Clips December 11-12, 2002

[Lillie Coney <lillie.coney@xxxxxxx>]

Clips December 11-12, 2002

ARTICLES

Security Lapses on Campuses Permit Theft From JSTOR Database
Tech Jobs Become State's Unwanted Big Export
Multinational war games will test analysis tool
INS to implement foreign student tracking system in January
Camera Is Graffiti's Unwelcome Audience
Defense Rests in Russia Copyright Trial
Sellers of Pirated DVDs Targeted
New Plan for Spammers: Charge 'Em [Spam]
Report suggests ID alternatives
Military network technology passing into civilian use
FBI struggles with data management
Burbano takes on homeland [CIO] job
DOD offering homeland expertise
Passenger ID system makes progress
Science.gov makes research more accessible to the public
Economics of Kid-Friendly Domain Questioned
White House: IT, privacy concerns loom for Homeland Security Dept.
Australian court's Web ruling 'provincial,' says cyberlaw expert
Spam to overtake real e-mail in 2003

**************************
The Chronicle of Higher Education
Security Lapses on Campuses Permit Theft From JSTOR Database
By DAN CARNEVALE
December 12, 2002

Someone exploiting a security weakness on college computer networks this 
fall tried to illegally download the entire collection of scholarly 
journals kept in the JSTOR database.

JSTOR, a nonprofit organization that creates digital copies of scholarly 
journals and sells access licenses to institutions, was able to put a stop 
to the attempted thievery after about 50,000 journal articles were 
downloaded. Kevin M. Guthrie, president of JSTOR, said this is less than 5 
percent of the organization's electronic library and that JSTOR did not 
take a significant financial loss.

The culprits infiltrated the database by finding college proxy servers that 
were unintentionally left open for use by the public, Mr. Guthrie said. 
Proxy servers are programs used in computer networks to ensure that only 
authorized users have access to restricted materials such as online 
journals and databases. But the JSTOR incident shows that colleges that 
don't configure their proxy servers correctly can accidentally leave 
avenues for others to use the servers to gain access to the materials.

Mr. Guthrie said he was concerned that institutions may not be aware that 
online thieves can use open proxy servers to disguise themselves as a user 
at a college to break into computer networks and databases. More sensitive 
and confidential information could be stolen if institutions don't find a 
way to protect against this behavior, he said.

The JSTOR network was penetrated in September and October by a person or 
people in another country who gained access to proxy servers at American 
colleges, Mr. Guthrie said.

They then launched what Mr. Guthrie called a "systematic" attack on the 
JSTOR database to download its contents. JSTOR staff members detected the 
activity and took steps to prevent the downloads, but the culprits worked 
to find ways around the roadblocks, he said.

Mr. Guthrie said the attack stopped after JSTOR sought outside help, which 
he declined to describe. He also declined to identify the institutions and 
the countries that were involved.

Although the attack on JSTOR's database was halted, Mr. Guthrie said, he 
wants to let others know what happened so institutions and organizations 
can secure their servers from such attacks. "My motivation for this is 
really to create awareness of the problem," he said. "It's not motivated by 
what we perceive as a direct commercial threat. We can deal with that 
internally."

The proxy servers at colleges can be accidentally left open to outside 
access, he said. Officials at institutions need to keep a constant eye out 
to guard against unauthorized uses of college equipment, he said.

"Anybody on a campus can set up a Web server and can either accidentally or 
for some other reason open up some other proxies," Mr. Guthrie said. 
"People have figured this out. They understand this. So what they do is 
they go out and search for these open proxies."

Ann S. Okerson, associate university librarian for collection and technical 
services at Yale University, said the incident at JSTOR could be a symptom 
of a larger problem.

Ms. Okerson said she's concerned that the instances of attacks on proxy 
servers could grow and allow outside users to view confidential 
information, like scholarly work or medical records or even love letters. 
"It's things that you and I really hold dear and private and confidential," 
she said.
******************************
Los Angeles Times
Tech Jobs Become State's Unwanted Big Export
Hit hard in the global bust, California may see some employment move 
overseas for good.
By Evelyn Iritani and Marla Dickerson Times Staff Writers
Times Staff Writers

December 12 2002

From Silicon Valley to Boston's Route 128, technology companies are 
waiting for a rebound in business spending to pull them out of their slump. 
But when the Bay Area and other regional hotbeds emerge from the deep hole 
left by the technology crash, they'll find that the landscape looks a lot 
different. Many of the jobs lost will not be back.

The global tech bust has forced a dramatic restructuring of the industry as 
firms struggle to return to profitability. Companies have shed thousands of 
jobs in the United States and Europe while shifting production to 
lower-cost countries, mostly in Asia.

Like makers of apparel and toys before them, technology companies say their 
survival depends increasingly on performing all but the most sophisticated 
tasks offshore.

From its peak of 5.7 million jobs in early 2001, U.S. technology 
employment has plunged by about half a million. More than 100,000 of the 
job losses have come in California, according to figures from the American 
Electronics Assn., a Washington trade group. Most of these positions have 
been in high-tech manufacturing, in which the average wage tops $70,000 a year.

"A lot of those job losses are permanent," said Daniel Wilson, an economist 
with the Federal Reserve Bank of San Francisco. "The natural cycle of 
companies moving production offshore got accelerated."

Experts say tech companies that weather the shakeout will emerge leaner, 
meaner and more profitable for their pains. And few doubt Silicon Valley 
will remain a world leader in innovation.

Still, the transformation poses serious challenges for states such as 
California, which have looked to the technology sector to generate 
employment, exports and tax revenue.

"California is not a low-cost place to do business," said Walter Reichert, 
director of international relations and trade policy at Hewlett-Packard 
Co., which has shed 16,000 jobs as part of a global restructuring triggered 
by its merger with Compaq Computer Corp. "Like our colleagues at IBM and 
Sun, we tend to keep our engineering here. But for any kind of assembly 
work, we've got to look at other possibilities."

Although many believe the worst is over, the cuts still keep coming. In 
recent months, big names such as Hewlett-Packard, Advanced Micro Devices 
Inc., Sun Microsystems Inc., Applied Materials Inc. and Agere Systems Inc. 
have announced layoffs totaling more than 12,000 jobs here and abroad. In 
early August, IBM Corp. confirmed it had slashed 15,600 jobs from its 
workforce this year.

Plunging global demand for technology equipment, coupled with production 
shifts offshore, have wreaked havoc on U.S. exports. Shipments of computers 
and electronic products, which account for one-quarter of America's 
exports, dropped 16% in 2001.

California's exports have been walloped even harder. Technology is the 
state's No. 1 export, accounting for more than half of its sales overseas 
at the height of the boom. After reaching a record $61.4 billion in 2000, 
California's exports of high-tech goods plunged 18% in 2001 and are down 
23% through the first three quarters of this year.

"California technology firms have to outsource to stay competitive -- that 
absolutely makes sense," said Ross DeVol, director of regional and 
demographic studies for the Santa Monica-based Milken Institute. "On the 
other hand, these production activities are increasingly taking place 
abroad. We're losing employment. We're losing income. We're losing the tax 
receipts."

Indeed, the meltdown in California's tech sector has huge implications for 
the state's economy. Although California's drop in overall employment has 
been milder than that of the nation as a whole, a disproportionate share of 
its declines has come in high-paid sectors such as information technology, 
telecommunications and computer services, leaving the state much worse off 
in terms of income than the rest of the country.

Lawmakers in Sacramento used a variety of gimmicks to cover a $24-billion 
deficit this year, only to find themselves faced with another 
$20-billion-plus chasm heading into the next budget cycle. That's partly 
the result of the state's heavy reliance on tax revenue from capital gains, 
stock options and bonuses. At its peak in 2000, revenue from these sources 
soared to $17.6 billion -- accounting for 25% of California's general fund.

But those revenues have fizzled with the bursting of the tech and stock 
market bubbles. State officials, who committed to billions in new spending 
when coffers were flush, found themselves staring at a yawning deficit 
almost overnight.

"It was a 100-year bonanza ... and we spent it," said Ted Gibson, former 
chief economist for the California Department of Finance, who is an 
economic advisor at Metropolitan West Securities in Sacramento. "Now it's 
reality-check time."

