From rforno at infowarrior.org Sun Jun 1 01:07:52 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 31 May 2008 21:07:52 -0400 Subject: [Infowarrior] - How the Army Is Winning the Pentagon's Internet 'Civil War' Message-ID: How the Army Is Winning the Pentagon's Internet 'Civil War' By David Axe EmailMay 31, 2008 | 9:46:11 AMCategories: Info War http://blog.wired.com/defense/2008/05/how-the-army-is.html This winter, the Air Force, as the Pentagon?s point agency for "cyberwarfare," banned access from official networks to many blogs, declaring that they weren?t "established, reputable media." The Air Force didn?t seem concerned that international jihadists had long ago latched onto websites as cheap, effective tools for sharing ideas. Indeed, the Air Force?s ban was part of a widening military crackdown on the so-called ?Web 2.0.? Mostly, Website-banning Pentagon officials were worried that U.S. troops might inadvertently release secret information on the Internet. But the Army cleverly dodged the Pentagon's Web 2.0 crackdown, scoring the upper hand in a growing "civil war" within the military over how to deal with the Internet. I explain the Army's approach in the first of a three-part series over at The Washington Independent. The Army set up its own versions of popular Web 2.0 sites, but [hid] them behind password-protected portals. In that way, the Army appears to have found a middle ground between Internet proponents and skeptics. On this toehold, the land combat branch is steadily building new Internet tools that might help the United States catch up to Internet-savvy jihadists. In late April, the land-warfare branch even launched an official blogging service for officers. The blogs combine the best of the civilian Web 2.0 with old-fashioned military-grade security. The officials blogs are a function of an Army version of MySpace, the social-networking site popular with teens: This "military MySpace," like the civilian version, would include "status update[s], private message[s], and [the] ability to add 'members I value' to your own profile," according to Maj. Ray Kimball, one of a handful of officers at the Center for Company-Level Leaders, a sort of Internet advocacy group at the U.S. Military Academy in West Point, N.Y. The military MySpace ?- call it "MilSpace" -? would eventually include the previously mentioned blogging function, allowing officers to develop and share ideas and tactics without necessarily having to work through the military?s lumbering, labyrinthine and strictly hierarchical chain of command. MilSpace and its blogs are part of a network of online discussion forums, created by the Center for Company- Level Leaders, that Lt. Col. Tony Burgess, Kimball?s boss, called a "virtual front porch" for hosting soldiers? conversations. The forums have their roots in the late 1990s, when they were a private project overseen by several young officers. In 2002 the Army officially sanctioned the forums. After months of work, the MilSpace addition went live in January this year, and the blogging function launched in late April. With each successive new feature, this "virtual front porch" has gained new users, new admirers in the senior ranks and a more prominent position in the Army?s emerging Internet strategy. "I would definitely characterize it [the Mil-Space blogs] as a success," Kimball told The Washington Independent. "Anecdotally, conversations are more vibrant than they've ever been." (Photo: Army) From rforno at infowarrior.org Mon Jun 2 02:13:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 1 Jun 2008 22:13:38 -0400 Subject: [Infowarrior] - US accused of holding terror suspects on prison ships Message-ID: http://www.guardian.co.uk/world/2008/jun/02/usa.humanrights US accused of holding terror suspects on prison ships ? Report says 17 boats used ? MPs seek details of UK role ? Europe attacks 42-day plan * Duncan Campbell and Richard Norton-Taylor * The Guardian, * Monday June 2 2008 * Article history An amphibious assault vehicle leaves the USS Peleliu, which was used to detain prisoners, according to the human rights group Reprieve An amphibious assault vehicle leaves the USS Peleliu, which was used to detain prisoners, according to the human rights group Reprieve. Photograph: Zack Baddor/AP The United States is operating "floating prisons" to house those arrested in its war on terror, according to human rights lawyers, who claim there has been an attempt to conceal the numbers and whereabouts of detainees. Details of ships where detainees have been held and sites allegedly being used in countries across the world have been compiled as the debate over detention without trial intensifies on both sides of the Atlantic. The US government was yesterday urged to list the names and whereabouts of all those detained. Information about the operation of prison ships has emerged through a number of sources, including statements from the US military, the Council of Europe and related parliamentary bodies, and the testimonies of prisoners. The analysis, due to be published this year by the human rights organisation Reprieve, also claims there have been more than 200 new cases of rendition since 2006, when President George Bush declared that the practice had stopped. It is the use of ships to detain prisoners, however, that is raising fresh concern and demands for inquiries in Britain and the US. According to research carried out by Reprieve, the US may have used as many as 17 ships as "floating prisons" since 2001. Detainees are interrogated aboard the vessels and then rendered to other, often undisclosed, locations, it is claimed. Ships that are understood to have held prisoners include the USS Bataan and USS Peleliu. A further 15 ships are suspected of having operated around the British territory of Diego Garcia in the Indian Ocean, which has been used as a military base by the UK and the Americans. Reprieve will raise particular concerns over the activities of the USS Ashland and the time it spent off Somalia in early 2007 conducting maritime security operations in an effort to capture al-Qaida terrorists. At this time many people were abducted by Somali, Kenyan and Ethiopian forces in a systematic operation involving regular interrogations by individuals believed to be members of the FBI and CIA. Ultimately more than 100 individuals were "disappeared" to prisons in locations including Kenya, Somalia, Ethiopia, Djibouti and Guant?namo Bay. Reprieve believes prisoners may have also been held for interrogation on the USS Ashland and other ships in the Gulf of Aden during this time. The Reprieve study includes the account of a prisoner released from Guant?namo Bay, who described a fellow inmate's story of detention on an amphibious assault ship. "One of my fellow prisoners in Guant?namo was at sea on an American ship with about 50 others before coming to Guant?namo ... he was in the cage next to me. He told me that there were about 50 other people on the ship. They were all closed off in the bottom of the ship. The prisoner commented to me that it was like something you see on TV. The people held on the ship were beaten even more severely than in Guant?namo." Clive Stafford Smith, Reprieve's legal director, said: "They choose ships to try to keep their misconduct as far as possible from the prying eyes of the media and lawyers. We will eventually reunite these ghost prisoners with their legal rights. "By its own admission, the US government is currently detaining at least 26,000 people without trial in secret prisons, and information suggests up to 80,000 have been 'through the system' since 2001. The US government must show a commitment to rights and basic humanity by immediately revealing who these people are, where they are, and what has been done to them." Andrew Tyrie, the Conservative MP who chairs the all-party parliamentary group on extraordinary rendition, called for the US and UK governments to come clean over the holding of detainees. "Little by little, the truth is coming out on extraordinary rendition. The rest will come, in time. Better for governments to be candid now, rather than later. Greater transparency will provide increased confidence that President Bush's departure from justice and the rule of law in the aftermath of September 11 is being reversed, and can help to win back the confidence of moderate Muslim communities, whose support is crucial in tackling dangerous extremism." The Liberal Democrat's foreign affairs spokesman, Edward Davey, said: "If the Bush administration is using British territories to aid and abet illegal state abduction, it would amount to a huge breach of trust with the British government. Ministers must make absolutely clear that they would not support such illegal activity, either directly or indirectly." A US navy spokesman, Commander Jeffrey Gordon, told the Guardian: "There are no detention facilities on US navy ships." However, he added that it was a matter of public record that some individuals had been put on ships "for a few days" during what he called the initial days of detention. He declined to comment on reports that US naval vessels stationed in or near Diego Garcia had been used as "prison ships". The Foreign Office referred to David Miliband's statement last February admitting to MPs that, despite previous assurances to the contrary, US rendition flights had twice landed on Diego Garcia. He said he had asked his officials to compile a list of all flights on which rendition had been alleged. CIA "black sites" are also believed to have operated in Thailand, Afghanistan, Poland and Romania. In addition, numerous prisoners have been "extraordinarily rendered" to US allies and are alleged to have been tortured in secret prisons in countries such as Syria, Jordan, Morocco and Egypt. From rforno at infowarrior.org Mon Jun 2 02:21:41 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 1 Jun 2008 22:21:41 -0400 Subject: [Infowarrior] - Internet celebrates 2 years of futility battling Pirate Bay Message-ID: <290FB18B-A1E9-426F-82FB-5171935EB99B@infowarrior.org> Internet celebrates 2 years of futility battling Pirate Bay By Jacqui Cheng | Published: June 01, 2008 - 07:17PM CT http://arstechnica.com/news.ars/post/20080601-internet-celebrates-2-years-of-futility-battling-pirate-bay.html Over the weekend, The Pirate Bay "celebrated" its second anniversary of being raided by the Swedish police. On May 31, 2006, law enforcement seized all of the popular torrent tracker's servers and backups, and arrested two of the site's operators. The site didn't stay down for long, though?just a few days later, everything was business as usual for The Pirate Bay. A court date in Sweden has yet to be set, and support for the site appears to be stronger than ever. Since the raids, the predictable has happened: the site's popularity has exploded. The Pirate Bay says that its number of Bit Torrent peers has grown from 2.5 million to over 12 million, and that registered users have grown from 1 million to 2.7 million. The tracker is more popular than ever, and continues to grow every day. "It's awesome to see the support the community show us. Even in our bad moments, we get your support," said the Pirate Bay's admins in the posting. The general reaction across the Internet is quite positive?and largely pro Pirate Bay. Commenters on the Pirate Bay's blog post, Digg, and swaths of other blog entries are almost unanimous in their support of the site and its goal of remaining online and operational. TorrentFreak even named the anniversary "Happy Pirates independence day." Many believe that the Swedish police acted inappropriately when they seized the Pirate Bay's servers, that the police had it in for Pirate Bay before the raid even happened, and that the reason things are taking so long to go to court is because law enforcement can't find any useful evidence. Of course, not everyone is a friend of the Pirate Bay. The motion picture and movie industries are at war with the site and want it taken down for good. The International Federation of the Phonographic Industry is one of its most determined foes, battling the pirates last year over a domain issue and then suing the four main backers for 15 million kroner ($2.5 million) for violating the copyrights on a number of films, PC games, and music. The Motion Picture Association of America has also slapped the site with a claim for $15.4 million in damages for facilitating copyright infringement. The Pirate Bay isn't exactly known for taking these threats seriously, however, and recently declared that "the record companies can go screw themselves." So, will The Pirate Bay continue to be a safe haven for illicit content in the months and years ahead? It certainly appears so at this point. Industry trade groups trumpeted the 2006 raids as a major victory and claimed that the site had been permanently dismantled, but subsequent events have demonstrated that those celebrations were extremely premature. Even if the Pirate Bay were eventually taken down, it would live on in the thousands of other torrent trackers that users would divert their attention to. In fact, the Internet's reaction just highlights the futility of Big Content's efforts to take down sites like the Pirate Bay in the first place and why the focus has turned towards deep packet inspection, throttling, and filtering. People love their BitTorrent and will continue to use it?with or without the Pirate Bay. From rforno at infowarrior.org Mon Jun 2 12:15:04 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jun 2008 08:15:04 -0400 Subject: [Infowarrior] - =?windows-1252?q?The_Future_Of_Social_Isn=92t_Con?= =?windows-1252?q?tent_Spewing_=28I_Hope=29?= Message-ID: <01E052CA-6578-439F-94AE-557355FEA247@infowarrior.org> The Future Of Social Isn?t Content Spewing (I Hope) Michael Arrington http://www.techcrunch.com/2008/06/02/the-future-of-social-isnt-content-spewing-i-hope/ A conversation broke out today on the future of social media. Venture capitalist Fred Wilson says his vision for the future of social media is very simply ?every single human being posting their thoughts and experiences in any number of ways to the Internet.? Putting aside the fact that most people just don?t want to publish online (and perhaps never will), I still think this vision is incredibly narrow. Don?t get me wrong - I?m not arguing that online publishing isn?t interesting. Scott Karp?s recent rant that user generated content is ?a new form of pollution? and extolling people to publish less, for example, is almost not worth responding to. I don?t agree with Karp, who?s taking a side that also happens to promote the ideas of his new startup, but I?m not sure focusing on services that simply help people publish their life experiences is all that interesting either. Back in 2000 it was fairly hard to do things like write a blog, publish photos (don?t even think about videos back then), or share bookmarks. Today, all that stuff is easy, and in fact there are so many blogging platforms, social networks, bookmarking sites, photo/video sharing services, etc., that consumers are getting overwhelmed with choices that differ only name, it seems. Hell, we even have a micro publishing platform that limits posts to a single word. Now that there are services for virtually every kind of content that users might conceivably want to publish, we need open standards and businesses to emerge that help people link all their disconnected content together into a single online identity - the Centralized Me. This stuff is badly needed because our content is all of the place on the Internet. And it?s unlikely the big guys are going to do the right things for the community without being significant pressure. This isn?t necessarily sexy stuff, but it?s important. Let?s Make All This Online Content Go To Work For us The future of social media, I hope, isn?t in more tools to help us spew more content. Instead, we need ideas and technology that can leverage all this available online content (including status and activity streams) to enhance real world social interactions. The mobile device will be the center of this world. Forget using that device to simply publish content (although it is particularly suited to publish location data, photos and video content). Your mobile device should help you filter out people around you to bring mutually- interested people together. And it should also help you remember key information about the people you already know. Perhaps that?s exactly what Fred meant when he wrote his vision, but it sure looks like he?s focused on simply recording the stuff of life and getting it onto the Internet. That seems like a commodity business to me. It?s enhancing (and in the process controlling to some extent) all the ways people interact with each other that?s the exciting stuff we?ll be seeing shortly. Remember, the word ?social? is there for a reason. The Internet isn?t just about broadcasting and consuming, its about interaction. From rforno at infowarrior.org Mon Jun 2 12:15:08 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jun 2008 08:15:08 -0400 Subject: [Infowarrior] - The Web Content Conservation Movement Message-ID: <151043EE-2E7E-4CF4-9835-6CDD10B2654B@infowarrior.org> Join The Web Content Conservation Movement by Scott Karp http://publishing2.com/2008/04/20/join-the-web-content-conservation-movement/ The other day Erick Schonfeld wrote a post about how he?s feeling even more overwhelmed by new web content steams like Twitter and FriendFeed, and how he?s desperately in need of a better filter. I certainly agree with Erick?s clarion call for a better filter ? that?s why I?m devoting all my time to empowering mainstream journalists to filter the web through link journalism (so many of the people who are great information filters aren?t doing so on the web). But it struck me when I was looking at Erick?s screen capture of a seemingly endless series of Twitter and FriendFeed items in Twhirl that we shouldn?t just be working on the OUTPUT problem by building better filters. We should also be working on the INPUT problem. How do you reduce noise on the web? Simple. Produce less content. If you look at human history in the industrial age, new technologies have inevitably lead to new forms of pollution. Everyone can have electricity ? which means we need lots of fossil fueled power plants. Everyone can have a car ? which means that we have more car exhaust in the atmosphere. Everyone can choose from a large variety of packaged goods in the supermarket, produced in factories and distributed by trains and trucks ? which means we produce more trash. Everyone can have a cell phone ? which means we have to listen to everyone talking on a cell phone. On the web, everyone can publish ? which means we have more content than all the people consuming content on the web can possibly consume. How did we deal with excesses from technology that damaged the environment? By starting a conservation movement. Remember those stickers encouraging you to turn out the lights? So why not start a conservation movement on the web? Next time you?re about to post something to your blog, or Twitter, or Flickr, or YouTube, or any of the 1,000 other publishing platforms, ask yourself this ? does this really add value to the web? Or am I publishing just because I can? Twitter, for example, has added tremendously to the noise on the web by removing what little friction there was in content creation. Random thought popped into your head? Twitter it! Twitter has also lead to some great content being published to the web that never would have found it?s way into a blog post. But it brought with it all of the excess of more useless content. Another form of content pollution on the web is duplicate content ? you can see this every day in the world of tech journalism, where every tech blog and traditional news brand covering tech all write about the same news event. In a typical Techmeme news cluster, you do find some good insight and analysis, but you also have a lot of people repeating the same information over and over again. Of course all of these tech blogs feel an obligation to write every major news story because they have to keep their page views up. But is shoveling as much content as possible onto the web really the best way to create enduring value? I come back, as always, to Google, the most valuable media company on the web. Google doesn?t create any new content ? it just cleans up our mess, like a giant recycling plant. Google cleans up content pollution by linking to the most relevant content, determined by counting all of the links on the web. A link is a form recycling because it references a valuable piece of existing content rather than creating more content. A link reduces pollution just like recycling plastic does. Digg is very web content ?green? ? Digg users might all be posting items on their blogs, in disconnected fashion, adding to the noise. Instead, they pool all of their links on a single Digg item, which reduce noise by prioritizing content that already exists. The highest value Tweets I find on Twitter are the ones with links. Before blogging became a volume game of posting multiple full content items each day, it was about links ? linking to interesting things on the web, helping to reduce the noise, not adding to it. Will you join the Web Content Conservation Movement? Make the web a more livable place. When you leave the room, turn off the light. Think twice before you post. Plant a tree. Link to something. Why should media companies (including blog media companies) help reduce content pollution by creating more links and less content? 1. Filtering the web instead of adding to the content noise works well for Google?s business 2. Links are cheaper to produce 3. Linking is a way for media companies to show their environmental responsibility on the web From rforno at infowarrior.org Tue Jun 3 00:15:54 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jun 2008 20:15:54 -0400 Subject: [Infowarrior] - Cyberwarfare Wish List Message-ID: Cyberwarfare Wish List U.S. Air Force Calls for Help in Beefing Up Specific Capabilities By william matthews Published: 26 May 2008 Print Print | Print Email http://www.defensenews.com/story.php?i=3553238 Know how to hack a computer system and quietly steal information? Can you also deceive, deny, disrupt, degrade or destroy the system? Then the U.S. Air Force wants to hear from you. In mid-May, the Air Force published a request for "white papers" that will show the service how it can achieve "Dominant Cyber Offensive Engagement." It's the latest step the Air Force is taking to build up its cyberwarfare capabilities - offensive as well as defensive. Last fall, the service began assembling its own Cyber Command. The Air Force Research Laboratory plans to spend $3 million this year and another $8 million next year in developing new cyberwarfare techniques. The lab is calling for papers that will help it develop a variety of cyberwarfare skills, including: ? Gaining access to remotely located open or closed computer systems. ? Taking "full control of a network for the purposes of information gathering and effects-based operations." ? Techniques that enable user and root-level access to fixed and mobile computers. ? Methods for gaining access "to any and all operating systems, patch levels, applications and hardware of interest." ? Maintaining an active presence within the adversaries' information infrastructure "completely undetected." ? The capability to "stealthily exfiltrate information" from remote computer systems. ? And if stealth fails, the ability to "deceive, deny, disrupt, degrade, destroy (D5)" a targeted computer system. On the defensive side, the Air Force wants to develop "Proactive Botnet Defense Technology." That appears to be technology that would protect U.S. computer systems against the type of directed denial-of-service attacks that crippled Estonia's cyber infrastructure in April 2007. In that instance, Estonia blamed Russia for the attack, but Russian government officials denied any involvement. The Air Force Research Lab also wants to explore whether different computer architectures and new protocols can improve security. Air Force Laboratory officials did not respond to repeated requests for details about their new cyberwarfare effort. Growing Concern But the push to increase cyberwarfare proficiency comes amid growing concern for U.S. cyber vulnerability. In 2005, the Air Force added "and cyberspace" to its vow to fly and fight in air and space. And last fall, the service began assembling a Cyber Command that will be responsible for "cyberspace operations." "In the last decade, people have realized that cyberwarfare is a critical domain of national security," said William Martel, a Tufts University professor and former chairman of space technology and policy studies at the Naval War College. "The significance of cyber can't be overstated. It may be as strategically significant as nuclear weapons and ballistic missiles over time," Martel said. "Cyber technology, cyber security and cyberwarfare opens up an entirely new arena of warfare in which state and non-state actors are on a level playing field," he said. It costs little to launch a cyberattack. Terrorists, organized criminals and Third World countries can easily afford it. Cybersecurity experts say attacks could seriously affect daily life in the United States by disrupting utilities such as electricity and water, halting air traffic, interrupting commerce, even interfering with emergency response capabilities. "The possibilities are limitless here," Martel said. "Over time, cyberwarfare might make traditional warfare look a little pass?." Recent cyber events have put the United States on the defensive, Martel said. The Chinese military is believed to be responsible for recent cyber break-ins to U.S. Department of Defense computer and communications systems. Al-Qaida has become uncomfortably adept at using the Internet to spread propaganda, recruit followers and train terrorists, he said. Can cyberwarfare be far behind? Much of what the Air Force Research Lab says it wants to do looks "very doable," said Richard Forno, a cyber security expert who counts the U.S. military and major corporations among his clients. But while developing new cyber capabilities, the Air Force also ought to consider new organizational approaches, he said. "I don't believe big bureaucratic organizations with tons of contract vehicles" is the best way to approach the problem. Relying on a cadre of carefully monitored hackers might be more effective, he said. Concern about cyberwarfare is spreading well beyond the United States. On May 14, two days after the Air Force Lab called for ideas, NATO began setting up a cyber defense training center in Tallinn, Estonia. The Cooperative Cyber Defence Center of Excellence is scheduled to open in 2009 and will be operated by computer specialists from Germany, Italy, Spain, Latvia, Lithuania, Slovakia and Estonia. In its cyber push, the Air Force Lab is moving quickly. The first batch of white papers is due June 5 for projects to be funded in 2008 and March 1, 2009, for projects to be funded next year. The papers are to be three to 10 pages long and submitted by e-mail, CD or on paper. If on paper, three copies are required. Work contracts are expected to be worth $200,000 to $1.5 million apiece and last for two years. From rforno at infowarrior.org Tue Jun 3 00:24:08 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 2 Jun 2008 20:24:08 -0400 Subject: [Infowarrior] - Fwd: Hezbollah's Cyber Warfare Program References: Message-ID: <17B7C4D0-3BF9-4AA8-8970-646B13BE1B00@infowarrior.org> > From: "Simon Taplin" > > Hezbollah's Cyber Warfare Program > > http://www.defensetech.org/archives/004216.html > > Hezbollah's Cyber Warfare Program > > Last week, Homeland Security Secretary Michael Chertoff warned that > the Hezbollah resistance movement is the greatest threat to US > national security. Hezbollah is known or suspected to have been > involved in numerous terror attacks against the U.S., Israel or other > Western targets, and includes the 1983 suicide truck bombings in > Beirut that killed 241 U.S. Marines at their barracks and 58 at the > French military barracks. Intelligence officials in the U.S. and > Britain believe Hezbollah cells may use their computer expertise and > capabilities to launch cyber attacks. > > A 2002 CIA report warned a number of terrorist groups are beginning to > plan attacks on western computer networks. The report went on to say > that al-Qaeda and Hezbollah were becoming more adept at using the > internet and computer technologies. In more recent reports they name > Sunni extremists Hezbollah and Aleph as groups believed to be > developing cyber terrorism plans. For terrorist groups, cyber weapons > are cheap, easy to acquire and difficult to detect or track and are > quickly becoming a common weapon in their arsenal. > > While Hezbollah's capabilities to launch such an attack are > questionable, the intelligence community in U.S., Britain and Israeli > are taking the threat seriously. Why, because Hezbollah showed its > increasing technological sophistication and capabilities during its > war with Israel back in 2006. Once Israel began bombing Hezbollah > targets, the intelligence sources say cyber space began. While > intelligence analysts are convinced conventional terror remains > Hezbollah's main strategy and weapon, some believe that it could > activate sleeper cells in order to open a second front in cyber space. > Intelligence sources know that terrorist groups including Hezbollah, > the Abu Nidal Organization, and UBL's Al-Qeida Organization are using > computerized files, email, and encryption to support their operations. > > Hezbollah Profile (AKA Hizbollah, Hizbu'llah) > Established In the 1980s > Home Base: Lebanon, but it also has cells in North/South America, > Asia, Europe and Africa. > Support: Iran and Syria provide substantial organizational, training > and financing. > Orientation: Hezbollah is a radical Iranian-backed Lebanese Islamic > Shiite group > Funding: estimated at $60 million annually > Size: Hezbollah's core consists of several thousand militants and > activists > Equipment: Hezbollah possesses up-to-date information technologies - > broadband wireless networks and computers. > Cyber Capabilities: Global Rating in Cyber Capabilities -- Tied at > Number 37 > > Hezbollah has been able to engage in fiber optic cable tapping, > enabling data interception and the hijacking of Internet and > communication connections. > Cyber Warfare Budget: $935,000 USD > Offensive Cyber Capabilities: 3.1 (1 = Low, 3 = Moderate and 5 = > Significant) > Cyber Weapons Rating: Basic -- but developing intermediate > capabilities > Web Site: http://www.hizbollah.org or www.hizballah.org > Ties: Hezbollah has close ties with Iran. Many believe that Hezbollah > is a surrogate for the Iranian army > Fact: Hezbollah leader Hassan Nasrallah declared May 8, 2008 that the > Shiite militant group's communications network is its most important > weapon, and that the government's decision to target the network was > tantamount to a declaration of war. In Hezbollah's view, its > communications technology is just as essential for the group's > survival as its missiles. > > Hezbollah is on the U.S. State Department's list of terrorist > organizations. The FBI says it now considers Hezbollah operatives more > capable and robust than even Al Qaeda terrorists. With Hezbollah's > interest in developing advanced cyber weapons, their capabilities will > continue to increase. As we have seen, the proliferation of cyber > weapons is rapidly expanding and no longer limited to nation states > and organized criminal groups. The cyber arms club now includes > terrorist groups. Using new hacking techniques, taking advantage of > security vulnerabilities and using simple proven cyber attack methods, > terrorists have the capability to attack us in way not seen before. > Key infrastructure systems that include utilities, banking, media/TV > systems, telecommunications and air traffic control systems have > already been compromised. No one knows if cyber terrorists created > trap doors and left logic bombs allowing them to easily bypass > security systems and disrupt our critical infrastructure in > coordination with traditional style attacks. > > -- Kevin Coleman From rforno at infowarrior.org Tue Jun 3 12:51:32 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 3 Jun 2008 08:51:32 -0400 Subject: [Infowarrior] - Airlines May Treat Passengers `Like Freight' to Beat Fuel Surge Message-ID: <64C31B90-724D-49F9-AAC9-3806BAE28B5C@infowarrior.org> Airlines May Treat Passengers `Like Freight' to Beat Fuel Surge By Michael Janofsky Enlarge Image/Details June 3 (Bloomberg) -- Imagine two scales at the airline ticket counter, one for your bags and one for you. The price of a ticket depends upon the weight of both. That may not be so far-fetched. ``You listen to the airline CEOs, and nothing is beyond their imagination,'' said David Castelveter, a spokesman for the Air Transport Association, a Washington, D.C.-based trade group. ``They have already begun to think exotically. Nothing is not under the microscope.'' He declined to discuss what any individual airline might be contemplating, including charging passengers based on weight. With fuel costs almost tripling since 2000, now accounting for as much as 40 percent of operating expenses at some carriers, according to the ATA, airlines are cutting costs and raising revenue in ways that once were unthinkable. U.S. Airways Group Inc. has eliminated snacks. Delta Air Lines Inc. is charging $25 for telephone reservations. AMR Corp.'s American Airlines last month became the first U.S. company to charge $15 for one checked bag. Even a cold drink may be harder to come by aloft. < - > http://www.bloomberg.com/apps/news?pid=20601109&sid=aJmRIapedEs0&refer=home From rforno at infowarrior.org Tue Jun 3 12:55:02 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 3 Jun 2008 08:55:02 -0400 Subject: [Infowarrior] - US to demand 72hrs notice for British tourists Message-ID: <610B18EF-CB62-4256-A320-2571F04E0A53@infowarrior.org> (Way to spread the welcome wagon, folks.......because, after all, ANYONE could be a tear-ist.....rf) US to demand 72hrs notice for British tourists By Andy Bloxham Last updated: 12:00 PM BST 03/06/2008 http://www.telegraph.co.uk/travel/2067319/US-to-demand-72hrs-notice-for-British-tourists.html?service=print British visitors to the United States will have to register their trip with the American government 72 hours before they leave under new plans. All travellers from countries which do not currently require a visa will be forced to tell the Americans that they are coming. The rule is intended to bolster US security and was expected to be announced today by Homeland Security secretary Michael Chertoff. The move is likely to renew the worries of big business in Europe that deal-clinching, last-minute flights could become more difficult. Last year, European firms announced their concerns over a plan to introduce compulsory registration 48 hours before travel. The plans to be announced today are expected to come into force in January next year. At present, 27 countries participate in the 'visa waiver program', including the UK, most of western Europe, Australia, Japan, New Zealand, and Singapore. Once a traveller has registered under the new rules for the first time, it will be valid for multiple entries over a two-year period. The new system will begin accepting registrations from August. To register, travellers will have to contact travel agents, airline websites or through a purpose-built US government website. A spokesman for Homeland Security said the registrations would require the same information as the I-94 form now in use. The official added that the government was trying to stop people like 'shoe bomber' Richard Reid, who tried to destroy an airliner with explosives hidden in his trainer. Zacarias Moussaoui, the French man who was convicted of involvement in the September 11 attacks, also entered the US without a visa. The spokesman said: "History has shown that it is na?ve to assume a traveller from a [visa waiver] country automatically constitutes a lesser threat than a visa applicant who has undergone greater scrutiny prior to travel." In January this year, Mr Chertoff said there was only a "small window" to check on the background of most visitors from Europe and expressed the desire for better vetting. He added: "Terrorists are increasingly looking to Europe as both a target and a platform for terrorist attacks." General Michael Hayden, director of the Central Intelligence Agency, has also warned that al-Qa'eda was trying to recruit westerners as potential attackers for their ability to blend into the US. In February, the EU outlined similar plans for travellers to Europe who do not currently require a visa for short visits. Story from Telegraph Travel: http://www.telegraph.co.uk/travel/2067319/US-to-demand-72hrs-notice-for-British-tourists.html From rforno at infowarrior.org Wed Jun 4 17:02:29 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jun 2008 13:02:29 -0400 Subject: [Infowarrior] - New agreement lets US strike any country from inside Iraq Message-ID: <1DA7ABCB-69DA-4043-8FB0-F19FE99E3C2E@infowarrior.org> New agreement lets US strike any country from inside Iraq 06/04/2008 12:28 AM | By Basil Adas, Correspondent A proposed Iraqi-American security agreement will include permanent American bases in the country, and the right for the United States to strike, from within Iraqi territory, any country it considers a threat to its national security, Gulf News has learned. Senior Iraqi military sources have told Gulf News that the long-term controversial agreement is likely to include three major items. Under the agreement, Iraqi security institutions such as Defence, Interior and National Security ministries, as well as armament contracts, will be under American supervision for ten years. The agreement is also likely to give American forces permanent military bases in the country, as well as the right to move against any country considered to be a threat against world stability or acting against Iraqi or American interests. < - > http://www.gulfnews.com/region/Iraq/10218150.html From rforno at infowarrior.org Wed Jun 4 19:57:31 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 4 Jun 2008 15:57:31 -0400 Subject: [Infowarrior] - McCain: I'd Spy on Americans Secretly, Too Message-ID: <64082EF7-92B6-4792-8D86-8DCF3B714ACB@infowarrior.org> McCain: I'd Spy on Americans Secretly, Too By Ryan Singel EmailJune 03, 2008 | 5:06:25 PMCategories: Election '08, NSA http://blog.wired.com/27bstroke6/2008/06/mccain-id-spy-o.html If elected president, Senator John McCain would reserve the right to run his own warrantless wiretapping program against Americans, based on the theory that the president's wartime powers trump federal criminal statutes and court oversight, according to a statement released by his campaign Monday. McCain's new tack towards the Bush administration's theory of executive power comes some 10 days after a McCain surrogate stated, incorrectly it seems, that the senator wanted hearings into telecom companies' cooperation with President Bush's warrantless wiretapping program, before he'd support giving those companies retroactive legal immunity. As first reported by Threat Level, Chuck Fish, a full-time lawyer for the McCain campaign, also said McCain wanted stricter rules on how the nation's telecoms work with U.S. spy agencies, and expected those companies to apologize for any lawbreaking before winning amnesty. But Monday, McCain adviser Doug Holtz-Eakin, speaking for the campaign, disavowed those statements, and for the first time cast McCain's views on warrantless wiretapping as identical to Bush's. [N]either the Administration nor the telecoms need apologize for actions that most people, except for the ACLU and the trial lawyers, understand were Constitutional and appropriate in the wake of the attacks on September 11, 2001. [...] We do not know what lies ahead in our nation?s fight against radical Islamic extremists, but John McCain will do everything he can to protect Americans from such threats, including asking the telecoms for appropriate assistance to collect intelligence against foreign threats to the United States as authorized by Article II of the Constitution. The Article II citation is key, since it refers to President Bush's longstanding arguments that the president has nearly unlimited powers during a time of war. The administration's analysis went so far as to say the Fourth Amendment did not apply inside the United States in the fight against terrorism, in one legal opinion from 2001. McCain's new position plainly contradicts statements he made in a December 20, 2007 interview with the Boston Globe where he implicitly criticized Bush's five-year secret end-run around the Foreign Intelligence Surveillance Act. "I think that presidents have the obligation to obey and enforce laws that are passed by Congress and signed into law by the president, no matter what the situation is," McCain said. The Globe's Charlie Savage pushed further, asking , "So is that a no, in other words, federal statute trumps inherent power in that case, warrantless surveillance?" To which McCain answered, "I don't think the president has the right to disobey any law." McCain's embrace of extrajudicial domestic wiretapping is effectively a bounce-back from Fish's comments, made at the Computers, Freedom and Privacy conference in Connecticut last month. When liberal blogs picked up the story that McCain had moved to the left on wiretapping, the McCain campaign issued a letter insisting that he still supported unconditional immunity, as well as new rules that would expand the nation's spy powers. The campaign's response was consistent with McCain's past positions and votes. But it riled Andrew McCarthy at the conservative National Review Online, who read the campaign's position as a disavowal of Bush's warrantless wiretapping program, and a wimpy surrender of executive power to Congress. "What does it mean when he says Sen. McCain does not want the telecoms put into this position again?" McCarthy asked. "Is he saying that in a time of national crisis, the president should not be permitted to ask the telecoms for assistance that is arguably beyond what is prescribed in a statute?" That's when the campaign issued the letter explaining McCain's new views of executive power, and revealing that McCain would, in certain future circumstances, rely on the same theory of executive power in wartime. A spokesperson for McCain's camp did not respond to a request Monday for an explanation of the difference between the new policy and the December interview. From rforno at infowarrior.org Thu Jun 5 12:25:45 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jun 2008 08:25:45 -0400 Subject: [Infowarrior] - HPSCI Chair open to GOP FISA Proposal Message-ID: <9EF80A37-F4AF-45F4-90D2-27647286EDEB@infowarrior.org> House Chairman Open To Republican Compromise On FISA Wed. Jun 4, 2008 http://www.nationaljournal.com/congressdaily/cda_20080604_2346.php The House Intelligence Committee's top Democrat disclosed late Tuesday that he is ready to accept a Republican-brokered deal to rewrite the nation's electronic surveillance laws, signaling that a long-running congressional impasse could soon be coming to an end. House Intelligence Chairman Silvestre Reyes told CongressDaily that he is "fine" with language offered by Senate Intelligence ranking member Christopher (Kit) Bond and other Republicans to overhaul the Foreign Intelligence Surveillance Act. Notably, the GOP language, which was offered a day before the recent congressional recess, would leave it up to the secret FISA court to grant retroactive legal immunity to telecommunications companies that have helped the Bush administration conduct electronic surveillance on the communications of U.S. citizens without warrants. About 40 civil lawsuits already have been filed against the companies. The administration, Bond and other Republicans had backed a Senate- passed FISA bill that would have shielded the telecom firms from the lawsuits upon enactment. "It's about finding middle ground and we have middle ground," Reyes said of the compromise offered by Republicans. "It's not going to please everyone but let's get on with it." Reyes said he believes enough Democrats will support the proposal to pass it in the House. But he said House Majority Leader Hoyer told him that House Democratic leaders want to have the liability of the telecoms reviewed in federal district court as opposed to the FISA court. A senior Reyes aide clarified his boss' positions by saying that while Reyes thinks Bond's proposal is a positive one, he remains supportive of Hoyer's efforts to improve on it. A FISA reform bill passed by the House earlier this year would have had the cases heard in district court. Efforts to obtain comment from Hoyer's office were unsuccessful at presstime and Reyes' assertion that the GOP language would pass the House could not be confirmed. Public interest groups such as the American Civil Liberties Union have criticized the GOP language on the immunity issue, saying it does not empower the FISA court to determine if the administration or the telecom firms broke the law. They say the court review would be too limited to give plantiffs in the lawsuits a fair hearing. On another issue, the proposed GOP compromise would require the administration to submit its procedures and certifications to the FISA court for review before surveillance could begin, except in exigent circumstances. This would apply to wiretaps involving the communications of a U.S. citizen inside the United States. Republicans also have said they will accept, for the most part, language from House Democrats making FISA the exclusive means for conducting wiretaps to collect foreign intelligence. House Speaker Pelosi has said that having such language in a final FISA bill is her top priority. And Republicans have agreed to accept a Democratic demand that the inspectors general of the intelligence agencies conduct audits of the terrorist surveillance program. The House-passed FISA bill included a provision that would have established an independent commission to investigate the administration's warrantless wiretapping activities. "We knew we weren't going to get everything, but we need to get this done," Reyes said. by Chris Strohm From rforno at infowarrior.org Thu Jun 5 21:02:26 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jun 2008 17:02:26 -0400 Subject: [Infowarrior] - USAF leadership quits over nuclear issue Message-ID: <10AD03BC-3CA7-4184-A5F5-3DEC447F7FD3@infowarrior.org> http://www.reuters.com/articlePrint?articleId=USWAT00960720080605 Air Force leadership quits over nuclear issue Thu Jun 5, 2008 4:38pm EDT By Kristin Roberts WASHINGTON (Reuters) - U.S. Defense Secretary Robert Gates said on Thursday the Air Force's top two officials resigned after incidents that raised questions about the security of America's nuclear weapons and parts. Defense officials said the two were effectively fired amid mounting strain between the Air Force and the Pentagon over spending priorities and other issues. A senior U.S. defense official tied the decision directly to the findings of an investigation into the U.S. military's mistaken shipment of fuses for nuclear missiles to Taiwan. Gates said Air Force Secretary Michael Wynne and Chief of Staff Gen. Michael Moseley, the top civilian and military leaders, had submitted their resignations and that he had accepted them. He told a press briefing that he would recommend replacements for Wynne and Moseley at a later time. Meanwhile, Gates said former Defense Secretary James Schlesinger would head a senior level task force to "recommend improvements necessary to ensure that the highest levels of accountability and control are maintained in the stewardship of nuclear weapons." Both Wynne and Moseley were asked to resign, and both have submitted their resignations, an official said. The resignations follow a string of embarrassing incidents for the Air Force. "Over the last several months, you could sense that some change was coming and probably people would be fired," said Loren Thompson, a military analyst at the Lexington Institute. In August 2007, an Air Force bomber mistakenly armed with six nuclear warheads flew across the United States. The Air Force fired a commander in response, but lawmakers criticized what they saw as a lack of accountability. Senior Pentagon officials raised concerns about the issue as recently as last week, said one source familiar with the discussions. NUCLEAR PROBE WAS CRITICAL OF AIR FORCE Concern about the security of U.S. nuclear and nuclear-related equipment escalated in March when the Pentagon admitted the erroneous fuse shipment to Taiwan in 2006. The U.S. military never caught that error, which was brought to light by Taiwanese authorities. ? Thomson Reuters 2008. From rforno at infowarrior.org Fri Jun 6 02:05:30 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jun 2008 22:05:30 -0400 Subject: [Infowarrior] - Militarizing Your Cyberspace Message-ID: <0941148F-454F-4B3F-B0AD-98AAD0F575C4@infowarrior.org> Tomgram: William Astore, Militarizing Your Cyberspace http://www.tomdispatch.com/post/174940/william_astore_militarizing_your_cyberspace Be depressed. Be very depressed. You thought that cyberspace -- a term conjured up long ago by that neuromancer, sci-fi author William Gibson -- was the last frontier of freedom. Well, think again. If the U.S. Air Force has anything to say about it, cyber-freedom will, in the not so distant future, be just another word for domination. Air Force officials, despite a year-long air surge in Iraq, undoubtedly worry that Secretary of Defense Robert Gates's "next wars" (two, three, many Afghanistans) won't have much room for air glory. Recently, looking for new realms to bomb, it launched itself into cyberspace. The Air Force has now set up its own Cyber Command, redefined the Internet as just more "air space" fit for "cyber-craft," and launched its own Bush-style preemptive strike on the other military services for budgetary control of the same. If that's not enough for you, it's now proposing a massive $30 billion cyberspace boondoggle, as retired Air Force Lt. Col. William Astore writes below, that will, theoretically, provide the Air Force with the ability to fry any computer on Earth. And don't think the other services are likely to take this lying down. Expect cyberwar in the Pentagon before this is all over. In the meantime, think of cyberspace, in military terms, as a new realm for nuclear-style strategy, with its own developing version of "first-strike capability," its own future versions of "mutually assured destruction," its own "windows of vulnerability" to be closed (while exploiting those of the enemy), and undoubtedly its own "cyber-gaps." In fact, it looks like the national-security version of cyberspace may soon be a very, very busy place. Noah Shachtman, who covers the subject like a rug at his Wired Magazine Danger Room blog, recently noted that Comcast, the country's second-largest Internet provider, "has just advertised for an engineer to handle 'reconnaissance' and 'analysis' of 'subscriber intelligence' for the company's 'National Security Operations'" -- that is, for the U.S. government. ("Day-to- day tasks, the company says in an online job listing, will include 'deploy[ing], installing] and remov[ing] strategic and tactical data intercept equipment on a nationwide basis to meet Comcast and Government lawful intercept needs.'") Ain't that sweet. And it shouldn't be too tough a job. As Shachtman also points out, "Since May 2007, all Internet providers have been required to install gear for easy wiretapping under the Communications Assistance for Law Enforcement Act." Sigh. Those who don't learn from history are bound to? get ever more bloated budgets. Tom Attention Geeks and Hackers Uncle Sam's Cyber Force Wants You! By William J. Astore Recently, while I was on a visit to Salon.com, my computer screen momentarily went black. A glitch? A power surge? No, it was a pop-up ad for the U.S. Air Force, warning me that an enemy cyber-attack could come at any moment -- with dire consequences for my ability to connect to the Internet. It was an Outer Limits moment. Remember that eerie sci-fi show from the early 1960s? The one that began in a blur with the message, "There is nothing wrong with your television set. Do not attempt to adjust the picture. We are controlling transmission?." It felt a little like that. And speaking of Air Force ads, there's one currently running on TV and on the Internet that starts with a bird's eye view of the Pentagon as a narrator intones, "This building will be attacked three million times today. Who's going to protect it?" Two Army colleagues of mine nearly died on September 11, 2001, when the third hijacked plane crashed into the Pentagon, so I can't say I appreciated the none- too-subtle reminder of that day's carnage. Leaving that aside, it turns out that the ad is referring to cyber-attacks and that the cyber protector it has in mind is a new breed of "air" warrior, part of an entirely new Cyber Command run by the Air Force. Using the latest technology, our cyber elite will "shoot down" enemy hackers and saboteurs, both foreign and domestic, thereby dominating the realm of cyberspace, just as the Air Force is currently seeking to dominate the planet's air space -- and then space itself "to the shining stars and beyond." Part of the Air Force's new "above all" vision of full-spectrum dominance, America's emerging cyber force has control fantasies that would impress George Orwell. Working with the Defense Advanced Research Projects Agency (DARPA), the Department of Homeland Security, and other governmental agencies, the Air Force's stated goal is to gain access to, and control over, any and all networked computers, anywhere on Earth, at a proposed cost to you, the American taxpayer, of $30 billion over the first five years. Here, the Air Force is advancing the now familiar Bush-era idea that the only effective defense is a dominating offense. According to Lani Kass, previously the head of the Air Force's Cyberspace Task Force and now a special assistant to the Air Force Chief of Staff, "If you're defending in cyber [space], you're already too late. Cyber delivers on the original promise of air power. If you don't dominate in cyber, you cannot dominate in other domains." Such logic is commonplace in today's Air Force (as it has been for Bush administration foreign policy). A threat is identified, our vulnerability to it is trumpeted, and then our response is to spend tens of billions of dollars launching a quest for total domination. Thus, on May 12th of this year, the Air Force Research Laboratory posted an official "request for proposal" seeking contractor bids to begin the push to achieve "dominant cyber offensive engagement." The desired capabilities constitute a disturbing militarization of cyberspace: "Of interest are any and all techniques to enable user and/or root access to both fixed (PC) or mobile computing platforms. Robust methodologies to enable access to any and all operating systems, patch levels, applications and hardware?. [T]echnology? to maintain an active presence within the adversaries' information infrastructure completely undetected? [A]ny and all techniques to enable stealth and persistence capabilities? [C]apability to stealthily exfiltrate information from any remotely-located open or closed computer information systems?" Stealthily infiltrating, stealing, and exfiltrating: Sounds like cyber-cat burglars, or perhaps invisible cyber-SEALS, as in that U.S. Navy "empty beach at night" commercial. This is consistent with an Air Force-sponsored concept paper on "network-centric warfare," which posits the deployment of so-called "cyber-craft" in cyberspace to "disable terminals, nodes or the entire network as well as send commands to ?fry' their hard drives." Somebody clever with acronyms came up with D5, an all-encompassing term that embraces the ability to deceive, deny, disrupt, degrade, and destroy an enemy's computer information systems. No one, it seems, is the least bit worried that a single-minded pursuit of cyber-"destruction" -- analogous to that "crush? kill? destroy" android on the 1960s TV series "Lost in Space" -- could create a new arena for that old Cold War nuclear acronym MAD (mutually assured destruction), as America's enemies and rivals seek to D5 our terminals, nodes, and networks. Here's another less-than-comforting thought: America's new Cyber Force will most likely be widely distributed in basing terms. In fact, the Air Force prefers a "headquarters" spread across several bases here in the U.S., thereby cleverly tapping the political support of more than a few members of Congress. Finally, if, after all this talk of the need for "information dominance" and the five D's, you still remain skeptical, the Air Force has prepared an online "What Do You Think?" survey and quiz (paid for, again, by you, the taxpayer, of course) to silence naysayers and cyberspace appeasers. It will disabuse you of the notion that the Internet is a somewhat benign realm where cooperation of all sorts, including the international sort, is possible. You'll learn, instead, that we face nothing but ceaseless hostility from cyber-thugs seeking to terrorize all of us everywhere all the time. Of Ugly Babies, Icebergs, and Air Force Computer Systems Computers and their various networks are unquestionably vital to our national defense -- indeed, to our very way of life -- and we do need to be able to protect them from cyber attacks. In addition, striking at an enemy's ability to command and control its forces has always been part of warfare. But spending $6 billion a year for five years on a mini-Manhattan Project to atomize our opponents' computer networks is an escalatory boondoggle of the worst sort. Leaving aside the striking potential for the abuse of privacy, or the potentially destabilizing responses of rivals to such aggressive online plans, the Air Force's militarization of cyberspace is likely to yield uncertain technical benefits at inflated prices, if my experience working on two big Air Force computer projects counts for anything. Admittedly, that experience is a bit dated, but keep in mind that the wheels of procurement reform at the Department of Defense (DoD) do turn slowly, when they turn at all. Two decades ago, while I was at the Space Surveillance Center in Cheyenne Mountain, the Air Force awarded a contract to update our computer system. The new system, known as SPADOC 4, was, as one Air Force tester put it, the "ugly baby." Years later, and no prettier, the baby finally came on-line, part of a Cheyenne Mountain upgrade that was hundreds of millions of dollars over budget. One Air Force captain described it in the following way: "The SPADOC system was? designed very poorly in terms of its human machine interface? [leading to] a lot of work arounds that make learning the system difficult? [Fortunately,] people are adaptable and they can learn to operate a poorly designed machine, like SPADOC, [but the result is] increased training time, increased stress for the operators, increased human errors under stress and unused machine capabilities." My second experience came a decade ago, when I worked on the Air Force Mission Support System or AFMSS. The idea was to enable pilots to plan their missions using the latest tools of technology, rather than paper charts, rulers, and calculators. A sound idea, but again botched in execution. The Air Force tried to design a mission planner for every platform and mission, from tankers to bombers. To meet such disparate needs took time, money, and massive computing power, so the Air Force went with Unix-based SPARC platforms, which occupied a small room. The software itself was difficult to learn, even counter-intuitive. While the Air Force struggled, year after year, to get AFMSS to work, competitors came along with PC-based flight planners, which provided 80% of AFMSS's functionality at a fraction of the cost. Naturally, pilots began clamoring for the portable, easy-to-learn PC system. Fundamentally, the whole DoD procurement cycle had gone wrong -- and there lies a lesson for the present cyber-moment. The Pentagon is fairly good at producing decent ships, tanks, and planes (never mind the typical cost overruns, the gold-plating, and so on). After all, an advanced ship or tank, even deployed a few years late, is normally still an effective weapon. But a computer system a few years late? That's a paperweight or a doorstop. That's your basic disaster. Hence the push for the DoD to rely, whenever possible, on COTS, or commercial-off-the-shelf, software and hardware. Don't get me wrong: I'm not saying it's only the Pentagon that has trouble designing, acquiring, and fielding new computer systems. Think of it as a problem of large, by-the-book bureaucracies. Just look at the FBI's computer debacle attempting (for years) to install new systems that failed disastrously, or for that matter the ever more imperial Microsoft's struggles with Vista. Judging by my past experience with large-scale Air Force computer projects, that $30 billion will turn out to be just the tip of the cyber-war procurement iceberg and, while you're at it, call those "five years" of development 10. Shackled to a multi-year procurement cycle of great regulatory rigidity and complexity, the Air Force is likely to struggle but fail to keep up with the far more flexible and creative cyber world, which almost daily sees the fielding of new machines and applications. Loving Big "Cyber" Brother Our military is the ultimate centralized, bureaucratic, hierarchical organization. Its tolerance for errors and risky or "deviant" behavior is low. Its culture is designed to foster obedience, loyalty, regularity, and predictability, all usually necessary in handling frantic life-or-death combat situations. It is difficult to imagine a culture more antithetical to the world of computer developers, programmers, and hackers. So expect a culture clash in militarized cyberspace -- and more taxpayers' money wasted -- as the Internet and the civilian computing world continue to outpace anything the DoD can muster. If, however, the Air Force should somehow manage to defy the odds and succeed, the future might be even scarier. After all, do we really want the military to dominate cyberspace? Let's say we answer "yes" because we love our big "Above All" cyber brother. Now, imagine you're Chinese or Indian or Russian. Would you really cede total cyber dominance to the United States without a fight? Not likely. You would simply launch -- or intensify -- your own cyber war efforts. Interestingly, a few people have surmised that the Air Force's cyber war plans are so outlandish they must be bluster -- a sort of warning shot to competitors not to dare risk a cyber attack on the U.S., because they'd then face cyber obliteration. Yet it's more likely that the Air Force is quite sincere in promoting its $30 billion "mini-Manhattan" cyber-war project. It has its own private reasons for attempting to expand into a new realm (and so create new budget authority as well). After all, as a service, it's been somewhat marginalized in the War on Terror. Today's Air Force is in a flat spin, its new planes so expensive that relatively few can be purchased, its pilots increasingly diverted to "fly" Predators and Reapers -- unmanned aerial vehicles -- its top command eager to ward off the threat of future irrelevancy. But even in cyberspace, irrelevancy may prove the name of the game. Judging by the results of previous U.S. military-run computer projects, future Air Force "cyber-craft" may prove more than a day late and billions of dollars short. William J. Astore, a retired lieutenant colonel (USAF), has taught at the Air Force Academy and the Naval Postgraduate School. He currently teaches at the Pennsylvania College of Technology. A regular contributor to Tomdispatch, he is the author of Hindenburg: Icon of German Militarism (Potomac, 2005). His email is wastore at pct.edu. Copyright 2008 William J. Astore From rforno at infowarrior.org Fri Jun 6 02:15:00 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jun 2008 22:15:00 -0400 Subject: [Infowarrior] - =?windows-1252?q?Internet_Traffic_/_Attack_Trends?= =?windows-1252?q?_=97_A_View_from_67_ISPs?= Message-ID: <036D4208-6807-4DF0-B08E-000761F4080D@infowarrior.org> Internet Traffic Trends ? A View from 67 ISPs Craig Labovitz, Danny McPherson, Mike Hollyman & Scott Iekel-Johnson, Arbor Networks Abstract: We present Internet traffic and attack statistics from a two year study of 67 geographically and topologically diverse ISPs. Over the course of the study, each participating ISP anonymously contributed detailed time series and anomaly traffic datasets covering the majority of their inter-domain traffic to our central servers. We believe this datasets represents one of the first global views of broad Internet traffic trends and Internet traffic evolution. PDF: http://www.nanog.org/mtg-0806/presentations/tuesday/Labovitz_internetstats_N43.pdf From rforno at infowarrior.org Fri Jun 6 02:19:33 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 5 Jun 2008 22:19:33 -0400 Subject: [Infowarrior] - No joke...MPAA sends DMCA notice to laser printers Message-ID: <50ACB072-E5A1-40F1-8A0F-B1003936599A@infowarrior.org> ...you can't make this stuff up. Article has inline links to the studies cited. --rf The Inexact Science Behind DMCA Takedown Notices By Brad Stone http://bits.blogs.nytimes.com/2008/06/05/the-inexact-science-behind-dmca-takedown-notices/index.html A new study from the University of Washington suggests that media industry trade groups are using flawed tactics in their investigations of users who violate copyrights on peer-to-peer file sharing networks. Those trade groups, including the Motion Picture Association of America (M.P.A.A.) Entertainment Software Association (E.S.A.) and Recording Industry Association of America (R.I.A.A.), send universities and other network operators an increasing number of takedown notices each year, alleging that their intellectual property rights have been violated under the Digital Millennium Copyright Act. Many universities pass those letters directly on to students without questioning the veracity of the allegations. The R.I.A.A. in particular follows up some of those notices by threatening legal action and forcing alleged file-sharers into a financial settlement. But the study, released Thursday by Tadayoshi Kohno, an assistant professor, Michael Piatek a graduate student, and Arvind Krishnamurthy, a research assistant professor, all at the University of Washington, argues that perhaps those takedown notices should be viewed more skeptically. The paper finds that there is a serious flaw in how these trade groups finger alleged file-sharers. It also suggests that some people might be getting improperly accused of sharing copyrighted content, and could even be purposely framed by other users. In two separate studies in August of 2007 and May of this year, the researchers set out to examine who was participating in BitTorrent file-sharing networks and what they were sharing. The researchers introduced software agents into these networks to monitor their traffic. Even though those software agents did not download any files, the researchers say they received over 400 take-down requests accusing them of participating in the downloads. The researchers concluded that enforcement agencies are looking only at I.P. addresses of participants on these peer-to-peer networks, and not what files are actually downloaded or uploaded?a more resource- intensive process that would nevertheless yield more conclusive information. In their report, the researchers also demonstrate a way to manipulate I.P. addresses so that another user appears responsible for the file- sharing. An inanimate object could also get the blame. The researchers rigged the software agents to implicate three laserjet printers, which were then accused in takedown letters by the M.P.A.A. of downloading copies of ?Iron Man? and the latest Indiana Jones film. ?Because current enforcement techniques are weak, it is possible that anyone, regardless of sharing content or using BitTorrent, could get a D.M.C.A. takedown notice claiming they were committing copyright infringement,? said Mr. Piatek. In their paper, the researchers argue for greater transparency and public review of Big Media?s intellectual property enforcement actions. ?Our study scientifically shows that flaws exists,? said Mr. Kohno, an assistant professor in the university?s Computer Science and Engineering department. ?It?s impossible to prove that other flaws don?t exist, especially since current industry practices are so shrouded in mystery. Ultimately, we think that our results should provide a wake-up call for more openness on the parts of content enforcers.? From rforno at infowarrior.org Fri Jun 6 15:51:11 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jun 2008 11:51:11 -0400 Subject: [Infowarrior] - Computer Hack Could Lead to JDAM Strike Message-ID: <934D0F98-2D49-4EC4-89E5-33BA2A4862CF@infowarrior.org> Computer Hack Could Lead to JDAM Strike June 05, 2008 Military.com|by Christian Lowe http://www.military.com/news/article/computer-hack-risks-cyber-jdam-strike.html?ESRC=eb.nl It's just like blowing up a building, or is it? Type up some nefarious code, hack into a government system and "boom" you bring down the whole network without even firing a shot, right? Well that's not how the Air Force's cyber warriors see it. To them, dropping a "logic bomb" into a computer network is the same as launching a 2,000-pound JDAM from a B-2 bomber at 20,000 feet -- you've done the same kind of damage but with different means. So take cover from incoming. You can use standard combat terminology in cyber warfare as you can with traditional warfare, said Col. Tony Buntyn, vice commander of Air Force Cyber Command, during a June 3 interview with military bloggers. "You can find, fix, target, and engage an enemy," he said. "A target could be a [computer] network ... or it could be physical, with a [geographical] location. But we need the capabilities, just like we have in kinetic warfare, to engage targets when necessary." Cyber warfare -- the use of computers and digital code to penetrate information systems and damage or infiltrate a foreign network -- is becoming an increasingly critical capability to the U.S. military. Because of the ease of access to powerful hardware and the ubiquity of hacker software, more countries and non-state actors are getting into the game, Pentagon and government officials say. Countries like China, Russia and North Korea have quietly entered the cyber-warfare arena, already scoring significant hits against U.S. and other government computer and communications networks. To computer warriors like Buntyn and his fellow Airmen, sometimes your defense is only as good as your offense. "It could be either a kinetic or non-kinetic effect you want to achieve. And we need the ability to provide either," Buntyn said. But when and how to use either method is based on the kind of conflict you're in. "It depends on our target; it depends on our rules of engagement -- are we conducting open warfare with an adversary?" Buntyn explained. "If that's the case, then we don't really need to be discreet about it. When we drop a JDAM and leave a big smoking hole, that's not very discreet." "If I can [locate] it and I can take it out with a kinetic attack ... and it meets the rules of engagement, then that might be the preferred method." That works if you're targeting terrorist nodes and communication relays during an open conflict. But what about malicious network infiltration originating from a country with whom the U.S. is not at war? "If it's an [Internet]-based target that's accessible to us and we can take it out electronically, reliably, then that may be the preferred method," Buntyn added. Though China has become "cyber-enemy-number-one" recently, with stories of DoD network hacking attacks and millions spent by the PLA on its computer warfare capabilities, the Air Force isn't looking too hard over its shoulder at the rising cyber power in the Pacific -- despite Pentagon warnings. "In the past year, numerous computer networks around the world, including those owned by the U.S. Government, were subject to intrusions that appear to have originated within the PRC. These intrusions require many of the skills and capabilities that would also be required for computer network attack," according to this year's Pentagon report on Chinese military power. "Although it is unclear if these intrusions were conducted by or with the endorsement of the PLA or other elements of the PRC government, developing capabilities for cyber warfare is consistent with authoritative PLA writings on this subject." But to Buntyn, the threat is more diffuse, accessible to all and is proliferating more than on a simple state-to-state basis. "The entry into this warfighting domain is very cheap. A 12 year old with a laptop can spend a couple hours on the Internet and achieve a pretty good capability," he said. "It's not limited to nation states. There are plenty of criminal organizations that are out there just trying to make a buck and they're using the same offensive tools that a nation-state would use." ? Copyright 2008 Military.com. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. From rforno at infowarrior.org Fri Jun 6 16:00:11 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jun 2008 12:00:11 -0400 Subject: [Infowarrior] - Fusion centers face 'insufficient' terrorist activity Message-ID: http://www.fas.org/blog/secrecy/2008/06/fusion_centers_face.html FUSION CENTERS FACE "INSUFFICIENT" TERRORIST ACTIVITY Fusion centers are collaborative law enforcement and intelligence organizations that were established all over the country after 9/11 to share intelligence and counterterrorism information. But in the absence of a widespread domestic terrorist threat, they have not consistently demonstrated their value, according to a recent study. "Fusion centers emerged almost spontaneously in response to a need by state and local law enforcement for useful and usable intelligence related to the evolving terrorist threat," observed Milton Nenneman, a Sacramento police officer, in a master's thesis based on a survey of California fusion centers. But the terrorist threat has turned out to be "insufficient" to justify or sustain the new fusion centers. "There is, more often than not, insufficient purely 'terrorist' activity to support a multi-jurisdictional and multi-governmental level fusion center that exclusively processes terrorist activity," Lt. Nenneman wrote. As a result, "Fusion centers must consider analyzing or processing other criminal activity, in addition to terrorist activity, in order to maintain the skills and interest of the analysts, as well as the participation and data collection of the emergency responder community." Basic questions regarding who the fusion centers are supposed to serve and exactly what they are supposed to produce often lack satisfactory answers, Lt. Nenneman reported. While there is little consensus about the precise mission or function of fusion centers, which vary widely, "the majority of fusion centers operate exclusively in an analytical capacity rather than as having any response or operational capacity." "It would seem prudent to make a concerted effort to seek out the emergency responder administrators and elected officials to given them regular threat assessments and situational awareness briefings to demonstrate the value and capability of the unit," he suggested. See "An Examination of State and Local Fusion Centers and Data Collection Methods" by Milton W. Nenneman, Naval Postgraduate School, March 2008. http://www.fas.org/irp/eprint/fusion.pdf Related issues were examined by the Congressional Research Service in "Fusion Centers: Issues and Options for Congress," updated January 18, 2008: http://www.fas.org/sgp/crs/intel/RL34070.pdf See also "Homeland Security: Federal Efforts Are Helping to Alleviate Some Challenges Encountered by State and Local Information Fusion Centers," Government Accountability Office Report No. GAO-08-35, October 2007: http://www.fas.org/irp/gao/fusion.pdf The Electronic Privacy Information Center recently won disclosure under the Freedom of Information Act of records documenting federal efforts to curtail public disclosure of fusion center information in the state of Virginia. http://epic.org/privacy/virginia_fusion/ From rforno at infowarrior.org Fri Jun 6 16:02:15 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jun 2008 12:02:15 -0400 Subject: [Infowarrior] - JASON: Well-rested enemies are dangerous Message-ID: (I wonder how much was paid to come up with this groundbreaking scientific insight........rf) JASON Warns of Threat from Sleeping Enemies The Pentagon should ?monitor enemy activities in sleep research? says a newly disclosed report (pdf) from the elite defense science advisory panel known as JASON. The JASONs were investigating the potential for U.S. adversaries ?to exploit advances in Human Performance Modification, and thus create a threat to national security.? Their report examined ?the present state of the art in pharmaceutical intervention in cognition and in brain-computer interfaces, and considered how possible future developments might proceed and be used by adversaries.? Among their findings was the underappreciated significance of sleep and the possibility of a ?sleep gap? (a term not used in the report). ?The most immediate human performance factor in military effectiveness is degradation of performance under stressful conditions, particularly sleep deprivation.? < - > http://www.fas.org/blog/secrecy/2008/06/jason_warns.html From rforno at infowarrior.org Fri Jun 6 19:15:57 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 6 Jun 2008 15:15:57 -0400 Subject: [Infowarrior] - Amazon.com Web site down Message-ID: <4481D1B9-EC47-4220-BEE9-B2C8C70F3879@infowarrior.org> Amazon.com Web site service unavailable By Wallace Witkowski Last update: 2:02 p.m. EDT June 6, 2008 http://www.marketwatch.com/News/Story/Story.aspx?guid=%7bEAE33F56-D37A-4046-B182-70734EAEC469%7d&siteid=yhoof2 SAN FRANCISCO (MarketWatch) -- Service at Amazon.com Inc.'s (AMZN:AMZN 81.25, -3.26, -3.9%) Web site was unavailable on Friday. Amazon's homepage returned the message "Http/1.1 Service Unavailable" against a blank white screen. No reason for the service interruption was listed, and company representatives were not available for immediate comment. Shares of Amazon were down 2.7% to $82.25 in early afternoon trading. End of Story From rforno at infowarrior.org Sat Jun 7 12:40:44 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 7 Jun 2008 08:40:44 -0400 Subject: [Infowarrior] - Cyber B52 strikes mooted as response to Chinese infowar Message-ID: <2E2899DD-DA1E-447A-8C41-A69AF97B79F0@infowarrior.org> "We cannot allow.....there to be....a mine-shaft gap!!" (Sorry, couldn't resist!) --rf Original URL: http://www.theregister.co.uk/2008/06/06/china_infowar_response/ Cyber B52 strikes mooted as response to Chinese infowar By George Smith, Dick Destiny Published Friday 6th June 2008 11:44 GMT "I have watched this thing grow... to the incredible proportions it has reached today. I have studied the facts ... facts, and by projecting the statistics I realized the time has come to act. I realized I had to act before the entire will and vitality of the free Western world was sapped and polluted and made rancid... The absolutely fantastic thing is that the facts are all there for anyone who wants to see them." Are they the words of some expert ranting about Chinese hackers causing blackouts in the US? Or just your author being tricky, lifting a quote from General Jack D Ripper in Peter George's script for Dr. Strangelove. While it looks obvious here, the mixed nuts are harder to discern in the mainstream news. CNN put an "expert" named Gordon Chang on primetime on the 29th. If you were in the States and watching you learned Chinese cybermen had been having a field day, inflicting a digital Pearl Harbor on the country, not once, but twice. CNN's Pentagon correspondent, Jamie McIntyre, was puzzled: "This term cyber warfare sounds kind of, you know amorphous, kind of hard to get your hands around it..." Fifteen minutes later, Chang, author of an unintentionally hilariously entitled book called The Coming Collapse of China vaguely informed the news network, "Well, they say that two of those were really the Chinese caused blackouts in the United States, one in 2003 and the other..." For Chang, "they" were a couple of chatterers from the press, more specifically, an article in the National Journal, a publication nobody but Congressional staffers and producers and editors of news organizations in Washington, DC, reads. (We'll get to it briefly in a moment.) "We've always knows that our civilian networks, which are not protected as well as the defense ones, can be taken down, but we never really had a demonstration that it could, indeed, actually happen until a couple of years ago," continued Chang. Pick a scare, any scare The news story demonstrated one common feature of all stories on cyberwar. You can say anything you wish and not suffer a beatdown. The most remarkable, even ludicrous, things can be claimed. Once on paper, it's fair to discuss such things as if they had the reality of a piece of granite. Since the Chinese had been causing blackouts, Chang reasoned the US government ought to show some backbone and give them a talking to. Angela Merkel of Germany had shown it. She had told off the Chinese premier, it was claimed. But Defense Secretary Bob Gates was not so bold. Gates had even had his e-mail hacked by the Chinese, claimed Chang. But back to the National Journal. It had published an article entitled "China's Cyber Militia," (http://www.nationaljournal.com/njmagazine/cs_20080531_6948.php ) one which fueled the paranoia of Dr. Strangelove crazies. The facts were all there for everyone to see, implied the magazine, and the Chinese "had possibly triggered two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts." "Officially, the blackout was attributed to a variety of factors, none of which involved foreign intervention," reported the magazine. And then came the procession of private sector consultants, stating things were otherwise. The magazine's report was lengthy, working through the logic that the truth of a thing is determined by the number of Americans who can be found to assert it. In another manner of speaking, if one can fill a room with bull, hearsay and gossip, there's always a magic tipping point where it transforms into fact, like lead turns into gold when touched by the Philosopher?s Stone in alchemy. To spend too much time arguing details is to be drawn into the deranged world of the American way of threat description. Absence of proof is not proof of absence, goes the slogan, and before you know it, you're off to war. But long-time readers know how the cyberwar game has played for close to a decade. By way of example, in November of 1999 the Washington Times published a front page story entitled "China Plots Winning Role in Cyberspace." The hypothetical scenario of catastrophe was produced. "China could launch a devastating computer-run sabotage operation by attacking U.S. oil refineries, many of which are grouped closely together in areas of Texas, New Jersey and California... A [Chinese] computer attacker could penetrate the electronic 'gate' that controls refinery operations and cause fires or toxic chemical spills," it was said. For close to ten years, there has been a constant parade of characters peddling this manner of paranoid threat-assessment. Older names like John Hamre, Richard Clarke, James Adams or Michael Vatis have drifted away, replaced by younger characters, functionally equivalent. It has always been apparent that many were and are involved in a process which included fear-mongering and shakedowns for funding. It was a bipartisan activity, a constant small collective of experts and officials more accurately, if impolitely, described as mischief-makers and eccentrics massaging a part of the government/private sector security collaborative. The mainstream media has generally been a compliant enabler of them. But what if in the space of ten years, it has just been a coincidence that we've been plagued by whispering pests from the professional doom industry? What if China actually has stolen a march and made fantasy into reality? Let's conduct a thought excursion and pretend it's all real, every last word, and the infrastructure is in danger of being torched, the lights turned out. The cyber bomber gap What would the United States do? Start carpet-bombing? Carpet-bombing, in this case, means having a force of cybermen and their own vast military botnet to launch DDOS attacks. In "Carpet-bombing in Cyberspace," an article from the Armed Forces Journal, (http://www.armedforcesjournal.com/2008/05/3375884) Col. Charles W. Williamson III writes "America needs the ability to carpet bomb in cyberspace to create the deterrent we lack." There is a carpet-bombing gap in cyberspace, it is said. "We are in [a new arms race] and we are losing," asserts Williamson. China has the greatest capability for cyber carpet-bombing because "analysts think China has the world?s largest denial-of-service capability." The US can offset this by investing in its own military botnet, sort of like not allowing the Russkis to take the lead in mineshaft digging in Dr. Strangelove. When it comes to carpet-bombing a foreign country's cyberspatial infrastructure, the proper intelligence will be important, reasons Williamson. But no capability should be particularly restricted by details. If the US blows some puny country off the Internet and it turns out that their computers were only being used by others, the retaliation will have had, in any case, a warning effect. After all, a weapon has no deterrence if you keep it a secret. And besides, they'll probably have had it coming. "Brute force has an elegance all its own," the man says. Script fragment from a hypothetical remake of Strangelove: "Now, if we can speak freely, sirs, we think the Chinese flash a big game but, frankly, they're short on know-how. You can't take a bunch of ignorant peasants and expect them to understand a machine like one of our boys. If you see one of our cybermen from the Air Force - their slogan's "Above All" - they're really sharp. They'll barrel our DDOS attack in so low, you've just got to see it sometime!" (Manic stare, chomps cigar) ? George Smith is a senior fellow at GlobalSecurity.org, a defense affairs think tank and public information group. At Dick Destiny (http://www.dickdestiny.com/blog/dickdestiny.html ), he blogs his way through chemical, biological, and nuclear terror hysteria, often by way of the contents of neighbourhood hardware stores. From rforno at infowarrior.org Sun Jun 8 16:51:16 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 8 Jun 2008 12:51:16 -0400 Subject: [Infowarrior] - OT: Book recommendation Message-ID: (Disclosure: I have no association with the book's author) "Our Daily Meds" (Melody Petersen) is a remarkable, well-researched and presented depiction of how the American pharmaceutical industry operates and the resulting social dangers arising from an industry able to conjure whatever medical reality is required to reach its annual profit targets, regardless of the adverse, and sometimes-fatal consequences to its customers. By employing successful time-tested techniques of knowledge manipulation used both by marketing and military organizations alike, and backed by legions of complicit physicians thought to be objective purveyors of medical advice and analysis, the public and other medical officials are kept just ignorant enough to desire the latest curative for the latest 'risk' to their health as determined by the drug companies. Thus, they pay for the privilege of becoming the pharmaceutical industry's latest batch of revenue-generating test subjects -- even at the expense of risking their own lives in pursuit of a cure perpetuated by a lie wrapped in the promise of hope. While pharmeceutical companies have provided medical cures to a large number of the global population (including this reviewer) this book should serve as a loud and clear wakeup-call to anyone taking, or considering, taking prescription medications to think twice and do their own research before simply popping the latest pill for the latest 'condition.' - Rick infowarrior.org From rforno at infowarrior.org Sun Jun 8 16:54:56 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 8 Jun 2008 12:54:56 -0400 Subject: [Infowarrior] - A Not Very Private Feud Over Terrorism Message-ID: June 8, 2008 The Nation A Not Very Private Feud Over Terrorism By ELAINE SCIOLINO and ERIC SCHMITT http://www.nytimes.com/2008/06/08/weekinreview/08sciolino.html?hp=&pagewanted=print WASHINGTON ? A bitter personal struggle between two powerful figures in the world of terrorism has broken out, forcing their followers to choose sides. This battle is not being fought in the rugged no man?s land on the Pakistan-Afghan border. It is a contest reverberating inside the Beltway between two of America?s leading theorists on terrorism and how to fight it, two men who hold opposing views on the very nature of the threat. On one side is Bruce Hoffman, a cerebral 53-year-old Georgetown University historian and author of the highly respected 1998 book ?Inside Terrorism.? He argues that Al Qaeda is alive, well, resurgent and more dangerous than it has been in several years. In his corner, he said, is a battalion of mainstream academics and a National Intelligence Estimate issued last summer warning that Al Qaeda had reconstituted in Pakistan. On the other side is Marc Sageman, an iconoclastic 55-year-old Polish- born psychiatrist, sociologist, former C.I.A. case officer and scholar- in-residence with the New York Police Department. His new book, ?Leaderless Jihad,? argues that the main threat no longer comes from the organization called Al Qaeda, but from the bottom up ? from radicalized individuals and groups who meet and plot in their neighborhoods and on the Internet. In his camp, he said, are agents and analysts in highly classified positions at the Central Intelligence Agency and Federal Bureau of Investigation. If Dr. Hoffman gets inside organizations ? focusing on command structures ? Dr. Sageman gets inside heads, analyzing the terrorist mind-set. But this is more important than just a battle of ideas. It is the latest twist in the contest for influence and resources in Washington that has been a central feature of the struggle against terrorism since Sept. 11, 2001. Officials from the White House to the C.I.A. acknowledge the importance of the debate of the two men as the government assesses the nature of the threat. Looking forward, it is certain to be used to win bureaucratic turf wars over what programs will be emphasized in the next administration. If there is no looming main Qaeda threat ? just ?bunches of guys,? as Dr. Sageman calls them ? then it would be easier for a new president to think he could save money or redirect efforts within the huge counterterrorism machine, which costs the United States billions of dollars and has created armies of independent security consultants and counterterrorism experts in the last seven years. Preventing attacks planned by small bands of zealots in the garages and basements just off Main Street or the alleys behind Islamic madrasas is more a job for the local police and the F.B.I., working with undercover informants and with authorities abroad. ?If it?s a ?leaderless jihad,? then I can find something else to do because the threat is over,? said Peter Bergen, a senior fellow at the nonpartisan New America Foundation, who puts himself in Dr. Hoffman?s camp. ?Leaderless things don?t produce big outcomes.? On the other hand, if the main task can be seen as thwarting plots or smiting Al Qaeda?s leaders abroad, then attention and resources should continue to flow to the C.I.A., the State Department, the military and terror-financing sleuths. ?One way to enhance your budget is to frame it in terms of terrorism,? said Steven Simon, a senior fellow at the Council on Foreign Relations. ?But the problem is that ?Al Qaedatry? is more art than science ? and people project onto the subject a lot of their own preconceptions.? The divide over the nature of the threat turned nasty, even by the rough standards of academia, when Dr. Hoffman reviewed Dr. Sageman?s book this spring for Foreign Affairs in an essay, ?The Myth of Grass- Roots Terrorism: Why Osama bin Laden Still Matters.? He accused Dr. Sageman of ?a fundamental misreading of the Al Qaeda threat,? adding that his ?historical ignorance is surpassed only by his cursory treatment of social-networking theory.? In the forthcoming issue of Foreign Affairs, Dr. Sageman returns fire, accusing Dr. Hoffman of ?gross misrepresentation.? In an interview, Dr. Sageman said he was at a loss to explain his rival?s critique: ?Maybe he?s mad that I?m the go-to guy now.? Some terrorism experts find the argument silly ? and dangerous. ?Sometimes it seems like this entire field is stepping into a boys- with-toys conversation,? said Karen J. Greenberg, executive director of New York University?s Center on Law and Security. ?Here are two guys, both of them respected, saying that there is only one truth and only one occupant of the sandbox. That?s ridiculous. Both of them are valuable.? Defense Secretary Robert M. Gates, a former director of central intelligence, sees merit in both sides, too; he said in Singapore last week that Al Qaeda is training European, and possibly American, recruits. But, he added, ?You also have the development of violent, extremist networks.? One argument for playing down Al Qaeda?s importance ? Dr. Sageman?s point ? has been the public declarations of some prominent Sunni clerics who have criticized Al Qaeda for its indiscriminate killing of Muslim civilians. A leading Syrian-born militant theorist believed to be in American custody, known by the nom de guerre Abu Musab al-Suri, also has argued in favor of leaderless jihad. In his 1,600-page life work, he advises jihadists to create decentralized networks of individuals and local cells bound by belief, instead of hierarchical structures that could be targets of attack. He has referred to Mr. bin Laden as a ?pharaoh.? Dr. Hoffman?s principal argument relies on the re-emergence of Al Qaeda, starting in 2005 and 2006, along the Afghan-Pakistan border. There is empirical evidence, he says, that from that base, Al Qaeda has been ?again actively directing and initiating international terrorist operations on a grand scale.? But it has been easy for intelligence agencies to get the analysis wrong when faced with piecemeal and contradictory evidence. One example is the 2004 train bombings in Madrid that killed 191 people. Declarations by several Spanish officials and experts of such a link were undermined by evidence that the group was self-motivated, self-trained and self-financed, and that the explosives were bought locally. Other examples are provided by the 2004 plot to attack the London area with fertilizer bombs, and the July 7, 2005, transit bombings in London. At first, both were thought to support the home-grown terrorist thesis: British citizens, most of Pakistani descent, had carried out attacks with homemade bombs. Only later did evidence surface that in both cases, at least some had trained in Pakistan at military camps suspected of links to Qaeda operatives. So a question remains: Was Mohammad Sidique Khan, one of the suicide bombers in the 2005 attacks, a local kid gone wrong, a full-fledged Qaeda operative, or both? ?You can argue that if you subtract his travel to Pakistan, there?s no 7/7,? said Samuel J. Rascoff, an assistant professor of law at New York University and a former intelligence official with the New York City police. ?You can also argue that if you subtract his radicalization in Northern England, there?s no 7/7.? Dr. Sageman?s critics argue that his more local focus plays to a weak point in gauging threats: People tend to feel the threat nearest to home is the most urgent. In April, for example, the Kansas City office of the F.B.I. met with state and local authorities from Kansas and Missouri to analyze ?agroterrorism,? a big issue in America?s heartland. The discussion was about the possibility of terrorists causing an outbreak of diseases that could poison cattle or crops, crippling the economies of farm states. Terrorism-weary prosecuting judges and police investigators in Europe listen to the debate on the other side of the Atlantic and tend to find it empty. They say it is hard to know where radicalization starts ? among groups of friends, in an imam?s sermon in Europe or at home on the Internet ? and when operational training by Al Qaeda is a factor. They prefer a blended approach. France, Spain and Italy, for example, pour resources and manpower into investigations at home ? from studying radicalization and wiretapping suspicious individuals to infiltrating mosques and community centers. These countries also track movements of suspicious individuals abroad and networks with both local and foreign connections. Terrorist- related cases fall under the authority of special investigative superjudges who have access to all classified intelligence, and can use much of the information in trials. The Europeans say that for them, the argument is not theoretical. Somewhere in Europe, just about every week, a terrorist plot is uncovered and arrests are made. ?The danger of this ?either-or? argument could lead us to the mistakes of the past,? said Baltasar Garz?n, Spain?s leading antiterror investigatory magistrate. ?In the ?90s, we saw atomized cells as everything, and then Al Qaeda came along. And now we look at Al Qaeda and say it?s no longer the threat. We?re making the same mistake again.? From rforno at infowarrior.org Sun Jun 8 17:14:49 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 8 Jun 2008 13:14:49 -0400 Subject: [Infowarrior] - Fwd: The ID Divide References: Message-ID: (I haven't read this yet, but based on past papers and articles, I can say that Peter Swire is one of the security/privacy academics who actually 'gets' the issues.......rf) Begin forwarded message: > From: Monty Solomon > Date: June 8, 2008 1:08:38 PM EDT > To: Richard Forno > Subject: The ID Divide > > > The ID Divide > > Addressing the Challenges of Identification and Authentication in > American Society > > By Peter Swire, Cassandra Q. Butts | June 2, 2008 > Center for American Progress > > http://www.americanprogress.org/issues/2008/06/id_divide.html > > > Read the full report (pdf) > http://www.americanprogress.org/issues/2008/06/pdf/id_divide.pdf > > Identification and Authentication Resources page > http://www.americanprogress.org/issues/2008/06/id_resources.html From rforno at infowarrior.org Sun Jun 8 17:19:18 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 8 Jun 2008 13:19:18 -0400 Subject: [Infowarrior] - Really? UK is not a surveillance society, MPs claim Message-ID: <1D079C25-FF3D-44CD-B7EA-6803EBB5B706@infowarrior.org> Paging Doctor Orwell......rf UK is not a surveillance society, MPs claim Well, not yet anyway By John Oates ? More by this author Published Sunday 8th June 2008 00:02 GMT http://www.theregister.co.uk/2008/06/08/home_affairs_report_surveillance/ The Home Affairs Committee has called on the government to follow a "minimum data, held for the minumum time" approach to British citizens' personal information in its long-awaited report into surveillance. The Committee has decided, after a year long investigation, that the UK is not becoming a surveillance society but warns that function creep still poses a danger. That said, it did not look at ID cards but warned that function creep could again raise concerns of increased surveillance of citizens. After recent government data losses it demanded the Home Office show more detailed plans for how it will make the National Identity Register secure. It expressed particular concerns that increasing use of databases to store information on children could be used for predictive profiling, with the state singling out children deemed by computers to be likely future criminals. On Home Office use of databases and sharing data the committee said there were three questions to be answered: "Where should the balance between protecting the public and preserving individual freedom lie? How should this balance shift according to the seriousness of the crime? What impact will this have on the individual and on our society as a whole?" The politicians also suggested a broader role for the Information Commissioner's Office. The ICO should provide Parliament with an annual report on UK surveillance. It should provide resources to work with the government's chief information officer to improve privacy protection. The committee supported the ICO's demand for better inspection and audit powers. The ICO could also have a role in carrying out "Privacy Impact Assessments" to be carried out before the Home Office starts a new information gathering project or extends an existing project. PIAs would look at risks and would aim to put in place some protection while the project was being designed. The committee noted that procedures around who can access such information were as important as technology in keeping data safe. On CCTV use the committee asked the Home Office to carry out more research to show whether or not its use has any impact on reducing crime. It called for a debate before any expansion of the national DNA database and primary legislation to regulate its use. The committee said it was concerned about the HMP Woodhill case - where conversations between an MP and his constituent were recorded in breach of the Wilson doctrine. The talking shop also looked at the Regulation of Investigatory Powers Act. It wants the Home Office to raise public awareness of how and when communications data could be collected and used. It said it had serious concerns about the use of the Act for minor crimes. The Home Office should make a public statement when a new organisation gets RIPA authorisation, it said. Such suggestions are moot because the Government is expected to introduce legislation to replace RIPA in the next session of Parliament. We'll have to wait and see whether Gordon Brown and Jacqui Smith accept any of the other suggestions. ? From rforno at infowarrior.org Mon Jun 9 11:37:06 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jun 2008 07:37:06 -0400 Subject: [Infowarrior] - MPAA wants to stop DVRs from recording some movies Message-ID: MPAA wants to stop DVRs from recording some movies By Matthew Lasar | Published: June 08, 2008 - 08:01PM CT http://arstechnica.com/news.ars/post/20080608-mpaa-wants-to-stop-dvrs-from-recording-some-movies.html At the request of theatrical film makers, the Federal Communications Commission on Friday quietly launched a proceeding on whether to let video program distributors remotely block consumers from recording recently released movies on their DVRs. The technology that does this is called Selectable Output Control (SOC), but the FCC restricts its use. The Motion Picture Association of America (MPAA) wants a waiver on that restriction in the case of high-definition movies broadcast prior to their release as DVDs. "The Petitioners' theatrical movies are too valuable in this early distribution window to risk their exposure to unauthorized copying," MPAA wrote to the FCC last month. "Distribution over insecure outputs would facilitate the illegal copying and redistribution of this high value content, causing untold damage to the DVD and other 'downstream' markets." Less than a month after the request, the FCC has given MPAA a public comment period on the question that will last through July 7. Expedited distribution?with one, big caveat MPAA has pressed its Petition for Expedited Special Relief on behalf of Paramount Pictures, Sony Pictures, Twentieth Century Fox, Universal City Studios Walt Disney Studios, and Warner Brothers. How did these media companies get an FCC proceeding so fast? Ars bets that hiring former FCC Commissioner Kathleen Q. Abernathy as their attorney helped. Abernathy supported former FCC Chair Michael Powell's drastic relaxation of the agency's media ownership rules in 2003, along with Kevin Martin, now head of the agency. Movies go through a timeline of staged releases that lasts about three years. First they go to theaters; 60 days after that they start showing up in airplanes and hotels; in 120 days from their theatrical release they transfer to DVD and Internet download; about a month later to video on demand/pay-per-view; by the end of the year to premium subscription systems like HBO and Showtime; and eventually to basic cable and free TV. MPAA says these studios want to release their movies to multichannel video programming distributors (MVPDs) "significantly earlier and prior to DVD release"?although the trade groups' filing won't say exactly how much sooner. But in exchange for the accelerated service, MPAA wants permission to obtain SOC blocking of recording capabilities. The group promises that once said movies have reached the home video sale/rental stage, the blocking will stop. The movie lobby wants a waiver from FCC rules prohibiting MVPDs from adding code to digital video streams, that, among other restrictions, could block copying. Here is the rule: "A covered entity shall not attach or embed data or information with commercial audiovisual content, or otherwise apply to, associate with, or allow such data to persist in or remain associated with such content, so as to prevent its output through any analog or digital output authorized or permitted under license, law or regulation governing such covered product." MPPA notes that the Commission did say in 2003 that it would consider adjusting this policy around SOC. "We nonetheless recognize that selectable output control functionality might have future applications that could potentially be advantageous to consumers," MPAA observes that the FCC declared in a late 2003 Report and Order, "such as facilitating new business models." We're here to help MPAA argues that, in addition to getting first-run movies to the public sooner, giving movie studios a break on this issue could also aid the DTV transition. The enhanced service "will encourage the purchase of HDTV sets by consumers, and thereby ensure that a greater number of citizens have the necessary equipment to receive broadcast digital programming by February 17, 2009." But unquoted in MPAA's petition is this passage from the same FCC Report and Order: "We also recognize consumers? expectations that their digital televisions and other equipment will work to their full capabilities, and the potential harm to the DTV transition if those expectations are frustrated," the Commission observed. "In particular, we are concerned that selectable output control would harm those 'early adopters' whose DTV equipment only has component analog inputs for high definition display, placing these consumers at risk of being completely shut off from the high-definition content they expect to receive." Needless to say, this proposal is likely to get a very cold reception from groups like the Electronic Frontier Foundation (EFF). EFF already warns that SOC and "down resolution"?strategically lowering the level of digital quality?could undermine HDTV. "Many current and novel devices rely on unrestricted outputs, particularly component analog connections," EFF says. Not surprisingly, the Home Recording Rights Coalition (HRRC) opposes SOC too. "In the long term, imposition of SOC could have the effect of driving from the market any home interface that supports home recording," the group observes. Fears that MPAA's proposal represents a foot in the door to much wider interference with consumer digital applications may also play a role in this discussion. The FCC wants comments and oppositions to MPAA's proposal by June 25 and replies to comments by July 7. From rforno at infowarrior.org Mon Jun 9 11:38:26 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jun 2008 07:38:26 -0400 Subject: [Infowarrior] - JetBlue buys Airfone network from Verizon Message-ID: <4325A5DF-AD94-488A-83DE-E3B6B9B0540C@infowarrior.org> JetBlue to Buy Verizon Unit In Email Push By SUSAN CAREY June 9, 2008; Page B1 http://online.wsj.com/article_email/SB121297681437256187-lMyQjAxMDI4MTAyOTkwNzk2Wj.html JetBlue Airways Corp.'s LiveTV unit, a provider of in-flight entertainment to airlines, said it has agreed to buy Verizon Communications Inc.'s Airfone network, a move that should boost LiveTV's ability to offer email and messaging services on its clients' planes. LiveTV LLC, Melbourne, Fla., said it will take over the Airfone operations -- including 100 air-to-ground communications towers in the continental U.S. -- and Airfone's corporate and government aviation clients on Jan. 1. LiveTV and Verizon declined to reveal the purchase price. Currently, LiveTV's main service to JetBlue and a number of other carriers in the U.S., Canada and Australia is satellite-based television programming at seats, either free or for a small fee. While use of cellphones is still forbidden on planes, airlines including JetBlue and other carriers in the U.S. and Europe are trying to respond to passengers' intense interest in email and broadband Internet services during flights. At the same time, they are struggling with questions of whether to charge customers and whether, in an era of high fuel costs, they can afford even the nominal expense of equipping their fleets with the antennas needed for the service. AirCell LLC, a closely held provider of wireless data and voice communications based in Itasca, Ill., built its own network of air-to- ground communications towers. This year AMR Corp.'s American Airlines plans to test its air-to-ground system and Virgin America Inc. expects to broadly install it. JetBlue last December began testing free in-flight email and instant- messaging services on one of its A320 planes. Passengers with Wi-Fi enabled laptops or two models of BlackBerry smart phones can access the service, which includes email though various Web-mail providers and shopping on Amazon.com Inc. For the test, it is using Airfone's towers for a fee. The acquisition should help LiveTV expand its test service into a product it can offer to airlines, said Mike Moeller, a LiveTV vice president. JetBlue hasn't said when it might install the system on its own fleet but said it is happy with the test. Continental Airlines Inc. in January entered into an agreement with LiveTV to equip its newest planes with in-flight television as well as Wi-Fi connectivity for email and instant messaging. Airfone was a leader in in-flight communications for more than 20 years, providing credit-card operated phones on planes. But that business slumped, and in 2006, the Federal Communications Commission auctioned off the spectrum Airfone was using, with LiveTV purchasing one MHz and AirCell the other three. Write to Susan Carey at susan.carey at wsj.com From rforno at infowarrior.org Mon Jun 9 12:49:41 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jun 2008 08:49:41 -0400 Subject: [Infowarrior] - TSA Announces Enhancements to Airport ID Requirements to Increase Safety Message-ID: (as if a 'terrorist' wouldn't show id to get through security anyway.........rf) TSA Announces Enhancements to Airport ID Requirements to Increase Safety News & Happenings June 5, 2008 http://www.tsa.gov/press/happenings/enhance_id_requirements.shtm Beginning Saturday, June 21, 2008 passengers that willfully refuse to provide identification at security checkpoint will be denied access to the secure area of airports. This change will apply exclusively to individuals that simply refuse to provide any identification or assist transportation security officers in ascertaining their identity. This new procedure will not affect passengers that may have misplaced, lost or otherwise do not have ID but are cooperative with officers. Cooperative passengers without ID may be subjected to additional screening protocols, including enhanced physical screening, enhanced carry-on and/or checked baggage screening, interviews with behavior detection or law enforcement officers and other measures. Under the law that created TSA, the Aviation and Transportation Security Act, the TSA administrator is responsible for overseeing aviation security (P.L. 107-71) and has the authority to establish security procedures at airports (49 C.F.R. ? 1540.107). Passengers that fail to comply with security procedures may be prohibited from entering the secure area of airports to catch their flight (49 C.F.R. ? 1540.105(a)(2). This initiative is the latest in a series designed to facilitate travel for legitimate passengers while enhancing the agency's risk- based focus - on people, not things. Positively identifying passengers is an important tool in our multi-layered approach to security and one that we have significantly bolstered during the past 18 months. From rforno at infowarrior.org Mon Jun 9 18:43:31 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jun 2008 14:43:31 -0400 Subject: [Infowarrior] - Do Ubiquitous Networks Lead to Ubiquitous Surveillance? Message-ID: http://w2i.com/resource_center/the_w2i_report__weekly_newsletter/news/p/newsletterId_/id_216 06/05/2008 Do Ubiquitous Networks Lead to Ubiquitous Surveillance? A few years ago, one of my sons went on a nature-study trip with his classmates. When he returned he asked us to guess the most amazing thing they had found in the Czech mountains. "No GSM signal! Can you believe it?" he marvelled. Apparently, this was the first time he had ever been beyond the reach of the wireless links that now tie us together. For him the norm is to have network access wherever he goes. Japan's Nomura Research Institute claims to have formulated the concept of a "ubiquitous network society" in 2000. But actually this was foreseen when the Commerce Committee of the US House of Representatives evaluated Samuel Morse's telegraph in 1838. In ponderous phrases typical of the era, they wrote: "With the means of almost instantaneous communication of intelligence between the most distant points of the country, and simultaneously between any given number of intermediate points which this invention contemplates, space will be, to all practical purposes of information, completely annihilated... The citizen will be invested with, and reduce to daily and familiar use, an approach to the HIGH ATTRIBUTE OF UBIQUITY, in a degree that the human mind, until recently, has hardly dared to contemplate seriously as belonging to human agency, from an instinctive feeling of religious reverence and reserve on a power of such awful grandeur." [The CAPITALIZED phrase here was capitalized in the original report, too.] That 19th century politicians marvelled at the notion of ubiquitous connectivity while my son marvelled at its absence shows a profound reorientation. Still Nomura should be recognized for persuading the Japanese government to make creation of "a Ubiquitous Network Society that Spreads Throughout the World" the main aim of their national ICT strategy. To do that they had to come up with strong economic justifications and innumerable examples of services that the broad public would appreciate and corporations would willingly support. Their arguments proved influential outside Japan, too - e.g., the "U- Korea Strategy" adopted in 2005. The "U-society" seems like a juggernaut now. The big question is: can it be steered? from http://www.art-for-a-change.com/News/eyes.htmRe-reading Nomura's early studies, it is clear that the ubiquitous services they described facilitate - even imply - ubiquitous surveillance. Yet Nomura glossed over the political risks and opportunities for abusing that power. Elsewhere, however, the relationship between ubiquitous networks and surveillance has been increasingly noted. In 2002, The Guardian reported that the UK Ministry of Defence's Celldar project exploits ordinary GSM signals reflected by moving objects to "focus in on areas hundreds of miles away and bring up a display showing any moving vehicles and people... The radical new system, which has outraged civil liberties groups, uses mobile phone [emissions as a kind of radar] to allow security authorities to watch vehicles and individuals 'in real time' almost anywhere in Britain..." A more detailed report in Business Week added that since the technique is inexpensive, hobbyists could use it for their own purposes. Indeed, a session was devoted to it at the "What The Hack?" conference in 2005. In The Transparent Society (1998), author David Brin postulated a "Moore's law" of video surveillance, with cameras "halving in size, and doubling in acuity and movement capability and sheer numbers, every year or two." In an earlier article for Wired magazine he wrote: "Today, in Britain, several dozen cities and towns have already followed the example first set by King's Lynn, near Norwich, where 60 remote-controlled videocameras were installed to scan known 'trouble spots,' reporting directly to police headquarters. The resulting reduction in street crime exceeded all predictions, dropping to one- seventieth of the former amount in or near zones covered by surveillance. The savings in patrol costs alone paid for the equipment within a few months. Today, more than 250,000 cameras are in place throughout the United Kingdom, transmitting round-the-clock images to 100 constabularies, all of them reporting decreases in public misconduct. Polls report that the cameras are extremely popular with citizens..." That was 1996. By 2006 there were said to be 4.2 million surveillance cameras in the UK and a typical Londoner is seen by about 300 of them each day. ABI Research predicts that by 2013 the global market for video surveillance equipment will grow 340% - to $46 billion in annual sales. Yet paradoxically, dramatic reductions in crime seem to fade as the cameras spread. Last month, Mick Neville, head of New Scotland Yard's Visual Images, Identifications and Detections Office, told The Guardian that the UK's multi-billion-pound CCTV network has been "an utter fiasco: only 3% of crimes were solved by CCTV. There's no fear of CCTV..." and it has not had a significant impact on crime. A similar study of video surveillance in Berlin's subway - known appropriately as the U-Bahn - showed that there, too, the cameras "did not reduce the incidence of criminality, but in fact led to a small increase." Meanwhile - perhaps due to the difficulty of mining video archives for useful information - the British security service MI5 is now seeking routine access to logs recording the movements of the 17 million people who use RFID "Oyster" cards in the UK's public transport system. In a memorable speech at the Public Sector Forum last April, Spike editor Brendan O'Neill argued that "the real driving force behind the surveillance society is not a practical one at all; it is a political one. It is underpinned by an existential crisis, if you like, by a powerful and palpable sense amongst government officials that they are increasingly cut off and disconnected from the public. The surveillance and database society is an attempt by officialdom to reconfigure a relationship with the public, to engender a direct, functional relationship to replace the political, citizenship-based relationship that has eroded in recent years... "If you look at the rise of surveillance measures over the past 10 to 15 years, you will see that it has occurred alongside falling voter turnout and heightened public disillusionment with officialdom. The more that government ministers and officials feel they do not know who we, the public, are - or what we believe and what we want - the more that they have moved towards watching, monitoring and recording our personal information... "The New Labour government?s surveillance society is not a dark, conspiratorial, Hitlerian attempt to police and punish wayward individuals - rather it is a quite desperate, instinctive effort to ?only connect?..." Today's blog entry was inspired by an advertisement that sometimes appears in the right column of this web page: "Wireless-Enabled Digital Video Surveillance" - a Professional Development Seminar in Atlanta, 23 July 2008. Much as I love radio and want to see it used more fully, if ubiquitous networks inevitably lead to ubiquitous surveillance, then promoting comprehensive wireless coverage may deserve a rethink. Of course, if ubiquitous surveillance is actually less effective than more targetted deployments - and if it breeds less fear - the arguments get more complicated: it might not be such a bad thing after all. Or the issue might be moot: Sun Microsystems' chairman Scott McNealy once coldly quipped, "You have zero privacy anyway... Get over it." From rforno at infowarrior.org Mon Jun 9 20:57:42 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jun 2008 16:57:42 -0400 Subject: [Infowarrior] - Presidential Directive Orders Sharing of Biometric Data Message-ID: <06D3768F-B1B1-4532-9832-3B0AD5A4EDBB@infowarrior.org> Presidential Directive Orders Sharing of Biometric Data http://www.fas.org/blog/secrecy/2008/06/biometric_data.html http://www.fas.org/blog/secrecy/?p=1790 The White House last week issued a National Security Presidential Directive (NSPD-59) to provide a framework for government agencies to collect, maintain and share biometric data such as fingerprints and other physiological or behavioral characteristics of suspected terrorists. ?The ability to positively identify those individuals who may do harm to Americans and the Nation is crucial to protecting the Nation,? the directive states. ?Many agencies already collect biographic and biometric information in their identification and screening processes. With improvements in biometric technologies, and in light of its demonstrated value as a tool to protect national security, it is important to ensure agencies use compatible methods and procedures in the collection, storage, use, analysis, and sharing of biometric information.? ?Through integrated processes and interoperable systems, agencies shall, to the fullest extent permitted by law, make available to other agencies all biometric and associated biographic and contextual information associated with persons for whom there is an articulable and reasonable basis for suspicion that they pose a threat to national security.? ?The Director of the Office of Science and Technology Policy,? who hasn?t been heard from much lately, ?shall coordinate executive branch biometric science and technology policy.? The new directive on ?Biometrics for Identification and Screening to Enhance National Security? was issued on June 5, 2008 as both National Security Presidential Directive 59 and Homeland Security Presidential Directive 24. From rforno at infowarrior.org Tue Jun 10 01:15:59 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 9 Jun 2008 21:15:59 -0400 Subject: [Infowarrior] - SCOTUS rules in favor of 'patent exhaustion' Message-ID: http://www.patentlyo.com/patent/2008/06/supreme-court-d.html Supreme Court Decides Quanta v. LG Electronics, __ U.S. __ (2008), Quanta v. LG Electronics, __ U.S. __ (2008) Justice Thomas delivered the Supreme Court?s 19?page unanimous decision that provides some new life to the doctrine of patent exhaustion. The opinion reverses the Federal Circuit and holds that under the exhaustion doctrine applies to the authorized sale of components that ?substantially embody? a process patent. Here, Intel?s authorized sale of chip components to Quanta exhausted LGE?s patent rights. Buried in this statement are two important holdings: (1) method claims can be subject to exhaustion and (2) sales of products that that do not fully practice the invention can still trigger exhaustion when the products include essential features of the patent and the ?reasonable and intended use? of the product is to practice to patent. In coming to its conclusions, the court reiterated its longstanding rule that ?the right to vend is exhausted by a single, unconditional sale, the article sold being thereby carried outside the monopoly of the patent law and rendered free of every restriction which the vendor may attempt to put upon it.? Motion Picture Patents, 243 U. S. 502 (1917). The Motion Picture decision is more nuanced than the even older statement from Adams, which the opinion also quotes approvingly: ?[W]hen a patented item is ?once lawfully made and sold, there is no restriction on [its] use to be implied for the benefit of the patentee.?? Quoting Adams v. Burke (1873). Contractual Limits: Although the defendant won in this case, the Supreme Court gave some glimmer of hope to those hoping to limit the scope of patent exhaustion through specific licensing terms. In this case, the court found that the LGE-Intel license did not limit the scope of what Intel could sell. Rather, the contract ?broadly permits Intel to ?make, use, [or] sell?? the invention. Under that interpretation of the contract, LGE?s patent rights over a particular component are extinguished as soon as that component is sold ? regardless of whether the license included post-sale restrictions. ?LGE points out that the License Agreement specifically disclaimed any license to third parties to practice the patents by combining licensed products with other components. But the question whether third parties received implied licenses is irrelevant because Quanta asserts its right to practice the patents based not on implied license but on exhaustion. And exhaustion turns only on Intel?s own license to sell products practicing the LGE Patents.? The practical impact is that the patentee has direct power through only the first level of the production/marketing process and forces the patentee to rely on contract rather than patent rules. This shift is less preferred by patentees because (1) contract law requires agreement and privity and (2) patent law typically results in stronger relief than contracts (despite eBay). Because there is usually a lack of privity with downstream users, and the manufacturer is unlikely to agree to be liable for improper downstream uses, it appears that a patentee will now have even more difficulty controling downstream users and purchasers. Authorized: Despite the broad language of Adam v. Burke, the Supreme Court appears to have conceded that a license may include some restrictions. Interestingly, the court indicated, the sale might not have been authorized if sale had been done in a way that breached the contract between Intel and LGE. ?No conditions limited Intel?s authority to sell products substantially embodying the patents. Because Intel was authorized to sell its products to Quanta, the doctrine of patent exhaustion prevents LGE from further asserting its patent rights with respect to the patents substantially embodied by those products? In Footnote 7, the court limited its holding to patent exhaustion ? and expressing ?no opinion on whether contract damages might be available even though exhaustion operates to eliminate patent damages.? This means that violation of use restrictions associated with an authorized sale will not constitute patent infringement. However, it may still constitute a breach of contract. The case says little to nothing about the growing tendency of providing products as a service rather than through the sale of goods. Those offering the service believe that their business structure moves the deal outside of the ?first sale? doctrine because the products are transferred via a license & service agreement rather than the sale of goods. Notes: * ?The sale of a device that practices patent A does not, by virtue of practicing patent A, exhaust patent B. But if the device practices patent A while substantially embodying patent B, its relationship to patent A does not prevent exhaustion of patent B.? From rforno at infowarrior.org Tue Jun 10 19:29:11 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jun 2008 15:29:11 -0400 Subject: [Infowarrior] - No Chinese Hackers Found in Florida Outage Either Message-ID: <948C423A-DD24-4A25-9CCC-6D3DB27058EB@infowarrior.org> No Chinese Hackers Found in Florida Outage Either By Kevin Poulsen EmailJune 10, 2008 | 2:51:56 http://blog.wired.com/27bstroke6/2008/06/no-chinese-hack.html A recent report from the National Journal cited computer security executives and U.S. intelligence officials blaming Chinese government hackers for two major U.S. power outages. We already debunked the claim with respect to the massive 2003 northeast blackout. Now the Florida Reliability Coordinating Council has released its preliminary report (.pdf) on the February 26th 2008 Florida outage, and -- no surprise -- human error, not cyber terrorism, is to blame. Although the initiating cause of the event is still under review by the Field Personnel Actions Review Team (FPART), a sub-team of the FEAT, the preliminary cause is currently linked to the disabling, by a relay field engineer, of all local protective relay equipment while troubleshooting an associated 138 kV switch. The FRCC Handbook requires that ?each system operator shall notify the FRCC Security Coordinator when a protective relay or equipment failure that reduces system reliability occurs.? Although the FEAT has not come to any conclusions regarding this part of the analysis, the nature of this procedure and its importance warrants that it be reaffirmed by the FRCC OC to ensure that FRCC system operators and relay field personnel understand the intent and importance of the procedure when performing maintenance on FRCC bulk power system elements. The organization has released six recommendations to prevent a recurrence of the fault. None of them include letting the NSA monitor all U.S. web traffic. From rforno at infowarrior.org Tue Jun 10 19:30:33 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jun 2008 15:30:33 -0400 Subject: [Infowarrior] - DOJ Awards $500,000 Grant to Golf Group Message-ID: Justice Department Official Awards $500,000 Grant to Golf Group Former Staffer Tells ABC News Anti-Crime Funds Given to Programs With The "Right" Connections. By BRIAN ROSS, ANNA SCHECTER, and MURRAY WAAS http://abcnews.go.com/print?id=5033256 June 9, 2008 ? A senior Justice Department official says a $500,000 federal grant to the World Golf Foundation is an appropriate use of money designed to deal with juvenile crime in America. "We need something really attractive to engage the gangs and the street kids, golf is the hook," said J. Robert Flores, the administrator of the Justice Department's Office of Juvenile Justice and Delinquency Prevention. The Justice Department, in a decision by Flores, gave the money to the World Golf Foundation's First Tee program, even though Justice Department staffers had rated the program 47th on a list of 104 applicants. The allegations were first reported earlier this year by the trade journal Youth Today. "I don't know why people insist on denigrating it, it's a sound program," Flores told ABC News. Current and former Justice Department employees allege that Flores ignored the staff rankings in favor of programs that had political, social or religious connections to the Bush White House. The honorary chairman of the First Tee program is former President George Bush. On a videotape presentation, the former President Bush praised the program for "serving others and building character and building values." The director of the golf program, Joe Louis BarrowJr., said the program would help teach inner city children because "golf is a game where values such as honesty, integrity and sportsmanship are essential." The golf program grant is one of a number of Justice Department grants now coming under scrutiny by a Congressional committee which will hold hearings next week. A key witness will be a former employee of Flores' office, Scott Peterson, who says the grants were awarded based more on politics than merit. "This is cronyism, this is waste, fraud and abuse," Peterson told ABC News in an interview aired on Nightline Monday night. Peterson says the money for the golf program is one of a number of grants awarded to lower-ranked applicants rated in rankings compiled by Justice Department staff members. "It's a lot of our taxpayer money that's supposed to go for some of our most vulnerable children," Peterson said. Peterson says current employees smuggled documents out of the Justice Department so he could provide them to ABC News as proof of the favoritism. "More than a half dozen career employees through faxes, FedEx, made sure that you had this stuff," said Peterson. Many top-rated programs were denied federal grants. A program to help troubled teens in San Diego, Vista, was ranked number two by the staff out of 202 applicants in its category of prevention and intervention but was turned down for a grant to help deal with inner city teen violence in San Diego. Another program, designed to train adult guards to deal with teens in custody, also was denied federal money even though it was ranked by the staff number 2 out of 104 in its category. "What Flores did in this situation is he just stomped on the heads of kids who are very much at risk and in trouble in this country," said Earl Dunlap, who runs the guard training program for the National Partnership for Juvenile Services. "He determined what the rules were gonna be and who was gonna play and who was gonna be welcome in his club. And everybody else could take a hike," said Dunlap of Flores. In a telephone interview with ABC News, Flores defended his decisions as in the best overall interest of dealing with teen crime. He said he was never bound by his staff's recommendations and that he made decisions based "on the overall" need in the country. Flores was appointed to the position by President Bush six years ago and has overseen about $1.5 billion dollars in grants during that time. His former employee, Scott Peterson, said Flores holds daily prayer sessions in the Justice Department office and frowns on giving grant money to organizations that provide sex education or condoms to teenagers. Instead, said Peterson, Flores favors programs that promote sexual abstinence. A Washington, D.C. program, Best Friends, that promotes abstinences was awarded $1.1 million by Flores even though it ranked 53rd on a list of 104 applicants. Best Friends is run by Elayne Bennett, the wife of Bill Bennett, a former Republican cabinet member and now political commentator. "We're really about positive friendships," she told ABC News at a recent charity gala that included many of Washington's GOP elite. "A good, solid friendship is a beautiful thing," she said. Murray Waas is a Washington-based investigative reporter who primarily covers national security and law enforcement issues. He is a contributing editor to the National Journal and has also written for the New Yorker, the Los Angeles Times, the Boston Globe and other newspapers and magazines. Copyright ? 2008 ABC News Internet Ventures From rforno at infowarrior.org Wed Jun 11 02:19:16 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jun 2008 22:19:16 -0400 Subject: [Infowarrior] - Fwd: [WL-News] ACTA trade agreement at today's US-EU summit according to White House References: <20080611003327.5C654394BBF@mail.wikileaks.org> Message-ID: <9E395D39-E063-46E1-9915-56D960ED6FDE@infowarrior.org> Begin forwarded message: > > Wikileaks Press Release > Wed Jun 11 00:43:47 GMT 2008 > > White House negotiating controversal ACTA trade agreement at US-EU > summit > > The White House has just released its US - EU Summit Declaration, > stating, in relation ACTA: > > "We will advance our shared objective of effective protection and > enforcement of intellectual property rights. Toward this end we > will work together with other trading partners to seek to conclude > a strong Anti-Counterfeiting Trade Agreement (ACTA) by the end of > the year." > > http://www.whitehouse.gov/news/releases/2008/06/20080610-8.html > > Late last month Wikileaks broke the ACTA story with our release of > this document: > > http://wikileaks.org/wiki/Proposed_US_ACTA_multi-lateral_intellectual_property_trade_agreement > > which revealed the stealth negotiations. > > The story has become front page news in Canada, and is starting > to be picked up by the world press: > > http://news.google.com/news?hl=en&q=acta+trade+agreement&scoring=d > > http://blogsearch.google.com/blogsearch?hl=en&lr=&q=acta+trade+agreement&scoring=d > > The US ACTA proposal has the effect of criminalizing primary source > journalism sites that publish or even link to leaks, even non profit > entities such as Wikileaks. > > Many provisions of the US proposal are clearly intended to create > a world-wide "DMCA"--legislation which is notorious in the United > States for its suppression of digital press freedoms. > > Since the ACTA vehicle is a treaty, Congressional or Parliamentry > oversight is likely to be minimal and constitutional protections > may be abridged. > > _______________________________________________ > News mailing list > News at lists.sunshinepress.org > https://lists.wikileaks.org/mailman/listinfo/news > http://wikileaks.be/wiki/Contact From rforno at infowarrior.org Wed Jun 11 02:22:46 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jun 2008 22:22:46 -0400 Subject: [Infowarrior] - Metallica: Open Mouth, Insert Both Feet Message-ID: Metallica Kills Early Reviews of Upcoming Album By Eliot Van Buskirk EmailJune 09, 2008 | 1:57:47 PM Categories: Digital Music News http://blog.wired.com/music/2008/06/metallica-kills.html Oh, Metallica, why can't you get it right? The band seemed to have learned somewhat from the dark days of the Napster debacle by offering fans online access to pre-release material and in-studio video footage, but now it has apparently unleashed another potentially damaging fiasco upon itself by forcing bloggers to take down reviews of their upcoming album. Metallica representatives played the album for The Quietus contributor "Bob Mulhouse" in London last Wednesday, after he did what one would expect: he posted a review on his blog. They did, after all, invite him to listen to it, knowing that he reviewed music online. Soon thereafter, the band's management had the review expunged from the internet, along with other early reviews that were a result of the same listening party. "Metallica held an album listening party for selected music journalists in London this Wednesday past," Quietus editor Luke Turner told Blinded by the Hype (via Idolator). "One of the writers was kind enough to write a piece about the album which, if you were lucky enough to read it before it was taken down, was full of praise about a return to form. At no point was the writer ask[ed] to sign a non- disclosure agreement. The Quietus and other websites ran pieces on the album, but were quickly contacted by Metallica's management via a third party and told to remove the articles." Let me get this straight... Metallica held a listening party for music reviewers and was surprised when some of them wrote reviews? That has to be a public relations first. Update: Some sources say that Metallica's representatives requested that the reviews were taken down because the listening party heard an early mix of the album. It's still unclear why Metallica's management didn't require the reviewers to sign non-disclosure agreements if they didn't want them to write about it. "The Quietus kept our article up the longest and, as no non-disclosure agreement had been signed, [was] not prepared to remove it merely due to the demands of Metallica's management," Turner continued. "We only eventually removed the article earlier today to protect the professional interests of the writer concerned (the piece was written anonymously)." Ironically, the offending review wasn't even negative: "This album could be good, or it could be mediocre ? too much depends on the other four songs to make a call at this point." Or, it won't matter because Metallica's foot is even bigger than its mouth. From rforno at infowarrior.org Wed Jun 11 02:48:19 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jun 2008 22:48:19 -0400 Subject: [Infowarrior] - NYT circulates fear-mongering claims on FISA debate Message-ID: <79023CF1-9331-4C3F-A306-4922D358F720@infowarrior.org> NYT circulates fear-mongering claims on FISA debate http://www.salon.com/opinion/greenwald/2008/06/10/lichtblau/ The New York Times' Eric Lichtblau has a long, prominent article today on the pending debate over FISA and telecom amnesty -- headlined: "Return to Old Spy Rules Is Seen as Deadline Nears" -- that features (and endorses) virtually every blatant falsehood that has distorted these spying issues from the beginning, and which is built on every shoddy journalistic practice that has made clear debate over these issues almost impossible. The article strongly suggests that a so- called "compromise" is imminent, a "compromise" which will deliver to the President virtually everything he seeks in the way of new warrantless eavesdropping powers and telecom amnesty. One paragraph after the next in Lichtblau's article features shrill warnings, mostly from unnamed "officials," about all the scary things that will happen if Congressional Democrats do not quickly pass a new FISA bill that is similar to the Rockefeller/Cheney Senate bill and that is agreeable to the President. If a "compromise" isn't reached, reports the article, then we'll all have to live under the so-called "old" FISA law -- meaning the law used by the U.S. to defend itself from 1978 until August, 2007 and then again from February, 2008 until the present. Moreover, the one-year surveillance orders obtained last August under the now-expired Protect America Act are set to expire in August, 2008. We learn from Lichtblau's article that this would be so very dangerous because: * expiration of the one-year PAA orders in August would create "a situation that some officials predict could leave worrisome gaps in intelligence"; * if no deal is reached, then "'We'll start losing intelligence capabilities,' Senator Christopher S. Bond of Missouri said"; * "government and Congressional officials said in interviews that they saw [reversion to FISA] as a dangerous step backward" because "government lawyers, analysts and linguists would once again have to prepare individual warrants, potentially thousands of them, for surveillance of terrorism targets overseas." * Scarier still: "Telecommunications companies would also have to spend considerable time shutting down existing wiretaps, and then start them up again if ordered under new warrants, officials said." * Without any explanation as to why, Lichtblau grants anonymity to an administration official to oh-so-bravely-and-valuably spout the administration line: "A senior intelligence official, speaking on condition of anonymity, said the administration was concerned that reverting to the older standards and requiring individual warrants for each wiretap would create a severe gap in overseas intelligence by raising the bar for foreign surveillance collection." * "Attorney General Michael B. Mukasey has described the idea of reverting to the older standards of foreign surveillance as 'unthinkable.'" * As always, pitifully frightened Congressional Democrats feed these claims: "'Until August, were O.K.,' said one senior Democratic Congressional aide involved in the negotiations. "After August, we're not O.K." And on and on and on. In short, and as always, terrible things will befall us -- scary, "unthinkable," "severe," "dangerous" things -- unless we all harmoniously comply with the President's demands for the power to spy on our communications without warrants and without oversight, and unless we immunize telecoms that broke the law. Only if we agree to those things can we be nice and protected and safe. They don't even bother to dress up that message any longer in subtle tones. * * * * * The most basic facts governing the surveillance debate prove how false and absurd are these fear-mongering claims that Lichtblau mindlessly passes on, and which he allows to shape his narrative without any real comment: (1) All of the scare-mongering claims the article touts are based almost exclusively upon one small, narrow, relatively uncontroversial problem ostensibly plaguing the current FISA law: namely, the requirement (allegedly imposed by a FISA court last year) that warrants be required for intercepting purely foreign-to-foreign communications when such communications are routed through U.S. networks. Virtually every quote in Lichtblau's article warning of the "vulnerabilities" we will face is grounded in claims about what will happen if warrants continue to be required for foreign-to-foreign communications (the cliched situation where "someone in Afghanistan calls someone in Iraq" and the call is routed through a U.S. network). But that issue has absolutely nothing whatsoever to do with the vast new eavesdropping powers the Rockefeller Senate bill vests in the President to spy on Americans inside the U.S., and those issues have even less to do with -- that is to say, nothing at all to do with -- the issue of telecom amnesty. But Lichtblau writes one paragraph after the next falsely linking (a) the risks from requiring warrants for foreign-to-foreign calls to (b) the need to pass a bill that would allow the President to spy on Americans inside the U.S. without warrants and which would immunize telecoms. Those two things have nothing to do with one another. The scary things that supposedly come from (a) are simply being exploited in order to justify the completely unrelated new powers of (b), and Lichtblau's article conflates those two unrelated matters almost entirely. Put another way, even if it's "urgent" that FISA be amended to exempt foreign-to-foreign communications from its warrant requirements, that is irrelevant to the debate over whether the President should be able to eavesdrop on Americans inside the U.S., and even less relevant to whether telecoms should receive amnesty for their lawbreaking. Those are the issues being debated, not whether "foreign-to-foreign" communications require warrants. But, as always, proponents of more unchecked government power exploit the dangers they claim to be so concerned about in order to seize totally unrelated new powers, and Lichtblau's article does nothing to debunk that tactic and does much to amplify it. (2) The whole issue of "foreign-to-foreign" communications is a complete red herring. It's irrelevant in considering whether to enact the Rockefeller/Cheney Senate bill or anything close to it. Even the most stalwart civil libertarians in the Congress -- such as Russ Feingold and Chris Dodd -- have been willing from the start to amend FISA to exclude foreign-to-foreign communications from the warrant requirements. If the President agreed to sign it, Congress could pass a law amending FISA in one day to fix that particular "problem," and then virtually every scary threat Lichtblau's article describes would instantaneously disappear. All of the supposed fears and dangers Lichtblau's article cites are an absolute sideshow because virtually every member of Congress is willing right this minute to pass a law to amend FISA to eliminate the cause of those supposed dangers -- i.e., the requirement that warrants be obtained to eavesdrop on foreign-to-foreign calls. Pointing to the "dangers" from that requirement in order to justify passing the Rockefeller/Cheney bill is exactly the same as pointing to the threat posed by Al Qaeda in order to justify invading Iraq; one has nothing to do with the other. (3) There's one reason and one reason only why the Protect America Act expired last February and why the orders obtained under it are set to expire in August. It's because the President and Congressional Republicans blocked an extension of the PAA because the President said he would veto any FISA amendment unless telecom amnesty was attached to it (Lichtblau notes: "Democrats have offered temporary extensions in the surveillance law, but the White House has resisted that idea"). Thus, to the extent that the August expiration of PAA orders will create -- all together now -- "critical intelligence gaps," that is due exclusively to the refusal of the White House to close those "gaps" unless the telecom industry is first immunized from the consequences of its lawbreaking. (4) If any of the fear-mongering claims in Lichtblau's article about expiration of the PAA surveillance orders were even remotely true -- as opposed to using them to obtain wholly unrelated new powers and telecom immunity -- then the easiest, most complete fix imaginable would be pursued: namely, simply extend the existing PAA orders by 6 or 9 months so that they don't expire in August. If the August expiration of the PAA orders really were of such concern, then that's all that needs to be done and the "dangers" would all be immediately averted. The reason the President, the GOP and the Rockefeller-led Senate Democrats won't do that is because they don't want to fix the problem of the expiring PAA orders. If they did want to, they could fix that problem in one day by extending their deadline. They want those PAA orders to expire so that they can exploit their looming expiration to scare the country -- and, most of all, bully Congressional Democrats -- into passing the Rockefeller/Cheney Senate FISA bill. (5) Referring to the pre-PAA FISA law as "the old law" -- as though it's some creaky, primitive, dangerous relic from the distant past -- is completely misleading. We lived under the FISA law for five full years after 9/11. During those five years, the Bush administration never even wanted it amended. FISA has been repeatedly amended in order to modernize it. The only arguable problem with FISA -- that it has allegedly been interpreted by a FISA court to apply to foreign-to- foreign calls -- is one that can be fixed in a day. The whole premise of the scare-mongering claims permeating Lichtblau's article is not that the FISA law is obsolete, but rather, that the key instrument imposed by the Founders to preserve basic liberty -- warrants -- is something that we must now abolish if we are to stay safe from the Terrorists. (6) Lichtblau's article inaccurately describes the current GOP "compromise" bill with regard to telecom amnesty. It does not, as the article claims, "allow the FISA court to review the administration?s requests and determine by a 'preponderance of the evidence' whether the requests [from the Government to the telecoms to allow spying] were valid." Rather, the "compromise" bill simply says that if the telecoms can show that the Government requested that telecoms allow warrantless eavesdropping and represented that such warrantless spying was legal -- and we already know that that happened -- then the FISA court is required to immunize the telecoms. The GOP "compromise" does not entail, in any way, any judicial consideration of whether the spying program in which the telecoms participated was legal, nor does it require consideration of whether the telecoms broke the law. The GOP "compromise" bill is nothing more than guaranteed, absolute immunity for the telecoms delivered in the form of a pre-scripted judicial process. * * * * * But this is what makes the Democrats in Congress so contemptible. As always, they claim that they are preparing to comply with the President's demands because they are afraid of the political costs of not doing so: As hard as the White House has pushed, Democrats may have even more at stake. They acknowledge not wanting to risk reaching their national convention in Denver in August without a deal, lest that create an opening for the Republicans and Senator John McCain, their presumptive presidential nominee, to portray themselves as tougher on national security -- a tried-and-true attack method in the past -- just as the Democrats are nominating Senator Barack Obama. That is the hallmark of the Democratic Party leadership: they are afraid of looking weak, and the way they try to solve that problem is by being guided by their fears and allowing themselves to be bullied into complying with the President's instructions. They actually still think that being bullied and always being afraid to take a stand will make them look strong. They have yet to figure out that it is that craven behavior which makes them look weak, and appropriately so, since it is weak. But even that ostensible political fear makes no sense whatsoever. Democrats control the agenda in Congress. They determine what bills are voted on. All they have to do is force a House and Senate vote on a bill that does two simple things: (a) exempt foreign-to-foreign calls from FISA's warrant requirements and (b) extend the PAA surveillance orders by 6 or 9 months. When the GOP filibusters that bill, or when George Bush vetoes it, then that will obviously preclude the GOP from using the expiration of those PAA orders as a club to beat Democrats, since it will be as clear as day -- so clear that even our national press corps can understand it -- that it was the President and the GOP, not Congressional Democrats, which caused those orders to expire. Whatever else happens, the excuse that will be offered by Democrats -- that they were pressured and forced into accepting this "compromise" because they would be politically harmed if the PAA orders expired in August -- is patently false. They could easily obviate that weapon by simply offering a bill to extend the orders. When they don't do that, and instead agree to a "compromise" that gives the President virtually everything he has been demanding, it will not be because they were coerced or pressured into doing so, but rather, because they, too, favor warrantless eavesdropping and telecom amnesty. UPDATE: Numerous privacy and civil liberties organizations -- including the ACLU and EFF -- today issued a joint letter (.pdf) strongly condemning the so-called GOP "compromise" FISA bill, making clear that it "is far from a compromise. Its chief provisions are not significantly different from those contained in the bill passed by the Senate in February of this year." Specifically, the "compromise" bill "unreasonably and unnecessarily authorizes broad surveillance of Americans' international communications without meaningful Fourth Amendment protections" and "would use the secret FISA court to rubber stamp a grant of immunity to telecommunications companies." From rforno at infowarrior.org Wed Jun 11 02:51:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 10 Jun 2008 22:51:38 -0400 Subject: [Infowarrior] - Treasury Dept. Rolling Out Social Security Debit Card Message-ID: <3B7D80D8-18E7-4411-8935-85179DFDEB15@infowarrior.org> Treasury Dept. Rolling Out Social Security Debit Card By Lori Montgomery Washington Post Staff Writer Tuesday, June 10, 2008; D03 http://www.washingtonpost.com/wp-dyn/content/article/2008/06/09/AR2008060901148_pf.html No bank account? No problem. Now you can have your Social Security benefits loaded directly onto an electronic debit card that works like a gift card from Uncle Sam. The card is part of a push by the U.S. Treasury Department to encourage the 10.5 million people who still get a paper Social Security check once a month to switch to electronic payments. The change could save some recipients hefty check-cashing charges, and it could save the federal government as much as $42 million a year, Treasury officials said. The only stumbling block: About 2.1 million Social Security recipients don't have bank accounts. Neither do about 1.8 million disabled and low-income people who receive Supplemental Security Income (SSI). The solution: Direct Express cards, managed by Comerica Bank, which allow recipients to carry their benefits on a piece of plastic that can be used like a debit card at any bank, retail outlet or automatic teller machine that accepts MasterCard. "After the card is activated, instead of us sending out a check to a post office box and hoping it doesn't get lost or stolen, they will know that their benefits are deposited in their card account on their payment date," Judith R. Tillman, commissioner of Treasury's Financial Management Service, said yesterday. "They can go to an ATM, go to a post office if they need a money order, go to almost any bank or . . . use it at retail locations to pay for a purchase and get cash back." Tillman said the card is free and there are no fees for using it. In a pilot project last year in Illinois, about 3,000 people activated the card. Eighty percent said they were satisfied, with 60 percent reporting that the card saved them money on check-cashing fees. Since then, Treasury has begun slowly advertising the card to all Social Security recipients who receive paper checks, starting in Texas, Louisiana, Oklahoma and Arkansas. Inserts are now going out to the Southeastern states, with the rest of the nation to follow by October. To sign up, look for an insert in your Social Security check between now and October. Or call Direct Express toll free at 877-212-9991. Or go online to http://www.usdirectexpress.com. From rforno at infowarrior.org Wed Jun 11 11:22:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jun 2008 07:22:28 -0400 Subject: [Infowarrior] - Useless Compensation for Data Loss Incidents Message-ID: Useless Compensation for Data Loss Incidents Wed Jun 11 03:38:35 EDT 2008 Apacid, Jericho http://attrition.org/security/rant/dl-compensation.html If you have been the victim of a data loss incident, odds are you have received a letter from the careless organization that lost your information. These letters always offer apologies and sincere hope that your identity or personal information isn't abused. The recent BNY Mellon incident (which now stands at 4.5 million potential customers affected) resulted in customers receiving such a letter: Notice that in return for having your personal information lost, they are offering free credit monitoring for 12 whole months! This seemingly generous offer has apparently become the standard business practice for acceptable compensation when your personal information is treated with carelessness. BNY opted to go with ConsumerInfo.com's "Triple Alert" credit monitoring product (despite no mention of that 'product' on the consumerinfo.com web page), which watches for changes to your credit reports from the three national credit reporting agencies in the United States (Experian, Equifax, TransUnion). If you are unlucky and get caught up in multiple data loss incidents, you may receive this "gracious compensation" many times over. First, why is this type of reactive credit monitoring acceptable compensation? This seems to be another case of one business following another and... voila, we have an industry 'standard' that does little to serve the customer but does everything to serve businesses that want to look caring and "customer-centric" in the media. Second, since this is hardly compensating customers, what better things could the money be used for? If you take Experian at face value and accept it is a US$60 value, that will pay for a nice steak dinner and bottle of wine to fuel grumbling about corporate irresponsibility, which is definitely a better use than redundant 'credit monitoring' that really does little for the customer. What if the company that lost that information were required to send each person affected US $60 in cash instead? Bank of NY Mellon would have to pay out 270 million dollars, Hannaford would have to pay out 252 million, and TD Ameritrade would have to pay out 378 million. Wouldn't that be good incentive to implement stronger data security? Instead, businesses get out cheap by paying pennies on the dollar for ineffective and catch- ridden 'services' from companies that also profit heavily from having your information in the first place. If not that, companies should spend a fraction of those multi-million dollar amounts and pay for the institution of higher data security and a more thorough method for auditing their security. Imagine if any of those companies had budgeted US $100 million on data security the year before the breach. Third, have you read the fine print to this generous credit monitoring? The monitoring in question consists of "daily" checks on your credit report in which they notify you of "key changes". If you get such a notification and suspect something is wrong, you must file a police report within 10 days of receiving the e-mail notification, report the suspected identity theft to their Fraud Resolution Department within 10 days of receiving the e-mail, place a fraud alert with Experian, Equifax and TransUnion within 10 days of receiving the e-mail notification, work with the Fraud Resolution Department to pursue all sources of reimbursement (so they don't have to pay you the guaranteed amount) and finally, pay out of pocket if you don't meet all the criteria on their list in section 4. So if you happen to be on vacation or without e-mail for 10 days, this monitoring is entirely worthless as they will do nothing else to proactively protect you from such abuse. All this for only US $4.95 a month!! Oh, they can also terminate this offer/agreement at any time at their sole and complete discretion... Fourth, does this seem like a huge profit circle and/or conflict of interest? The companies that are there maintaining your credit history and score are in turn charging customers for this monitoring. If you are unlucky and get your information lost, you get this paid service for free for one year. If not, you pay this company to monitor the records they keep for suspicious activity because they wouldn't do it otherwise. They really care about the accuracy and security of your personal information, promise! The simple truth is that offering limited credit monitoring for a heinous act of carelessness is no form of "compensation" to the affected customers. This desperate attempt to seem generous and caring is nothing more than a marketing ploy designed to appease customers that should otherwise be angry and looking to take their business elsewhere. It's time to expect and demand more from companies that lose your personal information, whether by theft, poor policies, gross negligence, or any combination of the above. Copyright 2008 by Attrition.org. Permission is granted to quote, reprint or redistribute provided the text is not altered, and appropriate credit is given, if you are not a credit reporting agency. Any credit reporting agency, including Experian, Equifax and TransUnion must obtain licensing to quote, reprint or redistribute this article. From rforno at infowarrior.org Wed Jun 11 16:44:32 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jun 2008 12:44:32 -0400 Subject: [Infowarrior] - Fwd: EFFector 21.19: URGENT ACTION ALERT: Tell Congress "No Deal on Telecom Immunity!" References: <31157351.1213202474939.JavaMail.www@app18> Message-ID: > Subject: EFFector 21.19: URGENT ACTION ALERT: Tell Congress "No Deal > on Telecom Immunity!" > Reply-To: EFFector list > > EFFector Vol. 21, No. 19 June 11, 2008 editor at eff.org > > A Publication of the Electronic Frontier Foundation > ISSN 1062-9424 > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > In our 472nd issue: > > * URGENT ACTION ALERT: TELL CONGRESS "NO DEAL ON TELECOM > IMMUNITY"! Recent intelligence indicates that high-ranking > Republicans and Democrats are hoping that a "compromise" > foreign intelligence surveillance bill can be rushed > through both the House and the Senate before the July 4th > holiday -- maybe even next week. > > The drafting process has been secretive, but one thing is > clear: the "compromise" is almost certain to contain > blanket immunity for phone companies that assisted in the > NSA's warrantless wiretapping program and prevent any court > from ruling on whether they broke the law. > > We've stopped telecom immunity in its tracks before, but > the empty "compromise" rhetoric surrounding this bill makes > it extremely dangerous. Please contact your Senators and > Congressperson to remind them that we're watching, and that > we won't accept any false compromises on immunity for > lawbreaking telecoms! > http://www.eff.org/action/no-false-compromises > > * IN ANOTHER BATTLE AGAINST ABUSIVE DMCA TAKEDOWNS, EFF has > asked a federal court to protect the free speech rights of > an animal welfare group after its video critiques of animal > treatment at rodeos were removed from YouTube due to sham > copyright claims. The Professional Rodeo Cowboys > Association (PRCA) filed takedown demands for 13 videos > from the group Showing Animals Respect and Kindness > (SHARK), claiming that the videos infringed their > copyrights -- even though the PRCA has no copyright claim > in live rodeo events. The lawsuit is part of EFF's No > Downtime for Free Speech Campaign, a response to increasing > misuse of the DMCA to demand that material be removed from > the Internet without providing any proof of infringement. > http://www.eff.org/press/archives/2008/06/09-0 > > * EFF WELCOMES LEADING INTELLECTUAL PROPERTY ATTORNEY > MICHAEL KWUN, who brings years of copyright, trademark, and > patent litigation experience to EFF's legal team. A > long-time geek, Kwun worked on early DMCA cases and, as > Google's litigation managing counsel, defended Google in > copyright cases about YouTube, Google Book Search, and > Google Image Search; trademark cases about Google AdWords; > and patent cases in connection with a wide variety of > Google products. > http://www.eff.org/press/archives/2008/06/09 > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > EFF Updates > > * Supreme Court Victory for Patent First Sale Doctrine > Supreme Court backs the patent world's version of the "you > bought it, you own it" principle. > http://www.eff.org/deeplinks/2008/06/supreme-court-victory-patent-first-sale-doctrine > > * Laser Printers Found Guilty of "Making Available" Crimes > Researchers at the University of Washington discover severe > flaws in the mass collection of IP addresses for the > entertainment industry's DMCA takedown campaign. > http://www.eff.org/deeplinks/2008/06/laser-printers-found-guilty-making-available-crime > > * McCain Revises Stance on Warrantless Wiretapping, Again > Between voicing skepticism and completely embracing the > administration's flawed legal justifications for > warrantless wiretapping, McCain settles on describing the > President's actions as "ambiguous." > http://www.eff.org/deeplinks/2008/06/mccain-revises-stance-warrantless-wiretapping > > * McCain Campaign Staffed By Telecom Immunity Lobbyists > Strong connections between telecom immunity lobbyists and > the McCain campaign raise serious questions about McCain's > about-face on warrantless wiretapping. > http://www.eff.org/deeplinks/2008/06/mccain-campaign-staffed-telecom-immunity-lobbyists > > * Fair Use Defense Ruled "Likely to Prevail" in "Imagine" > Copyright Infringement Suit > Filmmakers making use of John Lennon's "Imagine" win the > first round in a copyright infringement suit brought by > Yoko Ono. > http://www.eff.org/deeplinks/2008/06/fair-use-defense-ruled-likely-prevail-imagine-copy > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > miniLinks > > ~ What the FISA Debate Is Not About > Marty Lederman asks why reverting to the old FISA rules is > supposedly such a problem for the intelligence community. > http://balkin.blogspot.com/2008/06/what-fisa-debate-is-not-about.html > > ~ ISP Plan to Block Child Porn -- Will There Be Chilling > Effects? > The New York Attorney General says 3 major ISPs have agreed > to block child porn -- but the plan could set a precedent > that challenges the Communications Decency Act's > protections for online content hosts. > http://blog.wired.com/27bstroke6/2008/06/analysis-commun.html > > ~ Movies on Cable Before DVD? > A plan would bring movies to cable faster -- but you won't > be able to watch on a high-def TV, and don't even think > about TiVo. > http://opinion.latimes.com/bitplayer/2008/06/movies-on-cable.html > > ~ Wiki for Listing Legitimate Uses of P2P > A wiki has been set up to collect all the various > legitimate uses for P2P software. > http://www.boingboing.net/2008/06/06/wiki-for-listing-leg.html > > For more miniLinks: > http://www.eff.org/deeplinks/2008/06/minilinks-2008-06-10 > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > Announcements > > * EFF at RoboGames > Can't get enough extreme robot action? Neither can we! EFF > will be at the 2008 RoboGames at Fort Mason in San > Francisco on June 13-15: > http://www.eff.org/calendar/2008/06/12/eff-robogames > > * Music Benefit for EFF in San Francisco on Wednesday, June > 18th > http://www.eff.org/calendar/2008/06/18/sf-wiretap-music-benefit-eff > > * EFF at Personal Democracy Forum 2008 > Visit EFF at Personal Democracy Forum 2008 in New York City > on June 23-24, 2008. > http://www.eff.org/calendar/2008/06/23/eff-personal-democracy-forum-2008 > > * EFF at Velocity > Velocity is the new O'Reilly conference for people building > at Internet scale, taking place on June 23-24, 2008, at the > San Francisco Airport Marriott in Burlingame, California. > http://www.eff.org/calendar/2008/06/23/eff-velocity-2008 > > * Second Annual Institute on CyberLaw in Washington D.C. > June 19-20, the American Bar Association, in cooperation > with the Association for Computing Machinery, presents a > conference on cutting-edge legal topics: copyright > enforcement, the future of ICANN, and much more. > http://www.abanet.org/cle/programs/n08ceh1.pdf > > : . : . : . : . : . : . : . : . : . : . : . : . : . : . : > > Administrivia > > EFFector is published by: > The Electronic Frontier Foundation > http://www.eff.org/about > > Editor: > Richard Esguerra, EFF Activist > richard at eff.org > > Membership & donation queries: > membership at eff.org > > General EFF, legal, policy, or online resources queries: > information at eff.org > > Back issues of EFFector are available at: > http://www.eff.org/effector/ From rforno at infowarrior.org Thu Jun 12 02:18:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jun 2008 22:18:28 -0400 Subject: [Infowarrior] - FISA Court Repeatedly Questions FBI Wiretap Network Message-ID: <1FB5590C-46DD-45B9-9A81-F07769748CED@infowarrior.org> Secret Spy Court Repeatedly Questions FBI Wiretap Network By Ryan Singel EmailJune 11, 2008 | 3:13:54 PMCategories: Surveillance http://blog.wired.com/27bstroke6/2008/06/secret-spy-cour.html Does the FBI track cellphone users' physical movements without a warrant? Does the Bureau store recordings of innocent Americans caught up in wiretaps in a searchable database? Does the FBI's wiretap equipment store information like voicemail passwords and bank account numbers without legal authorization to do so? That's what the nation's Foreign Intelligence Surveillance Court wanted to know, in a series of secret inquiries in 2005 and 2006 into the bureau's counterterrorism electronic surveillance efforts, revealed for the first time in newly declassified documents. The inquires are the first publicly known questioning of the FBI's post-9/11 surveillance activities by the secret court, which has historically approved nearly every wiretap application submitted to it. The court handles surveillance requests in counterterrorism and foreign espionage investigations. The inquiries add to questions surrounding how the FBI has used the broad powers handed to it by Congress in the 2001 USA Patriot Act, including the FBI's admitted abuse of so-called National Security Letters to get stored telephone and financial records. Among other things, the declassified documents reveal that lawyers in the FBI's Office of General Counsel and the Justice Department's Office of Intelligence Policy Review queried FBI technology officials in late July 2006 about cellphone tracking. The attorneys asked whether the FBI was obtaining and storing real-time cellphone-location data from carriers under a "pen register" court order that's normally limited to records of who a person called or was called by. The internal inquiry seems to have preceded, and was likely prompted by, a secret court hearing on the matter days later. Kevin Bankston, a lawyer with Electronic Frontier Foundation, says the documents suggest that the nation's spy court shares the reluctance of federal criminal courts to turn everyday cellphones into tracking devices, in the absence of evidence that the target has done something wrong. "I hope that this signals that the FISC, like many magistrate judges that handle law enforcement surveillance requests, is growing skeptical of the government's authority to conduct real-time cellphone tracking without probable cause," says Bankston. In criminal cases, the government's attempts to get cellphone-tracking data without probable cause to believe the target has committed a crime were denied several times in 2005 by federal judges in New York and Texas. According to the documents, which the EFF obtained in a Freedom of Information Act lawsuit, an FBI general counsel lawyer asked on July 21, 2006: "Can we at the collection end tell the equipment NOT to receive the cell site location information?" The lawyer added a note of concern that phone companies might be sending along cell-site data even when they aren't asked for it. "Do we get it all or can we, when required, tell the equipment to not collect the cell-site location data?," the lawyer asked. Separately, the secret court questioned if the FBI was using pen register orders to collect digits dialed after a call is made, potentially including voicemail passwords and account numbers entered into bank-by-phone applications. Using a pen register order, the FBI can force a phone company to turn over records of who a person calls, or is called by, simply by asserting the information would be relevant to an investigation. But existing case law holds that those so-called "post-cut-through dialed digits" count as the content of a communication, and thus to collect that information, the FBI would need to get a full-blown wiretapping warrant based on probable cause. Dcs_3000_network580_2_2 The FBI's encrypted wiretapping backbone network, DCSNet, connects 37 FBI field offices, according to some documents. Other documents suggest the network now extends to 52 field offices, including locations in Alaska and Puerto Rico. This enhanced image is based on black-and-white FBI documents. Colored photo-illustration: Frank Rodriguez On August 7 2006, Foreign Intelligence Surveillance Court judge Colleen Kollar-Kotelly took the extraordinary step of ordering the FBI to report (.pdf) on how its sophisticated phone wiretapping system, known as Digital Collection System, handled those extra digits and whether it stored them in a centralized data-mining depository known as Telephone Application. The documents (.pdf) show that the majority of FBI offices surveyed internally were collecting that information without full-blown wiretap orders, especially in classified investigations. The documents also indicate that the information was being uploaded to the FBI's central repository for wiretap recordings and phone records, where analysts can data-mine the records for decades. EFF's Bankston says it's clear that FBI offices had configured their digit-recording software, DCS 3000, to collect more than the law allows. "The FBI's configuration of DCS 3000 to collect post-cut-through dialed digits when conducting pen-register surveillance is flatly illegal under statute and raises serious Fourth Amendment questions, based on the unanimous decisions of two district court judges and three federal magistrate judges holding that such interceptions require a wiretap order based on probable cause," Bankston said. The documents also reveal that the inquiry on dialed-digits collection wasn't the first time the secret court had queried the FBI regarding its use and storage of information from wiretaps. In October 2005, the court also asked the FBI to explain how it stored "raw" foreign- intelligence wiretap content and information about Americans collected during those wiretaps. The government is supposed to "minimize" -- that is anonymize or destroy -- information gathered on Americans who aren't the targets of a wiretap, unless that information is crucial to an investigation. The court wanted the FBI to explain what databases stored raw wiretaps (.pdf), how those recordings could be accessed, and by whom, as well as how minimization standards were implemented. The documents don't reveal the answer to that question. The FBI did not respond to a request for comment by press time. For more on the FBI's sophisticated wiretapping technology and how it links in with the nation's phone and internet infrastructure, see Point, Click, Eavesdrop. From rforno at infowarrior.org Thu Jun 12 02:19:56 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jun 2008 22:19:56 -0400 Subject: [Infowarrior] - Pentagon Wants Kill Switch for Planes Message-ID: <2169750C-71ED-42FA-A9A1-48DB81AE10C2@infowarrior.org> (this is just begging for a hacker to play with, if it becomes operational........rf) Pentagon Wants Kill Switch for Planes By Noah Shachtman Email June 11, 2008 | 3:40:00 PMCategories: Less-lethal http://blog.wired.com/defense/2008/06/the-pentagons-n.html B757_02The Pentagon's non-lethal weapons division is looking for technologies that could "disable" aircraft, before they can take off from a runway -- or block the planes from flying over a given city of stretch of land. In a request for proposals, issued earlier this week, the Joint Non- Lethal Weapons Directorate announced that it would like arms-makers to come up with a way to "safely divert an aircraft in the air or stop and/or disable an aircraft on the ground." And no, shooting the thing with a missile doesn't count. The Directorate wants "reversible effects which allow the targeted aircraft to be quickly returned to an operational condition with minimal time to repair." The primary focus of the ?divert an aircraft? task is to control the airspace and enforce no-fly or restricted flight zones. Effects should be focused on the aircraft, not the pilot or other personnel on board. The capability should enable the enforcement of flight restriction zones (e.g., metropolitan Washington, D.C.), protection of critical infrastructure and other high value assets from a possible aerial threat. For aircraft on the ground, ?stop? requires the aircraft to come to 0 mph at some point between when it starts to taxi and when it reaches abort speed. The requirement to ?disable? includes actions to render inoperable, deny use, and/or deny access to an aircraft on the ground. Successful accomplishment of either objective results in keeping the targeted aircraft from becoming airborne. The Directorate's program managers don't mention how engineers might pull off such a kill switch. But, however it's done, they'd like to have a similar system for boats, as well. They're looking for a device that can, from 100 meters away, "safely stop or significantly impede the movement" of vessels up to 40 feet long, with "minimal collateral damage." The Directorate is also looking for new ways to stop people. One proposed project involves studying "thermal laser effects for non- lethal application." Research, the Directorate notes, should "focus on understanding reversible health effects, pulsing methods, and effectiveness through clothing." From rforno at infowarrior.org Thu Jun 12 02:21:14 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jun 2008 22:21:14 -0400 Subject: [Infowarrior] - Victory for First Sale Doctrine (another one) Message-ID: <620A08D8-5008-4A02-B348-BF20D96323B7@infowarrior.org> http://www.eff.org/deeplinks/2008/06/liberation-day-promo-cds-victory-umg-v-augusto June 11th, 2008 Liberation Day for Promo CDs: Victory in UMG v. Augusto Posted by Fred von Lohmann In an important victory for the first sale doctrine, a federal district court today ruled that selling "promo CDs" on eBay does not infringe copyright. The court threw out a lawsuit by Universal Music Group (UMG), which had argued that the "promotional use only" labels affixed to these CDs somehow conveyed eternal ownership on UMG, making it illegal to resell the CDs (or even throw them away). For decades, record labels have mailed out millions of promotional records and CDs to radio stations, music reviewers, DJs, and music industry insiders. Troy Augusto, an eBay seller, finds these "promos" at used record stores, where he buys those that have value as collectibles and resells them on eBay. After an abortive attempt to use DMCA takedowns to block Augusto's eBay auctions, UMG ultimately sued him in federal court, claiming that the "promotional use only" labels on the CDs mean that UMG owns them forever and that any resale infringes copyright. EFF and the San Francisco law firm of Keker & Van Nest took Augusto's case to fight for the proposition that a copyright owner can't take away a consumer's first sale rights just by putting a "promotional use only, not for resale, remains the property of UMG" label on a CD. After all, the first sale doctrine had its origin in a Supreme Court case involving book publisher's effort to enforce a "may not be sold for less than one dollar" label on a book. In its ruling, the district court found that the initial recipients of "promo CDs" own them, notwithstanding "not for resale" labels. The court rejected the notion that these labels create a "license," concluding that the CDs are gifts. According to the opinion, "UMG gives the Promo CDs to music industry insiders, never to be returned. ... Nor does the licensing label require the recipient to provide UMG with any benefit to retain possession." (The court also found that federal postal laws relating to "unordered merchandise" establish that promo CDs are gifts to their recipients.) With software vendors, laser printer manufacturers, and patent owners trying to strip consumers of their first sale rights with unilateral labels, licenses, and notices, today's ruling sets an important precedent holding the line against these efforts (and comes one day after the Supreme Court reaffirmed the same principle in the patent context in Quanta v. LG). Here's hoping this ruling is another nail in the coffin of "label licenses" that try to strip consumers of their privileges under copyright law. From rforno at infowarrior.org Thu Jun 12 02:23:14 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 11 Jun 2008 22:23:14 -0400 Subject: [Infowarrior] - Congress says Chinese hacked their PCs Message-ID: <8AC293E2-771E-48D2-B345-15D992F3D7B4@infowarrior.org> Congressmen say Chinese hacked their PCs Dissident locations, other sensitive data intercepted By Dan Goodin in San Francisco ? More by this author Published Wednesday 11th June 2008 23:19 GMT http://www.theregister.co.uk/2008/06/11/congressional_computers_breached/ Lawmakes are urging everyone on Capitol Hill to have their computers checked for malware after discovering that people working from inside China hacked into multiple congressional machines and accessed locations of Chinese dissidents and other sensitive data. Virginia Representative Frank Wolf said four of his PCs were compromised, beginning in August 2006. New Jersey Representative Chris Smith, said two of his machines were hacked in December 2006 and March 2007. Both congressmen, who are long-time critics of China's record on human rights, said the PCs of other lawmakers had also been breached but declined to give names. Following the attacks on Wolf's computers, a car with license plates belonging to Chinese officials went to the home of a dissident near Washington and photographed it. The congressman said FBI investigators who looked into the breach traced the attacks to machines located in China. He said he's known about the attacks for a long time but that he had been discouraged from discussing them by people in the US government he declined to identify. "The problem has been that no one wants to talk about this issue," he said. "Every time I've started to do something I've been told 'You can't do this.' A lot of people have made it very, very difficult." Wolf suggested members of the Senate have also been victims of computer intrusion. He called for better education for members of Congress about the dangers of cyber attacks and urged members to have their machines checked. He said he was introducing a resolution that would tighten security of House computers and information systems. In the Senate, Senator Dick Durbin of Illinois asked the sergeant at arms to investigate whether Senate computers have been breached. Smith said the attacks on his machines were "were very much an orchestrated effort." His office no longer stores the names of Chinese dissidents on computers, he said. ? From rforno at infowarrior.org Thu Jun 12 11:14:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 07:14:38 -0400 Subject: [Infowarrior] - Vatican gets anti-terror squad Message-ID: <0A2ACBDB-7E54-4F40-9E09-F29FB0635093@infowarrior.org> Pope gives blessing to anti-christ terrorist squad Gendarmes get Interpol link, Swiss Guards get guns By Joe Fay ? More by this author Published Thursday 12th June 2008 10:46 GMT http://www.theregister.co.uk/2008/06/12/pope_terror_team/ The Vatican?s security service will be tapping into Interpol?s computers after setting up an in-house anti-terrorism unit. According to reports, the Vatican?s Gendarmerie has put together a "rapid intervention group" and an "anti-sabotage department" as sub- units of its gendarmerie corps. The Vatican will also work more closely with Interpol, giving it access to the euro-police organisation's database of shifty-looking terrorist types and other useful information. The formation of the squad might seem a little belated, given that the last pope was himself the victim of an assassination attempt, while the incumbent has been known to put noses out of joint with his pronouncements about the state of relations between the Islamic world and, er, Byzantium. Then again, all change takes time, and this is the oldest institution in Europe we?re talking about here. According to L'Osservatore Romano the beefed-up security organisation will operate both inside and outside the Vatican, with gendarmes travelling with the pope, presumably sweeping cathedrals, bishops palaces and the other venues he visits for bombs, bugs, heretics, demons, and the like. The Vatican Gendarmerie should not be confused with the Swiss Guards, the flamboyantly dressed crack troops that provide the tiny Episcopal state?s more visible security. For all that they look like a relic of the 16th century, the stripey- panted guards have also been given anti-terrorism training, and now pack SIG P75 pistols and Heckler-Koch sub-machine guns about their baggy-trousered person. Presumably these will only deployed if their halberds don?t do the job. Of course, for the conspiracy-minded out there, it is clear that earthly terrorists aren?t what this beefing-up of security is all about. The director of the Vatican Observatory said just last month that it was entirely plausible that aliens are ?out there?. Perhaps Pope Benedict knows more than he?s letting on, and the Swiss Guards are even now unpacking a consignment of photon torpedoes to ward off a surprise attack. ? From rforno at infowarrior.org Thu Jun 12 11:30:09 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 07:30:09 -0400 Subject: [Infowarrior] - China lists Olympic rules for foreigners Message-ID: China lists Olympic rules for foreigners http://edition.cnn.com/2008/WORLD/asiapcf/06/03/oly.foreigners.ap/index.html BEIJING, China (AP) -- Foreigners attending the Beijing Olympics better behave -- or else. The Beijing Olympic organizing committee issued a stern, nine-page document Monday that covers 57 topics. Written in Chinese only and posted on the official Web site, the guide covers everything from a ban on sleeping outdoors to the need for government permission to stage a protest. Visitors also should know this: # Those with "mental diseases" or contagious conditions will be barred. # Some parts of the country are closed to visitors -- one of them Tibet. # Olympic tickets are no guarantee of a visa to enter China. Fearing protests during the August 8-24 Olympics, China's government has tightened controls on visas and residence permits for foreigners. It has also promised a massive security presence at the games, which may include undercover agents dressed as volunteers. The guide said Olympic ticket holders "still need to visit China embassies and consulates and apply for visas according to the related rules." The government hopes to keep out activists and students who might stage pro-Tibet rallies that would be broadcast around the world. It also fears protests over China's oil and arms trade with Sudan, and any disquiet from predominantly Muslim regions in western China. Don't Miss * Ticket security gets tight * China revises Olympic language on disabled * Blog: Olympics and the World * iReport.com: Send us your pictures, video * Special report: Beijing 2008 * Official Beijing Olympics Web site "In order to hold any public gathering, parade or protest the organizer must apply with the local police authorities. No such activity can be held unless a permit is given. ... Any illegal gatherings, parades and protests and refusal to comply are subject to administrative punishments or criminal prosecution." The document also warns against the display of insulting slogans or banners at any sports venue. It also forbids any religious or political banner at an Olympic venue that "disturbs the public order." The guidelines seem to clash with a pledge made two month ago by International Olympic Committee president Jacques Rogge, who said athletes could exercise freedom of speech in China. He asked only that athletes refrain from making political statements at certain official Olympics venues. "Freedom of expression is something that is absolute," Rogge said in Beijing in April. "It's a human right. Athletes have it." The detailed document is titled: "A guide to Chinese law for Foreigners coming to, leaving or staying in China during the Olympics." This appears under the slogan of the Beijing Olympics: "One World, One Dream." For months Chinese authorities denied there had been any change to visa regulations, but recently acknowledged that rules had been amended. The changes may have little affect on some of the 500,000 foreigners expected to visit for the Olympics, many of whom will come on package tours with visas already arranged. The rules published Monday say entry will be denied to those "who might conduct acts of terrorism, violence and government subversion ... and those who might engage in activities endangering China's national security and national interest." The rules also bar entry to smugglers, drug traffickers, prostitutes and those with "mental diseases" or contagious conditions. The document also warns foreigners that not all areas of the country are open to visitors. One such area is Tibet, which is also off limits to journalists. "Not all of China is open to foreigners, and they shall not go to any venue not open to them," the statement said. The guide also spells out a long list of items that cannot be brought into the country, including weapons, imitation weapons, ammunition, explosives, counterfeit currency, drugs and poisons. It also prohibits the entry of materials "that are harmful to China's politics, economics, culture and morals". Foreigners staying with Chinese residents in urban areas must register at a local police station within 24 hours of arriving. The limit in rural areas is 72 hours. advertisement The guide also threatens criminal prosecution against anyone "who burns, defaces ... insults or tramps on the national flag or insignia." For those planning on sleeping outdoors to save a little money -- forget it. This is banned to "maintain public hygiene and the cultured image of the cities." From rforno at infowarrior.org Thu Jun 12 11:42:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 07:42:28 -0400 Subject: [Infowarrior] - A Flashy Facebook Page, at a Cost to Privacy Message-ID: A Flashy Facebook Page, at a Cost to Privacy Add-Ons to Online Social Profiles Expose Personal Data to Strangers By Kim Hart Washington Post Staff Writer Thursday, June 12, 2008; A01 http://www.washingtonpost.com/wp-dyn/content/article/2008/06/11/AR2008061103759_pf.html Facebook fanatics who have covered their profiles on the popular social networking site with silly games and quirky trivia quizzes may be unknowingly giving a host of strangers an intimate peek at their lives. Those mini-programs, called widgets or applications, allow users to personalize their pages and connect with friends and acquaintances. But they could pose privacy risks. Some security researchers warn that developers of the software have assembled too much information -- home town, schools attended, employment history -- and can use the data in ways that could harm or annoy users. "Everything requires you to give access to personal information or it forces you to ask your friends to do the same -- it becomes a real nuisance," said David Dixon, 40, an information technology consultant in Columbia who recently deleted most of the applications he had downloaded to his Facebook profile after reading on a blog that developers may have access to his information. "Why does a Sudoku puzzle have to know I have two kids? Why does a postcard need to know where I went to college?" Even private profiles, in which personal details are available only to specific friends, reveal personal information, said Chris Soghoian, a cyber-security researcher at Indiana University. And they're allowing access to their friends' information -- even if their friends are not using the application. That's because MySpace and Facebook, the largest online social networks, let outside developers see a member's information when they add a program. "You want to be social with your friends, but now you're giving 20 guys you've never met vast amounts of information from your profile," he said. "That should be troubling to people." A year ago, Facebook started allowing outside developers to create small software programs for members to download. Since then, the company said, about 24,000 applications have been built by 400,000 developers. They've become enormously popular, with users playing poker, getting daily horoscopes and sending one another virtual cocktails, to name a few. More than 95 percent of Facebook users have installed at least one application, the company said. Applications have grown so much that venture-capital firms have formed exclusively to fund their development, and there is a Stanford University course devoted to creating them. In February, MySpace also opened up to developers. It has more than 1,000 applications. The company, along with other social networks such as Hi5 and AOL's Bebo, allows applications under OpenSocial, a Google- led initiative that lets developers distribute games and other programs across multiple social networks. Each site has come up with its own policies on the data that developers are allowed to see. MySpace, the largest social network, with 110 million members, said developers can see users' public details -- name, profile picture and friend lists -- when they download a program. When a user installs one on Facebook, which has 70 million members, the developer can see everything in a profile except contact information, as well as friends' profiles. Members can limit what is seen by changing privacy controls, and both companies say developers are allowed to keep those data for only 24 hours. Developers can collect other data from members once they've download the applications. Ben Ling, director of Facebook's platform, said that developers are not allowed to share data with advertisers but that they can use it to tailor features to users. Facebook now removes applications that abuse user data by, for example, forcing members to invite all of their friends before they can use it. "When we find out people have violated that policy, there is swift enforcement," he said. But it is often difficult to tell when developers are breaking the rules by, for example, storing members' data for more than 24 hours, said Adrienne Felt, who recently studied Facebook security at the University of Virginia. She examined 150 of the most popular Facebook applications to find out how much data could be gathered. Her research, which was presented at a privacy conference last month, found that about 90 percent of the applications have unnecessary access to private data. "Once the information is on a third-party server, Facebook can't do anything about it," she said. Developers can use it to provide targeted ads based on a member's gender, age or relationship status. Consumer advocates have voiced concerns over how software developers are using such data. The Center for Digital Democracy is urging the Federal Trade Commission to look into the privacy policies surrounding third-party applications. Some developers acknowledge the value of the data at their fingertips but say they're careful not to abuse it. "We don't care who their favorite musicians are, and we're not looking at their pictures," said Dan Goodman, co-founder of Loladex, an application that lets users find friend-recommended businesses, such as plumbers and pizzerias. Loladex does keep track of user-provided data, such as Zip codes. Goodman said he hasn't ruled out using the data for targeted advertising, but "we're not trying to push the privacy envelope." Hungry Machine, based in Georgetown, has created 25 Facebook applications, including programs that let users recommend movies, books and music. "Leveraging that data would make a lot of sense," said Tim O'Shaughnessy, a co-founder of the company. But he said no plans are in the works. Slide, which designed three of the most popular Facebook applications -- SuperPoke, FunWall and Top Friends -- said it uses personal details only to make applications more relevant to users. For example, Slide collects friends' birthdays so it can remind you to "poke" them on the right day. Many Facebook users don't mind using the tools to express themselves. Gabby Jordan of Baltimore uses the Flirtable and Pimp Wars programs to connect with friends. "If there are too many, you could easily delete them off your profile and not have to worry about it," she wrote in an e-mail. But revealing information on quizzes or maps of places visited, for instance, may also make it easier for strangers to piece together tidbits to create larger security threats, said Alessandro Acquisti, assistant professor of public policy and information systems at Carnegie Mellon University. Some online activities ask users to list pets' names or to display their high school's mascot, answers to common security questions asked by financial companies. "Nowadays, some people have downloaded so many [applications], it's a constant flow of information about what they've done, what they're doing, which can be mined by your friends and also by someone you don't know anything about," he said. From rforno at infowarrior.org Thu Jun 12 18:47:46 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 14:47:46 -0400 Subject: [Infowarrior] - SCOTUS:Terror Suspects Can Appeal in Civilian Courts Message-ID: June 13, 2008 Justices Rule Terror Suspects Can Appeal in Civilian Courts By DAVID STOUT http://www.nytimes.com/2008/06/13/washington/12cnd-gitmo.html?_r=1&hp=&oref=slogin&pagewanted=print WASHINGTON ? Foreign terrorism suspects held at the Guant?namo Bay naval base in Cuba have constitutional rights to challenge their detention there in United States courts, the Supreme Court ruled, 5 to 4, on Thursday in a historic decision on the balance between personal liberties and national security. ?The laws and Constitution are designed to survive, and remain in force, in extraordinary times,? Justice Anthony M. Kennedy wrote for the court. The ruling came in the latest battle between the executive branch, Congress and the courts over how to cope with dangers to the country in the post-9/11 world. Although there have been enough rulings addressing that issue to confuse all but the most diligent scholars, this latest decision, in Boumediene v. Bush, No. 06-1195, may be studied for years to come. In a harsh rebuke of the Bush administration, the justices rejected the administration?s argument that the individual protections provided by the Detainee Treatment Act of 2005 and the Military Commissions Act of 2006 were more than adequate. ?The costs of delay can no longer be borne by those who are held in custody,? Justice Kennedy wrote, assuming the pivotal role that some court-watchers had foreseen. The issues that were weighed in Thursday?s ruling went to the very heart of the separation-of-powers foundation of the United States Constitution. ?To hold that the political branches may switch the Constitution on or off at will would lead to a regime in which they, not this court, say ?what the law is,? ? Justice Kennedy wrote, citing language in the 1803 ruling in Marbury v. Madison, in which the Supreme Court articulated its power to review acts of Congress. Joining Justice Kennedy?s opinion were Justices John Paul Stevens, Stephen G. Breyer, Ruth Bader Ginsburg and David H. Souter. Writing separately, Justice Souter said the dissenters did not sufficiently appreciate ?the length of the disputed imprisonments, some of the prisoners represented here today having been locked up for six years.? The dissenters were Chief Justice John G. Roberts Jr. and Justices Samuel A. Alito Jr., Antonin Scalia and Clarence Thomas, generally considered the conservative wing on the high court. Reflecting how the case divided the court not only on legal but, perhaps, emotional lines, Justice Scalia said that the United States was ?at war with radical Islamists,? and that the ruling ?will almost certainly cause more Americans to get killed.? ?The nation will live to regret what the court has done today,? Justice Scalia said. And Chief Justice Roberts said the majority had struck down ?the most generous set of procedural protections ever afforded aliens detained by this country as enemy combatants,? and in doing so had left itself open to accusations of ?judicial activism.? The chief justice said the majority had gutted the Detainee Treatment Act without really giving it a chance. ?And to what effect?? he wrote. ?The majority merely replaces a review system designed by the people?s representatives with a set of shapeless procedures to be defined by federal courts at some future date.? Indeed, the immediate effects of the ruling are not clear. For instance, Cmdr. Jeffrey Gordon, a Pentagon spokesman, told The Associated Press he had no information on whether a hearing at Guant?namo for Omar Khadr, a Canadian charged with killing an American soldier in Afghanistan, would go forward next week, as planned. Nor was it initially clear what effects the ruling would have beyond Guant?namo. The 2006 Military Commission Act stripped the federal courts of jurisdiction to hear habeas corpus petitions filed by detainees challenging the bases for their confinement. That law was upheld by the United States Court of Appeals for the District of Columbia Circuit in February 2007. At issue were the ?combatant status review tribunals,? made up of military officers, that the administration set up to validate the initial determination that a detainee deserved to be labeled an ?enemy combatant.? The military assigns a ?personal representative? to each detainee, but defense lawyers may not take part. Nor are the tribunals required to disclose to the detainee details of the evidence or witnesses against him ? rights that have long been enjoyed by defendants in American civilian and military courts. Under the 2005 Detainee Treatment Act, detainees may appeal decisions of the military tribunals to the District of Columbia Circuit, but only under circumscribed procedures, which include a presumption that the evidence before the military tribunal was accurate and complete. The ruling on Thursday focused in large part on the centuries old writ of habeas corpus (?you have the body,? in Latin), a means by which prisoners can challenge their incarceration. Noting that the Constitution provides for suspension of the writ only in times of rebellion or invasion, Justice Kennedy called it ?an indispensable mechanism for monitoring the separation of powers.? In the years-long debate over the treatment of detainees, some critics of administration policy have asserted that those held at Guant?namo have fewer rights than people accused of crimes under American civilian and military law and that they are trapped in a sort of legal limbo. Justice Kennedy wrote that the cases involving the detainees ?lack any precise historical parallel. They involve individuals detained by executive order for the duration of a conflict that, if measure from September 11, 2001, to the present, is already among the longest wars in American history.? President Bush, traveling in Rome, did not immediately react to the court?s decision. "People are reviewing the decision," Mr. Bush?s press secretary, Dana M. Perino, said. The president has said he wants to close the Guant?namo detention unit eventually. The detainees at the center of the case decided on Thursday are not all typical of the people confined at Guant?namo. True, the majority were captured in Afghanistan or Pakistan. But the man who gave the case its title, Lakhdar Boumediene, is one of six Algerians who immigrated to Bosnia in the 1990?s and were legal residents there. They were arrested by Bosnian police within weeks of the Sept. 11 attacks on suspicion of plotting to attack the United States embassy in Sarajevo ? ?plucked from their homes, from their wives and children,? as their lawyer, Seth P. Waxman, a former solicitor general put it in the argument before the justices on Dec. 5. The Supreme Court of Bosnia and Herzegovina ordered them released three months later for lack of evidence, whereupon the Bosnian police seized them and turned them over to the United States military, which sent them to Guant?namo. Mr. Waxman argued before the United States Supreme Court that the six Algerians did not fit any authorized definition of enemy combatant, and therefore ought to be released. The head of the New York-based Center for Constitutional Rights, which represents dozens of prisoners at Guant?namo, hailed the ruling. ?The Supreme Court has finally brought an end to one of our nation?s most egregious injustices,? Vincent Warren, the organization?s executive director, told The Associated Press. Senator Barack Obama of Illinois, the presumptive Democratic presidential nominee, has called for closing the Guant?namo detention unit. So has his Republican opponent, Senator John McCain of Arizona, but the issue of what to do with the detainees could still figure prominently in the campaign, as Mr. McCain?s remarks on Thursday signaled. Speaking to reporters in Boston on Thursday morning, Mr. McCain said he had not had time to read the decision, but ?it obviously concerns me.? ?These are unlawful combatants, they?re not American citizens, and I think that we should pay attention to Justice Roberts?s opinion in this decision,? Mr. McCain said. "But it is a decision the Supreme Court had made, and now we need to move forward." Mr. McCain, who was held for more than five years as a prisoner of war in Vietnam, was one of the chief architects of the Military Commissions Act of 2006. He argued during the drafting of that law that it gave detainees more than adequate provisions to challenge their detention.? Senator John Kerry of Massachusetts, the 2004 Democratic presidential nominee, applauded the ruling. ?Today, the Supreme Court affirmed what almost everyone but the administration and their defenders in Congress always knew,? he said. ?The Constitution and the rule of law bind all of us even in extraordinary times of war. No one is above the Constitution.? Anthony Coley, a spokesman for Senator Edward M. Kennedy, Democrat of Massachusetts, said: ?When Congress passed the Military Commissions Act in 2006, Senator Kennedy called the act ?fatally flawed? and said ?its evisceration of the writ of habeas corpus for all noncitizens is almost surely unconstitutional.? Today, the Supreme Court agreed, and rejected the Bush administration?s blatant attempt to create a legal black hole beyond the reach of the rule of law.? Kate Zernike contributed reporting from Boston. From rforno at infowarrior.org Thu Jun 12 18:59:52 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 14:59:52 -0400 Subject: [Infowarrior] - Yahoo tanks as Microsoft backs away Message-ID: <4451A1D7-D568-41E2-B075-587391463814@infowarrior.org> June 12, 2008, 2:55 pm Yahoo tanks as Microsoft backs away http://dailybriefing.blogs.fortune.cnn.com/2008/06/12/yahoo-tanks-as-microsoft-backs-away/?source=yahoo_quote Yahoo (YHOO) plunged after The Wall Street Journal reported the Internet giant?s discussions with Microsoft (MSFT) have ended without a deal. Microsoft isn?t willing any longer to buy the Sunnyvale, Calif., company for $33 a share, the Journal reports. The news deals a setback to billionaire investor Carl Icahn?s effort to force the sides into a deal, which started in April after Microsoft stepped away from the table the first time, and could pave the way for a search tie-up between Yahoo and rival Google (GOOG). Yahoo investors aren?t liking the news, though, because it seems to indicate Microsoft deal hopes are dead. Shares of Yahoo dropped 10% in heavy trading Thursday afternoon to $23 and change. From rforno at infowarrior.org Thu Jun 12 23:41:39 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 19:41:39 -0400 Subject: [Infowarrior] - Feds, Denver attempt to keep DNC security info secret Message-ID: <1C3D2410-4617-4D15-9D6B-2BA2CF26F3BA@infowarrior.org> Feds, Denver attempt to keep DNC security info secret By Erin Rosa 06/11/2008 | 2 Comments http://www.coloradoindependent.com/view/feds-denver-attempt The exact location of a public demonstration zone outside of the Democratic National Convention and information about how close activists will be to delegates could be legally sealed from the public if the United States Secret Service and the city of Denver can persuade a district judge to approve a protective order blocking the information. Both federal and local law enforcement officials are seeking an order to keep secret the specifics over their planned demonstration zone for protesters outside the Pepsi Center, where the convention is set to be held in August, according to the American Civil Liberties Union of Colorado. On May 1 the ACLU filed a lawsuit against Denver and the Secret Service on behalf of 12 groups seeking information about where activists would be allowed to converge during the convention in a designated zone. During a hearing for the suit on Monday, it was revealed that the city would be using a fenced-in portion of Parking Lot A near the front entrance of the Pepsi Center. However, law enforcement officials planning security for the convention have repeatedly declined to disclose details, including how close activists will be able to get to the delegates or the materials that will be used for fencing and other barricades surrounding the area. Instead, the convention's security preparers, citing national security concerns, may only share such information with court officials and with attorneys involved with the suit, a move that the ACLU says it opposes. City officials indicated months ago that a zone would be designated within sight and sound of the Pepsi Center during the convention, but the ACLU argues that its plaintiffs have a constitutional right to review the details and to ensure their First Amendment rights are protected. ?After those restrictions are disclosed, we intend to consult with our clients about whether we should challenge any of those restrictions in the second phase of the lawsuit. That consultation will be impossible if the attorneys are not allowed to discuss the restrictions with their clients,? said Mark Silverstein, legal director for the Colorado ACLU. ?Accordingly, the plaintiffs attorneys will ask that the government bear the burden of showing that such extreme secrecy is necessary. We don't believe it is.? The city attorney's office did not return a request for comment, but another hearing in the suit is expected at the end of June to determine if a protective order is necessary for the information. Silverstein has stated that the ACLU filed the lawsuit over concerns regarding First Amendment violations that occurred at the Democratic convention in Boston in 2004, where so-called protester "free-speech zones" ? consisting of concrete barricades and fencing -- were set up outside the convention site. A Boston judge ruled that the zones were unconstitutional less than a month before the 2004 convention, but said that there was not enough time to change the plans. Court papers show that the ACLU intends to seek a final court decision on the matter by Aug. 4, which is 20 days before the start of the convention. < -- > Denver lags in DNC security disclosure http://www.coloradoindependent.com/view/denver-lags-in-dnc By Erin Rosa 06/05/2008 Democrats may be attending their national convention a week before the Republicans hold theirs, but key details surrounding civil rights and security-related preparations for the Republican National Convention have been made more readily available in the host city of St. Paul, Minn., while law enforcement officials in Denver remain mum on their specific plans. The Denver Police Department and federal U.S. Secret Service are busy coordinating security for the Democratic National Convention Aug. 25-28. Currently, the department and federal agency are facing three convention-related lawsuits focusing on civil liberties issues of permitted protest space and parade routes, arrest procedures and purchases of crowd-control weapons for the event, because activists who plan to demonstrate in Denver say the public has a right to know such details in order to avoid First Amendment violations that have plagued previous political conventions. In contrast, law enforcement in St. Paul, Minn., the location for the Republican National Convention set for Sept. 1-4, have already disclosed a parade route and new weapons that are expected to arrive before the event. The city is also facing less civil rights-related litigation than Denver. From rforno at infowarrior.org Thu Jun 12 23:44:03 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 19:44:03 -0400 Subject: [Infowarrior] - Compare File Sharers To 9/11 Terrorists Message-ID: <91005220-58B8-46B8-9F60-FA8E990B1AD9@infowarrior.org> Rewriting Copyright History, The Elitist Way: Compare File Sharers To 9/11 Terrorists from the stunning dept When we first debunked Hank Williams' problematic attack on Mike Arrington for suggesting, reasonably, that copyright law had reached the point that it needed a serious rethink, someone told me that Hank Williams is trying to become "the next Andrew Keen." Keen, of course, wrote a book last year about how the internet is somehow destroying culture, with the basic thesis being that "culture" is defined only as professionally produced content. Effectively, his argument was that non-professionally produced content simply can't be good, so by competing with professionally produced content, all that amateur content was somehow damaging professional content. The logical errors in this thesis are pretty easy to spot, but we'll just mention the obvious one: if professional content is so much better than amateur content, what does it have to fear from amateur content? In fact, Keen's whole thesis is so ridiculous, and the book praising the reliability and accuracy of "professional" media is so riddled with errors, distorted truths and outright falsehoods, that some have suggested (credibly) that Keen is merely satire. Everything that Keen claims is bad about amateur media, he does -- repeatedly. < - > http://techdirt.com/articles/20080610/0259341363.shtml From rforno at infowarrior.org Thu Jun 12 23:46:50 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 19:46:50 -0400 Subject: [Infowarrior] - Viacom DMCA's itself. Brilliant. Message-ID: (c/o Sally E.) Viral Irony is Spelled MTV http://www.mattgriswold.com/post/37250077/viral-irony-is-spelled-mtv From rforno at infowarrior.org Thu Jun 12 23:52:19 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 12 Jun 2008 19:52:19 -0400 Subject: [Infowarrior] - Top Spook: Facebookers, Gamers May Be Unfit to Spy Message-ID: (These are EXACTLY the kind of folks - in many cases - that you want involved in certain activities because they think unconventionally, are resourceful, and can socialize well with teammates while being able to bluff their adversaries.........rf) Top Spook: Facebookers, Gamers May Be Unfit to Spy By Noah Shachtman EmailJune 12, 2008 | 11:16:00 AM http://blog.wired.com/defense/2008/06/do-you-trade-mu.html Do you trade music with your pals? Use Facebook to keep in touch with far-away friends? Play World of Warcraft as a girl, when you're really a boy? Check your e-mail a little too often? Well, then, you may not be trustworthy enough to become a spy. The Office of the Director of National Intelligence (ODNI) -- which, in theory, oversees all of the country's intelligence services -- is looking to launch a series of research studies into "cyber-behavior." Because what wannabe spooks do on-line should play "an important part" in the "process for granting security clearances for personnel working in national security positions." Suspect activities include "social network usage," "compulsive internet use," "distribution of pirated materials," and "on-line contact with foreign nationals." The first step is to get a "better understanding" of "which specific cyber-behaviors are normative, acceptable, or favorable as well as identifying those that may be associated with risky or problematic cyber behavior within the workplace." Areas of potential interest include, but are not limited to: social network usage; disclosure of information in computer-mediated activities; extent of on-line contact with foreign nationals; cyber behavior that suggests an unwillingness to abide by rules; compulsive internet use; involvement in computer groups (especially those allied to stigmatized practices); providing false information within computer- mediated communications about oneself or others; procurement and distribution of pirated materials; engaging in deviant cyber-behaviors with the intention of causing harm to others including ?hacking? and sabotage. I think that puts the entire staff of WIRED in serious jeopardy of blowing the top secret clearances we've all craved for so long. Ah, well. Once the initial study is done, ODNI would like to see a research program of how these "risky IT activities or problematic cyber behaviors" match up with real-life "personality factors or other individual traits, characteristics or behaviors can serve as risk or resilience indicators." The National Security Agency has used similar criteria for vetting potential employees. One recruit was told that file-sharing could keep him out of the agency. New York University's Drew Conway, for one, is less-than-confident that this is going to turn out well. Given the [government's] "less than stellar track record in assessing the risk posed cyber activity, and the constant protraction of security clearance investigation and abysmal backlog of adjudications, this is a classic example of an interesting research opportunity being attached to the wrong research vehicle. The idea that belonging to a certain World of Warcraft guild makes someone less trustworthy is not only foolish, but would likely disqualify the exact people the U.S. military needs. From rforno at infowarrior.org Fri Jun 13 13:29:36 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jun 2008 09:29:36 -0400 Subject: [Infowarrior] - DHS names Centers of Excellence for Disasters and Other Emergencies Message-ID: <2EE8BA28-3BF9-4314-A4BE-9B92DE63FE0F@infowarrior.org> Center of Excellence Designations: Jackson State University Northeastern University Stevens Institute of Technology University of Arizona University of Hawaii University of North Carolina at Chapel Hill University of Rhode Island University of Texas at El Paso More info and full Fed Register writeup at http://cryptome.org/dhs061308.htm From rforno at infowarrior.org Fri Jun 13 19:53:53 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jun 2008 15:53:53 -0400 Subject: [Infowarrior] - Tim Russert of NBC Dead Message-ID: <9D95FF71-8229-4D04-8742-B59848FF9712@infowarrior.org> (c/o NY Post) TIM RUSSERT DIES FROM APPARENT HEART ATTACK By CHARLES HURT June 13, 2008 -- Posted at 3:21 p.m.; Updated at 3:36 p.m. Tim Russert, NBC journalist and political heavyweight host of "Meet the Press," has died after collapsing at NBC's Washington news bureau, a source said. He was 58 years old. Russert, who rose from the inside world of politics where he was former New York Gov. Mario Cuomo's press secretary and one-time chief of staff to the late Sen. Daniel Patrick Moynihan, was able to successfully cross over to political journalism and rise to become one of its leading lights. In his role as host of the seminal Sunday morning political program "Meet the Press" - which he took over in 1991 - he became renowned for his hard-nosed interviews where he frequently cornered some of Washington's cagiest political figures with tough questions. Russert joined NBC News in 1984. In April 1985, he supervised the live broadcasts of the Today program from Rome, negotiating and arranging an appearance by Pope John Paul II - a first for American television. In 1986 and 1987 Russert led NBC News weeklong broadcasts from South America, Australia and China. In 2008, Time Magazine named him one of the world's 100 most influential people. THIS IS A DEVELOPING STORY. PLEASE REFRESH FOR UPDATES. From rforno at infowarrior.org Sat Jun 14 03:36:14 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jun 2008 23:36:14 -0400 Subject: [Infowarrior] - AP serving (abusive?) DMCA notices to bloggers Message-ID: AP Goes After Bloggers For Posting Article Headlines And Snippets from the you're-going-to-lose,-badly dept http://techdirt.com/articles/20080613/0117561394.shtml Last fall, the Associated Press claimed that it was ready to change to face the new internet world -- and that meant not just being a gatekeeper, but joining in the conversation. As we noted at the time, though, AP execs said all that, only to immediately follow that up with plans that looked like it was trying to become a new type of gatekeeper. It didn't help that the company had also just sued VeriSign's Moreover division for linking to AP stories along with a title and a tiny excerpt. That sort of thing is clearly fair use -- but the AP doesn't seem to think so. And, now, it's expanding its target list. Rather than just going after the big aggregators (surprisingly, Google settled), it appears that the Associated Press is going after bloggers for merely posting a linked headline and a tiny snippet of text from the article. In this case, Rogers Cadenhead informs us that the AP sent 7 DMCA takedown notices last week to his site, the Drudge Retort (a site that mocks the Drudge Report). In six cases, a blog post on the site quoted just a small snippet of text from an AP article (between 33 and 79 words -- nowhere near the full length of the article). In every case, they also contained links back to the original AP article. Five of the six used a different headline than the original AP article. The other complaint was about a comment to a blog post, which also included a very short snippet and a link. On the face of it, it's nearly impossible to see how this isn't fair use, even though an AP representative insists it's not: The use is not fair use simply because the work copied happened to be a news article and that the use is of the headline and the first few sentences only. This is a misunderstanding of the doctrine of "fair use." AP considers taking the headline and lede of a story without a proper license to be an infringement of its copyrights, and additionally constitutes "hot news" misappropriation. Hopefully, they won't send a takedown notice for quoting that. This is pure bullying on the part of the Associated Press, and a clear overstepping of its legal rights. It's most certainly not a sign that the organization has adapted to the internet age. In fact, the most amazing thing is that these types of uses (a snippet and a link) clearly help drive more traffic to those AP articles. This is a pure "shoot-self-in-the-foot" move by the Associated Press -- and if they have any sense of decency they should issue a very public apology. In the meantime, since the Associated Press apparently no longer wants traffic, we'll start looking for other sources when linking to stories. I can't promise we won't link to any AP stories (they're everywhere), but given the opportunity we'd prefer to link to a news organization that's happy to accept our traffic, rather than one that might sue us for pointing people their way. This is quite unfortunate, as there are many AP reporters who read this site, and with whom I have come to build a strong relationship. I think they're quite good reporters, and it's too bad they work for such a short-sighted organization. Update: Someone from the AP has posted a response in the comments. It makes some claims that simply do not seem to represent reality, including trying to define what is and is not "the link-based culture of the Internet." It claims that it won't go after snippets -- but doesn't explain why that's exactly what it did. And then it responds to a blog post from Jeff Jarvis that I have not seen and did not reference. If the AP seriously wants to respond, why not respond to what is actually happening or what we actually said, rather than someone else. Update 2: I should also note that the comment from the AP includes what appears to be a bit of a sales pitch suggesting that bloggers license AP articles. From rforno at infowarrior.org Sat Jun 14 03:37:58 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jun 2008 23:37:58 -0400 Subject: [Infowarrior] - DIMACS/DyDAn Workshop on Internet Privacy Message-ID: http://dimacs.rutgers.edu/Workshops/InternetPrivacy/ DIMACS/DyDAn Workshop on Internet Privacy: Facilitating Seamless Data Movement with Appropriate Controls September 18 - 19, 2008 DIMACS Center, CoRE Building, Rutgers University, Piscataway, NJ Organizers: Dan Boneh, Stanford University, dabo at cs.stanford.edu Ed Felten, Princeton University, felten at cs.princeton.edu Helen Nissenbaum, New York University, helen.nissenbaum at nyu.edu From rforno at infowarrior.org Sat Jun 14 03:44:57 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 13 Jun 2008 23:44:57 -0400 Subject: [Infowarrior] - Incomprehensible Earmark from Hell Message-ID: <71F904EB-6766-442A-B43B-D95A5FDC382F@infowarrior.org> This is too funny not to pass along....my first response was, "In English, please" and then quickly followed by a realization that these folks must be master players of bullsh--t bingo....I mean, there's simply no other explanation! Where's Dilbert when you need him? :) --rf (source: Cryptome) http://www.defenselink.mil/contracts/contract.aspx?contractid=3796 Incomprehensible Earmark from Hell June 13, 2008 American Competitiveness Institute, Philadelphia, Pa., is being awarded a $99,999,000 indefinite-delivery/indefinite-quantity contract for the Benchmarking and Best Practices Center of Excellence. The purpose of this effort is to identify, validate, benchmark, and facilitate the dissemination (sharing) of best-in-class practices, processes, methodologies, systems, and pre-competitiveness technologies. In doing so, enhance and promote communications, corporation, integration, and interdependency across the defense industry that will result in improvements in affordability and performance of defense platforms and weapon systems. Work will be performed in Philadelphia, Pa., and work is expected to be completed June 2013. Contract funds will not expire at end of current fiscal year: This contract was competitively procured under solicitation N00014-08-R-0001. The Office of Naval Research, Arlington, Va., is the contracting activity (N00014-08-D-0758). From rforno at infowarrior.org Sat Jun 14 12:27:30 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 14 Jun 2008 08:27:30 -0400 Subject: [Infowarrior] - US cyberdefense: A Big Pot of Money References: Message-ID: Begin forwarded message: > From: "Simon Taplin" > > A Big Pot of Money > > http://www.defensetech.org/archives/004249.html > > Recently much attention is being given to the topic of cyber warfare > and rightfully so. Our computers and networks are under continuous > attack from all over the world. The level of sophistication of these > attacks and the quality of the code written to perform these attacks > both have raised significantly in the past year. Experts agree we have > entered a new era of warfare and are transitioning from bombs and > bullets to bits and bytes. > > In January two classified presidential directives were signed related > to defending the country against cyber attacks. At that time the price > tag was estimated at $6 billion. In mid May the price tag was revised > and believed to be $17 billion. Now, the price has risen again to be > $30 billion. That is a big pot of money by anyone's standards. So the > question is, where will this money be spent? Increasing cyber defense > will require investment in Research and Development as well as in > existing technology and services. The first and most critical activity > will be to fortify current systems against known cyber threats. > > Spending Allocation: > > * Hardware 18% $5.4 Billion USD > * Software 25% $7.5 Billion USD > * Consulting 29% $8.7 Billion USD > * Services 24% $7.2 Billion USD > * R&D 4% $1.2 Billion USD > > The R&D efforts will focus on near term delivery of advanced defensive > capabilities (like behavioral modeling) of software processes and > transaction to evaluate if they pose a threat to the system. > Additionally, advanced modeling capabilities are required for evolving > defenses and investigative activities. Advanced modeling will be used > to certify and authenticate chips, hardware and software to be > authentic and free of malicious code. One of the most promising > capabilities centers on the development of a "Digital DNA" database > repository. The ultimate goal of this work is the same as with current > DNA forensics - to identify the perpetrators of the assault. Most > cyber attacks leave behind forensic evidence that can be used to > assess the capabilities of the attacker, understand the implications > of the attack and to create defensive measure to guard against this > type attack in the future. With all the attacks that have taken place, > there is significant intelligence out there about techniques, cyber > weapons, and strategies that have been used in these cyber assaults. > Analysis of this evidence can create Digital DNA which could also help > to identify the source of the malicious code and potentially lead to > the attacker. > > ASDF represents the four Digital DNA characteristic sets. > A = attributes, abilities, abstraction, architecture, assembly, > adaptation > S = style, signatures, syntax, structure, source, specification, scope > D = demographics, delivery, development, discipline, data, design > F = functions, features, faults, formidability, fields, forms, factors > > There are currently over a million pieces of malware. On average there > are approximately 200 new computer viruses released monthly, so the > raw cyber DNA materials are not in short supply. The potential use and > value of the Digital DNA repository will increase with every single > entry and the analysis of attacks. According to a source close to the > Digital DNA project, the repository is currently in its infancy, it > continues to grow and mature with the knowledge gained from each cyber > attack. John Foley, CEO of Defcomm1 and former CEO of Vigilant Minds a > leading managed security services provider said, "Much like the human > genome project, Digital DNA will basically fingerprint the technical > and human factors behind the malicious software and attacks." Security > experts believe that Digital DNA type data is a critical component and > required to fight cyber attacks and defend systems. > > -- Kevin Coleman From rforno at infowarrior.org Sat Jun 14 14:50:31 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 14 Jun 2008 10:50:31 -0400 Subject: [Infowarrior] - E/I ratings comment Message-ID: So I'm watching a friend's tween daughter this morning while her folks are closing on their new house. She's in the living room watching whatever kids watch on Saturday mornings these days and Myspacing to her heart's content. To my surprise, I see that Disney's "Hannah Montana", Fox's "Sports Stars of Tomorrow", and some mindless anime-cartoon shows have an on- screen E/I rating denoting them as "Educational/Instructional." Huh? Digging a tiny bit deeper and doing a few minutes of light research,, it turns out that 25 percent of shows with the E/I rating hold only minimal educational value, according to an Annenberg Public Policy Center study....and that the E/I rating simply means the show has limited types and amounts of commercials -- but that the show itself can pretty much be about anything. That E/I label sure was educational for me. Well, it reinforced what I already knew or had strong suspicions about, anyway. Who says you're never too old to learn? -rick From rforno at infowarrior.org Sun Jun 15 21:17:44 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 15 Jun 2008 17:17:44 -0400 Subject: [Infowarrior] - Army Imitates Apple To Draw New Recruits Message-ID: <21F69E5B-F958-46CB-B395-9BD9829DD26F@infowarrior.org> http://www.brandweek.com/bw/content_display/news-and-features/technology-finance/e3i5597024fecf11e33a55a40695b480511 Army Imitates Apple To Draw New Recruits June 13, 2008 -By Timothy Fields The U.S. Army, experiencing a stagnant recruiting situation, is going experiential. The Army plans to unveil a pilot concept recruitment center in late August that was inspired by the interactivity of Apple Stores. The center, opening in a city that's yet to be determined, will be built around virtual simulations and other experiential marketing techniques to engage visitors. Seeing the success of Apple retail centers?as well as attractions like the ESPN Zone?prompted Edward Walters, CMO of the U.S. Army, to make a tactical change. "In the past we've focused on traditional media vehicles. [But] the millennial generation is used to engaging in interactive assets and we need to adapt to them." If the test proves successful, many centers will be opened around the country. The effort comes as the number of new recruits for the active Army decreased minimally last year, per the Dept. of Defense. "It is getting tougher and tougher to do personal recruiting," said Robert Passikoff, ex-military man and president of Brand Keys, a brand customer loyalty planning consultancy based in New York. "This is a way of engaging possible recruits in a way that may get someone interested and eventually convinced. It makes a lot of sense given how the media environment has changed. It isn't just a matter of providing information, it is a matter of experiential outreach that is really able to provide a broader range of connectivity." The first new recruitment center is designed to be less intimidating and more "like walking into a NASA center," said Walters. It will consist of three large simulators with full-scale mock-ups of Army equipment and wrap-around 270-degree video screens. "The modeling command and control systems are like those used in Iraq," said Maj. Larry Dillard, U.S. Army marketing exec. The Apache simulator allows a pilot and co-pilot to experience the aircraft and its weapons systems. The Black Hawk helicopter simulator provides four door gunner positions. And, the armored HMMWV vehicle simulator has positions for a driver and several gunners. The centers also will include an area where visitors can compete in America's Army, a videogame released in 2002. "If you think of a classic recruitment center, [all of] its forms and brochures are about as exciting as the post office," said Marc Babej, partner at Reason Inc., a marketing consultancy in New York. "Why talk about it when you can demonstrate it." Walters agreed. He said, while the U.S. armed forces have high awareness, the centers "show people what Army is about. We want to convey to young men and woman the most meaningful benefits of joining the Army." The effort isn't the first time the Army has gone experiential. Since February 2007, the Army has worked with Los Angeles-based ad shop Ignited on a 20,000 square-foot tour that lets potential recruits get a 20-minute simulation experience that mimics being a soldier. Amy Lindstrom, a rep for Ignited, said that more than 100,000 people have taken the tour. Since recruiters aren't typically on site, though, she said it's difficult to track how many of those people signed up. "We are trying to overcome preconceived notions. People are generally surprised at the activities that you can do in the Army," said Dillard, referring to the new recruiting centers. "We are trying to generate some kind of engaging experience that will give you an 'aha moment.'" Despite the continuing unpopular war in Iraq, the Army has been making a comeback in retentions so far this year. Further, last week, the Defense Dept. announced it exceeded its recruiting goals (5,568 accessions) for the month. Richard Laermer, author of 2011: Trendspotting for the Decade, said the new centers could stir up controversy. "With everything going on with the war effort, you think they would be a little more buttoned up. Right now there is nothing cool about the Army." Laermer doubts the test will succeed: "I'll bet you that in a very short amount of time they will get rid of [the recruitment centers] because of a public outcry. People are going to get mad about it." Last year, the U.S. Army spent $172 million in advertising, and $37 million in the first quarter this year, per Nielsen Monitor-Plus. From rforno at infowarrior.org Sun Jun 15 21:18:48 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 15 Jun 2008 17:18:48 -0400 Subject: [Infowarrior] - The Business of Intelligence Gathering Message-ID: <085AD61C-976C-4445-A0F9-C8EAD9215255@infowarrior.org> June 15, 2008 Off the Shelf The Business of Intelligence Gathering By HARRY HURT III http://www.nytimes.com/2008/06/15/business/15shelf.html?_r=1&oref=slogin&pagewanted=print AMERICA is ruled by an ?intelligence-industrial complex? whose allegiance is not to the taxpaying public but to a cabal of private- sector contractors that have disgraced our national image and potentially compromised our national security for the sake of making profits. That is the central thesis of ?Spies for Hire: The Secret World of Intelligence Outsourcing? by Tim Shorrock (Simon & Schuster, $27). Mr. Shorrock is an investigative journalist who has contributed to The Nation, Harper?s Magazine, Mother Jones, Salon and various newspapers. His writing here is closer in style to a corporate annual report than to a magazine feature, and he makes extensive use of secondary sources like other books. But his book is worth plowing through because of its disturbing overview of the intelligence community, also known as ?the I.C.? Mr. Shorrock says our government is outsourcing 70 percent of its intelligence budget, or more than $42 billion a year, to a ?secret army? of corporate vendors. Because of accelerated privatization efforts after 9/11, these companies are participating in covert operations and intelligence-gathering activities that were considered ?inherently governmental? functions reserved for agencies like the Central Intelligence Agency, he says. The roster of outside intelligence contractors includes behemoths like AT&T and Verizon Communications and lesser-known companies like the military contractor CACI International. Remember, the telecommunications companies are said to have willingly aided the National Security Agency?s warrantless eavesdropping program and a program capable of monitoring the Internet communications of virtually every American, Mr. Shorrock tells us. CACI?s contract interrogators have been accused of introducing some of the most brutal practices at the Abu Ghraib prison in Iraq, including the use of attack dogs. (The company has denied the accusations.) But the Pentagon has given CACI a three-year, $156 million contract to provide information technology support and training to instructors at the Army?s intelligence school at Fort Huachuca, Ariz. Mr. Shorrock cites instances of spy industry corruption, like the case of Randy Cunningham, the former Republican congressman convicted of taking $2.4 million in bribes for steering government business to two military contractors. But some of the book?s most intriguing assertions concern the permeating influence of the consulting firm Booz Allen Hamilton. In 2006, Mr. Shorrock reports, Booz Allen amassed $3.7 billion in revenue, much of which came from classified government contracts exempt from public oversight. Among its more than 18,000 employees are R. James Woolsey, the former C.I.A. director, and Joan Dempsey, a former longtime United States intelligence official who declared in a 2004 speech, ?I like to refer to Booz Allen as the shadow I.C.? The ?revolving door? between Booz Allen and the I.C. is personified by Mike McConnell, who joined the firm after serving as head of the National Security Agency under President Bill Clinton, only to return as director of national intelligence under President Bush. Mr. Shorrock says Mr. McConnell is the only person who has ?gone from a top position with industry into the most senior leadership position in the nation?s spy system.? Another company, the Science Applications International Corporation of San Diego, is one of the top five C.I.A. contractors and a particularly favored vendor of the National Security Agency, the book says. Mr. Shorrock says that ?so many N.S.A. officials have gone to work for S.A.I.C. that intelligence insiders call it ?N.S.A. West.? ? Mr. Shorrock has a major concern with the sheer extent of intelligence outsourcing and whether it increases the potential for sensitive information to fall into the wrong hands. Even the task of administering the government?s database for tracking outside contracts, he says, has been outsourced to a private-sector contractor. But the government has yet to identify which intelligence functions are safe to outsource and which aren?t, he says. ?As a result,? he writes, ? decisions about contracting are still being made on the fly with little regard to their short- and long-term consequences.? MUCH of Mr. Shorrock?s terminology may seem to have a left-wing taste to it, but plenty of it comes directly from conservatives. In fact, he says the term ?intelligence-industrial Complex? was coined (with a nod to Dwight D. Eisenhower?s 1961 reference to the nation?s ?military- industrial complex?) by Herbert A. Browne. Mr. Browne is a retired vice admiral turned AT&T executive and a former executive director of the Armed Forces Communications and Electronics Association, an industry trade group. ?The fact that we can have a professional intelligence organization outside of the government to support the government is no more offensive to me than the fact that we have 80 percent of our military communications traveling on commercial satellites or commercial fiber optics,? Mr. Browne tells the author. ?In fact, I find it very healthy for the nation.? Mr. Shorrock unequivocally believes otherwise. ?In the end, if America is to reform its intelligence apparatus, decisions about resources and structure must be made by its citizens through the government they elected ? not by outside contractors like Booz Allen Hamilton and S.A.I.C.,? he writes. ?The spies for hire may not like the idea of subjecting the intelligence process to more oversight, but they?re not the ones paying the bill. It?s high time that we returned intelligence to its rightful owners, the American public and its representatives in Congress.? Meanwhile, it appears that there?s no business like the spy business, and the spy business is nobody?s business but its own. From rforno at infowarrior.org Mon Jun 16 11:30:58 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 16 Jun 2008 07:30:58 -0400 Subject: [Infowarrior] - More on movies going to cable before DVD Message-ID: <3C4F8E26-DBB5-4F04-B2AA-82745B4BB358@infowarrior.org> More on movies going to cable before DVD http://opinion.latimes.com/bitplayer/2008/06/more-on-movies.html An astute reader of my earlier post regarding a possible new, earlier window for movies at home pointed out something significant that I'd missed. Rather than being an isolated initiative, the earlier window fits into a continuum of efforts to create a secure, copy-protected pathway into and around the home for high-def programming. Those efforts could eventually give Hollywood inordinate influence over the technologies used in home networks and device-to-device communications. To recap: the MPAA has asked the Federal Communications Commission to let it use a copy protection technique called "selectable output control" on high-def movies made available through cable and satellite TV operators before the titles were available on DVD. SOC enables studios to turn off the analog and unencrypted digital outputs from cable boxes and satellite receivers to prevent unauthorized copying. The FCC had banned the technique for existing services, such as pay per view, but left the door open to it being used in connection with an innovative new offering. The MPAA's petition says that titles would be affected only during the period prior to their release on DVD. Once the movie is in Blockbuster, the people who'd been shut out by SOC -- those whose TV sets relied on analog or unencrypted digital inputs -- would have no trouble viewing it. But a pair of footnotes that I'd overlooked in the petition point out that next-generation home-video formats may also include SOC. These include downloadable movies and Blu-ray discs. So if Hollywood restricts high-def releases of movies to the new early- release window, Blu-ray discs and downloadable files, it could make SOC the rule, not the exception -- at least until the films reach HBO and broadcast TV. That's not to begrudge Hollywood's desire for more protection on high- def titles. The problem here, IMHO, is the potential for the studios to control which protection technologies devices use. Under the FCC's broadcast flag rules (which a federal court struck down in 2005), the commission, not copyright holders, had the power to decide which anti- piracy techniques were acceptable. One example of why this matters: the commission approved the anti-piracy scheme for TiVo's TiVo To Go feature over the objections of the MPAA and the NFL. But with SOC, the FCC has no say over what's an acceptable level of protection. That leaves Hollywood with a great deal of sway over which anti-piracy technologies get deployed. Of course, the studios want their movies to be seen, too. If consumers rally behind home entertainment and networking equipment that's not compatible with the studios' favored protection techniques, the studios will have to adapt to that reality. That's one of the reasons the major record companies finally embraced unprotected MP3 files -- they proved to be the best way to reach the largest audience. From rforno at infowarrior.org Mon Jun 16 11:33:15 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 16 Jun 2008 07:33:15 -0400 Subject: [Infowarrior] - UK v US legisator contrasts on civil liberties Message-ID: British debate highlights the cravenness and complicity of congressional Democratic "leaders" The intense and escalating political dispute in Britain over civil liberties is interesting in its own right, but it also vividly illustrates how craven and barren our own political system -- and the U.S. Democratic Party -- have become. The sacrifices now being made by British politicians of all parties in opposition to expanded government detention and surveillance powers is, with a few noble exceptions, exactly what our political elite in the Bush era have been -- and still are -- too afraid or too craven to undertake. As the Democratic Party prepares this week to endorse the Bush administration's illegal spying program and immunize telecoms which deliberately broke our surveillance laws for years, these contrasts become even more acute. < - > http://www.salon.com/opinion/greenwald/2008/06/15/britain/ From rforno at infowarrior.org Mon Jun 16 11:42:40 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 16 Jun 2008 07:42:40 -0400 Subject: [Infowarrior] - AP to Set Guidelines for Using Its Articles in Blogs Message-ID: <95256356-F075-483A-A3FC-0C94B78E2D5E@infowarrior.org> The Associated Press to Set Guidelines for Using Its Articles in Blogs http://www.nytimes.com/2008/06/16/business/media/16ap.html By SAUL HANSELL Published: June 16, 2008 The Associated Press, one of the nation?s largest news organizations, said that it will, for the first time, attempt to define clear standards as to how much of its articles and broadcasts bloggers and Web sites can excerpt without infringing on The A.P.?s copyright. The A.P.?s effort to impose some guidelines on the free-wheeling blogosphere, where extensive quoting and even copying of entire news articles is common, may offer a prominent definition of the important but vague doctrine of ?fair use,? which holds that copyright owners cannot ban others from using small bits of their works under some circumstances. For example, a book reviewer is allowed to quote passages from the work without permission from the publisher. Fair use has become an essential concept to many bloggers, who often quote portions of articles before discussing them. The A.P., a cooperative owned by 1,500 daily newspapers, including The New York Times, provides written articles and broadcast material to thousands of news organizations and Web sites that pay to use them. Last week, The A.P. took an unusually strict position against quotation of its work, sending a letter to the Drudge Retort asking it to remove seven items that contained quotations from A.P. articles ranging from 39 to 79 words. On Saturday, The A.P. retreated. Jim Kennedy, vice president and strategy director of The A.P., said in an interview that the news organization had decided that its letter to the Drudge Retort was ?heavy-handed? and that The A.P. was going to rethink its policies toward bloggers. The quick about-face came, he said, because a number of well-known bloggers started criticizing its policy, claiming it would undercut the active discussion of the news that rages on sites, big and small, across the Internet. The Drudge Retort was initially started as a left-leaning parody of the much larger Drudge Report, run by the conservative muckraker Matt Drudge. In recent years, the Drudge Retort has become more of a social news site, similar to sites like Digg, in which members post links to news articles for others to comment on. But Rogers Cadenhead, the owner of the Drudge Retort and several other Web sites, said the issue goes far beyond one site. ?There are millions of people sharing links to news articles on blogs, message boards and sites like Digg. If The A.P. has concerns that go all the way down to one or two sentences of quoting, they need to tell people what they think is legal and where the boundaries are.? On Friday, The A.P. issued a statement defending its action, saying it was going to challenge blog postings containing excerpts of A.P. articles ?when we feel the use is more reproduction than reference, or when others are encouraged to cut and paste.? An A.P. spokesman declined Friday to further explain the association?s position. After that, however, the news association convened a meeting of its executives at which it decided to suspend its efforts to challenge blogs until it creates a more thoughtful standard. ?We don?t want to cast a pall over the blogosphere by being heavy- handed, so we have to figure out a better and more positive way to do this,? Mr. Kennedy said. Mr. Kennedy said the company was going to meet with representatives of the Media Bloggers Association, a trade group, and others. He said he hopes that these discussions can all occur this week so that guidelines can be released soon. Still, Mr. Kennedy said that the organization has not withdrawn its request that Drudge Retort remove the seven items. And he said that he still believes that it is more appropriate for blogs to use short summaries of A.P. articles rather than direct quotations, even short ones. ?Cutting and pasting a lot of content into a blog is not what we want to see,? he said. ?It is more consistent with the spirit of the Internet to link to content so people can read the whole thing in context.? Even if The A.P. sets standards, bloggers could choose to use more content than its standards permit, and then The A.P. would have to decide whether to take legal action against them. One important legal test of whether an excerpt exceeds fair use is if it causes financial harm to the copyright owner. ?The principal question is whether the excerpt is a substitute for the story, or some established adaptation of the story,? said Timothy Wu, a professor at the Columbia Law School. Mr. Wu said that the case is not clear-cut, but he believes that The A.P. is likely to lose a court case to assert a claim on that issue. ?It?s hard to see how the Drudge Retort ?first few lines? is a substitute for the story,? Mr. Wu said. Mr. Kennedy argued, however, that The Associated Press believes that in some cases, the essence of an article can be encapsulated in very few words. ?As content creators, we firmly believe that everything we create, from video footage all the way down to a structured headline, is creative content that has value,? he said. But he also said that the association hopes that it will not have to test this theory in court. ?We are not trying to sue bloggers,? Mr. Kennedy said. ?That would be the rough equivalent of suing grandma and the kids for stealing music. That is not what we are trying to do.? From rforno at infowarrior.org Mon Jun 16 19:06:59 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 16 Jun 2008 15:06:59 -0400 Subject: [Infowarrior] - Spyware bill cloaks a mini-UCITA References: Message-ID: Begin forwarded message: > From: Monty Solomon > > Spyware bill cloaks a mini-UCITA > > By Ed Foster, Section The Gripelog > Posted on Mon Jun 16, 2008 at 01:02:19 AM PDT > > The holy grail for the software industry's political muscle has long > been what in UCITA was called "electronic self help" - the right of > software publishers to remotely disable their software on the mere > suspicion that it hasn't been paid for. UCITA was ultimately stopped, > but last Wednesday the Senate Commerce Committee held a hearing on a > bill that nominally is supposed to fight spyware but seems intended > to make remote disabling legal. > > http://www.gripe2ed.com/scoop/story/2008/6/16/1219/71034 From rforno at infowarrior.org Tue Jun 17 11:17:54 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 07:17:54 -0400 Subject: [Infowarrior] - Fwd: Ride a bike without a light, get tasered and charged References: Message-ID: <8D4A6233-95F0-4DB4-8070-4C8C2B834523@infowarrior.org> (c/o DanO) Begin forwarded message: > > > > > > Man on a bike is tackled, then tasered by Portland Police > > Posted by Jonathan Maus (Editor) on June 11th, 2008 at 4:20 pm > Photo from the scene at SE 7th and Alder > last night. > > A Portland man says he was tackled, pushed off his bike, and then > tasered repeatedly by a Portland Police officer in Southeast > Portland last night. > > The Portland Police Bureau, in a written statement about the > incident, say that Phil Sano (a.k.a. "Rev Phil") did not have a > front light on his bicycle and that he refused to stop when officers > requested. > > The incident occurred around 9:30pm on SE 7th Street, just north of > SE Morrison Ave. Phil Sano says he was riding along and felt cold, > so he went to zip up his jacket. Then, in an email he sent me just > hours after the incident, he wrote, > > "Across the street a man in all black shouted at me and started > walking my way. I stopped pedaling, but didn't stop because my hands > were not on my brakes. He then sprinted, lunged and tackled me. I > then scuffled to separate him and stood apart from him in a > defensive position." > > Then, Sano says, he was tasered several times. > > "I felt a sharp sting in my back and heard a repetitive clicking. I > turned around to see that I was being tasered!" > > At that point, Sano maintains he still did not know what was going > on and he repeatedly asked the officers to explain what he had done > wrong. At that point, Sano says two officers were holding him down > and he could still feel the taser charge flowing into his back. > > "I was still freaked out and yelled again, why are you shooting me?" > > Sano says the cops yelled for him to "get down", but that he still > had no idea who was accosting him. He wrote, "It was pretty dark and > they were wearing all black without any sort of shiny badge?. They > looked kinda' like cops, but generally cops do not tackle bikers > unless it is Critical Mass." > > According to Sano, he was tasered "point blank" in the chest and the > lower back and that he began to "spasm out of control as the surge > of electricity involuntarily constricted" his muscles. > > "?the cop took two steps after him, grabbed him by the shirt, yanked > him off the bike, ran hum up the sidewalk and slammed him against > the wall and then right away started tasing him." > -Diana Spartis (she witnessed the entire incident) > > After pleading repeatedly for them to stop, Sano says they continued > and that, "without question, I could tell they enjoyed seeing me > become so helpless, so weak. It was humiliating." > > Once the tasering stopped, Sano said he laid in a small puddle of > his own urine, breathing irregularly and "seething with rage". > > "I can still feel their knee on my neck as I write this, but even > then I knew they were in the wrong? really, really fucking wrong." > He added, "There was no cause for such violence; I was not harming > anyone and I made sure that everyone within earshot knew it." > > Sano says that all the while, a barb from the taser remained lodged > in his chest. Luckily, he remembers, a passing ambulance heard him > screaming, stopped on the scene, and removed the electrode from his > chest. Sano says that the EMT, "was very concerned" that his > speeding heart rate would not slow down. > > Once everything calmed down, Sano says the cops told him that he was > stopped because he didn't have a front light. > > Sano admits he didn't have his front light on his bike, because > someone had stolen the cradle it attaches to. He says the cops found > his light in his fannypack a few minutes later. > > According to Sano's recollection of the incident, he heard Officer > Smith say, "You should have stopped when I told you to. Then none of > this would be necessary." > > A written statement just released by the Portland Police Bureau's > Public Information Officer Brian Schmautz says that the officers > were in uniform and were dealing with another woman and had "turned > on their lights to alert traffic while they talked to her."* > > Then, writes Schmautz, they saw Sano roll by without a light and, > "One of the officers told Sano to stop, but Sano ignored him." Here > is the rest of Schmautz's statement: > > "The officer, then reached out to stop Sano and they began to > struggle. Sano refused to comply with any of the officers orders and > continued to resist until additional officers arrived. The officers > attempted to Taser Sano, but it was ineffective because of Sano's > clothing. > > Sano was eventually arrested and taken to jail. Sano apparently > admitted he had been drinking, but was not given field sobriety > tests because the officers were not arresting him for DUII. FYI, the > officers checked Sano's history and learned that the Police Bureau > had given Sano a warning for a bike light and a free bike light in > the past." > > _________ > > Diana Spartis, a 28 year-old Sellwood resident, was being cited for > not having a light on her bike when the incident took place. On the > phone with me this morning, she said Officer Smith was telling her > about the importance of having a light when Sano rode by on the > other side of the street. > > Spartis says the Officer noticed Sano also didn't have a front light > then yelled at him to stop. She then told me, "He [Sano] didn't stop > immediately, and the cop took two steps after him, grabbed him by > the shirt, yanked him off the bike, ran him up the sidewalk and > slammed him against the wall and then right away started tasing him." > > Sartis recollects that she was "maybe 50 feet away" and says, "I did > not see him [Sano] do anything physical to the cops? he wasn't > cooperating fully, but he also wasn't doing anything that should > have provoked them that much. He was screaming, 'no! no!, why are > you doing this?'" > > _________ > > The two officers involved in the incident were Officers Erin Smith > and Ron Hoesly. Both are members of the Traffic Division. > > I have no knowledge of Officer Smith other than this report from a > Critical Mass ride back in February of 2005. > > Officer Hoesly is a motorcycle cop. Back in August of 2006 I joined > Officer Hoesly for a ride-along. I frequently see Hoesly around town > and he is always friendly and congenial. > > Hoesly and Smith initially charged Sano with Resisting Arrest, > Attempted Escape III, and Disorderly Conduct. He was also cited for > not having a front light (ORS 815.280) and Failure to Obey a Police > Officer (ORS 811.535). > > (UPDATED*) At his arraignment at the Justice Center in downtown > Portland a few hours ago, Sano says the clerk told him he had been > given a "no-charge". *According to a source who is a lawyer that > means (for whatever reason) the case is not going forward, but the > charges can brought back to life at a later date. My source says > this could be an indication that either the police or the DA's > office didn't think they could prove, or didn't want to try to > prove, the charges. > > This isn't the first time Sano has had run-in with the police. > During the 2006 World Naked Bike Ride, Sano was involved in an > altercation with an off-duty police officer who was the passenger in > a motor vehicle that was being held up during the ride. Sano alleged > that the vehicle's driver tried to run him over. > > In that case, Sano was charged with several misdemeanors (including > Criminal Mischief and Disorderly Conduct) and faced 2 1/2 years in > jail. The case was ultimately dismissed and Sano was set free.** > > (This incident is being discussed on the Zoobomb Forum and in the > Portland Bike Forums.) From rforno at infowarrior.org Tue Jun 17 11:35:54 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 07:35:54 -0400 Subject: [Infowarrior] - Speaking of tasers, a question Message-ID: (cc'd a few places) Funny how we read and see "taser abuse" stories on a regular basis yet not many stories about "abusive shootings". One thing that's bugged me about tasers and other so-called "non- lethal weapons" such as sticky foam, slick suds, laser dazzlers, sonic beams, heat waves, and other technologies is that it makes it far more likely that the person wielding it will shoot-first since they know it likely won't kill the target. I always believe that (in terms of military NLWs) that blood, injury, and death makes war unpalatble to most (civilized) people and as a result serves as a rudimentary form of deterrent to civilized societies. Know that a cop will SHOOT you vice TASE you, and you'll likely give them a moment of your time instead of running from them. That sends a very strong message of "don't f--k with the cops (when properly) doing their jobs." I daresay if you remove the blood, injury, and potential for death from the employment of a weapon or other 'personnel control device' for the military or law enforcement, you end up making it far more likely such items will be used frequently, if not abused -- but the end result is a form of social control that appears "safer" and more "humane" and thus more "agreeable" to people because it offers a "way out" for mistakes and avoiding accountability for its employment. Think about it: if you wrongly taser someone, your job is likely safe because you "didn't shoot" or kill the target and even if you were wrong, the victim didn't "suffer" much -- but if you wrongly shoot (and/or kill) someone your career likely is over because, well....injury or death by gunfire is so disturbing to modern society. So perhaps the taser also is viewed as a silent form of job security for law enforcement and less about providing them a "graduated response" to perceived threats? Anyone else feel the same way? Opinions will be collected and shared with all. -rf From rforno at infowarrior.org Tue Jun 17 18:08:36 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 14:08:36 -0400 Subject: [Infowarrior] - The 50-State Strategy to Sell Cyber Command Message-ID: The 50-State Strategy to Sell Cyber Command 06/13/08 http://www.nextgov.com/site_services/print_article.php?StoryID=ng_20080613_6536 One way to secure the Hill's backing -- and bucks -- for any new program is to spread it over as many states and congressional districts as possible. The new Air Force Cyber Command takes this approach to its ultimate limit: The service plans a cyber unit in every state, according to a briefing given in April by Maj. Gen. William Lord, the Cyber Command chief. The briefing was sent to me by a source who chooses to remain anonymous. The very crowded slide of the 50 states that Lord presented at the Scope Warrior Spring Symposium, a gathering of top Air Force communications and information technology folks, looks like a bit of cyber-rebranding of the service's existing IT functions. The majority of the sites, which will come under the Cyber Command umbrella, are designated as so-called network operations, a fancy way to describe the circuits and connections that already exist to serve those bases. While this is just putting a new name on old operations, it helps to include all 50 states in the count, which then bolsters the sales job. The real centers of power, in what Lord called in his slides ?AF Distributed Cyber Enterprise,? are eight bases located in the East, Midwest and South: Networked Computer Operations: Bolling Air Force Base, Washington Theater Operations Integration: Langley Air Force Base, Va. Information Systems: Rome Laboratory, N.Y. Cyber Operations Integration: Barksdale Air Force, La. Information Operations: Lackland Air Force Base, Texas Space Operations Integration: Peterson Air Force Base, Colo. Global Operations Integration: Offutt Air Force Base, Neb. Global Networks: Scott Air Force Base, Ill. Then there?s the command's new headquarters, which has sparked a sweepstakes that at least 18 states have entered. The Air Force plans to announce in September 2009 its decision on where to locate the headquarters. I guess the consolation prize will be one of the smaller, rebranded cyber units the command has decided to sprinkle around the country. It?s About Network Attack During the past year, the Air Force has made it clear that the primary focus of the new Cyber Command will be the ability to attack an enemy?s networks, and Lord?s presentation reinforces this point. In a slide under the heading of "Global Power," network and electronic attack capabilities take precedence over cyber deterrence. Lord emphasized that the command?s mission is to ?provide robust, survivable access to cyberspace, with offensive and defensive capabilities.? I'm hopeful that the Cyber Command can work out a way to conduct these attack missions without knocking out the 6 million Web pages linked to Paris Hilton and the 2 million or so Web pages dedicated to tracking the ups and downs of Britney Spears. New Jobs, New Slogan, New Badge It?s hard to have a cyber command without cyber warriors. To that end, Lord disclosed that the Air Force plans to develop a cyber career field for officer, enlisted and civilian personnel that will subsume venerable specialties in the communications and electronics field under the new cyber brand. Lord also floated what could be a new slogan for the Cyber Command: "Transforming Warfare . . . Byte By Byte." I love it. It's punchy, to the point and better than a mission statement. But you can?t set up a new command without a new badge, and Lord unveiled the cyber operator badge, which has what looks like four satellite orbits spaced evenly around the globe on what is the original Air Force badge. From rforno at infowarrior.org Tue Jun 17 23:46:50 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 19:46:50 -0400 Subject: [Infowarrior] - more on....taser discussion Message-ID: From a security analyst in Los Angeles: This doesn't seem to be the case for cops in Los Angeles and New York at least, and perhaps in other cities. I'd venture to guess that across the South and Southwest it's not a factor either. From a LEO in Oklahoma: I disagree, at least where I work, and will explain why. I spend part of my time each month in a patrol car being the pointy end of the stick in my hometown, or teaching at our police academy helping the officers hone their skills on the range. I?ve been doing that for 16 years now and have watched the migration from the sap/slapper/flashlight to nightsticks, asps (expandable) batons, kinetic batons (shotgun or 37mm) on to our current standard of pepper spray, tasers and the resurgence of side handle batons. I've also watched the demographics of the coppers change as us old guys wear out. I really did not think I had a shelf life but some of the new kids think so...I have also watched the use of force continuum change and adapt as the tool box morphed. I will say that I have had to swing my asp way more tehn I ever do anything with my side handle baton. They look at that and generally just sit down. The asp never was much of a threat. In listening to the briefs, and teaching at the range, and looking over reports at least in my local there is very limited use of the taser. Each time its used there is the required justification they have to write followed by the almost inevitable investigation into the use of force, often with the threat of lawsuit from the recipient. We have 131 sworn, and I can count on one hand the tases this year, a couple include dogs that in years past would no be here for their owners. We have as of yet to have a improper tasing, and we have been using them for going on 4 years now. In that same time we have had less use of the gun and pepper spray, and less hurt officers from fights. We have had a few officers employ firearms over this time period, its often after the taser has failed to produce results and the situation has deteriorated to the need for the final outcome. Each level of force has its need. I have personally heard from bad guys on the street, "he has a taser" shouted from one to another. They have often commented afterwards the neighboring jurisdiction does not have those and they are more likely fo "fight the cops over there". Its fine with me when they see the taser that they stop resisting before its deployed. I think the quality of training and professionalism of any department plays a big part in how the officers conduct themselves on the street. I would imagine the results we see here are not repeated in every locale across the nation but would hope that they are more the standard then not. ...and from a well-known security curmudgeon: i'm the last one to blindly believe a cop, but even this guy's story has all the elements of "he deserved it". : > The Portland Police Bureau, in a written statement about the : > incident, say that Phil Sano (a.k.a. "Rev Phil") did not have a : > front light on his bicycle and that he refused to stop when officers : > requested. 1. refusing to stop : > The incident occurred around 9:30pm on SE 7th Street, just north of : > SE Morrison Ave. Phil Sano says he was riding along and felt cold, : > so he went to zip up his jacket. Then, in an email he sent me just : > hours after the incident, he wrote, 2. suspicious motion, possibly concealing a weapon There you go, two things that justify a cop taking action to protect himself. : > "Across the street a man in all black shouted at me and started : > walking my way. I stopped pedaling, but didn't stop because my hands : > were not on my brakes. He then sprinted, lunged and tackled me. I : > then scuffled to separate him and stood apart from him in a : > defensive position." I have a feeling that he left out the shouting involved "stop police" and that the "man in all black" was standing in front of a police car. : > According to Sano, he was tasered "point blank" in the chest and the : > lower back and that he began to "spasm out of control as the surge : > of electricity involuntarily constricted" his muscles. if he was tasered by two cops, that will be trivial to prove as the taser devices are well tracked, leave evidence and are really no different than firing their gun (casings, ammo tracking, etc). as best I know, their procedure would have ONE cop tasering, any others to help bring him under control. getting a double shot of taser would likely be excessive and easy proven. : > "?the cop took two steps after him, grabbed him by the shirt, yanked : > him off the bike, ran hum up the sidewalk and slammed him against : > the wall and then right away started tasing him." : > -Diana Spartis (she witnessed the entire incident) i was in a car wreck a long time ago and an 'eye witness' lied about what she saw because she was hispanic and the other person involved in the accident was hispanic. : > Sano says that all the while, a barb from the taser remained lodged : > in his chest. Luckily, he remembers, a passing ambulance heard him : > screaming, stopped on the scene, and removed the electrode from his : > chest. Sano says that the EMT, "was very concerned" that his : > speeding heart rate would not slow down. bet you five bucks the EMT was called by the police, standard procedure after tasing, specifically to remove the barbs. : > Sano was eventually arrested and taken to jail. Sano apparently : > admitted he had been drinking, but was not given field sobriety : > tests because the officers were not arresting him for DUII. FYI, the : > officers checked Sano's history and learned that the Police Bureau : > had given Sano a warning for a bike light and a free bike light in : > the past." amazing how this story seems just as reasonable as Sano's : > Sartis recollects that she was "maybe 50 feet away" and says, "I did : > not see him [Sano] do anything physical to the cops? he wasn't : > cooperating fully, but he also wasn't doing anything that should : > have provoked them that much. He was screaming, 'no! no!, why are : > you doing this?'" he admits he was zipping up his jacket, the exact second a cop was approaching or engaging him. WHILE on his bike? come on.. : > This isn't the first time Sano has had run-in with the police. : > During the 2006 World Naked Bike Ride, Sano was involved in an : > altercation with an off-duty police officer who was the passenger in : > a motor vehicle that was being held up during the ride. Sano alleged : > that the vehicle's driver tried to run him over. : > : > In that case, Sano was charged with several misdemeanors (including : > Criminal Mischief and Disorderly Conduct) and faced 2 1/2 years in : > jail. The case was ultimately dismissed and Sano was set free.** and a history of this kind of 'misunderstanding' too... From rforno at infowarrior.org Wed Jun 18 01:41:51 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 21:41:51 -0400 Subject: [Infowarrior] - TechCrunch's Policy on AP Stories Message-ID: <70D638D9-F5F6-469C-AF1E-2CF1C26D488A@infowarrior.org> Bravo, Mike, Bravo!!! ---rf http://www.techcrunch.com/2008/06/16/heres-our-new-policy-on-ap-stories-theyre-banned/ < - > So here?s our new policy on A.P. stories: they don?t exist. We don?t see them, we don?t quote them, we don?t link to them. They?re banned until they abandon this new strategy, and I encourage others to do the same until they back down from these ridiculous attempts to stop the spread of information around the Internet. From rforno at infowarrior.org Wed Jun 18 01:59:59 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 21:59:59 -0400 Subject: [Infowarrior] - US FPS cuts patrols, cites funding shortfall Message-ID: <40C81A52-E046-48FA-9688-6F365091BBC7@infowarrior.org> Security Provider Cuts Patrols Financial Troubles Hamper Federal Protective Service By Mary Beth Sheridan Washington Post Staff Writer Wednesday, June 18, 2008; B01 http://www.washingtonpost.com/wp-dyn/content/article/2008/06/17/AR2008061702287_pf.html The police agency in charge of protecting many federal buildings is so short-staffed that it has cut outdoor patrols aimed at detecting suspicious individuals and car bombs, according to a report to be released today. The study, by the Government Accountability Office, was requested by the leaders of five congressional committees after earlier hearings raised concern about the Federal Protective Service. The protective service provides security for more than 1 million federal employees at about 9,000 buildings in the D.C. area and across the country. Caught in a cash squeeze in recent years, the agency has reduced its staff by about 20 percent, to 1,100 officers, the study said. They oversee about 15,000 contract security guards at the facilities. Del. Eleanor Holmes Norton (D-D.C.), head of a House subcommittee on public buildings that has scheduled a hearing today on the report, said it reflected a troubling deterioration in the service. "The final report leaves no doubt that Congress must take action before the session ends to assure federal employees . . . are fully protected," she said. The report is also the subject of a Senate subcommittee hearing tomorrow. The GAO study, conducted from April 2007 to this month, notes that the protective service is hiring 150 officers and strengthening its finances. However, the actions "may not fully resolve" the security problems, according to a copy of the report obtained by The Washington Post. The report traces the protective service's difficulties to its absorption by the Department of Homeland Security in 2003. The service lost a $139 million annual subsidy it had received as part of the General Services Administration and slid into financial turmoil. The protective service responded by reducing officers and focusing them on overseeing the contract guards. The service said it would seek help from local police forces in responding to crime at facilities. The report criticized that strategy, saying that it "has diminished security at GSA facilities and increased the risk of crime or terrorist attacks" at many buildings. At many facilities, officers no longer patrol to prevent or detect crime, the report said. As a result, "law enforcement personnel cannot effectively monitor individuals surveilling federal buildings, inspect suspicious vehicles (including potential vehicles for bombing federal buildings) and detect and deter criminal activity," the report said. The service also reduced officers' hours at many locations, the study said. Adding to the difficulties, many of the service's security cameras and X-ray machines have been broken "for months or years," the study said. The report highlighted problems with contract guards, who generally work at fixed posts and do not have arrest powers. Oversight of the guards is inadequate, with some posts inspected less than once a year, it said. In one incident, armed security guards stood idly by as a shirtless suspect wearing handcuffs on one wrist dashed through the lobby of a federal building with a Federal Protective Service officer in pursuit. The building was not identified in the report, but officers speaking on the condition of anonymity said it was a court-services facility in the District. The GAO investigators based their report on interviews and visits to seven of the 11 regions where the protective service works. While the report did not identify them, the regions include the D.C. area, according to protective service officers who spoke on the condition of anonymity. Less than 200 such officers work in this region, overseeing almost 6,000 security guards at federal buildings. As part of its strategy, the protective service had planned to cut its complement of officers to 950. However, Congress this year ordered the service to reverse course and boost the staff to 1,200. The GAO urged the service to make further changes, such as developing performance standards, improving data collection and clarifying its plans to gain help from local police in responding to crime. Gary Schenkel, who runs the Federal Protective Service, was unavailable for comment on the report yesterday, according to Ernestine Fobbs, a spokeswoman at Homeland Security. In a response included with the GAO report, a Homeland Security official did not dispute the conclusions. The official, Penelope McCormack, said that the service "has already undertaken considerable steps to implement the audit's findings." The steps include drawing up a strategic plan on staffing, adopting a risk assessment program and studying new funding mechanisms, she wrote. From rforno at infowarrior.org Wed Jun 18 02:02:33 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 22:02:33 -0400 Subject: [Infowarrior] - PGP 5.0 Source Code Books on Ebay Message-ID: <59C1BB9A-791F-4067-B959-BD9BF1CEEE07@infowarrior.org> For those crypto buffs among you..... PGP 5.0 Source Code Books Own a piece of the Internet crypto revolution! http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=200231858442 From rforno at infowarrior.org Wed Jun 18 02:12:54 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 17 Jun 2008 22:12:54 -0400 Subject: [Infowarrior] - Firefox 3 released Message-ID: <50FABD25-8C91-4938-A0F7-6D7BCD88E47D@infowarrior.org> So far, so good on my iMac. Much faster and feels more solid than FF2. Also finally has a more Mac-like interface. Just if you didn't know it was out yet. :) -rf From rforno at infowarrior.org Wed Jun 18 20:45:29 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 18 Jun 2008 16:45:29 -0400 Subject: [Infowarrior] - FCC Extends 'Do-Not-Call' Registry indefinately Message-ID: <197ACEA4-239B-44C7-8F6B-8E0D5D540DB5@infowarrior.org> FCC Extends 'Do-Not-Call' Registry http://blog.washingtonpost.com/small-business/?hpid=news-col-blog The popular national "Do-Not-Call" registry designed to stop unwanted telemarketers from calling consumers has been extended by the government agency overseeing the nation's communications systems. The previous rules said the registrations would expire after five years. The registry was set to expire this month, but the Federal Communications Commission yesterday released an order (pdf) saying new, amended rules mandate that "do-not-call registrations must be honored indefinitely, or until the registration is cancelled by the consumer of the telephone number is removed by the database administrator." Agency Chairman Kevin Martin said in a prepared statement (pdf) that the regulations would have begun to expire shortly "leaving millions of consumers without protection from unwanted telemarketing calls." "This rule change serves to minimize the inconvenience to consumers of having to re-register their phone numbers every five years and furthers the underlying goal of the Registry to protect consumer privacy rights," according to a document released by the FCC. "This will minimize confusion for those consumers that have chosen to avoid unwanted telemarketing calls and avoid the inconvenience of having to re-register every five years." Businesses of all sizes should note this extention so as not to suddenly begin telemarketing to members of this list. If your business is listed on the registry, then its privacy should remain in tact. President Bush signed a law (pdf) in February prohibiting the automatic removal of numbers from the registry. The same day, he also signed a measure (pdf) reducing the fees businesses must pay to access the registry. The Federal Trade Commission, which collects fees from registry users, now charges a $54 annual fee for each area code or data (the first five area codes are free) or $14,850 annually for access to every area code of data contained in the registry. Prior to this legislation, the FTC charged an annual fee of $62 per area code after the first five area codes or $17,050 per year for complete access. FTC data show that more than 157 million phone numbers have been included in the registry since it opened in June 2003. From rforno at infowarrior.org Fri Jun 20 00:51:39 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 19 Jun 2008 20:51:39 -0400 Subject: [Infowarrior] - Administration, Congress Settle Dispute Over Surveillance Message-ID: <7F032249-13F7-4230-ADAA-0750EDC9EBF1@infowarrior.org> Administration, Congress Settle Dispute Over Surveillance Deal Would Provide Some Telecom Immunity, Extend Government Powers By Paul Kane and Carrie Johnson Washington Post Staff Writers Thursday, June 19, 2008; 2:28 PM http://www.washingtonpost.com/wp-dyn/content/article/2008/06/19/AR2008061901545_pf.html The White House and Congress today reached a deal on the most comprehensive overhaul of the nation's intelligence surveillance laws in 30 years. It would provide potential retroactive immunity for telecommunications companies that previously cooperated with the Bush administration's warrantless wiretapping program and extend government surveillance powers. After months of negotiations between President Bush's top advisers and congressional leaders, the deal was announced today and set to be approved on the House floor tomorrow. Senate passage of the reauthorization of the Foreign Intelligence Surveillance Act, which had been held up since last summer largely because of fights about the immunity provision, would likely come next week. Some Democratic leaders have argued that the bill does not go far enough in protecting civil liberties. They were backed by groups such as the American Civil Liberties Union that have filed lawsuits against telecommunications companies for helping the government monitor phone calls and e-mails into and out of the United States without warrants after the Sept. 11, 2001, terrorist attacks. A key element of the new plan would give U.S. district courts the chance to evaluate whether telecommunications companies deserve retroactive protection from lawsuits. A previous proposal offered by Republicans would have put the question to the secret FISA court that approves warrants. The proposal would give retroactive immunity to telecommunications companies that can show the court that they received assurances from government officials that the program was legal and that they have "substantial evidence" in the form of classified letters from authorities to support their position. The immunity would cover companies that helped the government after the terrorist attacks until Jan. 17, 2007, when the surveillance program was brought under the secret FISA court. The retroactive legal protection would not apply to lawsuits filed against the government on behalf of people who say they suffered harm because of the surveillance. Caroline Frederickson, a lobbyist for the ACLU, said the court review into whether companies received government requests to take part in the warrantless eavesdropping amounts to little more than "window- dressing." "The telecom companies simply have to produce a piece of paper we already know exists, resulting in immediate dismissal," she said. Senate Judiciary Chairman Patrick J. Leahy (D-Vt.) immediately signaled his opposition, saying that bill "lacks accountability measures I believe are crucial" to allow for courts to rule on whether the wiretapping program is legal. Kevin Bankston, a senior staff attorney at the Electronic Frontier Foundation, which is suing AT&T over the surveillance, urged Sen. Barack Obama (Ill.), the presumptive Democratic nominee for president, to "be as vocal as possible in the coming weeks and to lead his party" in opposing the plan. "No matter how they spin [the compromise], it is still immunity," Bankston said. But House Majority Leader Steny H. Hoyer (Md.), who has been the lead Democratic negotiator with the White House and congressional Republicans, said this week that the bill is much better than the version approved earlier this year by the Senate, which allowed for no court review of the immunity. "It will accommodate the protection of civil liberties going forward," Hoyer said yesterday. The outlines of the deal bode poorly for more than 40 lawsuits filed against telecommunications providers such as AT&T, Verizon and Sprint for providing vast troves of customer data to government investigators after the terrorist attacks. Attorney General Michael B. Mukasey and leaders of the intelligence community have warned that if a deal to overhaul FISA were not struck this summer, valuable information that could help forestall terrorism might be lost. Democrats fought the administration over the immunity provision for the warrantless wiretapping program -- which many civil libertarians viewed as unconstitutional -- and delayed passage of the FISA overhaul. Instead, they passed the Protect America Act last August, providing some of the new laws needed to monitor suspected terrorists. FISA court orders that allowed continued surveillance while the legislation was debated are scheduled to expire early this August, according to administration officials. Critics question whether the data really would have been unavailable and whether the administration is citing a possible intelligence gap for political gain. "It looks like it was all give from the Democratic side and all take from the Republican side," ACLU's Frederickson said. From rforno at infowarrior.org Fri Jun 20 13:23:36 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jun 2008 09:23:36 -0400 Subject: [Infowarrior] - AP Quotes Blogger In Discussing Bloggers Quoting AP; Hilarity Ensues Message-ID: <09EABC43-B244-4090-9192-A9DB8EF8470E@infowarrior.org> AP Quotes Blogger In Discussing Bloggers Quoting AP; Hilarity Ensues The ongoing ridiculous situation brewing between bloggers and the Associated Press has now taken a turn towards the enjoyably hilarious. We had already mentioned the fact that, despite the AP's complaints that bloggers quoting less than 100 words were violating fair use, the AP had a long history of quoting more than 100 words from bloggers -- and not even linking back to the original blog. Now, in a bit of ultimate irony, the AP's own article about this brouhaha quoted (without linking) twenty-two words from TechCrunch. That's 18 words more than the supposed four word "limit" the AP has suggested. With an ironic chance that wide, TechCrunch's Michael Arrington couldn't resist, and asked his lawyer to send a DMCA takedown notice to the Associated Press, along with a bill for $12.50 (directly off the AP's own pricing schedule). He admits that it's ridiculous, but that's what his actions are designed to present. By law, the AP should be required to takedown the content before filing a response -- though, since it's filing the response to itself, then perhaps it won't need to takedown the content. Either way, this helps illustrate the insanity of the entire situation. < - > http://techdirt.com/articles/20080619/2203451460.shtml From rforno at infowarrior.org Fri Jun 20 13:26:46 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jun 2008 09:26:46 -0400 Subject: [Infowarrior] - NYT: Congress Strikes Deal to Overhaul Wiretap Law Message-ID: <7C68A5F7-A193-4EDA-B85F-CC96BDB8E45B@infowarrior.org> June 20, 2008 Congress Strikes Deal to Overhaul Wiretap Law By ERIC LICHTBLAU http://www.nytimes.com/2008/06/20/washington/20fisa.html?_r=1&hp=&oref=slogin&pagewanted=print WASHINGTON ? After months of wrangling, Democratic and Republican leaders in Congress struck a deal on Thursday to overhaul the rules on the government?s wiretapping powers and provide what amounts to legal immunity to the phone companies that took part in President Bush?s program of eavesdropping without warrants after the Sept. 11 attacks. The deal, expanding the government?s powers to spy on terrorism suspects in some major respects, would strengthen the ability of intelligence officials to eavesdrop on foreign targets. It would also allow them to conduct emergency wiretaps without court orders on American targets for a week if it is determined that important national security information would otherwise be lost. If approved, as appears likely, the agreement would be the most significant revision of surveillance law in 30 years. The agreement would settle one of the thorniest issues in dispute by providing immunity to the phone companies in the Sept. 11 program as long as a federal district court determined that they received legitimate requests from the government directing their participation in the program of wiretapping without warrants. With AT&T and other telecommunications companies facing some 40 lawsuits over their reported participation in the wiretapping program, Republican leaders described this narrow court review on the immunity question as a mere ?formality.? ?The lawsuits will be dismissed,? Representative Roy Blunt of Missouri, the No. 2 Republican in the House, predicted with confidence. The proposal ? particularly the immunity provision ? represents a major victory for the White House after months of dispute. ?I think the White House got a better deal than even they had hoped to get,? said Senator Christopher S. Bond, Republican of Missouri, who led the negotiations. The White House immediately endorsed the proposal, which is likely to be voted on in the House on Friday and in the Senate next week. While passage seems almost certain in Congress, the plan will nonetheless face opposition from lawmakers on both political wings, with conservatives asserting that it includes too many checks on government surveillance powers and liberals asserting that it gives legal sanction to a wiretapping program that they maintain was illegal in the first place. Senator Russ Feingold, Democrat of Wisconsin, who pushed unsuccessfully for more civil liberties safeguards in the plan, called the deal ?a capitulation? by his fellow Democrats. But Democratic leaders, who squared off against the White House for more than five months over the issue and allowed a temporary surveillance measure to expire in February, called the plan a hard- fought bargain that included needed checks on governmental abuse. ?It is the result of compromise, and like any compromise is not perfect, but I believe it strikes a sound balance,? said Representative Steny H. Hoyer of Maryland, the House Democratic leader who helped draft the plan. Perhaps the most important concession that Democratic leaders claimed was an affirmation that the intelligence restrictions were the ?exclusive? means for the executive branch to conduct wiretapping operations in terrorism and espionage cases. Speaker Nancy Pelosi had insisted on that element, and Democratic staff members asserted that the language would prevent Mr. Bush, or any future president, from circumventing the law. The proposal asserts ?that the law is the exclusive authority and not the whim of the president of the United States,? Ms. Pelosi said. In the wiretapping program approved by Mr. Bush after the Sept. 11 attacks, the White House asserted that the president had the constitutional authority to act outside the courts in allowing the National Security Agency to focus on the international communications of Americans with suspected ties to terrorists and that Congress had implicitly authorized that power when it voted to use military force against Al Qaeda. Among other important provisions in the 114-page plan, Democrats also pointed to requirements that the inspectors general of several agencies review the security agency?s wiretapping program, that the government obtain individual court orders to wiretap Americans who are outside the United States and that the secret court overseeing wiretaps give advance approval to the government?s procedures for wiretapping operations. Under a temporary plan that Congress approved last year, the court had to approve those procedures only months after wiretapping had begun. The wiretapping plan agreed upon Thursday would expire at the end of 2012, unless Congress renewed it. The proposal also seeks to plug what the Bush administration maintained was a dangerous loophole by no longer requiring individual warrants for wiretapping purely foreign communications, like phone calls and e-mail messages that pass through American telecommunications switches. The government would now be allowed to use broad warrants to eavesdrop on large groups of foreign targets at once. In targeting and wiretapping Americans, the administration would have to get individual court orders from the intelligence court, but in ?exigent? or emergency circumstances it would be able to go ahead for at least seven days without a court order if it asserted that ?intelligence important to the national security of the United States may be lost.? White House officials said that the new emergency provisions applied only to foreign wiretapping, but Democratic officials said they interpreted the proposal to apply to domestic surveillance operations as well. Under the current law, the government can conduct an emergency wiretap for only three days, but Democrats maintained that the new seven-day allowance included tougher standards for the government to meet in asserting an emergency. The arcane details of the proposal amount to a major overhaul of the landmark surveillance law known as the Foreign Intelligence Surveillance Act, which Congress passed in 1978 after the abuses of the Watergate era. But much of the debate over the bill in the last six months has been dominated by the separate question of whether to protect the phone companies from legal liability for their role in the eavesdropping program. On that score, the bipartisan proposal marks a clear victory for the White House and the phone companies. The proposal allows a district judge to examine what are believed to be dozens of written directives given by the Bush administration to the phone companies after the Sept. 11 attacks authorizing them to engage in wiretapping without warrants. If the court finds that such directives were in fact provided to the companies that are being sued, any lawsuits ?shall be promptly dismissed,? the proposal says. Even Democratic officials, who had initially opposed giving legal immunity to the phone companies, conceded there was a high likelihood that the lawsuits would have to be dismissed under the standards set out in the proposal. That possibility infuriated civil liberties groups, which said the cursory review by a district judge would amount to the de facto death of the lawsuits. ?No matter how they spin it, this is still immunity,? said Kevin Bankston, a senior lawyer for the Electronic Frontier Foundation, a pro-privacy group that is a plaintiff suing over the wiretapping program. ?It?s not compromise; it?s pure theater.? From rforno at infowarrior.org Fri Jun 20 21:56:33 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 20 Jun 2008 17:56:33 -0400 Subject: [Infowarrior] - MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits Message-ID: <9CF46C3F-EF2C-4F96-95BA-83B89621F76C@infowarrior.org> What a crock......rf MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits By David Kravets EmailJune 20, 2008 | 3:24:09 PMCategories: RIAA Litigation http://blog.wired.com/27bstroke6/2008/06/mpaa-says-no-pr.html The Motion Picture Association of America said Friday intellectual- property holders should have the right to collect damages, perhaps as much as $150,000 per copyright violation, without having to prove infringement. "Mandating such proof could thus have the pernicious effect of depriving copyright owners of a practical remedy against massive copyright infringement in many instances," MPAA attorney Marie L. van Uitert wrote Friday to the federal judge overseeing the Jammie Thomas trial. "It is often very difficult, and in some cases, impossible, to provide such direct proof when confronting modern forms of copyright infringement, whether over P2P networks or otherwise; understandably, copyright infringers typically do not keep records of infringement," van Uitert wrote on behalf of the movie studios, a position shared with the Recording Industry Association of America, which sued Thomas, the single mother of two. A Duluth, Minnesota, jury in October dinged Thomas $222,000 for "making available" 24 songs on the Kazaa network in the nation's first and only RIAA case to go to trial. United States District Court Judge Michael Davis instructed the 12 panelists that they need only find Thomas had an open share folder, not that anyone from the public actually copied her files. (It is technologically infeasible to determine whether the public is copying an open share folder, although the RIAA makes its own downloads from defendants' share folders, produces screen shots and, among other things, captures an IP address. An Arizona judge ruled last month in a different case that those downloads count against a defendant, a one-of-a-kind decision being appealed on grounds that the RIAA was authorized to download its own music.) Judge Davis suggested last month that he might have erred in giving that "making available" jury instruction, and invited briefing from the community at large. A hearing is set for August, and the judge is mulling whether to order a mistrial. The deadline to submit briefs to the judge was Friday. Among the briefs, the Electronic Frontier Foundation, Public Knowledge, the United States Internet Industry Association and the Computer and Communications Industry Association all jointly filed a brief, saying the law did not allow damages for "attempted" copyright infringement. "Given the serious consequences that flow from copyright?s strict liability regime, the court should resist plaintiffs imprecations to expand that regime absent an unequivocal expression of Congressional intent," the groups wrote, noting that the language in the Copyright Act demands actual distribution to the public of protected works. It was a similar brief in tone to the one that a group of 10 intellectual property scholars lodged earlier in the week. But the MPAA, long an ally to the RIAA, which has sued more than 20,000 individuals for file sharing of copyrighted music, told Judge Davis that peer-to-peer users automatically should be liable for infringement. "The only purpose for placing copyrighted works in the shared folder is, of course, to 'share,' by making those works available to countless other P2P networks," the MPAA wrote. (Click here for Threat Level's in-depth look at the Thomas case, its implications and Judge Davis' decision to rethink his jury instruction.) Other groups meeting Davis' deadline include the Intellectual Property Institute at William Mitchell College of Law and the Progress & Freedom Foundation. From rforno at infowarrior.org Sat Jun 21 12:28:42 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 21 Jun 2008 08:28:42 -0400 Subject: [Infowarrior] - Light posting next week.... Message-ID: <79498EB3-63EC-4D22-8758-4B9AEE04A299@infowarrior.org> I will be in Boston for business all next week, so list traffic (if any) will be quite light. -rick From rforno at infowarrior.org Sat Jun 21 13:09:37 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 21 Jun 2008 09:09:37 -0400 Subject: [Infowarrior] - WaPo: The Flight Watchmen Message-ID: A big about TSA, sky marshals, and passenger aviation security from tomorrow's WashPo Magazine section. Not sure how sexed-up this is compared to reality, but thought it worthy enough to post. The Flight Watchmen http://www.washingtonpost.com/wp-dyn/content/article/2008/06/19/AR2008061902627_pf.html The mantra of these folks? "We cannot be wrong. We have to be right." While a well-meaning and emotional goal in light of a national tragedy, I fear this Policy of Constant Worry (tm) -- reminiscent of the flawed 'One Percent Doctrine' espoused by Dick Cheney -- creates more noise, fear, paranoia and overall trouble than it's worth, no matter HOW well-intentioned it may be. -rf From rforno at infowarrior.org Sun Jun 22 02:56:19 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 21 Jun 2008 22:56:19 -0400 Subject: [Infowarrior] - AP: Everything seemingly is spinning out of control Message-ID: Everything seemingly is spinning out of control By ALAN FRAM and EILEEN PUTMAN, Associated Press WritersSat Jun 21, 3:14 PM ET http://news.yahoo.com/s/ap/20080621/ap_on_re_us/out_of_control&printer=1;_ylt=AvOwN0gklCtwE4UL0hmRUEtH2ocA Is everything spinning out of control? Midwestern levees are bursting. Polar bears are adrift. Gas prices are skyrocketing. Home values are abysmal. Air fares, college tuition and health care border on unaffordable. Wars without end rage in Iraq, Afghanistan and against terrorism. Horatio Alger, twist in your grave. The can-do, bootstrap approach embedded in the American psyche is under assault. Eroding it is a dour powerlessness that is chipping away at the country's sturdy conviction that destiny can be commanded with sheer courage and perseverance. The sense of helplessness is even reflected in this year's presidential election. Each contender offers a sense of order ? and hope. Republican John McCain promises an experienced hand in a frightening time. Democrat Barack Obama promises bright and shiny change, and his large crowds believe his exhortation, "Yes, we can." Even so, a battered public seems discouraged by the onslaught of dispiriting things. An Associated Press-Ipsos poll says a barrel- scraping 17 percent of people surveyed believe the country is moving in the right direction. That is the lowest reading since the survey began in 2003. An ABC News-Washington Post survey put that figure at 14 percent, tying the low in more than three decades of taking soundings on the national mood. "It is pretty scary," said Charles Truxal, 64, a retired corporate manager in Rochester, Minn. "People are thinking things are going to get better, and they haven't been. And then you go hide in your basement because tornadoes are coming through. If you think about things, you have very little power to make it change." Recent natural disasters around the world dwarf anything afflicting the U.S. Consider that more than 69,000 people died in the China earthquake, and that 78,000 were killed and 56,000 missing from the Myanmar cyclone. Americans need do no more than check the weather, look in their wallets or turn on the news for their daily reality check on a world gone haywire. Floods engulf Midwestern river towns. Is it global warming, the gradual degradation of a planet's weather that man seems powerless to stop or just a freakish late-spring deluge? It hardly matters to those in the path. Just ask the people of New Orleans who survived Hurricane Katrina. They are living in a city where, 1,000 days after the storm, entire neighborhoods remain abandoned, a national embarrassment that evokes disbelief from visitors. Food is becoming scarcer and more expensive on a worldwide scale, due to increased consumption in growing countries such as China and India and rising fuel costs. That can-do solution to energy needs ? turning corn into fuel ? is sapping fields of plenty once devoted to crops that people need to eat. Shortages have sparked riots. In the U.S., rice prices tripled and some stores rationed the staple. Residents of the nation's capital and its suburbs repeatedly lose power for extended periods as mere thunderstorms rumble through. In California, leaders warn people to use less water in the unrelenting drought. Want to get away from it all? The weak U.S. dollar makes travel abroad forbiddingly expensive. To add insult to injury, some airlines now charge to check luggage. Want to escape on the couch? A writers' strike halted favorite TV shows for half a season. The newspaper on the table may soon be a relic of the Internet age. Just as video stores are falling by the wayside as people get their movies online or in the mail. But there's always sports, right? The moorings seem to be coming loose here, too. Baseball stars Barry Bonds and Roger Clemens stand accused of enhancing their heroics with drugs. Basketball referees are suspected of cheating. Stay tuned for less than pristine tales from the drug-addled Tour de France and who knows what from the Summer Olympics. It's not the first time Americans have felt a loss of control. Alger, the dime-novel author whose heroes overcame adversity to gain riches and fame, played to similar anxieties when the U.S. was becoming an industrial society in the late 1800s. American University historian Allan J. Lichtman notes that the U.S. has endured comparable periods and worse, including the economic stagflation (stagnant growth combined with inflation) and Iran hostage crisis of 1980; the dawn of the Cold War, the Korean War and the hysterical hunts for domestic Communists in the late 1940s and early 1950s; and the Depression of the 1930s. "All those periods were followed by much more optimistic periods in which the American people had their confidence restored," he said. "Of course, that doesn't mean it will happen again." Each period also was followed by a change in the party controlling the White House. This period has seen intense interest in the presidential primaries, especially the Democrats' five-month duel between Obama and Hillary Rodham Clinton. Records were shattered by voters showing up at polling places, yearning for a voice in who will next guide the country as it confronts the uncontrollable. Never mind that their views of their current leaders are near rock bottom, reflecting a frustration with Washington's inability to solve anything. President Bush barely gets the approval of three in 10 people, and it's even worse for the Democratic-led Congress. Why the vulnerability? After all, this is the 21st century, not a more primitive past when little in life was assured. Surely people know how to fix problems now. Maybe. And maybe this is what the 21st century will be about ? a great unraveling of some things long taken for granted. From rforno at infowarrior.org Mon Jun 23 10:15:37 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 23 Jun 2008 06:15:37 -0400 Subject: [Infowarrior] - RIP, George Carlin Message-ID: http://www.etonline.com/news/2008/06/62841/index.html ET breaks the news that comedian George Carlin has died from heart failure. The man who made famous the "seven words you can never say on television" passed away at 5:55 p.m. Sunday at Saint John's Hospital in Santa Monica, his longtime publicist said. He was 71. Carlin, who has had several heart attacks and a history of cardiac issues, went into the hospital this afternoon after complaining of heart problems. Carlin has more than 20 comedy albums, 14 HBO specials, numerous TV and movie roles, and three best-selling books to his credit. Last year, he celebrated his 50th year in show business, and he had just finished his last HBO special in March, "It's Bad for Ya." From rforno at infowarrior.org Wed Jun 25 23:37:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 25 Jun 2008 19:37:38 -0400 Subject: [Infowarrior] - =?windows-1252?q?Intel_wont_Won=92t_Embrace_Micro?= =?windows-1252?q?soft=92s_Windows_Vista?= Message-ID: <2417570D-F63B-4125-9EB6-4C91F01400E3@infowarrior.org> Et Tu, Intel? Chip Giant Won?t Embrace Microsoft?s Windows Vista By Steve Lohr http://bits.blogs.nytimes.com/2008/06/25/et-tu-intel/index.html?hp Intel, the giant chip maker and longtime partner of Microsoft, has decided against upgrading the computers of its own 80,000 employees to Microsoft?s Vista operating system, a person with direct knowledge of the company?s plans said. The person, who has been briefed on the situation but requested anonymity because of the sensitivity of Intel?s relationship with Microsoft, said the company made its decision after a lengthy analysis by its internal technology staff of the costs and potential benefits of moving to Windows Vista, which has drawn fire from many customers as a buggy, bloated program that requires costly hardware upgrades to run smoothly. ?This isn?t a matter of dissing Microsoft, but Intel information technology staff just found no compelling case for adopting Vista,? the person said. An Intel spokesman said the company was testing and deploying Vista in certain departments, but not across the company. Intel?s decision is certain to sting Microsoft because the two companies have worked closely to align hardware and software from the earliest days of the personal computer. Indeed, the corporate duo is known as ?Wintel? in the PC industry. Could Intel change its mind? Quite possibly. Microsoft?s chief executive, Steven Ballmer, has few equals as a forceful, persuasive salesman, and he and Paul Otellini, Intel?s chief executive, meet regularly. Word of Intel?s lukewarm response to Vista appeared Monday in The Inquirer, an irreverent London-based technology Web site. Intel is hardly alone in its reluctance to embrace Microsoft?s latest operating system, which was available to corporate customers in November 2006 and to consumers in January 2007. Large companies routinely hold off a year or so after a new version of Windows is introduced before adopting it, waiting for initial bugs to be eliminated and for applications to be written. ?But by 18 months, you?d expect to see a significant uptake, and we haven?t seen that,? said David Smith, a Gartner analyst. ?There?s not much excitement.? His Gartner colleague, Michael Silver, said that about 30 percent of corporate customers skip any given new version of Windows. But the percentage will be higher for Vista, Mr. Silver predicted. Gartner?s corporate clients that plan to skip Vista, like Intel, do not see value of this upgrade, particularly since it requires new PC hardware at the time when the economy is weak and corporate budgets are tight. Still, Microsoft doesn?t seem to be suffering too much from the resistance to Vista by some large corporations. Microsoft says there are more than 140 million copies of Vista installed on machines worldwide. Consumers and small businesses simply get the operating system that is on a new machine when they buy a PC, and that is Vista. Meanwhile, the Microsoft operating system engine chugs on, phasing out the old and proclaiming the new. The company reiterated this week that, despite some customer protests, it would halt shipments of the previous version of Windows, XP, to retail stores and stop most licensing of XP to PC makers next week. Microsoft also announced that the next version of its operating system, Windows 7, is scheduled to go on sale in January 2010. From rforno at infowarrior.org Thu Jun 26 10:18:30 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 26 Jun 2008 06:18:30 -0400 Subject: [Infowarrior] - Senators Question Border Laptop Searches Message-ID: <87B38E1C-FF0F-4E1B-969A-4916CEE573C8@infowarrior.org> Senators Question Border Laptop Searches http://www.pcworld.com/businesscenter/article/147546/ senators_question_border_laptop_searches.html Wednesday, June 25, 2008 9:40 AM PDT Two U.S. senators called on U.S. Customs and Border Protection (CBP) to back off its assertion that it can search laptops and other electronic devices owned by U.S. citizens returning to the country without the need for reasonable suspicion of a crime or probable cause. Senators Russell Feingold, a Wisconsin Democrat, and Patrick Leahy, a Vermont Democrat, both urged CBP to reconsider its policy that apparently has lead to frequent searches of laptops, digital cameras and handheld devices at borders. "If you asked [U.S. residents] whether the government has a right to open their laptops, read their documents and e-mails, look at their photographs, and examine the Web sites they have visited, all without any suspicion of wrongdoing, I think those same Americans would say that the government has absolutely no right to do that," said Feingold, chairman of the Senate Judiciary Committee's Subcommittee on the Constitution, Civil Rights and Property Rights. "And if you asked him whether that actually happens, they would say, 'not in the United States of America.'" Two witnesses at a hearing before the subcommittee Wednesday described widespread CBP searches of electronic devices at borders, with data copies and devices sometimes confiscated for weeks. One Muslim executive at a U.S. tech vendor has been subjected to border interrogations at least eight times since early 2007, said Farhana Khera, president and executive director of Muslim Advocates. Other travelers have been asked why they are Muslim, were questioned about their views of U.S. presidential candidates and had laptops and cell phones searched or confiscated, Khera said. "Innocent Muslim, Arab and South Asian Americans from all walks of life have had their electronic devices searched by CBP agents, or have been interrogated by CBP agents ... all without any reasonable suspicion that the individuals were engaged in unlawful activity," she said. In a February survey of its membership, the Association of Corporate Travel Executives found that 7 percent said they've had electronic devices seized at the U.S. border, said Susan Gurley, executive director of the trade group. It can take weeks to have those devices returned, and the seizures can disrupt the owners' work and require companies to buy costly replacements, she said. Half of the survey respondents said a seizure of an electronic device could damage their standing within their companies, Gurley said. "These devices constitute the offices of today," Gurley said. But other witnesses at the hearing suggested laptops should be treated no differently than luggage, which CBP can search without reasonable suspicion or probable cause. U.S. courts have recognized that there's a less restrictive standard for "routine" searches and seizures at U.S. borders than police searches within the nation, said Nathan Sales, a law professor at George Mason University and former official at the U.S. Department of Homeland Security. Searches of electronic devices at borders have caught several child pornographers and can be used to prevent terrorist attacks, he said. CBP should be more open about its electronic search policies, Sales said, but U.S. courts have recognized no difference between searches of luggage and of laptops. "The privacy protections we enjoy shouldn't depend on whether we store our information on paper or in the digital world," Sales said. "Officers can search mail, they can search address books, they can search photo albums at the border with no suspicion at all. Why should the rule change when we keep our correspondence, our contacts or our pictures on a laptop?" Senator Sam Brownback, a Kansas Republican, agreed that CBP needs more authority to conduct searches at the border than other law enforcement officials have inside the U.S. Only in a few cases, such as strip searches, are CBP officials required to have suspicions of illegal activity, he noted. "I hope we can go through this on the basis of protecting an individual's rights, but also looking at trying to protect the country," Brownback said. However, Brownback said he would not want his BlackBerry searched by border agents. Lee Tien, a senior staff attorney with the Electronic Frontier Foundation (EFF), acknowledged that border agents have more power to conduct searches than internal U.S. police. But searching and seizing laptops, which often contain an "autobiography" of their owners, should be considered unreasonable and invasive under the U.S. Constitution's Fourth Amendment banning such searches, he said. "EFF does not dispute that the Fourth Amendment works differently at the border," Tien said. "But 'differently' does not mean 'not at all.'" From rforno at infowarrior.org Thu Jun 26 21:41:07 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 26 Jun 2008 17:41:07 -0400 Subject: [Infowarrior] - ICANN adopts new Web site naming rules Message-ID: ICANN adopts new Web site naming rules Posted by Marguerite Reardon 1 comment http://news.cnet.com/8301-10784_3-9978448-7.html? part=rss&subj=news&tag=2547-1_3-0-20 The Internet Corporation for Assigned Names and Numbers voted Thursday to relax rules for naming Web sites. At its meeting in Paris, ICANN, a not-for-profit organization that oversees the naming scheme for Web sites, voted to accept a proposal that will allow companies to purchase new top-level domain names ending in whatever they like. So, for example, instead of being restricted to sites ending in .com or .org., eBay could have a site that ends in .ebay, or New York City could end its Web site with .nyc. The new naming process will begin in 2009. The first suffixes will likely be given to businesses and other major organizations. Countries are expected to keep their specific suffixes, but as in the example above cities could also get individualized URLs, such as .london or .chicago. In an effort to deter cybersquatters, the organization is likely to charge a hefty price for the new names. Some experts estimate the new domain names could cost anywhere from $50,000 to $100,000 or more. ICANN plans to give companies with trademarked names priority for their names. The group also voted to open public comment on a proposal that would allow countries to use non-English script. For example, companies could use Chinese or Arabic script to identify their web sites. Paul Twomey, the chief executive of ICANN, told the BBC earlier this week that allowing the new naming conventions would create new "real estate" on the Internet. But some experts worry that it could unleash a gold rush mentality. While trademarked names will only be available to those trademark holders, there are loads of common words that people could want to register, such as .sex. The suffix .xxx was rejected by ICANN last year, but it could also prove to be a popular suffix under the more relaxed policy. Still, Twomey told Agence France Press that the organization will still try to block or reject any domain name it deems inappropriate for security or moral reasons. From rforno at infowarrior.org Sat Jun 28 01:46:39 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 27 Jun 2008 21:46:39 -0400 Subject: [Infowarrior] - DHS Seeks Public Input on Infrastructure Protection References: <0E6E608443A703489B63435E45E64271378B71DAD3@EXVMBX016-3.exch016.msoutlookonline.net> Message-ID: > c/o Secrecy News > > DHS INVITES PUBLIC COMMENT ON INFRASTRUCTURE PROTECTION > > In a noteworthy contrast with the secrecy that prevails in much of > government and often within its own ranks, the Department of Homeland > Security (DHS) is soliciting public comment on revisions to the > National Infrastructure Protection Plan (NIPP), which is the framework > for defending essential infrastructure, ranging from agriculture to > transportation, against attack or natural disaster. > > http://www.fas.org/sgp/news/2008/06/fr060608.html > > The request for comment places DHS in the rather unfamiliar posture -- > for a national security agency -- of actively seeking to engage public > interest and to invite public feedback on a matter of broad public > policy. > > "We're hoping to get inputs from across the country," said Larry L. > May > of the DHS NIPP Program Management Office in an interview today, "and > from everyone concerned with critical infrastructure protection." > > Some of the NIPP policies that are under review are trivial, such as > changes in terminology. But others are profound, such as the relative > emphasis in the Plan on "protection rather than resiliency." Where > "protection" seeks to anticipate, deter and defend against particular > threats that are intrinsically uncertain, "resilience" focuses on > capabilities needed for rapid response and recovery from a broad range > of hazards. They imply vastly different strategies, including public > information disclosure strategies. > > Are there significant numbers of Americans who care enough about such > issues to express their views to DHS? Apparently so. > > Mr. May said that the last time DHS conducted a review of the NIPP in > 2006, some 10,000 comments were submitted. > > Why does DHS care what the public thinks? Basically, Mr. May said, > "all of us are in this together, if you will." > > Additional information on the NIPP, including the most recent 2006 > iteration, may be found here: > > http://www.dhs.gov/nipp From rforno at infowarrior.org Sat Jun 28 23:10:31 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 28 Jun 2008 19:10:31 -0400 Subject: [Infowarrior] - U.S. and EU near deal on sharing data Message-ID: <8D5433A7-7C96-4865-9478-3E30E5134725@infowarrior.org> U.S. and EU near deal on sharing data By Charlie Savage Saturday, June 28, 2008 http://www.iht.com/bin/printfriendly.php?id=14055407 WASHINGTON: The United States and the European Union are nearing completion of an agreement that would allow law enforcement and security agencies to obtain private information - including credit card transactions, travel histories and Internet browsing habits - about people on the other side of the Atlantic Ocean. Seeking to improve information-sharing to fight crime and terrorism, government officials have been meeting since February 2007 to reach a pact. Europe generally has more-stringent laws restricting how governments and businesses can collect and transfer personal data, which have led to high-profile disputes over American demands for such information. Negotiators have largely agreed on draft language for 12 major issues that are central to a "binding international agreement" making clear that it is lawful for European governments and companies to transfer personal information to the United States, and vice-versa, according to an internal report obtained by The New York Times. But the two sides are still at odds on several other matters, including whether European citizens should be able to sue the United States government over its handling of their personal data, the report said. The talks grew out of two conflicts over information-sharing after the September 2001 terrorist attacks. The U.S. government demanded access to customer data held by airlines and a consortium, known as Swift, that tracks global bank transfers. American investigators wanted the data to look for suspicious activity. But several European countries objected, citing violations of their privacy laws. Each dispute frayed diplomatic relations and required difficult negotiations to resolve. American and European Union officials are trying to head off future confrontations "by finding common ground on privacy and by agreeing not to impose conflicting obligations on private companies," said Stewart Baker, the assistant secretary for policy at the Department of Homeland Security, who is involved in the talks. "Globalization means that more and more companies are going to get caught between U.S. and European law." Paul Schwartz, a law professor at the University of California, Berkeley, said such a blanket agreement could transform international privacy law by eliminating a problem that has led to negotiations of "staggering" complexity between Europe and the United States. "The reason it's a big deal is that it is going to lower the whole transaction cost for the U.S. government to get information from Europe," Schwartz said. "Most of the negotiations will already be completed. They will just be able to say, 'Look, we provide adequate protection, so you're required to turn it over."' But the prospect that the agreement might lower barriers to sending personal information to the U.S. government has alarmed privacy-rights advocates in Europe. While some praised the principles laid out in the draft text, they warned that it was difficult to tell whether the agreement would allow broad exceptions to such limits. For example, the two sides have agreed that information that reveals race, religion, political opinion, health or "sexual life" may not be used by a government "unless domestic law provides appropriate safeguards." But the agreement does not spell out what would be considered an appropriate safeguard, suggesting that each government may decide for itself whether it is complying with the rule. "I am very worried that once this will be adopted, it will serve as a pretext to freely share our personal data with anyone, so I want it to be very clear about exactly what it means and how it will work," said Sophia in 't Veld, a member of the European Parliament from the Netherlands who is an outspoken advocate of privacy rights. The Bush administration and the European Commission, the EU's executive body, have not publicized the talks. But in a little-noticed paragraph deep in a joint statement following a summit meeting between President George W. Bush and European leaders in Slovenia this month, the leaders hailed their progress. Issued June 10, the statement declared that "the fight against transnational crime and terrorism requires the ability to share personal data for law enforcement," and it called for the creation of a "binding international agreement" to facilitate such transfers while also ensuring that citizens' privacy is "fully" protected. The negotiators are trying to reach accord on minimum standards for the protection of privacy rights, like limiting access to the information to "authorized individuals with an identified purpose" for looking at it. If a government's policies are "effective" in meeting all the standards, any transfer of personal data to that government would be presumed lawful. For example, European law sets up independent government agencies to police whether personal data is being used lawfully and to help citizens who are concerned about any invasions of their privacy. The United States has no such independent agency. But in a concession, the Europeans have agreed that the American government's internal oversight system may be good enough to provide accountability for how Europeans' data are being used. About half a dozen issues remain unresolved, the report said. One sticking point is what rights European citizens would have if the U.S. government violates data privacy rules or takes an adverse action against them - like denying them entry into the country or placing them on a no-flight list-based on incorrect personal information. European law generally allows those who think the government has mishandled their personal information to file a lawsuit to seek damages and to get the data corrected or expunged. American citizens and permanent residents can also generally file similar lawsuits under the Privacy Act of 1974, but that statute does not extend to foreigners. The Bush administration is trying to persuade the Europeans that other options for correcting problems - including asking an agency to correct any misinformation through administrative procedures - are satisfactory. For now, the EU is holding to the position that its citizens "require the ability to bring suit in U.S. courts specifically under the Privacy Act for an agreement to be reached on redress," the report said. But the Bush administration does not want to make such a concession, in part because it would require new legislation. The administration does not want to have to request congressional approval of the final agreement, several officials said. David Sobel, a senior counsel with the Electronic Frontier Foundation, a nonprofit organization dedicated to data-privacy rights, predicted that it would be difficult to persuade the Europeans to drop their demand. He said that the administration's depiction of the process of correcting mishandled data through agency procedures sounded "very rosy," but the reality is that it is often impossible, even for American citizens, to win such a fight. Officials said it remained unclear when the agreement could be completed. But there are several pressures encouraging negotiators to sprint to a finish. Bush administration officials would like to resolve the problem before they leave office next January. And European Commission officials who support the agreement may have an easier time getting it approved now, legal analysts said, before Europe completes internal reforms that would give the European Parliament - which has been skeptical about security measures that could infringe on civil liberties - greater authority to block it. In addition, businesses that operate on both sides of the Atlantic are pushing to eliminate the prospect of getting caught between conflicting legal obligations. "This will require compromise," said Peter Fleischer, the global privacy counsel for Google. "It will require people to agree on a framework that balances two conflicting issues - privacy and security. "But the need to develop that kind of framework is becoming more important as more data moves onto the Internet and circles across the global architecture." From rforno at infowarrior.org Mon Jun 30 11:57:02 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jun 2008 07:57:02 -0400 Subject: [Infowarrior] - Top 10 AntiTerrorism Patents Message-ID: ....who says the government doesn't protect the right of a person to be creative, if not impractical?? --rf (c/o Schneier) http://www.neatorama.com/2008/06/27/top-10-strangest-anti-terrorism-patents/ From rforno at infowarrior.org Mon Jun 30 21:03:57 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 30 Jun 2008 17:03:57 -0400 Subject: [Infowarrior] - Attrition.org nails another nitwit Message-ID: The mischievous fellows at attrition.org have long loved to goof on people who send them e-mail asking for illegal hacking services instead of, say, the data-breach statistics that have become a specialty of the security site. A congressional aide who wanted help boosting his college GPA was an all-time classic, but they get these kinds of requests all the time and collect them on a page called Going Postal. Here's a recent example involving attrition.org's "lyger" in a back- and-forth e-mail exchange with someone from Dubai who has apparently not seen Monty Python and the Holy Grail. < - > http://www.networkworld.com/community/node/29450