Clips May 9, 2003

[Lillie Coney <lillie.coney@xxxxxxx>]

Clips May 9, 2003

ARTICLES

'Moussaoui Fix' Would Ease Laws on Obtaining Warrants 
California Senate OKs Internet tax bill
Microsoft Admits Passport Security Flaw 
Three charged in Ericsson spy investigation in Sweden
Voting Machine Leaves Paper Trail  
Measure on Consular IDs Advances
Air Force will globally integrate security systems
Homeland information sharing improving, officials say 
Government should make information easier to get, lobbyists say 
Kellogg says he will step down from Joint Chiefs C4 post 
House passes nanotech R&D act 
Roadmap for Homeland Security Department takes shape
Officials weigh 'unique challenges' of information sharing 
IT officials emphasize need for emergency backup systems 

*******************************
Washington Post
Surveillance Bill Sails Through Senate 
'Moussaoui Fix' Would Ease Laws on Obtaining Warrants 
By Tabassum Zakaria
Reuters
Friday, May 9, 2003; Page A06 

The Senate yesterday overwhelmingly approved a bill intended to close a legal loophole that lawmakers say prevented the FBI from obtaining a warrant to conduct surveillance of terrorist suspect Zacarias Moussaoui before the Sept. 11, 2001, attacks.

The legislation, known as the "Moussaoui fix," was approved 90 to 4. It would make it easier for the FBI to seek warrants for wiretaps and searches on non-Americans suspected of planning terrorist attacks, by eliminating a requirement to show the suspect was connected to a known terrorist group or a country that sponsors terrorism.

The FBI did not pursue a warrant to search Moussaoui's computer before the Sept. 11 attacks because officials believed they could not show the Foreign Intelligence Surveillance Court that he was tied to a terrorist group or country that sponsored terrorism, senators said. Moussaoui is charged with conspiring in the attacks. Moussaoui was in custody on immigration charges when the attacks occurred. He has denied being part of the Sept. 11 plot.

The 1978 Foreign Intelligence Surveillance Act did not anticipate the "lone wolf" or a small group of extremists who may not be tied to international terrorist groups or country sponsors of terrorism, but who nonetheless intended to carry out an act of terrorism, senators said.

FISA court proceedings are secret because highly classified material is involved in seeking warrants to authorize wiretaps or other surveillance of suspected spies and terrorists.

Currently the FBI is required to meet three standards to obtain warrants from the FISA court -- the target is preparing to engage in international terrorism, a significant purpose of the surveillance is to gather foreign intelligence and the subject is an agent of a known foreign power or terrorist group. The bill would remove the last requirement.

Sen. Dianne Feinstein (D-Calif.) said the change went too far and proposed an amendment giving the FISA judge more discretion. It was voted down, 59 to 35.
*******************************
Mercury News
California Senate OKs Internet tax bill
By Laura Kurtzman
May 9, 2003

The state Senate voted Thursday to force online retailers, such as barnesandnoble.com and Dell Computer, to charge sales tax to their California customers.

The legislation, sponsored by Sen. Dede Alpert, D-San Diego, is somewhat broader than a similar bill Gov. Gray Davis vetoed three years ago but said he would reconsider as the Internet matured.

Alpert's bill would apply not only to online sellers such as barnesandnoble.com that are affiliated with companies that have retail outlets in California, but also to out-of-state computer makers such as Dell that offer local repair services to their California customers. Her bill is expected to raise at least $20 million.

Some retailers, including Gap, already collect the tax from their online customers, and Alpert insisted the tax was due under current law.

``This is not a new tax,'' she said. ``It is a better collection of an existing tax.''

But opponents say she is going beyond the existing law, which applies to companies with a ``physical presence,'' such as a retail outlet, in the state. Including out-of-state Internet retailers that provide local repair services, they say, not only goes beyond the law but would be hard to regulate.

``If I tell you you can go to Joe's Computer Repair Shop on the corner, then I have to collect and remit California sales tax,'' said Roxanne Gould, a lobbyist with AeA, formerly known as the American Electronics Association. Rather than a statewide solution, she said her group would prefer a uniform national tax.

`Too complicated'

``The system is too complicated today for this to be a realistic proposal. The Internet doesn't stop at the California border.''

Gould said 55 percent of computers sold in California are sold by companies that have headquarters out of state.

Cathie Hargett, a spokeswoman for Round Rock, Texas-based Dell, said the company was still studying the legislation and could not say whether the company would be affected.

Alpert, though, assured that it would.

Hargett said Dell is ``collecting sales tax on the vast majority of our business in California and 85 percent of our business is with business and government institutions.''

She said Dell doesn't collect sales tax related to consumer sales through the telephone or Internet but alerts California customers of their obligation to pay appropriate taxes. She also said the company does not have a physical presence in California.

Republican opponents in the Senate said Alpert's bill would put California Internet businesses at a competitive disadvantage.

``It pushes more and more commerce, as easily as a mouse click, out of California,'' said Sen. Tom McClintock, R-Thousand Oaks.

But supporters said companies like Barnes & Noble are flouting the law by creating separate online entities based out of state that are legally separate but, in practice, operate in tandem with local retail outlets.

``You can order a book from the online affiliate and return it to a bricks-and-mortar store,'' said state Sen. Debra Bowen, D-Redondo Beach.

``The legal separation is a fiction and we ought not in this state allow the kind of corporate structure that encourages people to set up a fictional entity that is legally separate solely for the purpose of avoiding the responsibility to collect taxes.''

Representatives for Barnes & Noble could not be reached for comment.

Tax revenue unclear

It's unclear how much money a more aggressive collection of the tax could generate. A preliminary analysis by the state Board of Equalization estimated it would bring in a scant $14 million to the state next year and an added $6 million for local government. But Alpert said officials did not know how widespread the practice of avoiding the tax had become and the amount could be much higher.

Earlier this year, Davis said he would consider an Internet sales tax as a means of filling the state's budget gap, which he has estimated at $34.6 billion through June 2004. But a spokesman said Davis had no comment on Alpert's bill, which now heads to the Assembly.

