[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Clips November 5, 2003
- To: "Lillie Coney":;, Gene Spafford <spaf@xxxxxxxxxxxxxxxxx>;, John White <white@xxxxxxxxxx>;, Jeff Grove <jeff_grove@xxxxxxx>;, goodman@xxxxxxxxxxxxx;, David Farber <dave@xxxxxxxxxx>;, glee@xxxxxxxxxxxxx;, Andrew Grosso<Agrosso@xxxxxxxxxxxxxxxx>;, ver@xxxxxxxxx;, lillie.coney@xxxxxxx;, v_gold@xxxxxxx;, harsha@xxxxxxx;, KathrynKL@xxxxxxx;, computer_security_day@xxxxxxx;, waspray@xxxxxxxxxxx;, BDean@xxxxxxx;, mguitonxlt@xxxxxxxxxxx, sairy@xxxxxxxxx;
- Subject: Clips November 5, 2003
- From: Lillie Coney <lillie.coney@xxxxxxx>
- Date: Wed, 05 Nov 2003 16:01:02 -0500
Clips November 5,
2003
ARTICLES
Most Countries' Web Sites Are Ignored
Glitches Prompt GOP Suit Over Fairfax Tabulations
Computer Worms Breeding More 'DDoS' Attacks
Police issue internet gun warning [UK]
Microsoft to offer bounty on hackers
OMB personnel changes: Chenok out, Anderson moving up
Official: China to invest in Linux-based software industry
FCC Approves First Digital Anti-Piracy Measure
Bill would give people e-mailed credit reports
*******************************
Associated Press
Most Countries' Web Sites Are Ignored
Tue Nov 4, 3:52 PM ET
By MARK STEVENSON, Associated Press Writer
MEXICO CITY - Most of the world's nations have their own Web sites, but
only 20 percent of people with Internet access use them, according to a
U.N. report released Tuesday.
A total of 173 of the U.N.'s 191 members had Web sites in 2003, according
to the U.N. World Report on the Public Sector, entitled
"E-Government at the Crossroads." Just two years ago, 143
nations had Web sites.
Only 18 countries, many in Africa, remain completely off-line.
While Web-based access can link citizens to everything from schools to
hospitals and libraries, only a few government sites encourage users to
help make policy, the report said.
"Only a very few governments have opted to use e-government
applications for transactional services or networking, and even fewer use
it to support genuine participation of citizens in politics," it
said.
The United States led the rankings of e-government "readiness,"
or the amount of information, services and products offered over the
Internet combined with the infrastructure such as telephones,
computers and Internet connections needed to access them.
Sweden ranked second, followed by Australia, Denmark, Great Britain,
Canada, Norway, Switzerland, Germany and Finland.
Most Americans who use government Web sites get tourism information, do
research for school or work, download government forms or get information
on services.
"U.S. users perceive the availability of e-government first and
foremost as an opportunity to get quick and easy access to
information," the report said.
In another ranking for "e-participation," or the government's
willingness to interact and dialogue with citizens over the Internet,
Great Britain beat the United States for the top spot.
The top 10 included New Zealand, France, the Netherlands, Ireland and
several developing countries Chile, Estonia, the Philippines,
Mexico and Argentina.
Estonia, for example, has a site called "Today I Decide" at
which people can propose, amend, and vote on policy issues. Officials
then are required to consider those proposals.
"It is refreshing that this is not like a train that has to follow
the developed nations," said Jerzy Szeremeta, one of the report's
authors. "Creativity and policy centered on human development can be
located anywhere in the world."
Still, only 15 governments in the world accept Internet comment on public
policy issues and only 33 allow government transactions, like filing
forms or paying fines, over the Internet.
At least 60 percent of all e-government projects in developing countries
fail, and about half waste some taxpayer money, the report said.
But there are success stories, including Hong Kong's one-stop Electronic
Service Delivery, which allows citizens to do everything from pay taxes
to renew their driver's license on the Web.
Other countries publish bids for government purchasing contracts on the
Web to help fight corruption and kickbacks. South Korea (news - web
sites)'s OPEN application/complaint portal allows users to see exactly
where their case is being handled in the government approval process.
But the report said "a too-grandiose approach may result in failures
or expensive white elephants."
"Because of a high rate of failure in specific e-government projects
in developed as well as developing nations, bricks-and-mortar public
services need to be maintained even as digital applications are
increasing," the report said.
In many countries, women and the poor have less access to the Internet
than other sectors. "Security and privacy issues" also
discourage use among all populations, the report noted.
The Internet has more potential for governments than simply being a place
for citizens to easily access basic information and forms.
"Many governments turn to Internet-based services as a way to cut
red tape," said Jose Antonio Ocampo, the U.N. undersecretary-general
for economic and social affairs.
"But we also see the Internet as a means of advancing and
consolidating transparency and democracy."
*******************************
Washington Post
Glitches Prompt GOP Suit Over Fairfax Tabulations
By Eric M. Weiss and David Cho
Wednesday, November 5, 2003; Page B04
Widespread problems with new touch-screen voting machines delayed
election results in Fairfax County last night and led to a legal
challenge by Republican officials.
Nine malfunctioning voting machines were removed for repair and then put
back in service, a move that Fairfax Republicans said broke election law.
Several hundred votes were under scrutiny, not enough to affect the
outcome of countywide races.
A Circuit Court judge will hear arguments today on whether those votes
should be set aside.
The new machines, meant to simplify voting, made the tallying of the
votes more problematic. More than half of precinct officials resorted to
the old-fashioned telephone to call in their numbers or even drove the
results to headquarters, elections officials said. A handful of precincts
went back to paper ballots.
County elections officials said it was the slowest performance in memory
for counting votes on election night. The problem came when precinct
workers tried to electronically send results from the 953 new machines to
election headquarters, unexpectedly overloading computer
servers.
When the electronic system of sending results over telephone modems
failed, precinct workers tried to call in the results but got busy
signals. Many decided it would be quicker to drive.
Some voters complained about using the new machines, and officials said
that resulted in slow going at some polling places during the day. For
example, a line of 100 people snaked around the polling room at Sleepy
Hollow Elementary School yesterday morning, workers said.
Fairfax election officials expressed surprise at the glitches.
"I don't know what the holdup is," Margaret K. Luca (D),
secretary of the county's three-person elections board, said late last
night. "I thought we had it covered. We tested all week in the
county."
Fairfax spent $3.5 million on 1,000 WINvote machines this year, part of a
wave of new technology being introduced to voting booths in the wake of
the Florida ballot-booth drama of the 2000 presidential election. The
machines, made by Advanced Voting Solutions of Frisco, Tex., resemble
laptop computers without keyboards.
Fairfax and Arlington County used the technology countywide for the first
time yesterday. Arlington reported no major problems.
The most serious complaints in Fairfax centered on the several hundred
votes tabulated by nine problem machines.
A hastily filed lawsuit by the Fairfax County Republican Committee and
Friends of Mychele B. Brickner (R), the losing candidate for chairman of
the Fairfax County Board of Supervisors, asks the court to set aside the
votes from the nine machines until a judge determines whether they were
recorded properly.
Circuit Court Judge Dennis J. Smith agreed to hear the motion
today.
The nine machines were located in the Floris, Dulles, Kenmore, Freedom
Hill, Kilmer, Waynewood, Reston 1, Rose Hill and Masonville precincts,
according to the lawsuit.
"It is our information that there are irregularities," said
Christopher T. Craig, attorney for the Republicans. "Voting machines
were moved out of polling places and back into the polling places, and
they are not supposed to be. That is not supposed to
happen."
Craig said election law prohibits the removal of machines in the middle
of voting.
Luca said there were "unanticipated problems" with the nine
machines. Election workers in the nine precincts tried to reboot the
machines as trained, she said, but that did not solve the
problem.
She then decided it would be best to take the machines to the county
government center, where technicians were better prepared to deal with
them.
"The whole idea behind these machines is that they are portable, so
it made more sense to bring them to where you had the technology and the
people to fix . . . these problems," Luca said.
Craig acknowledged that the number of votes, estimated in the hundreds,
"may not make any difference, but that is not the
point."
"It's about voter integrity," he said.
In Montgomery County elections in September 2002, electronic voting
machines were blamed for confusion. Several polling places opened late
because the equipment was not set up, and inaccurate results were posted
on the county Web site while judges struggled through complicated forms
and tabulations.
*******************************
Washington Post
Computer Worms Breeding More 'DDoS' Attacks
By Brian Krebs
Tuesday, November 4, 2003; 9:03 AM
The army wants your computer.
Not the U.S. Army, but a private army of personal computers enlisted by
hackers to serve as firepower for "distributed denial-of-service
attacks" on rival hackers and vulnerable businesses
worldwide.
Known by the more elegant acronym DDoS, they are the hacker's equivalent
of a leg-breaking at the hands of mob enforcers. Victims eventually get
back online, but not until they've suffered some pain.
DDoS attacks have evolved from localized assaults on individual targets
into data avalanches that immobilize networks run by innocent bystanders.
One of the worst, which took place in October 2002, threatened to crash
the very underpinnings of the Internet.
Their power grows as more people connect their home computers to the
Internet without downloading and installing security software. Leaving
computers unsecured has contributed to an epidemic of worms and viruses,
the bits of malignant digital code hackers use to take over PCs. The
rapid uptick in the number of infections reported over the past several
years indicates that DDoS attacks promise to increase in strength and
wreak more havoc each time one is unleashed.
"Conventionally what attackers have done is scanned a large series
of networks looking for vulnerable computers, but increasingly that
process is being automated through worms and viruses that can accomplish
the same task in much shorter period of time," said Oliver
Friedrichs, senior manager with Cupertino, Calif.-based Symantec Security
Response.
Anti-virus software developer Symantec Corp., has seen a 50 percent
increase in the number of worms and viruses that sneak in through open
computer "backdoors." What makes them particularly dangerous is
that most people don't notice that their computer has been taken over
unless they run a virus scan, something that many casual Internet users
don't do.
In regular scans of the Internet, Lexington, Mass.-based Arbor Networks
finds at least 18,000 computers infected with either the "Code
Red," or "Nimda" worms, bugs that surfaced more than two
years ago. Those two worms still try to infect an average of 17 million
computers each day, Arbor found.
Businesses are taking financial hits that reflect the trend. DDoS attacks
were the second-most expensive computer crime in 2002, causing more than
four times the previous year's losses, according to a study released in
May by the Computer Security Institute and the FBI. The 540 companies
surveyed in the study said denial-of-service attacks cost them at least
$65 million last year.
"Nearly all of the financial institutions I've talked to recently
have said they're getting hit with hundreds of attacks daily," said
Avivah Litan, a vice president at Stamford, Conn.-based Gartner Research.
"Most never get through, but the big banks and securities houses
tell me it's basically a war zone for them each day."
Too Much Information
Denial-of-service attacks grew out of an innocent way to make online
connections.
If computer users want to find out whether other computers are on a
network or how long it takes communications to travel back and forth,
they send out "pings," or requests for data. Too many pings
sent to one computer cause it to crash. Hackers started breaking into
other people's computers -- up to thousands at a time -- using those
"zombies" to send ever larger amounts of data for more
spectacular crashes.
Much of the data winds up snarling other parts of the Internet, causing
traffic jams for Internet users who aren't even under attack. This was
the birth of the DDoS attack.
The Code Red worm in the summer of 2001 was one of the first prominent
examples. Computers that were infected by the worm were programmed to
launch an attack on the White House Web site. In August of this year, the
"Blaster" worm sickened more than a half-million computers and
threatened to swamp Microsoft Web site for people to download security
software for the Windows operating system. Both attacks failed, but
another one disabled Microsoft's Web site for nearly three hours just
days before the planned Blaster assault.
Until recently, attackers tried to hide the Internet address of their
coopted computers to keep them from being traced. But experts say most
don't bother anymore because unprotected computers come online daily and
pick up worms.
Those computers scan the Internet for other targets, giving hackers a
homing beacon to zero in on new zombies, said Ted Julian, co-founder and
chief strategist for Arbor Networks.
"In the old days, attackers used to amass one by one systems they
owned and over a period of weeks built up their armies," Julian
said. "But there's really no reason to go out and painstakingly
build your own armies anymore. They're now readily
available."
Money and Fame
The motives behind DDoS attacks vary, but for the most part perpetrators
are seeking financial gain. Many are looking for more intangible results
-- bragging rights and victories in gang-style Internet turf
wars.
"We've seen attacks against auction sites to make sure (the
attacker) has the winning bid, and we've seen... attacks against
financial trading companies to try to affect stock prices," said
Dave Dittrich, a security expert at the University of Washington's
Information School. "If someone can find a way to use these attacks
to make money, they'll do it."
Hackers also trade lists of zombie computers for stolen credit card
numbers, virus code and spam e-mail lists, said David Kennedy, director
of research services at TruSecure Corp, a Reston, Va.-based company that
monitors chat rooms and other online forums for new attack trends and
viruses.
When they're not attacking high-profile Web sites, hackers often fight
over the control of zombie computers. This happens on Internet Relay Chat
(IRC), a group of networks that allow users to create private and
anonymous chat rooms known as channels. Computers primed for a DDoS
attack connect to those channels and await commands from whoever owns the
room.
The most effective way to break into the channels is to take down the
machine being used by the person who owns the room, said Ken Dunham,
malicious code manager at Reston, Va.-based iDefense.
"In reality it's a lot like a bunch of kids on the playground
fighting with each other," Dunham said. "One kid gives another
a black eye, and the other kid turns around and tries to give him
two."
Those battles frequently spill over into other networks. In one notable
case, authorities accused Aaron Caffrey, then a 19-year-old U.K. man, of
launching a DDoS attack on the Port of Houston, Texas, to knock a fellow
chat room user offline. The attack disabled the port's Web service, which
held vital data to help ships navigate the harbor. In that case, a U.K.
jury accepted Caffrey's defense that someone else hacked into his
computer to make it look like he committed the crime.
Hackers have even used worms to counteract other worms. In February,
police arrested two men thought to be members of the "Threat
Krew," a hacker group suspected of releasing a worm that seized
control of thousands of computers infected with the Code Red virus.
Investigators say the worm was designed to wipe out the Code Red
infection and give the attackers access to the computers.
Attitude Shift
DDoS attacks are among the easiest things someone can do to cause trouble
on the Internet but they're almost impossible to defend
against.
The best approach for most companies is to see what types of services
their Internet service provider offers, said Dave Dittrich of the
University of Washington. Many will help customers mitigate and trace the
source of DDoS attacks. On the other hand, some won't -- choosing instead
to just drop customers who are attacked too frequently.
The FBI has several investigations pending, including an ongoing inquiry
into the attacks last October on the 13 "root servers" that
provide the primary roadmap for almost all Internet
communications.
Most investigations yield few results because victims frequently are
unprepared to capture records of Internet traffic needed to analyze the
assault, said Hal Hendershot, section chief of the FBI's Computer
Intrusion section.
"Whether we conduct a full-fledged investigation is going to depend
a lot on what data is available, and we have to have a certain amount of
information to work with." Hendershot said. "We're constantly
asked to investigate these attacks, only to find [the victim] had
incomplete records or didn't think the information was important enough
to keep."
Cybersecurity experts say that home users provide the first line of
defense, and should install firewalls, anti-virus software and software
patches on their computers to try to cut down on the number of
unprotected PCs that can be infected with worms.
But most computer users see their PCs as high-end, maintenance-free
appliances, said Marty Lindner of the CERT Coordination Center, a
government-funded computer security watchdog group at Carnegie Mellon
University in Pittsburgh.
"We have two choices: We can either educate the public to treat
their computer more like a car, or we can improve the quality of the
software so that a computer can be treated more like a
refrigerator," Lindner said. "Until we do one of those, we are
going to continue to be in this predicament."
*******************************
BBC Online
Police issue internet gun warning
Criminals are using the internet and postal system to get guns into the
UK, senior police officers have warned.
They also told an all-party parliamentary group of MPs there should be
more armed officers on the streets as the number of armed criminals
grows.
The group is due to publish a report on gun crime on Wednesday.
In their submission to MPs, senior officers said they had seized guns
which had been ordered from abroad on internet shopping sites and then
simply sent through the post to the buyers.
Their warning follows figures released by the Home Office in October
which showed the number of crimes involving firearms had increased by
just under 3% in the 12 months to March 2003, to 10,250.
That was well below the 35% rise in the previous year, when gun crime
leapt from 7,362 firearms offences to 9,974.
The police officers told the all-party group the system of acquiring guns
abroad for use in the UK was largely unpoliced.
A chemical spray gun from Bulgaria converted to fire bullets had been
recovered from criminals in Britain, they said.
Gun amnesty
The group held three evidence sessions this year, gathering evidence from
law enforcement officials including those working with Operation Ventara
in the West Midlands, Operation Trident in London and the Manchester Gang
Strategy Unit.
Chairman and Labour MP Diane Abbott said more people had to be put behind
bars if gun crime was to be brought under control.
"We have to look at issues about detecting and conviction much more
seriously," she told BBC Radio 4's Today programme.
Ms Abbott also suggested that improved witness protection would go some
way towards encouraging people to come forward to testify against
criminals.
Conservative home affairs spokesman Oliver Letwin attacked the
government's record on gun crime.
"Labour promised to be tough on crime and tough on the causes of
crime, but gun crime has doubled under Labour," he said.
"When Labour came to power, they promised to take guns off the
streets - they have manifestly failed to do this."
He added that calls by senior officers for more police to be armed should
be taken "very seriously".
The MPs' committee also heard evidence from the Police Federation of
England and Wales and the Association of Chief Police Officers.
Amnesty
Police say that to help them investigate shooting incidents, hospitals
should be obliged to report gunshot wounds.
Four out of 10 police officers feel they lack sufficient armed back-up to
deal with the increasing number of crimes involving guns, and the Police
Federation wants more firearms specialists to be trained.
A gun amnesty in April was declared a success after 43,908 guns and
1,039,358 rounds of ammunition were handed in.
But Home Secretary David Blunkett faced pressure from the public and
opposition parties to tackle gun crime after three shootings a month ago
left two people dead and several injured.
Mr Blunkett pledged to do so at Labour's annual conference, after
Nottinghamshire jeweller Marian Bates was shot dead by armed robbers as
she shielded her daughter at her shop.
*******************************
CNET News.com
Microsoft to offer bounty on hackers
Last modified: November 4, 2003, 3:04 PM PST
By Robert Lemos
Staff Writer, CNET News.com
Microsoft will announce on Wednesday that it will offer two $250,000
bounties for information that leads to the arrest of the people who
released the MSBlast worm and the SoBig virus, CNET News.com has learned.
The two programs attacked computers that run Microsoft's Windows
operating system, causing havoc among companies and home users in August
and September. The reward, confirmed by sources in both the security
industry and in law enforcement, will be announced in a joint press
conference with the FBI, the U.S. Secret Service and Interpol that's
scheduled for 10 a.m. EST Wednesday.
The rewards are the first time a company has offered money for
information about the identity of the cybercriminals.
"It's a new approach," said Chris Wysopal, a security
researcher from digital security company @stake, who hadn't known about
the bounties and was skeptical that they would work. "I don't think
anyone has done this before."
Microsoft declined to comment until Wednesday.
The rewards mark the latest move by Microsoft and law enforcement to
track down the people responsible for infecting hundreds of thousands of
computers in August and September. The U.S. Department of Justice, the
FBI and Microsoft had earlier announced the arrests of two men who are
suspected of modifying and releasing minor variations of the MSBlast
worm.
The attacks were serious enough to hurt Microsoft's bottom line and help
security companies post more profits.
MSBlast, also known as Blaster and Lovsan, spread to as many as 1.2
million computers, according to data from security company Symantec. The
worm compromised computers that use a serious vulnerability in Windows
systems for which Microsoft had released a patch a month earlier. The
Sobig.F virus spread through e-mail on Aug. 19, compromising users'
computers with software designed to turn the systems into tools for junk
e-mailers. A variant of the MSBlast worm, MSBlast.D, was intended to
protect machines against the original program, but it ended up being so
aggressive that the avalanche of data it produced shut down networks.
Sources who asked to remain anonymous said Microsoft would foot the
entire bill for the bounties. Law enforcement typically neither condones
nor disapproves of such rewards.
Security researchers gave the planned bounties mixed reviews.
"I think it is not a bad approach to counter the growing activity
out there," said Peter Lindstrom, director of research for network
protection company Spire Security. "People might criticize Microsoft
for it, but it is a legitimate way to mobilize more folks to start
analyzing their logs."
Despite nearly three months of intensive investigation, the FBI and
Microsoft have only been able to track down two suspected bit players.
The rewards seem designed to produce a mutiny in the close-knit circles
of the hacker underground.
However, some researchers believed that such rewards might divert
attention away from other efforts to add security that might defeat worms
and viruses in the future.
"It doesn't solve the underlying problem of people being able to
write worms like MSBlast," said one security researcher, who spoke
with the condition of anonymity. "It doesn't quite equate
accountability with being at the keyboard."
*******************************
USA Today
New York man pleads guilty to Internet death threat
By Carson Walker, Associated Press
SIOUX FALLS, S.D. A former Veterans Administration law enforcement
officer from New York state will serve six months of home confinement for
threatening to kill a Rapid City woman through e-mail.
Edward S. Grenawalt, 47, of Yonkers, N.Y., pleaded guilty Monday in U.S.
District Court in Rapid City to one count of making a threatening
communication and was sentenced to two years probation.
Besides the home detention, U.S. District Judge Karen Schreier also
restricted his use of the Internet.
The woman, Paula Reynolds, said Grenawalt threatened her for seven years
over Internet chat rooms, e-mail and on her Web site dedicated to fallen
police officers.
"The man had a real problem with wanting to cut me up, spread my
body parts all over town and have my husband look for them," said
Reynolds, whose spouse, Bill is a corporal with the Pennington County
Sheriff's Department.
"I'm glad it's over and I'm glad I don't have to be afraid to leave
my house anymore. If someone says they're going to shoot you off your
doorstep, you're afraid."
Reynolds, 44, said she met Grenawalt on an America Online chatroom for
law enforcement officers but they saw each other in person for the first
time Monday in court.
"When I first met him he was trying to pump into everyone's head
that the Internet is not for entertainment purposes. He always claimed he
was the dark side of AOL. He was going to show AOL that chatroom forums
were not to be," she said.
His online names included "dethr0W" and "certndeth,"
Reynolds said.
"AOL knew full well of him. But they could never do anything with
him because they could never track him down because he was using other
people's accounts," she said.
AOL's corporate communications office did not return a telephone call
Monday seeking comment.
Reynolds said she never provoked Grenawalt and he won't say why he
threatened her.
"He would only respond that he was keeping me around for
entertainment purposes," she said.
Grenawalt made numerous threats over the years but "one e-mail of
him saying he would torture me to death is what hung him," Reynolds
said.
Assistant U.S. Attorney Robert Mandel said charges of Internet threats
are rare but statutes are being applied to Internet use, just as they
have been for telephone threats.
"Ultimately it is possible to run this down and find out who's doing
it. It's an involved process but it can be done. Nobody should think it
is completely anonymous if they're engaged in criminal activity," he
said.
Reynolds hopes the conviction and sentence makes other Net users think
twice.
"You cannot sit behind a computer and make death threats against
someone and defame their character and not be responsible for your
actions," she said.
Paula Reynolds' site is online at copadorer.com.
*******************************
Washington Post
Traffic Light Switcher Makes Critics See Red
By Greg Schneider
Washington Post Staff Writer
Tuesday, November 4, 2003; Page A01
It sounds like a suffering commuter's dream come true: a dashboard device
that changes red traffic lights to green at the touch of a
button.
Police, fire and rescue vehicles have had access to such equipment for
years, but now the devices are becoming available to ordinary motorists
thanks to advances in technology and a little help from the Internet.
Safety advocates are outraged, and news accounts in Michigan last week
led to politicians there seeking a ban on the gadgets.
"Every driver I know would like to have that power, but these
devices could create serious safety hazards, not to mention the havoc
they'd create at busy intersections where lights are carefully
synchronized," said Sally Greenberg of Consumers Union.
There are considerable catches to using them. Highway officials say most
states would consider it illegal to interfere with traffic in an
intersection. The gizmo won't work on just any old traffic light, but it
will work on most lights that authorities have equipped with infrared
sensors that can be controlled by emergency services.
Locally, that leaves Maryland the most vulnerable to interference. The
state has an infrared control system on about 1,000 of 3,000
intersections maintained by the state, said Tom Hicks, director of
traffic and safety for the Maryland State Highway
Administration.
About 100 of those stoplights have been equipped with secure sensors so
the lights can't be changed by anyone without the proper code, but the
rest are unprotected, Hicks said. In nearly 15 years of use, though,
there is no evidence that any outsider has ever flipped a light
illegally, he said.
The District has no infrared sensors on its lights, a traffic department
spokesman said. In Northern Virginia, there are infrared changers on
about 100 state-maintained intersections, but those lights are set to
respond to specific frequencies from emergency vehicles, so outside
devices would work only if they happened to stumble onto the right
frequency -- a millions-to-one shot, said Mark Hagan, a traffic signal
systems manager for the Virginia Department of Transportation.
A smaller number of lights handled by various localities also are
equipped with infrared sensors, Hagan said.
Still, even the possibility that motorists could control a traffic signal
sets safety advocates on edge.
In Michigan, a story about the devices in the Detroit News last week
prompted state Sen. Tony Stamas (R) to promise that he would introduce
legislation to make it illegal to possess such equipment.
"These devices are extremely dangerous and potentially
life-threatening," Stamas said in a news release. "Can you
imagine the nightmare our roads would be if everybody had
one?"
Hicks, the Maryland official, said that using the devices is already
illegal in most states under statutes that prohibit interfering with
traffic flow.
The equipment causing all the fuss came on the market in January through
a Minnesota-based firearms and law-enforcement supply company called FAC
of America. Owner Tim Gow said he takes great pains to make sure none of
the devices is ever sold to an unauthorized individual, either over his
Web site or through a handful of authorized dealers.
"We want to make sure this doesn't get into the hands of the wrong
user," Gow said, adding that he verifies the identity of the person
ordering the product, confirms that it is being shipped to an authorized
recipient such as a fire or police station, and requires the buyer to
sign a contract. His Web site suggests a broad definition of
"potential users," though, including private detectives,
doctors and "community services personnel."
Gow said he invented the equipment as a low-cost, easy-to-install
alternative to the major system on the market, which is built by 3M Co.
and sold under the name Opticom. That system involves putting a receiver
onto a stoplight and an infrared emitter on the light bar of an emergency
vehicle. A police officer or firefighter nearing an equipped intersection
can send a signal to make the red light turn green.
Gow's device, called MIRT for mobile infrared transmitter, is a small
emitter that plugs into a cigarette lighter and can be mounted on the
dashboard. About $500 per unit, the MIRT is a fraction of the cost of the
3M system, which Gow said is intended to make it attractive to
cash-strapped emergency services departments.
Despite his security efforts, MIRT devices are readily available
elsewhere on the Internet. One Web site offers plans and kits for making
copies of the MIRT emitter, and a recent eBay search found a number being
sold for $300 to $900.
One seller notes, "No visible light is emitted! That means that
through the exclusive use of the MIRT you will completely blend in with
all other traffic, yet be able to safely control intersections!" The
seller then warns, "WE ARE NOT RESPONSIBLE FOR WHAT YOU DO WITH THIS
PRODUCT!"
*******************************
Government Computer News
11/04/03
OMB personnel changes: Chenok out, Anderson moving up
By Jason Miller
The Office of Management and Budget?s revolving door continues.
Dan Chenok, a longtime fed and the well-respected branch chief for
information policy and technology, is leaving to join SRA International
Inc. Tad Anderson, portfolio manager for the government-to-business
Quicksilver projects, has been promoted to associate administrator for
e-government and IT.
Anderson said his newly created position will encompass a number of roles
plucked from the agendas of officials who have recently left OMB. He will
assume some of the management duties former chief technology officer Norm
Lorentz provided as well as some of the immediate oversight of the 25
e-government initiatives. Lorentz left OMB in September.
?My job is to serve as Karen Evans? deputy to implement the President?s
Management Agenda and make sure the e-government initiatives find the
finish line,? he said.
Anderson said he also will take OMB?s lead on the General Services
Administration?s SmartBuy, a program to negotiate governmentwide
enterprise software licenses. He said a new portfolio manager has not
been named yet.
Anderson has been at OMB for two years and before that he worked at IBM
Corp. as a management consultant in the federal government consulting
practice.
Chenok will start at SRA after Jan. 1 as a vice president and director of
policy and management strategies, where his primary responsibilities will
be helping the Fairfax, Va., company understand the government?s needs
better. Chenok will leave OMB in mid-December.
Over 13 years at OMB, Chenok was responsible for myriad IT topics, from
security and privacy to budgets and project management. He also advises
senior White House officials on IT policy, and works with the CIO Council
and other interagency IT working groups.
A veteran of the Office of Information and Regulatory Affairs, he
previously was assistant chief of its Human Resources and Housing Branch.
OMB has not named his replacement.
*******************************
Computerworld
Official: China to invest in Linux-based software industry
The move could present a challenge to Microsoft's Windows OS
Story by Reuters
NOVEMBER 05, 2003 ( REUTERS ) - The Chinese government plans to throw its
financial weight behind Linux-based computer systems that could challenge
the dominance of Microsoft Corp.'s Windows in one of the world's
fastest-growing technology markets, an official said today.
China will build a domestic software industry around Linux -- a cheaper
software standard that can be copied and modified freely -- said Gou
Zhongwen, a vice minister at the powerful Ministry of Information
Industry. "Linux is an opportunity for us to make a breakthrough in
developing software," he was quoted as saying on the ministry Web
site. "But the market cannot be developed on a large scale without
government support."
Gou didn't give details on the amount of planned government investment in
Linux.
China's IT market is growing at 20% per year, with software sales
expected to reach $30.5 billion in 2005, according to research firm IDC.
The domestic industry is dominated by Microsoft, Oracle Corp., IBM,
Sybase Inc., UFSoft Co. and Kingsoft Co.
Japan, China and South Korea agreed in September to collaborate on
building a new operating system as an alternative to Windows. Japanese
media reported they would likely build an open-source system such as
Linux.
Chinese officials have said they preferred to use software with
open-source codes to ensure that software guarding sensitive state
information and networks cannot be tampered with easily. The government
has been pushing the development of a homegrown software industry and a
national standard for Linux to counter the dominance of Windows.
*******************************
Washington Post
FCC Approves First Digital Anti-Piracy Measure
Computers, Other Consumer Electronic Devices to Comply With 'Broadcast
Flags' by 2005
By Jonathan Krim and Frank Ahrens
Wednesday, November 5, 2003; Page E01
The Federal Communications Commission yesterday approved the first-ever
requirement that some personal computers and other consumer electronic
devices be equipped with technology to help block Internet piracy of
digital entertainment.
The move is a victory for the movie industry, which has lobbied hard for
regulations aimed at stemming the tide of copying and online trading of
movies and television shows.
But consumer advocates warned that the scheme could force people to buy
new equipment and lead to ongoing regulation of how computers are built.
And they worry that the new rules would potentially hinder the copying of
programming not entitled to industry protection, such as shows that are
no longer covered by copyright.
In voting 5 to 0, with two dissents on portions of the rules, the FCC is
pursuing a longtime goal of pushing for more programming in digital form,
which offers higher-quality pictures and sound.
The agency has reasoned for several years that unless such programming is
available on over-the-air channels, subscription cable and satellite
television would be the only place where enhanced-quality entertainment
was available, and free TV would die.
"Because broadcast TV is transmitted 'in the clear,' it is more
susceptible than encrypted cable or satellite programming to be captured
and retransmitted via the Internet," FCC Chairman Michael K. Powell
said in a statement.
Indeed, the entertainment industry has balked at providing extensive
digital programming over the air unless there was some
protection.
Under the new rules, the industry could embed a piece of digital code
known as a "broadcast flag" into a program, which then could
only be copied by a digital recording device equipped with technology
that recognizes the flag.
A computer could not copy the file to its hard drive, which is necessary
for it to be sent onto the Internet.
The rule is particularly aimed at increasingly popular digital video
recorders, which copy programs to DVDs rather than to video
cassettes.
Some are built into personal computers, while others are stand-alone
machines usually hooked up to televisions.
Under the new rules, such devices must be broadcast-flag compliant by
July 2005. Consumers who want to record shows using VCRs will not be
affected, and they will be able to watch flagged programming on any
television.
"The FCC scored a big victory for consumers and the preservation of
high value over-the-air free broadcasting with its decision on the
Broadcast Flag," Jack Valenti, head of the Motion Picture
Association of America, said in a prepared statement. "This puts
digital TV on the same level playing field as cable and satellite
delivery."
But one network executive said the industry was disappointed that the
rule won't take effect next year and that the FCC did not accept
industry's plan for which technologies would be acceptable for the
broadcast-flag system.
Those changes were pushed by consumer and privacy groups, who nonetheless
remained critical of the plan. Some noted that the decision came from the
same agency that recently relaxed media ownership rules to allow media
companies to grow larger.
"Having just given big media companies more control over what
consumers can see on their TV sets by lifting media ownership limits, the
FCC has now given these same companies more control over what users can
do with that content, leaving consumers as two-time losers," said
Gigi B. Sohn, president of Public Knowledge.
Sohn and others say the plan will not stop Internet distribution, because
programs copied onto video cassettes can easily be re-copied in digital
form and sent online. Blocking that, they said, would require wholesale
equipment changes.
Moreover, said Christopher Murray, legislative counsel for Consumers
Union, consumers will not have the freedom they now have to view copied
material on machines in different rooms or locations unless they buy new
equipment.
Even if consumers have a flag-enabled recorder, Murray said, they could
not view that DVD elsewhere without another compliant device.
In his partial dissent, Commissioner Jonathan S. Adelstein said the new
rules raise unanswered copyright and privacy issues.
He said the order allows programming to be flagged even if its copyright
protection has expired, creating a conflict with intellectual property
law.
He also said that not enough attention was paid to whether the flag
scheme would enable the entertainment industry to track how and when its
content is viewed, a potential invasion of privacy.
Commissioner Michael J. Copps dissented on similar grounds, though he
praised the plan as "better balanced" than original versions
put forth by the Motion Picture Association of America.
Copps criticized the agency's decision to allow the flag to be used with
news and other public-affairs programming.
"This means that even broadcasts of government meetings could be
locked behind the flag," he said in a statement.
The FCC set up an interim system for reviewing flag-technology proposals,
with an eye toward allowing competing versions as long as they meet
certain common standards.
The agency will conduct further hearings for a permanent system.
*******************************
USA Today
Bill would give people e-mailed credit reports
By Jesse J. Holland, Associated Press
WASHINGTON Americans could gain a right to free e-mailed credit
reports under legislation moving through the Senate on Tuesday, but at
the same time the companies they do business with would become exempt
from tough state consumer privacy laws.
Senators are expected this week to reauthorize and make permanent the
Fair Credit Reporting Act, which created a national credit reporting
standard to make it easier for people to get credit cards, loans and
mortgages.
The legislation also would prevent states from setting their own rules on
how businesses use, share and report data on consumers.
Businesses say that keeps finance flowing by keeping them from having a
deal with 50 different privacy laws. Opponents say states more quickly
respond to changing conditions such as identity theft and should be able
to offer strong protections.
An amendment, led by Democratic Sens. Barbara Boxer and Dianne Feinstein,
that would preserve one such law in California failed on a 70-24 vote.
Reauthorizing the law, which expires at year's end, is a congressional
priority. Members of both parties agree that the current national credit
reporting system helps the economy by offering quick credit to consumers.
Lawmakers are stronger identity theft protections and giving all
Americans free credit reports annually from credit reporting bureaus to
help them understand exact what their credit scores are and why they are
denied or approved when they apply for more credit.
"This bill reflects a careful balance between ensuring the efficient
operation of our markets and protecting the rights of consumers,"
said Sen. Richard Shelby (R-Ala.), chairman of the Senate Banking,
Housing and Urban Affairs Committee.
But the bill also stops states from setting their own rules on how
businesses use, share and report data on consumers. That ban comes amid
much consternation of states such as California, which just passed a
tough new consumer privacy law.
It requires most affiliated companies to give consumers notice of their
intent to share their data for any purpose. Consumers also must get the
chance to opt out of this sharing.
But the Senate legislation pre-empts that law. The measure only requires
affiliates of banks, securities and insurance companies to tell customers
when they share their data for solicitation and marketing purposes and
give them the option to block or limit such sharing.
"If my amendment is workable for California, why shouldn't it be the
national standard?" Feinstein said.
Even Democrats said the legislation passed by the Senate was the best
they could do. "Each of us, if we could write the bill by ourselves,
would probably have somewhat different aspects to the bill, and there are
areas where I would have sought it to do more with respect to some
consumer issues," said Sen. Paul Sarbanes (D-Md.). "But I think
we sought to craft a balanced package here."
The Bush administration announced its support for the legislation
Tuesday.
"The bill strengthens the national credit reporting system that has
proven critical to the resilience of consumer spending and the overall
economy," the White House said in a statement. "In addition,
the legislation incorporates many of the consumer protections proposed by
the administration, including new tools to improve the accuracy of credit
information and help fight identity theft."
House and Senate leaders still have to settle their differences before a
final congressional vote.
Information on the legislation, S. 1753 and H.R. 2622, can be found at
thomas.loc.gov.
*******************************