for instance, Johnson & Johnson merged with drug-delivery company ALZA.

Another company, ChipRX, is focusing on devices equipped with sensors that respond to the environment - sensing, for instance, a rise in blood sugar and triggering a release of insulin.

Some say pre-programming a drug release, like microCHIPS is doing, is useful, but creating a device that thinks for itself is moreso.

"There are two big problems out there, and if their stuff works, they'll have knocked off one of them," said Howard J. Chizeck, chairman of the electrical engineering department at the University of Washington in Seattle and an expert in the field. "The huge markets and the tremendous opportunities that are there, like diabetes, they need a sensor that can stay in the body."

Santini says the company plans eventually to work on incorporating sensors.

"The holy grail of drug delivery has been to integrate biosensors with drug delivery systems so they can respond automatically to changes in the body," he said. "We will definitely be heading that way." ************************ Euromedia.net EC and mobile industry meet to discuss 3G Editor: Sean Cornwell

The European Commission and GSM Europe, the regional interest group of the GSM Association, have held a high level roundtable discussion attended by CEO's of 18 of Europe's leading mobile network operators.

According to GSM Europe, discussions focused on crucial industry issues such as infrastructure sharing, spectrum management, licence conditions, network rollout , M-Commerce, new services and applications, and also on the ways in which the Commission can help support the industry to launch future 3G networks and services.

The meeting also addressed key aspects of the EU's eEurope Action Plan which recognises that 3G communications is essential in eEurope, in order to create a real and workable broadband information society with innovative services available for anyone, anywhere, anytime.

Commissioner Erkki Liikanen, responsible for Enterprise and Information Society stated: "I continue to believe that 3G is an essential building block of the broadband wireless Information Society and that its success is essential to achieve the Commission policy objectives of an Information Society for all. A significant step in this direction was taken by the recent adoption of a lighter new regulatory regime. I welcome the roundtable initiative with GSM Europe and today's discussions, which have provided a solid basis for a successful launch of 3G services in the very near future."

He added that "it is particularly important to fully realise the benefits of the new communications regulatory package. This package has been designed to reduce red tape, it offers technology-neutrality, is flexible and will pave the way for a more level playing field for telecoms in Europe. In addition, other actions - such as pilots and R&D have been launched with the intention to stimulate the development of new services, applications and content."

GSM Europe is pressing for several legislative changes which it says are critical to the success of Europe's mobile services, and has warned against "the adverse risk of inappropriate regulation and its over-spill on to new and innovative services, including 3G," as well as "inappropriate financial regulation" for mobile commerce. ******************* Sydney Morning Herald New worm spreads via Microsoft SQL Servers

Internet Security Systems X-Force has learned of a worm that is spreading via Microsoft SQL servers. The Spida worm is responsible for large amounts of Internet traffic as well as millions of TCP/IP probes at the time of publication.

The worm attempts to locate and login to MS/SQL servers with the "sa" account and a blank password. Once a vulnerable computer is found, the worm will infect that target, send its configuration and password information to an external host, and begin scanning for new targets.

Although the Spida worm is not destructive to the infected host, it may generate a damaging level of network traffic when it scans for additional targets. The scanner bundled with the worm is multi-threaded and is capable of scanning with 100 threads. A large amount of network traffic is created by the worm, which scans both internal and external IP addresses for vulnerable servers.

The Spida worm propagates via Microsoft SQL installations with administrator accounts that have no passwords defined. Although Microsoft recommends that the "sa" account be set upon installation, many servers are not properly secured. If the worm finds a vulnerable server, it will attempt to execute its startup script by running the "xp_cmdshell" function, which is the SQL call used to execute system commands within SQL queries.

The main function of the Spida worm is to export an infected server's SAM password database and forward information about its network and database configuration. ******************** Jerusalem Post Australian billionaire aids revival of Computer for Every Child By GREER FAY CASHMAN

John Gandel, one of Australia's leading businessmen, has given US $1 million to the Computer for Every Child project to set the stage for the distribution of an additional 12,000 computers to children from low-income families. Gandel's is the largest cash donation since the project's initiation in 1997 by then Prime Minister Binyamin Netanyahu.

A long-range distribution target of 30,000 computers was set, and in the beginning, the project with which Netanyahu was strongly identified, got off to a roaring start. Netanyahu encouraged its progress and was frequently photographed at computer distribution ceremonies.

This did not sit well with his successor Ehud Barak, who during his term of office put the project on the back burner. Barak did not want to be associated with anything for which Netanyahu would reap a share of the credit.

Such considerations did not bother Ariel Sharon. Very soon after taking over from Barak, he revived the project. All in all, 10,000 computers have been distributed to needy children all over Israel, and a further 2,000 will go out over the next three months.

Companies such as Microsoft, Motorola, Intel, John Bryce and others have contributed software and training. All computers are distributed with Microsoft programs, the value of which to date is $3 million.

So enamored with the project is Gandel, that he has made several Australian government ministers aware of it. "I haven't pushed it in Australia yet" he said in a telephone interview from his Melbourne office, "I wanted to see the program running first."

Gandel believes that it would be "a creditable cause in Australia and an enormous asset to any society." The initial beneficiaries in Australia, he estimated would be Aboriginals and Vietnamese immigrants. But before any decisions would be made, the program would have to be thoroughly researched to determine criteria among the underprivileged sectors of society.

Through his Gandel Group, which develops multi-million dollars properties including $3 billion worth of shopping centers all over Australia, Gandel contributes generously to numerous causes in Australia and Israel. He's given what he terms "small amounts" to various universities in Israel, but he's given substantially to Keren Hayesod and the Jewish National Fund.

In fact, almost every major Israeli organization and institution represented in Australia has benefited from his largesse.

Gandel who heads one of the larger charitable groups in Australia and who has led several major philanthropic campaigns, decided a couple of years back that he wanted to be more personally involved in various Israel projects. A Jerusalem venture in which he invested a lot of time fell through, but this in no way dampened his enthusiasm.

"We're constantly looking for new interests in Israel," he said. Towards this end, he appointed an Israel representative 18 months ago. The representative recommended the Computer for Every Child project.

Coincidentally Motorola Israel's chairman Hanan Achsaf , and Gandel's good friend and Australia-Israel Chamber of Commerce colleague Leon Kempler also mentioned it to him.

Its appeal to him most is that it not only assists young people, but that it brings more technology to society in Israel. While the computers are given to one member of the family, every member of the family who so desires can learn to use it. "The spin-off is to the whole family, and that's what's of value," said Gandel.

Although he's personally computer-savvy, he admits that when he runs out of knowledge, it's his three and four-year old grandchildren who come to his rescue.

That's an experience that he wants to share with Israelis grandparents who don't have the wherewithal to purchase computers for their own grandchildren.

Causes with which Gandel is primarily associated in Australia come under the rubrics of health, education, culture and geriatrics in both the Jewish and non-Jewish communities.

"I see ourselves giving in these areas in Israel," he said, adding that it is very important now for Jews in the Diaspora to give additional support to Israel causes, and it is equally important that it be recognized that "Jews in the diaspora are not running away from their responsibility to Israel." It's easy to sit back and watch the news on television and take it for granted that Jews in Israel can look after themselves, said Gandel, but it doesn't work that way he observed, because Jews everywhere are affected by what happens to Jews in Israel.

For twenty years, Gandel was involved in a construction company in Israel, but the partnership split up and he was left without any investments here. But he wants the opportunity to remedy that situation. The problem is that everything in Australia is so fast-paced that he simply doesn't have the time to go out and explore the options. ********************* Computerworld Tech consortium created to improve software reliability

A group of 18 organizations from all sectors of the economy has teamed with Carnegie Mellon University in Pittsburgh to form a technology consortium dedicated to improving the reliability and security of commercial software.

Armed with $30 million in seed money from grants from private institutions, the new Sustainable Computing Consortium (SCC) announced this week will work to initiate public policy debates and create new standards and techniques for developing more reliable software.

In addition to the university, SCC founders include Microsoft Corp., Oracle Corp., American International Group Inc. (AIG), Cisco Systems Inc., Mellon Financial Corp. and NASA.

"Software systems have become the critical infrastructure of our nation and economy. Unreliable software has profound consequences," said William Guttman, director of the Pittsburgh-based SCC. He added that the loss of a single cellular telephone network node due to a software failure could cost a company $18,000 or more per minute.

In fact, statistics recently released by the Washington-based National Research Council show that U.S. companies spent $175 billion last year to repair damages caused by software defects and $12.3 billion to repair systems affected by computer viruses. SCC officials said those costs are likely to rise this year.

Taking Action

However, the software industry is still in its infancy when it comes to taking action on reliability and security issues, said Jim Morris, dean of the school of computer science at Carnegie Mellon.

Steve Perkins, senior vice president of Oracle's public-sector and homeland security division, agreed. "Software, as an industry, is pretty immature," Perkins said. "We lack the metrics, the standards and the discipline, [and] these kinds of capabilities cannot be architected [into software] after the fact."