Under an agreement with nearly 40 states and the District of Columbia, retailers, such as Wal-Mart Stores, Toys R Us and Target, already collect sales tax from their online customers.
*******************************
Associated Press
Microsoft Admits Passport Security Flaw 
Thu May 8, 6:40 PM ET
By TED BRIDIS, AP Technology Writer 

WASHINGTON - Microsoft acknowledged a security flaw Thursday in its popular Internet Passport service that left 200 million consumer accounts vulnerable to hackers and thieves  an admission that could expose the company to a hefty fine from U.S. regulators. 


Microsoft said it fixed the problem early Thursday, after a Pakistani computer researcher disclosed details of it on the Internet. Product Manager Adam Sohn said the company locked out all accounts it believed had been altered using the flaw. He declined to say how many people were affected but said it was a small number. 


Several security experts said they had successfully tested the procedure overnight. Sohn said the flaw had apparently existed since at least September 2002, but Microsoft investigators have found no evidence anyone tried to use the technique to seize a Passport account before last month. 


Passport promises consumers a single, convenient method for identifying themselves across different Web sites and encourages purchases online of movies, music, travel and banking services. 


Closely tied to Microsoft's flagship Windows XP (news - web sites) software, Passport also controls access for Windows users to the free Hotmail service and instant-messaging accounts. 


The incident was yet another embarrassing lapse for Microsoft and could result in sanctions by the Federal Trade Commission and even a staggering fine. The episode occurs in the midst of Microsoft's "trustworthy computing initiative" to improve security for all its software products and services. 


Under a settlement last summer, the government accused Microsoft of deceptive claims about Passport's security. In response, the company pledged to take reasonable safeguards to protect those accounts, submit to audits every two years for the next 20 years or risk fines up to $11,000 per violation. 


Microsoft declined to say Thursday whether it had contacted the FTC. The agency's assistant director for financial practices, Jessica Rich, said any follow-up investigation would be conducted privately, but she added, "We routinely look into issues that may bear on compliance with our orders." 


Sanctions or fines could be calculated various ways under federal laws, but Rich confirmed that each Passport account that was vulnerable could constitute a separate violation. 


"If we were to find that they didn't take reasonable safeguards to protect the information, that could be an order violation," Rich said. 


Theoretically, that would set the maximum fine at $2.2 trillion  although experts said any fine would be significantly lower. The highest civil penalty previously assessed by the FTC was $4.05 million, against Mazda Motor Corp. (news - web sites) in 1999. Sanctions imposed by the FTC will depend on technical details of the flaw and the adequacy Microsoft's response over the next few days to prevent any recurrence. 


"An important factor is, when does the company tell them about it? What does the company do about it?" said Jodie Bernstein, former director of the agency's bureau of consumer protection. "They have discretion. They can consider what has the company done to make sure this doesn't happen again." 


The Pakistani researcher, Muhammad Faisal Rauf Danka, determined that by typing a specific Web address that included the phrase "emailpwdreset," he could seize any Passport account. He said he sent 10 e-mails to Microsoft explaining his findings but never received a response. Sohn said the company was investigating how it might have missed those reports. 


Danka said he discovered the flaw after unknown hackers repeatedly hijacked Passport accounts belonging to him and a friend. He said he found the problem on Microsoft Web's site that controls Passport accounts about four minutes after he began searching in earnest. 


"It was so simple to do it. It shouldn't have been so simple," Danka told The Associated Press in a telephone interview from Karachi. "Anyone could have done this." 


Microsoft should have been rejecting such transmissions from anywhere outside the company's own network, Sohn acknowledged. Microsoft shut down the affected Web address late Wednesday night, just over one hour after details were published on the Internet. Those filters were permanently set in place early Thursday, Sohn said. 


"We didn't validate the input," Sohn said. "We allowed somebody external to do something only the system itself should be doing. Somebody plumbed around ... and figured out they could do this."
*******************************
USA Today
Three charged in Ericsson spy investigation in Sweden
May 8, 2003

STOCKHOLM, Sweden (AP)  Three employees of wireless equipment maker LM Ericsson face espionage charges for allegedly passing secret information from the company to a Russian intelligence official, Swedish prosecutors said Thursday. 

Afshin Bavand, 46, was charged with gross espionage and industrial espionage, while Mansour Rokkgireh, 44, and Alireza Rafiei Bejarkenari, 40, were charged with complicity in industrial espionage. 

If convicted, Bavand could be sentenced to life in prison, while Rokkgireh and Bejarkenari could get four to five years, chief prosecutor Thomas Lindstrand said. All three are Swedish citizens. 

The trial is scheduled to start May 14 and last for two weeks. A verdict is expected in June. 

Bavand is accused of handing over secret company information to a Russian intelligence agent, while Rokkgireh and Bejarkenari are accused of helping him gather the information. The three men are Swedish citizens. 

"If these company secrets have been given away, it is my opinion that it may cause harm to the overall defense or to the security of the country," Lindstrand told The Associated Press. 

But Ericsson spokesman Henry Stenson said the espionage involved the company's commercial telecommunications systems, and not its military-related work. 

"The main suspect has delivered company secrets, but nothing that in any way could harm our customers have come out," Stenson said. "The Cold War is over, but evidently there is a continued interest in gathering information." 

Stockholm-based Ericsson, which has about 61,000 employees and operations in more than 140 countries, also makes radar systems for defense programs worldwide, including for the JAS-39 Gripen fighter planes made by Sweden's Saab and Britain's BAE Systems. 

The suspects worked in the company's development unit but didn't hold high-ranking positions, according to Ericsson. 

Bavand was arrested Nov. 5, 2002, while talking to a Russian intelligence agent in a Stockholm suburb. Police searched the Russian, who wasn't identified, and found $4,000 in cash and Ericsson documents. 

Sweden responded by expelling two Russian diplomats. Russia later expelled two Swedish diplomats, apparently in retaliation. 
*******************************
Wired News
Voting Machine Leaves Paper Trail  
02:00 AM May. 09, 2003 PT

Voting machines that print individual ballots -- an election accessory many computer scientists have clamored for -- are moving a step closer to widespread availability.

In response to concerns raised by election officials and security-minded techies, one of the largest makers of touch-screen voting machines has introduced a prototype capable of producing paper ballots.

Developed by Election Systems & Software of Omaha, Nebraska, the machine is currently in beta testing, with plans to make it commercially available by July. 

"The idea is to provide a voter-verifiable ballot," said Lou Dedier, the ES&S vice president and general manager who built the original test model in his garage. Dedier said his mock-up was based on suggestions from elections administrators. 

The planned rollout comes as a coalition of computer scientists, led by David Dill, a Stanford computer science professor, is lobbying election officials and voting machine manufacturers to fix security flaws in the current crop of touch-screen voting machines. The coalition believes the flaws are serious. 

In particular, computing experts worry that hundreds of thousands of direct-recording electronic, or DRE, voting machines used in elections nationwide do not provide an auditable paper trail that records individual votes. In order to ensure that votes are not lost because of a computer malfunction or tampering, critics say DRE machines should be able to print and store individual ballots immediately after a vote is cast. 

"I'm happy that some are trying to produce interesting solutions to the voter-verifiable audit-trail problem," said Dill. Although he does not endorse any particular voting machine vendor, he considers the ES&S prototype a breakthrough for a major manufacturer. 

As pressure mounts for paper receipts, ES&S is not the only one who may add on a ballot-printing feature. 

Joe Richardson, a spokesman for Diebold Election Systems, one of ES&S's chief competitors, said the company would be willing to provide such a feature to U.S. customers if the demand is there. Richardson said the company included ballot-printing capability in more than 300,000 voting machines it sold to Brazil. 

Avante International Technology, a developer of smart-card technology, recently introduced a machine called Vote-Trakker, which creates a paper ballot that voters can view and verify before exiting the polls. 

Sequoia Voting Systems, another large maker of DRE machines, recently agreed to provide machines for Santa Clara County, California. Officials there plan to petition the secretary of state to approve a pilot project with paper records that voters can inspect starting in this November's election. 

For ES&S, providing a ballot-printer capability isn't solely an altruistic move. Dedier said municipalities can expect to pay between $400 and $500 to add the ballot-printing feature to an existing machine. 

The ballot-printing prototype by ES&S is quite similar to its standard DRE machine. In both cases, voters make their choices by touching the name of their preferred candidate or ballot proposition position on a computer screen. 

The primary difference with the prototype model is that after votes are entered, a copy of a printed ballot appears behind a clear plastic screen. A voter can look at the printed ballot and press a button to submit it or to make changes. Submitted ballots get dropped in a box at the bottom of the machine for later counting. 

Dedier said much of his original design was based on suggestions from Warren Slocum, chief elections officer for San Mateo County, California. Slocum, in turn, said his recommendations were influenced by security concerns raised by computer scientists. 

"Part of my goal is to try to influence this public policy," said Slocum, who favors using printed ballots, rather than electronic records of votes, as the official ballot in case of a recount. Slocum said San Mateo, which primarily used optical-scan ballot machines, also made by ES&S, doesn't plan to use the printer-enabled machines this year, but may next year. 

He believes touch-screen machines offer some advantages, such as the ability to provide voting in multiple languages without having to pre-print ballots for non-English speakers. 

But the main purpose of adding ballot-printing capability, he said, is to ensure voters that in the event of a computer malfunction, their votes will still be accurately recorded on paper.
*******************************
Los Angeles Times
Measure on Consular IDs Advances
The Assembly OKs a bill to require banks and other institutions to accept the cards issued to citizens of other nations living in California.
By Dan Morain and Carl Ingram
May 9, 2003

SACRAMENTO  The state Assembly on Thursday approved legislation that would require banks and other institutions to recognize as legitimate the identification cards that consular offices issue to their citizens who may be living in this country illegally.

Approved by a margin of 50 to 13, the bill by Assemblyman Fabian Nunez (D-Los Angeles) requires Senate approval. That appears likely because the upper house in the past has approved more far-reaching measures that would have authorized illegal immigrants to obtain California driver's licenses.

Gov. Gray Davis has taken no position on the bill. Davis spokesman Russ Lopez said that among the issues to be considered is the ease with which such cards can be counterfeited.

The cards, generally issued by Mexico and Central and South American and Asian countries, include the person's name, birthplace, date of birth, photograph, signature and U.S. address.

The person may or may not be living in this country. To obtain such a card, people must provide a birth certificate and a second piece of identification such as a passport.

In urging lawmakers to approve the measure, Nunez emphasized that the bill "doesn't create any new entitlements." Rather, AB 25 would allow people to open bank accounts. Law enforcement also would be required to recognize the cards as legal identification.

Assemblywoman Bonnie Garcia (R-Cathedral City), one of a handful of Republicans who voted for the bill, said such cards are "vital" for a variety of reasons, among them allowing police to identify illegal immigrants who are injured in car accidents.

In other legislative action Thursday:

?  The Assembly approved legislation intended to limit oil spills from offshore wells. The measure  opposed by the oil industry  passed on a 41-26 vote, the minimum needed in the 80-seat Assembly.

AB 16, by Assemblywoman Hannah-Beth Jackson (D-Santa Barbara), would require that petroleum be transported to shore by pipeline rather than barge. Only one firm  Venoco Inc.  still uses barges to transport oil to shore.

Though Jackson contended that the bill is "good for the environment, good for the coast," oil industry lobbyists were making plans to take their arguments to the Senate, where they will try to kill the measure.

"This can only impede supply at a time when there is not sufficient pipeline capacity," said Gene Erbin, a lobbyist for BP, the parent company of Arco.

?  In the Senate, lawmakers approved and sent to the Assembly bills that would give employees new job protections if they become whistle-blowers, those who report corporate misconduct at the risk of being fired.

Approved on a 23-14 vote, SB 777 by Sen. Martha Escutia (D-Whittier) would apply to publicly traded and limited-liability companies, and would require that the attorney general establish a hotline so employees could report wrongdoing.

Davis vetoed similar legislation last year, contending that executives could have faced $100,000 fines even if they "did not actually commit the wrongful act themselves." The new bill would soften the fines to a maximum $10,000 per violation.

?  The Senate approved a measure to require that chain restaurants, including fast-food outlets, provide nutritional information to customers.

Sen. Deborah Ortiz (D-Sacramento) contended that consumers often are not aware of how much fat they consume when they visit the drive-through window at a fast-food store or seat themselves for dinner at a steakhouse. The restaurant bill, SB 679, would not apply to mom-and-pop operations of fewer than 10 outlets. 

?  The Senate approved by 21 to 13 a measure, SB 131, to make first-time possession of marijuana an infraction. The bill does not affect more severe punishments for second- and third-time offenders.

In California, first-time possession of up to an ounce of marijuana typically is charged as an infraction, in which the citation is similar to a traffic ticket.

But offenders also can be charged with a misdemeanor. People facing misdemeanors can demand jury trials, which can cost thousands of dollars and strain local treasuries, noted Sen. Byron Sher (D-Stanford).

He is carrying the bill at the suggestion of Quentin Kopp, a retired senator who is now a Superior Court judge in San Mateo County.
*******************************
Government Computer News
05/09/03 
Air Force will globally integrate security systems 
By Dawn S. Onley 

An Air Force plan to bring all base security and force-protection programs under one directorship will get a boost from contracts awarded under the Integrated Base Defense Security System program. 

The IBDSS request for proposals, released April 21 by the Force Protection Command and Control Systems Program Office at Hanscom Air Force Base, Mass., calls for sensors, software, wireless devices, and systems for surveillance, integrated command and control, and wide-area intrusion detection and tracking. The RFP?s closeout date is May 27. 

IBDSS ?will be the centerpiece of [Operation Eagle Force] from an implementation standpoint,? said Jeffrey H. Thurston, deputy director of force protection C2 systems at Hanscom. ?It will be the way we contract for work and equipment.? 

Operation Eagle Force brings force protection together with installation security, said Col. Howard L. Borst, director of the Force Protection Program Office at Hanscom. 

The Air Force plans to award four contracts under IBDSS, a five-year vehicle for improving force and asset protection with base defenses at temporary, permanent, nuclear and nonnuclear sites worldwide, he said. 

?Seeing first, understanding first and acting first? is the objective of Operation Eagle Force, Borst said. ?We need to see the adversary as far away from the base as possible.?
*******************************
Government Computer News
05/08/03 
Homeland information sharing improving, officials say 
By Wilson P. Dizard III 

The Homeland Security Department's emerging enterprise architecture is beginning to harmonize information sharing, officials told the House Government Reform Committee this morning. 

Chairman Tom Davis (R-Va.) convened the hearing to probe barriers to information sharing at HSD. Among the federal officials who testified were Mark Forman, administrator for IT and e-government at the Office of Management and Budget, and Steve Cooper, the Homeland Security CIO. 

Democrats on the committee criticized Forman and Cooper for the continuing lack of a coordinated terrorist watch list. 

Ranking Democrat Henry A. Waxman (Calif.) said the administration had established a "ping pong" policy of passing responsibility for merging the lists from the White House to the FBI, back to the White House and to HSD. He criticized the White House's failure to cooperate with a recent General Accounting Office investigation that called for merged watch lists. 

Rep. John F. Tierney (D-Mass.) said, "You've got to be kidding" when Cooper told him that responsibility for merging the watch lists lays with a coalition of agencies coordinated by the Terrorist Threat Integration Center. "To find out 20 months [after Sept. 11] that this [list merger] is not done is staggering. This is an abject failure of leadership.? 

Cooper and Forman focused their testimony on HSD's progress in creating a coordinated enterprise architecture to improve information sharing. 

Cooper described a process of building an enterprise architecture that will progress from an "as is" description to be available in June to an action plan that will be ready in September. 

He said the "as is" inventory is about 70 percent complete, and the department has identified about 100 major applications and more than 2,000 IT applications. 

The ?as is? IT systems will be grouped in three categories, the CIO said: those with nearly 100 percent commonality with other systems; those with roughly 80 percent; and others little commonality. 

Cooper said the department is working to improve information sharing partly by creating technical teams to devise common metadata definitions and information sharing methods. 

Two of these teams focus on criminal justice and intelligence information sharing. 

As HSD refines its information architecture and capital investment process, the department is looking to consolidate several types of systems, officials said. 

Cooper said HSD officials had found that the department's component agencies operate several physical alert and warning networks. The department plans to reduce the number of alert networks, but will keep more than one because some serve different purposes. 

HSD chief technology officer Lee Holcomb, who had until recently been the department's director of infostructure, said after the hearing that the department plans to begin consolidating its personnel systemswhich number more than 20in the next five or six months. 

"The issue [in consolidating personnel systems] is data migrationpicking the system is easy," Holcomb said. Migration ?typically takes 18 months." 

Davis praised Cooper's plans to develop a coordinated enterprise architecture before purchasing major systems, saying that a different process could waste money. 

Cooper said the department's Border and Transportation Security Directorate could re-engineer its business processes to create a seamless method for tracking goods and persons as they enter and leave the country. 

The process of coordinating interagency action had led HSD to submit joint budget documents to OMB on some issues such as wireless interoperability, Cooper added. 

He also said the department had formed a joint working group with state IT officials through the National Association of State CIOs. 

The department "remains in the early stages of the development of its enterprise architecture and use of capital planning and investment control," Cooper testified. "Even now, though, and clearly into the future, these tools are being used to guide the development? of the department and its information sharing efforts.
*******************************
Government Computer News
05/08/03 
Government should make information easier to get, lobbyists say 
By Tom Thompson 
Post Newsweek Tech Media 

NEW YORKNew federal e-government laws don?t go far enough to codify and protect the public?s access to government information, two information industry lobbyists said at the InfoToday 2003 conference. 

Mary Alice Baish, who monitors legislation for the American Association of Law Libraries, and David LeDuc, public policy director for the Software and Information Industry Association, agreed that the E-Government Act of 2002 was a step forward for public information access. 

The law establishes a policy and technology framework that implies broad public access to government information, LeDuc said. 

He also lauded the administration?s efforts to build ?from the ground level? a technology infrastructure that makes information access easy and inexpensive. Mark Forman, administrator for E-Government and IT in the Office of Management and Budget, ?is making great progress setting out a cross-agency platform for the delivery of information and services,? LeDuc said. 

But without a clear policy on access restriction, a new federal e-government infrastructure can?t deliver what it has promised the public, he said. 

LeDuc called for ?a little tighter formula? to ensure that government officials can?t indiscriminately restrict the public?s access to both public and private information through the Web. 

The boundary between access and protection of critical information has become blurred after the Sept. 11, 2001, terrorist attacks, he said. For example, information categorized as sensitive but unclassified is now much more likely to be removed from public access than before the attacks, he said. 

Baish said e-government laws should be revised to guarantee what is commonly called permanent public accessthe fundamental right to access any government information not classified as protected for national security reasons. ?We can?t do without PPA language in our nation?s laws, or important information will be forever lost to the public,? she said. 

?Thousands of documents were taken off government Web sites after 9-11, and there is no way to know what actually happened to those documents,? Baish said. ?We don?t want to see agencies determine access if it means an overall erosion of access.? 

Both lobbyists agreed with the government?s right to restrict information for purposes of national and domestic security, but they said the administration and Congress should move quickly to create clear guidelines on information restriction. 

Future legislation should address: 


Whether electronic documents should be treated in the same manner as printed documentsdisseminated through the Federal Depository Library Program 
How removed documents are logged and stored 
How the public should be informed of removal actions. 

Baish also called for a shift in federal policy on electronic information dissemination so that the government, and not public libraries, is responsible for ensuring public access.
*******************************
05/08/03 
Kellogg says he will step down from Joint Chiefs C4 post 
By Dawn S. Onley 

Army Lt. Gen. Joseph K. Kellogg yesterday said he plans to step down from his post as the director of command, control, communications and computer systems for the Joint Chiefs of Staff later this year. 

Speaking at the TechNet International 2003 show in Washington, Kellogg said he would leave for a job in the defense IT industry. 

Kellogg?s military career began in 1967 and included service in Vietnam and the first Gulf War. He assumed the post as director of C4 for the Joint Chiefs in October 2000. 
*******************************
Government Computer News
05/07/03 
House passes nanotech R&D act 
By William Jackson 

The House this afternoon approved a bill establishing a National Nanotechnology R&D Program. 

The bill, ?to ensure continued U.S. leadership in nanotechnology,? authorizes $2.4 billion over the next three years for research of molecular technologies. An interagency coordination office would oversee the funding through five agencies and an advisory committee with members from industry and academic institutions providing program guidance. 

The bill, HR 766, also calls for outside review to address social, ethical and environmental issues, and would establish a graduate scholarship program for students who agree to go to work for the government in exchange for educational assistance. 

If the bill becomes law, the government?s recognition of the new technology will be as important as the funding, said Scott Cooper, technology policy manager for Hewlett Packard Co. 

?The dollars are very important, but the combination of funding and direction is just as much so,? Cooper said. ?Having an advisory board that includes some of the younger scientists who are doing exciting work in this area is an affirmation of the importance of the field.? 

He said that in such a new field, government support is essential for the research that will lay the groundwork for development of practical applications. 

The National Science Foundation has predicted there will be a $1 trillion market for devices and systems operating at atomic and molecular levels within a decade. Cooper said some nanotechnology now is being used in manufacturing to produce existing products more quickly and efficiently and improve their qualities. The next generation of nanotechnology could create new products with new capabilities, he said. 

HP will be studying nanotechnology for use in computing, memory and communications, Cooper said. ?Those are issues that are maybe five years out.? 

Under the bill, the National Science Foundation, Energy Department, NASA, the National Institute of Standards and Technology and the Environmental Protection Agency would receive $713 million in fiscal 2004, $784.5 million the following year and $864 million in 2006.
*******************************
Government Executive
May 8, 2003 
Roadmap for Homeland Security Department takes shape 
By Maureen Sirhal, National Journal's Technology Daily 

The Homeland Security Department's top technology leader said Thursday that a "roadmap" outlining the new department's business process and corollary technology support should be released by the end of September.

Steven Cooper told the House Government Reform Committee that his department is making progress in the Herculean task of integrating the operations of the 22 federal agencies that were transferred under Homeland Security's umbrella. The department's directorates are tasked with everything from border and immigration control and intelligence sharing to coordinating nationwide disaster response.

Since the department was created, Cooper explained, his tech team has established basic computing and communications services, including the creation of desktop computer access among the department's component agencies, a Web site and coordinated e-mail system.

"Once we accomplished that, our focus reshifted to our enterprise architecture," Cooper said. That initiative involves mapping the business strategy and processes for the agency and the information technology systems that will support them. 

He told lawmakers that the architecture development plans will be disclosed in phases beginning in June, with the release of the current architecture. By August, the department aims to release a "to be" architecture that will detail business strategies and "mission elements" of the department and its directorates. 

The roadmap designed to get the department to that point will be released by September, Cooper said. "We've already begun to identify some opportunities" to consolidate redundant business and technology systems. "We certainly don't need the 20-plus human-resource applications that exist" within component agencies. 

The department then will seek input from state, local and private-sector groups to continue to refine that roadmap, he said.

While Homeland Security and other administration officials continue to map the enterprise functions and IT systems, they also are working to remedy immediate problems, including the information-sharing gaps often partly blamed for the Sept. 11, 2001, terrorist attacks. 

The department is leveraging existing systems to increase the capabilities for sharing information with state and local officials, he said. The department, for example, is working with the Emergency Response Network of Dallas to provide security information to "first responders."

But some lawmakers questioned whether Homeland Security is successfully tackling cultural barriers to sharing information among federal agencies, such as the FBI.

The department is working with stakeholders in the intelligence community to agree on a vision for how information should be shared, Cooper said. "There are documents that are being circulated for signature that do contain some very specific examples and requirements around the sharing of information," he said. 

"To find out now that two years later this isn't done is almost staggering," Massachusetts Democrat John Tierney said.

Former Internal Revenue Service Commissioner Charles Rossetti, who oversaw an integration effort similar to Homeland Security's, agreed that it is appropriate to reengineer business processes before trying to integrate tech systems. "That's what controls the money, incentives and people and the way that they work," he said. 

He urged lawmakers to maintain realistic expectations for progress at the department. 
*******************************
Government Executive
May 7, 2003 
Officials weigh 'unique challenges' of information sharing 
By William New, National Journal's Technology Daily 

Officials from the Defense and Homeland Security departments on Wednesday described their ongoing efforts to achieve federal, state and local unity on data needed in the event of national disasters or terrorist attacks.

"The flow of information is getting better, but we've got some unique challenges," said Col. Charles Lewis, intelligence director at the Northern Command's joint task force for civil support. He called getting information from domestic intelligence agencies in a timely manner the military's biggest challenge in fulfilling its role in domestic affairs. 


Lewis spoke as part of a panel discussion at an Armed Forces Communications and Electronic Association event. The other participants were Susan Kalweit, chief of an interagency preparedness team at the Federal Emergency Management Agency, and Mary Ann Elliott, president and CEO of Arrowhead Global Solutions, a company that makes a cyber-warning information network being adopted by government.


When there is an attack, Lewis said, his office needs a characterization of threats and the location of the attack. Defense has been a signatory to the federal disaster-response plan for several years, he said, but efforts to obtain information about domestic-response capabilities have increased since the Sept. 11, 2001, terrorist attacks. 


Lewis said his group plans and integrates Defense support to the lead federal agencies for managing the consequences of chemical, biological, radiological, nuclear and explosives events. His office is part of an interagency working group on data issues that he said needs leadership from the Homeland Security Department.


Lewis said he wants access to the thousands of existing databases held by the private sector, states and localities, including geographic information systems, so he can know what the local "first responders" to emergencies and state authorities know, as well as what capabilities exist in the area of the incident, such as emergency services, transportation and utilities. 


Lewis' group is trying to work with states and localities before disasters strike, but he said the situational analyses his office is doing on localities make urban leaders "nervous." 


A Defense coordinating officer would determine whether a disaster is large enough to warrant military involvement. If so, Lewis' office would take control for the military and likely would establish a command center at the location. 


Lewis said the biggest threat his group has identified is biological because the incubation period between an agent's release and its detection can be weeks.

Kalweit discussed her initiative to bring government and industry together to improve the ability of information systems to communicate with each other, to respond to emergencies and to save money. Standards are needed both for technologies and for data, she said. 


Elliott said her company's cyber-warning technology, called CWIN, is being implemented at about 250 locations in the United States and overseas, and is being adopted by several federal agencies and large communications companies such as AT&T. It uses a multiple-protocol backbone, not the Internet, to allow secure, immediate communications from a central network.
*******************************
Government Executive
May 7, 2003 
IT officials emphasize need for emergency backup systems 
By Molly M. Peterson, National Journal's Technology Daily 

Many government offices must do better at backing up their information systems to preserve important data and ensure "continuity of operations" in the event of a terrorist attack, several federal technology officials said on Tuesday. 


"We have not done all that much in this area, except for our national-level systems," Robert Coxe, deputy chief information officer at the Federal Emergency Management Agency (FEMA), said during a homeland security conference sponsored by the Armed Forces Communications and Electronics Association. "I think we have a lot of catching up to do." 


Despite having effective backup capabilities for its largest systems, FEMA's continuity-of-operations plan for many other systems is "very poor" and typically amounts to "a pile of tapes" containing archived data, according to Coxe. 


"We've basically let those systems go one deep," he said, explaining that before the Sept. 11, 2001, attacks, FEMA did not have the resources to improve its backup capabilities. "Now, after 9/11, there's an enormous amount of attention being paid to it." 


Redundant communications and information systems proved invaluable after the attacks on the World Trade Center and the Pentagon, according to Lt. Gen. Harry Raduege, director of the Defense Information Systems Agency.


He recalled that one military agency, for example, avoided major data losses during the Pentagon attack because its computer systems had "double backup" capabilities. "Their critical data was all contained in a facility in another state, and that [facility] was backed up by another facility in a different state," Raduege said. 


But he said officials in another Pentagon organization had stored "everything they had" on only one system that was destroyed in the attack. "They lost every bit of that data," he said. 


The nation's intelligence agencies have made progress in preventing those types of data losses, according to Allan Wade, chief information officer for the CIA and the U.S. Intelligence Community. 


"In modernizing our information technology infrastructure, we've been able to do this very economically," Wade said. "We can provide a relatively inexpensive backup system that we can use for testing or trying new concepts and then switch it into the infrastructure in the event that it's needed." 


But Coxe, whose agency became part of the Homeland Security Department two months ago, said counterterrorism and emergency management officials are facing many other technology-related challenges. 


"This is no small organization to try to get your arms around," he said of the department. "Success depends on an integrated approach of business processes, development interoperability standards and a solid approach to data management and information technology."

Coxe said Homeland Security officials are developing an "e-business backbone" to facilitate the dissemination of counterterrorism information to federal, state, local and private-sector officials. 


"It must be capable of providing timely, accurate, relevant and comprehensive assessments and predictions of all types of threats ... as well as vulnerabilities of our critical infrastructures to attack," he said. "The department's information technology, the data management and the knowledge-management infrastructures do not support these requirements today." 
*******************************



From owner-technews@xxxxxxxxxxxxxxxxx Fri May  9 16:37:17 2003
Return-Path: <owner-technews@xxxxxxxxxxxxxxxxx>
Received: from sark.cc.gatech.edu (sark.cc.gatech.edu [130.207.7.23])
	by cleon.cc.gatech.edu (8.12.9/8.12.8) with ESMTP id h49KbHIw014789;
	Fri, 9 May 2003 16:37:17 -0400 (EDT)
Received: from postel.acm.org (postel.acm.org [199.222.69.7])
	by sark.cc.gatech.edu (8.12.9/8.12.8) with ESMTP id h49Kb0jm008178;
	Fri, 9 May 2003 16:37:04 -0400 (EDT)
Received: from postel (postel.acm.org [199.222.69.7])
	by postel.acm.org (8.9.3/8.9.3) with ESMTP id QAA14502;
	Fri, 9 May 2003 16:35:18 -0400
Received: from LISTSERV2.ACM.ORG by LISTSERV2.ACM.ORG (LISTSERV-TCP/IP release
          1.8d) with spool id 0037 for TECHNEWS@xxxxxxxxxxxxxxxxx; Fri, 9 May
          2003 16:09:58 -0400
Approved-By: technews@xxxxxxxxxx
Received: from hq.acm.org (hq.acm.org [199.222.69.30]) by postel.acm.org
          (8.9.3/8.9.3) with ESMTP id QAA40142 for
          <technews@xxxxxxxxxxxxxxxxx>; Fri, 9 May 2003 16:06:37 -0400
Received: by hq.acm.org with Internet Mail Service (5.5.2656.59) id <JMT9TMLF>;
          Fri, 9 May 2003 16:06:41 -0400
X-MS-TNEF-Correlator: <8DFA8DABC2E6FA438EDCFD26881380A5D37A68@xxxxxxxxxx>
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2656.59)
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding:  quoted-printable
Message-ID:  <8DFA8DABC2E6FA438EDCFD26881380A5D37A68@xxxxxxxxxx>
Date:         Fri, 9 May 2003 16:06:31 -0400
From: technews <technews@xxxxxxxxxx>
Subject:      ACM TechNews - Friday, May 9, 2003
To: TECHNEWS@xxxxxxxxxxxxxxxxx
Content-Length: 11341
Status: 
X-Status: 
X-Keywords:                   

Dear ACM TechNews Subscriber:

Welcome to the May 9, 2003 edition of ACM TechNews,
providing timely information for IT professionals three times a
week.  For instructions on how to unsubscribe from this
service, please see below.

ACM's MemberNet is now online. For the latest on ACM
activities, member benefits, and industry issues,=20
visit http://www.acm.org/membernet

Remember to check out our hot new online essay and opinion
magazine, Ubiquity, at http://www.acm.org/ubiquity

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ACM TechNews
Volume 5, Number 493
Date: May 9, 2003

************************************************************************=
**
Hurry! Free Palm Zire Handheld! Keep your life in balance.=20
Get organized while increasing your mobility! Buy any IBM=20
NetVista(tm) desktop or IBM ThinkPad=AE notebook and ask for
a Palm(tm) Zire(tm) at no additional cost ($99.99 Value).  Or
upgrade to the Palm Tungsten(tm) Tand SAVE $100.  Offer ends
5/19/03 or while supplies last.*=20
Visit http://www.ibm.com/businesscenter/acm or call=20
800-426-7235, ext. 3559=20

OR

Free ThinkPad Carrying Case and free Travel Surge=20
Protector!  Travel with style and security. =20
What could be more perfect for the traveling professional?  Ask for
a FREE ThinkPad=AE Leather Carrying Case and a Free Travel
Surge Protector with retractable phone cord with the purchase of
Any ThinkPad Notebook.   Offer ends 5/19/03.*

Visit http://www.ibm.com/businesscenter/acm or call=20
800-426-7235, ext. 3559
**********************************************************************

Top Stories for Friday, May 9, 2003:
http://www.acm.org/technews/current/homepage.html

"Balancing Data Needs and Privacy"
"House Earmarks Billions for Nanotech"
"Spam Thrives Despite Effort to Screen It Out"
"Scientists Create Twistable, Ultra-Thin Computer Screen"
"Voting Machine Leaves Paper Trail"
"W3C Blesses, Proposes SOAP 1.2"
"Screen Arcs Widen View"
"Darwin Proved Right by Experiment With 'Alien' Life"
"Beyond Wi-Fi: The Future of Wireless Networks"
"Mobile Robots as Gateways Into Wireless Sensor Networks"
"Report: New Battle for WLAN Security"
"Serial ATA II Approaches--Slowly"
"IBM Details Blue Gene Supercomputer"
"Reeling Chipmakers Debate Moore's Law"
"'Smart' Hospital to Improve Care"
"2.6 Kernel to Push the Envelope"
"Let's Talk"
"Star Search"
"The Lab that Fell to Earth"

******************* News Stories ***********************

"Balancing Data Needs and Privacy"
The federal Total Information Awareness (TIA) program raises
privacy and civil liberties alerts across the country, but even
critics of the program see some benefits in the corresponding
"privacy appliance" being devised by Teresa Lunt of the Palo Alto ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item1

"House Earmarks Billions for Nanotech"
The House of Representatives voted 405 to 19 on Wednesday to
approve a boost to the national nanotechnology research and
development budget, and allocate $2.36 billion over three years
to academic and private-sector nanotech projects.  The budget ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item2

"Spam Thrives Despite Effort to Screen It Out"
Although the spread of spam, is under attack on several fronts,
It continues to flourish:  It is estimated that over 2 trillion
pieces of spam will be distributed online in 2003 alone.=20
There are a variety of anti-spam solutions ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item3

"Scientists Create Twistable, Ultra-Thin Computer Screen"
Scientists led by Yu Chen at E Ink have created a three-inch-wide
flexible electronic display that can be bent, twisted, or rolled
up into a cylinder while retaining image quality.  The screen
consists of a stainless steel foil covered with a thin circuit ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item4

"Voting Machine Leaves Paper Trail"
Computing experts argue that direct recording electronic (DRE)
voting machines should print paper ballots in order to provide an
audit trail to ensure accurate vote counts, and Election Systems
& Software (ES&S) has developed a prototype that incorporates ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item5

"W3C Blesses, Proposes SOAP 1.2"
Simple Object Access Protocol (SOAP) Version 1.2 is ready for
final review by the World Wide Web Consortium (W3C).  The basic
Web services language is key to enterprise development because it
ensures interoperability among diverse platforms.  Last year, ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item6

"Screen Arcs Widen View"
Palo Alto Research Center (PARC) researchers have developed Halo,
software designed to ease small-screen navigation through the
display of arcs on the edge of the screen to represent offscreen
locations and objects.  "Halo is a visualization technique that ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item7

"Darwin Proved Right by Experiment With 'Alien' Life"
An experiment by Michigan State University researchers using
artificial lifeforms created in a computer proves that evolution
follows a Darwinian pattern, in which the strongest entities
prevail.  Participant Christoph Adami of the California Institute ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item8

"Beyond Wi-Fi: The Future of Wireless Networks"
IT types are still effusive about Wi-Fi technology, but there are
already technologies ready to supplant 802.11b, the open wireless
standard that has opened up wireless access in and around many
homes and businesses.  Although 802.11b is fast enough for most ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item9

"Mobile Robots as Gateways Into Wireless Sensor Networks"
Intel is developing hardware and software that will allow
researchers to incorporate advanced intelligence into mobile
robots that can be used as access points for wireless sensor
networks.  Such machines could perform duties such as automatic ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item10

"Report: New Battle for WLAN Security"
Enterprises wanting to deploy wireless network access through
technologies such as Wi-Fi have been discouraged by wireless
LANs' vulnerability to hackers, though the Wi-Fi Alliance did
assuage some fears with the development of Wi-Fi protected access ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item11

"Serial ATA II Approaches--Slowly"
The Serial ATA Working Group unveiled the specification for the
Serial ATA Port Multiplier II at the Windows Hardware Engineering
Conference (WinHEC) in New Orleans.  Future ports will be able to
support as many as 15 drives thanks to the technology, which is ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item12

"IBM Details Blue Gene Supercomputer"
IBM has embarked on an ambitious goal to develop a supercomputer
that can perform 1 trillion calculations per second (1 petaflop)
with the creation of the Blue Gene/L system.  The machine will
consist of 65,536 compute nodes, each of which will boast a ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item13

"Reeling Chipmakers Debate Moore's Law"
The chip industry has long regarded Moore's Law--the axiom that
the number of transistors on a chip doubles every 18 months or
so--as gospel, but several chip manufacturers are questioning its
legitimacy, especially in the face of the industry downturn. ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item14

"'Smart' Hospital to Improve Care"
Scientists at Aarhus University's Center for Pervasive Computing
in Denmark are working on several ways to enhance medical care
for patients.  For example, an "intelligent bed" features
built-in computers with sensors that track the patient's position ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item15

"2.6 Kernel to Push the Envelope"
The projected June release of the Linux 2.6 production kernel
will help the open-source operating system penetrate even further
into the enterprise, according to Open Source Development Lab
(OSDL) lab director Tim Witham, who adds that the kernel will ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item16

"Let's Talk"
The latest generation voice-dictation software requires an
up-to-date computer to run well and may be too laborious for
experienced users to enjoy, but indications are that the software
is catching on among users under the age of 20.  Speech ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item17

"Star Search"
John Parkinson of Cap Gemini Ernst & Young concludes that, as far
back as the late 1970s, the most sophisticated and reliable
software applications were chiefly the work of a small portion of
programmers who were labeled 10X or Power Programmers, but these ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item18

"The Lab that Fell to Earth"
The MIT Media Lab was once a technology touchstone for popular
culture and Corporate America, one that boasted an annual budget
of $40 million and enjoyed a steady stream of venture capital. =20
Now the institution is in danger of falling into obscurity: ...
http://www.acm.org/technews/articles/2003-5/0509f.html#item19


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-- To review Wednesday's issue, please please visit
http://www.acm.org/technews/articles/2003-5/0507w.html

-- To visit the TechNews home page, point your browser to:
http://www.acm.org/technews/

-- To unsubscribe from the ACM TechNews Early Alert Service:
Please send a separate email to listserv@xxxxxxxxxxxxxxxxx
with the line=20

signoff technews

in the body of your message.

-- Please note that replying directly to this message does not
automatically unsubscribe you from the TechNews list.

-- To submit feedback about ACM TechNews, contact:
technews@xxxxxxxxxx

-- ACM may have a different email address on file for you,
so if you're unable to "unsubscribe" yourself, please direct
your request to: technews-request@xxxxxxx=20

We will remove your name from the TechNews list on=20
your behalf.

-- For help with technical problems, including problems with
leaving the list, please write to:  technews-request@xxxxxxx

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- -
- - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - =
- -
- - - - - - - - - -
Site Sponsored by:
   IBM personal computers and software
   Purchase discounted IBM personal computers,=20
   servers, and hundreds of additional products
   and services as an ACM member.

**********************************************************************
* Offer valid from IBM in the US only thru 5/19/03 or while supplies
last.  Shipping and handling not included.  Limit 10 per customer.
May not be combined with other  offers or promotions.  IBM makes
no representation or warranty regarding third party  products or
services.  IBM, NetVista and ThinkPad are trademarks of IBM
Corporation in the U.S. and/or other countries.  Other company,
product and service names may be trademarks or service marks=20
of others.

Warranty Information:  For a copy of applicable product=20
warranties, write to:   Warranty Information, P.O. Box 12195,
RTP, NC 27709, Attn: Dept. JDJA/B203.=20
**********************************************************************