[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips August 13, 2002
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, CSSP <cssp@xxxxxxx>;, glee@xxxxxxxxxxxxx;, John White <white@xxxxxxxxxx>;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, computer_security_day@xxxxxxx;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, akuadc@xxxxxxxxxxx;
- Subject: Clips August 13, 2002
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Tue, 13 Aug 2002 10:54:40 -0400
Clips August 13, 2002
ARTICLES
Some Visitors Face New Checks on Entry
Net carriers' struggles could cost consumers
Tech leaders urge lawmakers to tackle reform slowly
A Site to Despise Untrained Spies
Union questions IT staff cuts at Treasury
Firms target weakest link
A well-tuned Web machine
Security overload
Choosing a security management solution
DOD putting fingerprint sensors to the test
VA secretary orders IT reorganization
Wristwatches are 'LoJack for kids'
Cigarette buyers turn to Net vendors to avoid state taxes
Teenage virus writers' latest tricks flunking out, antivirus experts say
Stakes are higher for hackers in post-Sept. 11 world
Deal Gives Intertainer Access to Films for Net
Poll shows 'digital divide' shrinking, Internet use up
British schools watch for text-message bullying
*********************
Washington Post
Some Visitors Face New Checks on Entry
Associated Press
The Justice Department has chosen Sept. 11 as the starting date for a new
program that will require tens of thousands of foreign visitors to be
fingerprinted and photographed at the border, officials announced yesterday.
The security program, developed by the Immigration and Naturalization
Service, will begin at several unnamed ports of entry and will mostly
affect those from Muslim and Middle Eastern countries. All nationals of
Iran, Iraq, Libya, Sudan and Syria will be subject to the program.
After a 20-day testing period, all remaining ports of entry will implement
the new system on Oct. 1.
Attorney General John D. Ashcroft said the program will correct some of the
problems that led to the Sept. 11 attacks.
"The vulnerabilities of our immigration system became starkly clear on
September 11th," Ashcroft said. "This system will expand substantially
America's scrutiny of those foreign visitors who may present an elevated
national security risk. And it will provide a vital line of defense in the
war against terrorism."
Congress required the Justice Department to develop a stricter entry-exit
system in anti-terrorism legislation signed by President Bush late last year.
**************************
USA Today
Net carriers' struggles could cost consumers
By Michelle Kessler
The financial crisis facing six of the 10 companies that carry most of the
nation's Internet traffic could lead to consolidation, higher prices for
customers and slower innovation in a sector once viewed as among telecom's
brightest.
Backbone carriers built the big trunks that move much of the Internet's
traffic. But too many carriers built too much capacity during the go-go 1990s.
Now struggling: WorldCom, Global Crossing and Metromedia Fiber Network,
which are in Chapter 11 bankruptcy reorganization. Qwest Communications and
Genuity are battling to avoid the same fate.
Level 3 Communications, while boosted recently by a $100 million investment
from Warren Buffett, has $6 billion in debt. In the last quarter, Level 3
had revenue of $386 million.
As companies falter, analysts say, some will sell assets. But the industry
is so depressed that buyers are hard to come by. Big telecoms AT&T, Sprint
and Verizon are among the few with the wherewithal to shop.
Eventually, a handful of players will own the U.S. backbone, says Probe
Research's Allan Tumolillo, among others. AT&T and Sprint could expand
their backbone market share, while companies such as Verizon might jump in.
That would be a big change. Unlike scrappy start-ups such as Global
Crossing and the Internet divisions of WorldCom and Qwest, big phone
companies ''have their brains in the regulatory environment, where things
don't change very quickly,'' says Gartner analyst Lydia Leong. That could mean:
* Less innovation. Big, dominant players ''don't have as much incentive to
drive new technologies'' as start-ups do, says Yankee Group analyst
Courtney Quinn. WorldCom's UUNet Internet division used cutting-edge
technology to gain its top spot.
* Higher prices. Fewer players would likely mean less price competition.
That's good for an industry that has recently seen prices fall 50% a year.
Price cuts have been driven by too much capacity, only a fraction of which
is used, says TeleGeography's Alan Mauldin. But it could mean higher prices
for consumers and businesses if fewer players lead to fewer new and
expanded networks.
* Hassles. Customers of KPNQwest, a major European backbone provider that
collapsed earlier this year, scrambled for new service when KPNQwest shut
down its network in July. Regulators fear the same thing could happen in
the USA.
For now, buyers and sellers are slowly circling. Global Crossing agreed
Friday to sell majority control of the telecom to two Asian investors for
$250 million. Last month, Verizon pulled out of a deal to buy Genuity after
they couldn't come to terms. Level 3 is shopping.
**********************
Mercury News
Tech leaders urge lawmakers to tackle reform slowly
By Mary Anne Ostrom
Go slow. That's the message from valley business leaders to politicians.
At a Monday gathering of Silicon Valley tech executives and Democratic
members of Congress, much of the buzz was about how to emerge from the wave
of business scandals with as little new regulation as possible.
Leading the call was Intel Chairman Andy Grove, who told members of the
pro-business New Democrat Network: ``Please be thoughtful, please take your
time and resist piling legislation upon legislation.''
Grove, a registered Republican, was most adamant about stock option
accounting, which has become a target for reform-minded politicians. ``The
current tendency is to politicize'' the issue, he said. ``It is going to
lead to horrible results.''
Last week, Intel announced it will continue its practice of not counting
options as a business expense, but the chip maker will begin disclosing
more financial details about them.
Although most of the moderate Democrats NDN support the valley firms'
position, several elected officials said companies, in fact, need to do a
better public-relations job of explaining how options benefit workers as
well as top executives.
``We don't want to be the scapegoat. We have to make it very clear to the
public the upside of the stock options,'' Democratic Minority Whip Nancy
Pelosi, D-San Francisco, told about 200 executives and elected officials
gathered at a Hewlett-Packard conference center in Palo Alto.
In a survey of 175 public high-tech companies to be released Wednesday, the
trade association AeA will report that they grant options, on average, to
84 percent of their employees; 60 percent provide them to all employees.
Republican and Democratic leaders in Congress agree the matter of stock
option accounting should be settled by the appointed Financial Accounting
Standards Board. During the last battle over stock options accounting, in
the early 1990s, the FASB sided with high-tech companies.
But anti-corporate sentiment among the voting public is high.
A new poll commissioned by the network found that 74 percent of U.S. voters
believe the recent problems of corporate America stem from a ``lack of
morals and greed.'' Just 18 percent blamed poor legal oversight by
authorities. The dropping stock market was mentioned as the second-highest
concern about the economy, behind access to health care but ahead of fear
of job loss.
NDN co-founder Simon Rosenberg said high-tech companies ``are going to have
to work hard on the issue'' of stock options. ``I think high tech will
prevail,'' he added.
The sixth annual Silicon Valley gathering of the NDN was a far more sober
affair than in years past, when dozens of elected officials took bus tours
of the valley, calling on hot Internet companies such as Netscape, WebTV
and Yahoo, and raised hundreds of thousands of dollars.
Two fundraising events Monday evening were expected to bring in $300,000
for the New Democrat Network arm, which finances campaigns of moderate
congressional Democrats. Last year, fundraising approached $500,000.
