Clips November 6, 2003

[Lillie Coney <lillie.coney@xxxxxxx>]

Clips November 6,
2003

ARTICLES

Windows spamming attracts FTC's notice
Senate Debate Due on Hotly Contested Internet Tax Bill
Fairfax Judge Orders Logs Of Voting Machines Inspected 
Infrastructure Official Draws Praise for Job 
U.S. Agencies Surf for Translators 
New Web site for consumers rates home care providers
China to invest in Linux-based software industry
Pure technology not the only answer to accessibility
IRS builds accessibility into enterprise architecture 

*******************************
CNET News.com
Windows spamming attracts FTC's notice
Last modified: November 5, 2003, 10:05 PM PST
By Reuters

U.S. regulators on Wednesday voiced concerns about a feature in Microsoft
Windows that could subject Windows users to unwanted pop-up ads.

The U.S. Federal Trade Commission said it had scheduled a press
conference for Thursday "to address consumer concerns" about a
little-used feature of Windows called the Windows Messenger service.

The FTC cited problems with "widespread exploitation" of the
Messenger service. The Windows feature is unrelated to popular instant
messaging software. It's designed instead to allow computer network
administrators to send messages to others on their network. 

The agency declined to elaborate, but Messenger has been the subject of
security concerns because purveyors of unsolicited e-mail, or spam,
discovered they could use it to send messages to personal computers that
are connected to the Internet. The messages are especially confusing
because they look as if they've been generated by the operating system
itself. Most PC users, too, have no idea why the ads are appearing or how
to prevent them from showing up. 

Complaints last month about the abuse of Messenger prompted Microsoft to
advise computer users on how to shut off the feature as a way of blocking
the ads. 

Microsoft said it would issue a software update in the first half of next
year that would shut off Messenger, spokesman Sean Sundwall said. Future
versions of Windows will be shipped with the feature turned off by
default, he said. 

Microsoft won't be part of the FTC's Thursday press conference, Sundwall
said. 

"Certainly we applaud the FTC for its ongoing efforts to educate
consumers and also to drive policies that help ensure that consumers have
a safer, more secure computing experience," Sundwall said. 

Complaints about Messenger spam also have prompted the largest U.S.
Internet service provider, Time Warner unit America Online, to take steps
to turn off the feature on its subscribers' computers. 

"It was delivered through a back door," AOL spokesman Andrew
Weinstein said. "It was incredibly confusing for users and
incredibly annoying as well." 

Last year Microsoft settled complaints from the FTC about another
unrelated matter, agreeing to submit to government oversight of its
online identity service in order to settle charges that it misled
consumers about security and privacy standards. 

The identity service, called Passport, aims to make online shopping
easier by storing passwords and credit-card numbers. FTC officials said
they found that Microsoft did not adequately protect users' personal
information, and that the service tracked users' Web-browsing habits
without their knowledge.
*******************************
New York Times
November 6, 2003
Senate Debate Due on Hotly Contested Internet Tax Bill
By JOHN SCHWARTZ

A long-delayed federal Internet tax bill that would turn a temporary
moratorium on taxes on Internet access into a permanent ban is scheduled
for debate today on the floor of the Senate.

The argument over the bill has been as heated as a chat-room brawl.
Opponents contend that state coffers will be emptied as more areas of
commerce - like telephone service - become Internet-based and fall within
the ban. "Every time we, in our wisdom, tell a state or a city that
it cannot use this tax, all we are doing is increasing the chance that
Minnesota or Tennessee will increase some other tax, or fire some
teachers or lay off some employees or close some parks," Senator
Lamar Alexander, Republican of Tennessee, said Tuesday on the Senate
floor.

Supporters argue that the states want to tax every e-mail message, even
every electron. The bill, they say, will not have the dire effects that
opponents predict. "You now have what amounts to a final assault on
the bill," said Senator Ron Wyden, Democrat of Oregon, who is
sponsoring the bill with George Allen, Republican of Virginia.

Senator Wyden said that his opponents had been predicting "the fall
of Western civilization" since the first moratorium passed seven
years ago. "Who do you want to believe, the people who were wrong
over the last seven years, or the facts?" he asked in a telephone
interview.

The only thing that both sides agree on, it seems, is that the bill has
nothing to do with banning sales taxes on online purchases. The
moratorium bans taxes on Internet access, including high-speed access
through telephone digital subscriber lines; "discriminatory"
taxes, which include taxes by multiple states on the sales of a single
item; and taxes that would treat Internet purchases differently from
sales at brick-and-mortar stores. 

The moratorium, which was passed in 1998 and extended in 2001, expired on
Nov. 1. The House has already passed a similar version of the bill. The
new bill would take away the right to tax Internet access from a handful
of states, including Texas and Wisconsin, which passed such taxes before
1998 and have been allowed to keep collecting those taxes under a
grandfather clause. It would also cancel taxes on residential digital
subscriber line access being levied by more than 15 states, causing the
loss of as much as $80 million a year in total revenue to those states,
the Congressional Budget Office said. 

Bush administration officials weighed in yesterday, urging Congress to
pass the bill. "Keeping the Internet free of multiple or
discriminatory taxes will help create an environment for innovation and
will help ensure that electronic commerce remains a vital, and growing,
part of our economy," Treasury Secretary John W. Snow and Commerce
Secretary Donald L. Evans said in a joint statement. "A permanent
moratorium means a permanent victory for American consumers and
businesses."

But state and local governments oppose the bill. David Quam, the director
of state-federal relations for the National Governors Association, said
that the "the debate is over whether you want to reach into state
and local pockets in these difficult fiscal times, to unnecessarily
expand the scope of the moratorium to existing state and local
taxes." Mr. Quam said that despite assurances from Senator Wyden to
the contrary, the bill would help companies evade billions of dollars in
state and local taxes on telecommunications and other services. "Our
position has always been, if you're going to pre-empt state and local
law, then you need to do it precisely, so there are no unintended
consequences of that action," he said.

Senator Alexander has called the bill an unfunded federal mandate because
it restricts the ability of states to impose taxes. In his speech
Tuesday, he said that he would raise a point of order that would require
51 senators to waive the ban on unfunded mandates and suggested that he
might demand a companion law that would use federal money to repay the
states for any lost revenue. "If we think it is so important, we
should pay the bill," he said.

Senator Wyden said that the bill would not exempt telecommunications and
other services from taxation, and that he had worked with Senator
Alexander and the states to write language in the bill to resolve any
ambiguity.

He acknowledged that state and local governments had "very
significant financial needs," but said, "they don't come about
because of Internet tax policy - they come about by misguided tax
policies put in place by the executive branch and its supporters"
and because of a "fumbling economy." 

States have long wanted to be able to collect taxes from Internet
merchants who sell within their borders, just as they have wanted to
collect sales taxes on catalog and telephone sales. But under a 1992
Supreme Court decision in Quill Corp. v. North Dakota, merchants are only
required to collect sales taxes in those states where they have a
physical presence, or nexus. 

"They can't overturn Quill, they can't overturn mail order, they
can't overturn phone sales," Senator Wyden said. "They see this
as the last cash cow they can possibly milk."
*******************************
Washington Post
Fairfax Judge Orders Logs Of Voting Machines Inspected 
By David Cho
Thursday, November 6, 2003; Page B01 


It took more than 21 hours from the time polls closed Tuesday night for
Fairfax County, the putative high-tech capital of the region, to get
final election results from its new, computerized vote 
machines.

Widespread problems in the system, which the county paid $3.5 million to
install, also opened the door to possible election challenges by party
leaders and candidates.

School Board member Rita S. Thompson (R), who lost a close race to retain
her at-large seat, said yesterday that the new computers might have taken
votes from her. Voters in three precincts reported that when they
attempted to vote for her, the machines initially displayed an
"x" next to her name but then, after a few seconds, the
"x" disappeared.

In response to Thompson's complaints, county officials tested one of the
machines in question yesterday and discovered that it seemed to subtract
a vote for Thompson in about "one out of a hundred tries," said
Margaret K. Luca, secretary of the county Board of Elections.

"It's hard not to think that I have been robbed," said
Thompson, whose 77,796 recorded votes left her 1,662 shy of reelection.
She is considering her next step, and said she was wary of challenging
the election results: "I'm not sure the county as a whole is up for
that. I'm not sure I'm up for that."

Meanwhile, attorneys for local Republicans and GOP candidate Mychele B.
Brickner, who lost her bid to chair the Fairfax County Board of
Supervisors, went before a Circuit Court judge yesterday morning, asking
him to keep 10 voting machines under lock and key and not to include
their tabulations in the results. The machines, from nine precincts
scattered across the county, broke down about midday Tuesday and were
brought to the county government center for repairs and then returned to
the polls -- a violation of election law, Republicans argued.

The judge said the activity logs of all 10 machines will be inspected
this week, with members of both major parties present.

"It's like Florida in many ways," said the Republicans'
attorney, Christopher T. Craig, referring to that state's 2000
presidential ballot-counting controversy. "This is about ballot
integrity. . . . A lot of people have been telling us they couldn't vote
for someone. . . . I have been hearing that there are a lot of
problems" with the county's new WINvote computer
technology.

As more details emerged yesterday, county officials defended the system.
Luca insisted that most of the problems had less to do with computer
glitches than human error.

"The new machines get an A-plus," she said. "It's the plan
to collect the vote that gets the failing grade."

Fairfax purchased the 1,000 touch-screen vote machines this year from
Advanced Voting Solutions of Frisco, Tex. The machines, which resemble
laptop computers, were used countywide Tuesday for the first time, and
the problems that resulted mirrored what occurred in Montgomery County
last year when similar new technology was used. The equipment in
Montgomery County was blamed for delayed results and confusion at the
polls. 

Fairfax officials had confidently promised that their machinery would
work much better, citing a battery of tests conducted last week. They
also predicted that the system would greatly speed the reporting of
results.

Instead, it churned out one of the slowest vote counts in
memory.

Much of the delay occurred at 7 p.m. when the polls closed. Most of the
county's 223 precincts attempted to send in their computer tallies at
once, overloading the system. Many poll officials ended up calling in
their numbers, but some couldn't get through and instead drove their
results to the county government center. 

In at least 19 precincts, results were officially sealed in the mistaken
assumption that they had been sent by computer modem, officials said
yesterday. Sealed results cannot be opened unless all three election
board members are present, which led to further delays.

In addition, software errors kept the results from two precincts from
being posted until about 4:30 yesterday afternoon.

"Everyone seems to be aghast at how this could happen,"
Thompson said. "But this seems like something you could have had the
foresight to see."

John Service, 50, of North Springfield said it took him four or five
tries to register his vote for Thompson, and he wondered whether some
voters were disenfranchised. "I am concerned about voters who might
have been in a rush and didn't go back and check to make sure all the
names [they intended to vote for] appeared on the final ballot," he
said.

The glitches forced a handful of precincts to return to paper ballots.
And even at polls where computer problems didn't arise, voter
unfamiliarity with the technology created long lines.

Some voters gave up -- a thought that crossed Jeff Fisher's mind.

Fisher, 43, of Annandale said he almost walked out of his polling place
when a woman in front of him spent 10 minutes getting through the
ballot.

Others, though, wondered why so many people had problems with the
machines. "I thought it was very easy to vote, and I'm not even that
bright of a kid," Al Richards, 61, of Falls Church said.

*******************************
Washington Post
Infrastructure Official Draws Praise for Job 
By John Mintz
Wednesday, November 5, 2003; Page A27 


Robert Liscouski still has the pierced ear but not the long hair that he
sported in the 1970s, when he was an undercover narcotics officer in
northern New Jersey selling marijuana and cocaine to biker
gangs.

Now Liscouski, 49, has a higher-ranking job, but one requiring the same
long hours and cool demeanor that he exhibited as a narc -- he is the
Department of Homeland Security's top official protecting gas pipelines,
railroads, dams and other critical facilities from terrorist
attacks.

The job of assistant secretary for infrastructure protection is one of
the most challenging in the 170,000-employee department, as well as one
of the main reasons Homeland Security was created, officials
said.

While many of the department's divisions are being criticized for
disorganization, Liscouski's 200-person shop is widely praised for the
crispness of its analysis and its efficiency. Some members of Congress
who are highly critical of other Homeland Security offices praised
Liscouski's performance, as did a number of industry figures.

"He's very knowledgeable on issues of infrastructure
protection," said Ronald Dick, a former top FBI counterterrorism
official who is now director of national security and foreign affairs at
Computer Sciences Corp., a federal contractor. "He's got some huge
challenges addressing things never done before in this
country."

Some defense experts say the war on terrorism is one of the first U.S.
national-security crises in which the government is forced to ask for
voluntary help from wide swaths of industry. It is Liscouski's job to
secure that help.

U.S. intelligence says al Qaeda is interested in targeting elements of
the nation's critical infrastructure -- sites as diverse as the Hoover
Dam, Three Mile Island nuclear plant and the DuPont chemical complex in
Delaware. The terrorist network's central goals would be to cripple the
economy and strike symbols of U.S. power.

 From the government's point of view, the problem is that many of those
facilities -- some of whose destruction could devastate communications or
transportation or commerce -- lie in private hands. So Liscouski must
jawbone to persuade industry executives to blanket the facilities with
security. 

"We need to frame our arguments to CEOs [in favor of spending money
to secure corporate assets] on the basis that it is good for
shareholders," besides being good for the country, Liscouski said.

After leaving the Bergen County, N.J., detective squad in 1980, Liscouski
joined the State Department's security office in Europe. It was the early
1980s, when German, Italian and Palestinian terrorist groups were on the
loose in Europe. Liscouski protected U.S. Ambassador Maxwell Rabb in
Rome, trained foreign security agents and acted as the department's
representative to Interpol.

In 1991, he joined a software firm, Orion Scientific, and sold
data-sorting software to U.S. intelligence and law-enforcement agencies.
Six years later, he set up a small company, largely with his own money,
that researched news and market trends for corporate clients.

Ultimately his firm went under, and he joined Coca-Cola Co.'s security
division. 

Far from simply guarding gates, his office was in charge of protecting
Coke's secure data -- including its all-important product formulas -- as
it zipped across the 200 countries in which the company operates.
Liscouski also helped handle all manner of crises, such as a 1999 health
scare in Belgium stemming from allegations that Coke cans had been
contaminated and leading to a $250 million recall.

"At Coke, I learned you have to articulate a business argument for
why to spend money on security," he said.

"Bob's DNA is he's very focused, very dedicated, and when he's
committed to something, he does it 1,000 percent," said James Hush,
a Liscouski friend and Coke vice president also in security.

Liscouski joined Homeland Security on March 24, only weeks after the
department was formed as the combination of 22 separate agencies. It was
also a few days into the Iraq war, and the imposition of the highest
security alert in U.S. history. National Guard troops guarded some
nuclear plants, and hundreds of other sites were locked down as never
before.

Despite having a staff that was only a fraction of what his budget called
for, Liscouski was one of the top officials coordinating this security
alert. "There was so much to do and so few people to do it," he
said, recalling months of hectic 20-hour days. 

His key task is examining the possible threats against U.S. industry --
as gleaned from, for example, the vague intelligence picked up in
interrogations of captured al Qaeda operatives -- and matching them with
the possible vulnerabilities at thousands of key sites and networks
across the country. Then he takes action to batten down the
hatches.

House Democrats, declaring in a recent report that "two years is too
long to wait," criticize Liscouski's shop as too slow in finishing a
listing of which parts of the infrastructure are most at risk. But agency
officials say the delay is caused by his office's understaffing and the
importance of the task.

One question facing Liscouski is whether the government should demand
through regulation that industries secure themselves, or let them do it
voluntarily.

"Only time will tell," he said. "We're now using the bully
pulpit, but industry has to step up and take responsibility."

Harvard University information policy professor Anthony Oettinger said he
cannot imagine anyone better suited to crack such a challenging
puzzle.

"Bob's range of expertise is astonishing," said Oettinger, who
chairs a CIA science advisory panel on which Liscouski served as a
member. "He's got such common sense, and he's unflappable. . . .
He's bedrock."
*******************************
Washington Post
U.S. Agencies Surf for Translators 
A Dearth of Linguists Sends CIA, FBI to Web 
By John Mintz
Thursday, November 6, 2003; Page A31 

The CIA and the FBI are launching a program to help solve the shortage of
linguists in Arabic and other languages, which officials say has become a
crisis in the fight against terrorism. They're going online and creating
a "virtual" network of bilingual university students,
professors and other language experts.

When the National Virtual Translation Center starts operations Dec. 1, it
will initiate an unusual and perhaps risky plan: hiring individual
language speakers around the nation who haven't worked in government to
translate documents and audiotapes sent to their homes or offices by
e-mail.

In the past, the CIA, the National Security Agency (NSA) and other
agencies had to obtain security clearances for their translators and then
bring them to the location of the untranslated materials -- to
Afghanistan, say, to translate al Qaeda documents, or to secure vaultlike
U.S. government facilities where classified data could be
reviewed.

"Historically we brought linguists to the material, but now we'll
get the material to the linguists," the new center's director,
Everette Jordan, said in a recent interview. "It means we can move a
lot faster."

To Kevin Hendzel, a spokesman for the American Translators Association
(ATA), which is working closely with the Pentagon, the CIA and FBI on the
linguist shortage, the new program is "truly revolutionary" and
"perhaps the most important innovation to address this great
national security priority."

Government officials say the backlog of untranslated documents -- and of
unexamined tape recordings of conversations surreptitiously recorded by
the NSA -- has become so colossal that they need to try something
new.

"We're feeling trapped in the way we've always done things,"
said Jordan, a 27-year translator and administrator for the U.S. Army and
the NSA. "The situation is dire."

Officials naturally are moving on other fronts, too -- the FBI and CIA
have hired up to 500 translators since Sept. 11, 2001, and intelligence
agencies are upgrading computers that translate texts automatically or
can sort through vast amounts of data to find the most telling
passages.

Jordan is officially announcing the new effort at an ATA conference today
in Arizona.

The FBI will oversee day-to-day operations of the center, which is housed
in a downtown Washington office building near FBI headquarters. But along
with Congress, CIA Director George J. Tenet has been the driving force in
creating it.

At least 300 non-government employees are expected soon to be working as
center contractors, with most coming from universities, companies and
private laboratories. Jordan is scouring the country for experts in
fields including economics, politics, immunology and metallurgy who also
know languages such as Arabic, Farsi, Pashto, Bahasa Indonesian and
Korean. 

Most of them will get a cursory background check and will not receive
full security clearances. Those working at this level will not be given
secret materials to translate, but they will do more humdrum work, such
as translating transcripts of a Chinese biotechnology conference or texts
on Iran's oil industry. 

The translators won't be informed of the context of the government's
interest in the documents.

The idea is to fill in the U.S. government's knowledge of societal trends
in those countries, in the same way that the CIA spent years scrutinizing
the Soviet bloc's politics and economics during the Cold War.

Most of the government's best linguists grew up speaking the languages
being translated and understand the subtle nuances in dialect and
culture, officials said. Jordan added that in Arab culture, people often
speak in allegorical or mystical terms that can flummox even expert
outsiders.

Jordan has a reputation as a star at the NSA, say people who know him. He
learned French and Spanish effortlessly in high school. Posted to Germany
while in the Army, he mastered first German and then Russian. He started
his work in the NSA in 1982, and for years he wore headphones listening
to Soviet military officers discussing their work and their lives --
though he refuses to discuss it.

In 1990, he learned Arabic and shifted to work in that part of the world.
But ever since he appeared at his superiors' instruction in a CNN
documentary about the NSA in March 2001, he has been unable to travel
abroad for security reasons.

His center will struggle to overcome many academics' innate unease about
working with the intelligence community, officials said. Since the
Vietnam War and scandals about the CIA in the 1970s, some college
professors and administrators have come to view intelligence
professionals as "baby killers," Jordan said.

Likewise, suspicion pervades intelligence circles about working with
academics, said Jordan, who added that it won't be easy persuading
intelligence officials to entrust their untranslated documents to college
professors lacking full security clearances.

"To them, it's having strangers do your work," Jordan said,
"a bit like sending your kid off to kindergarten in another
town."
*******************************
USA Today
New Web site for consumers rates home care providers
Posted 11/5/2003 8:30 PM

INDIANAPOLIS (AP)  Consumers attempting to unravel the myriad home
health care choices before them have a new tool: a Web site with a
federal database rating licensed providers in 11 areas. 

The federal Center for Medicare and Medicaid Services went online with
its Home Health Quality Initiative this week after setting up a similar
program for nursing homes two years ago. Consumers can access the
database at the Web site
www.medicare.gov.

The home health database shows providers' improvement rates in 11 areas,
such as the percentage of patients who improve at bathing and those who
are confused less often. It includes state providers and state and
national averages. 

"From the consumer standpoint, it's important to be empowered with
information," said Suzanne Baker, director of St. Vincent Home Care
in Indianapolis. 

The database allows users to find home health providers by state, county
or ZIP code, and provides basic information about the services offered,
such as speech pathology or occupational therapy. 

"Most families when they encounter the need for home care have no
idea what to do," said John Cardwell, chairman of the Indiana Home
Care Task Force, an alliance of 70 organizations. 

Cardwell suggests consumers also contact one of their state's Area
Councils on Aging, which also maintain information on individuals, such
as nurses and former nursing home employees, who may not be licensed home
health providers. Dealing with a licensed agency increases the likelihood
of receiving good service, he said. 

The nursing home database rolled out in November 2001. 

Consumers without Internet access can call toll-free 1-800-MEDICARE.
Staff will work with them to file information requests that can be
printed and mailed.
*******************************
USA Today
China to invest in Linux-based software industry
November 5, 2003

BEIJING (Reuters)  The Chinese government plans to throw its
financial weight behind Linux-based computer systems that could rival
Microsoft's Windows in one of the world's fastest-growing technology
markets, an official said on Wednesday.
China would build a domestic software industry around Linux  a
cheaper software standard that can copied and modified freely  said
Gou Zhongwen, a vice minister at the powerful Ministry of Information
Industry.

"Linux is an opportunity for us to make a breakthrough in developing
software," he was quoted as saying on the ministry Web site
www.mii.gov.cn.
"But the market cannot be developed on a large scale without
government support."

Gou did not give details on the amount of planned government investment
in Linux.

China's information technology market is growing at 20% a year, with
software sales expected to reach $30.5 billion in 2005, according to
research house International Data Corp.

The domestic industry is dominated by Microsoft, Oracle, IBM, Sybase,
UFSoft and Kingsoft.

Japan, China and South Korea agreed in September to collaborate on
building a new computer operating system as an alternative to Windows.
Japanese media reported they would likely build an open-source system
such as Linux. (Related story: China, Japan, South Korea agree to develop
non-Windows operating system)

Chinese officials have said they preferred to use software with open
source codes to ensure that software guarding sensitive state information
and networks cannot be tampered with easily.

The government has been pushing the development of a homegrown software
industry and a national standard for Linux to counter the dominance of
Windows.
*******************************
Government Computer News
Pure technology not the only answer to accessibility 

By Thomas R. Temin 
November 6, 2003

When it comes to accessibility products for deaf or hard-of-hearing
users, sometimes cool technology alone doesn?t cut it. That?s because
translating for the deaf involves subtle cultural issues that no
technology can fully overcome. 

At the IDEAS Section 508 conference yesterday in Washington,
Hewlett-Packard Co. officials demonstrated a product called
iCommunicator. The PC application accepts live voice input, converts it
to on-screen text, then converts the text to video images of sign
language. The software draws on a library of several thousand short clips
of a professional sign linguist, according to Gail Rosenberg, product
manager for iCommunicator. 

Because it links text to the video clips, the signing produced is in
word-for-word order, not idiomatic English. And it included what several
deaf observers thought was an inordinate amount of finger-spelling. Thus
the video output is mechanical and disconcertingly unlike American Sign
Languagein effect the signing equivalent of eerie synthesized audio
voices. 

Rosenberg, who is also a certified audiologist, said that as more whole
signed words are added to the library, the amount of finger-spelling, in
which the signer spells out words letter by letter, would be reduced.

More revealing was the question from a deaf observer of the
demonstration. Fredrick Waldorf, a retired FBI employee, asked whether
the model in the video clips was deaf or hearing. Rosenberg said the
model is hearing and has a deaf son. 

Asked afterward the significance of the question, Waldorf, joined by
Stephanie Phillips of the Agency for International Development and Brenda
Sue Pickering of the Interior Department, said through an interpreter
that skilled signers include inflection and emotion through their faces
and hand movements. And, while not criticizing iCommunicator itself, they
added that deaf people can tell whether a signer is deaf by body language
and style in arm and hand motions. Often, they said, deaf people are
sensitive that such cues that can create emotional affinity with the
signer, whether live or on video.
*******************************
Government Computer News
IRS builds accessibility into enterprise architecture 
By Wilson P. Dizard III 

The IRS has incorporated Section 508 requirements into its enterprise
architecture and lifecycle management policies. 

"Section 508 compliance has to be part of an agency's business plan
and enterprise architecture" because 10.7 percent of IRS employees
have disabilities, T.J. Cannady said yesterday. 

Cannady, the IRS' program manager for the Information Resources
Accessibility Program, and other officials from the tax agency discussed
the service?s efforts to comply with Section 508 of the Rehabilitation
Act Amendments of 1998 during a panel at the Interagency Disability
Educational Awareness Showcase 2003. 

IRAP provides technical support to IRS offices as they work to make
systems compliant, Cannady said. 

At the IRS, IT planners are trying to building compliance into systems
from the start to minimize costs. "Section 508 compliance can be
expensive if you try to add it on the back end," she said. "You
have to plan for it from the beginning.? 

The idea is comparable to the agency?s view on the application of the Tax
Code, Cannady said. "I am reminded of the IRS mission statement of
applying the tax laws with integrity and fairness to everyone."

Charles Murray, an IRS computer scientist, emphasized that Section 508
compliance is included in the enterprise lifecycle plan the service
adopted in 2001. 

Janice Thomas, an accessibility technology specialist for IRAP, said
incorporating 508 requirements into an agency's enterprise architecture
involves much more than just adding a paragraph summarizing the law's
requirements. 

The requirements must be integrated into enterprise architecture
provisions that detail applications technology, software development and
telecommunications systems, Thomas said. "You want to make sure you
are developing systems that serve everyone." 

The requirements also must apply to methods of interacting with the
public as well as to an agency?s help desk and support services, she
said. 

Murray added that the best way to ensure that 508 considerations are
being taken into account during systems development is to create project
milestones for developers to review accessibility considerations.
*******************************
MSNBC
Who falls for e-mail scams? 
 
A look at what happens after victims fall for ?phish? stories 
 
By Bob Sullivan
MSNBC 
 
Nov. 4  It certainly looked like the real thing. Full of eBay logos
and links, the e-mail said their accounts were expiring, and they?d
better fill out a form quickly or risk losing their current auctions. So
they did  typing in everything from drivers license numbers to
credit card PINs. Since then, thieves have attempted to steal their money
and their private information has been posted on the Internet for all the
world to see. The lapse in judgment was momentary, but the consequences
continue to unfold.
       WHAT?S THE EASIEST way to steal
consumers? personal data for identity theft? Just ask them for it. 
       So-called ?phisher? e-mails, which
look like authentic notes from real companies like eBay, Citibank or
America Online, are a growing problem for Internet users, who continue to
fall for the dupe and give away credit card numbers, Social Security
numbers, and other critical personal data. 
       The e-mails are remarkably
successful, say Internet scam artists who?ve discussed their techniques
anonymously with MSNBC.com. One claimed as many as 10 percent of
recipients fill out the forms, which take advantage of the ease with
which genuine Web sites are copied. With imitation artwork and text a
fake Web site can look like the real thing to anyone not looking
closely.
       Anyone can be tricked by the phisher
e-mails. 
       MSNBC TV anchor Contessa Brewer fell
for the ploy in September, giving up her Social Security number to a Web
page that looked like an authentic one from America Online. The instant
she hit submit, she knew she had made a mistake.
       ?I know better,? she said. ?But I
had just moved, and I was filling out a whole lot of forms at the time,
and this just seemed like one more form.? 
       
ONE E-MAIL, MANY VICTIMS
       That?s just about what happened to
dozens of consumers who answered one such phisher e-mail sent out in
July. Eventually, their data reached its way to a chat room devoted to
swapping ?phish? stories, enabling MSNBC.com to contact the victims and
hear their stories. 
       One victim, when shown the chat room
log, responded with astonishment.
       ?There?s my cell number. My PIN.
Wow, that?s scary,? said Nikki Rizzi of New York. ?My Social Security
Number. Look at that.? 
       The information was posted to the
chat room apparently as the result of a dare from one member to the
other. Internet fraud artists looking to sell ?hot? financial account
information often post a slice of the stolen data to boost their
credibility.
      All of the victims contacted had been hit
with some kind of financial fraud but few had made the connection between
the fake eBay e-mail and the fraud until contacted by MSNBC.com. Several
didn?t even remember filling out the form.
       Contrary to conventional wisdom,
most of the victims were Internet-savvy. Several regularly check their
credit cards and bank statements online, for example, and discovered
their identities had been stolen just that way. Still, the e-mail was
convincing enough to dupe them.
       ?They sent you e-mail posing as
eBay. The page looks so real, you fall for it and give them all your
information,? said Ed Dwyer, of Thompson Falls, Mont. Like the other
victims, Dwyer surrendered virtually all the keys to his financial
kingdom: His bank name, account number and routing number. His credit
card number, expiration date, and PIN number. Even his Social Security
number, driver license number, date of birth and mother?s maiden
name.
       Two weeks later, Dwyer, 34, was
watching TV when he heard the Federal Trade Commission was warning people
about the phisher scams. The examples the FTC cited were identical to the
eBay e-mail Dwyer had received.
       ?Right then I felt like a sucker,?
he said. 
       But he?s hardly the only one. 
       Rizzi, 25, fell for the same scam.
Then, during one 15-minute span in September, someone made seven separate
$200 cash advance withdrawals from his MBNA credit card. Four other
attempts later that night were stopped.
       ?I was out coming home from gym and
went to use my card and it was invalid,? Rizzi said. ?The next day I
checked it out online, and there were seven transactions done but I still
had my credit card in my hand. Whoever it was used my credit card number
to make a fake credit card and had my PIN.?
       Rizzi didn?t know how the criminal
had managed to get the PIN until he was reminded of the eBay look-alike
e-mail by MSNBC.com. 
       ?I do remember that one . ... I
thought it seemed weird,? he said. ?But being a young person, you embrace
the Internet.?
       Rizzi has since changed banks,
canceled all credit cards and moved, making most of the stolen data which
appeared in the public chat room useless. But not all of it.
       ?I can?t change my Social Security
number,? he said. ?What am I supposed to do about that??
       
FRAUD ALERTS HELP
       Experts say that best thing for
victims to do is check their credit reports  which are available for
free to victims of identity theft  and to place a ?fraud alert? on
their records at each of the three credit reporting bureaus. But none of
the victims interviewed for this story had taken that step, or were
advised to do so by their financial institutions.
       Randall Allen, of Witchita, Kan.,
thought he was being careful. He uses eBay to buy equipment for his
company and set up a special credit union account just for online
purchases. Allen maintained only a fractional balance in the account,
just in case a criminal ever managed to access it. He even checked the
account weekly. 
       Still, the original eBay look-alike
e-mail was enough to fool Allen.
        ?I remember filling in the
form,? he said. ?Now, I feel like, gosh I just gave them the keys to
everything, didn?t I?? 
       He discovered something was wrong
when an overdraft notice appeared on the account, after someone moved
$100 out of it. 
       A couple of weeks later, a sales
representative at Gateway called him after someone tried to buy a new
computer via automatic withdrawal from his credit union. But by then, the
account had been blocked.
A LOT OF LOST TIME
       Allen, like all of the other victims
interviewed for this piece, hasn?t yet lost any money because of the
identity theft, thanks to refunds from the financial institutions
involved. But he did lose a lot of time  half a day at the credit
union office dealing with paperwork, followed by more paperwork later, he
said.
       ?It took me a lot of time to take
care of this,? Allen said. ?Luckily, I watch my money. But I want this
kind of stuff to stop. I cannot believe people do this.?
      David Aasum of Rochester, Minnm. had $800
wired out of his bank account in September, when most of the financial
crimes connected to the July eBay look-alike e-mail took place. It?s not
clear why the successful ?phisher? waited so long.
       ?I monitor my accounts all the
time,? Aasum, 60, said, adding that after he discovered the withdrawal,
?it was immediately taken care of by my bank.? By that Aasum means that
his bank put $800 back into his checking account. But the bank didn?t
advise him to take other steps to protect his now stolen identity, such
as contacting credit bureaus, he said. 
       Fraud fighter Dan Clements, who
operates a credit card fraud awareness Web site called CardCops.com,
spotted the chat room where the data was posted and shared the
information with MSNBC.com.
       ?It?s really just a numbers game,?
Clements said. ?(Criminals) send out hundreds of thousands of those, and
if they get just a few back they are ahead of the game.?
       While it?s easy to criticize victims
for divulging personal information, Clements said so many Internet users
are falling for the trick that the financial industry has to do more than
simply blame the victims.
       ?Busy professionals, sophisticated
people see an e-mail with the right logos, fill it out, and hit submit.
Lots of times, an instant later, they think, ?What have I done,? but it?s
too late,? he said. ?We have seen that the banking industry has been slow
to respond to some of these issues.?
       EBay could do a better job warning
consumers, too, Aasum suggested.
       ?When I got it, I did try to contact
the real eBay, and they never responded,? he said. But he has received
other notices from eBay saying the firm would never ask for information
such as credit card PIN numbers. ?I guess I don?t know what eBay could
really do,? he said.
*******************************