Gibson says the eye-popping gains in personal income and job growth that 
characterized the late 1990s in California are unlikely to be repeated 
anytime soon. Silicon Valley remains mired in what may be the worst 
downturn in its history.

The San Jose metropolitan area alone has lost more than 100,000 jobs since 
its pre- recession peak in December 2000, while unemployment has risen to a 
19-year high of 7.9%. The Silicon Valley Manufacturing Group, an alliance 
of technology firms, projects that it will be at least five years before 
employment in Silicon Valley returns to its previous peak.

"Any of us who think we're going to have the kind of prosperity and instant 
wealth and job creation we saw in the late 1990s is really kidding 
themselves," said Rick White, chief executive of TechNet, a Palo Alto-based 
technology industry lobbying group. "There is still a lot of overcapacity 
and restructuring" ahead.

The turn of fortune has been brutal for workers such as Richard Jerry. The 
former technician at Applied Materials once earned nearly $30 an hour 
building test fixtures for the Santa Clara, Calif., semiconductor equipment 
maker. Laid off for more than a year, his savings and unemployment benefits 
exhausted, Jerry recently moved into a Bay Area homeless shelter. Still, 
the 43-year-old harbors dreams of returning to "the best job I ever had."

"All we need is another upturn" in business, he said.

Chances are, it won't be so simple. Experts say what began as a cyclical 
slump has forced permanent structural changes to the U.S. industry that 
won't be undone when business revives.

Companies such as Hewlett-Packard, Cisco Systems Inc. and Motorola Inc. for 
years have outsourced production to contract manufacturers such as 
Flextronics International Ltd. and Solectron Corp., which in turn are 
rapidly shifting their operations to lower-cost foreign facilities as 
profits have plunged.

Customers are being squeezed, "so we're being squeezed," said Jim 
Sacherman, the San Jose-based chief marketing officer for Flextronics, 
which has cut thousands of jobs and closed plants. The multinational 
company announced Friday that it would shutter a plant in Irvine that makes 
printed circuit boards.

"Even when things turn around," Sacherman added, "it's not like all of a 
sudden we're going to pick up all that and bring it back."

Others are following suit. After growing 50% to 60% a year during the boom 
times, Milpitas, Calif.-based Solectron has shed 35,000 jobs in the last 
two years, most of them in North America and Europe, while expanding 
production at its three facilities in China.

And the list goes on. Fiber- optic equipment maker JDS Uniphase Corp., with 
headquarters in San Jose and Ottawa, has beefed up its Chinese operations 
while sacking more than 20,000 workers in the U.S. and Canada. Santa 
Clara-based National Semiconductor Corp., which has shed 1,100 employees 
and contractors, most of them manufacturing employees in the U.S. and 
Scotland, just broke ground on a new chip plant in Suzhou, China, that will 
employ 500. Motorola Inc., which slashed 7,000 jobs this year, has 
aggressively shifted its chip production to contract manufacturers in Asia. 
The Schaumberg, Ill.-based company plans to invest $1.3 billion in research 
and development facilities in China during the next four years.

Some say the U.S. has no choice but to keep climbing the knowledge ladder, 
focusing on production of higher-value software and services and pouring 
billions of dollars into new arenas such as biomedicine, nanotechnology and 
the wireless Internet.

"Manufacturing is not just people with dirty hands in a grimy building 
making widgets," said Doug Henton, president of Silicon Valley-based 
Collaborative Economics. "It could be people at a computer manufac- turing 
software.... We're still making things. But what we make is different, and 
how we make it is different."

Yet others say California's high costs and inhospitable business climate 
have helped accelerate high-tech manufacturing's move away from the Golden 
State. Carl Guardino, president of the Silicon Valley Manufacturing Group, 
said too many state officials seem unable to grasp that much of the 
technology wealth created in California has come not just from design of 
computers and other high-tech products but from their production and export.

Cut too deep into the manufacturing base, and Silicon Valley could lose its 
ability to maintain its technological predominance, he warns.

"I feel like renting a horse and dressing up like Paul Revere," Guardino 
said. "Too many folks are taking for granted what is at stake here."

Still, the state faces huge challenges in retaining, much less expanding, 
its high-tech production. California's tax structure motivates 
sales-tax-hungry communities to favor strip malls and auto dealers over 
factories. Lofty electricity rates, workers' compensation costs and real 
estate prices have made the state's business costs among the highest in the 
nation. And looming budget deficits mean that businesses' fees and taxes 
are likely to go up in the near term, rather than down.

Although the recent job losses largely have been in lower-cost commodity 
goods such as semiconductors, cell phones and computer components, even 
higher-value products face stepped-up competition from places such as China 
and India, which have invested in scientific education and other 
infrastructure crucial for technology firms.

What's more, it's not just production jobs going abroad. A growing number 
of U.S. companies, including Dell Computer Corp., General Electric Co. and 
Citibank, have shifted call centers and other information technology 
service operations offshore to slash costs.

A recent report by Cambridge, Mass.-based Forrester Research projects that 
3.3 million positions, in activities from credit card processing and 
back-office accounting to software development, computer programming and 
engineering, will migrate to countries such as India, Russia and China in 
the next 15 years.

If the United States wants to stay on the cutting edge, it must do a better 
job of educating its workforce, particularly in science, mathematics and 
physics, said William Archey, president and chief executive of the American 
Electronics Assn.

"We've got to do something that makes the idea of engineering and science 
far more attractive to young kids," he said. "I have jokingly said, instead 
of 'L.A. Law,' we need 'L.A. Geek.' "

Unless some difficult choices are made, experts warn, the U.S., and 
particularly states such as California, could be left on the sidelines of 
producing the next "new thing."

"We're not going to be able to stop production from leaving the state, but 
we've got to make some decisions about what we want to keep here," said 
DeVol of the Milken Institute.

"If we just throw our arms up and say, 'It's the inevitable sequence of 
events that this production goes to low-cost countries,' then that's what 
will happen."
*******************************
Government Computer News
Multinational war games will test analysis tool
By Vandana Sinha
GCN Staff

When the U.S. Joint Forces Command conducts a second multinational war 
games experiment in February, it will use a new software analysis tool that 
displays relationships between key facts buried in separate files.

In an event called Multinational Limited Objective Experiment 2, the Joint 
Forces Command will join Australian, British, Canadian and German defense 
officials in enacting a 2010 Pacific Rim scenario to establish whether they 
can easily and securely share information and, together, gauge an enemy's 
socioeconomic, political, military and technological potential.

The information-gathering process, known as an operational net assessment, 
will undergo its second international test from Feb. 10 to Feb. 28. Joint 
Forces Command led a multinational experiment in November 2001, designed to 
test foreign collaboration in military action.

In this second test, a command control cell in Suffolk, Va., will launch 
the invented pre-crisis scenarios in the Pacific.

The research product, ClearResearch, will tag key points or names from 
reams of data that each country will receive on an enemy nation. It will 
analyze those facts, finding relationships to other facts from several data 
sources, whether they are news stories, reports, Web sites or memos.

The software then displays a single view of the relationships, dividing the 
computer screen into separate chunks with lines or circles drawn around 
associated facts or names.

Developed by ClearForest Corp. of New York, the software uses Extensible 
Markup Language, whose universality allows different file and data formats 
to overlap easily, and runs on Microsoft Windows NT and 2000 operating 
systems. Joint command paid approximately $500,000 for the software.
******************************
Government Executive
December 11, 2002
INS to implement foreign student tracking system in January
By Kellie Lunney
klunney@xxxxxxxxxxx

An automated system for tracking foreign students in the United States will 
be in place by its Jan. 30 deadline, despite requests by educational 
institutions for more time, the Immigration and Naturalization Service said 
Wednesday.


Public and private schools that enroll foreign students must enter 
information about new nonimmigrant students who plan to study at their 
institutions into the INS' Student and Exchange Visitor Information System 
(SEVIS) by Jan. 30. Schools cannot enroll new foreign students for study in 
the United States until they comply with SEVIS rules, INS spokesman Chris 
Bentley said Wednesday.


Schools have until Aug. 1, 2003 to enter information about current 
nonimmigrant foreign students attending their institutions, according to 
the final rule on SEVIS published in the Federal Register Wednesday.

SEVIS is designed to replace the paper-based system the agency now uses to 
track foreign students in the United States, eliminating delays in 
notification by informing all parties simultaneously once an INS decision 
on a visa application is completed. Although the State Department is 
responsible for issuing student visas to foreign students who want to study 
in the United States, the INS must monitor each student's stay in the 
country and determine which schools are eligible to accept foreign students.

Under the system, when a foreign student applies to enroll at a school, the 
institution enters information about the student into the electronic 
system. Designated INS officials, school officials, certain State 
Department employees and law enforcement authorities will have access to 
SEVIS to monitor foreign students' attendance records and other activities 
while they are enrolled.

In public comments about SEVIS, school officials and education associations 
asked the INS to extend the initial compliance date, saying they didn't 
have enough time, money or staff to assess system changes or purchase 
software necessary to implement SEVIS. Schools also said they would not be 
able to assess all the guidance for SEVIS before Jan. 30, since the State 
Department has yet to publish its corresponding guidelines on SEVIS.


But the INS defended its decision to stand by the January deadline. "It was 
not a date chosen at random, but was a date chosen as the most reasonable 
balance between national security concerns and the education community's 
ability to comply," the final rule in the Federal Register said. "The 
sooner that all schools and students are in the SEVIS database, the sooner 
the [INS] will have the ability to more fully monitor them."


The INS emphasized that schools need only to enter data on new foreign 
students by Jan. 30 and can use regular Internet access to link to SEVIS. 
More sophisticated software for SEVIS was introduced recently, but many 
schools have not yet had an opportunity to test it.


The INS also said it has been working closely with the State Department on 
SEVIS guidelines, so schools need not worry about significant discrepancies 
between the agencies' guidance. "The fact that two separate rules are being 
promulgated setting out SEVIS requirements is a matter of the federal 
rulemaking process, and does not indicate that the two agencies are not 
working together," the rule said.

At a congressional hearing in September, Justice Department Inspector 
General Glenn Fine expressed doubt about the INS' ability to get SEVIS in 
place by Jan. 30.

"Unless the INS devotes sufficient resources and effort to implement and 
use SEVIS effectively, many of its current problems in tracking and 
monitoring foreign students who come to the United States to attend school 
would continue to exist," Fine said before the House Judiciary Subcommittee 
on Immigration, Border Security and Claims.
*******************************
New York Times
December 12, 2002
Camera Is Graffiti's Unwelcome Audience
By BONNIE ROTHMAN MORRIS
WHAT flashes and shouts when it sees something moving, helping to stop 
crime? No, it is not some kind of high-tech police robot, but a much 
simpler invention: a modified film camera that is being used in Milwaukee, 
Los Angeles and other cities to deter graffiti vandalism.

The camera is a Vivitar 35-millimeter flash model that has been equipped 
with a motion detector and a digital voice recorder-player and housed in a 
rugged steel and clear plastic case. The system, which works on five C 
batteries, is mounted on a tree or pole overlooking an area where graffiti 
vandals might be tempted to do their work.

If the system detects motion in the area, it fires the camera and flash and 
issues "a pretty darn loud" warning, said Ken Anderson, president of Q-Star 
Technology, in Chatsworth, Calif., which makes the system. The warning, 
which can be recorded by the owner of the system, is usually something 
like: "Stop! This is a restricted area. We have just taken your 
photograph,'' and can be recorded and played back in any two languages.

Mr. Anderson, a former technology newsletter publisher who developed the 
camera system as a hobby, said it was meant as an alternative for 
governments and companies that spend a lot of money on removing graffiti.

Milwaukee, for example, which has more than 200 bridges that are targets of 
graffiti vandals, spent about a million dollars two years ago on removal. 
The money paid for crews who sandblasted graffiti or otherwise removed it 
from bridges and repainted them, said Paul Novotny, the bridge maintenance 
manager for the city.

Now the city uses about 20 of the modified cameras in eight locations to 
deter vandals. The cameras cost $3,000 each and are frequently moved from 
location to location, to keep "taggers," as the vandals are called, guessing.

"Every place we put them in at least pushes the kids away from the area 
that the camera is focused on,'' Mr. Novotny said. "They don't go under 
that bridge anymore." The film can be changed as needed - the system comes 
with a kind of remote control for determining, from the ground, how many 
exposures remain. But even if all the exposures are used up, the system 
will keep firing the camera and flash and activating the audio player as a 
deterrent.

The California Water Service Company's Westlake District recently installed 
a camera at a reservoir in Ventura County that is a favorite gathering 
place for teenagers, who would hang out at night with blankets, pizzas and 
beer on top of the concrete holding tank and paint to their hearts' 
content. No more.

"Since the camera has gone in, we haven't had a problem,'' said Elaine 
Marchessault, district manager at the water company. "Not one bottle, not 
one can, not one piece of trash and no graffiti."

So far, no one has been caught with spray can in hand, arrested and 
convicted. And no one has complained about being spied upon. Graffiti 
vandals, though, are finding ways to protest. Last month, in Lynwood, 
Calif., a city of 60,000 people and 26 anti-graffiti cameras, a tagger 
climbed to the top of a pole where a camera was mounted and spray-painted 
it, said Rudolph Brown, of the public works department in Lynwood. The 
camera did not catch the act: its batteries were dead.
******************************
Associated Press
Defense Rests in Russia Copyright Trial
By BOB PORTERFIELD, Associated Press Writer
December 11, 2002

SAN JOSE, Calif. (AP) - An oversight by the U.S. company that sells 
software products for a Russian corporation charged with violating the 
controversial 1998 Digital Millennium Copyright Act (news - web sites) may 
have undermined one of the prosecution's key allegations.


Testifying as the final witness before the defense rested its case in 
federal court Tuesday was Ryan Dewell, director of technical services for 
Register Now!, an Issaquah, Wash., re-seller for Moscow-based Elcomsoft Co. 
Ltd.


Dewell told a jury that general sales of a product allowing users to 
circumvent restrictions on Adobe Systems' eBook Reader were stopped almost 
immediately after the San Jose company complained to Elcomsoft.


However, because Elcomsoft's product, the Advanced eBook Processor Program, 
had a different product number for a price-discounted version to longtime 
Elcomsoft customers, the product was still offered until Elcomsoft notified 
Register Now! one version was still available.


Dewell said Elcomsoft President Alex Katalov requested that Register Now! 
remove the eBook software from sale within a five-day period demanded by 
Adobe, but the discounted version was overlooked and continued to be listed 
for several more days. During that period, at least one copy was purchased 
by Los Alamos National Laboratory, a long-time Elcomsoft customer.


"It was an oversight on our part," Dewell testified during questioning by 
defense attorney Joe Burton. "Katalov brought the second version to our 
attention."


Elcomsoft and Katalov, its president, are charged with willfully conspiring 
to sell software that is designed to circumvent technology protecting the 
rights of a copyright owner. Elcomsoft's product, marketed for just a few 
days in the summer of 2001, permitted users to remove publisher-imposed 
restrictions on their electronic books, allowing copying, printing and 
distribution.


Part of the government's case centers on whether Elcomsoft continued to 
sell its product after Adobe informed the company that it believed 
Elcomsoft was violating the DMCA and gave Elcomsoft five days to stop 
selling the software. Evidence introduced by the defense supported 
Elcomsoft's claim that it complied with Adobe's demand within the time 
limit established.


Part of that evidence  two e-mails between Elcomsoft and Register Now! in 
which Katalov instructed the American re-seller to stop selling the Russian 
software  appeared to have caught prosecutor Scott H. Frewing off guard. He 
asked Dewell why neither of the e-mails had been turned over when FBI (news 
- web sites) agents subpoenaed all Register Now! documents related to 
Elcomsoft.


For a second time, Dewell said it was "an oversight."
******************************
Los Angeles Times
Sellers of Pirated DVDs Targeted
By Jon Healey
December 11 2002

The Motion Picture Assn. of America on Tuesday announced a crackdown on 
online movie bootleggers, with lawsuits filed against nine ventures that 
allegedly sold pirated titles through online auctioneer EBay Inc.

Meanwhile, the recording industry has shut down the Internet's most 
comprehensive source of CD covers, which enabled consumers and bootleggers 
to obtain free, digital copies of CD artwork and liner notes.

The actions reflect the growing reach and intensity of the movie and music 
industries' fight against online piracy.

The MPAA's lawsuits are its first against alleged infringers on EBay, and 
the Recording Industry Assn. of America's success on the CD artwork issue 
came after several months of trying.

Online auction houses, and particularly San Jose-based EBay, have been an 
increasingly popular distribution point for DVD pirates. The MPAA has asked 
auction sites more than 40,000 times in the last two years to stop the sale 
of DVDs that appear to have been pirated, with the number of requests 
doubling from 2001 to 2002.

Tuesday, the MPAA announced that it was seeking injunctions to stop piracy 
by DVD and videotape sellers in California and seven other states.

EBay records indicate that several of the sellers had drawn complaints for 
delivering pirated material, while others offered discs of major motion 
pictures that could be played on any region's DVD players -- a feature not 
found on legitimate DVDs.

The MPAA also cautioned online movie buyers to be on the lookout for 
pirated discs. In particular, the trade group said, discs for movies that 
are still in theaters probably have been pirated, as well as discs with 
incomplete or shoddy packaging.

One of the sellers targeted by the MPAA, Todd Aspinwall of Windsor Locks, 
Conn., said he had bought all his discs from other EBay sellers and had no 
idea there was anything wrong with them.

"If they're going to go after me, they should go after the guys I get [the 
DVDs] from," Aspinwall said.

The RIAA's target was CDCovers.cc, an Israeli-based site that has offered 
artwork for CDs, DVDs and video games as well as mobile-phone ring tones.

Matt Oppenheim, the RIAA's senior vice president of business and legal 
affairs, said the association and its overseas counterpart, the 
International Federation of the Phonographic Industry, have knocked the 
site offline in several countries, only to see it relocate and reopen.

Late last month, however, CDCovers.cc raised the white flag.

"It's been a great adventure but we cannot afford this anymore," a 
spokesman for CDCovers.cc said in a note on the site.
*********************************
Wired News
New Plan for Spammers: Charge 'Em

Imagine if you could charge people for wasting your time. An IBM researcher 
has hatched a plan to make it possible.

In "Selling interrupt rights: A way to control unwanted e-mail and 
telephone calls," a paper (PDF) published last week in IBM's Systems 
Journal, Scott Fahlman argues that spammers should be charged each time 
they trespass your inbox.

And it's not just the rascals pushing low mortgage rates and anatomic 
enhancements by e-mail, said Fahlman, who spent 20 years as a researcher in 
Carnegie Mellon's computer science department and is credited with using 
the first e-mail emoticon -- the smiley -- in 1982. Fahlman says 
telemarketers, too, should have to pay every time they interrupt dinner.

His plan calls for new phones and e-mail software that would require fees 
to accept incoming messages. The fee would be waived for welcome e-mail and 
calls, but collected for unsolicited spam and intrusive telemarketing calls.

"This payment compensates me for suffering an unwanted interruption and -- 
more importantly -- it has cost you something to bother me," wrote Fahlman.

Friends, family and frequent known callers could be given "interrupt 
tokens" that would allow them to bypass the system.

Fahlman says his program would all but eliminate spam and telemarketing, 
and that any messages that slipped through would be now seen as "a windfall 
rather than a nuisance."

While the thought is attractive, critics say it's a long shot to expect 
anyone to buy a new phone or install a new e-mail client.

Especially when they don't yet exist.

"There's a chicken-and-egg problem for anything that involves a new 
protocol," says Paul Graham, a computer language designer and spam 
aficionado. "It's inconvenient until everyone's using it, but no one uses 
it until it's convenient."

Fahlman disagrees.

"This is not one of these things that nobody can use unless everybody has 
it," he says. "If only 1 percent (of the population) decided they wanted to 
use it, that would be enough to sustain the market."

But John Mozena, co-founder of antispam group Coalition Against Unsolicited 
Commercial E-mail, called it "wouldn't-it-be-nice technology."

Although Mozena notes that Fahlman's proposal is technically "fairly 
elegant," Mozena believes there are too many roadblocks for the widespread 
adoption of interrupt rights.

Besides, Mozena said, "Spam is not a technical problem. Spam is a social 
problem."

Mozena's group favors legislative solutions for ending spam.

Fahlman acknowledges there are significant hurdles to setting his plan in 
motion.

He concedes that someone will need to manage the fee structure and produce 
compatible phone sets and e-mail software, but says it offers a business 
opportunity.

He hopes the phone companies will help to adopt the new technology.

SBC did not return phone calls, and AT&T refused to comment for this article.

Fahlman is not the first to suggest that sending e-mail should come at a 
price. IronPort, an Internet messaging company, certifies a sender's e-mail 
as legitimate or not in exchange for a monetary bond.

When e-mail recipients report unsolicited e-mail, IronPort debits the 
sender's bond. But the money goes to antispam organizations, not spam 
recipients.

IronPort CTO Scott Banister says his system is "making people accountable 
for the e-mail that they send, and making that accountability financial."

IronPort's system is designed to work in concert with spam filters, and 
doesn't require any new technology on the part of e-mail recipients.

Banister said Fahlman's proposal, requiring a payment for every e-mail 
message sent or phone call made, would be "a pretty radical step for most 
people to take."

Fahlman said his primary goal is to "push the idea out there." It may prove 
difficult for it to go any farther in a market chock full of antispam 
solutions, such as filters and so-called "whitelists."

Telemarketing has also begun to take some punches, with 24 states having 
adopted some form of a "do not call" list.

The FTC hopes to extend the do not call program nationwide.

Jupiter analyst Jared Blank plays down the impact of spam. "People complain 
about spam," he said, "but people don't do anything about it. It takes them 
about 15 seconds to delete the e-mails."

That stance jibes with a report released by the Pew Internet and American 
Life Project. The study found that only 11 percent of Americans who use 
e-mail at work said they felt overwhelmed by all the e-mail, and that 60 
percent receive 10 or fewer messages on an average day.

Still, in an era where attention has become a commodity and marketers 
become ever more bold about reaching consumers, attention protection could 
make a good business.

As Fahlman says of his plan: "Once the enabling conditions are in place, it 
gives people control over who can claim their attention. It's up to them 
how much it costs to bother them."

If Fahlman's plan gets off the ground, it could pay to pay attention.
******************************
Federal Computer Week
Report suggests ID alternatives
BY Dibya Sarkar
Dec. 10, 2002

A national identification system is one approach to strengthening identity 
security, but a white paper published by a coalition of government 
organizations also proposes a "confederated" system in which Americans 
could use multiple identifiers for clusters of agencies and/or businesses.

This approach would enable individuals to sign on to an account once and 
have access to different accounts among several entities they commonly 
transact with, according to the National Electronic Commerce Coordinating 
Council's (NECCC) white paper.

Agencies and companies would have to develop policies, procedures and an 
interoperable technical framework to support such an arrangement. The 
advantage to this system over a national ID system is that no single 
identifier would follow an individual everywhere. Another advantage is that 
there is no single point of failure like that in a national ID system, in 
which there would be centralized control.

"An organized, confederated system would not necessarily have as its goal 
to establish a single business model across all 50 states," according to 
the white paper. "Rather, it could allow states to maintain their own 
processes, yet establish criteria to provide consistent levels of trust in 
the various credentialing systems that states have established. Determining 
exactly what metrics would result in such a trust, however, would be a 
considerable undertaking, but one worth investigating."

NECCC, a consortium that promotes e-government, released the identity 
management white paper during its sixth annual conference in New York City 
Dec. 4-6. It did not recommend one approach over the other, but said they 
should be explored further.

Because of national security and identity fraud concerns, governments are 
grappling with how best to issue valid and tamper-proof IDs and 
authenticate identities while preserving privacy and personal liberties.

A single national system could involve storing personal information  such 
as fingerprints  of every citizen in a large database and issuing ID cards 
that would be used across the public and private sector.

Privacy experts contend that such a database smacks of Big Brother.

A national system has some precedence around the world, but with uneven 
results, said Daniel Greenwood, who directs the Massachusetts Institute of 
Technology's e-commerce architecture program and helped lead and draft the 
white paper for NECCC.

The American Association of Motor Vehicle Administrators has been leading 
an effort to strengthen state driver's licenses, which are considered the 
de facto national ID card. Although that group doesn't advocate a national 
system, it wants states to adopt minimum security standards  such as 
personal data or biometric identifiers embedded in the cards  as a way to 
prevent identity theft and fraud.

A coalition of companies known as the Liberty Alliance Project is 
developing the framework for a confederated approach, including a network 
identity and authentication sharing mechanism. The project would entail 
developing business agreements among different organizations so they can 
mutually recognize authentication. Such a system would help boost 
confidence along with e-commerce, representatives said.

The group has about 45 dues-paying sponsors and another 90 affiliate and 
associate members. The group is looking to collaborate with governments and 
other public-sector agencies that would not be charged membership fees.
***************************
USA Today
Military network technology passing into civilian use

NEW YORK (AP)  When bullets are flying, the last thing a soldier wants to 
hear is "the network is down." So the Pentagon, about a decade ago, set out 
to design a wireless communications network that could survive a war.

One design that has emerged, in portable military communications gear used 
in Afghanistan and now in the Iraqi theater, is called "mobile ad-hoc" or 
mesh networking. It now appears poised to also link wireless gadgets in the 
civilian world.

Military planners value mesh networking because it's like their best 
troops: smart, flexible and quick. That's because users of the network are 
also transmitters. They relay its digital signal  voice, text, maps or 
imagery  to others.

In a mesh network there are no fixed "points of failure" like base stations 
and antennas that can be disabled by a bomb. Mesh networks' self-healing 
properties adjust themselves when users join, leave or move.

"The military really likes it," said Rick Rotondo, vice president of 
marketing at MeshNetworks, a start-up based in Maitland, Fla. "They 
parachute 50 guys into Afghanistan and they turn their radios on and 
they've got an instant network.'"

In the civilian world, the technology could soon link fleets of buses or 
cars, or update traffic signals and messages on "smart" signs.

The Pentagon has been bent on improving battlefield communications since 
embarrassing wartime revelations in Grenada in 1983  when soldiers used a 
pay phone to call for air support  and 1991 Operation Desert Storm, when 
troops barreling into Kuwait outran their communications networks.

Mesh networking capabilities have emerged in the military's latest 
battlefield radio: Raytheon's Enhanced Position Location Reporting System.

U.S. Army units training in Kuwait are also using a mobile command and 
control computer known as the FBCB2, which is capable of operating on mesh 
networks but currently uses satellites, said Timothy Rider, spokesman for 
the Army Communications-Electronics Command.

The command is also overseeing ITT Industries' development of the Soldier 
Level Integrated Communications Environment (SLICE), a mobile computer with 
a headset display and microphone for foot soldiers.

SLICE is supposed to create mesh networks that handle voice communications 
while mapping whereabouts of soldiers and their companions.

The SLICE was the size of a backpack when the Army tested it in October. By 
the time it's released in 2005 or so, it will shrink to the size of a Palm 
organizer, said John Kirkwood, marketing manager for ITT's defense group.

"The military doesn't like to haul towers around with them," Kirkwood said. 
"They want a network that's as convenient as a cell telephone network but 
has none of the limitations, like the ability to eavesdrop and identify 
where the broadcast originates."

In civilian life, the military's mesh networks are being reconfigured.

One of the earliest expected uses will come in the automotive telematics 
industry, where an onboard computer might download software updates or MP3 
music for a car radio. Analysts say those days are still years away.

"You'd only need a few access points in a whole city," said Allen Nogee, a 
wireless analyst with In-Stat/MDR. "The cars could bounce the signal from 
one to the next."

MeshNetworks' Rotondo said a Japanese automaker  he declined to say which 
one  bought the company's technology to create a network for onboard 
computers.

The company set up its own experimental mesh network in Maitland, using the 
gear it sells: PC cards, routers and access points that, when guided by the 
company's software, act as repeater-routers for mobile computers and 
handhelds.

The Army demonstrated MeshNetworks' communicators for police, fire and 
emergency responders in early December at its Signal Center at Fort Gordon, 
Ga.

The company has also sold its systems to the Viasys, which develops 
"intelligent transportation networks" of linked traffic signals, signs, 
cameras and sensors.

Rotondo says the company's mobile configuration runs on a military wireless 
standard known as quad-division multiple access that is fast enough to 
stream audio or video to a moving airplane.

Other companies are developing similar products, including Intel, Nokia, 
Mitsubishi and Deutsche Telekom, the latter two in a joint venture called 
Moteran Networks that seeks to create a mesh network among cars in Germany.

Mesh networking has its downsides.

First, with devices relaying messages for other users, "you're using 
someone else's battery life" to send your data packets, Nogee said. He 
doubted most folks would willingly donate battery life to strangers.

Second, there are eavesdropping issues. Data could be intercepted and 
unscrambled as they pass through a device, Nogee said. Encryption 
technology ought to handle the challenge, he predicted.

And mesh networks aren't valuable until they spread widely. For that to 
happen, users have to join before the network matures.

"No one's going to use it unless everyone has it," Nogee said. "But it 
doesn't work until everyone has it."
********************************
Federal Computer Week
FBI struggles with data management
Sniper investigation underscored tech, workforce problems
BY William Matthews
Dec. 2, 2002

With a sniper killing people at random in the Washington, D.C., area in 
October and police pleading with the public for information, the FBI set up 
a phone center to receive tips and rolled out its computerized Rapid Start 
Information Management System to help sort them.

It sounds like an efficient, technology-driven process  until William 
Hooton described it in more detail in a Nov. 14 address to the Association 
for Information and Image Management.

Staff working the phones, including trainees from the FBI's academy in 
Quantico, Va., scribbled notes of their phone conversations on paper forms. 
Then, once every hour the forms were dumped in a box and delivered to the 
FBI's records management division. There, they were fed into scanners to be 
digitized, then added to the FBI's Rapid Start database, explained Hooton, 
assistant director of the FBI's records management division.

"Sounds like it's still a pretty manual process," said a technology vendor 
who listened as Hooton described the procedure. Scanning handwritten notes 
would yield a digital image, but not computer-searchable data, he said.

The FBI's use of records management technology during the sniper 
investigation illustrates the progress the bureau has made  and how far it 
still has to go  to bring its records management capabilities up to today's 
standards.

In March, Justice Department Inspector General Glenn Fine chastised the FBI 
and urged disciplinary action against several agents for mishandling 
records in the Oklahoma City bombing case. The discovery of thousands of 
misplaced records forced a month-long delay in the execution of Timothy 
McVeigh in 2001.

Fine blamed antiquated computer systems, but he blamed human error more for 
the FBI field offices' failure to turn investigation records over when they 
were ordered to do so.

Just weeks after Fine slammed the FBI, the bureau was rocked by another 
records fiasco  the "Phoenix memo." The FBI acknowledged that a memo an 
agent in Phoenix wrote questioning the number of Middle Eastern students 
attending U.S. flight schools never made it through the FBI's bureaucracy 
to senior officials in Washington, D.C.

The memo was written in July 2001, two months before the Sept. 11 terrorist 
attacks carried out by Middle Eastern men, some of whom had attended flight 
schools in the United States.

Even before the Phoenix memo became public, FBI officials conceded that 
they had a serious problem managing records. Their answer was to hire 
Hooton, an electronic records expert with experience at the Internal 
Revenue Service, the National Archives and in private industry. They also 
created a 1,000-person records management division.

Today, the division runs "10 production lines of scanners" and aims to 
convert 750,000 paper documents a day into digital records, Hooton said.

Once scanned, the electronic documents can be converted to electronic text 
by optical character recognition software, then stored in a database where 
they can be searched, mined and eventually made available to FBI field 
offices worldwide.

But converting such huge amounts of data to a more manageable electronic 
form is only one step toward solving the FBI's records problems, Hooton said.

After more than 90 years of collecting paper records, "we don't know what 
we have and what we don't have. We need to inventory our holdings," he said.

Other FBI managers have estimated that the agency has more than 1 billion 
records.

The process of digitizing, organizing and managing the FBI's records will 
never be complete, Hooton said, because there always will be a steady flow 
of new records.

Meanwhile, the FBI must tackle other thorny records issues, such as what 
constitutes an e-mail record, Hooton said. "No one has the answer now."

Similarly elusive is the answer to what constitutes a Web page record. And 
officials with the records management division need help deciding whether 
to destroy paper records once electronic copies have been made, he said.

Before the FBI finishes installing a modern computer infrastructure and 
records can be accessed by agents around the world, Hooton said he must 
tackle records security issues.

He said he favors maintaining centralized control over FBI records even if 
the records are physically housed in different locations.

"What the FBI is doing is way ahead of a lot of other federal agencies," 
said Jack Frost, a vice president at the electronic records management 
company TrueArc. Like the FBI, many agencies own huge archives of paper 
records, but few have the budgets or manpower to begin sorting and 
digitizing them.

Most federal agencies also are struggling with questions such as which 
electronic documents constitute official records, he said.

Once questions like that are answered, technology can help bring records 
under control, Frost said. Autocategorization software, for example, can 
sort records from other electronic documents and send them to databases for 
long-term preservation.

"Government is pretty much at [the] beginning stages of electronic records 
management," said another e-records specialist who heard Hooton's address 
but asked not to be identified. "The realization [is] only gradually 
dawning in many places that they need to do something about electronic 
records."

***

Taking inventory

William Hooton, assistant director of the FBI's records management 
division, said the agency doesn't know what records it has and doesn't 
have. He said he hopes to sort them into "three piles":

* One that is trash and should be destroyed. Hooton figures about half of 
the records fall into this pile.

* A pile that is "popular records," which should be converted to electronic 
form and retained because they have been retrieved at least once in the 
past five to 10 years.

* A pile of "unpopular records" that have not been used but must be kept. 
Those should only be made digital if they are requested, he said.
********************************
Federal Computer Week
Burbano takes on homeland job
BY Colleen O'Hara
Dec. 11, 2002

Fernando Burbano, former chief information officer at the State Department, 
has taken on a new role within the department as a senior adviser on 
homeland security.

Last week Burbano became a senior adviser for homeland security in the 
deputy secretary's homeland security office within the State Department. It 
is a new office Burbano said, created to work on and coordinate homeland 
security issues within the department and to serve as a liaison with new 
Homeland Security Department.

Burbano said he is working with ambassador Ted McNamara on this effort.

No replacement for Burbano has been named, but in the meantime Bruce 
Morrison, deputy CIO for operations, is acting CIO.

Burbano said his decision to change jobs was timely. "I've been very 
interested and active in homeland security within State as well as within 
federal agencies over the past year," he said. "I decided I might as well 
make it full time."

Burbano has been CIO at State for more than four years. He was instrumental 
in developing State's overseas network that would enable embassies to check 
other government agencies' databases.

The project, still in its infancy, is known as the Overseas Presence 
Interagency Collaboration/ Knowledge Management System. It would take 
advantage of existing information scattered in various databases but not 
tied together in a single network.

The urgency of creating this kind of database sharing was driven home in 
the wake of the Sept. 11, 2001, terrorist attacks, when officials 
discovered that some of the terrorists had obtained visas to enter the 
United States even though they were on law enforcement watch lists.

Earlier this year, Burbano testified at a congressional hearing and told 
lawmakers that spending money on technology is not the answer to tightening 
U.S. borders." Over the next two years, State will spend more than half a 
billion dollars procuring new information technology," Burbano said. "We 
must realize that procurement alone is not the answer. We must meet our 
business needs using existing technology as well as acquiring new."
******************************
Federal Computer Week
DOD offering homeland expertise
BY Dan Caterinicchia
Dec. 11, 2002

It is not the Defense Department's job to push technological solutions on 
local emergency workers or the 22 federal agencies that make up the 
Homeland Security Department, but DOD certainly can use its experiences in 
information sharing, collaboration and networking to serve as models for 
the new department, according to a panel of military experts.

Army Lt. Gen. Joseph Kellogg Jr., director of command, control, 
communications and computer systems for the Joint Staff, said DOD can serve 
as a reference in tying together disparate systems based on its decades of 
work connecting overseas combat commands that include representatives from 
all military services.

DOD is attempting a similar feat with Northern Command, which is 
responsible for ensuring homeland defense capabilities and supporting 
civilian authorities when directed by the president or secretary of 
Defense. The only difference now is that instead of bringing together the 
various military services, the focus is on connecting Defense systems and 
staff with the federal, state and local government agencies that also have 
homeland security missions, Kellogg said.

"The best way to do it is [with information technology]," he said, but 
getting it done is not a technological issue, "it's organizational and 
cultural."

"We need to sort out everyone's roles. The most important part of this is 
local participants," Kellogg said during a Dec. 10 panel discussion at the 
E-Gov Homeland Security conference, sponsored by FCW Media Group, in 
Washington, D.C.

Leading that effort is the Homeland Security Department, which is 
attempting to create a connected culture and identify technologies, such as 
Extensible Markup Language, that can tie systems together, he said. XML 
facilitates information exchange among applications and systems because it 
enables agencies to tag data and documents.

Ultimately, the new department's systems must include built-in security, 
redundancy, interoperability and be based on open standards, Kellogg said.

"I can't imagine using one system," he said. "We need to design for growth 
and upgrades... and start as simple as possible. Ninety percent of an 
organization will never change...but the 10 percent you can change is how 
you integrate information...and IT is the key to tying that all together."

When the audience asked if that meant making DOD systems like the Secret 
Internet Protocol Router Network available to the Homeland Security 
Department, Kellogg said that was not the answer.

"It's too hard," he said. "We still have governors without security 
clearances. We need to use [commercial off-the-shelf products (COTS)] and 
work our way up." He said that means starting at the unclassified level 
because that's where all the players can most easily share information.

Peter Verga, special assistant to the secretary of Defense for homeland 
security, agreed and said DOD could not afford to duplicate its systems to 
cover the entire nation, but that the department can provide support. He 
noted that DOD officials are working with Steve Cooper, chief information 
officer for the Office of Homeland Security, on the new department's 
architecture initiative.

Kellogg said his main concern is that the agencies will end up using 
incompatible technologies  the same problem they are trying to overcome. 
But he added that recent conversations with Lee Holcomb, director of 
infostructure for the Office of Homeland Security, have led them to a 
"common consensus" on using COTS products and open architectures, and 
attempting to replicate best business practices.

Jack Pellicci, group vice president for business development at Oracle 
Corp., said the Homeland Security Department and DOD must "think big, start 
small, scale fast and deliver capabilities." The retired Army brigadier 
general added that speed is essential and if a problem can't be solved in 
two Internet years  six months  then another solution should be found.
*****************************
Federal Computer Week
Passenger ID system makes progress
BY Megan Lisagor
Dec. 11, 2002

The Transportation Security Administration has awarded a contract for the 
beginning stages of a system that will perform background checks and risk 
assessments on airline travelers, according to the agency's top official.

The tool, a substantially advanced version of the Computer Assisted 
Passenger Prescreening System (CAPPS) now in use, is being designed to cull 
multiple government and commercial databases for information that could 
indicate a potential threat.

"CAPPS I simply is a rules-based system with inadequate identification," 
James Loy, undersecretary of Transportation for security, said Dec. 9 at 
the E-Gov Homeland Security 2002 conference in Washington, D.C. The 
upgraded system will provide sufficient identification and a "very, very 
real merged database of people we know are the wrong guys."

CAPPS II has raised concerns about privacy and profiling, a technique Loy 
said he supports.

"Profiling with a lowercase "p" is not as distasteful [but] simply a step 
in the well-being of the citizenry," he said, distinguishing between racial 
profiling and the type he envisions TSA implementing.

Profiling, however, is only one part of a larger security scheme. Senior 
screeners, for example, must also be trained as better observers, he said.

TSA has already met 36 of 37 milestones set under the Aviation and 
Transportation Security Act, the legislation that created the agency a 
little more than a year ago. That includes deploying more than 45,000 
federal screeners at 429 commercial airports. The final deadline is to 
screen all baggage for explosives by Dec. 31.

Operating under a continuing resolution, in effect until Jan. 11, 2003, has 
made the agency's job harder, according to Loy. "The ongoing [continuing 
resolution] has been very, very difficult," he said. "It has precluded us 
growing out."
****************************
Government Executive
Science.gov makes research more accessible to the public
By Amelia Gruber
agruber@xxxxxxxxxxx

A new federal Web site aims to make scientific information gathered by 
different agencies more accessible to the public.


