[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips April 30, 2003
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;
- Subject: Clips April 30, 2003
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Wed, 30 Apr 2003 16:01:48 -0400
Clips April 30, 2003
ARTICLES
Internet Auction Scams Targeted
Music Industry Tries Fear as a Tactic to Stop Online Piracy
Agencies Still Fail to Share Information, Reports Say
OMB?s McVay leaving for the private sector
U.K. Arrests 'Fluffi Bunni' Hacker
NY networks court video security
New York City develops health alert network
GAO issues enterprise architecture guide
*******************************
Associated Press
Internet Auction Scams Targeted
By DAVID HO, Associated Press Writer
WASHINGTON - Federal and state fraud fighters are cracking down on Internet auction scams that fleeced thousands of consumers out of money and merchandise.
The Federal Trade Commission announced Wednesday it is joining 33 state and local law enforcement agencies to target auction con artists with 57 actions ranging from prosecutions to warning letters.
"Real world law enforcement will not let you get away with virtual fraud," Howard Beales, chief of the FTC's Bureau of Consumer Protection, said at a news conference. He said the enforcement actions include 17 criminal cases.
Auction fraud was the No. 1 Internet-related complaint recorded by the FTC last year.
Many of the cases included in the FTC's "Operation Bidder Beware" involve scams where consumers win an online auction and pay but never receive any merchandise.
One man allegedly added a twist by stealing identities to cover his tracks when he failed to deliver to winning bidders, the FTC said. The man, who was not identified by the FTC, allegedly opened bank accounts and post office boxes using identities from the records of a suburban Chicago hotel and the names of people he didn't like.
"Consumers and law enforcers believed the identity theft victims were the ones who had bilked the consumers out of their money," the FTC said. A federal court in Chicago ordered a halt to the scam and froze the man's assets so they can used to repay victims, the FTC said.
In another case, scam operators set up an online escrow service called Premier Escrow that was supposed to prevent fraud by holding auction payments until winning bidders could receive and inspect merchandise they had won, the FTC said. The scammers allegedly acted as both buyers and sellers and directed transactions to the fraudulent escrow service so they could steal consumer payments for items including computers and a car.
The FTC said a federal court in Virginia has ordered a halt to that scam, dismantled the scammers' Web site and frozen the defendants' assets pending trial.
Many of the scams occur on eBay because of the large volume of auctions there, said Eileen Harrington, the FTC's director of marketing practices. She said eBay has been very cooperative working with law enforcement to combat auction fraud.
The FTC and the regional agencies are launching a campaign to educate people about Internet auction fraud. They said consumers should:
_Save all transaction information.
_Be familiar with an auction site's protections for buyers, and don't assume that all auction sites have the same rules.
_Learn about a seller before bidding on an item, and avoid doing business with sellers who can't be identified or try to move a transaction off an auction site with promises of a better deal.
_Investigate unfamiliar escrow or online payment services to make sure they are legitimate.
_Never give out Social Security (news - web sites), driver's license, credit card or bank account numbers unless the seller and payment service has been verified as legitimate.
*******************************
Los Angeles Times
Music Industry Tries Fear as a Tactic to Stop Online Piracy
Record companies send out legal warnings and song decoys to discourage file sharers.
By Jon Healey
Times Staff Writer
April 30, 2003
Unable to sue file-sharing networks into submission, the music industry is stepping up its campaign to instill fear and frustration among the people who use them to copy songs for free.
The multifaceted effort tries to paint the global networks as seedy realms rife with unseemly and dangerous material places where computer viruses, kiddie porn and legal woes lurk amid the temptations of free tunes.
The Recording Industry Assn. of America on Tuesday launched the latest element of the campaign, sending intimidating electronic warnings to users of the Kazaa and Grokster file-sharing networks.
The notes, which declare that unauthorized file-sharers "risk legal penalties," are sent via the two networks' instant message systems to anyone offering certain songs for others to copy. They aim to show users with fake names such as "bigfishmouth" and "calebsgirl" that they can be tracked as easily as a surveillance camera records shoplifters.
The not-so-subtle threat is that those who continue flouting the law will be hauled into court. Indeed, some in the music industry say it's time to start suing heavy users of the networks en masse.
As one high-ranking record executive put it, if parents got subpoenas or high school kids confronted the prospect of being viewed as pirates by college admissions personnel, "that begins to affect behavior."
The instant messages are just one of many efforts the entertainment industry has launched in the last few months to make file-sharing networks seem risky and unappealing to users and, in many cases, their parents. But the combination of electronic guerrilla tactics, threats and collaborative crackdowns faces long odds, given that tens of millions of consumers routinely use the networks to download whatever they want for free.
RIAA President Cary Sherman said the latest tactic had been in the works for months but gained urgency after a judge ruled Friday that Grokster's technology didn't violate copyright law.
U.S. District Judge Stephen V. Wilson held that although network users committed piracy when they made unauthorized copies, the networks themselves weren't liable.
The major record companies and music publishers have been suing the companies that distribute file-sharing software since 1999, and they've won some important legal victories. But they haven't stopped the proliferation of file-sharing networks, the increase in their popularity or the prolonged slide in CD sales that they blame on Internet piracy.
"Everyone knew that this was a long-term problem, that litigation is not a business strategy, that we never intended to rely on litigation as a substitute for a business strategy," Sherman said.
Instead, the companies planned to use lawsuits, enforcement efforts and education "to get consumers to try and migrate to legitimate services."
Those services were extremely limited at first, but their technology and song catalogs have improved rapidly over the last year.
Demonstrating that progress, a slick new downloadable music system from Apple Computer Inc. sold more than 200,000 tracks in its first day, record industry sources said.
To bolster those fledgling ventures, the music industry is attacking the free file-sharing networks outside the courtroom on three fronts:
? Piercing the veil of anonymity. The new instant-message campaign targets Kazaa and Grokster users who offer any one of several hundred popular songs for copying. The message they'll receive automatically just once per day, Sherman said declares that downloading or offering copies of songs without permission is illegal.
The purpose is just to educate users, and the RIAA doesn't plan to take any further action after sending 1 million to 2 million instant messages this week, he said.
What makes this effort different and potentially more effective than the industry's earlier campaigns, though, is that the warnings are going directly to the people whose behavior the industry is eager to change.
The lesson to users, said Michele Anthony, an executive vice president of Sony Music Entertainment, is "there are consequences of that activity, and they are not anonymous."
Lawsuits against individual users have been on hold while the federal courts resolve a battle between the RIAA and Verizon Communications Inc. At issue is how quickly Internet service providers must disclose the identity of alleged file-sharing pirates.
Kazaa and Grokster executives said they didn't object to legitimate and non-intrusive efforts to stop piracy on their networks. But Wayne Rosso, Grokster's president, said the effort was "nothing but a death rattle," adding that Grokster users can block the RIAA's warnings.
"Will it scare our users? I don't know. But I can tell you one thing: Our users are a lot smarter than the RIAA is," Rosso said. "They declared war on their own customers. All we have to do is stand back, and the customers will be heard."
On the other hand, some users are already nervous.
"I feel paranoid that the RIAA will find out and come after us," said a Los Angeles resident who asked that his name not be used. Going after college students in court "kind of works in terms of scaring me away."
? Gumming up the works. In the weeks leading up to a major release, the record companies have been flooding the file-sharing networks with bogus copies of the songs on that record. Some of them download at an excruciatingly slow pace, making it all the more frustrating for users when they discover that they've been duped.
For example, files on Kazaa that appeared to be advance copies of songs from Madonna's latest album turned out to contain a message recorded by the pop diva: "What the [expletive] do you think you're doing?"
But such decoys lose their effectiveness, anti-piracy experts said, after a CD is released and real copies of the music appear online.
"All this stuff is meant more as a nuisance than a silver-bullet solution," said Randy Saaf, president of MediaDefender Inc., a Los Angeles-based anti-piracy firm. "It's the aggregate of all these tools together that's the music industry's best chance of reclaiming its lost market share."
The efforts may already be working on some consumers.
Noting the shortcomings on the file-sharing networks, Kyle Brinkman, a 32-year-old music fan from Santa Monica, said, "I think the new Apple service trumps Grokster. I'd pay a dollar to avoid the hassles."
? Playing up the risks. The record companies have tried to make consumers nervous about connecting to file-sharing systems, and not just for fear of a piracy lawsuit.
They've played up the computer viruses on the networks at least six have been distributed by Kazaa, Sherman claims and the danger of inadvertently sharing personal documents and information.
Meanwhile, the leaders of the House Committee on Government Reform have started trumpeting the risks of file sharing, recently holding or scheduling hearings on child pornography, privacy and security on file-sharing networks.
The committee is doing as much as it can to "get the word out to parents about the amount of pornography that's easily available on these sites," spokesman David Marin said, including urging talk-radio hosts to take up the issue.
The music labels also have pressed colleges, universities and corporations to police their networks to avoid legal liability and reduce telecommunications costs. Those efforts have led Penn State University and the U.S. Naval Academy, among other institutions, to take well-publicized disciplinary actions against file sharers on campus.
*******************************
New York Times
April 30, 2003
Agencies Still Fail to Share Information, Reports Say
By ERIC
WASHINGTON, April 29 Nearly 20 months after the Sept. 11 attacks, many federal agencies are still failing to share critical information about terrorist suspects with other agencies because of both cultural and technological barriers, officials said today.
Two new reports, one from government investigators and another by a police executive association, spotlight the challenges and potential pitfalls that the federal authorities face in developing workable systems to share intelligence on terrorist threats.
Officials said they believed they had made clear progress to prevent the types of communication breakdowns that preceded the Sept. 11 attacks. But in a report to be released Wednesday, the General Accounting Office, the investigative arm of Congress, concludes that the goals set by the Bush administration and Congress last year to promote the sharing of terrorist information remain largely unmet.
The G.A.O. report examined the terrorist "watch lists" that nine federal agencies maintain to spot terrorist suspects trying to get a visa, board a plane, cross a border or engage in similar activities. The F.B.I., the Immigration and Naturalization Service, the Department of Homeland Security, the Pentagon, the State Department and other agencies all keep such lists and share information from them with other federal officials as well as local and state police officials as needed.
But the Congressional study found that some agencies did not even have policies for sharing watch-list information with other agencies, and that those that did often required complex, labor-intensive methods to cull information.
Most agencies share terrorist information only with those from their own agencies, while others give intelligence to the local police and in some cases even to private groups. Agencies often have different types of databases and software that make sharing information next to impossible, researchers found.
As a result, sharing of information is often fractured, "inconsistent and limited," the study reported.
"Cultural and technological barriers stand in the way of a more integrated, normalized set of watch lists," the report said. It recommended the creation of a centralized terrorist watch list.
Senator Charles E. Grassley, Republican of Iowa, who requested the study along with Senator Carl Levin, Democrat of Michigan, said he was dismayed to learn that so long after the Sept. 11 attacks, "the gap in watch lists has not been fixed."
Mr. Grassley said: "Federal bureaucracies have an institutional disease where they think they own their information. Our state and local police can't watch out for anybody if they're kept in the dark."
The federal agencies criticized in the Congressional report generally agreed with the findings, but officials at several departments pointed out that security and civil rights concerns could make it difficult for them to share some information on suspects. They also said that a "one size fits all" approach to sharing terrorist intelligence might fail to recognize the different roles and responsibilities of various federal agencies. An F.B.I. agent investigating a crime, for instance, is more limited in what he can say about a case to another federal agency than is a border crossing guard who is checking the identification of a suspicious tourist, officials said.
The attacks in 2001 revealed fractured communications between federal agencies prior to the hijackings. The most heavily scrutinized episode came when the C.I.A. and the F.B.I. failed to share information quickly enough about two terrorist suspects who were living in the San Diego area in 2001 and who went on to take part in the Sept. 11 hijackings.
Bush administration officials have pledged to improve federal communications as a first line of defense, and one of the administration's main initiatives is the creation of a new terrorism center to coordinate the flow of intelligence. It is being run by the Central Intelligence Agency.
The Department of Homeland Security is also working to centralize and consolidate its watch lists. A spokesman, Brian Roehrkasse, said the department planned an eightfold increase in the number of terrorist suspects it provides to local law enforcement within two months.
Federal officials held a conference with local law enforcement officials in November to discuss obstacles local police forces face in getting accurate, timely information. A report growing out of that meeting was released today by the Police Executive Research Forum, a police association that organized the event.
The report revealed deep frustration among some local police officials who said the F.B.I. had kept them uninformed in terrorism developments and had made it difficult for them to get security clearances to make them privy to more information. But the report also emphasized a common ground of cooperation between federal and local officials.
"Local and federal law enforcement must build on positive relationships and address any remaining impediments to full cooperation if they are to truly succeed in carrying out their new mandates," it said.
Jane Perlov, chief of police in Raleigh, N.C., an author of the report, said in an interview that many local police would become frustrated by what they saw as the F.B.I.'s unwillingness to share its vast resources and expertise with them.
But she said: "We're understanding each other's culture better."
*******************************
Government Computer News
04/29/03
OMB?s McVay leaving for the private sector
By Jason Miller
William McVay, deputy branch chief in the Office of Management and Budget?s Office of Information and Policy, is leaving government to take a position with DigitalNet Inc. of Herndon, Va., as of May 30.
McVay on June 9 will become the vice president for E-Government Solutions and add to its cadre of former federal IT executives.
He joins Debra Stouffer, former chief technology officer at the Environmental Protection Agency, in populating the information and communications technology company?s federal IT consulting practice.
?This is an amazing opportunity for me,? McVay said. ?[OMB Office of E-Government and IT administrator] Mark Forman has said from the beginning that if we do e-government correctly, it will be a partnership with industry. This company is giving me a great opportunity to be a part of that partnership from the industry standpoint.?
McVay, who has been with OMB since 1999, is the team leader for agency implementation of enterprise architecture, capital planning and business case justification, IT performance management, implementation of the Clinger-Cohen Act and IT budget requests.
Over the past two years, McVay has come to be seen as the business case guru as OMB has emphasized that agencies must better validate their IT investments.
Before coming to OMB, he worked for the General Services Administration for six years in the Office of the CIO, worked in private industry and served in the Army.
In his new position, McVay?s job will change little. He will consult with agencies and the private sector on enterprise architecture, business cases, business process re-engineering, IT management and e-government projects, he said.
?It was a very difficult decision for me,? he said. ?I absolutely believe in what Mark [Forman] and the Office of E-Government is doing. I?ve worked with some of the brightest and hardworking people on the e-government work and I will certainly miss them. But I will be in touch.?
McVay said he does not know who will replace him, but he imagines much of his work will be distributed throughout the office in the meantime.
*******************************
Associated Press
U.K. Arrests 'Fluffi Bunni' Hacker
Tue Apr 29, 6:13 PM ET
By TED BRIDIS, Associated Press Writer
WASHINGTON - British authorities arrested a man Tuesday believed to head a group of hackers known as "Fluffi Bunni," which used a stuffed pink rabbit to mark attacks that humiliated some of the world's premier computer security organizations.
Fluffi Bunni captured the attention of the FBI (news - web sites) just days after the Sept. 11 terror attacks, when thousands of commercial Web sites were vandalized with a single break-in that included the message, "Fluffi Bunni Goes Jihad."
The FBI characterized the act in a November 2001 report as an anti-American cyberprotest against the war on terrorism.
Lynn Htun, 24, was arrested by Scotland Yard detectives on outstanding forgery charges while attending a prominent trade show in London for computer security professionals, InfoSecurity Europe 2003, authorities said.
British authorities did not mention of Htun's alleged hacking. A U.S. official, speaking on condition of anonymity, said Htun is wanted in America in connection with a series of high-profile hacking cases blamed on Fluffi Bunni. Investigators believe Htun was the group's leader and referred to himself as Fluffi Bunni, the official said.
Authorities in London indicated they would release more information Wednesday about Htun's arrest, although the continuing investigation into Fluffi Bunni hackers was sensitive and other arrests could be possible.
Fluffi Bunni embarrassed leading Internet security organizations by breaking into their own computers and replacing Web pages with a message that "Fluffi Bunni ownz you" and a digital photograph of a pink rabbit at a keyboard. The attacks, which began in June 2000, lasted about 18 months, then stopped mysteriously and created one of the Internet's most significant hacker whodunits in years.
"I thought he'd never be caught," said Jay Dyson, a consultant who formerly helped run one of the victim Web sites. "He was clever and had the patience of a saint. The targets he chose were ones that were really high profile, and ones you'd think would be above reproach when it comes to issues of security."
Victims have included the Washington-based SANS Institute, which offers security training for technology professionals; Security Focus, now owned by Symantec Corp.; and Attrition.org, a site run by experts who formerly tracked computer break-ins. Other victims included McDonald's Corp. and the online security department for Exodus Communications Inc., now part of London-based Cable & Wireless (news - web sites) plc.
"The guy was playing a game of `gotcha.' He wanted to prove that even firms that specialize in security can be hacked," said Mark Rasch, chief security counsel for Solutionary Inc. and a former Justice Department (news - web sites) cybercrime prosecutor. "It's like someone who robs banks to prove that banks can be robbed."
Brian Martin, who ran the Attrition site with Dyson and others, said Fluffi Bunni quickly generated a fearsome reputation across the underground because of the group's choice of targets. Martin determined that a hacker broke into another user's computer, allowing him to assume that person's digital identity and briefly take over the Attrition site with a Fluffi Bunni message.
"He would break into companies that are there to secure you," said Martin, who never reported the crime to the FBI. "It's a challenge, and there's some irony behind it."
Targets frequently were attacked indirectly. Instead of trying to break into the heavily protected Security Focus Web site, someone hacked an outside computer that displayed advertisements on the site. The ads were replaced with taunting messages and images of the pink rabbit at the keyboard.
*******************************
Federal Computer Week
NY networks court video security
BY Brian Robinson
April 29, 2003
The New York State Unified Court System has opted for a networked video system to provide surveillance for about 30 courthouses in New York City in a $230,000 deal that could be the precursor of a statewide installation.
The surveillance system, provided by Axis Communications Inc., will enable security people to monitor entrances and exits at the courthouses from a remote command center using CourtNet, the court system's multiple-gigabit, fiber-based enterprise network.
Personnel at each of the courthouses can also access their own court's cameras via Web browsers on their desktops.
Analog closed-circuit TV systems that currently provide surveillance at the courthouses are inadequate for the stepped-up security required in the post-Sept. 11, 2001, world, according to Sheng Guo, chief technology officer in the court system's technology division. That would require all the courthouses' security stations to be staffed around the clock, seven days a week, he said, which isn't practical because of the cost and the demand on scarce personnel resources.
"With networked video, each location can be monitored from the command center, and people sent to a location only when they are needed," he said. "You can also build in motion sensors that can automatically trigger notifications to the appropriate people by e-mail, pager or cell phone."
Another advantage is that problems can be diagnosed remotely, because each camera acts like a node on the network, said John Recesso, business development manager for Axis Communications. Users also can develop custom scripts for a variety of applications, such as offsite video recording and archiving.
The system also employs a bandwidth "throttle control" that allows individual cameras to be stepped up to full-frame video rates only when necessary, he said.
The New York City installation should be up and running by the second half of June, Guo said. If the system works well, he added, the court system may try to expand it beyond the city as funds become available.
*******************************
Government Computer News
04/29/03
New York City develops health alert network
By Trudy Walsh
A new health alert system could be a shot in the arm for New York City?s health care workers.
For the city?s smallpox vaccination campaign begun earlier this year, many health care workers in the city?s hospitals volunteered to receive the vaccination. They would be the first responders if a smallpox outbreak occurred.
But because the disease was eradicated in the 1970s, most health care workers have never had experience with a smallpox vaccination.
The vaccination requires 15 injections with a bifurcated needle, said Ed Carubis, CIO of New York City?s Health and Mental Hygiene Department. ?You have to go back a week later to have the spot checked,? he said. ?If the vaccination was successful, it looks really horrible. If it wasn?t, it doesn?t look like anything at all.?
Health Department officials posted a digital photo of a successful vaccination on the new Health Alert Network Web portal so health care workers can see what one looks like.
HAN is part of an overarching Web portal for New York?s medical-provider community, ?a portal within a portal,? said Ed Carubis, CIO of New York City?s Health and Mental Hygiene Department.
The network has more than 500 registered participants, including emergency room directors, hospital workers in the city?s smallpox vaccination program and other health care workers. HAN participants must receive an invitation from the Health Department to register, but this restriction will ease once the network?s portal security framework is in place, Carubis said.
HAN has three main functions, Carubis said.
It sends alerts to health care providers. When users sign up with HAN, they leave contact information, such as e-mail address, office phone or cell phone number. If an emergency arises, HAN will broadcast an alert message to that point of contact and tell the user to go to HAN for more information.
It is an online research library of information on public health topics such as West Nile virus, smallpox, anthrax and severe acute respiratory syndrome (SARS).
It?s a peer-to-peer collaboration system. HAN provides bulletin board discussions, online chats and other conferencing mechanisms, Carubis said.
Dimension Data of Reston, Va., provided systems integration for HAN. The network uses Microsoft SharePoint portal management software, Interwise collaborative software from Interwise Inc. of Cambridge, Mass., and bulletin board tools from Akiva of Carlsbad, Calif.
*******************************
Federal Computer Week
GAO issues enterprise architecture guide
BY Michael Hardy
April 30, 2003
The General Accounting Office has issued a guide for assessing and improving enterprise architectures, intended to help agencies manage their own efforts in the area.
GAO has consistently identified "the lack of an architecture as a major management weakness," according to the guide.
The guide updates GAO's enterprise architecture management maturity framework, which the agency issued in February 2002. The new version, which GAO has dubbed Version 1.1, contains 31 core elements of effective enterprise management.
Among them:
* An organization should have adequate resources the funding, people, tools and technology to establish and manage its architecture.
* An organization should designate a qualified person to be chief architect, responsible and accountable for the architecture.
* An organization should have plans describing the enterprise as it is and as it is to become, and a sequence for making the transition from present to future state.
* An organization should have plans for developing metrics to track progress, quality, compliance and return on investment.
* An organization should be able to measure and report on the plan's progress.
GAO's guide also presents an enterprise architecture maturity model divided into five stages. The stages range from creating awareness through developing enterprise architecture products to the final stage of using the architecture to manage change.
*******************************
Computerworld
New Virginia law makes spam a felony
By TODD R. WEISS
APRIL 30, 2003
Virginia's governor has signed into law one of the toughest antispam bills in the country, but some privacy advocates wonder if it will hold up in court and whether -- tough as it is -- it goes far enough.
The new Virginia law, signed yesterday by Gov. Mark Warner, raises the penalties for the worst purveyors of unsolicited e-mail to a Class 6 Felony, which carries a prison term of one to five years and various fines. It also permits seizure of ill-gotten profits and income from the sale of spam advertising, similar to antiracketeering laws, according to Kevin Hall, the governor's deputy press secretary.
But Stephen Keating, the executive director of The Privacy Foundation, a nonprofit advocacy group in Denver, said the new law could present challenges in enforcement in the cases of spammers who are in other states or countries.
"I think they should be applauded for forcing the issue," Keating said. "I think it will just get bumped higher and higher. It will undoubtedly end up at the Supreme Court. Spammers claim this is a free-speech activity."
Jason Catlett, president of Junkbusters Corp., a privacy advocacy group in Green Brook, N.J., said he's not sure that creating stiffer criminal penalties for the worst offenders is the best answer to the growing spam problem.
Instead, he said, all spam should simply be banned, whether from low- or high-volume mailers.
"I think that the right approach is to say that all spamming is wrong," Catlett said. "Certainly spammers break a lot of laws. But I'm not sure that this is going to cause a substantial improvement. I think the intent of the criminalization was to provide a big stick to beat the worst offenders with."
The new antispam provisions of the Virginia Computer Crimes Act make it the toughest such law in the U.S., according to the governor's office.
"Half the world's Internet traffic passes through the Commonwealth of Virginia, so it is appropriate that we give our prosecutors tools to go after this costly and annoying crime," Warner said in a statement. "Before this law, legal action was almost not worth the trouble for prosecutors -- which is no message to send to our Internet industry in its fight against the spam invasion."
Other states have enacted laws making e-mail abuse a civil crime. Similar bills have been considered on the national level during the past few years, but no federal action has yet been taken.
So far, Warner said, the civil penalties haven't prevented spam from being sent. That warrants the new tougher approach to the problem.
The law targets only the most egregious offenders and can't be applied to an innocent party who happens to send out a large mailing, according to Warner.
Under the law, senders can be prosecuted if they consciously alter either e-mail header or other routing information and attempt to send either 10,000 messages within a 24-hour period or 100,000 in a 30-day period. The sender can also be prosecuted if more than $1,000 in revenue is generated from a specific transmission, or $50,000 from total transmissions.
The underlying Virginia statute that the new felony penalties enhance has survived previous constitutional challenges in cases brought by both Dulles, Va.-based America Online Inc. and New York-based Verizon Communications, according to the governor's office. Because it's grounded on e-mail passing through Virginia-based Internet service providers, the statue allows prosecutors and the Virginia attorney general to legally reach out to spammers in other states and jurisdictions, said the governor's office.
Marvin Benn, an intellectual property attorney at Much Shelist Freed Denenberg Ament & Rubenstein P.C. in Chicago, said the new Virginia bill strengthens the state's existing antispam provisions, but in doing so, it may have taken on too much. By making high-volume spamming a criminal act, "that presents some real constitutional issues," Benn said.
"I don't really think they can do it," he said of the felony provisions. "It seems to be a violation of the First Amendment."
*******************************
From owner-technews@xxxxxxxxxxxxxxxxx Fri Apr 4 14:31:08 2003
Return-Path: <owner-technews@xxxxxxxxxxxxxxxxx>
Received: from sark.cc.gatech.edu (sark.cc.gatech.edu [130.207.7.23])
by cleon.cc.gatech.edu (8.12.9/8.12.8) with ESMTP id h34JV7Iw026675
for <goodman@xxxxxxxxxxxxxxxxxxx>; Fri, 4 Apr 2003 14:31:07 -0500 (EST)
Received: from postel.acm.org (postel.acm.org [199.222.69.7])
by sark.cc.gatech.edu (8.12.9/8.12.8) with ESMTP id h34JUBDN021621;
Fri, 4 Apr 2003 14:30:11 -0500 (EST)
Received: from postel (postel.acm.org [199.222.69.7])
by postel.acm.org (8.9.3/8.9.3) with ESMTP id OAA14670;
Fri, 4 Apr 2003 14:27:13 -0500
Received: from LISTSERV2.ACM.ORG by LISTSERV2.ACM.ORG (LISTSERV-TCP/IP release
1.8d) with spool id 0017 for TECHNEWS@xxxxxxxxxxxxxxxxx; Fri, 4 Apr
2003 14:05:44 -0500
Approved-By: technews@xxxxxxxxxx
Received: from hq.acm.org (hq.acm.org [199.222.69.30]) by postel.acm.org
(8.9.3/8.9.3) with ESMTP id OAA30360 for
<technews@xxxxxxxxxxxxxxxxx>; Fri, 4 Apr 2003 14:04:15 -0500
Received: by hq.acm.org with Internet Mail Service (5.5.2656.59) id <2C8G9630>;
Fri, 4 Apr 2003 14:04:17 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2656.59)
Content-Type: text/plain; charset="iso-8859-1"
Message-ID: <8DFA8DABC2E6FA438EDCFD26881380A5D37A1F@xxxxxxxxxx>
Date: Fri, 4 Apr 2003 14:04:08 -0500
Sender: ACM TechNews Early Alert Service <TECHNEWS@xxxxxxxxxxxxxxxxx>
From: technews <technews@xxxxxxxxxx>
Subject: ACM TechNews - Friday, April 4, 2003
To: TECHNEWS@xxxxxxxxxxxxxxxxx
Content-Length: 9935
Status:
X-Status:
X-Keywords:
Dear ACM TechNews Subscriber:
Welcome to the April 4, 2003 edition of ACM TechNews,
providing timely information for IT professionals three times a
week. For instructions on how to unsubscribe from this
service, please see below.
ACM's MemberNet is now online. For the latest on ACM
activities, member benefits, and industry issues,
visit http://www.acm.org/membernet
Remember to check out our hot new online essay and opinion
magazine, Ubiquity, at http://www.acm.org/ubiquity
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ACM TechNews
Volume 5, Number 478
Date: April 4, 2003
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - -
Site Sponsored by Hewlett Packard Company ( <http://www.hp.com> )
HP is the premier source for computing services,
products and solutions. Responding to customers' requirements
for quality and reliability at aggressive prices, HP offers
performance-packed products and comprehensive services.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - -
Top Stories for Friday, April 4, 2003:
http://www.acm.org/technews/current/homepage.html
"TIA Proponents Defend Domestic Spy Plan"
"That Championship Season, in Code"
"Feds Defend Plan to Secure Cyberspace"
"Fears About War, Economy Slow IT Hiring"
"Queen's Researchers Invent Computers That 'Pay Attention' to Users"
"Feinstein Introduces Privacy Act of 2003"
"Software Uses Pictures to Represent Info People Monitor"
"Online Phone Monitoring Sticky for FBI"
"Pizza Box or IMac? No, an IBox"
"Interview With the KDE and Gnome UI/Usability Developers"
"Robots Take Dangerous Jobs"
"Business Scene: Why Aren't More Women in Tech Fields?"
"Microsoft Research Finds Women Take a Wider View"
"Ultra-simple Desktop Device Slows Light to a Crawl at Room
Temperature"
"SIP Fuels Communications Interplay"
"Nag-O-Matic"
"Gaining Ground"
"Mainframe Brain Drain Looms"
"The Net's Faltering Democracy"
******************* News Stories ***********************
"TIA Proponents Defend Domestic Spy Plan"
Critics and supporters of the Pentagon's Total Information
Awareness (TIA) project voiced their views during a debate at the
ACM's Computers, Freedom, and Privacy Conference on Wednesday.
Manhattan Institute fellow and lawyer Heather MacDonald argued ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item1
"That Championship Season, in Code"
The Association of Computing Machinery's (ACM) International
Collegiate Programming Contest in Beverley Hills, Calif. last week
was swept by Eastern European schools. The contest, now in
its 27th year, pits teams of university students against complex ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item2
"Feds Defend Plan to Secure Cyberspace"
Responding to criticism that President Bush's National Strategy
to Secure Cyberspace is hobbled by a lack of federal regulation
to enforce its recommendations, the White House's special advisor
for cybersecurity Howard Schmidt told attendees at the Secure ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item3
"Fears About War, Economy Slow IT Hiring"
The employment of IT professionals was impacted considerably by
concerns about a war with Iraq and economic doldrums in the
fourth quarter of 2002, according to a report co-authored by
online recruiting services provider Dice and the Information ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item4
"Queen's Researchers Invent Computers That 'Pay Attention' to Users"
Scientists from the Human Media Lab (HML) at Queen's University
in Ontario have developed an Attentive User Interface (AUI)
designed to relieve users of the morass of messages they receive
on their electronic devices by evaluating the user's attention ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item5
"Feinstein Introduces Privacy Act of 2003"
A recent FTC report estimates that 43 percent of all registered
consumer complaints in 2002 involved identity theft, which
incurred $343 million in losses. In an effort to curtail such
abuses, Sen. Dianne Feinstein (D-Calif.) has proposed The Privacy ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item6
"Software Uses Pictures to Represent Info People Monitor"
Research at the Georgia Institute of Technology puts personal
information updates on a separate networked display in a way that
does not distract the user, but provides a comprehensive and
eye-pleasing ambiance. Associate professor of computing John ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item7
"Online Phone Monitoring Sticky for FBI"
The advent of Web-based telephony opens up a can of legal and
technical worms for the FBI, which is trying to establish that
such services must be surveillance-enabled under the 1994
Communications Assistance for Law Enforcement Act. Surveillance ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item8
"Pizza Box or IMac? No, an IBox"
Apple Computer could soon have a competitor in the Macintosh
manufacturing business thanks to the efforts of John Fraser, a
21-year-old Minnesota engineer who has designed the iBox, a flat,
upgradeable Mac that will be sold for roughly one-third the cost ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item9
"Interview With the KDE and Gnome UI/Usability Developers"
It is hoped that the Unix desktop will be revolutionized when the
Gnome and KDE user interfaces (UIs) become interoperable; the
Gnome project's Havoc Pennington discussed usability issues with
Waldo Bastian and Aaron J. Seigo of the KDE project. Seigo ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item10
"Robots Take Dangerous Jobs"
A highlight of Japan's Robodex 2003 event this week was robots
that can handle tasks too dangerous for humans and assist people
in everyday chores. Examples of the former include machines from
the Tokyo Institute of Technology and Chiba University that are ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item11
"Business Scene: Why Aren't More Women in Tech Fields?"
The technology job market is rife with opportunities, yet few
women are taking advantage of them. This trend was the subject
of a panel hosted by the Pittsburgh Technology Council last week.
A scarcity of training was cited as a major hurdle, but personal ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item12
"Microsoft Research Finds Women Take a Wider View"
Microsoft Research has found that women can navigate virtual
environments 20 percent better when using optical flow cues built
into a program's user interface; such visual clues provide
continuous on-screen hints where things are located. Because ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item13
"Ultra-simple Desktop Device Slows Light to a Crawl at Room
Temperature"
University of Rochester researchers have created a device that
can successfully reduce the speed of light by a factor of 5.3
million, using technology that Givens Professor of Optics Robert
Boyd calls "ridiculously easy to implement." Boyd and his ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item14
"SIP Fuels Communications Interplay"
Major IP-based communications players support Session Initiation
Protocol (SIP) as a way to tie together instant messaging, voice,
and video. Microsoft and IBM both back SIP in their respective
Greenwich and Lotus communications platforms. Voice-and-data ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item15
"Nag-O-Matic"
Stanford University researcher B.J. Fogg, an experimental
psychologist, is leading the way in an emerging discipline he
calls captology--using technology to influence people. He is
currently working on ways to get people to consume more water and ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item16
"Gaining Ground"
Indian high-tech companies thriving as IT outsourcers plan to
fortify their position in order to maintain their market
supremacy in the face of growing competition from China, Russia,
Eastern Europe, the United States, and elsewhere. Key to their ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item17
"Mainframe Brain Drain Looms"
In an effort to staunch an expected hemorrhage of mainframe
expertise, the Association for Computer Operations Management
(AFCOM) plans to launch a Data Center Knowledge Initiative that
AFCOM's Brian Koma says should spur IT managers "to take some ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item18
"The Net's Faltering Democracy"
The Internet Corporation for Assigned Names and Numbers (ICANN)
is a failed experiment in melding business efficiency and the
global will of Internet users, writes Simson Garfinkel. Last
December, the ICANN board voted to abolish elections altogether ...
http://www.acm.org/technews/articles/2003-5/0404f.html#item19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- To review Wednesday's issue, please please visit
http://www.acm.org/technews/articles/2003-5/0402w.html
-- To visit the TechNews home page, point your browser to:
http://www.acm.org/technews/
-- To unsubscribe from the ACM TechNews Early Alert Service:
Please send a separate email to listserv@xxxxxxxxxxxxxxxxx
with the line
signoff technews
in the body of your message.
-- Please note that replying directly to this message does not
automatically unsubscribe you from the TechNews list.
-- To submit feedback about ACM TechNews, contact:
technews@xxxxxxxxxx
-- ACM may have a different email address on file for you,
so if you're unable to "unsubscribe" yourself, please direct
your request to: technews-request@xxxxxxx
We will remove your name from the TechNews list on
your behalf.
-- For help with technical problems, including problems with
leaving the list, please write to: technews-request@xxxxxxx
----
ACM TechNews is sponsored by Hewlett Packard Company.
From owner-technews@xxxxxxxxxxxxxxxxx Mon Apr 7 14:03:20 2003
Return-Path: <owner-technews@xxxxxxxxxxxxxxxxx>
Received: from sark.cc.gatech.edu (sark.cc.gatech.edu [130.207.7.23])
by cleon.cc.gatech.edu (8.12.9/8.12.8) with ESMTP id h37I3KIw015563;
Mon, 7 Apr 2003 14:03:20 -0400 (EDT)
Received: from postel.acm.org (postel.acm.org [199.222.69.7])
by sark.cc.gatech.edu (8.12.9/8.12.8) with ESMTP id h37I39DN011277;
Mon, 7 Apr 2003 14:03:09 -0400 (EDT)
Received: from postel (postel.acm.org [199.222.69.7])
by postel.acm.org (8.9.3/8.9.3) with ESMTP id OAA41130;
Mon, 7 Apr 2003 14:03:05 -0400
Received: from LISTSERV2.ACM.ORG by LISTSERV2.ACM.ORG (LISTSERV-TCP/IP release
1.8d) with spool id 0017 for TECHNEWS@xxxxxxxxxxxxxxxxx; Mon, 7 Apr
2003 13:44:32 -0400
Approved-By: technews@xxxxxxxxxx
Received: from hq.acm.org (hq.acm.org [199.222.69.30]) by postel.acm.org
(8.9.3/8.9.3) with ESMTP id NAA43484 for
<technews@xxxxxxxxxxxxxxxxx>; Mon, 7 Apr 2003 13:43:52 -0400
Received: by hq.acm.org with Internet Mail Service (5.5.2656.59) id <2C8G0MLG>;
Mon, 7 Apr 2003 13:43:54 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2656.59)
Content-Type: text/plain; charset="iso-8859-1"
Message-ID: <8DFA8DABC2E6FA438EDCFD26881380A5D37A26@xxxxxxxxxx>
Date: Mon, 7 Apr 2003 13:43:49 -0400
Sender: ACM TechNews Early Alert Service <TECHNEWS@xxxxxxxxxxxxxxxxx>
From: technews <technews@xxxxxxxxxx>
Subject: ACM TechNews - Monday, April 7, 2003
To: TECHNEWS@xxxxxxxxxxxxxxxxx
Content-Length: 9216
Status:
X-Status:
X-Keywords:
Dear ACM TechNews Subscriber:
Welcome to the April 7, 2003 edition of ACM TechNews,
providing timely information for IT professionals three times a
week. For instructions on how to unsubscribe from this
service, please see below.
ACM's MemberNet is now online. For the latest on ACM
activities, member benefits, and industry issues,
visit http://www.acm.org/membernet
Remember to check out our hot new online essay and opinion
magazine, Ubiquity, at http://www.acm.org/ubiquity
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ACM TechNews
Volume 5, Number 479
Date: April 7, 2003
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - -
Site Sponsored by Hewlett Packard Company ( <http://www.hp.com> )
HP is the premier source for computing services,
products and solutions. Responding to customers' requirements
for quality and reliability at aggressive prices, HP offers
performance-packed products and comprehensive services.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - -
Top Stories for Monday, April 7, 2003:
http://www.acm.org/technews/current/homepage.html
"Untethering From Clunky PC Box, Silicon Valley Hikes Wireless
Frontier"
"Disconnects on Wi-Fi and Cell Phones"
"Wireless PDA Software Helps Grocery Shoppers Find Items"
"FBI Computers Enter the 21st Century"
"Why We May Never Regain the Liberties That We've Lost"
"U.S. Military Helps Fund Calgary Hacker"
"Experts Assess Bush's 2004 R&D Budget Request"
"Blogs Step Up in Stature as Harvard Begins Study"
"Internet Connected Real-Time Systems Vulnerable to Attack?"
"Four IT Predictions to Watch"
"DNS Pioneer Warns of Internet Security"
"Indiana Spam Bill Passes Legislature"
"Thwarting the Zombies"
"Pictures Only a Computer Could Love"
"Point, Click...Fire"
"Spectrum for All"
"Semantic Applications, or Revenge of the Librarians"
******************* News Stories ***********************
"Untethering From Clunky PC Box, Silicon Valley Hikes Wireless
Frontier"
Computer industry insiders see the center of gravity shifting
from the PC to wireless platforms and say the mobile industry
today resembles the nascent PC market almost 30 years ago.
Still, although money and expertise is now moving to the wireless ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item1
"Disconnects on Wi-Fi and Cell Phones"
Thirty years after he invented the cell phone, Martin Cooper
believes the technology is nearing the end of its life cycle, and
thinks that carriers should redirect their efforts on improving
telecommunications rather than adding new features to cell ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item2
"Wireless PDA Software Helps Grocery Shoppers Find Items"
A prototype wireless personal digital assistant (PDA) system
developed by Georgia Institute of Technology researchers was
field-tested in a Kroger store in Atlanta by five grocery
shoppers. Prior to the technology's development, extensive ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item3
"FBI Computers Enter the 21st Century"
The FBI is attempting to modernize its computer systems with the
$600 million Trilogy network, while civil liberties proponents
are keeping a close eye on the project to see if it strikes a
balance between privacy and security-related information
gathering. The network will feature a new database designed to ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item4
"Why We May Never Regain the Liberties That We've Lost"
Although the government has routinely rolled back civil liberties
in times of crisis, they have usually been restored once the
crisis passes; that may not be the case for the liberties
rescinded as a result of the war against terrorism, writes Dan ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item5
"U.S. Military Helps Fund Calgary Hacker"
The U.S. Defense Advanced Research Projects Agency (DARPA) has
indirectly allocated $2.3 million to Calgary hacker Theo de Raadt
in the hopes that his OpenBSD operating system could shield U.S.
military networks from cyber-attacks launched by terrorists. De ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item6
"Experts Assess Bush's 2004 R&D Budget Request"
Accompanying President Bush's proposed $122.5 billion 2004
federal research and development budget is a heavier emphasis on
anti-terrorist and homeland security technologies, compared to
past R&D budgets chiefly focusing on civilian medical research. ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item7
"Blogs Step Up in Stature as Harvard Begins Study"
Universities will be watching Harvard Law School's Berkman Center
for Internet & Society as it conducts an academic study of blogs,
described as publishing for people by study leader Dave Winer,
former contributing editor to HotWired. The academic community ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item8
"Internet Connected Real-Time Systems Vulnerable to Attack?"
Connected real-time systems offer many advantages to users,
including a richer interface, resource and information sharing,
and easier upgradeability, but the trade-off is vulnerability to
a variety of assaults; the trick is to adequately protect ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item9
"Four IT Predictions to Watch"
Gartner's Symposium ITxpo 2003 showcased four IT trends that
enterprises can expect to play a significant role over the coming
decade. Portal software, already widespread, will become even
more important for large firms as it is integrated with content ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item10
"DNS Pioneer Warns of Internet Security"
Paul Mockapetris, co-inventor of the DNS system, says "the
majority of the work to be done still lies ahead of us."
Mockapetris wants DNS security buffeted not only in response to
the October 2002 DDoS attacks, but also in response to the recent ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item11
"Indiana Spam Bill Passes Legislature"
Indiana's House of Representatives has passed an anti-spam bill
on an unanimous vote and the bill is now heading to Indiana Gov.
Frank O'Bannon. The legislation, HB 1083, includes a provision
that would penalize spam senders for up to $500 per spam message sent; it
...
http://www.acm.org/technews/articles/2003-5/0407m.html#item12
"Thwarting the Zombies"
Massive numbers of Internet-connected machines acting as a
hacker's zombie army are becoming more common as security experts
work on defenses. These botnets, or networks of bot-controlled
computers, are used to conduct denial-of-service (DoS) attacks ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item13
"Pictures Only a Computer Could Love"
New lenses keyed to computers' strengths are being engineered for
a variety of purposes. "Once you break away from thinking that
the optics have to form something [people] recognize as an image,
there are many things that you can do," notes National Defense ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item14
"Point, Click...Fire"
The Iraqi battlefield is serving as the proving ground for
advanced technologies, including networking, IT, and precision
weaponry designed to give American forces a strategic advantage.
The digital war currently being fought uses a computing grid ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item15
"Spectrum for All"
FCC Chairman Michael Powell is preparing the way for a free and
open radio spectrum, writes policy and law expert Lawrence
Lessig. While on the one hand catering to vested interests that
want radio spectrum as property, Powell is at the same time ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item16
"Semantic Applications, or Revenge of the Librarians"
The supplier-centric IT industry will become customer-centric
when Web services shift to semantic applications that enable
interoperability between computer systems, thus systematizing
data searches and transaction processing, writes David Moschella, ...
http://www.acm.org/technews/articles/2003-5/0407m.html#item17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-- To review Friday's issue, please visit
http://www.acm.org/technews/articles/2003-5/0404f.html
-- To visit the TechNews home page, point your browser to:
http://www.acm.org/technews/
-- To unsubscribe from the ACM TechNews Early Alert Service:
Please send a separate email to listserv@xxxxxxxxxxxxxxxxx
with the line
signoff technews
in the body of your message.
-- Please note that replying directly to this message does not
automatically unsubscribe you from the TechNews list.
-- To submit feedback about ACM TechNews, contact:
technews@xxxxxxxxxx
-- ACM may have a different email address on file for you,
so if you're unable to "unsubscribe" yourself, please direct
your request to: technews-request@xxxxxxx
We will remove your name from the TechNews list on
your behalf.
-- For help with technical problems, including problems with
leaving the list, please write to: technews-request@xxxxxxx
----
ACM TechNews is sponsored by Hewlett Packard Company.