[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips May 30, 2002
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, CSSP <cssp@xxxxxxx>;, glee@xxxxxxxxxxxxx;, Charlie Oriez <coriez@xxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, computer_security_day@xxxxxxx;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;
- Subject: Clips May 30, 2002
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Thu, 30 May 2002 16:07:05 -0400
- Cc: lillie@xxxxxxx
Clips May 30, 2002
ARTICLES
'Digital Divide' Still an Issue, Consumer Groups Say
OMB accused of withholding computer security info from Congress
FBI Given More Latitude - New Surveillance Rules Remove Evidence Hurdle
Working group puts security into enterprise model
Web Site Aids Afghan War Efforts
EPA Urges Recycling, Not Dumping, Computers
nCube wins patent infringement case
Web Movie Piracy Up 20 Pct or More This Year-Study
A Libel Suit May Establish E-Jurisdiction
German Hacker Gets Probation
UK lags behind on broadband
Financial Database To Screen Accounts
Europe to Compete With U.S. Global Positioning System
FBI Shake-Up Puts IT as a Principal
Lieberman Plans Bill to Test White House's Broadband Resolve
Critics Say ICANN Should Compete For Net Governance Duties
European 'spying' laws savaged
Taxman halts online filing
Online Banking Finally Takes Off
Haycock is named to connect e-gov projects
Linux getting widespread support from government
ID theft rampant; options limited
Avoiding a busy signal in space
Next-generation chip meets mark
Scientists set to unveil anti-terrorism ideas in late June
Congressional panel issues information security report
Web site helps U.S. commanders in Afghanistan
U.S. government mulls antiterror technologies
European Parliament accepts anti-spam law
Alberta's high-risk offenders on the web
Scientists develop software to identify handwriting
Software's harder edge
From Junkie to, Well, Junkman
Schools to bone up on technology
A U.S. shield against foreign spam and hackers: national security or
censorship?
********************
Reuters
'Digital Divide' Still an Issue, Consumer Groups Say
Thu May 30, 6:26 AM ET
WASHINGTON (Reuters) - The "digital divide" separating the Internet-savvy
from the unplugged is still a cause for concern and the U.S. government
should consider subsidizing access, consumer groups said on Thursday.
Despite the fact that nearly two-thirds of all Americans now have access to
the Internet, less-affluent households run the risk of being shut out of
the digital economy because they are less likely to be online, said a
report sponsored by several consumer groups.
The U.S. government should reinstate technology-grant programs which have
been proposed for elimination in 2003, and should consider subsidizing
access for low-income and hard-to-reach households, the report said.
"In our view, the fact that we have reached the halfway point in the
diffusion of Internet access at home reinforces the need to seek policies
to get the job done as quickly as possible," said the report, which was
written by the Consumer Federation of America, Consumers Union, and the
Civil Rights Forum on Communications Policy.
Concerns over a "digital divide" first surfaced shortly after the Internet
began reaching a mass audience in the mid-1990s, as surveys showed that
Internet users tended to be affluent and white.
Recent figures have shown that gap subsiding as more Americans go online.
As of September 2001, 66 percent of the population used the Internet, with
access growing fastest among households earning less than $15,000 per year,
according to figures prepared by the Department of Commerce. The same
report found racial and ethnic gaps narrowing as well.
But households earning more than $50,000 are still three times as likely to
have Internet access at home than households earning less than $25,000, the
consumer groups pointed out. More-affluent households are also more likely
to have signed up for high-speed access, the report noted.
"Is the glass half empty or half full? Given the importance of the Internet
across a wide range of activities, the speed with which things develop in
cyberspace and the emerging indications of another digital divide on the
high-speed Internet, we must say the glass is half empty and in need of
filling," the report said.
******************
Government Executive
OMB accused of withholding computer security info from Congress
By Kellie Lunney
klunney@xxxxxxxxxxx
The Office of Management and Budget does not plan to provide detailed
information to Congress on agencies' current plans to improve computer
security, which could delay budget deliberations on security efforts for
another year, according to the General Accounting Office.
The 2000 Government Information Security Reform Act (GISRA) directed
agencies to conduct regular reviews of their security and information
practices. The law required agencies to submit the first round of their
security plans to OMB by September 2001, and to have programs to improve
security in place by October 2002.
OMB reported to Congress in February on how well agencies' were complying
with the law, praising them for some improvements, but also identifying
several weaknesses. Limited resources, poor accountability and a lack of
attention to computer security issues from senior management continue to
hamper agencies' efforts, OMB concluded.
But OMB did not provide Congress with specific information on agencies'
current plans to fix security problems, according to a May 2 letter from
Robert Dacey, director of information security issues at GAO, to members of
the House Government Reform Subcommittee on Government Efficiency,
Financial Management and Intergovernmental Relations.
Without such information, Congress does not have a clear picture of how
well agencies' current improvement plans are working and cannot properly
allocate money for computer security initiatives, Dacey said.
"Regarding OMB's position on providing information on agencies' corrective
action plans to the Congress, we believe that the lack of such important
information for this year's plans would delay Congress' consideration of
agencies' corrective actions in its oversight and budget deliberations for
federal information security for another year," Dacey said.
Although Congress has an important oversight role to play in evaluating
agency plans to correct information security problems, OMB must protect the
confidentiality of "predecisional" information contained in those plans,
OMB Director Mitch Daniels told GAO.
Dacey said OMB is working on a way to provide Congress with the necessary
information on agency plans in next year's GISRA reports. "We will continue
to work with OMB in an effort to find workable solutions to obtain this
important information from these first-year plans, as well as from future
agency corrective action plans."
Congress is now considering legislation that would permanently reauthorize
GISRA. The law expires in November 2002.
President Bush has requested $4.2 billion for information security funding
in fiscal 2003, which makes congressional oversight on future spending for
such programs "important to ensuring that agencies are not using the funds
they receive to continue ad hoc, piecemeal security fixes that are not
supported by a strong agency risk management processes," Dacey said in
March at hearing before the House Subcommittee on Government Efficiency,
Financial Management and Intergovernmental Relations.
*********************
Washington Post
FBI Given More Latitude
New Surveillance Rules Remove Evidence Hurdle
By Susan Schmidt and Dan Eggen
New Justice Department guidelines to be unveiled today will give FBI agents
latitude to monitor Internet sites, libraries and religious institutions
without first having to offer evidence of potential criminal activity,
officials said yesterday.
The changes, part of the Justice Department's effort to mount a proactive
war on terror, will mark a significant change for the FBI. While agents
have been permitted in the past to conduct such surveillance if they had
specific information, they have been loath to do so because of confusion
about what was actually permitted, law enforcement officials said.
Justice Department and FBI officials said the guidelines will remove
serious barriers to the prevention of terrorism.
"The concern is when we're confronted with people like [Zacarias]
Moussaoui, or even some of the hijackers, who are known to spend
substantial periods of time in mosques or other similar situations, it is
very difficult to find out what they're up to," said one senior law
enforcement official.
Terrorist organizations operating in this country have sometimes used
mosques as recruiting grounds and gathering places. Sheik Omar Abdel
Rahman, the blind Egyptian cleric now imprisoned for his role in the 1993
attack on the World Trade Center, built a radical following with links to
al Qaeda while preaching at mosques in Brooklyn and Jersey City, for example.
But as word of the new guidelines circulated yesterday, some civil
liberties groups expressed fears of a Big Brother government monitoring its
citizens.
"The FBI is now telling the American people, 'You no longer have to do
anything unlawful in order to get that knock on the door,' " said Laura
Murphy, director of the American Civil Liberties Union's Washington office.
"You can be doing a prefectly legal activity like worshiping or talking in
a chat room, they can spy on you anyway."
The new guidelines state simply that FBI agents may enter public places and
forums, including publicly accessible Internet sites, to observe, develop
leads and investigate. The guidelines do not specifically mention religious
institutions, but a senior Justice Department official said last night that
the impact of the changes will be dramatic in allowing the FBI to open a
window on extremist activity in mosques.
"These are open places," he said. Now, "just because they are FBI agents,
they don't have to turn a blind eye to activities visible to other people."
Under guidelines that have been in place for several decades, the FBI has
not been permitted to send investigators into religious settings unless the
agents can establish they are following a lead, or conducting an
investigation or preliminary inquiry. As a practical matter, the Justice
Department official said, "agents mistakenly think they have to stop at the
church door."
In a written description of the guideline changes made available yesterday,
Attorney General John D. Ashcroft stated that the department needs to be
able to "proactively draw on available sources of information to identify
terrorist threats and activities." In the past, he said, the FBI has been a
reactive body, and the guidelines "generally barred the FBI from taking the
initiative unless leads as to possible criminal activity or even more
substantial evidence of crimes happened to come to the FBI from external
sources."
The new rules will allow agents to surf the Internet for Web sites that
might give hints to terrorist activity, according to the description. The
new guidelines will allow investigators to seek out and "identify sites and
forums in which bomb-making instructions, preparations for cyberterrorism,
child pornography, and stolen credit card information are openly traded and
disseminated."
Under the existing policy, agents could pursue online searches only when
they could characterize them as checking leads or otherwise furthering an
ongoing investigation.
"Pure surfing or searching for the purpose of initially developing leads
was not allowed, even in relation to publicly available information that
anyone else is free to access and observe," according to the new policy
statement.
Agents will also be permitted to do topical research not directly related
to a specific crime under the new guidelines, such as research on a
biological agent.
The ACLU's Murphy said, however, that the new guidelines could open the
door to the same kind of problems evident in the FBI's aggressive
surveillance and harassment of the Rev. Martin Luther King Jr.
Several other aspects of the new guidelines, disclosed earlier this week,
will move some decision-making authority from FBI headquarters to field
offices around the country. FBI Director Robert S. Mueller III acknowledged
yesterday that changes must be made to counter bureaucratic inertia at
headquarters that led to missed clues in the Sept. 11 attacks.
Under the new guidelines, field office directors will be allowed to launch
terrorism investigations and undercover probes without clearance from
headquarters.
The guidelines are an outgrowth of privacy laws that prohibit the
government from collecting information except for law enforcement purposes.
In the past, the government developed information on specific cases but now
needs broader intelligence to prevent terrorist acts.
*******************
Associated Press
Customs to Address Nukes Smuggling
Thu May 30, 2:11 AM ET
By JEANNINE AVERSA, Associated Press Writer
WASHINGTON (AP) - The Customs Service's chief wants U.S. inspections done
on American-bound cargo containers while they are in foreign seaports,
addressing the threat that terrorists might try to smuggle deadly weapons,
nuclear included, into the United States.
It is also essential to ensure that terrorists do not attempt to come into
the United States aboard the roughly 6 million cargo containers entering
U.S. seaports each year, Customs Commissioner Robert Bonner said.
More is needed beyond tight security at U.S. seaports, land borders and
other points of entry into the United States, Bonner said Wednesday in an
interview with The Associated Press.
"That's the last line of defense," Bonner said. "That's the reason ... I
have proposed that we essentially move our zone of security outwards.
"That we actually have a strategy for searching and inspecting containers
that are high risk, for example, at the point of origin, rather than the
point of arrival rather than waiting for the container to come in to the
Port of Baltimore."
Under a recent agreement with Canada, U.S. Customs has put inspectors in
Montreal, Halifax and Vancouver to screen cargo headed for the United
States. Canadian Customs officials have inspectors at some U.S. seaports.
Bonner hopes to have similar arrangements worked out with other countries
in the coming months, possibly including Singapore, Japan, France, Germany
and the Netherlands. "I am cautiously optimistic," he said.
Fears of a terrorist nuclear assault on the United States have risen since
the Sept. 11 attacks in New York and Washington.
Bonner said he knows of no terrorist group trying to smuggle a nuclear
device into the country.
"The question is, `Should we be concerned about it?'" he said. "This is one
of those areas where I don't want to wait and see what happens."
Since Sept. 11, Customs has shifted its primary mission from detecting
smuggled narcotics to stopping terrorists, possibly with nuclear, chemical
or biological weapons, from getting into the country.
Specifically, Customs has increased security and provided better training
for its inspectors and agents at seaports, airports and border crossings on
land. Customs oversees roughly 300 points of entry into the United States.
It also is looking to use more sophisticated scanning and detection
technology at seaports and land crossings.
Still, "there are no guarantees" that such measures will stop a terrorist
from smuggling in a nuclear weapon, Bonner said. "No system is foolproof."
Bonner, a former federal judge and chief of the Drug Enforcement
Administration in the early 1990s, was sworn in as Customs commissioner on
Sept. 24.
U.S. intelligence, Bonner said, believes Osama bin Laden (news - web
sites)'s al-Qaida terror network is "determined to strike the United States
again. ... That much is clear.
"We don't know if al-Qaida or related terrorist organizations have a
nuclear device," he said.
"What we do know is that for at least the last five or more years they've
attempted to get ... radiological materials to build a nuclear device. They
consulted with a Pakistani scientist or engineer who was involved in the
Pakistani nuclear development," Bonner said. "Certainly there's been an
attempt to get a device."
Although bin Laden claimed on a videotape to have a nuclear device, Bonner
said, "I don't believe him."
Even with the shift in its mission, fighting terrorism isn't new to
Customs. The agency was credited with thwarting a terrorist attack before
the millennium celebration.
Customs inspectors stopped an Algerian man at the border at Port Angeles,
Wash., in December 1999 and found more than 100 pounds of explosives in the
trunk of his car. The man had trained in terror camps run by bin Laden.
**********************
New York Times
Plan Sharply Tightens Airport Screening
By MATTHEW L. WALD
WASHINGTON, May 29 A draft plan by the consultants advising the government
on how to take over airport security calls for more thorough screening of
selected travelers farther away from the airplanes, and a special card for
prescreened frequent travelers that would allow them to pass more easily
through security.
In a major change, passengers identified as requiring more careful scrutiny
would be singled out at the main entrances to airport concourses. At the
moment, screeners at those checkpoints do not usually have access to
information about passengers not even their names and thus give equal
attention to all travelers. Some officials have argued that picking out
suspicious people earlier might permit the screeners to focus their
attention more efficiently and reduce the amount of screening at the gates.
A draft plan, dated March 27, calls for making an updated version of a
computerized passenger profiling system available at the checkpoints.
Before Sept. 11 that system, known as the Computer Assisted Passenger
Profiling System, was set up to provide information at the check-in
counters and was used to decide which checked bags should be closely
examined. Since Sept. 11, the focus has shifted to include carry-ons.
Security officials said today that they were leaning toward making the
profiling system available at the checkpoints as well as at the check-in
counters. The plan was written by PWC Consulting, EDS Inc. and an EDS
subsidiary, A. T. Kearney. It also calls for a "registered passenger
program," under which people who voluntarily submitted to background checks
would be passed through some kind of streamlined security procedure,
although the document is not clear on this point. John Magaw, the head of
the Transportation Security Administration, has resisted such a system,
although some people in the travel industry strongly favor it.