"We now have all of the players who can address these problems," said Morris. He added that the SCC will be actively recruiting other companies to take part.

However, questions were raised during a press briefing regarding the incentives that exist for software vendors to improve the reliability and security of their systems. Many companies, such as Oracle, use the unique security features of their software as selling points and marketing tools against competitors.

Ty Sagalow, chief operating officer at New York-based AIG's eBusiness Risk Solutions group, one of the largest U.S. insurance companies that offers security risk insurance, said the insurance industry will play an important role in promoting "positive behaviors" in software developers.

However, Sagalow added, the SCC will be key in helping the industry quantify cyberrisks. "We must act now," he said. "There is a business need to create a cycle of risk management."

Guttman said the consortium hopes to define specific challenges and a plan for developing technological measurements within the next year. He declined to elaborate on specific deliverables and timetables. *********************** CNET Nonprofit to wire up rural Asian schools By Rachel Konrad

Room to Read, a nonprofit start-up dedicated to improving literacy in developing nations, will launch a new division Wednesday to wire impoverished classrooms in Asia. The San Francisco-based company, founded by a former Microsoft executive and funded largely by donations from technology workers and venture capitalists, developed its "Computer Room" project with cash from Microsoft, Global Catalyst Foundation and The Tibet Fund. Eleven classrooms in Nepal and Vietnam will be the first recipients of grants under the new program, which provides each school with four computers, one printer, all related hardware and software and a dedicated dial-up connection.

Room to Read founder John Wood said the group will be cautious when selecting the rural districts that receive computer grants; only those that already have strong teachers and established schools will receive computers. In addition, the communities that receive Room to Read computer grants must provide matching grants for teacher training and computer upgrades, repairs and maintenance.

"There are certain communities where doing this program would be putting cart before the horse. Some places don't even have electricity," Wood said Tuesday. "However, there are some communities where the education system is advanced enough. Computers are definitely not going to solve all these communities' problems on their own, but they could be part of a well-rounded curriculum in some areas."

Computer Room is the start-up's effort to close the digital divide and expand into computer literacy. Room to Read's primary goal is to improve overall literacy by building classrooms and libraries and providing scholarships in poor communities that have traditionally given short shrift to education. Room to Read also provides scholarships for girls, who have lower literacy rates throughout the developing world.

With only two full-time employees, Room to Read relies mainly on volunteers and donors at technology companies such as Microsoft, Sun Microsystems, Oracle and other tech employers, as well as Silicon Valley venture capitalists and philanthropists. The group has built 15 schools and 150 libraries, and it has donated 90,000 books to rural classrooms.

The 2-year-old nonprofit developed Computer Room based on the overwhelming demand of teachers and students in communities where it has already built schools, mainly Nepal, Cambodia and Vietnam. It received cash grants of $30,000 from Microsoft, $30,000 from venture capital firm Global Catalyst Foundation and $8,000 from The Tibet Fund.

Although $68,000 would be a negligible amount of cash for many San Francisco Bay Area technology start-ups, Wood emphasized that the money will stretch far in the developing world. The average computer room for a rural school costs about $4,000. He is also asking companies to donate software.

Wood dismissed concerns that Internet access would transform rural communities by exposing them to Western commercialism. He noted that Room to Read is encouraging donations of educational software and CD-ROMs to help children learn languages, advanced mathematics and physics--not just software that enables them to get into AOL chat groups to discuss American pop culture and trivia.

"The ultimate goal is to give them one more tool to improve their own lives," said the former Microsoft marketing executive, who was working in Microsoft's Hong Kong office when he quit to start the nonprofit company.

In the group's initial efforts at wiring classrooms, Wood said students and teachers are most impressed by e-mail. Although some schools in Katmandu and other tourist hubs use their connections to promote tourism and e-commerce, most people simply want to stay in touch with foreigners they've met over the years and family members who have emigrated.

"E-mail is such a popular application in these communities where people have been isolated for so many generations," said Wood, who travels to Asia frequently to supervise the building of Room to Read classrooms and installation of computers. "In Vietnam, many citizens grew up not able to communicate with the outside world freely or cheaply. Now they can keep in touch. They are amazed at the power of the Internet." *******************


Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 507
1100 Seventeenth Street, NW
Washington, D.C. 20036-4632
202-659-9711

Prev by Date: Clips May 21, 2002
Next by Date: Clips May 23, 2002
Previous by thread: Clips May 21, 2002
Next by thread: Clips May 23, 2002
Index(es):
- Date
- Thread