[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips December 16, 2002

Clips December 16, 2002

ARTICLES

Internet Body Approves Creation of New Web Domains
A Trojan Horse on the Web Has Ethnic Insults and Smut
Va. Court Throws Out Internet Libel Suit
Nigerian Net Scam, Version 3.0
Spam Inc.
Group Is Launching New Types of Licenses
Deadline Nigh for INS Program
Harbor to Put Security to Test
Co. Invokes Security in Seeking U.S. Help
Internet Prescription Sales Rise
Wireless bigger than Bud but still not secure
All eyes on Total Info Awareness
Vendor picked for USAJobs revamp
Homeland e-mail links ready
State sets $100 million pact with GTSI
OPM explores outsourcing retirement systems modernization
Report urges government to wade into wireless
E-government projects aim to simplify paperwork for feds
Bay area goes wireless to secure bridges, tunnels

****************************
Reuters
Internet Body Approves Creation of New Web Domains
Sun Dec 15, 8:15 AM ET

LONDON (Reuters) - The group that oversees the Internet's traffic system said on Sunday it plans to approve a host of new address suffixes to join the likes of ".com" and ".org" over the coming year.


But most Internet users will not be able to register Web site names in the new domains, as they will be limited to organizations in specific fields such as health care.


The precise number and names of the domains will be determined at an ICANN (news - web sites) meeting in early 2003, the group said.


The new domains will follow the model of existing "restricted" domains such as .edu, which is open only to U.S. colleges and universities, and .museum, which is limited to museums, rather than being open to all like .com and .net.


The Internet Corporation for Assigned Names and Numbers, or ICANN, approved the plan at its annual meeting in Amsterdam on Sunday.


ICANN President Stuart Lynn said it decided on restricted domains because they can be put into circulation sooner and were not likely to be the target of cybersquatters, speculators who look to cash in by selling coveted domains to companies or organizations.


HOWLS OF PROTEST


Since its creation in 1998, ICANN has faced calls to open up the domain-name system to a wide variety of new domains such as .xxx, .web and .golf to ease crowding in .com and other established domains.


ICANN approved seven new domains in November 2000, but encountered howls of protest from the dozens of applicants whose proposals were rejected, as well as those who believe ICANN moved too slowly.


The new domains that did win approval then -- .biz, .info, .name, .pro, .coop, .museum and .aero -- have met with varying amounts of success.

Nearly one million names have been registered in .info, and more than 750,000 names have been registered in .biz, according to State of the Domain, an industry newsletter.

The .name domain has been slower to catch on, with only 85,000 registrations, while .pro has yet to make names available to the doctors, lawyers and other professionals who are its target audience.

Restricted domains have faced less controversy, as applicants have had to prove that they meet certain criteria. The new .coop domain, for example, is set aside for cooperative organizations. Fewer than 7,000 .coop names have been sold since they became available in January, a domain administrator said.

Also at the meeting, the global body approved a proposal to push forward with ICANN's reform initiatives, an effort to streamline activities that critics say today typically get bogged down in organizational politics.

"Now with more efficient structures in place and sufficient funding there is a foundation for ICANN2 to have a successful future," Lynn said.
*****************************
New York Times
December 15, 2002
A Trojan Horse on the Web Has Ethnic Insults and Smut
By SETH KUGEL

A Web site that some Morris Park residents mistook as the work of a community organization, only to find that it contained pornography and racially charged debate, has become a focus of controversy in this traditionally Italian but increasingly diverse neighborhood in the eastern Bronx.

Two weeks ago, calls started coming in to the Morris Park Community Association, whose storefront is prominent on the site, www.morrispark.com. Al D'Angelo, president of the association, which has nothing to do with the site, warned readers about it in his column in The Bronx Times-Reporter, a local paper.

A poll asking users which ethnic group dominated the neighborhood (choices: "Italian, Albanian, Hispanic, Negro, Irish, Other") had appeared on the site's opening page, attracting hundreds of votes. It was replaced last week with a photograph of a naked Santa Claus. On message boards, ethnic insults fly freely. Photographs of local businesses, politicians and celebrities with neighborhood roots like Regis Philbin are mixed in with pornography.

State Senator Guy J. Velella of the Bronx is drafting a bill requiring Web site operators to register with the attorney general.

In e-mail exchanges with a reporter, an administrator and several site users defended morrispark.com. "We are libertarians, and we support freedom of speech, individual expression and tolerance of different lifestyles," wrote "Sleazy D," who identified himself as Danny, 23, an Irish-Italian-Puerto Rican Morris Park native living in Whitestone, Queens, working in the "adult entertainment industry."

One user, Mario Musco of Throgs Neck, defended the ethnic slurs. "Who cares? My two best friends, one is Albanian and the other is Greek. We make fun of each other all the time and we love each other like brothers."

The site is registered under what some residents think is a false name: Tony Guido of Via Pignatelli Aragona, Palermo, Italy. Danny said Guido was a real person financing the site. He would not give contact information, and there is no Guido listed on that street in Italian phone directories.

Vincent Russo, who has runs Russo Brothers Bakery on Morris Park Avenue, expressed anger that site operators used a Palermo address. "They had to pick on the Sicilians again," he said. "If my father was alive, he'd find them."
*****************************
Associated Press
Va. Court Throws Out Internet Libel Suit
Fri Dec 13, 6:37 PM ET
By LARRY O'DELL, Associated Press Writer

RICHMOND, Va. - A federal appeals court threw out a Virginia prison warden's lawsuit against two Connecticut newspapers on Friday, saying articles posted on the Internet were not aimed at a Virginia audience.


The 4th U.S. Circuit Court of Appeals (news - web sites) reversed a lower court's ruling that the warden could sue in his home state because that is where he claimed his reputation was damaged.


Stanley Young claimed The Hartford Courant and The New Haven Advocate falsely depicted him as racist in articles about alleged mistreatment of Connecticut inmates who were sent to Virginia to relieve prison crowding.


The articles were posted on the newspapers' Web sites. The fact that the Internet postings can be viewed by Virginians as well as others was not enough to support filing the lawsuit in the federal court in Big Stone Gap, Va., the three-judge panel ruled.


"The facts in this case establish that the newspapers' Web sites, as well as the articles in question, were aimed at a Connecticut audience," Judge M. Blane Michael wrote in the unanimous opinion. "The newspapers did not post materials on the Internet with the manifest intent of targeting Virginia readers."


The decision came three days after Australia's highest court ruled that an Australian businessman may sue Dow Jones & Co. for an article posted from New Jersey but accessible in Australia.


Both courts based their reasonings on targeting, but differed in how they defined it, said Michael Geist, a University of Ottawa law professor who tracks Internet rulings around the world.


"We have U.S. courts that looked largely at a commercial presence and the intended presence, while you got the Australian court more concerned about where the harm was felt," Geist said.


Stephanie S. Abrutyn, attorney for the Connecticut newspapers, said she was pleased that the court ruled "that the principles of due process and jurisdiction should not be applied any differently to the Internet than they have throughout the history of this country."


She added: "We think that had it gone the other way, it would have had a chilling effect on speech on the Internet."
Young's lawyer, Stuart Collins, was out of his office and unavailable for comment.

Connecticut newspapers closely followed the transfer of hundreds of inmates, most of them black and Hispanic, to Virginia prisons. Newspapers reported inmate advocates' concerns about harsh conditions at Wallens Ridge State Prison, a maximum-security lockup.

Young, who is white, claimed in his lawsuit that some of the articles suggested he "not only tolerates but encourages abuse by his guards." He argued that filing the lawsuit in Virginia was proper because the newspapers knew the articles would expose him to public contempt and ridicule where he lived and worked.

"The focus of the articles, however, was the Connecticut prisoner transfer policy and its impact on the transferred prisoners and their families back home in Connecticut," Michael wrote. "The articles reported on and encouraged a public debate in Connecticut about whether the transfer policy was sound or practical for that state and its citizens."
******************************
Wired News
Nigerian Net Scam, Version 3.0

All those beleaguered widows, complaining chief's sons and yowling high-ranking government officials don't want your assistance in getting a large sum of money out of Nigeria anymore.

Now they want to buy your stuff.

Yes, there's a new twist in Nigeria's thriving Internet-based scam operations. This time, the scammers pose as potential buyers for big-ticket items, like cars, listed for sale online.

The buyer explains that a business associate in the United States will mail the seller a cashier's check for the amount of the item plus the cost to transport it overseas. The seller is asked to wire the transportation fees to the buyer once the check has cleared so the buyer can arrange for shipment.

But a week or so after the check clears and the money has been wired, victims are notified by their banks that the check was counterfeited.

The scam has become so widespread that victims formed their own online support group last month. The group now has close to a hundred members.

Scam victims admit they initially were skeptical when the deal was brokered, but after receiving and depositing a cashier's check that cleared, they assumed all was well.