The document divides the security administration's work into three steps,
starting with those needed for the agency to take over security at the 429
airports where the agency will work. The second stage involves the most
urgently needed improvements, like installing weapons detection equipment,
after the takeover. In the third stage, less urgent improvements would be made.
The first steps are already under way. The security administration took
over checkpoints at part of Baltimore-Washington International Airport on
April 30 and is supposed to replace all contractor employees by Nov. 19. By
Dec. 31, the agency is supposed to screen all checked baggage for
explosives. Much of its work is driven by those deadlines, which were set
by Congress.
The plan did not give a schedule for the second and third phases.
The second phase also includes the addition of video cameras and motion
detectors to enhance security and a "mini X-ray for shoes." Shoes that are
examined now have to go through the main X-ray machines.
Another possibility under discussion is express lanes for "premium
passengers" and for passengers carrying a single bag.
The chief security official at each airport would get cable television "for
news updates." Still other changes, which would not be noticeable for
travelers, would be secure radio communications on common frequencies for
all local law enforcement and emergency response personnel.
*******************
Government Computer News
Working group puts security into enterprise model
By Jason Miller
The CIO Council's enterprise architecture working group will emphasize
security and accessibility when it updates the federal architecture model
later this year.
Mike Tiemann, co-chairman of the working group, said the federal model must
show how security fits and flows through the framework. Tiemann, the
enterprise information architect at the Energy Department, last week spoke
at the Secure E-Business conference in Washington about the changes to the
federal architecture.
"Security and accessibility affects all parts of the model," he said. "Most
people do not understand how to integrate either one into their enterprise
architecture. We want to graphically depict it so they better understand."
When the CIO Council originally designed the architecture model, security
was not effectively considered, Tiemann said.
The working group also will release a guide on e-government enterprise
architecture by the end of July, Tiemann said. The group wanted to include
the Office of Management and Budget's 24 e-government project architectures
before releasing the guidance, he said.
"E-government is technology focused," Tiemann said. "The purpose is to set
a common reference model so when you talk about portals, you know how it is
defined or how it fits together."
*******************
Associated Press
Web Site Aids Afghan War Efforts
Thu May 30, 3:20 AM ET
By LEE KEATH, Associated Press Writer
BAGRAM, Afghanistan (AP) - The war in Afghanistan (news - web sites) is
going on line.
A drab tent under the Afghan sun hides a high-tech war room that soon will
become the nerve center of the campaign: Inside, tables are lined with
soldiers bent over laptops. They look up at computer maps of Afghanistan
projected on large screens illuminating the dim interior.
All are logged onto the Tactical Web Page, a secret, secure website being
used in combat for the first time, through which American commanders at
Bagram air base and in the United States can direct the fight in Afghanistan.
The system collects all information and communication in one place.
Commanders confer in chatrooms and pass on orders; messages scroll across
the screen, alerting developments from the field; maps show friendly and
enemy positions.
The tent actually a honeycomb of tents linked by narrow passages is the
headquarters from which Lt. Gen. Dan K. McNeill will work when he takes
command of Bagram air base, north of Kabul, as soon as Friday.
"The rule here is that you can reach any critical information within two
clicks of the mouse," Maj. Keith Hauk, the knowledge management officer,
said Wednesday.
With wary looks, soldiers at work in the tent closed their laptops as
journalists passed by on a tour of the facility. A copy of the website,
stripped of sensitive information, was projected onto one of the main
tent's large screens.
The command staff is confident that the web site is secure from hackers,
shielded behind digital security barriers called firewalls.
"There have been a few instances when unidentified computers have tried to
get in, in which case we throw up additional firewalls," Lt. Col. Bryan
Dyer said.
McNeill takes over the coalition campaign in Afghanistan at a time when the
hunt for al-Qaida and Taliban fighters has grown more complicated. Many
fighters are thought to have fled to Pakistan; those still here are
believed to be operating in small groups. U.S. and other troops have been
scouring eastern Afghanistan near the border for infiltrators.
"These are great tools," McNeill said, surrounded by the computer wizardry.
"But it serves one purpose, to reduce the complexity" of fighting the war.
"The sharp point of the spear are the soldiers, sailors, airmen and marines
who ... are taking the fight to those who would wage a terrorist war
throughout the world," he said.
McNeill's station in the war room, with his laptop, is in the center of the
first table in front of the projection screens. Behind it are five rows of
tables rising up like a stadium where "watch groups" monitor the action.
Commanders in the field send information up through the web site, and
orders flow back down to them. Generals at Central Command in Tampa,
Fla. which runs the U.S. military in the Middle East and Central Asia can
also log on.
With all sides logged on, "the boss can point out items on the map with his
subordinate commanders to draw up plans without everyone having to be in
one place," Dyer said.
The maps on the website and the tent screens can show all flights through
the region; icons point out U.S. and allied troops as well as enemy positions.
The network replaces the old system of paper maps and radio
communications though these are on hand in case of a breakdown.
"A computer with a bullet in it is just a paperweight," Hauk said. "A map
with a bullet in it is still a map."
********************
News.com
Last chance for E911 technology
By Ben Charny
Staff Writer, CNET News.com
May 29, 2002, 4:30 PM PT
An E911 technology used by three carriers is in critical condition after
failing to meet accuracy standards aimed at making sure rescuers can
quickly locate people calling for help on their cell phones.
Now the company that created the technology and licenses it to Cingular
Wireless, AT&T Wireless and VoiceStream Wireless is launching its final
two-month test that will likely decide the future of the technology,
executives say.
"The pressure is really on," said Chris Wade, chief executive of Cambridge
Positioning Systems, which created the (EOTD) Enhanced Observed Time
Difference technology. "We're focusing large parts of our company on this
effort."
All U.S. carriers are trying to meet a 1996 federal mandate to be able to
locate cell phones dialing 9-1-1 within 100 yards. While satellite-based
systems have proven easier to adapt to the standard, the land-based EOTD
system suffers in rural areas because of a lack of base stations to locate
a call.
EOTD uses up to four different cellular base stations to figure a cell
phone's location, measuring the arrival times of the call at various
different cellular antennas. But in rural areas, cellular base stations are
sometimes miles apart. Instead of four, it's likely there will be just two
base stations to help figure out the location, making it less accurate,
Wade said.
"This is not developing an IP router or a new kind of modem," he said.
"This was brand new, completely unthought-of-before technology that takes a
long time."
The technology has beaten the standards in urban tests, Wade said.
The three carriers using EOTD have already told the Federal Communications
Commission they will miss an upcoming June deadline because of problems
companies are having in making EOTD network equipment and handsets.
Cingular Wireless told the FCC it would abandon EOTD in 2003 if it still
doesn't have working equipment.
The upcoming tests will be conducted on Cingular's network equipment in San
Francisco, AT&T Wireless's networks in Dallas and Portland, and VoiceStream
equipment in Washington, Rhode Island and Texas, Wade said. The technology
has to locate two-thirds of 911 calls within 100 yards, the federal mandate
for E911 accuracy.
"Yes, sure, we are behind schedule; we are delayed," Wade said. "The real
answer is no technology is really good enough. You are going to get areas
in which you are very good and stunningly accurate, and you'll get some
areas that are absolutely horrible."
The FCC is considering requests for a delay from the three carriers to work
out the EOTD issues. The FCC has generally granted most delay requests, the
last coming in October when the FCC let all U.S. carriers miss a deadline
to begin building their E911 networks.
While most got off with a waiver, the FCC proposed fining AT&T Wireless
$2.1 million, a fine AT&T Wireless has promised to fight. Cingular Wireless
has agreed to make a "voluntary contribution" of $100,000 to FCC regulators.
*******************
Reuters
EPA Urges Recycling, Not Dumping, Computers
Wed May 29, 5:46 PM ET
By Chris Baltimore
WASHINGTON (Reuters) - Where do worn-out computer monitors and televisions
go when they die? Under a new recycling program proposed on Wednesday by
the Environmental Protection Agency (news - web sites) (EPA), fewer of the
lead-contaminated relics would be buried in local landfills.
As American consumers and businesses update to newer models, they will
retire 250 million computers over the next five years, the EPA estimates.
The cathode-ray tube in many a computer monitor holds about eight pounds of
lead, which is used to shield the viewer from harmful X-rays generated by
the screen. Lead has been linked to many harmful physical and mental health
effects, especially in children.
The EPA said it will soon publish proposed rules that would change the
classification of cathode-ray tubes to reusable products, rather than
waste. The new definitions are designed to encourage more reuse and
recycling by companies that salvage industrial materials or large U.S.
electronic retailers, which sometimes collect old computers from buyers of
new ones.
Late this year, the EPA aims to roll out a broader initiative to encourage
consumers to help recycle the aging computer screens that are piling up
across the nation, an agency spokeswoman said.
"The announcement today is the first step in addressing what are perceived
to be impediments for recycling of cathode ray tubes and televisions," the
spokeswoman said.
In a report issued in February, two environmental groups estimated that the
500 million computers in use worldwide contain 1.58 billion pounds (716.7
million kg) of lead and 632,000 pounds (286,700 kg) of mercury. About 70
percent of the heavy metals found in U.S. landfills is from such so-called
"e-waste" as discarded circuit boards, wires and steel casings, according
to the groups, Basel Action Network and Silicon Valley Toxics Coalition.
Mercury has been linked to neurological disorders and birth defects, and is
especially dangerous because its effect on the human body worsens
cumulatively with prolonged exposure.
The EPA also wants to discontinue its designation of the glass screens in
televisions and monitors as waste to encourage more recycling.
In addition, the EPA wants to bolster regulations of household items that
contain mercury, such as thermometers and many components of switches and
sprinkler systems.
Under its proposal, the EPA would treat mercury-containing computer screens
and televisions as "universal waste," requiring handlers to follow
regulations to keep them out of landfills.
The EPA has similar regulations for household items like batteries, lamps
and pesticides.
*********************
ZDNet
May 29, 2002 3:05 PM PT
nCube wins patent infringement case
Video-on-demand company nCube won a patent infringement case Wednesday
against rival SeaChange International, which was ordered to pay about $2
million in damages and a 7 percent royalty on sales of infringing products
back to Feb. 1, 2002, and in the future. Judge Joseph J. Farnan in Delaware
District Court decided to uphold the patent on Portland, Ore.-based nCube's
video server technology, which is designed to deliver video-on-demand
services to cable operators.
The suit, filed in January 2001, alleged that Maynard, Mass.-based
SeaChange's ITV System, which also enables VOD service, infringed on
nCube's patent, obtained in 1998. The VOD technology allows cable operators
to enhance a digital video server with additional hours of video storage,
allowing greater access to content by multiple households. --Stefanie
Olsen, Special to ZDNet News
**********************
Reuters
Web Movie Piracy Up 20 Pct or More This Year-Study
Wed May 29, 9:19 PM ET
LOS ANGELES (Reuters) - Viant Corp. , a research company tracking Internet
piracy, on Wednesday estimated between 400,000 and 600,000 film copies are
illegally downloaded daily on the Internet, up at least 20 percent from
last year.
A year ago, Viant had estimated that between 300,000 and 500,000 movies
were being illegally transferred daily over Internet channels such as
usenet, IRC, Gnutella (news - web sites) and FastTrack.
The surge in activity this year reflected the unprecedented frenzy of
illicit online trading centered on two of the summer's most-anticipated
releases, "Spider-Man" and "Star Wars: Episode II -- Attack of the Clones,"
it said.
After the "Star Wars" and "Spider-Man" marked their black market Web debut
in May, the number of file-swappers online at one time soared to over 9
million, Viant said. During peak hours about 2.5 million users were logged
on to the file-swapping Internet Relay Chat -- about five times the norm,
it said.
Viant estimated that of nearly 10 million people who appear to have sought
bootleg copies of "Star Wars" and "Spider-Man" on the Internet, only about
2 million to 3 million were successful in obtaining complete copies of either.
*********************
New York Times
A Libel Suit May Establish E-Jurisdiction
By CARL S. KAPLAN
Two years ago, when Stanley Young, a Virginia prison warden, learned that
two Connecticut newspapers had written stories about his prison's treatment
of inmates from that state, he went to read the four articles on the
Internet. He did not much like what he saw.
"I was a lot angry," recalled Mr. Young, head of Wallens Ridge State
Prison, a maximum-security prison in Big Stone Gap, Va. "There's a
difference between an inmate calling you an S.O.B. and newspapers
publishing false accusations and publishing them throughout the world."
Charging in a lawsuit that the articles suggested he was a racist who
encouraged abuse by his guards, Mr. Young filed a libel suit against the
two publications owned by the Tribune Company, The Hartford Courant, a
daily, and The New Haven Advocate, a weekly. (He also sued a writer and
news executive from each publication.)
But Mr. Young did not file his case in the defendant's jurisdiction.
Instead, he sued in Virginia, even though the newspapers had almost no
print circulation there.
That decision on where to sue is the nub of a legal dispute that could
reverberate nationally and internationally, lawyers say. Last year, a
federal district judge in Big Stone Gap ruled that Mr. Young's lawsuit
could proceed in his home state because the newspapers' Web sites were
accessible there and that was where injury to his reputation would have
taken place.
The defendants disagreed, and the question of jurisdiction is now pending
before the United States Court of Appeals for the Fourth Circuit in
Richmond, Va., where oral arguments are scheduled for June 3.
Advocates of free speech and news media lawyers worry that if the district
court decision stands, online publishers could be sued for defamation in
any state or country that an online article is read. "The danger is that a
doctrine of this sort could cause publications large, small or medium to
decline to put on their Web pages material that might offend a person in a
remote jurisdiction," said Robert M. O'Neil, director of the Thomas
Jefferson Center for the Protection of Free Expression, in Charlottesville,
Va.
Mr. O'Neil is a co-author of a brief in support of the defendants that was
also signed by 26 media companies and trade associations, including The New
York Times Company, The Associated Press and the Washington Post Company.
The backdrop to the Young case is the public debate that surrounded
Connecticut's decision in 1999 to begin sending inmates from its own
prisons to high-security prisons in Virginia, including Wallens Ridge.
Newspapers in Connecticut closely followed the prison relocation. On March
30, 2000, The New Haven Advocate published in its print and Web versions a
news article by a reporter, Camille Jackson, about the prison transfers and
reports of harsh conditions at Wallens Ridge. Around the same time, The
Hartford Courant published on its Web site three newspaper pieces by a
columnist, Amy Pagnozzi, that questioned Connecticut's prisoner-relocation
policy and reported on inmate letters that spoke of mistreatment by prison
guards.
Gail Thompson, a defendant and the publisher of The Advocate, declined to
comment on the case. The two reporters Ms. Pagnozzi and Ms. Jackson, who
are also defendants, did not respond to phone calls or e-mail messages.
Brian Toolan, editor and senior vice president of The Courant as well as a
defendant in the case, said that he was surprised by the lawsuit. "You try
to be as diligent as you can be on the editing and are always taken aback
when someone chooses to sue you," he said.
