[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips September 6, 2002
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, CSSP <cssp@xxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, akuadc@xxxxxxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;
- Subject: Clips September 6, 2002
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Fri, 06 Sep 2002 11:35:08 -0400
Clips September 6, 2002
ARTICLES
Web May Hold the Key to Achieving Artificial Intelligence
Most Support Gov't Web Action [Internet Censorship]
Most e-gov initiatives are ready to take off
Cell Phone Records Playing Key Role in Criminal Cases [Privacy]
Army issues FCS requirements
VeriSign adopts new e-commerce anti-fraud system
New front opens in war on spam
Engine trouble [Internet Censorship]
Brussels seeks bidders for running EU domain
PBS censors its own site [Internet Censorship]
No silver bullet against piracy
Hatfill was fired after LSU got e-mail from Justice Dept.
Bush Administration to Call for Privacy Czar [Privacy]
Feds Online [Security]
Who Goes There? [National ID]
Scientists join war on terror
House lacks worst-case scenario plan
Broward official fears chaotic elections office will torpedo primary [E-Voting]
*******************************
Washington Post
Web May Hold the Key to Achieving Artificial Intelligence
Friday, September 6, 2002; Page A01
If you ran into him online, you might first be struck by the kid's
prodigious memory. He calls himself "SmarterChild" and can recite a litany
of facts -- this season's entire baseball lineup, every word in the
dictionary, and the weather in major cities across the country.
But other queries provoke odd responses.
A question about SmarterChild's age returns, "One year, one month, 11 days,
16 hours, 7 minutes, 47 seconds!" Asking where he lives gets, "In a clean
room at a high-tech hosting facility in California."
SmarterChild, a computer program, is part of a new species of "chatterbots"
that are renewing debate about the extent to which computers can achieve
intelligence.
The electronic personalities of this generation use the vast repository of
information on the World Wide Web as their memory bank, not just some rigid
database. To answer questions about baseball, for instance, SmarterChild
scours the Web site of SportsTicker Enterprises LP; for spelling, it goes
to the American Heritage Dictionary online; for the weather, it visits
Intellicast.com.
The company that conceived SmarterChild, Active Buddy Inc., created the bot
as a marketing tool that would engage people in conversation and then tell
them about various products or services.
Other companies have begun using these systems to help with customer
service or Web searching. Eventually, however, some believe that
technicians will be able to turn programs like SmarterChild into more
intelligent systems. That is, the network will naturally begin to evolve
into a sort of global brain, one made up of the constellation of the
roughly 1 billion computers comprising the Internet.
Such a system might automatically offer advice on city planning based on
demographic patterns or recommend that printing cease on a novel that
hasn't sold a copy in weeks. It might even pinpoint the outbreak of a
disease based on the health complaints people are searching for information
about online.
The idea that computers might serendipitously comb through troves of data
to produce useful bits of information faces numerous political, economic
and social hurdles, such as privacy concerns, not to mention enormous
technical obstacles. And skeptics abound.
Push Singh, who runs an artificial intelligence project for the
Massachusetts Institute of Technology's fabled Media Lab, scoffs at the
notion that such AI systems are likely to develop any time soon.
"Intelligence," he said, "is not a simple thing, and it's not going to
arise accidentally."
Scientists have worked to create an artificially intelligent agent for as
long as there have been computers. Yet every revolution in power and
processing speed has only pushed AI further into the future as science
smacks up against the complex biology of intelligence.
But the infinite nature of the Web echoes the infinite mystery of the
brain, raising the possibility of success with artificial intelligence at
some level.
Singh said he recognizes that. "The Web as it stands is not the future," he
said. "There will be something that comes after the Web, something that I'm
sure will be built on AI technologies."
Virtual Boy Scout
Created by engineer Timothy Kay, SmarterChild began popping up in instant
messaging systems last summer. Since then, close to 9 million people have
talked to him.
Chatterbots, which converse with people through real-time text messages,
have existed on the Internet for years. Underneath their friendly exterior,
they are basically databases built by humans that link typical questions to
stock responses.
SmarterChild is different. Its database is limited only by the reach of the
Web. Scientists are beginning to capitalize on the way the global network
converts "knowledge," or at least reams of data, into a digital language
computers can understand.
"The Internet starts to make things possible again," said Michael Kearns, a
computer science professor at the University of Pennsylvania and former
director of artificial intelligence at AT&T Labs.
To be sure, SmarterChild often spits out gibberish and non sequiturs just
like its predecessors. But its ability to access and digest online
information represents a major step for artificial intelligence.
So potent are the possibilities that researchers at a diverse group of
academic, nonprofit and government-backed and corporate centers such as
MIT, the World Wide Web (W3) Consortium, the Los Alamos National Laboratory
and Microsoft Corp. are embarking on projects to tap information already
available on the network.
For the most part, bots like SmarterChild are able to talk only about
certain established topics. But some have been able to reach a touchstone
of artificial intelligence -- passing the Turing Test, in which researchers
ask humans to guess whether they are communicating with a person or a
machine. If people can't tell the difference, the machines are deemed to
have passed the test.
Some scientists believe that by fusing the many systems of the Internet, an
artificial being with the combined knowledge of, say, Albert Einstein,
Richard Nixon and Britney Spears could be born.
But before that happens, the AI community must overcome two huge barriers.
The first is that computers have a hard time reading Web pages because the
files are labeled in different ways, some more unconventional than others.
That's why Active Buddy programmers need to tell SmarterChild where to look
for the weather; it would be a significantly more difficult task to let him
find it.
A group led by Tim Berners-Lee, creator of the Web and director of the W3
Consortium, hopes to fix some of that by assigning keywords or tags to
text, sounds and images. The task of renaming pages, however, must be done
manually and will take years to complete.
Another wall that AI projects have hit is that while online entities like
SmarterChild can regurgitate and process information more accurately and
faster than any human, they lack common sense, a basic grounding of
knowledge that is obvious to any young child. The computer mind, for
instance, has had difficulty understanding concepts like "once people die,
they stop buying things" or "trees don't grow in cars."
MIT's Singh and others are trying to create a "knowledge base" that can be
implanted into AI projects by using human volunteers. People who want to
help the project, called the Open Mind Initiative, can go to its Web site
and type whatever comes to mind (and makes sense) when they are flashed
certain photographs, diagrams or sentences.
A Global Brain
Another project, led by researchers at the Free University of Brussels in a
loose collaboration between nearly a dozen scientists, psychologists and
biologists around the world, attempts to help computers understand
relationships between people, objects and ideas by studying how humans
access information online.
It all began one evening in 1999, when a graduate student named Johan
Bollen created an early version of software that gives Web sites the
ability to automatically reorganize the content on their pages.
Using the "cookies" that sites use to identify and track Web users, the
program analyzes the routes people take to get information and tries to
simplify them. The software mimics the human brain, strengthening,
dissolving and even creating hyperlinks on a page based on patterns of use;
the Web pages act like neurons, and the links act like the synapses between
them.
If it finds that people often go from A to B to C, it will create a path
directly from A to C. For instance, if many people are hopping from the
main Yahoo page to the Finance section and then to the page about WorldCom
Inc., the program might create a new link from the main Yahoo page to the
telecommunications company's Web site.
"It's about helping people find the connections between information," said
Bollen, 30, now an assistant professor at Old Dominion University in
Norfolk. "You have so much junk on the World Wide Web there's no guarantee
that the information is good and fits what you desire. What I'm talking
about is a Web that bends itself to the actions of its users."
Bollen's technology is already being used as part of a library search
engine at Los Alamos called the Active Recommendation Project. The program
can offer people a list of links that may include relevant material, even
if the links don't contain the word the user entered. The more people use
the system, the smarter it becomes.
One of the central ideas of researchers who believe in the vision of a
"global brain" is that the earth can be seen as a single organism with many
complementary parts that must work together to succeed.
Francis Heylighen, a professor at the Free University who oversaw Bollen's
initial project, likes to use insects such as ants, bees and termites as
examples. "Individually dumb, but capable of surprisingly intelligent
behavior when functioning as a group," he said.
The ant analogy is exactly what frightens some of his peers.
They worry that a "hive mind" might stifle freedom and individuality.
Already, some efforts to reorganize Web sites based on the preferences of
the majority end up drowning out the voices of the minority.
Others are concerned about privacy issues, that computer networks will
become all-knowing. Still others worry about the Internet becoming
all-powerful.
Los Alamos scientist Luis Rocha, who is heading up the digital libraries
project, said he doesn't know whether the Internet could ever become a
malevolent, intelligent, self-aware being.
Still, he said: "A lot of times science is moved by far-fetched goals. You
aim for the moon and hit London. And a lot of times, that's somewhere you
haven't gone before."
Staff researcher Richard A. Drezen contributed to this report.
***************************
Associated Press
Study: Most Support Gov't Web Action
Thu Sep 5, 5:46 PM ET
By ANICK JESDANUN, AP Internet Writer
NEW YORK (AP) - More than two-thirds of Americans say it's OK for
government agencies to remove public information from the Internet, even
though many didn't believe it would make a difference in fighting
terrorism, a new study finds.
But Americans were evenly divided on whether governments should be able to
monitor e-mail and Web activities, with 47 percent opposed and 45 percent
in support.
"When it gets close to common, everyday things they do, their guard gets a
little higher," said Lee Rainie, director of the Pew Internet and American
Life Project, which conducted the telephone-based survey released Thursday.
Since Sept. 11, several federal and state government agencies have removed
documents, maps and other resources from the Internet out of concern the
materials could aid terrorists.
The stricken items include federal environmental reports on chemical plants
and their emergency response plans; mapping software showing communications
infrastructure in Pennsylvania; and data on drinking water and natural gas
pipelines in the United States.
Many of the removed documents remained available offline in government
reading rooms or even online, housed at other, nongovernment sites. Some
items have since been restored by the government.
According to the Pew survey, 67 percent of Americans believe the U.S.
government should remove information that might potentially aid terrorists,
even if the public has a right to know. Twenty-three percent believe the
government should leave the information up, with the remainder not knowing
or not answering.
Of those favoring removal, 36 percent said doing so would have no effect on
terrorism. Overall, 47 percent of Americans felt that way, compared with 41
percent who thought it would help hinder terrorism.
Internet users were more likely to oppose monitoring and believe that
information removal would not make a difference.
"It certainly is significant that our society which has always prided
itself on open access of information is now so scared of what open access
to information means," said David Greene, executive director of the
nonprofit First Amendment Project in Oakland, Calif.
Greene said Americans may not believe the information is personally useful.
"People think, `I'm not going to poison the water supply system, so what do
I need to know about the water supply system?'" Greene said. "But if all of
a sudden they are part of an effort to restrict development of a watershed
and need that data ... all of a sudden they realize it's important."
Meanwhile, the Pew study found that the attacks continued to affect
Internet behavior a year later.
Eighty-three percent of Americans who used e-mail to renew contact with
family and friends soon after Sept. 11 maintained those relationships
throughout the year.
Internet users have also obtained news, visited government sites and made
donations online more frequently, with a large number citing the attacks as
the major reason for change.
The telephone survey of 2,501 adults, including 1,527 Internet users, was
conducted June 26 to July 26. The margin of sampling error was 2 percentage
points for the full sample, 3 percentage points for questions asked of
Internet users only.
******************************
Government Computer News
Most e-gov initiatives are ready to take off
By Jason Miller
Mark Forman and his colleagues at the Office of Management and Budget
expect to be busy over the next four months with the launch of up to 21
first or second iterations of the 24 Quicksilver e-government initiatives.
OMB's associate director for IT and e-government yesterday discussed how he
sees agency projects moving over the next six to eight months at the
Interagency Resources Management Council conference in Hershey, Pa.
"The first cycle was getting up Web sites, simple tools to show that the
government can provide integrated customer-centric focus," Forman said.
"Virtually all the projects will have that first iteration done with some
neat tool. Now we are about to start or, in some cases are already into,
the second iteration. It is all about re-engineering; it is all about
changing the way we do work, fixing the management problems to make it
simpler."
Forman said the first version of the Transportation Department's Online
Rulemaking system and the second iteration of the Interior Department's
Recreaction.gov Web site will be unveiled in late September. The General
Services Administration's E-Authentication prototype will launch in
mid-September, letting citizens perform transactions with three or four
projects, including some that are not among the 24 e-government
initiatives, Forman said.
The Small Business Administration is planning to release the second version
of its Business Compliance One-Stop by early November, Forman said.
Two other projects came online earlier this summer, Forman said. The Health
and Human Services Department put an E-Grants portal prototype online, and
the Treasury Department's Simplified and Unified Tax and Wage Reporting
project put the 94x series of forms on the Web.
Forman said Disasterhelp.gov moved past its initial problems after Joe
Allbaugh, director of the Federal Emergency Management Agency, the agency
leading the effort, sorted out several obstacles to the project with the
head of another agency, which Forman declined to name. Forman said the site
should be up in the next two months.
The Defense Department is working with the State and Commerce departments
to launch an e-government project outside of the 24 Quicksilver
initiatives. Forman said U.S. Export, a joint business case the three
agencies will submit later this month, will let agencies conduct
complicated paper processes for some licenses online.
"I'm very happy with the change we are seeing," Forman said. "We have to
continue to focus on the Web. This is the fundamental way we are dealing
with the public."
Forman said that by next summer OMB will give the projects' managing
partners the choice of two Web service platforms that will let the
initiatives more easily share similar transactional processes. He said the
platforms will be the IBM Grid Computing Platform and Microsoft .Net.
"Not every organization that does that transaction will have to own a piece
of software to do that," he said. "This is one of big reasons we focused on
enterprise architectures so we can sync this up across agencies. This is a
revolution in IT industry that we have to be in the forefront of and free
up resources to focus on it."
**************************
News.com
Tech firms urged to aid security efforts
By Declan McCullagh
WASHINGTON--Technology companies should work more closely with federal
agents to defend against electronic intrusions, a liaison to the FBI's
InfraGard program said Thursday.
Phyllis Schneck, the co-chairman of the InfraGard executive board, said
that if an online attack takes place a business will benefit from knowing
which FBI agents to contact.
"The people that you want to call, the people you want to contact, are the
ones you trust," Schneck told about 200 attendees at the InfoWarCon
conference. Created in 1996, InfraGard is an information-sharing alliance
between the FBI, the FBI's National Infrastructure Protection Center,
universities, state and local police, and private companies.
The two-day InfoWarCon event was less a trade show and more an extended
show-and-tell session, with speakers sharing stories of how they have
created "cybersecurity" centers in their agencies or companies and what
obstacles they encountered.
About half of the attendees were from the government, mostly military, and
the other half were from large corporations such as airplane maker Boeing
and drug developer Pfeizer. All, however, seemed to recognize that after
last year's terrorist attacks, politicians and CEOs have become far more
willing to hand over money to thwart potential electronic miscreants.
Jill Warren, the former assistant attorney general for Texas, said her
manager had responded to the attacks by creating a special committee that
recommended the creation of a Texas Infrastructure Protection Center. The
goal is to exchange information between government offices and corporations
regarding "physical and cyber assets that are critical to the health,
safety and welfare of Texas residents."
"The best strategy for defending against attacks requires the cultivation
of an alert network, both government and businesses," said Warren, who is
now at the Bracewell and Patterson law firm.
As CNET News.com recently reported, it is possible for electronic
intrusions to damage infrastructure and threaten physical danger, but
taking control of those systems from the outside requires specialized
knowledge and the intruder often must overcome noncomputerized fail-safe
measures.
After the Sept. 11 attacks, it took less than 24 hours for concerns of
cyberterrorism to emerge as the next great threat, triggering calls for new
legislation to broaden the authority of law enforcement agencies. Privacy
advocates, the Green and Libertarian parties, and others have criticized
laws such as the USA Patriot Act as overreaching and overly intrusive.
Philip Lago, deputy executive secretary at the CIA, said the "civil
libertarians just went crazy."
Because the CIA's records are classified, "I can't share with you the
successes, and there have been literally hundreds of them," Lago said at
the conference.
Lago said that while the intelligence community is sensitive to concerns
about overly broad surveillance, laws can complicate effective
intelligence-gathering. "The National Security Agency is working on the
Fourth Amendment thing," Lago said. He added that legal restrictions
against spying on U.S. citizens are not controversial, but those same
limitations pose a problem when immigrants and tourists can benefit from
the Fourth Amendment's prohibition on "unreasonable" searches.
"I wish we could make every single member of this country--there goes this
democracy thing, right?--read those New York Times articles (about victims
of the World Trade Center) and realize what this is about," Lago said.
Anyone who wishes to participate fully as a "secure" member of InfraGard
must complete a 10-page application and undergo an FBI background
investigation. "General" members of InfraGard do not need to do so, but
Schneck said she was campaigning for background checks on all participants.
InfraGard's Schneck, a vice president at an Atlanta intrusion-prevention
firm called SecureWorks, said InfraGard members who frequently travel are
encouraged to report suspicious behavior to the FBI. "Think of the things
you're seeing," she said. "You're the eyes and ears."
Last month, the Bush administration halted a related program called
Operation TIPS, citing concerns that America would become a nation of
informants.
***************************
Los Angeles Times
Cell Phone Records Playing Key Role in Criminal Cases
By ANNA GORMAN
September 6 2002
The staples of criminal investigations are well-recognized. Fingerprints.
Weapons. Eyewitnesses.
Now detectives are relying on a new tool: cell phones.
Because more than 40% of Americans own mobile phones, law enforcement
personnel see them as a powerful resource in investigations and trials.
Detectives say phone records, from both suspects and victims, can provide
key evidence in murder, robbery, drug and rape cases.
Records of cell phone calls are more useful than those of regular phones
because they not only show what numbers were called and when, but also
reveal the area where the caller was when the call was made. That allows
police and prosecutors to track suspects' movements--sometimes even while a
kidnapping is in progress.
The records also can destroy alibis or attack a suspect's credibility if
his statements contradict the phone data. And murder victims' phone records
can pinpoint when and where they were killed, and connect the victim to the
suspect.
"The sooner we get those records, the better," said Det. Mike Berchem of
the Los Angeles Police Department. "They're invaluable."
He said he has used cell phone records in every one of his investigations
during the last few years, finding suspects, witnesses and accomplices.
"It's hard evidence; it doesn't lie," he said.
High-Profile Cases
Cell phone records have proved important in several high-profile cases,
including the following:
* Prosecutors used David Westerfield's cell phone records to track his
erratic movements in the days after Danielle van Dam disappeared from her
San Diego home. Within 48 hours, Westerfield drove to the desert, the beach
and back to the neighborhood where he and the Van Dams lived. He told
police he was in the desert scouting for places to take his son camping.
Last month, Westerfield was convicted of kidnapping and murdering the
7-year-old girl.
* Alejandro Avila said he was at an Ontario mall when 5-year-old Samantha
Runnion was kidnapped from her Orange County condo complex. But authorities
said his cell phone records showed that he was near where the girl's body
was found, off a mountain road near Lake Elsinore. Avila is awaiting trial
on murder, kidnapping and sexual assault charges.
* The day that LAPD Rampart Division Officer Rafael Perez stole cocaine
from an evidence locker, prosecutors said, he made cell phone calls from
near where the drugs were stolen, including one call to his drug dealer
girlfriend. "It was extremely compelling and significant evidence," said
former prosecutor Richard Rosenthal. Though a jury deadlocked, Perez later
pleaded guilty to cocaine theft and was sentenced to five years in state
prison.
Targeting Accomplices
Cell phones can also be used to connect suspects with their accomplices.
Los Angeles County Deputy Dist. Atty. Craig Hum recalled the case of
Rebecca Cleland, accused of hiring two cousins to kill her 43-year-old
husband, Bruce. Cell phone records showed 11 calls between Cleland and her
cousins in the hours leading up to the murder, including one last call 10
minutes before the shooting.
Cleland said a carjacker had knocked her unconscious. But cell phone
records placed her cousin Alvaro Quezada about a block from the murder
scene, despite his claim that he was at a restaurant 20 miles away. "We
could basically prove that he was lying," Hum said. "Without the cell phone
records, it would have been extremely difficult to convict him."
All three were convicted of first-degree murder in 2000 and sentenced to
life terms without parole.
At trial, phone company representatives are called to explain to jurors how
the data are collected and what the records mean.
Each cell phone sends a distinct signal. When a call is made, the cell
phone signal immediately attaches to the closest cell tower, which
transmits the call. As the caller moves into a different area, the cell
tower hands off the call to a new tower. Each tower handles an average of
150 calls and reaches a half-mile to two miles in urban areas and up to 50
miles in rural areas, said Jim Righeimer, who owns an Orange County company
that leases space for cell towers.
Computers keep data on which tower is being used for calls. If the cell
towers are closely spaced, the data can nearly pinpoint where the caller
was at the time of the call.
Defense attorneys sometimes challenge the evidence because cell phones can
be passed around and often are used by more than one person. Some drug
dealers have beat the system by buying cheap phones, using them for one
transaction and discarding them.
To obtain phone records in criminal cases, law enforcement must get a
search warrant from a judge, who must determine that there is probable
cause to believe the target has committed a crime.
The requests put companies in a tough spot, said Michael Altschul, senior
vice president of the Cellular Telecommunications and Internet Assn. "They
have a legal obligation to be responsive to law enforcement, but on the
other hand, there are privacy expectations of their customers," he said.
As a result, companies will only release records if they have received a
court order, Altschul said. But in kidnapping cases, when every second is
valuable, companies will make exceptions.
Privacy Concerns
The increased use of cell phone records worries privacy advocates.
"We believe that typical users of cell phones have a reasonable expectation
of privacy when it comes to their location," said David Sobel, general
counsel for the nonprofit Electronic Privacy Information Center. "That kind
of collection of information is really uniquely invasive."
Sobel, who studies the privacy implications of new technology, said he also
fears that records will be sought more regularly in civil litigation and
divorce cases.
LAPD Det. Dennis English said that as more people buy cell phones, the
records will become even more important. "They will probably play a greater
role in present and future crime scene investigations because of the
multitude of cell phones out there," he said.
**************************
Federal Computer Week
Army issues FCS requirements
With the recent release of the operational requirements document for the
Future Combat System (FCS), the Army has taken its next step toward
fielding the Objective Force by the end of the decade.
The Army's Training and Doctrine Command issued the FCS document Aug. 30,
and it represents a fundamental shift of where the Army will focus - moving
from conceptual development to materiel solutions - said Lt. Gen. John
Riggs, director of the Objective Force Task Force, speaking Sept. 4 at an
Association of the U.S. Army conference in Falls Church, Va.
The Objective Force will transform the Army's forces to make them better
able to survive an all-out fight. The service's vision for FCS is to create
an integrated information and communications battlespace in information
technology-equipped vehicles that enable soldiers to conduct missions that
include command and control, surveillance and reconnaissance, direct and
indirect fire, and personnel transport.
"The conceptual foundation for FCS and the Objective Force has been
established," Riggs said, adding that the operational requirements document
should be viewed as a "baseline document."
Gen. Eric Shinseki, Army chief of staff, said now that the FCS requirements
are in, it's time for the acquisition community and industry to take the
lead and develop a system to meet those requirements. He added that the FCS
advanced collaborative environment will bring users, in this case soldiers,
to the front of the process and help to shape the product that the
engineers develop from the start.
"The FCS advanced collaborative environment will change what me mean about
shared concepts," Shinseki said. "It will break down walls. ur current
processes are slow and cumbersome, and [this will be] more responsive for
what we have to do."
Col. William Johnson, Objective Force project manager, said the document
takes user requirements and states them in terms of threshold and objective
capabilities.
"The threshold is the 2010 timeframe, and the objective is a point in the
future when the technology and operational concepts mature to the point
where we can add them," Johnson told Federal Computer Week. "We know the
minimum and where we want to go, and we can develop architectures with
growth in mind."
The FCS lead systems integrator team, Boeing Co.'s Space and Communications
Group and Science Applications International Corp., was awarded a $154
million contract in March. In June, the team added eight more companies to
the mix.
Jerry McElwee, vice president and program manager for FCS at Boeing, said
the integrator team "is on schedule to meet the [Army's] milestone decision
point this spring."
Johnson said that the integrator team represented a new way of partnering
with industry for the Army and that the team played a part in developing
the user requirements.
"Now we have an understanding of what the user expects, and we can go
through and analyze the requirements and turn them into performance
specifications for systems," Johnson said. That process will go on through
December, and a systems integration request for proposals is due in January.
Following successful development of performance specifications, the next
phase will be to build prototypes to use for testing, but that will require
funding approval from the Defense Acquisition Board, Johnson said.
Brig. Gen. Donald Schenk, FCS program manager, will seek that funding
approval in the third quarter of fiscal 2003. He said the timeline to have
the first unit equipped and ready for operational tests by 2008, with
initial operational capability in 2010, will require much testing and
evaluation along the way because the Army still doesn't know what FCS will
look like or what its requirements will be.
***************************
Computerworld
After 9/11, cops walk the beat against terrorism
By DAN VERTON
SEPTEMBER 05, 2002
NEW YORK -- Thousands of bridge and tunnel officers and police in New York
are being asked to watch for known or suspected terrorists that may still
be living in the Manhattan area, without any IT support to automate the
process of checking suspects against terrorism watch lists, Computerworld
has learned.
The site of the worst terrorist disaster in history, New York is also home
to some of the most tantalizing targets for future terrorist attacks,
including the United Nations headquarters and Wall Street. In addition, the
Manhattan metropolitan area and its surrounding boroughs are known to be
the location of a high concentration of suspected al-Qaeda sleeper agents,
so called because they enter the U.S. legally or illegally and lay in wait
until they receive orders to carry out attacks.
However, a law enforcement source in Manhattan who requested anonymity said
the lack of IT support for cops on the ground and at the bridges, across
which millions of travelers enter and leave Manhattan daily, has almost
certainly allowed suspected or known terrorists to escape justice.
"Most people that come into Manhattan do so by crossing one of those
bridges in a car," the source said, pointing to the Queensboro Bridge,
which connects Manhattan to Queens. "And people are stopped all the time
who fit the profile of wanted or suspected terrorists. The names and
descriptions of the suspects are then called into headquarters using a
radio, and the desk officer is often forced to check a name that might have
five different aliases against a bulletin board of printed
'be-on-the-lookout' sheets," the source said. "It's a joke."
The joke gets worse, the law enforcement source said, when it comes to
dealing with individuals who present international driver's licenses.
According to state law, foreign nationals who enter the country with
international licenses have 30 days before they must apply for a New York
state driver's license. However, international driver's licenses are
paper-based and can easily be forged, the law enforcement source said.
"So if and when a terrorist is pulled over for speeding, he just shows the
officer his international driver's license, and the officer has no way to
check who he is through the Department of Motor Vehicles," said the source.
"We usually write them a summons for driving without a license and tell
them to have a nice day. Then they change their name on their international
license using a computer, rent a new car and start the process all over
again."
The source also confirmed what other law enforcement officers around the
country are saying: that the FBI and various terrorism task forces aren't
sharing information with bridge and tunnel officers, housing officers or
other cops on the beat in a timely manner.
"The FBI is the central repository of all counterterrorism intelligence,
[contained] in the most archaic database," said Steven Jackson, a
counterterrorism investigator with the Houston Police Department. "However,
they're not disseminating anything.
"The bureau's philosophy is that if there's a problem, we'll come into your
office and tell you what it is," Jackson said at a recent
government-sponsored conference on homeland security. "The bureau doesn't
have the Internet -- they have their own intranet, and they're not in touch."
Jackson's division within the Houston Police Department, which is
responsible for the only area of the country that has all nine critical
infrastructure sectors in one place, as well as the second-largest oil
refinery in the world, was forced on Sept. 16 to build its own database to
log and track hundreds of suspicious-event reports that began coming in
after Sept. 11. Critical industries include banking, chemicals, energy,
transportation, telecommunications, shipping and public health.
"Before that database, it took millions of dollars in man-hours" to find
the "very few" reports that actually pertained to terrorist cells in the
U.S., said Jackson. The FBI "doesn't disseminate analytical and predictive
intelligence reports. That level of information-sharing is no longer
acceptable."
Meanwhile, in May the Boston Police Department completed the deployment of
a new integrated criminal identification system called the Criminal Alien
Identification System (CAIS). It integrates existing databases and
electronic fingerprinting technology and transmits identification
information to a judge prior to a suspect's appearance in court, said
William Casey, Boston's deputy chief of police.
"Prior to electronic fingerprinting, it could take months before the FBI
would get back to us with an identification," said Casey. Now it takes
between 20 minutes and two hours for most identifications to be made, he said.
As an indication of the success of the CAIS system, Boston made more than
3,500 arrests in one 57-day period, including hundreds of individuals who
were subject to deportation or who had overstayed their visas, said Casey.
****************************
Computerworld
Microsoft patches core cryptography interfaces in Windows
By John Fontana, Network World
SEPTEMBER 05, 2002
Microsoft Corp. today released a patch that plugs a security hole in its
cryptography software that allows hackers to use bogus digital certificates
to hijack secure communications and forge digital signatures.
The hole, discovered early last month by an independent researcher, is in
the Windows Cryptography API (CryptoAPI), which provides the operating
system framework that programs use to obtain cryptographic services. The
CryptoAPI provides support for encryption, decryption, digital certificate
handling and other tasks.
"This is one of those things where you will have to touch every machine [to
apply the fix]," said Russ Cooper, editor of the NT BugTraq Web site and
surgeon general at TruSecure Corp. in Herndon, Va.
The patch applies to multiple versions of the Windows operating system and
three programs for the Macintosh: Office, Internet Explorer and Outlook
Express. The affected versions of the operating system include Windows 98,
98 Second Edition, Me, NT 4.0, NT 4.0 Terminal Server Edition, 2000 and XP.
Since exploit code has already been published, Microsoft is releasing
versions of the patch as they are completed, so all the patches for all of
the affected software aren't yet available. The patches currently available
are for Windows NT 4.0 and XP. The fix has been listed as "critical."
The problem is that the CryptoAPI doesn't check a "basic constraints"
parameter within a digital certificate used to validate digital certificate
chains, the hierarchy of trust that cascades from top-level certificate
authorities such as VeriSign Inc. That means bogus certificates can be
created and used as trusted certificates without being detected by
Microsoft software.
The bogus certificates can be used to support a variety of attacks commonly
known as "man-in-the-middle" attacks.
The bogus certificates could be used to verify the identity of the sender
of an e-mail or the identity of a server. They also could be used to hijack
IPsec sessions, spoof certificate-based authentication systems or digitally
sign malicious code using Microsoft's Authenticode technology to trick
users into believing the code came from a trusted source. Microsoft says
the attacks require a high level of sophistication to be carried out, but
critics contend that the attacks are possible.
"These man-in-the-middle attacks work best locally where you can lodge
yourself on the wire, or if you are one hop away on the network," said
Eugene Schultz, principal engineer at Lawrence Berkeley National Laboratory
in Berkeley, Calif. "It's gets a lot harder when there are many hops. It is
a timing issue."
Last month, independent researcher Mike Benham discovered that Internet
Explorer, which uses the CryptoAPI to validate certificate chains, was
susceptible to attack by hackers who could forge digital certificates,
hijack connections secured by the Secure Sockets Layer protocol and
intercept data.
This week, Benham provided proof that Outlook's Secure/Multipurpose
Internet Mail Extensions, a standard for secure mail created by the
Internet Engineering Task Force, is susceptible to the flaw. The Outlook
attack lets hackers create a phony security certificate that can be used to
digitally sign e-mail. When a user of Outlook opens the mail, the software
doesn't check the validity of the certificate and presents the e-mail as a
digitally signed communication.
CryptoAPI is also used by many third-party applications to provide security
services for their programs. Any that use digital certificate validation
are exposed to the vulnerability, according to Microsoft.
A plug-in for Outlook called MailSecure has already been found vulnerable.
The product was originally marketed by Baltimore Technologies PLC but was
sold earlier this year to SecureNet Ltd., an Australian security software
vendor.
**************************
USA Today
VeriSign adopts new e-commerce anti-fraud system
SAN FRANCISCO (AP) - Online payment processor VeriSign has embraced an
anti-fraud system that promises to decrease merchants' losses from stolen
credit cards but could increase the checkout time for Internet shoppers.
Mountain View-based VeriSign believes its adoption Wednesday of the credit
card identification system developed by MasterCard will boost e-commerce by
strengthening the protections against credit card fraud.
The proliferation of bogus credit card transactions has dampened the growth
of e-commerce by exposing merchants to substantial losses and unnerving
security-conscious shoppers.
Credit card fraud accounted for $1.2 billion, or just under 2%, of total
online sales of $65 billion last year, according to Gartner Research.
Merchants pay for most of those losses.
To offset the costs of credit card fraud, banks also charge an average fee
of 2.5% for online transactions compared with 1.5% for in-store purchases,
Gartner said.
The MasterCard system - called a "Universal Cardholder Authentication
Field" - depends on a technology that enables merchants to verify online
shoppers are using credit cards that actually belong to them.
The system verifies cardholders' identities through a special password that
serves as the equivalent of a signed receipt issued in a brick-and-mortar
transaction.
VeriSign's endorsement is significant because it processes about one in
every four online transactions in the United States. About 75,000 merchants
that accept MasterCard use VeriSign to process online transactions.
Merchants have had to buy special software to use MasterCard's anti-fraud
system. VeriSign is removing that hurdle by installing the technology on a
common gateway that will open in November.
"We think this is a major step forward to building greater trust in
commerce on the Internet," said Barry McCarthy, general manager of
VeriSign's payment services.
VeriSign wouldn't say whether it planned to raise its processing fees under
the new program. The company reported losses of $4.8 billion while taking
in $645 million during the first half of this year.
Purchase, N.Y.-based MasterCard is providing merchants with a powerful
incentive to sign up for the anti-fraud program.
Merchants who verify transactions through the anti-fraud system won't have
to pay for any losses should the transaction turn out to be illegitimate.
The liability instead will fall on the credit card issuer, an about-face
from the rules governing most online transactions.
The MasterCard system and a similar program developed by Visa requires
banks to issue special passwords to consumers, a concept likely to draw
mixed reactions, said e-commerce analyst Avivah Litan of Gartner Research.
Survey after survey shows many consumers remain reluctant to shop online
because they fear their credit card account numbers will be heisted.
At the same time, surveys also have shown that consumers want to check out
of online stores as quickly and easily as possible, a process that could
become more cumbersome if additional security measures require shoppers to
enter additional data.
"There are still a lot of barriers to overcome," Litan said. "You would
think people wouldn't mind putting in another (password), but if they
become frustrated, they might just go shop somewhere else."
The familiarity of automated teller machines should help most consumers
quickly adapt to payment security systems requiring passwords for online
credit card transactions, predicted Stephen Orfei, MasterCard's senior vice
president of e-commerce.
"We believe this will open up the Internet and help it deliver on its full
potential," Orfei said.
***************************
San Francisco Chronicle
New front opens in war on spam
Consumer groups lean on FTC
Facing dim prospects for a tough federal anti-spam law, three consumer
groups asked the Federal Trade Commission Wednesday to crack down on junk
e- mail by broadening the definition of "deceptive" messages, which the
agency is already authorized to stop.
The groups want the FTC to punish e-mailers who misrepresent who they are
or what the message is about, or who make it difficult for recipients to
get off their mailing lists. The proposal comes as the ever-increasing
volume of spam has both consumers and corporations concerned.
The FTC said it would review the petition, submitted by San Francisco's
Consumer Action, and the Telecommunications Research and Action Center and
the National Consumers League, both in Washington, D.C. But the agency
doesn't yet know whether it will go along with the suggestion, said FTC
staff attorney Brian Huseman.
The FTC has already brought numerous cases against spammers in the past
year, but the agency has so far limited itself to attacking junk mailers
whose messages contain fraudulent offers, like pyramid schemes.
"We've focused on deceptive content of the e-mail, because most of that is
what causes economic and other harm to consumers," said Huseman.
While this initiative wouldn't completely eliminate spam, it's an
attainable step that would reduce the problem, said Ken McEldowney,
executive director of Consumer Action.
"Legislation has been tied up in Congress for three years. What's needed is
some really quick action," he said.
Some corporations, and the Direct Marketing Association, have opposed a law
banning unsolicited e-mail. The DMA could not be reached for comment
Wednesday.
An analyst at a libertarian think tank, the Cato Institute, said the
proposed rule would threaten free speech.
"There is a place in our society for certain types of unsolicited
communications," said Adam Thierer, Cato's director of telecommunications
studies. "Commercial speech does deserve some free speech protection."
The consumer groups also launched a Web site Wednesday, banthespam.com,
where people can submit complaints about how spam has affected them,
whether by wasting their time or subjecting their children to nasty come-ons.
The groups plan to submit these testimonies -- with the senders' permission
-- to the FTC as evidence that spam is harming people. The Web site has
already received 350 testimonies, said Telecommunications Research and
Action Center Chairman Samuel A. Simon.
However, in an embarrassing glitch on the site, users who clicked on a
button stating they did not want to receive future e-mails from the group
were told, in fact, that they would be getting e-mail news updates.
After the Associated Press pointed out that the anti-spam group was
effectively promising to spam people, the site was corrected within 20
minutes,
Simon said.
"No e-mail went out to anybody," he said.
SPAM TO BAN
Consumer groups want the FTC to ban an e-mail message as deceptive if it:
-- Misrepresents the sender. For example, an e-mail would be banned if it
has fake routing information on top that makes it seem to come from
somewhere it didn't.
-- Misrepresents the content of the e-mail. For instance, if an e-mail is
labeled "your password" and it contains a link to a pornographic site that
you have not registered for, it could be banned.
-- Fails to provide reliable contact information. Often, unsolicited
messages are sent from e-mail addresses that are inactive by the time
recipients reply to them.
-- Fails to provide a reliable opt-out system. Many spam messages contain a
link that will supposely let you get off the mailing list, but an FTC
investigation found that two-thirds of these links don't work at all.
-- Is sent to someone who opted out or resigned from sender's list.
