[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips November 7, 2002

Clips November 7, 2002

ARTICLES

Police to videotape protesters
Broward vote total short by 104,000 in reporting glitch
In Search of Broad Technological Compatibility
DOD approves medical system
Scholarly Publishers Aim to Woo Librarians Away From Self-Published Research
OMB seeks security at the start
Tool sought to ID data links [data mining]
Biometrics awareness still low
Career Channels Federal Computer Week
How to Keep The Wireless Snoops Away
Michigan man pleads guilty to computer intrusion
In Search of Broad Technological Compatibility [Spectrum]
Firm to Assess Computer Betting
When Everything Was Spam to ISP
Fake INS Web sites trick immigrants
Math whiz cracks encryption code
Irises, voices give away terrorists

****************************
Chicago Sun-Times
Police to videotape protesters
November 7, 2002
BY FRANK MAIN CRIME REPORTER

Chicago police are expected to videotape anti-globalization demonstrators today under intelligence-gathering powers they have regained from the courts after a two-decade ban.

Department rules that took effect Oct. 25 also permit officers to pose as members of groups as long as the intelligence-gathering has a legitimate law-enforcement purpose. And the rules let officers surf the Internet to scan groups' Web sites for information about them.

"In the past, you could only turn on the camera after a crime was committed, and you could only film the commission of a crime," said Larry Rosenthal, a deputy corporation counsel for the city. "Now, we will have cameras out there to document demonstrators' misconduct, as well as police misconduct if it occurs."

Harvey Grossman, legal director for the American Civil Liberties Union of Illinois, said he fears camera-wielding police would scare people from exercising their constitutional right to protest.

"Is the cost worth the benefit?" he said. "What about city employees who want to protest corporate policies? Do you think they want their photo in a police dossier?"

The expanded police powers stem from the easing of the so-called Red Squad consent decree in January 2001. The federal decree, which dates to 1982, had barred the city from gathering information on suspected terrorist and hate groups.

The 7th Circuit U.S. Court of Appeals modified the decree in January 2001, giving the city more freedom to collect intelligence. Chief Judge Richard A. Posner wrote that the decree "rendered the police helpless to do anything to protect the public."

The Red Squad was a secret police unit notorious for spying on anti-Vietnam activists in the 1960s, when police and demonstrators snapped photos of each other. The unit, which had gathered intelligence on groups since the 1920s, even had infiltrated church groups.

"Somebody in the Police Department can't remember 1968," said Grossman, referring to the violent clashes between officers and protesters outside the Democratic National Convention here.

Mayor Daley--whose father was mayor in 1968--has argued for years that the decree needed to be lifted, saying the department has become more sensitive to free-speech issues over the years.

Rosenthal said he expected some officers to have cameras with them during the protests of the TransAtlantic Business Dialogue meeting planned for today and Friday. The event--which will draw CEOs and Cabinet-level officials from the United States and Europe to discuss trade--is hosted by Boeing Co.

The protesters have accused the participants of engaging in corporate practices that damage the environment and harm wages.

The department can save photos of demonstrators to prepare for future protests, which was not previously allowed, Rosenthal said. Videotapes could help prosecutors in criminal cases stemming from the expected protests, he said.

Rosenthal said officers are allowed to sit in on demonstrators' meetings with the approval of a commander and the department's general counsel, Karen Rowan--as long as they don't actively pretend to be members of the group.

If officers pretend to be demonstrators to infiltrate the group, they must obtain permission from police Supt. Terry Hillard, as well as Rowan. Hillard also must approve any electronic surveillance, Rosenthal said.

Police spokesman David Bayless said the modified consent decree allows the department to share intelligence with other agencies for the first time.

All intelligence gathering must be documented, and the Police Board is required to conduct an audit of whether the department is complying with the modified decree.

"We will not use this irresponsibly," Bayless said, noting that Washington police videotaped protesters and vice versa during International Monetary Fund protests in September.
***********************************
Miami Herald
Posted on Thu, Nov. 07, 2002
Broward vote total short by 104,000 in reporting glitch
BY EVAN S. BENN AND ELENA CABRAL
ebenn@xxxxxxxxxx

Broward County's election didn't end as smoothly as it began: A programming error sliced 34,000 votes from reported races on Tuesday, and 70,000 more were deducted from total turnout.

By late Wednesday, election officials insisted that all the votes were accounted for.

They said that the errors had no effect on the outcome of any races, though voter turnout jumped from 35 percent to 45 percent after it was corrected.

And it raised questions about the vote-counting and reporting process for the county's $17.2 million electronic voting system that could not be explained to the satisfaction of the three-member canvassing board until late Wednesday.

Two things went wrong:

? The English-language results of early voting were tabulated as if they come from one precinct. The total exceeded a preset maximum for a single precinct. Thus the 34,000 early votes were not included in the published totals for each race or in the overall turnout number.

? The absentee ballots and Spanish-language early voting results were recorded in each individual race, but because of an operator error in preparing a report those 70,000 were left out of the overall turnout number.

The missing 104,000 led officials to initially report total turnout of only 34 percent. The official corrected number of votes cast was 443,912, the canvassing board announced late Wednesday. A few provisional ballots will be added to that total by 2 p.m. today, when all votes must be sent to the state.

''The initial reports didn't include everything we tabulated,'' Deputy Supervisor Joe Cotter said.

''It was a minor software thing. Once we realized it, we took the proper steps to fix it,'' he said.

Hours after the close of voting on Tuesday, members of the canvassing board took notice of a discrepancy on printed summaries of the vote totals from each race.

The reports showed more votes in the governor's race than the reported total number of ballots cast.

''That was the red flag,'' said Charles Lindsey, an election monitor from the state Division of Elections.

On Wednesday afternoon, the unreported votes came to light publicly, sparking a barrage of questions. The canvassing board was meeting to review absentee and provisional ballots, when its chairman, Administrative Judge Jay Spechler, asked technicians to explain the missing votes.

A minor uproar ensued.

Ed Pozzuoli, a lawyer representing the state Republican Party, complained that the timing of Wednesday's revelation was curious, given that several observers were there to monitor returns in the tight District 97 race between Sandy Halperin and Nan Rich.

''This causes great suspicion, Judge,'' Pozzuoli told Spechler.

Spechler responded that the discrepancy was caught late Tuesday, and was unrelated to any examination of the District 97 race, in which Rich was reported to be leading by fewer than 100 votes at the close of tallying Tuesday. The final report put her ahead by 542 votes.

''We knew there was a mistake, we just didn't know where it was,'' said Norman Ostrau, a deputy county attorney.
**************************
Los Angeles Times
In Search of Broad Technological Compatibility
Regulators will look into ways of sharing airwaves to be used in many wireless devices.
By Jube Shiver Jr.
November 7 2002

WASHINGTON -- Cell phones, remote controls, wireless radios -- can't they all just get along?

Federal regulators believe so, and they are expected today to launch a sweeping examination of the government's management of the nation's valuable airwaves, a move that could pave the way for cheaper and more innovative wireless devices.

At their monthly meeting, members of the Federal Communications Commission are scheduled to consider a highly anticipated report on spectrum management that recommends a more flexible approach to sharing the airwaves, including an overhaul of the standards for governing airwave interference and provisions to allow owners of airwave licenses to resell them under certain circumstances.

Separately, the agency also is expected to authorize the opening up of more airwaves for advanced wireless services.

Although the report is still being fine-tuned and may not be released until later this month, its emergence represents the first significant response to a nearly decade-long push for more flexible use of the airwaves by companies such as Intel Corp. and Microsoft Corp., free-speech advocates and influential thinkers such as Stanford University law professor Lawrence Lessig.

They say the airwaves should be treated like the Internet, an open communications system that nobody owns. They want the nearly 70-year-old system of government regulation of the airwaves modified so that individuals and entrepreneurs would be free to use and trade any spectrum, so long as they did not interfere with other users.

But some powerful wireless industry lobbying groups -- which also are longtime supporters of spectrum reform -- are concerned that the FCC may not pay enough attention to potential interference problems.

"We need to see the specifics," said Thomas Wheeler, president of the Cellular Telecommunications & Internet Assn. in Washington.

Among other details, Wheeler said the FCC would have to wrestle with how to police interference among rivals trying to gain a competitive advantage. "There needs to be some kind of strong sanction, not just a fine" against users that cause airwave interference, he said.

Proponents of a more flexible approach say deregulation will enable more innovative wireless devices and boost wireless networking technologies such as WiFi and ultra-wide-band, which have helped spur demand for wireless networks for PCs and other machines. Shipments of equipment for wireless networking are expected to balloon from 9 million units in 2001 to about 56 million by 2006, according to the research group Allied Business Intelligence Inc.

Experts believe that with deregulation, WiFi and ultra-wideband could leapfrog the deployment of high-speed Internet access through phone and cable-TV lines, making cheap and ubiquitous broadband access available nationwide by 2006.

University of Pennsylvania professors Gerald R. Faulhaber and David J. Farber say a good way to kick off this new wireless era would be to conduct a one-time "big bang auction" for all the nation's airwaves and then allow secondary trading of the spectrum.

"Individuals and corporations would be able to buy, sell and lease specific frequencies in specific locations subject to power [and other technical] limitations, and would possess the right to ... [transmit] at anytime without interference," they wrote in a July filing to the FCC.

FCC Chairman Michael K. Powell didn't return a call seeking comment. But he signaled last week that spectrum reform will be a cornerstone of his effort to revive the beleaguered telecom industry.

"We should develop policies that avoid interference rules that are barriers to entry," he said during an address at the University of Colorado in Boulder. "While the proliferation of technology strains the old paradigm, it is also technology that will ultimately free spectrum from its former shackles."

The campaign has gathered steam in recent months, spurred by industry advances.

A technology called software defined radio, or SDR, was authorized by the FCC last year and is being used to develop intelligent transceivers that can navigate through the congested airwaves without causing electro-magnetic interference.

SDR allows telecom service providers to offer devices that can jump from one communications channel to another as transmission standards change and as unused airwaves become available.

Such flexibility would be especially valuable in the United States, which -- unlike Europe and Asia -- has more than four competing cellular phone standards as well as a host of wireless computer network standards. Engineers envision a day when a cell phone or hand-held computer will automatically reprogram itself to access all of these networks and even act as a TV remote or pager.

"SDR can mitigate the downsides of having multiple wireless transmission standards by making more efficient use of spectrum," said Vanu Bose, chief executive of Vanu Inc., a Cambridge, Mass., start-up that will demonstrate a software defined radio device later this month in San Diego.

On Capitol Hill, several bills have been introduced to promote airwave reform, including a measure by Rep. Edward J. Markey (D-Mass.) that would more than double the amount of spectrum available for unregulated wireless services such as WiFi.

"Spectrum reform is coming this year one way or another -- whether through legislation or through the FCC," said Ellen Goodman, an associate professor of law at Rutgers University who has followed the issue.
*****************************
Federal Computer Week
DOD approves medical system
BY Dan Caterinicchia
Nov. 7, 2002

After a successful pilot project in four Defense Department hospitals, the Pentagon this week approved the rollout of a system that enables physicians to obtain and update a patient's complete medical record at any military health care facility worldwide.

Navy Cmdr. Robert Wah, deputy director of the information management directorate at the Tricare management activity, said the Composite Health Care System (CHCS) II merges at least three processes that physicians have used when treating patients:

* Viewing and updating a patient history, done on a paper chart.

* Ordering such things as drug prescriptions or X-rays, performed via a computer system.

* Making a diagnosis, or "coding the visit," which can be done on paper or on another automated system.

"CHCS II integrates all of these tasks on a single system," said Wah, who is board certified in obstetrics/gynecology and reproductive endocrinology and has used CHCS II in that capacity. "It's planning at a level we were never [before] able to do."

Because patients in the DOD health care system are so mobile, paper charts can get lost or be inaccessible to the doctor treating someone far away from home.

"For patients, there's no such thing as a lost chart anymore," Wah said. "They are available 24/7."

Physicians also can program "wellness reminder" alerts into the system that will notify the doctor if a patient is due for a mammogram, diabetes test or any other health test, he said.

"If a doctor has 1,500 patients they are responsible for, they can find out how many of those are overdue for mammograms and get their contact information," Wah said. "That's not available in a room full of paper charts."

CHCS II was tested at four hospitals: the Naval Medical Center, Portsmouth, Va.; the Langley Air Force Base, Va.; Fort Eustis, Va.; and Seymour Johnson Air Force Base, N.C. It was tested by about 100 users per week who were responsible for about 400 patient visits per day, Wah said.

DOD's Acquisition Board granted CHCS II a limited deployment Nov. 4. The board is chaired by John Stenbit, assistant secretary of Defense for command, control, communications and intelligence. At that meeting, Stenbit agreed to the limited deployment request, and that decision is expected to become official in about two weeks when an Acquisition Decision Memorandum is signed.

"I'm greatly enthusiastic about this," Stenbit told Federal Computer Week in an e-mail. "It's the right kind of business approach."

Integic Corp. is the prime CHCS II integrator, and the company's main mission has been making the system more user-friendly while integrating existing legacy systems with numerous commercial off-the-shelf offerings, said Ron Pace, CHCS II program manager in DOD's Clinical Information Technology Program Office.

Larry Albert, health care practice leader and senior vice president at Integic, said CHCS I was a "hospital-centric" system that did not enable physicians to share information, whereas CHCS II is "patient-centric."

Albert said the plan is to roll out the system at four more hospitals in the coming year, before launching a "more aggressive worldwide rollout" in late 2003.

Pace said CHCS II has cost $275 million so far, and the 18-year life cycle funding for the system is estimated to be just less than $4 billion.
*******************************
Associated Press
Changes to Prevent Internet Attacks
Wed Nov 6,11:34 PM ET
By TED BRIDIS, Associated Press Writer

WASHINGTON (AP) - Experts have made an important change to the 13 computer servers that manage global Internet traffic, separating two of them to help better defend against the type of attack that occurred last month.

Verisign Inc., which operates two of the root servers, moved one computer overnight Tuesday to a different building in an unspecified location in northern Virginia and onto a different part of its network, company spokeswoman Cheryl Regan said Wednesday.

Verisign said the change was designed to ensure that a hardware outage or focused attack targeting part of its network could not disrupt both servers.
The last such move to any of the 13 servers occurred in 1997.

The FBI (news - web sites) is investigating an unusual electronic attack Oct. 21 that briefly crippled nine of the 13 servers, located throughout the United States and in three other countries. Seven failed to respond to legitimate network traffic and two others failed intermittently during the attack, which lasted about one hour.

Service was restored after experts enacted defensive measures and the attack suddenly stopped. Verisign maintains that both root servers it operates were not among those overwhelmed during the attack, even though they were on the same part of its network.

Most Internet users did not notice the attacks because the Internet's architecture was designed to tolerate such short-term disruptions, but many experts were surprised at the coordination and brief success of the attackers.

In "denial of service" attacks, hackers traditionally seize control of third-party computers owned by universities, corporations and even home users and direct them to send floods of data at predetermined targets.

FBI Director Robert Mueller said last week that investigators traced most of the attack traffic back to hacked computers in South Korea (news - web sites) and the United States.

This week's change was approved by the Commerce Department (news - web sites), said Louis Touton, an official with the Internet Corporation for Assigned Names and Numbers, the nonprofit organization that manages technical changes for the Internet under authority from the U.S. government.

Verisign moved the server after it received approval for the change Monday, Regan said. The company first sought permission this summer.

Microsoft Corp. discovered and fixed a similar architectural flaw on its own corporate network after attacks in January 2001 prevented millions of customers over two days from visiting the company's main Web sites.

In that case, Microsoft discovered that all four of its key traffic-directing computers were on the same section of its network, allowing hackers to overwhelm them easily by sending floods of spurious data to that part of the network.
****************************
Chronicle of Higher Education
Scholarly Publishers Aim to Woo Librarians Away From Self-Published Research
By SCOTT CARLSON

A group of scholarly publishers will begin a public-relations campaign this month that is intended to improve publishers' image among librarians and academics. The campaign aims, in part, to quash a newfound enthusiasm among some librarians for self-publishing research results online, a practice that lets scholars bypass academic journals that many researchers say are too slow and too costly.

Supporters of the campaign also say that it will be an attempt to mend relations with librarians and academics. "The long-term goal is to re-establish that we are allies with the academic world," says Lynn Rienner, the founder of the social-sciences publishing company Lynn Rienner Publishers, who has helped shape the campaign.

She says relations between librarians and publishers have been portrayed as "adversarial" and as "warring camps" in the press, a characterization that hurts her. "It was because of librarians that I got into publishing," she says.

The campaign is sponsored by the scholarly-publishing division of the Association of American Publishers and will be run by Edelman, a giant public-relations firm based in Chicago and New York. The publishers and the firm are still working out details of the campaign, but mailings, advertisements, summits between librarians and publishers, and speakers at conferences have all been proposed.

"It's something that we'll have to keep at for years," says Ted Nardin, vice president of the scientific and technical division of McGraw-Hill, a leading publisher. "It's not just a six-month program."

Beyond smoothing ruffled feathers, the publishers seek to reach academics and librarians who advocate distributing research results on the Internet. Marc H. Brodsky, the executive director and chief executive officer of the American Institute of Physics, which publishes several prominent journals, says the campaign will emphasize the perks that working with traditional publishers brings: money for marketing, the prestige of a well-known journal, the expertise and mediation of an editor, and the management of peer review.

"There is an illusion that electronic publishing is cheap," Mr. Brodsky says. "There are ways of putting things on the Web that are cheap, but not ways that give the value that publishers provide."

However, the campaign will not focus on the sharply rising cost of journal subscriptions -- one of the main rubs between publishers, on the one hand, and academics and librarians, on the other. "I really don't see it as the key issue," says Mr. Nardin, of McGraw-Hill. "My view of this program is that our objective is not to convey pricing but to convey what publishers are doing."

But Kenneth Frazier, director of libraries at the University of Wisconsin at Madison, says that rising journal costs have been the driving force behind Internet-based alternative-publishing efforts. "The problem is that a lot of commercial publishers are not only addicted to profits -- they are addicted to high revenue growth, too," he says. "That creates a situation that is sure to motivate alternative systems for disseminating knowledge."

Journal-subscription rates have gone up an average of 8.5 percent per year since 1986, while library budgets have risen 5.6 percent per year, according to ARL Statistics, a publication of the Association of Research Libraries.

"The notion of doing some work of repairing the relationship between publishers and librarians is not a bad idea," adds Mr. Frazier, who founded the Scholarly Publishing and Academic Resources Coalition, or SPARC, which supports alternative-publishing strategies. But "if we're going to disseminate knowledge, we're going to have to have a more affordable model of scholarly communication. That is the big question that I would want to raise."
*****************************
Federal Computer Week
OMB seeks security at the start
BY Diane Frank
Nov. 6, 2002

Despite improvements in information security management, enough gaps remain for the Office of Management and Budget to ask industry to help federal agencies shore up budget requests that are likely to be turned back because of inadequate security provisions.

Speaking Nov. 5 at the Industry Advisory Council's Executive Leadership Conference in Hershey, Pa., Mark Forman, the nation's e-government chief, called on vendors to help agencies plan and design IT projects that include security from the start.

Starting in the Clinton administration with a February 2000 memorandum, OMB told agencies that the White House will not fund IT projects without "adequate" security measures, and the Bush administration has continued that commitment. Last year agencies identified the most fundamental problems from fiscal 2001 and detailed plans for how to fix them, but "there continue to be some lagging organizations," said Forman, associate director for information technology and e-government at OMB.

In September, agencies turned in their fiscal 2004 budget requests along with their second reports to OMB under the Government Information Security Reform Act of 2000. If the initial evaluation of the GISRA reports and agencies' budget requests are any indication, Forman said, OMB may have to again "force" agencies to include security by refusing some fiscal 2004 budget requests.

Forman told industry leaders at the conference not to be surprised if there is a large increase in the number of agencies looking for security certification and accreditation of their IT systems.
*****************************
Federal Computer Week
Tool sought to ID data links
BY Diane Frank
Nov. 6, 2002

The Office of Homeland Security is evaluating technologies that could help tie together information held by different agencies, and eventually other levels of government and the private sector, without violating legal or privacy barriers.

The office is working with research and development groups within federal agencies, industry and academia to look at technical tools that could identify the links among data held by separate sources, finding the "nonobvious relationships" and areas where potential leads need to be investigated by analysts, said Steve Cooper, senior director for information integration and chief information officer at the Office of Homeland Security.

The technology the office is looking at would find linkages solely through descriptions of what type of data is held by each source possibly putting it into categories such as locations, people and goods.

Furthermore, the data could be in electronic, paper or any other format because not all information is held in databases at this point, Cooper said Nov. 4 at the Industry Advisory Council's Executive Leadership Conference in Hershey, Pa.

Such technology tools would not actually examine the content of the data. Instead the tools would narrow the search enough so that analysts would take the next step, only having to share information that is likely to be significant, Cooper said. That process eliminates problems of exposing classified and legally sensitive data, and it also avoids the cultural stigma of giving up control of information.

"We are exploring different approaches that allow us to integrate the information without actually seeing the content at the time of integration," Cooper said. "By analyzing what's interrelated to what, I can identify some patterns. I can see what might be worth taking some additional looks at."

Researchers in the intelligence community have been working on this technology for some time, trying to find ways to share information without revealing the source of the information or the method in which it was gathered the traits that make information classified. Industry also is working on such tools, but for now, there aren't any commercial off-the-shelf solutions that will fit the needs of the office, Cooper said.

The Office of Homeland Security has several short-term pilot projects planned, starting with data held within the intelligence community. The office plans to use some of the funding that has been requested in the bill to create the Homeland Security Department, Cooper said, and that "should be sufficient to get us rolling."

Much more research needs to be done, Cooper said, and the Defense Advanced Research Projects Agency is helping the office with more long-range evaluations.
**************************
Federal Computer Week
Biometrics awareness still low
BY Dibya Sarkar
Nov. 6, 2002

Despite widespread media coverage of biometrics since the Sept. 11 terrorist attacks, a new national survey shows that still only half the general public is aware of such technologies. However, the survey also indicates that fighting terrorism and identity fraud are the "two strongest drivers" for supporting greater government and private-sector use of biometrics.

The public opinion poll commissioned by SEARCH, the National Consortium for Justice Information and Statistics was conducted in two waves: the first occurred Sept. 18-30, 2001, shortly after the terrorist attacks, and the second, Aug. 15-18, 2002, nearly three months ago.

Alan Westin, a retired Columbia University public law and government professor who help develop and oversee the poll, called it the first representational national survey of biometrics. He said it should be considered an initial benchmarking survey because, within a decade, the technology will evolve and the debate will mature.

Following the terrorist attacks, many officials looked toward biometrics the use of electronic devices to measure some physical or behavioral characteristics for identification or verification purposes as a possible security solution. Airports, law enforcement agencies, governments and private-sector companies have implemented or are testing a wide range of technologies including facial and voice recognition, iris scanning, hand geometry, and fingerprinting.

But an enormous debate exists over the accuracy and benefits as well as the intrusive nature of some biometric technologies into people's privacy.

Despite public lack of familiarity, personal experience with biometric rose slightly from 3 percent in 2001 to 5 percent, representing 10 million people, in 2002, Westin said. And although there were slight declines of acceptance over the year, public support for its use by law enforcement for antiterrorist or crime prevention remained steadily high (86 percent in 2001 and 80 percent in 2002).

Westin also said there were "commanding majorities," ranging from 77 percent to 88 percent, for biometric technology in verifying passport identifications, access to government buildings, for airport check-in, and to obtain driver's licenses.

Regarding identity theft, Westin said 95 percent did see it as a serious problem, with 21 percent of the respondents representing 42 million people describing themselves as victims last year. According to the survey, the public also supported private-sector use of such technologies credit card firms, ATMs, and employee checks although to a lower degree than government.

The survey also reported high public insistence that privacy safeguards be considered. Eighty percent in 2001 and 73 percent in 2002 believe it likely that society will adopt such safeguards if and when biometrics are widely used, said Westin.

Future levels of support, he added, will depend on how the public perceives the levels of accuracy and error in specific applications, the likelihood of future terrorist attacks, whether government uses are proper, and whether safeguards operate effectively.

Rebecca Dornbusch, deputy director of the International Biometrics Industry Association, said the industry largely supported the survey's findings. She said a more contemplative view is emerging among the public and politicians, who are taking a holistic approach toward biometrics. Right after Sept. 11, she said many politicians were viewing it as a panacea to the problem.

The industry also understands that privacy is important, adding it developed such principles three years ago. "The industry is aware there can be potential privacy implications, if used inappropriately," she said.
***************************
Federal Computer Week
People, IT vital to FAA future
BY Megan Lisagor
Nov. 6, 2002

Information technology has a major stake in the success of the aviation marketplace, government and industry officials said Nov. 5.

"Our current airline environment is tough," said Bill Sears, director of communications for air traffic operations and safety with the Air Transport Association of America, speaking at the Air Traffic Control Association Inc.'s annual convention in Washington, D.C. "[But] air transport is here to stay. We must modernize."

While IT programs such as computer upgrades and satellite navigation remain crucial, a more pressing issue is staffing, according to John Carr, president of the National Air Traffic Controllers Association.

The Federal Aviation Administration "has got to proactively replace the workforce," Carr said.

Most likely, the agency will need to hire thousands of air traffic controllers in the next decade, a General Accounting Office review found.

The FAA will have to recruit a well-qualified workforce to offset the anticipated attrition of experienced controllers and to address increased traffic demands, GAO officials concluded in a June 14 report.

The FAA hopes to hire about 850 air traffic controllers in fiscal 2003, according to Bill Peacock, the agency's director of air traffic. The agency is operating under a continuing resolution until Nov. 22, but it plans to launch a 10-year strategy to build a bubble of controllers once it gets funding, Peacock said.

When thinking about recruiting, the FAA also has to factor in training, Peacock said. However, he said the biggest challenge is getting stakeholders equipped to exploit new technologies. "You need a high percentage of equipage and trained crews," he said. "We need to take a systems approach to the national airspace redesign."

Officials emphasized the need for global solutions and urgency.

FAA Administrator Marion Blakey announced Oct. 8 that, within a month, the agency would approve approach procedures that allow pilots to use on-board technology to navigate aircraft to any point in the world with only geographical coordinates.

The aviation community must now determine how to maintain that momentum, said Charles Keegan, the FAA's associate administrator for research and acquisitions.
****************************
Federal Computer Week
Career Channels Federal Computer Week
Nov. 5, 2002.

Information Technology Specialist
Series/Grade: GS-2210-7
Location: Mesa Verde Np, CO
Announcement #: DD156994
Closing Date: Nov. 13, 2002
Contact: Department of Interior, Box 25167, Denver, CO 80225-0167; 478-757-3000

Computer Specialist
Series/Grade: GS-2210-7/12
Location: Washington, D.C.
Announcement #: M/P-02-152
Closing Date: OPEN
Contact: U.S. Information Agency, Room 1543, 330 Independence Ave. SW, Washington, D.C. 20237; 202-619-3117

Information Technician Specialist
Series/Grade: GS-2210-13
Location: Washington, D.C.
Announcement #: 02PH-1394
Closing Date: Nov. 29, 2002
Contact: Smithsonian, Box 50638, HR, Washington, D.C. 20091; 202-287-3102

Senior Information Technician
Series/Grade: GS-2210-13
Location: Riverdale, MD
Announcement #: 962-2003-0008
Closing Date: Nov. 12, 2002
Contact: Department of Agriculture, APHIS, 4700 River Road, Unit 22, Attn HR, Riverdale, MD 20737; Eric Keene, 301-734-5413

Supervisory Computer Engineer
Series/Grade: GS-854-15
Location: Prince George, MD
Announcement #: N 03-29
Closing Date: Nov. 14, 2002
Contact: National Archives, HR, (NHHO), 9700 Page Ave., St Louis, MO 63132; 800-827-4898

Information Technology Specialist
Series/Grade: GS-2210-13
Location: Caribou, ME
Announcement #: E-NWS-03018.SDT
Closing Date: Nov. 13, 2002
Contact: Department of Commerce, HRD, 200 Granby St. #815, Norfolk, VA 23510; Sharon Turner, 757-441-3837

Supervisory Information Technology Specialist
Series/Grade: GS-2210-14
Location: Kansas City, MO
Announcement #: C-NWSC-03012.TMP
Closing Date: Nov. 20, 2002
Contact: Department of Commerce, NOAA, HRD, 601 E. 12th St. Room 1737, Kansas City, MO 64106; Tina Palmerin, 816-426-5016

Statistician
Series/Grade: GS-1530-12
Location: Fort Sam Houston, TX
Announcement #: NCFR02115501R
Closing Date: Nov. 11, 2002
Contact: Department of Army, NC, DAPE-NC, Office of the Chief of Staff, Rock Island, IL 61299-7650; 210-221-2526

Computer Specialist
Series/Grade: GS-334-12
Location: Laredo, TX
Announcement #: DS-3-01-158405-BM
Closing Date: Nov. 12, 2002
Contact: Department of Justice, 8610 Broadway Room 305, San Antonio, TX 78217; B. McCarthy, 210-805-2423 X X406

Computer Engineer
Series/Grade: GS-854-14
Location: Falls Church, VA
Announcement #: 02-430PJ
Closing Date: Nov. 12, 2002
Contact: Department of Defense, DISA, Pers Div, Attn 02-430PJ, 701 S. Courthouse Road, Arlington, VA 22204-2199; Paula Johnson, 703-607-4408

Computer Scientist
Series/Grade: GS-1550-14
Location: Falls Church, VA
Announcement #: 02-430PJ
Closing Date: Nov. 12, 2002
Contact: Department of Defense, DISA, Pers Div, Attn 02-430PJ, 701 S. Courthouse Road, Arlington, VA 22204-2199; Paula Johnson, 703-607-4408

Computer Scientist
Series/Grade: GS-1550-15
Location: Suffolk, VA
Announcement #: EX158212-SRF-NR
Closing Date: Nov. 15, 2002
Contact: Department of Navy, HRSC, Norfolk Naval Shipyard, Building 17, Portsmouth, VA 23709-5000; 757-396-7994

Statistician
Series/Grade: GS-1530-11
Location: Seattle, WA
Announcement #: VA-ST-03007-RLG
Closing Date: Nov. 14, 2002
Contact: Department of Veterans Affairs, 1660 S. Columbian Way S-005A, Seattle, WA 98108; 206-764-2927

Computer Engineer
Series/Grade: GS-854-13
Location: Martinsburg, WV
Announcement #: 03-0060-SEDK-M1
Closing Date: Nov. 12, 2002
Contact: Department of Transportation, Coast Guard, Civ Pers G-WPC-1, HRSC-SE Suite 400, 4200 Wilson Blvd., Arlington, VA 22203; 866-913-5627

Computer Engineer
Series/Grade: GS-854-13
Location: Martinsburg, WV
Announcement #: 03-0060-SEDK-D1
Closing Date: Nov. 12, 2002
Contact: Department of Transportation, Coast Guard, Civ Pers G-WPC-1, HRSC-SE Suite 400, 4200 Wilson Blvd., Arlington, VA 22203; 866-913-5627

Jobs on this page are excerpts from thousands of listings in the FedJobs searchable database. Job information is available on the Web (www.fedjobs.com) or as a printed report, "Federal Career Opportunities." To subscribe, contact Federal Research Service, P.O. Box 1708-FCW, Annandale, VA 22003-1708.
*****************************
Washington Post
How to Keep The Wireless Snoops Away
By Carlos A. Soto
Government Computer News
Thursday, November 7, 2002; Page E06

A wireless network is like hundreds of network cables floating in search of a rogue computer.

A good attacker can get into most networks by taking advantage of a wireless connection and its Wired Equivalent Privacy security.

WEP represents the encryption of communications data sent over radio waves, specifically using an 802.11b system. But WEP, offered with varying amounts of encryption, is vulnerable because a smart attacker can obtain data pertinent to circumventing the coding by capturing sufficient frames of data.

WEP begins doing its job when a wireless computer sends a request to an access point for a secure session. The access point generates an encrypted response, or shell, that is sent back to the computer. The computer then creates a special code, or shared key, for the computer and the access point. The access point decrypts the shell and allows the computer entry to a network if the shared key matches.

The problem with this technology is that capturing these frames reveals three pieces of data: the cipher text, plain text and the nature of the electronic "handshake." With these items, an unauthorized user can communicate with the access point in WEP without having to know the shared key, bypassing security.

Despite the problems, it's not necessary to abandon WEP. A typical user -- even most attackers -- won't succeed in scaling this security hurdle. But there's a lot you can do to boost the security of a wireless network.

The first thing is to secure your access point. Make sure your "service set identifier" is closed and can't be detected by unauthorized wireless clients. The SSID is the wireless network name that an access point automatically sends out so that random clients can pick up the availability of wireless network service.

Whether your access point is prevented from submitting the SSID automatically depends upon the manufacturer and model of your access point. Some do, some don't and some can be set not to.

Likewise, make sure you configure your access points not to accept data from wireless computers set with the default "any SSID." This setting is a feature inherent in most 802.11b clients so that they can detect any access point broadcasting its SSID. When choosing an access point, make sure you choose one that has a user name and password feature and that requires a person to log in to the network via a hard-wired local area network rather than via a wireless LAN to connect to the access point's configuration software.

Some companies produce more-secure wireless access points than others. The market basically breaks into two categories: access points for small offices and devices for large ones. A small office would be one with 50 users or fewer. A large one would have 50 or more.

Both categories offer WEP encryption and Media Access Control addressing capabilities. MAC addresses are the hardware numbers that uniquely identify each node of a network on an 802.11b platform. An MAC address adds one more layer of security but is inherently as flawed as WEP because the addresses can be easily "sniffed" with snooping software.

The WEP and MAC vulnerabilities are what distinguish small-office access points from their company-wide counterparts. The larger access points generally come with added security and management features.

Plus, some devices can generate a new and different shared key for every session. This makes it difficult for an attacker to make use of a key found with a sniffing application because each key has a short life span.

The high-end access points also can join Remote Authentication Dial-In User Service. RADIUS can authenticate wireless clients to a network if it uses Category 5 cabling. RADIUS servers, like the access points that can join them, are expensive and difficult to set up and use.

But it's the layers of security that will keep your wireless network services safe from penetration and tampering. No system is hack-proof. The goal of any good approach to security is to make a breach so time-consuming and difficult that it's not worthwhile for the would-be hacker to attempt it.

To respond, e-mail editor@xxxxxxxxx visit the Government Computer News Web site at www.gcn.com.
*************************
USA Today
Michigan man pleads guilty to computer intrusion

LAPEER, Mich. (AP) A former software company executive has pleaded guilty in Lapeer County Circuit Court to criminal computer intrusion in a case involving his former employer, the company said Wednesday.

Gregg Wysocki of Rochester Hills entered the plea as part of an agreement with prosecutors in which charges of embezzlement and using a computer to commit a crime were dropped.

Wysocki is scheduled for sentencing Jan. 13. He faces up to five years in prison and a fine of $10,000.

Wysocki was charged with stealing sensitive files from his former employer, PC Treasures of Oxford, and using them to land a job with a rival, the computer firm said in a news release.

PC Treasures provides specialized consumer software bundles to builders and resellers of personal computers.

The criminal action was brought by the High Tech Crime Unit of the Michigan Attorney General's Office.

Wysocki joined PC Treasures as a salesman in 1999 and was its national sales director when he quit without notice on July 27, 2001, the company said.

Two weeks earlier, Wysocki improperly tapped into PC Treasures' computer files and downloaded accounting records, contracts with software suppliers and other records, according to the charges.

The downloading occurred July 12, one day before Wysocki interviewed with Microgistix in Minneapolis, the indictment said. He later was hired by the Minnesota firm.

Wysocki has a non-published phone number and could not be reached Wednesday.
****************************
Los Angeles Times
In Search of Broad Technological Compatibility
Regulators will look into ways of sharing airwaves to be used in many wireless devices.
By Jube Shiver Jr.
November 7 2002

WASHINGTON -- Cell phones, remote controls, wireless radios -- can't they all just get along?

Federal regulators believe so, and they are expected today to launch a sweeping examination of the government's management of the nation's valuable airwaves, a move that could pave the way for cheaper and more innovative wireless devices.

At their monthly meeting, members of the Federal Communications Commission are scheduled to consider a highly anticipated report on spectrum management that recommends a more flexible approach to sharing the airwaves, including an overhaul of the standards for governing airwave interference and provisions to allow owners of airwave licenses to resell them under certain circumstances.

Separately, the agency also is expected to authorize the opening up of more airwaves for advanced wireless services.

Although the report is still being fine-tuned and may not be released until later this month, its emergence represents the first significant response to a nearly decade-long push for more flexible use of the airwaves by companies such as Intel Corp. and Microsoft Corp., free-speech advocates and influential thinkers such as Stanford University law professor Lawrence Lessig.

They say the airwaves should be treated like the Internet, an open communications system that nobody owns. They want the nearly 70-year-old system of government regulation of the airwaves modified so that individuals and entrepreneurs would be free to use and trade any spectrum, so long as they did not interfere with other users.

But some powerful wireless industry lobbying groups -- which also are longtime supporters of spectrum reform -- are concerned that the FCC may not pay enough attention to potential interference problems.

"We need to see the specifics," said Thomas Wheeler, president of the Cellular Telecommunications & Internet Assn. in Washington.

Among other details, Wheeler said the FCC would have to wrestle with how to police interference among rivals trying to gain a competitive advantage. "There needs to be some kind of strong sanction, not just a fine" against users that cause airwave interference, he said.

Proponents of a more flexible approach say deregulation will enable more innovative wireless devices and boost wireless networking technologies such as WiFi and ultra-wide-band, which have helped spur demand for wireless networks for PCs and other machines. Shipments of equipment for wireless networking are expected to balloon from 9 million units in 2001 to about 56 million by 2006, according to the research group Allied Business Intelligence Inc.

Experts believe that with deregulation, WiFi and ultra-wideband could leapfrog the deployment of high-speed Internet access through phone and cable-TV lines, making cheap and ubiquitous broadband access available nationwide by 2006.

University of Pennsylvania professors Gerald R. Faulhaber and David J. Farber say a good way to kick off this new wireless era would be to conduct a one-time "big bang auction" for all the nation's airwaves and then allow secondary trading of the spectrum.

"Individuals and corporations would be able to buy, sell and lease specific frequencies in specific locations subject to power [and other technical] limitations, and would possess the right to ... [transmit] at anytime without interference," they wrote in a July filing to the FCC.

FCC Chairman Michael K. Powell didn't return a call seeking comment. But he signaled last week that spectrum reform will be a cornerstone of his effort to revive the beleaguered telecom industry.

"We should develop policies that avoid interference rules that are barriers to entry," he said during an address at the University of Colorado in Boulder. "While the proliferation of technology strains the old paradigm, it is also technology that will ultimately free spectrum from its former shackles."

The campaign has gathered steam in recent months, spurred by industry advances.

A technology called software defined radio, or SDR, was authorized by the FCC last year and is being used to develop intelligent transceivers that can navigate through the congested airwaves without causing electro-magnetic interference.

SDR allows telecom service providers to offer devices that can jump from one communications channel to another as transmission standards change and as unused airwaves become available.

Such flexibility would be especially valuable in the United States, which -- unlike Europe and Asia -- has more than four competing cellular phone standards as well as a host of wireless computer network standards. Engineers envision a day when a cell phone or hand-held computer will automatically reprogram itself to access all of these networks and even act as a TV remote or pager.

"SDR can mitigate the downsides of having multiple wireless transmission standards by making more efficient use of spectrum," said Vanu Bose, chief executive of Vanu Inc., a Cambridge, Mass., start-up that will demonstrate a software defined radio device later this month in San Diego.

On Capitol Hill, several bills have been introduced to promote airwave reform, including a measure by Rep. Edward J. Markey (D-Mass.) that would more than double the amount of spectrum available for unregulated wireless services such as WiFi.

"Spectrum reform is coming this year one way or another -- whether through legislation or through the FCC," said Ellen Goodman, an associate professor of law at Rutgers University who has followed the issue.
************************
Los Angeles Times
Firm to Assess Computer Betting
By David Wharton
November 7 2002

The horse racing industry has enlisted a major accounting firm and its team of high-tech security experts to help deal with the kind of computer betting scam that allegedly occurred during Breeders' Cup races last month.

But even as experts began analyzing tote systems that handle wagers for tracks nationwide, a troubling question echoed across the sport: Might such scams have gone undetected in the past?

Executives from the accounting firm Ernst & Young said they have been hired only to assess the systems, not to review past activity. As yet, they are not even sure such a review would be possible.

Some track executives -- eager to win back mistrustful bettors -- remained hopeful.

"We'd welcome that kind of scrutiny," said Rick Baedeker, president of Hollywood Park. "We have no reason to believe there have been other incidents but we want to be diligent in making sure that's the case."

As the industry pursued damage control, an investigation of the incident that sparked this concern reportedly widened to include a third person.

Racing officials became suspicious of the one ticket that accounted for all six of the winning Breeders' Cup pick six wagers -- each worth $428,392. The ticket, purchased through an off-track account wagering service in upstate New York, used one horse in each of the first four races and all the horses in the final two races. It was purchased by Derrick Davis, a self-employed computer repairman from Baltimore, in a $12 denomination, costing $1,152.

Autotote, the company that processed the wager, subsequently fired one of its software engineers, Chris Harn, and claimed he rigged the ticket by inserting winners after four of the six races were run.

Harn and Davis attended Drexel University in the 1990s and were reportedly fraternity brothers. Wednesday, the Associated Press reported that another fraternity brother, Glen DaSilva of New York, is under investigation.

Though the $3 million in winnings -- which included consolation payoffs for five winners -- have been withheld, no one has been charged and attorneys for Harn and Davis said their clients are innocent.

Regardless of what investigators find, the industry has been staggered and the National Thoroughbred Racing Assn. has convened the emergency panel that hired Ernst & Young.

"Obviously, we're interested in any assistance," said Craig Fravel, a Del Mar executive vice president and NTRA board member. "We're being very open-minded and we think hiring outside experts is a positive step."

Details of the accounting firm's probe could be released after an NTRA meeting today. But searching for past scams by examining records from Autotote and two other tote companies that service American tracks would involve scrutinizing countless wagers.
***************************
Wired News
When Everything Was Spam to ISP

An overly-sensitive spam filter is to blame for a week-long blockade that resulted in nondelivery of some e-mail messages sent to EarthLink subscribers in late October.

EarthLink servers refused and returned incoming mail sent from many Internet domains during the last week of October, according to an e-mail sent earlier this week by EarthLink to those affected by the problem.

The problem was caused by a fault in the way EarthLink's mail server software loaded configuration data used by the service to block spam.

Blocked e-mail was returned to senders with a message informing them their network had been identified as a source of spam and had been banned from sending e-mail to EarthLink subscribers.

"The problem was intermittent and isolated," EarthLink spokeswoman Carla Shaw said. "It affected a limited number of small networks whose e-mail was refused by EarthLink's servers. We apologize to our users and those who tried to communicate with them, and are taking steps to ensure it never happens again."

But some of those whose e-mail was blocked believe the problem is a sign of further troubles to come for Internet communications. They also worry that small businesses may be hard hit by increasingly strict measures intended to stop spam.

"Spam is such an incredibly big problem that people will create even bigger problems trying to get rid of it," said Jon Oringer, CEO of SurfSecret. "I was a casualty of the war on spam, and I can tell you that nothing justifies that kind of collateral damage."

A SurfSecret e-mail to clients, advising them of a software upgrade, was blocked by EarthLink's servers. Oringer knew how to interpret and respond to the message he received from EarthLink, but some less technically astute business owners were confused.

Nate Hatteras, owner of a small New England craft and gourmet food company, said he had no idea what to do when his holiday e-mails were refused by EarthLink.

"I don't know anything about open relays and 505 errors," Hatteras said. "I had to get a neighbor's kid to respond. I got an e-mail from EarthLink a couple of weeks later saying it was fixed. I hope I didn't lose a lot of Thanksgiving business."

SurfSecret is developing its own spam-stopping product, so Oringer found it particularly ironic that his e-mails were tagged as spam.

"I wanted to say, 'Hey, I'm actually developing a spam solution,' Oringer said. "But that's the problem with getting blackholed in a blanket antispam sweep, there's nobody to appeal to for days, sometimes weeks."

"The ISPs fix the problem or reverse their mistake in their own due time. But meanwhile, getting blocked can just completely shut you down."

EarthLink's apologetic e-mail acknowledged that the company realized "the disturbance that such an outage creates, impacts people in important ways."

Shaw said the company had implemented new methods to prevent such an error from occurring again, and had also launched an internal investigation to develop ways to respond faster to blocked senders' questions and complaints.

"But we will continue to aggressively pursue spammers using both technology and legal means," Shaw added. "EarthLink intends to be as persistent as the spammers are in our battle against spam."

Shaw confirmed that EarthLink, like many ISPs, uses a "blacklist" to block all mail coming from specific Internet addresses that are known to be used by spammers.
******************************
Reuters Internet Report
College Copyright Cops Are Privacy Risk, Group Says
Wed Nov 6, 5:59 PM ET
By Andy Sullivan

WASHINGTON (Reuters) - A civil-liberties group asked colleges and universities on Wednesday to refrain from monitoring students' Internet use, even if administrators believe that students may be swapping copyrighted songs or movies.

Students may feel intimidated if administrators monitor Web browsing to make sure they are not swapping Eminem (news - web sites) songs or episodes of "The Sopranos (news - Y! TV)," the Electronic Privacy Information Center said in a letter sent to 50 schools.


"Monitoring chills behavior, and can squelch creativity that must thrive in educational settings," EPIC said.


Record labels and movie studios asked college administrators last month to crack down on student file-swapping, which they see as a threat to CD and movie-ticket sales. Several education groups echoed the request in a letter of their own.


Many college campuses are wired with high-speed Internet access that allows digital video and audio to be downloaded quickly. Few homes in the United States are so sophisticated.


As campus networks have sagged under the increased traffic, some schools have moved to block the peer-to-peer networks like Kazaa and Grokster that make file-swapping possible.


In its letter, EPIC acknowledged that schools should manage their bandwidth efficiently, but said that student privacy could be violated if network administrators comb through personal e-mails and Web-surfing logs to ferret out bootleg Britney Spears songs.


"Such a level of monitoring is not only impracticable; it is incompatible with intellectual freedom," the letter said.


The president of the Recording Industry Association of America (news - web sites), which has aggressively fought online file trading, issued a curt response.


"I don't think anyone needs to lecture universities about academic freedoms and respecting the First Amendment or privacy rights of their students," said RIAA President Cary Sherman.
*****************************
MSNBC
Fake INS Web sites trick immigrants
Green Card lottery applicants targeted by imposter pages

Nov. 6 Each year, some 10 million hopefuls enter the American Dream drawing the annual Green Card lottery. Only 50,000 Green Cards are awarded, but the scant 200-to-1 odds don't deter many. Today was the last day to submit applications for the 2004 lottery, leading to a flurry of last-minute research by would-be American workers. Lottery tickets, and access to the American dream, are supposed to be free. But applicants who searched the Web for Green Card lottery information this time around often found themselves at a gallery of for-profit sites posing as U.S. government Web sites, charging $50 or more for applications that are supposed to be free.

THE SITES HAVE TEMPTING names, such as "USA Immigration Services," and "United States of America Foreign Immigration Services." The Web addresses are convincing, too, such as USAIS.org. They are laced with bald eagles, American flags, White House logos one even sports a mailing address on Pennsylvania Avenue in Washington, near the White House. But none of those sites are affiliated with the U.S. government, and all of them are looking to profit off the confusion of would-be immigrants desperately seeking a way into this country.
RB, a Toronto resident interested in moving to the United States, told MSNBC.com he was pointed toward USAFIS.org by a banner ad this weekend. He wasn't sure what to think.
"The site looks like a U.S. government Web site you know, not too high tech, " he e-mailed. "The site's main page says 'Welcome to the United States of America Foreign Immigration Services.' It has the Statue of Liberty on it, and an American eagle in their logo," he wrote.
The site also includes a link to "FirstGov.gov" logo on the bottom, which is supposed to be the federal government's seal of approval for government services Web sites.
Attempts to contact a representative of the site through contact information supplied on its Web page were unsuccessful.
But when RB traced the site, he discovered it was hosted on a server located in Jerusalem.
"I'm probably just jumping to conclusions, or am ignorant, but why would a U.S. government site be hosted in Jerusalem? I can't help but wonder who the heck really put the site up and what they are doing."

A BIG PROBLEM
What they are doing, according to the real U.S. Immigration and Naturalization Service, is trying to trick would-be immigrants into thinking they are official U.S. government Web sites, in the hopes of landing a few extra application fees. The INS issued a warning about the fake government sites on its own Web site in late October, during the thick of the monthlong Green Card lottery enrollment window. But through today, the sites were still operating, many taking applications and application fees even after the lottery had closed.
"It's a big problem," said an INS official who asked not to be named. He said the INS had received over 200 complaints about the government-imposter Web sites many from victims who've fallen for the ploy and the agency had done all it could to warn consumers around the world. But still, he believes plenty of victims paid for applications that will never be submitted.
The most brazen of the fake sites, USNIS.org, mimics the real INS Web site design, and even sports a graphic with the words "United States Immigration and Naturalization Service" atop the page. Attempts to reach USNIS.org were also unsuccessful. The site's domain registration information indicates it is run by an operator in Rawalpindi, Pakistan.

LOTTERY DRAWS MILLIONS
The official government program, known formally as the Diversity Lottery, hands out Green Cards to about 50,000 foreign nationals from around the world each year. The highly prized cards allow the winner to move to the United States and work here with few strings attached.
The application process is simple, but strict. All that's necessary is a piece of paper with basic personal information, such as name, address and birthplace, along with two photographs. But the application must be received via regular mail during a particular 30-day window, usually in October of each year. And the photographs, application paper, and envelope all must follow exacting specifications.
As the Green Card lottery deadline loomed, the imposter sites were advertising aggressively, particularly in the recent weeks. A search on Google.com, for example, generated paid links to USAIS.org and INSUSA.org atop the results listings. Google.com did not immediately respond to requests for an interview.
USAIS.org also used a massive e-mail marketing campaign, according to the INS.
"A couple of months ago USAIS.org was spamming basically the whole world," said the INS official. "We have great concerns about this, but we have no law enforcement authority (to stop it)," he said.
The Federal Trade Commission, which enforces federal false advertising laws, does have such authority. And in 1997, it took an immigration lawyer to court for making false claims on his Web site, according to Heather Hippsley, assistant director of the FTC's advertising practices division.
That lawyer promised that he could increase applicant's chances of winning a Green Card, a fraudulent claim, since winners are selected randomly. Hippsley said such Green Card fraud schemes peaked in 1997, and public education efforts since then seem to have kept other immigration services from making that kind of claim.
But the new crop of immigration Web sites use much more subtle methods to glean fees of $50, $100 , or even $200 from applicants. Now they make carefully-worded claims that they offer access to the INS Green Card database for the "latest information" on application status suggesting they can tell applicants quickly if they are accepted or rejected. In fact, no one can, but the offer preys on a frustration felt by lottery applicants, who never hear anything unless they are chosen as a winner.
And the claims are so subtle the FTC isn't ready to take action. Many sites, for example, might be designed to look like official U.S. government Web sites, but include mention in small print that they aren't affiliated with the government and that would obscure any case against them. Piling flags and eagles on a Web site might be deceptive, but it's probably not illegal.
"If they misrepresent that they are affiliated with the government that's a red flag, and something that we would look for," Hippsley said. "Unfortunately, there's always another (scam) out there."
The INS, in its warning, advises consumers to note that only Web sites that end with the suffix ".gov" our official U.S. government sites.

'WASTE OF MONEY'
Yigel Torem, an immigration lawyer who runs Greencardlottery.com, said that sites like his can provide a vital service to Green Card hopefuls. His site has the words "National Visa Registry" atop the page, next to an image of the Statue of Liberty. But the words "a non-governmental agency" appear at the bottom of each page to clarify his agency's role in the process.
"There's over two or two million of these things rejected every year (because of application errors)," Torem said. "Obviously people are not getting it."
Torem said Green Card applicants can spot fake sites because they "hide" the application process instructions, suggesting to users that they must pay for assistance. Legitimate sites will offer plenty of free information, he said.
"We basically give the overall procedures for anything you need to do, so you can try yourself or decide to ask for help."
Since Sept. 11, Torem added, business on his GreenCardLottery.com site had slowed considerably.
While the INS processes Green Cards, the Diversity Lottery is actually run by the State Department, which publishes the official application instructions on its Web site every year. Stuart Patt, spokesman for the Consular Affairs Bureau of the State Department, agreed that not all Green Card lottery Web sites are frauds. Many do fill out the application correctly for immigration hopefuls and send it in but paid help isn't necessary, he said.
"When we first announce the program each year, we have a phrase in there that says, there is no need to pay anyone to make the entry for you," he said. "There is absolutely no advantage to going through any such service."
Allan Wernick, an immigration lawyer who writes a syndicated column for King Features, goes one step further.
"It's a waste of money," he said. The application is simple, and many non-profit agencies will help applicants with the form. But, he added, the INS and the State Department have created some confusion with the lottery process, opening the door for fraud artists.
While the State Department Green Card lottery Web site has explicit instructions on the form procedure, it does not include a sample form, leaving the exact formatting to the applicant. That lack of direction creates unnecessary confusion, Wernick said. "They should just provide a form on the Internet with a sample page. That would discourage some of these other services," he said. A sample form can be found on Wernick's site, http://allanwernick.com/.
*******************************
MSNBC
Math whiz cracks encryption code
Certicom challenge has been running since 1997

OTTAWA, Nov. 6 And you thought you had tough math homework?Consider the work that went into cracking a secret code developed by Toronto-based Certicom Corp., which makes wireless encryption software. It took the power of 10,000 computers running around the clock for 549 days, coupled with the brain power of a mathematician at Indiana's University of Notre Dame, to complete one of the world's largest single math computations.
CERTICOM HAD CHALLENGED scientists, mathematicians, cryptographers and hackers to try to break one of the encryption codes the firm uses to protect digital data.
The solution, rewarded with a $10,000 prize and even richer bragging rights, was reached at 12:56 p.m. on Oct. 15, said Notre Dame researcher and teacher Chris Monico.
"I stared at it in mild disbelief for a while," he said. "I wanted desperately to jump up and down, but the mathematician in me said 'You'd better double check.'"
Monico's pleasure at breaking the code was matched by the contest's creator and Certicom founder, Scott Vanstone.
"Our technology is based on a very hard mathematical problem, so what we wanted to do is validate how difficult it really is," he said.
"When somebody asks have hackers attempted to break your system, we say of course, we in fact encourage it. Please go try. And here's the results."
Vanstone points out the massive computer power used to crack the code in this challenge would have broken the Enigma code, a cipher used by Germany during World War Two, in a matter of seconds.
The solution, he added, gave access to just one person's key, or identity, and cracked only a 109-bit key, whereas Certicom's products start at a 163-bit key to protect data.
"It would be about 100 million times harder (to break) than what was just done," Vanstone said. "If you could get every machine on the planet working on the problem ... you're still not going to be able to touch the 163 problem."
Monico said he doesn't have time to tackle the next 131-bit key challenge, which has a $20,000 prize, but did share his computer program with a "motley crew" of half a dozen "computer guys".
The Certicom challenge, started in 1997, has attracted 247 teams with more than 10,000 members, including cryptographers, computer scientists and mathematicians.
Monico, who took up the challenge to "raise awareness of cryptography", will donate the bulk of his prize money to the Free Software Foundation and the remaining $2,000 to two men whose computers helped solve the problem.
********************************
CNN Online
Irises, voices give away terrorists
Thursday, November 7, 2002 Posted: 9:26 AM EST (1426 GMT)

(AP) -- The United States is compiling digital dossiers of the irises, fingerprints, faces and voices of terrorism suspects and using the information to track their movements and screen foreigners trying to enter the country.

Since January, military and intelligence operatives have collected the identifying data on prisoners in Afghanistan and at the U.S. naval base in Guantanamo Bay, Cuba. There are also plans to extend the collection process to Iraq in the event of a U.S. invasion.

With this project, the U.S. government has taken biometrics the measuring of human features -- well beyond its most common use to date: verifying people's identities before giving them access to computers or secure areas.

"We're trying to collect every biometric on every bad guy that we can," said Lt. Col. Kathy De Bolt, deputy director of the Army battle lab at Fort Huachuca, Arizona, where the biometric tools being used were developed.

"Any place we go into -- Iraq or wherever -- we're going to start building a dossier on people of interest to intelligence. Even if they get released, we have face and voice clips. When they come into one of our checkpoints, we can say, 'You're this bad guy from here."'

How it works
In biometrics, optical, thermal and audio scanners are used to record a person's features. Mathematical algorithms are then used to reduce that information to digital data. Some biometrics are more reliable than others. For example, the intricate patterns in the iris, the colored part of the eye, are considered better identifiers than even fingerprints.

The U.S. biometric system, known as the Biometrics Automated Toolset, or BAT, includes about 50 laptop computers equipped with scanners. The information on suspects is stored in a central database at a U.S. intelligence agency -- De Bolt declined to say which one -- in the Washington area.

An additional 400 laptops are being prepared for a possible Iraq invasion, said Anthony Iasso, a software engineer at Northrop Grumman Corp. who leads the project at Fort Huachuca.

So far, BAT data has been shared with both the FBI and the Immigration and Naturalization Service to help check the identities of incoming foreigners and of foreigners arrested inside the United States, officials said.

"Anytime anyone is taken into custody for investigation by INS, they're checked against this system," said a U.S. immigration official, speaking on condition of anonymity. He would not say whether the data has led to any arrests.

Tracking movements
De Bolt and Iasso said the BAT system aims to track the global movements of terrorists.

If a person catalogued and released in Afghanistan later turns up at a checkpoint in the Philippines -- perhaps using a different identity -- officials might begin investigating the suspect's background and links to others, De Bolt said. The suspect does not have to be apprehended, fingerprinted, or even identified by name.

U.S. authorities are supplementing the dossiers by adding surveillance photos and fingerprints gathered from, say, drinking glasses or magazine covers found in terrorist haunts. A suspect's dossier might also contain text from prisoner interrogations, video or sound clips and digital images of scanned items seized during a search, Iasso said.

The database can also be searched by soldiers via satellite telephone from a battlefield, De Bolt said.
********************************
Earthweb
Drilling Down With A Data Mining Pioneer
By Nathan Segal
natsegal@xxxxxxx
Earthweb E-Publication
http://itmanagement.earthweb.com/datbus/article/0,,11969_1495951,00.html


Dr. Usama Fayyad is a data mining pioneer who began working in the field in 1989. He got his start at NASA's Jet Propulsion Laboratory, compiling data on astronomical phenomena such as volcanoes, star systems, etc. From there, he went on to work for Microsoft research and then, frustrated by problems he was seeing in the data mining industry, he left Microsoft and started digiMine <http://www.digimine.com/home.asp> to deal with the issues of data mining and data warehousing. In this article, he shares his thoughts about the industry and how to get the most out of your data.

"There are two sides to data mining, descriptive and predictive," says Dr. Fayyad. "Descriptive data mining reorganizes the data, digging deeper into it and pulling out patterns, such as customer similarity, which allows you to create a short description about that group of customers.
****************************

Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx