[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips May 30, 2003

To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;
Subject: Clips May 30, 2003
From: Lillie Coney <lillie.coney@xxxxxxx>
Date: Fri, 30 May 2003 13:13:27 -0400

Clips May 30, 2003

ARTICLES

Special Visa's Use for Tech Workers Is Challenged
Senate OKs Consumer Privacy Bill
Lamo Hacks Cingular Claims Site
India leader advocates open source
Terror lists linked to gun checks
PeopleSoft upgrades SEVIS solution
New Army CIO to deal with legacy
NIH launches online gene map
Public-private partnership weighs homeland security technology ideas

*******************************
New York Times
May 30, 2003
Special Visa's Use for Tech Workers Is Challenged
By KATIE HAFNER and DANIEL PREYSMAN

AN FRANCISCO, May 29 With the economy in a slump, a growing number of American technology workers say their jobs are going not only to lower-cost foreign workers abroad, but also increasingly to workers who enter the United States under a little-known visa category known as L-1.

In the nearly three years since the technology bubble burst, the use of L-1 visas to bring in workers with a large percentage from India has become a popular strategy among firms seeking to cut labor costs. The number of these temporary visas granted rose nearly 40 percent to 57,700 in 2002 from 41,739 in 1999.

The visas are intended to allow companies to transfer employees from a foreign branch or subsidiary to company offices in the United States. But they are now routinely used by companies based in India and elsewhere to bring their workers into the United States and then contract them out to American companies in many instances to be replacements for American workers. The number of Americans who have been replaced by foreign contract workers is unknown. American companies that use contract workers have said that the decision to do so is based on factors like skills, and not on cost alone.

Some immigration experts are questioning the legality of this use of the visa. Officials at the Bureau of Citizenship and Immigration Services, or B.C.I.S., a division of the Department of Homeland Security that oversees the granting of L-1 and other work visas, say the bureau is conducting an assessment of the L-1 visa to determine whether there is misuse.

"If this is a company offering the services of their employee to go work for another company, it sounds dubious," said Bill Strassberger, a spokesman for B.C.I.S.

"To bring someone in ostensibly as an intracompany transfer and then put him to work for somebody else and then to say that we're paying him still, that just sounds like someone's trying to really stretch the envelope on that visa category," Mr. Strassberger said.

The legal questions, however, remain murky. Steve Yale-Loehr, who teaches immigration law at Cornell, said that strictly speaking, what these companies are doing is legal, though perhaps not what Congress intended. However, Mr. Yale-Loehr added, "If Congress is upset about this, then Congress will act on it."

In response to the controversy, Rep. John L. Mica, a Republican from Florida, introduced a bill this month to prevent companies from hiring foreigners with L-1 visas.

"When you have people using this to bring in lower-cost labor to displace Americans, it's something we need to address," Mr. Mica said in a telephone interview.

During the boom years, the technology industries successfully lobbied Congress to expand the number of foreign software engineers who could be permitted to fill programming needs in the United States. In 2000, Congress increased the annual cap on more restrictive temporary visas known as H-1B visas for highly skilled foreign workers to 195,000 from 115,000. That quota will drop automatically to 65,000 on Oct. 1 unless Congress approves an extension, a move that is considered unlikely.

In the last two years, the trend in the use of H-1B visas has declined sharply. Many experts say the use of L-1 visas will grow.

Unlike the H-1B visa, the L-1 does not require employers to pay workers prevailing wages. In addition, there is no cap on the number of L-1 visas.

This has ignited an outcry among technology workers who have lost jobs and say that foreign contract workers are paid substantially less than prevailing wages in the industry.

Over the last three years, William O'Neill has seen his small computer consulting firm in East Granby, Conn., dwindle from six contract workers to none. The work itself has not disappeared, said Mr. O'Neill, but his clients, most of them large insurance companies in Connecticut and western Massachusetts, are turning to foreign companies, some with workers who are in the United States on temporary visas. Satyam Computer Services, a consulting firm based in India, for example, now has a contract with the Cigna Corporation that has around 100 Satyam employees working on computer applications management in Cigna offices.

And as others have claimed, Mr. O'Neill said that in many cases, existing technology employees are asked to train their replacements. The L-1 visa requires that the foreign workers possess specialized knowledge of the work to be done.

Mr. O'Neill said that the people he knows who are currently training their replacements will not talk about their situation for fear of losing what is left of their jobs. "They're scared to death they're going to lose their jobs instantly versus six or eight or nine months down the road," he said.

Once the replacement workers are trained, Mr. O'Neill said, the foreign workers are often sent back to India to do programming and computer work there for the American companies.

Wipro, InfoSys and Tata Consultancy Services, all of them based in India, are other companies that are using L-1 visas to get workers into the United States.

Girish Surendran, a human resources manager who oversees immigration issues at Tata, said his company "is committed in letter and spirit to all the requirements and regulations of all visa categories." He added: "If workers are replaced, it's not that T.C.S. comes in and employees get let go." Mr. Surendran said he could not comment on a company's reason for laying workers off.

Wipro plans to lobby against Mr. Mica's bill. If it becomes law, said Sridhar Ramasubbu, investor relations manager at Wipro, the company will simply turn back to H1-B visas. "We will not be affected financially because our compensation is the same whether somebody comes in under an H-1 or an L-1," Mr. Ramasubbu said.

But trade groups representing American workers say the foreign workers are paid considerably less. "I have friends that were told in the last three months that they must take a $30,000 pay cut to keep their job," said John Bauman, president of the Organization for the Rights of American Workers, a nonprofit group based in Meriden, Conn.

Gary Burns, the legislative director for Mr. Mica, said there were about 325,000 L-1 visa holders in the United States. Those who stay in this country can remain for up to five or seven years, depending on the category of L-1 they hold.

Some experts say that the use of L-1 visas for contract workers is not widespread and that fears of losing jobs to foreign workers are exaggerated.

"Even if this brouhaha is about a real problem, I think when you look at the number of workers involved, it is a totally insignificant drop in a massive labor market," said Daryl Buffenstein, a immigration lawyer in Atlanta who has corporate clients and is general counsel for the American Immigration Lawyers Association.

Mr. Buffenstein said that those who oppose the L-1 visa do not understand how important it is for American industry. "It will hurt employment in the United States if we impede the ability of legitimate users to transfer managers and specialists between different affiliates of international organizations," said Mr. Buffenstein, a lawyer who advised legislators on the law governing L-1 visas.

Mr. Buffenstein said he was also worried that public overreaction would result in measures like the Mica bill, which he contended would go too far in restricting international companies from using L-1 visa holders to do on-site client work.

Controversy over the visa, which has been in existence for 33 years, is not entirely new. Three years ago, the General Accounting Office reported that the the Immigration and Naturalization Services, the precursor to B.C.I.S., had found a high incidence of fraudulent use of L-1 visas and had called abuse of the visas "the new wave in alien smuggling."

But protest over the use of temporary foreign workers has become more vocal in a rocky economy. One 57-year-old computer consultant in Avon, Conn., who has been out of work for five months said, "This isn't just an I.T. issue," referring to the information technology industry.

"It's a big issue with multiple professions, and has a serious effect on the economy," said the consultant, who asked that his name not be used for fear of jeopardizing his chances to find work. "A lot of this is about the economy and the L-1 issue is just exacerbating the problem."
*******************************
Los Angeles Times
Senate OKs Consumer Privacy Bill
If it becomes law, the measure requiring firms to reveal to whom they release information would be the nation's toughest, backers say.
By Carl Ingram
Times Staff Writer

May 30, 2003

SACRAMENTO Without debate, the Senate on Thursday approved a potentially far-reaching bill that would require businesses to tell customers that they have released information about them to marketers in the past or plan to in the future.

Upon a customer's demand, businesses would have to identify the actual or likely sources of the released information during the past year, provide copies of the documents and reveal who received them and when. Plans to release such information would also be subject to disclosure.

The bill, SB 27, by Sen. Liz Figueroa (D-Fremont) was sent to the Assembly on a 26-13 vote. She had scarcely presented the bill when President Pro Tem John Burton (D-San Francisco) ordered it put to a vote without questions or debate.

It was sponsored by the California Public Interest Research Group, a consumer advocacy organization, and opposed by insurance companies, banks and direct marketers.

Figueroa said consumer advocates say that if the proposal becomes law, it will be the toughest of its kind in the country. It would apply to third-party businesses and not to affiliates, subsidiaries or other members of a company's family of businesses.

Opponents have argued that they already operate under adequate privacy protection restrictions and are bracing for expected additional restraints this session. They said the bill would burden them with new regulatory costs and expose them to private lawsuits for damages, civil penalties and attorney fees.

California consumers complain that they are overwhelmed by unwanted advertising solicitations, but are unaware that the sales pitches probably are the result of business relationships they already have with other companies, Figueroa said.

Figueroa has said consumers not only are "powerless to stop such invasions of privacy, they do not even know whether and to what extent it is taking place," in part, because of increasingly sophisticated technology.

Backers of the legislation, one of many consumer privacy bills working their way through the Legislature, argue that for customers to make informed decisions on which companies to do business with, they should know how those businesses shield or disclose personal information.

In other action Thursday, the Senate approved the following bills and sent them to the Assembly:

? Soda pop Would prohibit the sale of soda pop at elementary schools effective Jan. 1, at middle and junior high schools Sept. 1, 2005, and at high schools Jan. 1, 2006. Currently, removal of sodas from campuses is contingent upon the state making up the loss of revenue from soft drink sales. The bill, SB 677, by Sen. Deborah Ortiz (D-Sacramento) would ban them on certain deadlines regardless of the availability of replacement revenue. The vote was 22 to 15.

? Lawsuits Would authorize individual workers to sue their employers for civil penalties for violations of labor laws. The bill, SB 796, also would allow them to recover their costs and attorney fees. Introduced by Sen. Joe Dunn (D-Santa Ana), the bill was approved 21 to 13, the bare majority necessary.

The Assembly passed these bills and sent them to the Senate:

? Movers Would give consumers added protection from unscrupulous moving companies by prohibiting haulers from failing to deliver household goods unless permitted to do so by a written contract. "This is a major step in protecting consumers from dishonest movers who deceive customers with low estimates and then hold their belongings hostage on trucks until a ransom is paid," said Los Angeles City Atty. Rocky Delgadillo, who sponsored the bill, AB 845, by Assemblyman Juan Vargas (D-San Diego). Violators would be subject to three months in jail or a maximum $1,000 fine.

? Shelter Would stiffen the penalties for companies that use illegal financial arrangements to avoid paying state and federal taxes. The bill, AB 1601, by Assemblyman Dario Frommer (D-Los Feliz) would boost the penalty for promoting an illegal tax shelter from 25% of the total amount invested by all investors to 50%. It also would set the penalty for failing to register a tax shelter with the state Franchise Tax Board at 25% of the aggregate investment.

The bill would produce an estimated savings of $5 million to $10 million a year, backers say. It was passed 43 to 28.
*******************************
Wired News
Lamo Hacks Cingular Claims Site
10:55 AM May. 29, 2003 PT
By Christopher Null

Cingular can issue insurance to its mobile-phone customers to protect them against loss and damage, but it apparently can't ensure that hackers won't have full access to their personal data.

Adrian Lamo, a hacker who in the past has broken into The New York Times and Yahoo, found a gaping security hole in a website run by a company that issues the insurance to Cingular customers. By accessing the site, Lamo said he could have pulled up millions of customer records had he wanted to.

He said he discovered the problem this weekend through a random finding in a Sacramento Dumpster, where a Cingular store had discarded records about a customer's insurance claim for a lost phone. By simply typing in a URL listed on the detritus, Lamo was taken to the customer's claim page on a site run by lock\line LLC, which provides the claim management services to Cingular.

Normally, this page should have been reachable only by passing through a password-protected gateway, but by simply entering the valid URL, Lamo discovered that individual claims pages could be accessed, no password authentication needed.

Each page contained the customer's name, address and phone number, along with details on the insurance claim being made. Altering the claim ID numbers (which were assigned sequentially) in the URL gave Lamo access to the entire history of Cingular claims processed through lock\line, comprising some 2.5 million customer claims dating back to 1998.

Lamo said the hack was similar to his discovery of a security hole at Microsoft in October 2001, where the server was configured to assume that if a user could reach a certain URL that was otherwise unpublished on the Internet, that user must be authorized to do so and must already be logged in.

As with his other hacks, Lamo said he had no intent of profiting from the exploit, just pointing out a security flaw.

Lamo first exposed the problem to Wired News. After this reporter pointed out the flaw, Cingular and lock\line closed the hole by Wednesday morning.

Cingular spokesman Tony Carter said lock\line has enabled password protection for the site and has now incorporated "obfuscation techniques" that scramble URLs so that, even in the event of a site compromise, additional records should not be easily accessible.

Lock\line spokesman Reed Garrett confirmed the hack. Carter noted that no financial information or social security number data were taken and the information wasn't even available to lock\line.

"We screwed up," said Carter. "Our policy is that any time there is a document with customer information on it is to be shredded. They've been trained on this. They just didn't do it. There's no excuse for it."

The event highlights the problems of managing vendor relationships when customer information needs to be shared but each company has different processes for handling that information. Carter says Cingular has nearly 40,000 vendors, and staying on top of them all is an "arduous" task, which the company continues to evaluate.

Jerry Brady, CTO of security services company Guardent, said incidents like the Cingular episode are not that uncommon.

"This usually happens because people whip together quick-and-dirty front ends without much thought to the construction of the data," he said. "You see this all the time, not just in the private sector, but in government systems as well. You just can't expect that outsourcer (to) treat confidential data the same way as the firm. They have no vested interest in worrying about the customer."

Lamo noted that outsourcing arrangements continue to yield a treasure trove of weak links in electronic security. Said Lamo, "As companies begin to outsource more and more of their businesses, the line of where security begins and ends gets blurry." He added that in this case, the security was "tremendously bad."

The Cingular discovery is the latest in a line of exploits from Lamo. In the past few years, Lamo has found his way into the database containing sources for the The New York Times, has altered news stories on Yahoo and has repeatedly compromised AOL. Companies have contemplated suing him, but security experts have lauded his efforts for pointing out flaws.

Lamo, 22, doesn't have a permanent address. He wanders cross-country on foot or by public bus. Spring and summer usually bring him to Northern California. Until recently, he used terminals at Kinko's to perform his hacks. He has graduated to using a Wi-Fi-ready laptop at Starbucks to do his work.

For Lamo, there's a bigger issue at stake with the Cingular hack.

"If only they had recycled the document instead of throwing it away," he quipped, "this wouldn't have happened."
*******************************
CNET News.com
India leader advocates open source
By David Becker
May 29, 2003, 12:12 PM PT

The president of India added to a growing foreign-relations headache for Microsoft with a speech in which he advocated broader adoption of open-source software.
In a speech during dedication ceremonies Wednesday for the country's new International Institute of Information Technology in the university city of Pune, President A.P.J. Abdul Kalam recounted a conversation earlier this year with Microsoft Chairman Bill Gates.

"We were discussing the future challenges in information technology, including the issues related to software security," Kalam said, according to a transcript of the speech. "I made a point that we look for open-source codes so that we can easily introduce the users built security algorithms. Our discussions became difficult, since our views were different."

Microsoft has become an increasingly harsh critic of the open-source model, in which the underlying code for software is freely shared for users to modify and distribute, saying the approach is risky and undermines innovation. The open-source Linux operating system has become a growing threat to the dominance of Microsoft's Windows.

Kalam said open-source software offers developing nations such as India the best opportunity to modernize.

"The most unfortunate thing is that India still seems to believe in proprietary solutions," he said in the speech. "Further spread of IT, which is influencing the daily life of individuals, would have a devastating effect on the lives of society due to any small shift in the business practice involving these proprietary solutions. It is precisely for these reasons open-source software needs to be built, which would be cost-effective for the entire society. In India, open-source code software will have to come and stay in a big way for the benefit of our billion people."

The president's speech comes just after another international embarrassment for Microsoft, with the government of Munich, Germany, announcing this week that it plans to migrate 14,000 PCs from Windows to Linux. The city will also drop Microsoft's Office productivity suite for the free OpenOffice package.

The German government has backed development of Linux software, as have Chinese officials.
*******************************
Federal Computer Week
Terror lists linked to gun checks
BY Sara Michael
May 29, 2003

Justice Department officials have linked terrorism watch lists to the system that performs background checks to clear gun purchasers, department officials said today.

"We have linked up various terrorist lists to be checked by the [National Instant Criminal Background Check System (NICS)]" a senior Justice Department official said. "But the system is there for the Brady Law. It is used only for preventing prohibited persons [such as felons and illegal aliens] from purchasing firearms, but mere suspicion of criminal activity is not necessarily a prohibitive factor."

For that reason, the Federal Bureau of Investigation is working with the State Department to determine which lists can be legally linked to the FBI's National Crime Information Center index, which is used by the instant background check system.

"Where legally permissible, we have done or are taking steps to include it," the official continued. He could not elaborate on whether no-fly lists could be included in the index, but he did note that the Violent Gang Terrorist Organization File has been integrated.

Improved technology has sped up the process for running checks on gun buyers and increased the number of those immediately cleared or denied for purchase, according to an FBI report released May 29.

Changes to NICS allowed for a 91 percent immediate determination rate, resulting in a "cleared" or "denied" response while the dealer is still on the telephone -- a 20 percent increase from the beginning of 2001, according to the FBI's 2001/2002 operational report on NICS.

A senior Justice Department official said the FBI was responding to a June 2001 directive from Attorney General John Ashcroft, and that the goal was 90 percent. Reducing processing speed for the remaining 9 percent of gun buyers depends on improving the criminal records systems at the state and local level. In fiscal 2003 the department will be distributing $48 million to states under the National Criminal History Improvement Program.

"We know it will never be 100 percent because the state of criminal history records is just not there," the official said. "We're still working toward that goal, but this is a significant, significant improvement, if not an overwhelming improvement."

The FBI also added to NICS the capability of searching immigration status information. Six databases belonging to the Bureau of Citizenship and Immigration Services have been added to the databases used for illegal alien inquiries. The process was automated in July 2002.

In August 2002, the E-Check system was implemented, allowing licensed gun sellers to perform NICS checks electronically. This option cuts down on call center costs and traffic and provides a more accurate search because the data is entered directly, the report stated.
*******************************
Federal Computer Week
PeopleSoft upgrades SEVIS solution
BY Sara Michael
May 28, 2003

PeopleSoft Inc. has made it a little easier for colleges and universities to comply with reporting requirements for the foreign student tracking system.

The company May 27 announced an enhancement to its Student Administration suite, enabling schools to track nonimmigrant exchange visitors with J visas for the Student Exchange Visitor Information System (SEVIS). J visa holders include exchange visitors, international research scholars and visiting professors.

SEVIS, a Web-based tracking system deployed by the Bureau of Citizenship and Immigration Services (BCIS), requires schools to report on all foreign students and visitors with F, M and J visas.

PeopleSoft offers the Patriot Act SEVIS Solution (PASS) in its Student Administration product suite. More than 20 institutions use PASS introduced at the end of 2002 to support reporting F and M visa holders for SEVIS reporting. The J functionality will be available next month.

The Student Administration package enables schools to manage admission, financial aid, recruiting and administration records.

"We help get some of the anxiety and stress about SEVIS reporting to a manageable level," said Susan Beidler, the company's director of product strategy for Student Administration.

Beidler called the J enhancement a small but critical feature to SEVIS reporting software. The upgrade includes added fields for information input to support the new requirements. The software enables school officials to enter minimal amounts of student information and report the data directly to BCIS.

"It's not only the collection of the information, but the automation of sending the file," Beidler said.
*******************************
Federal Computer Week
New Army CIO to deal with legacy
BY Matthew French
May 28, 2003

Maj. Gen. Steven Boutelle, newly confirmed as the next chief information officer of the Army, acknowledged May 27 that integrating legacy applications with new technologies will be one of his main challenges.

The Senate on May 23 confirmed Boutelle to be promoted to the rank of lieutenant general and succeed retiring Lt. Gen. Peter Cuviello as the Army's CIO. Boutelle is serving as director of information operations, networks and space within the Army CIO's office.

Lt. Gen. Joseph Kellogg, the Joint Chiefs of Staff's director of command, control, communications and computers, called Boutelle a "great officer" and said he is eminently qualified to succeed Cuviello.

"Gen. Boutelle was one of the key architects for Force XXI," said Kellogg, referring to the Army's experimental force for the future. "He is forever forward-thinking, but more importantly, he is always thinking first about the soldiers."

Boutelle spoke May 27 at the Army Information Technology Day sponsored by the Northern Virginia chapter of AFCEA International and said that one of his major tasks will be integrating legacy applications and platforms with the new technology that is continually emerging.

"The legacy force will be with us for 20 or 30 years, regardless of what else happens," Boutelle said.

Cuviello became CIO in August 2000. During his tenure, the Army has undertaken several major technology initiatives aimed at improving how it manages both information and information technology. Projects include the Army Enterprise Infostructure Transformation and the Army Knowledge Online portal.

Cuviello's departure comes in the midst of a mini exodus from the Army and Defense Department. In the past several weeks, several top officials and servicemen have announced their intention to leave. In addition to Cuviello and Kellogg, those leaving include:

* Pete Aldridge, undersecretary of defense for acquisitions, technology and logistics.

* Army Secretary Thomas White, who announced his resignation last month.

* Army chief of staff Gen. Eric Shinseki, who will retire along with Cuviello and Kellogg this summer.

"Those who worry about the leadership changes should not," Cuviello said at the Army IT Day conference. "We have an irreversible momentum going here. We don't need to worry about the very top because we have people below them, all the way down to privates and GS-2s and 3s, who are doing the Lord's work."
*******************************
Government Computer News
05/30/03
NIH launches online gene map
By Vandana Sinha

Finding a link between your diseases and your DNA has become a seconds-long task at a National Library of Medicine Web site tailored for the general public.

The library of the National Institutes of Health in Bethesda, Md., set up the Genetics Home Reference site, at ghr.nlm.nih.gov, to detail the genetic roots of 69 disorders from Alzheimer?s disease to X-linked sideroblastic anemia. It describes in depth the disease effects of 55 genes.

Users can browse by gene or disease and pull up summaries of symptoms, treatments, and lists of caregivers and counselors.

A link called Help Me Understand Genetics presents a backgrounder about the Human Genome Project as well as gene testing and therapy. Another link leads to glossaries of genetic terms.

The site ?was a logical step in making genetics and its relationship to disease more understandable to the general public,? NLM director Dr. Donald Lindberg said. NIH also maintains other reference sites such as medlineplus.gov and clinicaltrials.gov.
*******************************
Government Executive
May 29, 2003
Public-private partnership weighs homeland security technology ideas
From National Journal's Technology Daily

The Center for Commercialization of Advanced Technology (CCAT), a public-private research and development partnership funded by the Defense Department, announced Thursday that it has received more than 100 responses to its recent solicitation for innovative technologies related to defense and homeland security.

Most applications submitted during the month-long solicitation, which closed May 15, were for emergency "first responder" technologies such as wireless communications devices, global positioning systems for tracking, and training software.

Other popular categories included explosive-detection technologies, chemical and biological detection systems, border-intrusion sensors, encryption decoding devices, and language-translation systems.

The center plans to announce the winners by mid-July. Awards include product-development funding, marketing assessments, business planning and strategic consulting services.

"There is an increasing and urgent need for an organization like CCAT to assist in the development of promising homeland security- and defense-related technologies to the marketplace," CCAT Chairman Lou Kelly said Thursday.
*******************************

Prev by Date: Clips May 29, 2003
Next by Date: ACM TechNews - Friday, May 30, 2003
Previous by thread: Clips May 29, 2003
Next by thread: ACM TechNews - Friday, May 30, 2003
Index(es):
- Date
- Thread