In their appeal, lawyers for the Tribune Company, which is based in
Chicago, argue that Virginia should not have jurisdiction in the Young case
because, beyond the fact that their Web sites can be viewed there, the
publications have no real contact with the state.
"All publications and all news and information sites have a certain
audience that they target," said Stephanie S. Abrutyn, a lawyer with the
Tribune Company. The Courant's Web site exists clearly to publish
information in and about Connecticut, she said. Likewise, the Advocate's
site is aimed at readers in and around New Haven. In neither case did the
defendants not take any steps to open themselves to litigation in Virginia
nor did they have the "minimum contacts" with the state that the Supreme
Court requires in jurisdictional matters, she said.
But other lawyers believe that libel law has its own peculiarities when
applied to the Internet.
Dan L. Burk, a University of Minnesota law professor who has written about
online jurisdiction, said that the law views a publisher as intentionally
directing harm to the place where the libel victim's reputation
matters where he or she lives, and where his or her friends read the
articles. The mere posting of a possibly libelous article is enough to
merit jurisdiction in the state where the plaintiff resides, he said. "I'd
love to see the Supreme Court revisit that, but as the law stands now, that
is what it says," Mr. Burk noted.
The law as it is generally interpreted makes sense to Mr. Young, the
warden. "I've never been to Connecticut in my life," he said. "These
articles came to Virginia. These articles came to my community."
If the appeals court affirms jurisdiction in the case, regional or local
news publications may have to be more careful about what they post online.
Lawyers say that national news organizations might be less likely to
self-censor their Web postings because in all likelihood they are already
subject to jurisdiction in every state owing to their countrywide print
circulations. But even national newspapers may have to worry about being
sued in libel-friendly countries where their online articles can be read,
other lawyers say.
Recently, for example, Barron's, the financial weekly based in New York,
which circulates a small number of print copies to Australia, was taken to
court in the state of Victoria. A Melbourne businessman, Joseph Gutnick,
said that he was libeled in an article in October 2000 about his business
dealings with religious charities which was posted on Barron's Online, a
feature of a subscription-based Web site operated by Dow Jones & Company.
Dow Jones acknowledged that it had several hundred online subscribers in
Victoria but argued that the case should be heard in New Jersey, where its
Web computers are based.
A lower court in Victoria ruled in Mr. Gutnick's favor last August,
concluding that it had jurisdiction in the case because the online article
was read in Victoria, and thus "published" there. The issue is being
appealed to Australia's highest court, which is scheduled to hear arguments
tomorrow in Canberra.
Matthew Collins, an Australian lawyer who has written on Internet libel,
said a decision by a United States appellate court affirming Mr. Young's
jurisdictional claim could bolster judges in Australia and elsewhere.
American courts, he said, are widely regarded as being the most protective
of free expression, and a ruling adverse to news media interests would
carry weight.
In any event, Mr. Collins advised publishers, "If you want to publish on
the Internet material targeted to the reputation of a foreigner, you'd
better have regard for the standards of law where the foreigner resides."
***********************
Wired News
German Hacker Gets Probation
Self-proclaimed hacker and "330-pound loudmouth" Kim "Kimble" Schmitz was
found guilty of insider trading by a Munich court and sentenced to 20
months probation.
He was also ordered to pay a 100,000 euro fine (roughly $93,000) for a
stock trade that reportedly netted him $1 million.
In late January, Schmitz was deported to his native Germany after being
arrested in Thailand, where he had seemingly fled to avoid legal charges.
He remained in a Munich jail until his sentencing Tuesday.
Attorney Roland Gutzler said that court papers indicated that Schmitz could
have "at least in theory" received a five-year sentence, but received
probation primarily because of a "favorable social prognosis."
"It should mean that they feel he is reformed and will be a credit to
German society, but really it's just the standard set of words used in this
sort of paperwork," Gutzler said.
Schmitz had previously been slapped with a two-year probation sentence for
fraud and has also been charged with 14 counts of driving without a license.
In his most recent trial, Munich prosecutors charged that Schmitz, through
his investment firm Kimvestor, had bought shares worth roughly 350,000 euro
($327,000) in Letsbuyit.com, an online cooperative purchasing service.
According to financial disclosure papers filed by Letsbuyit, the day that
he purchased the stock, Schmitz also informed the owners of Letsbuyit that
he would put up 50 million euro ($47 million) to help the struggling
company avoid bankruptcy.
When that promise was made public the next day, share price rocketed from
25 euro cents to 60 cents, fueled by previous glowing media coverage of
Schmitz's many financial successes.
A day later, Schmitz sold his shares at 150 percent profit, netting roughly
1.2 million euro.
Before the stock trade coup, Schmitz had supposedly made a fortune with his
computer security firm.
He also purported to head up a group of what he claimed were the world's
best hackers.
Last October, "YIHAT" (Young Intelligent Hackers Against Terrorism) were,
Schmitz said, busily engaged in tracking down terrorist Osama bin Laden,
and the first hacker to provide information directly leading to bin Laden's
capture would receive a $10 million reward from Schmitz.
German financial magazine Die Teleboerse investigated soon after news of
the reward was released and reported that Schmitz was deeply in debt and
was being pursued by creditors.
*********************
Associated Press
Frontier Withdraws Hotwire Complaint
Wed May 29, 9:07 PM ET
By NICK WADHAMS, Associated Press Writer
DENVER (AP) - Frontier Airlines on Wednesday withdrew a complaint against
Hotwire (news - web sites).com after the Internet travel agency agreed to
remove Frontier's name from its ad campaign.
Denver-based Frontier had sent a letter to the U.S. Department of
Transportation claiming Hotwire's ads were deceptive and depicted Frontier
as untrustworthy.
Hotwire's campaign included radio spots in which people were asked to use
Hotwire and rival Web sites to search for low fares. In one, a man using
Travelocity.com finds a round-trip flight to Dallas on Frontier for $575,
compared with $229 from Hotwire on an unnamed larger carrier.
After the Hotwire announcer gives the Frontier fare, he says, "You wanna
fly on a major carrier?" The customer replies: "Yeah, I would. That would
make me feel a lot more comfortable, man."
Frontier said the ad didn't include necessary information about the flight
that would dictate the price, and that it implied passengers wouldn't feel
comfortable on Frontier.
"We felt it painted Frontier in a very unfair light," Frontier CEO Jeff
Potter said. "We weren't seeking anything, just the acknowledgment that
this wasn't fair."
In a letter to Frontier on Wednesday, Hotwire Chief Executive Officer Karl
Peterson said the company didn't mean to imply Frontier was unreliable or
untrustworthy.
"I regret that any consumer would have interpreted the advertisement in
this manner," Peterson wrote.
Privately held Hotwire is backed by American, Northwest, Continental and
United airlines (news - web sites).
*********************
BBC
UK lags behind on broadband
The UK is still one of the worst places for broadband in the world, despite
falling prices for high-speed internet access.
A report from the Organisation for Economic Co-operation and Development
(OECD) puts the UK at number 22 out of the 30 richest nations for broadband
take-up.
The UK has not moved position since the last OECD study in October, says
the report leaked to the technology news weekly Computing.
It could prove embarrassing for the government, which has pledged to make
the UK the best place in the Western world for broadband services by 2005.
'Rapid growth'
A spokesperson for the Department of Trade and Industry said they would not
comment on the report until its official publication later this year, but
added that the true picture might not be represented.
"The UK is experiencing rapid growth and there has been a 50% increase in
broadband connections since the beginning of the year," she said.
"It is growing faster than a lot of its competitors and has some of the
cheapest internet prices in the world."
Much of this growth is driven by price cuts from telecoms giant BT.
But according to the latest report from the European Competitive
Telecommunications Association (ECTA), the UK is still lagging behind its
European neighbours, coming in sixth out of 15 for DSL connections.
When the number of connections per population is taken into account. the UK
falls to 12th place.
Lack of competition
DSL is the dominant technology for broadband, offering high speed net
access via existing telephone lines.
The figures do not take account of cable connections which could change the
ranking of the UK, pointed out a spokesperson for ECTA.
He also added a caveat to the OECD figures.
"The UK wouldn't need to add a lot of lines to shoot up the table and these
figures were compiled before the BT price cuts," he said.
However, ECTA is worried by the lack of competition in the European DSL
market, which is still monopolised by a handful of powerful telecoms firms.
Of the total 5.3 million DSL connections in Europe, only 10% are offered by
competitors.
"ECTA's concern is the growing dominance of incumbent telephone operators
in this crucial new market," Managing Director of ECTA Phil Evins said in a
statement.
In a week of surveys scrutinising the impact of broadband, the European
Commission has also produced a report looking at how member states are
faring in creating a competitive market for high-speed internet services.
The report, eEurope 2005, stresses the vital need for competition in order
to provide a rich array of affordable services.
It urges governments to provide financial incentives for the switch to
broadband, particularly in remote areas.
********************
Washington Post
Financial Database To Screen Accounts
Joint Effort Targets Suspicious Activities
By Robert O'Harrow Jr.
NEW YORK, May 29 -- Leading financial services firms here have formed a
private database company that will compile information about criminals,
terrorists and other suspicious people, for use in screening new customers
and weeding out those who may pose a risk.
The company, known as Regulatory DataCorp Int'l LLC, comes as financial
services face strict new government mandates to make efforts to identify
those who may want to use the U.S. financial system for illegal activity
and file reports of suspicious activity to federal investigators, according
to people involved in the effort.
One organizer predicted the new computer system will become "the world's
best database of public information" about individuals, companies and
groups who may be involved in fraud, terrorism funding, money laundering
and other crimes. The organizer said it already has about 5 million files.
"It's got terrorists and suspected terrorists and other bad people," one
official said. "I'm going to be able to take a million account holders on a
tape and give it to this company . . . and they're going to give me back
reports."
Among the founders are Goldman Sachs Group Inc., Citigroup Inc., Merrill
Lynch & Co., UBS PaineWebber Inc. and more than a dozen other banks, asset
managers and credit card companies in the United States and abroad.
Organizers did not want to be identified until all the final details are
worked out over the coming weeks.
But they said they're confident the collaboration will improve the safety
of the financial system by helping firms better identify known criminals
and terrorists.
While the privately held company does not need government approval,
regulators have seen demonstrations of its computer system, a government
official said.
Many database companies maintain demographic and marketing files about
people, some that include law enforcement records. But this is one of the
few that focuses on helping financial companies comply with
anti-money-laundering regulations, including requirements in legislation
approved after the Sept. 11 terror attacks.
Among other things, new legislation requires banks and other financial
companies to monitor private banking and correspondent accounts for money
laundering. They also must verify the identities of new customers and match
names against lists of known terrorists.
Another new company that offers a similar service is World-Check Inc.,
which describes itself as the "world's largest banking compliance
database," a computer system with about 55,000 names that "is used for
vetting undesirables, assessing potential high risk clients and
'know-your-customer' requirements." World-Check claims to add 5,000 names a
month to its files.
Information specialists said both those initiatives raise questions about
consumer privacy, in part because of the risk of misidentifying an individual.
Mary Culnan, a business professor and information technology specialist,
said she believes the database will eventually mistakenly identify people
who have similar names, or prompt financial services officials to
incorrectly spurn some customers.
It's not clear what rights an individual would have to appeal such a
decision or to review records about themselves.
"If all the banks are using the same system and they reach the same
conclusion incorrectly, that is wrong," said Culnan, a professor at Bentley
College in Waltham, Mass. "They may black-mark people unfairly."
"It's the elite in the financial world taking matters into their own
hands," said Evan Hendricks, editor of the Privacy Times newsletter. "It's
the search for the perfect database on bad guys. What they might not
realize is there is so much bad information out there."
One banking official working with Regulatory DataCorp acknowledged those
risks, saying they exist in the technology-driven banking system now.
Organizers said they have carefully considered the privacy issue with
specialists and intend to protect individuals. Before taking any action,
they will dig deeper to be sure of a customer's identity and attempt to
confirm any allegations and reports, he said.
About 20 companies, led by Goldman Sachs, form the core of the Regulatory
Data cooperative, which has been in the works for about two years. The new
firm intends to operate for profit and offer the system up to a nationwide
array of financial companies. It remains unclear the degree to which
others, such as private investigators or lawyers, will be allowed to use
the system.
The company will rely on the Internet and investigators on the ground to
gather details from government records, lists of known suspects or
terrorists, press reports and other public documents from around the world.
Some files could go back decades, but the database won't contain
confidential transactional data, two organizers said.
*******************
Washington Post
Europe to Compete With U.S. Global Positioning System
By Caroline Chaumont
Rockets are supposed to begin lifting off in 2006 to carry 30 European
satellites into orbit. The satellites will emit signals that will allow
people with receivers -- drivers, sailors, rescue workers and pilots, for
example -- to determine their precise locations on Earth.
It is similar to what the U.S. Global Positioning System already does, and
the pending launch of a rival is fueling a new transatlantic dispute.
U.S. officials have called Europe's $3.2 billion Galileo project wasteful
and say Europe could better spend the money upgrading its armed forces. But
European governments argue that Galileo is crucial to the future of their
high-tech industries and to loosening their dependence on the United States.
Transportation ministers of the 15 European Union countries approved the
project in March. Now U.S. and EU officials are meeting to see whether they
can make the systems compatible and ensure that a standard receiving unit
could work with both systems.
Objections to Galileo stem in part from longtime U.S. claims that Europe
doesn't pay its fair share of defense costs. But the satellite project also
could become a classic trade dispute if the United States concludes that
its companies are being unfairly cut out of Galileo-related business.
"Galileo is a perfect example of the increasing trade competition between
the EU and the U.S.," said Xavier Pasco, a senior researcher at the
Paris-based Foundation for Strategic Studies.
The decision to proceed was reached after months of political debate in
Europe. Jacques Chirac, the French president, had warned that failure to
advance the project would leave Europe a "vassal of the U.S." Italy and
Spain were also strong supporters, but Britain and the Netherlands
expressed doubt about the need for and the economic prospects of such a system.
The debate came as many European policymakers were concluding that the Bush
administration is "unilateralist," willing to press ahead without
consulting its allies. The United States had dropped out of the Kyoto
global-warming treaty, was planning a missile-defense system and taking
what Europeans see as an excessively military approach to terrorism.
Now that the Galileo decision is official, it is being held up as a great
political achievement. "Europe has proved its determination to be an actor
on the international scene," said European Transport Commissioner Loyola de
Palacio.
Advocates of Galileo see enormous industrial and commercial potential. They
often compare Galileo to two of Europe's technology success stories --
Airbus Industrie, an aircraft manufacturer, and Arianespace, a rocket
consortium. The European Commission, the EU's executive body, has described
Galileo and the contracts it will generate as "vital for the future of the
European high-tech industries."
EU officials say that Galileo will be better than GPS, giving more accurate
readings with wider coverage, especially in urban areas and northern
latitudes. They say Galileo will be more reliable, too, because the U.S.
system is under Pentagon control and might be denied to civilian users in
an emergency. GPS consists of 24 satellites owned by the U.S. government.
Galileo would be financed jointly by government and private money and
operated as a civilian entity, though there are provisions for military
use. Users of its most sophisticated services would have to pay for them,
but they would get a service guarantee.
In Washington, many still question the utility. "GPS would meet the world's
needs for the foreseeable future," said Ralph Braibanti, director of the
Space and Advanced Technology Staff at the State Department.
U.S. experts argue that the war in Afghanistan has focused renewed
attention on Western Europe's military deficiencies and that they need more
than ever to be corrected. "How can you spend your money duplicating a
system when so many other needs exist?" said Frank Kramer, a former
assistant secretary of defense.
The U.S. Defense Department has also expressed concerns that Galileo might
interfere with GPS signals. That would raise security issues for the United
States, whose armed forces rely on GPS worldwide. The Europeans have
promised to prevent any such interference.
There is also concern in the United States that the EU could mandate the
use of Galileo, to raise money and pay for the system. "Imagine that a
plane could be required to use the Galileo system when flying in Europe,"
said Jeffrey Bialos, a former U.S. negotiator on Galileo and now a senior
fellow at Johns Hopkins University.
U.S. officials make a free-market argument against that. "Users should be
free to choose the service or combination of services that best meet their
needs," Braibanti said. The United States also wants to ensure that its
manufacturers are not cut out of equipment and services contracts that
could total close to $8 billion a year.
The United States is now largely resigned that Galileo will proceed and is
talking with the Europeans about how to avoid interference and
incompatibility. "It should be a global utility, like the Internet," Bialos
said. "There are risks for a potential trade dispute if both sides don't
stop with their insular tendencies."
"The markets will be open and competitive," said a European Commission
official, adding that the United States continues to maintain barriers in
parts of its aerospace market.
Other analysts see Galileo as having the potential to bring the two sides
together. "Galileo could create a model of cooperation and go beyond the
fierce competition existing in the aeronautics and aerospace sector," said
Laurence Nardon, a research associate at the French Center on the United
States.
**********************
Washington Post
FBI Shake-Up Puts IT as a Principal
Wilson P. Dizard III
Government Computer News
As part of a massive shake-up of the FBI, director Robert Mueller announced
May 29 that a technology upgrade program is one of the agency's top ten
priorities.
Acknowledging that the FBI had handled terrorism clues inefficiently before
Sept. 11, Mueller pegged the agency's technology upgrade as critical to its
new counterterror focus.
The reorganization will include reassigning 518 FBI agents to counterterror
duties, adding agents from the CIA and hiring more special agents to
prevent and prosecute attacks. With the new agents to be added in fiscal
2003 and 2004, a total of about 900 FBI agents will focus on counterterror
work, according to Attorney General John Ashcroft, who also appeared at the
press conference announcing the reorganization.
Mueller said the technology upgrades must go beyond simply buying more
hardware and include educating FBI personnel so that they become
comfortable with high technology. The agency will also recruit IT
specialists, scientists and engineers to buttress its technological fight
against terror.
Counterterrorism is the agency's top priority, Mueller said. The FBI will
in the future rank protecting against cyberattacks as its third most
important responsibility; its second concern is fighting espionage directed
against the United States. Following cyberattacks on the priority list are
combating public corruption, enforcing civil rights, fighting violent crime
and investigating major gangs.
The agency is dramatically demoting its war against drugs, reducing
antidrug units by 400 special agents. It will also continue to investigate
environmental crimes and strengthen its ties with state and local law
enforcement, Mueller said.
Mueller said the FBI's computer capabilities must be upgraded to permit the
use of artificial intelligence tools that would automatically scan its
records to detect patterns of terrorist organizations.
"Our analytical capability is not where it should be," Mueller said as he
pledged to strengthen the agency's processing of intelligence. "Our
technology is years behind where it should be."
The FBI also will establish a national Joint Terrorism Task Force to
supplement the 56 regional Joint Terrorism Task Forces and flying squads
that reinforce FBI field offices when terror incidents occur.
*********************
Washington Post
White House Stressing Civil Liberties in Homeland Security Plans
By Brian Krebs
washingtonpost.com staff writer
Wednesday, May 29, 2002; 4:59 PM
Protecting privacy and civil liberties will be key guidelines for the Bush
administration as it evaluates thousands of private-sector technology
proposals for fighting terrorism and protecting the nation's critical
infrastructure, the White House's top science adviser said today at a press
briefing.
"The president is very committed to not undermining the civil liberties we
are fighting to preserve," said John Marburger, director of the White House
Office of Science and Technology Policy.
"On the ultimate questions that might have an impact on civil liberties,
the president himself is going to have to weigh in," Marburger said. "He's
very interested in these tradeoffs and finding solutions that are not
intrusive on our way of life, although some sacrifices are inevitable."
In the wake of Sept. 11, the Bush administration began soliciting
recommendations on how it could best use technology to patch the nation's
most vulnerable spots from terrorist attack.
In late June, the National Academies is expected to release the first phase
of its study detailing which technologies are ready for prime time and
those that would be better suited for more research and development.
The study will also examine how the United States can improve national
cybersecurity through research, and will offer recommendations to help
ensure that programs requiring increased collection and integration of
citizens' personal do minimal damage to civil liberties.
Marc Rotenberg, executive director of the Electronic Privacy Information
Center, said the administration's mindset is a tacit recognition that there
is no single technology that can perfectly balance law enforcement needs
with privacy interests.
"We're learning this very precisely over the FBI's investigative
techniques," Rotenberg said.
On Tuesday, EPIC showcased an internal FBI memo it obtained that indicated
that a technical glitch with the controversial "Carnivore" e-mail snooping
device caused the law enforcement agency to bungle a March 2000
surveillance operation involving Osama bin Laden's terrorist network.
EPIC and other privacy groups have alleged that Carnivore can also retrieve
e-mails from innocent people not involved in an investigation.
"There needs to be a structural way to incorporate public concerns over
privacy, maybe some sort of national commission on civil liberties or
public hearings," Rotenberg said.
When asked how the federal government would gauge public concern over
privacy in the administration's strategic plan, Marburger conceded that
some form of feedback mechanism might be necessary.
"There's a balance question here and I think it can be achieved by
testing," he said. "So we'll try to have processes that are partly top down
and partly responsive to concerns expressed as the issues are tried out."
Lewis M. Branscomb, a Harvard University professor and co-chair of the
National Academies study, said panelists will pay special attention to
technologies that serve "dual use" - or both military and civilian - purposes.
An example of such a proposal might include a technology that helps health
officials respond to a infectious disease outbreak, Branscomb said.
"Whatever technical strategies turn out to be, (companies) ought to always
be looking for that opportunity to have dual-use benefits, because that
will reduce the difficulty of having to do it, reduce the costs to society,
and probably increase the speed in which it gets done," he said.
***********************
Washington Post
Lieberman Plans Bill to Test White House's Broadband Resolve
By Brian Krebs
Sen. Joseph Lieberman (D-Conn.) said Tuesday he intends to offer
legislation that would force the Bush administration to spell out a
comprehensive strategy to speed the deployment and adoption of high-speed
Internet services.
Speaking at a meeting of high-tech industry leaders in Alameda, Calif., the
former vice presidential candidate and chairman of the Senate Governmental
Reform Committee chided the White House for what he called a failure to
advance any coherent strategy to facilitate broadband.
"Many in Washington have been focusing, almost myopically, on short-term
obstacles to the next small jump in speed," Lieberman said. "Decisions are
piling up on spectrum, competition, rights management, spam, privacy, child
protection and more."
Lieberman said he plans to introduce legislation next week - the National
Broadband Strategy Act of 2002 - that would provide tax credits for
broadband deployment, encourage research and development for broadband
infrastructure, and support research on federal programs that use
high-speed services to improve education, health care, homeland security,
and e-government.
The senator also said he would propose a bill that would require the
Federal Communications Commission "to develop a regulatory framework to
meet the challenges of the next generation Internet."
Bruce Mehlman, assistant secretary for technology policy at the Commerce
Department, said a preliminary review of Lieberman's proposal "suggests few
new ideas or facts."
As evidence of the administration's involvement in broadband policy,
Mehlman cited the White House push to make permanent the research and
development tax credit, as well as its backing for a new law that increases
deductions for new technology purchases.
"I would suggest that there are both supply side and demand questions, and
we have been doing a lot to improve public understanding on the demand
side," he added.
Earlier this year, the Bush administration sponsored a broadband policy
forum that focused on digital rights issues that many companies say are
preventing them from offering compelling online content designed
specifically for high-speed pipes.
"As the senator learns more about the issue, I think he'll find the
administration heavily engaged on a wide variety of fronts," he said. "But
the newfound interest of such a high profile senator should clearly advance
this important issue."
*******************
Washington Post
Critics Say ICANN Should Compete For Net Governance Duties
By David McGuire
The Internet Corporation for Assigned Names and Numbers (ICANN) should be
forced to compete for the right to continue managing the Internet's global
addressing system, a group of influential public interest groups said today.
"Requiring ICANN to compete against qualified bidders will provide a strong
incentive for ICANN to engage in a thorough housecleaning and become more
genuinely responsive to the comments of stakeholders," the groups wrote in
a letter addressed to National Telecommunications and Information
Administration (NTIA) chief Nancy Victory.
The American Civil Liberties Union, Consumers Union, Consumer Federation of
America, Electronic Privacy Information Center and Electronic Frontier
Foundation all signed onto the letter, which was organized by the
Washington-based Media Access Project.
The groups argue that ICANN has repeatedly failed to give the international
public any meaningful role in Internet governance.
Since 1998, ICANN has managed the worldwide Domain Name System (DNS) under
a series of agreements with the U.S. Commerce Department. Those agreements
- which are managed by the NTIA - are up for renewal in September.
ICANN President Stuart Lynn today accused the groups behind the letter of
trying to mold ICANN into something it was never intended to be.
"Half of the signatories to this letter have never been to an ICANN
meeting, so I'm not sure why they signed; and the other half are part of
this group that is trying to transform ICANN from a limited technical body
into a worldwide experiment in global democracy," Lynn said.
But ICANN critics say that the organization's failure to adopt democratic
processes is contributing to a growing sense that ICANN is unwilling to
establish the transparent and open processes required under the Commerce
Department deals.
"I think the letter is a signal that people in the public interest
community are increasingly disappointed and disgusted with ICANN," Center
for Democracy and Technology (CDT) Associate Director Alan Davidson said today.
Davidson said he did not sign the letter because he still hopes ICANN will
fix itself. "You can't just get rid of ICANN without a clear understanding
of what the alternative is," Davidson said. He said he shares the
frustrations that inspired the letter signed by the public interest groups.
At a meeting in Ghana in March, ICANN voted to restructure itself, in the
process abandoning plans to establish a global mechanism to allow ordinary
Internet users to directly elect some of ICANN's leaders.
Instead, the ICANN board of directors ordered an internal committee to
develop a plan to reform the organization, drawing on a proposal drafted by
Lynn.
Media Access Project Associate Director Harold Feld said he hopes the
letter will spur ICANN to rethink Lynn's reform proposal and draw up a plan
that is more sensitive to public needs.
"We're not at a point where we think the that the ICANN reform process has
failed," Feld said.
If the letter spurs greater scrutiny of ICANN, it may make the leaders of
the organization "take this reform process seriously rather than taking it
as an exercise in confirming their own wisdom," Feld said.
NTIA spokesman Clyde Ensslin today said that the agency does not comment on
the many suggestions it gets regarding ICANN and DNS management.
He added that because the Commerce Department's agreement with ICANN is a
"memorandum of understanding" and not a contract, the Department does not
have the option to "re-bid" the deal.
When the agreement expires in September, the Commerce Department can drop
it, renegotiate it or renew it, Ensslin said.
********************
Washington Post
American Internet Users Are Often Software Pirates - Study
Steven Bonisteel
Newsbytes.com Staff Writer
Wednesday, May 29, 2002; 4:52 PM
A software industry trade group says that the majority of Internet users
who have downloaded commercial software online have failed to pay for all
the copies they later installed.
The Business Software Alliance (BSA) said today that a new survey based on
interviews with more than 1,000 Internet users suggests that nearly half of
America's online population has downloaded commercial software, but as many
as 81 percent have not always paid for every copy they made - perhaps
installing software licensed for a single user on multiple office PCs.
What's more, the BSA said, 57 percent of those who have downloaded software
"seldom or never" pay anything at all for those applications.
However, only 12 percent of the respondents in the survey conducted by
Ipsos-Reid reported that they had ever committed "software piracy."
"This is the first time we've identified end user attitudes about online
theft," Robert Holleyman, president of the BSA said in a prepared
statement. "And what we found is a disturbing behavioral trend that
violates copyright laws and costs billions of dollars and hundreds of
thousands of jobs every year."
However, Holleyman said he was encouraged by the survey's somewhat
contradictory finding that 95 percent of Internet users feel software
creators should be paid for their work.
Some 85 percent agreed that intellectual property protections "are crucial
for protecting the revenues companies depend on to fund research and
development," the BSA said.
"Internet users recognize the value of intellectual property," Holleyman
said. "Now we need to continue our efforts to help them understand that
illegal downloads do serious harm to those very companies and developers
they believe in protecting."
The BSA said that, when Internet users were asked if they would download
unlicensed or pirated software to save money, almost half said "it would
depend on the circumstances."
Holleyman said the "alarming degree of online consumer piracy" shows a need
for education and enforcement programs.
On the enforcement side, the BSA said it is using special software to scan
the Internet for unauthorized software being traded on peer-to-peer
networks, Internet Relay Chat (IRC) channels and Web and FTP sites.
After three months of searching, more than 8,500 notices have been sent to
software infringers' Internet service providers, the BSA said.
Reported by Newsbytes.com, http://www.newsbytes.com .
*****************
BBC
European 'spying' laws savaged
Civil liberty groups have condemned a European Parliament decision to let
law enforcers spy on phone and net users.
They also sharply criticised the parliament's decision to force phone
companies and net service providers to keep for years logs of what
customers are doing.
The parliament said the measures were necessary following the 11 September
attacks to safeguard national security.
But some MPs said the decision handed too much power to the state at the
expense of individual privacy and liberty.
Terror fight
The parliament voted to adopt the new data protection and privacy rules on
Thursday.
Once adopted, national governments will be forced to draw up laws to put
the directive into practice.
Before the vote, a coalition of 40 civil liberty groups issued a joint
statement warning that some of the proposed amendments could have
"disastrous consequences for the most sensitive and confidential types of
personal data".
One of the most contentious amendments called for police forces to be given
the power to make net service and phone companies keep extensive logs of
what their customers are doing.
Some governments were calling for such powers, claiming that they would
prove useful in the fight against terrorism.
Currently net service providers and telecommunications firms only keep logs
of customer activity while they generate bills. Under the new laws, the
firms could be asked to keep information indefinitely.
Civil liberty groups fear that police forces will be tempted to use the
collected information as a database they can trawl through for suspicious
activity - rather than acting on a case-by-case basis as they do now.
In the UK, civil liberty groups have warned that the controversial
Regulation of Investigatory Powers Act already gives law enforcement
agencies sweeping powers to snoop on net users.
The author of the bill, Italian independent Marco Cappato, criticised the
inclusion of the data retention amendment.
"This amounts to a large amount of restriction on privacy and increases the
powers of the state," said Mr Cappato.
Other MEPs were more scathing.
"With today's vote the European Parliament supports the project of a
surveillance union," said Ilka Schroeder, MEP and shadow rapporteur of the
United European Left Group.
She said not even the secret police of the former East Germany had enjoyed
the power to snoop that this directive gave to law enforcement agencies.
Spam stopped
The wide-ranging directive also contains new rules on the sending of
unsolicited commercial e-mail and the use of net-based data files or
"cookies".
Now firms will only be able to send out e-mail adverts if people agree in
advance that they want to receive them. The directive effectively bans the
use of sending of unsolicited e-mail or spam.
Early drafts of the directive worried net advertisers because they
threatened to impose the same conditions on the use of internet cookies.
Many websites use these small data files to identify repeat visitors,
maintain records of what someone wants to buy while they are at the site
and to tailor what visitors see.
Angela Mills-Wade, spokeswoman for the Interactive Advertising Bureau,
welcomed the decision by the parliament on cookies.
"They realised it was disproportionate to impose such stiff requirements
and it was much better to have something more practical," she said.
*******************
BBC
Taxman halts online filing
The Inland Revenue has suspended its online tax filing system after a
possible security lapse.
The Self Assessment Online service was suspended on Monday after users
reported seeing snippets of information about other taxpayers, an Inland
Revenue spokeswoman said.
The online service will remain out of use until technical staff have
completed an investigation.
Self Assessment Online was used by about 75,000 people to file their tax
returns last year.
Liberal Democrat Treasury spokesman Matthew Taylor condemned the breakdown.
"Yet again the Inland Revenue's online tax return system has failed to work
- and this time it is breaking taxpayer's confidentiality in the process.
"The huge investment the Inland Revenue have made in this system has been a
failure from start to finish and they need to look at how it is they spent
so much on such an inadequate system."
Privacy fears
"The security of our customers' data is of paramount importance to us," the
Inland Revenue spokeswoman said.
"A very small number of people told us that they had seen data relating to
other people. When we learnt that we decided to temporarily withdraw the
Self Assessment Online service and we are now working around the clock to
get to the bottom of the problem." she said.
The security breach could set back government attempts to persuade more
people to file tax returns online.
Earlier this month, it emerged that the government was considering imposing
fines on companies and individuals who fail to file tax returns online by
2010.
Concerns over privacy and security are a major obstacle to wider use of the
internet for shopping and administrative tasks such as filing tax returns.
Two years ago, several online banks were forced to suspend operations
temporarily after it emerged that online users were able to access the bank
details of other customers.
******************
New York Times
Online Banking Finally Takes Off
By ANDREW ROSS SORKIN
J. ALEX SLOAN could not care less whether his bank has an office nearby. It
does a Wells Fargo branch within blocks of his San Francisco
apartment but the only reason he has his account there is that he likes
the way the bank's online system works with his Quicken software.
"I don't know the last time I was in a branch," he said. "I have no need to
go there."
Mr. Sloan, a 33-year-old venture-capital investor, represents one of some
17.8 million American households that do at least some of their banking
online, according to IDC, a market research company. Put another way,
one-third of homes with Internet access are using that access to bank.
"I don't want to overstate the case, but it's changed my life," Mr. Sloan
said. "I have so much more control over my finances. I can see what's going
on with my account almost in real time. My dad has to wait until the end of
the month to figure it out."
To judge from the numbers, Mr. Sloan's father may soon be coming around.
More than half of all banks offer online banking today, up from 12 percent
only two years ago, according to IDC. J. P. Morgan Chase said that the
number of customers using its online banking system had doubled since last
year, though it would not provide specific figures.
"This growth is not simply due to an increase in online households, but is
truly an increase in the popularity of online banking among Internet
users," said Aaron McPherson, research manager at IDC.
The striking increase has come as traditional banks and a new crop of
Internet-based banks along with credit unions, brokerage firms and other
institutions have finally created reliable, easy-to-use online systems.
For most of the 1980's and 90's, online banking was limited to early
technology adopters willing to put up with arcane software, proprietary
networks, system glitches and security concerns.
Now traditional banks, big and small, are devoting the kind of attention to
building and maintaining sophisticated online banking systems that they
previously lavished on branch services.
"Customers are finding online banking one of the top picks for why they
choose banks," said Yawar Shah, an executive vice president of J. P. Morgan
Chase.
But for consumers, there may be as many caveats as there are advantages to
digital banking.
For the banks, getting customers online is important to the bottom line. It
has diminished the importance of proximity: local banks can be national
banks, too, drawing from an exponentially larger pool of potential
customers. And as with automated teller machines, the cost of serving a
customer is significantly lower than with human tellers at least in the
long run.
But along with reducing their expenses, such institutions have turned
online banking into a way extra money can be made. Depending on the
customer's minimum balance, some banks charge additional monthly fees for
their online services, including the ability to pay bills online or to use
software like Quicken from Intuit or Microsoft Money with the bank's accounts.
For customers, the benefits of online banking are fairly clear. With
automatic bill paying, there is no need to remember to pay the monthly
utility bill and no stamps to lick; the system will ensure that the bill is
paid on the appointed date. Users can get an instant look at a balance and
a detailed summary of all recent transactions.
Of course, banking hours no longer apply online: moving money from a
savings account to a checking account or even into the stock market can be
accomplished from your living room at 3 a.m. Depending on the software,
users can also often get detailed spending reports, down to how much money
they spent at the dry cleaner every month.
The pitfalls tend to be less obvious but easily become noticeable if the
user fails to keep as careful an eye on the accounts as the computer does.
For one, electronic checks are typically treated as paid the moment the
user sends them, regardless of whether they are cashed or deposited by the
intended recipient days or months later. The float the amount of money the
customer could be collecting in interest while the traditional check
remains uncashed vanishes online.
More important, if regular monthly bills are set to be paid automatically,
the customer has to maintain a balance big enough to avoid bouncing a
digital check. Some banks will send out a payment whether the account
holder has the money to cover it or not, forcing the use of overdraft
protection at a cost. (And online banking is not altogether high-tech:
banks often make bill payments for the customer by putting an old-fashioned
check in the mail because the recipient cannot accept an electronic transfer.)
In addition, some banking experts express concern that people who use
online banking services rarely balance or reconcile their accounts and
therefore pay less attention to the details of their finances and could
possibly miss errors posted to their account.
Still, many of those who bank online say they are more conscious of their
finances than if they had simply received a monthly statement by mail. (And
yes, most online banking customers still receive a printed statement.)
"If there is an error, I know it immediately," Mr. Sloan said. "That's the
benefit."
Mr. Sloan is a genuine power user of online banking. "I try to use very
little cash and just use my debit card," so that every transaction can be
reflected immediately in the online statement, he said. "When I download my
transactions, I can see exactly what I bought. I like to be able to look at
my spending and run reports."
Some banks have also begun offering online services that display all the
user's accounts in one place, allowing a customer to see balances for
multiple services, to make payments and to chart spending even for
telephone bills and credit card accounts not provided by the bank. Such
Internet-based tools do what software packages like Quicken and Microsoft
Money have been doing for years, but remain more limited in their functions.
Customers particularly concerned with security issues may want to avoid
using these so-called aggregation tools, experts warn, because they depend
on stored passwords to gain access to multiple accounts from multiple
sources. Security issues, or at least perceptions of security issues, are
still a stumbling block for banks seeking to get users online.
"You hear all these stories about hackers breaking into accounts," said
Shana McCormack, a Harvard medical student who banks at Fleet. "I now do
some of my banking online like looking at my balance and occasionally
paying bills but I do worry about it."
Some online-only banks have also sprung up for example, E*Trade, which
began as an online brokerage firm but recently expanded its offerings to
function more as a traditional bank. For people with little interest in
ever talking face to face with a teller, these online-only banks tend to be
cheaper monthly fees are lower and minimum required balances tend to be
lower but in some cases prove to be quite expensive. Without a branch
network to use, customers of such banks often have to pay hefty A.T.M. fees
and are typically obliged to deposit money into their accounts by sending
it through the mail.
These Internet-based banks sometimes offer a certain number of free A.T.M.
transactions each month to take away some of the sting, and some have even
begun setting up their own A.T.M. networks to accept cash deposits. (Many
accept only checks or money orders, deposited by mail.) But most analysts
contend that the customers suited to online-only banking are those who
receive money by direct deposit and rarely write checks. And now that
traditional banks are offering online banking, online-only banks are being
squeezed, with some going out of business or being absorbed by rivals.
For those who have gotten out of the habit of using a checkbook and
balancing it with pen and pocket calculator, banking may be more carefree,
but it is not without its rude awakenings.
"I should probably know better, but every time I go to the A.T.M. machine
at the beginning of the month and read my balance on the slip, it surprises
me," said Josh Wolfe, a nanotechnology expert and co-founder of Lux
Capital, a New York venture capital firm, who does most of his banking
online with Citibank. "If I don't write the check myself, I don't always
remember it's gone out anyway."
******************
Government Computer News
Haycock is named to connect e-gov projects
By Jason Miller
The Office of Management and Budget earlier this month created a chief
architect position to manage its 24 e-government projects and work on the
overall federal IT framework.
Norman Lorentz, OMB's chief technology officer, said Bob Haycock earlier
this month assumed these responsibilities when he took over for Debra
Stouffer on a 90-day detail. Stouffer is now the Environmental Protection
Agency's chief technology officer.
"Bob will connect the dots as the solution architects for the e-government
projects decide on which applications are going to be used," he said at
last week's Secure E-Business conference. "The solution architects will
make the component architecture real."
The solution architects' two basic tasks are to plan what technologies will
be used and how they will interconnect, Lorentz said.
Haycock, who was the deputy CIO for the Denver office of the Interior
Department's Bureau of Reclamation and worked on the Quicksilver process,
will head the solution architect working group and direct the enterprise
architecture process, Lorentz said.
****************
USA Today
Linux getting widespread support from government
NEW YORK (AP) Linux, the open-source operating system with an outsider
mystique, is now proliferating on powerful government computer systems in
the United States and abroad with technology giants increasingly providing
support.
At a Tokyo trade show on Friday, IBM was announcing the sale of more than
75 Linux-based computer systems to U.S. agencies including the Air Force,
the Defense, Agriculture and Energy departments and the Federal Aviation
Administration.
Overseas, Linux systems help keep order in Germany's parliament as well as
China's post office, France's culture, defense and education ministries and
other federal agencies in Europe and Asia.
"It's an interesting trend and we're seeing a lot of organizations who are
very interested in open source software in general and Linux in
particular," said Dan Kusnetzky of the technology research firm IDC.
Unlike most commercial software, the underlying code in open source
software is free and benefits from continual scrutiny and improvements made
by a community of programmers.
Proponents say that makes Linux more stable and secure than, say, Microsoft
products a claim Microsoft and others dispute.
Hewlett-Packard recently sold its second Linux system to the U.S.
Department of Energy a $24.5 million computer fingered as the world's most
powerful Linux configuration. The Energy Department will use the machine
for biological and environmental research.
And Red Hat, which sells a popular version of Linux software and tools,
says the European Commission is running its software, along with federal
ministries in France and Germany.
Now that adoption of Linux is being pushed by the likes of IBM and H-P, the
once-renegade operating system has gained a gleam of respectability, said
James Lewis, a technology analyst at the Center for Strategic and
International Studies who helped formulate Clinton administration
encryption policy.
Until recently, Linux filtered into U.S. government computers through
system administrators who simply installed it because it is cheap. But
increasingly, experts say, agencies are willing to pay for high-performance
hardware tailored to Linux.
Linux has made little headway in the desktop operating system market
dominated by Microsoft because of incompatibilities with popular Microsoft
applications that people use every day.
However, Linux is now the world's No. 2 server operating system, with about
27% of the market behind Microsoft's various Windows systems, which run
more than 40% of servers and most desktop computers, according to the
technology research firm IDC.
It is most appropriate for certain math-intensive supercomputing
applications as well as Internet servers and closed networks that tie
together many branch locations such as those of a bank, Kusnetzky said.
The software appears to be winning friends among military and intelligence
agencies.
A study completed for the Pentagon by the Mitre Corp. last week identified
249 U.S. government uses of open-source computer systems and tools, with
Linux running on several Air Force computers, along with systems run by the
Marine Corps, the Naval Research Laboratory and others.
The report recommended further use of open-source computing systems, on the
grounds that they were less vulnerable to cyberattacks and far cheaper.
Microsoft has lobbied the Pentagon against certain versions of open source
software, claiming that government research into open source software is
subsidizing its competitors.
"We have had discussions voicing our concerns," said Microsoft spokesman
Jon Murchinson.
At the U.S. Air Force SEEK EAGLE office at Eglin Air Force Base in
Florida the office charged with certifying that bombs and missiles can be
safely carried and released by U.S. aircraft researchers are using a
high-performance IBM Linux system to model weapons' trajectories.
The Air Force unit bought a 64-processor IBM Linux computing cluster, along
with three years of tech support, for $130,000 far less than the $750,000
Silicon Graphics system it replaced, said Steven Standley, an aerospace
engineer working on the project.
IBM said military and intelligence agencies in the United States, Canada,
Germany, France, England, Spain, China and Singapore have purchased its
Linux systems.
And the U.S. National Security Agency offers its own Security-Enhanced
Linux software for free download from its Web site.
With so many software developers tinkering with Linux's open code, new
versions of the software show continual improvements, said Steve Solazzo,
IBM's general manager for Linux.
"Linux is maturing very quickly, adding feature and function incredibly
fast," Solazzo said.
******************
MSNBC
ID theft rampant; options limited
Ford, Bank One, California incidents reveal larger problem
By Bob Sullivan
MSNBC
May 29 The State of California leaks the direct deposit records of 260,000
employees. A Bank One employee sells hundreds of customer records to a ring
of identity thieves. Criminals gain access to Ford Motor company's credit
reference firm and order 13,000 credit reports. An insurance company whose
name still has not been disclosed gives information on patient illnesses
to a marketing firm. It's been a bad month for personal privacy, a good one
for identity thieves. And it has experts asking: Will all of us eventually
be victims?
CAREFULLY GUARD YOUR social security number, the experts say. Don't
enter it in Web pages; don't give it out to companies and watch your bank
statements like a hawk. It's all good advice. But for hundreds of thousands
of victims who had their personal financial data stolen recently, it
wouldn't have helped. Even people who did everything by the book have seen
their data exposed. Now it's just a waiting game. Wait and see if their
bank accounts are drained, if car loans are taken out in their names, if
their homes are mortgaged and equity stolen right from under their roofs.
