[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips May 22, 2003
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;
- Subject: Clips May 22, 2003
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Thu, 22 May 2003 10:26:14 -0400
Clips May 22, 2003
ARTICLES
Computing's Lost Allure
Bill in Congress would curb L-1 visa use for foreign workers
Boyd takes over Safecom Project
Study finds local governments have static Web presence
You May See a Soul Mate Across a Crowded Room
Broadband's Spread Slowing
Federal grants to locals on rise
DHS struggling with 'connecting dots'
Army network center moves east
A Spammer Speaks Out
Software simplifies e-mail encryption somewhat
Youth Hacked Into Database, School Says
This DVD Will Self-Destruct
Shaping the shuttle?s successor
*******************************
New York Times
May 22, 2003
Computing's Lost Allure
By KATIE HAFNER
ERKELEY, Calif. -- ON a sunny May afternoon, Brian Harvey's introductory computer science class at the University of California convened for the last time before the final exam. By the time Dr. Harvey was full tilt into his lecture, reviewing recursive functions and binary search trees, the cavernous hall was lightly peppered with about 100 students, backpacks at their sides, a few legs slung over the backs of empty seats.
Sparse attendance is, of course, an end-of-semester inevitability. Many students viewed the lecture by Webcast, if at all. But more significantly, just 350 students signed up for the course this spring, in striking contrast to enrollment in the fall of 2000, when the same lecture hall was engorged at the start of the semester with 700 students sitting and standing in every available pocket of space.
So full was the room the first few sessions that a fire marshal showed up to size up the situation as a potential hazard. "Even the corridors were jammed," recalled Dr. Harvey, who has taught the introductory course for 16 years. The following semester was little different, with 600 students hoping to enroll in the class.
Today, empty classroom seats, like the vacant offices once occupied by high-flying start-ups, are among the unmistakable repercussions of the dot-com bust.
At the height of the Internet boom in the late 90's, computer science talent was in such demand that recruiters offered signing bonuses to students who agreed to drop out of school. Now, spooked by layoffs and disabused of visions of overnight riches, many undergraduates are turning away from computer science as if it were somehow cursed.
"They overreacted to the boom, so why shouldn't they overreact to the bust?" said Anne Hunter, an administrator at the Massachusetts Institute of Technology who tracks application and enrollment figures.
Berkeley's experience is mirrored elsewhere. At Carnegie Mellon University, applications to the School of Computer Science for next fall are down 36 percent from their peak in 2001; applications to Virginia Tech's computer science department have declined 40 percent since 2001. At M.I.T., renowned for its computer science curriculum, 20 percent fewer freshmen declared electrical engineering and computer science as their central focus this spring than did in 2001 or 2002.
"People aren't seeing the glory in computer science that they used to," said Nirav Dave, 20, a senior and an electrical and computer engineering major at Carnegie Mellon who has seen the ranks of his fellow majors decline. "It used to be that you would do this and you would be a millionaire."
Shaun McCormick, 19, who will be a sophomore next fall at the University of Texas at Austin, started out in computer science but switched at midyear to communications and plans to focus on advertising.
Not only was he daunted by the difficulty of the coursework, Mr. McCormick said, but his job prospects also worried him.
"You have to be a very good programmer with lots of experience under your belt," he said. "Even if you have a good G.P.A., it's hard to get a good job."
If enrollment in the field remains sluggish, some computer scientists warn, technical progress could be jeopardized.
"Our department will be hurt," said J Strother Moore, chairman of the department of computer sciences at the University of Texas, where interest in the field has also diminished. "But more importantly, when the economy recovers, we're going to need computer programmers, and many more of them than we'll be producing at the current rate of input. It's a serious problem for the national economy."
Still, in the absence of a recovery, opportunities in the computer field are contracting. In 2000 Intel hired 2,378 recent college graduates. Last year it hired 566, one-fourth that number. The chilly job market has had a converse effect on graduate school enrollment: applications to computer science graduate departments have risen sharply over the last two years as discouraged students remain at school or try to return to it.
The number of graduate students entering Ph.D. programs in computer science rose 21 percent last year, according to the Taulbee Survey, an annual report compiled by the Computing Research Association, a nonprofit research group. M.I.T. officials said that the graduate program in computer science had received about 3,000 applications for next fall for 120 places, up from 2,000 applications four years ago.
To be sure, there are still many enthusiasts at the undergraduate level. Eugene Chung, a sophomore at Berkeley, is pursuing a double major in computer science and business. Although he worries about getting a job when he finishes, he is studying computer science because he enjoys it. "Personally I like it, whether there's a job or not," he said.
According to the Taulbee Survey, enrollment in computer science departments nearly doubled between 1995 and 2000. So great was the demand for programmers that many students enjoyed the luxury of not even having to prepare a résumé.
"It used to be that even before students had graduated they had three job offers and by the time they had to make a decision, they had 10," said Gabby Silberman, program director for the Centers for Advanced Studies at I.B.M.'s T. J. Watson Research Center, who spends much of his time recruiting.
Undergraduates who might otherwise have chosen computer science appear to be fanning out to related yet more applied fields like business information technology, biotechnology and bioinformatics, which involves managing and manipulating databases of genetic information.
"Computer science was a very focused degree, and lots of people were entering the program because the hot jobs available were dot-coms and Internet jobs," said Stephen W. Director, dean of the engineering school at the University of Michigan.
Now, Dr. Director said, students seem to be migrating toward electrical engineering, a degree that gives them the know-how they need to enter a Silicon Valley software company yet a more general education that they can use for other fields, like biotechnology.
At the University of Texas, pharmacy appears to be a popular alternative, a phenomenon that mystifies Dr. Moore. "All these kids need a lot of chemistry courses, so it's put a real load on the chemistry department," he said. Many others have shifted to biology.
Dr. Moore suggests that students who reject computer science in favor of biotechnology are making some incorrect assumptions about the latter industry. "If you look at what happens in a biotech firm, you need a lot of database and specialty programming skills," he said. "The truth is, the people who have these programming skills will end up getting those jobs."
Dr. Silberman said that while the hiring frenzy of the boom years had disappeared, talented programmers were always in demand. "The craziness is over and it's back to business as usual," he said. "But to go from there to saying there are no jobs in the industry is just too much of a leap."
"Would you rather have a degree in computer science or English?" he continued. "You might not get the dream job that you wanted right off the bat, but you'll find a job that uses your skills."
Andries van Dam, a professor of computer science at Brown who has been teaching introductory computer science there since 1965, agreed. "When kids say, 'Is there going to be a job for me when I graduate?' I essentially have to laugh," he said. "That's like saying, 'When Maxwell discovered the rules of electromagnetism, was physics over?' "
For the undergraduates who do stick with computer science, some mental adjustments are necessary, not just about job prospects but about how to approach computer science as a discipline as well.
Jennifer Li, a junior at Carnegie Mellon who is majoring in computer science, said that more people in her field were choosing second majors to enhance their job prospects in other fields like graphic arts and bioinformatics. For her part, Ms. Li has chosen two minors: business administration and multimedia production.
Dr. van Dam said, "We are encouraging it because it is the kind of intellectual broadening, career broadening that will really help students."
Latika Kirtane, 18, a freshman at Carnegie Mellon, said she was thinking of combining computer science with graphic arts. She said that she and other freshmen she knew were trying not to dwell on job prospects.
"People are generally afraid, but since we are freshmen, we are not really thinking about the future," she said. "We just do it because we love it."
Mr. Dave echoed her view. "I would say that everyone who still loves the field is still there, but there aren't the people who were doing it just for the money," he said.
Randal Bryant, head of the computer science department within Carnegie Mellon's School of Computer Science, said that even though the school is receiving far fewer applications, gaining admission remains difficult. He said the motivation of students entering his department was a refreshing change from four years ago. "Many of the students we see coming in are very enthusiastic about computers," he said. "They aren't looking to become millionaires by age 25."
Thomas H. Cormen, an associate professor of computer science at Dartmouth College, agreed that while the quantity has decreased, the quality has improved. "The advantage of this is that the students who are taking our courses, we have some confidence that they're taking the courses because they're genuinely interested," he said.
Dennis Gannon, chairman of the computer science department at Indiana University, where enrollment in computer science has dipped about 10 percent since last year, said most of the faculty members there felt somewhat relieved. "Prior to this drop we were under siege by students wanting in to our courses and the major," he said.
Still, concerned about what could happen if a downward trend continues, companies like I.B.M. are intensifying their programs to reach out to potential computer scientists, efforts that are aimed at children as young as elementary school age. Intel has spent $700 million on its outreach program, which is intended for students in kindergarten through high school.
Dr. Silberman of I.B.M., who is 49 and has been in the computing field for more than 25 years, said he was concerned about the enrollment decline. "I know what it takes to develop a technology and produce something that is usable, so people can count on it," he said. "We've seen how much all this progress we've made over the last five years depends on computing technology - when you go into a hospital and see all these machines or even an amusement park. All these things depend on computing technology."
Dr. van Dam argues that computer science is far from irrelevant. "We are just at the very beginning of the computer revolution," he said. "People should realize that not only is it not over, but it's scarcely begun."
*******************************
Computerworld
Bill in Congress would curb L-1 visa use for foreign workers
A congressman calls the L-1 a "back door to cheap labor"
By PATRICK THIBODEAU
MAY 21, 2003
WASHINGTON -- Legislation was introduced in Congress this week that would set curbs on the use of the L-1 visa, a controversial visa program that, like the H-1B visa, allows U.S. companies to bring in foreign workers.
The L-1 visa enables companies with subsidiaries abroad to transfer to the U.S. from other companies executives or workers with specialized skills. But critics contend that foreign outsourcing firms use it to import lower-paid workers who then replace higher-paid U.S. employees.
U.S. Rep. John Mica, (R-Fla.) called the L-1 visa a "back door to cheap labor" in his legislation. His bill would require that employees be transferred from their own subsidiaries and not from third-party outsourcers.
The bill's intent is to block foreign outsourcing firms, so-called "body shops," from using the visa to move foreign workers into U.S. positions. But the legislation may face opposition from all sides.
Mike Emmons, an Orlando-based activist who said he lost his consulting job because of L-1 visa, lobbied Mica heavily for action on the visa and said he's disappointed with Mica's legislative fix. Emmons said the legislation includes a large loophole that would allow a U.S. company to set up shop in India or some other country, hire workers there and then move those employees here.
"This is a pretty minuscule bill," said Emmons.
However, Vic Goel, a Greenbelt, Md.-based immigration attorney who represents high-tech companies, said the legislation could prevent a multinational firm from bringing in foreign workers to help clients. For instance, the foreign workers may have played a key role in software development and are needed to implement, service and maintain the software.
"The idea is to find a solution that promotes business and closes the door on the abusers," said Goel, explaining that such a solution could involve finding a way to differentiate between "project-based [work] vs. simple provisioning of warm bodies to fill seats."
According to Mica, there are currently more than 325,000 L-1 visa holders in the U.S.
H-1B visas allows foreign workers to take jobs in the U.S. for as long as six years. Someone with an L-1 visa can work in the U.S. for up to seven years.
*******************************
Government Computer News
05/21/03
Boyd takes over Safecom Project
By Jason Miller
The Homeland Security Department named David Boyd as the new project manager for Project Safecom, one of the Office of Management and Budget?s 25 e-government initiatives, sources said.
Boyd works in HSD?s Science and Technology directorate and is the former director of science and technology for the National Institute of Justice.
Sources said Boyd?s relationship with the state and local governments and his work on the Justice and Treasury departments? Public Safety Wireless Network were the main reasons OMB hired him to kick start one of the toughest e-government projects.
The project?s goal is to improve wireless system interoperability at the federal, state and local levels.
OMB transferred Safecom, which would connect wireless first-responder systems across federal, state and local agencies, to the Federal Emergency Management Agency from Treasury and changed project managers in the past year. In March, HSD officials moved it to the Science and Technology directorate.
Boyd replaces Susan Moore, who returned in April to the Agriculture Department.
HSD also is assembling a systems inventory for state and local first-responder grantees to look at before they buy applications. The inventory will let state and local officials make sure that what they buy is interoperable with current systems, said Rose Parkes, CIO for HSD?s Emergency Preparedness and Response Directorate.
Parkes, who spoke at the 23rd Annual Management of Change Conference sponsored by the Federation of Government Information Processing Councils, said some examples in the inventory include the Washington metropolitan area?s Capital Wireless Integration Network.
By next month, Homeland Security will complete its IT asset inventory, Parkes said. From that inventory, the agency will have a basic as-is enterprise architecture; by August HSD officials expect to finish the to-be architecture model. Parkes said that by September the agency will finish the preliminary road map to develop the to-be architecture.
?The road map will include some basic tenets of our plan,? Parkes said. ?It will include open architecture, Extensible Markup Language schemas and Web services.?
HSD also has begun to develop a five-year budget plan, modeled after the Defense Department?s plan, that will include consolidations within the department and joint business cases, Parkes said.
*******************************
Government Computer News
05/21/03
Study finds local governments have static Web presence
By Thomas R. Temin
Most local governments have Web sites, but they are mostly passive brochure-ware with very little in the way of transactions, according to Donald F. Norris, director of the Maryland Institute for Policy and Research Analysis.
The institute, part of the University of Maryland?s Baltimore County campus, surveys local government IT officials and conducts focus groups among them.
?Often there?s a 17-year-old in the IT shop who?s maintaining the Web site,? Norris said. ?That?s an exaggeration, but not much of one.?
The bottom line is that among towns with populations greater than 10,000, only 6 percent have online financial transactions, even though 88 percent have Web sites.
Norris presented the results of his most recent study, done in 2002, at the National Conference on Digital Research in Boston. He pointed out that only 50 percent of the roughly 3,500 survey respondents said they have sufficient IT expertise to mount true electronic government efforts. Nearly half said they lacked sufficient funds. Other reasons included lack of support from elected officials, privacy and security worries, and an unwillingness to charge citizens extra for online transactions.
Norris said the people and skills issue is a big one for the IT managers in small cities.
?In focus groups, they said e-government is a net add-on? to the continuing workload of merely maintaining Web sites and other systems. Few have done enough reengineering to where automated, online systems begin to save staff time, he said.
*******************************
Federal Computer Week
Bill boosts rural telemedicine
BY Brian Robinson
May 21, 2003
Rep. Doug Ose (R-Calif.) has introduced a bill that could provide states with up to $40 million in grants for developing and expanding rural telehealth networks, as well improve other telemedicine services that are provided under Medicare.
The Medicare Telehealth Validation Act of 2003 (H.R. 1940) will help reduce the disparity in health care between rural and urban areas, Ose said in introducing his bill this month.
"The techniques and consultative efficiency provided by telehealth services reduce costs by diagnosing diseases and disorders before they progress," he said. "By expanding Medicare reimbursement for telehealth technology, we will be cutting illnesses off at the pass, and reducing overall costs."
As well as funding grants, the bill seeks to extend telehealth services to inpatient services, increase the Medicare categories of people who can receive telehealth services and reduce the barriers for access to telehealth technologies by increasing multistate licensing.
The legislation also would expand store-and-forward technology and "revolutionize" radiology, Ose said, because X-rays and slides could be shared quickly and confidentially with specialists far from rural clinics and hospitals, leading to better, faster and less expensive diagnoses and treatments.
Ose introduced the same bill in 2001, but suffered by appearing around the time of the Sept. 11, 2001, terrorist attacks, when Congress put all domestic agenda items, according to Yier Shi, Ose's press aide.
The bill currently has two other co-sponsors, and has been referred to the House Energy and Commerce Committee's Health Subcommittee. A hearing date has not yet been set.
Robinson is a freelance journalist based in Portland, Ore. He can be reached at hullite@xxxxxxxxxxxxxxx
*******************************
New York Times
May 22, 2003
You May See a Soul Mate Across a Crowded Room
By BOB TEDESCHI
Sizing up fellow travelers at an industry or professional conference is always tricky business. Do you care to chat with the guy in the brown velour jacket? And what could you possibly have in common with that woman with all the facial piercings?
A new product aims to put technology to use to answer such questions, provided you're willing to ante up some personal information of your own to get things rolling. The device, from a New York-based company called nTAG, is an interactive name badge featuring a liquid-crystal display screen that instantly communicates with other badges when they get within a few feet, and then displays information to help start a conversation.
The devices use infrared sensing and radio frequency identification technology to scan data that other people at the conference have loaded into their badges. Then when two people approach each other, one person's tag might read: "Hi Karen, we both work in the fashion industry," or "Hi Bert, I won a Nobel for economics, too!"
MasterCard, the Boston Museum of Science and Columbia University have all used the badges, which nTAG rents for a minimum of $30 per person. The devices, which each weigh six ounces, are similar in size to conventional conference badges and can be used to broadcast conference-wide messages and even to conduct instant polls, with wearers using the three control buttons on the tags to respond to queries.
The company says it will not share any personal information entered in a badge with any third party, including the event host. Users can also choose to load little or no information on the tag, if they're not feeling particularly chatty.
*******************************
Washington Post
Broadband's Spread Slowing
Most Web Users Still Rely on Cheaper Dial-Up Connections
By Yuki Noguchi
Thursday, May 22, 2003; Page E05
Americans at home and in small businesses hooked up to high-speed Internet access at a rapid rate over the last four years, but most users for now are sticking with slower dial-up connections, according to a trade association study to be released today.
The number of broadband connections in homes or offices increased to more than 16.2 million in June 2002, from 2.8 million in December 1999, said the AeA, a technology trade group based in Washington with 3,000 corporate members. The data used in the study were originally collected by the Federal Communications Commission.
The growth in the number of people using broadband could be greater, because a single, very high-capacity connection used by a business can carry the traffic of thousands of employees. The study did not tally how many individuals use such connections.
Last year, 65 million households, or 60 percent of U.S. homes, were connected to the Internet, according to industry research firm Gartner Inc. Nineteen 19 million, or 17 percent of all households, connected using broadband services.
The AeA study found that the rate of growth at which both home and business users are taking up broadband is slowing, although about 3.4 million new connections were reported between December 2001 and June 2002, compared with 3.2 million reported for the previous six months.
"Now, the limiting factor [to the growth of broadband] is access and price," said William T. Archey, president of AeA, which was formerly known as the American Electronics Association. Only half of people living in rural areas have access to high-speed Internet service, and many others don't want to pay $50 a month for it, he said.
"I think you're going to see much more competitive pricing," especially in the residential Internet business, Archey said, citing Verizon Communications Inc.'s decision last week to cut its prices for digital subscriber line service.
Most high-speed Internet connections are through cable and digital subscriber lines, which account for 14.2 million of the 16.2 million connections. But fiber-optic connections, satellite or fixed wireless and other wire-line connections, preferred by medium and large businesses, institutions and government agencies, also provide fast Internet service.
The AeA's findings dovetail with a study released earlier this week on residential broadband usage. The earlier study, based on a survey by the Pew Internet and American Life Project, found that the number of high-speed Internet subscriptions to homes doubled in the past year, but that growth was starting to slow. The Pew survey found that 57 percent of people who still access the Internet through dial-up lines said they had no interest in faster connections, even if they live in areas where it is available.
The AeA study also included the number of broadband users by state. The District had 55,197 million business and residential broadband users as of June 2002. Maryland had 316,666 broadband subscribers, and Virginia had 360,722.
*******************************
Federal Computer Week
Federal grants to locals on rise
BY Dibya Sarkar
May 21, 2003
State and local governments will receive $384 billion in federal grant outlays this calendar year, a figure that's expected to climb by nearly 15 percent by 2006, according to a market intelligence company.
Reston, Va.-based Input released a report that indicates federal grant outlays to state and local governments will steadily rise to $440 billion in three years.
The largest dollar-value increases will be in the health, income security and transportation program areas. Subsequently, grant allocations for the natural resources, commerce and housing, community and regional development, and energy and general government programs will decrease.
Input culled and examined the grant information from the Bush administration's fiscal 2004 proposed budget.
As many state and local governments grapple with balancing their budgets, they are looking to the federal government for more financial assistance, especially in homeland security matters as jurisdictions try to upgrade their communications systems.
"With deficits mounting and the cost of delivering services to citizens also rising, state and local governments are relying heavily on federal grant money to move programs and projects ahead," the report said, including technology projects.
The report said the Office of Management and Budget estimated that more than 600 active grant programs are available to state and local governments, and more than 150,000 awards will be made this year.
Last year, states and municipalities received about $352 billion in grant outlays
*******************************
Federal Computer Week
DHS struggling with 'connecting dots'
BY Judi Hasson
May 21, 2003
The Homeland Security Department is still facing problems getting and sharing information, DHS Secretary Tom Ridge acknowledged May 20.
Ridge, testifying before the House Select Committee on Homeland Security, said officials are still working on how they want to consolidate a watch list that would include the names of potential terrorists and other people who pose threats to the United States.
He told the panel that DHS has been working on the technology to consolidate the information as well as working on who should be on a watch list.
In one of the biggest intelligence gaps disclosed after the Sept. 11, 2001, terrorist attacks, officials said the CIA failed to share information that two of the hijackers were on the watch list. In addition, the FBI failed to share a report from a field agent questioning why some Arab nationals were taking flying lessons.
But Ridge said that officials wanted to make sure the information that is shared with state and local officials could be verified.
Rep. Jim Turner (D-Texas) complained to Ridge that much intelligence information is being kept from the committee because it is classified above the secret level.
In order to help the department, "We need to know the same information you know," Turner told him.
Turner also complained that DHS is not getting adequate information from intelligence agencies.
"Congress created DHS to do a better job of 'connecting the dots' of our intelligence. But serious questions remain," Turner said. "Are the various intelligence agencies responsible for our security fully sharing counterterrorism information? Does DHS have the capacity to analyze threat information and direct resources to appropriate vulnerabilities?"
DHS released a list of what it is getting from the intelligence community that includes 30 classified FBI documents with classified titles.
"We do not receive hard-copy products from the CIA," the list stated.
In addition, the Information Analysis and Infrastructure Protection Directorate receives classified cables at the secret level in e-mail form. But the list said IAIP "is not receiving CIA top secret cables because the CIA's message handling system does not contain DHS addresses."
*******************************
Government Computer News
05/21/03
Army network center moves east
By Dawn S. Onley
A subordinate unit of the recently created Army Network Enterprise Technology Command is being relocated from Fort Huachuca, Ariz., to Fort Belvoir, Va.
The Army Network Operations and Security Center will be located with the Army Intelligence and Security Command in the National Capital Region, according to a release. The move will be phased out over several months.
ANOSC was established in 2000 at Fort Huachuca but was folded into NETCOM as a subordinate command when NETCOM was approved last October.
The move will allow ANOSC to interact more with the Defense Information Systems Agency, Joint Task Force-Computer Network Operations, 1st Information Operations Command and Army Computer Emergency Response Team, officials said.
*******************************
Washington Post
A Spammer Speaks Out
In Hill Testimony, Bulk E-Mailer Says Internet Providers Use Same Tactics
By Jonathan Krim
Thursday, May 22, 2003; Page A01
As a Senate committee sought answers yesterday on how to curb the overwhelming surge of junk e-mail, one of the nation's most notorious spammers told members just how hard their job would be.
Ronald Scelson, an eighth-grade dropout and self-taught computer programmer from Louisiana, riveted the Commerce Committee hearing room as he explained that he sends between 120 million and 180 million e-mails every 12 hours.
He boasted that in 24 hours he could crack sophisticated software filters designed to block spam.
And he accused Internet providers of hypocrisy in claiming to want to protect their customers from unsolicited messages.
Large Internet companies spam their own members, he said, while other network access providers have signed contracts allowing known spammers to send out mass e-mail.
"I'm probably the most hated person in this room," said an unapologetic Scelson, responding to a parade of technology, government and marketing officials who decried the purveyors of junk e-mail.
Scelson and eight other witnesses testified as Congress grapples with what Sen. Conrad Burns (R-Mont.) called a tide of "digital dreck" that threatens e-mail communication, one of the most powerful tools of the Internet age.
With spam now costing U.S. businesses upwards of $10 billion a year, Sen. Ron Wyden (D-Ore.), who is co-sponsoring an anti-spam bill with Burns, said it was time for Congress to stop dawdling and pass federal legislation.
All of the witnesses agreed that spam is a complex problem that defies an easy fix. But as executives from leading software companies and online providers fidgeted uncomfortably, the man known to anti-spam tracking groups as the "Cajun Spammer" described how he easily acquires millions of e-mail addresses from publicly available member directories at America Online and other providers.
Moreover, he said, "the same people complaining about spam send e-mail" with solicitations for their own products and services. "AOL spams its members," he said.
This prompted the committee chairman, Sen. John McCain (R-Ariz.), to turn to Ted Leonsis, vice president of AOL.
"Mr. Leonsis, are you a spammer?" McCain asked.
Leonsis, who had testified minutes earlier about how AOL was blocking 2.4 billion pieces of spam per day, did not answer directly.
"We let members opt out" of commercial messages sent by the company and affiliates, he said. And he accused Scelson of violating the company's "terms of use" agreement by using AOL's membership directory as a source for e-mail addresses. Scelson readily agreed.
Scelson also testified about how some Internet access providers signed little-known agreements, called "pink contracts," with known spammers to allow them to send mail in bulk, at prices higher than other commercial clients were charged.
Although the contracts mandated that bulk e-mailers abide by all state laws, Scelson said it did not matter if the e-mailers followed the rules. Most of the providers rip up the contracts and kick spammers off their systems after being threatened by anti-spam organizations that track mass e-mailers and put them on blacklists.
As a result, Scelson said, he has had no choice but to resort to forging the sender information in his bulk e-mail so he can be anonymous and maintain his connection to the Internet.
"This is censorship," he said, arguing that both anti-spam vigilantes and Internet providers that filter out spam are depriving people of their right to see their mail.
"People still buy this stuff," he said, claiming that his clients get a response rate to his e-mail of 1 to 2 percent.
Scelson, who said he does not distribute mail containing pornography, said one of his biggest clients sells a package of anti-virus computer software called Norton SystemWorks at cut-rate prices.
Officials at Symantec Inc., which makes the Norton software, said in an interview that although they have not seen the package Scelson's client is selling, other similar offers that they have tracked down have proved to be counterfeit.
Scelson said he supports anti-spam legislation. But while committee members were clearly intrigued by his story, they gave little weight to his proposed solution:
Pass a tough spam law, but then prevent any Internet provider from blocking e-mail from bulk marketers that abide by the law.
The Burns-Wyden bill would make it illegal for bulk mailers to forge their sending location, have deceptive subject lines or prevent users from removing their names from e-mail lists. Owners of networks would retain the ability to block mail, and the legislation gives Internet providers legal standing to hunt down and sue spammers.
The committee also heard from Sen. Charles E. Schumer (D-N.Y.), who advocates a nationwide do-not-spam registry similar to a newly created do-not-call telemarketing list, plus an international treaty on spam.
Several witnesses said legislation alone would not halt the spread of spam, which now accounts for more than 40 percent of all e-mail traffic. Trevor Hughes, representing a coalition of bulk e-mail service providers, said that it was time to "restore accountability" by having industry impose higher standards on itself.
Orson Swindle, one of two Federal Trade Commission members to testify, urged the industry to develop technology that could stop mail from any source except those pre-approved by users.
"There is a basic need for consumers to be free of any unwanted e-mail," Swindle said.
*******************************
USA Today
Software simplifies e-mail encryption somewhat
Posted 5/22/2003 9:53 AM
NEW YORK (AP) I'm well aware that sending e-mail is no more private than sending a postcard, but who wants to bother with protecting messages? It's so inconvenient.
So, too lazy to phone, I e-mail gossip to friends. And even as I chide my father for e-mailing tax data, I send myself passwords.
Software for encrypting e-mail has always been cumbersome. But the newest version of Pretty Good Privacy, at least, makes the task easier than ever.
Perhaps more people including myself will now scramble sensitive messages so they can't be read in transit by government snoops, bosses or hackers.
Many people are unaware of how insecure e-mail can be.
Your boss might intercept messages about your job search. Over some wireless connections, people could learn of a neighbor's marital infidelities. Careless executives have even incriminated themselves.
For more than a decade, PGP has helped people scramble sensitive messages. Yet relatively few use it, let alone know about it.
PGP requires understanding the concept of two keys working in tandem. You distribute a public key that senders use to encrypt messages meant for you. You use your other key, the private key, to unlock them. To send a message to three people, you must obtain public keys for each.
PGP version 8.0.2 has wizards to easily create keys. But once I made them and sent one to a public server for distribution, I reluctantly had to turn to the manual.
I got a good introduction that explains with real-world analogies and diagrams the concepts behind keys and encryption.
The manual got a bit dense, though, explaining how to tell when a key is phony and how to create a web of trust John vouches for Betty so Cindy can trust Betty if Cindy already trusts John. Whatever.
You can see right away how difficult it is to persuade the people you wish to bring into your web. The social conditioning is ponderous what to do with your keys, when to trust them, how to get friends involved.
I don't think it can ever be as simple as seeing an icon of a closed padlock while using a secure e-commerce site.
The manual goes through the main PGP features: PGPkeys for creating and managing keys; PGPmail for scrambling and unscrambling messages and PGPdisk for storing files on your computer securely.
It is a must-read for newcomers to PGP.
In fact, the software relies too much on it.
The key-generation wizard, for instance, requests your name and e-mail address but you must read the manual to learn they are optional.
And when deleting a private key, the software only asks if you're sure. Only by reading the manual did I learn too late the implications: My public key is stuck on a key server, and there's no recovery from the recycling bin as I can with other deleted files.
Sending encrypted messages was simple.
PGP has plug-ins for many common e-mail programs, and for others, I could click on an icon on the system tray.
Soon enough, I sent my first PGP message.
I also found the disk-encryption feature easy. Guided by a wizard, you create a virtual disk on your computer and place any files you want scrambled there. Also straightforward were features for wiping deleted files so other utilities can't recover fragments of sensitive text.
In fact, the software was too easy. With a click or two, I accidentally sent someone else's public key to a server.
I was also able to add a cartoon of Homer Simpson as my optional photograph, prompting me to wonder how simple it'd be for someone to fake my identity.
The Mac version has fewer plug-ins for specific e-mail programs, no automatic backup of keys and no way to create a self-decrypting file to send PGP-less friends.
Nonetheless, the Mac PGP was much richer than the Mac versions of many other software. Many of the missing features were available earlier, but PGP engineers didn't have time to update them for the new Mac operating system, Mac OS X.
PGP requires at least Windows 98 or Mac OS X 10.2.1. Some features are also available on Palm and Windows CE handhelds.
Noncommercial users get it for free without plug-ins or disk encryption. Otherwise, personal licenses start at $50, others at $80.
PGP can be downloaded from http://www.pgp.com/
*******************************
Los Angeles Times
Youth Hacked Into Database, School Says
Student at Don Lugo High in Chino altered grades and tapped Social Security numbers, officials say. Letter tells parents of fraud risk.
By Kristina Sauerwein
Times Staff Writer
May 21, 2003
A 17-year-old junior at Don Lugo High School in Chino allegedly hacked into his school's computer system this month, changing his and a classmate's grades and also tapping into confidential student information, including Social Security numbers, officials said Tuesday.
The male student, whose name is being withheld because he is a minor, was arrested May 14 at the Chino Valley Unified School District offices on suspicion of violating state theft and privacy laws.
He was released to his parents' custody.
The Chino Police Department has turned the case over to the San Bernardino County district attorney's office.
District officials mailed letters Tuesday to the school's 2,400 students, notifying parents and recommending that they contact the nation's three major credit bureaus and place a fraud alert on their child's file. Officials said 1,744 students had their Social Security numbers in the database.
The teenager acknowledged to district officials that he broke into the computer system, school officials said. He remained on suspension Tuesday and could face expulsion. The other student's role is still being investigated, they said.
"This is a unique occurrence," said Bob Blackery, the district's director of instructional support and technology. No other schools in the district were affected, he said.
Blackery said that, until this incident, he believed the school's computer system had never been tampered with by a student. The company that provides the software, Orange County-based Eagle Software, also said its programs had never been hacked into. The firm provides software to about 280 districts in the state, Blackery said.
School officials said they suspect the student gained entry to the database from a computer on school property. In his backpack, they allegedly found a disk with a copy of the school's database. Authorities are investigating whether the data were misused or further disseminated.
"Things like this happen," said John Pruitt Jr., vice president of the district's school board. He and other officials noted that hackers have attacked the Pentagon, NASA and major corporations. "What I'm proud of is how quickly we acted."
After a teacher discovered the grade change in the computer, officials said they identified the suspected student within 16 working hours. They immediately began securing the system by working with the software manufacturer to change all passwords and computer pathways into the main computer.
The district is also seeking an external audit of its network security procedures.
Identity fraud is the fastest-growing financial crime in the nation, according to the Federal Trade Commission. It documented 161,819 complaints last year, nearly double the number in 2001.
With a person's Social Security number, experts said, a con artist can assume the person's identity, obtain credit cards and run up debt. An identify thief can buy houses and cars and deplete bank accounts.
None of the evidence so far disclosed in the Chino case indicates that this has happened.
*******************************
Wired News
This DVD Will Self-Destruct
03:51 PM May. 16, 2003 PT
LOS ANGELES -- This disc will self-destruct in 48 hours. That is the warning Walt Disney will issue this August when it begins to "rent" DVDs that after two days become unplayable and do not have to be returned.
Disney home-video unit Buena Vista Home Entertainment will launch a pilot movie rental program in August that uses the self-destruction technology, the company said on Friday.
The discs stop working when a process similar to rusting makes them unreadable. The discs start off red, but when they are taken out of the package, exposure to oxygen turns the coating black and makes it impenetrable by a DVD laser.
Buena Vista hopes the technology will let it crack a wider rental market, since it can sell the DVDs in stores or almost anywhere without setting up a system to get the discs back.
The discs work perfectly for the two-day viewing window, said Flexplay Technologies, the private company which developed the technology using material from General Electric.
The technology cannot be hacked by programmers who would want to view the disc longer because the mechanism which closes the viewing window is chemical and has nothing to do with computer technology.
However, the disc can be copied within 48 hours, since it works like any other DVD during that window.
Buena Vista did not disclose pricing plans but said the discs, dubbed EZ-D, would be available in August in select markets with recent releases including The Recruit, The Hot Chick and Signs.
*******************************
MSNBC
Shaping the shuttle?s successor
The great debate: Capsule or space plane?
By Leonard David
May 21 In the wake of the space shuttle Columbia accident, the search for the next generation of space transportation vehicle has taken on a greater sense of urgency and importance for NASA.
A DEBATE NOW swirls around the space agency?s latest effort to shuttle people to and from the International Space Station (ISS) without a space shuttle. NASA and industry teams have begun sketching out what they collectively feel is a safe, sane, arguably simple, and less-costly way to put people into Earth orbit.
The focus of NASA?s Orbital Space Plane (OSP) program is to provide crew rescue capability from the ISS by 2010 and crew transfer capability to and from the orbiting outpost no later than 2012.
The OSP is to be launched atop an existing expendable launch vehicle such as the Evolved Expendable Launch Vehicles, the Delta 4 or Atlas 5 or by Europe?s Ariane 5, or by a 2nd generation Reusable Launch Vehicle once that system becomes available.
However the effort is already steeped in skepticism and controversy as designers, engineers and contractors choose sides between two possible designs: wings and wheels like the shuttle or Apollo-like space capsules.
COMPETING COMPANIES
The green light to move out on an Orbital Space Plane has caused a ripple effect through NASA.
The decision to extend use of the now-grounded space shuttle fleet from 2012 to at least the middle of the next decade was followed by the delaying of development of a reusable launch vehicle booster from 2006 to no earlier than 2009.
Last month, NASA shelled out some $135 million to competing aerospace groups to help steer the Orbital Space Plane into reality. The three groups are: The Boeing Company of Seal Beach, California; Lockheed Martin Corporation of Denver, Colorado; and a team including Orbital Sciences Corporation of Dulles, Virginia, and Northrop Grumman of El Segundo, California.
Each team is now deep into work on vehicle concepts, ground operations, and supporting technologies needed to fly to and from the ISS.
Obviously for contractors, there?s big money in the billions down the road.
A decision by NASA on whether to proceed with the full-scale development of the OSP flight system is anticipated in September 2004. If a positive decision is made to proceed with full-scale development, contract awards will be made in late 2004.
FLIGHT DEMONSTRATIONS
Each OSP team is already involved in flight demonstrator projects helpful to the OSP program.
The Demonstration of Autonomous Rendezvous Technology (DART) program is in progress at Orbital Sciences Corporation. It will prove the technologies required for spacecraft to locate and rendezvous with another spacecraft such as the space station without direct human guidance. DART is expected to be flying in a little over a year from now.
Lockheed Martin has a Pad Abort Demonstrator. The test program would assess crew escape technologies, drawing from the experience base of the Mercury, Gemini and Apollo programs. Launch pad abort trials are to begin in mid-year 2005.
Boeing?s Phantom Works is working on the X-37. This vehicle can be ferried into orbit by the space shuttle or lobbed into space on an expendable launch vehicle. Sometime in 2006, X-37 will operate at speeds up to 25 times the speed of sound and test technologies in the harsh environments of space and atmospheric reentry.
KISS-AND-TELL TACTICS
For his part, NASA chief, Sean O?Keefe, has chided industry to adopt ?KISS-and-tell? tactics in pressing forward on the OSP. Basically, Keep-It-Simple Stupid and tell NASA how best to build what it wants and needs.
?The level one requirements for OSP are on one piece of paper,? O?Keefe said. ?The space shuttle is an engineering achievement. There?s no doubt about that. OSP is based on a different philosophy,? he explained.
O?Keefe lists only three level one requirements that the space agency is after in the quest for an Orbital Space Plane. It has to be an operational asset that goes from Earth to space station to bring people. Secondly, NASA wants the OSP to show a level of maneuverability not available with shuttle. Thirdly, is a flexibility of launch, to eventually have a vehicle far less cumbersome to ready and fly into orbit than today?s shuttle system.
?Let?s not make this a degree of difficulty dive that?s equivalent to a two-and-a-half gainer,? O?Keefe told SPACE.com.
BACK TO THE ?60S
There is no preconceived notion on what the ultimate vehicle design for OSP will be, whether it is a winged vehicle, a lifting body shape, or a capsule like the Apollo command module.
?Each of these shapes has competitive advantages and disadvantages that will be explored during the formulation studies,? said Frederick Gregory, NASA Deputy Administrator, during recent congressional hearings. ?We believe the OSP system will, in combination with other launch systems, provide the vital human transport capability necessary to retire the shuttle,? he said in his written testimony.
Gregory noted that studies have been conducted on how best to accelerate the OSP building schedule.
Retro-firing back to the 1960s, Gregory explained that the Apollo capsule is a ?potentially attractive solution.? Its performance is well understood. The abort-and-recovery system was simple and safe. Indeed, an Apollo-derived vehicle could be available four to six years after a contractor go-ahead therefore, hardware could be ready-to-go one to three years sooner than present-day OSP plans, he said.
?GRIN AND BEAR IT? VOYAGERS
Yet recently, capsule travel to and from the ISS received a less-than-sterling endorsement following the May 4 return to Earth of a Soyuz TMA-1 carrying Russia?s Nikolai Budarin and U.S. astronauts Kenneth Bowersox and Donald Pettit.
After more than five months of microgravity exposure onboard the station, the reentering space travelers were subjected to far higher gravity loads than planned. Their craft apparently suffered a technical glitch, causing the capsule and its precious cargo to make a steep, ballistic descent to Earth.
The voyagers ended up several hundred miles distant from a pre-selected landing zone. Bewildered recovery teams in helicopters and planes took some two hours to find the trio.
If an attached capsule to the ISS is to provide a quick route home in an emergency health situation, the Soyuz TMA-1 incident raises eyebrows.
?In this case it was a happy ending. But obviously everyone is going to have to understand what caused the problem,? said Marcia Smith, a space policy analyst for the Congressional Research Service in Washington, D.C.
?If this crew was returning because of a medical emergency, having a two-hour delay in getting medical support?that could have been a problem,? Smith said. ?So they need to understand what went wrong and fix it,? she said.
COMPLEXITY LEVEL
Dale Myers, a former industry leader in building the Apollo Command and Service Module, led a study group on behalf of NASA that looked into an Apollo-derived ISS crew rescue and transfer vehicle. It was judged that the capsule approach has the potential of being less expensive to pursue than a winged vehicle due to its lower complexity level.
?It appears to me that the robust launch escape system of Apollo, which worked over a wide range from the launch pad to high altitude, will be hard to beat in a winged vehicle,? Myers reported. ?This Apollo based system, without aerodynamic controls, wings, and landing gear is clearly simpler,? he said.
Myers noted, however, that landing with wings yields good atmospheric cross range. That means far more flexibility in when and where to land. Also, winged vehicles have less gravity load during reentry, relieving stress on an injured or ill crewmember.
?If all things were equal, I?d choose winged vehicles. Unfortunately, they are not known to be equal,? Myers said. Looking into the future, he added that another advantage of choosing a capsule approach over wings is beating a path back to the Moon.
?The greatest risk is doing nothing,? Myers said.
APOLLO OBSOLESCENCE
Putting capsule pluses aside, virtually every Apollo system would have to be redesigned. Furthermore, there are changes required to make such a craft compatible with the internal pressure of the International Space Station. In addition, Apollo hardware could not be used due to obsolescence, NASA?s Gregory testified.
?I don?t know if the drawings even exist,? said Dennis Smith, Manager of the Orbital Space Plane Program at the Marshall Space Flight Center. ?The tooling doesn?t exist. All the materials are different. All of the subsystems that were on it?we would be crazy to fly them today. I?m pretty sure they didn?t know what an integrated circuit was back then,? he told SPACE.com.
On the other hand, Smith said, from an aerodynamic standpoint, an Apollo capsule is well understood. ?We flew it to the Moon. It came back and landed. We fished it out of the ocean. We clearly know how it flies,? he said.
FINDING THE RIGHT ANSWER
Throughout the years, numerous shapes and sizes of winged spacecraft have been studied.
For example, the U.S. Air Force looked at the X-20, the Dyna Soar. Over a decade ago, NASA?s Langley Research Center focused on the HL-20 lifting body as a possible ?space taxi?. Sometimes called the ?Personnel Launch System,? the HL-20 never made it beyond a showy mockup.
A more recent NASA/Lockheed Martin Skunk Works cooperative debacle was the X-33. That prototype suborbital test vehicle was supposed to lead to a beefier and better orbital plane, the commercial VentureStar. That entire effort dead-ended. Likewise, the NASA Johnson Space Center-led X-38 project a cheaper, better, approach to a crew rescue vehicle fell victim to budget cuts.
?You name it. There?s a bunch of shapes that have been looked at. There is a lot of data available?a lot of great things that have been done in the past. You?d be crazy not to look at what applies to OSP and what doesn?t,? Smith said.
?For OSP, we need to find the right answer,? Smith said. ?Which overall is the safest, most effective, and cheapest way to go do this mission,? he said.
*******************************