[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips October 29, 2002
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, akuadc@xxxxxxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;
- Subject: Clips October 29, 2002
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Tue, 29 Oct 2002 11:32:06 -0500
Clips October 29, 2002
ARTICLES
Bush to Sign Voting Revamp Bill
Sun shields server rooms from attack
Reuters Accused in Privacy Case
Roster Change Government IT personnel moves
RealNetworks to release player source code
Nonprofit to Create Open Source Software
Who owns your e-mail?
P2P App's Aim: Defend Free Speech
E-mail greeting card hides porn
Study tallies sites blocked by Google
***************************
Associated Press
Bush to Sign Voting Revamp Bill
1 hour, 24 minutes ago
By SANDRA SOBIERAJ, Associated Press Writer
WASHINGTON (AP) - President Bush (news - web sites) is signing legislation
to revamp the nation's voting system and protect against the kinds of
errors that threw his own election into dispute two years ago.
The White House scheduled a morning bill-signing ceremony for Tuesday,
starting Bush's two-day respite from campaigning for GOP House, Senate and
gubernatorial candidates in next Tuesday's elections.
Under the Martin Luther King Jr. Equal Protection of Voting Rights Act of
2002, states will receive $3.9 billion in federal money over the next three
years to replace outdated punch-card and lever voting machines or improve
voter education and poll-worker training.
The new law's protections against voting error will not affect next week's
balloting but are scheduled to be mostly implemented in time for the 2004
congressional and presidential vote, which will most likely include Bush's
re-election bid.
It was Bush's bitter 2000 Florida recount battle with Democrat Al Gore
(news - web sites) with its confusing "butterfly ballots," half-perforated
punch ballots and allegations of voter intimidation that gave rise to the
legislation. Bush's election was ultimately decided by the Supreme Court.
The House approved election changes late last year and the Senate followed
suit in April, but Republican demands for strong anti-fraud provisions
stalled reconciliation of the two versions for months. Lawmakers did not
send a final bill to Bush until last Wednesday.
"This has been a long marathon, but the finish line is finally in sight and
the winner is the American public," said Senate Rules Committee Chairman
Chris Dodd, D-Conn. "This landmark legislation will ensure that everyone
not only has the right to vote on Election Day, but that their voice is
heard."
Beginning Jan. 1, first-time voters who registered by mail will be required
to provide identification when they show up at the polls.
By the 2004 vote, states will be required to provide provisional ballots to
voters whose names do not appear on voter rolls. Those provisional ballots
would counted once valid registration is verified.
For 2006 balloting, states will be required to maintain computerized,
statewide voter registration lists linked to their driver's license
databases. States will also be required to have voting machines that allow
voters to confirm the way they marked their ballot and, if necessary,
change their votes before they are finally cast.
Such voting software was tested in one jurisdiction in the 2001 Virginia
gubernatorial election. The Century Foundation, which reviewed the results,
found that the "lost vote" rate went from between 600-700 votes in the 2000
election to just one vote in 2001, said Tova Andrea Wang, a staffer to the
National Commission on Federal Election Reform who later oversaw the
foundation's study.
"The bill goes a long way toward addressing a lot of the problems, but the
extent to which the bill works relies on what the states do because they
are given a lot of discretion," said Wang.
"A new polling machine is fine and great as long as people know how to use
it, and there's no specificity in the legislation on poll-worker training
and voter education."
Wang and other election experts also worry that discriminatory enforcement
of the voter-ID requirements could especially disenfranchise minorities,
the poor, immigrants and students. She called the provision "something that
may have to be revisited."
***************************
Reuters
Pro-Islamic Hackers Gear Up for Cyber War, Experts Say
Tue Oct 29, 4:30 AM ET
By Michael Christie
SYDNEY (Reuters) - Pro-Islamic hackers are on the frontline of a potential
new cyber war after the end of a cease-fire by "hacktivists" and virus
designers that followed the September 11 attacks on the United States,
Internet experts say.
Pro-Islamic hackers are escalating attacks against countries backing the
U.S. war on terror and its campaign against Iraq, while the "Bugbear" worm
and last week's strike on the Internet backbone signal that cyber villains
are again on the prowl.
London-based computer security firm mi2g said on Tuesday that October had
already qualified as the worst month for overt digital attacks since its
records began in 1995, with an estimated 16,559 attacks carried out on
systems and Web Sites.
The firm which advises banks, insurance and reinsurance firms on security
said politically motivated attacks had risen "sharply."
"We have noticed that more and more Islamic interest hacking groups are
beginning to rally under a common anti-U.S., UK, Australia, anti-India and
anti-Israeli agenda," it said.
According to the zone-H database, an independent site which monitors hacker
activity, politically motivated Web Site defacements make up around 11
percent of the total.
Most hacking is attributable to "script kiddies" from Brazil to Germany
"bragging and strutting," said Dean White, the SANS Institute Internet
Storm Center coordinator for the Asia Pacific.
But real-life events like the September 11 anniversary, simmering violence
in Israel, bombs in the Philippines or the October 12 blasts that killed
180 people on Indonesia's island of Bali all could be expected to serve as
inspirations on the Web.