About 750,000 people had their identities copied last year and
suffered the consequences, said Rob Douglas, CEO of American Privacy
Consultants Inc. The massive California case and other high-profile
incidents suggest that number could be much higher in 2002. The crime is so
easy and risk-free that even drug dealers are turning to ID theft as a
safer way to make money, Douglas said.
What's can a concerned potential victim do? The truth is, not much.
"The problem is a little bit in the intractable category," said
Larry Ponemon, CEO of the Privacy Council. "For the most part, we rely on
the good intentions of companies (that have customers' personal data). But
the empirical evidence says you cannot rely on that any more. Bad things
will happen. ... Sooner or later it's going happen. I don't know if there's
really much we can do."
NOT ONLY FORD CUSTOMERS
The recent spate of high-profile data thefts suggests just that. In
Ford's case, there was no way potential victims could have protected
themselves they didn't even have to be Ford customers.
Thieves were able to impersonate the company and order thousands of
credit checks through Experian, one of the big three credit reporting
companies. Experian thought Ford was requesting the data, and forked over
13,000 reports between April 2001 and February of this year before someone
noticed the suspicious activity. Most victims weren't customers of Ford
Credit; the identity thieves simply used Ford's name to get credit reports
on victims living in affluent neighborhoods, according to the Detroit News,
which first reported the theft. Ford sent letters to all the victims
starting last month.
There have already been victims connected to the Ford data leak.
The CUNA Mutual Group sent a memo to its member credit unions on Wednesday
warning about financial fraud connected to the incident.
"At least one credit union has suffered losses from member account
identity takeover because the member's credit report was one of the stolen
credit reports," the memo said.
265,000 EMPLOYEES WARNED
California state employees victimized recently couldn't have done
much, either. Corporations and government agencies push hard to convince
employees to receive their paychecks through direct deposit. It's cheaper
for banks and companies, and often more convenient for employees. But that
convenience meant all that personal financial information was kept in one
place, and now, it's likely in the hands of financial thieves.
"My only consolation regarding the whole payroll screwup is that it
affects everyone from the board members on down," wrote one victim to
MSNBC.com. "For 20 years I've never had a single late payment on anything
but now my credit history could be toast due to some lowly paid state worker."
Both the Ford incident and the California problem stem from a
computer mishap.
CORPORATE COVER-UP
Bank One's leak was much more old-fashioned, but equally as
difficult for consumers to stop. In that incident, a 21-year-old former
female employee of the firm's Pewaukee, Wis., office sold hundreds of
financial records to an identity theft ring. Tom Kelly, a Bank One
spokesperson, said the firm only found 250 stolen records during an
investigation. But WISN 12 News, which first reported the incident,
suggested thousands more records were sold.
The incident also highlights what privacy experts say as the biggest
problem surrounding identity theft incidents corporate secrecy. Bank One
never told its customers about the problem. Disclosure only came eight
months after the theft when a victim received a call from the Secret
Service, discovered someone had purchased a Jaguar in his name, and
contacted WISN.
"We were a little tardy in telling customers," Kelly admits. "We
should have told them sooner."
In fact, it's common that consumer victims aren't told about a
break-in, as companies try to avoid the potential embarrassment and cross
their fingers that no crimes will actually be committed with the stolen
data. Bank One played that kind of Russian roulette with its customer data
and lost. But Bank One is hardly alone.
"Most of these still go unreported and are swept under the carpet,"
Ponemon said. "God forbid, you lose confidence in your bank or insurance
company."
HEALTH CARE DATA SOLD
Ponemon said he is currently engaged in a difficult conversation
with a client, trying to convince it to come clean with a data leakage. The
client is a small insurance company that gave customer information to "an
organization developing a marketing database to people who have certain
illnesses," Ponemon said. An employee who didn't understand the insurance
firm's privacy policies gave away thousands of records, he said. So far,
the company is following legal advice not to disclose the leak.
"They think we'll open up a Pandora's box to litigation," Ponemon
said. He's still trying to convince the firm to come clean. "Those
conversations are very difficult."
PARTIAL DISCLOSURE NOT ENOUGH
And sometimes, even the disclosures victims do receive are hardly
complete. Douglas, from American Privacy Consultants, thinks California's
warning to state employees was too vague.
A letter sent to employees says someone may have accessed a data
center containing payroll information, but adds that "there is no
indication the information contained in the database was targeted or will
be used for any unlawful purposes."
That leaves employees wondering what really happened, what was
really taken, and what to do. Should they close all their bank accounts, or
just sit and wait for the bad news? What are the odds that a theft will occur?
"I think the California government has a responsibly to be more
forthcoming about what happened, what have they determined from the logs
... so employees can make an educated decision on what do to," Douglas
said. "Just making public statements released late on a Friday afternoon
doesn't cut it."
State officials say the data breech occurred on April 5, and was
discovered during security checks on May 7. Computer logs and intrusion
detection software can often indicate what files were taken from a computer
and how long an intruder had access, but state officials and investigators
haven't revealed how much they know about the intruder in the case.
One state employee who contacted MSNBC.com said she was frustrated
by the advice she'd heard so far from state officials. She still hadn't
received official notice, but was told she'd receive a letter with the
paycheck on Thursday.
"Personally, the time lapse and lack of notification is very
disturbing," she wrote. "I've been following the recommendations, but until
there's something tangible, it seems pointless. Our bank put an alert on
our account, they suggested we close the account and open a new one. Groan."
LEGAL RECOURSE?
Douglas said the state should go even further than full
disclosure its should fix the problem it created with sloppy security
practices. He said he "yelled out loud" when he read that employees are
being left to fend for themselves, told to order credit reports at their
own expense.
"Doesn't the state have some obligation to do something for these
people?" he said. "Their data is compromised .. and then they tell
employees 'Here's all the things you should do to protect yourself.' Why
don't they contact the credit agencies themselves? The state isn't doing
diddlysquat other than to go protect themselves."
Helpless consumers can only hope that ultimately companies and
state agencies face some legal obligations when a data breech occurs, said
privacy consultant Richard Smith, who operates ComputerBytesMan.com.
Mistakes do happen, but in the world of computer security "very small
mistakes can have really bad results," he said.
"This gets back to getting a liability system in place," Smith
said. "Now the state of California has some bad press. But if actually
turns into identity theft, shouldn't the state have liability?"
Customers who find their credit reports marred by car loans or
other illegal financial activity should have recourse against companies
that failed to disclose a data breach, he said. "Like Bank One. The fact
that they knew and didn't tell customers, that's inexcusable. There ought
to be the threat of liability hanging over it."
*****************
MSNBC
Notorious hacker hits TheNerds.net
'Zilterio' strikes for the fourth time in 8 months
By Bob Sullivan
MSNBC
May 29 A notorious online extortionist using the name "Zilterio" has
struck again. This time, some customers of TheNerds.Net, an electronics
retailer, received e-mails from Zilterio@xxxxxxxxx, indicating their credit
card data had been stolen from the site. This is the fourth Web site in 8
months attacked by someone claiming to be Zilterio in the past, the
extortionist demanded $50,000 in exchange for silence.
"I HATE TO INFORM YOU that your account has been hacked on
THENERDS.NET. This site has a very weak security protection system and the
database with credit cards and other personal information is not protected
at all," said the e-mail. Recipients then saw their name, address, and
credit card number pasted into the note proof that the hacker had stolen
data from the site.
But not every one of TheNerds.Net's 150,000 customers received the
note, according to site principal Jeremy Schneiderman. So far, the firm has
received "a couple of hundred" complaints, giving Schneiderman hope that
the computer intruder didn't steal all his customer data.
Zilterio, who may be acting alone or writing on behalf of a larger
crime ring, sent the e-mail early Wednesday morning. The company had no
warning, and responded with a note of apology to its customers a few hours
later.
That's a slightly different M.O. for Zilterio. In the past, he has
made extortion demands before sending out mass e-mails. But Schneiderman
expects the demand is still coming.
"My guess is he was sending out a couple of e-mails saying, 'Here's
what I can do to you, now pay up,' " Schneiderman said.
Last August, someone using the Zilterio name broke into computers
at WebCertificates.com. He spent three months trying to extort parent
company eCount, threatening to release the data if a $45,000 payment wasn't
made. He finally followed through on the threat in October. The damage was
limited, however, because Zilterio mistook gift certificate serial numbers
for credit numbers; the data that was stolen wasn't very valuable.
In March, Zilterio tried to extort $50,000 from California Internet
service provider linkLINE Communications, Inc. The money was to be
deposited into a bank account "that was subsequently traced through Russia
to Yemen," according to the firm. Some 15,000 customers were notified that
their data might have been stolen.
Then last month, someone claiming to be Zilterio sent e-mails to
journalists claiming he had broken into brokerage firm Fahnestock & Co.'s
Web site and stolen the personal data of more than 25,000 people. But that
e-mail contained no evidence of a break in.
Thursday's e-mail was different it included customer credit card
numbers, meaning the criminal has obtained at least some of the valuable
customer data that eluded him in the WebCertificates case.
Jason Zandri was one of the unlucky customers who received the
note, then five hours later, TheNerds.Net's apology. He was disappointed in
the apology, because he felt the company was vague about what data was
actually taken. The company letter says "While there is no indication that
any customer information has been compromised, we have taken precautionary
steps...."
"It makes me mad because the average Joe might think information
never leaked when that is totally not true," Zandri said. "I think they are
lulling their customers into a false sense of security."
Schneiderman said Zilterio entered his firm's SQL database,
possibly though an account that had the default "sa" as the username. The
password on the account had been changed, he said SQL databases come by
default with a blank password.
He said the customer data is broken into segments, so he thinks
it's possible the intruder was only able to steal a portion of the
database. Still, the company alerted Visa, Mastercard, and American
Express, and told customers to check with their credit card companies and
watch for fraud.
The firm is working with the Secret Service and the FBI, and will
refuse any extortion demand, he said.
************************
MSNBC
Avoiding a busy signal in space
May 29 Calling long distance is tough when the telephone lines are busy.
For most of us, that simply means waiting a few hours and calling again,
but for NASA's deep space missions, constant and reliable communication is
vital.
HOWEVER, AN ever-growing cadre of interplanetary spacecraft aimed
at the planets and other bodies in our solar system have swamped the space
agency's Deep Space Network. The network is a collection of antennae aimed
at space and managed by the Jet Propulsion Laboratory.
The network is NASA's chief phone line to spacecraft like Cassini,
on its way to study Saturn, and Stardust, flying toward the comet Wild-2.
It is also overworked, with antennae time for existing missions in short
supply.
"We call it the traffic jam," said Bill Blume, mission design
manager of Deep Impact, the second comet-bound craft slated for launch in
January 2004 during the midst of the communication crunch. "We're going to
have to share antennae time, to try and find a balance."
Airtime will become tighter in the next few years as host of
missions - from those to Mars, Stardust's Wild-2 rendezvous and other
spacecraft are set to launch or enter critical phases during the end of
2003 and start of 2004. The Red Planet will play host in 2003-04 to a pair
of NASA rovers, the European orbiter Mars Express and its lander Beagle 2,
as well as the Japanese orbiter Nozomi - all in addition to NASA's Mars
Odyssey and Mars Global Surveyor already orbiting the planet. Deep Impact
will launch as one of the rovers arrives at the Red Planet and Stardust
meets Wild-2, Blume told SPACE.com.
Still more missions, Cassini for one, will rely on the Deep Space
Network to talk to ground control, and Jet Propulsion Laboratory scientists
have been preparing for this potential signal gridlock by building a new
radio antenna, working with mission designers on their communication needs
and researching new technologies to streamline the network.
MANAGING THE CRUNCH
The bulk of Jet Propulsion Laboratory's crunch-time preparation is
in the construction of a new 111-foot (34 meter) radio antennae outside of
Madrid, Spain, home to one of three network installation distributed evenly
around the world. Sister sites monitor deep space missions from Goldstone
in the California desert and Canberra, Australia, but it is the Madrid
facility will be key in the next few years because of the flurry of
expected activity around Mars.
"It's going to be tight, and there are going to be a few
compromises," said Rich Miller, manager of Jet Propulsion Laboratory's
Office of Plans and Commitments, part of Jet Propulsion Laboratory's
Interplanetary Network Directorate responsible for the Deep Space Network.
"Some missions are going to have to return a little less data here and
there, but it looks like we're going to make it."
The new antenna will be secondary to Madrid's main 230-foot (70
meter) antenna - the star of each Deep Space Network facility - and give
the installation 70 more hours a week to track spacecraft around Mars while
in range from Spain. The extra time will be a 30% increase in what is
currently available, but is only a small fix.
More antennae are needed, though efforts to fund a new one in
Australia may prove fruitless until 2005 or later, Miller said.
In the meantime, ground controllers should get a break from the
Mars rovers. Mission planners expect to only get half of their data through
the Deep Space Network facilities, storing the other half in the memories
of the already-orbiting Global Surveyor or Odyssey craft to be relayed
later, when the traffic is lighter. Miller said, the same process could
also be used to transmit data from the European Space Agency's Beagle 2
lander when it drops to the Martian surface.
In cases where more than one spacecraft must be tracked,
negotiations between the two project team's will determine how to address
the overlap. For example, during the Deep Impact mission, the project
leaders will have to give up a couple of hours of tracking time to other
missions. Giving up a few hours now and then, however, is pretty easy to
do, Blume said.
"Typically, we're asking for eight hours of tracking time a day,"
Blume told SPACE.com. "But in reality, there's often a little cushion built
into that number."
FUTURE RELAYS
The next decade should bring faster, better ways for researchers to
call on their spacecraft. Jet Propulsion Laboratory scientists are looking
at the possibility of using devices known as laser light buckets,
ground-based telescopes that could listen to future spacecraft. Instead of
using radio waves like Deep Space Network's massive antennae dishes, light
buckets are optical, collecting information carried on light waves.
A test project using laser light buckets is under development at Jet
Propulsion Laboratory's Table Mountain facility in Wrightwood, California.
Laser light buckets could allow faster data rates than the biggest radio
antennae on Earth, Miller said, but it does have its drawbacks.
"The concept looks very promising from a cost standpoint...but it
can't get through clouds at all," he said, adding that to be effective, a
number of ground sites would be needed to account for bad weather. "And it
would all have to be developed from scratch, but it's possible that
sometime in the next decade we could be using optical instead of radio
frequencies."
Antenna advancements, such as more automated processes to allow
more than one space probe to be tracked from a single installation, and
using higher radio frequencies to speed up communications between the
ground and space are also under development.
OLDIE BUT A GOODIE
Jet Propulsion Laboratory began developing the network in the late
1950s to ensure consistent, two-way communication with future deep space
missions without requiring each new flight project to develop its own
tracking system. Since then, it has grown into the largest and most
sensitive telecommunications systems in the world.
The location of each site allows Deep Space Network operators to
maintain continuous radio contact with a spacecraft as the Earth rotates,
and then relay telemetry and vital health information back to its specific
mission control.
To do this, each of the three network facilities has its own huge
radio antenna - a dish spanning 230 feet (70 meters) in diameter. A cluster
of smaller antennae surrounds the main dish to add to each installation's
communication abilities.
"We are concerned that our 70-meter antennae are getting quite
old," Miller said. "Late in the next decade, they'll be 50 years old."
Miller told SPACE.com that the malfunction of a main antenna, or a
spacecraft emergency, is one of the biggest concerns plaguing the Deep
Space Network. Non-network installations, such as radio astronomy antennae
or independent deep space tracking systems built by Japan and the European
Space Agency could help in a pinch. But finding funds to replace or
refurbish the aging main antennae will have to wait until after the
communication crunch time next year.
********************
MSNBC
Next-generation chip meets mark
Intel's Itanium 2 processor performs better than original
SANTA CLARA, Calif., May 29 Intel Corp., the world's largest semiconductor
manufacture, said on Wednesday that its next-generation Itanium 2 processor
aimed at high-end servers and super computers performs as much as 2 times
better than computers using first-generation Itanium chips.
THE CHIPMAKER, BASED in Santa Clara, California, also said that
Itanium, Intel's second 64-bit chip, is on track to be introduced in the
middle of this year. A 64-bit chip crunches data in 64-bit chunks, compared
with 32-bit chunks found in Intel's current Pentium and Xeon processors.
Because the chip can crunch more data in the same amount of time,
it boosts the performance of the processor, which is aimed at
supercomputers and high-end servers used by financial services, insurance
companies and in other industries that maintain and manipulate vast amounts
of data.
The Itanium 2 chip will power systems designed to compete with
high-end systems from Sun Microsystems Inc. and International Business
Machines Corp.
The performance boost comes partly from higher data speeds on the
chip itself and enhancements to the chip's microarchitecture, Intel said.
Mike Fister, who heads Intel's enterprise platforms group, is
expected to detail the performance boost in a speech on Wednesday at the
Intel Developer Forum in Munich, a gathering of engineers who design
software and systems using Intel chips.
Itanium 2 has 3 megabytes of level 3 memory cache on the Itanium
die itself and will run at a frequency of 1 gigahertz, Intel said.
Successive generations of Itanium, code-named Madison and Deerfield are
expected in the middle of 2003 and Montecito is due out in 2004, said
Shannon Poulin, enterprise marketing manager for Itanium at Intel.
"We expect the beat to go on with Madison, Deerfield and
Montecito," Poulin said. "We expect these performance improvements to
really power the Itanium family moving forward."
***********************
Government Executive
Scientists set to unveil anti-terrorism ideas in late June
By Bara Vaida, National Journal's Technology Daily
The National Academy of Sciences, National Academy of Engineering,
Institute of Medicine and National Research Council plan to publish a list
of recommendations on how the Bush administration can best use the nation's
scientific and technical resources to counter terrorist threats.
Lewis Branscombe, co-chairman of the National Academies Committee on
Science and Technology for Countering Terrorism, said the plan currently is
being reviewed and likely will be released June 24 or June 25--shortly
before the administration is expected to produce its broader strategy on
homeland security.
"What we've tried to do is identify technologies that can be deployed
immediately and technologies where research and development should be
focused ... that could take one to three to four years" to be ready for
deployment, Branscombe said at a press briefing hosted by King Publishing
on Wednesday.
Late last fall, the Bush administration sought the science community's
advice on technology to help with homeland defense. The National Academies
responded with the creation of the committee on countering terrorism and
its plans for the study.
John Marburger, director of the White House Office of Science and
Technology Policy (OSTP), said at the press briefing that his office has
worked closely with the National Academies and that "it's no accident" that
the report will be released soon before the homeland security strategy,
which is due to be published mid-summer.
Marburger said the security plan will not specify technologies; it will
focus on process and procedure, and identify decision makers for executing
strategy. OSTP will write a chapter on R&D for fighting terrorism, he said.
In addition, the strategy is likely to include a plan for a technology
clearinghouse modeled after the Technical Support Working Group, which is
an interagency forum for coordinating R&D to combat terrorism.
Various agencies will use the plan in the fiscal 2004 budget process, which
begins in earnest in the fall, Marburger said.
When asked about fears that technology to combat terrorism could diminish
civil liberties, Marburger said President Bush is "committed to not
undermining civil liberties. He is fighting this war to protect our way of
life, not to undermine it ... though some sacrifices are inevitable."
He also noted that law enforcement will have to conduct additional training
to ensure that officers do not use technology in ways that violate civil
liberties.
************************
Government Executive
May 29, 2002
Congressional panel issues information security report
From National Journal's Technology Daily
Congress' Joint Economic Committee on Wednesday issued a compilation of
essays titled "Security in the Information Age" heavily focusing on cyber
security and critical infrastructure protection.
"We must be better aware of our vulnerabilities and develop viable
strategies to detect, deter, and counter both physical and cyber-based
threats to our people and infrastructures," said Chairman James Saxon, R-N.J.
Saxon said the reports grew out of the interest that committee member Sen.
Robert Bennett, R-Utah--who selected the contributors--had shown in the
subject.
"In bringing us an exciting new era of technology, the information age has
also given us a new set of security challenges," Bennett said. "The primary
message of today's report is that we must think differently about national
security in the new networked world."
Contributors to the report include Undersecretary of State Kenneth Juster,
Microsoft security chief Scott Charney and John Tritak, director of the
Critical Infrastructure Assurance Office.
Link to report Security in the Information Age
http://www.house.gov/jec/security.pdf
********************
CNN.net
Web site helps U.S. commanders in Afghanistan
Centralized database allows for easier communication
BAGRAM, Afghanistan (AP) --The war in Afghanistan is going online.
A drab tent under the Afghan sun hides a high-tech war room that soon will
become the nerve center of the campaign: Inside, banks of tables are lined
with soldiers bent over laptops. They look up at computer maps of
Afghanistan projected on large screens illuminating the dim interior.
All are logged onto the Tactical Web Page, a secret, secure Web site being
used in combat for the first time, through which American commanders at
Bagram air base and in the United States can direct the fight in Afghanistan.
The system collects all information and communication in one place.
Commanders confer in chat rooms and pass on orders; messages scroll across
the screen, alerting developments from the field; maps show friendly and
enemy positions.
The tent -- actually a honeycomb of tents linked by narrow passages -- is
the headquarters from which Lt. Gen. Dan K. McNeill will work when he takes
command of Bagram air base, north of Kabul, as soon as Friday.
"The rule here is that you can reach any critical information within two
clicks of the mouse," Maj. Keith Hauk, the knowledge management officer,
said Wednesday.
With wary looks, soldiers at work in the tent closed their laptops as
journalists passed by on a tour of the facility. A copy of the Web site,
stripped of sensitive information, was projected onto one of the main
tent's large screens.
The command staff is confident that the Web site is secure from hackers,
shielded behind intrusion detectors and firewalls on its own local area
network.
"There have been a few instances when unidentified computers have tried to
get in, in which case we throw up additional firewalls," Lt. Col. Bryan
Dyer said.
McNeill takes over the coalition campaign in Afghanistan at a time when the
hunt for al Qaeda and Taliban fighters has grown more complicated. Many
fighters are thought to have fled to Pakistan; those still here are
believed to be operating in small groups. U.S. and other troops have been
scouring eastern Afghanistan near the border for infiltrators.
'A map with a bullet in it is still a map'
"These are great tools," McNeill said, surrounded by the computer wizardry.
"But it serves one purpose, to reduce the complexity" of fighting the war.
"The sharp point of the spear are the soldiers, sailors, airmen and marines
who ... are taking the fight to those who would wage a terrorist war
throughout the world," he said.
McNeill's station in the war room, with his laptop, is in the center of the
first table in front of the projection screens. Behind it are five rows of
tables rising up like a stadium where "watch groups" monitor the action.
Commanders in the field send information up through the Web site, and
orders flow back down to them. Generals at Central Command in Tampa,
Florida -- which runs the U.S. military in the Middle East and Central Asia
-- can also log on.
With all sides logged on, "the boss can point out items on the map with his
subordinate commanders to draw up plans without everyone having to be in
one place," Dyer said.
The maps on the Web site and the tent screens can show vectors tracking all
flights through the region; icons point out U.S. and allies troops, as well
as enemy positions.
The network replaces the old system of paper maps and radio communications
-- though these are on hand in case of breakdown.
"A computer with a bullet in it is just a paperweight," Hauk said. "A map
with a bullet in it is still a map."
********************
CNN.net
U.S. government mulls antiterror technologies
WASHINGTON (Reuters) --The Bush administration is wrestling with how to
spur development of antiterrorism technologies to cope with post-September
11 threats, including new vaccines against potential germ warfare agents,
President George W. Bush's science adviser said on Wednesday.
"All mechanisms are being explored," said John Marburger, director of the
White House Office of Science and Technology Policy. He said he expected a
mix of regulations, government procurements and industry incentives.
Marburger has been working closely with Tom Ridge, head of the White House
Office of Homeland Security set up after the September attacks. Ridge is
expected to release a report in July outlining long-term a homeland
security strategy, including structures and mechanisms for dealing with
chemical, biological and nuclear threats.
The pharmaceutical industry was "a very good example of an industry that
requires something (from the government)" to coax out vaccines against
smallpox and other biological warfare threats, he told reporters at a
session organized by New Technology Week, a trade publication.
"In general, (countering) bioterrorism is difficult to support on the basis
of the commercial market," Marburger said. "And so there's going to have to
be something like a procurement or incentive here."
But industry also must rise to the challenge, said Lewis Branscomb,
co-chair of an antiterrorism technology panel sponsored by the National
Academies. The panel is due to release the first phase of a science and
technology antiterrorism study late next month.
New directions
Venture capitalists taking part in a Washington networking fair said they
were awaiting word from the government to guide their bets on emerging
technologies.
"Does anybody have a clue as to what direction we really want to go with
respect to bioterrorism?" asked Josh Fidler, a partner at Boulder Ventures
Limited, which invests in biotechnology and life sciences initiatives and
has about $250 million under management. "I don't think so. Not yet."
Robert Grady, managing partner of Carlyle Venture Partners, part of the
Carlyle Group, one of the world's biggest private equity firms with $13.6
billion under management, said September 11 had boosted interest in
security-related investments, especially those with a track record of
selling to defense contractors.
But investors can be "extremely, extremely selective" about what they're
funding, he said. "And so only the best companies will bet funded by us and
probably by anyone."
********************
Euromedia.net
European Parliament accepts anti-spam law
30/05/2002 Editor: Tamsin McMahon
European Members of Parliament have accepted a series of amendments to the
contentious anti-spamming law, which the Parliament now says should be
formally adopted within months.
MEPs voted in favour of a single opt-in policy for unsolicited commercial
e-mail and SMS messages across the European Union.
As part of the legislation, which Parliament expects to have in place by
the end of next year, companies will need to get prior permission from
users before sending unsolicited e-mail.
As for cookies - information stored by internet browser software - websites
would need to give users clear, comprehensive information on their purpose
in advance, and allow users to refuse them.
The vote marks a change for Parliament, whose Citizens' Rights Committee
had wanted member states to decide on their own opt-in or opt-out policies.
The legislation stalled after the European Telecoms Council of Ministers
voted for a harmonised opt-in policy and the two sides were expected to
head to a lengthy conciliation process to resolve the dispute.
The proposed law also governs access to fixed-line and mobile phone
numbers, personal e-mail and physical addresses. But the directive doesn't
have any legally-binding provisions on how member governments can store and
use personal data for criminal investigations.
Parliament backed away its original decision to force national authorities
to delete personal data almost immediately because of pressure from member
states like the UK.
The EU's information technology commissioner, Erkki Liikanen, said the
European Commission approved of compromise law. "We can live with it,"
Reuters reported him as saying.
But Liikanen said the Commission would be quick to launch an investigation
if member states abused their power to hold on to personal information.
********************
CNET
Alberta's high-risk offenders on the web
By JOHN COTTER-- Canadian Press
EDMONTON (CP) -- Alberta began posting photos of high-risk sexual offenders
on the Internet on Wednesday.
While Solicitor General Heather Forsyth said the Web site is a cheap way of
protecting children and other vulnerable people, some police and civil
libertarians questioned the move.
The first four men named on the Internet registry all have records of
sexual offences, including some against children.
"This is a first in Canada," Forsyth said. "We have been frustrated by the
slow movement of the federal government on establishing a national sex
offender registry, so we took the initiative and did our own Web site."
Alberta's registry includes a photo and short biography of each offender,
including a letter from police warning about his criminal background and
naming the community where he lives.
The registry also includes a warning against citizens using the information
to take vigilante action against the offenders.
Ontario started a sex-offender registry in April 2001. It lists almost
5,000 names but does not include photos.
Victims' groups, such as Mad Mothers Against Pedophiles, were quick to
applaud the Alberta government.
"This isn't your average jaywalker getting posted on this Web site," said
spokesman Ron McPhail.
"This is a guy who you and I and everyone here should be afraid of. I don't
want this fellow coming into contact with me or my kids, and so anything
that can happen to stop that is good."
RCMP and the Calgary Police Service have endorsed the Web site.
However, the Edmonton Police Service, which deals with 60 per cent of
Alberta's high-risk offenders, has not.
"There are questions," said Edmonton police spokesman Wes Bellmore. "Is it
effective? Are people going to have access to it?"
One Edmonton officer who works with sex offenders was more pointed in his
criticism. He is afraid the Internet site could actually put Albertans more
at risk.
"It is bad public policy," said the officer, who declined to be named.
"This could drive these guys underground. This is totally contrary to what
I am trying to do here."
He is also worried that family members of the offenders could be victimized
and that offenders will launch costly appeals against having their names
posted.
Forsyth said she is disappointed Edmonton will not take part in the $10,000
program. She shrugged off concerns about the site.
"We are going to continue to push ahead," she said. "All other police have
been supportive."
She acknowledged that four other offenders whose pictures are slated to be
posted on the Web site have launched appeals against the decision.
Federal Solicitor General Lawrence MacAulay could not be immediately be
reached for comment.
However, department spokesman Dan Brien pointed out that Forsyth just
agreed in Februrary to work with Ottawa and other provinces to establish a
national registry for sex offenders.
MacAulay said in Februrary the registry will be a database category within
the existing Canadian Police Information Centre, or CPIC.
The centre administers a database that gives tactical information on crimes
and criminals. Only police and a few select others have access to it.
Brien said the federal government is working to have the database in place
by November.
Alberta's high-risk offender Web site can be reached through the crime
prevention section of the solicitor general's site at
http:///www.gov.ab.ca/just/.
*******************
Sydney Morning Herald
Software 'has more chance of catching smiling robbers'
London
May 30 2002
Robbers caught on camera would be well advised to wipe the smirk off their
faces as they grab the cash, according to research reported yesterday.
A study has shown that face-recognition systems are much better at matching
mugshots of smiling suspects than those with dead-pan expressions.
Experts have found that the bigger identification databases become, the
more difficult it is for computers to pick out a face in the crowd.
But researchers found smiling faces can help the software tell people apart.
Even people who look very similar reveal different features when they smile
and uncover more details of their bone and muscle structure.
Yaser Yacoob, who studies computer vision at the University of Maryland in
College Park, US, tested the idea using a technique called Principal
Component Analysis which is widely used for face recognition.
The system reduces an image to its most important features and stores these
as a digital facial "signature".
Yacoob and colleague Larry Davis compared the signatures of 60 smiling
faces with those of the same faces wearing neutral expressions.
The program found a much greater degree of variation in the smiling faces,
New Scientist magazine reported.
That meant there should be fewer similar signatures and fewer false
positives when searching a large database.
"Yacoob thinks smiling faces shouldn't be too hard to pick out because
people often smile without thinking about it," the magazine said.
"The study also revealed that angry, grimacing faces are even more
distinctive than smiling ones, but grimaces tend not to occur as naturally
as smiles."
This story was found at:
http://www.smh.com.au/articles/2002/05/30/1022569804486.html
******************
Sydney Morning Herald
Scientists develop software to identify handwriting
Washington
May 29 2002
Handwriting is unique to each individual and could be used to identify a
person with certainty, according to US researchers, who have developed
software that could soon be used by the US justice system.
A study by the scientists from the University of Buffalo will be published
in the Journal of Forensic Sciences in July.
The study was cited last month by a federal court in Pennsylvania that
allowed expert testimony based on the scientists' findings to be presented.
The software is capable of determining with 96 per cent certainty if two
documents have been written by the same person or different people, the
researchers said.
It was developed on the basis of an analysis that identified features from
each of the 1,500 handwriting samples collected by the research team.
The software is capable of distinguishing 11 specific elements of
handwriting and 512 characteristics of individual letters.
"We set out to answer on a scientific basis the question: 'Is the
handwriting of different individuals truly distinct?'
"The answer is 'Yes'," said Sargur Srihari, director of the Centre of
Excellence in Document Analysis and Recognition at the University of Buffalo.
****************
Sydney Times Herald
Software's harder edge
By Colin Kruger
May 28 2002
Next
Despite slowing IT spending by the corporate sector, a major transition is
set to take place as companies upgrade their software infrastructure to
better meet business goals and provide a platform for a new generation of
business applications, says Pricewaterhouse Coopers in its the latest
instalment of its annual technology forecast.
Both the shortcomings of existing software infrastructure and the business
demand for new application functionality are identified as the major
influences on how software technology is set to change.
The report says the market is in transition from software architecture
based on the use of middleware to connect packaged applications suites, to
one in which applications are divided into smaller units of functionality
known as components.
Component-based software architectures will help cut implementation costs
while setting the stage for highly touted applications like Web services,
peer-to-peer computing and intelligent agents, according to the consulting
firm.
The conservative climate for IT spending isn't expected to have a major
effect on the adoption of this new software infrastructure.
"In this environment, there has to be a focus on how you can get
significant returns and therefore there's going to be substantial changes
to infrastructure," says Martyn Mitchell, Pricewaterhouse-Coopers head of
technology and information communications for Asia Pacific.
"It's got to be driven by an urgent business issue, or seeking to obtain
competitive advantage."
An example he gave was of companies looking to improve their customer
services. He cited as one example the Securities Institute of Australia's
push to link its accounting and customer-relationship management system via
a customer portal.
"(It) has led to tremendously improved functionality for their customers,"
Mitchell says.
The report describes this kind of application integration as the greatest
technical challenge facing large organisations, and a component-based
infrastructure will make this integration more efficient.
"I think it's going to go back to how much it's going to cost them, and the
sorts of returns that they are going to get from their technology spend,"
Mitchell says.
The major caveat is the significant risk of getting it wrong. And this will
require the attention of executive management to avoid the pain of cost
blowouts and project failures.
"Managements have got to clearly define objectives, costs and a time to
implement, and then establish an independent review structure to ensure
those goals are achieved," Mitchell says.
The report includes other key findings like the strong adoption of
open-source software and collaboration, while describing Web services and
peer-to-peer computing face more of a mixed outlook over the next two years.
The report, Technology Forecast: 2002-2004, Volume 1, is the first of two
volumes that will be released by PricewaterhouseCoopers this year.
The report has been split up for the first time in response to its
increased coverage of the technology market.
The first volume, Navigating the Future of Software covers the categories
of packaged applications for the enterprise, as well as the software
infrastructure upon which the enterprise applications operate.
The second volume is due for release in October, with a focus on IT
infrastructure areas like processors and platforms, communications and
enterprise management.
******************
Wired News
From Junkie to, Well, Junkman
By Leander Kahney
2:00 a.m. May 28, 2002 PDT
OAKLAND, California -- James Burgett is a big, burly biker and an ex-heroin
junkie who is building a trash empire from recycled computers.
He has hooked together a cluster of junk machines into what may soon
qualify as one of the world's fastest supercomputers.
And he's a leading low-tech philanthropist, giving away thousands of
refurbished computers to disadvantaged people all over the world, from
human rights organizations in Guatemala to the hard-up Russian space program.
Burgett runs the Alameda County Computer Resource Center, which he has
built from a spare bedroom operation into one of the largest non-profit
computer recycling centers in the United States.
The business of building new computers may be in a downturn, but the
business of getting rid of old ones is booming. There are more computers
heading for landfill than are being sold, according to the California
Materials Exchange.
Burgett, who weighs 350 pounds, dresses in black and his arms are covered
in tattoos. His giant operation is housed in an old ice cream plant in an
impoverished neighborhood in east Oakland, California, where a recent gang
war resulted in 14 murders in just one month.
Sandwiched between nail parlors and taco trucks, his 38,000-square-foot
warehouse is the size of a football field. It is filled with wooden
palettes stacked high with obsolete computers, monitors and other detritus.
The plant processes 200 tons of equipment a month, most of it from big
companies like Wells Fargo or Visa.
"This is just one month's flow," said Burgett, sweeping a beefy arm across
an endless sea of junk. "Impressive, isn't it?"
Almost all of it is recycled or reused. Burgett's is a "chip picking"
operation. Machines are stripped of useful parts, and everything else -
glass, metal, plastic -- goes to raw-materials recyclers. Nothing goes to
landfill or Asia.
"The total garbage from this facility is one dumpster's worth of organic
waste and food wrappers," Burgett said. "And that's only because people
have got to eat."
Burgett started small: In 1994 he was a dumpster diver with what he says
was a heroin habit. He filled his low-income apartment with salvaged
computers, using them to build a walkway, a patio and a veranda. When he
ran out of room he gave a dozen rebuilt machines to a local school.
Unknown to him, the donation was written up in the local Sunday paper. The
next morning he got a call from a local company wanting to donate a
truckload of machines.
He rented a storage locker, then two, then three. In the past few years
he's moved 10 times, each time to a bigger plant. "Every time we walk into
a new building we go, 'This is huge,' but then it's full, within a couple
of days sometimes," he said.
Burgett said he was recently offered an airliner and an aircraft carrier,
but didn't have the room to take it. Now he's looking at buying another
warehouse in the neighborhood with a yard four times the size. He's also
hoping to get GSA certification, which will allow him to take government
waste, the single biggest source in the world.
People used to give Burgett computers, but now they have to pay him to take
them away.
Because of recent changes in federal and California law, Burgett has to pay
recyclers to process things like monitors, which are full of poisonous
lead. Burgett charges a disposal fee, but he's not making money from his
growing empire: He pours it back into his nonprofit activities. It's
actually more cost effective to give away a working computer than it is to
trash it.
Burgett has a couple dozen volunteers working for him, refurbishing
computers. Some are underemployed Silicon Valley nerds, but most are
referred by homeless shelters, rehab programs or parole officers for basic
job training.
Burgett used to give away a couple hundred refurbished computers a year.
Last year it was 5,000. This year it will be about 12,000. Burgett claims
to have donated computers to every continent, including Antarctica. They
are everywhere: from schools in Africa to orphanages in Mexico.
Most of Oakland's schools have one or two. Burgett said he used to be the
biggest supplier of computers to Cuba's health system, until Fidel Castro
declared all PCs state property. Burgett stopped sending them.
All the machines are loaded with SuSe's version of the free Linux operating
system. It takes too long to load Linux via the CD drive, so Burgett hooks
each machine onto a network to burn in the operating system.
A network of PCs can be made to operate in parallel, as a cluster. Hook up
enough nodes and you get a virtual supercomputer.
Burgett has connected 300 junk machines to the cluster at one time,
although he is currently running between 50 and 75 nodes. By the summer, he
plans to expand the cluster to about 200 machines, which he hopes will
qualify it for the world's top 500 supercomputers.
"I find it really entertaining to think that one of the most powerful
clusters in the world is in a junkyard in East Oakland," he said. "I'm
hoping to open it up to the Oakland school district. I think inner-city
kids should have their own supercomputer."
The facility also hosts Koox, an Internet radio station, and plans to open
a vintage computer museum.
"James is very, very smart, very tough, can be extremely ornery at times,
but is extremely fair, and extraordinarily generous," said his friend
Sellam Ismail, founder of the Vintage Computer Festival, which stores his
collection of vintage machines for free at the plant.
Ismail estimated that over the years Burgett's efforts have directly
benefited thousands of people and indirectly helped perhaps hundreds of
thousands.
"That's pretty impressive for one guy," Ismail said.
*****************
CNET
Schools to bone up on technology
By Margaret Kane
Public schools in the United States will spend $9.5 billion on information
technology by 2006, up almost 16 percent from this year, according to a new
report.
Computer hardware will account for just over a quarter of district
technology budgets, according to the study from market researcher IDC. And
increasingly, school systems are turning from desktops to notebooks in this
category.
"As the average cost of a portable computer slips below the key threshold
of $1,000, more and more districts will go the mobile route to equip their
students," said analyst Stephen Webber in a statement. Notebook computers
and other portable devices are popular because they allow districts to try
and give each child his or her own device.
"Schools don't want to have specific technology rooms, they'd rather the
technology stays with the student or goes with the student," Webber said.
In many cases, that means networking is key; and PC makers have already
begun targeting that market, releasing systems that come pre-loaded with
the ability to do wireless networking, a popular feature in the education
market.
The education market, once dominated by Apple Computer, has drawn the
attention of other PC makers, including IBM and particularly Dell Computer,
which edged out the long-time leader in education last year.
Hardware isn't the only category that's shifting, Webber said. Educational
materials such as lesson plan supplements that had formerly been issued in
paper format are now being delivered electronically.
That switch accounts for some of the increase in the IT spending figure,
since those products hadn't previously been classified as IT.
Other changes include a shift in software licensing models to a network or
Internet-based model. That way, students can access educational software at
home or in the library, instead of solely through a classroom computer.
*************************
TechReview
The Net Effect by By Simson GarfinkelJune 2002
A U.S. shield against foreign spam and hackers: national security or
censorship?
By the time you read this, I should be filthy rich.
I recently received an e-mail that claimed to be from a high-ranking
Nigerian official who had discovered some funds stolen by Nigeria's former
military government. The bank account holding this money, I read, could be
used only to transfer the funds abroad. All I needed to do was respond with
the name of my bank, my bank account number and some personal information.
In return, "Dr. Ahmed" would wire me 35 percent of the trapped $41 million.
Of course, this junk e-mail was nothing more than an invitation to be
swindled. With my bank information, the good doctor could clean out my
savings, wiring the money through a series of other accounts so that I
would never see it again.
Like me, you probably delete dubious electronic missives like this one
without much thought. But apparently, not everyone is so skeptical. Last
year, the Nigerian banking swindle made number three on the National
Consumers League's top-10 list of Internet scams. The Federal Trade
Commission says that Americans are losing more than $100 million a year to
international con artists. But things could be much worse: most of the
Nigerian scam letters sent through paper mail get stopped and destroyed at
the border by the U.S. Postal Serviceironically, because they are sent with
counterfeit stamps.
But while the government vigilantly patrols our physical borders, it is
doing precious little to control our electronic ones. Consider this:
someone trying to bring fresh fruit from Europe into the United States will
be stopped by an agent of the U.S. Department of Agriculture. But there's
nothing to protect you from the electronic damage wrought by an infected
Microsoft Word file sent to you by some computer hacker in Iraq. Many
scholars and civil libertarians say that this is as it should be: while
controls on physical borders involve the movement of mere people and
things, electronic-border control would regulate information and ideas. Any
attempt to block the importation of ideas would be, by definition, an
exercise of state censorship. And that, many believe, is a no-no.
But an increasing number of the messages that our computers receive each
day from overseas do not carry any ideas at all. These e-mailed files
contain sequences of data designed to make our computers crash, or worse,
to break into our systems so that foreigners can steal secrets and use our
computers as bases for attacking still more machines.
Because of this electronic onslaught, I have followed the lead of many
businesses and installed a firewall that relies on "military-strength"
cryptography. I have electronic locks, alarms and even an automated
intrusion detection system. I will defend myself, no matter whether the
attack is from the college freshman next door or a hostile government
halfway around the world. Organizations that don't implement these kinds of
defenses are considered both negligent and stupid.
As a computer programmer, I have enjoyed the challenge of this constant
attention to security. (I have profited from it too, through the books I've
written on the subject.) But I'm an unusual case. For most businesses,
spending on electronic security is like protection money paid to the
mobnecessary for survival but not particularly productive.
This thirst for supersafe electronic security is without parallel in the
physical world. We don't berate a fabric boutique for not defending its
perimeter with the same vigor and prowess as an aircraft carrier floating
off enemy shores. That's because the aircraft carrier (and the rest of the
U.S. military) is the boutique's first line of defense. The boutique relies
on the government for much of its border control, and as a result, the
security afforded by the store's plate glass window and five-pin locks is
usually more than sufficient.
And that's probably where the world is headed. Just as nations now regulate
their physical frontiers, so too will they regulate their electronic
onesusing computer security rather than objectionable ideas as their
justification. Already, China and many Middle Eastern countries have
installed "national firewalls," blocking access to some U.S. Web sites
because of their content. France and Germany may soon do the same, blocking
access to neo-Nazi content.
At a computer conference I attended last summer, one speaker held up a sign
that showed a block of Internet addresses that were assigned to Asia. The
numbers were surrounded by one of those red circle-and-slash marks. The
speaker had gotten so tired of the constant probes, attacks and junk e-mail
from those addresses that he had simply cut off their access to his
computers. "Asia: just say 'no,'" he said. If this mood spreads, Internet
service providers might begin to offer geography-based blocking as a
value-added service. Or perhaps there will soon be mandatory firewalls
against packets that originate in particular countries. After all, why
shouldn't those e-mails from overseas be virus-scanned?
A big part of the Internet's magic is the liberation from concern over
distance and borders. Last September's terrorist attacks were so
devastating, in part, because a group of attackers from halfway around the
world reached through our national borders and attacked civilian targets.
The same basic thingnot costing lives, but destroying property and wreaking
great economic damagehappens every day on the Internet.
******************
Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 507
1100 Seventeenth Street, NW
Washington, D.C. 20036-4632
202-659-9711