[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips August 21, 2003

To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;, mguitonxlt@xxxxxxxxxxx;
Subject: Clips August 21, 2003
From: Lillie Coney <lillie.coney@xxxxxxx>
Date: Thu, 21 Aug 2003 13:03:08 -0400

ARTICLES

Telework effort hampered by agencies' mixed messages
New ruling protects ISPs, Web operators
Vietnam Internet Dissident to Appeal Sentence
Tampa cops end camera program
Hackers compromise Navy purchase cards
Spam is a meaty challenge for FTC
Court official charges Interior destroyed data
Patch management on the way for Veterans Affairs

*******************************
Government Executive
August 19, 2003
Telework effort hampered by agencies' mixed messages
By Tanya N. Ballard
tballard@xxxxxxxxxxx

The government?s telework initiative at federal agencies has suffered because of a lack of uniform guidance from the two departments charged with leading the effort, according to the General Accounting Office.

Three years ago, Rep. Frank Wolf, R-Va., pushed legislation through Congress that required agencies to expand their efforts to create teleworking opportunities for federal employees. Under his plan, 75 percent of the federal workforce would telework by the end of 2003. But a report on federal telework efforts published in January 2003 by the Office of Personnel Management found that just 5 percent of federal workers took part in teleworking programs in 2002.

According to GAO, although OPM and the General Services Administration have taken several measures to increase telecommuting in the federal workplace, their differing views on some issues have served as a barrier to widespread use of telework initiatives. For example, while GSA allows an employee to take care of a child while teleworking as long as doing so doesn?t interfere with work, at one time OPM frowned upon having children at home when an employee teleworked. ?This lack of coordination created confusion for federal agencies in implementing their individual telework programs,? GAO said in its report (03-679). OPM recently changed its policy, and now specifies that employees not engage in care-giving activities while teleworking.

And, as lead agencies for the governmentwide telework initiative, the two agencies have yet to develop a memorandum of understanding or any other formal agreement outlining their responsibilities or indicating which agency will provide what service, resource or guidance, GAO found.

?Despite the fact that GSA and OPM hold quarterly partnership meetings to discuss telework-related issues in the federal government, officials from both agencies told us that very little coordination has occurred at these meetings,? the report said. ?Rather, the meetings have actually served as a means to raise differences of opinion that have been identified by either agency, but the resolution of those differences has proven to be difficult.?

Instead of coordinating efforts, the two agencies use the meetings to update each other on the status of the two agencies? independent governmentwide telework efforts, according to GAO.

The watchdog agency recommended that GSA Administrator Stephen Perry and OPM Director Kay Coles James ?improve coordination of their efforts to provide federal agencies with consistent, inclusive, unambiguous support and guidance related to telework.? The two agencies should clearly outline their responsibilities and resolve existing differences.

In a joint written response, Perry and James took issue with GAO?s characterization of their collaborative efforts, as well as its conclusion that a lack of coordination led to confusion when agencies set out to implement their telework programs.

?We are particularly taken aback by this finding, given the efforts we have made in promoting telework,? the two leaders wrote. ?OPM and GSA work together as a team while recognizing our respective areas of responsibilities.?

The two agencies are considering a memorandum of understanding that would ?clearly designate each agency?s roles and responsibilities.?
*******************************
CNET News.com
New ruling protects ISPs, Web operators
By Paul Festa
August 20, 2003, 4:16 PM PT

Internet service providers and Web site operators are breathing a collective sigh of relief following a court decision that preserves a key aspect of their immunity under the Communications Decency Act.

The ruling, handed down Aug. 13 by the U.S. Court of Appeals for the 9th Circuit, overturns a decision by the U.S. District Court for the Central District of California. That ruling alarmed ISPs and Web site operators, because it delineated the first significant exceptions to the Communications Decency Act (CDA), which absolves those businesses from responsibility for their customers' actions.

Section 230 of the CDA carved out significant immunity for "interactive computer services" for the behavior of their customers. But the district court ruled that dating site Matchmaker and its operator, Metrosplash--acquired by Lycos in June 2000--could be held liable for information a user posted because of the interactive nature of the questionnaire that generated the posting.

The court of appeals disagreed.

"So long as a third party willingly provides the essential published content, the interactive computer service receives full immunity regardless of the specific editing or selection process," the decision read.

At issue was a fabricated Matchmaker profile of Los Angeles actress Christianne Carafano, a.k.a. Chase Masterson, whose roles include that of Leeta on the TV show "Star Trek: Deep Space Nine." The posting mixed accurate information, including Carafano's name and address, with alleged falsehoods.

Legal experts hailed the decision, calling it the extension of a crucial shield for Web sites and ISPs.

"With this statement, the 9th Circuit firmly shuts down one of the loopholes in the statute," said Eric Goldman, an assistant professor at Marquette University Law School. "The district court opinion suggested that Web sites integrally involved in content creation could be treated as the content provider and thus lose the statutory immunity. Here, the 9th Circuit raises the bar on that approach substantially. It also provides valuable and helpful breathing space for lots of Web sites that help users structure the publication of content."

Attorneys for Carafano could not be reached for comment.
*******************************
Reuters Internet Report
Vietnam Internet Dissident to Appeal Sentence
Thu Aug 21, 6:08 AM ET

HANOI (Reuters) - A Vietnamese doctor sentenced to 13 years detention for posting a U.S. essay on democracy on the Internet is expected to appeal at a hearing next week, a court official said on Thursday.

Pham Hong Son, 35, was found guilty of espionage on June 18 in a case that drew condemnation from Western governments and human rights groups who viewed it as a fresh sign of intolerance of political dissent in the communist country.

An official of the Supreme Court of Appeal in Hanoi told Reuters Son's hearing was scheduled for August 26 but gave no details.

A Foreign Ministry spokesman told a briefing that representatives of foreign media and diplomats would not be allowed to attend the hearing. Son's original trial was also off-limits to foreign observers.

Son, who worked for a foreign pharmaceutical company in the capital Hanoi, was sentenced to 10 years in prison and three years house arrest after a brief trial.

He was accused of translating into Vietnamese and posting on the Internet an article titled "What is Democracy?" from the State Department's Web site and contacting "political opportunists" in Vietnam and abroad.

Human rights groups say five Vietnamese have been punished for expressing dissent on the Internet.

About a million of Vietnam's 80 million people surf the Internet, many using Internet cafes because the cost of personal computers and telecommunications are too high for them.
*******************************
Washington Times
Tampa cops end camera program
By Audrey Hudson

A Florida police department is scrapping a program of high-tech, facial-recognition cameras after it failed to produce any arrests.

The two-year test program produced "zip," said Capt. Bob Guidara, spokesman for the Tampa Police Department.

"There was not one identification or an arrest attributable to the software package," he said.

The cameras were used at the 2001 Super Bowl in Tampa to scour the crowds for wanted criminals and were picked up later that year for use in the night-life district of Ybor City.

The technology is designed to identify humans using biometrics as they pass through the camera's field of view, and to monitor the specific areas in real time. Pictures captured by the camera are compared with a database of more than 30,000 mug shots of wanted criminals.

The technology has been under fire from civil liberty groups, which said the cameras constitute an invasion of privacy. The program's demise in Tampa was "good news," said Cedric Laurant, policy counsel for the Electronic Privacy Information Center.

"It's just not reliable. The technology was not effective and it was error-ridden," he said.

The American Civil Liberties Union also strongly opposed the program and engaged in negotiations with the police department to end the testing.

"Whether it's ever going to be ready for prime time as a method for remote surveillance, well, it's certainly not ready now," said Barry Steinhardt, director of the ACLU's program on technology and liberty. "It's been a colossal failure."

Darlene Williams, chairman of ACLU's Greater Tampa Chapter, told the Associated Press that she was relieved at the scrapping of the system.

"Any time you have this sort of technology on public streets, you are subjecting people who come to Ybor to an electronic police lineup without any kind of probable cause."

As a test city, Tampa paid no fees or costs for the program, which was created by Identix Inc. A company spokeswoman did not return a call for comment.

"We're at a loss," Capt. Guidara said of the program's failure. "In test scenarios of the system, there was an over 80 percent reliability factor. But in two years, not one hit, not one positive identification."

"It does not seem to have been a benefit for us," he said.

Virginia Beach's police department is the only other in the country using the Identix technology. Police spokesman Mike Carey said the system is "working just fine," but no arrests have been made since the technology was put into operation last summer.

"We never set as a criteria for success or failure whether an arrest is made. It's a tool to help us do our job," said Greg Mullen, Virginia Beach deputy police chief. "The system could go forever and not make an arrest because a wanted person did not walk in front of the camera."

The District has cameras throughout the city capable of running the facial-recognition software, but city officials said they have no plans to implement the program.

Mr. Laurant, however, said that could change.

"They are not planning to use it now, but they could do it later."
*******************************
USA Today
Wireless broadband can keep small companies competitive
MINNEAPOLIS (AP) Genevieve Roessler, physicist and radiation safety expert, edits a Web site and two newsletters for professional associations based in McLean, Va. After too many years away from the grandkids and their native Minnesota, Roessler and her husband, also a physicist, bought a home on a lake near Elysian, Minnesota, where she continued her work with the Health Physics Society and the Society for Risk Analysis.
But work became increasingly difficult for Roessler without high-speed Internet access, and she considered moving her office to Mankato or retiring until Midwest Wireless and the city of Elysian teamed up to solve her problem.

Under a 2001 state program that provided Midwest and Elysian with a $220,000 "technology catalyst grant," this rural area of southern Minnesota received high-speed wireless Internet, which has kept the headquarters of these internationally distributed newsletters in a Minnesota town of 486.

Midwest Wireless, honored recently by state officials for its contributions to rural economic development, has grown from the idea of some rural phone companies 13 years ago into a 430-employee corporation with nearly 300,000 subscribers, a gleaming new headquarters on the edge of Mankato and $162 million in revenue by providing customers such as Roessler high-tech services, including high-speed Internet and cell phones, that weren't widely available in rural parts of the state.

In a report released last week, the Center for Rural Policy and Development in St. Peter, cited wireless Internet as one reason that people in rural areas of the state now report about the same level of broadband access as all Americans. The Rural Minnesota Internet survey showed that 15% of rural Minnesota households have high-speed connections, compared with 16% of all U.S. homes.

The report by the St. Peter nonprofit said the "digital divide" is no longer between rural and urban areas but between the more affluent and less affluent, regardless of geography.

Dennis Miller, CEO of Midwest Wireless, said his company has demonstrated that when it comes to technology services in outstate Minnesota, if you build it, they might stay.

"You can participate in the global economy, and you don't have to drive into the Twin Cities," Miller said.

Or even Mankato, where Roessler considered moving her office before she got Midwest's Clear Wave high-speed Internet.

"Between the two publications and the Web site, we probably have about two dozen editors scattered throughout the United States and internationally," Roessler said. "It just became obvious we would have to have the fast Internet connection. It really has allowed us to continue our work and broaden our work in this rural location."

That was the goal of the state's Technology Catalyst Grant Program, which allocated $1 million to cover 25% of the cost of providing high-speed wireless Internet to nine rural communities. The grants ranged from $16,950 for Marshall County to the largest grant of $220,000 for the city of Elysian and 21 nearby counties served by Midwest Wireless. These are remote areas where many homes and businesses can't receive broadband services through cable modems or phone-company DSL.

The state Department of Employment and Economic Development said the grants leveraged $6 million in private investment to make high-speed Internet available to 14,000 businesses and 266,000 homes in outstate Minnesota.

Midwest Wireless paid 75% of the tab for equipment that would provide Internet speeds of at least 256k (kilobits per second) to individuals and businesses in towns with populations under 2,500. That equipment is similar to the cellular technology Midwest uses to bring mobile-phone service to the same southern Minnesota communities.

Unlike broadband provided by telephone or cable-television companies, the wireless Internet sold by Midwest uses antennae mounted on towers and on the customers' homes or businesses. Miller said it's often cheaper and easier to connect rural Internet users through radio waves than to install cable or wire to remote locations.

At the Minnesota Rural Summit on Entrepreneurship held in Mankato Aug. 3-5, Matt Kramer, commissioner of employment and economic development, praised Midwest for bringing technology to rural entrepreneurs. At the summit, Thomas Dorr, undersecretary for rural development at the U.S. Department of Agriculture, said rural America needs "a new American Gothic."

He suggested that artist Grant Wood's famous painting of a man, a woman and a pitchfork is being supplanted by a picture of the global entrepreneur operating from his rural home office through high-speed Internet. Miller likes that image or perhaps the image of a farmer conducting business on a cell phone.

"This is all about Genevieve and many more like her saying, 'I want to work where I want, and I want to live where I want to live and do my job,'" Miller said. "When I think about economic development of the future, it's much less emphasis on bricks-and-mortar and factories. You can work for a Washington, D.C., company, but you don't have to live there. It allows the small communities to retool to keep their best and brightest in their communities."

In Roessler's case, the technology meant keeping a physicist and her assistant in a home office on a lake. But just a few miles down the road, the new wireless service meant keeping a company of 40 employees operating in Waterville, just east of Elysian.

"I think we would have stagnated and shrunken" without Midwest's service, said Barb Fasnacht, information technology coordinator for LCS Precision Molding in Waterville. "It's, 'If you build it, we will exist.'"

LCS makes molded parts for the automobile, appliance and home-building industries and competes worldwide for customers. It became impractical to exchange drawings and documents by fax or dial-up e-mail. So Fasnacht worked with local officials to seek the state grant for high-speed Internet.

"Our company demonstrated the need to the city of Elysian, and the city applied for the grant, got the grant, and then worked with Midwest Wireless to get the broadband in," Fasnacht said. "I was one of the first to get it around here, and it's become so much a part of our lives, I don't even think about it anymore."

With manufacturing companies facing stiff competition from cheap-labor countries such as China, companies such as LCS need high-speed communications technology to stay in business. Now that the company has that access, Fasnacht said, the rural location might be a plus.

"We have a little advantage over the big companies because we're in rural Minnesota and have a work force that wants to go to work," Fasnacht said. "Our costs are less, and that's one of the reasons we stay here. Broadband makes the footing more even."

Craig Berdie, a business specialist at Minnesota Technology, said the advent of wireless Internet has helped to close the technology gap that was making it more difficult to do business in rural Minnesota. He said cable modems and phone-company DSL are generally faster and more stable technologies than wireless but also are limited by the population density needed by cable companies and the requirement that customers for DSL generally be near a central telephone office.

"It is, in fact, an important service, important to rural, remote small businesses in greater Minnesota," Berdie said of wireless Internet. "Those radio technologies allow for good bandwidth and relatively high quality of service."

Berdie said the wireless Internet business is so new and fragmented that he didn't know how Midwest Wireless ranks among Minnesota providers. However, the Center for Rural Policy and Development's survey shows that southern Minnesota, Midwest's service area, has significantly higher broadband usage (19.8 percent of households) than central Minnesota (12.5 percent) or northern Minnesota (11.9 percent).

"One of the reasons I like Midwest Wireless is they don't gouge people," Berdie said.

Roessler's broadband service, for example, costs about $45 a month for a small antenna on a nearby building that is connected to the house by fiber-optic cable. The fiber-optic cable was necessary because the radio waves must have a line-of-sight connection with the Midwest tower, and that was impossible with a house located on a lake in the woods.

"I feel good about Midwest Wireless, and I feel good about the officials in Elysian who went to the effort of applying for the grant and got it for us," Roessler said in her office, from where she can look through the trees to the lake where her grandchildren play.
*******************************
Government Computer News
08/21/03
Hackers compromise Navy purchase cards
By Dawn S. Onley

Hackers recently broke into a Navy system and gained access to 13,000 Navy purchase cards, according to Defense Department officials who are investigating the incident.

The DOD Purchase Card Program Management Office has issued a release stating that the Navy has cancelled all of its purchase card accountsabout 22,000to minimize the number of unauthorized purchases, and is working closely with the issuing company, Citibank.

?Vendors who accept the purchase card and do business with the Navy should be aware that all card accounts have been cancelled and that Citibank is working quickly to re-establish new accounts and cards. In the meantime, emergency purchases are being handled on a case-by-case basis to fully support Navy requirements,? according to the statement.

A DOD team is working to determine how hackers gained access to the system and what needs to be done to fix the breach. A Defense Criminal Investigative team is also pursuing the investigation.

Defense spokeswoman Cheryl Irwin declined to say what system was breached, over what time period the attacks occurred and how they discovered the incident.

?Suffice to say that we are aware of the breach, and we are taking measures against it happening in the future,? Irwin said.

The Navy has had other problems with its purchase cards. Last year, the General Accounting Office released a report that uncovered widespread abuse by many within the Navy and other services and suggested the DOD impose credit checks on employees who carry them.

Some examples of misuse at two Navy facilities included unauthorized purchases of home computers, personal digital assistants and DVD players.

At the time, deputy Defense secretary Paul Wolfowitz said the department would begin using data-mining software to monitor purchase patterns in search of misuse or fraud.
*******************************
Government Computer News
08/21/03
Spam is a meaty challenge for FTC
By Vandana Sinha

Spam presents the Federal Trade Commission with its most significant test, one that cannot be solved by legislation alone, the agency?s top leader said at the Aspen Summit.

Instead, FTC must turn to technology, chairman Timothy J. Muris yesterday told industry and government officials at the IT conference in Colorado.

?No one should expect any new law to make a substantial difference by itself,? he said. ?Our experience, and that of the few states that have tried to punish spammers, is that it can take months of investigation, and sometimes a dozen or more subpoenas, simply to locate a spammer.?

But he said the solution to the problem would not come in the form of a ?Do Not Spam? log, similar to the recently instituted national ?Do Not Call? registry, which starting Oct. 1 bans telemarketers from calling consumers who register their phone numbers by Aug. 31.

A ?Do Not Spam? registry wouldn?t stem the rising number of identities and e-mail addresses that spammers can invent. ?My advice to consumers would be: Don't waste the time and effort to sign up,? Muris said. ?Instead, recipients and Internet service providers [will] bear most of the costs.?

Rather, other new inventions, such as ISP spam filters, could be the only worthwhile means to stem the tide of spam. ?Eventually, the spam problem will be reduced, if at all, through technological innovations,? he said.
*******************************
Government Computer News
08/20/03
Court official charges Interior destroyed data
By Wilson P. Dizard III

The Interior Department unlawfully destroyed computerized information tracking the evaluation of right-of-way fees for oil and gas companies that run pipelines across Navajo lands, according to an official of the U.S. District Court for the District of Columbia.

Alan Balaran, a court official appointed by U.S. District Judge Royce C. Lamberth, stated in a filing that Interior officials erased information in their computer systems relating to the valuation of oil and gas pipeline ROWs across Navajo lands. Lamberth is overseeing a 7-year-old series of lawsuits in which American Indians are suing the Interior Department for restoration of funds lost as a result of the department?s mismanagement of individual American Indian trust funds.

Balaran issued a 39-page report about a site visit to Interior?s Office of Appraisal Services in Gallup, N.M., and the Bureau of Indian Affairs Navajo Realty Office in Window Rock, Ariz.

In the report, he said that Interior secretary Gale Norton and her delegates had abrogated their responsibilities to conduct ROW appraisals competently and in a method that is beyond reproach, thereby violating court orders, their fiduciary duties under trust law, federal regulations and industry standards.

?The Office of Appraisal Services has erased, deleted and misplaced trust information vital to the valuation of ROWs running across Navajo allotted lands,? according to the report. ?It is doubtful, as a result, whether Navajo allotees are receiving fair market value for leases encumbering their land.?

According to the report, Navajos are receiving ROW payments at a level of $25 to $40 per rod. A rod is 5.5 yards. By contrast, non-Indians and other tribes are receiving ROW payments of as much as $175 to $550 per rod.

Dennis Gingold, attorney for the American Indian plaintiffs in the case of Cobell v. Norton, said, ?This misconduct further confirms Judge Lamberth?s finding that Norton is unfit [to manage the funds]. For Norton to approve contracts that cheat Navajo trust beneficiaries and to permit critical trust records to be destroyed is unconscionable. By allowing the destruction of these trust records, Norton has ensured that a complete and accurate accounting is impossible.?

An Interior spokesman said he was not able to make a comment because the report has not been reviewed.
*******************************
Government Computer News
Patch management on the way for Veterans Affairs
By William Jackson
08/20/03

The Veterans Affairs Department expects to roll out an aggressive patch management system over the next year, the department?s head of cyber and information security said Wednesday.

The need became apparent during the current waves of worms swamping the Internet, Bruce Brody, associate deputy assistant secretary for cyber and information security, told an audience at a Washington conference sponsored by Unisys Corp.

?We did very well last week in the first round of worm outbreaks,? which began Aug. 11, Brody said. ?This week, with Variant D, we learned that the antivirus side of our house was in good working order, but the patch management side is horrendous.?

Establishing a centralized antivirus program has been one of the successes of Brody?s two-year tenure as VA?s chief security officer. It is standardized on McAfee antivirus software from Network Associates Inc. of Santa Clara, Calif., and managed by VA?s Central Incident Response Capability in Silver Spring, Md.

The success has come despite the fact that no major antivirus product fully meets the department?s requirements.

?The problems are primarily in management and reporting,? Brody said. Because of the department?s centralized management, ?we require a four-tier hierarchical structure? with the ability to gather data and push updates to departmental, regional, facility and desktop levels. ?That is our primary need.?

After evaluating available antivirus products, ?I told the CEO of McAfee that his product sucked the least,? Brody said.

He said he would re-evaluate antivirus products next year.

Although the antivirus structure protected VA systems from the MSBlaster worm that exploits a remote procedure call vulnerability in Microsoft Windows operating systems, many VA systems were not patched to correct the underlying problem. The Good Samaritan variant that exploits and apparently patches that vulnerability penetrated VA defenses this week. The ?good? worm apparently has no malicious payload, but its aggressive scanning for vulnerable machines can cause network congestion and slow performance.

?This week we got hit pretty hard,? Brody said. ?All the unpatched systems really caused us problems. And we put out the patch as early as July 16,? the day it was released by Microsoft..
*******************************

Prev by Date: Clips August 20, 2003
Next by Date: ACM TechNews - Friday, August 22, 2003
Previous by thread: Clips August 20, 2003
Next by thread: ACM TechNews - Friday, August 22, 2003
Index(es):
- Date
- Thread