The scam takes advantage of a little-known loophole in the U.S. banking system. Many people don't realize that when a bank says funds have cleared, it doesn't mean the check is good, according to Carol McKay, director of communications for the National Consumers League.

"Under federal law, depending on the type of checks deposited, banks must give consumers access to the money within one to five days. Longer holds can be placed on deposits over $5,000, but banks are reluctant to inconvenience their customers," McKay explained.

"Unfortunately, it can take weeks for fake checks to be detected in the banking system. And consumers are then left holding the bag for the money they've withdrawn. That's because it's the depositor, not the bank, who is responsible if a check turns out to be bad."

Jeff and Shawn Mosch were victims of the scam, and they figure their bank is just as much at fault as the con artist who ripped them off for $7,200.

Shawn Mosch said she went to the bank with the cashier's check and told the teller, "I need to know when this is going to be a good, clear check -- when this is going to be actual money I can spend and it's never going to come back and bite me in the butt."

She was told her butt would be out of harm's way in 24 hours.

Mosch said she waited an extra day just to make sure, and then wired the money to the buyer. Five days later, the bank informed Mosch the check was counterfeit and her checking account was now $5,000 overdrawn.

McKay said the scam isn't limited to Internet sellers. The Consumers League is starting to hear from people who have also received counterfeit checks in connection with work-at-home offers.

"Banks would serve their customers better by explaining that they can't immediately tell if the checks are good and that the depositors will be stuck if they're not," McKay said. "In general, it's probably a good idea to wait several weeks before drawing on checks from unfamiliar sources.

"But the bottom line is this: No legitimate company will offer to pay you by arranging to send you a check and asking you to wire some of the money back. If that's the pitch, it's a scam."
**********************************
PC World
Spam Inc.

In 2002, spam is not just a scourge, it's big business. Our investigator reveals who's behind the assault on your in-box and why stemming the tide won't be easy.

Daniel Tynan
[story http://www.idg.net/ic_989775_1794_9-10000.html]
***************************
Los Angeles Times
Group Is Launching New Types of Licenses
The nonprofit's goal is to promote creativity while reinvigorating the public domain.
By David Streitfeld
Times Staff Writer

December 16 2002

SAN FRANCISCO -- For generations, the owners of creative material had tight control over how it was distributed. Violating someone's copyright took a major effort. A printing plant was needed to pirate a book, a factory to bootleg an album.

The Net changed all that, making casual infringement, unauthorized borrowing and wholesale piracy effortless and pervasive. Copyright holders are responding by cracking down on violators, who in other circumstances might be customers.

Into this messy and acid-edged situation comes Creative Commons, a new nonprofit organization that will launch its first projects today. Based at Stanford Law School's Center for Internet and Society, Creative Commons has a high-profile board and an ambitious mission. The goal is to promote creativity and collaboration by developing new forms of copyright while reinvigorating the ever-shrinking sphere of copyright-free works: the public domain.

"Using the copyright system, we will make a wider, richer public domain for creators to build upon and individuals to share," said Stanford law professor and Creative Commons Chairman Lawrence Lessig. "Walt Disney built an empire from the riches of the public domain. We'd like to support a hundred thousand more Walt Disneys."

As a first step, Creative Commons has developed a group of licenses that will allow copyright holders to surrender some rights to works while keeping others.

One license, for instance, allows people to copy or distribute a work as long as they give the owner credit. Another allows a work to be copied, distributed or displayed as long as it is for a noncommercial purpose. A third license permits copying but forbids using the work to make another, derivative work. (The licenses are legal documents, although that doesn't guarantee that people will honor them.)

A license pioneer is Roger McGuinn, leader of '60s rock group the Byrds and more recently a folk music enthusiast. He's licensing 80 songs through Creative Commons, giving the world permission to take his work as long as all three of his licenses are respected.

By encouraging free distribution and widespread sampling, McGuinn might end up increasing his sales. It's an argument almost as old as the Web; Creative Commons is merely offering tools to allow it to happen on an easier, artist-sanctioned basis.

"Realistically, the first group to use these licenses will mostly be academics and hobbyists," said Executive Director Glenn Otis Brown. "But I can imagine perfectly mainstream record companies licensing things on parts of their Web site. In our wildest dreams, in five years pretty much every kind of material will be licensed."

That this will really happen, and that the material licensed will be things worth looking at, reading or listening to, may seem improbable. But then, so did the notion of mounting an effective challenge to the constitutionality of the current copyright law, which was the recent undertaking by several members of the Creative Commons brain trust.

The legal case arose out of the outrage felt by Eric Eldred, an Internet publisher of material in the public domain, when Congress in 1998 extended copyright terms by 20 years. The result was that no new material -- no Hemingway, no Gershwin -- will enter the public domain until 2019.

Lessig, then at Harvard, took Eldred as a client. He nursed the case through two lower court defeats and an entirely unexpected decision by the Supreme Court to review it. Oral arguments were in October; a decision is due by the end of June.

Eldred is a member of the Creative Commons board. Other members include computer science professor Hal Abelson of the Massachusetts Institute of Technology, Duke University law professor James Boyle and former documentary filmmaker Eric Saltzman, all of them big guns in the field of cyber law.

If the Eldred case represents an attempt to short-circuit the entertainment industry's desire to keep its old works under exclusive control for an ever-lengthening amount of time, Creative Commons was developed as an intellectual property conservancy through which control would be shared, limited or nonexistent.

The notion of loosening the bounds of copyright isn't new. For more than a decade, the Free Software Foundation has used for its own programs and offered others a license that guarantees the freedom to share and change software. O'Reilly & Associates, a leading computer manual publisher, uses the Web to publish a number of books under open-publication licenses.

Still, the notion that creation confers ownership and that ownership is practically eternal is embedded in the system.

Since 1978, copyright protection has been automatic on any new work -- which has made it very hard to purposely free it. In response, Creative Commons has developed what it is calling the Founders' Copyright. A creator agrees to a contract with Creative Commons to guarantee that a work will enter the public domain after just 14 years, which was the span granted by the first copyright law in 1790. O'Reilly said it will be the first to publish under these terms.

Another license puts work into the public domain immediately. One of the first works to have a public domain license will be "The Cluetrain Manifesto," an influential book on Internet marketing that was published three years ago. It was a natural evolution, considering that the text of "Cluetrain" was posted on the Web awhile ago by the authors.

"It continues to sell well in stores and on the Web," said one of the book's four authors, Doc Searls. "Did having the whole text on the Web help? I think so, but we can't tell."

How much "Cluetrain," as well as the experiences of O'Reilly and the Free Software Foundation, presages a wider movement toward limited licensing or the public domain is uncertain.

Critics already are wondering why a creator would donate anything to the public domain beyond, for example, an unpublished or unpublishable novel. Are people so altruistic as to create things for free? "The same thing was said about the whole Internet a few years ago," Eldred observed. "The existence of the Web is the answer."
********************************
Wired News
Deadline Nigh for INS Program

Monday marks an important deadline for almost 3,000 men ages 16 and up who are visiting the United States from five countries designated as sponsors of terrorism.

They must register with the Immigration and Naturalization Service's new biometric immigration database or face fines and deportation.

Under the National Security Entry Exit Registration System, launched on the one-year anniversary of the Sept. 11 attacks, the government must maintain photographs and fingerprints of all male visitors from Iraq, Iran, Libya, Syria and Sudan. Another 13 countries were added to the list in October with a compliance deadline of Jan. 10.

Participants are digitally photographed and fingerprinted so that investigators can determine whether they fit the profile of suspected terrorists, as well as aliens with criminal records.

So far, 179 individuals have been detained after registering, but none turned out to be terrorists, said Jorge Martinez, a spokesman for the Immigration and Naturalization Service.

The creation of the INS program is the first step in a process that will include the integration of the system's database with the FBI's data on 40 million criminals.

Congress directed that the databases be merged after a notorious 1999 case wherein the INS deported a wanted serial killer, who later returned and killed four more people. However, a number of significant hurdles, both technical and political, must be cleared before that can happen.

The INS system contains two flat (digitally scanned) fingerprints of each person, whereas the FBI's database stores 10 fingerprints rolled in ink of each person. That makes it difficult to conduct searches across both databases.

In addition it takes around two hours to search the FBI's database, which is too long for the INS purposes.

On the political front, the INS system is under fire from both liberals and conservatives.

Rep. Anthony Weiner (D-N.Y.) has expressed anger that Saudi Arabia was kept off the list of nationalities being monitored, even though 15 of the 19 Sept. 11 terrorists were Saudi nationals.

A leaked Justice Department directive, first published by WorldNetDaily, indicated both Saudi Arabia and Pakistan would be added to the list in October. Neither were added, however, and Martinez refused to comment on the document.

Hussein Ibish, spokesman for Arab-American Anti-Discrimination Committee, said the list is discriminatory because it only includes Muslim countries, along with North Korea.

Dan Stein, executive director of the Federation for American Immigration Reform, a conservative group, has also criticized the system for its narrow focus on a handful of targeted nations.

Both Ibish and Stein think the INS system should monitor visitors from all countries outside the U.S.

They may soon get their wish. Under the Enhanced Border Security Act of 2002, the government is required to develop an automated information system called Chimera that places machine-readable biometric identifiers in all visas and passports by 2004. The General Accounting Office estimates Chimera will cost between $6 billion and $11.5 billion to build.

However, the same technical issues preventing the INS from integrating its data with the FBI's information are making it difficult to put Chimera into practice, officials said.

To solve this dilemma, the Justice Department is considering a plan to digitally capture the equivalent of 10 rolled prints, which would be a significant step toward a successful integration.

Still, the INS would still need to find a way to check these prints in minutes, not hours.

Even then, as with all biometric systems, fingerprint identification isn't foolproof. A recent Federal Aviation Administration prototype system missed 18 to 36 percent of correct matches in a recent test. It also issued false positives in up to 8 percent of cases.
*****************************
Los Angeles Times
Harbor to Put Security to Test
New safeguards could offer valuable lessons to deter terrorism. But the challenge will be to not disrupt flow of cargo.
By Louis Sahagun
Times Staff Writer

December 16 2002

The adjacent ports of Los Angeles and Long Beach are being transformed into testing grounds for new devices and strategies designed to deter terrorism, particularly the threat of a nuclear bomb.

The challenge, authorities say, is to balance the new safeguards with the flow of commerce in the nation's busiest harbor complex, where 15,000 tractor-trailer-sized cargo containers arrive from around the world each day.

"Given that uninspected containers are a logical entry vehicle for a weapon of mass destruction, this is an important area for testing new security technology," said Rep. Jane Harman (D-Venice), a member of the House Subcommittee on Terrorism and Homeland Security. "The lessons we learn from these systems will have broader applications everywhere in the country."

By the end of next year, authorities expect the waterfront to bristle with video camera systems, motion sensors and radiation detectors able to sniff out a nuclear bomb in a container on a train traveling past at 30 mph.

Suspicious cargo may be scrutinized at a $40-million inspection center planned for Terminal Island and funded by a variety of revenue sources, including state and federal counter-terrorism programs, as well as the local ports, authorities said.

The Los Angeles Port Police, once a backwater agency dedicated to keeping thieves and drug smugglers off the docks, will move into a 40,000-square-foot headquarters connected to video surveillance cameras scanning operations between the Vincent Thomas Bridge and the breakwater.

The Homeland Security Department's Transportation Security Administration and local authorities aim to fund a $35-million credential system that will involve plastic identification cards containing every port worker's holographic photograph, fingerprints, signature, driver's license number and criminal background.

The 10,500-member International Longshore and Warehouse Union has long opposed credential systems if they include extensive criminal background checks, arguing that they would amount to an unfair invasion of privacy. Union officials Friday were reluctant to comment on the current proposal.

Experimental tamper-proof locks and other security systems will be tested next year on Los Angeles-bound containers before they leave Hong Kong's Modern Terminals under a program to be partly funded by the U.S. Department of Transportation.

Under that program, "the port will be working partners with foreign port officials and terminal operators to establish new protocols and technology prototypes for screening and securing containers before they leave for Los Angeles," said Mayor James K. Hahn.

"We will continue to be at the forefront of security because only when our ports are safe and secure can we do our best to expand economic vitality."

Elsewhere, the Long Beach Police Department has added boats to its arsenal, and "no fishing" signs are going up wherever freight is moved near the water's edge.

New Team Deployed

Only a month ago, the Coast Guard stationed a new 72-member marine safety and security team in San Pedro that is trained for close-quarters battle at sea. It is ready for deployment anywhere on the West Coast on 12 hours' notice.

The team's mission is maritime homeland security, with a focus on protecting the nation's 50 major ports. Its duties range from routine harbor patrols to intercepting hijacked ships.

"We're not going to sit by and let another Sept. 11 happen in this water," Coast Guard Petty Officer Chuck Ashmore said as he boomed across the harbor in one of the team's specially designed boats powered by dual 225-horsepower engines and armed with two .60-caliber machine guns.

A few minutes later, he pulled up alongside a dock where commercial divers were working on the hull of a foreign freighter. After team members eyeballed the operation and asked the divers for proof of identification, Ashmore turned his boat around and sped off to intercept a fishing hauler half a mile away that was cruising uncomfortably close to an incoming oil tanker.

"We're out here day and night," said Coast Guard Lt. Cmdr. Keith Smith, who is in charge of the team. "Are we successful? Hard to say. We may never know whether someone changed their mind about trying something horrible because they saw us go by."

Some of the security enhancements are less visible to the public. For example, the Coast Guard has, for the first time, begun conducting port security probes with plainclothes officers.

The stakes are high. A surprise attack on a tanker, chemical plant, refinery, bridge or rail system in the harbor, which has a daily population of about 200,000 and handles about 43% of the nation's annual sea trade, could have a catastrophic effect on the local community and the global container industry.

Holes in Security Net

As it stands, authorities concede that the shoreline's security net is full of holes.

The 20 law enforcement, fire and health agencies that serve the harbor could be better organized, and they have yet to agree on a common radio frequency for communication. Federal grants for port security measures have been less than expected.

Emergency officials acknowledge that there is a potential for chaos in the event of a "worst-case scenario," such as the sinking of a freighter at the entrance to either of the harbor's two shipping lanes, a toxic cloud rising off a major conflagration at a chemical plant or the detonation of a "dirty bomb" law enforcement jargon for a conventional explosive used to spread radioactive material.

The ports of both Los Angeles and Long Beach have contracted with security giant Science Applications International Corp. of San Diego, which designed the 2002 Winter Olympics safety command center, to help develop a coordinated response to potential terrorist strikes.

"We're jazzed about the future," said Coast Guard Capt. John Holmes, whose jurisdiction includes the Southern California coastline. "It's exciting to know that what we are doing here now may well change the way cargo security is handled around the world."

For the time being, the focus is on preventing terrorists from hiding a nuclear weapon in a cargo container.

"We feel that's the biggest threat to the port," said Los Angeles Port Police Chief Noel Cunningham. "The Osama bin Ladens of this world are trying to find ways to penetrate our defenses. If they feel we're guarding the ports of entry, they'll go elsewhere."

With that goal in mind, the ports have contracted with Sandia National Laboratories in New Mexico, which is developing relatively low-cost radiation detectors that authorities want to test at key locations in Singapore, the harbor complex and the 20-mile-long Alameda Corridor rail line connecting the ports with train yards just south of downtown Los Angeles.

Charles Massey, an expert on maritime security at Sandia, has applied for federal funding to conduct the experiments.

"Once that federal funding is turned on," he said, "I'll have the system on the ground and working before the end of 2003."

Separately, Customs Service spokesman Dennis Murphy said, "Los Angeles is high on our list" for deployment of its own radiation detection systems.

In the meantime, "we should continue be worried about the ports, which remain our greatest point of vulnerability," said Councilwoman Janice Hahn, whose district includes the Port of Los Angeles.

"While we've making big strides in the effort to prevent a weapon of mass destruction from entering the port complex," she said, "they haven't been fast enough."
*******************************
Associated Press
Co. Invokes Security in Seeking U.S. Help
By TED BRIDIS, Associated Press Writer

WASHINGTON - The Bush administration sped approval for moving one of the Internet's 13 traffic-management computers after a prominent technology company urged the government to "declare some kind of national security threat and blow past the process," according to federal officials' e-mails.


The correspondence provides a window into how U.S. corporations invoke national security to expedite business requests.


In this case, the Commerce Department (news - web sites) approved in just two days Verisign Inc.'s request at the end of October to move one of the 13 computer servers that manage global Internet traffic. Verisign operates two of the world's "root servers," which contain lists of directories that control e-mail delivery and Web surfing.


The company's lobbyists had argued that waiting additional days or weeks for approval "is a problem and could impact national security," according to e-mails among U.S. officials obtained by The Associated Press under the Freedom of Information Act.


Leading technology experts and senior government officials said the change was appropriate to correct a poor design decision made five years earlier. They said holding off for days or weeks would not have jeopardized either national security or the Internet.


Watchdog groups say it is an increasingly popular, and successful, argument for companies to claim requests need approval to avoid risks to national security.


So far, it has helped win liability protection for airlines and pharmaceutical companies and financial help for insurance companies.


"It's become the mantra. Industries are using the national security threat to get a lot of regulations they want," said Larry Noble, executive director for the Center for Responsive Politics. "The problem for government is to sort out the legitimate claims and what are cover stories."


Banks, utilities and technology companies warned Congress this year that they feared telling U.S. officials too much about their security problems because the information might be disclosed publicly and risk national security. The result: President Bush (news - web sites) signed new exemptions from open records laws last month.


The Commerce Department said it never had been convinced by Verisign's lobbying that national security would be threatened unless the server were moved quickly to a new location in northern Virginia to protect it better from natural disasters or hacker attacks. The last such change was in 1997.



(Story continues after advertisement)


Commerce spokesman Clyde Ensslin said the department worked to approve the request "as quickly as possible, but there was no known national security threat to the root server system and therefore no need to proceed on an emergency basis."

The department approved the decision two days after the request was presented through the Internet Corp. for Assigned Names and Numbers, an organization that oversees Web addresses. The change originally was to have taken place after some of the organization's top experts made recommendations in mid-November.

With Verisign pressing, there was some confusion inside the Commerce Department, according to the e-mails.

In one series of e-mails, the head of Commerce's National Telecommunications and Information Administration (news - web sites), Nancy Victory, and another NTIA official were reported to have spoken with a Verisign lobbyist on Oct. 30 and "asked them to invoke the emergency procedures."

"This will allow the change to happen ASAP," wrote Robyn Layton, the Commerce agency's associate administrator.

Another Commerce employee at headquarters responded minutes later in an e-mail, asking: "So, what does this mean invoke the emergency procedures? Do I have to do anything on this end?"

This employee lamented a lack of instructions for making changes to the 13 most important computers managing the world's Internet traffic. She followed up the next morning with another e-mail that "things are under control once again."

The Commerce Department said Victory never approved emergency procedures as Verisign's lobbyists had sought.

Verisign spokesman Brian O'Shaughnessy said the company "never officially asked for emergency procedures." But a second spokesman, Tom Galvin, acknowledged, "We really wanted it done as soon as it could be."

Several Commerce officials' e-mails describe a series of contacts from Verisign lobbyists making the plea for urgency.

The company wants "to push us to declare some kind of national security threat and blow past the process," one e-mail said. The subject line of another message described the company's "request for immediate authority to effect address change."

One Commerce official predicted that Verisign's Washington lobbyist "will call again today with the same `national security' concern he had before. ... If you want me to fend him off, then I need to know what to say."

Lobbying experts said companies must cautiously decide when to invoke national security.

"Any good lobbyist always tries to fairly and accurately represent his client's position and do so in a truthful way," said Wright Andrews, a former president of the American League of Lobbyists. "It's unethical and just plain dumb to go in and make a misrepresentation."

Vinton Cerf, board chairman for the ICANN (news - web sites) organization, said the change was planned for months and that nothing in recent weeks not even an unusual hacker attack Oct. 21 against all 13 servers justified special urgency.

"I do not think this was a consequence of the attack," Cerf said.

"I really don't think there was a national security issue," agreed Stephen Crocker of Bethesda, Md., an early Internet expert and head of an advisory committee on the security and stability of these 13 computer servers. "I think this was more a desire to make it happen and an opportunity to cut through some of the normal bureaucracy."
*******************************
New York Times
December 16, 2002
Internet Prescription Sales Rise
By BOB TEDESCHI

Now that the Internet's young, high-spending set is increasingly sharing cyperspace with older, less affluent users, some significant electronic commerce opportunities are emerging.

Consider drug retailing. As online users look to reduce their prescription costs and the number of trips to the drugstore, analysts say Web pharmacists are well positioned to take a greater share of the retail pharmaceutical market.

As with so many other e-commerce categories, the market looks much different from the one that people expected just a few years ago. So-called pure-play online drug retailers may have stumbled just as badly as merchants in many other Internet categories. But unlike other e-tailers, the online drug merchants were not done in primarily by bricks-and-mortar stores.

Rather, e-tailers and traditional retailers have ceded much of the Internet drug market to what might best be called the catalogers of the medical world: pharmacy-benefit managers. These companies, known as P.B.M.'s, help run health care benefits programs for insurers and are big businesses in their own right. For years, benefit managers like Express Scripts and the Medco Health Solutions unit of Merck have sold prescriptions by mail to millions of their health plan members.

What is more, these benefit managers can dictate which Web sites their members can buy from, assuming the members want to take advantage of reduced prices and other benefits under their plans. In some cases, as with Express Scripts, pharmacy-benefit managers have agreed to work with other Internet druggists, but the biggest ones, like Medco Health, have not.

As a result, most online prescription drug sales go to the Web sites of the benefit managers, not to the sites of traditional drugstores like CVS or Rite-Aid and not to the lone remaining pure-play online drug retailer of significance, Drugstore.com. Still, analysts said the online market was growing briskly enough for Drugstore.com and its traditional drugstore rivals to perform reasonably well if not up to the overblown expectations of 1999 while continuing mainly to benefit the pharmacy-benefit managers.

"The good news for all these guys is that the pie is growing bigger, and mail-order sales are showing the fastest rate of growth," said Jonathan Gaw, an analyst with IDC, a technology research company.

Mail-order prescriptions, a category that includes Internet sales, grew to nearly $28 billion in 2001, from $17 billion in 2000, according to the National Association of Chain Drug Stores, an industry trade group, which has not yet released 2002 figures. It is easily the fastest-growing component of the $164 billion drug industry.

And the Internet portion of the mail-order drug industry currently about 20 percent of the total is itself growing rapidly. Forrester Research, a technology consultant, says consumers will buy $2.8 billion worth of prescription drugs online this year, as well as $900 million worth of over-the-counter drugs and vitamins. Forrester predicts that those numbers will more than double next year to $6.7 billion for online prescription drug sales and $3.3 billion in non-prescription remedies and vitamins. They should double again in 2004, Forrester says.

Even so, industry executives are looking for ways to entice more consumers online, where companies can sell drugs more profitably and insurers and health care providers can realize much-needed cost savings.

Analysts still see validity in the logic that made so many bullish about the online drug market during the dot-com heyday: baby boomers are growing older and are facing more chronic illnesses with each passing year. And as buying on the Internet becomes more of a mainstream activity even for less-affluent and older adults, analysts predict that baby boomers will choose to order their Viagra, Propecia, Lipitor and other nonemergency medications online rather than trudging to the pharmacy and standing in line.

Analysts say the most successful online seller of prescriptions is Medco Health, a pharmacy-benefit manager that sold about $1 billion worth of drugs on its Web site, medcohealth.com, in the first 10 months of this year.

Although the figure is but a fraction of the $29 billion worth of prescriptions the company sold last year to its 65 million plan members, it is substantial nonetheless, in the view of Stephen J. Gold, Medco Health's senior vice president for electronic commerce strategy and delivery.

Like executives at other mail-order companies, Mr. Gold said Internet sales were more efficient than taking orders over the phone. Medco Health, he said, shares the savings gleaned from such sales with customers, in the form of lower prices, and with its clients, in the form of lower health care costs. Mr. Gold said the Internet could also be an important tool for helping steer consumers to generic brands and other lower-cost drugs through e-mail promotions, for example, thereby saving companies substantial sums on health insurance contributions they make on their employees' behalf for brand-name drug purchases.

Traditional drugstores have chosen not to compete directly with pharmacy-benefit managers online, analysts said, in part because they do not want to risk alienating them. The P.B.M.'s determine which retailers their plan members can buy drugs from, and the drugstores do not want to be shut out.

And yet, traditional retailers like CVS have enjoyed at least one important benefit of online prescriptions: steady foot traffic to their stores. Of the prescriptions processed through CVS.com, 80 percent are picked up in CVS stores, "a number we found very startling," Todd Andrews, a CVS spokesman, said.

Mr. Andrews said he had no information on whether those consumers tended to spend more money at the stores than non-Internet shoppers. But online analysts have long said that customers who patronize a company through various means be it catalog, stores or the Web are significantly more valuable than those who shop through just one retail channel.

And yet, Drugstore.com has clung to its Internet-only roots. Although the company is still in the red, losing $14 million last quarter, it says it has enough cash on hand to continue operations through 2004, when it says it will reach profitability.

Andy Stergachis, Drugstore.com's senior pharmacy adviser, says the key to reaching that goal is prescription drugs, which represent about 60 percent of the company's sales. As with any pharmacy, he said, customers frequently come to the site to fill prescriptions, then fill their baskets with some of the other 18,000 products Drugstore.com sells.

The company has made deals with pharmacy-benefit managers, like Express Scripts, that account for 60 percent of the nation's population. Analysts said Drugstore.com had little chance of attracting all the big benefit managers in the near future, but such deals are helping the company increase its drugs sales faster than the industry average.

"And with the size of this market," Mr. Stergachis said, "you don't need a large percentage of sales to get to an extraordinary number."
*******************************
San Francisco Chronicle
TECH21
Wireless bigger than Bud but still not secure

Before too long, Wi-Fi will be bigger than Bud.

At least that's the claim of the Wi-Fi Alliance, the trade association that promotes wireless networking based on the family of standards known as 802.11. In a keynote earlier this month at a conference called 802.11 Planet, the group's chairman, Dennis Eaton, displayed a chart showing that annual revenue from sales of Wi-Fi gear is on track to pass Budweiser's $5 billion by the end of 2005.

I don't usually put much stock in such industry self-promotion, but I'm a Wi-Fi booster myself. I first wrote about it 2 1/2 years ago in a column "Welcome to my wireless world," where I described the pleasures of reading my e-mail at the kitchen table and surfing the Web from my sofa.

Although the equipment was still hard to find for Windows PCs, I thought I was on to something big, and the response to the column proved the point: It generated more than 300 e-mail messages -- more than anything else I've written before or since.

Since then Wi-Fi sales have soared, even as most other tech categories have staggered. Now virtually every computer and networking manufacturer is pushing wireless gear.

The industry's two superpowers, Microsoft and Intel, have hopped on the bandwagon: The former has not only built good support for Wi-Fi into Windows XP, but also (as my colleague Todd Wallack notes elsewhere on this page) come out with its own line of networking hardware.

Intel is predicting that more than half the notebooks that use its chips next year will ship with wireless capability built in, so it has retooled its investment and development programs to give priority to this phenomenon. Just this month it joined with IBM and AT&T in a new joint venture, Cometa Networks,

to build and service 20,000 Wi-Fi hot spots (public-access networks) -- on top of the 12,000 that have already sprung up in recent years.

Altogether, Wi-Fi has been a big winner for the industry and its customers, particularly the growing numbers of consumers who have a notebook and a broadband connection at home.

There's every reason to think that will continue, but there are some clouds that mar this rosy picture -- some issues that generate anxiety and frustration among adopters of wireless technology.

One of them, as Wallack's experience reveals, is initial setup It's still complicated and fraught with hassles. The plain truth is that the rest of the industry still hasn't caught up with the standard Apple set in this area three years ago when it introduced wireless networking to the consumer mainstream with its AirPort line.

For this week, though, I'll leave that issue to Wallack, except to say that Microsoft's promise of a breakthrough in ease of setup didn't work out any better for me that it did for him. Over the years, I've set up more than a dozen Wi-Fi networks, usually with only minor hassles, but with Microsoft's gear, it took me seven tries and two hours on the phone with a senior support technician to get things working properly.

Beyond that, I'll focus on another issue that ought to concern anyone using or considering wireless networking: security. In a future column I'll address the problem of proliferating and sometimes conflicting wireless standards.


COMING SOON: SECURITY
Technology that was designed to keep casual passers-by or malicious hackers from exploiting your bandwidth and intercepting your data was designed into 802.11 from the start. For several reasons, though, it doesn't work very well.

First, to avoid further complicating an already challenging setup process, most vendors of wireless equipment turn the built-in data-encryption scheme -- called WEP, for Wired Equivalent Privacy -- off by default, and many, probably most, users never bother to turn it on.

Second -- again in an effort to make things easy -- vendors often supply default values for some essential settings, such as the name ("SSID") that will identify your local wireless network or the keyword used to decode scrambled data if you turn WEP on.

The trouble is, many users don't bother to change these default values. Therefore, anyone who purchased gear from the same vendor or any hacker who has collected the default settings used by major vendors has easy access to your network.

Third, even if you turn on all the standard security measures and configure them with values a stranger can't easily guess, you're still vulnerable, at least to serious hackers. Although the encryption algorithm underlying WEP is sound, its implementation turns out to be deeply flawed (as much in the 128- bit version, which was supposed to provide tighter security, as in the low-end 64-bit version).

A series of papers published last year by cryptography experts exposed these flaws, and software enabling hackers to take advantage of them quickly appeared on the Internet. Today anyone with this software, an ordinary laptop and an off-the-shelf wireless card can crack WEP and get on your network within an hour or two once they get within range.

Back in September 2001, just weeks after the most devastating disclosure of WEP's weaknesses, I reported that "it looks as though a relatively quick and painless fix may be in the offing." The relevant standards committee, convening in an emergency session to deal with the crisis, had outlined a new security scheme, one that would supposedly be free of WEP's flaws but compatible with most existing Wi-Fi hardware.

"With luck," I wrote, based on interviews with representatives of the Wi-Fi trade association (then known as WECA), "the fix should be ready this fall" -- the fall of 2001.

Unfortunately, it seems that Lady Luck isn't into wireless, or else she has her own security system. It took the technical experts more than a year to agree on the substance of a new plan, and they still haven't finished editing the technical document describing it.

The process is far enough along so companies are starting to engineer the plan, which is known as Wi-Fi Protected Access (WPA), into their products. The Wi-Fi Alliance plans to start testing these products in February or so, to make sure different manufacturers' implementations of the standard work together reliably.

Some wireless gear with WPA could be on the shelves that month, and products certified by the alliance should be out by April. You should be able to upgrade current cards and access points to the new standard by way of new software drivers and firmware updates.

Of course, there's an important qualifier to all of those predictions: with luck.


WHAT IS TO BE DONE?
Where does that leave consumers in the meantime? If you don't have wireless yet, you're concerned about security and you don't want to worry about having to update your equipment in a few months, you might want to hold off until updated, compatibility-certified products are available.

But then you'd be missing out on the joys of Wi-Fi until then. If you don't want to wait or if you already have Wi-Fi, there are steps you can take that will provide effective security against casual snoops, if not against determined and knowledgeable hackers:

-- Turn on WEP, for what it's worth.

-- Make sure your network name and WEP key are not the defaults, your street address or anything else that's easily guessed.

-- If your configuration software has a feature called closed network, access control or something similar, you can set it so only machines with IP numbers you specify will be allowed on the network.

-- If you're connecting to your company network, you should be using an add- on data-scrambling software called a virtual private network (VPN). Talk to your IT department.

Aside from these wireless-specific issues, it's extra-important for home users with wireless to take the basic precautions anyone with a broadband connection should:

-- Make sure the firewall features built into your router -- the device at the center of your network -- are fully enabled. Most routers today have such capabilities, and as far as I can tell, they're usually on by default, but it pays to check. Look in the manual that came with the device, then in your software settings, which in most cases you can get to with just a Web browser.

-- If you don't use file sharing -- the feature of Windows and Mac operating systems that gives machines on your network access to files on others -- turn it off. (For specific instructions, look up sharing in your computer's electronic help system.) If you share files occasionally but not regularly, consider leaving sharing off except when you're actually using it.



--------------------------------------------------------------------------------

ONLINE INFO FOR NETWORK NOVICES
Here are some places that have more information on Wi-Fi:

-- For some basic background on wired and wireless home networking, see two recent Tech21 columns: "How to network your home" (sfgate.com/cgi-bin/article.cgi?f=/c/a/2002/10/28/BU206176.DTL) and "Wireless comes of age" (sfgate.com/cgi-bin/article.cgi?f=/c/a/2002/11/04/BU101976.DTL).

-- There's a lot of useful information about both wired and wireless networking at www.homenethelp.com. One section of the site offers advice about finding a professional installer or consultant, although there aren't many such operations listed for the Bay Area.

-- The wireless-networking trade association, Wi-Fi Alliance, has a much improved Web site, including a step-by-step guide to planning and installing a wireless network, at www.wi-fi.org.

-- CNET has a section called "Wireless Networking 101" at computers.cnet.com/hardware/0-7052-8-20517010-1.html?tag=inside.

-- Microsoft offers a useful introduction to networking, at www.microsoft.com/insider/networking.

-- Apple provides a helpful document called "Designing AirPort Networks" with its AirPort wireless gear. One that covers both Mac OS 9 and X is available at manuals.info.apple.com/Apple_Support_Area/Manuals/hardware/0220180AirPortNetworks2.PDF.


-- Some third-party manufacturers of networking gear post background info on their Web sites. Linksys has a section called "How to Network" at www.linksys.com/edu, and 3Com offers online courses on networking at www.3com.com/support/en_US/learning_center/catalog.html.
****************************
Federal Computer Week
All eyes on Total Info Awareness
BY Dan Caterinicchia
Dec. 16, 2002

Perhaps no project being developed as a result of the Sept. 11, 2001, terrorist attacks has caused such intense public scrutiny and debate as the Defense Advanced Research Projects Agency's Total Information Awareness (TIA) system.

TIA, in theory, will enable national security analysts to detect, classify, track, understand and pre-empt terrorist attacks against the United States by spotting patterns using public and private transaction and surveillance methods.

The system, parts of which are already operational, incorporates transactional data systems, including private credit card and travel records, biometric authentication technologies, intelligence data and automated virtual data repositories. Its goal is to create an "end-to-end, closed-loop system," to help military and intelligence analysts make decisions related to national security, said Robert Popp, deputy director of DARPA's Information Awareness Office (IAO), which is heading up the effort.

"The purpose of TIA would be to determine the feasibility of searching vast quantities of data to determine links and patterns indicative of terrorist activities," said Pete Aldridge, undersecretary of Defense for acquisition, logistics and technology, at a Nov. 20 press briefing.

But the system poses concerns. Speaking Dec. 12 at a briefing entitled "Yellow Light on Total Information Awareness," sponsored by the Cato Institute a libertarian, market-oriented think tank Robert Levy, senior fellow in constitutional studies at Cato, said the TIA system poses three potential risks:

* Misuse of the database information.

* Blurring of the enforcement lines between terrorism and nonterror-related crimes.

* Overall ineffectiveness because terrorists will learn the rules or patterns and adjust, as well as "false positives" on targeting innocent citizens.

'They Have Adapted'

Levy's concern about terrorists' ability to adapt appear to be justified, based on remarks that Air Force Gen. Richard Myers, chairman of the Joint Chiefs of Staff, made Nov. 4 at the Brookings Institution. Myers said that U.S. military efforts in Afghanistan may need to be revamped because of the ability of al Qaeda to adapt to DOD's tactics.

"They have adapted," Myers said. "They adapt the way they talk to each other, the way they pass money. They've made lots of adaptations to our tactics, and we've got to continue to think and try to out-think them and to be faster at it."

Despite the need for new tactics in the near-term, Aldridge said the TIA "experiment" would be demonstrated using test data resembling real-life events, but that the "feasibility" of actually using the system is "several years away, based upon the ability to understand the technology."

"We'll not use detailed information that is real," Aldridge said. "In order to preserve the sanctity of individual privacy, we're designing this system to ensure complete anonymity of uninvolved citizens, thus focusing the efforts of law enforcement officials on terrorist investigations. The information gathered would then be subject to the same legal protections currently in place for the other law enforcement activities."

Such assurances did not satisfy Levy, who repeatedly questioned the civil liberties infringements that may result from using the TIA system and said DOD still has many questions to answer, including:

* Who has access to the system and how are those people selected and trained?

* What oversight procedures are in place and what are the sanctions for misuse?

* What restrictions apply to the use of private data?

Charles Pe-a, senior defense policy analyst at Cato, said that TIA might better stand for "totally innocent Americans." He added that the way the "law of large numbers" works means that many innocent people will be falsely accused if the government's intention is to keep a dossier on every adult American, of which there are about 240 million.

Pe-a said the only way that the TIA system could be useful is if it is used to look for behavior and transaction patterns of a small number of people that are suspected of having terrorist potential.

"The pool of suspects must number in the hundreds" and be preceded by solid law enforcement and detective work, he said.

Some Components Already at Work

The TIA system will combine strategic analysis with knowledge discovery and will promote collaboration among users worldwide by providing access to the most relevant and timely information, Popp said.

"There are currently subsets of the tools and technologies being used by analysts to help us understand if they are useful or not," Popp told Federal Computer Week in October.

Several TIA components are housed at the Army Intelligence and Security Command's Information Dominance Center. That partnership enables DARPA to maintain its research and development focus while working with the command on testing and evaluation and "getting technology into the hands of the user" as quickly as possible, Popp said.

Clyde Wayne Crews Jr., technology policy director at Cato, said that the TIA system could also have a freezing effect on the nation's e-commerce activity for many reasons including:

* Data transfer procedures for turning over private records to the government.

* Loss of business due to increased public fear that previously private transactions and records could be turned over to the government.

* Companies' right to refuse to turn over citizen records to the government being jeopardized.

E-commerce is still in its infancy, and "the last thing we need is an impediment to assuring people their data is private," Crews said.

TIA Leader Causes Greater Concern

DARPA created the Information Awareness Office in mid-January 2002 with the mission of developing and demonstrating information technology such as data-mining tools designed to counter "asymmetric threats," such as terrorist attacks.

John Poindexter, national security adviser to President Reagan, who may be most well known for his part in the infamous Iran-Contra dealings, is the director of the new agency. His involvement in the project has only fanned the flames of controversy.

Sen. Charles Schumer (D-N.Y.), Cato analysts, and many privacy and government watchdog groups have expressed serious reservations about Poindexter's involvement in the program.

But no one may have taken a tougher stance against Poindexter than New York Times columnist William Safire, who in a scathing Nov. 14 editorial, wrote: "He is determined to break down the wall between commercial snooping and secret government intrusion. The disgraced admiral dismisses such necessary differentiation as bureaucratic 'stovepiping.' And he has been given a $200 million budget to create computer dossiers on 300 million Americans."

DOD's Aldridge said Poindexter came to the department with the TIA project proposal after Sept. 11, but that his involvement will end in the research stage.

"Once the tool is developed...John will not be involved," Aldridge said. "What John Poindexter is doing is developing a tool. He's not exercising the tool. He will not exercise the tool. That tool will be exercised by the intelligence, counterintelligence and law enforcement agencies."

The TIA project is funded in the fiscal 2003 budget at $10 million, and DOD is developing future funding requirements, Aldridge said.

However, the Electronic Privacy Information Center obtained DARPA budget documents and found that although the TIA budget is $10 million, related programs that may become part of the system are funded at $240 million for fiscal 2001 through 2003.

Popp said IAO's budget for fiscal 2003 is about $150 million, up from about $96 million last year. He added that DARPA received more than 170 proposals after issuing a broad agency announcement for the TIA system in March and is in the process of funding the most relevant ones.
******************************
Federal Computer Week
Vendor picked for USAJobs revamp
BY Colleen O'Hara
Dec. 16, 2002

The Office of Personnel Management has selected a vendor to redesign the agency's online jobs site so that it is easier to use and appeals to people in the private sector considering a job with the federal government.

As soon as this week, OPM is expected to announce the winning vendor that will revamp USAJobs as part of the Recruitment One Stop e-government initiative. The decision is awaiting final approval from OPM Director Kay Coles James.

"Our goal is to compete with the private sector," said Norm Enger, director of OPM's e-government programs. When job-seekers come to USAJobs, Enger said, they should be attracted to it and eager to submit their resume. "We will have a place to attract the best and the brightest."

Applicants inside and outside government have long criticized the federal hiring process as slow and cumbersome. Federal job vacancy announcements are hard to understand and hard to find, and applicants get little feedback once their resumes are submitted.

The new USA Jobs site is expected to change all that. For instance, it will offer easy job searching, better display of information, improved readability of job announcements, the ability by applicants to check the status of their resume once submitted, and immediate feedback on certain items such as the applicant's eligibility for a particular job, said Claire Gibbons, project manager for the Recruitment One Stop program.

OPM expects to unveil the new site at least the first iteration of the new site in January. By July 2003, the site will integrate seamlessly with agency business processes and automated assessment tools.

One of the barriers to creating a new streamlined hiring process, Gibbons said, is that applicants may still submit hard copy applications and may use any format. Also, agencies must implement business processes to support receipt of electronic applications.

Gibbons and Enger were speaking Dec. 13 at a conference presented by Federal Sources Inc. and Potomac Forum Ltd.
*****************************
Federal Computer Week
Homeland e-mail links ready
BY Diane Frank
Dec. 16, 2002

When the Homeland Security Department officially comes into being Jan. 24, 2003, the basic technologies to connect all its workers will be in place, said Steve Cooper, chief information officer at the Office of Homeland Security.

A group of designers from the agencies and organizations that will be moving into the department have created a single virtual e-mail directory that will direct all incoming messages to the appropriate existing agency e-mail systems and send out all e-mails with a "username@xxxxxxx" address, Cooper said in an interview Dec. 13.

Testing of the task group's common Lightweight Directory Access Protocol directory will begin soon after Jan. 1 so that it can go live Jan. 24, Cooper said.

Discussions are ongoing about whether employees at the larger, intact agencies -- the Coast Guard, the Transportation Security Administration and the Secret Service -- will get a slightly different address, such as "username@xxxxxxxxxxx," he said.

Cooper and other officials in the Office of Homeland Security have long said that e-mail and an internal Web portal are among the new department's most important systems to have running on Day One.

The external portal will be built using TSA's platform, Cooper said. But the internal portal, or intranet, initially will be an interim solution that takes pieces from many existing portals, he said. The task group is preparing this temporary portal while developing recommendations for a permanent one, he said.

For now, all of this is being done with only the funding that the agencies involved are donating. However, following the passage of the Homeland Security Act last month, the Office of Management and Budget has been working to gather the approximately $140 million in appropriations scattered throughout the bill.

The final figure will not be determined until Cooper's office figures out how much more can be transferred from existing agencies now that the department is official. However, the Office of Homeland Security is asking for $25 million to $50 million out of that $140 million to use on the e-mail directory and portals, Cooper said.

Most of that money likely will be used for laying lines and cables and paying new employees to run the offices, he said.
***********************************
Government Computer News
State sets $100 million pact with GTSI
By Wilson P. Dizard III

The State Department has negotiated a five-year blanket purchasing agreement with GTSI Corp. for hardware and software. The deal could be worth $20 million annually.

All State offices and 18 other foreign affairs agencies can buy hardware, software and support services through the agreement with the Chantilly, Va., company.

The contractknown as the State Information Infrastructure PC/LAN/WAN/Web BPAdoes not represent a new program, department spokeswoman Mary Swann said, but will support existing programs.

State is installing PCs and servers for classified and unclassified networks as it implements a global systems security plan.

******************************
Government Computer News
OPM explores outsourcing retirement systems modernization
By Jason Miller

The Office of Personnel Management on Friday released a request for information about outsourcing its Retirement Systems Modernization.

The RSM project is closely linked to the agency's five Quicksilver e-government projects, but it is not a part of the Office of Management and Budget's 25 initiatives. Interested vendors have until Feb. 21 to respond; only those vendors that respond will be eligible to bid should OPM decide to outsource the effort.

OPM analyzed the customer service operations and retirement claims processing and defined benefit record-keeping functions for the government's Civil Service Retirement and the Federal Employees Retirement systems.

The agency found that outsourcing "offers potentially lower risk and faster implementation, and may be comparable in cost to the estimated RSM baseline for some functions."

The customer service operations include all communications as well as payment adjustments.

OPM manages its claims processing and defined benefits record-keeping on paper. Through the modernization, it wants to automate manual processes, including the review of claim applications, updating of benefit pay status and appeals filings.

The retirement systems cover more than 5 million current and retired federal workers and their families. More than 2 million retirees receive payments each month and the trust has more than $450 billion in assets. The current retirement systems have interfaces with 14 federal human resources systems.
*******************************
Government Computer News
Report urges government to wade into wireless
By Vandana Sinha

Secure wireless devices have plenty of potential federal users, but first agencies must weigh their willingness to embrace the technology, according to a pair of professors who have surveyed more than 200 federal workers.

"User technology readiness plays an important role in determining whether to go for immediate deployment of wireless/mobile technology and in determining the strategy for deployment," noted Ai-Mei Chang, a systems management professor at the National Defense University, and P.K. Kannan, a marketing associate professor at the University of Maryland.

Agencies should launch wireless pilots, they said in a new report, Preparing for Wireless and Mobile Technologies in Government, sponsored by the IBM Endowment for The Business of Government. The first steps should include assessing employee readiness for wireless integration, training workers and budgeting for these products use as part of an agency's long-term strategy, the report recommended.

The report suggested using a technology readiness index, a metric that measures employees' optimism against their distrust of technology, and their tendency for innovation against their discomfort with new technology. Based on the authors' survey, the report said high levels of optimism and innovation paralleled high levels of discomfort.

Chang and Kannan recommended that agencies encourage employees to use wireless devices in their personal lives to become more comfortable with them. Agencies also should provide training classes and create peer support groups in which tech-savvy employees can walk their less-technical colleagues through wireless use.

Agencies should start with simple applications, such as mobile e-mail, before venturing into projects that demand interagency collaboration, the report said. Meanwhile, the authors called on wireless vendors to address the high-cost, interoperability, and inadequate security and privacy issues related to enterprisewide wireless use.

If agencies do not begin launching wireless technologies, they will lose out on significant data-sharing possibilities with one another, the public and industry, the report concluded.

"The coming decade is clearly the era of e-government," it said. "Societies in each city, state and country are increasingly interconnected, and citizens and customers who have experienced the improvements and efficiency that the Internet facilitates are demanding more from their governments."
*******************************
Government Executive
E-government projects aim to simplify paperwork for feds
By Amelia Gruber
agruber@xxxxxxxxxxx




Some of the administration's e-government initiatives will put pay and other human resources information online, making life much easier for federal employees, an Office of Management and Budget official said Friday.


At least six of the administration's 24 e-government initiatives will put electronic training, travel, records management and payroll resources at workers' fingertips, according to Mark Forman, associate director of information technology and e-government at OMB, speaking at an e-government conference on Friday. The initiatives aimed at federal workers will also include a one-stop recruitment center and information on simplifying the acquisitions process.


The goal is to "simplify and unify" internal agency procedures that have become inefficient, Forman said. New hires would no longer have to fill out 15 or more forms asking for overlapping, redundant information, he said. And workers could complete training from their desks, which would cost less than if agencies sent employees to courses outside the agency.


"What we envision, is a suite of human resources applications that cover the entire life cycle of government employees," said David McClure, vice president of e-government at the Council for Excellence in Government, a good government group.


The "life cycle" for employees begins with recruitment, where a centralized online "recruitment center" will provide personnel offices with the tools they need to hire candidates and job seekers with the latest information about job openings. Once hired, workers who needed a security clearance could move through the system more quickly, Forman said.


Other initiatives would create a standard e-payroll system across agencies, reduce the amount of paperwork employees have to fill out for government travel, and make the acquisition process less cumbersome. The initiatives will eventually give federal workers access to all of the financial planning resources and other tools needed to complete work rapidly, Forman said.


While technology to implement the envisioned initiatives is not completely in place, Forman said he is impressed with the progress he has seen. Getting project managers to agree on a basic vision for the projects was work enough, he added.


Forman praised leaders of the e-payroll initiative for narrowing down their search for software providers to four potential vendors. Forman also praised golearn.gov, an online training site that more than 20,000 employees used in the first two months after its launch in July.


But a lot of work remains before the programs are up and running, McClure cautioned. "The concept is great, but the implementation is difficult," he said.


Forman said that he will encourage project managers at different agencies to coordinate with one another and work as a team to develop a business model that cuts down on costs by sharing resources among the agencies. Good teamwork and support from agency executives will be the key to making the e-gov initiatives work, he said.
*******************************
Computerworld
Bay area goes wireless to secure bridges, tunnels
By BOB BREWIN
DECEMBER 16, 2002

In a homeland security project, the California Department of Transportation is using multiple wireless systems to transmit surveillance data from seven bridges and three tunnels in the San Francisco Bay area to a command center in Oakland.
The department, known as Caltrans, has completed the first phase of the $20 million Bay Area Surveillance Enhancement project. BASE includes installation of up to 15 point-to-point wireless links spanning distances of as much as 16 miles each and transmitting data at 90M bit/sec., according to IT industry executives involved in the project. The wireless technology is being tied to 250 video cameras that will use video-over-IP technology to transmit images to the command center.

Caltrans activated the BASE system at two bridges and a tunnel in the South Bay area last month and plans to turn on the rest of the technology in February. Some details of the project are due to be announced this week by Sunnyvale, Calif.-based Proxim Corp., which is supplying all of the wireless equipment.

Greg Bayol, a spokesman for Caltrans, said the BASE system was designed to help the agency and the California Highway Patrol monitor bridges and tunnels for potential security problems. The cameras are being deployed to "watch for anyone who should not be there," Bayol said.

He added that Caltrans chose wireless links instead of fiber-optic cable because of cost issues and the vast distances that the network needs to span in order to reach all the bridges and tunnels.

David Brown, a division manager at Sacramento, Calif.-based Royal Electric Co., the prime contractor on the BASE project, agreed that cost was a decisive factor in prompting Caltrans to opt for wireless links.

In an unrelated project, Royal Electric recently installed a 3-mile fiber link across one Bay area bridge at a cost of about $3 million, Brown said. He estimated that it would cost $30 million to $40 million just to put fiber-optic cables on all the bridges and tunnels that will be covered by the BASE wireless system.

Layers of Complexity

Open Computing Platforms Inc. in Moorpark, Calif., handled the wireless systems integration work for Caltrans. CEO Steve Williams described the BASE project as one of the most complex that Open Computing has ever done.

The complexity resulted from factors such as the size of the network and the need to install numerous links that cross water, which can cause multipath distortion of wireless signals, Williams said. He added that the project also required extensive frequency coordination to ensure that there won't be any interference between the BASE signals and other wireless transmissions.

That process was further complicated by the fact that BASE uses a mix of licensed and unlicensed spectrum, with most of the wireless systems operating in the unlicensed 5-GHz band, Williams said.

Multiple levels of wireless security protections are being installed in an attempt to ensure that the BASE technology can't be penetrated by unauthorized users, he noted. The protections include the use of Triple Data Encryption Standard algorithms on the signals sent by the video cameras, as well as virtual LANs and the IPsec protocol to provide additional encryption and user authentication capabilities.

In addition, Williams said the Proxim-based wireless subscriber units that are being attached to the video cameras have built-in Global Positioning System receivers. The receivers broadcast the geographic coordinates of each wireless unit to Proxim-built base stations at the bridges. If a subscriber unit is moved, the base station won't accept signals from the new coordinates, he said.

Video camera images are transmitted via wireless links to the point-to-multipoint base stations, which in most cases are connected by Ethernet to point-to-point wireless transmitters that are also made by Proxim.

Ken Haase, director of product marketing at Proxim's WAN division, said the company's equipment operates in the same frequency band as 802.11a wireless LANs. But, he said, the Proxim technology uses proprietary protocols to help boost security and throughput levels.
****************************

Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx


From owner-technews@xxxxxxxxxxxxxxxxx Mon Nov 25 14:00:29 2002
Received: from sark.cc.gatech.edu (sark.cc.gatech.edu [130.207.7.23])
by cleon.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id gAPJ0Ss18501;
Mon, 25 Nov 2002 14:00:28 -0500 (EST)
Received: from postel.acm.org (postel.acm.org [199.222.69.7])
by sark.cc.gatech.edu (8.11.6/8.11.6) with ESMTP id gAPJ0Aa13266;
Mon, 25 Nov 2002 14:00:10 -0500 (EST)
Received: from postel (postel.acm.org [199.222.69.7])
by postel.acm.org (8.9.3/8.9.3) with ESMTP id NAA33070;
Mon, 25 Nov 2002 13:53:18 -0500
Received: from LISTSERV2.ACM.ORG by LISTSERV2.ACM.ORG (LISTSERV-TCP/IP release
1.8d) with spool id 0014 for TECHNEWS@xxxxxxxxxxxxxxxxx; Mon, 25 Nov
2002 13:36:08 -0500
Approved-By: technews@xxxxxxxxxx
Received: from hq.acm.org (hq.acm.org [199.222.69.30]) by postel.acm.org
(8.9.3/8.9.3) with ESMTP id NAA14996 for
<technews@xxxxxxxxxxxxxxxxx>; Mon, 25 Nov 2002 13:35:07 -0500
Received: by hq.acm.org with Internet Mail Service (5.5.2656.59) id <W8L28YHC>;
Mon, 25 Nov 2002 13:41:49 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2656.59)
Content-Type: text/plain; charset="iso-8859-1"
Message-ID: <545947EC482B4146BAE4AA754D14773921E0E7@xxxxxxxxxx>
Date: Mon, 25 Nov 2002 13:41:42 -0500
Sender: ACM TechNews Early Alert Service <TECHNEWS@xxxxxxxxxxxxxxxxx>
From: technews <technews@xxxxxxxxxx>
Subject: ACM TechNews - Monday, November 25, 2002
To: TECHNEWS@xxxxxxxxxxxxxxxxx
Content-Length: 8088
Status: RO
X-Status: X-Keywords: X-UID: 349

Dear ACM TechNews Subscriber:

Welcome to the November 25, 2002 edition of ACM TechNews,
providing timely information for IT professionals three times a
week.  For instructions on how to unsubscribe from this
service, please see below.

ACM's MemberNet is now online. For the latest on ACM
activities, member benefits, and industry issues,
visit http://www.acm.org/membernet

Remember to check out our hot new online essay and opinion
magazine, Ubiquity, at http://www.acm.org/ubiquity

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ACM TechNews
Volume 4, Number 427
Date: November 25, 2002

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Site Sponsored by Hewlett Packard Company ( <http://www.hp.com> )
    HP is the premier source for computing services,
    products and solutions. Responding to customers' requirements
    for quality and reliability at aggressive prices, HP offers
    performance-packed products and comprehensive services.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Top Stories for Monday, November 25, 2002:
http://www.acm.org/technews/current/homepage.html

"IT Warns Against Slippery Slope to Regulation"
"Agency Weighed, but Discarded, Plan Reconfiguring the Internet"
"New Gizmos May Spark Deregulation"
"Researchers: Pull Plug on Battery Attacks"
"'Here's Looking At You' Has New Meaning: Eye Contact Shown to
Affect Conversation Patterns, Group Problem-Solving Ability"
"Nano Research Should Study Consequences"
"Radical Physicist Flatters Computer Fans"
"Planning for the Day When Silicon Rules No More"
"Straining Digital Copyright Law, Junior Paper Exposes Protection
Flaws in CDs"
"A Visionary Pays a Visit"
"The Next Chapter"
"Retooling the Programmers"
"The FBI's Cybercrime Crackdown"
"The Ghosts of Computers Past"

******************* News Stories ***********************

"IT Warns Against Slippery Slope to Regulation"
The IT industry responded to the White House's draft National
Strategy to Secure Cyberspace last week, in which hardware and
software vendors commented on recommendations that were both
promising and troubling.  The Business Roundtable praised the ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item1

"Agency Weighed, but Discarded, Plan Reconfiguring the Internet"
The Defense Advanced Research Projects Agency (DARPA) looked into
the possibility earlier this year of creating a new Internet
environment where every user would necessarily leave uniquely
identifiable imprints, just as criminals leave DNA evidence at a ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item2

"New Gizmos May Spark Deregulation"
Technology experts argue that a series of breakthroughs should
lead to a rethinking of how people use the airwaves:  Among them
are wireless technologies being developed by the Defense Advanced
Research Projects Agency (DARPA), Intel, Bell Laboratories, ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item3

"Researchers: Pull Plug on Battery Attacks"
Virginia Tech scientists Tom Martin, Dong Ha, and Michael Hsiao
are conducting research on ways to counter cyberattacks on mobile
computers that aim to incapacitate their targets by draining
their batteries.  The researchers are concentrating on three ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item4

"'Here's Looking At You' Has New Meaning: Eye Contact Shown to
Affect Conversation Patterns, Group Problem-Solving Ability"
Dr. Roel Vertegaal of Queen's University has discovered a
correlation between the amount of eye contact people receive and
their involvement in conversations, and believes this research
could have valuable ramifications for the development of future ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item5

"Nano Research Should Study Consequences"
A study authored by Glenn Harlan Reynolds of the University of
Tennessee College of Law and released by the Pacific Research
Institute (PRI) calls for nanotechnology researchers to openly
disclose the nature of their research to the public while also ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item6

"Radical Physicist Flatters Computer Fans"
This fall's Comdex trade show was unusual in that a key speaker
presented radical ideas that could be applied in the distant
future, as opposed to the present.  Physicist Stephen Wolfram,
the author of "A New Kind of Science," explained his view that ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item7

"Planning for the Day When Silicon Rules No More"
In their respective keynote speeches at the Nanoelectronics
Planet Conference & Expo on Thursday, Dr. Thomas Theis of IBM's
Research Division and Dr. Yong Chen of Hewlett-Packard
Laboratories' Quantum Science Research agreed that silicon still ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item8

"Straining Digital Copyright Law, Junior Paper Exposes Protection
Flaws in CDs"
Alex Halderman, a senior computer science major at Princeton
University, has acknowledged the possibility that he could be
sued by the music industry for allegedly violating the Digital
Millennium Copyright Act (DMCA) if he presents a junior paper at ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item9

"A Visionary Pays a Visit"
Vinton Cerf spoke about envisioning the Internet last week at the
well known Toronto Empire Club that counts many of Canada's
leading business figures as members.  Cerf believes that issues
such as the assignment of domain names, taxing e-commerce, online ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item10

"The Next Chapter"
CenterBeam Chairman Sheldon Laube sees disposable PCs as the
future of information technology, considering personal computers
can be purchased for less than $200 today.  Because it would not
make economic sense to ship a PC back for repairs, within five ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item11

"Retooling the Programmers"
Aspect-oriented programming seeks to relieve companies of many
headaches, such as the intense difficulty programmers face in
converting the needs and ideas of non-technical personnel into
usable code, as well as organizing and updating vast numbers of ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item12

"The FBI's Cybercrime Crackdown"
Cybercrime is a growing concern in Washington, especially with
experts warning that an online assault on the nation's critical
infrastructure coupled with a physical terrorist attack could
trigger chaos, confusion, and loss of life, to say nothing of the ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item13

"The Ghosts of Computers Past"
The Computer History Museum in Mountain View, Calif., contains an
archive of precedent-setting hardware and software, and museum
board member John Mashey says the need to historically document
the evolution of today's computers is critical, especially since ...
http://www.acm.org/technews/articles/2002-4/1125m.html#item14


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-- To review Friday's issue, please visit
http://www.acm.org/technews/articles/2002-4/1122f.html

-- To visit the TechNews home page, point your browser to:
http://www.acm.org/technews/

-- To unsubscribe from the ACM TechNews Early Alert Service:
Please send a separate email to listserv@xxxxxxxxxxxxxxxxx
with the line

signoff technews

in the body of your message.

-- Please note that replying directly to this message does not
automatically unsubscribe you from the TechNews list.

-- To submit feedback about ACM TechNews, contact:
technews@xxxxxxxxxx

-- ACM may have a different email address on file for you,
so if you're unable to "unsubscribe" yourself, please direct
your request to: technews-request@xxxxxxx

We will remove your name from the TechNews list on
your behalf.

-- For help with technical problems, including problems with
leaving the list, please write to:  technews-request@xxxxxxx

----
ACM TechNews is sponsored by Hewlett Packard Company.