The site, www.science.gov, is an offshoot of Firstgov.gov, and is 
especially useful because it houses information under one roof from the 
multiple agencies that perform scientific research, said Eleanor Frierson, 
deputy director of the National Agricultural Library and co-chair of the 
science.gov Alliance, the interagency group that created the site.


"Science.gov provides the unique ability to search across the content 
within databases as well as across Web sites," Frierson said. "It shows 
that federal agencies can work together to pull off something that none of 
them could do individually."


The site, which is geared toward a wide audience that ranges from academics 
to private business owners, offers a compilation of information from 10 
government agencies and 14 scientific and technical organizations.


Users can search for technical reports, journal citations, databases, fact 
sheets and links to other federal Web sites by clicking on one of 12 
subject areas such as "agriculture and food" or "health and medicine." Or 
they can complete a general search across all subject areas. Access to the 
site is free and does not require registration.


According to Frierson, the site has been in the works since spring 2000. 
She said she wanted to create a site where the public could access 
information without having to know which agency had control over the 
information.


For instance, the site could be used to find information on topics like 
pest control, diseases like anthrax poisoning and even treatments for dogs 
with cancer. In addition, users can browse for general ideas, such as tips 
for educators on creative science lessons and labs.


Frierson said she has been pleased at how agencies received her idea and 
worked together to make it happen. A year after she proposed the project, a 
pilot site was up and running. It required work from technical experts, but 
also needed a lot of intellectual work to categorize and catalog 
information, as well as staff to make sure that the site provides links to 
quality information, she added.


The site, which was officially launched on Dec. 5, has been well-received 
by users, too, she said. From Dec. 1 to Dec. 9, science.gov received more 
than 6,500 search requests, according to Frierson. Search requests have 
come in from overseas, as well as from the International Atomic Energy 
Agency, some dot.com companies and academic institutions.


"Science.gov aims to bring the substantial resources of the federal science 
and technology enterprise together in one place," said John Marburger, 
director of the White House Office of Science and Technology Policy, in a 
statement. "The site is a great example of e-government in action."


The Agriculture, Commerce, Defense, Education, Energy, Health and Human 
Services and Interior departments, as well as the Environmental Protection 
Agency, NASA and the National Science Foundation, will all offer 
information on the site.


Frierson said she will continue to monitor the site to see what 
improvements need to be made, but funding is a continual challenge. The 
project received two of seven Firstgov.gov grants, giving Frierson and her 
co-directors about $175,000 to work with. But she said that more money will 
be needed to add features and keep monitoring the content to ensure that it 
is up-to-date and of the highest quality.
******************************
Washington Post
Economics of Kid-Friendly Domain Questioned
By David McGuire
washingtonpost.com Staff Writer
Thursday, December 12, 2002; 7:27 AM


Now that Congress has zoned off an Internet neighborhood for children, 
online real estate agents are questioning whether they can attract enough 
tenants to make it a worthwhile place for parents to send their kids.

Authors of the Dot-Kids Implementation and Efficiency Act, which President 
Bush signed into law last week, envisioned the new "kids.us" domain as a 
sanctuary where children could explore the Internet without being exposed 
to its dangers.

The law is designed to protect children -- 13 years or younger -- from 
pornography, profanity and other content that it defines as inappropriate 
by not allowing Web sites that end in kids.us (www.washingtonpost.kids.us, 
for example) to link to locations outside of the domain.

Some critics of the dot-kids concept say it creates a ready-made stalking 
ground for sexual predators, but supporters of the law say it contains 
strong provisions to prevent criminals from stalking the users of kids.us 
addresses.

The question remains, however, whether or not there is an economic case for 
the new domain.

"If it is ubiquitous it can actually be effective; if it's not, it's 
nothing," said Elliot Noss, president of Canadian address seller Tucows Inc.

Noss went on to charge that kids.us has "absolutely zero" probability of 
achieving that ubiquity and is nothing more than "an exercise in making 
politicians who don't understand the medium feel good."

Noss said Tucows, which is one of the world's largest Internet address 
retailers -- or "registrars" -- would sell kids.us addresses if customers 
request them, but predicted that they would not become a major moneymaker.

Rep. John Shimkus (R-Ill.), who authored the kids.us legislation, said in 
an interview that he would use his position on the House Energy and 
Commerce Committee to encourage companies to register addresses in the 
domain, which he likened to the "children's section of the library."

"We have to appeal to the corporate world here," Shimkus said. "There is a 
definition of financial success, but there is also a definition of good 
government and corporate citizenship."

Congressional cajoling aside, the domain faces an uphill climb to 
acceptance, according to Mason Cole, vice president of SnapNames, an 
Internet addressing industry watcher.

"If you're going to launch a new pool of available names, first of all, you 
have quite a bit of competition already in the market," Cole said, 
referring to dot-com, dot-net, dot-org and newer domains like dot-biz and 
dot-info. "If you're going to come along and try to carve out a niche in 
that pool somewhere, that's a pretty tall order."

The new domain also could confuse users because it is a subdivision of 
America's sovereign "dot-us" domain, Cole said, adding that Internet users 
might not easily warm to typing in Web addresses that end in "dot-kids 
dot-us," as opposed to a single suffix like "dot-com."

NeuStar Inc., the Washington, D.C.-based company that won the contract to 
operate the dot-us domain, plans to offer addresses by mid-2003, but the 
company's business development officer, Jim Casey, said it would be a 
challenge to encourage mass participation in the domain.

"Our perception is that while we're hoping that it will be popular, we by 
no means think this is going to be a high-volume space like a dot-biz or 
dot-us," he said, adding that he was optimistic that kids.us would become a 
useful tool for parents.

The dot-kids law does not require NeuStar to promote the new domain, but 
Casey said the company probably would advertise the addresses when they 
become available. As is the case with other domain names, most direct 
promotion will fall to the Internet registrars that deal directly with 
domain-name customers, he added.

The company has not established the price of a kids.us address, but Casey 
said it would be higher than the price of a standard dot-us address to 
offset the cost of policing the domain.

NeuStar charges a wholesale fee of $5.50 per address, per year for standard 
dot-us Internet addresses. Internet registrars like Tucows determine the 
amount that customers must pay for the addresses, but standard retail 
prices hover around $35 per year.

Michael Goldstein, director of marketing communications for New York-based 
registrar Register.com, said his company may try to "reach out to 
businesses that are targeting kids," but only if market research shows that 
it's worthwhile.

"If our research indicated that there wasn't a huge opportunity, then I 
doubt we'd be putting a dedicated effort" toward dot-kids, Goldstein said.

Register.com Policy Director Elana Broitman said that the domain could be 
successful if it's marketed properly, but it's "just too early to predict" 
whether kids.us will strike a chord with address buyers.

Donna Rice Hughes, a child welfare advocate who has long championed the 
idea of a kid-friendly Internet domain, said the success of kids.us will 
depend on NeuStar.

"If the intent of Congress is implemented, I think it good be a good tool 
for parents," said Rice Hughes, who is president of Enough is Enough, and 
was a member of the Child Online Protection Act (COPA) Commission 
established by Congress to come up with ways to protect kids online.

The commission entertained the notion of a "dot-kids" domain, as well as a 
"dot-sex" domain for adult online images, but did not include either in its 
recommendations to Congress.

Esther Dyson, chairwoman of EDventure Holdings and former chairwoman of the 
Internet Corporation for Assigned Names and Numbers (ICANN), said that 
parents will be more interested in online brands they can trust, rather 
than new domains.

"I think that a domain name does not equal a brand name," Dyson said. "I'd 
rather have Disney, thanks, and so would most parents. If they don't like 
Disney, then they'll go for something they do like, whether it's a church 
group, Scientific American or Harry Potter. It [kids.us] just doesn't make 
a lot of sense to me as a business proposition."
*****************************
Computerworld
White House: IT, privacy concerns loom for Homeland Security Dept.
By Paul Roberts, IDG News Service
DECEMBER 11, 2002

Securing huge volumes of new information, protecting the privacy of 
citizens and migrating to a unified technology architecture are just a few 
of the problems confronting the Bush administration and the federal 
government in setting up the new U.S. Department of Homeland Security, 
according to Robert Shepherd, director of information integration in the 
White House Office of Homeland Security.
Shepherd gave the opening keynote address at the Infosecurity 2002 show 
yesterday in New York. He took the place of scheduled speaker Steven 
Cooper, CIO of the White House's Office of Homeland Security, who wasn't 
able to attend.