For the first time, the NDN included a panel focused solely on national
security issues, which included a speech by former Defense Secretary
William Perry assessing the threat of nuclear and biological warfare attacks.
``This is a different gathering where leaders of traditional companies are
meeting with those who regulate them. It's no longer a tour to see CEO rock
stars,'' said Democratic activist Wade Randlett.
Some valley CEOs put on their sales hats, advocating policies that could
help business. Symantec Chief Executive John Thompson, whose company sells
computer security software, told the group that the government is
underestimating the potential of a cyber-attack.
``More attention needs to be paid to that,'' said Thompson, who proposed
the government run public service announcements warning consumers of the
threat. They would be similar to announcements, for example, that encourage
safe driving and warn about the dangers of smoking.
And Grove put up a slide listing his legislative priorities for Congress.
It was labeled ``How You Can Help.''
**********************
Wired News
A Site to Despise Untrained Spies
By Julia Scheeres
The American Civil Liberties Union has launched a website for people to
protest the Bush administration's citizen informant program, which would
enlist civilians nationwide to report suspicious behavior by their fellow
Americans.
The ACLU charges that the Terrorist Information and Prevention System
(TIPS), which is expected to launch this fall, is a massive invasion of
privacy.
"You've got untrained nonprofessionals coming up with what they believe is
suspicious activity," said Rachel King, legislative counsel for the ACLU.
"We're not against tip lines; we're against relying on untrained civilians
to spy."
The ACLU worries that the system will target certain religious and ethnic
minorities, such as dark-skinned Muslims, and that a database of
"suspicious" people will be assembled without giving those included in it a
chance to prove their innocence.
"Suppose you're looking for a job and you can't get security clearance
because one of these volunteers thought you were a little strange and wrote
down your name; this could impact your life in ways you don't know," King
said.
The ACLU's TIPS Watch allows visitors to shoot off angry missives about the
program to their senators and get background data on other Homeland
Security initiatives. Congress is expected to vote on the legislation when
it re-convenes in September.
Initially, the TIPS scheme called for utility workers, postal carriers and
others who have access to private property to keep an eye out for
suspicious activities along their routes. But after public outcry against
peeping postpeople, the Justice Department announced on Friday that it
would scale back the operation to only include transportation workers, such
as truck drivers and ship workers.
The tipsters would rely on a list of red flags to help them detect
suspicious behavior and would report any funny business over a toll-free
number or a website set by the National White Collar Crime Center, a
department spokeswoman said.
The current TIPS homepage includes a volunteer sign-up form.
*************************
Government Executive
Union questions IT staff cuts at Treasury
By Tanya N. Ballard
tballard@xxxxxxxxxxx
Union officials are meeting with Treasury Department officials Tuesday to
get more information about the agency's plan to cut 75 employees from its
information technology staff over the next few months.
The proposed staff cuts are part of a plan to "align the chief information
officer's organization to the mission and business of Treasury, streamline
the organization and operations, and improve performance," according to
Treasury spokeswoman Tara Bradshaw.
But National Treasury Employees Union President Colleen Kelley said,
Monday, she did not yet know the specifics of the agency's plans.
"I have no details, just anecdotal information from the employees," Kelley
said. "We submitted a request to negotiate over the reorganization and they
apparently responded that they will not be negotiating, but they will be
briefing us. Until we really have all the facts, I still am sure that they
have an obligation to negotiate."
Over the past three years, office consolidations at Treasury have resulted
in the IT staff's growth from about 74 employees to 221 employees, causing
an overlap of effort, Bradshaw said. In March, as a result, Mayi Canales,
Treasury's CIO, began to assess which jobs in the IT division were critical
to meet the agency's mission and what staffing resources were needed to get
those jobs done. A productivity review found several cases of redundant
processes.
"It's sort of like they added all of these people together, but really
didn't take a look at what was needed," Bradshaw said. "They weren't taking
advantage of technology."
In May, consultants from PricewaterhouseCoopers conducted an independent
assessment of Canales' core function analysis and found that several
functions could be eliminated or combined. The CIO's office then
consolidated four work areas, including strategic planning, budget and
execution, policy and planning and operation support. An office that
focused on training and other human resources issues was eliminated.
Three of the 75 jobs eliminated by the realignment were Senior Executive
Service positions, a move under review by Senior Executive Association
President Carol Bonosaro.
Kelley is also questioning the fate of the employees the agency plans to
lay off over the next few months.
"How will they be placed in new jobs, what choices do these employees
have?" Kelley asked.
Bradshaw said the agency is working with the staff affected by the
streamlining initiative to find them other employment within the
government. Some of the displaced employees are filling vacancies in other
parts of the agency and others are detailed to the General Services
Administration, the Office of Management and Budget and the Federal
Emergency Management Agency.
"They are helping the employees with any training that they need to make
sure that they get the skills for the new jobs," Bradshaw said.
In the fall, the agency will hold competitions to outsource some of the
information technology functions.
"If we can do it more cost effectively in-house, we'll keep it in-house,"
Bradshaw said.
************************
Federal Computer Week
Firms target weakest link
Web applications more vulnerable to attacks
Several companies are stepping up efforts to help federal agencies address
the weakest link in information security: application security.
The rise in attacks on corporate and high-profile government Web sites
shows that organizations not only need to protect entry points into their
information networks, but also must shield their Web applications, experts say.
To that end, American Management Systems Inc. last week launched Enterprise
Security Group (ESG), which will provide application security services to
corporate and federal clients.
ESG will work with the AMS vertical industry groups to provide products and
services to address the full range of application security, from setting
policy to protecting applications from attacks to business continuity and
recovery.
"We are not ignoring network and [systems] security, we're just putting
another stake in the ground," said Jeffrey Johnson, vice president of ESG,
which is located in the information technology consulting firm's Fairfax,
Va., headquarters. Application security is crucial because applications now
include interfaces that extend outside the corporate environment, Johnson
said.
Applications, which contain critical business information, are more open to
attack now because organizations via the Internet or intranets are giving
customers, employees and business partners access to applications and
databases that sit behind the corporate firewall.
"Hackers have become more sophisticated; they know how applications work
and now can slip through the firewall," said Peter Lindstrom, director of
security strategies at the Hurwitz Group, an IT consulting firm.
"Definitely, there is an understanding in the market that network-based
firewalls can do only so much for security."
AMS will offer four security services, Johnson said. The company will also
provide its Cryptographic Management System to help clients effectively
secure applications with authentication mechanisms such as access controls,
encryption, digital signatures, role-based cryptography, passwords and
public-key infrastructure technology.
To protect applications from attack, AMS will provide the Security
Intelligence Management System, which lets IT administrators view potential
threats and vulnerabilities to their systems from a central Web portal, and
the Application Intrusion Detection System, which detects intruders at the
application layer.
Meanwhile, a partnership between KaVaDo Inc., a provider of Web application
security software, and ViON Corp., a provider of advanced storage products
to all levels of government, aims to add another layer of protection for
federal agencies. ViON will sell KaVaDo's flagship products, InterDo, a Web
application firewall, and ScanDo, a vulnerability scanner, into the federal
market.