E-mail Carrie Kirby at ckirby@xxxxxxxxxxxxxxxx
****************************
Guardian [UK]
Engine trouble
In the mid 1990s, two Stanford university dropouts dreamed up a search
engine with a unique cataloguing system. Now Google is the biggest on the
web. But not everyone is a fan - some say it unfairly favours certain
websites. The latest critic is China, which has blocked it completely
Oliver Burkeman
Thursday September 5, 2002
The Guardian
Repressive regimes fear little so much as mockery and derision, and so
maybe the Chinese government's apparent decision this week to block the
internet search engine Google had something to do with the 14th result it
throws up when you search for the name of that country's president. It is
an interactive, animated game called Slap The Evil Dictator Jiang Zemin,
and for China's 46 million internet users, it just became a little harder
to track down.
With an important congress of the Chinese communist party scheduled for
November, Beijing's crackdown on dissent - and especially on the banned and
persecuted spiritual movement, Falun Gong - hardly came as a surprise. But
targeting Google did. The company released a statement explaining that it
was "currently... working with Chinese authorities to resolve the issue".
It was phrased in the bland language of international diplomacy, but it
failed to address the most obvious question: what was a search engine doing
conducting international diplomacy in the first place? And how, exactly,
did a Californian firm founded by a couple of university dropouts, using
old doors for office furniture, wind up striking panic into the core of an
authoritarian world power?
The answer is not immediately clear to those who visit Google's
headquarters in the Silicon Valley city of Mountain View. Everything about
it is a near-perfect incarnation of new-economy stereotypes: the
multi-coloured rubber exercise balls rolling around the floor, the table
football and the video games, the plentiful bagels and smoothies, the
massage room, the roller-hockey games in the car park and the food cooked
by the Grateful Dead's former chef. Famously, a scrolling display in the
reception area is updated, second by second, with phrases that users are
searching - "Googling" - for. The office even has the required
cute-but-also-nerdy nickname, the Googleplex. For an internet company in
late 2002, there is only one really strange thing about it. It's still there.
The internet bubble may be an embarrassing memory today, but Google - which
started out as just as speculatively as any other web firm - has rapidly
achieved monolithic status on the web. Though it has never paid for
advertising, word of mouth has made it, by far, the world's most popular
search engine, with more than 150 million searches a day. Two billion web
pages are indexed on its servers, and users can search in 66 languages.
Former competitors - AltaVista, Yahoo, Lycos, Excite - have fallen by the
wayside, locked in desperate attempts to reinvent themselves. It has
spawned a dedicated, self-appointed watchdog site, Google-watch.org.
Veteran web users nostalgic for the old, pre-commercial days of the
internet love its spare, white search screen and its refusal to follow its
rivals by branching out into lonely hearts adverts, or travel services, or
online car dealerships. And yet, simultaneously, it makes plenty of money -
it pulled in an estimated $65m last year, in advertising and in selling its
searches to other websites, including AOL. "There is this core techie
audience, and they love what the web used to be, and they like Google
because it's clean and fast," says Danny Sullivan, proprietor of the
respected news website SearchEngineWatch.com. "But I suspect that the
majority don't go there because it's fun. They go there because it gives
them the answers that they're looking for."
Like the recipe for Coca-Cola, the precise mathematical formulas that
Google uses to sort and sift through the billions of pages on the web -
most of them profoundly irrelevant to anyone searching for any of the words
they contain - are jealously guarded secrets, but the basic principle is
not. It came to the company's founders, Larry Page and Sergey Brin, when
they were computer science students at Stanford University in the mid-90s:
instead of just cataloguing web pages according to the number of times that
a word or phrase appears on them, Google ranks pages depending on how many
other pages on the web link to them.
"Google interprets a link from page A to page B as a vote, by page A, for
page B," the company says. "But Google looks at more than the sheer volume
of votes, or links that a page receives: it also analyses the page that
casts the vote. Votes cast by pages that are themselves 'important' weigh
more heavily and help to make other pages 'important'." It is a "uniquely
democratic" method, Google claims, making it easiest to find pages other
people have declared worth finding.
Andy Bechtolsheim, a founder of the software giant Sun Microsystems, was
impressed. "We met him very early one morning on the porch of a Stanford
faculty member's home in Palo Alto," Brin recalls. "We gave him a quick
demo. He had to run off somewhere, so he said, instead of us discussing all
the details, why don't I just write you a cheque? It was made out to Google
Inc, and was for $100,000."
The legendary science-fiction writer H G Wells spent much of 1937
travelling around the United States and Australia promoting a scheme that
was pretty eccentric even by his accommodating standards. His "World
Brain", he told lecture halls filled with thousands of people, would be an
utterly new kind of organisation - a "social organ", he called it - that
would be nothing less than a vast repository containing every piece of
knowledge in the world. The details were a bit vague, but in short, the
World Brain, freely accessible to everyone, would eliminate the ignorance
that sustains tyranny and thus liberates humanity.
"It is only [in] such a permanent organisation of knowledge, systematically
assembled," he wrote, "continually extended and renewed and made freely and
easily accessible to everyone, that there is the slightest hope of our
species meeting the serried challenges of destiny that are advancing upon
it." The audience response was good, but nothing practical happened. Until
Google, anyway.
Google knows things. Not only does it index more of the web than any of its
competitors, offering makeshift translations of pages between languages -
it remembers, too. The company archives millions of web pages on its own
computers, giving them a life beyond their creators, which provides another
potential motive for the Chinese block: even if the computer hosting a
Falun Gong website is seized and destroyed, the page persists in Google's
collective memory. In 2001, Google bought the rights to thousands of old
postings on the Usenet system on online message boards. They are now
catalogued on its database, and your past obsessions with Dungeons and
Dragons or ornithology cannot be erased. For a while in the late 1990s, the
practice of running searches on potential romantic dates became known as
"Googling".
As it has grown, the site has harnessed its searching formulas to develop
other skills that can seem almost sinister. Type in a person's name and a
US city, and Google will assume that you might want a phone number, so it
will search its directory of phonebooks. Go to labs.google.com /sets, and
enter two or three items in a list - "orange, banana, pineapple", say - and
it will come up with tens of other items: "apple, strawberry, grape..."
without being told that you are looking for fruit. During the last US
presidential campaign, the first result in a search on the words "dumb
motherfucker" was an online store of pro-Bush merchandise, but that was a
mistake.
As the engine has become celebrated for taking users directly to the
information they want, though, a question has emerged in the minds of
internet entrepreneurs who are no longer the recipients of millions of easy
dollars: could it be manipulated for much-needed profit? One of Google's
advantages has always been its refusal to sell placements in its rankings
to the highest bidder, but the PageRank system, some argue, has its
loopholes. Because Google measures how many pages link to a site, what if
you set up thousands of web pages solely for the purpose of linking to one
commercial site?
Some have accused Bob Massa, proprietor of a "search optimisation" service
called Searchking, of doing just that. "All I want is for webmasters with
small sites to get rewarded fairly," he says. "This is a chance to see that
those guys get visitors and put up good content. Google wants good content.
I can't see any problem."
Others have criticised Google for caving in too swiftly to threats from the
likes of the Church of Scientology, which demanded that it remove from its
index links to an anti-Scientology website, Operation Clambake
(www.xenu.net). The Scientologists said the site was breaching copyright.
(Operation Clambake suspects that the organisation is more worried by its
publishing of what it says is a secret document known only to senior
Scientologists, in which founder L Ron Hubbard is said to describe how an
alien galactic ruler called Xenu is the root of all human woe.) Now, where
links have been removed, Google appends a note informing searchers that
some results are missing.
Daniel Brandt, who runs Google-watch.org, argues strenuously that Google's
"crawlers" - software which creeps daily through the web to monitor and
catalogue new and changing websites - are prejudiced in favour of larger
sites, and that Google is now so powerful that it should be regulated like
a public utility company. (He has a vested interest: his own political
site, at www.pir.org, shows up poorly in Google searches.) Still others
allege that Google has given low page-rankings to those it wishes to
persuade to buy advertising, a charge the company denies.
"There is this obsession with Google now," says Danny Sullivan, at
SearchEngineWatch. "But you can go to other sites - to Teoma.com, to
Alltheweb.com - and you can get similar results. Google is a leading way to
search, but its competitors are not dogs. They can connect people to
subversive information in China just as well as Google can." Or maybe even
better, depending on what you're looking for. On Alltheweb.com, Slap The
Evil Dictator Jiang Zemin comes out fifth.
****************************
News Factor
Spam Versus Technology: The Battle Rages On
Unsolicited e-mail, called spam, has permeated in-boxes so thoroughly that
efforts to stop the flow have become extreme. The U.S. Congress has hotly
debated measures to alleviate the burden of overstuffed digital mailboxes,
and software makers are scrambling to churn out newer, sharper products for
stemming the influx. Still, spam seems to persist with all the resilience
of a plague of mosquitoes. Are those who yearn for a spam-free existence
ever likely to see their wish granted? Unfortunately, say some analysts,
the answer may be a resounding no.
http://www.newsfactor.com/perl/story/19319.html
*****************************
News.com
File-name flaw threatens PGP users
By Robert Lemos
Staff Writer, CNET News.com
September 5, 2002, 5:07 PM PT
For more than a decade, the United States government classified encryption
technology as a weapon. Now that label might actually apply.
Security-consulting firm Foundstone said Thursday that e-mail messages
encrypted with the Pretty Good Privacy program can be used as digital
bullets to attack and take control of a victim's computer.
Because of a flaw in the way PGP handles long file names in an encrypted
archive, an attacker could "take control of the recipient's computer,
elevating his or her privileges on the organization's network," Foundstone
said in an advisory.
The company classified the vulnerability as a high risk "due to the
trusting nature of encrypted attachments in e-mail, its relative ease of
exploitation and the large amount of corporations and military and
government agencies that rely on PGP encryption for secure communication."
The flaw affects PGP Corporate Edition 7.1.0 and 7.1.1. Software maker
Network Associates has posted a patch on its site. The company recently
sold all PGP assets to a start-up, PGP Corp., but appears to still be
providing support for the program. Neither company could be reached for
comment.
The flaw occurs in the way PGP handles long file names in encrypted
archives, Network Associates said on its site. PGP runs into problems when
it tries to encrypt or decrypt files that have names longer than 200
characters. When PGP attempts to decrypt the files, a buffer overflow
causes it to crash.
The long file names aren't readily apparent to a recipient of such an
e-mail, said Foundstone CEO George Kurtz.
"It is just like a ZIP file," Kurtz said. "You can name a file with eight
characters, but archived in the file are several other (files) with long
file names."
The danger, Kurtz said, is that the flaw could be used to attack users who
have the most to protect. "Most users of PGP have some level of security
sophistication. It makes it that much more of a high-level attack," Kurtz
said. An attacker could "obtain that very valuable information that was
meant to be protected by encryption."
The flaw is unrelated to another theoretical vulnerability discussed by
security experts last month. Exploiting that flaw, someone could fool the
sender of a PGP-encrypted e-mail into decoding their own message. Unlike
the current flaw, that vulnerability wouldn't give the attacker control of
a computer.
The current vulnerability resembles another flaw in the PGP plug-in for
Outlook, found in early July.
****************************
Euromedia.net
Brussels seeks bidders for running EU domain
04/09/2002 Editor: Cathy O'Sullivan
The European Commission is looking for an organisation to run its .eu
domain name, which Brussels hopes to create for companies and individuals
in EU member states.
The Commission, this week, called for submissions from organisations
interested in running the domain. To be considered, applicants have to be
non-profit organisations incorporated under the laws of one of the EU's
member states. The deadline for applications of interest is October 25.
Applicants will be selected based on a number of factors including quality
of service, human and technical resources, financial stability, and the
increase of market competition. They will be required to charge fees based
on costs, and provide mechanisms for other companies to become .eu-accredited.
Plans in for the launch of the .eu domain, will first have to be approved
by the global internet address authority , ICANN.
*********************
Sydney Morning Herald
PBS censors its own site
September 6 2002
The US Public Broadcasting Service has censored information on its website
connected to a documentary it is airing in connection with the fallout of
the September 11 attacks. The documentary deals with the predicament
Arab-Americans found themselves in after the attacks.
The material, which comprised part of a companion Web site to the TV
program "Caught in the Crossfire: Arab-Americans in Wartime", was removed
following criticism of the PBS Web site in the New York Sun though it is
unclear if this was cause and effect.
The site has the following sections: The Story, The People, Their
Homelands, Arab Anmericans, After 9/11 Stories, Talkback, The Filmmakers,
Resources and Broadcast. All information in the Their Homelands section has
been removed with the following replacing it:
"The purpose of this Web site is to be a companion piece to CAUGHT IN THE
CROSSFIRE: Arab Americans in Wartime, a documentary which looks at the
lives of three Arab Americans living in New York City following the events
of September 11.
The "Homelands" section of the site drew attention away from the message of
the film. Our goal was to provide background information that
contextualized the cultural histories of the people whose lives are
chronicled in the film. In an effort to keep the focus on the current
experience of Arab Americans, we have removed that section of the site."
The New York Sun report on the PBS Web site on September 3 quoted "Israelis
and American Jewish groups" as lambasting PBS "for offering an inaccurate
and one-sided history of the Arab-Israeli conflict."
The article had quotes from a number of Israeli and Jewish leaders. No Arab
leader was canvassed for his or her comments.
*************************
New Zealand Herald
No silver bullet against piracy
By PETER GRIFFIN
September 3, 2002
Microsoft's project to better secure the desktop and server with a hybrid
of software and hardware has been given the stamp of approval by Intel. But
the chip-maker warns the recording industry that technology alone will not
stamp out rampant digital piracy.
Both Intel and AMD are understood to be developing new versions of their
X86 chipsets to support Palladium - Microsoft's scheme to build security
functions into the architecture of the PC.
Palladium would allow for new computer chips and software to encrypt the
data on a PC's hard drive, making it less susceptible to hacking, viruses
and copyright abuse.
A software component built by Microsoft works in conjunction with the
computer's processor to encrypt information so that it is unreadable if
moved to another computer without authorisation.
Intel's Craig Barrett said PC users wanted to get to the stage where the
internet could be used for any trusted communication or application and
Palladium would make progress towards that.
But Palladium was not a "cure-all" for digital piracy, which has
proliferated with peer-to-peer (P2P) file sharing networks and is costing
the recording industry dearly in lost revenue.
"The [recording industry] is looking at our industry with the hope that
we're going to give them the silver bullet to solve all those issues," said
Barrett.
"But the solution is far beyond security technology, it's about creating
viable business models [for online content services], cracking down on
piracy and educating consumers."
The major studios in the music and film industries would have to adopt
these models for Palladium to be effective in digital rights management,
said Barrett.
While Palladium has no firm date for release, Microsoft believes it could
be incorporated into PCs across the board, allowing everything from the
decrypting of songs downloaded to your hard drive to the blocking of spam
email and viruses.
Palladium's critics have responded with horror scenarios the technology
could make possible. A popular one is the US Government being able to
switch off other countries' computers remotely.
Some fear the hardware technology could prevent Microsoft's competitors
from running their software on a Palladium-enabled machine - a scenario
that Microsoft strongly rejects.
*************************
Sunspot.net
Hatfill was fired after LSU got e-mail from Justice Dept.
University denies a link to cease-desist message
WASHINGTON - Dr. Steven J. Hatfill's firing from Louisiana State University
came after the Justice Department told the school it could not use him on
projects funded by grants from the agency, which has called Hatfill a
"person of interest" in the anthrax attacks.
Hatfill's supervisor, Steven Guillot, received an e-mail Aug. 1 directing
him to "cease and desist" from using Hatfill on the projects, LSU spokesman
Gene Sands said yesterday.
The next day, Hatfill was placed on administrative leave as director of
LSU's National Center for Biomedical Research and Training. The center
receives most of its money from the Justice Department.
Sands said Guillot did not alert senior administration officials to the
e-mail until Tuesday, when Hatfill was fired by the university. Sands said
the decision to put Hatfill on administrative leave and later fire him was
not connected to the e-mail.
Justice Department officials declined comment on the e-mail, though a law
enforcement official confirmed it was sent.
LSU Chancellor Mark A. Emmert did not mention the e-mail in a statement
Tuesday announcing Hatfill's firing. That statement referred to the ability
of the university to "maintain its academic integrity," a possible
reference to Hatfill's past claims to have a Ph.D. he never earned.
Pat Clawson, Hatfill's spokesman, said Hatfill learned of the Justice
Department e-mail yesterday. Clawson said Hatfill's attorneys have filed
Freedom of Information Act requests seeking information on the e-mail.
***************************
Earthweb.com
Bush Administration to Call for Privacy Czar
By Thor Olavsrud
The Bush administration is expected to recommend the appointment of a
federal "privacy czar" as part of its forthcoming National Strategy for
Securing Cyberspace (NSSC), according to an eWeek report.
The NSSC is part and parcel of the Homeland Security bill Congress is
scheduled to begin debating this week, and is expected to come under fire
for proposals that largely expand the government's electronic surveillance
capabilities, including the establishment of a centralized facility that
would collect and examine data traffic for security threats.
The decision to promote the creation of a federal chief privacy officer is
intended to help deflect some of that criticism, according to eWeek. The
privacy czar, who would be assigned to the proposed Department of Homeland
Security, would be charged with vetting all government data gathering and
security initiatives for potential privacy issues. The czar would oversee a
privacy advocate posted to each federal agency. Those advocates, in turn,
would be responsible for an annual review of each agency's compliance.
The draft plan calls for the advocates and privacy czar to collaborate with
a national advisory group to "ensure broad input into, and consideration
of, privacy issues in implementing the national strategy to achieve
solutions that protect privacy while enhancing network and host security."
At the same time, the plan also calls on the government to find ways to get
members of the private sector to beef up their privacy protections without
resorting to legislation.
**************************
Spectrum Online
Feds Online
New FBI computers promise access, but will they be mole-proof?
Some day, surely, historians looking back on this era in intelligence will
divide their subject into pre- and post-9/11. But before-and-after changes
do not come swiftly to sprawling bureaucracies, even when their business is
spying. So the dividing line, like so much about this shadowy world, will
be murky.
The terrorist attacks exposed troubling shortfalls at U.S. intelligence
agencies. Many of the most fundamental problems have nothing to do with
technology; too few case officers and spies work in Islamic countries of
concern, for example, and too few analysts and linguists have expertise in
the languages and cultures of southwest Asia.
But big technology-related problems were also exposed, such as the
inability of the National Security Agency (NSA) to process promptly the
immense flood of communications it intercepts every day and the woefully
antiquated computer systems of the Federal Bureau of Investigation (FBI).
The inadequacy of the FBI's computers is linked to another basic weakness:
too little cooperation and data sharing among intelligence agencies, such
as the FBI, the Central Intelligence Agency (CIA), and the NSA.
If intelligence organizations fail to fill in these gaps, it won't be for
lack of funds. The total U.S. intelligence budget, which is always secret
and yet always somehow widely known, jumped from $30 billion in 2001 to
about $33 billion this year and is expected to reach $35 billion next year.
Finding fanatics
One of the biggest initiatives in the proposed 2003 federal budget is
almost $1 billion for the NSA to extend and improve its powerful
computer-based systems, which analyze transcripts of intercepts, look for
certain words or phrases, and automatically route any hits to prespecified
intelligence agencies in the United States or abroad. At issue are two
telephone conversations on 10 September that the NSA reportedly
intercepted. In one, a militant is heard saying "the match begins
tomorrow." In the other, an operative says "tomorrow is zero day."
Transcripts of the conversations were not translated and distributed until
12 September, accounts said.
Granted, the conversations were too vague to have given officials any idea
of what exactly was about to happen. Yet the intercepts might have been
more enlightening if analysts could have seen them in context with the many
other related bits and pieces of information that had been gathered by
other agencies.
For the FBI's part, its problematic computer systems and networks run
primitive proprietary software, have no multimedia capabilities whatsoever,
lack secure connection to networks at other government agencies (or even
within the FBI), and do not give even FBI insiders easy access to all the
files on a particular case.
Coming: the "virtual case file"
According to Robert M. Blitzer, a former chief of the FBI's domestic
terrorism and counterterrorism planning sections, the bureau is still
getting used to the idea of computer-based recordkeeping. The centerpiece
of its current investigative recordkeeping system is the seven-year-old,
mainframe-based Automated Case Support (ACS) system. An internal U.S.
Justice Department review earlier this year led by William H. Webster, who
at different times led both the FBI and the CIA, found that one of the few
fans of ACS was the spy and computer whiz Robert Hanssen. He trolled the
system for classified information to sell his Soviet handler and even
searched ACS for evidence that the bureau had discovered his perfidy.
The FBI is in the midst of a $379 million upgrade of its information
technology (IT) systems, now scheduled to be finished by the end of this
year. The project, called Trilogy, encompasses not only the bureau's
computers and software, but also its networks. Trilogy aims to shift the
bureau from a hodgepodge of proprietary, mainframe-based systems to a
Web-based one that will provide secure connections to the FBI's 500
facilities worldwide. ACS is to be replaced with a "virtual case file" that
will let agents store and retrieve text files as well as images, sound
bites, and other multimedia data.
Testifying before Congress on 6 March, the FBI's director, Robert S.
Mueller III, described several huge IT projects. One will install systems
that will let the FBI securely share data with other intelligence and law
enforcement organizations. Another project will set up the bureau's
first-ever system to let its own agents e-mail each other securely.
Although the Trilogy program is still months away from completion, Justice
Department investigators who were assessing the Hanssen fiasco have already
criticized it on security grounds. "Given the FBI's current computer
security posture, the present course is problematic; even the very rush to
complete the upgrade project could enable a compromised insider to
introduce holes in the system that could be exploited later," said the
commission.
Clearly, the FBI is struggling with one of the hard truths of the
intelligence business: the more widely you share sensitive data, the more
likely it is to do some good-and the more likely it is to fall into the
wrong hands.
***************************
Spectrum Online
Who Goes There?
High-tech personal identity systems make us more secure than a year ago,
but not by much
Just a few years ago, getting to work involved a nod to someone in the
building lobby or a wave to an office receptionist. Today, those friendly
greetings have been replaced in many offices by smart cards.
Soon the use of smart cards at these sites is expected to make way for
biometric identifiers: handprints, fingerprints, eye scans, or
face-recognition signatures. On the way to work, too, one's face or car may
be scanned or photographed at traffic signals, bank machines, shopping
malls, parks, and sidewalks.
The past year has been a busy one for identity systems and biometrics-based
security. An initial surge of interest, support, activity, and even funding
has given way to harder looks at whether cutting-edge systems, especially
for face recognition, are ready for prime time. It turns out they are not.
And second thoughts about the potential loss of privacy abound.
A good example-of both the initial interest and the second thoughts-is the
creation of national ID cards in the United States, an idea long rejected
by citizens and legislators alike. In the weeks after 9/11, many people,
including noted Harvard University law professor, civil liberties lawyer,
and activist Alan Dershowitz, were newly ready to favor security over
privacy. Jumping on the bandwagon, Oracle Corp. CEO Larry Ellison proposed
a national ID database-accompanied by an offer to contribute his company's
flagship software for free-but the idea struck many as a self-serving,
the-razors-are-free-but-the-blades-are-gonna-cost-ya idea, and was rejected.
Nevertheless, standards were soon proposed for state driver's licenses that
would be machine-readable and include biometric data and space for other
digitized personal data. Corollary proposals calling for states to share
information with each other and the federal government would yield licenses
that have all the qualities of a national card.
The threats to privacy do not stem just from the government. For example,
boarding a subway or shopping at a supermarket has traditionally been a
relatively anonymous activity. But, according to one newspaper account,
soon after 9/11, an employee at an unnamed U.S. grocery chain supplied law
enforcement authorities with customer databases built from
preferred-customer-card shopping activity. With standardized smart card
driver's licenses containing nongovernmental identification information, it
could be even easier to track people through their commercial transactions.
What's more, combining hitherto separate identity systems could maximize
the potential harm of identity theft.
Many countries already have national IDs in one form or another, and others
are adding them. In Japan, an 11-digit numeric code for residents,
established in 1999, is the cornerstone of a new, highly controversial,
smart card-based ID system, using software from Microsoft and Oracle and
hardware from NTT, Fujitsu, Hitachi, IBM Japan, and others. The absence of
privacy laws governing the system has provoked rare-for-Japan civil
disobedience, and several cities have opted out of the program entirely.
Less contentiously, Australia began a trial program to incorporate
biometric data in passports.
As methods of identification, however, biometric technologies are still
immature, and one, face recognition, has been especially disappointing. In
a test this spring of a leading system, that of Jersey City, N.J.based
Visionics Corp. (now merged with Identix Inc., Minnetonka, Minn.), over
half the faces in a mock terrorist database used at the Palm Beach (Fla.)
International Airport were let through unflagged, while one person in every
hundred to pass through the system was falsely labeled "terrorist."
Older, but not wiser
Older ID and document systems have their own problems. Credit card theft is
a perennial, and apparently growing, problem. Even smart credit cards, such
as the American Express Blue card, can be hacked, as two researchers in the
United Kingdom recently proved. And in New Jersey, an investigation by the
Bergen County Record found that, among other things, security failings
allow driver's licenses to be issued despite the presentation of inadequate
identifying documents. New Jersey was home to at least four of the 11
September hijackers, two of whom reportedly had valid state driver's licenses.
Even with valid documents, problems arise. In recent years, the U.S. Social
Security Administration routinely issued tens of thousands of Social
Security numbers to noncitizens who presented insufficient or counterfeit
identification.
Adding biometric information to driver's licenses may not be enough.
Researchers at Yokohama National University in Japan have found they were
able to replicate fingerprints with a cheap artificial "skin." They
photographed a fingerprint left on a drinking glass, enhanced it with
photo-editing software, and then used a photosensitive sheet to transfer it
three-dimensionally to a sheet of copper. From there they could move the
image onto a highly elastic food-based gelatin. The fingerprint was
recognized by a variety of security systems about 80 percent of the time.
That may be more work than is really needed. A recent book by three German
researchers told how they defeated a fingerprint scanning system by
breathing "gently upon the sensor's surface." They reported that on the
screen of the biometrically protected computer, "we were able to see the
contours of an old fingerprint slowly reemerge." In all, the team tested 11
biometric security systems and, by a variety of means, defeated each of them.
***************************
Boston Globe
Scientists join war on terror
New chemical, biological threats spur nation's top minds
By Gareth Cook , Globe Staff, 9/6/2002
LOS ALAMOS, N.M. - As the world fell apart more than half a century ago, a
group of scientists was summoned to this remote outpost, tucked against a
chain of long dormant volcanoes in the New Mexico desert.
The scientists watched as Hitler assaulted London with frighteningly
advanced rockets. They knew he was also working on a bomb fueled by the
power of the atom, and they understood the profound consequences - the end
of the Western democracies - should he succeed before they did.
Now the great minds are being called, once again, to battle. Deeply aware
that new scientific ideas - from radar to the atomic bomb - gave America a
crucial edge in World War II, scientists at the Los Alamos National
Laboratory and across the country are working on weapons for the war
against terrorism. And for those who have thought deepest about the march
of technology, the mission is as urgent as the Manhattan Project.
''People here really believed that one day they would pick up the paper and
read that London was gone,'' said Terry Hawkins, a top scientist at the
lab. ''Today it is the same sort of thing. I have come to believe we are in
this race, and the only certainty is that one side will win and the other
will lose.''
The scientific effort taking shape is utterly different from the Manhattan
Project because the conflict itself is so different. The enemy today is
exceedingly difficult to locate or identify. His means of attack are
unknown. The front lines are ephemeral - one day it could be a ridge in
Afghanistan, the next an emergency room in Tulsa, Okla.
The world felt uncomfortably small when German V-2 rockets raced over the
English Channel to explode in downtown London, yet that generation could
not have imagined how interdependent the modern world would become, with
fears of such dangers as computer viruses and genetically engineered
plagues. Terrorists see potential weapons in every fixture of the modern
world, from running water to subways to electronic banking.
''These are the conveniences of the information-rich service economy that
characterize our everyday life today,'' said John Marburger, the
president's science adviser. ''But these same systems increase our
vulnerability to terrorism.''
A year after the Sept. 11 attacks, the nation's antiterrorism research
effort is a sprawling, impressive, and in some cases disorganized, affair.
At national labs such as Los Alamos, researchers are accelerating work in
traditional areas such as countermeasures for chemical, biological, and
nuclear weapons. At academic laboratories, scientists are hard at work on a
dizzying array of technologies, some wildly impractical, for an alphabet
soup of government funding agencies. And Congress has authorized a
multibillion dollar initiative to study potential biological agents.
Science is being invigorated by the new attention, and a sense of patriotic
mission that evokes the Apollo program, but some scientists say there are
troubling signs. On campuses, they worry about pressure to classify some
types of research and to limit contact with foreign scientists and
students, moves that could threaten the foundation of academic work. Others
say they are not sure where to go with their ideas. And many say the
government's failure to set up a single coordinating institution for
antiterrorism research could mean that some of the new money will be
squandered.
''It is like drinking out of a fire hose,'' said James Tour, a Rice
University chemist whose research has been sponsored by the defense
establishment and many other government agencies.
Yet step behind the security fences of Los Alamos and there are the
glimmers of scientific progress. On bench tops and in tool shops are new
devices that have captured the public's eye, such as handheld radiation
detectors and automated systems to detect pathogens in the air.
Some of the most important work, though, comes in areas of complex
engineering that the public has hardly considered: tracking disease
outbreaks in real time, finding slivers of data in a flood of intelligence,
understanding the dynamics of an electric power grid that allow the failure
of a single generator to bring the system down.
Data mining
Soon after the first passenger jet slammed into a tower of the World Trade
Center, a satellite began surveying Manhattan's landscape.
As the data streamed, researchers at Los Alamos realized they could use the
images collected by the satellite to test an advanced software package,
called GENIE, built to discern subtle patterns in overwhelming masses of
data. Taking in the chaotic landscape of lower Manhattan, with its long,
dark shadows, the software was able to draw an accurate map of where ash
had fallen across the city, important information when assessing the
environmental damage.
GENIE is part of a largely unpublicized research program, some of it highly
classified, to combat one of the most profound problems posed by the
technological war on terrorism: how to find the vital clues in the vast
seas of information. Called ''data mining,'' the work could use computers
to spot dangerous items in baggage X-rays, monitor streams of suspicious
Internet chat and email, or call attention to emerging intelligence patterns.
In the year since the attacks, it has become clear that the country's
ability to gather information has far outstripped its ability to combine
and analyze it. Several FBI agents in field offices were concerned about
suspicious characters at flight schools, but the agency's computer system
did not allow a search for the term ''flight school'' across field-office
files. The Immigration and Naturalization Service did not have a systematic
way to track those who overstayed their visas. And the National Security
Agency reportedly intercepted messages on Sept. 10 warning of trouble, but
they were not translated in time.
Defending the homeland against diffuse and nearly invisible enemies is a
problem that makes the Cold War - with its concerns about East Bloc tanks
and the positioning of theater nuclear weapons - seem almost quaint.
''We are no longer just interested in the Fulda Gap between East and West
Germany,'' said Steven Brumby, a scientist at Los Alamos working on GENIE.
''Now we are interested in the whole world.''
GENIE uses an ingenious approach called a ''genetic algorithm'' in which a
computer evolves software to solve a problem, the way animals evolve over
eons to adapt to their environment. An analyst points to a place in the
image with a target - ash on the ground, a gun in a piece of carry-on - and
the computer writes hundreds of tiny software programs to see which are
best at picking out the target from the background.
Yet as important as this work is, it would be powerless if the threat is
invisible. When the National Academy of Sciences convened a panel to
determine what science can do to help, one of the most urgent areas
identified was the need for new sensors capable of detecting biological,
chemical, and radiological attacks.
The number of new devices needed is overwhelming: a machine to spot highly
enriched uranium in one of thousands of shipping containers, an alarm that
sounds when anthrax spores hit a building's ductwork.
But the state-of-the-art lags. For example, to detect chemicals, the ''best
broad-spectrum high-sensitivity sensory systems'' are ''trained dogs,'' the
academy reported in June.
Scientists understand how to detect many things, but the challenge now is
to engineer solutions that are automated, reliable, and affordable, said
Thomas Bevan, who coordinates homeland defense research at Georgia Tech.
Bevan is designing promising chips that detect E. coli and salmonella and
is testing them at a poultry factory in Georgia. In a well-equipped lab, it
is easy to pick out salmonella, for example. But Bevan and other
researchers are working to build little machines that won't break down and
won't set off a mass panic at the detection of something harmless.
Shrouding this microscopic world, where many bacteria look alike and an
innocuous chemical trace might look like mustard gas, is the new fog of war.
Defending the infrastructure
Ray Gordon seems as if he would have been at home in any of the great wars
of the last century. A former Green Beret with graying, close-cropped hair,
Gordon spends his spare time riding rodeo bulls, wearing proof of the
hobby's danger in the form of a cast around his shattered lower left leg.
But in his office at the Los Alamos lab, Gordon summons up the battlefield
of the future: a computer-generated map of Florida with a complex web of
electric and gas lines. The two systems depend on each other, with
gas-powered turbines generating electricity in some places, and electricity
powering gas compressors in others. Millions depend on the grid.
''We start taking out components to see what will crash the system,'' said
Gordon, showing the cascade of effects when an electric substation on the
Gulf Coast is taken down in the computer model. ''It is a tightly coupled
system of systems.''
The modern American lifestyle is made possible by a vast, interconnected
network of infrastructure that moves water, power, goods, people, and
information around the country. It is a network so complex that nobody
really understands how it behaves. Everyone knows it is filled 0with
individual vulnerabilities, but nobody knows what might make large swaths
of it freeze up, the way a computer sometimes does.
Gordon, part of the National Infrastructure Simulation and Analysis Center
run in cooperation with Sandia Labs, is working to defend the nation's
infrastructure from surprise attack. But scientists also hope to understand
how the sprawling system works so that they will be better prepared for
other types of attack.
In one simulation, cars move around downtown Portland, Ore., meticulously
modeled down to the level of individual drivers choosing the best way to
get to work. Then a yellow cloud is released near the Willamette River,
representing a cloud of anthrax spores. Exposed people are followed home,
and at the end of the day there is a map, with the hardest hit suburbs
colored crimson.
Such models as these can be used to plan responses, to help guide emergency
workers as they decide strategy, or even to suggest changes in the
infrastructure that would make a crisis easier to handle.
To some, work like this may sound mundane, but it is no more mundane, and
no less important, than keeping a Boeing 777 in the air. Inside a 777 are
hundreds of systems that interact with one another. To make the plane
reliable, Boeing uses an approach known as ''systems engineering,'' which
focuses on how individual pieces - from equipment to training - affect the
system as a whole.
''Inevitably the public becomes enamored with specific devices,'' said
Marburger, the president's science adviser. ''But devices can't work in
isolation.''
What is needed, scientists say, is a searching, constructive paranoia that
propels us to find the weakest links in the country's defenses, no matter
how hum-drum, and strengthen them.
Tour, the Rice University chemist, said he has been stunned at how
difficult this can be to accomplish. The recipes for horrifying nerve
agents are so widely available, on the Internet and elsewhere, that there
is no hope of keeping them out of the hands of terrorists, he said.
The chemicals needed to make them are easy to purchase, a point Tour made
by ordering the ingredients - all on one order form - from a prominent
chemical supplier and having them sent, overnight, to his office. (Total
cost, including overnight shipping: $217.) Tour estimates he could have
made 300 grams of sarin, soman, or cyclosarin and sent thousands of people
twitching to their deaths.
Since his experiment two years ago, he has been trying in vain to persuade
the government to regulate the sale of even small amounts of about 35
chemicals.
''You can never stop everyone, but you can put a roadblock in the obvious
places and hope it stops the villain,'' Tour said. ''I have become so
frustrated that I just don't talk about it as much any more.''
Information proliferation
In July, scientists announced they had created the polio virus from
scratch, using information and materials that are readily available. The
report highlighted one of the greatest vulnerabilities scientists now see
facing society: biological warfare. Although the anthrax attack killed only
a few people, it caused mass disruption, a mere hint of the chaos that
would come with a more successful act. Protecting the nation from
biological attack will be the most active area of antiterrorism research in
the coming years.
Biological weapons represent the extreme case of the new kind of war: a
fight not for territory, but for information. In World War II, there was
never any question whether an attack was underway, but now scientists must
devise ways to pick out subtle clues from the environment that a pathogen
is on the march. Such attacks cannot be defeated with brute force. The
sprawling public health system will need a system to share information and
coordinate their response.
And the threat itself - biological agents, engineered to maximize harm - is
a product of increasing knowledge, and its ready availability on the
Internet. As some scientists think past the immediate threat of terrorism,
it is the unforeseen consequences of this proliferating knowledge that
cause them the most anxiety.
''The long-term threat may not come from people who are motivated, but from
people who are like the computer hackers right now - just doing it because
they can,'' said Murray Wolinsky, a scientist at Los Alamos. ''Twenty or
thirty years from now a small group of people, or an individual, may be
able to jeopardize significant fractions of the world's population.''
Already, in the frustrating investigation into the anthrax attacks,
scientists are finding they are themselves prime suspects, because they
have the knowledge and such direct access to the means. Scientists find
themselves in an awkward position: potential suspect, potential savior.
When Robert Oppenheimer, who directed the atomic bomb project, saw the
searing light from the desert, he paraphrased from the Bhagavad-Gita in a
declaration that is still famous as a warning of technology's spectacular
capability for both good and evil: ''Now I am become death, the destroyer
of worlds.''
Perhaps, some fear, the biotech revolution is releasing a new, even more
powerful genie. Even if, somehow, politicians are able to bring an
unprecedented amount of stability to the world, advances in biological
engineering will make new means of mass destruction available.
It is an era of great hope, promising enormous steps forward from
agriculture to human health. But now it is hard to foresee a time when the
country will not need a dedicated team, some in universities, some
cloistered in a desert lab behind barbed wire, working to contain the worst
that science can devise.
''If we can't get this right,'' said Wolinsky, ''then what good does the
rest of it do?''
Gareth Cook can be reached at cook@xxxxxxxxxx
****************************
Times-Picayune
House lacks worst-case scenario plan
Group looks for ways to replace House members after attack
09/06/02
By Bill Walsh
Washington bureau/The Times-Picayune
WASHINGTON -- The rubble has been cleared from ground zero, and the
Pentagon has been repaired, but the House of Representatives is still
struggling with what it would take to rebuild the government itself after a
catastrophic attack on the Capitol.
A bipartisan group of lawmakers including Rep. David Vitter, R-Metairie,
has been meeting mostly behind closed doors for several months to discuss
the gruesome prospect of a terrorist strike wiping out the federal
government. But as the anniversary of the Sept. 11 attacks nears, the group
has not reached a consensus on how to get an obliterated Congress back up
and running.
Although the Constitution spells out steps to replace the president and
senators quickly, House members can be replaced only through local
elections, a process that could take months and effectively bring
legislative operations to a halt during a national crisis.
If the House weren't functioning, experts say, emergency financing could be
delayed, public confidence could be undermined, an important check on
presidential power would be lost, and a wrench would be thrown into the
presidential line of succession, which designates the speaker of the House
to take over if the president and vice president are killed or incapacitated.
"The most powerful nation on Earth should not have doubts about who is in
charge and who would control the nuclear weapons in time of national
crisis," said Rep. Brian Baird, D-Wash., a clinical psychologist who began
nudging House leadership to plan for a direct hit the day after the attacks
last year. "It boggles my mind that the leadership of the Congress has not
yet fixed this."
Precautions taken
The House and Senate have developed some contingency plans with an eye
toward another terrorist strike. It is widely believed that hijacked
American Airlines Flight 93 was being steered toward a government building
in Washington before it crashed in rural Pennsylvania after an apparent
passenger uprising. The October anthrax mailing to the Capitol Hill office
of Senate Majority Leader Tom Daschle, D-S.D., further heightened fears
that future terrorists will target the seat of federal government.
House members have been given portable BlackBerry communications devices to
send and receive messages if the Capitol is destroyed. Plans are also in
the works to outfit a secure congressional meeting place outside
Washington, according to Capitol Hill aides who said details are top-secret.
Before the August recess, House and Senate leaders quietly authorized
substitutes to reconvene Congress outside the nation's capital in the event
of an attack.
But there has been little progress on some of the thornier constitutional
issues. So far, the only proposal to emerge from the bipartisan group is a
draft resolution, expected to be taken up Sept. 11, merely urging states to
expedite special elections in times of crisis.
"There is a fundamental tension involved," Vitter said. "The most effective
solutions are the most difficult to pass."
Governors' choice
Baird has offered a constitutional amendment that would have each House
member draw up a confidential list of potential successors. The governor
from each member's state would select a replacement from the lists and
could restore the 435-member House within days. Former House Speakers Tom
Foley and Newt Gingrich have said that a similar approach can be
accomplished with a simple change in House rules because it would only be
an interim step until special elections could be called.
Sen. Arlen Specter, R-Penn., has introduced a constitutional amendment that
would, in the event of the loss of 50 percent of representatives, allow
governors to choose successors in the House, as they do now for senators.
Replacements would have to be from the same party as the deceased member.
However, constitutional amendments, which require approval from Congress
and then three-fourths of state legislatures, will take time to put in
place. House leaders have urged the bipartisan working group to come up
with something soon.
Between 1940 and 1962, the prospects of homeland attacks spurred Congress
to introduce more than 30 constitutional amendments to replenish Congress
quickly. Three proposals passed the Senate in that period, but all died in
the House.
"Let's face it, no one likes to consider possibility of their own demise,
and the House is proud of its status as probably the only elected body in
the world that has never had a member appointed," said Norman Ornstein, a
scholar advising the bipartisan group. "To put that into jeopardy is a big,
big step."
Majority rule
The prospect of chemical and biological attacks has raised a further
complication for the House getting back on its feet. Constitutional
interpretations since the Civil War have said that the House can only
operate with a quorum, or majority, of members who are "chosen, sworn and
living." There is no provision for members who are missing but not
confirmed dead or who are incapacitated due to, say, anthrax infection. If
a majority of members were unable to show up to vote, the House could be
frozen awaiting their return.
Rep. James Langevin, D-R.I., has suggested developing the framework for an
"e-Congress" that could have members voting from remote locations through
electronic connections, obviating the need for them to show up in the
Capitol. But at a hearing on the proposal in May, constitutional scholars
attacked the idea, saying that members can't have a genuine exchange of
ideas in online chat rooms and the U.S. Constitution calls for Congress to
"assemble" at least once a year.
Vitter said he hopes the working group can come up with some solutions
short of constitutional amendments by early next year. He said that House
rules could be a changed to define when a member is unable to serve. He
also said that a 1947 law on presidential succession could be reopened to
consider whether the current line of successors -- which after the vice
president include the speaker of the House, the president pro-tem of the
Senate and then Cabinet officials starting with the secretary of state --
is the most prudent. One idea under consideration is adding an elected
official from outside Washington.
********************
Sun-Sentinel
Broward official fears chaotic elections office will torpedo primary
By Scott Wyman and Buddy Nevins
September 6, 2002
Even as election officials sought to reassure voters that next week's
primary will go smoothly despite turmoil over new polling places and
inaccurate registration cards, the leader of the Broward County Commission
charged the area is careening toward another election disaster.
Commission Chairwoman Lori Parrish, who serves on the three-member
Canvassing Board that certifies the election results, said Thursday that
the process has been too rife with problems to run properly on Tuesday.
She lost her last bit of faith when she learned that the mayor of Sunrise
received the wrong ballot when he voted and that there have been cases
where poll workers used the wrong ballots during accuracy tests on the new
ATM-style machines. She fears it's a sign that voters could be given the
wrong ballots when they go to the polls next week.
"I have no confidence we can have an error-free election," Parrish said.
"We have a new supervisor of elections, new voting equipment and new
precinct locations. I just have to hope that it isn't a formula for
disaster. I'm worried and concerned."
Broward's embattled supervisor of elections, Miriam Oliphant, faced another
major blow in her election planning Thursday when the state Division of
Elections said she misinterpreted state law on how to organize her polling
precincts.
The Republican Party complained she would not guarantee that each precinct
will be staffed by Republican and Democratic poll workers. She thought only
that the overall makeup of the 5,000 workers had to reflect the community,
but the state sided with the GOP.
The opinion could open the primary to a legal challenge unless Oliphant
shuffles poll workers around between today and Tuesday to ensure a balance
at each of the 809 precincts. Her spokesman said Oliphant was reviewing the
letter late Thursday.
Republican leaders said they are exploring their options if Oliphant does
not relent and said they will definitely head to court if the issue is not
addressed by the November general election.
Despite that, Florida's top election official, Secretary of State Jim
Smith, stood side by side with Oliphant on Thursday and said he is
convinced Broward is ready for Tuesday's vote. During a visit to Broward's
poll-worker training session, he said the problems arising here are not out
of the ordinary.
"Everyone just needs to take a couple deep breaths," he said. "I think
similar problems have occurred in other places, but for whatever reason,
here it's been more confrontational. People don't realize how complicated
it is to put on an election."
Tuesday will mark the first major election since South Florida came under
national scrutiny for its role in the 2000 presidential election debacle.
Although the state has reformed its election laws and Broward has replaced
punch-card ballots with touch-screen voting machines, problems have plagued
preparations for the 2002 primary.
Voters have complained about new polling places and inaccurate registration
cards, and the concerns are continuing to mount.
Sunrise Mayor Steve Feren was stunned when he voted absentee last week and
received a ballot that contained the legislative race for state Sen. Mandy
Dawson. Feren, who lives about six miles outside her district, immediately
questioned poll workers about the ballot.
Feren said a poll worker agreed he had been given the wrong ballot and then
set up the right one on his voting machine. But Feren said he is concerned
other voters are less astute about which legislative, congressional, school
board and county and city commission districts they live in and would go
ahead and vote if given the wrong ballot.
"It's going to be ugly," he said.
Similar problems were seen in this week's testing of the new voting
machinery by the Canvassing Board. The board determined the machines work
properly, but two of the five errors that occurred while testing 100
machines happened because poll workers chose the wrong ballot.
Parrish attempted to raise questions about the possibility of similar
mistakes, but lawyers told the board that it could only assess whether the
machines work properly. Poll worker training, they said, was Oliphant's
responsibility.
Oliphant denied that Feren could have received the wrong ballot. She said
the errors in this week's testing were tracked and corrected quickly.
Voters attempting to vote early as Feren did are facing long waits even
though Oliphant urged people to take advantage of Florida's new election
law that allows early voting. Waits at the Government Center in downtown
Fort Lauderdale and at satellite offices have been as long as an hour.
The problem is that even though Broward is a heavily Democratic county,
Oliphant set aside three machines at each office for early voting - one for
Republicans, one for Democrats, and one for people of other parties or no
party affiliation.
Aleida Waldman, of Coconut Creek, said it took her almost an hour to vote
even though there were only two people in line in front of her. "It was a
mess. They didn't know what they were doing," Waldman said.
Oliphant blamed the long waits on the County Commission, saying the
commission didn't buy her enough voting machines. The rest of the 5,000 new
ATM machines are being set up for Tuesday and can't be used for early
voting, she said.
Oliphant urged voters who have questions or find problems with their new
registration cards to call her office or check her Web site. Both options,
though, continue to be problem-plagued themselves.
Voters report being unable to get through to the supervisor's office on the
phone.
"I have been dialing them for a week, several different numbers. Every
number I call is busy, busy, busy," said Ruth Cohen of the Palm Aire
condominium complex in Pompano Beach.
Cristina Pudwell lives in Margate, but her voting card placed her in the
wrong city. After a lengthy wait on the phone, Pudwell said the employee
told her, "I'm doing you a favor answering your call." When she explained
her problem, Pudwell said she was told: "Can't you read? All the
information is on the card."
Oliphant blames the phone problems on crank callers clogging her phones.
She also said inaccurate information on her Web site has been fixed, but a
spot check Thursday afternoon of complaints reported to the South Florida
Sun-Sentinel of precinct changes and inaccurate registration information
showed those details still listed.
And voters can't expect the traditional sample ballot that many use to sort
out who they will vote for before going to the polls.
Oliphant's predecessor, Jane Carroll, mailed out a sample ballot, but
Oliphant dropped it in a cost-cutting move. She decided the money could be
better spent on demonstrating the new voting machines and sending
educational material to voters.
"I didn't know who to vote for. It took me much longer," said Myron Ross,
who voted as part of the early voting program. "I can only imagine what
will happen Election Day."
Staff Writer Christy McKerney contributed to this report.
Scott Wyman can be reached at swyman@xxxxxxxxxxxxxxxx or 954-356-4511.
****************************
Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx
From owner-technews@xxxxxxxxxxxxxxxxx Mon Sep 9 14:58:57 2002
Received: from sark.cc.gatech.edu (sark.cc.gatech.edu [130.207.7.23])
by cleon.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id g89Iwvs10477;
Mon, 9 Sep 2002 14:58:57 -0400 (EDT)
Received: from postel.acm.org (postel.acm.org [199.222.69.7])
by sark.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id g89IwjS29570;
Mon, 9 Sep 2002 14:58:45 -0400 (EDT)
Received: from postel (postel.acm.org [199.222.69.7])
by postel.acm.org (8.9.3/8.9.3) with ESMTP id OAA22534;
Mon, 9 Sep 2002 14:58:18 -0400
Received: from LISTSERV2.ACM.ORG by LISTSERV2.ACM.ORG (LISTSERV-TCP/IP release
1.8d) with spool id 0009 for TECHNEWS@xxxxxxxxxxxxxxxxx; Mon, 9 Sep
2002 14:28:32 -0400
Approved-By: technews@xxxxxxxxxx
Received: from hq.acm.org (hq.acm.org [199.222.69.30]) by postel.acm.org
(8.9.3/8.9.3) with ESMTP id OAA42730 for
<technews@xxxxxxxxxxxxxxxxx>; Mon, 9 Sep 2002 14:27:43 -0400
Received: by hq.acm.org with Internet Mail Service (5.5.2656.59) id <SSVFSLQK>;
Mon, 9 Sep 2002 14:27:51 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2656.59)
Content-Type: text/plain; charset="iso-8859-1"
Message-ID: <95537E2AB3BDD311B6FD00A0C9A31A510247AAC7@xxxxxxxxxx>
Date: Mon, 9 Sep 2002 14:27:50 -0400
Sender: ACM TechNews Early Alert Service <TECHNEWS@xxxxxxxxxxxxxxxxx>
From: technews <technews@xxxxxxxxxx>
Subject: ACM TechNews - Monday, September 9, 2002
To: TECHNEWS@xxxxxxxxxxxxxxxxx
Content-Length: 9326
Status: RO
X-Status:
X-Keywords:
X-UID: 282
Dear ACM TechNews Subscriber:
Welcome to the September 9, 2002 edition of ACM TechNews,
providing timely information for IT professionals three times a
week. For instructions on how to unsubscribe from this
service, please see below.
ACM's MemberNet is now online. For discussion (and voting)
forums on current industry issues and the latest on ACM
activities, visit http://www.acm.org/membernet
Remember to check out our hot new online essay and opinion
magazine, Ubiquity, at http://www.acm.org/ubiquity
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ACM TechNews
Volume 4, Number 396
Date: September 9, 2002
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Site Sponsored by Hewlett Packard Company ( <http://www.hp.com> )
HP is the premier source for computing services,
products and solutions. Responding to customers' requirements
for quality and reliability at aggressive prices, HP offers
performance-packed products and comprehensive services.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Top Stories for Monday, September 9, 2002:
http://www.acm.org/technews/current/homepage.html
"Year After 9/11, Cyberspace Door Is Still Ajar"
"Bush Mulls Internet Security Fund"
"Archaic Computer Systems Hamper War on Terror"
"HP to Unveil Nanotech Breakthrough"
"Some Environmentalists Worry About Nanotechnology Risk"
"Almost Organic"
"10 Choices That Were Critical to the Net's Success"
"The High-Tech Rebels"
"Lack of Cybersecurity Specialists Sparks Concern"
"Breakthrough Gives Diamond Electronics Sparkle"
"New York State Wins Top Semiconductor R&D Lab"
"Businesses Gird for Grid Computing Breakthroughs"
"Lining Up for Jobs"
"Who Should Own What?"
"Tech Frontiers"
"In Pursuit of the 'Everywhere' Computer"
"Joining the Third Generation"
"Research That Reinvents the Corporation"
******************* News Stories ***********************
"Year After 9/11, Cyberspace Door Is Still Ajar"
Despite hopes from cybersecurity specialists that American
companies and governments would implement better network
protection in response to Sept. 11, there is little indication
that progress has been made. Giga Information Group VP Steve ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item1
"Bush Mulls Internet Security Fund"
Internal documents from the National Strategy to Secure
Cyberspace imply, among other things, the creation of a
technology fund "to address those discreet technology areas that
fall outside the purview of both industry and government and yet ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item2
"Archaic Computer Systems Hamper War on Terror"
The U.S. government is unable to capitalize on its IT
budget, largely because of the lack of coordination, complex
purchasing requirements, and standalone technology. Analysts say
the pace of change in the federal government is glacially ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item3
"HP to Unveil Nanotech Breakthrough"
On Monday in Europe, Hewlett-Packard scientists will announce a
breakthrough that brings HP one step closer to its goal of making
smaller, speedier, and less expensive chips using "molecular
grids," in which crisscrossing molecular strands are arrayed in ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item4
"Some Environmentalists Worry About Nanotechnology Risk"
Environmental organizations such as the ETC Group want
governments to declare a moratorium on nanotechnology development
until its health and environmental risks are more thoroughly
assessed. Despite experts' assurances that nanotech's benefits ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item5
"Almost Organic"
Drawing insights on robot evolution and human-robot interaction
is the purpose of the Public Anemone, a robot that resembles a
sea anemone and exhibits unusual abilities. Such interactive
robots could lead to the incorporation of robotics into people's ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item6
"10 Choices That Were Critical to the Net's Success"
Harvard University senior technical consultant and Internet
standards development guru Scott Bradner listed 10 major
decisions that led to the Internet's rise in prominence at a
Massachusetts telecom conference last week. Multiple existing ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item7
"The High-Tech Rebels"
Sun Microsystems co-founder and chief scientist Bill Joy says IT
is too server-centric and that more robust software will help set
it free. Meanwhile, Xerox chief scientist John Seely Brown adds
that Web services promise to set entire markets free, while ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item8
"Lack of Cybersecurity Specialists Sparks Concern"
The United States faces a disturbing lack of skilled workers to
protect critical infrastructures from electronic attack, said
experts at a recent cybersecurity conference in Washington, D.C.
As a result, the demand for people with IT skills will rise, ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item9
"Breakthrough Gives Diamond Electronics Sparkle"
An international team has synthesized a thin film of diamond
better suited for high-performance electronics than natural
diamond and other artificial forms of diamond, because it is
composed of a single crystal and has few impurities. The ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item10
"New York State Wins Top Semiconductor R&D Lab"
The New York branch of International Sematech will reside in a
$403 million research center located at the State University of
New York (SUNY)--Albany. Sematech was drawn to the area by
SUNY's plans to construct several research facilities dedicated ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item11
"Businesses Gird for Grid Computing Breakthroughs"
Industry experts say that widespread commercial grid computing
could be made available in about five years, allowing
manufacturers to design products, drug companies to develop new
medicines, and businesses to share complex data sets and software ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item12
"Lining Up for Jobs"
Short-term IT job prospects for the latest crop of computer and
engineering graduates are slim, as many companies are cutting
entry-level hirings and scaling back their internships. An April
survey of employers conducted by the National Association of ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item13
"Who Should Own What?"
In an interview with Todd Datz of Darwin magazine, Stanford Law
School professor and author Lawrence Lessig explains that he
understands the impulse to "patent everything under the sun" so
that one can remain competitive against both legitimate and ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item14
"Tech Frontiers"
Four sectors are poised to drive future technological
advancements in the next five to 10 years: Chip fabrication,
software programming, security, and entertainment. Chip
production is, by its nature, paradoxical--materials costs are ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item15
"In Pursuit of the 'Everywhere' Computer"
Former Hewlett-Packard Labs director Joel Birnbaum is a staunch
advocate of pervasive computing, the establishment of an
invisible, all-encompassing information system that can be
harnessed for virtually any function by ubiquitous sensors and ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item16
"Joining the Third Generation"
Cellular networks could be significantly enhanced with
third-generation wireless technology, but differing levels of
acceptance around the world and limited spectrum availability
remain formidable obstacles. Its potential benefits include ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item17
"Research That Reinvents the Corporation"
In the August issue of Harvard Business Review, the journal
revisits John Seely Brown's 1991 article "Research That Reinvents
the Corporation." In the paper, Seely argues that to stay
competitive, corporations must do more than just create new ...
http://www.acm.org/technews/articles/2002-4/0909m.html#item18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- To review Friday's issue, please visit
http://www.acm.org/technews/articles/2002-4/0906f.html
-- To visit the TechNews home page, point your browser to:
http://www.acm.org/technews/
-- To unsubscribe from the ACM TechNews Early Alert Service:
Please send a separate email to listserv@xxxxxxxxxxxxxxxxx
with the line
signoff technews
in the body of your message.
-- Please note that replying directly to this message does not
automatically unsubscribe you from the TechNews list.
-- To submit feedback about ACM TechNews, contact:
technews@xxxxxxxxxx
-- ACM may have a different email address on file for you,
so if you're unable to "unsubscribe" yourself, please direct
your request to: technews-request@xxxxxxx
We will remove your name from the TechNews list on
your behalf.
-- For help with technical problems, including problems with
leaving the list, please write to: technews-request@xxxxxxx
----
ACM TechNews is sponsored by Hewlett Packard Company.
From mnpalmer@xxxxxxxxxxxxx Fri Oct 25 11:47:19 2002
Received: from sark.cc.gatech.edu (sark.cc.gatech.edu [130.207.7.23])
by cleon.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id g9PFlJs18690;
Fri, 25 Oct 2002 11:47:19 -0400 (EDT)
Received: from tokyo.cc.gatech.edu (tokyo.cc.gatech.edu [130.207.114.15])
by sark.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id g9PFlBa09234;
Fri, 25 Oct 2002 11:47:11 -0400 (EDT)
Received: from mikepc-w2k.cc.gatech.edu (mikepc-w2k.cc.gatech.edu [130.207.15.57])
by tokyo.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id g9PFlAK22008;
Fri, 25 Oct 2002 11:47:10 -0400 (EDT)
Message-Id: <5.1.0.14.2.20021025114306.03e7b358@xxxxxxxxxxxxxxxxxxx>
X-Sender: mnpalmer@xxxxxxxxxxxxxxxxxxx
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Fri, 25 Oct 2002 11:47:10 -0400
To: "Hilderbrand, Terry" <terry.hilderbrand@xxxxxxxxxxxxxxx>,
"Cannady (E-mail)" <james.cannady@xxxxxxxxxxxxxxx>,
"Goodman, Sy" <goodman@xxxxxxxxxxxxx>, "Navathe, Sham" <sham@xxxxxxxxxxxxx>,
"Ahamad, Mustaque" <mustaq@xxxxxxxxxxxxx>, "Xu, Jim" <jx@xxxxxxxxxxxxx>,
"Lipton, Dick" <rjl@xxxxxxxxxxxxx>,
"dos Santos, Andre" <andre@xxxxxxxxxxxxx>,
"Blough, Doug" <douglas.blough@xxxxxxxxxxxxxx>,
"Copeland, John" <john.copeland@xxxxxxxxxxxxxx>,
"Lee, Wenke" <wenke@xxxxxxxxxxxxx>, "Ding, Yan Zong" <ding@xxxxxxxxxxxxx>
From: Mike Nelson Palmer <mnpalmer@xxxxxxxxxxxxx>
Subject: Re: FW: Cybersecurity
Cc: "Nelson-Palmer (E-mail)" <michael.nelsonpalmer@xxxxxxxxxxxxx>,
"DeMillo, Rich" <rad@xxxxxxxxxxxxx>,
"Thompson, Mary Claire" <thompson@xxxxxxxxxxxxx>,
Henry Owen <henry.owen@xxxxxxxxxxxxxx>
In-Reply-To: <DCA3302F85489A4891F4401D0CE48A7533E7EC@xxxxxxxxxxxxxxxxxxx
h.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Content-Length: 3318
Status: RO
X-Status:
X-Keywords:
X-UID: 283
Terry--Thanks for the news..............
All--FYI...............
Mike N-P
At 09:23 AM 10/24/2002 -0400, Hilderbrand, Terry wrote:
FYI
-----Original Message-----
From: Maguire, John F.
Sent: Tuesday, October 22, 2002 12:17 PM
To: Hilderbrand, Terry
Subject: Cybersecurity
Senate passes bill to bolster cybersecurity research
By William New, National Journal's Technology Daily
The Senate late Wednesday passed by voice vote a bill that would authorize
$903 million over five years for cybersecurity research in what proponents
said is an attempt to address a deficiency in expertise in that area.
"America needs to sharpen its expertise and deepen its bench in terms of
cybersecurity knowledge and talent because the threats to our networks are
growing," bill co-sponsor Ron Wyden, D-Ore., said in a Thursday statement.
He said the bill would create "a new generation of experts to meet
tomorrow's threats."
The bill, H.R. 3394, now moves to the House. The House passed its first
version of the legislation by a margin of 400-12 in February.
House Science Committee Chairman Sherwood Boehlert, the sponsor of the
original bill, has been working with leadership throughout the process,
his spokeswoman said. "This is Chairman Boehlert's top priority," she
said. "We are confident that it will pass" when the House returns.
"Neither the danger of cyberterrorism nor the importance of this
legislation can be overstated," Boehlert, R-N.Y., said in a Thursday
statement, adding that the measure "serves as a call to arms to the
high-tech community and the nation's science and technology enterprise."
House and Senate staffers negotiated a compromise before the Senate vote.
That process led to a reduction in the Senate proposed authorization from
$978 million to $903 million.
The bill would authorize grants through the National Science Foundation
and the National Institute of Standards and Technology (NIST). It also
would mandate a report to Congress on critical infrastructure weaknesses
and require the White House Office of Science and Technology Policy to
develop strategies for greater coordination of research and development
activities.
Boehlert's office called the bill "virtually the same" as the House
version. The biggest change for the House was the addition of a $25
million program to increase the number of faculty qualified to teach
college-level cybersecurity courses. The House originally authorized $878
million.
The Senate also included language that would direct NIST to develop
checklists of security measures for use by federal agencies. The list
would set forth security settings and options available on federally
procured hardware and software.
Another new provision seeks to ensure that students and universities
participating in the program comply with immigration laws. And the Senate
made some minor changes to make the measure's language fit with the
House-passed bill to create a Homeland Security Department, H.R. 5005.
JOHN MAGUIRE,GTRI BUSINESS DEVELOPMENT OFFICE
MANAGER, FEDERAL PROGRAM DEVELOPMENT
PRINCIPAL RESEARCH ASSOCIATE
CENTENNIAL RESEARCH BLDG--ROOM 329
400 TENTH ST NW
ATLANTA,GA 30332-0838
PHONE: (404)894-7742 FAX: (404)894-4316
E-MAIL: john.maguire@xxxxxxxxxxxxxxx