The Bush administration is currently creating an "enterprise architecture" 
for the new department that will define the way information is stored, 
handled and distributed within the new department, according to Shepherd.

"One objective we all have is to attempt to do this using a world-class 
approach and using best lessons learned in the private and public sectors 
to manage the creation of something of this scope," Shepherd said.

The White House is seeking advice from private-sector organizations that 
have undertaken large mergers, including Hewlett-Packard Co., on how to 
best merge 22 separate government departments into the new department.

In addition to soliciting advice from the private sector, the government 
also wants to use existing products and technologies to create the 
information infrastructure of the new department, according to Shepherd.

"The idea is to leverage the daylights out of best of breed. Don't invent 
from scratch," he said.

That infrastructure will replace a maze of department-specific systems that 
don't currently interoperate, according to Shepherd.

The U.S. Department of Defense alone has hundreds of systems just to manage 
its financial information, most of which don't communicate with one 
another. And each of the 22 separate agencies in the Homeland Defense 
Department will come with its own human resources department and systems, 
Shepherd said.

In addition to collecting information, the new department's systems must 
also help those who view the information understand and interpret it, 
according the Shepherd.

"It has to be that when someone queries the system, they get a response -- 
whether that's a person checking customs or INS or a cop on the street," he 
said. "And that information has to be presented in a user-friendly format. 
The content needs to enable the user to connect the dots."

At the same time, however, the Department of Homeland Security has to 
protect the civil liberties of U.S. citizens.

"To do this without ensuring [privacy] is to let the terrorists win. We 
don't want to infringe on [privacy] to perform the duties or 
responsibilities of the department," Shepherd said.

Even with a functioning and integrated technology infrastructure, however, 
the new department will face significant organizational challenges. Chief 
among them will be melding the separate cultures, identities and processes 
of the component agencies.

Big corporate mergers, such as HP's Compaq acquisition earlier this year, 
often take many months to plan and complete, Shepherd said. But the new 
Department of Homeland Security has only a small "core team" managing its 
creation and must have its headquarters up and running within 90 days, he 
added.
**********************************
Computerworld
Australian court's Web ruling 'provincial,' says cyberlaw expert
By David Legard, IDG News Service
DECEMBER 11, 2002

The decision yesterday by Australia's High Court to assert jurisdiction 
over allegedly defamatory material posted on a U.S. Web site has been 
roundly criticized by local media and cyberlaw experts.
In a landmark ruling, the court said a story published by Dow Jones & Co. 
on a U.S.-hosted Web site could be grounds for a defamation lawsuit to be 
heard in Australia (see story).

According to Ronald Movrich, professor of law at Dhurakijpundit University 
in Bangkok and a cyberlaw specialist, the ruling ignores the new publishing 
environment created by the global reach of the Internet.

"The court's ruling strikes me as being provincial to the extreme," he said 
in an e-mail. "The court's decision does not seem to take into account the 
revolutionary nature of the Internet and its ability to reach virtually 
everywhere -- something traditional TV or radio programs cannot do."

In its ruling, the court said the ubiquity of the Internet and the very 
different environment it offers weren't a sufficient argument for Australia 
to relinquish jurisdiction.

"There is nothing unique about multinational business, and it is in that 
that this appellant [Dow Jones] chooses to be engaged," the court said in 
its ruling. "If people wish to do business in ... or utilize the 
infrastructure of different countries, they can hardly expect to be 
absolved from compliance with the laws of those countries."

Newspaper publisher News Ltd., one of the several news organizations that 
offered evidence on Dow Jones' behalf, said in a statement that publishers 
everywhere would now have to edit their work to comply with Australia's 
defamation laws, which are regarded as restrictive compared with those in 
the U.S.

Magazine and newspaper publisher John Fairfax Holdings Ltd., normally a 
fierce rival to News in Australia, said on its Web site that it was 
"disappointed" with the ruling.

The court also rejected Dow Jones' suggestion that anyone, anywhere would 
now be free to file lawsuits against Internet content because it offended 
their particular culture.

"The specter which Dow Jones sought to conjure up in the present appeal, of 
a publisher forced to consider every article it publishes on the World Wide 
Web against the defamation laws of every country from Afghanistan to 
Zimbabwe, is seen to be unreal when it is recalled that in all except the 
most unusual of cases, identifying the person about whom material is to be 
published will readily identify the defamation law to which that person may 
resort."
********************************
MSNBC
Spam to overtake real e-mail in 2003
Antivirus firm annual report paints bleak picture
By Bob Sullivan

Dec. 11  Some time next year, there will be more spam than real e-mail 
floating around the Internet. That's the conclusion drawn from annual 
statistics gathered by British e-mail filtering firm MessageLabs, which on 
Wednesday delivered disheartening news to e-mail users  delivery of 
unsolicited e-mail rose sharply in the second half of this year. The annual 
report also revealed that one in every 212 e-mails contained a computer virus.

       MESSAGELABS SOFTWARE sorts through 10 million e-mails a day, 
filtering each note sent to one of its clients before sending it along to 
its rightful recipient. That means the firm inspects over 3 billion e-mails 
a year, making MessageLabs a popular source of virus and spam research data.
       And according to MessageLabs Chief Technology Officer Mark Sunner, 
the data shows clearly that spammers are currently getting much better at 
what they do. For the entire year, an average of 1 in 12 e-mails were spam; 
but that number increased steadily in the past months. And by November, 1 
in three e-mails were spam. Because of that trend, the company predicted 
that during 2003, spam will overtake real e-mail.
       Sunner blamed the recent increase on technology improvement which 
make spammers' work easier.
       "What could be behind (the increase) is the amount of tools and 
appliances available now to these companies. You can buy e-mail appliance 
boxes which will ship millions of e-mails in an hour," he said.
       MessageLabs release might seem to contradict a report issued 
earlier this week by the Pew Internet & American Life Project, which 
concluded that most Americans don't have a problem with spam at work. But 
the two studies measure different things, so they are not necessarily 
contradictory. The Pew report suggests that American workers only spend a 
few minutes a day dealing with spam  in large part because spam aimed at 
office workers is stopped by various technologies, like the MessageLabs 
service.
       Still, with some 30 percent of all e-mail being "rubbish of one 
kind or another"  spam, viruses, or pornography  technology workers are 
engaged in a difficult fight to keep e-mail users from becoming overwhelmed.
       "There is very much an arms race between people that are trying to 
get this stuff out there and people trying to prevent it," he said.

STAYING POWER
       Another disturbing trend in 2002  computer viruses that wouldn't go 
away. The Klez virus, which was introduced with little fanfare in the early 
part of this year, remains the world's most pesky computer bug. MessageLabs 
has now trapped 5 million copies of it, and it shows little signs of 
slowing down. In November, 423,000 copies of Klez were found. That compares 
to high-profile viruses like the LoveBug or the Anna Kournikova virus, 
which swept the globe quickly, but generally died down after a few weeks.
       Klez is hard to spot because it arrives with randomly chosen 
subject lines and message body text.
       Other viruses also proved to have staying power. Yaha, discovered 
in June, is still the world's second-most common bug.

VIRUS-LIKE SPAM
       Sunner also said spam and computer viruses are beginning to merge, 
with commercial e-mail solicitations now arriving with virus-like 
characteristics. "Friendgreeting," released in October, claims to be a 
harmless electronic greeting card  but instead, it sends copies of itself 
to everyone in the recipient's e-mail address book.
       There's also been a large uptick in spam "spoofing"  when a 
commercial e-mail solicitor pretends to send a note from an innocent third 
party in an attempt to trick the recipient into opening the advertisement. 
Internet users who've received angry messages from someone saying "stop 
sending me these e-mails," know how frustrating that can be to both 
victims. And the bad news is, there's not a lot people can do to prevent a 
spammer from picking up their e-mail address and putting it in the "From:" 
field of a spam message,
       "In terms of spoofing there isn't a lot you personally can do to 
stop someone," Sunner said. "It's an inherent weaknesses in e-mail."
       Expect more greeting cards, spoofing, and other virus-like tactics 
in 2003, the MessageLabs report says.
*****************************

Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx