[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips November 10, 2003
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;, mguitonxlt@xxxxxxxxxxx, sairy@xxxxxxxxx;
- Subject: Clips November 10, 2003
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Mon, 10 Nov 2003 14:57:39 -0500
Clips November 10,
2003
ARTICLES
Gore Criticizes Expanded Terrorism Law
U.N. Internet summit faces divisions
Broadcasters want new power to fight piracy but advocacy groups cry
foul
Internet Posting Threatened to 'Kill Everyone' at Broad Run High
ICANN: Steady as She Goes
House bill beefs up Defense R&D
Kansas auditors crack 1,000 passwords
Guarding the borders
SAIC gives border agents X-ray vision
DHS tech group goes full throttle
Students aren't using info technology responsibly
Legal battle may block multimedia on Web
Wal-Mart Plan Could Cost Suppliers Millions [RFID]
*******************************
New York Times
November 10, 2003
Gore Criticizes Expanded Terrorism Law
By CATE DOTY
WASHINGTON, Nov. 9 Former Vice President Al Gore called on Sunday
for a repeal of the law expanding counterterrorism powers, calling it a
"terrible mistake" for its effect on civil liberties.
During a speech in which he condemned President Bush's fight against
terror, Mr. Gore said: "I want to challenge the Bush
administration's implicit assumption that we have to give up many of our
traditional freedoms in order to be safe from terrorists. It is simply
not true."
Speaking before a crowd of about 3,000 at Constitution Hall, across the
street from the White House, Mr. Gore admonished the Bush administration
for what he called "unprecedented secrecy and deception" in
dealing with the Congress and the public.
But his sharpest remarks focused on how the administration was dealing
with civil liberties for immigrants and foreign citizens. He said the
administration needed to stop detaining American citizens indefinitely
without charges. He was also critical of the treatment of immigrants,
like Anser Mehmood, a Pakistani who had overstayed his visa, who was
arrested less than a month after the Sept. 11 attacks and deported eight
months after his detainment.
"Such a course of conduct is incompatible with American traditions
and values," Mr. Gore said.
Saying the detainees at Guantánamo Bay should be given hearings, Mr. Gore
asked, "If we don't provide this, how can we expect American
soldiers to be treated with equal respect?" He also said President
Bush should seek Congressional approval for military commissions that
would replace civilian courts.
In the speech, which was sponsored by the progressive group MoveOn.org
and the American Constitution Society, a liberal lawyers organization,
Mr. Gore spoke with animation, wagging his finger at the audience and
shaking his head when audience members yelled, "Run, Al!"
imploring him to seek the presidency again.
He said President Bush had used the fight against terrorism and the war
in Iraq as political bargaining tools, saying, "They have exploited
public fears for partisan political gain and postured themselves as bold
defenders of our country."
Congressional Democrats have repeatedly called for a softening of the
antiterrorism law, the USA Patriot Act, or the repeal of parts of it. But
Mr. Gore, who referred to himself as a "recovering politician,"
is one of the few high-profile Democrats to call for a complete
elimination of the act.
"I have studied the Patriot Act and have found that along with its
many excesses, it contains a few needed changes in the law," he
said. "And it is certainly true that many of the worst abuses of due
process and civil liberties that are now occurring are taking place under
the color of laws and executive orders other than the Patriot
Act.
"Nevertheless, I believe the Patriot Act has turned out to be, on
balance, a terrible mistake."
*******************************
Seattle Post Intelligencer
Monday, November 10, 2003
U.N. Internet summit faces divisions
By ANICK JESDANUN
THE ASSOCIATED PRESS
UNITED NATIONS -- Who controls the Internet and how richer nations should
subsidize its growth in poorer countries are central issues dividing
planners a month ahead of the first U.N. summit on information
technology.
More than 50 heads of states have confirmed their attendance for the Dec.
10-12 meeting in Geneva but there's still no agreement on what they'll be
asked to consider.
So government, business and civic representatives are convening today in
the Swiss city to try to narrow differences over such contentious issues
as government oversight of online media that several rounds of talks
failed to overcome.
With expectations low that much of substance can be achieved at what has
been christened the World Summit on the Information Society, organizers
are stressing the complexity of the issues.
Even setting broad guidelines on governance of the global yet massively
decentralized Internet is a huge challenge, they say.
"Probably what will happen is more a sketch of what needs to be
done," said Nitin Desai, special adviser to the summit for U.N.
Secretary-General Kofi Annan.
At the Geneva summit, world leaders are to approve a statement of ideals
and adopt goals. A second and final phase of the summit is set for
Tunisia in November 2005.
Some countries, particularly newcomers to the Internet, worry that their
voices could get lost.
*******************************
Associated French Press
Broadcasters want new power to fight piracy but advocacy groups cry
foul
Mon Nov 10, 1:24 AM ET
GENEVA (AFP) - The news clip of Saddam Hussein (news - web sites)'s
statue falling or the re-run of a movie classic such as
"Stagecoach" may be given extra protection from piracy in a
move that advocacy groups say will hamper people's right to enjoy
television and the Internet.
Authors and musicians are also worried this proposed broadcaster treaty
will create unfair rights for anyone who simply transmits their hard
work.
But the broadcasters argue that they need more international muscle to
fight the illicit copying of their output, and deserve greater rewards
for the money and time they invest in airing programmes.
"In this day and age of digitalisation there is inadequate
protection against the unfair and unauthorised exploitation of broadcast
signals," said Benjamin Ivins, a senior associate and general
counsel for the US National Association of Broadcasters (NAB).
Broadcasters have certain international protection under the Rome
Convention passed in 1961.
"But it lacks protection on cable retransmission which is now one of
the most usual ways to broadcast material," explained Tom Rivers, a
legal advisor to the Association for Commercial Television in Europe,
which has 22 members including News Corp's British Sky Broadcasting.
"Also, there is no protection for the exploitation of broadcast
material in the digital environment," he said.
Over the past six years members of the World Intellectual Property
Organisation (WIPO), including the United States, European Union (news -
web sites) and Japan have offered proposals for a new treaty to update
broadcasters' rights.
And, in what some described as the first sign of real progress, WIPO
states agreed at a meeting earlier this week to regroup in June, by which
time they hope to have a single draft of the treaty.
This should lead to a conference by mid-2005 in which the new rules may
be finalised -- an alarming prospect for many non-governmental
organisations (NGOs) that strongly oppose the idea.
"The treaty restricts the ability to record music and films,"
declared James Love, a director at US advocacy group Consumer Project on
Technology.
"It is an unwanted layer on top of copyright," he told a news
conference after attending the two-day broadcaster meeting at WIPO
headquarters in Geneva.
The proposals under discussion would give a new 50-year right over
material in the public domain -- such as news clips or the broadcast of a
classic movie, he and fellow activist Cory Doctorow, director of a second
NGO, Electronic Frontier Foundation, explained.
They may also support the technology that encrypts broadcasts to stop
people from recording a TV show at home and watching it at a friend's
house, they told reporters.
And, because the definition of a broadcaster is unclear, the treaty could
grant protection to web-casters, generating a whole new class of right
holders.
"It should never become a treaty, we are totally opposed," Love
said.
But NAB's Ivins dismissed their fears as "totally wrong."
True, the rules would give broadcasters a 50-year right over the actual
broadcast of a movie that is no longer protected by copyright, but anyone
could make their own copy from the original version for commercial
reproduction.
As for restricting home entertainment, Ivins said that copyright laws
typically contain an exception for personal use.
And, while the United States had suggested extending the scope of the
treaty to include broadcasts over the Internet, it was just a proposal,
he reasoned.
The WIPO discussions have also unnerved artists and the film and music
industry who want assurances that any new broadcaster-protection would
not conflict with their existing copyright.
"The rights are in no way designed to affect content," said
Ivins.
On the contrary, they would boost protection for everyone while also
recognising the broadcaster's "time, effort and financial
contribution."
*******************************
Washington Post
Internet Posting Threatened to 'Kill Everyone' at Broad Run High
Sunday, November 9, 2003; Page LZ03
Loudoun County authorities were investigating a Broad Run High School
student who allegedly posted a message on an Internet site threatening to
"kill everyone" at his school.
Kraig Troxell, the Loudoun sheriff's spokesman, said Friday that no
charges had been filed against the 17-year-old but that investigators
were reviewing the case with prosecutors.
According to an affidavit for a search warrant filed in Loudoun County
Circuit Court, the Internet posting said, "I would just like to say
that Wednesday morning, I'm bringing a gun to school, and I will kill
everyone there." The message specifically threatened the Ashburn
school's two assistant principals and its security chief.
Troxell said school administrators learned about the posting Tuesday and
alerted the school resource officer, who told the Sheriff's Office. By
then, the message had been removed from the Web site, but investigators
were able to track its origin through records from Internet providers,
according to the affidavit written by sheriff's investigator Ken
Fognano.
A school employee also gave papers to investigators the teenager had
written that contained similar threats, according to the affidavit. One
contained the heading "Administrators I hate and want to kill"
and identified two school officials.
The student was questioned by investigators but released to his parents,
Troxell said.
School officials searched the school thoroughly Tuesday night, and
classes took place as usual Wednesday, a schools spokesman
said.
The student's home in Sterling was searched Wednesday morning, but
investigators had not filed court documents indicating whether any items
were seized.
The Web site was not created on the student's home computer, according to
the affidavit, but rather on a computer at an Ashburn home. Investigators
also sought a warrant to search that home.
*******************************
Washington Post
ICANN: Steady as She Goes
Monday, November 10, 2003; 12:00 AM
For years the leaders of the Internet Corporation for Assigned Names and
Numbers (ICANN) have tried to convince the press and the public that
their activities were no big deal.
Early on, ICANN staffers would fire off bristling e-mails if reporters
referred to the group -- which oversees the Internet's addressing system
-- as "powerful" or "influential." They insisted,
despite ICANN's role in determining the rules for the dot-com world, that
it did not warrant the hand-wringing people devoted to it.
For a group that would rather do its work from within the comparative
anonymity of the world's "technical community," 2003 has been a
good year.
On Halloween, ICANN wrapped up its third and final meeting of the year in
Tunisia. In contrast to past years' events, most of the journalists who
covered it worked for local outlets. U.S. and European press mostly
stayed home, tuning into Web-based video of the event and dialing in for
a pair of ICANN-sponsored conference calls.
Cloistered in a luxury hotel in Carthage, ICANN directors approved a pair
of resolutions intended to increase the number of Internet domains (like
dot-com and dot-net) Internet users can choose from when registering a
Web address. The group also finalized policy decisions on existing
domains dot-info and dot-pro.
ICANN takes the relative quiet surrounding its activities as a sign that
critics' concerns about the transparency of its internal management have
been addressed. At first, the group fielded tough criticism over changes
it made to its board of directors, including the removal of some publicly
elected positions that represented the Internet's users.
Miami University law professor and longtime ICANN critic Michael Froomkin
has another explanation for ICANN's general absence from the
spotlight.
"They've vanquished any vestige of democracy," Froomkin said.
"Most of the critics have gone now. There comes a point where you
just stop beating your head against the wall."
Some of ICANN's 2003 highlights:
-March: ICANN chooses Australian businessman Paul Twomey to replace
outgoing President Stuart Lynn. An entrepreneur and former government
official, Twomey is a contrast to Lynn and his predecessor Mike Roberts,
who both came from the educational arena.
-July: U.S. senators question ICANN's governance process in a hearing.
Sen. Conrad Burns (R-Mont.) contends that a lack of accountability within
ICANN jeopardizes Internet security.
-September: ICANN inks a three-year deal with the Commerce Department to
continue its stewardship of the Internet's addressing system, much of
which remains under the U.S. government's ultimate control.
-September: ICANN convinces VeriSign Inc. to shut down -- at least
temporarily -- its controversial Site Finder service, which redirects
users who mistype Internet addresses to a VeriSign-operated search
page.
-October: ICANN passes measures intended to increase the number of domain
extensions (like dot-com and dot-net) available to Internet
users.
Next year, the group will have to deal with privacy concerns surrounding
the "whois" database, which provides the contact information
for Internet address holders. The group also will work to expand the
availability of Internet addresses that use non-English characters
(Chinese, Arabic, Russian, etc.) and will smooth out rules regarding
domain name transfers.
ICANN also will continue its governance reform process, attempting to
bring the Internet public into the fold by organizing regional
"at-large" groups. Many critics are watching closely to see how
and if ICANN brings the voice of the public into its decision-making
process.
*******************************
Government Computer News
House bill beefs up Defense R&D
By Dawn S. Onley
November 7, 2003
The House today approved its final version of the combined $401.3 billion
Defense authorization bill. It emphasizes transforming the military after
what some legislators term years of neglect.
The bill, approved by a margin of 362 to 40, covers DOD and the Energy
Department?s national security programs. It approves several
controversial provisions that were held up in House-Senate negotiations
for weeks, such as ?Buy American? incentives and a provision allowing the
Air Force to lease 20 tankers from Boeing Co. and buy 80 more.
The Senate will vote on the bill next week. Then it will go to President
Bush for final approval.
?We are slowly but surely transforming and rebuilding our military after
years of neglect by the previous administration,? said Rep. Duncan
Hunter, (R-Calif.), chairman of the House Armed Services Committee. ?Much
remains to be done to counter years of cuts to procurement accounts,
force structure and readiness.?
The House measure raises spending by more than $12 billion over fiscal
2003 for procurement, operation, maintenance, research, development,
testing and evaluation.
The Buy American legislation, proposed by Hunter, initially sought to
mandate that 65 percent of all defense products purchased by the Pentagon
must come from U.S. manufacturers, compared with 50 percent under current
law.
The House compromised on that provision, but the key modifications have
not yet been posted. Other components of the authorization bill approved
by the House include:
$10.7 billion for Defense science and technology
A 4.1 percent pay raise for troops
Reforms to the government procurement system, which would let all federal
agencies, not just DOD, take non-contract approaches to research and
develop new technology prototypes to fight terrorism.
*******************************
Government Computer News
Kansas auditors crack 1,000 passwords
By Wilson P. Dizard III
November 7, 2003
The Kansas Health and Environment Department has serious IT security and
disaster recovery problems, the state?s legislative auditor has found.
The auditors said they used password-cracking software to decipher more
than 1,000 of the department?s passwordsincluding several administrative
passwordsor 60 percent of the total, in three minutes.
The department began fixing the security weaknesses and other problems
found in its systems as soon as it learned of them, department secretary
Roderick L. Bremby said in response to the report.
?The department?s antivirus system was badly flawed, allowing computers
to become infected with a large number of different viruses, worms and
Trojan horses,? said the report, Kansas Department of Health and
Environment Information Systems: Reviewing the Department?s Management of
Those Systems.
?The department?s firewall was poorly configured, creating several large
holes in and out,? the report said. Auditors found that the department
lacked or failed to enforce many basic security policies, such as
procedures for incident response, physical security, configuration
documentation and former-user account deletion. They also found several
major problems with security planning.
The auditors concluded that the department lacked the tools necessary to
recover from a disaster and said the plan, left over from the year 2000
rollover, ?would be nearly useless in a disaster.?
In response to the auditors? recommendations, the department hired
FishNet Security Inc. of Kansas City, Mo., for a complete vulnerability
assessment.
In response to the auditors? recommendations to overhaul systems security
and other IT problems, Bremby wrote, ?All recommendations will be ranked
and prioritized by risk, and deadlines will be established to complete
all recommendations as quickly as possible.? He encouraged the auditors
to conduct a second review within a year.
*******************************
Federal Computer Week
Guarding the borders
BY Judi Hasson
Nov. 10, 2003
The following technology is used at the U.S./Mexican border to inspect
vehicles and process visitors.
* Radiation isotope identification device: Handheld tool used to scan
vehicles for materials that emit radiation.
* Radiation-detection pagers: Worn by border agents to pick up radiation
emissions.
* Cargo truck X-rays: Giant machines that take X-ray pictures of
vehicles.
* Fiber-optic scopes: Allow border agents to peer into gas
tanks.
* Vehicle and cargo inspection systems: Bombard vehicles with gamma rays
that take a "picture" of what is inside a vehicle.
* Interagency Border Inspection System: A master database of law
enforcement files on criminals and suspects shared by law enforcement
agencies.
* Fingerprint biometrics: Fingerprint images embedded in visa cards and
passports for comparison with an individual's prints.
* U.S. Visitor and Immigrant Status Indicator Technology: New system
under development that will use biometric tools and database information
to track when foreign visitors enter and leave the United
States.
***
Otay Mesa Port of Entry
Here is a breakdown of the types of traffic crossing the border
checkpoint at Otay Mesa, Calif., near San Diego.
Conveyance arrivals Fiscal 2002
Trucks* 725,710
Buses 69,847
Passenger vehicles 3,868,417
Trains 228
Rail containers 3,629
Private aircraft 3,244
Person arrivals
Via truck* 725,710
Via bus 584,896
Via passenger vehicle 8,210,513
On foot (pedestrians) 1,830,903
Via trains 456
Via private aircraft 11,819
Totals
All conveyances 4,671,075
All people 11,364,297
* Trucks were also crossing at the San Ysidro port in 1999.
Source: U.S. Bureau of Customs and Border Protection
*******************************
Federal Computer Week
SAIC gives border agents X-ray vision
BY Judi Hasson
Nov. 10, 2003
The border agents in Otay Mesa, Calif., are equipped with technology
manufactured by Science Applications International Corp. that allows them
to virtually look inside a truck by capturing an image on a computer of
what is there. That has proven to be an invaluable tool to inspect the
3,000 trucks heading from Mexico to the United States daily.
"A first-time importer is automatically going to get stopped for a
secondary search," said Patrick Talese, assistant port director in
Otay Mesa. Other signs are also used to flag suspicious cargo for extra
scrutiny, he said.
That secondary search is conducted using SAIC's Vehicle and Cargo
Inspection System (VACIS). U.S. Bureau of Customs and Border Protection
officials have purchased 127 of these devices for about $1 million each
and are using them at both the northern and southern borders to inspect
the contents of trucks, railroad cars and ship containers.
"It is a way to get inside a truck without unloading it,"
Talese said. Although the Otay Mesa port and others had X-ray technology
to take a picture of a truck, customs officials pushed ahead with
expanding the VACIS program after the Sept. 11, 2001, attacks, he
said.
The technology is housed in a container that emits a narrow beam of gamma
rays. The beam penetrates a moving object, such as a rail car or truck.
The particles emerging from the vehicle are captured by a computer and
read, generating an image similar to an X-ray.
But that's where the similarity ends. SAIC has developed software that
can analyze images to determine if there is something fishy about a
vehicle's contents a round object, for example, when everything
else is square; a false wall that might hide contraband or illegal
aliens; or material that shows up denser in the picture than the rest of
the cargo.
The inspection takes sec-onds, and the image is stored in a computer
database in the event of a problem later.
Since it has been deployed, the system has inspected nearly 2 million
commercial shipments, according to Douglas Browning, deputy commissioner
for Customs and Border Protection, which is part of the Homeland Security
Department.
Without this kind of Superman vision, it could take hours to inspect and
clear cargo, delaying retail goods or complicating the delivery of fresh
fruit and vegetables before they rot. Customs officials are working to
keep the goods moving.
"A two-hour delay for a truck is very costly," Talese said.
"We're not here to stop the economy."
*******************************
Federal Computer Week
DHS tech group goes full throttle
Moves fill R&D jobs for anti-terror tech
BY Diane Frank
Nov. 10, 2003
Officials in the Homeland Security Department's Science and Technology
Directorate are moving ahead at warp speed to fill every position and
devote all their energies to developing new kinds of tools in the war
against terrorism.
Other parts of DHS are still figuring out how they fit together under the
DHS umbrella, but the directorate is almost fully staffed. That includes
experts in the lead positions, such as the directors of the portfolios
that deal with border and transportation security, intelligence analysis
and critical infrastructure, and emergency preparedness and
response.
"I am pleased to report that all key offices of the Science and
Technology Directorate are operational," said Penrose
"Parney" Albright, assistant secretary for science and
technology. He testified Oct. 30 before the House Homeland Security
Committee's Cybersecurity, Science, and Research and Development
Subcommittee.
That coordination is particularly important for the Coast Guard and
Secret Service, which are still independent entities under the
department. "Things will overlap," said Rep. Mac Thornberry
(R-Texas), subcommittee chairman.
"It is...important that the [Science and Technology] Directorate get
it right, maintain a sense of urgency and establish partnerships with the
public and private sectors to make sure we are tapping into the very best
ideas, products and research," he said.
So far, the portfolio coordination approach is working, Albright
said.
For example, the rest of the department is not interested in research
into new kinds of boats for the Coast Guard or ways the Secret Service
can protect the president. When it comes to common needs, however, the
directorate is able to combine appropriate tools.
In one case, the Nuclear Assessment Program for the Information Analysis
and Infrastructure Protection Directorate also created a capability for
customs and Border Patrol officers to handle radiation alarms on the
borders, Albright said.
"The staff of each portfolio is charged with being an expert in
their particular area, with understanding the activities and capabilities
extant in federal agencies and across-the-board research and development
community, and with developing a strategic plan for their particular
portfolio," Albright said.
Officials will continue to integrate R&D needs throughout fiscal
2004, and the department must submit a report on those efforts to
Congress in December. Fiscal 2005 will provide the real test the
first consolidated R&D budget for DHS, he said.
Coordinating research plans with other agencies and departments is also
important, Thornberry said.
The National Institute of Standards and Technology is an obvious partner,
and the directorate has already formed a close working relationship with
that agency, Albright said.
Other agencies' efforts such as research at the Federal Aviation
Administration is currently coordinated through an ad hoc approach,
but the White House's Office of Science and Technology Policy has been
active in participating in governmentwide homeland security issues, he
said.
One of the NIST projects is to establish technical standards for many
areas, including radiation detection and interoperable communications.
The directorate "must view each technology through the prism of
affordability, performance and supportability all critical to end
users," Albright said.
Rep. Robert Andrews (D-N.J.), a subcommittee member, said he is concerned
state and local governments will not follow those standards. He suggested
that complying with the standards be a requirement for first responder
grants.
***
Up and running
Congress approved a record amount of money for homeland security research
efforts in the fiscal 2004 budget. The money will be spent on developing
new technologies in the fight against terrorism, including biological and
chemical countermeasures and new ways to detect biological, chemical and
radiation threats.
Total budget for the Homeland Security Department's Science and
Technology Directorate in fiscal 2004: $918.2 million.
Percentage of money earmarked for the Homeland Security Advanced Research
Projects Agency's research and development projects: 40-50
percent.
Source: Homeland Security Department
*******************************
Washington Post
An Introduction to E-Voting
Monday, November 10, 2003; 12:00 AM
My usual chat takes place at 2 p.m. today. You know the drill: stop by on
your lunch break with your personal-tech queries or drop off a question
early if you'll be busy, and I'll try to answer as many as I can in the
next hour or so.
I had my introduction to electronic voting last week, and I can report
that the fears of e-voting skeptics came true: I have no idea if the
machine worked or not. Then again, I have no idea if my vote last year
was recorded properly either.
The "WinVote" touch-screen device looked and worked much like
those kiosks used to look up wedding registries in yuppie housewares
stores--one of which, last I stopped by a Crate & Barrel, was frozen
at a startup screen with a message like "PRESS F1 TO ENTER
DIAGNOSTIC MODE." Fortunately, this WinVote terminal, provided by
Frisco, Tex.-based Advanced Voting Solutions, was running properly on
Tuesday and allowed me to proceed to my democratic duty.
After I'd signed in, a poll attendant walked over to the machine with me,
popped a smart card into a slot to activate it, and left me alone. (More
or less--the shields around these kiosks offered less privacy than the
curtain provided with last year's voting hardware.) The screen displayed
a simple list of names; to vote for a candidate, touch her or his
name.
But in highlighting the selected candidate's name in red, with a big X
next to his or her name--instead of a checkmark or another symbol
connoting approval--it made it look like I'd just voted *against* this
person.
After registering my vote in each race, I reviewed my completed ballot
before pressing a big "VOTE" button on the screen. And that was
it.
Fairfax County's WinVote system didn't work so smoothly. Ten machines
broke down and had to be repaired at the county's offices, and a few
others apparently lost count of maybe one vote in a hundred.
I've said this before, will this say this now and will probably have more
chances to say this: Given our experience with computers making random
mistakes, people will--understandably--have problems trusting them as the
sole count of our votes. I can think of two ways to address this
issue.
One is to have each voting machine print a record of each vote cast for
the voter to inspect before leaving the voting machine, and which can
serve as a backup count later on. (See www.verifiedvoting.org for
details.)
The other is to require that the source code of voting machines' software
be published, so that anybody can inspect it for mistakes.
....
Speaking of mistakes, Apple's Panther operating system apparently has a
couple of its own. I had read user reports about one of them before
filing my review--and at the time, thought it wasn't as significant as
the glitches I did cover--but missed the other until after my review had
ran.
The first involves some external hard drives that support the faster
FireWire 800 connection Apple introduced early this year: Under some
mysterious circumstances, Panther can scramble their data structures,
making their data disappear from view. Disk-recovery utilities often
can't recover this information.
That's not so good. But in my own tests, I'd had no problems with the
single most popular FireWire drive in use--the iPod. And when I was
deciding what to include in the Panther review, I focused on the
"FireWire 800" part of this issue (meaning, "affects only
hardware purchased by a tiny segment of professional types, not the home
users I write for") instead of the "makes data disappear"
part (meaning, "oh [bleep]!").
By the day after the review ran, however, I'd read enough accounts of
this problem--including some indications that it, or a related bug, could
zap FireWire 400 hard drives--to make me think I should have mentioned
it.
The second Panther problem relates to the File Vault data-encryption
option. Allowing it to reclaim unused disk space when you log out, some
Panther users have reported, results in their settings being reset. Since
my review ran, others have said File Vault began corrupting actual files
as well:
I've tried to reproduce this bug on the test PowerBook by repeatedly
allowing File Vault to recover unused disk space after logouts. But
nothing's happened. The computer has continued to function perfectly
normally.
I'm concerned that this could be a sign that my ability to bring out the
worst in any review product is fading. I take great pride in being able
to wreck any vendor's demo and find bugs that no one else has seen
before. If I'm losing this power, my job may get a lot more
difficult.
For now, I would steer clear of File Vault. (If you only need to protect
a few documents, File Vault is overkill anyway. Just use any of the other
encryption programs available for the Mac--see, for instance,
http://macgpg.sourceforge.net.)
Finally, for your own amusement, I bring you this week's
easiest-to-ignore PR headline:
Ever Wonder What a $40,000 Loudspeaker Sounds Like?
-- Rob Pegoraro (rob@xxxxxxx)
*******************************
Washington Post
Editorial
Touch-and-Go Elections
Sunday, November 9, 2003; Page B06
ARE TOUCH-SCREEN voting machines fast and flawless, or glitch-prone and
vulnerable to tampering? No one can say for sure, which is reason enough
for Maryland and Virginia localities to conduct more extensive testing
before totally embracing the new systems they have inaugurated with mixed
results. On Tuesday it took Fairfax County more than 21 hours to get
final election results from its new computerized machines; when all was
cast and done, enough doubts existed to prompt legal action by some
Republicans who lost.
Any possible malfunctions seem unlikely to call results into doubt. But
questions about reliability remain, and the absence of a paper trail
makes checking difficult. Attorneys for the GOP went before a Circuit
Court judge Wednesday, asking him to keep 10 voting machines under lock
and key. The machines, from nine precincts across the county, broke down
about midday and were brought to the county government center for repairs
and then returned to the polls. The judge said the activity logs of these
machines will be inspected, with members of both parties on hand. The
challengers noted that whether a contest is affected or not shouldn't be
the chief question; ballot integrity is at issue. A number of Fairfax
voters complained that it took them several tries to register their
votes. A few precincts were forced to return to paper ballots.
In Maryland, where four counties used touch-screen machines in last
year's gubernatorial election, the system rightly remains under review.
Though a handful of cities and towns used the new machines Tuesday with
no major glitches reported, the state still ought to verify the
suitability of its voting mechanism. A report by the Information Security
Institute at Johns Hopkins University cited numerous vulnerabilities in
the touch-screen technology, problems denied by the manufacturer.
Gov. Robert L. Ehrlich Jr. (R) ordered a review by San Diego-based
Science Applications International Corp., which reported last month that
the system, "as implemented in policy, procedure and technology, is
at high risk of compromise." Some lawmakers have raised questions
about SAIC's relationships with other voting technology companies and
want legislative analysts to examine the examiners. A spokesman for Mr.
Ehrlich says the governor is satisfied with the report but welcomes any
additional efforts to "validate the maximum integrity of Maryland's
voting system." Nevertheless, the governor and state elections
officials have said they will proceed with the purchase of machines made
by Diebold Election Systems, and that they believe the troubles can be
taken care of before the machines go into use for the state's
presidential primary in March.
Why leap? In Maryland and Virginia, independent reviews ought to proceed.
In the meantime, before any more elections, touch-screen systems at least
should be outfitted with printers that can produce accurate paper records
of votes cast. The technology exists and ought to be pursued.
*******************************
USA Today
Students aren't using info technology responsibly
By Mary Beth Marklein, USA TODAY
November 9, 2003
Colleges and universities that invest a lot of money in technology may
want to focus more on teaching students to use it responsibly, a survey
suggests.
More than eight of 10 undergraduates (83%) regularly use information
technology in their academic work, but an even larger share (87%) say
their peers at least "sometimes" copy and paste information
from the Web without citing the source, according to the 2003 report from
the National Survey of Student Engagement (NSSE).
The 4-year-old initiative is aimed at assessing how well students are
learning and how effectively colleges contribute to undergraduate
learning.
"Technology could well be a double-edged sword," says George
Kuh, Indiana University professor and NSSE director. "Unlimited
access to information may help students produce more in less time, as
indicated by their relatively high grades. But whether students are
learning with authentic understanding remains to be seen."
A key purpose of the survey is to help individual campuses improve their
practices. Participating colleges receive confidential findings comparing
their school with overall results. But the findings also provide a
national snapshot of what goes on inside classrooms, including, for
example, the level of academic challenge and student-faculty
interaction.
"Without persuasive evidence of the patterns of student engagement,
administrators and faculty remain blind to important aspects of the
undergraduate experience," says Lee Shulman, president of the
Carnegie Foundation for the Advancement of Teaching, which sponsors the
study.
This year's survey was based on information from 185,000 freshmen and
seniors at 649 four-year colleges and universities. Other
findings:
? 77% of students who study 10 or fewer hours a week report grades of B
or better; 33% report earning A's, and 44% report earning B's.
? 87% of all students rated their college experience as "good"
or "excellent."
? 41% of all students earn mostly A grades; 3% report C or lower average
grades.
? More than a third of seniors say they only "occasionally" get
prompt feedback from faculty members.
? Intercollegiate athletes are generally as engaged in learning
activities as other students.
? Male students are generally less engaged than female students,
especially in the areas of academic challenge and enriching
experiences.
? Fewer than half of seniors say they frequently have serious
conversations with students from different racial or ethnic
backgrounds.
? Students in professional areas such as architecture and health sciences
report higher levels of engagement than students in other fields.
*******************************
USA Today
Legal battle may block multimedia on Web
By A.S. Berman, Gannett News Service
November 10, 2003
Taking a break at the office, you log on to Quicktime.com to watch a
movie trailer for the latest Hollywood blockbuster. No sooner have you
clicked Play, however, than the error noise sounds and up pops a dialog
box telling you to "Press OK to continue loading the content of this
page."
This is what Web users everywhere have to look forward to unless they
upgrade to the latest Microsoft Internet Explorer, and if the sites they
visit fail to make some fairly significant changes of their own.
The problem stems from a 4-year-old patent dispute between Microsoft and
Eolas Technologies, a small company spun off from the University of
California.
In August, a Chicago jury ordered Microsoft to pay Eolas $521 million for
technology contained in its Internet Explorer Web browser that
automatically launches applications for playing video, music and other
multimedia content technology, the court ruled, that infringes on
patents held by the small company.
So serious is the concern over this issue, the World Wide Web
Consortium the body that sets the global standards by which Web
pages are created on Oct. 28 urged the U.S. Patent and Trademark
Office to reinvestigate the original patent dispute.
"The practical impact ... will be to substantially impair the
usability of the Web for hundreds of millions of individuals in the
United States and around the world," wrote consortium director and
World Wide Web creator Tim Berners-Lee in a letter to James Rogan, head
of the PTO.
New browser in the works
Although Microsoft has vowed to appeal the ruling, it is nonetheless
rushing out a new version of its ubiquitous Web browser that no longer
infringes on the Eolas patent. The software should be available in the
first quarter of 2004.
It also has endorsed two different techniques for bringing Web pages into
compliance with the court's decision:
? Inserting new lines of HTML code into each affected Web page.
? Building _javascript_ routines into affected Web pages that automatically
call up programs to play multimedia content.
"We've been reaching out to those sites and those tech companies in
the industry that do need to make some changes to make sure the impact on
consumers is minimal," says Microsoft spokesman Jim Desler.
Even if Microsoft's changes meet the requirements of the legal judgment,
developers say the first fix not found in the HTML standards that
developers try to follow could affect all Web pages that use some
form of multimedia software.
Circumventing current Web-design standards also could garble pages when
they're viewed on personal digital assistants, cell phones and other
devices, says Web developer Mike Rundle, 20, a junior at the Rochester
Institute of Technology in Rochester, N.Y.
"It's just going to disrupt the (Web) user's life when trying to
perform tasks on a Web site," Rundle says. He adds that fixes being
suggested by Microsoft could potentially increase the download times for
every Web page containing multimedia content.
_javascript_ fix possible
Microsoft's _javascript_ fix, on the other hand, might be somewhat better,
developers say, but requires users who have their _javascript_ turned off
in their browsers to click an extra dialog box before loading multimedia
content. Many companies and government agencies disable _javascript_ on
their employees' PCs to guard against viruses that use the scripting
language to spread. An estimated 11% of Web users have _javascript_
disabled or use browsers that don't support it, according to The
Counter.com, a Web site providing Internet-use statistics.
San Francisco-based Macromedia, creator of Flash animation technology, is
designing automated tools that seek out the problematic code in Web pages
and replace it with the _javascript_ workaround, says Mike Sundermeyer, the
company's senior vice president of product design.
*******************************
New York Times
November 10, 2003
Wal-Mart Plan Could Cost Suppliers Millions
By BARNABY J. FEDER
Some consumer products companies will have to invest millions of dollars
to comply with Wal-Mart's drive to have every carton and palette it
receives carry a radio identification tag, according to a report to be
released today by A. T. Kearney, a consulting firm.
"It's a big item that most of them have not budgeted for," said
David Dannon, vice president for the consumer industries and retail
products practice at Kearney, a Chicago-based subsidiary of Electronic
Data Services.
The technology, known as radio-frequency identification, or RFID, has
been used to track containers on trains and ships and in automatic toll
systems like E-ZPass. In its new form, it is seen as the long-term
successor to bar codes in the retail industry. Radio tags can carry more
information about the product, can be scanned more rapidly and can be
found even if they are hidden in cartons or behind other
products.
Wal-Mart said in June that it expected its top 100 suppliers to adopt the
technology by the end of 2004 and the rest of its suppliers to do so in
2005. In late September, the Department of Defense said it would also
require major suppliers to use such tags by the end of 2004.
Wal-Mart remains strongly committed to the technology, but last week
sounded a more pragmatic note at a meeting it organized to discuss its
expectations with suppliers and RFID technology vendors, several people
who attended said. Wal-Mart said that it would confine the initial
rollout of the technology to three distribution centers and 150 stores in
Texas and that it was still considering whether to concentrate first on
only a few product categories.
"Wal-Mart recognizes that this is not going to go as fast as they
wanted," Mr. Dannon said. Wal-Mart, which is based in Bentonville,
Ark., declined to comment.
The Kearney report concluded that the technology would save Wal-Mart and
other retailers billions of dollars. More precise tracking of supplies
could cut the amount of inventory the stores need by 5 percent, and the
labor costs of managing inventory in warehouses would fall by 7.5 percent
for efficient retailers and even more for those that are not well
organized, the report said. Radio tagging should also raise sales by
helping stores avoid running out of items.
While the costs to introduce the technology will vary widely, Kearney
estimated that major retailers would have to invest $400,000 at each
distribution center and $100,000 at each store to read and manage the
data. A major chain might have to spend $35 million to $40 million to
integrate the information into its reporting systems, which will be
needed to gain much of the potential savings.
Costs for the plants and warehouses of big suppliers would be comparable
to those for the retailers' distribution centers with one major exception
- under Wal-Mart's plan, the manufacturers are to pay the entire cost of
buying and applying the tags. A grocery manufacturer with $5 billion in
sales could use more than 220 million tags annually, which would cost $33
million at current prices of around 15 cents a tag. If tag prices tumble
to 5 cents each as volume grows, the outlay would still be $11
million.
Despite the costs, the better inventory and theft control the tags permit
could make the investment profitable for suppliers of relatively
high-value items like over-the-counter drugs. But it will be hard for
manufacturers of groceries to gain as much return on their investment,
particularly if they are already operating efficiently, Mr. Dannon
said.
Kearney's cost and benefit projections appear conservative to several
other experts. Edward Carey, managing director for the consumer business
practice at Deloitte, said the labor savings in warehouses would grow to
as much as 20 percent.
To get enough data to cut costs substantially, manufacturers need tags
that can be rewritten as they move through the supply chain, Mr. Carey
said. Today's tags are typically read-only devices. Current RFID systems
also have trouble reading tags through liquids and metals.
"Some of our clients are saying we are going to drag this out as
long as we can," Mr. Carey said. Still, getting on the wrong side of
Wal-Mart is not widely viewed as an option.
*******************************
New York Times
November 9, 2003
Machine Politics in the Digital Age
By MELANIE WARNER
IN mid-August, Walden W. O'Dell, the chief executive of Diebold Inc., sat
down at his computer to compose a letter inviting 100 wealthy and
politically inclined friends to a Republican Party fund-raiser, to be
held at his home in a suburb of Columbus, Ohio. "I am committed to
helping Ohio deliver its electoral votes to the president next
year," wrote Mr. O'Dell, whose company is based in Canton, Ohio.
That is hardly unusual for Mr. O'Dell. A longtime Republican, he is a
member of President Bush's "Rangers and Pioneers,'' an elite group
of loyalists who have raised at least $100,000 each for the 2004 race.
But it is not the only way that Mr. O'Dell is involved in the election
process. Through Diebold Election Systems, a subsidiary in McKinney,
Tex., his company is among the country's biggest suppliers of paperless,
touch-screen voting machines.
Judging from Federal Election Commission data, at least eight million
people will cast their ballots using Diebold machines next November. That
is 8 percent of the number of people who voted in 2000, and includes all
voters in the states of Georgia and Maryland and those in various
counties of California, Virginia, Texas, Indiana, Arizona and Kansas.
Some people find Mr. O'Dell's pairing of interests - as voting-machine
magnate and devoted Republican fund-raiser - troubling. To skeptics,
including more than a few Democrats, it raises at least the appearance of
an ethical problem. Some of the chatter on the Internet goes so far as to
suggest that he could use his own machines to sway the
election.
Senator Jon Corzine, Democrat of New Jersey, does not buy such conspiracy
theories, but he said he was appalled at the situation.
"It's outrageous," he said. "Not only does Mr. O'Dell want
the contract to provide every voting machine in the nation for the next
election - he wants to 'deliver' the election to Mr. Bush. There are
enough conflicts in this story to fill an ethics manual."
Mr. O'Dell declined to be interviewed for this article, but a company
official said that his political affiliations had nothing to do with
Diebold's operations, and that the company derived the bulk of its
revenue from A.T.M.'s, not voting machines. "This is not Diebold;
this is Wally O'Dell personally," said Thomas W. Swidarski, senior
vice president for strategic development and global marketing at Diebold,
who works closely with Mr. O'Dell. "The issue has been
misconstrued."
BUT the controversy surrounding Diebold goes beyond its chief executive's
political activities. In July, professors at Johns Hopkins University and
Rice University analyzed the software code for the company's touch-screen
voting machines and concluded that there was "no evidence of
rigorous software engineering discipline" and that
"cryptography, when used at all, is used incorrectly."
Making matters worse, the software code for the machines was discovered
in January by a Seattle-area writer on a publicly accessible Internet
site. That the code was unprotected constitutes a significant security
lapse by Diebold, said Aviel D. Rubin, an associate professor of computer
science at Johns Hopkins, co-author of the study of the code.
Mr. Swidarski said the code on the Internet site was outdated and was not
now in use in machines.
About 15,000 internal Diebold e-mail messages also found their way to the
Internet. Some referred to software patches installed on Diebold machines
days before elections. Others indicated that the Microsoft Access
database used in Diebold's tabulation servers was not protected by
passwords. Diebold, which says passwords are now installed on machines,
is threatening legal action against anyone who posts the files or links
to them, contending that the e-mail is copyrighted.
A recent report for the state of Maryland by SAIC, an engineering and
research firm, has added to concerns about the security of Diebold's
systems. It recommended 17 steps that Maryland election officials could
take to ensure better security when using Diebold's machines.
The company seized upon this as evidence that its systems, if used
properly, were secure. But the report's overall assessment was not
particularly upbeat. "The system, as implemented in policy,
procedure and technology, is at high risk of compromise," SAIC
wrote.
It has been a bumpy couple of months for Mr. O'Dell, 58, who is known as
Wally and spent 33 years at Emerson Electric before joining what is now
Diebold Election Systems. Associates say he was stunned by the reaction
to his August letter and now regrets writing it.
"Wally's going to take a lower profile on this stuff," Mr.
Swidarski said. But Mr. Swidarski did not indicate that Mr. O'Dell would
put a halt to all of his political activities. Those have included
attendance at a Bush fund-raiser in Cincinnati on Sept. 30 and a flight
to Crawford, Tex., in August for a Pioneers and Rangers meeting attended
by the president.
Other Diebold executives have contributed to President Bush's re-election
campaign. According to data reported to the Federal Election Commission,
11 executives have added a total of $22,000 to the president's campaign
coffers this year. No money from Diebold or its executives has gone to
Democratic presidential candidates this year.
The controversy over security has started to affect Diebold's business.
Last week, the office of the California secretary of state halted
certification of Diebold's latest touch-screen voting machines, which
individual counties are considering using. In Wisconsin, security
concerns have soured election officials' perceptions of computerized
voting. "We were already not strongly in favor of it, but the whole
problem has changed when you're getting e-mails every week saying,
'You're not going to do this, right?' " said Kevin J. Kennedy,
director of Wisconsin's election board.
Matt Summerville, an analyst at McDonald Investments in Cleveland, said
the California decision could cause Diebold to book less revenue in its
voting division this year than it had hoped. "It has certainly made
their business a little more challenging," said Mr. Summerville, who
expects the voting division to contribute $113 million this year to
Diebold's total revenue of $2.1 billion.
So far, investors have not seemed concerned. Diebold's stock is up almost
36 percent for the year.
Until recently, Diebold's voting business looked extremely promising.
Florida's electoral fiasco in 2000 confirmed what many state and county
election officials had known for years: that punch-card systems were
outdated. Encouraged by a new federal law that set aside $3.9 billion for
voting improvements, many states and counties are moving rapidly to
computer-based systems.
Analysts say the biggest beneficiaries of the federal dollars are likely
to be Diebold, Election Systems & Software in Omaha and Sequoia
Voting Systems, based in Oakland, Calif. So far, Washington has provided
$650 million to states to buy new voting machines and improve the
election process, though most of that has yet to be spent. An additional
$830 million is waiting to be disbursed as soon as a new national
oversight committee for elections is established.
NOT everyone is convinced that spending hundreds of millions of dollars
to computerize the nation's voting is a good thing. The Johns Hopkins and
SAIC reports are part of a growing chorus of criticism about the
reliability and safety of paperless voting systems.
"There's a feeling in the computer scientist community of utter
dismay about the state of voting-machine technology," said Douglas
W. Jones, an associate professor of computer science at the University of
Iowa and a member of Iowa's board of examiners for voting
machines.
David L. Dill, a computer science professor at Stanford, said: "If I
was a programmer at one of these companies and I wanted to steal an
election, it would be very easy. I could put something in the software
that would be impossible for people to detect, and it would change the
votes from one party to another. And you could do it so it's not going to
show up statistically as an anomaly.''
Diebold says there are enough checks and balances in the system to catch
this. "Programmers do not set up the elections; election officials
do," Mr. Swidarski said. "All a programmer knows are numbers,
which are not assigned to real people and parties until set-up
time."
But Professor Dill says the inherent complexity of software code makes it
nearly impossible to ensure that computerized elections are fair. He
advocates that machines be required to print out a paper ballot, which
voters can use to verify their selections and which will serve as an
audit trail in the event of irregularities or recounts.
Touch-screen machines from Diebold, called AccuVotes, do not have such a
"voter verified" paper trail. ES&S and Sequoia are working
on prototypes for machines with printers. Diebold's machines are like
A.T.M.'s, in that voters touch their selection and hit "enter"
to record their votes onto memory cards inside each terminal. After
voting has ended, the memory cards are inserted into a Diebold server at
each precinct. The results are tabulated and sent by modem, or the data
disks are sent to a central office.
Rebecca Mercuri, a computer scientist and president of the consulting
firm Notable Software, who has been studying election systems for 14
years, says the trouble with this system is that it is secretive. It
prohibits anyone from knowing whether the data coming out of the
terminals represents what voters actually selected. If someone were to
challenge election results, the data in memory cards and the software
running the voting terminals could be examined only by Diebold
representatives.
MS. MERCURI ran up against this last year, when she served as a
consultant in a contested city council election in Boca Raton, Fla. Her
request to look at the software inside the city's machines, made by
Sequoia, to see if there were any bugs or malfunctions, was denied by a
judge on the grounds that the technology was protected by trade-secret
clauses. Sequoia, ES&S and Diebold routinely include such clauses in
their contracts.
"These companies are basically saying 'trust us,' " Ms. Mercuri
said. "Why should anybody trust them? That's not the way democracy
is supposed to work."
Representative Rush D. Holt, Democrat of New Jersey, is leading an effort
to make computerized voting more transparent. His bill, introduced this
year, would require that computerized voting systems produce a
voter-verified paper ballot and that the software code be publicly
available.
The bill, in the House Administration Committee, has 60 co-sponsors, all
Democrats.
"Someone said to me the other day, 'We've had these electronic
voting machines for several years now and we've never had a problem.' And
I said, 'How do you know?' and he couldn't answer that,"
Representative Holt said. "The job of verification shouldn't belong
to the company; it should belong to the voter."
Diebold said it would be willing to attach ballot printers to
touch-screen machines if customers wanted them. But Mr. Swidarski said
elections boards were not clamoring for it. "We're agnostic to
it," he said.
Mr. Swidarski disputed the assertion that Diebold's systems are
vulnerable to tampering. Before each election, he said, the software goes
through rigorous testing and certification by one of three companies
contracted through the National Association of State Election Directors.
Those companies "go through every line of code," he said.
"It's an extensive process that takes several months, and then the
machines go for testing at the state level."
Critics say that the certification process is not as thorough as the
companies would have people believe, and that the resulting reports, like
the technology, are not available for public inspection. This opacity is
what worries detractors most.
"We know from Enron and WorldCom that when accounting is weak,
crooks have been known to take over," Professor Jones said. "If
vulnerabilities exist in any voting system for a long enough time,
someone's going to exploit it."
*******************************