InterDo intercepts all incoming and outgoing traffic to and from
applications. The software validates requests before allowing data to pass
through to back-end applications. InterDo provides customized security
shields to block intrusions to applications, protecting against attacks
that exploit protocols such as HTTP and Internet cookie software as well as
database sabotage. InterDo also automatically creates or updates security
policies.
ScanDo audits an entire Web application environment, including Web servers,
application servers and business logic, to uncover known and unknown
vulnerabilities. The application scanning and firewall technology is
important because many of the attacks during the past few years have
focused on breaking into Web servers such as Microsoft Corp.'s Internet
Information Server and its components, Lindstrom said. Other companies
offering Web protection tools include Sanctum Inc. and SPI Dynamics Inc.,
he added.
According to recent FBI reports on cybersecurity, about 70 percent of all
attacks are executed at the application layer, said Tal Gilat, chief
executive officer of KaVaDo. "And with these attacks, [the attacker]
doesn't have to be as technically savvy compared to attacks against the
network" or virtual private networks.
***
Securing Web applications
American Management Systems Inc.'s new Enterprise Security Group will
provide four services to protect organizations' critical applications.
* Security Policy Program Ensures deployment of policies through audits,
training and awareness programs.
* Enterprise Application Security Program Ensures effective use of a
variety of authentication mechanisms such as passwords, digital signatures
and public-key infrastructures.
* Application Intrusion Prevention Program Provides threat assessment and
intrusion detection.
* Business Continuity Program Provides risk and business impact analysis
and recovery.
**********************
Federal Computer Week
A well-tuned Web machine
New tools aim to troubleshoot complex Web applications
The Web has turned out to be a wonderful means of delivering information
and services, but it's becoming a bear to manage. The "old school" focus on
keeping the network up and running is just part of the process. Maintaining
the health and status of Web applications is the new worry.
And it will get worse. As Web applications become more distributed and
complex under the emerging set of software tools called Web services, the
traditional notion of unassailable borders of responsibility the
networking group has nothing to do with the database group, which has
nothing to do with the storage group will be overturned. All activities
will influence one another, and keeping a Web-based infrastructure humming
will become the ultimate balancing act.
Help may be on the way in the form of emerging performance management tools
that aim to focus administrators on the outcome that matters most: end-user
satisfaction.
The fact that traditional network management tools have not kept pace with
the growing complexity of the Web environment has become a major headache
for administrators.
For example, the old method of regularly "pinging" or polling a network
using Internet Control Message Protocol packets to see whether specific
devices and sites are up and running doesn't work in the new era of
distributed Web applications, according to Miguel Rivera, project manager
with the U.S. Customs Service's Network Engineering Team.
"You can't see what is happening with the end-to-end connectivity," he
said, and that is vital because administrators must isolate the specific
place where something has gone wrong in a large and complicated
environment. Then they have to judge the effect of that problem on other
parts of the infrastructure.
"Performance management in an n-tier environment is very difficult, simply
because of the complexity introduced by all of those tiers," he said. An
n-tier environment is one with multiple tiers.
The good news is that improvements in the technology of network devices,
and the solutions used to manage them, are reducing the need for fault
management. It's less likely these days that Web sites will actually go down.
The emphasis now is on improving the performance of those sites and the
services delivered through them. Reducing the response times that frustrate
Web users is becoming a priority.
And that's what performance management is about. The ultimate goal of user
satisfaction a Web site is always available and links are fast and
accurate translates to making sure the Web environment is available 24
hours a day and that the response time is always optimal.
Monitoring Applications
TeaLeaf Technology Inc. is among the companies seeking to stake a claim to
the new performance management territory. Its IntegriTea product monitors
what the company calls the functional integrity of an application. Even
when everything seems to be humming along nicely from the manager's point
of view, the user may still be having a lousy online experience.
IntegriTea monitors user sessions and collects related transactional data
from all available log files the performance reports generated by the
various components of the Web application, such as network equipment,
databases and application servers. Then, in real time, the software
summarizes system performance during many separate user sessions and
presents the information to managers in a single view.
Performance problems could be caused by logical errors or by "other
problems that are stopping the users from doing what they want to do," said
Tim Knudsen, TeaLeaf's director of marketing. "Organizations usually don't
have this user session information available when they are trying to solve
problems just by looking at them from an internal management point of view."
Fortel Inc.'s SightLine takes a similar approach to collecting and
aggregating real-time information on e-business transactions, including
information injected into the process by an organization's business
partners. It monitors what Fortel calls the "critical path" an e-business
transaction takes across all of the application components in a Web
environment and then applies a correlation engine to identify the
relationships among those components.
If the performance of the system starts to move outside certain limits,
SightLine can flag managers about possible negative trends, enabling them
to correct the situation before users see a significant decline in service
levels.
When things go wrong in a Web environment, according to Asa Lanum, Fortel's
president and chief executive officer, managers typically try to pull
together information on the various elements that make up a Web service and
see how well they interact. But he said that's an often laborious, manual
process that involves some guesswork, which his company's product is trying
to remedy.
A 'Process' Solution
The trick for these and other tools, said David Moyer, a senior manager
with KPMG Consulting Inc., is providing a solution for a process rather
than for a point problem.
"The supply chain guy is looking at it from the perspective of the process,
while on the other side, the IT guy is looking at it from the perspective
of network connections, security, bandwidth, database access and so on,"
Moyer said.
It could be another 18 months to 24 months before most companies have their
products at the level where they can provide the kinds of analysis that
will accommodate those multiple perspectives, he added.
And it may take longer than that for the demand for those products to
really show itself, according to Stephen Elliot, director of systems,
applications and storage management software at the Hurwitz Group, a market
research company. The general demand now is for basic, tactical tools that
will allow managers to wring more value out of the monitoring and
management tools they already have, he said.
"Some of these newer tools are very innovative, and there's certainly a lot
of investigation of them going on," he said. "But there's a lot of
confusion among users about what is truly needed to improve the performance
of applications and the way they fit into service-level requirements, what
impact they will have on databases and so on."
Robinson is a freelance journalist based in Portland, Ore. He can be
reached at hullite@xxxxxxxxxxxxxxx
************************
Federal Computer Week
IT's veiled threat
Editorial
08/05/02
Attorney General John Ashcroft has unwittingly underscored the reality that
technology heightens the threat to American civil liberties.
Late last month, Ashcroft defended a plan to recruit private citizens to
report suspicious behavior in their neighborhoods by saying the data would
not be stored in a central database, although it might be kept in
individual law enforcement databases across the country.
The attorney general suggested that this distinction would ensure that the
program, known as Operation Tips, would protect Americans from undue
violations of their privacy. His argument shows that Justice Department
officials understand the power of technology, but that they also
underestimate it. Therein lies the threat.
Much is made about the difficulty government agencies have sharing
information. The usual problems, though, are not necessarily obstacles to
privacy breaches.
Clearly, both technically and culturally, it is hard to set up a system to
automate data exchanges between agencies or across different levels of
government, as the law enforcement and intelligence communities can verify.
But numerous agencies have managed the task on a smaller scale, working
with a well-defined set of data and well-understood processes. The
technology exists for such initiatives, experts say, if organizations have
a sufficiently compelling reason to undertake them.
