Clips November 8, 2002

[Lillie Coney <lillie.coney@xxxxxxx>]

Clips  November 8, 2002

ARTICLES

FBI Searched Library Computer, Didn't Install Monitoring Program
2,180 Fulton ballots found late 67 memory cards misplaced [e-voting]
Cost of Broward elections to rise by $1 million or more
Lawyers get set for fight over ballots
FBI system to ID serial killers went unused in sniper case
Vietnam jails internet dissident
Compromise on Webcast Royalties Sought
GOP Senate Promises Tech Policy Shift
Court to Set Rule on Rulings Release
Privacy group fights P2P crackdown
Joining Forces to Tackle High-Tech Crime
FBI names new IT executive
HDTV leaps 'last hurdle' in transition
Tech issues get new lease on life
Homeland security bill set for quick action
Chicago housing agency sings password blues
Government-backed software security study takes off
Navy Sites Spring Security Leaks
Ban on R-rated computer games to stay [AUS]

*****************************
The Hartford Currant
FBI Searched Library Computer, Didn't Install Monitoring Program
Claim Made In Sunday Courant Was Wrong, Columnist Says
November 7, 2002

A report that the FBI had installed software to monitor the Internet 
activity of patrons at the Hartford Public Library, contained in a column 
published in The Courant Sunday, was incorrect.

The two anonymous sources cited in the column now believe they were in 
error, free-lance columnist Bill Olds said. The sources backed off the 
claim Wednesday after the FBI and the city's chief librarian strongly 
disputed it.

In the column, which regularly addresses issues of privacy, Olds wrote that 
the FBI had "bugged" the library's computers to search for information that 
might point to terrorist suspects. He wrote that he could not reveal the 
sources of the information.

On Wednesday, Michael J. Wolf, the state's most senior FBI agent, disputed 
what he called the "outrageously fallacious column." He said in a statement 
that the FBI used a search warrant to seize evidence from a specific 
library computer that had been used to "hack" into a business computer 
system in California "for criminal purposes."

He said in the statement that no software was installed on any computer in 
the library.

The chief librarian, Louise Blalock, supported Wolf's assertion, saying in 
an interview that the FBI had copied the hard drive of one of the 
computers. Blalock said she understood that the government's intention was 
to look for records of past computer use rather than monitor future use.

Librarians across the country have complained that anti-terrorism 
legislation enacted since the attacks of Sept. 11, 2001, threatens library 
patrons' privacy, chiefly by giving the government access to circulation 
records. Some have expressed concern that the government may increasingly 
seek access to computer-related information as well.

It was against that backdrop, Olds said, that the two library sources 
mistakenly assumed the FBI's visit in late September was part of the 
terrorism probe.

"They connected the dots and made a mistake," said Olds, a former executive 
director of the Connecticut Civil Liberties Union.

Blalock said that she twice turned the FBI away before they returned with a 
formal search warrant for the computer hard drive, and that the Hartford 
library adheres to a strict privacy policy and does not retain circulation 
records.
*****************************
Atlanta Journal Constitution
ELECTION 2002
2,180 Fulton ballots found late
67 memory cards misplaced, but shouldn't change results
By TY TAGAMI and DUANE STANFORD
Atlanta Journal-Constitution Staff Writers

Fulton County election officials said Thursday that memory cards from 67 
electronic voting machines had been misplaced, so ballots cast on those 
machines were left out of previously announced vote totals.

Fifty-six cards, containing 2,180 ballots, were located Thursday. Eleven 
memory cards still were missing Thursday evening. If the cards could not be 
found, the votes would be retrieved from the voting machines, election 
officials said.

The votes from the missing cards were not included in unofficial totals 
released by the county Tuesday night and Wednesday, but it appeared 
unlikely the newly discovered votes could change the announced outcome of 
any race.

While such a switch could have been embarrassing, county voter registration 
chief John Sullivan stressed that the process for compiling the final, 
official vote total ensured that every terminal would be accounted for, so 
no votes would be overlooked.

"Nothing will be lost," Sullivan said.

The county anticipates concluding the count by 10 a.m. today, when the 
county board of elections is scheduled to certify the results.

Republican Karen Handel was especially interested in the new count. She 
started Thursday trailing Democrat Robb Pitts for an at-large seat on the 
County Commission by 4,595 votes.

"There's a handful of races where it makes a difference, and mine was one 
of them," Handel said.

But the first batch of 57 misplaced cards increased Pitts' lead by 355 votes.

Of the 11 remaining missing cards, eight came from machines at Precinct 8C 
at 4191 Northside Drive in Buckhead. About 1,200 voters are assigned to 
that precinct. One card each was missing from three precincts: EP09, Conley 
Hills School in East Point; NC06, Country Club of the South in north 
Fulton; and 11J, Continental Colony Elementary School in southwest Atlanta.

Fulton wasn't the only county that misplaced memory cards on election 
night. Bibb County in Middle Georgia and Glynn County on the coast each had 
one card missing after the initial vote count, but the cards were located 
and counted the next day, said Michael Barnes, the state's assistant 
elections director.

When DeKalb County election officials went home early Wednesday morning, 
they were missing 10 cards. They found them later that day sealed in 
machines in various precincts. DeKalb elections director Linda Latimore 
said the breakdown came with the terminals that were taken out of service 
on Election Day because of technical problems. The cards inside weren't 
collected with the rest.

"We never gave the poll workers instructions on what to do if a machine 
went dead," Latimore said.

While election officials in all counties routinely release unofficial 
results on election night, official returns are compiled later. State 
election officials say the computerized process for compiling those final 
vote totals includes a warning system that flags with a red arrow any 
voting machine whose memory card's content has not been transferred to the 
central database.

In Fulton, some preliminary returns were sent by computer modem from 
precincts. But poll managers also are required to take all the memory cards 
to the county election headquarters, where each card is loaded into a 
computer for the official count.
******************************
Sun-Sentinel
Cost of Broward elections to rise by $1 million or more
By Buddy Nevins
Political Writer
November 8, 2002

Future elections may cost at least $1 million more than elections ever cost 
before.

The elections will be much more expensive because county officials want to 
continue using Broward County sheriff's deputies, county employees and 
possibly School Board employees to ensure they are successful.

Tuesday's election went off with only minor glitches after deputies and 
1,500 county employees mounted a colossal effort to ensure the polls opened 
on time and election results were tabulated properly.

The final price tag isn't in, but the county spent about $2.5 million on 
the election.

County officials say future elections will need similar help.

"The bar has been raised, and it's tough to back away from the process that 
produced the success this week," warned County Administrator Roger Desjarlais.

No decision about the future has been made, but Deputy Elections Supervisor 
Joseph Cotter and his top staff have scheduled a meeting today to begin 
planning for the 2004 presidential primary and general election.

Their decisions need the approval of the County Commission, which pays for 
elections.

"Elections of this size are a Herculean effort," Cotter said he will tell 
his staff. "Because of the sheer number of voters now in Broward and the 
fact that this system is very labor intensive, we will need help from other 
quarters at some level."

The elections office has fewer than 70 employees.

Elections Supervisor Miriam Oliphant agreed with Cotter, saying she would 
be asking county employees, Broward Sheriff's Office and other government 
workers to continue to help conduct elections.

County commissioners gave Oliphant about $1.5 million extra in the weeks 
leading to the election to close a deficit in her $5.3 million annual budget.

Desjarlais estimates the county spent another $1 million on Tuesday's election.

Half went for the salaries of workers away from their regular jobs, and the 
remainder for costs such as installing phone lines and overtime pay.

The School Board, which provided teachers as poll worker trainers, and the 
sheriff's office also helped with the election.

Their expenses are not yet tabulated.

Countywide elections cost about $600,000 when the old punch card machines 
were used.

But the new touch-screen electronic machines, which cost $3,000 each, are 
more labor intensive. Poll workers must activate the machines, and others 
must be trained to set them up.

"There is clearly more labor involved than just opening up a case and 
setting up a punch card machine. The price of elections does go up. The 
future is more expensive, but one machine can do the work of multiple punch 
card ballots. Nobody has to exchange a Spanish ballot for an English 
ballot," said Russ Klenet, spokesman for Elections Systems & Software, the 
company manufacturing the machines.

County Commission Chairwoman Lori Parrish said the county would be willing 
to provide future help to the supervisor's office.

"I don't think we would need the effort we had this time," Parrish said. 
"We faced six weeks to pull it off, and that required an extra effort."

Parrish, Desjarlais and County Commissioner John Rodstrom cautioned 
Oliphant against dismissing Cotter now that the election is over.

"We would have to rethink our level of participation if he went," Rodstrom 
said.

Oliphant said she has no intention of firing Cotter, as had been widely 
rumored at the Broward Government Center. Oliphant, the highest-ranking 
local black politician, has been under pressure from some black leaders 
such as U.S. Rep. Alcee Hastings, D-Miramar, to take back the power she 
ceded to Cotter after the chaotic primary.

"We can do some good and wonderful and productive things," Oliphant said.

Oliphant said she would work to improve communications with Cotter.

"I want to meet with her," Cotter said. "I intend to stay here. I have a 
two-year contract."

Buddy Nevins can be reached at bnevins@xxxxxxxxxxxxxxxx or 954-356-4571.
*******************************
Lawyers get set for fight over ballots
Co. 7th District race has rivals scrambling to bone up on vote law
By Michele Ames, Rocky Mountain News
November 8, 2002

While county clerks scrutinize uncounted ballots, attorneys are scouring 
the law that will determine which votes will be valid and which won't.
As the hotly contested 7th Congressional District race comes down to the 
still uncounted provisional ballots, attorneys for Republicans and 
Democrats are beginning to consider how the new law works.

Already at issue is ensuring that the process for deciding which ballots 
will count is fair and uniform because the process must happen 
independently in three counties that make up the 7th District. Also in 
question is just when challenges to the ballots should be made.

With a possible 6,200 votes that haven't been counted and a narrow margin 
separating the candidates, everybody knows the stakes are high. That's why 
the state's top election official, Colorado Secretary of State Donetta 
Davidson, sent observers to all three counties.

"Our observers are a security blanket for the county clerk and the public," 
said Lisa Doran, press secretary for Davidson. "The county clerk can look 
to the observer to make sure they do everything right. We're trying to make 
sure that if there's any question there's an independent person there."

Both Republican Bob Beauprez and Democrat Mike Feeley have brought in their 
own security blankets - in the form of attorneys.

While none of the actions of county clerks can be challenged while they're 
deciding which ballots should qualify, attorneys are already looking to the 
period after ballots are either accepted or rejected and before they are 
actually counted as a point where results could first be challenged.

"As you think about it, it makes sense not to have a negotiation over every 
ballot," said Mark Grueskin, an attorney for Isaacs and Rosenbaum, the firm 
representing Feeley.

"My guess is that the process isn't just going to jump ahead to the 
counting process," he said. "I think there is the potential for a remedy if 
there's an issue."
Clerks have been given guidelines by the Colorado Secretary of State's 
Office on how they are to determine which ballots should count and which 
must be disqualified:

? The sworn statement must have been filled out completely by the voter, 
including all identifying information and a reason for why the individual 
should be allowed to vote provisionally.
? The identifying information must then be checked to ensure the individual 
is a registered Colorado voter and that he or she voted in the correct race 
based on the voter's current address.
? Election officials must "substantially comply" with the checking process. 
That means they have to check all available databases to confirm voter 
registration - including those kept by the Colorado Department of Motor 
Vehicles - before throwing out a ballot.
*****************************
Seattle Times
FBI system to ID serial killers went unused in sniper case
By David Heath and Susan Kelleher
November 8, 2002

The FBI's sophisticated program for identifying serial killers might have 
cut short the snipers' deadly spree in the Washington, D.C.-area  if police 
had actually used it.

But local police departments failed to enter information about unsolved 
murders into the computerized system, known as ViCAP, according to the FBI 
and police in several states.

If used properly, the Violent Criminal Apprehension Program could have 
linked a series of September liquor-store shootings and robberies  four 
over eight days  to the sniper suspects, said retired FBI supervisor Greg 
Cooper, who ran the ViCAP program from 1991 to 1995.

He believes ViCAP would have helped police apprehend suspects John Allen 
Muhammad and Lee Boyd Malvo before the October sniper slayings  saving 
lives and preventing weeks of paralyzing anguish in the nation's capital.

"It's a travesty," Cooper said.

Police agencies send crime data to the FBI's ViCAP on a standardized form 
that includes up to 93 pieces of information about an unsolved crime: age, 
race and other details about the victim, weapon, caliber of gun, time of 
day, method of attack, eyewitness accounts, location and so on.

The ViCAP database analyzes the information, looking for patterns that can 
link crimes. Or it can be queried by detectives.

For example, an investigator in Montgomery, Ala., could have checked the 
ViCAP database for all liquor-store holdups in which a .22-caliber handgun 
was carried or used by a pair of black men.

But such efforts often do little good, Cooper said, since only a fraction 
of the police agencies send information about their unsolved crimes to the 
FBI. Only three states  Alaska, New York and New Jersey  require police to 
enter unsolved murders into ViCAP. About 500 of 17,000 local 
law-enforcement agencies participate, the FBI said yesterday.

Cooper said some police departments feel overburdened, or don't know about 
the program, or don't realize its value.

Once a suspect is arrested, ViCAP can be used to link other unsolved 
crimes, said the FBI's Arthur Grovner, unit chief of ViCAP in Quantico, Va.

But of the 20 shootings and slayings believed to be the work of the two 
sniper suspects  in Washington, Arizona, Louisiana, Georgia, Alabama, 
Maryland, Virginia and the District of Columbia  none was linked to the 
crime spree by ViCAP.

Some of the 20 have been connected to Muhammad and Malvo because people 
called police.

In Baton Rouge, La., Hong Ballenger was shot and killed coming out of a 
beauty shop Sept. 23. The next month, her husband, James, called Baton 
Rouge police to tell them he thought her slaying might be related to the 
sniper killings.

Ballenger said police turned him away. "They said it wasn't the same MO and 
they had other leads. They said they didn't have ballistics."

He called the FBI hotline with the same tip, which eventually connected his 
wife's killing to the two snipers by ballistics.

The sniper shootings were ultimately cracked by clues the suspects dropped 
in a telephone call to police, hinting at the Alabama liquor-store holdup. 
Police recovered a fingerprint at the scene and identified it as Malvo's.

Ballistics tests showed the gun used in that killing was the same used in 
the killings in Maryland. The pair were arrested soon after that.

Since the arrests, police have been looking for other possible slayings 
linked to the sniper killings. But in each of those cases so far, ViCAP has 
been useless because its data are incomplete.

In Tucson, Ariz., police believe that 60-year-old Jerry Taylor was a victim 
of the sniper suspects. He was shot and killed while playing golf March 19. 
A police spokeswoman said the murder wasn't entered into ViCAP.

FBI agents and the Sniper Task Force made the link to Muhammad earlier this 
month when they discovered that he and Malvo were in Tucson visiting 
Muhammad's sister in mid-March.

The FBI developed ViCAP in the 1980s. In 1994, Congress passed a bill that 
gave $20 million to improve it.

Each year in the United States there are roughly 20,000 unsolved murders, 
missing persons and unidentified bodies, ideal candidates for inclusion in 
ViCAP. Last year, however, only 5,186 new cases were added to ViCAP, the 
FBI said.

So far this year, just 1,261 cases have been added.

Given how few unsolved murders are entered into the system, Cooper said, 
"The surprising aspect of it is that there are a number of cases that have 
been solved from it."

A high-profile example is the apprehension of Rafael Resendez-Ramirez, the 
"Railroad Killer." ViCAP linked him to killings in Texas and Kentucky after 
searching for cases of homeless men killed in railroad yards.

In Washington, information on an unsolved Tacoma killing that later was 
linked to the sniper suspects had earlier been entered into Washington's 
HITS program. HITS is much like ViCAP and run by the Attorney General's 
Office. The office only transfers cases into ViCAP that meet the FBI 
criteria for tracking, and officials would not say if the shooting of 
Keenya Cook met those criteria.

Unlike the FBI's ViCAP, the HITS program  Homicide Investigation Tracking 
System  records all cases of homicide, sexual assault and missing persons 
with suspicious circumstances.

Cooperation in the program is voluntary, but the state pays six 
investigators to collect data from more than 300 law-enforcement agencies 
statewide, and to spot potential cases in newspapers.

As of last week, the system held 5,048 homicide records from Washington 
state, starting in the early 1980s, of which 1,372 are unsolved.

"We have 100 percent compliance," said John Turner, chief criminal 
investigator for the state Attorney General's Office.
*******************************
BBC Online
Vietnam jails internet dissident
Friday, 8 November, 2002, 14:14 GMT

A Vietnamese dissident has been jailed for four years for publishing 
criticism of the Communist government on the internet.
Le Chi Quang, a 32-year-old lawyer, was convicted of "acts of propaganda" 
against the state during the one-day trial in Hanoi, a court official said.

Foreign journalists were not allowed to attend the trial.

The conviction came as Vietnam's internet service providers (ISPs) 
confirmed that the authorities have blocked access to the BBC's Vietnamese 
language website.

Le Chi Quang was arrested and detained in February after being accused of 
posting several essays on the internet which condemned the government for 
its land and sea border agreements with China.

Other essays praised fellow well-known dissidents Nguyen Thanh Giang and Vu 
Cao Quan.

Despite Vietnam's constitutional guarantees of a free press, in reality 
dissidents take considerable risks if they speak out.

Warning to others

The verdict in Quang's case has implications for other dissidents awaiting 
trial.

A prominent Vietnamese writer, Nguyen Vu Binh, was arrested in September, 
also for writing critical essays on the border agreements which were then 
distributed over the internet.

Last month the government tightened access to the internet with regulations 
which require websites to be licensed.

The BBC's Vietnamese language site has been blocked for a week. Internet 
users see only a bogus password prompt or a message to contact their ISP.

The BBC's Hanoi correspondent Clare Arthurs says sources at two ISPs have 
confirmed the erection of a firewall - a computer security measure which 
prevents internet users from reaching the particular BBC web address.

Government authorities have declined to comment on the firewall.

The BBC Vietnamese website carries a range of news and information 
including interviews with dissidents. It has been gaining in popularity 
among Vietnam's 1.3m internet users, with the number of hits running at 
about 180,000 a week.

On Thursday, the Foreign Ministry spokeswoman Phan Thuy Thanh told the BBC 
that Vietnam was fully aware of the importance of the internet. She says 
Vietnam uses firewalls against pornographic sites or those which incite 
people or encourage violence.
**********************************
Los Angeles Times
Compromise on Webcast Royalties Sought
Religious broadcasters and record labels are meeting to discuss a bill 
blocked by Sen. Helms.
By Jon Healey
Times Staff Writer
November 8 2002

With a lame-duck session of Congress about to begin, religious broadcasters 
and record labels are seeking a last-minute compromise on royalties that 
could clear the way for a bill to aid small Internet broadcasters.

Meetings between the National Religious Broadcasters Assn. and the 
Recording Industry Assn. of America are expected to begin today, said Frank 
Breeden, president of the Nashville-based Gospel Music Assn. The goal is to 
clear the objections that derailed a bill offering reduced royalties to 
some small Webcasters.

The religious stations are close to Sen. Jesse Helms (R-N.C.), a former 
broadcaster who blocked the bill last month, but they're not the only ones 
criticizing HR 5496. The others include large and mid-size Webcasters, 
over-the-air broadcasters and college stations. All contended that the 
royalties in the bill were too high.

A new group of small online broadcasters, the Webcaster Alliance, has 
formed to lobby against the bill. The group wants Congress to overhaul the 
royalty-setting process, lobbyist David LeGrand said.

At issue are the fees that online radio stations must pay labels and 
artists for the songs they play.

The librarian of Congress ordered commercial Webcasters to pay about a 
penny per hour of music broadcast to each listener, but many stations 
complained that the royalties would drive them out of business.

A few small commercial Webcasters negotiated a compromise last month with 
the RIAA and artists groups, agreeing to pay 8% to 12% of their revenue or 
5% to 7% of their expenses. But a House-passed bill to put the deal into 
law -- and extend it to any Webcaster with less than $1 million in revenue 
since November 1998 -- was stopped by Helms.

Several Webcasters and lobbyists said Helms' staff is trying to come up 
with an alternative that would help all Internet broadcasters. It's not 
clear what that might be, or whether the proposal could be squeezed into 
the lame-duck session.

A spokesman for Helms could not be reached Thursday.

A spokesman for the RIAA said the bill offers the best deal to all parties, 
including small Webcasters. But if Helms wants to talk about changes, "we 
will always do that," he said.

Breeden said the main concern of religious broadcasters is that the bill 
could set a precedent for the royalties they have to pay. In the new talks 
, "we're talking about whatever it would take for the NRB to remove its 
objection to the bill," he said.
*******************************
USA Today
GOP Senate Promises Tech Policy Shift
Republicans Realign Senate Tech Priorities
By Brian Krebs
Thursday, November 7, 2002; 3:46 PM

The resurgence of a Republican majority in the U.S. Senate heralds 
pro-business changes in several key technology policy battles in Congress, 
including online piracy, cybersecurity, broadband deregulation and Internet 
privacy, tech experts said.

Technology leaders also said legislation to create a Department of Homeland 
Security -- which contains a series of online security initiatives -- will 
be the top goal of a Republican Senate.

The bill includes measures that would hold federal agencies to tougher 
computer security standards and encourage businesses to share information 
on computer vulnerabilities with the federal government.

The information technology industry also sees the proposed department as a 
procurement gold mine, as the massive new agency would be in the market for 
many technology products.

Senate Democrats have held up a vote on the measure because they say it 
denies federal workers some of the union rights they now enjoy. The House 
has already passed its version of the bill earlier this year.

IT leaders also welcome the power shift for its promise of tax reform and 
stronger business incentives.

"The most prominent effect (of the GOP takeover) will be a greater chance 
of stimulating investment through research and development extensions and 
tax cuts," said Rhett Dawson, president of the Information Technology 
Industry Council.

Last month, the council released a report card showing Senate Republicans 
voted with the tech industry's stance nearly 85 percent of the time, 
compared to 65 percent for Senate Democrats.

Joe Rubin, director of congressional affairs for the U.S. Chamber of 
Commerce, said Republican control of the Senate could translate into "a 
great deal more capital for tech companies."

"On tech-specific items -- from homeland security to privacy, we think this 
is going to have a pretty dramatic impact," Rubin said.

Observers caution that Senate Republican lawmakers still must cooperate 
with Democrats to get most things done. Under Senate rules, at least 60 
votes are required to overcome filibusters and other stalling tactics that 
can derail bills before they get a vote.

"We'll still have challenges, but hopefully this transition will provide 
the extra momentum to get this department and other important measures 
approved," said Robert Holleyman, president of the Business Software Alliance.

Democrats will control the lame-duck session beginning next week, which 
will prove crucial because Congress still must pass most of the 
appropriations bills that keep the government running. Republicans still 
could take over during the lame duck, however, if Missouri certifies 
Senator-elect Jim Talent (R), or if Minnesota officials install 
Senator-elect Norm Coleman (R) to fill the seat of the late Sen. Paul 
Wellstone (D). If Democrats maintain control through the remainder of the 
session, the homeland security bill could be delayed until January.

Changes at the committee chairman level also are expected to alter the 
Senate's technology agenda. This would be most apparent in the Senate 
Commerce Committee, chaired by Ernest "Fritz" Hollings (D-S.C.). A champion 
of broadband, privacy and anti-piracy bills that emphasize federal 
spending, he has annoyed Republican committee members by keeping similar 
GOP-sponsored alternatives off the table.

Hollings' most controversial proposal -- backed heavily by the 
entertainment industry -- would require PC and consumer electronics makers 
to embed copy-protection technology into their products.

Sen. John McCain (R-Ariz.) -- with his own more moderate online privacy and 
broadband deployment legislation -- will become chairman in January, 
however. McCain also has been openly critical of the Hollings anti-piracy bill.

"The election results certainly put a wooden stake through the heart of 
that vampire," the ITI's Dawson said of the Hollings bill.

Hollings also has delayed consideration of a broadband deregulation bill 
passed by the House earlier this year. That measure -- sponsored by Reps. 
W.J. "Billy" Tauzin (R-La.) and John D. Dingell (D-Mich.) -- would make it 
easier for Bell telephone companies to enter the high-speed broadband market.

Observers say that the Tauzin-Dingell bill faces an uphill battle in the 
108th Congress anyway, in part because it would have to be reintroduced and 
passed by both houses. The measure has also lost momentum because many 
lawmakers and the White House expect the Federal Communications Commission 
to vote before the end of the year on a proposal that would accomplish a 
similar result.

In addition, Bush administration support for the Tauzin-Dingell bill has 
been tepid at best.

"My observation of this White House is that they are very wary of food 
fights, and a lot of people view much of what happens in telecom as a food 
fight," said former McCain counsel John Timmons, now principal for the 
Cormac Group, which has lobbied against the Tauzin-Dingell bill.

"It's hard for me to imagine the administration getting behind telecom 
legislation that does not have broad and deep support," Timmons said.
*******************************
Associated Press
Court to Set Rule on Rulings Release
Thu Nov 7, 6:07 PM ET
By TED BRIDIS, Associated Press Writer

WASHINGTON (AP) - The court that approved the Microsoft Corp. antitrust 
settlement last week will set new procedures for publishing sensitive 
rulings on its Internet site, after mistakenly disclosing the Microsoft 
decision nearly 90 minutes before financial markets closed.

An internal investigation this week confirmed that court employees posted 
the Microsoft rulings to a location on the court's Web site they believed 
was inaccessible to the public, said Scheldon Snook, the administrative 
assistant to Thomas F. Hogan, the chief U.S. District Judge for the 
District of Columbia.


But anyone with a Web browser could read the documents without a password. 
Technicians could have made that location effectively invisible to visitors 
with a simple change to their computer software.


"In the future, we're probably going to keep any opinions like this secure 
until the time they're released," Snook said. "We looked into it, and we 
determined that the opinion wasn't leaked by staff. Our secure systems 
weren't compromised by a hacker."


The court's mistake last week coincided with a flurry of late-day trading 
of Microsoft's stock. Its price, which had been falling most of Friday, 
immediately ticked upward within moments after employees placed the 
decision  which handed Microsoft a huge victory  on the court's Web site.


Late-day trading peaked just five minutes before markets closed, when $90 
million worth of Microsoft shares exchanged hands.


Snook said Thursday that the court's technical experts still were reviewing 
electronic logs, which would show details about the Internet users who 
initially found the decisions.


Securities experts said there was no risk that U.S. regulators would 
consider the decisions mistakenly posted by the court to be insider 
information because the documents were available publicly.


"Something taken off the court's Web site would be difficult to 
characterize as nonpublic," said Robert Mintz, a former federal prosecutor. 
"There's no question. They could certainly argue that they believed it was 
available to anyone."


Judges are not obligated to wait until the closing bell before they 
disclose rulings that might affect the price of a publicly traded 
companies, although the previous Microsoft trial judge, Thomas Penfield 
Jackson, favored rulings after 4 p.m. on Fridays.

"They're not guided in any way," said Karen Redmond, a spokeswoman for the 
Administrative Office of the U.S. Courts. "This is all new territory."

U.S. District Judge Colleen Kollar-Kotelly had intended to provide 
individual, printed copies of her decisions to Microsoft and government 
lawyers at 4 p.m., then make her decisions available publicly on the 
court's official Web page a half-hour later.
******************************
CNET News.com
Privacy group fights P2P crackdown
By Lisa M. Bowman
Staff Writer , CNET News.com
November 7, 2002, 9:17 AM PT


The Electronic Privacy Information Center is launching a counterattack 
against Hollywood's efforts to crack down on student file-swapping.
The privacy advocacy group is sending letters to presidents of colleges 
across the country, asking them to think before they install monitoring 
tools on university networks.

"Monitoring the content of communications is fundamentally incompatible 
with the mission of educational institutions to foster critical thinking 
and exploration," EPIC wrote. "Monitoring chills behavior and can squelch 
creativity that must thrive in educational settings."


EPIC's effort comes in response to attempts by the entertainment industry 
to pressure colleges into curtailing file swapping. Last month, the 
Recording Industry Association of America (RIAA) and the Motion Picture 
Association of America (MPAA) sent letters to more than 2,000 colleges, 
warning them that students were using school networks to trade illegal file 
copies. Although the letter did not overtly threaten legal action, it did 
ask the schools to make a "substantial effort" to stop such trading.

The entertainment industry has trained its guns on universities because 
they offer high-speed connections that allow students to quickly obtain and 
offer files of all types. Students were among the major users of the 
now-defunct Napster system, which brought peer-to-peer (P2P) into the 
mainstream, but the company was eventually sued out of business. Several 
colleges were the target of lawsuits brought by Metallica and Dr. Dre, who 
claimed the schools allowed people to trade unauthorized copies of their 
music illegally.

Colleges also are having to deal with the strains that massive file trading 
places on their networks. Many administrators fear that massive trading of 
large files such as movies and games could hobble their networks and leave 
little room for legitimate school-related activity.

In its letter, EPIC acknowledged such concerns, but it also warned that 
stepping up network surveillance could lead to an arms race pitting 
administrators against increasingly sophisticated software designed to get 
around the controls.

EPIC said the entertainment industry proposal would "shift the burden to 
colleges and universities to devote scarce resources to monitoring online 
communications and to identifying and 'prosecuting' individuals suspected 
of using P2P networks to commit copyright violations."
****************************
Los Angeles Times
Joining Forces to Tackle High-Tech Crime
An interagency team has been launched in L.A. to fight electronic offenses 
and cyber terrorism.
By Greg Krikorian
Times Staff Writer

November 8 2002

Inside a "clean room" more sterile than a hospital's surgery center, Jimmy 
Garcia searches day after day for clues to cyber terrorism and other 
electronic crimes.

Operating in the 20-by-20-foot enclosure in downtown Los Angeles, the 
senior investigator for the district attorney's office inspects computers 
and other high-tech equipment.

All the while, air filters purify the environment, keeping it so clean that 
particulates far smaller in diameter than a hair are removed before they 
can damage a hard drive and make data retrieval impossible.

A veteran investigator, Garcia is the first member of the new Los Angeles 
Electronic Crimes Task Force created by the U.S. Secret Service. Charter 
members also include the Sheriff's Department and the LAPD.

Patterned after a successful Secret Service operation in New York City, the 
Los Angeles task force is one of eight across the nation launched in recent 
weeks to help counter the threat of high-tech crimes. The clean room at the 
Secret Service's downtown L.A. office is the only law enforcement facility 
of its kind on the West Coast

The New York office, the largest operation of its kind in the world, opened 
six years ago to investigate high-tech crimes ranging from money laundering 
to stock fraud, computer hacking and child pornography.

The office was in World Trade Center 7 and was destroyed in the Sept. 11, 
2001, attacks. But, in an indication of its importance, the New York task 
force was able to set up shop again in two days, after receiving hundreds 
of thousands of dollars worth of donated equipment and services from 
computer companies, telecommunications firms and financial institutions.

"We were knocked down. But we were not knocked out," said the task force's 
founder, Bob Weaver, deputy special agent in charge of the Secret Service's 
New York office.

"Never before in my experience ... had companies rushed in at a time of 
crisis to help a government agency that had been damaged," said Richard 
Clarke, the White House special advisor for cyberspace security.

Inspired by the success of the New York unit, federal authorities launched 
new task force offices, including the one in Los Angeles, where hundreds of 
security analysts and law enforcement officials gathered in late October to 
herald the opening.

"This," said Brian Nagel, head of the Secret Service's L.A. office, "is all 
about enhancing our current partnerships and building new ones."

The goal of the task force is to guard not only against electronic crimes 
but also against cyber terrorism that could endanger everything from 
banking institutions to military installations.

The Secret Service has assigned half a dozen of its Los Angeles agents to 
work with various Southern California police and prosecutorial agencies. 
With new offices taking up almost an entire floor of a 7th Street 
skyscraper, the task force's ranks are expected to swell with detectives 
from the FBI and other law enforcement agencies, private security experts 
and academics.

"The important thing is everyone working together," said agent J. Keith 
Helton, a special assistant to Nagel, "because no one can do this alone."

To that end, Helton said, the task force has a simple philosophy: "Everyone 
checks their egos at the door." Even the group's logo, of the downtown 
skyline, lacks the emblem of any law enforcement agency.

That is more than mere symbolism, said Agent Don Masters, another special 
assistant to Nagel and supervisor of the task force. Law enforcement's 
ability to prevent cyber terrorism and investigate electronic crimes hinges 
on interagency cooperation, he said. Depending on the crimes uncovered, 
prosecutions will be conducted by county or federal attorneys.

The importance -- and intricacy -- of such work is hard to exaggerate, 
according to law enforcement officials.

Said Sheriff Lee Baca, when the task force was launched: "High-tech 
investigations require an incredible knowledge. None of us 10 years ago 
would have ever imagined we would have to take apart computers ... to 
prosecute some pretty sophisticated criminals."

Ron Iden, who heads the FBI's Los Angeles field office, said that last 
year, 150 million Americans -- and 500 million people worldwide -- used the 
Internet. "As we become increasingly reliant on computers and the 
Internet," he said, "we become increasingly vulnerable to criminals, 
terrorists and foreign enemies who would steal money or proprietary 
information, attack a vital infrastructure or engage in information warfare 
-- and these crimes can be committed without ever setting foot on U.S. soil."

He said a recent survey found that 90% of businesses had reported computer 
intrusions in the preceding year and that 80% of those companies had 
suffered financial losses.

The FBI has also seen a significant emerging problem with electronic 
identity theft followed by fraud and even extortion. In one case, Iden 
said, dozens of "cyber criminals" conspired to steal data from computers in 
American businesses, then defrauded the companies of more than $100 
million. Among their uses of the data was extortion by threatening to 
release the stolen data on the Internet. Several arrests have been made in 
the case.

The U.S. attorney's office has been actively involved in prosecuting cyber 
criminals since "the Internet became a household word," said U.S. Atty. 
Debra W. Yang, chief federal prosecutor in Los Angeles. Hers is one of 13 
U.S. attorney's offices in the nation with a specialized team of 
prosecutors, Yang said. This computer crimes section focuses on Internet 
fraud, computer intrusions and cyber terrorism and such offenses against 
intellectual property as software piracy.

Against that backdrop the Secret Service is launching the new task forces 
in San Francisco; Las Vegas; Chicago; Boston; Miami; Washington, D.C.; and 
Charlotte, N.C.; in addition to Los Angeles.

"Our goal is to keep our community and nation safe," Nagel said. "This task 
force is about sharing information and resources in an effort to enhance 
our strengths and minimize our weaknesses against those who would do us harm."
*******************************
Government Computer News
FBI names new IT executive
By Wilson P. Dizard III

FBI Director Robert S. Mueller III today named Charles S. Prouty to the 
post of executive assistant director of law enforcement services, a post in 
which he will oversee the bureau's Criminal Justice Information Service 
Division as well as training, laboratory, critical response and 
international operations.

Prouty succeeds executive assistant director Kathleen L. McChesney who is 
retiring from the FBI after 24 years as a special agent to work for the 
U.S. Conference of Catholic Bishops.

Prouty most recently was special agent in charge of the bureau's Boston 
office. A former Navy SEAL and Vietnam veteran, Prouty graduated from the 
Naval Academy and holds master's and law degrees.
******************************
USA Today
HDTV leaps 'last hurdle' in transition
By Paul Davidson, USA TODAY

TV makers and cable companies have tentatively reached a landmark agreement 
aimed at kick-starting the tepid rollout of digital high-definition TV 
(HDTV)  and eventually eliminating the need for cable set-top boxes, say 
people close to the matter.

The deal sets national standards that will let TV makers embed cable-box 
technology in new sets. Digital TVs will then be able to receive HDTV 
signals via cable  they generally cannot today  which is how 72 million of 
the 105 million U.S. TV households get programming. And the TVs could 
receive digital-cable service without the now-required digital set-top box.

The overall effect would be to remove most of the hurdles, and extra 
equipment, involved in making full use of an HDTV set and in receiving 
digital-TV programming of all kinds via cable.

"This would address the last hurdle in the digital TV (transition)," says 
Dave Arland of TV maker Thomson.

The deal, five years in the making, is expected to go this month to the 
Federal Communications Commission, which must pass rules to implement it. A 
three-year phase-in starting in 2004 is expected.

Only 4.8 million households have digital TVs, and most of those don't even 
have digital-broadcast tuners to receive HDTV signals over the airwaves. 
Customers use the sets to watch DVDs. Nearly half the USA's 1,300 TV 
stations beam at least some prime-time shows in crystal-clear HDTV.

The FCC in August required TV makers to start putting digital-broadcast 
tuners in all new TVs between 2004 and 2007. TV makers resisted at the 
time, saying it would boost the price of TVs and be of little use because 
most homes get their TV via cable.

This deal addresses that. Today, the few digital-cable systems that 
transmit HDTV use analog links to hook set-top boxes to digital TVs, 
preventing consumers from getting the full benefit of the higher-grade 
pictures. Some cable systems supply special HDTV set-top boxes at about $10 
a month, but few consumers order them.

The pact sets standards ensuring that all cable systems can send HDTV 
signals and all digital TVs can receive them.

"We want a retailer to be able to say, 'Yes, your HDTV set is cable-ready,' 
" Arland says.

Digital-cable systems already have committed to showing at least five 
channels in HDTV next year. And all cable systems are expected to convert 
to digital.

The agreement helps ensure that 85% of consumers will get digital TV by 
2006. An added benefit: The digital pact sets standards to permit TV makers 
to build technology into sets so cable subscribers can get premium 
channels. Customers who move would simply plug their new cable system's 
security card into the TV.

To get the digital deal, cable firms gave up demands that new TVs be 
certified by their researchers, a move that would have slowed product 
delivery, Communications Daily says. They also compromised on proposals to 
limit home recording of digital programs.
********************************
Federal Computer Week
Tech issues get new lease on life
BY Judi Hasson
Nov. 7, 2002

With Republicans in control of Congress, President Bush called on lawmakers 
to pass legislation to create the proposed Homeland Security Department 
before the end of the year.

"The single most important item of unfinished business on Capitol Hill is 
creating a unified body to protect the American people," Bush said at a 
White House news conference Nov. 7.

It is "imperative" that Congress put a bill on his desk by the end of the 
lame-duck session that begins Nov. 12 creating a Cabinet-level department 
bringing together an array of homeland defense functions, the president said.

Senate Democrats had been holding up the legislation in a dispute over 
whether to exempt federal employees working in the proposed department from 
civil service and other labor protections. But now with Republican control, 
the logjam is expected to be broken.

"Moving forward with this bill will definitely impact government IT 
positively, since the House-passed bill recognizes the critical role 
technology must play in protecting our homeland," said David Marin, 
spokesman for Rep. Tom Davis (R-Va.), chairman of the House Government 
Reform Committee's Technology and Procurement subcommittee.

Marin said GOP control over both chambers "offers an opportunity to move 
some bills that have been stalled in the Senate." Among them is Davis's 
Digital Tech Corps legislation that passed the House in April but hasn't 
made it through the Senate. The measure would allow mid-level IT managers 
in federal agencies and private companies to swap jobs for at least six 
months and as long as two years.

In the Senate, Democrats and Republicans say they always have been working 
together on technology issues and expect the partnership to continue, 
according to David Carle, spokesman for Sen. Patrick Leahy (D-Vt.), the 
Democratic chairman of the Senate Judiciary Committee who will lose the job 
to Republican Sen. Orrin Hatch of Utah.

"Sen. Leahy and Sen. Hatch have been known for working especially closely 
together on technology issues and that partnership likely would continue," 
Carle said.

And a spokeswoman for Sen. Conrad Burns (R-Mont.) said, "We are hoping for 
some faster action on some IT issues. Hopefully, things will start to move."

The first order of business when Congress returns Nov. 12 for a lame-duck 
session is continuing funding for government operations. To date, Congress 
has been unable to pass appropriations bills for fiscal 2003 that are chock 
full of money for IT projects. It is likely that lawmakers will pass a 
short-term bill to keep government running at its current levels and deal 
with the problem when the 108th Congress is sworn into office in January.
*******************************
Federal Computer Week
Elections force change in chairs
BY Judi Hasson
Nov. 7, 2002

With Congress turning over to Republican hands, two lawmakers who are big 
supporters of information technology are likely to be named to head 
committees that have a major role in crafting IT-related policies.

Sen. Susan Collins (R-Maine) is expected to become the chairwoman of the 
Senate Governmental Affairs Committee, replacing Sen. Joe Lieberman 
(D-Conn.), whose party lost the Senate majority in congressional elections 
Nov. 5.

Rep. Tom Davis (R-Va.), who is now chairman of the House Government Reform 
Committee's Technology and Procurement Policy Subcommittee, is seeking the 
chairmanship of the full committee and is expected to take technology 
issues with him.

"Rep. Davis will make the case why he's the best choice for the Government 
Reform chair, based on his many accomplishments as chairman of the D.C. and 
Technology and Procurement Policy subcommittees," said David Marin, his 
spokesman.

"His interest and experience in these issues will continue, and he'll want 
to maintain his legislative ownership over them," Marin added.

Collins worked for Sen. William Cohen (R-Maine), the co-author of the 
Clinger-Cohen Act, but she did not work directly on the legislation that 
has become a cornerstone for IT in government.

Nevertheless, she has always had an interest in this area, according to 
Paul Brubaker, who worked on Cohen's staff as well.

"She knew what we were doing, when we were doing that," said Brubaker, 
chief executive officer of Aquilent Inc. and a former deputy chief 
information officer at the Defense Department. "She was really supportive. 
She is well-versed on issues related to Clinger-Cohen and would be 
supportive of its concepts."

The Clinger-Cohen Act instructed agencies to treat technology as an 
investment and said agencies should tie those investments to results. In 
addition to calling for agencies to appoint CIOs, the act requires agencies 
to create capital planning processes and architectures that guide IT buys.

Collins, as chairwoman of the committee, would put implementation of 
Clinger-Cohen "high on the agenda," he said.

Collins would become only the third woman to chair a standing committee in 
the Senate. The others were Sen. Nancy Kassebaum (R-Kan.), who chaired the 
Senate Labor Committee in the 1990s, and Sen. Hattie Carraway (D-Ark.), the 
first woman elected to the Senate, who chaired a legislative committee that 
no longer exists, according to Don Ritchie, the Senate historian.
********************************
Government Computer News
Homeland security bill set for quick action
By Wilson P. Dizard III

The Senate likely will act quickly to pass homeland security legislation 
already cleared by the House and send it to a conference committee for 
speedy consideration, legislative sources said. As Republicans gain control 
of the Senate, prospects for Democrats' objections to management 
flexibility provisions in the bill that have slowed its progress through 
Congress are fading.

"Senator Lott believes homeland security is a top priority," said Ron 
Bonjean, spokesman for likely new Senate majority leader Trent Lott 
(R-Miss.) "Senator Lott has spoken with Transportation Secretary Norman 
Mineta and believes homeland security should be brought up as soon as 
possible."

Senate Republicans will not achieve a majority until incoming Missouri Sen. 
Jim Talent receives certification from election authorities in his state, 
however. Senate aides said they expect that to be completed by next week.

David Marin, spokesman for Rep. Tom Davis (R-Va.), said the congressman 
expects the homeland security bill, HR 5005, to be considered by a 
conference committee next week. "We think the prospects for passing 
homeland security legislation improved markedly on Tuesday," he said, 
referring to the change in parties controlling the Senate.

Senate Democrats have at least one maneuver left to stall the president's 
goal of incorporating management flexibility for Homeland Security 
Department employees: a filibuster. Bonjean said, "We would hope the need 
to protect the security of the American people would preclude a filibuster."

Some of the most ardent opposition to the management flexibility provisions 
in the bill has come from the American Federation of Government Employees. 
AFGE spokeswoman Diane Witiak declined to say whether her union would press 
for a filibuster. "I don't know that we have advocated a filibuster," she 
said. "We are working with all lawmakers." Witiak expressed the hope that 
lawmakers could reach a compromise on the management flexibility issues to 
preserve civil service protections and the collective bargaining rights of 
federal employees.

"You have to remember," Witiak said, "that now with a completely 
Republican-controlled Congress there is nowhere to point a finger. ? I am 
sure the Republicans will be working with [Sen. Joseph I.] Lieberman and 
others on the bill." Connecticut's Lieberman, the Democrats' homeland 
security standard bearer, has opposed the administration's management 
flexibility policies.
****************************
Government Computer News
Chicago housing agency sings password blues
By Trudy Walsh

At the Chicago Housing Authority, there's a mouse in the house.

The nation's third-largest public housing authority is swapping its 
password-based network security for a biometric system that uses a computer 
mouse to scan and submit user fingerprints.

The way the agency's network was set up, users had to type in several user 
IDs and passwords, said Bryan Land, assistant CIO at CHA. "People were 
always calling, saying they forgot their passwords," Land said.

It cost the agency between $300 and $500 per user per year to manage 
passwords, he said.

Worse yet, users would post passwords on their computers on yellow sticky 
notes, he said, potentially compromising network security.

The agency this summer began phasing in the U-Match mouse from BioLink 
Technologies International Inc. of Miramar, Fla.

"You place your thumb on the optical reader, wait a second, and you have 
access to the network," Land said.

The U-Match mouse looks like a standard two-button mouse. The built-in 
scanner extracts what BioLink president and CEO Gene Chayevsky called 
"minutiae," 30 to 50 points on the fingerprint. The mouse does not capture 
and store the whole image, Chayevsky said, just an encrypted mathematical 
model of the fingerprint minutiae.

The agency's network also uses BioLink's Authenteon enterprise server, 
which stores the fingerprint data and performs the actual fingerprint 
matches, Chayevsky said.

CHA provides low-income housing within Chicago, Land said. Most of its 
funding comes from the Housing and Urban Development Department.
******************************
Computerworld
Government-backed software security study takes off
By DAN VERTON
NOVEMBER 07, 2002

The Air Force Research Laboratory this week awarded Santa Clara, 
Calif.-based Network Associates Inc. a $1.8 million contract to support 
research that may have widespread implications for the future of government 
and private-sector cybersecurity.
The contract is part of the Software Protection Initiative (SPI), a 
government program focusing on cutting-edge technologies to protect 
critical software that supports national and defense capabilities. However, 
the research being planned for the program could clearly benefit the 
private sector as well, experts said.

The focus of one research project is to produce a secure development 
repository with the overall goal of developing information assurance 
techniques and malicious-code scanning capabilities for software production 
systems, said Pete Dinsmore, director of research operations at Network 
Associates Laboratories. These techniques and capabilities will enhance 
software development security and cut down on software vulnerabilities, he 
said.

A second project will focus on protecting software from reverse-engineering 
-- which can be a critical part of the malicious hacker's tool box. Using 
reverse-engineering techniques, tools such as disassemblers and decompilers 
can extract and exploit information about the design and operation of 
software. Researchers from the Air Force and Network Associates plan to 
study the feasibility of constructing new defenses against 
reverse-engineering and embedding those defenses in critical software.

"This is cutting-edge," said Dinsmore. "In one case, we're doing research 
to understand software obfuscation and deobfuscation tools to understand 
the state of the art in how well a hacker can take apart the software 
you've created," he said.

"We're also focusing on advancing the state of the art in developing 
software by developing a secure [change management] repository that can 
ensure that the code that comes out of the repository only goes to the 
people it's supposed to go to, and only the code that was supposed to go 
into [the application] was actually integrated."

Alan Paller, director of research at the SANS Institute in Bethesda, Md., 
said government funding of this type of research could have a significant 
spillover effect for the entire software and Internet industry. "Government 
funding of advanced research on code analysis tools could lead to valuable 
resources for everyone," he said.

Paller said many advanced hackers no longer study software code. Rather, 
they rely on automated tools that isolate places in the object code where 
buffer overflows and similar problems are possible. "Developers should use 
those same tools first and have access to the most sophisticated tools 
available to the hackers," said Paller.

Charles Kolodgy, an analyst at IDC in Framingham, Mass., said that while 
the focus on reverse-engineering is unique, it can be a double-edged sword.

"Many vendor vulnerabilities are discovered by people who take the code 
apart to look at it," he said.
********************************
Mercury News
Women launch networking group
VALLEY EXECUTIVES, POLITICIANS MEET TO TALK OF POWER, CHANGE
By Mary Anne Ostrom
Mercury News

Two days after Republicans swept midterm elections, some of California's 
top female politicians and Silicon Valley's best-known female executives 
gathered Thursday night in Atherton to launch a new West Coast high-tech 
networking group.

Democrats Sen. Barbara Boxer and House members Zoe Lofgren and Anna Eshoo 
joined Hewlett-Packard Chief Executive Carly Fiorina, Autodesk CEO Carol 
Bartz and about 150 others at the inaugural event of the West Coast chapter 
of the Women's High-Tech Coalition.

``Today, the name of the game is `working the room' and building a 
network,'' said Bartz, a Republican, who hosted the event at her home. 
``Women develop their own careers by fostering and encouraging other women 
around them,'' she said.

Fiorina got hearty applause when she declared: ``The old boys network has 
some negative and deserved connotations. The old boys network is about 
exclusion. We have to be about inclusion. This is about leveraging power 
and encouraging others.''

The coalition's goal is to give a stronger voice to the technology 
industry's agenda in Washington and a platform for up-and-coming female 
valley executives. The coalition itself does not raise political 
contributions or lobby on specific issues but fosters relationships that 
can benefit both business and political leaders, organizers said.

Founded in Washington, D.C., in February 2001, the coalition includes 
high-profile Washington insiders and politicians. San Jose Rep. Lofgren, a 
national co-chair of the bipartisan group, recently recruited politically 
active local businesswomen to establish a Silicon Valley chapter.

``We've got two women senators, a majority of women in our congressional 
delegation -- it makes sense to have an organization like this,'' Lofgren 
said. ``We aren't always going to agree, but we can be supportive of 
helping women build technology careers.''

The coalition is helping promote Girls for a Change, a non-profit group 
that encourages female business leaders to mentor middle-school and 
high-school girls on community initiatives.

It also seeks to educate female legislators on what Lofgren calls ``geeky 
issues,'' ranging from broadband to digital rights.

While the valley has spawned a number of tech-oriented policy and partisan 
fundraising groups, few specifically promote women.

``That power is dispersed right now,'' said Palo Alto Rep. Eshoo. ``When 
you put it all under one tent you increase the power.''

The promise of access to key legislators is what drew Anu Shukla, CEO of 
San Mateo software start-up RubiconSoft, to join. In the past, she was not 
drawn to public policy, but Shukla said the debate over corporate 
governance reforms has engaged her. The accounting treatment of stock 
options and putting more women on boards of directors are among her top issues.

``Here is a good way to have access and make our voices heard,'' she said.

The women-only focus serves another purpose, say some political activists.

``I think they want to show they can crack `the old boys network' a bit,'' 
said Wade Randlett, a Democratic fundraiser with ties to technology leaders.

The new valley group, he noted, is being formed at a time when the economic 
downturn has made it more difficult for politicians to collect high-tech 
campaign contributions and expanding interest in public policy is key to 
increased fundraising.
*********************************
Wired News
Navy Sites Spring Security Leaks
02:00 AM Nov. 06, 2002 PT

The U.S. Navy took one of its websites offline Tuesday and added new 
security controls to a second site after Internet surfers discovered they 
could access confidential Navy databases.

The exposed Navy files included material designed to support a machine for 
testing the electronics of weapon systems called the Consolidated Automated 
Support System. Web surfers were able to browse through hundreds of trouble 
tickets, dating back to 1989.

Also accessible by Internet users was a site operated by the Naval Supply 
Systems Command that enables Navy personnel to order commercial software or 
internally developed applications. One section of the database, known as 
QUADS, allowed visitors to pull up records on who registered to use the 
system and included their passwords.

A group of French security enthusiasts known as Kitetoa discovered the 
vulnerable sites, which were running IBM's Lotus Domino software. Kitetoa 
has reported similar security problems with Lotus software on other 
government and private websites.

A spokesperson for the Navy's North Island Naval Air Depot said the CASS 
database has been "shut down both internally and externally while we 
investigate possible vulnerabilities."

A NAVSUP representative declined to comment on the QUADS security flaw. 
After the Navy was notified about the problem, the QUADS site began 
requiring users to log in.

Both Navy sites appeared to contain "noncritical support systems" and were 
"not a military concern," said Brad Johnson, a former Navy officer and 
National Security Agency program manager.

"This is not the type of information (to which) the Navy would want to 
grant unrestricted access, but it is not something that threatens our 
security," said Johnson, now a vice president of Vigilinx, a security 
solutions provider in Parsippany, New Jersey.

Among the trouble tickets viewable by Internet users was a report from an 
officer aboard an aircraft carrier who noted unresolved problems with CASS 
systems overheating and malfunctioning "while operating in arduous 
environments such as the Arabian gulf."

William Knowles, operator of C4I.org, a computer security and intelligence 
site, said the Navy would view any intelligence leak as serious.

"Any information not already discussed on either CNN or the Pentagon Daily 
Brief is information that can be used by a motivated attacker-terrorist 
against U.S. interests around the globe," Knowles said.

The current incidents follow news in October that more than 600 Navy 
computers -- including some containing classified information -- were missing.

In an e-mail interview this week, Kitetoa founder Antoine Champagne wrote 
that a French appeals court recently overturned a ruling requiring him to 
pay a fine for publicizing security holes he found at Tati.fr, the homepage 
of a Paris-based clothing retailer.

According to Champagne, who has also identified flaws at sites runs by 
DoubleClick, Bull Groupe, Veridian and ChoicePoint, the ruling is important 
for computer security whistle-blowers.

"You can get to a page that is not supposed to be there for you, but that 
is unprotected, without being called an evil hacker," Champagne wrote.
**********************************
Associated Press
Symantec Anti-Spam Tools Working Too Hard
Fri Nov 8,10:00 AM ET
Joris Evers, IDG News Service

Symantec has fixed a flaw in part of its Norton Internet Security 2003 
security software suite that can cause e-mail to be deleted before it 
reaches a user's inbox, Symantec said Friday.

Users had complained that Norton Internet Security 2003 was deleting 
e-mail. For such e-mail, all that appeared in the inbox was a message with 
"Symantec Email Proxy Deleted Message" in the subject line, said Katherine 
James, a Symantec spokesperson in the U.K.


"We had a small number of users of Norton Internet Security 2003 who 
reported that the product was inadvertently deleting e-mails," said Jones, 
adding that the first report came in on October 14. Symantec issued a 
software patch to fix the flaw earlier this week.

Finding the Flaw

The flaw lies in the antispam part of Norton Internet Security 2003, an 
Internet security suite that includes antivirus, firewall, privacy control, 
spam alert, and parental control software. The antispam feature is meant to 
flag any suspected spam, unwanted commercial e-mail, coming in to an inbox.


"If a user was running the computer continuously and was receiving a large 
volume of e-mail, or they had configured their e-mail client to check the 
mail server frequently, the Norton Spam Alert could cause memory allocation 
errors, which could cause the e-mail deletion," said James.


Symantec believes only a small number of users have actually been affected 
by the flaw because of the small number of complaints. The Cupertino, 
California, company, however, won't say how many customers complained or 
where those customers were located. Norton Internet Security 2003 is sold 
around the world.


Norton Internet Security 2003 users can download a patch that fixes the 
memory allocation error through the application's online update feature, 
James said.

********************
Sydney Morning Herald
Ban on R-rated computer games to stay
By Annabel Crabb
Canberra
November 8 2002

Plans to allow R-rated computer and video games into Australia were 
scuppered yesterday at a meeting of attorneys-general, with opposition led 
by the Federal Government.

Despite having supported the proposal a year ago, Attorney-General Daryl 
Williams yesterday declared himself to be against an expansion of the 
classification range for violent and sexually explicit interactive games.

The amendment would have allowed games with graphic images of realistic 
violence, implied sexual violence and unlimited coarse language to be sold 
in Australia.

At present, these games are banned by the Office of Film and Literature 
Classification (OFLC) because the video-game classification system only 
goes up to MA - available to purchasers over the age of 15.

This classification only allows medium-intensity violence, "crude" language 
and sexual references, and games exceeding these limits are refused 
classification.

The attorneys-general met in Fremantle, Western Australia, until late last 
night, but Mr Williams' spokeswoman said it was his intention to oppose the 
scheme because of concerns that violence in interactive games had a greater 
influence on behaviour than violence in films.

"The Commonwealth position is that it will not support the expansion of the 
R18 classification to computer games, in view of the interactive nature of 
computer games," the spokeswoman said.

"It's appropriate to have a stricter regime in relation to this area ... 
(as) the likelihood of children gaining access to adult computer games 
increases if the material is legally available."

In order to change the regime, all nine attorneys would have to agree 
unanimously, so Mr Williams' opposition, teamed with at least one other 
attorney - from South Australia - will defeat the reforms.

The changes were recommended after a public review conducted by the OFLC 
last year.

Industry submissions to the review had argued that the current 
classification scheme, stricter than that applying to film, was out of date.

"There is a perception that video games are only for children," said 
Beverly Jenkin, chief executive of the Interactive Entertainment 
Association of Australia, yesterday.

"But more than 70 per cent of players in Australia are older than 18, and 
20 per cent are more than 39 years old. That's a natural progression of the 
first generation of computer users."

Last month, the OFLC banned the game BMX XXX on the grounds that it used 
explicit nudity. In one option, the bike-riding game allows players to 
adopt the character of a naked woman.

Opposition to the proposal during the OFLC review came principally from 
church and community groups.

The attorneys' summit, which was not attended yesterday by Victorian 
Attorney-General Rob Hulls because the government is in caretaker mode, is 
also considering changes to the film classification system.

These changes include splitting the G classification into two and creating 
a new G8+ class for films too scary or boring for children younger than eight.

***************************


Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx


From ssaydjari@xxxxxxxxxxxxxxxxxxxxxx Thu Nov  7 13:22:07 2002
Received: from sark.cc.gatech.edu (sark.cc.gatech.edu [130.207.7.23])
	by cleon.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id gA7IIWs14683
	for <goodman@xxxxxxxxxxxxxxxxxxx>; Thu, 7 Nov 2002 13:18:33 -0500 (EST)
Received: from mx05.cluster1.charter.net (dc-mx05.cluster1.charter.net [209.225.8.15])
	by sark.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id gA7IIVa25787
	for <goodman@xxxxxxxxxxxxx>; Thu, 7 Nov 2002 13:18:31 -0500 (EST)
Received: from [24.197.242.198] (HELO CyberDefenseAgency.com)
 by mx05.cluster1.charter.net (CommuniGate Pro SMTP 3.5.9)
 with ESMTP id 23464136; Thu, 07 Nov 2002 13:18:25 -0500
Message-ID: <3DCAAE26.BBB84903@xxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 07 Nov 2002 12:17:10 -0600
From: Sami Saydjari <ssaydjari@xxxxxxxxxxxxxxxxxxxxxx>
Organization: CDA
X-Mailer: Mozilla 4.7 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: "Lowry, John" <jlowry@xxxxxxx>, "Tinnel, Laura" <ltinnel@xxxxxxxxxxxxxxx>,
  "Carlson, Curt" <curt.carlson@xxxxxxx>,
  "LINCOLN, PATRICK D" <LINCOLN@xxxxxxxxxxx>,
  "Neumann, Peter" <neumann@xxxxxxxxxxx>,
  "Luckham, David" <luckham@xxxxxxxxxxxx>, "Maxion, Roy" <maxion@xxxxxxxxxx>,
  "Porras, Phil" <porras@xxxxxxxxxxx>, "Levitt, Karl" <levitt@xxxxxxxxxxxxxx>,
  "Williams, Ken" <kwilliams@xxxxxxxxxxx>,
  "Stolfo, Sal" <sal@xxxxxxxxxxxxxxx>, "Mayfield, Terry" <mayfield@xxxxxxx>,
  "Kent, Steve" <skent@xxxxxxx>, "Ranum, Marcus" <mjr@xxxxxxx>,
  "Benzel, Terry" <Terry_Benzel@xxxxxxx>, "Haigh, Tom" <JTomHaigh@xxxxxxx>,
  "Neuman, Cliff" <bcn@xxxxxxx>, "Schneider, Fred" <fbs@xxxxxxxxxxxxxx>,
  "Heimerdinger, Walt" <walt.heimerdinger@xxxxxxxxxxxxx>,
  "McHugh, John" <jmchugh@xxxxxxxx>, "Davis, John" <john.davis@xxxxxxxxxxxx>,
  "Berson, Tom" <berson@xxxxxxxxxxx>, "Blakley, Bob" <blakley@xxxxxxxxxx>,
  "Ott, Allen" <aott@xxxxxxxxxxx>,
  "Robinson, Arthur S." <art.robinson@xxxxxxxx>,
  "Donlon, Matt" <mdonlon@xxxxxxxxxxxx>,
  "Schudel, Gregg" <gschudel@xxxxxxxxx>, "Moore, Rod" <RMoore@xxxxxxxxxxx>,
  "Rho, Sue" <Sue_Rho@xxxxxxx>,
  "Frazier, Tiffany" <tiffany.frazier@xxxxxxxxxxxxxxxx>,
  "Sastry, Shankar" <eecs-chair@xxxxxxxxxxxxxxxxx>,
  "Feiertag, Richard" <Richard_Feiertag@xxxxxxx>,
  "Langston, Marv" <MARVIN.J.LANGSTON@xxxxxxxx>,
  "Smith, Jonathan M." <jms@xxxxxxxxxxxxxxxxxxxxx>,
  "Balzer, Bob" <bbalzer@xxxxxxxxxxxxxxx>,
  "Cybenko, George" <gvc@xxxxxxxxxxxxx>,
  "Novak, Roger" <roger@xxxxxxxxxxxxxxx>,
  "Feigenbaum, Edward" <feigenbaum@xxxxxxxxxxxxxxx>,
  "Goodman, Seymour E." <goodman@xxxxxxxxxxxxx>,
  "Farber, Dave" <dave@xxxxxxxxxx>, "Lukasik, Steve" <steve@xxxxxxxx>,
  "Schumann, Larry" <ljschumann@xxxxxxxxxxxx>,
  "Paige, Michael" <mpaige@xxxxxxxx>, "Larry, Wright" <wright_larry@xxxxxxx>,
  "Paxson, Vern" <vern@xxxxxxxx>,
  "Keromytis, Angelos" <angelos@xxxxxxxxxxxxxxx>,
  "Hughes, Pat" <pmh116207@xxxxxxx>, "Tygar, Doug" <tygar@xxxxxxxxxxxxxxx>,
  "McConnell, Mike" <McConnell_JM@xxxxxxx>,
  "Woolsey, Jim" <JWoolsey@xxxxxxxxxxxxxxx>,
  "Markowitz, Joe" <markowitz@xxxxxxxxxxx>, "Marsh, Tom" <rtmarsh@xxxxxxx>,
  "Morefield, Charles" <chuck.morefield@xxxxxxxxxxxxx>
Subject: Re: [Fwd: Re: Update on Letter to President (Critical Infrastructure 
Defense)]
References: <3DCA9E32.4E3CC7AB@xxxxxxxxxxxxxxxxxxxxxx>
Content-Type: multipart/mixed;
boundary="------------D3BAFB3E5207D8E83ADE638D"
Content-Length: 18952
Status: RO
X-Status: 
X-Keywords:                 
X-UID: 296

This is a multi-part message in MIME format.
--------------D3BAFB3E5207D8E83ADE638D
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Colleagues,

Much has happended since this last update.  The volunteer panel of 12
folks reviewed the plan and met with Dick Clarke on 18 September.
Our bottom line was that the plan contained useful ideas and was
probably necessary, but definitely insufficient to thwart cyber war.  We
reiterated and elaborated  our recommendation for a vigorous program
to address the problem.  We learned that there is doubt among national
leadership that this is a significant national strategic threat.  So, we
added to our conclusion that it is urgent and critical to scientifically
analyze the national vulnerability in terms of scale, gravity, and validity.
We felt that the plan was not credible without such an analysis.

We sent written comments back to the White House with a summary
of our review.  We are going in on 14 Nov to brief the PCIPB to
try to convince them to quickly engage in the called-for analysis so
that we can get our premises agreed upon.  Once that happens, there
will be little doubt that a Manhattan-style project is called for.

As part of the meeting of the panel, we decided to form a standing
group called the Professionals for Cyber Defense that basically continues
the process that we all started in signing the letter to the President.
In summary, the charter of the group is to help the govt form sound
Cyberspace defense policy.  Membership is currently restricted to
a subset of the signers of the letter, but will be opened up to small
extensions soon.  Members are individually-acting citizens working
in the best interests of national security.  We have some more
detail on a website at www.uspcd.org.

I know I asked in a previous email for a show of e-hands (via email)
of those who want to sign-up to the group.  I appreciate the responses.
I ask, now that the group is
formed and folks have a bit more detail, to say again whether you
sign-up.  Membership duties are not expected to be heavy.  We
expect folks mostly to participate on review panels like the one
described above, from time to time.

The following is a list of folks who said previously that they would
join such a group (starred names are those that were on the
panel that reviewed the strategy and have already actively
affirmed membership).  I will assume folks named below
are in PCD unless you tell me otherwise.  I will assume those
not named below are NOT in the PCD unless you tell me
otherwise.  For those folks who elect not to join, I will cease
further updates in the interest of not unintentionally spamming
anyone's mailbox who is not interested.  If you join and do NOT
want your membership to be made public (posted on our
website), please indicate that in your response.  Thanks.

1 *Balzer Bob
2 Benzel Terry
3 *Berson Tom
5 Carlson Curt
6 Cybenko George
7 Davis John
10 *Feiertag Rich
12 Frazier Tiffany
14 Haigh Tom
17 Kent Steve
18 Keromyitis Angelos
19 Langston Marv
21 *Lincoln Pat
22 Lowry John
23 Lukasik Steve
24 Luckham David
27 Maxion Roy
30 *McHugh John
33 Neumann Peter
35 *Novak Roger
36 *Ott Allen
37 Paige Mike
38 Paxson Vern
39 Porras Phil
41 *Rho Sue
42 *Robinson Art
43 Sastry Shankar
44 *Saydjari Sami
47 Schumann Larry
48 Smith Jonathan
49 Stolfo Sal
50 *Tinnel Laura
51 Tygar Doug
52 *Williams Ken



Sami Saydjari wrote:

> -------- Original Message --------
> Subject: Re: Update on Letter to President (Critical Infrastructure Defense)
> Date: Fri, 23 Aug 2002 16:33:35 -0500
> From: Sami Saydjari <ssaydjari@xxxxxxxxxxx>
> Organization: SRI International
> To: Bob Balzer <bbalzer@xxxxxxxxxxxxxxx>,Terry Benzel <Terry_Benzel@xxxxxxx>,Tom Berson
> <berson@xxxxxxxxxxx>,George Robert Blakley III <blakley@xxxxxxxxxx>,sal@xxxxxxxxxxxxxxx, Curt
> Carlson <curt.carlson@xxxxxxx>,George Cybenko <gvc@xxxxxxxxxxxxx>,John Davis
> <john.davis@xxxxxxxxxxxx>,Matt Donlon <mdonlon@xxxxxxxxxxxx>, Roy Maxion <maxion@xxxxxxxxxx>,Dave
> Farber <dave@xxxxxxxxxx>,Richard Feiertag <Richard_Feiertag@xxxxxxx>,Edward Feigenbaum
> <feigenbaum@xxxxxxxxxxxxxxx>,Tiffany Frazier <tiffany.frazier@xxxxxxxxxxxxxxxx>,"Seymour E. Goodman"
> <goodman@xxxxxxxxxxxxx>,Tom Haigh <haigh@xxxxxxxx>,"Heimerdinger, Walt (MN65)"
> <heimerdinger_walt@xxxxxxxxxxxxxxxxx>,pmh116207@xxxxxxx, Steve Kent
> <STK@xxxxxxx>,angelos@xxxxxxxxxxxxxxx,Marv Langston <MARVIN.J.LANGSTON@xxxxxxxx>,Karl Levitt
> <levitt@xxxxxxxxxxxxxx>,PATRICK D LINCOLN <LINCOLN@xxxxxxxxxxx>,John Lowry <jlowry@xxxxxxx>,
> lukasiks <steve@xxxxxxxx>,David Luckham <luckham@xxxxxxxxxxxx>, rtmarsh@xxxxxxx,"McConnell, Mike"
> <McConnell_JM@xxxxxxx>,John McHugh <jmchugh@xxxxxxxx>, mayfield@xxxxxxx,Rod Moore
> <RMoore@xxxxxxxxxxx>, chuck.morefield@xxxxxxxxxxxxx,Peter Neumann <neumann@xxxxxxxxxxx>, Cliff
> Neuman <bcn@xxxxxxx>,Roger Novak <roger@xxxxxxxxxxxxxxx>, Allen Ott <aott@xxxxxxxxxxx>,Michael Paige
> <mpaige@xxxxxxxx>, "Paxson, Vern" <vern@xxxxxxxx>,porras <porras@xxxxxxxxxxx>, Marcus Ranum
> <mjr@xxxxxxx>,"Rho, Sue" <Sue_Rho@xxxxxxx>,"Arthur S. Robinson" <art.robinson@xxxxxxxx>,Shankar
> Sastry <eecs-chair@xxxxxxxxxxxxxxxxx>,Fred Schneider <fbs@xxxxxxxxxxxxxx>,Gregg Schudel
> <gschudel@xxxxxxxxx>,Larry Schumann <ljschumann@xxxxxxxxxxxx>,"Jonathan M. Smith"
> <jms@xxxxxxxxxxxxxxxxxxxxx>,Laura Tinnel <ltinnel@xxxxxxxxxxxxxxx>,"Tygar, Doug"
> <tygar@xxxxxxxxxxxxxxx>,Ken Williams <kwilliams@xxxxxxxxxxx>,Wright Larry
> <wright_larry@xxxxxxx>,"Woolsey, Jim" <JWoolsey@xxxxxxxxxxxxxxx>,"Markowitz, Joe"
> <markowitz@xxxxxxxxxxx>
> References: <3CCEFAC3.7151314B@xxxxxxxxxxx> <3CEC03C1.F5E6583C@xxxxxxxxxxx>
> <3D53CADF.1568A762@xxxxxxxxxxx>
>
> Folks,
>
> The workshop is on and so is the standing entity,
> "Professionals for Cyber Defense."
>
> The current plan is that those who can attend a
> workshop out at Stanford on the 17th, will get
> a copy of the national plan "n" days in advance
> and we need to actively review it and come to
> the table with a few comments/impressions,
> especially with respect to how it might be
> improved toward a Cyber Manhattan Project
> like activity.  We then share our perspectives.
> then try to consolidate them by the end of the
> 17th.  We then meet with Mr. Clarke on the
> afternoon of the 18th (probably 3-5pm,
> but I am still trying to lock that in).
>
> About 25 of us gave a tentative "yes"
> to the workshop.  I suspect that about
> 5-10 will likely drop out because of
> last-minute conflicts and such, so I expect
> there to be about 15-20 of us there.  I
> was unable to get any funding to support
> this particular trip (time was just too short).
> So, this may cut down the group further.
> Please confirm your plan to attend by
> reply to this email.  This is now solid
> enough to buy tickets.
>
> About 31 of us said "yes" to a standing
> group, depending somewhat on the charter.
> I think that is enough to simply create it
> as of now.  The rough charter is that
> the group is simply a professional
> advocacy group to help guide the govt
> toward sound policy and strategy in
> matters of cyber defense.  There is no
> intention of seeking funding for research
> projects of any kind.  Any funding sought
> (probably from foundations) will be to
> simply defray some of the voluneteers
> costs in contributing to the group.
>
> The default name for the group is
> "Professionals for Cyber Defense" unless
> someone violently objects and comes
> up with a better name.
>
> We still need a volunteer with connections
> to a legal expertise to form the non-profit
> entity, so raise your hand if you are willing.
> We can still form and exist immediately.
> We will form a formal non-profit under
> it as soon as we are able.  That will be
> needed to facilitate funding.
>
> OKay, enough for now.  Thanks for you
> help and quick response.  I am going
> on vacation tomorrow until 2 Sept, but I
> will be reading email if you need to get ahold
> of me.
>
> -Sami
>
> Sami Saydjari wrote:
>
> > Folks,
> >
> > This is a status update.  Two questions are embedded below.
> > Please respond to the questions.
> >
> > The President's initiative to create a Department of Homeland
> > Security (DHS) has fully occupied Washington for the past weeks and
> > has distracted from a fuller and more timely reaction to our urging.
> >
> > My general impression is that there is no immediate intention to
> > move on creating a Cyber Manhattan Project.  At the same time,
> > the  White House seems to be open to the idea as one
> > possibility.  They seem to see the new DHS as a vehicle for
> > executing any such possibility.  They have worked hard to set
> > up a distinct entity within DHS to focus on cyber security and
> > bring together several current organizations that are currently
> > investing in cyber defense research.  That
> > is certainly an important step.
> >
> > The White House, Dick Clarke's Office in particular, is interested
> > in co-sponsoring a workshop with a subset of the signers of the
> > letter to review the national cyber defense plan and discuss ways
> > in which the plan moves us closer to a Cyber Manhattan Project
> > and ways that it falls short.  The idea would be to hold such a
> > workshop coincident with the release of the national plan which
> > is currently schedule for 18 Sept at Stanford University.  Please
> > let me know if you are potentially interested in participating.
> > At the moment, it appears it would be pro bono, but I am
> > working on potential funding sources.  So, let me know whether
> > your interest depends on being funded to come.  Dick Clarke's
> > office sees this as the follow-up suggested in their response to
> > our letter.
> >
> > Also, I would to have a show of hands as to who would be
> > interested in forming a non-profit (5013C) organization to create
> > a standing body of folks to provide continuing independent
> > advice and counsel to the goverment on cyber defense issues.
> > This would be a unique entity in that it would be an independent
> > professional group with no direct commercial interests and thus
> > would have quite a bit of credibility with Congressional folks
> > and the executive agencies.  I am thinking of a fairly low-intensity
> > activity level where a subset of us would meet once a quarter
> > or perhaps twice a year to review government progress and
> > offer advice on course adjustments.  Again,  it is not clear how
> > we would fund this beyond volunteerism.  There is some small
> > possibility for nominal funding, but we can not count on it.  So,
> > when you raise your hand, please let me know if your interest
> > depends on funding.  The benefit to us would be that we would
> > have a standing voice, and perhaps a stronger voice as a block
> > than we each would have individually.
> >
> > -Sami
> >
> > Sami Saydjari wrote:
> >
> > > Folks,
> > >
> > > (1) In support of pending bills up for authorization which might
> > > be supportive of jump-starting a Cyber Manhattan style
> > > project, I released the letter to key congressional
> > > leaderhship and a few agency agency heads who would
> > > likely be stake-holders in any such large-scale effort.
> > > This is all part of the process that is  necessary to initiate the
> > > types of actions we urge. The full distribution list is included below.
> > >
> > > (2) The White House has formally replied to our letter.  The
> > > letter acknowledges receipt and encourages us to engage in
> > > a continuing dialog to define a plan.  The exact way that will
> > > happen is yet to be determined, so I will keep you posted.
> > >
> > > (3) There are some errata I have from the first update note.
> > > (a) In general, I wanted to assure folks that I used the signature
> > > blocks they originally provided, not the associations that
> > > I put down in the list I sent in the last email update to y'all.
> > > I included those associations only as a means of more
> > > clearly identifying the signers to one another.  Sorry for the
> > > confusion.  (b) In the original list, I also made a couple
> > > of errors, so I fixed them at the bottom of this note.
> > > (c) I neglected to mention that David Luckham was the
> > > other key member of the study group I credited last time
> > > with the recommendation for a Manhattan-style project.
> > >
> > > (4) If anyone wants to have a copy of the letter FAXed
> > > to them, so they can see what it looks like....I would be
> > > glad to do so, just send me your FAX number.
> > >
> > > Distribution:
> > > Sen. Thomas Daschle
> > > Sen. Trent Lott
> > > Sen. Carl Levin
> > > Sen. John W. Warner
> > > Sen. Bob Graham
> > > Sen. Richard C. Shelby
> > > Sen. Ernest F. Hollings
> > > Sen. John McCain
> > > Sen. Joseph I. Lieberman
> > > Sen. Fred Thompson
> > > Sen. Patrick Leahy
> > > Sen. Orrin G. Hatch
> > > Sen. Robert C. Byrd
> > > Sen. Ted Stevens
> > > Sen. Robert F. Bennett
> > > Sen. Dianne Feinstein
> > > Sen. Charles E. Schumer
> > > Sen. John Edwards
> > > Sen. Jon Kyl
> > >
> > > Rep. J. Dennis Hastert
> > > Rep. Richard A. Gephardt
> > > Rep. Bob Stump
> > > Rep. Ike Skelton
> > > Rep. Porter J. Goss
> > > Rep. Doug Bereuter
> > > Rep. C.W. (Bill) Young
> > > Rep. David R. Obey
> > > Rep. Dan Burton
> > > Rep. Henry A. Waxman
> > > Rep. Sherwood L. Boehlert
> > > Rep. Gil Gutknecht
> > > Rep. F. James Sensenbrenner Jr.
> > > Rep. John Conyers Jr.
> > > Rep. Christopher Shays
> > > Rep. Tom Davis
> > > Rep. Stephen Horn
> > > Rep. Constance A. Morella
> > > Rep. J.C. Watts
> > > Rep. Christopher Cox
> > >
> > > Director, National Security Agency
> > > Director, Defense Advanced Research Projects Agency
> > > Director, National Science Foundation
> > > Secretary of Commerce
> > > Director, National Institute of Standards and Technology
> > > Secretary of Energy
> > > National Nuclear Security Administration, Under Secretary and Administrator
> > > Secretary of Defense
> > > Under Secretary of Defense for Acquisition, Technology and Logistics
> > > Under Secretary of Defense for Command, Control, Communications, and
> > > Intelligence
> > >
> > > >
> > > >
> > > > -------------------------------------------------------------------
> > > > List of Signers:
> > > > 1 Balzer, Bob,  Teknowledge
> > > > 2 Benzel ,Terry,  NAI
> > > > 3 Berson, Tom,  Anagram, Xerox Parc
> > > > 4 Blakely, Bob, IBM
> > > > 5 Carlson, Curt, SRI
> > > > 6 Cybenko, George, Dartmouth
> > > > 7 Davis, John, Mitre-Tek
> > > > 8 Donolon, Matt, ESP Group
> > >
> > > Should read: 8 Donlon, Matt, ESP Group
> > >
> > > >
> > > > 9 Farber, Dave, UPenn
> > > > 10 Feiertag, Rich, NAI
> > > > 11 Fiegenbaum, Ed, Stanford
> > > > 12 Frazier, Tiffany, Alphatek
> > > > 13 Goodman, Seymour ,Georgia Tech Info Sec Ctr
> > > > 14 Haigh, Tom, SCC
> > > > 15 Heimerdinger, Walt, Honeywell
> > > > 16 Hughes, Pat, PMH Enterprises
> > > > 17 Kent, Steve, BBN
> > > > 18 Keroymitis, Angelos, Columbia
> > > > 19 Langston, Marv, SAIC
> > > > 20 Levitt, Karl, UC Davis
> > > > 21 Lincoln, Pat, SRI
> > > > 22 Lowry, John, BBN
> > > > 23 Lukasik, Steve, SAIC
> > >
> > > Should read: 23 Lukasik, Steve, Consultant to SAIC
> > >
> > > >
> > > > 24 Luckham, David, Stanford
> > > > 25 Markowitz, Joe, Consultant
> > > > 26 Marsh,  Tom, General (Ret)
> > > > 27 Maxion, Roy, CMU
> > > > 28 Mayfield, Terry, IDA
> > > > 29 McConnell, Mike, BAH
> > > > 30 McHugh, John, SEI-CERT
> > > > 31 Moore, Rod, ZelTech
> > > > 32 Morefield, Charles, Alphatech
> > > > 33 Neumann, Peter, SRI
> > > > 34 Neuman, Cliff, USC-ISI
> > > > 35 Novak, Roger, Novak-Biddle
> > > > 36 Ott, Allen, Orincon Info Assurance
> > > > 37 Paige, Mike, Xerox Parc
> > > > 38 Paxson, Vern, Lawrence Livermore
> > >
> > > Should read: 38 Paxson, Vern, ICSI / LBNL
> > >
> > > >
> > > > 39 Porras, Phil, SRI
> > > > 40 Ranum, Marcus, NFR
> > > > 41 Rho, Sue, NAI
> > > > 42 Robinson, Art, STDC
> > > > 43 Sastry, Shankar, UC Berkely
> > > > 44 Saydjari, Sami, SRI
> > > > 45 Schneider, Fred, Cornell
> > > > 46 Schudel, Greg, Cisco
> > > > 47 Schumann, Larry, EnterpriseTec
> > > > 48 Smith, Jonathan, Upenn
> > > > 49 Stolfo, Sal, Columbia
> > > > 50 Tinnel, Laura, Teknowledge
> > > > 51 Tygar, Doug, UC Berkely
> > > > 52 Williams, Ken, ZelTech
> > > > 53 Woolsey, R. James, Shea and Gardner
> > > > 54 Wright, Larry, BAH
> > > >
> > > >   ------------------------------------------------------------------------
> > > >                        Name: ssaydjari.vcf
> > > >    ssaydjari.vcf       Type: VCard (text/x-vcard)
> > > >                    Encoding: 7bit
> > > >                 Description: Card for Sami Saydjari
> > >
> > > --
> > > ---
> > > SRI Cyber Defense Research Center - "Creating effective
> > > cyber defenses for high-value systems"
> > >
> > > O. Sami Saydjari
> > > SRI Computer Science Laboratory
> > > 3601 43rd Street South
> > > Wisconsin Rapids, WI 54494
> > > ssaydjari@xxxxxxxxxxx
> > > Phone: 715-424-2642
> > > Fax:   715-424-2638
> > >
> > >   ------------------------------------------------------------------------
> > >                        Name: ssaydjari.vcf
> > >    ssaydjari.vcf       Type: VCard (text/x-vcard)
> > >                    Encoding: 7bit
> > >                 Description: Card for Sami Saydjari
> >
> > --
> > ---
> > SRI Cyber Defense Research Center - "Creating effective
> > cyber defenses for high-value systems"
> >
> > O. Sami Saydjari
> > SRI Computer Science Laboratory
> > 3601 43rd Street South
> > Wisconsin Rapids, WI 54494
> > ssaydjari@xxxxxxxxxxx
> > Phone: 715-424-2642
> > Fax:   715-424-2638
> >
> >   ------------------------------------------------------------------------
> >                        Name: ssaydjari.vcf
> >    ssaydjari.vcf       Type: VCard (text/x-vcard)
> >                    Encoding: 7bit
> >                 Description: Card for Sami Saydjari
>
> --
> ---
> SRI Cyber Defense Research Center - "Creating effective
> cyber defenses for high-value systems"
>
> O. Sami Saydjari
> SRI Computer Science Laboratory
> 3601 43rd Street South
> Wisconsin Rapids, WI 54494
> ssaydjari@xxxxxxxxxxx
> Phone: 715-424-2642
> Fax:   715-424-2638

--

Cyber Defense Agency, LLC - Defending Critical Cyberspace

O. Sami Saydjari
Cyber Defense Agency
3601 43rd Street South
Wisconsin Rapids, WI 54494
ssaydjari@xxxxxxxxxxxxxxxxxxxxxx
Phone: 715-424-2642
Fax:   715-424-2638


--------------D3BAFB3E5207D8E83ADE638D
Content-Type: text/x-vcard; charset=us-ascii;
name="ssaydjari.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Sami Saydjari
Content-Disposition: attachment;
filename="ssaydjari.vcf"

begin:vcard 
n:Saydjari;O. Sami
tel;fax:715-424-2638
tel;work:715-424-2642
x-mozilla-html:FALSE
org:Cyber Defense Agency, LLC
adr:;;3601 43rd Street South;Wisconsin Rapids;WI;54494;
version:2.1
email;internet:ssaydjari@xxxxxxxxxxxxxxxxxxxxxx
title:President
fn:O. Sami Saydjari
end:vcard

--------------D3BAFB3E5207D8E83ADE638D--