[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips September 15, 2003

Clips September 15, 2003

ARTICLES

Sharpton protests Mich. Internet voting plan
Blogging the Recall
Britain's Barclays Bank Warns of Email Scam
Bringing Broadband Over the Mountain
Crackdown May Send Music Traders Into Software Underground
State delays high-tech passport requirement
Feds, industry mull offshore outsourcing
IG audits FAA plans for new air traffic system
Maryland county gets ready for Enhanced 911 service
OPM emphasizes security training
Commerce under pressure to clean up giant Web database

*******************************
USA Today
Sharpton protests Mich. Internet voting plan
09/12/03

WASHINGTON (AP)  Democrat Al Sharpton is protesting a plan to allow Internet voting in Michigan's presidential caucus and challenging rival Howard Dean to stand with him.
For the first time, the Michigan Democratic Party is planning to allow party members to vote for the party's presidential nominee via the Internet, as well as by attending the Feb. 7 caucus or mailing in a ballot.

Sharpton sent a letter to Dean Thursday, challenging the former Vermont governor to oppose the Internet voting plan. Dean's campaign has focused on building support from Web users.

"Perhaps it is due to the fact you governed a state with virtually no people of color living within its borders that you are unaware that this is a racially biased proposal," Sharpton wrote. Vermont is nearly 98% white.

Dean spokeswoman Tricia Enright said his campaign is not involved in Michigan's Internet voting effort, but Dean supports the concept of Internet voting or anything else that can bring more people to the polls "as long as it's coupled with the need to insure access to African Americans and others when it might not be available."

She said Dean's campaign manager would contact Sharpton's campaign to discuss the issue.

In a telephone interview Friday, Sharpton said the plan would give an advantage to voters who are wealthy enough to have a computer and Internet access and can participate from home.

"A grandmother in a housing development is going to have to go downstairs and walk five blocks to vote," he said. "Who do you think is going to get more of the vote? Democracy is about equal access. This is not equal access. It really is a high-tech poll tax."

Dean's lack of experience with minority voters is seen by some as a weakness of his campaign, which has gained in fund raising and grabbed the lead in many key polls. Now that Dean is the front-runner, he has become the target of criticism from his eight primary rivals.

Sharpton said he only wrote to the former Vermont governor and not the other candidates because Dean said Tuesday night at a debate sponsored by the Congressional Black Caucus that he speaks about race not only to blacks, but to white audiences.

"Here's where he can take a real moral stand to show that he wasn't just using one line at the debate," Sharpton said. "Since he's now posing as the guy who deals with race, this is his responsibility."

Some Michigan Democrats are challenging the plan to allow Internet voting with the Democratic National Committee. The party allowed Internet voting in Arizona's primary in 2000.

Sharpton said he called Democratic National Committee Chairman Terry McAuliffe to express his concern. McAuliffe is withholding judgment until the party hears the challenge later this month.
*******************************
Washington Post
Blogging the Recall
By Cynthia L. Webb
 Friday, September 12, 2003; 10:02 AM
The California gubernatorial recall election -- the messiest and most entertaining political news story of the year -- is providing yet another boost for the online journal phenomenon commonly known as "blogging."
And with 135 candidates seeking to replace embattled Gov. Gray Davis (D), Web logs are an essential tool for anyone who's trying to make sense of a story that's producing serious -- and at times, farcical -- developments on a daily, if not hourly, basis.
There are too many blogs covering the recall election in some way or other to list all of them. But a few stand out as excellent resources for California voters who need an online water cooler to gather around for updates on Arnold Schwarzenegger and the rest of the pack.
One source, the offspring of a mainstream news operation, is The California Insider, authored by Sacramento Bee columnist Daniel Weintraub.
Launched last April to cover California politics in general, Weintraub is putting all his energy into the recall, which is, after all, the biggest political story to hit the state in decades. The opinion and perspective that Weintraub offers as a veteran political and public affairs writer makes this a valuable online destination.
The blog gives Weintraub the ability to post first-person observations that no news editor would ever let slip onto a printed page. Here's an example posted on Monday:
"I saw my first Gray Davis town hall tonight, and if nothing else, it was a testament to the power of the recall. There he was, the most important man in California government, sitting awkwardly in a stiff plastic chair on a riser in front of 35 African-American residents, activists and business owners from South Los Angeles who would never have had this chance if not for the recall. The meeting was held in a small, stuffy conference room in the corner of the Baldwin Hills shopping mall. ... Glamorous it was not. ... First question: Now that you've bought off the Latino vote with the driver's license bill, what are you going to give us in exchange for our support? Davis handled the evening well, ... But he ducked many of the questions, lectured a bit too much even he praised the power of listening, and still seemed uncomfortable in these environs. So much so that afterward when I approached him he greeted me quite warmly, like a long-lost friend, when, given our relationship, we have been anything but. Any port in a storm."
Unlike most of the traditional coverage, Weintraub also appears to have a knack for finding some off-the-beaten path nuggets, such as the campaign Web site of AskJeeves.com founder Garrett Gruener. Gruener wasn't at last week's televised debate that featured five of the major candidates. But that didn't stop him from participating, as Weintraub noted in his blog that Gruener "answered the questions in real time on his web site. He seems to have snuck in a few phantom questions while he was at it, as if there weren't enough asked as it was. God bless him."
For readers looking for a one-stop overview of all the major media coverage of the recall, there's no better place than Rtumble.com, a Web site that's been around for several years and has evolved into a sophisticated media blog. Rtumble.com is run by Jack Kavanaugh, a former reporter who created his site in the 1990s -- the URL is shorthand for "Rough & Tumble" -- to help other journalists understand the complexities of Golden State politics.
A few gems on Rtumble.com: Kavanaugh links to a Los Angeles Daily News article about Las Vegas odds favoring Lt. Gov. Cruz Bustamante (D) to become the next governor if voters opt to eject Davis from office. And Kavanaugh highlights a Sacramento Bee article about Davis appointing a major campaign donor to a seat on the powerful University of California Board of Regents.
The Election Law blog isn't dedicated specifically to the recall, but author Rick Hasen from the Loyola Law School in Los Angeles makes it a top topic. Mostly, Hasen offers quick links to media coverage he finds interesting. But his background as an election law expert provides some meat when he weighs in on specific items, particularly legal challenges to the recall campaign. His site also has a slew of helpful links to other blogs and related sites.
The Condor is yet another blog authored by a former political reporter, in this case, David Jensen, who worked for UPI and The Sacramento Bee. Jensen, like Kavanaugh and Weintraub, provides cutting analysis, such as his take on a recent statewide poll showing Lt. Gov. Bustamante leading a divided field of Republican candidates: "In the next week or two, we are going to find out whether it is true that Republicans eat their young. The victim in this case is likely to be State Sen. McClintock. The reason is that Monday's Field Poll shows Arnold losing to Bustamante, 30 percent to 25 percent, with McClintock (13 percent) in the race. With McClintock out, it is nearly a dead heat (given the margin of error) with Arnold at 33 percent and Bustamante 31 percent."
Of note: Jensen says he writes from his sailboat docked somewhere off the coast of Mexico.
Another popular blog, written for a major media Web site, is kausfiles, written by former New Republic writer Mickey Kaus and offered through Slate.com. Kaus's blog predates the recall campaign, but he's now devoting nearly all of his postings on it. He, like many bloggers, is a great linker, featuring links to Weintraub's blog and a number or other popular blogs, including Tacitus.
Kaus's blog, written from his home base in Venice, Calif., is a noteworthy read since he has an acerbic tongue and has no problems taking on controversial issues, often with a snarky tone. Recent postings have taken to task Bustamante and his ties to the Chicano student union MEChA. He also offers readers scandalous, albeit interesting headlines that often mention sex and other things not typically thought of as political stories, though this could be the work of the Web site looking to draw in more readers. It appears to be working, and Klaus's blog is hard to avoid once discovered.
Kaus was the first in late August to post the news of Schwarzenegger's partying ways of the 1970s, which were revealed from an old adult magazine interview. The news was then picked up by The Smoking Gun Web site and a mini-scandal was born. In one of his postings after the news broke, Kaus wrote: "Meanwhile, Schwarzenegger himself has brushed it off [here, Kaus links to a Reuters story on washingtonpost.com], saying 'I haven't lived my life to be a politician.' If only Dan ('I did not know in 1969 that I would be in this room today') Quayle had thought of that one."
You may not agree with Kaus's musings, but his blog is worth a visit for its exhaustive links to other online sources and blogs and for the essay-like quality to some of his postings.
The Rest of the Best
While not exhaustive, the following is a list of some additional recall-themed blogs. The list is designed to offer a sampling of some of the opining that is happening on the Web related to the California recall election. If you have a favorite blog that covers the recall that you think is worth mentioning, drop me a note.
? Blog The Recall: The online mouthpiece of BeatTheRecall.com, the site offers links to news about the recall campaign and a "contribution" button for readers to contribute to anti-recall activities.
? 101-365: This blog, which isn't much about politics at all, does have a detailed list of candidates running to replace Davis, complete with some snarky commentary from site creator Chris Heilman.
? California Recall: The authors of this blog say they launched it to "provide a forum to make sense of what's going on in a very key state." The blog reads like a message board of sorts, with postings from different readers and links to various recall news articles.
? Danmitchell.org: Blogger Dan Mitchell frequently writes about the recall, among other political issues.
? The Likely Story: This blog ranges over a number of topics, with a large number of postings on the recall.
? Prestopundit.com: University of California, Riverside philosophy professor Greg Ransom's site has lots of links to news and commentary. But the best thing about this blog is the comprehensive set of links to other California bloggers and news sources. It's a great starting point.
? The Southern California Law Blog: A blog focused on law, politics and Southern California news, has a number of random news postings, but a number of updates related to legal challenges of California's recall election.
? VoteNoFirst.com: This blog appears to be a thinly veiled (but funny) campaign tool of William Tsangares, a Republican candidate in the Oct. 7 recall who is clearly in the campaign as a joke. Tsangares's blog is dedicated to getting people to vote no on the recall. The site links to a number of documents, including a "Recall Arnold" petition and some daily swipes at Schwarzenegger. One recent posting included this: "I still claim that Arnold is the second most liberal Republican in this race, I'm the first. You gotta love him for being pro-choice, pro-gay and anti-gun. He can change the public perception of the Republican Party overnight."
Gubernatorial Candidate Blogs
? Diana Foss
? Garrett Gruener
? Arianna Huffington
? Reva Renee Renz
? Georgy Russell
? Marc Valdez
? Daniel Watts
? Jim Weir
? Sharon Davis: The wife of Gov. Davis has her own recall blog.
Know of any other California recall candidates that have blogs up and running? Send me a link and I will add it to this list.
California Newspapers
A number of California newspapers have dedicated a special Web page to recall coverage. While not blogs, the packaged recall material and links offered on many news site is a helpful clearinghouse of recall-related news. Many are updated with daily wire service stories on the recall. A sampling of some of the collective sites for special recall coverage:
? The Fresno Bee
?The Los Angeles Times (Registration required)
? The Orange County Register: Features a countdown ticker until the day of the election.
? The San Diego Union Tribune: Graphs and interactive media features on the recall campaign.
? The San Francisco Chronicle
? The San Jose Mercury News
? The Santa Barbara News Press
? Political Pulse: Not a newspaper site, but a newsletter covering the recall and California politics.
National Newspapers and Other Media
? FindLaw.com
? The New York Times (Registration required)
? The Wall Street Journal (Subscription required)
? The Washington Post
*******************************
Associated Press
Britain's Barclays Bank Warns of Email Scam
Sat Sep 13, 4:04 PM ET

LONDON (Reuters) - U.K. bank Barclays Plc warned on Saturday of an email scam that tricks its online customers into revealing their confidential details.

  

The bank said fraudsters had sent an email message falsely purporting to be from Barclays, which included a link to what appeared to be the bank's Web site.


Customers were then prompted to enter their personal details, such as passwords and personal identification numbers (PINs), which could be used to withdraw cash or transfer funds to other accounts.


"Barclays is in no way involved with this email and the Web site does not belong to us," a Barclays spokeswoman said. "We have now closed down five of the six Web sites and locked the sixth."


She said around 400 people had contacted the bank to say they had received the email, which had not only been sent to Barclays' customers.


Of these, eight said they had given out their personal details, and their accounts had now been locked. Barclays said it would cover any losses caused by the scam.


The spokeswoman said the bank, which has 3.5 million online customers, did not send out emails requesting information and its security only required two letters from people's passwords when they logged on.


Whilst the problem is being addressed, the bank said it would limit the payments customers could make online to 500 pounds ($796.9).


"Hopefully the limit will only be there for a couple of days," the spokeswoman said.


Britain's National Hi-Tech Unit, which tackles cyber crime, has been called in to investigate the scam. Last year the unit's head said 89 percent of U.K. businesses had been victimized by at least one incident of cyber crime.
*******************************
Washington Post
Bringing Broadband Over the Mountain
Roadstar Puts Wireless Technology to the Test
By Griff Witte
Monday, September 15, 2003; Page E01

Federal Communications Commission Chairman Michael K. Powell traveled last week to a hay-strewn barn at the end of a gravel road high above the Virginia countryside and proclaimed he had seen the future of broadband.

The barn, routinely used by the local children for paintball practice, doubles as a radio receiver and retransmitter that enables residents and businesses in western Loudoun County to get something that can be hard to come by in rural places such as this: high-speed Internet service.

"I'm extremely impressed," Powell said after touring the barn, which has six discreet antennas, ranging in size from four to 18 inches, planted firmly on its roof. "This is what we've worked so hard to create. This is the face of things to come."

Martin Dougherty, chief executive of Roadstar Internet Inc. of Bluemont, Va., certainly hopes so. Dougherty installed the antennas as the centerpiece for his start-up, which aims to use wireless technology to bring broadband service into areas where cable modems and digital-subscriber-line (DSL) technology do not reach.

The company got off the ground in February, and after months of stuffing fliers into mailboxes up and down back roads in the foothills of the Blue Ridge Mountains, Roadstar now has more than 150 customers.

Last Monday the company showed off its network to Powell, FCC Commissioner Kevin J. Martin and numerous other FCC officials, all of whom will be watching closely to see if Roadstar can succeed.

Although broadband has become readily available in urban and suburban areas, rural America is still trying to catch up. In sparsely populated regions, including portions of Loudoun, there just aren't enough customers for the cable and phone companies to justify the infrastructure costs associated with deploying broadband.

Powell said that for that reason, wireless may be the solution or, at the very least, another viable player in what he hopes will be a highly competitive market.

For the Weitz family, until recently, there was hardly any competition at all. "It's feast or famine out here," said Rick Weitz of Bluemont, whose wife, Kathy, home-schools five out of their six children with the aid of the Internet. "Before Roadstar it was all famine."

Before this year, the family had a dial-up connection that slogged along, making online learning an excruciatingly slow process. Since they signed up for Roadstar, however, they said their connection has improved significantly.

"When we had dial-up, you would sit there for hours. This is a lot faster," said Caleb Weitz, 16.

For its business customers, who pay a $250 installation fee and then $99 per month, Roadstar guarantees connection speeds ranging from 128 kilobits per second (kbps) to 1.5 megabits per second (mbps) for both the downlink and the uplink. Residential customers pay the same installation fee, but only $59 per month.

Dougherty said there are no guarantees for residential users, but that speeds average around 800 kbps. By comparison, DSL and cable modem connections typically range between several hundred kbps and 1.5 mbps for the downlink, and up to 128 kbps for the uplink. Most dial-up modem speeds top out at 56 kbps. To get broadband out to an area that's more than an hour's drive from Washington, Dougherty's company uses an unlicensed portion of the spectrum that he beams in from Equinix Inc., a flea market of sorts for bandwidth that has a facility in Ashburn. The signal travels 18 miles from Ashburn to a 1,200-foot crest in the Blue Ridge Mountains, where Roadstar's receiver sits perched on the barn in Bluemont.

From the barn, the signal is then retransmitted down into the rustic towns and posh subdivisions at the foot of the ridge, where Roadstar has scattered a dozen repeater stations. Each of those stations, which can be positioned on anything from private homes to silos, has its own antennas. The repeater stations then pass the signal on for its last leg, into the homes and offices of Roadstar's customers.

Dougherty said Roadstar's service has been "rock solid," staying up and running even during this winter's blizzards. And at least for now, he said, the company is profitable, though small, with only three employees.

But Dougherty said his company will have to grow if it is to succeed. "In order for this to be a profitable business, you've got to deploy in mass numbers. There's no way around it," he said.

And to do that, he said, there has to be more unlicensed spectrum available, especially low-end spectrum that can more easily penetrate trees and other obstacles.

"I'm using it as fast as I can," Dougherty said. "Eventually I'm going to run out of spectrum and I'm going to have to tell customers, 'I can't help you.' "

Powell indicated last week that he was sympathetic to Dougherty's concern, and on Wednesday the FCC voted to propose several regulatory amendments intended to make it easier for entrepreneurs such as Dougherty to bring wireless broadband to rural America.

Dougherty will also need money. So far, he and his wife, Rosemary, who serves as the company's marketing director, have funded Roadstar out of their own pockets, with some help from investments by a customer and a former colleague. The next round of funding, which Martin Dougherty said he expects soon, will come from venture capitalists.

FCC officials say they do not know exactly how many rural residents are being served by wireless broadband, but they say the number has been increasing exponentially over the last year. "It's one of those things that is literally growing faster than anybody could have imagined," said Robert Pepper, the FCC's chief of policy development.

Although wireless is one of the few options available to many rural residents today, the field could soon become a lot more crowded.

Arunas Slekys, vice president at Hughes Network Systems, said his company has begun to bundle Direcway, a satellite system for deploying broadband at speeds of around 400 kbps on the downlink and 128 kbps on the uplink, with its popular satellite television service, DirecTV. Slekys said Direcway has so far signed up 200,000 customers nationwide, and the service is catching on fast in places like Loudoun.

For cable service, Adelphia Communications spokesman Paul Jacobson said the company has undertaken a major upgrade of its network to allow more customers access to broadband. Jacobson said the company's cables run past 70,000 homes in Loudoun, of which 44,500 can get high-speed Internet today. After the improvements are completed next year, he said, all 70,000 will be eligible.

Verizon, meanwhile, continues to offer T-1 connections for businesses that can afford the steep price, as well as DSL in an increasing number of areas. But Verizon is also looking at deploying wireless broadband itself, according to spokesman Harry Mitchell. The company just completed a test on a wireless system in Fairfax County, indicating that wireless could be an option for the suburbs as well.

"Wireless is increasingly becoming a competitor on the broadband front, not only in the most rural areas," Mitchell said.

For Randy Collins, president and chief executive of the Loudoun County Chamber of Commerce, the introduction of new broadband choices is welcome news, especially considering that the options have historically been "poor."

The first few attempts to offer wireless broadband, he said, did not offer much hope for improvement, with companies offering spotty service.

But Collins said that with Roadstar's arrival and the introduction of better wireless technology, he expects that things will soon begin to change.

"Wireless is catching up with itself," Collins said. "It's able to offer reasonably priced, high speed, reliable service. And that's what people want."
*******************************
New York Times
September 15, 2003
Crackdown May Send Music Traders Into Software Underground
By SAUL HANSELL

Come people may well be intimidated by the 261 lawsuits that the music industry has filed against Internet users it says are illegally sharing songs.

But hundreds of software developers are racing to create new systems, or modify existing ones, to let people continue to swap music  hidden from the prying eyes of the Recording Industry Association of America, or from any other investigators.

"With the R.I.A.A. trying to scare users around the world, the developer community is pumping up to create networks which are safer and more anonymous," said Pablo Soto, a developer in Madrid who designed the software for two file-sharing systems, Blubster and Piolet.

Some experts wonder if the industry's efforts will create more trouble for it than ever. "The R.I.A.A. is breeding antibiotic-resistant bacteria," said Clay Shirky, a software developer who teaches new media at New York University.

Blubster, which has an estimated quarter-million users, already uses technology to make eavesdropping more difficult, Mr. Soto said. Its next version will encrypt files so they can be decoded only by their intended user.

Other systems are sending files on more circuitous Internet routes instead of, or in addition to, using encryption. And some developers hope to replace the current systems, which connect millions of users, with private file-sharing networks  speakeasies that may be too small for the industry to find.

The developers of the new systems say there is nothing illegal about writing software that helps people keep secrets. United States courts have held that file-sharing software may not be banned if it has both legitimate and illegal uses.

The Recording Industry Association of America has said that it is unconcerned about the increasing anonymity of file sharing. The stated purpose of its lawsuits is not to catch every hard core music pirate, but to show millions of casual file sharers that what they are doing is illegal.

In addition, none of the new methods offer perfect anonymity, experts say. Yet many of the new systems are likely to make the recording industry work harder to find file traders.

Private file sharing stems from academic work on encryption and data security over the last decade. One system is Freenet, introduced in 1999 by Ian Clarke. It allows people to publish files to be used by others, with technology meant to keep the source anonymous.

"Everyone said the Internet was an anarchistic thing through which anyone could say anything," Mr. Clarke said. "But in reality it is incredibly easy to monitor what is going on on the Internet. I was interested in creating a system that would preserve anonymity."

Freenet is similar to other file-sharing services in that users make part of their hard drives available to hold content to be downloaded by other users. But all the files are encrypted so no one knows what files are on a given machine. Requests to download a file are also encrypted.

Freenet has been a way to disseminate banned political tracts and has been used by people who want to share illegal content like child pornography. Mr. Clarke says he is willing to help people send files illegally if he can also prevent political censorship. "I am an absolutist on free speech," he said.

Freenet, however, is slow and hard to use, and it requires knowing a specific file name. As a result, it has not been a viable alternative to music-sharing services like KaZaA. Developers in Germany are creating a program called Frost meant to make Freenet easier to use.

Another file-sharing model is for business users who want to collaborate while protecting secrets from competitors. "The needs of businesses and the needs of file traders are the same," Mr. Shirky said. "I want a secure way to send you a three megabyte PowerPoint file with no way for anyone else to see it. That is not different from an MP3 file."

Software by companies like Groove Networks creates private file networks for specified users. Groove, which can cost $69 or more per user, is not widely employed by music sharers. But a program called Waste is attracting the interest of music traders who want to create "darknets," as private file-sharing communities are known.

Waste was written by Justin Frankel, who works for the Nullsoft unit of America Online. It was posted on Nullsoft's site one day last May and removed the next , although not fast enough to keep copies from circulating on the Web. (AOL's corporate cousin, Warner Music, is a backer of the R.I.A.A.'s campaign against file sharing.) Frankel and AOL did not return calls seeking comment.

Investigators for the music industry acknowledge that some of these technologies may make their jobs more difficult, but they suggest that users may not want to take advantage of them.

"The thing about darknets is that the users show more culpability than people who simply use peer-to-peer," said Randy Saaf, referring to peer-to-peer sharing systems like KaZaA. Mr. Saaf is chief executive of MediaDefender Inc., a music technology company that does work for the record industry. "When people are found to be using them, they will face stiffer penalties."

Meanwhile, older file-sharing services do not want to lose users to darknets or other newcomers. Many of them are trying to add features they say will protect privacy. Streamcast networks, the creator of Morpheus, introduced a feature this summer that lets users relay files by way of intermediary computers known as proxy servers  a technique that can help obscure the path between the source of the file and the person who downloads it.

Proxy servers and similar methods can be an effective way to hide, said Stuart Schechter, a Harvard security researcher. But, he said, there is nothing to stop the recording industry from creating proxy servers as so-called honey pots to serve as decoys and gather information on users. "The problem with any of these systems is how do you decide who to trust," he said.
*******************************
Federal Computer Week
State delays high-tech passport requirement
BY Judi Hasson
Sept. 15, 2003

Faced with a massive logistics problem, the State Department may postpone the deadline for requiring 26 industrialized nations to issue machine-readable passports for their citizens traveling to the United States.

The machine-readable documents, mandated by the USA Patriot Act, would allow countries whose citizens are allowed into the United States for 90 days without a visa to enter the country as long as they have a valid passport that could be screened upon entry.

The increased automation would cut entry time and give border agents a chance to compare the passports with a database containing information on potential terrorists and other criminals. Congress originally set the deadline for 2007, but moved it up to Oct. 1 after the Sept. 11, 2001, terrorist attacks.

Federal officials will grant countries a one-time extension that would give them until Oct. 26, 2004. State is taking the step because some nations have not been able to completely upgrade their passports by the Oct. 1 deadline, even though most of them are now issuing passports with a space on the side for computer codes, much like bar codes.

"Any country requesting this postponement must also certify that it's making progress toward ensuring that machine-readable passports are available to its nationals, and that it has taken appropriate measures to protect against misuse of nonmachine readable passports," said State spokesman Richard Boucher Sept. 8.

Members of the U.S. Chamber of Commerce applauded the department's action, saying it would give countries the time they need, not only to meet the machine-readable requirement, but also the deadline for embedding chips in passports with facial recognition or fingerprint data.

"This decision widely recognizes that reality by not forcing an unrealistic timetable for passport requirements that would cause chaos at our ports of entry," said Randel Johnson, a chamber vice president.

But machine-readable passports are only one part of a strategy to control access to the United States and screen noncitizens at land, sea and air points of entry. About 100 countries face another deadline Oct. 26, 2004, to introduce biometric identifiers in their passports.

Jack Dillon, senior vice president for government solutions at Viisage Technology Inc., which provides secure digital identification systems, said many countries have not complied with the machine-readable requirement because it costs money to add the components to the documents.

Biometrics will not be available immediately on the many passports that will not expire for nearly a decade after the 2004 deadline, Dillon said, and this likely will add to the cost of obtaining the document.

"It's going to take 10 to 12 years before you have biometrics on everyone's passports," he said. "It's a short-term start and a long-term implementation."
*******************************
Federal Computer Week
Feds, industry mull offshore outsourcing
BY Michael Hardy
Sept. 15, 2003

As American workers face mounting job losses and rising unemployment rates, government and industry officials are struggling with the sensitive issue of offshore outsourcing.

It may seem like a political issue as the Bush administration prepares for an upcoming election, but federal agencies stand to be affected, too. Lawmakers are considering new "Buy American" proposals that would limit the ability of agencies to buy products that are not made from primarily American components.

Federal procurement advocates generally oppose the idea. "It's disruptive to the businesses and it doesn't make sense," said Robert Guerra, a principal at Guerra, Kiviat, Flyzik and Associates Inc. "When [technology] gets commoditized, it's going to get moved offshore. It's not like it's taking jobs from Americans. Americans aren't going to want to assemble monitors for 30 cents an hour. If we can outsource that work and save the government money, so be it."

American companies sometimes fire American workers and open facilities in poorer countries where labor is cheaper and environmental and workplace safety rules are not as strict. The lower production costs lead to lower prices for products, but at the cost of jobs.

The cost aspect of the equation is particularly difficult to address because no one knows how many American jobs, including those in technology, companies have moved, said Harris Miller, president of the Information Technology Association of America.

"I've heard estimates ranging from 10,000 to 150,000" jobs, he said after a panel discussion that ITAA hosted recently in Washington, D.C.

The numbers are so widely different that "it's not even a wild guess," Miller said. "The problem is that companies aren't talking." ITAA may commission its own study to try to quantify the extent to which American companies use foreign labor, he said.

Costs to agencies would rise under the laws, Miller said, because American hardware makers would not be able to rely on inexpensive components from other countries. ITAA also opposes Buy American rules.

"You buy a [computer], you open it up and it looks like the United Nations in there," he said.

"This is all customer-driven," said William Sweeney, vice president of global government affairs at systems integrator EDS. "We have a global economy. Work is being driven around the world."

Drew Ladner, chief information officer at the Treasury Department, said American workers should be trained to compete in that global economy. The government's interest, he said, is in getting high-quality IT.

"We need to make sure we have the best systems," Sweeney said.

The American IT industry has weathered a succession of blows, said Bruce Mehlman, assistant secretary for technology policy at the Commerce Department.

The flurry of spending that IT companies had been receiving to fix Year 2000 problems withered as the year came and went. The economy began to slump, then terrorists attacked the country, the Enron and WorldCom Inc. scandals shook the faith of investors, and the United States launched wars in Afghanistan and Iraq, causing more economic caution at home.

As a result, IT companies have had incentives to save costs with foreign labor, he said. "It's a very real trend driving offshore outsourcing," Mehlman said. "There is a lot that is yet to be understood."

Outsourcing in general is a different matter, said George Newstrom, Virginia's secretary of technology. Governments, especially cash-poor state governments, have to economize, and outsourcing is one sure way to do it. However, he said, government organizations should take care in determining where outsourcing makes the most sense.

Newstrom said Virginia officials are still trying to figure out what part of the $900 million they spend on IT should be outsourced two years into Democratic Gov. Mark Warner's term. "Until we get our arms around it, I don't know what to outsource," Newstrom said.

The state is trying to discourage companies from leaving, and especially taking jobs out of the state and into other countries, he said.

Newstrom argued against legislation. However, he said, government organizations should be wary of the perception they create when they hire companies that outsource significant amounts of work to other countries.

"I think the political climate is very adverse for government to say, 'We want to outsource work offshore,' " he said. "I don't think there's a politician who could survive to the end of that sentence. We don't even want to outsource to Maryland."
*******************************
Government Computer News
IG audits FAA plans for new air traffic system
By Mary Mosquera
September 15, 2003

The Transportation Department?s Inspector General began an audit this week of the Federal Aviation Administration?s progress in its $2 billion plan to replace its 30-year-old Host computer air traffic system.

The IG will review whether FAA has a realistic plan to provide the new En Route Automation Modernization program on time and within budget, David Dobbs, the associate IG for aviation audits, said in a statement Friday.

The IG will also examine cost and scheduling risks and whether the FAA has integrated adequate computer security into the design.

FAA intends to replace the Host computer hardware and software, including the Host backup system, with the new en route system. Host tracks the movement of high-altitude aircraft throughout the National Airspace System. Because the Host software architecture is so old, it is difficult to maintain and will not support new technologies that enhance capacity, Dobbs said.

Under the acquisition plan, FAA will spend $2.1 billion by 2010 to complete the new system?s development and deployment to 27 facilities. Progress and problems with ERAM will affect many other FAA programs, including new communications systems and airspace redesign efforts.

?There is little room for further cost growth and schedule slips with large FAA acquisitions,? Dobbs said. FAA needs to ensure that the new system is properly integrated with other FAA modernization systems, keep requirements stable and control costs, he said.
*******************************
Government Computer News
Maryland county gets ready for Enhanced 911 service
By William Jackson

Montgomery County, Md., is implementing Enhanced 911 in its emergency communications system to help dispatchers and rescue personnel locate emergency callers who use cellular phones.

E911 is part of the county?s new Public Safety Data System, a $175 million infrastructure upgrade by Northrop Grumman Corp.

?We have been waiting for the phone companies to define the standards for how the data will be sent,? Montgomery County chief technology officer Mike Knuppel said. ?It?s taken some time to develop those standards,? but the equipment in the county?s emergency call centers should be configured to receive the data in a couple of months.

Before Enhanced 911, emergency call centers had no way to locate the origin of 911 transmissions from cell phones.

The Federal Communications Commission in 1996 adopted E911 rules requiring carriers by April 1, 1998, to provide emergency answering points with telephone numbers and locations of cell site or base station where the calls originated.

The commission soon after required carriers to be able to pinpoint a caller?s location to within between 50 meters and 300 meters. But carriers were slow to implement E911 and local governments even slower to take advantage of it because of the equipment investment.

Montgomery County included E911 in a wholesale upgrade of its emergency communications system that began in 1997. In addition to E911, the upgrade covers computer-aided dispatch, a mobile data communications subsystem, a mobile message switch, vehicle-mounted mobile subscriber equipment and 1,400 in-vehicle computers.

The emergency communications system serves the county sheriff?s office and police department as well as municipal police, fire and emergency medical services. During last year?s Washington area sniper shootings, the county distributed some of the new, 800-MHz digital radios from its communications upgrade so that police in other jurisdictions could participate in the manhunt. Knuppel said quite a few of the county?s emergency calls come via cell phone, and ?the folks that are in operations? are eager to use the enhanced service.
*******************************
Government Computer News
09/12/03
OPM emphasizes security training
By Jason Miller

The Office of Personnel Management is asking agencies to make sure employees comply with computer security guidelines and training.

In a proposed Federal Register rule last week, OPM director Kay Coles James proposed requiring employees to check a National Institute of Standards and Technology site, http://csrc.nist.gov, for the latest information about IT security and training standards.

?These regulations afford agencies the opportunity to be immediately aware of and come into timely compliance with changing computer security guidelines and requisite training,? James said. ?The proposal provides users more timely access to the most current applicable definitions and guidelines.?

OPM revised the regulations to require agencies to:


Identify employees with significant security responsibilities and provide role-specific training


Make all employees and contractors who use IT study security awareness materials at least annually


Train executives in security basics as well as policy-level planning


Train program managers, CIOs and IT security personnel in security basics, planning, system security management, lifecycle and risk management, and contingency planning


Give new employees IT security guidance within 60 days


Hold refresher courses for employees based on need and IT security changes.

Comments are due to employ@xxxxxxx by Oct. 6.
*******************************
Government Executive
September 12, 2003
Commerce under pressure to clean up giant Web database
By William New, National Journal

A little-known global database of Web site owners has grown into a significant worldwide cyber-crime tracking deviceand a major source of concern to privacy advocates and foreign governments. Despite its growing importance, the so-called "Whois" data is plagued with inaccuracies, as well as technical, legal, and ethical problems. The Commerce Department is facing increasing pressure to clean it up.


As the creator of the Internet, the U.S. government remains responsible for ensuring its stability and competitiveness. For this task, it created a nonprofit corporation in 1998 that is growing up in its own right: the Internet Corporation for Assigned Names and Numbers. ICANN, which is based in Los Angeles, manages the domain-name system for Web site addresses with endings such as .com, .net, and .org. It operates under a memorandum of understanding with the Commerce Department. The agreement expires on September 30.


To obtain a domain name, an applicant must pay a domain-name retailer, or registrar. Registrars are required, through contracts with ICANN, to collect personal information about the registrant, keep it up to date, and make it public. This information, mainly contact details, is the Whois data, and it is coming under intense scrutiny from a variety of Internet constituencies.


Registrars are also required to offer "bulk" access to the entire database for anyone paying up to $10,000 annually for it.


Many Internet users and others who benefit from the Internet are pressing Commerce to require improvements in the Whois data as part of the renewal of the agreement with ICANN. But last week, Commerce General Counsel Theodore Kassinger told a House subcommittee that that would not be among the top priorities for a likely multiyear extension of the deal. That was not what subcommittee Chairman Lamar Smith, R-Texas, and ranking Democrat Howard Berman of California were hoping to hear.


"Despite the demonstrated need and obligation of the Department of Commerce, ICANN, and registrars to provide access to accurate Whois data, there is an astonishing lack of enforcement of these contractual terms," Smith said at the outset of the September 4 hearing of the House Judiciary's Subcommittee on Courts, the Internet, and Intellectual Property, which he chairs. He said it is "inexcusable" that no registrar has lost accreditation for failing to honor its Whois commitments, despite widespread problems.


Also "inexcusable," Smith said, is the fact that in its extension of its agreement with ICANN, Commerce intends to add a list of seven "milestones" to assess ICANN's future performance, but none deal directly with Whois, contract enforcement, or intellectual-property protections.


Smith told National Journal that he would consider legislation to fix the data problems if Commerce fails to act. "We're going to wait and see if the Department of Commerce takes sufficient actions to clean up the database and make it more useful and more reliable to everyone involved," he said.


Despite Kassinger's comments, Smith said he hopes Commerce's new agreement with ICANN "will contain a major enforcement component, where contracts will be enforced and registrars or individuals may be dropped if they do not provide accurate information in a timely fashion." Kassinger said in the hearing that Commerce lacks the legal authority to force registrars to comply, and that Commerce is not ICANN's regulator.


"If Commerce is not ICANN's regulator, then who is?" countered Susan Crawford, a professor at the Cardozo School of Law in New York City. "ICANN's only powers extend from its [memorandum of understanding] with the Department of Commerce."


The Whois database affects a large number of people. For instance, network administrators need it to fix Internet problems. Law enforcement and people targeting unsolicited e-mail, or spam, increasingly rely on the database.


Investigators at the FBI Cyber Division use the Whois database "almost every day," James Farnan, the division's deputy assistant director, told the subcommittee. Farnan described how agents used subpoenaed Whois data to find the owner of a Web site containing child pornography. If the data is inaccurate, officers can serve a subpoena on the registrars to obtain the real identity of the domain owner through the credit card information used to purchase the domain name. But not every registrar authenticates payment information, so stolen credit cards can be used.


John LoGalbo, a trial lawyer in the Justice Department's Computer Crime and Intellectual Property Section, told an ICANN meeting in June that access to Whois data cuts through "layers of complexity and delay" in international investigations. The Federal Trade Commission has also publicly proclaimed the importance of the data.


Privacy advocates note that investigating fraud is only one use of the database. The Electronic Privacy Information Center said in its newly released global survey on privacy and human rights that Whois data is available to anyone who uses the Internet, "including stalkers, corrupt governments cracking down on dissidents, spammers, aggressive intellectual-property lawyers, [and] police agents without legal authority."


Alan Davidson of the Center for Democracy and Technology, in a letter submitted to the House subcommittee for the September 4 hearing, argued that safeguards for privacy and security are the best way to get law-abiding people to provide accurate data.


Kathy Kleiman, a lawyer at McLeod, Watkinson and Miller in Washington and one of the founders of ICANN's noncommercial constituency group, said that in some countries, citizens trying to protect themselves have to provide inaccurate information. She cited as an example a human-rights group with a Web site that showed pictures of torture victims so families could identify the bodies. "In the telephone world, we have unlisted telephone numbers and even blocking to protect personal privacy," Kleiman said. "We need at least the same in the Internet world."


Steve Metalitz, counsel to the Copyright Coalition on Domain Names, told the subcommittee that accuracy and accessibility are critical to electronic commerce and accountability on the Internet. He said that access to data is "wildly inconsistent," and he criticized ICANN for not doing enough to fix the database, which "remains riddled with inaccurate data."


Benjamin Edelman of the Harvard Law School Berkman Center for Internet and Society said that registrars and registrants need meaningful incentives to comply with requirements, without which the Whois database is "substantially fiction." Privacy concerns, he argued, could be met by using third-party services.


There's no consensus on how to improve the system, but many Internet constituents have shown preliminary interest in "tiered access": The data would be accessible by degrees to those who need it. Other ideas include providing notice to users when someone else views their data, and creating "audit trails" that could reveal abuse of the database.


Commerce's National Telecommunications and Information Administration, headed by newly named Administrator Michael Gallagher, chairs an interagency group considering changes to the Whois database. The other participants in the group are the Justice Department, the FTC, and the Patent and Trademark Office.


ICANN also has Whois contracts with eight domain-name registriesessentially wholesalers of domain names. Some maintain their Whois data, and others do not. The newer registries have begun modifying the contracts to meet new exigencies. For instance, the London-based registry for the .name domain developed a tiered system for allowing access to the Whois data out of fear that the registry was violating the European Union data-privacy directive.


Most agree that the number of inaccuracies, whether the result of outdated information or fraud, is high. There are more than 30 million registrations in the "top-level" domains (.com, .net, and .org), some 25 million of which are in the .com domain. About 10 percentor 3 millionof these registrations are inaccurate, according to Edelman.


Kassinger said at the September 4 hearing that in nearly 12 months of studying data problems, ICANN received 15,458 reports concerning 10,271 different domain names. Kassinger acknowledged that the number of reports "may just be the tip of the iceberg." He also said that the government shares some critics' concerns. But Commerce, he said, is "gratified" by the commitment to Whois issues shown by the new ICANN President and CEO Paul Twomey, and Kassinger added that new hirings would help there.


Twomey, who took office in March, is organizing various ICANN constituents into a new committee to discuss the Whois system. ICANN's board has adopted a new policy requiring registrars to contact domain-name registrants at least annually to confirm the accuracy of their information.


In another effort, ICANN's government advisory committee is wrestling with the variety of standards for handling personal information. For instance, the European Union says that making Whois data public violates its privacy law. Canada also has concerns. In addition, questions remain as to how the 200-plus country domains, such as .fr for France, will deal with Whois data.


ICANN expects to form the new constituents committee and to sponsor a workshop on Whois "best practices" at its next board meeting at the end of October. Twomey said in June that the committee's goal is to prioritize issues and develop a work plan for addressing them. But he stopped short of stating a goal of getting agreement on solutions.


ICANN followers hold mixed views on whether ICANN will move quickly enough. "It's a tremendous logjam," said one observer. "I think we're all buckling down for a long process that will be [conducted in] secret."
*******************************