If we take Ashcroft at his word and set aside concern about a systematic
abuse of privacy, we are still left with the possibility that well-meaning
individuals could take it upon themselves to take a decentralized system
and start making the links. The necessary technology is likely well within
their means, and the motive the threat to national security is certainly
compelling.
The outcry about Operation Tips and the specter of citizen informants could
kill the program before it ever begins. But as long as agency officials
responsible for homeland security underestimate the technology at their
disposal, the threat to civil liberties will linger.
**********************
Federal Computer Week
Security overload
New tools give agencies a leg up on security data management
The Federal Aviation Administration, like many organizations trying to
secure large, complex networks, was in a quandary.
Information technology operators at the FAA were overwhelmed by the vast
amount of data being generated by the many security devices strategically
deployed to keep out the bad guys. With so much data flowing in from
firewalls, intrusion-detection systems and other devices, IT security
administrators worried that some threats and potential attacks might not be
noticed.
"As we've started to deploy more intrusion-detection systems, firewalls and
network mappers, the amount of information has increased," said Michael
Brown, director of the FAA's Office of Information Systems Security.
Agency officials realized they needed to correlate the vast amount of
information on security events into a single management console where it
could be viewed and analyzed in real time.
They are not alone. Civilian and military agencies, as well as large
companies, are grappling with security data overload.
Numerous tools can help agencies maintain a secure network, including
authentication, content security, encryption, firewalls and
intrusion-detection systems. But each product has its own way of collecting
information and alerting administrators about potential security breaches.
"A challenge [for IT administrators] is getting a complete picture of the
state of security in their domain," said Lawrence Hale, liaison director
for the Federal Computer Incident Response Center (FedCIRC), which monitors
security incidents for civilian agencies.
Single View
To solve this problem, the FAA and other federal agencies are turning to a
new crop of products that collect and monitor data generated by security
tools, often consolidating this information into a single management console.
Federal agencies are deploying an increasing number of commercial tools
from companies such as ArcSight, CyberWolf Technologies Inc., e-Security
Inc., GuardedNet and Micromuse Inc., to name a few. The FAA deploys an
integrated set of security tools that include event management and
intrusion detection. Officials would not name the vendor for security reasons.
However, for more advanced correlation and data reduction capabilities, the
FAA turned to the academic community, funding researchers at the
Massachusetts Institute of Technology to develop an event correlation system.
The FAA chose MIT because the agency didn't want a proprietary system and
instead opted for one that was open and supported international standards,
Brown said. Also, the FAA wanted to develop a system that could be shared
with other federal agencies.
The FAA is integrating the system into its data warehousing framework,
which uses neural technology to extract data. The system also passively
scans the network for unusual activity and can detect if new network
equipment, such as routers or servers, comes online.
Officials have already seen results from their tests of the system.
Previously, IT operators reviewed event logs that were six to 10 hours old.
The new system has reduced that lag time from hours to minutes, said Tom
O'Keefe, deputy director of information systems security at the FAA.
Labor Department officials also have seen a reduction in the time it takes
IT operators to access and analyze data by adopting event management
systems, according to Laura Callahan, deputy chief information officer at
Labor.
Callahan declined to identify the products the department uses for security
reasons, but she said IT operators at the agency are familiar with products
from SilentRunner Inc., a Raytheon company, and Network Intelligence Corp.
"We are challenged in trying to sift through volumes of information to do
trend analysis," she said.
Callahan also praised the tools' forensic capabilities, which enable IT
operators to play back events for investigative purposes.
Besides deploying event management tools to battle the problem of data
overload, the department is moving to a common security architecture. This
means that each division within a line of business will adhere to the same
standards and security technology, eliminating the need for multiple
management consoles to monitor disparate products in each business unit.
Not a Panacea
There is a definite need for security event management tools in federal
agencies, but "tools are not a panacea," said Thomas Gluzinski, president
and chief executive officer of Paladin Technologies Inc., a provider of
security services to the federal government.
Many of these tools are in their first generation, and some are complex and
hard to use by someone lacking in-depth security knowledge. Others are easy
to use but still require experts to analyze the data and take appropriate
action, he said.
"And security event management products are computers, too," FedCIRC's Hale
pointed out, so they are open to attacks or exploitation by hackers.
According to John Pescatore, a research director at Gartner Inc., a
security event management system needs four key features:
n The tool must monitor events in real time and pull that information into
a central location.
n It must filter data and present it in meaningful reports.
n It should have a discovery engine that can identify all the devices on a
network. Most current products lack this feature.
n It must be able to control the security devices. For instance, the
product must have the capability to change settings on a firewall in the
event of an attack or work in conjunction with an intrusion-detection
system to automatically block an attack.
The better products in the future will have some type of neural network
capability that will enable them to identify and fix problems, Gluzinski
said. Some intrusion-detection systems, such as Internet Security Systems
Inc.'s RealSecure, can interact with firewalls from Checkpoint Systems Inc.
to fix a rule set and solve a problem in the event of an attack.
However, if the intrusion-detection system is not configured properly and
is not privy to internal business operations, it could introduce a new
problem by making a fix. The same is true for security event management
systems, Gluzinski said, which only emphasizes the need for skilled network
engineers.
But as more network-based intrusion-detection systems move from merely
issuing alarms to employing more highly advanced techniques blocking
attacks in the way that antivirus software stops the spread of computer
viruses there might not be a need for security event management systems,
Gartner's Pescatore said.
There are two reasons for an organization to deploy security event
management tools, according to Pescatore. Large organizations with several
hundred firewalls spread across a global network would need to manage the
output from those firewalls, and organizations deploying hundreds of
network-based intrusion-detection sensors should deploy an event management
system to reduce the false alarms generated by the sensors.
Unless an organization has made a huge investment in intrusion detection,
Gartner researchers recommend holding off on purchasing such systems
because more advanced tools will be released in about two years.
Others disagree. Intrusion detection "is where the pain is," but security
event managers are also collecting data from firewalls and antivirus
software, said Juanita Koilpillai, chairman and co-founder of CyberWolf
Technologies, formerly Mountain Wave. The Federal Emergency Management
Agency now uses the company's product, which automates analysis of data in
real time. Symantec Corp. acquired the Falls Church, Va.-based company last
month.
"It's more than an intrusion-detection issue," Callahan agreed. It's also
an issue of tracking who's accessing intellectual capital and the
applications and data associated with those assets. Intrusion-detection
systems can "tell you that a person is coming through the door, but not all
the rooms he's accessed." Security event management tools have the
potential to help administrators sort through this information without
manually analyzing each individual log file, she said.
Meanwhile, other efforts are under way to advance the field of event
correlation. For instance, the CERT Coordination Center, located at
Carnegie Mellon University, is conducting advance research on developing a
common output language for various security systems, said FedCIRC's Hale.
And at the SANS Institute, a Bethesda, Md.-based training and education
organization for IT security professionals, officials are working with
several vendors to determine the market leaders. They will then decide what
type of training is needed for security professionals to properly use the
products, said Stephen Northcutt, director of training at the institute.
"I'm optimistic about the maturity of security event management solutions,"
Callahan said. As experts refine their efforts to aggregate clusters of
data and as vendors develop algorithms for detecting attacks, there should
be "a more integrated common view across firewalls, systems, phones and
wireless" technology.
***
What is event correlation?
Event correlation is the process of comparing data from multiple sources to
identify attacks, intrusions or misuse.
Before data can be correlated, it must be removed from individual security
devices and sent to a consolidation point where it is pulled from disparate
log files, compressed and prepared for placement into a database.
After data is clustered, the security event management system can begin
data correlation. Because an attack usually touches many points in a
network, leaving a trail, a security analyst can possibly prevent or detect
an attack if he or she follows that trail.
************************
Federal Computer Week
Choosing a security management solution
BY Rutrell Yasin The security event management market is in its infancy.
But it already appears to be crowded, with everyone from enterprise
management vendors to intrusion-detection companies to pure security event
management firms entering the fray.
Choosing the right tool depends much on an organization's business and
computing requirements. And an organization with an enterprise management
platform such as IBM Corp.'s Tivoli Management Environment or Micromuse
Inc.'s Netcool suite of management software may opt to use the same
company's management software.
IBM Tivoli Risk Manager and Netcool for security management consolidate
security alerts from multiple security devices into one console.
Micromuse's software is designed to pull data from more than 300 devices,
including network management systems.
However, "not everyone can afford large management systems," said Mary
Ellen Condon, a former director of security at the Justice Department and
now director of information assurance at SRA International Inc., a provider
of security consulting services to the federal government.
To that end, organizations may want to consider an emerging class of event
management software that aggregates, correlates and analyzes volumes of
data generated by a range of security and network devices.
ArcSight this year introduced ArcSight 1.0, which consists of a data
collection and storage system that consolidates network alarms and alerts,
analysis tools to detect threats and a display-and-report function to
manage results. CyberWolf Technologies Inc., recently acquired by Symantec
Corp., offers a tool that applies root cause analysis technology to track,
store and match patterns of events or alerts that may appear innocuous, but
when put together represent a pattern of attack occurring over time from
multiple sources.
Originally funded by the Defense Advanced Research Projects Agency,
CyberWolf has expanded its reach in the government market by adding
customers such as the Federal Emergency Management Agency.
Managed security services companies and consulting firms that provide
security services to federal clients are increasingly relying on event
managers from e-Security Inc. and GuardedNet. When e-Security's Open
e-Security Platform debuted two years ago, the system provided a simple
central view of event data. In the past year, however, the e-Security
Platform has evolved into a real-time correlation engine.
E-Security also has teamed with Hewlett-Packard Co. to integrate its
security event manager with the HP Openview management platform to give
administrators a holistic view of their information technology infrastructure.
GuardedNet's nueSecure software provides centralized logging of information
and cross-device correlation of events for detailed analysis. Visualization
tools provide global mapping of attack sources. The system also provides
automated countermeasures, such as blocking an attack through interfaces
with firewalls and routers.
Other products, such as intrusion-detection systems from companies such as
SilentRunner Inc. and Lancope Inc., are also useful for event management
because of their analysis functions and their ability to discover devices
on the network, experts said.
But the real value of pure security event management products is event
correlation. "Event managers are important because they pool data, making
it easier to do log analysis," said Thomas Gluzinski, president and chief
executive officer of Paladin Technologies Inc., a provider of security
services to the federal government.
************************
Federal Computer Week
DOD putting fingerprint sensors to the test
Pentagon and Army officials plan to test how they can use fingerprint
technology to more quickly verify users in the field.
The Defense Department's Biometrics Management Office (BMO) and the Army's
Communications-Electronics Command (Cecom) plan to test the technology in
the Army's tactical Network Operations Center- Vehicle (NOC-V), a portable
shelter mounted on a Humvee that provides network management for classified
and unclassified data and voice networks used by soldiers. It is designed
to provide network management in a small package, which reduces airlift and
manpower requirements for brigade combat teams, according to Army officials.
The Biometrics Fusion Center the BMO's test-and-evaluation facility in
West Virginia, near the FBI's fingerprint laboratory will collaborate with
Cecom, based at Fort Monmouth, N.J., to conduct the tests, which include
harsh-environment testing of the fingerprint authentication system within
the tactical NOC-V, said Jay Kowalczyk, a liaison between the two
organizations.
He said a meeting was held last week to finalize the project details and
funding sources, but he declined to discuss the overall program cost. "We
have to start right away to meet the operational timeline," he said, adding
that that is going to take a "significant integration effort."
"The single biggest obstacle is integrating Unix," Kowalczyk said.
"Biometrics as a whole is very [Microsoft Corp.] Windows-centric, but
there's not a lot out there for the Sun [Microsystems Inc.] Solaris 8
environment."
The program will use some fingerprint sensors that have already been
evaluated by the Biometrics Fusion Center, but even those sensors have
never gone through environmental testing "that you can't do in an office,"
Kowalczyk said.
The fingerprint sensors will be tested under various conditions and with
numerous external stimuli, including sand, mud, rain, humidity, solar
radiation, shock and vibration, electromagnetic interference and extremes
in the storage facility.
The goal of the biometric test, which is scheduled to begin shortly, is to
improve information security and uncover potential synergies with BMO's
other tactical biometric efforts, according to Linda Dean, the office's
director.
Dean said the test would help enhance "information security procedures for
brigade combat teams in the field" and also would benefit DOD as a whole
because it encourages "feedback from warfighters regarding the use of
biometrics in a tactical environment."
Kowalczyk said the feedback would be crucial because in the field, it is
often difficult for soldiers to remember passwords and adding another one
seems inefficient. Also, token technologies, such as smart card readers,
have repeatedly been rendered useless by sand and are ineffective in rugged
environments, he said.
Army officials would not name the specific technologies the Army will be
testing because "there's no assurance yet that they're going to work,"
Kowalczyk said.
**************************
Federal Computer Week
Management briefs
Aug. 12, 2002 Printing? Use this version.
Email this to a friend.
Feds urged to boost telework
Many American workers would gladly take a smaller paycheck to work at home,
according to a new survey.
But for that to happen, the federal government must expand broadband
availability to deliver faster and better Internet services, according to
the National E-Work Survey, conducted by the Positively Broadband Campaign,
which encourages broadband use. The survey polled 1,000 registered voters
in April.
"A significant amount of Americans see clear value in telecommuting if
given the option," according to the survey, released July 18. "They see it
as improving their lives, improving the quality of their work, and a
significant amount of people are willing to take less salary in order to
have the option to telecommute."
Broadband connectivity is important, according to the organization, because
it opens the door to large-scale file-sharing, collaboration,
videoconferencing and Webcasting.
Team recruits for tech careers
The Defense Information Systems Agency and the National Science Center
(NSC) are combining their resources to attract young people to math,
science and technology careers.
The federal government and the nation are faced with a shortage of
personnel in high-tech fields, and DISA and NSC signed a memorandum of
understanding July 30 to help introduce students to technical careers
before they enter college, said Maj. Gen. James Bryan, DISA's vice director.
NSC, a partnership between a nonprofit organization, the National Science
Center Inc., and the U.S. Army, encourages an interest in math and science
careers among youth. DISA, responsible for the command, control,
communications and information systems of the Defense Department, will work
to include a greater focus on information technology within NSC.
