[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips September 12, 2002

To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, CSSP <cssp@xxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, akuadc@xxxxxxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;
Subject: Clips September 12, 2002
From: Lillie Coney <lillie.coney@xxxxxxx>
Date: Thu, 12 Sep 2002 11:23:06 -0400

Clips September 12, 2002

ARTICLES

DOD seeks homeland position
Printed Web Info OK for Inmates
Terror Czar: The War Is Digital
Spam Hits Some Anti-Spammers, Who Think They Have a Culprit
Supercomputing helped save lives in Pentagon attack
Better communications could have saved lives, homeland official says
Homeland security officials eye new goods, TSA contract
Interagency report details Bush IT research priorities
GAO to study impact of H-1B program on hiring
Sept. 11: A year later, online privacy and security still weak
China Blocks Web Search Engines
Ten Choices Critical to the Internet's Success
Customers blame spam on filched lists
Digital Rights Outlook: Squishy
The hidden data in your driver's license

***********************
Federal Computer Week
DOD seeks homeland position

Defense Secretary Donald Rumsfeld is requesting that Congress authorize a new assistant secretary position focused on homeland defense.

Rumsfeld sent a letter this week to Sen. Carl Levin (D-Mich.), chairman of the Armed Services Committee, requesting congressional approval for the establishment of an assistant secretary of Defense for homeland defense, according to Rosanne Hynes, technical director in the DOD's Office of the Special Assistant for Homeland Security.

"This is something that has been discussed for quite some time," and the Bush administration has talked to lawmakers about it, Hynes told FCW after participating in a Sept. 10 panel at the Homeland Security and National Defense Symposium in Atlantic City, N.J.

DOD is actively involved in establishing the Homeland Security Department, including its information technology requirements, Hynes said, which has included frequent meetings with Steve Cooper, senior director of information integration and chief information officer for the Office of Homeland Security.

DOD is looking for opportunities to use its investment in technologies to aid the proposed department, particularly in the areas of intelligence sharing, border security and emergency response, she said.

"The DOD is not pushing any particular technology solutions," Hynes said. "We're letting them know what's available and the [agency] decides what they need."

The symposium sponsors are the Army's Communications-Electronics Command, the Association of the U.S. Army's Fort Monmouth, N.J., chapter, the Association of Old Crows' Garden State chapter, and the Armed Forces Communications and Electronics Association's Fort Monmouth chapter. *************************** Wired News Printed Web Info OK for Inmates By Julia Scheeres September 12, 2002

A U.S. District Court in San Francisco has struck down a California prison policy that bars inmates from receiving material printed from the Internet.

The American Civil Liberties Union of Northern California sued the state on behalf of Pelican Bay prisoner Frank Clement, who claimed that the policy violated his First Amendment rights.

Clement brought the case against the California Department of Corrections after he was prohibited from using an Internet pen pal service that allows inmates to post personal ads online and receive correspondence via snail mail.

California prisoners don't have direct Internet access.

A CDC spokesman said that the regulation was implemented after prison mailrooms were flooded with letters containing printouts of Web pages and e-mail messages. The volume of mail created a burden on prison staff screening inmate correspondence. He also claimed that anonymous e-mail created a security risk because it was less traceable than U.S. mail and could contain "coded correspondence" used to plan crimes outside the prison.

The court ruled that there wasn't enough evidence to support the CDC's allegations, and entered a permanent injunction to stop the state from applying the regulation.

"A prisoner's constitutional right to receive information by incoming mail is undisputed," U.S. District Court Judge Claudia Wilken wrote in her Sept. 9 decision. The ruling affects eight prisons that had adopted the policy.

Wilken said prison regulations can only impinge on this right if there is a "valid, rational connection" between the policy and a legitimate security interest, and that the CDC failed to make that connection.

She added: "There are, in short, recognized rehabilitative benefits to permitting prisoners to receive educational reading material and maintain contact with the world outside the prison gates."

The ACLU of Northern California hailed the ruling as a victory for free speech.

"It's a tremendously significant decision," said ACLU staff attorney Ann Brick, who represented Clement. "A lot of information that is valuable to prisoners can only be found online."

Many advocacy groups, such as Stop Prisoner Rape, are Internet based, and inmates have no way of accessing the information unless someone prints it out and sends it to them, she said.

In a related case, the ACLU is suing the Arizona Department of Corrections on First Amendment grounds for a policy that bans inmates from publishing information online, such as pen pal requests or personal Web pages. ************************* Wired News Terror Czar: The War Is Digital By John Gartner

PHILADELPHIA -- Invading Iraq or silencing Syria won't put an end to terrorism, but according to an influential retired U.S. Army general, figuring out how to effectively disrupt the communications of extremist factions could.

Speaking to an audience of security professionals on Wednesday, Barry McCaffrey, a security expert who advises Congress, said that winning against Saddam Hussein will be relatively easy. Protecting civil rights while battling terror will be harder.

McCaffrey, a highly decorated combat veteran, told attendees at the American Society for Industrial Security (ASIS) annual conference that the government's ability to protect the country is "only is good as the technology that backs it up."

McCaffrey said the United States' technologically advanced military could oust Hussein in three weeks, and a battle is inevitable. But removing dictators only goes so far, McCaffrey said, because most radicals aren't fighting for a country but an ideology.

Intercepting communications between the international pockets of zealots is a more significant weapon in battling terror, he said.

However, the government's initial attempts at monitoring e-mail and other electronic communications has only succeeded in "terrorizing law enforcement," McCaffrey said.

The government's current snooping system -- known as Carnivore -- makes it too easy to "enable the reading of all e-mails with only a warrant," McCaffrey said. This indiscriminate access makes it difficult for local law enforcement to find useful evidence in a sea of data.

Still, McCaffrey said the "electronic intercept of communications and satellite surveillance systems are a huge lever in battling the threat" of terrorism. He expects that "technology will be a big part of controlling who comes into the U.S."

But the general cautioned against creating a police state in which spying on citizens goes unchecked.

"We have to devise security methods that protect the Bill of Rights and allow free movement of individuals."

McCaffrey said the new Office of Homeland Security should be responsible for coordinating all government agencies' electronic sniffing efforts.

Kelly J. Kuchta, a cybersecurity expert who is chairman of ASIS' information technology security council, said private security firms have become more willing to work with law enforcement since Sept. 11, 2001. He said more companies are sharing information about cyberattacks with the FBI as part of InfraGard, a cooperative program between the public and private sectors.

While there has not been a significant terrorist attack on the U.S. technology backbone so far, Kuchta said security professionals are on the lookout. They worry that a virtual attack could coincide with another real-world one.

At 8:46 a.m., McCaffrey paused during his speech for a moment of silence to honor the victims of last year's terrorist attacks, including the 35 security professionals who perished at the World Trade Center.

McCaffrey said the United States is in a "permanent state of threat," and needs to work as part of an international effort to fight the poverty that contributes to radical belief systems.

"We need to give them something to live for, instead of a cause to die for."
****************************
New York Times
September 12, 2002
Spam Hits Some Anti-Spammers, Who Think They Have a Culprit
By MATT RICHTEL

Tens of thousands of readers of e-mail newsletters have recently been inundated with unsolicited overtures from pornography Web sites and get-rich-quick schemes, the newsletter publishers say, and they are blaming the company that manages and distributes the newsletters for them.

Particularly galling to some of the publishers is that the newsletters they send out are about ways to use e-mail to market responsibly and about the dangers of sending unsolicited e-mail, known as spam.

The publishers are blaming a company called SparkLIST.com, which offers services they use to distribute their e-mail newsletters. The reason for the accusation is that the spam has been sent to private, otherwise undisclosed e-mail addresses that are used only to receive the publishers' newsletters.

"The 10,000 people using our newsletter are now getting porno spam, and they think it's coming from me," said Andy Sernovitz, who runs GasPedal Ventures, a New York company that consults on using e-mail as a marketing tool. "I am freaking out."

Publishers are asking whether the database at SparkLIST, which is operated from Green Bay, Wis., has been broken into by hackers or otherwise compromised.

But there is no proof that the database has been breached, according to Lyris Technologies, a maker of software for anti-spam and e-mail marketing software; Lyris acquired SparkLIST in August. Steven Brown, the chief operating officer for Lyris, based in Berkeley, Calif., said the spammers might not have stolen the database at all but might instead have acquired the addresses some other way.

For instance, he said, they may be using computer programs that randomly generate e-mail addresses that, coincidentally, include addresses that belong to recipients of the newsletters. "We're trying to figure out where this has come from," Mr. Brown said.

Mr. Brown said he had referred the matter to private investigators to track down the origin of the spam.

Mr. Sernovitz and other customers of SparkLIST, which says it sends out 750 million e-mail messages on behalf of clients each month, say they are not sure what happened to SparkLIST's database, but they speculate that it has been broken into by hackers or that the data has been stolen by an employee.

The flood of unsolicited messages to recipients of the newsletters, which have hundreds of thousands of readers, comes at a time when the amount of unsolicited e-mail is already exploding. The Radicati Group, a market research group in Palo Alto, Calif., estimated earlier this year that 32 percent of the 7.3 billion e-mail messages sent each day were unsolicited commercial messages.

But the issue takes on added significance in the case of SparkLIST because a handful of SparkLIST's clients are among the best-known publishers and consultants who preach the responsible use of e-mail for marketing. Mr. Sernovitz, for instance, started the Association of Interactive Marketing, an early anti-spam organization.

Other publishers who say their e-mail addresses have been compromised include Anne Holland, who publishes a newsletter called MarketingSherpa, and Ralph Wilson, whose newsletters include Web Marketing Today and Doctor Ebiz.

Mr. Wilson said he relied on SparkLIST to send out five different newsletters to about 200,000 recipients. He recently sent an e-mail message to his clients saying, "We are all victims of vicious spammers."

"Can you imagine?" said Ms. Holland, who uses SparkLIST.com to send five separate newsletters to about 100,000 people. "We're the ones who send out newsletters about how to send out permission-based e-mails, and how to market responsibly."

Mr. Brown of Lyris said the company had received complaints from only five customers.

Mr. Sernovitz and Ms. Holland said the company was playing down the problem.

Ms. Holland has reported the matter to the Federal Bureau of Investigation. She said she knew of some 20 other SparkLIST customers, including one public media company, whose newsletter recipients have been receiving spam.

Mr. Sernovitz said SparkLIST's chief executive, Chris Knight, had told him that there were dozens of companies whose e-mail databases had been compromised. Mr. Knight declined to comment.

The issue has ignited a minor debate among the people who write and work as consultants in the field of e-mail-based marketing.

Ms. Holland, for instance, said that companies that act as Web hosts, like SparkLIST, had a responsibility to protect their databases of e-mail addresses from being broken into, in the same way that financial companies must encrypt credit card information.

"We didn't know there was a problem with security that could affect us," she said. "What we've learned is that most lists are in danger today." **************************** Government Computer News Supercomputing helped save lives in Pentagon attack By Dawn S. Onley

When terrorists crashed a jetliner into the Pentagon last year, 125 people in the building were killed. More would have lost their lives if part of the building hadn't been recently renovated with reinforced steel beams and blast-resistant windows, according to an Army official.

The Army Corps of Engineers simulates bombings and uses supercomputers to model the effects bombs would have on different structures, said Dennis Van Derlaske, who works in the Office of Assistant Secretary of the Army for Acquisition, Logistics and Technology. Part of the modeling included testing more than 100 window designs using supercomputers, Derlaske said. The windows installed cost $10,000 apiece.

Derlaske spoke yesterday during a discussion at the Homeland Security and National Defense Symposium in Atlantic City, N.J.

The Corps of Engineers now uses supercomputers for analysis of the Sept. 11 attack on the Pentagon, to see which structures held up and which toppled under the impact.

"The Army successes were due to technology just put in place to enhance protection, recovery and retaliation," Derlaske said. ************************ Government Computer News Better communications could have saved lives, homeland official says By Dawn S. Onley

The lack of an interoperable communications system for first responders could have led to the deaths of several hundred firefighters trying to save lives on Sept. 11, an Office of Homeland Security executive said today at the Homeland Security and National Defense Symposium in Atlantic City, N.J.

Charles E. Cape, special assistant for wireless technology to the CIO of Homeland Security and special assistant to President Bush, said New York City police officials knew the World Trade Center towers could tumble at any moment, but they could not get the information to 300-plus firefighters in time.

"A lot of interoperability issues arise from job protection issues where everyone says we have to have our own radio systems, and we don't need to talk to any one else," Cape said.

During those first frantic hours Sept. 11, Cape said, "police knew the buildings were going to collapse, but they could not communicate with the firefighters."

Having communications systems that are interoperable helps federal, state and local officials plan operations in a more organized manner and, ultimately, can save lives, agreed Don Eddington, chief of the Center for Information Technology Integration at the Defense Information Systems Agency.

Eddington said local and state authorities weren't the only agencies struggling with jammed phone lines or broken phones in New York. The Defense Department had a tough time getting information to first and second responders as well, he said.

"DOD couldn't talk to state officials, state officials couldn't talk to city officials," Eddington said. *************************** Government Computer News Touch-screen voting machines don't solve Florida problems

By Trudy Walsh
GCN Staff

It was déjà vu all over again. In a scenario reminiscent of the November 2000 elections, confusion and equipment malfunctions in Florida's primary yesterday prompted Gov. Jeb Bush to keep the state's polling places open two hours beyond their regularly scheduled closing times.

Bush said he was issuing the order because of "substantial delays in the opening of certain polling places in Broward and Miami-Dade counties." Bush also attributed the delays to the "major technological and procedural changes" mandated by the revision of the state's election code.

The state had spent what Bush called a significant sum of money on new voting machines and training.

Bruce Eldridge, assistant supervisor of technical services for the Broward County Elections Office, did not see the delays as purely a result of voting machinery gone awry. "Technology is not the answer," Eldridge said. "Elections are a people-oriented process. I think the technology failed us in several instances, but the major problems were human factors."

"I don't know yet the exact incidence of equipment failure," Eldridge said. "Once our tech teams have been out to the precincts to evaluate the failures, I'll have an answer."

Part of the problem was that some poll workers did not show up for duty, Eldridge said.

"You know how the stock market has what they call a 'triple witching hour,' where many events happen at once? Well, that's what happened this year in Florida," he said. Yesterday was the first statewide use of new election rules and procedures, new equipment, and new precincts. "We were really being stretched," he said.

Broward County used iVotronic touch-screen voting machines from Election Systems and Software Inc. of Omaha, Neb. The company's Web site says the equipment makes "election day operations and voting easy and straightforward." ************************* Government Executive Homeland security officials eye new goods, TSA contract By Shane Harris sharris@xxxxxxxxxxx

The agencies that would move into the proposed Homeland Security Department are anticipating an information technology spending spree, and they've got their eyes on tools to improve border security, analyze data about terrorism and coordinate emergency responses to terrorist attacks, according to a senior official at the Office of Homeland Security.

Speaking at a luncheon Tuesday in Northern Virginia, Jim Flyzik, the former Treasury Department chief information officer now assigned to the Office of Homeland Security, told technology executives from dozens of federal contractors that the new department would become a major consumer of information technology goods and services. It would mean a boom in business for technology companies, he said.

At the top of agencies' purchasing lists, Flyzik said, would be technologies that directly enhance the mission of the proposed department, which covers border security, countermeasures to weapons of mass destruction, coordination of emergency responders and the analysis of intelligence. Software to "mine," or sift through and analyze data, and route it to the agencies that could best use it will be among the top purchases, he said. Also, equipment to verify identity, such as biometric readers that scan fingerprints or retinas, will be in demand since they'll play a key role in increased security efforts, Flyzik said.

In a videotaped message, Vance Hitch, the Justice Department CIO, said security agencies would deploy biometrics technologies on an "unprecedented" scale. The Justice Department's Immigration and Naturalization Service, which protects U.S. borders, would be moved into the new department. The FBI would not be moved, though officials there have said the bureau and the Homeland Security Department would work hand-in-hand. FBI Director Robert Mueller has said the bureau wants to buy new data mining and analysis technologies.

Flyzik said security agencies also would buy collaboration software to let them share information electronically; computer applications that create maps and three-dimensional models to better coordinate emergency responses; simulation and computerized modeling programs to help predict attacks; and wireless communications devices to let police, fire and other emergency response workers talk with one another simultaneously, something they couldn't do last Sept. 11 after the attacks on the World Trade Center and the Pentagon.

While homeland security will drive the government's biggest technology spending plan in five years, Flyzik noted that the money hasn't arrived just yet. The president's fiscal 2003 budget, which Congress hasn't passed, calls for approximately $52 billion in IT spending, an increase of more than 15 percent over the previous year.

While some firms profited from government purchases made with emergency supplemental funds immediately after last year's attacks, most companies have spent the time since then setting up homeland security sales and marketing divisions to reap the bounty of next year's budget. At the same time, the Office of Management and Budget is trying to consolidate overlapping technology projects in the security agencies, which could lead to some existing contracts being shut down, Flyzik said.

Now that agencies have identified some of what they want to buy, they'll have to find a way to buy it. There have been few new procurements for homeland security-related technology in the past year, but the biggest of them all has caught the attention of security agencies. The Transportation Security Administration last month awarded $245 million in work to Unisys Corp. under a contract to create a telecommunications and technology infrastructure managed by the private sector. More than $1 billion could eventually be awarded under that contract, called the Information Technology Managed Services program, which Flyzik endorsed as an effective way to farm out government work to private corporations.

The TSA contract lets vendors develop plans for meeting the agency's goals, rather than asking the agency to come up with a list of requirements that companies then fulfill. Acquisition Solutions Inc., a consulting firm in Chantilly, Va., developed the concept for TSA. The firm's executives are pushing the method as an overall acquisition strategy for the Homeland Security Department. Flyzik said that the TSA contract could serve as a model for the department when it buys technology goods and services.


"The TSA vehicle?is the way to do things," Flyzik said.
*****************************
Government Executive
Interagency report details Bush IT research priorities
By William New, National Journal's Technology Daily

A new interagency report details the Bush administration's fiscal 2003 budget priorities for the research and development program of long-term networking and information technology. The report shows an emphasis on high-end computing and software development next year.

"This program has been in progress for over 10 years and continues to be strongly supported by Congress and the current administration" said Cita Furlani, director of the National Coordination Office for Information Technology R&D. "It's really a big benefit to the nation because each agency leverages the other agencies' resources and we get the best bang for the taxpayers' buck."

The program coordinates IT R&D efforts for more than a dozen agencies and offices, such as the National Science Foundation and offices in the Commerce, Energy and Defense departments, with the goal of leveraging resources. John Marburger, director of the White House Office of Science and Technology Policy, headed the task force that prepared the report. The so-called "Blue Book" is required annually under the 1991 High-Performance Computing Act.

This year's report focuses on the importance of IT R&D to homeland security. As demonstrated by the use of prototype robots helping in the World Trade Centers recovery to computer networks protecting critical infrastructure, IT R&D is playing an increasingly vital role in security efforts, the report says.

The administration has requested an increase for the overall program from $1.83 billion in fiscal 2002 to $1.89 billion in fiscal 2003. The biggest proposed increases among the agencies are for the National Institutes of Health, from $295 million to $327 million, and the National Aeronautics and Space Administration, from $181 million to $213 million. The Defense Advanced Research Projects Agency would receive a boost from $218 million to $223 million.

The report analyzes seven categories of IT R&D spending for 12 agencies and offices. The biggest proposed increases would be for: high-end computing infrastructure and applications, from $516.5 million to $547.1 million; high-end computing R&D, from $272.4 million to $299.4 million; software design and productivity, from $182.1 million to $196.7 million; and social/economic/workforce, from $84.9 million to $91.4 million. Human computer interaction and information management would see a slight increase, from $308.1 million to $309.2 million.

Decreases were proposed for the remaining two areas. Funding for large-scale networking would drop from $333.5 million to $317 million, and investments in high-confidence software and systems would fall from $132.2 million to $128.2 million.

The report may aid Congress as it begins the final stages of the fiscal 2003 appropriations process, congressional sources said.

"I think what this report shows is the NITRD program is successful, important and it's working," House Science Committee spokeswoman Heidi Tringe said. "I think it really demonstrates that all the research in this age relies on IT, from life sciences to weather forecasting. Research in any of those areas is not going to reach its potential without R&D." **************************** Computerworld GAO to study impact of H-1B program on hiring By PATRICK THIBODEAU SEPTEMBER 11, 2002

WASHINGTON -- There's no shortage of anecdotal reports from U.S. workers that the H-1B visa program is costing Americans jobs. But proving it has been elusive because companies don't disclose whom they hire or lay off. That's a problem facing the U.S. General Accounting Office as it embarks on a study to answer a question posed by two Democrats on the U.S. House Science Committee: Do companies show a preference for retaining H-1B workers, and if so, why?

The GAO study, due out sometime next year, is expected to arrive during a congressional debate on whether the cap on the controversial program should be allowed to shrink from 195,000, its level for the past two fiscal years, to 65,000 after the next fiscal year ends on Sept. 30, 2003.

The H-1B program is a contentious issue in the technology community. Critics charge that in many cases, foreign workers are hired because of their willingness to work for lower wages and fewer benefits. Industry groups counter that the U.S. doesn't supply enough workers with technical skills to meet demand. H-1B employees, hired for certain technical skills, can work in the U.S. for six years through the visa program, and possibly longer under some exceptions.

The value of the upcoming report will rest on the strength of its data. But GAO officials haven't determined how to research the H-1B program's impact, and agency officials are now planning to meet with House Science Committee staff members to discuss a research methodology, according to agency and congressional staff members.

The plan is already drawing criticism from one H-1B advocate. Harris Miller, who heads the Information Technology Association of America in Arlington, Va., said he believes that the latest H-1B usage data is proof enough that the program isn't being abused.

The U.S. Immigration and Naturalization Service recently reported that it granted 60,500 H-1B visas in the nine-month period that ended June 30, representing a 54% drop from the same period last year.

"The numbers speak for themselves," said Miller. The downturn shows that H-1B's critics are wrong about the visa program serving as a supply of cheap labor, he said.

"If they [the H-1B opponents] were right, which they are not, there would just be as many H-1Bs today as a year ago," said Miller. Given the pressure on companies to cut payroll, he said, wouldn't they use "more H-1Bs rather than less H-1Bs during an economic downturn?"

But George McClure, who heads the career policy committee of the Institute of Electrical and Electronics Engineers Inc., points to rising unemployment numbers for computer and electronics engineers, along with reports from IEEE members who say they have lost jobs to H-1B workers.

"We've got lots of unemployed members ... who can do the jobs that they are bringing in H-1Bs for," said McClure. He said he has heard from engineers who were instructed to train H-1B visa holders and were then laid off.

But McClure said he doesn't know how the GAO can accurately assess the situation, other than to talk to affected workers and hear their stories.

"If the concern is with unemployment, then they ought to be talking to some of the people who are unemployed," said McClure.

U.S. Reps. James Barcia and Lynn Rivers, both Michigan Democrats and House Science Committee members, requested the GAO study a year ago. The GAO divided their request into two parts, starting with a study on the effectiveness of a training program that has been funded through H-1B fees. That report is due in a matter of weeks.

The H-1B training program, which has collected $138 million fees paid by employers who sponsor H-1B visa holders, has been called "ineffective" by the Bush administration because it isn't providing training that would lessen demand for H-1B workers.

These visa holders typically have bachelor's and, in many cases, advanced degrees. But a lot of the training programs are being used to prepare workers for low-tech jobs such as installing cable, the administration said.

The Bush administration's position was determined before anyone had evaluated the training program, said one congressional staff member familiar with the GAO study. That study may yet find some value in the program, he said. *************************** Computerworld Sept. 11: A year later, online privacy and security still weak By Andrew Brandt, PC World SEPTEMBER 11, 2002

A year after the Sept. 11 terrorist attacks, average Americans are subject to more surveillance when they go online, and their Internet-connected PCs may not be any safer from intruders, some experts say. On the other hand, some of the laws that opponents and privacy advocates claimed would compromise privacy were quashed. For example, Congress rejected measures restricting the distribution of encryption software and implementing federal identification cards.

And while passage of the Patriot Act has reduced privacy expectations, early reports don't indicate that the U.S. government is abusing its new powers to eavesdrop on its citizens' online conversations.

Then again, said Jennifer Granick, director of Stanford University's Center for Internet and Society, "it's too soon for horror stories."

There is little debate, even from vociferous privacy advocates, that online investigations are an important part of the war on terror. Yet there remains plenty of concern that an overzealous online hunt for al-Qaeda threatens the privacy rights of law-abiding Americans.

"The idea that the average citizen doesn't need privacy is really antithetical to the American way of life," Granick said. "One isn't really free if one is always watched."

But ordinary Americans are being watched more carefully -- in more public places, by more people -- than they were 12 months ago. In the year since the attacks on New York and the Pentagon, "there's a renewed interest in new surveillance technologies, even when it's not required," said Lee Tien, a senior staff attorney at the Electronic Frontier Foundation. For example, biometric security is drawing increased interest. But "biometrics is at the end of the security continuum that is the most damaging to privacy," Tien said, adding that he worries that the technology is "not ready for prime time in a high-security environment."

"Privacy has taken some body blows," Tien said. But data-gathering alone won't bring greater security unless investigators properly evaluate and share the information, he said.

Cybersecurity plan raises questions

Peter Swire, a law professor at Ohio State University who was chief counselor for privacy issues in the Clinton administration, has concerns about the Bush administration's proposed cybersecurity program. "There are early reports [that say] they will collect large amounts of traffic data, such as who calls whom, what's in your e-mail and where you surf," Swire said.

The Bush administration has declined to comment on the proposal until its scheduled release later this month. Congress is expected to continue work on its Cyber Security Enhancement Act, as well.

The concern isn't limited to advisers who worked for Clinton. Conservative think tanks, which traditionally tend to favor Republican administrations, are also edgy about increased surveillance.

"We have lost a lot with the government's ability to sift through e-mail" under the Patriot Act, said Clyde Wayne Crews Jr., the Cato Institute's director of technology policy.

"Ordinary individuals can get caught in that net if it's cast too widely," Crews said. Still, he noted, "two key areas of interest -- encryption and privacy -- have gone pretty much in the tech community's favor. We retained the use of encryption, and we don't have a national ID card."

And while the Department of Justice doesn't take privacy concerns lightly, it also said the Patriot Act doesn't damage civil rights.

"I don't view security vs. privacy as a zero-sum game," said Christopher Painter, deputy chief of the Justice Department's Computer Crime and Intellectual Property Section. "You don't have to choose one over the other, and I don't think they're necessarily in conflict."

Security still a problem

Overall, computer security hasn't improved much in the past year. The continued nuisance of persistent worms and viruses such as Klez is punctuated with almost-weekly news alerts about dangerous network security vulnerabilities involving Microsoft Windows and its applications.

So far this year, Microsoft Corp. has issued 50 security bulletin warnings about vulnerabilities in its applications and operating systems. These bulletins, intended for systems administrators and security professionals, give details for fixing serious security-related flaws. Microsoft issued only 60 such alerts in all of 2001. Because Microsoft's products are so widely used, its security problems are everyone's problem, Tien said.

"Security is an easy thing to do badly," Tien said. "The problems in this one product [Windows] cause problems across an entire industry. Real security doesn't have these kinds of cascading interdependencies between systems."

Even though Microsoft and other companies are becoming more diligent about quickly patching security holes, the sheer volume of announcements about flaws is reaching a fever pitch. The problem now is keeping up with the flood, Crews said.

"You've got sysadmins who don't have firewalls in place; you've got sysadmins running servers without downloading the latest security patches," Crews said. "These problems don't come from terrorists."

Nevertheless, the Justice Department's Painter believes that the Internet may actually be safer overall, although not necessarily thanks to the laws passed after Sept. 11. Painter said people are simply paying more attention to keeping their PCs secure.

Protecting cyberspace requires guarding both physical and virtual assets, Crews said. "The Internet is different from every other kind of critical infrastructure we want to protect," he said. "You can keep bad guys off the property if you're protecting a building, but you can't keep people off the Internet."

He also worries about the U.S. government leading the effort. "If we depend on the government to protect cyberspace, we may be disappointed. Its networks are notoriously insecure," Crews said.

The biggest danger is terrorist hackers coordinating a cyberattack with an attack against a physical target, Crews said. That scenario has been considered by government and private-industry security experts.

"Imagine if hackers had taken down the air traffic control system [at the same time as the Sept. 11 attacks]. Key sectors would be taken down in conjunction with a 'meatspace' [real-world] attack," Crews said.

Better response to cyberattacks

Painter argues that computer security is better today. He cites more-stringent federal law enforcement efforts and an invigorated industry-FBI computer crime-fighting partnership called InfraGard.

"There's a stronger law enforcement response [to computer crime]," Painter said. "Our sections have grown in manpower, and the Secret Service and other federal law enforcement agencies are taking these kinds of cases more seriously."

But the threat of coordinated attacks isn't the only cause for concern. Privacy advocates caution against granting wide powers, especially involving surveillance, without also imposing oversight.

"Most of us do our job better if we're held accountable for how we do it," Swire said. "Any suspected attack on any computer on the Internet now constitutes an emergency" under the Patriot Act. Government can trace first and ask questions later, he said.

The legal standards required to justify some kinds of surveillance are lower in the post-Sept. 11 world. For instance, the Patriot Act leaves e-mail less protected from surveillance than a phone call.

"You might say this pay phone I'm standing at right now might be used anonymously [by a terrorist]," said Tien, "but that doesn't mean you should monitor all pay phones. 'It might happen' is a recipe to do away with civil liberties entirely." ************************* Washington Post China Blocks Web Search Engines Country Fears Doors To Commerce Also Open Weak Spots

By Peter S. Goodman and Mike Musgrove
Washington Post Staff Writers
Thursday, September 12, 2002; Page E01

SHANGHAI, Sept. 12 (Thursday) -- China's government has begun blocking access in recent days to two widely used Internet search engines, Google and AltaVista, intensifying its effort to control the flow of information while at the same time embracing the profit-making potential of the global computer network.

This morning Google's site was again accessible, with no explanation. But some content linked to the site remained blocked -- for example, Tibetan independence sites. AltaVista also still appeared to be blocked.

China's broadening censorship highlights the central tension underlying its transition from a closed and centrally planned economy to one where market forces hold sway: The Communist Party remains committed to maintaining its monopolistic grip on political power by controlling what Chinese people see and read, but it also wants private investors to take over the state's role as the engine of economic growth. That requires that investors be given free access to information and modern communications.

China's government has sought to serve these conflicting aims by allowing the Internet to spread while filtering out content it views as a threat. The government began blocking Google early this month and AltaVista this week.

More than 45 million Chinese use the Internet. The government often blocks access to Western news sites such as the New York Times, The Washington Post and the British Broadcasting Corp. But China traditionally has not interfered with search engines, the most widely used tools for finding information on the Web.

Recently, however, the government discovered that the search sites amount to a gap in its armor. China's Internet users have been able to link through Google to sites operated by the Falun Gong religious group, which the government has banned as a cult, as well as those run by advocates for Tibetan independence. Google is a particularly effective bridge to such content because it has an excellent Chinese-language search capacity.

At a news conference last week in Beijing, an official with China's Ministry of Foreign Affairs, Kong Quan, declined to comment specifically on the Google case, but he acknowledged that the government is concerned about "harmful things on the Internet" and said that "this information should not be allowed to pass freely."

A Google Inc. spokesman said the company was notified by its users that its site was being blocked. "We are currently working with Chinese authorities to resolve this issue," Google said in a statement.

AltaVista Co. spokeswoman Joanne Hartzell said the company is not sure its site is being blocked. "We haven't received any official notification from the Chinese government," she said. AltaVista has contacted the Chinese consulate in San Francisco but has not heard back. The company has been directing users in China to an alternate address for its search service, Raging.com, which is still accessible.

According to sources with knowledge of the decision, China's leaders opted to block Google indefinitely after discovering that a search using the name of China's president, Jiang Zemin, yields a trove of articles from Chinese-language newspapers in Taiwan, Hong Kong, Australia and the United States that are not allowed to circulate here. Many of the articles explore the intrigue surrounding the upcoming national Congress of the Communist Party, at which Jiang is expected to begin the process of turning power over to a new generation of leadership.

"The amount of information that was available via Google was shocking to the leadership," one source said.

Though China has thus far proven adept at courting investment and opening its economy while still maintaining strictures on information, its move against search engines has heightened the conflict. Some analysts say it could hurt China as a climate for investment. Barring access to certain news sites inconveniences some people, but news can still be found elsewhere. Google, on the other hand, is widely hailed as irreplaceable, by far the best means of taming the Internet's gusher of data.

"China is putting itself at a competitive disadvantage," said Joel T. Kotkin, a global technology expert at Pepperdine University's Davenport Institute for Public Policy. He noted that China is increasingly encouraging a returning diaspora of Western-educated citizens to build new, innovative businesses that can replace China's failing state enterprises -- people such as David Y. Chen.

Chen, 34, was born in China and has studied and worked in Australia, the United States, Hong Kong and Taiwan. He is the president of Harcourt Cos., a Shanghai-based holding company that has invested about $20 million in telecommunications, software and Internet ventures here over the past two years. Chen complained that the lack of access to Google is impeding his ability to find new investments.

"This kind of thing should not happen," he said. "Information is so important in today's business. We believe in China's economic growth, and that's why we're still here, but it's very important for us to be able to access good information."

When China started blocking Google, typing in the site's address generally produced an error message, as if the page did not exist. Last weekend, China's censors implemented a new technique: Those seeking Google's page were diverted -- "hijacked," in the parlance of the World Wide Web -- to different search sites based in China.

In Beijing and Shanghai, some Google seekers have been diverted to a search site run by Beijing University, which posted a message denying responsibility. Others were taken to Baidu.com, a Chinese-language Google competitor backed by International Data Group, the American-based media giant.

The hijacking has fueled speculation that traditional concerns about banning sensitive material are being creatively employed as a lever in a modern-day competition for market share. The extra traffic on the Chinese search engines will boost ad revenue. Baidu's marketing director, Bi Sheng, said traffic to his site has increased noticeably, though he said the company has no knowledge of how the redirection from Google occurred.

But most analysts think the search engine blocking is simply a case of China's leaders asserting their grip. "The Chinese government is really insecure about letting people use infrastructure that they don't control," said Will Foster of Arizona State University, an expert on Chinese Internet use.

"Basically, they want Chinese people to use Chinese search engines instead of Google," he said. "The party has decided that the Internet is the path to prosperity -- it just needs to be safeguarded. They're trying to basically make people feel that the government is watching, to make sure that people don't use the Net for discourse that involves criticizing the government."

China's control over the flow of information owes much to the unique architecture of its computer networks. The Internet is a global web of interlinked computers that swap information, but China's government has limited the places where its networks can link to those in other countries. Only nine such networks are allowed to connect via satellite and undersea cables to the computer systems of the rest of the planet. The rest of China's Internet service providers are dependent on buying wholesale links from one of these giants.

Sixty to 80 percent of China's Internet traffic is carried by just one of these large players: ChinaNet, which is operated by the state telephone company, China Telecom. When China's content minders want to shut down access to something, they can easily use one of these major choke points. They simply program the routers -- which function something like railroad switches -- to reject data from certain sites.

"They are as capable of flipping a switch and turning off those sites as you are capable of flipping a switch on your Windows desktop and shutting off a program," said Ben Edelman, a Harvard University law student who has designed a program to tell which sites are being blocked in China.

In the past two years, China's methods of combating unwanted content have grown markedly more sophisticated, experts say. Much like Carnivore, the controversial FBI program that sifts through millions of e-mails to search for key words, China has been implementing new programs that can block articles that mention "Tibet" or "Falun Gong" but allow access to the rest of the site that holds them. The government appeared to use that approach to Google's site this morning. Such programs also can monitor e-mail.

Experts say these systems employ routers made by Cisco Systems Inc. and a range of software, some purchased off the shelf from major Western companies and some developed here.

"While it may be our equipment, there's a range of functions on how it can be implemented, and that's up to the customer," said Cisco spokeswoman Melissa Kendrick. "The products that Cisco Systems sells in China are the same that Cisco sells worldwide." She added that none of the company's products is built or designed specifically for the Chinese government, nor is Cisco the lone supplier.

China also has used the appeal of its potentially enormous market to persuade Western companies to censor their own content in exchange for the government's blessing to operate here.

Yahoo Inc. built its brand name by portraying itself as a liberating force. In an address at the National Press Club in April 2000, Yahoo co-founder Jerry Yang referred to China as "a governmental system that is very incongruent to the Internet," while offering hopes that expanding trade would allow "the best benefits of the Internet" to take root. This year, in March, Yahoo's affiliate in China signed an agreement to voluntarily block access to certain sites.

AltaVista chief executive James Barnett said his company is unlikely to follow that route.

"There's a business issue here, but there's a much more important and broader issue as well," he said. "Censorship just flies in the face of everything we're about as a company. We're about open access to information." ******************************* News Factor Ten Choices Critical to the Internet's Success

How did technologists, government officials and a host of other early players turn something with no obvious business model into a system that has become so intrinsic to the new century? A series of decisions proved critical - choices that helped turn data transport into a commodity business and put the power in users' hands, not in the centralized telecommunications companies' controlling grasp. [Full Story http://www.newsfactor.com/perl/story/19382.html] **************************** News.com Customers blame spam on filched lists By Troy Wolverton September 11, 2002, 4:22 PM PT

E-mail management company Lyris Technologies on Wednesday said it is investigating spam complaints that may involve hundreds of thousands of compromised customer e-mail addresses. At least three current and former Lyris customers this week complained that recipients of their e-mail newsletters have been receiving spam. MarketingSherpa.com, a publisher of online marketing newsletters, suspects that all eight of its mailing lists have been compromised, said Anne Holland, the company's founder. More than 20 other publishers, who combined have more than 2 million e-mail addresses on their lists, have also contacted Holland saying their Lyris-hosted lists have been compromised.

"We contacted Lyris immediately," Holland said. "Anytime you get a spam complaint from readers, you have to take it very seriously. It could kill your entire company."

About five of the 1,000 customers who have their distribution lists hosted by Lyris have contacted the company with spam concerns, said Steven Brown, the company's chief of operations. The company has hired Word to the Wise, an outside consulting firm, to investigate the matter, Brown said. So far the company has no evidence that the lists on its servers have been compromised.

"We're trying to be as responsive as we can," Brown said. "We try to take this stuff pretty seriously."

Word to the Wise is sorting through the data it has, including the spam messages that have been forwarded by Lyris customers, said Laura Atkins, the company's chief executive officer. So far, the company doesn't know whether the spam was the result of a compromise of Lyris' servers, Atkins said. Atkins said she expected to have some initial conclusions by early next week.

"There's no clear picture as to what it is. It's hard to tell," Atkins said. "We are head-down investigating as fast as we can."

Security vulnerabilities on the Web are not a new thing. A hack at Amazon.com-owned Bibliofind last year compromised nearly 100,000 customer records, including credit card numbers. A security breach at Egghead temporarily exposed the records of 3.7 million of its customer records in late 2000.

But hackers targeting servers just for their mailing lists is a novelty, said Jason Catlett, president of Junkbusters. Spammers can buy millions of e-mail addresses on a CD, although many of them are stale or wrong, he said. Additionally, much spam is sent through attacks where spammers send e-mail to a number of similarly spelled addresses at a particular domain, hoping their message will reach a good address, Catlett said.

But mailing lists with good addresses of a targeted audience are a valuable item.

"In the envelope world of marketing, lists are routinely stolen by employees that are moving to another company," Catlett said. "I don't have any evidence that that happened in this case, but it's happened in the offline world, and it wouldn't be implausible if it happened online."

Lyris is investigating whether a disgruntled employee stole its lists, Brown said. Lyris bought rival SparkList.com last month and hired only three of SparkList's 20 to 25 employees, he said.

"That's always a touchy issue," Brown said. "The fact of the matter is that one business bought another, and some people were brought along and some people weren't."

The customers who talked with CNET News.com said their lists formerly had been hosted by SparkList.

Canning spam Spam, or unsolicited e-mail, has been overwhelming the servers and in-boxes of many Net users, forcing some companies and organizations to take drastic measures to block it. Last month, Yahoo found its stores site blacklisted by Mail Abuse Prevention System, an organization whose lists of suspected spammers are used by other companies to block Web or e-mail access.

Holland and Andy Sernovitz, a former customer of SparkList and chief executive officer of e-mail marketing firm GasPedal ventures, said they became aware that their lists had been compromised in early August. Both received e-mail from people on their mailing lists saying that they had received spam. Both said they had not sold their mailing lists.

Both Holland and Sernovitz, whose mailing list has some 10,000 subscribers, said they were frustrated by how Lyris responded to their reports of the compromise. The company didn't start trying to address the issue until the last several days, Holland said.

"I do understand they've been extremely busy with the merger," she said. "But did they take this as seriously as they should have? No."

Lyris first started receiving reports of spam being sent to recipients of its hosted mailing list in early August, Brown said. The company hired Word to the Wise "a couple days ago," he said.

Still, Brown said that it was unclear from the messages sent by the company's clients that there really was a problem, especially considering how few of its customers had reported spam.

"The information we've been given is pretty spotty," he said.

Still, Lyris should have come forward immediately and acknowledged the problem, Sernovitz said.

"Every time a high-tech company tries to hide, they always get busted," he said. "The longer they hide it, the worse it gets. People understand if you get hacked. The question is how do you respond."

Ralph Wilson publishes four e-business newsletters. He suspects the two mailing lists that are hosted by Lyris were compromised. He warned his subscribers to that effect in an e-mail message earlier this month.

Wilson declined to talk about his conversations with Lyris about the compromise. But he said that his subscribers thus far had received few spam messages as a result.

"I'm not saying that I'm not concerned about it," Wilson said. "I'm very concerned about it. But at this point, I don't think people are receiving huge amounts of spam as a result. That makes me feel good so far." *************************** Wired News Digital Rights Outlook: Squishy By Brad King

Media companies are singing a new song that could be called "Get Squishy With It."

The long-running debate over how much digital rights management is too much has changed. Now it's about just how much copy protection files should include, and media companies believe they have the answer: squishy security.

"We need interoperable DRM products that allow people to never feel the walls (of security)," said Ted Cohen, vice president of new media at EMI, one of the five major music labels.

It's not a new idea, but it's starting to resonate with Congress. At a recent government hearing, Philip Bond, undersecretary of commerce for technology, opened the debate by saying that he wanted a world with "a consistent and reliable and predictable level of legitimate copyright protection."

That's a frightening turn for consumer advocates and technologists who argue that DRM fundamentally alters the way people use their computers, televisions and stereos.

It's the word "legitimate" that bugs consumer advocates because nobody is quite sure what that means. They argue that fair use rights -- which allow people to listen to a copy of a CD in their car, for example -- have eroded in the quest for security, even the squishy kind.

"Those who aren't for überprotection are being labeled as pro-piracy," said Robin Gross, staff counsel for the Electronic Frontier Foundation.

The concern has basis. Judges determine fair use case by case, but technology companies are being asked to develop DRM systems that determine ahead of time what people can and can't do with files. In many cases, there are no precedents for DRM companies to draw from.

"Technology implementers can only do what they are told to do, and technology can only do what it's programmed to do, and right now, they are defining a perverted version of the law, because that is all they can do," said John Erickson, systems program manager at Hewlett-Packard's research lab.

With no firm guidelines, technology companies have started looking for more squishy security measures.

The latest idea comes from Thomson Multimedia. It's a Super MP3 file with better sound quality. Next year, it will get a video component as well, allowing entertainment companies to encode a song along with a video, album cover, lyrics and other information.

The twist: The Super MP3 will come with a tracking signature -- a digital fingerprint -- that will identify the PC that made it.

"People will pay for better MP3s," said Henry Linde, Thomson Multimedia's vice president of new media business. "If the MP3 file that Brad King encodes shows up on a system, we will know where it comes from. We call it lightweight DRM, but it won't prevent you from doing anything."

It's radically different from Microsoft's solution, which comes with proactive restrictions.

The DRM debate has been contentious. Entertainment companies claim they've been losing their shirts, while technology companies say the restrictions prohibit them from creating new products.

Music and movies are flying across file-trading networks, available on demand for millions of Internet users worldwide. Napster brought the debate to the masses. The five major record labels sued Napster, which had 70 million users at the time. The Recording Industry Association of America claims $4 billion in losses, and the Motion Picture Association of America claims it's lost $3 billion -- though it doesn't quantify physical versus digital piracy.

Such figures are suspect, however, because they guess at potential losses, which haven't always held up to further scrutiny.

When the FBI cracked down on hackers in 1990 for snatching and posting a confidential technical 911 phone manual, the prosecutors put a price tag of $79,449 on the document, according to Bruce Sterling's account in The Hacker Crackdown. The figure was based on labor, hardware and software costs.

Defense lawyers countered that AT&T sold a similar document to the general public for $13.

It's true that millions of people are sharing files through networks like Kazaa and Gnutella and instant messenger programs like AOL Instant Messenger and Yahoo Messenger. But it's impossible to put an accurate dollar figure on how much -- or even if -- it's costing the entertainment business.

It's the staggeringly quick adoption of technology, and the speed with which it's improving, that has media companies searching for answers -- even squishy ones.

"As technology makes things easier to do, the concepts we grew up with -- sharing a tape with a friend, making a mixed tape -- turned from sharing an LP with a friend into plugging in an iPod and downloading 1,000 songs in eight minutes," said Cohen. "That may have to change." ****************************** Reuters Internet Reports Internet Becomes Global Shrine to Sept 11 Dead Wed Sep 11, 3:48 PM ET By Reshma Kapadia and Bernhard Warner

NEW YORK/LONDON (Reuters) - The Internet became a globe-spanning memorial Wednesday, with condolences, poems, reflections, artwork and photos pouring onto the World Wide Web to commemorate the first anniversary of the Sept. 11 attacks that killed more than 3,000 people in the United States.

In every conceivable online forum, Net users paid tribute to firefighters and police officers. They prayed for the victims' families. They reflected on the prospects of world peace. They shared their memories, hopes and fears.

"Our spirit unites us. Our hope makes us strong," read a message from a Turkish man on one of the scores of discussion boards dedicated to reflections on the meaning of the day one year after hijacked commercial airliners slammed into the World Trade Center, the Pentagon ( news - web sites) and a Pennsylvania field.

Similarly poignant messages filtered in from the Far East to Manhattan's Lower East Side.

As the tragedy unfolded a year ago, millions took to the Net to express their grief and anger. The outpouring of emotion in those first numbing hours seemed almost to give the medium a heart.

One year later, individuals and businesses turned to the Net to do what it does best -- connect people from all over the world instantaneously.

Close to 30,000 sites dedicated to the event were created between Sept. 11 and Dec. 1, according to Pew Internet & American Life Project.

One site trying to preserve the digital history of the attacks is http://www.911digitalarchive.org, a project run by the American Social History Project and the Center for Media and Learning at the City of University New York.

"Sept. 11 was the first fully digital event in world history," said Fritz Umbrach, a historian at City University of New York working on the project.

"If historians are going to fully understand the public response to 9-11, we need to collect this new digital material, especially as the personal computer becomes the primary communication method for the U.S.

"About 100 million people sent e-mail in days and weeks after attacks," he continued. "It's the best record of people's immediate response." Wednesday, the commercial aspect of the medium was muted.

Amazon.com, the world's largest online retailer, did a makeover of its home page, displaying artwork and poems taken from the book, "Messages to Ground Zero: Children Respond to September 11, 2001," instead of offering the latest in DVDs, books and music.

The page featured sketches from New York area students depicting candles, upraised hands, and construction crews tending to Ground Zero in lower Manhattan, site of the World Trade Center's twin towers, which collapsed after the hijackers crashed their seized planes into them.

At the bottom of the page there is a scanned-in letter from a schoolgirl, Cadence.

"Dear Fireman," reads the letter dated Sept. 17. "My name is Cadence. I'm missing an uncle. please find him. His name is Gonja. His family misses him ... he was the Best uncle in the world. I feel like crying."

Proceeds from the book will go to the Fund for the Public Schools, NYC. Donations are earmarked specifically to benefit children who lost a parent in the September 11 tragedy or were forced to evacuate their schools.

Web portals ( news - web sites) Yahoo.com and Lycos.com shaded their home pages, which attract millions of users every day, in gray and black, respectively, and donated space normally dedicated to top-paying advertisers to the cause.

On the top of Yahoo.com, where it typically promotes the latest movies and music, Yahoo asked visitors to create and share a memorial tile. Thousands had been posted from all over the world.

"Ignorance and intolerance perpetuate hate," wrote one user from the Netherlands, accompanying his words with an image of the Earth with "peace" spelled out in multiple languages.

This being the Web, where the anonymity of message posting makes it a popular forum to express dissent, a number of users continued to air their criticisms of the handling of the Middle East crisis and a possible U.S.-led invasion on Iraq.

"Bush will give us war whether we want it or not," one posting on the discussion group alt.politics read.

Others chose to point out that a series of security alerts had been issued for the day, commenting that this would become an increasingly common occurrence.

But a large majority have joined a Spanish user in sending a message of hope.

"Just a wish of Peace for all the victims, Victims of attacks in the US, of attacks in Asia, Palestine or any other land where violent people try to destroy Peace and Love. We are all the same and all we come from God. Peace." ***************************** CNN Online The hidden data in your driver's license ID cards go smart with encoded personal information September 8, 2002 Posted: 8:00 AM EDT (1200 GMT)

CNN) -- It seems not too long ago that the highest tech device that a bouncer may have had was a flashlight to check out a driver's license. But these days, more and more bars and night clubs, convenience stores and liquor stores are using high-tech ID scanners in order to look at the information that's actually embedded in many driver's licenses.

With the technology, the data that is encoded in the license itself can be compared to information on the front that could actually be faked or forged. It makes it easier to check for underage drinkers or smokers and even helps law enforcement.

But not every state has the same standard for licenses. There is no national standard in terms of how the information is encoded, the different types of information that's encoded in the license itself, and the ways in which it can be read by different ID scanners.

There are various ID scanners available but they all work in much the same way. Bar codes or magnetic strips are read for information and then sent to a screen that displays name, address and various other information about the person. It also tells whether alcohol and tobacco sales are permitted to that person, based on age. Alerts about the person could also show up, a helpful tool for law enforcement.

Public eyes on private data? Critics cite privacy issues with these ID scanners, particularly because the machines are capable of storing the information that is read.

The companies that make them -- both InteleCheck and Logix -- say that there are restrictions in place for whether or not the bar owners or store owners can actually read this information. They can be set so that only bits of information come up, not everything that's on the license.

As well, there are different laws according to states of what can actually be used, or encoded or read. The privacy advocates are concerned, for example, about marketing. They say personal information can be tracked and marketing can be directed at specific audiences based on individual's actions.

The potential for even greater use of these scanners has increased with the war against terrorism. They could possibly be used in airports and used as a security screening device, for instance, to verify the authenticity of the license. ****************************


Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx

Prev by Date: ACM TechNews - Wednesday, September 11, 2002
Next by Date: Clips September 13, 2002
Previous by thread: ACM TechNews - Wednesday, September 11, 2002
Next by thread: Clips September 13, 2002
Index(es):
- Date
- Thread