SOMETHING AROUND THE CORNER
"We were saying we have to be ready and we have to be prepared, it's been
quiet for too long, there's going to be something around the corner," White
told Reuters.
*****************************
New York Times
Online in Cairo, With News, Views and 'Fatwa Corner'
By DANIEL J. WAKIN
CAIRO, Oct. 28 Inside a run-down building in a middle-class Cairo
neighborhood, a hybrid group of eager young dot-commers and idealistic
religious messengers produces one of the Islamic world's leading Web sites,
Islam-Online.net.
"We all consider this an act of jihad, how to liberate people's minds from
ignorance," said Ahmed Muhammad Sa'ad, using "jihad" in its sense of
spiritual struggle. Mr. Sa'ad is a recent religious school graduate and a
prize-winning reciter of the Koran who helps channel readers' requests for
religious rulings, or fatwas, to Islamic legal scholars around the world.
Islam Online says it wants to present a positive view of the faith to
non-Muslims, to strengthen unity in the Muslim world and to uphold
principles of justice, freedom and human rights. Scholars of the region say
they see the Web site as a leading example of efforts by moderate Muslims
to push for the Islamization of societies by nonviolent means.
"There's a desire to make it a one-stop shop," said John L. Esposito, a
professor of religion and international affairs at Georgetown University.
"But obviously no single Web site can do that for anything, let alone the
Islamic world."
The Web site also has an English version, aimed at Muslims living outside
the Arab world. Professor Esposito points out that only about a quarter of
the world's 1.2 billion Muslims speak Arabic, and that for the rest,
English is an increasingly common second language.
The site is ambitious in content. Along with news articles, there are
in-depth discussions of Islamic issues, political analyses, discussion
groups, advice pages and a "fatwa corner," where readers can ask questions
or look up past edicts from religious scholars. That is where Mr. Sa'ad works.
The promulgation of fatwas by call-in shows and Web sites has spread in
recent years. Islam Online provides private responses for personal issues,
and public ones for questions of general interest. One recent day, the
Arabic site advised a questioner that killing women and children in war was
forbidden unless they were warriors; that a woman could appear unveiled
before her son-in-law; that abortions of deformed fetuses were wrong if the
condition was one that could be lived with.
The site's news section reflects the point of view of most media in the
Arab world, emphasizing the suffering of Palestinians, criticism of Israeli
policies and opposition to the United States' policy on Iraq. The
commentary section is generally mild in tone. The site appears to steer
clear of touchy doctrinal issues, like traditions that separate Shiites
from Sunnis.
During a reporter's recent visit to the offices here, young employees sat
at work over computer keyboards behind a series of closed doors. About 100
people, mostly Egyptians, with a sprinkling of others from across the Arab
world, work here; most of the women on hand wore head scarves.
In the newsroom, Eman Ahmed, 24, a graduate of Cairo University in her
first job, was rewriting a correspondent's account of the Bahraini
elections. "I am doing good things for Muslims and Islam," she said. In the
fatwa room, a group of graduates of the prestigious Islamic university Al
Azhar, including Mr. Sa'ad, dealt with requests for religious rulings.
Later, work stopped throughout the offices for evening prayers.
Mutiullah Tayeb, the Web coordinator, said Islam Online was receiving about
250,000 page views a day, which he said made it the leading Islamic site.
"We have to have mutual understanding, conversation," he said, "and not
allow other people just to describe Islam on behalf of Muslims."
The Web site began operating three years ago in Doha, Qatar, where its
technical and corporate offices are located. Qatar's leader, Sheik Hamad
bin Khalifa al-Thani, has made efforts to create a more open, liberal
atmosphere. Another prominent result of that openness is Al Jazeera
television, which has broadcast messages by Osama bin Laden and his
confederates, and has drawn criticism from governments across the Arab
world for its outspoken ways. The Qatari royal family, which finances Al
Jazeera, is a major supporter of the Web site, according to its deputy
editor, Hossam el-Din el-Sayed.
Islam Online and Al Jazeera are both feeling the influence of an
Egyptian-born cleric, Sheik Yusuf Abdulla al-Qarawadi. In addition to
acting as the Web site's spiritual guide and chairman of its board, he has
gained prominence through a regular call-in show on Al Jazeera, in which he
expounds on theological topics and answers questions about Islamic
practices and principles.
He has given mixed signals on the subject of women, saying that nothing in
the Koran forbids their voting or driving but that a woman's main role is
as a mother.
Sheik Qarawadi, who has a history of anti-American views, condemned the
Sept. 11, 2001, attacks as a "heinous crime," saying on the Web site that
the killing of innocents is a "grave sin" under Islam. But the sheik also
condemned Egypt's leading Muslim scholar for rejecting terrorist attacks
that killed Israeli civilians. The perpetrators were fighting colonizers,
he said, and in Israel all men and women are "soldiers."
But Mr. Sayed, the site's deputy editor, said that Islam Online was by no
means a mouthpiece for the sheik. He, like others interviewed at the site's
offices, emphasized that it was a vehicle for a broad range of mainstream
Islamic views.