***********************
Government Computer News
VA secretary orders IT reorganization
By Preeti Vasishtha
Veterans Affairs secretary Anthony Principi has ordered a major
reorganization of IT operations at the department to begin Oct. 1.
In an Aug. 6 memo, Principi called for VA to centralize its IT program,
including personnel and funding, in the office of CIO John Gauss.
"All of the department's IT functions and personnel will be realigned under
the CIO and permanently reassigned effective Oct. 1," the memo said. The
document also gave the CIO authority over the department's IT appropriations.
Principi said he ordered the changes because accountability for IT
resources in the department remains "elusive." Workers have resisted
adopting the One VA enterprise architecture, he said.
VA last October announced it would implement the infrastructure plan,
saying the One VA initiative would help the department's three major
agenciesthe Veterans Benefits, Veterans Health and National Cemetery
administrationsshare information better with other government agencies as
well as one other.
But Principi said the three VA organizations had not provided the necessary
details for Gauss to determine IT investment costs and develop an
integrated IT portfolio.
"Administration IT initiatives continue to progress without the required
milestone reviews, thereby negating my direction that VA IT developments
work toward an integrated enterprise" the secretary said.
With the changes, CIOs K. Adair Martinez of VBA, Gary Christopherson of VHA
and Joseph Nasari of NCA will become deputy CIOs reporting to Gauss.
*************************
USA Today
Wristwatches are 'LoJack for kids'
By Janet Kornblum, USA TODAY
Richard Winn of Pinegrove, Pa., doesn't think of himself as paranoid, but
with so many abductions in the news lately, he wants to protect his
daughters, ages 6 and 9.
So he bought them special wristwatches that will track their locations 24
hours a day.
"You hope like heck you're not over-paranoid and you're not too fearful of
your child being dragged away," Winn says. "But you know the opportunity
exists."
Forget about traditional ID tags. This summer, parents are starting to look
toward a new breed of identification tag: devices that rely on the Global
Positioning System (GPS), a worldwide navigation system that allows a
person to find where they are by measuring themselves with satellites
orbiting 12,000 miles above the Earth.
Winn purchased his watches from a Redwood Shores, Calif., company called
Wherify Wireless, one of a handful of companies starting to sell relatively
lightweight devices that can be worn like watches or pagers to track young
children, aging parents with Alzheimer's or others at risk of wandering off.
All work similarly. In the case of Wherify, once the GPS watch establishes
its position, it then uses cell phone technology to send that information
to a central location. From there, Wherify makes that information available
to parents: They can log on to the Internet and view a map of their child's
location, or they can call Wherify from a regular phone and get the
information from an operator.
Winn, a systems analyst for the state of Pennsylvania, says he has been
using GPS devices for years to plot his fishing trips. "I started looking
around for something for my kids, especially with the wave of abductions."
The watches fit the bill; they're lightweight (3.9 ounces) and colorful
(they come in purple and blue) and should arrive in early September.
GPS and other tracking technologies have been around for years. The federal
government has even mandated that location tracking be incorporated into
our cell phones so that our 911 calls can be traced, although
implementation has been slow.
But the equipment, like cell phones of yesteryear, has been too big, too
bulky and too expensive to be worn and used like a Star Trek communicator
that you can just stick on your shirt and be located. Today's devices are
still a little bulky and the batteries still need to be charged frequently,
but they are wearable.
Among products available or in development:
Wherify Wireless (whose founder, Timothy Neher, started the company after
nearly losing his brothers' kids at a zoo) began taking orders for its $400
GPS watches for children a few weeks ago and is promising shipment in early
September. Customers also pay a monthly service fee of $25 to $50. The
watches give the kids a "panic button" that calls Wherify, which alerts
parents and the 911 emergency system; parents can lock the watch on kids'
wrists so it can't be removed. It can also be programmed to notify parents
when a child leaves a designated area. It's made from cut-resistant
material and can be programmed to notify parents when the device is removed
or tampered with
"It's LoJack for kids," says Marc Klaas, likening it to the system that
helps locate stolen vehicles. Klaas, father of Polly Klaas, the 12-year-old
girl from Petaluma, Calif., who was kidnapped and murdered in 1993, is
endorsing Wherify's product.
Applied Digital Solutions, of Palm Beach, Florida, produces a product
called Digital Angel, a combination watch and clip-on tracking device that
also uses GPS.
The owner of the unit can go on the Net to view a map showing the wearer's
location, and the watch also can be programmed to alert someone when the
wearer has wandered outside of designated boundaries. The alerts can be
automatically sent to any number of devices, including cell phones and pagers.
Digital Angel started shipping the devices in the spring. So far it has
sent out 200 and has orders for close to 1,000 more, says company president
Scott Silverman. The Digital Angel units also cost $400, with a monthly fee
of $30.
A new version of the system, out in a few months, will be a one-piece unit
about the size of a matchbook, the company says. Applied Digital also is
developing a GPS device that can be surgically implanted. Latin American
businessmen requested the device because so many of them have been
kidnapped, says spokesman Matthew Cossolotto. The company aims to have a
working prototype by the end of the year.
GPSTracks, based in Dallas, is developing a product to be clipped on
clothing. The company, which originally patented devices to find dogs, now
is developing at least two different products one for dogs and another for
humans, says founder Jennifer Durst of Oyster Bay, N.Y.
Unlike the others, GPSTracks, which has received several patents, does not
go through a third party; instead device owners can get location
information directly by using the Internet or wireless devices such as cell
phones, pagers and personal digital assistants, Durst says. She plans to
price the unit for under $300; there will be a $25 activation fee and the
monthly service charge will range from $10 to $15.
"We're hoping to have them on the shelves by Christmas," Durst says.
Personal location devices are so new that only a few hundred have been
shipped to owners; orders from Wherify and Applied Digital number in the
low thousands.
One drawback? GPS devices don't work in places where satellite signals are
blocked, such as concrete buildings and underground. But when they do work,
they can pinpoint location to within feet. Wherify enhances GPS to help it
work in some remote areas, but it's not perfect, and there will be areas of
blockage.
Applied Digital also plans to use "enhanced" GPS, which combines cell phone
technology with GPS technology and expands the area where a device will work.
But at this point, no GPS system is failproof. Chances are, if your cell
phone won't work, the GPS won't work, either.
Still, Wherify says that the devices will be useful even in areas without
reception: If a child is lost, his signal can be followed until he's found.
If he enters an area where the GPS doesn't work, he can be traced to the
last place where it did.
The watches are expensive, but Winn says the peace of mind they provide is
worth it. He hopes not only to be able to track his kids in case the worst
happens, but also to find them if they simply get lost.
"I know if something happens I can track her down. Or if she gets hurt, I
can find her."
Wherify Wireless and other companies are exploring the idea of producing
devices for daily rental at amusement parks, where parents and kids often
get separated. They and others foresee a day when personal locators will be
built into cell phones, watches and numerous other devices.
And that worries people like Alan Davidson of the Center for Democracy and
Technology, a free-speech and privacy advocacy group in Washington, D.C.
"When you compile information over a long period of time, it can provide a
complete dossier of a person's activities," Davidson says. "We do worry
about how these devices will be used."
David Shapiro of the National Center for Missing and Exploited Children
cautions against allowing technology to take the place of good parenting.
"Understand it is a device. Devices can fail."
In addition, "With tracking comes the ability of people not in your family
to track your children," he says.
Companies assure the strictest privacy and password-protect all their data.
Still, some worry that the mere existence of the information could be
dangerous; once it exists, someone could breach security and get it. Also,
companies would have to turn it over if a law-enforcement agency subpoenaed
the information.
Winn says he knows the watch won't take the place of talking to his kids
and telling them what to do when approached by strangers. But it does make
him feel better. "The watch itself? It's a little security for them, and
it's a little security for me."
E-mail jkornblum@xxxxxxxxxxxx
*************************
USA Today
Cigarette buyers turn to Net vendors to avoid state taxes
BOSTON (AP) States are losing millions in taxes as more people buy
cigarettes from Internet vendors who routinely ignore a federal law
requiring them to report sales to local regulators, according to a new report.
The trend could undercut efforts by cash-strapped states to raise revenues
by hiking cigarette taxes.
New Jersey and New York state both have a $1.50 per pack tax, the nation's
highest. Washington state is third, at $1.425. In Massachusetts, lawmakers
recently approved a 75-cent hike, a move officials hope will bring in an
extra $190 million annually.
Federal law requires Internet cigarette sellers to provide state revenue
officials with names and addresses of their customers. The officials can
then pursue the buyers to make sure they pay local sales taxes.
But Internet cigarette vendors are ignoring the law, according to the
report, to be released Tuesday by the General Accounting Office. Of 147 Web
sites identified as belonging to Internet cigarette vendors in the United
States, none posted information saying they complied with the law -- and 78
percent indicated they do not comply, the report said.
Calls to several Internet cigarette vendors advertising "tax free
cigarettes" were not returned to The Associated Press on Monday. One Web
site promised buyers: "We do not report to tax authorities in ANY state.
100% confidential."
By 2005, Internet tobacco sales in the United States could exceed $5
billion and states could lose about $1.4 billion in revenues, according to
the report. California alone has estimated a tax loss of approximately $13
million from May 1999 through September 2001 because of the failure of
online vendors to comply with the law.
The savings for buyers online can be significant.
The lowest amount that can be legally charged for a carton of cigarettes in
Massachusetts is $54.90. At least one Web site advertised a carton of
Marlboro cigarettes for as little as $26.99, and free delivery for those
who bought in bulk.
The GAO report recommends shifting primary enforcement of the law from the
FBI to the Bureau of Alcohol, Tobacco and Firearms, in part because of the
FBI's heightened focus on terrorism.
Rep. Martin Meehan, D-Mass., requested the report and distributed it Monday
to media outlets. He said the study reveals a burgeoning market of online
cigarette sales and a lack of oversight that lets children illegally buy
cigarettes online.
************************
USA Today
Teenage virus writers' latest tricks flunking out, antivirus experts say
LONDON (Reuters) "Script kiddies," those computer whiz kids behind such
e-mail viruses and worms as the "Love Bug" or "Anna Kournikova," are
becoming a harmless relic of the past.
It has been 18 months since the Anna Kournikova virus, considered by many
experts to be the last major computer virus authored by a precocious code
writer, inflicted widespread damage on the corporate world. Script kiddies
may be past their prime.
"They're just not the threat they once were," said Mark Toshack, a virus
analyst for British security firm MessageLabs.
Computer worms and viruses are still a hazard for computer users as last
year's Code Red and this year's Klez worms showed. But advances to
anti-virus software and a more vigilant public have largely defeated the
best the young virus writers can throw at the computing community.
And now, after a period of relative calm, security specialists are starting
to exult in their apparent triumph.
"Attacks from this group are declining," said Raimund Genes, European
president of virus-detection specialists Trend Micro. "Two years ago, we
thought this would be a big problem spot, but today it is not."
Script kiddies did the most damage developing e-mail viruses that fool
people into opening an attachment that masquerades as a provocative message
or as a photo of an attractive woman. Once opened, the virus is often
programmed to scan a person's electronic mailbox looking for more potential
victims.
A virus named after Russian tennis star Anna Kournikova and one labeled
"naked wife" spread rapidly around the globe in this way, slowing computer
networks to a crawl.
After counting up the monetary toll caused by Anna Kournikova, Love Bug and
other viruses and worms, computer experts and law enforcement officials
began sketching a picture of typical suspects.
They tend to be male teenagers. Described as loners, they are Internet
enthusiasts with enough knowledge of hacker and virus-writing Web sites to
amass the ingredients for a monster of a bug.
If the hacker succeeds in launching his concoction onto the Net, it could
earn him a few ego-boosting plaudits from peers.
Companies were warned. Those that failed to fortify themselves against
these exploits would pay the price with downed computer networks, lost
documents or worse the embarrassment of having the firm's name associated
with the distribution of an e-mail-borne virus.
"They (script kiddies) still exist," said Urs Gattiker, scientific director
at EICAR, European Institute for Computer Anti-Virus Research. "But to me,
they are like those kids who do graffiti. They're just a nuisance."
A different menace lurks
The bigger culprit is more menacing, experts say. Last year's powerful Code
Red, Nimda and Sircam worms tormented businesses for days at a time.
These worms took advantage of a software glitch to infiltrate the large
computer servers that manage e-mail systems and corporate Internet sites
and bog down their operations.
Many in the security sector believe these were no child's play, but the
product of highly-trained programmers. "The coding was too sophisticated to
be the work of script kiddies," Trend Micro's Genes said.
But even these more advanced exploits appear to have quieted of late,
security officials observe a development that has delighted and bewildered
them.
Improved anti-virus software, a more vigilant IT community, and fewer
worm-making tool kits available on the Net, like the one used in the
construction of the virus Anna Kournikova, are contributing to the decline,
experts say.
Also, the courts have begun to throw the book at virus writers. In May, the
author of the Melissa virus, David L. Smith, was sentenced to 20 months in
U.S. federal prison.
Jan de Wit, the alleged Dutch mastermind behind the Kournikova virus, was
sentenced to community service last autumn. He later appealed.
And last week, five Israeli teens were charged with creating the Goner
virus, newspaper Ha'aretz reported.
But some experts are skeptical that the recent crackdown will succeed in
convincing would-be virus writers to turn their code-writing exploits into
more wholesome computing pursuits.
"I don't think the legal system has really deterred anybody," said Graham
Cluley, senior technical consultant at UK-based Sophos Anti-Virus.
"I have this awful feeling that if somebody just picked the right celebrity
and passed it around the Net, we'd be eating our words," he added.
**************************
USA Today
Stakes are higher for hackers in post-Sept. 11 world
SAN FRANCISCO (Reuters) In 1997, a teenager who hacked into a Bell
Atlantic network inadvertently crashed the computer, leaving 600 homes, a
regional airport and emergency services without phone service and disabling
communications to the air traffic control tower for six hours.
The teen pleaded guilty and received a sentence of two years probation, a
$5,000 fine and community service. But in the near future, that scenario
could land someone in jail for life if a death were to result from a plane
crash or a delay in reaching medics on the phone.
"That is a realistic scenario," said William Reilly, an attorney at San
Francisco-based Cyber Security Law.
U.S. prosecutors and judges are cracking down on cyber crimes more
aggressively than ever, Reilly said. The airplane hijack attacks in
September have been used to justify harsher treatment for computer crimes
in the name of national security, Reilly and others said.
That reality dampened the mood at the 10th annual DefCon hacker conference
held in Las Vegas last weekend, despite diversions that included Hacker
Jeopardy games, a techno music dance party, cheap beer and private
strippers. The event is the world's largest gathering of computer
anarchists and rogue programmers, who prefer to operate under aliases.
"The act of hacking itself has a political dimension," said Richard Thieme,
an author, former Episcopalian priest and father figure to many hackers.
"Before Sept. 11, it could not be defined in and of itself as an act of
terrorism."
While most hackers at the event maintained their instinctual distrust of
authority, some have been quietly offering their skills to the U.S.
government since the attacks, experts said. "There is more of an awareness
that we're all in this together," said Thieme, who spoke at the conference.
"They're much more realistic. They've lost their dream."
New cybercrime laws
Of concern to many hackers is the U.S. Patriot Act enacted late last year
and a new bill called the Cyber Security Enhancement Act overwhelmingly
approved by the House of Representatives last month.
The Patriot Act raised the maximum sentence for breaking into a computer
network from five years to 10. The Cyber Security Enhancement Act calls for
up to life imprisonment for hackers who recklessly cause or attempt to
cause someone's death.
"What was a misdemeanor pre-Patriot Act could be a felony now with a five-
to 10-year sentence," said Simple Nomad, a DefCon speaker who works for
security company BindView. "That scares a lot of people."
As a result, hackers who formerly acted out of boredom or to seek a
challenge are now directing their energy into "hacktivism," the use of
computer hacking for political purposes, he and others said.
For example, there is more research into protecting anonymity on the Web.
Such technologies include "digital drop boxes" and steganography, which is
the science of hiding messages in things such as digital images, Simple
Nomad says.
Pursuits of such evasive technologies even further pits hackers against law
enforcers who in the 1990s all but lost the battle to prevent the
widespread availability of strong cryptography, used to keep messages secret.
The FBI and other agencies have stepped up their monitoring of the Internet
after finding Internet-related information on computers seized from
al-Qaeda, the group blamed by the Bush administration for the Sept. 11 attacks.
Hackers now "are more concerned about the political fallout and that the
government will take away more of their rights," hacker Rain Forest Puppy said.
Renewed patriotism
For some, however, the Sept. 11 attacks prompted a renewed sense of
patriotism. For example, Thieme says he knows of several hackers who are
using their skills to aid U.S. intelligence agencies.
"There was a huge surge to do the job," he said. "Suddenly the CIA and all
those (federal) guys weren't the enemy anymore."
"There have been flares and flashes of patriotism that I think a lot of
hackers hadn't experienced before," Simple Nomad said.
At least one U.S. federal official concurs.
"I'm guessing you'll see some of that because the computer underground
tends to be pretty patriotic," said Don Cavender, a supervisory special
agent in the FBI's computer training unit.
"In the three months (immediately) post-Sept. 11, I could have reached out
to the underground community and gotten a better response than before,"
said Cavender, one of the few federal agents at DefCon who wasn't in
stealth mode.
****************************
Los Angeles Times
Deal Gives Intertainer Access to Films for Net
By P.J. Huffstutter
A deal between online entertainment company Intertainer and a unit of
Universal Studios will mark the first time Universal's first-run films will
be available on demand to Internet subscribers.
The agreement between Culver City-based Intertainer, known for its
video-on-demand services, and Universal's pay-per-view group allows the
online firm to test whether there is a demand for secure streams of
full-length feature films via the Web.
Intertainer will have access to a library of 200 feature films including
"Spy Game," "K-PAX" and "Mulholland Drive." Intertainer already has an
existing cable video-on-demand deal with Universal.
***********************
Nando Times
Poll shows 'digital divide' shrinking, Internet use up
By THOMAS HARGROVE and GUIDO H. STEMPEL III, Scripps Howard News Service
(August 12, 2002 3:33 p.m. EDT) - Internet usage has become so pervasive in
recent years that every generation of Americans younger than 65 has become
cyber-savvy, logging onto the World Wide Web at least once a week.
The so-called "digital divide" no longer stops at age 50, according to a
survey of 1,008 adult residents of the United States conducted by Scripps
Howard News Service and Ohio University. The only people who do not
regularly use the Internet are those who have retired or are of traditional
retirement age.
Even that is expected to change.
"My mom is 82, and she uses the Internet every day, usually to download
pictures of her grandchildren and to keep up with the family," said Shereen
Remez, a research director at AARP, the huge advocacy group for America's
elderly. "The baby boomers are now approaching retirement and the majority
of them are Internet users."
Scripps Howard and Ohio University have been tracking Internet usage since
1995 when 87 percent of the adults surveyed reported they never used the
Internet. Most of the people who did use the Internet were under age 45.
The latest poll found that this year only 41 percent report that they
usually do not log onto the Web during a typical week. Usage varied little
between the age groups, dropping significantly only among people 65 or older.
"We find that the first push that prompts people to start using the
Internet is a desire for connectivity. The Internet is the fastest and
cheapest way for people to be connected to their relatives," said Remez,
55. "Secondly, is knowledge and how powerful a tool it is for research.
Thirdly, is convenience. I now purchase all of my airline tickets on line."
The poll found that 29 percent of American adults log onto the Web every
day, even on Saturdays and Sundays. Men are still more likely than women to
be heavy Internet users, but the gender gap has narrowed in recent years.
Usage of the Internet is most popular among college graduates who live in a
major city or a suburb. Residents of Northeastern and West Coast states are
mostly likely to be daily Internet users, while heavy online consumption
drops somewhat in Southern and Midwestern areas.
Half of all people who live in households with incomes of $80,000 or more
use the Internet every day, compared to less than a quarter of people in
households earning less than $25,000.
The latest survey was conducted by telephone from June 3-23 at the Scripps
Survey Research Center at Ohio University. The results were compared to
identical questions asked in a survey of 1,127 adults interviewed Oct. 21
through Nov. 1, 2001.
Both polls were jointly sponsored by Scripps Howard News Service and the
E.W. Scripps School of Journalism. The poll has a 4-percentage-point margin
of error.
Thomas Hargrove is a reporter for Scripps Howard News Service. Guido H.
Stempel III is a professor emeritus at Ohio University and director of the
Scripps Survey Research Center.
***********************
Nando Times
British schools watch for text-message bullying
LONDON (August 12, 2002 1:30 p.m. EDT) - When students return to England's
school in September, teachers plan to crack down on the latest method of
bullying: sending threatening text messages over mobile phones.
Students caught doing that face being expelled in an effort to stop the
growing problem, the government said Monday.
An updated guidance to teachers on bullying will explicitly recognize the
phenomenon for the first time, the Department for Education and Skills said.
Victims will be encouraged to keep the threatening messages they receive,
or a record of them, officials said. Students who prove their case also
could have their mobile phone operators change their phone number for free.
Earlier this year, statistics from the children's charity NCH showed that
one-quarter of young people had been threatened via their computer or
mobile phone, and 16 percent had been bullied by text message.
***********************
Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx