[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips July 9, 2003
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;, mguitonxlt@xxxxxxxxxxx;
- Subject: Clips July 9, 2003
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Wed, 09 Jul 2003 09:17:55 -0400
Clips July 9, 2003
ARTICLES
DHS to launch smart card pilot
Biodetectors sniff out deadly airborne agents
Health officials use secure Web site to exchange information
Border tracking system will be partially operational by year?s end
Muslims in U.S. Feel Targeted By Anti-Terror Business Policies
Uneasiness About Security as Government Buys Software
DARPA seeks thinking computers
*******************************
Federal Computer Week
DHS to launch smart card pilot
BY Judi Hasson
July 7, 2003
The Homeland Security Department intends to issue a common smart card for its 180,000 employees beginning next year, piggybacking on a government program to issue identification cards to millions of transportation workers.
In a pilot project the agency plans to launch this summer, DHS officials will give 300 federal workers smart cards that will give the employees access to buildings and facilities as well as authentication for computer systems, said Lee Holcomb, chief technology officer at DHS.
Until now, employees for the 22 agencies that were folded into DHS in March brought their own identification cards with them. In many cases, they were not interoperable and did not have complete identifying markers or authorization identification.
But Holcomb told Federal Computer Week in an interview last month that officials want a standard ID card across the new department. "You can get in [to a building] if your chip works," he said. "It will provide physical access, a picture ID as well as cyber access."
DHS officials plan to tap into the smart card program launched by the Transportation Security Administration, known as the Transportation Worker Identification Credential (TWIC). Officials also plan to ask at least three vendors to provide solutions for the smart cards.
In April, TSA awarded a $3.8 million contract to Maximus Inc. to help develop a universal smart card for transportation workers. Eventually, 12 million transportation workers, such as baggage handlers and security screeners, would use the cards to gain access to secure areas at transit sites. Holcomb said DHS is considering merging what it needs into the TWIC card program.
DHS also has 100,000 digital certificates it inherited when it combined the 22 agencies. The certificates provide access to computer networks. Holcomb said the department is in the process of building a DHS infrastructure for certificates that would be accessible to all employees.
But the smart card project is a long-term program for DHS, according to Joseph Broghamer, DHS director of identity and credentialing. The cards will contain microchips with security information and a photograph of the employee, he said. Although the cards will not immediately contain a biometric identifier, Broghamer said DHS will have the option to add a biometric identifier to the cards, most likely fingerprints.
The department will be able to cancel any card at any time from a central location if it is lost or stolen. Specific security identifiers will also make it impossible to forge a card, Broghamer said.
Issuing smart cards is only one of the ways DHS is dealing with internal security, Holcomb said. In addition, the department is working with the National Institute of Standards and Technology, the Defense Department and the General Services Administration to develop standards for the cards that are being introduced into the federal government.
Randy Vanderhoof, executive director of the nonprofit Smart Card Alliance Inc., said DHS has studied DOD's smart cards, which the agency has issued to 2.5 million people the largest implementation of smart cards to date in the United States for physical and computer access. "Many of the major challenges in implementing a large-scale PKI have been addressed as well as the best practices," he said.
*******************************
Federal Computer Week
Biodetectors sniff out deadly airborne agents
BY Judi Hasson
July 7, 2003
The Defense Department is deploying a new technology that sniffs out deadly airborne chemicals and biological agents.
Known as the Remote Data Relay (RDR), the system uses a network of sensors to collect and analyze air samples around a military installation (or any other location that is pinpointed), according to officials at Sentel Corp., the company supplying the technology.
The Alexandria, Va.-based engineering company connects hundreds of disparate sensors in remote locations to a center where air testing is analyzed and monitored.
Using RDR's software, officials can monitor the sensors from a central command post or remote sites without sending anyone into harm's way. The network is intended as an instant alarm for people who may already have been exposed to a deadly weapon, not a way to stop an ongoing biological attack.
"The whole point of biodetection is detection for treatment," said James Garrett, Sentel's founder, president and chief executive officer.
Once poisonous agents are detected, officials can warn people to get inoculated or treated immediately. In the case of smallpox exposure, for example, people have about four days to get a vaccination that will prevent an outbreak.
Now in use at various places worldwide, Sentel's technology is used by the military to protect "high profile" locations and people, Garrett said. He declined to say where the system is used, or even if it was deployed during the recent war in Iraq. However, he said it can detect at least 10 chemical and biological agents.
That's a far cry from the past. During World War I, soldiers were issued primitive gas masks and brought pigeons into battle to help detect gas. If the birds died, it was a warning that the enemy had released toxins into the battlefield.
Charles McQueary, the Homeland Security Department's undersecretary for science and technology, told Congress in May that biological attacks are among the most serious threats facing the United States. In fact, President Bush's 2004 budget request includes a major increase in funding to develop bioterrorism countermeasures to protect the population.
McQueary said it is imperative to provide "state-of-the-art, high-performance, low-operating-cost systems to rapidly detect and mitigate the consequences of the release of biological and chemical agents."
There is a simple reason why biological weapons are feared, according to a top official for the Naval Surface Warfare Center who declined to be identified.
"It is cheaper to manufacture a biological weapon than a chemical or nuclear weapon," the official said.
This is why the government is keeping a close eye on American cities and ports to ensure that they are protected from biological terrorism.
"We must prevent catastrophic attacks against the American people that could involve chemical, biological or nuclear materials," said Rep. Jim Turner (D-Texas), the ranking Democrat on the House Select Committee on Homeland Security. "Every major city in America should have detection devices and specialized equipment to neutralize the effects of a chemical attack."
Although it might be good business to deploy Sentel's technology nationwide, Garrett acknowledged that it is not a practical idea. Public health and law enforcement officials have to make calculated decisions on where to place the technological tool. "You can't really afford to have biodetectors everywhere," he said.
It is possible to target the places that are high-risk and put the system in place there. Sentel was responsible for providing biological protection in 1993 at President Clinton's gala inaugural festivities at the former US Air Arena. More recently, it was deployed in Washington, D.C., for a major NATO event. Following the attack on USS Cole in Yemen, it's been used to detect contamination at seaports of debarkation.
Meanwhile, the Bush administration is ratcheting up its own efforts at biodetection. President Bush has proposed Project BioShield, which is moving through Congress and would spur development of large amounts of vaccines to treat smallpox, anthrax, Ebola, plague and other pathogens. It also would allow the Food and Drug Administration to authorize the widespread use of experimental drugs in the case of a bioterrorist attack.
***
Sensor integration
As concerns rise over bioterrorism threats, some federal agencies are turning to Sentel Corp. for chemical and biological defense technology. A popular tool in the company's arsenal is the Remote Data Relay, which integrates sensors that analyze the air quality for toxins in a network. Using RDR's Command Post software, personnel can monitor sensors from a central or remote location.
The RDR consists of a radio modem, Ethernet connection and a personal computer, all packaged in a case the size of a breadbox. RDR runs off of various power sources, such as a utility power line or 12- or 24-volt battery pack, or from a vehicle's DC electrical system. By plugging in cables, as many as 11 devices can be connected to a single RDR. Forty RDRs can be connected to the command post to configure a network of over 400 remote sensors.
*******************************
Federal Computer Week
Health officials use secure Web site to exchange information
BY Sara Michael
July 7, 2003
Before the triple-checked facts of an outbreak are released to the public or first responders, doctors and epidemiologists have discussed their observations, ruled out rumors and exchanged advice.
The Epidemic Information Exchange, known as Epi-X, provides a forum for health professionals to instantly notify others of an outbreak, research and create reports on specific health topics, and track information. The secure Web site brings together various health professionals and the Centers for Disease Control and Prevention in a free exchange of information.
"It occurred to us that we needed to build a real-time network that would link public health officials and that wasn't secret but was behind the scenes," said T. Demetri Vacalis, associate director in CDC's office of scientific and health communications. "It's really very dynamic and it's instant."
The site was created nearly a year before the Sept. 11, 2001, terrorist attacks and grew with the anthrax attacks in October 2001, the severe acute respiratory syndrome outbreak and the recent emergence of monkeypox in the Midwest.
Health professionals have posted more than 1,000 reports since its inception, including information on West Nile virus, a new strain of the flu, food recalls and unknown illnesses in children or travelers.
Now, more than 1,200 health care professionals log on to share reports and request assistance. The network is secured with encryption technology which requires a digital certificate and a password. The network allows for varying levels of access to users, who are determined by what are known as gatekeepers in each state, Vacalis said.
Using Epi-X, public health workers receive daily e-mails, alerting them to reports and actions in their target areas. The system also provides emergency notifications in the case of an outbreak of bioterrorism attack. Sticking to set parameters, such as a region or profession to be notified, the system can make 5,000 phone calls in less than 5 minutes, leaving an automated message and running down a list of contact numbers for each person, Vacalis said.
"We're using this more and more as CDC progresses," Vacalis said, noting the notification system can be used internally to send alerts about how to manage an outbreak and who should or shouldn't show up for work if an incident occurs at the CDC.
Once the information about a disease has been confirmed as fact, the data can then be released to the public through the Morbidity and Mortality Weekly Report. The MMWR is the official voice for scientists, doctors, press and the general public. Starting as a paper report in the 1800s, the MMWR eventually moved to the CDC and morphed into the electronic format which now reaches 20 million to 40 million readers each week through various distributors, Vacalis said.
Although Epi-X can be a valuable tool, it reaches a relatively small population, said Georges Benjamin, executive director of the American Public Health Association.
"I think it works fine, but it has a limited distribution," he said. "It's good for them, but there needs to be more."
*******************************
Federal Computer Week
Vendors boost biometrics for homeland
BY Sara Michael
July 1, 2003
A trusted traveler program to clear prescreened passengers would use a combination of biometric technologies, industry representatives said June 30.
Multimodal biometrics, such as fingerprint scans and facial recognition, are the only way to positively identify an individual, said Mike DePasquale, chief executive officer for Bio-key International Inc., which develops and licenses fingerprint technologies. He was speaking during a panel discussion at the Excellence in Government conference in Washington, D.C.
In a trusted traveler program, such as one proposed as part of the Transportation Security Administration's Computer Assisted Passenger Prescreening System (CAPPS) II, a passenger could opt for a background check and receive an identification card. The card would include a fingerprint and a picture, which would be confirmed at the airport by fingerprint and facial scanners.
Because fingerprint scanners are constantly advancing, Bio-Key has created hardware-independent fingerprint scanning technologies. "We've decided to concentrate on the middleware...with the ability to use whatever hardware is out there today," DePasquale said.
Facial imagery is the most available and least invasive identity verification technology, said Oliver Revell, chairman and a director of Imagis Technologies Inc., which develops facial-recognition technology. Revell, also speaking at the conference, noted that people who have not been arrested, are not in the military or are not government workers likely do not have their fingerprints in the national database. However, many more people have had their pictures taken for passports or driver's licenses, for example.
Facial imagery "gives you the information not otherwise available," he said.
Similar technologies can also track and identify cargo. For example, a package at an airport can be planted with a device to track its location, and biometric cards can verify that the right person is handling a package at the right time.
Paradigm Advanced Technologies Inc. is developing a tracking device for packages that will alert officials if the package has crossed over set boundaries or if the wrong individuals handled it, said Charles Fey, vice president of strategic programs at Paradigm.
This concept also can be expanded to track individuals. For example, law enforcement officials can manage prisoners or even track each other in the field.
"Now we have a system that can be applied to a problem," Fey said at the conference. "I have another sensor input that allows me to see assets that wouldn't otherwise be seen."
*******************************
Government Executive
July 8, 2003
Border tracking system will be partially operational by year?s end
By Shane Harris
sharris@xxxxxxxxxxx
One of the Bush administration?s most ambitious and complicated homeland security initiativesthe tracking of about 35 million foreign visitors as they enter and exit the United States annuallywill be partially operational by the end of the year, Homeland Security Department officials said Tuesday.
The US VISIT program, unveiled by Homeland Security Secretary Tom Ridge in April, will begin operations at all airports and seaports by Dec. 31, but on a limited scale. Rather than build a new electronic system to track visitors using their fingerprints and photographs, the department will use existing government systems as a stopgap to meet a congressional mandate to collect and store identification information by the end of 2003.
The department plans to collect two fingerprints and a photograph from every visitor and enter those records into a system used by federal law enforcement and border control agencies to track suspicious individuals entering the country, according to a spokeswoman for Homeland Security?s Bureau of Immigration and Customs Enforcement.
The system, known as the Interagency Border Inspection System (IBIS), also can be used to access the FBI?s records on wanted criminals. The Customs Service managed IBIS before the agency was merged into the Homeland Security Department.
Visitors? fingerprints and photographs will be collected using a computer system once run by the Immigration and Naturalization Service. Then they will be transmitted to another electronic record-keeping system that matches names of arriving and departing passengers reported by airlines. The names of students entering the country also will be sent to a Homeland Security system designed to monitor their activities while attending U.S. schools.
Homeland Security officials laid out their strategy for implementing the US VISIT system to technology companies at a government-sponsored ?industry day? held outside Washington Tuesday. Asa Hutchinson, the Homeland Security undersecretary for border and transportation security, as well as other officials, pledged to do a better job keeping companies up to date on how the project is proceeding. Industry executives have been frustrated that the department still hasn?t released a request for proposals to build US VISIT, even though the mandate for an entry-exit tracking system has been in place for more than a year.
Homeland Security now plans to issue a proposals request by November 2004 and will make an award by May 2005. According to industry sources, some of the largest and most experienced federal contractors, many of which have track records with other border and immigration programs, are being eyed as the most promising competitors.
Presumed in the lead are Lockheed Martin, which manages a fingerprint identification system shared by the FBI and the former Immigration and Naturalization Service, as well as technology titans Northrop Grumman and Computer Sciences Corp., which in April won a contract to supply technology services under a contract also once under the INS? purview. The INS is now part of Homeland Security.
Congress has appropriated $380 million for US VISIT this fiscal year, but the system could cost billions. As Homeland Security struggles to get a much smaller student tracking system off the ground, some have questioned whether US VISIT?s rocky start portends badly for future security initiatives.
Even though the government is hunting for a major contractor to take the lead on the project, smaller technology companies, particularly biometrics equipment makers, are key to the project?s success. Those companies are moving quickly to partner with the bigger firms they think have the best chance of winning.
An executive with one small firm who attended the industry event Tuesday said large contractors and the government are ?holding their cards? as each side waits to see what the other can offer. On the one hand, federal officials want industry to offer up potential solutions for how to build the massive tracking system by the end of 2005, when it must be fully operational at all airports, seaports and land border crossings, said Rick Carter, director of homeland security for Imaging Automation, a Bedford, N.H., firm that makes biometric readers.
But large companies want to hear from the government on how they plan to keep the project on track, Carter said. The result has been something of a ?Catch-22,? he said, with smaller firms in the middle trying to offer up their own solutions for the daunting task at hand.
*******************************
Government Executive
July 3, 2003
New science bill resolves key House, Senate disputes
By Drew Clark, National Journal's Technology Daily
The Senate Commerce Committee's bill authorizing a coordinated effort among the federal government's nanotechnology programs looks a lot more like the House-passed version of the billand a lot more like what the technology industry wanted.
Now some congressional supporters are planning to discuss the possibility of "pre-conferencing" the bill to resolve differences before it goes to the chambers for final votes, a House source said. Oregon Democrat Ron Wyden, the original sponsor of the Senate bill, S. 189, is hoping to see it go to the House floor in July, according to his spokeswoman.
As amended by the Commerce Committee, the Senate bill reflects a compromise on the establishment of an advisory committee on nanotechnology, which involves manipulating matter at the molecular level to create better, faster and stronger products in a wide range of disciplines.
The new version would establish the advisory panel, as Wyden and the tech industry sought, but also would give the White House its wish of placing the panel under the existing President's Council of Advisors on Science and Technology (PCAST).
The Senate committee also increased the size and timeframe of the proposed nanotech budget from $677 million for one year to $4.7 billion over five years, bringing it closer to the House version. The new bill also would require the establishment of interdisciplinary research centers.
And it would authorize $5 millionand a new name, the American Nanotechnology Preparedness Centerfor an entity dedicated to societal issues related to nanotechnology. That language differs from the House version.
Industry applauded a new section aimed at helping move nanotech innovations from research to commercial applications. That section would establish a commercialization center at the National Institute of Standards and Technology and a clearinghouse for commercialization information.
Bruce Heiman, a partner at the Preston Gates law firm, said the goal of the clearinghouse is to ensure that industry is "not recreating the wheelor replicating the atom, as it may be in this case." Preston Gates represents the NanoBusiness Alliance, the first and largest nanotech industry association and chief proponent of the clearinghouse.
The revised bill also calls for the use of the Manufacturing Extension Partnership program to assist small firms and for a new center to promote the transfer of technologies for manufacturing nano materials.
"It's very inclusive," said Scott Cooper, manager for technology policy at Hewlett-Packard. "It brings everybody who needs to be part of the process in from the beginning to get R&D up and running and to make sure it's the most viable and effective use of that funding."
The NanoBusiness Alliance also wants a study on the size of the nano market and industry, and its potential impact on the economy.
No opposition to the bill appears to be emerging on Capitol Hill, but some observers predict that resistance to funding nanotech research will rise as awareness of the field increases.
*******************************
Government Executive
July 3, 2003
Administration favors keeping exemptions to e-signature requirements
By Maureen Sirhal, National Journal's Technology Daily
The Bush administration is calling on Congress to continue exempting an array of documents from a law that gives legal weight to e-signatures.
The National Telecommunications and Information Administration urged Congress in a report issued Monday to retain current exemptions from the Electronic Signatures In Global E-Commerce (ESIGN) Act, which allows transactions such as mortgages to be completed entirely electronically.
The 2000 law exempted documents in nine categories: court records; wills and testaments; domestic and family law records; contracts governed by state commercial law; cancellation notices for utility services; cancellation notices for health or life insurance benefits; property foreclosures, evictions and default notices; product-recall notices; and shipping papers for hazardous materials and dangerous goods.
Those exemptions were included to allow lawmakers, as well as industry and consumer groups, to study the impact of e-signatures in those areas. Congress called on NTIA to conduct a three-year evaluation of the law to determine whether those areas should continue to be excused.
After collecting comments and studying the issue for nearly a year, the agency said it is too early to eliminate the nine exemptions to ESIGN. NTIA suggested that while the use of e-signatures has been growing, today's technology is not adequate enough to guard the confidentiality of the most sensitive documents, so Congress should not eliminate the exemptions.
The agency noted that in several of the categories, states are the primary governing entities and have enacted exemptions to their own e-signature laws for documents such as wills, court testimonies and family law papers. The elimination of some of the ESIGN exemptions could lead to inadvertent disclosures of information that is otherwise considered highly sensitive and confidential in some states, the report noted.
"After three years," the report said, "there has been remarkable progress in some of the areas covered by the exceptions in terms of the use of electronic signatures and records. ... Due to the high confidentiality and privacy interests inherent in transactions involving other exceptions (such as wills, family law, foreclosure and defaults, utility cancellations), there are few, if any, solutions other than ESIGN that institutions and the marketplace can provide at this time."
Moreover, NTIA found, "policies and practices for consumer protection in each area are still being established and incorporated into e-commerce and market systems."
The agency's recommendations incorporate advice that it received from various experts and industry groups that supported retaining the nine exemptions. They include trade associations for banks, mortgage lenders, financial services firms and lawyers.
*******************************
Washington Post
Muslims in U.S. Feel Targeted By Anti-Terror Business Policies
By Mary Beth Sheridan
Wednesday, July 9, 2003; Page A01
Dokhi Fassihian is passionate about Iran, and her résumé reflects it. The policy analyst has written articles on Iran, helped with a book about the country and even worked there. So she was stunned when the Monster online service informed her recently that it would remove the word "Iran" from her résumé to comply with U.S. sanctions against that country.
"How can you be an Iran specialist and not have the word 'Iran' on your résumé?" demanded Fassihian, 27, of Arlington, who immigrated to Virginia at age 3 and holds a master's degree in international studies from Johns Hopkins University. "I'm an American. I've lived in this country all my life . . . This is the first time I'm feeling discriminated against."
The e-mail notices sent to Fassihian and thousands of other Monster customers provoked an uproar. The popular Internet career site quickly clarified that it intended to target résumés only from people living or job hunting in the seven countries designated by U.S. authorities as sponsors of terrorism, including Iran.
But Iranian Americans, including members of the largely middle-class community in the Washington area, are fighting to have the company drop the practice altogether. "What's happening in this country after September 11 is a big shock," said Fassihian, who works as a legislative analyst for the National Iranian American Council. "We have been grouped unfortunately in this category of potential terrorists."
The controversy reflects a new concern rippling through Muslim and Arab American communities, already on edge because of hate crimes and a law enforcement crackdown since the 2001 terror attacks. Now some Muslims say they fear that businesses are singling them out unfairly in an effort to comply with U.S. anti-terrorism measures.
In recent weeks, national Islamic groups have expressed alarm about reports of Muslims in New York, New Jersey, Massachusetts and other states facing demands by banks and credit card companies for extra information -- or finding their accounts closed without explanation. The customers had been asked to provide tax and banking records, residency documentation and proof of identity, the organizations said. And some immigrants in Washington and other areas say they have been distressed by extra questioning they have faced at money-transferring institutions.
National Muslim groups are trying to put together a registry of incidents to gauge the extent of the situation.
"We see evidence that the wolf has been in the neighborhood, but we want to confirm it," said Khurrum Wahid, legal adviser to one such group, the Council on American-Islamic Relations. "We want to see if this is truly a systemic problem or just one or two banks that might have gone about it the wrong way."
U.S. officials and business experts deny that new anti-terrorism regulations discriminate against Muslims or Arab Americans. But they acknowledge that some customers could come under added scrutiny.
The U.S.A. Patriot Act and other measures passed after the terrorist attacks increase the burden on financial institutions to know their customers and identify suspicious transactions. That's particularly true for money-transfer companies, which were not as strictly regulated in the past.
"What the financial institutions are asked to do is to take responsibility for ensuring that [they] are not used to fund acts of terror," said Taylor Griffin, a spokesman for the Treasury Department. The government, he said, "is not asking for discrimination, but vigilance."
But there is some latitude in how companies carry out the requirements.
For example, businesses must assess whether customers' money transfers could be linked to terrorist activities. Jorge Guerrero, president of the National Money Transmitters Association, said that if funds are sent to a country of concern to the U.S. government, "you have to look at those transactions, and perhaps perform enhanced due diligence."
That may seem laudable to many Americans. But such a step can appear more sinister to immigrants wary of increased discrimination or law enforcement surveillance since the attacks.
Jamshed Uppal, 55, a Pakistani-born finance professor at Catholic University, said Pakistani immigrants in the Washington area have been so unnerved by the extra scrutiny that some are reluctant to keep sending money to relatives in the Muslim country.
Financial institutions "are asking for all kinds of details about the party to whom you're sending money. It's just a feeling that you get, that you're under the microscope," said the Silver Spring resident, who has lived in the United States for 18 years.
Some customers have experienced even more scrutiny.
The Council on American-Islamic Relations recently took up the case of a New Yorker named Muhammad Ali, who had tried to send $80 to his brother in Connecticut from a Western Union office in Brooklyn. The company's main office subsequently called Ali, an African American, and told him his order would be blocked until he provided more identification.
The problem: Ali's name -- common among Muslims -- had turned up on a 103-page list of suspected terrorists, drug traffickers and others maintained by the Treasury's Office of Foreign Asset Control. The list isn't new; for years, major financial institutions have been obliged to make sure their customers weren't on it. But since the attacks, hundreds of new names have been added to it, and more companies are checking it.
Ali eventually provided identification, and the money was sent. A Western Union spokeswoman, Wendy Carver-Herbert, said the company was sensitive to concerns raised by Ali and the Muslim group but couldn't change its policies.
"We are often in a difficult position of trying to balance the needs of our customers while also ensuring that we are following the laws," Carver-Herbert said.
Muslim groups are concerned that more cases of mistaken identity will occur, especially as the Patriot Act extends money laundering regulations to new kinds of businesses, such as life insurance companies and even gem dealers.
"How do you protect innocent people from, every single time they want to do business, this thing coming up?" Wahid asked. U.S. authorities, he added, "are really not going to be finding a terrorist using their own name to send $80 if they're on a public list."
Although banks have been required for years to guard against money-laundering, the financial system came under fresh scrutiny in the wake of the attacks.
The Sept. 11 hijackers funded their activities largely through $109,500 sent in four transfers to a checking account opened by two of them at a SunTrust Bank in Florida, according to the FBI. None of the four money transfers -- sent by the same person in the United Arab Emirates using different aliases -- triggered the bank to make a "suspicious activity report" to the Treasury, according to the FBI.
U.S. authorities hope the new regulations will better detect suspicious patterns.
"We know if you can stop the money, you can stop the terror," said Griffin, the Treasury spokesman, adding that $36.4 million in terrorist-related funds had been blocked in the United States since Sept. 11, 2001.
Financial institutions aren't the only businesses tightening their practices.
Monster was concerned that it could violate U.S. law by providing services -- even free Internet ones -- to people in seven countries considered to be sponsors of terror. They are Iran, Syria, Sudan, Burma, Cuba, Libya and North Korea.
The company had to study the issue because a client raised it, said Donna Guilmette, director of legal affairs at the Maynard, Mass.-based company. "We did have some greater concern about some increased vigilance" by the government, she said, though the sanctions have existed for years.
The company decided it had to change its policies. In April, it sent e-mail notices to thousands of customers, announcing that "your résumé will be altered, removing all Sanctioned Countries."
The reaction was furious. Arab Americans and Iranian Americans bombarded Monster with protest letters.
Businesses could "become more Catholic than the pope, out of fear," said Trita Parsi, president of the Washington-based National Iranian American Council, adding, "We need to be there and challenge it."
Monster quickly clarified that it did not mean to purge every reference to Iran. And it backtracked on a plan to drop schools in the sanctioned countries from its résumé builder. But the company drew the line on accepting résumés from people living or seeking jobs in those nations. That could violate the law, it said.
"It is a matter of interpreting some very vague regulations that are subject to a number of different interpretations -- but that are being enforced very rigorously," said Scott Maberry, a lawyer for Monster. The National Iranian American Council argues that the company's previous policy did not violate the sanctions.
For Fassihian, the policy analyst in Arlington, the controversy has been about far more than her résumé. She was a child during the Iranian hostage crisis in 1979 and felt little of the antagonism toward Iranian immigrants in the United States. Although she speaks Farsi and treasures her roots, she feels American.
"It's very frustrating, very disheartening, for so many years to feel you're a part of society . . . and to be told you're different," she said.
*******************************
New York Times
July 7, 2003
Uneasiness About Security as Government Buys Software
By JOHN MARKOFF
Sitting at his laptop computer in a hotel near Toronto one day last October, Gregory Gabrenya was alarmed by what he discovered in the sales-support database of his new employer, Platform Software: the names of more than 30 employees of the United States National Security Agency.
The security agency, one of many federal supercomputer users that rely on Platform's software, typically keeps the identities of its employees under tight wraps. Mr. Gabrenya, who had just joined Platform as a salesman, found the names on a list of potential customer contacts for Platform's sales team. The discovery crystallized his growing concern that the company was perhaps too lax about the national security needs of its United States government customers, in the military, intelligence and research.
"Anyone who had an account on the system could see this list," Mr. Gabrenya recalled in a recent interview. "They shouldn't be seeing this information and I shouldn't be seeing it."
What really worried him, Mr. Gabrenya said, was that Platform, although based in Markham, Ontario, maintains a software maintenance and testing operation in Beijing which he was not sure the company had made clear enough to its American government customers.
He repeatedly raised the concerns with Platform executives, who say his fears were unfounded. In March, Mr. Gabrenya, who had previously worked for nearly 10 years as a salesman for the supercomputer maker Silicon Graphics, was let go by Platform. The company said he had not met sales goals. Mr. Gabrenya said his whistle-blowing led to his dismissal.
Mr. Gabrenya, a 42-year-old American, stressed that he had seen no evidence of espionage or other wrongdoing by Platform employees either in Canada or China. But he said that he was concerned about two possibilities, that sensitive government information was not receiving adequate protection and that the Chinese software operation could be infiltrated by foreign agents who could tamper with software being used by United States government agencies.
The issues Mr. Gabrenya raised are part of a tension in the information technology industry, as crucial computer programming is increasingly performed outside the United States, either in the form of jobs exported from this country or by a growing array of foreign competitors.
The trend poses risks, in the view of some American government officials, because of the potential for foreign spies to sneak illicit code into critical programs, and simply because the United States is increasingly losing dominance in information technology.
"Software is so goofy because there is so many lines of code that hiding Trojans inside the system is the easiest thing in the world to do," said Keith A. Rhodes, the chief technologist of the General Accounting Office. "Setting aside national security, we're also talking about a tremendous advantage you give to your national competitors."
The concerns cut both ways. The Chinese government has repeatedly accused the United States military and intelligence organizations of attempting to conduct espionage by manipulating American products sold in China. The tracking features in Intel's microprocessors and Microsoft's operating system software are of particular concern to Chinese officials, which is one reason China is intent on expanding its own technology industry.
"The Chinese emergence as a global workshop for information technology presents us with a new area of export control challenges," said James Mulvenon, an analyst at the RAND Corporation.
Hong Chen, a Chinese technologist in Silicon Valley, who is not affiliated with Platform Software, said that there were software technologies that the United States should jealously guard and not develop overseas, but that Platform's was not among them.
"I don't think the technologies at stake here are crucial to national security," said Mr. Chen, an executive who heads the Hua Yuan Science and Technology Association, a Silicon Valley group of more than 1,000 entrepreneurs and technologists who were born in mainland China.
For the most part, Mr. Chen said, the United States and China should freely exchange technologies.
Platform Software dominates the market for software that enables clusters of powerful computers to work together. It has dozens of United States federal customers, and computer makers including Dell, I.B.M. and Silicon Graphics also sell its software to federal customers. The company was co-founded in 1992 by a Chinese-born computer scientist, Songnian Zhou, who received his Ph.D. from the University of California at Berkeley, and who remains Platform's chief technology officer.
Mr. Gabrenya, who lives in Northern California, is still looking for work. He said that shortly after he was hired by Platform, he began raising his concerns with company executives, first in person and then in writing.
In January, he spelled out his concerns in an e-mail message to his boss: "After spending a little over 90 plus days here at Platform, I find myself less comfortable in this job than when I began. The reason? Our China office. It's clear that we now have people in Beijing doing important development work and we are not, as a company, telling our U.S. government customers. That's a problem in my mind. Is this illegal?"
The e-mail message and his persistent queries led the company to blackball him, Mr. Gabrenya said. His relationship with Platform deteriorated, he said, after he told the company that his security concerns made him uncomfortable trying to sell its products to the NASA Ames Laboratory, a government research center in Silicon Valley.
Executives at Platform Software dispute Mr. Gabrenya's charges, saying the company has stringent rules in place to separate its foreign operations from its domestic software development process and computer systems. The company says that none of its software for customers in the American government is developed in China and that it has carefully informed those customers about its test and maintenance organization in China.
"What I did say to Greg at the time is that there is clear demarcation with respect to development of software and no code goes to China," said Ian Baird, vice president for sales and marketing operations at Platform.
The company also does not make customer information stored in its sales support database generally available within the company, he said, adding that it was unclear how it would have been possible for Mr. Gabrenya to have the authorization to view the security agency customer data.
A security agency spokeswoman said last week that the agency was not prepared to comment.
But several of the company's other United States government customers said they were aware of Platform's operation in China and were not concerned.
A spokesman for one customer, the Los Alamos National Laboratory in New Mexico, said that dealing with software written outside of the United States was now a normal occurrence.
"Of course we knew that Platform has subsidiary offices all over the world, including China," said Kevin Roark, a spokesman for the Los Alamos laboratory. He said the lab reviewed all of the basic programmer instructions, known as source code, before running software used in classified applications. "The reality of software in the 21st century," he said, "is you count on software having source from foreign sources."
Even before Mr. Gabrenya's complaints, Platform Software said, it had been taking steps to isolate its overseas divisions from the sale of its software technology to customers in the United States with classified military and intelligence applications. The company recently created a separate board for its unit that sells to the United States government.
The board includes two former government officials: Oliver Revell, president of the Revell Group International and former assistant director of the Federal Bureau of Investigation, and Harry Soyster, vice president of the Washington consultants Military Professional Resources Inc. and a former lieutenant general in the Army who directed the Defense Intelligence Agency.
Mr. Revell said he was unfamiliar with the details of Mr. Gabrenya's dispute with Platform, but said he thought the company had taken the necessary steps to insulate itself from potential foreign intelligence operations.
"I've spent 35 years defending my country and I would not participate or allow my name to be used in a company that had any potential risk to the United States," Mr. Revell said. "As far as I'm concerned the software provided will be thoroughly checked and all of the U.S. government customers are aware of what's being done and where it's being done."
Mr. Gabrenya, for his part, said he could have gone to a lawyer and attempted to reach a financial settlement with the company for what he considers his wrongful termination, but that "it was not about money."
"I have some moral concerns," he said. "This is about doing the right thing."
*******************************
Federal Computer Week
DARPA seeks thinking computers
BY Matthew French
July 8, 2003
Officials at the Defense Advanced Research Projects Agency are hoping to find an individual or company that can develop a computer that thinks, a major stepping stone in the arena of artificial intelligence.
DARPA's Information Processing Technology Office is engaging in a program called Real-World Reasoning, the objective of which is to "explore and develop foundations, technology and tools to enable effective, practical automated reasoning of the scale and complexity required for computers to perform complex tasks in the real world requiring intelligence."
The solicitation says "real-world" machine reasoning requires the computer to infer information, not just accept input, on a level far more complex than what is used today.
Although the solicitation does not specify the amount that could be awarded, it does say the project is designed to last for five years.
The program intends to:
* Develop and demonstrate techniques that push the envelope of reasoning engines.
* Explore and demonstrate methods that extend the breadth of reasoning to deal with dynamic environments where information is uncertain and changing.
* Build embedded reasoning engines that can recognize the similarities among related and unrelated data.
*******************************