"I have this idea about sharing the principles and concepts of Islam with
humanity," he said. "We are defending justice, not only Muslims."
********************************
CNET News.com
Sun shields server rooms from attack
By Michael Kanellos
Staff Writer, CNET News.com
October 28, 2002, 9:00 PM PT
Sun Microsystems has come up with a way to insulate computer networks from
fires, floods and bomb attacks: Split up the machines and put them in
different cities.
The Sunnyvale, Calif.-based server manufacturer on Tuesday will unveil its
Enterprise Continuity program, a collection of services and technology
designed to prevent network failure by physically separating computers that
work together in a unified cluster.
Properly installed, computers in the same cluster--running, for example, a
stock trading system or conducting drug research--could be located 125
miles away from one another without increasing latency or lag time. Current
fiber connections only allow computers in a cluster to be separated by six
miles. Beyond that distance these computers can't function seamlessly to
run the same application together.
"This allows you to pick up half your cluster and get it out of the
disaster footprint," said Chris Wood, director of technology sales and
marketing in Sun's storage division. "You want to move from disaster
recovery to didn't stop in the first place."
Nortel Networks participated in the project and will assist Sun in
implementing installations.
The Sept. 11, 2001, terrorist attacks and other events in recent years have
prompted a surge of interest in physically distributed computing. The
German government, for example, has passed legislation that banks
geographically disperse their processing centers. Downtime caused by
outages can quickly cause millions' worth of damage.
To date, companies have mostly hired disaster recovery companies to perform
data retrieval or create systems that mirror ongoing operations to prevent
downtime. Some companies have tried services similar to the one that Sun is
selling as well.
Although not cheap, Enterprise Continuity will be less expensive compared
with many traditional disaster recovery options because the active computer
systems and the backup systems are the same thing. If an explosion knocks
out half the cluster, the remaining half will absorb the work.
The system depends largely on an artifact of the dot-com era: dark fiber.
In the late 1990s, companies planted miles of fiber-optic cable into the
ground in Europe and North America. A substantial portion of it has yet to
be used.
In Enterprise Continuity, customers will exclusively lease portions of this
unused fiber and create a dedicated, secure link between two halves of a
separated cluster. In developing the system, Sun largely worked on tuning
its servers and storage systems for this sort of architecture while Nortel
examined the high-speed communications issues.
"It turns out that putting distance into architectures that were originally
designed to run 500 meters (500 yards) was a bigger challenge than
expected," Wood said. The long-distance lasers on the market now, for
instance, only reach six miles, which made them ineffective.
These systems, which will all involve custom installations, will be
targeted at the largest 1,000 companies in the world. Sun has certified
that its StorEdge 3900, 6900 and 9900 storage systems and the SunFire 15k
server can be used in these installations.
*************************
Associated Press
Reuters Accused in Privacy Case
Mon Oct 28, 3:46 PM ET
STOCKHOLM, Sweden (AP) - A small Swedish information technology company
Monday filed criminal charges against news service Reuters PLC for
obtaining an earnings report from a Web page it considered private.
Intentia International asked Sweden's National Criminal Investigation
Department to investigate whether Reuters PLC broke the law by retrieving
parts of Intentia's third-quarter report from a Web page before Intentia
released it publicly.
Reuters published Intentia's report on Oct. 24 after it became available
through Intentia's Web site. The report was available to anyone who typed
the correct Web address. But Thomas Ahlerup, a spokesman for the company,
said the Web page was not available through normal channels on the site.
He said Intentia's legal advisers consider Reuter's action to be an
infringement of laws that govern information technology property.
Reuters' Nordic bureau chief in Stockholm, Jonathan Lynn, said in a
statement that the company was surprised by Intentia's stance. Reuters
published information on the results "after they had been accessible over
the Internet."
A release from Reuter's London headquarters said "there was no substance to
the allegations that it made an illegal entry to Intentia's IT systems."
Last week, Reuters published an earnings report from banking group Nordea
AB ahead of the scheduled release. Nordea has acknowledged that parts of
the report were mistakenly put on its Web site.
Ahlerup said that if authorities deem that Reuters retrieved the
information from a public part of the Web site, it could set an important
precedent, making anything on a company's Web server public information, he
said.
"We want the authorities to test what can be considered to be private or
public," Ahlerup said.
Ahlerup wouldn't comment on whether the company had made market-sensitive
information available before it was released.
***************************
Federal Computer Week
Roster Change Government IT personnel moves
Oct. 29, 2002.
Fred Thompson, a longtime information technology official at the Treasury
Department, will end his 30-year federal career on Nov. 1.
He is leaving the federal government in the midst of a departmental
reorganization that resulted in cuts to the IT staff.
Thompson, assistant director for consulting and marketing at Treasury's
Office of the Chief Information Officer, is the latest IT official to
announce his departure. Last week, Mayi Canales, the acting CIO, said she
was leaving her job in government effective Oct. 25 to start a consulting
business.
Mike Parker, currently the director of Enterprise IT Business Planning and
Assurance for Treasury's CIO office, will become the interim acting CIO
while officials look for a permanent candidate. Parker began his tenure at
Treasury as director of financial management for the CIO office in 1999.
*****************************
Government Computer News
DOD settles on new rule for software buys
By Dawn S. Onley
GCN Staff
The Defense Acquisition Regulations Council published a final rule Friday
requiring contracting officers to first review the Defense inventory for
commercial software and maintenance services before checking elsewhere.
The rule adds the Enterprise Software Initiative requirements to the
Defense Federal Acquisition Regulation Supplement Subpart 208.74.
"The goal is to achieve significant savings to the taxpayer through lower
prices and better use of software licenses," the council wrote in the rule.
The Defense ESI working group lobbied for the rule as a way to put some
teeth in a two-year-old mandate that was widely overlooked. A July 2000
memorandum from the Defense CIO's office required contracting officers to
consult ESI when buying commercial software and maintenance services, but
the memo was often ignored. The latest move by the council makes the
measure a part of the DFARS, the rules that procurement officials must
follow in purchasing for military agencies.
The rule requires Defense contracting officers to first check the Defense
inventory for large software buys, said James S. Clausen, co-chairman of
the group. The blanket purchasing agreements offer DOD agencies discounts
of up to 90 percent off list prices for items such as communications
software, database products, office automation and security tools.
If the inventory does not have an enterprise agreement for a particular
product, or if a contracting officer is not satisfied with the price or
terms, he or she can apply for a waiver to use another vehicle, officials said.
*****************************
Government Executive
GSA awards contract to upgrade Web site
From National Journal's Technology Daily
Responding to the Bush administration's call to offer more citizen-focused
services, the General Services Administration (GSA) has awarded a contract
to overhaul its Web site.
The agency said Monday that it has awarded the $930,000 contract to Bates
Worldwide and its partner 141XM. The initiative follows a marketing study
that GSA conducted last February outlining the need to make the site more
user friendly.
In particular, customers said the site contains too much information that
is not always intuitively organized. Work already has begun on the site to
meet the spring 2003 deadline.
GSA's Office of Citizens Services and Communications will be conducting
customer surveys and working with internal stakeholders "to determine the
type of information clients want to see on the Web sites," said Tom
Skirbunt, acting director of strategic planning and marketing.
GSA may look to sites like FirstGov.gov as models for aspects of the GSA
redesign.
***************************
Computerworld
Net's Vulnerability Exposed
Attack on root servers resulted in moderate damage - this time
By Jaikumar Vijayan and Patrick Thibodeau
OCTOBER 28, 2002
Last week's assault on the Internet's core addressing system may not have
caused much real damage, but it highlights the Internet's vulnerability to
more sophisticated cyberattacks in the future, security analysts warned.
All 13 of the Internet's root Domain Name System servers - three of which
are located outside the U.S. - were victims of a massive distributed
denial-of-service attack on Oct. 21.
"It was the single most elaborate and focused attack on the DNS network
that we have ever seen," said Tom Ohlsson, vice president of Matrix
NetSystems Inc., an Austin, Texas-based Internet performance monitoring
company.
The attack appears to have been an attempt to disrupt the Internet by
clogging root DNS servers with useless traffic. The root DNS servers
provide the vital translation services needed for converting a Web name
such as www.computerworld.com into a corresponding numerical IP address.
But overall Internet service appears to have been largely unscathed, with
few major disruptions reported, Ohlsson noted.
That's because most of the information contained in the 13 root DNS servers
is cached in redundant and hierarchical fashion across multiple secondary
DNS servers.
"On the plus side, this shows that despite all those apocalyptic
projections, the Internet is more resilient than people think," said John
Pescatore, an analyst at Gartner Inc. in Stamford, Conn. "But it also shows
that the basic plumbing of the Internet still has vulnerabilities that need
to be addressed or brought up to business-quality levels."
Simple Solution
The relatively simply nature of last week's DDOS attack is what made it
easy for administrators to detect and choke off the offending traffic in a
few hours, analysts said.
But service would have started degrading if the attack had been sustained
long enough for the information contained in the secondary DNS caches to
start expiring - a process that usually takes from a few hours to about two
days, analysts added.
"This wasn't exactly the most sophisticated attack in the world," said
Jerry Brady, chief technology officer at Guardent Inc., a security
consultancy in Waltham, Mass. "But I've got to believe that this is going
to inspire a lot more attacks like this in future."
In a DDOS attack, hackers typically break into and take over thousands of
poorly protected networked computers - including those in homes - and use
such "zombies" to send torrents of useless data at target servers or networks.
"It is the electronic equivalent of somehow getting 50,000 phones to dial
911 at the same time," said Mark D. Rasch, former head of the U.S.
Department of Justice's computer crimes unit.
The Internet Corporation for Assigned Names and Numbers (ICANN), the
private group that's charged with ensuring the stability and security of
the DNS, will discuss methods for improving DNS security at its annual
meeting next week in Shanghai.
Among the fixes ICANN will be looking at is deploying the DNS Security
protocol to improve data origin authentication, said Stephen Crocker, an
Internet pioneer and computer scientist who heads the ICANN security
committee.
The more daunting problem is improving the security of PCs sold without any
security protections. "It's a public nuisance issue," Crocker said.
And DNS servers aren't the only component of core Internet infrastructure
that can be taken down by such attacks, analysts say. For instance, an
attack directed against a few well-selected Border Gateway Protocol routers
- which are used to exchange routing information for the Internet - could
cause large portions of traffic to be misdirected at will, said Ted Julian,
president of Arbor Networks Inc., a Lexington, Mass.-based vendor of DDOS
prevention tools.
Last week's attacks "represent an important escalation of these kinds of
threats," Julian said. "DDOS is no longer being targeted at single Web
sites, but at the entire Internet infrastructure."
****************************
USA Today
RealNetworks to release player source code
SEATTLE (AP) Microsoft has billions of dollars working to its advantage,
but crosstown rival RealNetworks is hoping to line up the rest of the world
on its side.
RealNetworks on Tuesday planned to release most of the secret blueprints,
or "source code," to its software that allows computer users to play audio
and video over the Internet. It planned to similarly release the source
code for its server and encoding software in December.
By sharing the code with thousands of developers, the company believes it
can more quickly and more effectively spread adoption of its
software tailored for scores of different computers, wireless phones and
handheld devices.
Still, the Seattle-based company is keeping other parts of its source code
secret, including the blueprints for such features as burning compact discs.
The release is part of RealNetworks' new "Helix" strategy, announced in
July. The company is the latest convert to the so-called "open-source"
software movement of sharing software blueprints. The idea is that an
assortment of programming talent will improve and build upon existing
technology.
That's a starkly different strategy than Microsoft follows. The
Redmond-based software giant closely guards its source code and considers
such open-source software as Linux operating systems and server programming
as significant competitive threats.
RealNetworks now has 300 million users of its media-playing software,
mostly on personal computers. It wants to reach 1 billion users in five
years, on everything from cell phones to handhelds, chief executive Rob
Glaser said. Not counting media software embedded in browsers, RealNetworks
has a slight edge over Microsoft, with about 31 million home users in June,
compared with 30.1 million for Microsoft players, according to the research
firm comScore Media Metrix.
Since the announcement, more than 2,000 developers have signed on to the
RealNetworks Helix Web site to participate, the company said. RealNetworks
is offering two licenses one for enthusiasts who must agree to make their
creations available for free to anyone in the community and another for
companies who must pay a royalty to RealNetworks for any commercial
programs built off the source code.
Microsoft said RealNetworks' Helix initiative is a ploy.
"Real is using open source theatrics to try to change the perception among
the developer community that they are hard to work with and too restrictive
in their licensing terms," said Michael Aldridge, lead product manager of
Microsoft's Windows Digital Media.
RealNetworks needed to make such a strategic change in order to keep pace
with the explosion of interest in digital media, said Richard Doherty,
director of research firm The Envisioneering Group in Seaford, N.Y.
"No one can handle it all," he said. "So the only way RealNetworks could
expand is to give up some of the magic through open source."
Regardless of whether it's an offensive or defensive move, it helps
differentiate RealNetworks from Microsoft in a race that has grown too
close to call, said Max Flisi, an analyst with International Data Corp.
"They wanted to do something that was not just 'let's release the next
version and claim it is twice as fast.' "
*****************************
New York Times
Nonprofit to Create Open Source Software
By LAWRENCE M. FISHER
SAN FRANCISCO, Oct. 28 Mitch Kapor, a software industry pioneer, has
started a nonprofit organization to create software applications in the
manner of the "open source" movement, in which the underlying code is
freely shared with the public.
Mr. Kapor, who in 1982 created the first so-called killer app for personal
computing, the Lotus 123 spreadsheet, and was a co-founder of the Lotus
Development Corporation, has financed the new organization, the Open Source
Applications Foundation, with $5 million of his own money. But he is also
accepting donations. Andy Hertzfeld, a leader of the original Apple
Macintosh development team, has joined as a full-time volunteer, and the
foundation has five other employees, all based in San Francisco.
The foundation's first software program is to be a personal information
manager, or PIM, as such programs are known. Code-named Chandler, the
software is to combine e-mail and calendar functions with tools for sharing
files among multiple users. Mr. Kapor said he planned to release a
functional portion of the program by the end of the year, and hoped to have
a finished product by the end of 2003. At this time the Foundation plans to
release Chandler, both the production program and the underlying source
code, as a free download, but Mr. Kapor said he would not rule out a
commercial package, most likely from a third party.
"I actually think the PIM is the central productivity application, not the
word processor or the spreadsheet," Mr. Kapor said last week. "Where people
spend their time is their e-mail and calendar," he said. "I've felt
frustrated that what is out there falls short of something satisfying."
Most large companies use Microsoft's Outlook Express for e-mail and
calendars. But the program's more advanced features, like file sharing and
collaboration, are available only when it is used with Microsoft Exchange,
a more costly product requiring network server computers. Mr. Kapor said
Chandler would offer this kind of performance to smaller organizations at
much lower cost by using so-called peer-to-peer technology, which relies on
the users' PC's and eliminates the server.
"Individuals and small organizations are at a disadvantage today," he said,
"and I'm an old PC guy. I'm in favor of end-user empowerment and
decentralization." Mr. Kapor said Chandler was aimed at filling an unmet
need for smaller organizations, not at unseating Microsoft in large
companies. Groove Networks, a company backed by venture capital and founded
by the Lotus Notes creator, Ray Ozzie, has also produced a peer-to-peer
e-mail and collaboration program, but it, too, is primarily aimed at large
companies, Mr. Kapor said.
The Open Source Applications Foundation will offer its code free to
individuals or organizations, provided they also make any code they produce
using the foundation's work freely available as well. Companies producing
proprietary commercial products with the foundation's underlying code will
pay a fee.
Jeff Tarter, editor of Softletter, said he was skeptical that there was a
market for Mr. Kapor's new venture, but the success of the Linux operating
system had also defied the skeptics.
"I haven't seen any evidence that there's a hole in the market here," he
said. "But all the rational people have been completely wrong about most of
these markets. So the fact that this sounds loony is probably a good thing."
*************************
CNET News.com
Who owns your e-mail?
By Evan Hansen
October 29, 2002, 4:00 AM PT
Nancy Carter has a message for Internet service providers: Keep your hands
off my e-mail.
The Toronto, Ontario-based freelance TV producer has been battling
U.S.-based Inter.net Group for the past 16 months over a billing dispute
she says may have cost her a lucrative job opportunity. Now she wants
$110,000 in damages over a policy that led Inter.net's Canadian subsidiary
to keep her ISP account open for incoming e-mail even while denying her
access to the account.
Beyond the money, Carter said she wants to change the way ISPs handle
suspended and canceled e-mail accounts. At stake, she asserts, is an
industrywide practice that amounts to extortion, in which ISPs may hold
private communications hostage until bills are settled up.
E-mail has "entered our lives at warp speed, and the law needs to keep up,"
she said of her lawsuit, filed earlier this month in federal court in
Canada. "You can't interfere with the mail. The post office has to return a
letter even when it doesn't have enough postage."
Carter's legal odyssey is unfolding in the wake of bankruptcies among major
ISPs including Excite@Home and Northpoint Communications, failures that
have put ISP consumer protection issues on the front burner for lawmakers
in the United States.
Dave Kramer, an attorney with Palo Alto, Calif.-based firm Wilson, Sonsini,
who is not involved in Carter's suit, said disputes over suspended e-mail
accounts in the United States are typically covered by terms of service
contracts that consumers agree to when they sign up with ISPs. In general,
he said, such contracts give ISPs wide latitude to set conditions,
including collecting and refusing to hand over e-mail until bills are settled.
"Still, I wouldn't be surprised to see ISPs tweak their contracts" in
response to the case, Kramer said.
Related consumer protection issues have already been heating up in
California, where Gov. Gray Davis recently handed Internet companies a
split decision.
Davis late last month signed a bill that requires e-mail service providers
to give 30 days' notice before shutting down e-mail accounts. The law,
which goes into effect Jan. 1, 2003, does not apply in situations where an
account holder has violated the terms of service or when service is
interrupted for reasons beyond the e-mail provider's control.
Davis subsequently vetoed a more sweeping bill that would have enacted the
same restriction on ISPs (Internet service providers). The governor called
the bill "well intentioned," but said it failed to provide sufficiently for
cases of consumer misconduct or technical mishap.
A question of privacy
Carter's legal quest began last year, when she filed a complaint with the
Privacy Commissioner of Canada charging Herdon, Va.-based Inter.net with
violating the Canadian Personal Information Protection and Electronic
Documents Act (PIPEDA).
Enacted in 2000, the law prohibits anyone from collecting personal
information without consent and putting it to commercial use.
Carter argued that Inter.net had violated the law by collecting e-mail
messages addressed to her and using the files as a weapon to force her to
pay a disputed bill.
The commissioner does not reveal the names of parties involved in suits
brought before him. Nevertheless, Carter said the findings related to her
case were published in a report issued Aug. 28. In that brief, the
commissioner found that the ISP in question had failed to adequately
disclose its policy on delinquent accounts, and agreed that the policy
violated PIPEDA, clearing the way for a civil trial.
A representative for Inter.net, a company formed following the bankruptcy
of PSINet last year, declined to comment on the finding or the lawsuit.
According to Carter, Inter.net presented her with a $214 charge for 14
months of service that had gone unbilled because of an accounting error.
Carter said she agreed to pay half, an arrangement the company initially
accepted but later rejected. At that point, she terminated the account and
signed up with an alternate provider, Carter said.
The old account, however, was kept open under suspension without her
knowledge, she said, and e-mail continued to pile up. Carter eventually was
able to retrieve 24 e-mail messages some three and a half weeks after the
cancellation, including one from a potential employer encouraging her to
apply for a $65,000 contract job at the Discovery Channel. Prior to the
e-mail, Carter and her potential employer had exchanged telephone messages
about the position. Unbeknownst to her, the e-mail would have been the next
link in that chain, but by the time she got it, the position had been filled.
In his report, Canada's Privacy Commissioner said Inter.net's policies are
standard practice in the ISP industry that need to be changed.
The commissioner recommended that "the ISP immediately cease collecting,
storing, and denying access to e-mails addressed to holders of accounts
under suspension and adopt instead the practice of deflecting such e-mails
back to the senders with notification to the effect that the messages could
not be delivered."
Few companies offer e-mail senders a way other than a direct reply to
verify whether their messages have gotten through to, and been read by, the
intended recipient.
America Online, the world's largest ISP, provides members with an e-mail
receipt notification option and lets members check on the status of e-mail
sent to other members.
But AOL spokesperson Nicholas Graham said the company's privacy policy does
not allow AOL to indicate to anyone other than the owner of the account
whether someone had access to the account at any given time. As a result,
accounts that have been suspended may continue to receive e-mail without
notification to senders that the account is inaccessible to the owner.
Graham added that AOL requires members who violate the company's terms of
service to return to good standing before they can access e-mail that has
accumulated during this period. AOL members who cancel their accounts
voluntarily lose any accumulated e-mail unless they reactivate their
accounts before the files are purged, a process that may take a few weeks
to complete.
AOL members who send e-mail to a canceled AOL account receive notification
that the account is no longer active. Non-AOL members e-mailing a canceled
account receive a different notification stating that the message did not
reach its intended address.
Carter said she has pursued Inter.net in the hopes of barring ISPs from
collecting e-mail sent to delinquent accounts and of forcing them to notify
e-mail senders when an account they have tried to reach is inactive.
"I want the industry to stop doing this," Carter said.
***************************
Wired News
P2P App's Aim: Defend Free Speech
Developers of peer-to-peer file sharing application Freenet issued a
long-awaited "major release" on Monday, marking the controversial project's
first such advancement since August 2001.
The announcement ends an extended quiet period for its creators, and
underscores their hopes of reaching more users.
Like its more popular peer-to-peer cousins Kazaa and Gnutella, Freenet
allows people to exchange files over the Internet through a shared network.
But unlike other networks, Freenet's creators say they designed the
application with free speech, not free entertainment, in mind. The software
provides a forum for anonymous publication, using data encryption and a
decentralized network designed to prevent shutdown by anyone -- unfriendly
governments, ISPs and even the network creators themselves.
Hampered by stability problems and a less-than-friendly user interface,
earlier versions were relegated to a limited audience of tech-savvy users.
But Freenet's developers say version 0.5 addresses those limitations, and
includes enhanced encryption and anonymity capabilities.
The application's identity-cloaking design makes it impossible to determine
the actual number of users, but 25-year-old Freenet project founder Ian
Clarke says the software is downloaded roughly 2,000 to 3,000 times daily.
Last week, Kazaa averaged 442,460 downloads a day on CNET's Download.com.
Reportedly, users in China have translated the software's user interface to
Mandarin Chinese, and have adapted it for distribution on a single floppy
disk.
"I'm told they're using it to share documents the government has been
trying to censor, some of which are related to the Tienanmen Square
massacre and (banned Chinese spiritual organization) Falun Gong," Clarke says.
He acknowledges that Freenet will inevitably also be used by the Web's
"seedier elements" to distribute other kinds of outlawed content --
potentially including child pornography or racist propaganda. Freenet's
distributed design means that a network participant could unknowingly store
fragments of illegal or offensive content on their computer, in encrypted
form.
"If you believe in freedom of speech, you need to protect other people's
right to it, even when you disagree or find it distasteful," Clarke says.
"Freenet is like a parallel World Wide Web, where everybody is anonymous."
The project's conceptual base was documented in 1999 in a paper Clarke, who
is Irish, wrote while studying at Edinburgh University in Scotland. On a
whim, he published his paper online, soliciting help to execute the
project. Freenet's first release launched in March 2000, and Clarke moved
to Los Angeles shortly thereafter. Freenet now consists of about 30
volunteers and one paid student developer.
This week, Clarke also announced he is stepping down from Uprizer -- a
company he founded in 2000 to explore commercial applications for Freenet
-- to launch a new company called Cematics.
Clarke says Uprizer will relocate to Singapore, where it will find a ripe
market for its content distribution products in a region where bandwidth
cost is widely estimated at four to five times U.S. averages.
Freenet's developer fans are creating a number of surprising applications
for the software, including one designed to enable FM-quality radio
broadcasting over its network. Projects like these aren't likely to win the
notorious network any new friends among entertainment lobbyists who argue
it promotes unlawful distribution of copyrighted material.
But Clarke claims copyright law was the last thing on his mind when he
started the project.
"So much of the uproar over copyright implications of Freenet seemed
off-topic to me," he says. "I wanted to say, 'Look, welcome to the jungle.
This is capitalism, where people are forced to adapt to new technology.'
Copyright is just one way of encouraging artists to create.
"And, ultimately, free speech is more important than your current copyright
laws."
***************************
CNN Online
E-mail greeting card hides porn
By Jeordan Legon
CNN
Tuesday, October 29, 2002
(CNN) -- The e-mail looks harmless enough: A link to a greeting card that
appears to be sent by a friend.
But clicking on the link can place porn images on a desktop, download a
barrage of x-rated ads, or send similar e-cards to those listed in
Outlook's address book.
No downloadable e-mail attachments to install. No infected disks shared.
All the user has to do is go to a link.
E-mail marketers -- many of them porn sites -- are increasingly borrowing
tactics used by hackers to trick potential customers into seeing their
messages, anti-virus experts say. And often, they use Microsoft's ActiveX
Controls, which are meant to make Web pages more interactive, to instantly
download their unwanted programs.
"It like the boogy man. It's going that way," said Chris Wraight, tech
consultant for anti-virus company Sophos. "You have to be careful and be
very, very suspicious."
They're not viruses or worms, but they are annoying -- modifying a user's
computer in ways they never intended, said Lawrence Baldwin, president of
Internet security firm myNetWatchman.com.
"The general thinking of the average Internet user is that ... by running
antivirus and not downloading executable files, they don't have to worry,"
Baldwin said. "But they're getting a false sense of security."
One e-greeting prompts warning
There are many such direct marketing e-mails making their way around the
globe. One this week elicited enough complaints that it prompted warnings
from anti-virus firms and by Tuesday, Canadian company Cytron
Communications had taken down the offending site.
The Cytron-enabled e-mail greeting mimicked many legitimate greeting card
sites by including a personalized subject line: "(Recipient) you have an
E-Card from (sender)." Within the message, there was a link to
friendgreetings.com and a small note: "E-card viewer plug-in may be
required to view some cards."
Those who clicked on the link and accepted the lengthy user agreement
unwittingly downloaded a program that peppered them with porn-filled pop-up
ads and handed over the e-mail addresses in their Outlook e-mail address
book to the marketer.
Not doing anything illegal
The direct marketer is not doing anything illegal, so many anti-virus firms
are treading carefully -- not treating such misleading campaigns as
viruses, but warning users nonetheless.
"It was a gray area... that we have to watch carefully," Wraight said.
Baldwin advises users to avoid clicking on e-mail links to sites they don't
recognize. And he suggests disabling the Internet Explorer function that
allows browsers to instantly download ActiveX Controls. Doing so will cause
a warning box to appear anytime such files are encountered, which could get
annoying because Macromedia Flash, used to create Web animations, uses
ActiveX Controls.
But a little annoyance is worth it in the long run, he said. "You have to
configure your browser to protect yourself."
****************************
CNN Online
Study tallies sites blocked by Google
Friday, October 25, 2002
NEW YORK (AP) -- What you get through Google's powerful and popular search
engines may depend on where you live.
A report Thursday from Harvard Law School found at least 100 sites missing
from search results when accessing Google sites meant for French and German
users.
Most of the missing sites are ones that deny the Holocaust or promote white
supremacy. France and Germany have strict laws banning hate speech, while
the United States favors freedom of expression even for unpopular viewpoints.
The sites themselves were not blocked. But the effect is the same when
users cannot find them, said Danny Sullivan, editor of SearchEngineWatch.com.
"Search engines are an incredible tool for people to locate information on
the Web," Sullivan said. "If you pull a Web site out of a search engine,
you are in some degree censoring, in some degree making it inaccessible to
some people."
In a statement, Google spokesman Nathan Tyler said the company must
occasionally remove sites to avoid legal liability. Such removals, he said,
are in response to specific requests and are not done preemptively.
"We carefully consider any credible complaint on a case-by-case basis and
take necessary action," Tyler said. "We only react to requests that come to
us."
Google, Yahoo!, Amazon and several other companies run separate sites for
different countries, often in native languages and featuring local
currencies. The primary, ".com" version is generally considered the U.S.
site, though it is accessible from elsewhere, including France and Germany.
Jonathan Zittrain, a professor at Harvard Law School's Berkman Center for
Internet & Society, and Ben Edelman, a Berkman researcher, found about 65
sites excluded from Google.de, the German site. They found 113 sites,
including the 65, missing at Google.fr, the French site.
Testing was conducted Oct. 4-21.
Remove sites for legal reasons
Edelman said users would have no inkling of any exclusions unless they
compared search results side by side. He suggested Google could better
serve users by inserting a "placeholder" where sites are removed due to
government or other censorship.
Google's stated policy calls for removing links when site owners request them.
It also removes them for legal reasons, most prominently when the Church of
Scientology International complained of copyright violations at a Norwegian
site run by critics.
After free-speech advocates complained, Google agreed to notify the site
ChillingEffects.org when it gets a copyright-related removal request.
Google, as a private company, is generally not bound by the free-speech
guarantees in the First Amendment, which applies to restrictions imposed by
government.
But Edelman said that private or not, the company has a public
responsibility as a widely used resource.
***************************
Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx