From rforno at infowarrior.org Sun Oct 1 23:26:18 2006 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 01 Oct 2006 23:26:18 -0400 Subject: [Infowarrior] - Data the US is collecting on air travellers In-Reply-To: Message-ID: (c/o D) What the US knows about visitors By Stephen Mulvey EU reporter, BBC News A deal on the transfer of data about air passengers leaving the European Union for the US has run out, following the collapse of talks on its renewal. The need to renegotiate the deal came as a result of a European Court of Justice ruling in May, and there have been repeated warnings since then that chaos would ensue if the talks failed. Airlines have been threatened with fines of $6,000 per passenger or withdrawal of landing rights if they fly to the US without supplying the data, which American officials use to try to identify potential terrorists. But the airlines could face prosecution under national data protection laws in EU member states if they do hand over the information. Passengers on any flights that failed to supply the data to the US authorities would also risk being held up for hours at US immigration. SOME THINGS US CUSTOMS KNOWS Your history of missing flights Your frequent flyer miles Your seat location aboard Your e-mail address From 2004 onwards an agreement was in force allowing US Customs and Border Protection (CBP) to access European airline reservation databases and pull out up to 34 pieces of information about each passenger. However, this agreement was annulled by the European Court of Justice, which ruled that European officials had not given it an appropriate legal basis. The judges gave them until midnight on 30 September to correct the mistake. The negotiations between the EU and the US on renewing the agreement were expected to centre on legal technicalities rather than issues of substance - however, they appear to have strayed in to controversial territory and become bogged down. One EU official told BBC News that generally speaking the EU wanted to give away less data, while the US wanted more. US demands for information are going to go up not down Hugo Brady Centre for European Reform In future, the EU also wants to go over to a system where airlines "push" the data across to the US, rather than allowing the CBP to continue "pulling" it. Additionally, European privacy authorities want the US to give legally binding guarantees regarding the protection of the data concerned, instead of the existing non-binding undertakings. On the other hand, US Secretary of Homeland Security Michael Chertoff has said the CBP needs to be able to share the data more freely with other government departments, such as the FBI. Now that the talks with the EU have run into difficulty, the US has the option of doing bilateral deals with each of the EU's 25 member states, but it is likely to regard this as a last resort. Passenger profile The Passenger Name Record (PNR) data that has been transferred up to now, falls into 34 overlapping fields, some of which contain very little information, for example the passenger's name, while others contain a lot, including the passenger's name (again), date of birth, sex, citizenship and so on. Some of this information is collected when the ticket is booked, some of it at check-in, and some is information about the passenger's travelling history, which can be gleaned from the reservation database. Not all the fields will necessarily be filled in. The data can be broken down into the following categories * Information about the passenger : name; address; date of birth; passport number; citizenship; sex; country of residence; US visa number (plus date and place issued); address while in the US; telephone numbers; e-mail address; frequent flyer miles flown; address on frequent flyer account; the passenger's history of not showing up for flights * Information about the booking of the ticket : date of reservation; date of intended travel; date ticket was issued; travel agency; travel agent; billing address; how the ticket was paid for (including credit card number); the ticket number; which organisation issued the ticket; whether the passenger bought the ticket at the airport just before the flight; whether the passenger has a definite booking or is on a waiting list; pricing information; a locator number on the computer reservation system; history of changes to the booking * Information about the flight itself : seat number; seat information (eg aisle or window); bag tag numbers; one-way or return flight; special requests, such as requests for special meals, for a wheelchair, or help for an unaccompanied minor * Information about the passenger's itinerary : other flights ticketed separately, or data on accommodation, car rental, rail reservations or tours. * Information about other people : the group the passenger is travelling with; the person who booked the ticket The CBP system has been built in such a way that some "sensitive" information is filtered out. Protected data According to the undertakings on data protection provided by the US, this includes "personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and data concerning the health or sex life of the individual". This means that Halal or Kosher meal preferences will not show up, while requests for a vegetarian meal will. The PNR data is not used simply to check names against blacklists of known suspected terrorists, but to find new suspects with suspicious patterns of behaviour "You can be sure that the US will construe whatever they can from the information provided. You can construe a lot from someone's name," says Hugo Brady of the Centre for European Reform. The PNR data is not used simply to check names against blacklists of known suspected terrorists, but to hunt for people with suspicious patterns of behaviour. "They have compiled a number of scenarios which they believe amount to suspicious activity and the data is screened for a match. Did the passenger pay cash, did he have baggage? And so on," says Hugo Brady. He adds: "US demands for information are going to go up not down and we are going to have to find a way of aligning security and privacy to a mutually satisfactory end." From rforno at infowarrior.org Mon Oct 2 14:22:01 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 02 Oct 2006 14:22:01 -0400 Subject: [Infowarrior] - U.S. joins European cybercrime convention Message-ID: U.S. joins European cybercrime convention By Tom Espiner http://news.com.com/U.S.+joins+European+cybercrime+convention/2110-7348_3-61 21760.html Story last modified Mon Oct 02 08:30:48 PDT 2006 The U.S. government has embraced European legislation meant to help the global fight against cybercrime. The Council of Europe Convention on Cybercrime calls on countries to coordinate international law to investigate and prosecute online criminal activity. The convention has now been signed by 43 EU member states and 15 other parties, including the U.S. It will come into U.S. law on Jan. 1. Under the convention, countries must have criminal laws addressing activities including hacking, spreading viruses or worms, unauthorized access or damage to computer systems, fraud and copyright violations. It also is meant to foster sharing of electronic evidence on matters such as child sexual exploitation, organized crime and terrorism. Tom Espiner of ZDNet UK reported from London. Copyright ?1995-2006 CNET Networks, Inc. All rights reserved. From rforno at infowarrior.org Mon Oct 2 16:42:46 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 02 Oct 2006 16:42:46 -0400 Subject: [Infowarrior] - GNU Releases VoIP Encryption per Zimmerman's ZRTP and RFC 3711 In-Reply-To: <45206ADB.35D757EF@RealMeasures.dyndns.org> Message-ID: October 1, 2006; Bayonne NJ --- GNU Telephony is happy to announce that with the latest release of the GNU RTP Stack, GNU ccrtp 1.5, we are introducing a free software framework for developing both the secure RTP profile for VOIP (as defined by RFC 3711), and also a GNU GPL licensed implementation of Phil Zimmermann's ZRTP protocol for voice encryption as used in "Zfone". By offering a native secure RTP framework that can be directly embedded in newly developed VOIP applications, GNU Telephony intends to promote the development and widespread use of secure and intercept free voice and video communication services worldwide. The Twinkle softphone package, immediately available with SRTP/ZRTP support, is the first complete free software package to make use of Secure call features offered in the GNU RTP Stack. The GNU RTP stack can be used to develop secure communications for GNU/Linux hosted applications. The stack may also be used to develop application on various BSD systems including Mac OS/X, on Microsoft Windows, and even for embedded systems. We have tested and built the GNU RTP Stack with Handhelds Open Embedded build environment, and we look forward to implementing a Twinkle based secure calling solutions on Linux kernel powered cell phones in the future. Securing RTP sessions is part of our vision in GNU Telephony to help make passive voice communication intercept a thing of the past. By making "secure by design" encryption capabilities simple to embed, and by enabling the largest possible participation in developing such solutions through free software, we hope to break down those remaining barriers that prevent secure telephony from being widely deployed over next generation telephone networks. Part of this vision includes offering TLS encapsulated SIP over TCP, and deployment of anonymous calling proxies, to further deny passive data mining of call session and connection associative information in the future. Downloads: http://ftp.gnu.org/pub/gnu/commoncpp/commoncpp2-1.5.0.tar.gz http://ftp.gnu.org/pub/gnu/ccrtp/ccrtp-1.5.0.tar.gz http://ftp.gnu.org/pub/gnu/ccrtp/libzrtpcpp-0.9.0.tar.gz http://www.xs4all.nl/~mfnboer/twinkle/download/twinkle-0.9.tar.gz Additional Resources: Phil Zimmermann's zrtp specification; http://www.infosecwriters.com/text_resources/pdf/Zfone_SSotillo.pdf. Zfone project; http://www.philzimmermann.com/zfoneproject/index.html. GNU Telephony Secure Calling; http://wiki.gnutelephony.org/index.php/Secure_Call. Twinkle Softphone; http://www.twinklephone.com/. Open Embedded; http://www.handhelds.org/geeklog/index.php. About GNU Telephony: GNU Telephony is a meta project dedicated to the development and promotion of the use of free software for telephony. GNU Telephony is used to directly support the GNU Common C++ family of libraries and telephony application servers such as GNU Bayonne, which are part of the GNU Project, as well as other packages that we regularly use. We will also support several special projects from this site, including CAPE runtime libraries, Secure Calling, and GNU Telephony Open Embedded. From rforno at infowarrior.org Tue Oct 3 20:57:10 2006 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 03 Oct 2006 20:57:10 -0400 Subject: [Infowarrior] - Detroit Judge says Patriot Act suit can proceed Message-ID: Detroit Judge says Patriot Act suit can proceed BY DAVID ASHENFELTER FREE PRESS STAFF WRITER http://tinyurl.com/pt4z3 October 3, 2006 A federal judge in Detroit has rejected the government's request to dismiss an ACLU lawsuit challenging the constitutionally of the controversial USA Patriot Act, an anti-terrorism measure Congress enacted after the 9/11 attacks. U.S. District Judge Denise Hood issued the decision without fanfare on Friday, nearly three years after promising a speedy decision in the case. Congress has amended the law at least once since the government's request was argued before Hood in December 2003. Hood said in a 15-page decision that the ACLU's clients - Muslim charities, social services organizations and advocacy groups - established that they have been harmed Section 215 of the law. Hood said the ACLU's clients can proceed with their lawsuit and gave them 30 days to amend their initial complaint in light of amendments adopted by Congress in March. The government had argued that this year's amendments had corrected any constitutional deficiencies in the act. The ACLU disagreed. Michigan ACLU Executive Director Kary Moss said she was satisfied with the decision and will confer with her clients before deciding whether to proceed with the suit. ?She confirmed what we've said all along, that our clients are suffering concrete harm as a result of the Patriot Act,? Moss said Tuesday. ?Even though we think the act fails to comply with the Constitution, we believe our legal challenge and advocacy in Congress has fixed some of the worst problems.? She said the law now gives any business receiving a request for records of customers an employees the right to consult with a lawyer before turning over records to the government. Moss said the law still prohibits anyone who receives a records request from divulging it for at least one year, but allows them to challenge the order after the year has run. She also said the ability of the government to obtain a warrant to seize records without probable cause from the secret Foreign Intelligence Surveillance Court in Washington, D.C, still poses a problem. There was no immediate comment from the Justice Department. Copyright ? 2006 Detroit Free Press Inc. From rforno at infowarrior.org Wed Oct 4 00:10:00 2006 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 04 Oct 2006 00:10:00 -0400 Subject: [Infowarrior] - Software Being Developed to Monitor Opinions of U.S. Message-ID: October 4, 2006 Software Being Developed to Monitor Opinions of U.S. By ERIC LIPTON http://www.nytimes.com/2006/10/04/us/04monitor.html?pagewanted=print WASHINGTON, Oct. 3 ? A consortium of major universities, using Homeland Security Department money, is developing software that would let the government monitor negative opinions of the United States or its leaders in newspapers and other publications overseas. Such a ?sentiment analysis? is intended to identify potential threats to the nation, security officials said. Researchers at institutions including Cornell, the University of Pittsburgh and the University of Utah intend to test the system on hundreds of articles published in 2001 and 2002 on topics like President Bush?s use of the term ?axis of evil,? the handling of detainees at Guant?namo Bay, the debate over global warming and the coup attempt against President Hugo Ch?vez of Venezuela. A $2.4 million grant will finance the research over three years. American officials have long relied on newspapers and other news sources to track events and opinions here and abroad, a goal that has included the routine translation of articles from many foreign publications and news services. The new software would allow much more rapid and comprehensive monitoring of the global news media, as the Homeland Security Department and, perhaps, intelligence agencies look ?to identify common patterns from numerous sources of information which might be indicative of potential threats to the nation,? a statement by the department said. It could take several years for such a monitoring system to be in place, said Joe Kielman, coordinator of the research effort. The monitoring would not extend to United States news, Mr. Kielman said. ?We want to understand the rhetoric that is being published and how intense it is, such as the difference between dislike and excoriate,? he said. Even the basic research has raised concern among journalism advocates and privacy groups, as well as representatives of the foreign news media. ?It is just creepy and Orwellian,? said Lucy Dalglish, a lawyer and former editor who is executive director of the Reporters Committee for Freedom of the Press. Andrei Sitov, Washington bureau chief of the Itar-Tass news agency of Russia, said he hoped that the objective did not go beyond simply identifying threats to efforts to stifle criticism about an American president or administration. ?This is what makes your country great, the open society where people can criticize their own government,? Mr. Sitov said. The researchers, using an grant provided by a research group once affiliated with the Central Intelligence Agency, have complied a database of hundreds of articles that it is being used to train a computer to recognize, rank and interpret statements. The software would need to be able to distinguish between statements like ?this spaghetti is good? and ?this spaghetti is not very good ? it?s excellent,? said Claire T. Cardie, a professor of computer science at Cornell. Professor Cardie ranked the second statement as a more intense positive opinion than the first. The articles in the database include work from many American newspapers and news wire services, including The Miami Herald and The New York Times, as well as foreign sources like Agence France-Presse and The Dawn, a newspaper in Pakistan. One article discusses how a rabid fox bit a grazing cow in Romania, hardly a threat to the United States. Another item, an editorial in response to Mr. Bush?s use in 2002 of ?axis of evil? to describe Iraq, Iran and North Korea, said: ?The U.S. is the first nation to have developed nuclear weapons. Moreover, the U.S. is the first and only nation ever to deploy such weapons.? The approach, called natural language processing, has been under development for decades. It is widely used to summarize basic facts in a text or to create abridged versions of articles. But interpreting and rating expressions of opinion, without making too many errors, has been much more challenging, said Professor Cardie and Janyce M. Wiebe, an associate professor of computer science at the University of Pittsburgh. Their system would include a confidence rating for each ?opinion? that it evaluates and would allow an official to refer quickly to the actual text that the computer indicates contains an intense anti-American statement. Ultimately, the government could in a semiautomated way track a statement by specific individuals abroad or track reports by particular foreign news outlets or journalists, rating comments about American policies or officials. Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, said the effort recalled the aborted 2002 push by a Defense Department agency to develop a tracking system called Total Information Awareness that was intended to detect terrorists by analyzing troves of information. ?That is really chilling,? Mr. Rotenberg said. ?And it seems far afield from the mission of homeland security.? Federal law prohibits the Homeland Security Department or other intelligence agencies from building such a database on American citizens, and no effort would be made to do that, a spokesman for the department, Christopher Kelly, said. But there would be no such restrictions on using foreign news media, Mr. Kelly said. Mr. Kielman, the project coordinator, said questions on using the software were premature because the department was just now financing the basic research necessary to set up an operating system. Professors Cardie and Wiebe said they understood that there were legitimate questions about the ultimate use of their software. ?There has to be guidelines and restrictions on the use of this kind of technology by the government,? Professor Wiebe said. ?But it doesn?t mean it is not useful. It can just as easily help the government understand what is going on in places around the world.? From rforno at infowarrior.org Wed Oct 4 00:11:39 2006 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 04 Oct 2006 00:11:39 -0400 Subject: [Infowarrior] - Investigation of DHS ADVISE data mining program ordered Message-ID: Investigation of ADVISE data mining program ordered By Michael Hampton Posted: October 3, 2006 10:48 pm Share this story: del.icio.us reddit.com Newsvine A Homeland Security data-mining program which will crawl the Internet looking for potential threats to the country has come under Congressional scrutiny for a lack of privacy protection, cost controls and program guidelines. Members of the House Appropriations Committee and House Homeland Security Appropriations Subcomittee have directed the Homeland Security Inspector General to investigate the Analysis, Dissemination, Visualization, Insight and Semantic Enhancement (ADVISE) program, one of twelve data mining programs currently in use or under development by Homeland Security. ADVISE is a ?technology framework? which can integrate information and facts from many different types and sources of data and can be tailored to specific areas of interest. In its prototype stage, it will ?incorporate chemical, biological, radiological, nuclear, and explosive threat and effects data,? according to an Inspector General?s report (PDF) released last month. Its purpose, officials have said, is to ?connect the dots? and prevent another intelligence failure. ADVISE can incorporate and analyze large amounts of open source data, such as the content of Internet sites and databases, which has raised privacy concerns. The system could easily be targeted to answer such questions as who might be likely to be associated with anti-war groups or other legitimate political activities. ?A prototype is currently available to analysts in [the Homeland Security] Intelligence and Analysis [unit] using departmental and other data, including some on U.S. citizens,? lawmakers wrote. ?The ADVISE program plan, total costs and privacy impacts are unclear and therefore the conferees direct the inspector general to conduct a comprehensive program review and report within nine months of enactment of this act.? The department has spent about $40 million on the project, lawmakers added. Critics fear that ADVISE might intrude on the privacy rights of U.S. citizens, especially by trolling their e-mails and blogs. House Appropriations ranking member David Obey, D-Wis., and Homeland Security Appropriations Subcommittee ranking member Martin Olav Sabo, D-Minn., asked the Government Accountability Office earlier this year to investigate the program. ?We?ve been long concerned about how the department treats Americans? privacy and due process rights,? Sabo said during a May markup of the Homeland Security spending bill. ?ADVISE appears to be a new variation on the highly controversial Defense Department Total Information Awareness program that was supposed to be terminated in 2003.? ? CongressDaily In related news, Homeland Security has issued a grant to several U.S. universities to develop a natural language processing system which would allow it to monitor negative opinions of the U.S. in overseas publications. Backers swear up and down the system would never be turned inward to monitor U.S. news organizations and Web sites, because that?s not permitted by law. Critics call it ?creepy and Orwellian.? Ultimately, the government could in a semiautomated way track a statement by specific individuals abroad or track reports by particular foreign news outlets or journalists, rating comments about American policies or officials. Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, said the effort recalled the aborted 2002 push by a Defense Department agency to develop a tracking system called Total Information Awareness that was intended to detect terrorists by analyzing troves of information. ?That is really chilling,? Mr. Rotenberg said. ?And it seems far afield from the mission of homeland security.? ? New York Times The three-year, $2.4 million research grant will develop software intended to identify negative sentiment toward the U.S., which officials said may indicate a potential threat. You heard right. Having a negative opinion about a U.S. policy means you are a potential terrorist. From rforno at infowarrior.org Wed Oct 4 17:48:06 2006 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 04 Oct 2006 17:48:06 -0400 Subject: [Infowarrior] - Court says eavesdropping program can continue Message-ID: Court says eavesdropping program can continue Wed Oct 4, 2006 4:21 PM ET http://today.reuters.com/news/articlenews.aspx?type=topNews&storyid=2006-10- 04T202048Z_01_N04262861_RTRUKOC_0_US-SECURITY-EAVESDROPPING.xml&src=rss&rpc= 22 CHICAGO (Reuters) - The government can continue to use its warrantless domestic wiretap program pending the Justice Department's appeal of a federal judge's ruling outlawing the program, an Appeals Court in Cincinnati ruled on Wednesday. The ruling overturned District Judge Anna Diggs Taylor's decision last week to deny a lengthy stay in the case, which is expected to end up with the Supreme Court. In August, Taylor ruled that the National Security Agency's five-year-old surveillance program, implemented as part of the government's war on terrorism, violates the civil rights of Americans. The American Civil Liberties Union filed the suit in March on behalf of scholars, attorneys, journalists and non-profit groups that regularly communicate with people in the Middle East. From rforno at infowarrior.org Wed Oct 4 17:54:57 2006 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 04 Oct 2006 17:54:57 -0400 Subject: [Infowarrior] - rant: Stupid E-mail Disclaimers and the Stupid Users that Use Them In-Reply-To: Message-ID: Agree 110%. But then again, what else is new..... -rf ------ Forwarded Message http://attrition.org/security/rants/z/disclaimers.html Wed Oct 5 16:24:32 EDT 2006 martums & jericho We thought it would be a fad. Ok, we hoped it would be a fad, destined to go away as quickly as it came. Unfortunately, those worthless e-mail legal disclaimers still pollute the internet. Written by overzealous lawyers that don't seem to realize the stupidity futility of their effort, poorly worded legal gibberish tries to force you into binding contracts to protect their careless mistakes. One of their employees just fires off an e-mail full of corporate secrets? No worries! That legal disclaimer will ensure the unintended recipient deletes it without question! Wishful thinking douchebag lawyers. We can't help it--this really makes us nuts. When will these people learn? You transmitted your crappy mind-numbing message to us, in plain text, over the public internet. It's ours (and whoever is sniffing our mail) to do with as we please and you can't have it back, so piss off. We won't delete it, we will publish it, we will forward it, and there is nothing you can do about it. Go ahead, take us to court, but try to find a shred of legal precedent first, ok? [...] http://attrition.org/security/rants/z/disclaimers.html From rforno at infowarrior.org Wed Oct 4 20:28:40 2006 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 04 Oct 2006 20:28:40 -0400 Subject: [Infowarrior] - CVE vuln stats paper - final version is out In-Reply-To: Message-ID: Vulnerability Type Distributions in CVE Document version: 1.0 Date: October 4, 2006 For the past 5 years, CVE has been tracking the types of errors that lead to publicly reported vulnerabilities, and periodically reporting trends on a limited scale. In support of the Common Weakness Enumeration (CWE) project [1], and as a result of the interest in this work as mentioned during the "Year of the web application: Hack & Data from the Front lines" panel at the 5th Annual Cyber Security Executive Summit in New York City on September 13, 2006, we have published a more extensive analysis. An updated version will be released once 2006 is complete. The primary goal of this study is to better understand research trends using publicly reported vulnerabilities. It should be noted that the data is obtained from an uncontrolled population, i.e., decentralized public reports from a research community with diverse goals and interests, with an equally diverse set of vendors and developers. More specialized, exhaustive, and repeatable methods could be devised to evaluate software security. But until such methods reach maturity and widespread acceptance, the overall state of software security can be viewed through the lens of public reports. < - > http://cwe.mitre.org/documents/vuln-trends.html From rforno at infowarrior.org Sun Oct 8 17:05:49 2006 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 08 Oct 2006 17:05:49 -0400 Subject: [Infowarrior] - OpEd: Hating the TSA Message-ID: While perhaps a tad direct, I agree 100% with the analysis......rf http://americandaily.com/article/15942 Hating the TSA By Chuck Muth (10/08/2006) I don?t use the ?H? word lightly, but when it comes to the TSA - Transportation Security Administration or Thousands Standing Around, depending on your perspective - I make an exception. Oh, how I hate thee, let me count the ways... While acknowledging that my horror experiences with airport security are far from unique, or even unusual these days, at least, dear reader, you can be sure these stories are real and not some made-up Internet hoax. My most recent run-in with the TSA involves the recently-discovered deadly threat of carrying toothpaste on a plane at 30,000 feet. When the TSA banned Colgate and Crest a couple months ago, most of us thought: 1.) That?s just plain stupid. 2.) That?s par for the course over at the TSA. The good news, however, is that some air travelers aren?t taking such stupidity sitting down on their flotation devices any longer. They?re speaking up and speaking out. They?re letting the TSA have it. And they?re finding kindred spirits all across the nation, thanks to the Internet (God bless Al Gore for inventing it!). So under public pressure, the TSA, in its infinite bureaucratic wisdom, recently relaxed its prohibitions against deadly Sensodyne, Speed Stick and Listerine. You may now bring these potentially lethal items onboard with you - but only if they?re in small quantities and only if packed in a sealable, clear plastic bag. (Apparently the notion of three terrorists all buying a ticket on the same flight and then mixing their toothpastes together to obtain the quantity necessary to bring down a jumbo jet never occurred to the world?s leading airport security organization.) So on my recent trip to our nation?s capital, I packed miniature containers of toothpaste, deodorant and mouthwash in the sealable, clear plastic toiletry bag which came with my suitcase (proudly purchased from a non-union Wal-Mart) and took off for Reno International Airport. And that?s where the fun began. Airport security under the TSA generally encompasses three separate operations: There?s the well-known long, snaking lines for the document verification phase (?Papers, please.?). There?s the take-off-your-shoes-and-walk-through-the-beeper-machine phase. And then, if you?re unlucky enough to set off Mr. Beeper, there?s the spread-your-legs-and-extend-your-arms perp-search phase. But in Reno they?ve now added a fourth layer for those brave passengers who dare to pack personal hygiene items. Before you even get in line to show your boarding pass and photo ID, you now must stop at a new table manned by three full-time, government-trained, taxpayer-funded Barney Fifes. There you must present your bag of lethal weapon toiletries for close inspection to assure that you are carrying only 3 ounces of toothpaste and not 4 - and that said toothpaste is contained in a government-approved sealable clear plastic bag. Alas, while my toiletries passed the size and quantity test, my sealable clear plastic toiletry bag - which was manufactured for the specific purpose of carrying?well, toiletries - did not. According to the Einstein who inspected my bag, a sealable, clear plastic toiletry bag designed for the expressed purpose of carrying toiletries was not acceptable to the government. If I wanted to carry potentially lethal toothpaste on the plane, Goober explained, it had to be packed in a government-approved sealable clear plastic bag designed to carry?sandwiches. And if I wanted to get out of line and go back downstairs, Mr. Gump informed, I could purchase a proper sandwich bag for my miniature tube of toothpaste in the gift shop. My head, which was not at the time considered by the TSA to be a potentially lethal weapon, was ready to explode. Not wanting to miss my plane, I opted, without good cheer, to allow Deputy Dawg to confiscate my Crest. But here?s the kicker. While this TSA security professional removed and confiscated my toothpaste, the bonehead missed two double-edge razors in the same bag, as well as a banned cigarette lighter. Boy, don?t I feel secure now! But you know what? This kind of bureaucratic stupidity isn?t what I hate most about the TSA. And it?s not their inefficiency. It?s not their incompetence. It?s not the unnecessary inconvenience. It?s not even the expensive false sense of security TSA is giving the traveling public. No, what I hate most about the TSA is how it?s turned so many supposedly freedom-loving American citizens into sheep who mindlessly stand for such indignities and inanities all in the name of some illusory feeling of safety. The TSA has made random search-and-seizures without any cause, let alone probable, a perfectly acceptable practice. And woe to the traveler who raises his voice in objection to being searched like a common criminal all because a machine beeped because you foolishly forgot to remove 73 cents worth of coins from your pocket. Your fellow passengers won?t cheer your knowledge of constitutional rights or your vocal opposition to having them violated by gun-toting, badge-wearing government agents. No, no, no! You?ll be mocked and ridiculed. You?ll be eyed as a trouble-maker deserving of even more scrutiny, if not a cavity search. After all, if you have nothing to hide then what are you getting so worked up about, right? I may hate the TSA, but I loathe the government school system which has systematically destroyed the pro-liberty/anti-government heritage our Founders passed on to us. ?Give me liberty or give me death?? Give me a break. Patrick Henry would be stoned with miniature tubes of AquaFresh by fellow passengers were he to utter such nonsense in a TSA line. When exactly did we lose the spirit of George Washington who once said, ?Government is not reason, it is not eloquence - it is force. Like fire, it is a dangerous servant and fearful master"? Or Thomas Jefferson who said, ?The spirit of resistance to government is so valuable on certain occasions, that I wish it to be always kept alive?? As you wait in line to show your government-approved toiletry bag, filled with your government-approved portions of mouthwash and toothpaste, before presenting your identification papers to an armed government agent, you realize Jefferson?s spirit of resistance is largely dead. May God have mercy on the political souls of the idiot Republicans who brought this plague of airport security federal bureaucrats upon us. May they rest in TSA hell. Chuck Muth is president of Citizen Outreach, a non-profit public policy advocacy organization in Washington, D.C. The views expressed are his own and do not necessarily reflect the views of Citizen Outreach. From rforno at infowarrior.org Mon Oct 9 09:27:33 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 09 Oct 2006 09:27:33 -0400 Subject: [Infowarrior] - You are about to become DRM roadkill Message-ID: You are about to become DRM roadkill Another DRM rant brought to you by Zune By Charlie Demerjian: Monday 09 October 2006, 11:32 http://www.theinquirer.net/default.aspx?article=34949 MICHAEL ROBERTSON points out a really important point about DRM in his latest blog entry: you are at the mercy of the content mafia. He also coins a term for this, getting zuned. You know the history of Zune, a music player that unilaterally shafts MS's closest partners. The funny part is that no one is questioning what they will do to you next time a shiny thing distracts them. Well, OK, Michael Robertson is, but that is the only one I can think of. MS has a long history of doing this, and it has gone from being dangerous to partner with to dangerous to buy from. What do I mean? You read the EULA that came with all your digital music 'purchases', didn't you? You do know what they can do to you, right? What is the worst thing that can happen? Well, look at Zune for an example. If you trusted MS and bought music from them with their plays for sure campaign, you are safe there, right? Well, no, they just changed the game on you, and if you don't like it, tough. You 'bought' things with a DRM infection, MS abandoned you and moved on to the next shiny thing. How long will it be before the whole Plays For Sure cabal collapses? I would guess not long. Apple last time I checked has infected 80% or so of the music market with their flavor or DRM, with the rest of the makers splitting the remaining 20%. Those on the short bus of consumer rights removal all depended on MS to back them in their dance with the content mafia, which MS did, more out of fear of Apple and Sony than anything else. When it was clear that the one ring to rule them all strategy was not going to do much to halt the Apple advance, MS said 'buh-bye kiddies' to their partners and left them high and dry. Your business model just got flushed by our whims? Sorry. No, we are not, but we have this new Zune thing that you can't touch, it might make you feel better. MS shafting their business partners is old news, but this is one of the more massive screwings of their customers that I can recall since the Office 97 Word 'bug'. All the money you spent should you have been dumb enough to 'buy' that DRM infected pablum, is now pissed away. Think about it, if Zune takes off, the non-MS and non-Apple part of the market is dead, no question there. This means your current music won't play on anything. If Zune falls flat, the partners are already looking for other ways to remove the rights of users, so your music won't play on anything either. Basically, you bought a promise, and got screwed out of greed. This is a lose/lose situation brought to you by those twin bastions of consumer responsibility, MS and DRM. If you 'bought' music infected music, you got zuned. the reason for this is they made everything one sided. They passed laws, co-opted your hardware, and made it illegal for you to exercise your rights. If you do what you were allowed to do for the last several hundred years, you are now a criminal. If you want to take the music you legitimately 'bought' from MS backed companies to play on an MS backed player, and play it on your new MS backed players, you are SOL. If you get a program to convert your legitimately purchased MS backed music from one player to another, both MS backed too, you are a criminal. Welcome to the new order. You have no rights, by design, DRM infections lock you down, and the people who are more than happy to take your rights and money don't give a sh*t. If you think this is bad, read the fine print on the EULA. If you think that is bad, go read up on the CableCard infection, they learned from the 'mistakes' of the music mafia. Be afraid. ? From rforno at infowarrior.org Mon Oct 9 09:28:29 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 09 Oct 2006 09:28:29 -0400 Subject: [Infowarrior] - More on.... OpEd: Hating the TSA In-Reply-To: <4529D170.20107@inetassoc.com> Message-ID: ------ Forwarded Message From: Duane > >> Perhaps a tad inaccurate as well. >> >> "May God have mercy on the political souls of the idiot Republicans who >> brought this plague of airport security federal bureaucrats upon us. May >> they rest in TSA hell." >> >> A simple Google search in their news archive will bring up plenty of >> articles that show the above statement to be absurd. I'll provide just >> one: http://www.govexec.com/dailyfed/1001/102301cd2.htm >> >> "'Safety delayed is safety denied,' said Senate Commerce Chairman Ernest >> Hollings, D-S.C., who along with ranking member John McCain, R-Ariz., >> pushed a bill through the Senate earlier this month on a 100-0 vote." >> >> Note the "D" after Senator Hollings' name. Note also that a vote of >> 100-0 shows a bi-partisan effort. (Perhaps tri-partisan if you consider >> the Independent). >> >> "Some House GOP leaders so far have been resistant to bringing up a bill >> because they are concerned they would not have the votes to prevent >> security workers from becoming federal workers." >> >> This makes it clear that the House GOP members were against federalizing >> the security screeners. >> >> "President Bush continues to oppose full federalization of airport >> screeners and baggage checkers, calling into question whether a deal can >> struck on an airline security bill before the busy Thanksgiving travel >> season." >> >> This makes it clear that President Bush also opposed federalizing the >> security screeners. >> >> I agree that the TSA is a joke and that the entire airline "security" >> process is a mess, but this is not a result of "idiot Republicans." It >> is the result of "idiot Senators" and the Democrats in the House. >> >> Duane From rforno at infowarrior.org Mon Oct 9 09:29:25 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 09 Oct 2006 09:29:25 -0400 Subject: [Infowarrior] - North Korea tests nuke Message-ID: ... Late last night, according to today's news. -rf From rforno at infowarrior.org Mon Oct 9 13:06:55 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 09 Oct 2006 13:06:55 -0400 Subject: [Infowarrior] - New Bush Space Policy Unveiled, Stresses U.S. Freedom of Action Message-ID: New Bush Space Policy Unveiled, Stresses U.S. Freedom of Action By Leonard David Senior Space Writer posted: 07 October 2006 http://www.space.com/news/061007_bush_spacepolicy.html U.S. President George W. Bush has authorized a sweeping new national space policy, green-lighting an overarching national policy that governs the conduct of America?s space activities. The new policy supports not only a Moon, Mars and beyond exploration agenda, but also responds to a post 9/11 world of terrorist actions, such as the need for intelligence-gathering internal and external to the United States. U.S. assets must be unhindered in carrying out their space duties, the Bush space policy says, stressing that ?freedom of action in space is as important to the United States as air power and sea power.? Without fanfare, the White House Office of Science and Technology Policy (OSTP) rolled out the National Space Policy on October 6?a document that supersedes a September 1996 version of the directive. President Bush signed off on the new space policy on August 31. A 10-page unclassified version of the U.S. National Space Policy was posted Friday on the OSTP web site. Across the solar system The White House document spells out U.S. space policy goals, including the implementation of a sustained ?innovative human and robotic exploration program? geared to extending human presence across the solar system. As a civil space guideline, the policy calls upon NASA to ?execute a sustained and affordable human and robotic program of space exploration and develop, acquire, and use civil space systems to advance fundamental scientific knowledge of our Earth system, solar system, and universe.? The Bush space policy supports use of space nuclear power systems to ?enable or significantly enhance space exploration or operational capabilities.? The document adds that utilization of nuclear power systems ?shall be consistent with U.S. national and homeland security, and foreign policy interests, and take into account the potential risks.? The policy highlights an interagency approval process for space launch and in-space use of nuclear power sources. Risk from orbital debris Among a wide range of topics ? including commercial space policy and international cooperation?the Bush space policy includes an orbital debris section. It labels human-made space junk as posing a risk to continued reliable use of space-based services and operations, including the safety of space travelers and property in space and on Earth. ?The United States shall seek to minimize the creation of orbital debris by government and non-government operations in space in order to preserve the space environment for future generations,? the space policy explains. In regards to curbing space debris, the document encourages foreign nations and international organizations to also take steps toward debris minimization. Freedom of action For 50 years, the U.S. has led the world in space exploration, developing ?a solid civil, commercial, and national security space foundation,? the document notes. ?Space has become a place that is increasingly used by a host of nations, consortia, businesses, and entrepreneurs,? the space policy states. ?In this new century, those who effectively utilize space will enjoy added prosperity and security and will hold a substantial advantage over those who do not.? Additionally, the Bush space policy is designed to ?ensure that space capabilities are available in time to further U.S. national security, homeland security, and foreign policy objectives.? Moreover, a fundamental goal of the policy is to ?enable unhindered U.S. operations in and through space to defend our interests there.? The policy calls upon the Secretary of Defense to ?develop capabilities, plans, and options to ensure freedom of action in space, and, if directed, deny such freedom of action to adversaries.? Overhead intelligence In a section called ?Space-related Security Classification,? the new space policy lists several unclassified facts, such as: The U.S. government conducts satellite photoreconnaissance that includes a near real-time capability, as well as overhead signals intelligence collection. Among a number of tasks, U.S. government photoreconnaissance is used to ?image the United States and its territories and possessions, consistent with applicable laws, for purposes including, but not limited to, homeland security.? The Director of National Intelligence is charged by the policy to ?provide a robust foreign space intelligence collection and analysis capability that provides timely information and data to support national and homeland security.? For the complete White House National Space Policy Document, go to: http://www.ostp.gov/html/US%20National%20Space%20Policy.pdf From rforno at infowarrior.org Mon Oct 9 17:39:09 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 09 Oct 2006 17:39:09 -0400 Subject: [Infowarrior] - Google to buy YouTube for $1.65 billion Message-ID: Google to buy YouTube for $1.65 billion October 9, 2006 12:58 PM PDT http://tinyurl.com/etdep Google has agreed to purchase online video phenomenon YouTube for $1.65 billion in stock, the companies announced Monday after the close of the stock market. The deal, which had been rumored for days, will dramatically improve Google's video-sharing service with one of the Internet's hottest properties in YouTube, which allows Net users to upload video clips and share them with the world, for better or worse. YouTube will operate independently, and the companies will work together on building new features for independent users as well as for aspiring directors, they said in a press release. The deal is expected to close in the fourth quarter of 2006. Google's acquisition of YouTube comes as online video is really starting to hit its stride. As more and more people have signed up for broadband Internet connections and the technology behind video-sharing services has improved, traffic to YouTube's site has skyrocketed. Users have made a very big deal of uploading videos of themselves, sharing the minute details of their lives, dancing to popular music or, more controversially, essentially rebroadcasting clips of popular television shows. One early example of the phenomenon was the frenzy around the comic "Lazy Sunday" video, pulled from an airing of "Saturday Night Live." NBC first demanded that YouTube pull the sketch from its site after people flocked to the hilarious rap song, which featured two mild-mannered "SNL" cast members afflecting gangsta-rap personas while recalling a trip to the movies to see "The Chronicles of Narnia." But YouTube later cut a deal with NBC to allow YouTube users to post content from NBC programs, and it has followed up that deal with others involving companies such as Warner Music and on Monday, Universal Music Group, Sony BMG Music Entertainment and CBS. Still, the issue of copyrights remains largely unsettled. Around 100 million videos are available on YouTube on a given day, with 65,000 new videos added every day, according to the company's Web site. It cited numbers from Nielsen Net Ratings in claiming 20 million unique visitors a month. Sequoia Partners provided the original funding of $3.5 million in November 2005, and followed that up with a second $8 million round of funding in April. From rforno at infowarrior.org Mon Oct 9 22:10:42 2006 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 09 Oct 2006 22:10:42 -0400 Subject: [Infowarrior] - Top 25 Censored news stories of 2007 Message-ID: Top 25 Censored news stories of 2007 http://www.projectcensored.org/censored_2007/index.htm#20 #1 Future of Internet Debate Ignored by Media #2 Halliburton Charged with Selling Nuclear Technologies to Iran #3 Oceans of the World in Extreme Danger #4 Hunger and Homelessness Increasing in the US #5 High-Tech Genocide in Congo #6 Federal Whistleblower Protection in Jeopardy # 7 US Operatives Torture Detainees to Death in Afghanistan and Iraq #8 Pentagon Exempt from Freedom of Information Act #9 The World Bank Funds Israel-Palestine Wall #10 Expanded Air War in Iraq Kills More Civilians #11 Dangers of Genetically Modified Food Confirmed #12 Pentagon Plans to Build New Landmines #13 New Evidence Establishes Dangers of Roundup #14 Homeland Security Contracts KBR to Build Detention Centers in the US #15 Chemical Industry is EPA?s Primary Research Partner #16 Ecuador and Mexico Defy US on International Criminal Court #17 Iraq Invasion Promotes OPEC Agenda #18 Physicist Challenges Official 9-11 Story #19 Destruction of Rainforests Worst Ever #20 Bottled Water: A Global Environmental Problem #21 Gold Mining Threatens Ancient Andean Glaciers #22 $Billions in Homeland Security Spending Undisclosed #23 US Oil Targets Kyoto in Europe #24 Cheney?s Halliburton Stock Rose Over 3000 Percent Last Year #25 US Military in Paraguay Threatens Region From rforno at infowarrior.org Tue Oct 10 13:26:22 2006 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Oct 2006 13:26:22 -0400 Subject: [Infowarrior] - TSA confiscates a geologist's rock, citing 'dual use' potential Message-ID: No Stone Unturned October 5, 2006 http://www.courant.com/news/opinion/op_ed/hc-thorson1005.artoct05,0,777555.c olumn?coll=hc-headlines-oped When is a rock not a rock? When you pass through airport security. Then it becomes a potential weapon, one capable of bringing an airplane down. I'm mad. I can think of a better way to combat terrorism than taking mineral specimens away from geologists traveling to their conferences. I suggest we get U.S. forces out of Iraq, where our blundering entry and lingering occupation are inflaming anti-American sentiment throughout the world. There are two versions of what happened to my specimen at Bradley International Airport, Hartford. In the first version, I was completely at fault. Out of ignorance, I broke some unwritten rule. Then, in the name of homeland security, the Transportation Security Administration took my rock away. In the second version, the federal government is at fault for not listing mineral specimens as prohibited items and for creating a climate so fearful of terrorism that it's compromising our economic efficiency, personal freedom and instinct to trust one another. I was traveling to Hood River, Ore., to attend the annual meeting of the Stone Foundation, an international organization of architects, sculptors, stonemasons, geologists, engravers and engineers united by their love of stone. To enhance my speech, I nestled one of my favorite specimens between my underwear and shirts in a carry-on bag because I never check luggage on business trips. My banded chunk of the Hebron Gneiss (pronounced "nice") resembled a broken slice of layer cake composed of licorice and cream cheese. In retrospect, I suppose I could have put the grapefruit-sized specimen inside my sock, swung it around my head like a mace, charged the cabin and attempted to hijack the flight. This, of course, never occurred to me until the zealous inspector declared my rock a "dual-use" item. "What, pray tell, is a dual-use item?" I asked. I'm afraid I chucked just a little, causing her to glare, withhold a satisfactory answer and call her supervisor. He hefted my rock, scrutinized it for a moment, and agreed that my specimen was indeed a dual-use item, meaning a potential low-tech weapon. During those uneasy moments when I thought I would be detained, I wondered if a doctor's stethoscope would also be declared a dual-use item, since it could be used to strangle a pilot. The inspectors did give me the option of returning to the ticket counter to check my specimen as baggage. However, having waited more than half an hour for my security clearance, I decided that I didn't have enough time. "Can I claim the rock when I return?" I asked. Their answer, a resounding "no," forced me to choose between possibly missing my flight, and abandoning my rock forever. I capitulated, surrendering it to that great unmarked graveyard where confiscated items will spend eternity. If rocks had feelings, my beautiful specimen would have been crying as it was hauled away. My gneiss was not without sentimental value. It has been my traveling companion for three years, and a touchstone for thousands of people who have attended my talks. And though my rock is gone for good, what worries me is that some analyst - perplexed by the usual nature of my dual-use object - will write a report to be sent up the bureaucratic food chain. Who knows? Perhaps your tax dollars will be used by an internal think tank of agency hire-ups to ponder why on earth a geologist would travel with a rock. Who knows? Perhaps the government will wiretap my phone or check my library records to see whether I have checked out a Koran or a book about stone-age warfare. I'm a middle-aged, balding, blond and blue-eyed Scandinavian-American. If the gauntlet of untrusting looks at airport security intimidates me, then how much worse would it be for an Arab American? Would the threshold weight for rock confiscation be lower? After my conference, I brought back a specimen of rhyolitic ignimbrite (welded volcanic ash) to mitigate the loss of my nice gneiss. This time, I took no chances. I put it in my carry-on bag and checked it as luggage to ensure that my new rock would make it home, which it did. What's next for airport screening? My dual-use laptop? Robert M. Thorson is a professor of geology at the University of Connecticut and a member of The Courant's Place Board of Contributors. His column appears every Thursday. He can be reached at profthorson at hotmail.com. From rforno at infowarrior.org Tue Oct 10 13:40:30 2006 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Oct 2006 13:40:30 -0400 Subject: [Infowarrior] - Disney-ABC: "We understand piracy now as a business model" Message-ID: Disney-ABC: "We understand piracy now as a business model" 10/10/2006 10:57:31 AM, by Nate Anderson http://arstechnica.com/news.ars/post/20061010-7946.html After years of clinging to traditional business models, media companies have finally started embracing ad-supported Internet distribution in a big way. Yesterday's announcement that several major music labels made nice with YouTube may turn out to be a watershed moment for the industry. Instead of attempting to sue the company out of existence, everyone got together and forged a mutually beneficial deal that's pretty good for consumers, too. Now comes news from Disney-ABC that content producers have had a revelation: instead of simply trying to squash piracy, it might be more productive to understand and compete with it. That's the message brought by Anne Sweeney, the president of Disney-ABC Television Group and one of the "50 Most Powerful Women in Business," according to Fortune. "So we understand piracy now as a business model," said Sweeney in a recent analyst call. "It exists to serve a need in the marketplace to specifically consumers who want TV content on demand and it competes for consumers the same way we do, through high-quality, price and availability and we don't like the model. But we realize it's effective enough to make piracy a key competitor going forward. And we've created a strategy to address this threat with attractive, easy to use ways to for viewers to get the content they want from us legally; in other words, keeping honest people honest." When you start thinking this way, the goal becomes offering a more compelling product than file-swapping networks can provide, rather that attempting (for instance) to sue the users who like your content. For ABC, this has meant launching their own streaming media player and providing shows like Lost and Desperate Housewives online only minutes after they air. Earlier this year, ABC launched its player on a two-month trial basis. It was an instant hit (almost 6 million people requested episodes) and did well enough for the network that they elected to bring it back permanently in September after working out a way to compensate affiliates who were being cut out of the revenue pie. Our own experiences with the revamped player have been positive. Though it does not fill the entire screen, the video looks good and comes in 16x9 format. It won't replace your HDTV, but it's a nice way to get a quick Lost fix, and the (unskippable) commercials don't detract from the experience. It's nice to see a network like ABC responding to piracy not by locking down its content even more tightly, but by making it easily available to even more people. While it's hard to compete with free, it's not impossible?witness the success of iTunes in both music and TV shows. You just have to offer a compelling product at a reasonable price that is simpler to use than the alternatives. When ABC introduced its own shows into iTunes earlier this year at $1.99 a pop, it sold more than 8 million of them without damaging its TV ratings at all. From rforno at infowarrior.org Tue Oct 10 21:53:30 2006 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Oct 2006 21:53:30 -0400 Subject: [Infowarrior] - MS patent on DRM Message-ID: United States Patent 7,120,932 Lockhart , et al. October 10, 2006 System and method for data rights management http://tinyurl.com/qguda Abstract A system and method for data rights management across multiple data rights management architectures is disclosed. The system and method solves the problems posed by multiple incompatible data rights management architectures. In particular, a data rights management clearing house is provided that generates permits, permit classes, and enables content packaging across multiple data rights management architectures. Consumers may acquire rights to content packaged with different data rights management architecture from the single data rights management clearing house. Additionally, the system and method enables content packagers to package content with multiple data rights management architectures. Finally, the data rights management clearing house provides consumers with a single location from which to manage data access rights and restore data access rights that have been lost. Inventors: Lockhart; Malcolm W. (Apex, NC), Grimes; D. Gordon (Apex, NC), Sharma; Ranjiv K. (Chapel Hill, NC), Musselwhite; Neal A. (Raleigh, NC) Assignee: Microsoft Corporation (Redmond, WA) Appl. No.: 11/202,292 Filed: August 10, 2005 From rforno at infowarrior.org Wed Oct 11 21:26:12 2006 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Oct 2006 21:26:12 -0400 Subject: [Infowarrior] - Random Laptop Searchs at the Border Unconstitutional Message-ID: Random Laptop Searchs at the Border Unconstitutional Customs agents must have a reasonable suspicion that a crime has been committed to search the laptops or other digital devices of citizens entering the United States, according to a Los Angeles District Court. While there's a broad border exception to Fourth Amendment, customs agents must have, at the least, articulable and reasonable suspicion that a laptop may have evidence of a crime before searching it, Judge Dean Pregeson ruled. The ruling came in a case where customs agents searched the laptop of Michael Arnold who was returning from the Philippines and subsequently found images they believed to be child pornography. The evidence from the search is now excluded from his trial for possession of child pornography. "While not physically intrusive as in the case of a strip or body cavity search, the search of one's private and valuable personal information stored on a hard drive or other electronic storage device can be just as much, if not more, of an intrusion in the dignity and privacy interests of a person. This is because electronic storage devices function as an extension of our own memory," Pregeson wrote in an October 2, 2006 opinion (.pdf). The judge was not convinced that the custom inspector's rationale for pulling Arnold aside (being a man aged 20 to 59 returning from Southeast Asia) counted as reasonable suspicion. < - > http://blog.wired.com/27bstroke6/2006/10/random_laptop_s.html From rforno at infowarrior.org Thu Oct 12 21:52:53 2006 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Oct 2006 21:52:53 -0400 Subject: [Infowarrior] - Boy, MS is just asking for trouble here... Message-ID: Vista Licenses Limit OS Transfers, Ban VM Use http://www.techweb.com/wire/software/193300234 By Gregg Keizer, TechWeb Technology News Microsoft has released licenses for the Windows Vista operating system that dramatically differ from those for Windows XP in that they limit the number of times that retail editions can be transferred to another device and ban the two least-expensive versions from running in a virtual machine. The new licenses, which were highlighted by the Vista team on its official blog Tuesday, add new restrictions to how and where Windows can be used. "The first user of the software may reassign the license to another device one time. If you reassign the license, that other device becomes the "licensed device," reads the license for Windows Vista Home Basic, Home Premium, Ultimate, and Business. In other words, once a retail copy of Vista is installed on a PC, it can be moved to another system only once. The new policy is narrower than Windows XP's. In the same section, the license for Windows XP Home states: "You may move the Software to a different Workstation Computer. After the transfer, you must completely remove the Software from the former Workstation Computer." There is no limit to the number of times users can make this move. Windows XP Professional's license is identical. Elsewhere in the license, Microsoft forbids users from installing Vista Home Basic and Vista Home Premium in a virtual machine. "You may not use the software installed on the licensed device within a virtual (or otherwise emulated) hardware system," the legal language reads. Vista Ultimate and Vista Business, however, can be installed within a VM. Vista Home Basic, at $199 for a full version and $99 for an upgrade, and Vista Home Premium ($239/$159), are the two most-affordable retail editions of the operating system scheduled to appear on store shelves in January 2007. Although the Vista team's blog did not point out these changes, it did highlight others. "Two notable changes between Windows Vista license terms and those for Windows XP are: 1) failure of a validation check results in the loss of access to specific features; and 2) an increase in our warranty period from 90 days to 1 year, which brings Windows in line with most other Microsoft products," wrote Vista program manager Nick White. Specifically, the Vista license calls out the ramifications of a failed validation check of Vista. "The software will from time to time validate the software, update or require download of the validation feature of the software," it reads. "If after a validation check, the software is found not to be properly licensed, the functionality of the software may be affected." Vista's new anti-piracy technologies, collectively dubbed "Software Protection Platform," have met with skepticism by analysts and criticism by users. Under the new program, a copy of Vista that's judged to be in violation of its license, or is counterfeit, is disabled after a set period, leaving the user access only to the default Web browser, and then only for an hour at a time.