From rforno at infowarrior.org Mon Sep 1 14:39:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Sep 2008 10:39:28 -0400 Subject: [Infowarrior] - Insight: Terrorism v. Mad Cow Disease Message-ID: <502F9466-65D6-4830-83E9-55488FC60D3D@infowarrior.org> Can't argue with the kind of logic mentioned at the end of the article. Frankly, I'm more concerned about the quality of the food I eat than whether Granny Smith is carrying more than 3oz of Ensure onto my plane..... instead of paying a 911 Security Fee on our tickets, we should instead start billing TSA for the extra time we have to spend at the airports in their futile attempts to acheive "zero tolerance (ie, "total") security." -rf c/o BB: http://www.boingboing.net/2008/08/31/federal-court-blocks.html The USDA tests 1% of cattle of mad cow disease. Kansas-based Creekstone Farms Premium Beef exporters wants to test 100% of its cattle for mad cow disease. But the Bush administration took Creekstone to court, and a US federal appeals court ruled that the USDA has the authority to stop meatpackers from testing more than 1% of its cattle. < - > The AP reports that "The Bush administration says the low level of testing reflects the rareness of the disease." The Bush administration should apply the same logic to the TSA. Terrorists are extremely rare, so only 1% of passengers ought to be checked by airport security. From rforno at infowarrior.org Mon Sep 1 14:45:50 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Sep 2008 10:45:50 -0400 Subject: [Infowarrior] - North Pole becomes an 'island' for the first time Message-ID: <703B5B17-C814-4944-BB0B-519E93305AF7@infowarrior.org> The North Pole becomes an 'island' for the first time in history as ice melts By Fiona Macrae Last updated at 1:52 AM on 01st September 2008 http://www.dailymail.co.uk/news/article-1050990/The-North-Pole-island-time-history-ice-melts.html?ITO=1490# The North Pole has become an island for the first time in human history. Startling satellite pictures taken three days ago show that melting ice has opened up the fabled North-West and North-East Passages - making it possible to sail around the Arctic ice cap. The opening of the passages has been eagerly awaited by shipping companies which hope they will be able to cut thousands of miles off their routes. arctic map Blocked: The Arctic ice, showing as a pink mass in the 1979 picture, links up with northern Canada (on the left) and Russia (right) But to climate change scientists it is yet another sign of the damage global warming is inflicting on the planet. Mark Serreze, a sea ice specialist, described the images as an 'historic event' - but warned they added to fears that the Arctic icecap has entered a 'death spiral'. The pictures, produced by Nasa, mark the first time in at least 125,000 years that the two shortcuts linking the Atlantic and Pacific oceans have been ice-free at the same time. In 2005, the North-East Passage around Russia opened, while the western one, across the top of Canada, remained closed, and last year the position was reversed. But the satellite data shows that the North-West passage opened last weekend and the remaining tongue of ice blocking the North-Eastern one dissolved a few days later. Professor Serreze, of the U.S. government-funded National Snow and Ice Data Center, told a Sunday newspaper: 'The passages are open. It is an historic event. 'We are going to see this more and more as the years go by.' arctic map Thawing ocean: The North-West Passage (circled left) and the North- East Passage (top right) are clear of ice Shipping companies are ready to exploit the new routes. The Beluga group, based in Bremen, Germany, plans to send the first ship through the North-East passage next year, cutting 4,000 nautical miles off the voyage from Germany to Japan. If the ice continues to melt at current rates it will soon be possible to sail right across the North Pole. Many scientists believe that the mass of ice that forms a jagged circle around the North Pole could vanish altogether in the summer by 2030. Others believe it could take as little as five years for the Pole, currently frozen all year round, to be ice-free between mid-July and mid-September. Four weeks ago, tourists had to be evacuated from Baffin Island's Auyuittuq National Park in northern Canada because of flooding from thawed glaciers. The park's name means 'land that never melts'. From rforno at infowarrior.org Mon Sep 1 15:02:02 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Sep 2008 11:02:02 -0400 Subject: [Infowarrior] - Another Voice Warns of an Innovation Slowdown Message-ID: http://www.nytimes.com/2008/09/01/technology/01estrin.html September 1, 2008 Another Voice Warns of an Innovation Slowdown By CLAIRE CAIN MILLER MENLO PARK, Calif. ? Judy Estrin, 53, has spent her entire career in Silicon Valley, a region that thrives on constant innovation. Ms. Estrin, the former chief technology officer of Cisco Systems, has founded four technology companies. Yet she is deeply worried that Silicon Valley ? and the United States as a whole ? no longer foster the kind of innovation necessary to develop groundbreaking technologies and sustain economic growth. ?I am generally not an alarmist, but I have become more and more concerned about the state of our country and its innovation,? she said last week, explaining why she wrote her book, ?Closing the Innovation Gap,? which arrives in bookstores Tuesday. ?We have a national innovation deficit.? < - > Ms. Estrin argues that short-term thinking and a reluctance to take risks are causing a noticeable lag in innovation. She cites a variety of contributing factors. A decline in federal and university financing for research has dried up new ideas, she said. When research does produce new technologies, entrepreneurs and the venture capitalists who back them have been too cautious to make big bets ? especially after the costly failures of the dot-com bust. If start-up companies do find financing, she said, new regulations make it hard for them to grow, and the focus of investors on short-term performance discourages companies from taking risks. Ms. Estrin?s suggestions for bolstering innovation range from the vague, like advising venture capitalists and entrepreneurs to take more risks, to the specific, like mandating that schools pay teachers higher salaries. Some of her prescriptions are unlikely to become reality, like her idea for a new government body modeled after the Federal Reserve that sets science policy without Congressional input. Some thinkers on innovation agree with Ms. Estrin?s assessment. ?There is a remarkable telescoping in of vision and an unwillingness to make long-term bets,? said Vinton G. Cerf, the chief Internet evangelist at Google. From rforno at infowarrior.org Mon Sep 1 17:17:15 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Sep 2008 13:17:15 -0400 Subject: [Infowarrior] - Is the End of Unlimited Internet Near? Message-ID: <68A6CC6D-7D56-4ED9-A8B4-77801E134A4F@infowarrior.org> Is the End of Unlimited Internet Near? Comcast, Frontier and Time Warner Cable Are Moving Toward Imposing Internet Usage Caps By KI MAE HEUSSNER http://abcnews.go.com/print?id=5689480 Sept. 1, 2008 ? Get ready to say goodbye to unlimited Internet access. Last week, Comcast -- the second-largest Internet service provider in the country -- announced that starting Oct. 1 it would officially set a threshold for monthly Internet usage. In an online announcement, the service provider said that although it already contacts residential customers who use excessive amounts of bandwidth, it had never provided a specific limit. Now, Comcast said it will amend its user agreement to say that users will be allowed 250 gigabytes of monthly usage. The company emphasizes that its cap is generous and will only affect about 1 percent of its 14.4 million customers. Experts say these customers might include heavy gamers and those who use a significant amount of bandwidth for creating or uploading video. But industry watchers note that Comcast's decision is indicative of a trend by Internet service providers to move toward usage-based service plans. On Aug. 1, Frontier Communications changed its policy to define acceptable use for high-speed Internet as 5 GB per month. In June, Time Warner Cable launched a test program in Beaumont, Texas, that imposes monthly Internet usage limits of 5 GB to 40 GB on subscribers. Because Comcast is a heavyweight in the industry, its announcement has drawn criticism and questions from broadband and telecommunications researchers. "The biggest problem I have [is] they haven't given us any data. They've given us no proof," said Om Malik, author of "Broadbandits: Inside the $750 Billion Telecom Heist" and editor of GigaOM, a popular technology Web site. Malik said GigaOm and five other technology news sites managed by his online publishing company, Giga Omni Media, receive about two million visitors each month. Comcast's limit is substantially higher that those established by other service providers, Malik acknowledges. But he maintains that the company's decision amounts to metered billing and, if that's the case, it should provide a tool so that consumers can monitor their own usage. "[With] electricity companies -- and water companies -- you have the choice to monitor the electricity you are using," said Malik, drawing comparisons between Comcast and regulated public utilities that maintain the infrastructure for public services. "If they are going to behave like a utility, shouldn't they be treated like one?" he added. He also argued that even though a 250 GB bandwidth cap is generous in today's terms, it may not be sufficient in the future, especially as bandwidth-needy, high-definition video becomes more common. In its announcement, Comcast said its average residential customer uses approximately 2 to 3 GB. To put its monthly limit of 250 GB in perspective, the company said that to consume that much bandwidth a customer would have to send 50 million e-mails, 62,500 songs, download 125 standard-definition movies or upload 25,000 hi-resolution digital photos. Comcast spokesman Charlie Douglas told ABCNews.com that the company has had an excessive use policy for years but has never disclosed its definition of excessive use. When the customers would exceed the limit, he said Comcast would call to alert them. In most cases, the customer would voluntarily moderate his or her usage in response. If customers didn't cut back on usage, Comcast reserved the right to suspend service. Douglas said the only difference in the policy is that customers now know that the threshold is 250 GB per month. He says Comcast does not provide a meter tool because free and fee- based meter tools are readily available and not necessary for 99 percent of their consumers. Although Douglas says that the company is evaluating usage-based billing models that resemble Time Warner's trial program, he stressed that this cap is different. "This is about protecting the 99 percent of people who don't use a massive amount of bandwidth from the small percentage that does use an extreme amount," he said. But industry experts observe that Internet technology is advancing rapidly and the lack of good data make it difficult to prepare for the future. "Today's bandwidth hog is tomorrow's average user," said Fred Von Lohmann, a senior staff attorney for the Electronic Frontier Foundation, a nonprofit civil liberties group. If a cap had been imposed on the top 10 percent of Internet users in 1997, many Internet innovations of today would likely not exist, he said. While Von Lohmann said that no one has the right to unlimited Internet access, developments in the industry need to be monitored. "This is not an emergency, but it is something that needs to be carefully watched," he said. Like Malik, Von Lohmann said the industry would benefit from increased transparency, in terms of providing data regarding customers' Internet usage. Another major issue he flagged is competition. Comcast sells high-definition video through other parts of its business off-line. These Internet usage limits essentially handicap competitors who want to deliver similar products online, he said. Doug Williams, an analyst with media research firm Jupiter Research, told ABCNews.com that cable operators, such as Comcast, have been and will continue to be first movers in imposing bandwidth caps because they have a more immediate need to do so. Unlike telephone companies that also provide Internet service, cable operators use a shared distribution network. Extremely heavy use by a single connection has a negative and direct impact on other users in that area, he said. As cable operators continue to impose these caps, telephone companies will be paying close attention to the customer response to determine if they should move in the same direction. Williams says that for customers accustomed to a world of unlimited Internet access, these caps might not be welcome changes. As cell phone plans, long-distance telephone packages and other services move to flat-rate, unlimited approaches, this is a step in the opposite direction, he said. "I think that's going to be something that consumers are not going to be particularly happy about. But they might not have many options for recourse," he said. "That's not going to make people happy -- especially in this economic climate." Copyright ? 2008 ABC News Internet Ventures From rforno at infowarrior.org Tue Sep 2 01:01:00 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Sep 2008 21:01:00 -0400 Subject: [Infowarrior] - RFI: VOIP service Message-ID: <67381EAD-7B14-4FE5-8D4C-51B785B40C2B@infowarrior.org> Any thoughts on Vonage versus Comcrap for VOIP services in the metro DC area? Got a bunch of folks who say Vonage is pretty good.....others loved SunRocket before they went under. Obviously, I'd love to avoid Comcrap just on principle. Any thoughts or recos? Thx -rick From rforno at infowarrior.org Tue Sep 2 03:36:48 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Sep 2008 23:36:48 -0400 Subject: [Infowarrior] - Lawyers: Gonzales mishandled classified data Message-ID: Lawyers: Gonzales mishandled classified data Associated Press Published: Monday September 1, 2008 http://rawstory.com/news/2008/Lawyers_Gonzales_mishandled_classified_data_0901.html By LARA JAKES JORDAN, Associated Press Writer WASHINGTON - Former Attorney General Alberto Gonzales mishandled highly classified notes about a secret counterterror program, but not on purpose, according to a memo by his legal team. The memo, obtained by The Associated Press, acknowledges that Gonzales improperly stored notes about the program and might have taken them home at one point. Removing secret documents from specially secured rooms violates government policy. Gonzales' lawyers wrote in their memo that there is no evidence the security breach resulted in secret information being viewed or otherwise exposed to anyone who was not authorized. The classified notes focus on a March 2004 meeting with congressional leaders about a national security program that was about to expire. Efforts to renew the program sparked an intense Bush administration debate that played out at the hospital bedside of then-Attorney General John Ashcroft. The memo was prepared by Gonzales' legal team as a response to a report being finalized by the Justice Department's inspector general. The report, which could be released as early as Tuesday, is expected to criticize Gonzales' handling of sensitive compartmentalized information, or SCI, according to the memo. Gonzales agrees with inspector general's findings that his handling of notes and other SCI documents "was not consistent with the department's regulations governing the proper storage and handling of information classified as SCI," concluded the legal team's memo. "Judge Gonzales regrets this lapse." Sensitive compartmentalized information is one of the highest and most sensitive levels of classified documents and is deemed top secret. It usually relates to national security cases. Gonzales' lawyers acknowledge that he kept the notes in a safe in his fifth-floor office at the Justice Department, along with a small number of other highly classified papers, instead of in the special facilities accessible only by certain people with top secret security clearances. He also may have taken the notes home at one point in 2005 as he was moving out of the White House counsel's office, where he served until he was sworn in as attorney general at the start of President Bush's second term, the memo says. The inspector general's report will be the latest in a series taking Gonzales to task for his management of the Justice Department. He resigned under fire in September 2007. At least two more reports, including one looking at Gonzales' role in the ouster of nine U.S. attorneys, are expected in coming months. It also could re-ignite a simmering controversy about Gonzales' role in urging an ailing Ashcroft to continue a national security program the Justice Department had deemed illegal. Preparing for the criticism, Gonzales' legal team fired back with the 12-page memo and a three-page addendum accompanying it. The documents indicate the attorney general was merely forgetful or unaware of the proper way to handle the top secret papers. Both documents were written by Gonzales attorney George Terwilliger, who served as the Justice Department's No. 2 official between 1991 and 1992. The classified notes, according to the lawyers' memo, focus on a March 10, 2004 emergency meeting in the White House Situation Room with Gonzales, other high-ranking Bush administration officials and the eight House and Senate leaders and intelligence committee chairmen. It was held to brief the bipartisan group of lawmakers about a sensitive counterterror program that was set to expire the next day. Then-Deputy Attorney General James Comey, who was running the Justice Department while Ashcroft was hospitalized for pancreatitis, had refused to sign off on the program because he questioned whether parts of it were legal. At the Situation Room meeting, administration officials asked the congressional leaders to consider creating legislation to let the program continue, according to the memo. The exact nature of the counterterror program is not clear. FBI Director Robert Mueller has said it was a terrorist surveillance program that allowed the government to conduct electronic surveillance on people in the United States without court oversight until 2007. Gonzales has denied that and maintains it involved other intelligence activities. Gonzales' classified notes themselves remain classified and have not been released. Gonzales took the notes of the meeting at President Bush's request, and kept them in a safe in his White House counsel's office, which is a secure SCI facility, according to his lawyers. Once he moved to the Justice Department, however, the memo says Gonzales kept the notes in a safe a few steps away from his desk in the attorney general's office ? which is not considered a secure facility for SCI data. Gonzales' "best recollection is that he always placed the notes in the most secure place over which he had immediate personal control," the memo states. He apparently was advised that his office safe was not proper storage for the notes or other highly classified material, the memo shows. However, there's no proof that Gonzales intentionally defied that guidance, the memo states, arguing he acted "without conscious disregard" for the rules. The memo also takes a shot a Comey, who in Senate testimony last year described the hospital visit as an attempt by Gonzales and then-White House Chief of Staff Andy Card "to take advantage of a very sick man." In the memo, Terwilliger calls such criticism "demonstrably hyper- inflated rhetoric without basis in fact." He says during the hospital visit Comey was "seeking to interpose himself between the president and a high-level official communication to his attorney general on a vital matter of national security." From rforno at infowarrior.org Tue Sep 2 04:15:51 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Sep 2008 00:15:51 -0400 Subject: [Infowarrior] - The Terrorist Watch List, Jumbled in Translation Message-ID: <45106005-006B-4626-8899-CA266F8DA98A@infowarrior.org> The Terrorist Watch List, Jumbled in Translation By JOE SHARKEY Published: September 1, 2008 http://www.nytimes.com/2008/09/02/business/02road.html NOBODY likes the way the terrorist watch lists work. Not the federal government, not the airlines, and certainly not the innocent travelers who are flagged and delayed at the airport when an airline finds a match of their name on the federal master list. There?s even dispute about how many names are on the list. A million (!) says the American Civil Liberties Union. Not even close (!), responds the Transportation Security Administration. The federal Terrorist Screening Center database contained more than 724,000 ?records? as of April 2007, according to an audit by the inspector general?s office of the Justice Department, which said the number of records was growing by 20,000 a month. The American Civil Liberties Union, after extrapolating, issued a report in July saying that the ?nation?s terrorist watch list has hit one million names.? It added that ?members of Congress, nuns, war heroes and other ?suspicious characters? with names like Robert Johnson and Gary Smith have become trapped in the Kafkaesque clutches of this list.? Whoa, says Kip Hawley, the director of the Transportation Security Administration. ?The list has no more than 50,000 names,? Mr. Hawley said in a recent interview. As he begins to wrap up his three-year tenure at the T.S.A., Mr. Hawley says he is perplexed by the commotion over the watch list. The Terrorist Screening Center maintains the list to flag names of people in two categories: those with known terrorist ties who are on the ?no fly? portion of the list, and those with names that for various reasons are on a broader ?selectee? list. The selectee list is responsible for much of the ridicule directed at the T.S.A. That list contains many common names ? like Michael Kirby, who was featured in last week?s column. Like Mr. Kirby, many people who share names or variants of names on the selectee list can?t print a boarding pass in advance. Every time they want to fly, they must report to the airline ticket desk to be cleared before they board. The Justice Department found that the Terrorist Screening Center ?has not done enough to ensure that the database was complete and accurate.? The confusion is compounded because the airlines, not the government, are usually the point-of-contact arbiter of who actually is flagged at the airport. Airlines compile their lists using names on the federal list, Mr. Hawley said. But depending on how the airline puts together its list, passengers with the same or even vaguely similar names as ones on the federal list can turn up as ?false positives,? Mr. Hawley said. ?Depending on how the airline filters it, you may end up with hundreds of people being told they?re on the selectee list,? Mr. Hawley said. The airlines, he said, ?decided that rather than investing in technology to work this out, we?ll have you go over to a ticket agent because it?s no skin off our nose if you stand in line. At that point, they look up the government list, which has more detailed data, and they will see that the real person on the watch list is 60 years old and you?re 25 years old, and they say O.K., you?re obviously not the person. But all those people go away mad, thinking ?What?s the T.S.A. got against me?? ? The airlines dislike the cumbersome task of matching their passenger lists, which don?t contain personal data like birth dates, against the federal list, which does. The airline industry strongly supports a federal initiative called Secure Flight, which would require the T.S.A. itself to check names against passenger lists supplied by airlines in advance of every flight. In a statement, the Air Transport Association said, ?The airlines have been given assurances for more than four years that T.S.A. would soon be taking over responsibility for vetting passenger names against government watch lists. With recurrent T.S.A. delays in meeting that commitment, airlines invested millions of dollars in programming costs to minimize the number of misidentified passengers.? Secure Flight, which Mr. Hawley says he supports, is expected to be in place next year. It has been stalled while the Homeland Security Department addresses concerns raised in Congress about privacy. E-mail: jsharkey at nytimes.com From rforno at infowarrior.org Tue Sep 2 04:17:20 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Sep 2008 00:17:20 -0400 Subject: [Infowarrior] - Google to Release Open-Source 'Chrome' Browser Message-ID: <0F1D96E3-D18A-4083-80D9-19A372F4239D@infowarrior.org> Google to Release Open-Source 'Chrome' Browser 09.01.08 by Chloe Albanesius http://www.pcmag.com/article2/0,2817,2329247,00.asp Are Internet Explorer and Firefox ready to do battle with Chrome? Google announced Monday that it has been hard at work on an open- source browser known as Chrome, a beta version of which will be released in 100 countries on Tuesday. New features will included "isolated" tabs designed to prevent browser crashes and a more powerful JavaScript engine. "Why are we launching Google Chrome? Because we believe we can add value for users and, at the same time, help drive innovation on the web," Sundar Pichai, vice president of product management, and Linus Upson, Google engineering director, wrote in a blog post. Google was apparently looking to keep news of Chrome under wraps until after the holiday weekend. A 38-page, online comic book that provided details about Chrome hit the blogosphere Monday morning, but Pichai and Upson said in their blog post that Google had "hit 'send' a bit early" on the web comic. The comic depicts various Google engineers describing Chrome's features, including the isolated tab idea. "By keeping each tab in an isolated 'sandbox', we were able to prevent one tab from crashing another and provide improved protection from rogue sites," Pichai and Upson wrote. Having a number of tabs open in a single browser eats up memory. If a browser is running slow, a user's natural inclination is to close a few tabs? In some cases, however, little bits of the closed tabs remain, which eats up space and requires the operating system to grow the browser's address space, according to Google. With Chrome, there will be a different tab for each process, including plug-ins. "When a tab is closed in Google Chrome, you're ending the whole process," according to the comic. "You can look under the hood with Google Chrome's task mananger to see what sites are using the most memory, downloading the most bytes and abusing your CPU" so you can place "blame where blame belongs." Google also promised "improved speed and responsiveness across the board." "We also built a more powerful JavaScript engine, V8, to power the next generation of web applications that aren't even possible in today's browsers," Pichai and Upson wrote. Like OpenSocial and Android, Chrome will be an open source initiative. "We owe a great debt to many open source projects, and we're committed to continuing on their path," they wrote. "We've used components from Apple's WebKit and Mozilla's Firefox, among others -- and in that spirit, we are making all of our code open source as well. We hope to collaborate with the entire community to help drive the web forward." The team selected Webkit because it uses memory efficiently, was easily adapated to embedded devices, and it was easy for new browser developers to learn to make the code base work, according to the web comic. "Webkit keeps it simple." Google recently extended its financial deal with Mozilla until 2011, according to a blog post from Mitchell Baker, chair of the Mozilla Foundation. Tuesday's beta release will be available for Windows users. "We're hard at work building versions for Mac and Linux too, and will continue to make it even faster and more robust," Pichai and Upson wrote. "This is just the beginning -- Google Chrome is far from done," they wrote. "Google Chrome is another option, and we hope it contributes to making the web even better." Last week, Microsoft released Internet Explorer 8 beta 2, which includes improved security and new browsing aids. Earlier this summer, Mozilla released Firefox 3, which garnered 8 million downloads in 24 hours. From rforno at infowarrior.org Tue Sep 2 04:47:55 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Sep 2008 00:47:55 -0400 Subject: [Infowarrior] - Democracy Now! host Amy Goodman arrested at RNC protest Message-ID: <6A569F63-AF45-4E85-8C4B-5850FCA6BC49@infowarrior.org> FYI, since nobody else seems to be covering the reportedly-large protests and (in some cases) questionable "pre-emptive" police actions around the RNC this past weekend and today.......-rf Democracy Now! host Amy Goodman arrested at RNC protest Posted at 6:39 PM on September 1, 2008 by Sanden Totten (22 Comments) http://minnesota.publicradio.org/collections/special/columns/loophole/archive/2008/09/democracy_now_host_amy_goodman.shtml Hours after the main march ended, spurts of protest were still popping up throughout the city of St. Paul. Groups of dissenters made their way around downtown, often followed by cops . . . and of course the media. One crew in the midst of it was the group from the show Democracy Now! Details are still sketchy, but it's been confirmed that the crew, along with the show's politically outspoken host, Amy Goodman, have been detained. The stated reason seems to be the recent police favorite "probable cause for riot." Was the 51 year old host really about to start smashing the state? Or was she just in the wrong place at the wrong time? Who knows. You can hear the tape of her arrest here (language advisory! bad words). It's hard to tell what she did, but the crowd freaks out when it happens: "They're arresting Amy Goodman?" "What are you guys doing!?! You can't arrest Amy Goodman!" "Let her go!" "We love you Amy!" Of course, as we found out earlier this weekend, Amy Goodman isn't afraid to get in the thick of things . . . even when it might not be the best time to do so. From rforno at infowarrior.org Tue Sep 2 16:16:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Sep 2008 12:16:28 -0400 Subject: [Infowarrior] - Book: The Constitution and 9/11 Message-ID: <10A524E8-F893-4FCA-82C6-8D9242A86EE4@infowarrior.org> The Constitution and 9/11 http://www.fas.org/blog/secrecy/2008/09/the_constitution_and_911.html The presidential campaigns have been largely silent so far regarding the post-9/11 changes in the character of American government. But those changes, documented by constitutional scholar Louis Fisher in a new book, have been profound and far-reaching, and they remain to be addressed. ?Following the terrorist attacks of September 11, 2001, the United States abandoned many of its rights and privileges for the accused, both citizens and non-citizens,? Mr. Fisher writes. ?With political power concentrated in the President, executive branch officials met in secret to draft policies that supported the arrest and detention of suspected terrorists. They saw no need to make specific charges, provide counsel, or allow the accused an opportunity to examine evidence.? ?Military commissions became a substitute for civil courts and courts- martial. Suspects were flown to foreign prisons for interrogation and torture. Some of the administration initiatives violated existing statutes and treaties. Once again in America, emergency powers were invoked to disregard individual rights and weaken national security,? writes Mr. Fisher, a specialist in separation of powers at the Law Library of Congress. For those who have not been paying attention, Mr. Fisher recounts the major departures from legal norms that have unfolded in recent years, with chapters on Guantanamo, domestic surveillance, military tribunals and state secrets. And for those who have been paying attention, the book adds a new dimension of historical understanding, tracing the precursors to current policies and their eventual repudiation. (I contributed a blurb for the book jacket.) See ?The Constitution and 9/11: Recurring Threats to America?s Freedoms? by Louis Fisher, University of Kansas Press, 2008. From rforno at infowarrior.org Wed Sep 3 02:19:47 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Sep 2008 22:19:47 -0400 Subject: [Infowarrior] - ICANN cast as online scam enabler Message-ID: ICANN cast as online scam enabler By Dan Goodin in San Francisco ? More by this author Published Wednesday 3rd September 2008 01:17 GMT http://www.theregister.co.uk/2008/09/03/cyber_crime_reports/ Two recently issued reports portray the Internet Corporation for Assigned Names and Numbers (ICANN) as a bureaucracy that enables cyber criminals. In one report (PDF), researchers Jart Armin, James McQuaid and Matt Jonkman detail how a one of ICANN's prized sponsors has ties to one of the net's more prolific sources of malware and illegal online pharmacies. It's called LogicBoxes, and over the past two years, ICANN has listed it as a sponsor for meetings that took place in Los Angeles and Delhi, India. It turns out LogicBoxes has an association with Atrivo, a network provider that also goes by the name of Intercage. According to the study, a random sampling of 2,600 addresses hosted by Atrivo revealed 7,340 malicious web links, 910 infected websites, 310 malicious binaries, and 113 botnet command and control servers. As an autonomous systems (AS) provider, the Concord, California-based company controls a large number of IP addresses. The report details how Atrivo works with a rogue's gallery of other companies to enable anonymous sites that punt scareware, malware and online sites pushing Viagra and other sites. Other companies include Hostfresh, EstHost, EstDomains and PrivacyProtect. In an email to The Register, Atrivo principal Emil Kacperski declined to comment. A second report issued by an outfit known as Knujon (that's "no junk" spelled backwards) details 48 phantom domain name registrars whose sole purpose seems to be the registration of addresses used in spam and malware campaigns. All of them can be linked back to the Directi Group, which has long been a prolific provider of URLs to scammers. According to Knujon, the 48 registrars are violating ICANN's own rules requiring them to clearly identify their business name and business address. That's something registrars are reluctant to do when they're spewing out sites as unpopular as these. ICANN is the government-appointed group that accredits registrars. A spokesman for the group didn't return our calls for comment. Yes, we realize the net is a big place and it's not possible to know the reputation of every group ICANN accredits or takes money from. But it's not unreasonable to expect the gatekeeper to enforce its own rules, especially given the proliferation of sites pushing spam, malware and other scams. And while ICANN did nothing wrong accepting sponsorship money from LogicBoxes, it's fair to say the the relationship doesn't look good, so long as LogicBoxes continues to keep company with the likes of Directi and Atrivo. So next time you receive a spam or a popup fraudulently claiming your PC is hosed, think of ICANN. ? From rforno at infowarrior.org Wed Sep 3 14:02:13 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Sep 2008 10:02:13 -0400 Subject: [Infowarrior] - Sears to Start Selling Line of Official U.S. Military Garb Message-ID: <5EE08431-6D1D-4F66-8C0A-A9EC7A8CB30A@infowarrior.org> http://www.prwatch.org/node/7714 Sears to Start Selling Line of Official U.S. Military Garb Sears-Army clothing logo (from Advertising Age)Sears, Roebuck and Company [1] has entered into a first-ever deal with the United States Military [2] to market a new line of officially sanctioned, military- styled clothing to men, women and boys. The Military has officially licensed a "soldier chic" line of clothing to Sears called the "All American Army Brand First Infantry Division" collection. The garb, to be launched in 550 Sears stores in October -- just in time for the holiday season -- consists of "authentic lifestyle reinterpretations" of regulation uniforms and military-issued gear like T-shirts, hooded sweatshirts, denim and other outerwear. The partnership is part of a marketing strategy to raise the public profile of the U.S. Military. Sears already carries some military-themed merchandise on its Web site, like a "Modern Military Figure Special Forces Soldier" [3] toy for ages 8 and up, a musical DVD [4] titled "Death Chants, Breakdowns and Military Waltzes, Vol. 2," which lists song titles like "Cadaver Recovery Man" and "Mud & Guts," and a Self-esteem Zip Military Style Vest for Juniors [5]. Source URL: http://www.prwatch.org/node/7714 Links: [1] http://www.sourcewatch.org/index.php?title=Sears,_Roebuck_and_Company [2] http://www.sourcewatch.org/index.php?title=United_States_Military [3] http://www.sears.com/shc/s/p_10153_12605_05283757000P?vName=Toys+%26+Games [4] http://entertainment.sears.com/Music/Album.aspx?prodid=TRTG26.2 [5] http://www.sears.com/shc/s/p_10153_12605_002AM339000P From rforno at infowarrior.org Wed Sep 3 14:27:50 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Sep 2008 10:27:50 -0400 Subject: [Infowarrior] - SciAm: Privacy in an Age of Terabytes and Terror Message-ID: <423E1A67-65AC-46D4-99BC-A48773FA73F8@infowarrior.org> Privacy in an Age of Terabytes and Terror By Peter Brown Introduction to SciAm's issue on Privacy. Our jittery state since 9/11, coupled with the Internet revolution, is shifting the boundaries between public interest and "the right to be let alone" ..... For all those reasons and more, the editors of Scientific American present this issue devoted to the future of what Supreme Court Justice Louis D. Brandeis called ?the right to be let alone.? http://www.sciam.com/article.cfm?id=privacy-in-an-age ... and some selected article links -- there's more on their site from this month's issue too .... Internet Eavesdropping: A Brave New World of Wiretapping By Whitfield Diffie and Susan Landau As telephone conversations have moved to the Internet, so have those who want to listen in. But the technology needed to do so would entail a dangerous expansion of the government's surveillance powers http://www.sciam.com/article.cfm?id=internet-eavesdropping < - > How RFID Tags Could Be Used to Track Unsuspecting People By Katherine Albrecht A privacy activist argues that the devices pose new security risks to those who carry them, often unwittingly http://www.sciam.com/article.cfm?id=how-rfid-tags-could-be-used < - > Do Social Networks Bring the End of Privacy? By Daniel J. Solove Young people share the most intimate details of personal life on social-networking Web sites, such as MySpace and Facebook, portending a realignment of the public and the private http://www.sciam.com/article.cfm?id=do-social-networks-bring < - > How Loss of Privacy May Mean Loss of Security By Esther Dyson Many issues posing as questions of privacy can turn out to be matters of security, health policy, insurance or self-presentation. It is useful to clarify those issues before focusing on privacy itself http://www.sciam.com/article.cfm?id=how-loss-of-privacy-may-mean-loss-of-security < - > Industry Roundtable: Experts Discuss Improving Online Security Experts from Sun, Adobe, Microsoft and MacAfee discuss how to protect against more numerous and sophisticated attacks by hackers; security professionals call for upgraded technology, along with more attention to human and legal factors http://www.sciam.com/article.cfm?id=industry-roundtable From rforno at infowarrior.org Wed Sep 3 15:49:09 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Sep 2008 11:49:09 -0400 Subject: [Infowarrior] - OT: Security Cartoon Message-ID: <35CC8091-53DB-4955-B2B1-30EE7FB1E729@infowarrior.org> Well, sort of....at least in the area of infosec certification, accreditation, and the lovely realm of management consulting for IT stuff. Who says art doesn't reflect life? :) http://dilbert.com/strips/comic/2008-09-03/ -rick From rforno at infowarrior.org Thu Sep 4 04:04:29 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 00:04:29 -0400 Subject: [Infowarrior] - Giving you access, one document at a time Message-ID: http://www.pressdemocrat.com/article/20080903/NEWS/809030309/1350 He's giving you access, one document at a time By NATHAN HALVERSON THE PRESS DEMOCRAT Published: Wednesday, September 3, 2008 at 4:30 a.m. Last Modified: Wednesday, September 3, 2008 at 11:58 a.m. California's building codes, plumbing standards and criminal laws can be found online. This Web site contains the Sonoma County Code and the 38-volume California Code of Regulations. Sebastopol resident Carl Malamud put the laws online in hopes California and other governments will drop their claim to copyright. But if you want to download and save those laws to your computer, forget it. The state claims copyright to those laws. It dictates how you can access and distribute them -- and therefore how much you'll have to pay for print or digital copies. It forbids people from storing or distributing its laws without consent. That doesn't sit well with Carl Malamud, a Sebastopol resident with an impressive track record of pushing for digital access to public information. He wants California -- and every other federal, state and local agency -- to drop their copyright claims on law, contending it will pave the way for innovators to create new ways of searching and presenting laws. "When it comes to the law, the courts have always said there can be no copyright because people are obligated to know what it says," Malamud said. "Ignorance of the law is no excuse in court." Malamud is spoiling for a major legal fight. He has begun publishing copies of federal, state and county codes online -- in direct violation of claimed copyright. On Labor Day, he posted the entire 38-volume California Code of Regulations, which includes all of the state's regulations from health care and insurance to motor vehicles and investment. To purchase a digital copy of the California code costs $1,556, or $2,315 for a printed version. The state generates about $880,000 annually by selling its laws, according to the California Office of Administrative Law. Malamud isn't just targeting California. He posted safety and building codes for nearly all 50 states, and some counties and cities such as Sonoma County and Los Angeles. This is not uncharted territory for Malamud. In 1994, he pushed the U.S. Securities and Exchange Commission to post corporate filings online, opening the door for companies such as Google and Yahoo to create elaborate financial Web sites. In June, Malamud helped convince the state of Oregon to stop claiming copyright over its laws. Now Malamud wants to do the same for California -- and everywhere else. And he's willing to go to court to make his point. He thinks the court system will rule in his favor, establishing a precedent that all government agencies must follow. "If that happens, it opens the doors to innovation," Malamud said. To get the California Code online, he digitally scanned a stack of documents that weighed 150 pounds. Now anyone can download the 33,000 pages, and print whatever they want from his Web site, public.resource.org. Traditionally, governments provided publishing companies such as LexisNexis copies of laws to print and bind for people. It was practically the only way to get the laws distributed to people. LexisNexis claims to have the "world's largest collection of public records." But the Internet has changed how people can share information. Increasingly, government agencies -- including Sonoma County -- contract with LexisNexis and other publishers to post their laws online. "Most of the county staff now just look up the codes on the Internet," said Jennifer Barrett, Sonoma County's deputy planning director. "You can quickly search for keywords or a section. It's quite easy to find what you are looking for." But LexisNexis does not format the online laws for easy printing or downloading, Malamud said. And that hampers how people can access the laws. LexisNexis is the exclusive distributor of Sonoma County statutes, selling print versions for $220. It offers free access to the county's codes on the Internet, but its Web site is relatively archaic and doesn't include the features common in newer sites. If the county provided those laws in a free, standardized digital format, others could design Web sites with more modern search and presentation features, Malamud said. Social Web sites could pop up where, for instance, plumbers could provide useful annotations to building codes -- perhaps blending Wikipedia with Facebook for a more useful law site. LexisNexis declined to comment for this story. Its primary competitor, Thomson West, which publishes California laws under a contract with the state, does not claim copyright over government statutes, a spokesman said. California asserts copyright protections for its laws, contending it ensures the public gets accurate, timely information while generating revenue for the state. "We exercise our copyright to benefit the people of California," said Linda Brown, deputy director of the Office of Administrative Law, which manages the state's laws. "We are obtaining compensation for the people of California." Malamud must get permission from the state to post codes online, Brown said. She was not familiar with Malamud's actions, and could not comment on what steps would be taken to protect the state's copyright. Malamud might be seriously outgunned in regards to the financial and legal resources of the governments he is facing. But Malamud has a track record of defeating much larger foes, said Lawrence Lessig, a professor at Stanford Law School and founder of its Center for Internet and Society. "I think his work is extraordinarily important," Lessig said. While there is a lot of commercial interest in stopping Malamud, his strategy of showing how easy it is for governments to post laws themselves makes a strong argument to the public, Lessig said. Malamud thinks it will take him another three years to establish that no one can assert copyright over any U.S. law. Like in his previous battles, he's not going it alone. His nonprofit has received about $2 million so far, with money coming from Internet pioneers such as the foundation of Pierre Omidyar, who founded eBay. Malamud expects it will take several million more to finish his campaign. He also has some heavy-hitting legal academics on his side. Professor Pamela Samuelson, co-director of the Berkeley Center for Law and Technology, has also questioned the legality of copyrighting standards and laws. "If it's the law, the public should have access to it," she said. Samuelson points out that the idea of copyright was established to provide people incentive to create. People are given exclusive legal rights to their paintings, writings and other works because by selling those rights they can attempt to make a living. There is no similar need for financial incentives to establish standards such as building codes, Samuelson said. For the most part, volunteers spend long hours drafting proposed standards for things like plumbing and building. Governments often take those standards and adopt them into law. Once the standards become law, she doesn't think people can claim copyright protections. But like Malamud, she sees the courts making the final ruling. "I don't think it's an airtight case for either side. But I think the law favors that if something is a law, it's in the public domain," she said. You can reach Staff Writer Nathan Halverson at 521-5494 or nathan.halverson at pressdemocrat.com . From rforno at infowarrior.org Thu Sep 4 15:12:46 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 11:12:46 -0400 Subject: [Infowarrior] - Admin Note: New List Archive Service Message-ID: <46288556-3D92-4A4D-9155-D22BC7801BDA@infowarrior.org> All, In addition to the mail-archive site I've used for list archiving and offering RSS feeds, I am pleased to announce that infowarrior-l has been picked up by MarkMail's new (and nifty) search engine. As time permits, I'll upload the earlier list archives to the MarkMail site. As reported elsewhere, MarkMail is an xquery-based search engine that provides fast search access, with multi-pane drilldown on topic, thread, or author, histograms showing the frequency of posts on same, etc. In this case, the one catch is that since all list messages are sent by one person (me!) you lose the ability to search-by-author on this list. Not a big deal for most folks, though. Check them out at http://markmail.org/search/?q=infowarrior. General list information page: http://infowarrior.org/list.html Cheers, Rick -infowarrior.org From rforno at infowarrior.org Thu Sep 4 15:46:59 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 11:46:59 -0400 Subject: [Infowarrior] - 51 Things You Aren't Allowed to See on Google Maps Message-ID: <183633AB-9560-4C3D-96B7-4762FB4289AC@infowarrior.org> Blurred Out: 51 Things You Aren't Allowed to See on Google Maps http://www.itsecurity.com/features/51-things-not-on-google-maps-071508/ IT Security Editors on July 15, 2008 Depending on which feature you use, Google Maps offers a satellite view or a street-level view of tons of locations around the world. You can look up landmarks like the Pyramids of Egypt or the Great Wall of China, as well as more personal places, like your ex?s house. But for all of the places that Google Maps allows you to see, there are plenty of places that are off-limits. Whether it?s due to government restrictions, personal-privacy lawsuits or mistakes, Google Maps has slapped a "Prohibited" sign on the following 51 places. Government and Military Sites 1. The White House: Google Maps' images of the White House show a digitally erased version of the roof in order to obscure the air- defense and security assets that are in place. 2. The U.S. Capitol: The U.S. Capitol has been fuzzy ever since Google Maps launched. Current versions of Google Maps and Google Earth show these sites uncensored, though with old pictures. 3. Dick Cheney's House: The Vice President's digs at Number One Observatory Circle are obscured through pixelation in Google Earth and Google Maps at the behest of the U.S. government. However, high- resolution photos and aerial surveys of the property are readily available on other Web sites. 4. Soesterberg Air Base, in the Netherlands: This Dutch air-force base and former F-15 base for the U.S. Air Force during the Cold War can't be seen via Google Maps. 5. PAVE PAWS in Cape Cod, Mass.: PAVE PAWS is the U.S. Air Force Space Command?s radar system for missile warning and space surveillance. There are two other installations besides the one in Cape Cod. 6. Shatt-Al-Arab Hotel in Basra, Iraq: This site was possibly censored after it was reported that terrorists who attacked the British at the hotel used aerial footage displayed by Google Earth to target their attacks. 7. Leeuwarden, Netherlands: This Dutch city is one of the main operating bases of the Royal Netherlands Air Force, part of NATO's Joint Command Centre and one of three Joint Sub-Regional Commands of Allied Forces Northern Europe. Leeuwarden is also one of two regional headquarters of Allied Command Europe, headed by the Supreme Allied Commander Europe. 8. Reims Air Base in France: This lone building on Reims Air Base in France is blurred out. 9. Novi Sad: This military base in Serbia is off-limits. 10. Kamp van Zeist: Kamp van Zeist is a former U.S. Air Force base that was temporarily declared sovereign territory of the U.K. in 2000 in order to allow the Pan Am Flight 103 bombing trial to take place. 11. NATO C3 Agency: Located in Brussels, Belgium, the C3 Agency supports NATO through scientific support and funded acquisition of C4ISR (Consultation, Command, Control, Communications, Intelligence, Surveillance and Reconnaissance) capabilities. 12. New American Embassy Location: This site is under construction. 13. NATO Air Base Geilenkirchen : This is the site of the main operating of NATO's Airborne Early Warning Control Force's E-3A Component, which provides an early-warning radar system to enhance NATO's air- defense capabilities. The base includes 17 E-3A aircraft used for air surveillance and air-operations-communications support. Crews from 14 nations, including Spain, Turkey and the U.S., power the aircraft. 14. Ramstein Air Base in Germany: Ramstein Air Base figures prominently in Operation Iraqi Freedom and Operation Enduring Freedom. It's the home of the 86th Airlift Wing and headquarters of U.S. Air Forces in Europe. It is also a NATO installation. Americans, Canadians, Germans, British, French and other nationalities comprise the base's population. 15. The Royal Stables in The Hague, Netherlands: A division of the Civil Household, the Royal Stables arranges transport for the members of the Royal House and the Royal Household. 16. Huis Ten Bosch Palace: This address is one of the four official residences of the Dutch Royal Family, also located in The Hague, Netherlands. Queen Beatrix has lived here since 1981. Political Pushback on Google Earth and Google Maps' Street View 17. North Oaks, Minn.: In late June 2008, the St. Paul, Minn. suburb of North Oaks successfully petitioned that street images be removed from Google Maps? Street View feature. The argument put forth collectively by North Oaks' 4,500 residents involves the fact that the town has private roads that are protected by a trespassing ordinance. Google spokeswoman Elaine Filadelfo said that she didn't know of any other city in the country that has made a similar request. 18. The Boring Home: Aaron and Christine Boring of Franklin Park Pa. claimed that Google Maps' Street View feature violated their privacy, devalued their property and caused them mental suffering by posting images of a private road in front of their house. The Borings said that the images of their home must have been taken from their long driveway, which is labeled "Private Road." 19. Bahrain: In August 2006, Bahrain's Ministry of Information instructed the country's Internet exchange to block access to Google Earth servers. The ban lasted three days. Internet rumors claimed that the ban's goal was to keep poorer citizens from viewing the elaborate residences and private jets of the country's rich, in order to keep secret the inequity of wealth distribution in Bahrain. Cyberactivists circulated an email that contained a PDF file with annotated Google Earth screenshots of the supposed Bahrain sites. 20. Europe: In May 2008, the EU's (European Union) data-protection agency railed against Google Maps' Street View feature, which shows ground-level, 360-degree views of streets in 30 U.S. cities. Officials claimed that the feature may break EU privacy laws if launched in Europe. 21. Singapore: In April 2008, the country's government claimed that the ban stemmed from a dispute between SLA (Singapore Land Authority) and Google over copyright issues. SLA alleged that the satellite images on Google Earth are direct copies of real geographic features in Singapore and infringe upon the organization's copyrights. 22. Sudan: The Google Earth ban in Sudan is reportedly due to U.S. export restrictions and economic-sanctions regulations. Knowledge of the ban spread after Google Earth added info about the humanitarian crisis in Sudan's Darfur region. 23. Iran: Late in 2007, an Iranian businessman tried to download Google Earth and got a message that said, "Thanks for your interest, but the product that you're trying to download is not available in your country." 24. India: Google censors certain sensitive sites in India. Former Indian President A.P.J. Abdul Kalam expressed concern over the availability of high-resolution pictures of sensitive locations within the country. 25. Sydney, Australia: Much of inner Sydney still remains blurred. Google says that it removed the high-resolution photos due to a problem with one of the image providers, but Internet publications pointed to fears that the maps could be used as a terrorist tool. Some of the blocked areas include (or have included at some point) The Garden Island Naval Depot, the Lucas Heights Reactor, Parliament House and the Australian Defence Force headquarters in Canberra. 26. Areas of Southeast Asia: Areas blurred by Google Earth include sensitive political areas like Tibet/Xinjiang Province, northern areas of Pakistan and royal palaces. 27. Central/Eastern village of Yona, on the Pacific Island Territory of Guam: It?s unknown why this location is censored. 28. The city of Utrecht in the Netherlands: Some sites say that the ban on this Dutch city was an apparent mistake, but it does hold relevance as an ancient city and has served as the religious center of the Netherlands since the eighth century. 29. Fortress on Castell de Montju?c in Barcelona, Spain: This hill no longer houses a military presence, but it?s unavailable in Google Maps' high-resolution satellite images. However it did become accessible on Google Earth in April 2008. Nuclear Stations, Energy-Generation Sites and Reserves 30. Seabrook Station: This nuclear-power station is located in New Hampshire and is one of two originally planned units. 31. UMass Lowell Nuclear Research Reactor: This lab's primary focus is on reactor physics, operations and modeling. It houses 1 MW pool- type nuclear research reactor that has been operating since 1974. 32. Indian Point Energy Center in Westchester, N.Y.: Indian Point Energy Center is a three-unit nuclear power plant station. 33. Hydroelectric Dams and Supporting Waterways Near Niagara Falls, N.Y.: Niagara Falls function as a good source of hydroelectric power, which is probably why Google keeps these dams and waterways blurred. 34. McGuire Nuclear Station: With two Westinghouse pressurized water reactors and an ability to produce 2,200 megawatts of power, McGuire Nuclear Station generates almost half of North Carolina's nuclear power. 35. Perry Nuclear Generating Station: The San Francisco Chronicle reported in May 2007 that a spokeswoman for FirstEnergy, the electricity company that owns this Ohio nuclear plant, had no idea why the facility was blurred on Google. 36. Oconee Nuclear Station in Seneca, S.C.: Oconee Nuclear Station, which has three pressurized water reactors manufactured by The Babcock & Wilcox Company, is the second nuclear power plant in the country to have its license extended by the U.S. Nuclear Regulatory Commission. 37. Oil-Tank Farm in Braintree, Mass.: An oil-tank farm is a storage facility for liquid chemicals. 38. Shoreham Nuclear Power Plant: Though closed since 1989 due to protests, this General Electric Co. nuclear boiling-water reactor in New York is still fuzzy on Google Maps. 39. Liquid Natural Gas Terminal in Chelsea, Mass. and a Large Portion of an Industrial Port Area in Boston: Both of these areas are blurry on Google Maps. 40. Marshall Steam Station in Terrell, N.C.: Marshall Steam Station is a four-unit, coal-fired generating facility located in Catawba County, North Carolina. Colleges and Research Labs 41. Massachusetts Institute of Technology Lincoln Laboratory: Lincoln Laboratory is a federally funded research-and-development center working to use advanced technology to help solve problems of national security. 42. General Electric World Research Laboratories and General Electric Main Plant in Schenectady, N.Y.: According to General Electric's Web site, the research component boasts more than 3,000 of "the best and brightest researchers spread out at four multi- disciplinary facilities around the world." 43. Knolls Atomic Power Laboratory: This research-and-development facility supports the Naval Nuclear Propulsion Program, which researches, designs, constructs, operates and maintains U.S. nuclear- powered warships. 44. Stony Brook University: Stony Brook University is blurred because it houses Brookhaven National Laboratory. 45. Manhattanville College's Dammann and Tenney Dormitories: Manhattanville College, located in Purchase N.Y., is probably blurred because it?s near several corporate headquarters, including PepsiCo Inc., Texaco and MasterCard. 46. Noordwijk Aan Zee: The headquarters for ESTEC (European Space Research and Technology Centre and part of ESA (European Space Agency) are located in this Dutch community. 47. HAARP (High Frequency Active Auroral Research Program) Antenna Array on the Alaska/Yukon Border: This is part of the site for HAARP, which studies ionospheric-radio science.Miscellaneous 48. White Plains Train Station: The Wikipedia page for this New York train station states that "due to security reasons, overhead images of the station cannot be viewed in Google Maps or Google Earth." 49. William Hurt's Home: This actor?s home outside of Paris is hazy. 50. Playland Amusement Park in Rye, N.Y.: Google will not let you in on the fun at this amusement park, which boasts arcade games and 45 major rides. 51. Saint Louis School in Honolulu: Only the football field, the field house, the gym and ellipse are available on Google. From rforno at infowarrior.org Thu Sep 4 19:07:41 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 15:07:41 -0400 Subject: [Infowarrior] - Metallica's Lars Ulrich, hypocrite? Message-ID: Metallica's new album leaks but Lars is not suing mad By Andy Patrizio on September 3, 2008 4:00 PM http://blog.internetnews.com/apatrizio/2008/09/metallicas-new-album-leaks-but.html For anyone following the rock/metal scene, it's no secret Metallica has been on the outs with its fan base for some time. A string of bad albums and suing fans for downloading its MP3s did wonders to spoil the reputation for a band that had previously been viewed as one of the biggest, most popular and most significant bands to come along in ages. Its new album, "Death Magnetic," is due on September 12, but despite the band's best precautions, it has leaked to the Internet. Search any BitTorrent site and there it is, in its full 10 song, 70 minute glory. This is hardly uncommon. Every major album release that I've been following for the past few years has leaked a few weeks to a month prior to official release. It usually ends up on IRC and BitTorrent trading posts, and once it gets into those networks, trying to stop the trading would be like holding back the ocean with a bucket. But there will be no lawsuits this time. Drummer Lars Ulrich, who was particularly singled out for fan vilification over the lawsuits against fans and Napster, told a San Francisco radio DJ "It's 2008 and it's part of how it is these days, so it's fine. We're happy." He should be. The album is getting very good reviews, not just by critics but by fans alike who grabbed a copy. The band needed some positive word of mouth for once. And yes, it is quite good. From rforno at infowarrior.org Thu Sep 4 19:39:05 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 15:39:05 -0400 Subject: [Infowarrior] - Keep Streaming Videos, the Tubes Are Fine: Report Finds Message-ID: <8B1DC0DE-BF81-45B9-A19D-EBA843A9167D@infowarrior.org> Keep Streaming Videos, the Tubes Are Fine: Report Finds By Ryan Singel EmailSeptember 03, 2008 | 7:41:51 PM http://blog.wired.com/27bstroke6/2008/09/keep-streaming.html Pay no attention to rumors that the internet is getting full: the internet can eat 50 eggs. In fact, over the last 12 months, international net bandwidth in backbone grew 62 percent, while internet traffic grew only 53 percent and filled only 43 percent of the tubes' capacity at peak times, according to a new report released by bandwidth-monitoring firm TeleGeography. In short, the internet's tubes are growing faster than even YouTube videos can fill them, and they're in no danger of filling up anytime soon. That's despite the occasional Chicken Little proclamation from ISPs, pending caps on 'unlimited' internet usage and hand-wringing over peer- to-peer file sharing of movies such as Cool Hand Luke. In the same time period -- mid-2007 to mid-2008, Latin America and South Asia both doubled the capacity of their backbones -- the net's fiber-optic equivalent of a highway system. Wholesale prices for sending and receiving data continue to fall, and with the cheapest prices in North America and Europe, where there's still more abundant capacity, the Global Internet Geography report found. Though the report does not mention it, the expansion of global capacity -- especially fiber-optic lines that don't hit U.S. shores -- makes it harder for the U.S. government to wiretap the net, since increasingly net traffic stays local or takes a short route that doesn't go through the U.S. But take all of the above with a pinch of salt, since the report isn't science. Data on the net's size, capacity and even links are difficult to come by, since almost all of the infrastructure is privately owned, and there's little incentive and few requirements to share data with governments or scientists. Without open internet data or even data about the data, there is no science. Telegeography says it gathers its data at internet exchange points around the globe and from surveys. As for the future, the company says to expect much of the same: "strong growth and falling prices." The full report will run you $5,000, but Telegeography offers the executive summary (.pdf) for free. Image: Telegeography From rforno at infowarrior.org Fri Sep 5 00:06:05 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 20:06:05 -0400 Subject: [Infowarrior] - Resource: Stormpulse website Message-ID: Very well-organized and easy-to-use hurricane-tracking site. Worth checking out! http://www.stormpulse.com/ From rforno at infowarrior.org Fri Sep 5 00:17:03 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 20:17:03 -0400 Subject: [Infowarrior] - Google At Age 10 Message-ID: <3B4F002F-B1AE-4F3C-AB16-E0397E7DF206@infowarrior.org> September 4, 2008, 7:36 pm Google At Age 10 By Miguel Helft http://bits.blogs.nytimes.com/2008/09/04/google-at-age-10/ Google applied for incorporation as a business 10 years ago Thursday, according to a timeline supplied by the company. The application was accepted on Sept. 7, which is Sunday. In that decade, the search engine company has quickly emerged as the most successful business on the Web, and many expect it to dominate the next era of computing as thoroughly as Microsoft dominated the era of personal computers. Here?s a quick snapshot of Google by the numbers along with some comparisons to Microsoft. The sources of the data are the companies, Yahoo Finance and comScore. Google?s age: 10 Microsoft?s age: 33 Google?s revenue in the last 4 quarters: $19.6 billion Microsoft?s revenue in the last 4 quarters: $60.4 billion Microsoft?s revenue at age 10: $140 million ($279 million in today?s dollars) Google?s revenue per hour in the last 4 quarters: $2.2 million Microsoft?s revenue per hour in the last 4 quarters: $6.9 million Google net income in the last 4 quarters: $4.85 billion Microsoft?s net income in the last 4 quarters: $17.6 billion Google employees, as of June 30th: 19,604 Microsoft employees, as of May 31st: 89,809 Google?s revenue per employee: $1 million Microsoft revenue per employee: $672,000 Market value of Google: $142 billion Market value of Microsoft: $241 billion Number of tech companies with a market value larger than Google?s: 3 (Microsoft, IBM and Apple, in that order) Worldwide searches on Google in July: 48.7 billion Worldwide searches on Microsoft in July: 2.3 billion Worldwide searches per hour on Google in July: 65 million Worldwide searches per hour on Microsoft in July: 3.1 million From rforno at infowarrior.org Fri Sep 5 01:40:40 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Sep 2008 21:40:40 -0400 Subject: [Infowarrior] - Paul Ohm: The Rise and Fall of Invasive ISP Surveillance Message-ID: <79CBDBCB-453E-4885-A44D-35984045D13C@infowarrior.org> The Rise and Fall of Invasive ISP Surveillance Paul Ohm University of Colorado Law School August 30, 2008 http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1261344 Abstract: Nothing in society poses as grave a threat to privacy as the Internet Service Provider (ISP). ISPs carry their users' conversations, secrets, relationships, acts, and omissions. Until the very recent past, they had left most of these alone because they had lacked the tools to spy invasively, but with recent advances in eavesdropping technology, they can now spy on people in unprecedented ways. Meanwhile, advertisers and copyright owners have been tempting them to put their users' secrets up for sale, and judging from a recent flurry of reports, ISPs are giving in to the temptation and experimenting with new forms of spying. This is only the leading edge of a coming storm of unprecedented and invasive ISP surveillance. This Article proposes an innovative new theory of communications privacy to help policymakers strike the proper balance between user privacy and ISP need. We cannot simply ban aggressive monitoring, because ISPs have legitimate reasons for scrutinizing communications on an Internet teeming with threats. Using this new theory, policymakers will be able to distinguish between an ISP's legitimate needs and mere desires. In addition, this Article injects privacy into the network neutrality debate - a debate about who gets to control innovation on the Internet. Despite the thousands of pages that have already been written about the topic, nobody has recognized that we already enjoy mandatory network neutrality in the form of expansive wiretapping laws. The recognition of this idea will flip the status quo and reinvigorate a stagnant debate by introducing privacy and personal autonomy into a discussion that has only ever been about economics and innovation. Keywords: privacy, Internet, cyberlaw, ISP, wiretap, charter, comcast, nebuad, phorm, network neutrality JEL Classifications: K2, K29, K4, K41, K42 Working Paper Series Date posted: August 31, 2008 ; Last revised: September 04, 2008 From rforno at infowarrior.org Fri Sep 5 14:17:45 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Sep 2008 10:17:45 -0400 Subject: [Infowarrior] - A flier strikes back Message-ID: <409F05E3-7684-4BFE-9B35-3E96374857CF@infowarrior.org> A flier strikes back One traveler's tale of how he took an airline to court - and won. By Telis Demos, writer-reporter September 5, 2008: 5:52 AM EDT http://money.cnn.com/2008/09/04/magazines/fortune/demos_airline.fortune/index.htm (Fortune Magazine) -- On Feb. 21, 2008, Mitchell Berns heard every flier's two least favorite words: weather related. Citing snow, Delta Airlines was canceling his flight from Las Vegas to New York City and rescheduling him for a redeye connecting in Boston. With 47% of all delays so far in 2008 caused by weather (up 5% from last year), most fliers can relate. And they know that normally this story ends with a bleary-eyed tale recounted the next day at the water cooler. Not this time. It ends in court, with our traveler $838 richer. Berns, 55, is a securities litigator with Lane Sash & Larrabee in White Plains, N.Y. On that night he was flying home from a romantic getaway with his wife, who was pregnant with twins. Seeing that other airlines' planes were still departing as scheduled, Berns asked Delta to refund his ticket so that he could book one of those flights. They told him (politely, as he recalls) that weather-related cancellations or delays are not the airline's fault and do not come with a refund. Berns checked the National Weather Service report. It said snow that day was expected at five the next morning - hours after his flight was scheduled to land. He and several other passengers from his Delta flight easily booked a JetBlue flight departing at the same time. His tab: $938. He landed at J.F.K. on schedule. Back at home, Berns did what any consumer with $15 (in New York City) and a working knowledge of English (or Spanish, in most states) can do: He filed a small-claims suit against Delta for $938. Delta did not show up to defend itself, so on June 12 he won a default judgment. When a legal analyst from the airline called him two weeks later to negotiate a payment, he declined an offer of frequent-flier miles ("Confederate currency," in his words) and made a counteroffer: If you pay me within two weeks, I'll knock $100 off. Delta agreed but asked for a confidentiality agreement. Berns said they couldn't have both, and Delta took the discount. (A Delta spokesperson did not respond to repeated requests for comment.) "The lesson is, Don't let them bully you with bogus cancellations," says Berns. The whole thing took him about four hours, he recalls, resulting in earnings of less than half his hourly billing rate. "But I'd do it again," he says. "That's how good it felt." From rforno at infowarrior.org Fri Sep 5 16:57:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Sep 2008 12:57:38 -0400 Subject: [Infowarrior] - We the . . . Message-ID: <851BA171-930E-4D68-8FFE-7B4CB196551F@infowarrior.org> (c/o IP) We the . . . Imagine if the Founding Fathers tried to copyright the Constitution http://www.pressdemocrat.com/article/20080905/OPINION/809050369/1033/news THE PRESS DEMOCRAT Published: Friday, September 5, 2008 at 4:30 a.m. Last Modified: Friday, September 5, 2008 at 5:49 a.m. "We the people of the United States, in order to form a more perfect union, establish justice, insure tranquility . . . do ordain and establish that this Constitution shall not be duplicated, republished or rebroadcast without the written consent of, and payment to, future federal, state and local officials for revenue-generating purposes." We must have missed that last section of our founding documents. Apparently, California state officials haven't though. Laws may be of, by and for the people, but, according to the state, downloading them onto your computer is unlawful -- unless you pay for the privilege. That's what Carl Malamud of Sebastopol discovered when he sought to post online all 38 volumes of the California Code of Regulations and the Sonoma County Code. These documents contain society's rules about everything from building standards, to traffic laws, to regulations for running a nursing home. But state officials contend copyright laws give them the power to charge $2,315 for a printed version of the code and $1,556 for a digital version. The state generates about $800,000 a year by selling its laws for publication. Want to post them online? Forget about it. LexisNexis has the exclusive rights to distribute Sonoma County statutes. If you're wondering how a private company can have such control over the publication of laws written for the public -- and devised through taxpayer funds -- you're not alone. Adding to the absurdity of it all, California officials believe they're doing this to benefit the public. Noted Linda Brown, deputy director of the Office of Administrative Law, "We are obtaining compensation for the people of California." Given that reasoning, maybe the state should consider charging for election results? Imagine the revenue potential. Fortunately, Malamud has not given up. He has spent hours scanning the state code books into his computer, and on Labor Day he posted the basic safety codes for all 50 states. (To see his Web site, go to www.public.resource.org .) He's likely to hear from the state's lawyers soon, but he's ready for a fight. Given the state's long-standing support for the public's right to know what its government is doing and the court's history of recognizing that laws are part of the public domain and must be accessible, we're guessing Malamud will ultimately prevail. But just to be on the safe side, somebody hide a copy of the Constitution. From rforno at infowarrior.org Fri Sep 5 19:29:15 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Sep 2008 15:29:15 -0400 Subject: [Infowarrior] - Brave New World of Digital Intimacy Message-ID: <524C6A37-6CEA-4F05-806D-276654728D67@infowarrior.org> September 7, 2008 Magazine Preview Brave New World of Digital Intimacy BY CLIVE THOMPSON On Sept. 5, 2006, Mark Zuckerberg changed the way that Facebook worked, and in the process he inspired a revolt. Zuckerberg, a doe-eyed 24-year-old C.E.O., founded Facebook in his dorm room at Harvard two years earlier, and the site quickly amassed nine million users. By 2006, students were posting heaps of personal details onto their Facebook pages, including lists of their favorite TV shows, whether they were dating (and whom), what music they had in rotation and the various ad hoc ?groups? they had joined (like ?Sex and the City? Lovers). All day long, they?d post ?status? notes explaining their moods ? ?hating Monday,? ?skipping class b/c i?m hung over.? After each party, they?d stagger home to the dorm and upload pictures of the soused revelry, and spend the morning after commenting on how wasted everybody looked. Facebook became the de facto public commons ? the way students found out what everyone around them was like and what he or she was doing. But Zuckerberg knew Facebook had one major problem: It required a lot of active surfing on the part of its users. Sure, every day your Facebook friends would update their profiles with some new tidbits; it might even be something particularly juicy, like changing their relationship status to ?single? when they got dumped. But unless you visited each friend?s page every day, it might be days or weeks before you noticed the news, or you might miss it entirely. Browsing Facebook was like constantly poking your head into someone?s room to see how she was doing. It took work and forethought. In a sense, this gave Facebook an inherent, built-in level of privacy, simply because if you had 200 friends on the site ? a fairly typical number ? there weren?t enough hours in the day to keep tabs on every friend all the time. < - > http://www.nytimes.com/2008/09/07/magazine/07awareness-t.html?_r=1&hp=&oref=slogin&pagewanted=print From rforno at infowarrior.org Fri Sep 5 19:36:21 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Sep 2008 15:36:21 -0400 Subject: [Infowarrior] - Telecom Reporting Rule May Be Eased Message-ID: <0E8375F3-4740-45A0-A660-E1B2E96EF8D9@infowarrior.org> Telecom Reporting Rule May Be Eased FCC Action Could Affect Competition By Cecilia Kang Washington Post Staff Writer Friday, September 5, 2008; D01 http://www.washingtonpost.com/wp-dyn/content/article/2008/09/04/AR2008090403327_pf.html Phone giants AT&T, Verizon Communications and Qwest today are expected to win approval to report less information to the Federal Communications Commission on such matters as consumer complaints and infrastructure investments. A decision by the FCC to curtail the information may, however, open the gates for a broader review of data collected by the commission and could be expanded to include cable, satellite and wireless phone providers that are not currently required to submit similar reports. The reports offer rich details into the number of consumer complaints, waiting times for repairs and money put into technological upgrades by the largest phone service providers. As consumers rely more on technology -- spending $150 to $200 a month per household on Internet, phone and television services -- consumer groups say the reports are often the only source for detailed data that show how the providers are responding to service complaints and whether companies are investing enough in upgrading their networks. "These companies are the carriers of last resort because they have the backbone networks, and if you get rid of the standards, then standards almost inevitably get lower," said David Bergmann, head of telecommunications for the National Association of State Utility Consumer Advocates. Specifically, the FCC is expected to approve a petition by AT&T as part of an order that would include a proposal to revamp the current rule on the annual reports, according to sources at the commission who spoke on condition of anonymity because the vote is pending. AT&T's petition, filed June 2007, was followed by similar requests from Verizon and Qwest. The FCC was expected to reject a request in the AT&T petition that seeks to free the company from providing information on the number of business phone line subscribers it has, data that can be useful for determining other rules on competition, officials at the agency said. The company would have to collect and file its annual report until the end of 2009 -- a timetable that would allow the agency to review new rulemaking. "We need to update this for a level playing field with the marketplace of today," said FCC Chairman Kevin J. Martin, who said he would back the order today. "On quality of service, for example, if that data is relevant for one carrier, then it should be relevant for all platforms." The rule was created in 1990, when telephone companies had a monopoly over specific regions and most homes did not subscribe to wireless phone service and digital cable. Since then, the competitive landscape in telecommunications has become more complex, with cable operators offering phone service and phone companies offering digital television and Internet over fiber-optic networks. Consumer groups and smaller competitors yesterday criticized the pending order, saying the data sent to the FCC holds the biggest phone operators accountable for quality and service problems while also giving smaller providers key information about the larger companies' network investments. By granting the petition and uncertainty about a review of data requirements, they said the larger phone companies may benefit over smaller carriers. The phone companies argue that the reports offer redundant or unnecessary data. For example, AT&T said its data on consumer complaints come from information provided by the FCC. The company also said the current rule is unfair if new competitors in other industries aren't subject to the same requirements. "Our petition seeks to update the FCC's data-collection methods," AT&T spokesman Michael Balmoris said. "Under our petition, only necessary data will continue to be retained, but the inefficient and incomplete reporting of them will not." Last year AT&T said it received 2.2 residential complaints per 100 phone lines per month; Verizon received 2.1 complaints per 100 lines per month; and Qwest received 1.3 complaints. AT&T reported that 12 percent of its subscribers who filed trouble reports, filed more than once. For Verizon, it was 17 percent. From rforno at infowarrior.org Sat Sep 6 02:03:58 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Sep 2008 22:03:58 -0400 Subject: [Infowarrior] - Israeli Hacker "The Analyzer" Suspected of Hacking Again Message-ID: Israeli Hacker Known as "The Analyzer" Suspected of Hacking Again By Kim Zetter EmailSeptember 05, 2008 | 8:01:00 PMCategories: Crime, Hacks and Cracks http://blog.wired.com/27bstroke6/2008/09/the-analyzer-su.html Canadian authorities have announced the arrest of a 29-year-old Israeli named Ehud Tenenbaum whom they believe is the notorious hacker known as "The Analyzer" who, as a teenager in 1998, hacked into unclassified computer systems belonging to NASA, the Pentagon, the Israeli parliament and others. Tenenbaum and three Canadians were arrested for allegedly hacking the computer system of a Calgary-based financial services company and inflating the value on several pre-paid debit card accounts before withdrawing about CDN $1.8 million (about U.S. $1.7 million) from ATMs in Canada and other countries. The arrests followed a months-long investigation by Canadian police and the U.S. Secret Service. Tenenbaum faces six counts of fraudulent use of credit card data and one count of fraud over $5,000. He remains in custody in Calgary without bail, though the three other suspects -- Priscilla Mastrangelo, 30, Jean Francois Ralph, 28, and Sypros Xenoulis, 33 -- have been released on bond, according to a Canadian media report. An Israeli media outlet contacted Tenenbaum's mother, but she didn't know if it was her son who had been arrested. She told the reporter that her son spends time in France and Canada and that she tried to contact him after news of the arrest went public, but she was unable to reach him. Tenenbaum was 19 when he was arrested in 1998 along with several other Israelis and two California teens in one of the first high-profile hacker cases that made international news. Tenenbaum and his fellow Israeli hackers referred to themselves at the time as the Israeli Internet Underground or the "Enforcers." According to Israeli court documents, their activities began when one of the Israelis asked Tenenbaum to help him hack into the computer system of the Sde Boker Seminary -- a college in Israel's Negev Desert -- in order to read the e-mail correspondence of a female. Tenenbaum then used sniffer and Trojan horse programs to break into computer systems belonging to two Israeli ISPs and obtain user names and passwords of customers. He used the hi-jacked customer accounts to breach other computer systems belonging to all of the universities in Israel, the web sites for the Israeli parliament and Israel's president as well as a system belonging to Hamas, a militant Palestinian organization. An attempt to breach the computer system of the Israel Defense Forces failed. Tenenbaum, who referred to the California teens as his pupils, taught his accomplices how to hack into U.S. systems and gave them sniffer and Trojan programs to assist them. Although Tenenbaum's attacks were unsophisticated -- they simply exploited a long-known vulnerability in the Solaris operating system that had been left unpatched -- he and his cohorts were nonetheless able to breach systems belonging to the Department of Defense, the Air Force and Navy, NASA, MIT, and several U.S. Ivy League universities. The attacks on the U.S. military systems came at a time of high alert in the Middle East when Iraqi President Saddam Hussein was defying U.N. weapons inspections. U.S. authorities were so unsettled by the breach of military computers -- which they called "the most organized and systematic attack" that had occurred to date -- that a joint investigation was launched by several government and military agencies, dubbed Operation Solar Sunrise, to track down the source of the threats. Tenenbaum was caught after the two California teens were arrested. Israel's then-prime minister Bibi Netanyahu called Tenenbaum "damn good" after learning of his deeds. But added that he was also "very dangerous, too." The hacker was eventually sentenced in 2001 to six months of community service in Israel. By then, he was working as a computer security consultant. From rforno at infowarrior.org Sat Sep 6 03:58:19 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Sep 2008 23:58:19 -0400 Subject: [Infowarrior] - CIA, FBI push 'Facebook for spies' Message-ID: <8E6A92F9-D3FB-47D0-B908-7D4031BA604B@infowarrior.org> CIA, FBI push 'Facebook for spies' By Larry Shaughnessy CNN http://edition.cnn.com/2008/TECH/ptech/09/05/facebook.spies/index.html?eref=edition WASHINGTON (CNN) -- When you see people at the office using such Internet sites as Facebook and MySpace, you might suspect those workers are slacking off. A social-networking site for the world of spying officially launches for the U.S. intelligence community this month. A social-networking site for the world of spying officially launches for the U.S. intelligence community this month. But that's not the case at the CIA, the FBI and the National Security Agency, where bosses are encouraging their staff members to use a new social-networking site designed for the super-secret world of spying. "It's every bit Facebook and YouTube for spies, but it's much, much more," said Michael Wertheimer, assistant deputy director of national intelligence for analysis. The program is called A-Space, and it's a social-networking site for analysts within the 16 U.S. intelligence agencies. Instead of posting thoughts about the new Avenged Sevenfold album or Jessica Alba movie, CIA analysts could use A-Space to share information and opinion about al Qaeda movements in the Middle East or Russian naval maneuvers in the Black Sea. The new A-Space site has been undergoing testing for months and launches officially for the nation's entire intelligence community September 22. "It's a place where not only spies can meet but share data they've never been able to share before," Wertheimer said. "This is going to give them for the first time a chance to think out loud, think in public amongst their peers, under the protection of an A-Space umbrella." Wertheimer demonstrated the program to CNN to show how analysts will use it to collaborate. "One perfect example is if Osama bin Laden comes out with a new video. How is that video obtained? Where are the very sensitive secret sources we may have to put into a context that's not apparent to the rest of the world?" Wertheimer asked. "In the past, whoever captured that video or captured information about the video kept it in-house. It's highly classified, because it has so very short a shelf life. That information is considered critical to our understanding." The goal of A-Space, like intelligence analysis in general, is to protect the United States by assessing all the information available to the spy agencies. Missing crucial data can have enormous implications, such as an FBI agent who sent an e-mail before September 11, 2001, warning of people learning to fly airplanes but not learning to land them. "There was the question, 'Was that a dot that failed to connect?' Well, that person did this via e-mail," Wertheimer said. "A-Space is the kind of place where you can log that observation and know that your fellow analysts can see that." Even though Facebook, MySpace and other social-networking sites that inspired A-Space are predominantly the domain of young people, there apparently is no such generational divide on A-Space. "We have found that participation in A-Space crosses every conceivable age line and experience line. People are excited, no matter what age group," Wertheimer said. Of course, the material on A-Space is highly classified, so it won't be available for the public. Only intelligence personnel with the proper security clearance, and a reason to be examining particular information, can access the site. The creators of A-Space do not want it to be used by some future double agent such as Jonathan Pollard or Robert Hanssen to steal America's 21st-century secrets. "We're building [a] mechanism to alert that behavior. We call that, for lack of a better term, the MasterCard, where someone is using their credit card in a way they've never used it before, and it alerts so that maybe that credit card has been stolen," Wertheimer said. "Same thing here. We're going to actually do patterns on the way people use A-Space." Yes, analysts can collect friends on A-Space the way people can on Facebook. But nobody outside the intelligence community will ever know -- because they're secret. From rforno at infowarrior.org Sat Sep 6 03:59:26 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Sep 2008 23:59:26 -0400 Subject: [Infowarrior] - After 5 Years of RIAA Litigation ..... Message-ID: <52F4CE57-6FA0-400C-83F5-5772EBCD810B@infowarrior.org> File Sharing Lawsuits at a Crossroads, After 5 Years of RIAA Litigation By David Kravets EmailSeptember 04, 2008 | 5:55:39 PMCategories: RIAA Litigation http://blog.wired.com/27bstroke6/2008/09/proving-file-sh.html It was five years ago Monday the Recording Industry Association of America began its massive litigation campaign that now includes more than 30,000 lawsuits targeting alleged copyright scofflaws on peer-to- peer networks. The targets include the elderly, students, children and even the dead. No one in the U.S. who uses Kazaa, Limewire or other file sharing networks is immune from the RIAA's investigators, and fines under the Copyright Act go up to $150,000 per purloined music track. But despite the crackdown, billions of copies of copyrighted songs are now changing hands each year on file sharing services. All the while, some of the most fundamental legal questions surrounding the legality of file sharing have gone unanswered. Even the future of the RIAA's only jury trial victory -- against Minnesota mother Jammie Thomas -- is in doubt. Some are wondering if the campaign has shaped up as an utter failure. "We're just barely scratching the surface of the legal issues," says Ray Beckerman, a New York lawyer and one of the nation's few who have taken an RIAA defendant's case. "They're extorting people -- and for what purpose?" When the first round of lawsuits were filed on Sept. 8, 2003 -- targeting 261 defendants around the country -- it was a hairpin turn from the RIAA's previous strategy of going after services like Napster, RIAA president Cary Sherman said at the time. "It is simply to get peer-to-peer users to stop offering music that does not belong to them." The goal in targeting music fans instead of businesses was "not to be vindictive or punitive," says Sherman. Today, the RIAA -- the lobbying group for the world's big four music companies, Sony BMG, Universal Music, EMI and Warner Music -- admits that the lawsuits are largely a public relations effort, aimed at striking fear into the hearts of would-be downloaders. Spokeswoman Cara Duckworth of the RIAA says the lawsuits have spawned a "general sense of awareness" that file sharing copyrighted music without authorization is "illegal." "Think about what the legal marketplace and industry would look like today had we sat on our hands and done nothing," Duckworth says in a statement. (The RIAA declined to be interviewed for this story.) Casey Lentz, a 21-year-old former San Francisco State student, is among those caught in the RIAA's PR campaign. "They're harassing me nonstop," says Lentz, who's been trying to settle her RIAA case, but can't afford a lawyer. "I wasn't the one who downloaded the music. It was a shared computer with my roommates and my friends. They want $7,500 for 10 songs." "I told them I only had $500 in my bank account. And they said 'no way,'" she says. Despite a fallow legal landscape, most defendants cannot afford attorneys and settle for a few thousand dollars rather than risk losing even more, Beckerman says. "There are still very few people fighting back as far as the litigation goes and they settle." "It costs more to hire a lawyer to defend these cases than take the settlement," agrees Lory Lybeck, a Washington State attorney, who is leading a prospective class-action against the RIAA for engaging in what he says is "sham" litigation tactics. "That's an important part of what's going on. The recording industry is setting a price where you know they cannot hire lawyers. It's a pretty well-designed system whereby people are not allowed any effective participation in one of the three prongs in the federal government." Riaapic_2 Settlement payments can be made on a website, where the funds are used to sue more defendants. None of the money is paid to artists. The quick settlements have left largely unexamined some basic legal questions, such as the legality of the RIAA's investigative tactics, and the question of what proof should be required to hold a defendant liable for peer-to-peer copyright infringement In two cases, judges have ruled that making songs available on a peer- to-peer network does not constitute copyright infringement -- the RIAA has to show that someone actually downloaded the material from a defendant's open share folder. One of those cases is still mired in pretrial litigation. In the other, an Arizona judge issued a $40,000 judgment last week in favor of the recording industry, after learning the defendant tampered with his hard drive to conceal his downloading. The so-called "making available" issue also emerged, belatedly, in the only RIAA file sharing lawsuit to go to trial: the case against Thomas, a Minnesota mother of three, who was slammed with a $222,000 judgment last year for sharing 24 tracks in her Kazaa folder. Months after the Duluth, Minnesota jury's October verdict, U.S. District Judge Michael Davis called the lawyers back to his courtroom. He said he likely committed a "manifest error" in the case by instructing (.pdf) the jury that merely offering music was infringement. Judge Davis is expected any day to declare a mistrial in the case, and rule that the Copyright Act demands a showing of an actual "transfer" of files from Thomas' share folder. If that line of reasoning is followed elsewhere, it endangers a key prong of the RIAA's litigation strategy. The association believes it is technically impossible to prove that files offered on a peer-to-peer user's shared folders were actually downloaded by anyone besides its own investigators. "It's all done behind a veil," RIAA attorney Donald Verrilli Jr. argued in the Thomas case last month. That doesn't mean the RIAA would be dead in the water. The recording industry could try to prove, through forensic examination, that the shared files were pirated to begin with, i.e., that the defendant infringed copyright law by downloading the music, before sharing it again. It's also possible the courts will find that -- as the RIAA has argued -- downloads by the RIAA's investigators can be considered infringement by the file sharer; digital rights advocates counter the recording industry should not be able to pay investigators to make downloads of its own music, and then declare them unauthorized copies. The RIAA's investigative tactics have come under attack as well. In a few states -- Michigan, Texas, Florida, New York, Massachusetts, Oregon and Arizona -- state governments and RIAA defendants have challenged the qualifications of the private company that develops the music industry's cases. MediaSentry -- aka SafeNet -- specializes in logging into peer-to-peer networks, where it downloads some music, takes screenshots of open share folders and documents the offending IP address. The RIAA's position is that the online sleuthing isn't covered by state laws regulating private investigators. But Michigan (.pdf) recently disagreed, and told MediaSentry it needed a private investigator's license to continue practicing in that state. Against that shifting legal backdrop, a handful of universities, including the University of Oregon, have begun refusing to divulge students' names in file sharing lawsuits, on privacy grounds. Nobody can credibly dispute that file sharing systems are a superhighway for pirated music. "There is no doubt that the volume of files on P2P is overwhelmingly infringing," says Eric Garland, president of Los Angeles research firm BigChampagne. But critics of the RIAA say it's time for the music industry to stop attacking fans, and start looking for alternatives. Fred von Lohmann, a staff attorney with the Electronic Frontier Foundation, says the lawsuits are simply not reducing the number of people trading music online. "If the goal is to reduce file sharing," he says, "it's a failure." From rforno at infowarrior.org Sun Sep 7 17:46:05 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Sep 2008 13:46:05 -0400 Subject: [Infowarrior] - DOD Directive on News Reporting Message-ID: <3B4D99C4-B865-483A-B636-111BCE903961@infowarrior.org> http://cryptome.org/dodd-5122-05.pdf DoDD 5122.05, September 5, 2008 SUBJECT: Assistant Secretary of Defense for Public Affairs (ASD(PA)) PRINCIPLES OF INFORMATION It is the policy of the Department of Defense to make available timely and accurate information so that the public, Congress, and the news media may assess and understand the facts about national security and defense strategy. Requests for information from organizations and private citizens shall be answered in a timely manner. In carrying out the policy, the following principles of information will apply: a. Information will be made fully and readily available, consistent with the statutory requirements, unless its release is precluded by current and valid security classification. The provisions of the Freedom of Information Act will be supported in both letter and spirit. b. A free flow of general and military information will be made available, without censorship or propaganda, to the men and women of the Armed Forces and their dependents. c. Information will not be classified or otherwise withheld to protect the Government from criticism or embarrassment. d. Information will be withheld only when disclosure would adversely affect national security, threaten the safety or privacy of the men and women of the Armed Forces, or if otherwise authorized by statute or regulation. e. The Department of Defense?s obligation to provide the public with information on its major programs may require detailed public affairs planning and coordination within the Department of Defense and with the other Government agencies. The sole purpose of such activity is to expedite the flow of information to the public; propaganda has no place in DoD public affairs programs. STATEMENT OF DoD PRINCIPLES FOR NEWS MEDIA COVERAGE OF DoD OPERATIONS 1. Open and independent reporting shall be the principal means of coverage of U.S. military operations. 2. Media pools (limited number of news media who represent a larger number of news media organizations for news gatherings and sharing of material during a specified activity) are not to serve as the standard means of covering U.S. military operations. However, they sometimes may provide the only means of early access to a military operation. In this case, media pools should be as large as possible and disbanded at the earliest opportunity (in 24 to 36 hours, when possible). The arrival of early-access media pools shall not cancel the principle of independent coverage for journalists already in the area. 3. Even under conditions of open coverage, pools may be applicable for specific events, such as those at extremely remote locations or where space is limited. 4. Journalists in a combat zone shall be credentialed by the U.S. military and shall be required to abide by a clear set of military security ground rules that protect U.S. Armed Forces and their operations. Violation of the ground rules may result in suspension of credentials and expulsion from the combat zone of the journalist involved. News organizations shall make their best efforts to assign experienced journalists to combat operations and to make them familiar with U.S. military operations. 5. Journalists shall be provided access to all major military units. Special operations restrictions may limit access in some cases. 6. Military PA officers should act as liaisons, but should not interfere with the reporting process. 7. Under conditions of open coverage, field commanders should be instructed to permit journalists to ride on military vehicles and aircraft when possible. The military shall be responsible for the transportation of pools. 8. Consistent with its capabilities, the military shall supply PA officers with facilities to enable timely, secure, compatible transmission of pool material and shall make those facilities available, when possible, for filing independent coverage. If Government facilities are unavailable, journalists, as always, shall file by any other means available. The military shall not ban communications systems operated by news organizations, but electromagnetic operational security in battlefield situations may require limited restrictions on the use of such systems. 9. Those principles in paragraph 8 shall apply as well to the operations of the standing DoD National Media Pool system. From rforno at infowarrior.org Sun Sep 7 17:48:29 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Sep 2008 13:48:29 -0400 Subject: [Infowarrior] - Google and "world domination" Message-ID: Google once reviled computer superpowers but domination is just what it is achieving What's a nice firm like you doing ruling the world? By Emily Dugan Sunday, 7 September 2008 http://www.independent.co.uk/life-style/gadgets-and-tech/news/google-once-reviled-computer-superpowers-but-domination-is-just-what-it-is-achieving-921451.html There are not many companies whose trade names have become verbs. And there must be even fewer who would view this as a cause for concern. But when Google entered the dictionary in 2006, the directors seemed furious. Instead of celebrating their status as the ultimate household name, they were found muttering darkly about "brand dilution" and the company's future. As Google celebrates its 10th birthday this week ? just days after the announcement of its very own web browser ? the reasons for this early frustration have become abundantly clear. What started as a plucky search engine set up by two students in a garage is now one of the world's most powerful companies, whose reach extends far beyond the web searches that made its name and into almost every way in which the internet is used. Now Google has become a symbol of the internet as a whole. A YouGov survey published last week found that Britons suffered from "discomgooglation" ? a term used to describe how lost people feel if they can't get on the internet. Responding to the survey, more than three-quarters of internet users in the UK said they could not live without the web. More than 50 per cent also found the internet more important than religion. The discomgooglation statistics were telling, but it was the term itself that revealed the power of the company. Following the launch of web services such as Gmail, Google Maps and Google Earth, not to mention its acquisition of You- Tube, Google is looking more and more like the computing giants it set itself up to oppose. And the new Google Chrome browser is the most aggressive example of this so far. Last week a comic book detailing why Chrome would be faster and better than its competitors was "accidentally" leaked, creating a storm of interest in the media. It was the most direct attack on Microsoft to date, coming at a time when its eighth version of Internet Explorer had been previewed (with little media attention) just days before. In the company's early days, its chief executive, Eric Schmidt, said Google would not need its own browser. He added that there was no plan to take on Microsoft with online versions of applications because they did not provide as good an experience as desktop software. But all that changed two years ago when Google released a succession of online applications to rival Microsoft's ? culminating in last week's launch of Chrome. Google justified this foray into the final area of the internet not yet under its control by saying it wanted something that would work well with its existing facilities. "Everything we do is running on the web platform," said co-founder Larry Page. "It's very important to us that that works well." But others believe there was a very different motivation. In the test version of Internet Explorer 8, there appeared to be a feature that might block Google's targeted advertising. Given that 99 per cent of the company's annual revenue is made from advertising, this could hold the key to the company's sudden interest in expanding into the brow- ser market. In many ways it is misleading to think of Google as an internet giant; it is primarily an advertising giant. By enticing users with free content and programs, it has been able to provide space for increasingly targeted adverts that have proved highly lucrative. Now 40 per cent of all online advertising is controlled by Google ? a monopoly that it has good reason to defend. Today, Google has a $16.6bn (?9.4bn) annual revenue, $4.2bn of which is profit. But its increasing domination of the market is making people uneasy. In July two of the company's web engineers said they had registered the trillionth web page available via the search engine. While some marvelled at how the internet had grown, others were alarmed by the potential power of a company that holds such a wealth of information about our lives. Its unofficial motto "Don't be Evil", which has been at the heart of the company's code of conduct since its inception, is looking increasingly flimsy as it goes about the business of world domination. And Google has noticed this too. In a recent interview the company's vice-president, Marissa Mayer, began the back-track, saying "Don't be Evil" had never been and would never be an elected or ordained motto. Inside the Googleplex, the glass-clad HQ in California, they keep their staff loyal with generous services and a laid-back atmosphere. But for all the wholesome, beanbag-strewn offices, Google is turning into a menacing presence that is using increasingly aggressively tactics to stay above its rivals. When Larry Page and Sergey Brin sat in that Californian garage in 1998, dreaming up a business that could be different from Microsoft, it is doubtful they were envisaging becoming more aggressive than Bill Gates's behemoth. But all the coloured beanbags and free lunches in the world could not disguise the tide of feeling that turned against the company when they announced Chrome last week. When The Drudge Report linked to news wires about Chrome last week, it was under the headline "Domination". No longer "the little company that made good", the extent of Goo-gle's power is provoking fear and anger in the tech community. Bill Stewart, the internet historian and founder of livinginternet.com, said Google's image took a nosedive last week. "There has been a tremendous amount of goodwill for Google but the announcement of the browser is a tipping point. "It indicates that they are out to dominate and are mimicking their worst enemy: Microsoft. There has been a change in sentiment. The goodwill has evaporated and turned to concern." The European Parliament is already scrutinising Google for potential invasion of privacy and copyright. Meanwhile, copyright lawsuits have flooded in for YouTube's use of video clips, and there have been court battles over content stored on Google News and Google Books. But it is privacy that now seems to be sparking the most concern. With every Google search collated and recorded, it is not surprising that the public are uneasy about the company. Google will not say if it has ever given information gathered from its services to the police, but with such a substantial database, it could be an incredibly powerful tool. After a public outcry, Google ceased to store information about the world's internet habits for life ? now they are held for just 18 months. But many are still concerned. "I'm worried about Google and I think a lot of people are increasingly worried", says Mr Stewart. "They set up a structure to avoid the mistakes of others, but I've noticed a marked difference in the last year. It would appear they're turning into their enemy. There's tremendous concern about the information they hold." And concern about data stored from the search engine is just the beginning. One of its newer ventures, Google Street View, makes government CCTV surveillance look amateur. Already in place in cities around America and Europe, the company has taken photographs of 360-degree street views that can be viewed as part of Google Maps and Google Earth. Residents in San Francisco were alarmed to realise they could zoom in on their own houses so closely that they could see the people inside. Ten years on from those first tentative attempts to catalogue the internet, Google's services are available in 112 languages. You can even search in Klingon ? the Star Trek dialect of choice for geeks the world over. Until now, Google's light-hearted approach and brightly coloured branding has wooed the world into believing it is no more than a friendly provider of useful information. But while the company continues its rapid expansion into every aspect of our online lives, the implications of Google's reign over the internet could be distinctly less bright. Ten ways to take over the web... 1. Google Earth: shows images of the Earth and even the galaxies, using satellite imagery and aerial photography. 2. Google Street: gives street- level images of cities in the US and Europe, with 360 degree- views. 3. Google Maps: provides directions to destinations, and street maps which can be a hybrid of a map and aerial view. 4. Gmail: free email accounts accessible from any computer with internet access. Funded using targeted advertising that searches users' mail. 5. Chrome browser: launched last week, Google has boasted that this will be the fastest browser, showing thumbnails of favourite sites and shortcuts to web applications. 6. YouTube: free website which that users upload, view and share video clips. 7. Google News: aggregates news stories from more than 4,500 English language news sites, and can be customised according to readers' interests. 8. Google Books: selects books that match search terms. Lets you browse the books online and, in some cases, download the full text. 9. Documents and spreadsheets: free documents that can be integrated into other applications to share information on a real-time basis. 10. Google Android: this software platform and operating system for mobiles could be a major challenger to the iPhone. From rforno at infowarrior.org Sun Sep 7 21:29:52 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Sep 2008 17:29:52 -0400 Subject: [Infowarrior] - Safeway - The Morality Police? Message-ID: <73A4DAA8-93B8-4C63-BB3C-A8BEAFD7342F@infowarrior.org> (c/o Pogowasright.org) Safeway IDs Everyone In Your Party When You Buy Beer Daniel went to his local Safeway with his brother to buy some beer. Daniel had his ID, but his brother didn't?but that's okay, because Daniel was the one buying the beer. The cashier, however, felt otherwise, and wouldn't complete the transaction without carding both of them. The store manager told him "the policy is, at the discretion of the clerk, to check the ID of every person present." The manager hinted that this was a liability issue, but it sounds to us like Safeway's employees have decided to play morality police instead of following the actual rules. Daniel sums up the problem: < - > http://consumerist.com/5045654/safeway-ids-everyone-in-your-party-when-you-buy-beer From rforno at infowarrior.org Sun Sep 7 23:37:37 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Sep 2008 19:37:37 -0400 Subject: [Infowarrior] - When Academia Puts Profit Ahead of Wonder Message-ID: <6615DA32-8C7A-4188-BB30-50FC21255D93@infowarrior.org> September 7, 2008 Unboxed When Academia Puts Profit Ahead of Wonder By JANET RAE-DUPREE http://www.nytimes.com/2008/09/07/technology/07unbox.html?pagewanted=print ?It is the policy and objective of the Congress to use the patent system to promote the utilization of inventions arising from federally supported research or development? and ?to promote collaboration between commercial concerns and nonprofit organizations, including universities.? ? The Bayh-Dole Act, a k a the University Small Business Patent Procedures Act THE law of unintended consequences is perhaps less a ?law? than a simple statement of fact: We cannot accurately predict all the results of our actions. We may do something with the best of intentions, and sometimes even accomplish the good toward which we aim. Yet, at the same time, we are all too often surprised by results that didn?t occur to us beforehand. The Bayh-Dole Act of 1980 started out with the best of intentions. By clearing away the thicket of conflicting rules and regulations at various federal agencies, it set out to encourage universities to patent and license results of federally financed research. For the first time, academicians were able to profit personally from the market transfer of their work. For the first time, academia could be powered as much by a profit motive as by the psychic reward of new discovery. University ?tech transfer? offices have boomed from a couple dozen before the law?s passage to nearly 300 today. University patents have leapt a hundredfold. Professors are stepping away from the lab and lecture hall to navigate the thicket of venture capital, business regulations and commercial competition. None of these are necessarily negative outcomes. But more than a quarter-century after President Jimmy Carter signed it into law, the Bayh-Dole Act, sponsored by the former Senators Birch Bayh, Democrat of Indiana, and Robert Dole, Republican of Kansas, is under increasing scrutiny by swelling ranks of critics. The primary concern is that its original intent ? to infuse the American marketplace with the fruits of academic innovation ? has also distorted the fundamental mission of universities. In the past, discovery for its own sake provided academic motivation, but today?s universities function more like corporate research laboratories. Rather than freely sharing techniques and results, researchers increasingly keep new findings under wraps to maintain a competitive edge. What used to be peer-reviewed is now proprietary. ?Share and share alike? has devolved into ?every laboratory for itself.? In trying to power the innovation economy, we have turned America?s universities into cutthroat business competitors, zealously guarding the very innovations we so desperately want behind a hopelessly tangled web of patents and royalty licenses. Of course, there is precedent for scientific secrecy, notes Daniel S. Greenberg , author of ?Science for Sale: The Perils, Rewards and Delusions of Campus Capitalism? (University of Chicago Press, 2007). When James Watson and Francis Crick were homing in on DNA?s double- helix structure in the 1950s, they zealously guarded their work from prying eyes until they could publish their findings, to be certain that they would get the credit for making the discovery. ?They didn?t try to patent it,? Mr. Greenberg notes, ?but somebody doing the same work today would certainly take a crack at patenting the double helix.? In fact, it was the life sciences ? in particular, biotechnology ? that started universities down the slippery commercial slope in the first place. Even before the Bayh-Dole Act, pharmaceutical companies were eagerly trolling campuses, looking for projects to finance. After the law was passed, they stepped up their efforts, but now with renewed zeal for keeping potential trade secrets from competitors. While patients have benefited from the growing supply of new medications, the universities have obtained patents not only for the actual substances but also for the processes and methods used to make them, potentially hampering discovery of even more beneficial treatments. ?Bayh-Dole tore down the taboos that existed against universities engaging in overtly commercial activity. Universities really thought that they were going to make it rich,? said Jennifer Washburn, author of ?University Inc.: The Corporate Corruption of Higher Education? (Basic Books, 2005). ?Each school was convinced that if they came up with that one blockbuster invention, they could solve all their financial problems.? Ms. Washburn says that was ?extremely wrong-headed.? Initially reacting to the law by slapping patents on every possible innovation, universities quickly discovered that patents were an expensive proposition. The fees and legal costs involved in obtaining a single patent can run upward of $15,000, and that doesn?t count the salaries of administrative staff members. Instead of bringing home the bacon, university tech transfer offices were throwing money into the void with little hope of returns. To date, Ms. Washburn says, data gathered by the Association of University Technology Managers, a trade group, show that fewer than half of the 300 research universities actively seeking patents have managed to break even from technology transfer efforts. Instead, two- thirds of the revenue tracked by the association has gone to only 13 institutions. Part of the problem has been a lingering misunderstanding about where the value lies in innovation. Patenting a new basic science technique, or platform technology, puts it out of the reach of graduate students who might have made tremendous progress using it. Similarly, exclusive licensing of a discovery to a single company thwarts that innovation?s use in any number of other fields. R. Stanley Williams, a nanotechnologist from Hewlett-Packard, testified to Congress in 2002 that much of the academic research to which H.P. has had difficulty gaining access could be licensed to several companies without eroding its intellectual property value. ?Severe disagreements have arisen over conflicting interpretations of the Bayh-Dole Act,? he said. ?Large U.S.-based corporations have become so disheartened and disgusted with the situation, they are now working with foreign universities, especially the elite institutions in France, Russia and China.? THE issue is further clouded by ?reach through? licenses, complex arrangements used by many tech transfer offices. A reach-through lets the patent holder claim a share of any profits that result from using, say, an enabling technology, even if those profits come several steps down the market transfer line. Several universities are already embroiled in messy lawsuits trying to sort out who is entitled to what. Perhaps the most troublesome aspect of campus commercialization is that research decisions are now being based on possible profits, not on the inherent value of knowledge. ?Blue sky? research ? the kind of basic experimentation that leads to a greater understanding of how the world works ? has largely been set aside in favor of projects considered to have more immediate market potential. In academia?s continuing pursuit of profit, the wonder of simple serendipitous discovery has been left on the curb. Janet Rae-Dupree writes about science and emerging technology in Silicon Valley. From rforno at infowarrior.org Mon Sep 8 12:19:20 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Sep 2008 08:19:20 -0400 Subject: [Infowarrior] - Water-Based Data Center (Google patents) Message-ID: <98A1F32C-5E34-4C03-9447-510562A9B4FE@infowarrior.org> Water-Based Data Center Document Type and Number: United States Patent 20080209234 Kind Code: A1 Abstract: A system includes a floating platform-mounted computer data center comprising a plurality of computing units, a sea-based electrical generator in electrical connection with the plurality of computing units, and one or more sea-water cooling units for providing cooling to the plurality of computing units. http://www.freepatentsonline.com/y2008/0209234.html From rforno at infowarrior.org Mon Sep 8 13:09:19 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Sep 2008 09:09:19 -0400 Subject: [Infowarrior] - Pentagon debates development of offensive cyberspace capabilities Message-ID: <0F52954F-EBFF-4FF7-9884-19E1C72D7F72@infowarrior.org> Pentagon debates development of offensive cyberspace capabilities The current emphasis is on intelligence gathering and defending U.S. electronic security, but some officials think the military should know how to attack other nations' computer systems. By Julian E. Barnes, Los Angeles Times Staff Writer September 8, 2008 http://www.latimes.com/news/nationworld/nation/la-na-cyber8-2008sep08,0,1049889.story WASHINGTON -- Igniting a provocative new debate, senior military officials are pushing the Pentagon to go on the offensive in cyberspace by developing the ability to attack other nations' computer systems, rather than concentrating on defending America's electronic security. Under the most sweeping proposals, military experts would acquire the know-how to commandeer the unmanned aerial drones of adversaries, disable enemy warplanes in mid-flight and cut off electricity at precise moments to strategic locations, such as military installations, while sparing humanitarian facilities, such as hospitals. An expansion of offensive capabilities in cyberspace would represent an important change for the military. For years, U.S. officials have been reluctant to militarize what is widely seen as a medium for commerce and communication -- much like space. But a new National Military Strategy for Cyberspace Operations, declassified earlier this year, fueled the Pentagon debate and gave the military a green light to push for expanded capabilities. The monthslong debate took on added urgency after the electronic attacks that coincided with the Russian military's early August push into Georgia and reflects a newfound uncertainty over the state of global cyber-warfare capabilities. Military officials have not concluded whether the electronic network attacks in Georgia were coordinated by Moscow or were the work of freelance hackers or paramilitary groups. Still, the use of cyberspace by Russia and other countries is drawing intense scrutiny by the Pentagon. "As we go forward in time, cyber is going to be a very important part of our war-fighting tactics, techniques and procedures," said Michael W. Wynne, a former Air Force secretary. Under Wynne, the Air Force established a provisional Cyber Command in 2007 and made operating in the cyber domain part of its mission statement, on par with air operations. Wynne clashed with superiors over the Air Force approach to cyberspace and other issues and was fired in June after breakdowns in U.S. nuclear weapons security procedures. New Air Force leaders now are reassessing plans for a permanent Cyber Command, which under Wynne's leadership would have included some offensive capabilities. Most other U.S. efforts focus on defending military and government networks and mining international systems for intelligence. Both the Army and Navy have long-standing operations but primarily focus on intelligence gathering. The Army, in particular, has used a variety of electronic networks to gather intelligence on insurgents in Iraq and Afghanistan. The most advanced expertise on operating in cyberspace is held by the National Security Agency, the Defense Department intelligence arm that monitors foreign phone calls, e-mails and other communication. A senior defense official said the NSA "is where the mother lode of expertise is. Those are the folks that have been looking at the capability for the longest period of time." Overseeing all of these various military efforts in cyberspace is the Defense Department's Strategic Command, which is primarily responsible for the nation's nuclear arsenal. Several senior Pentagon officials would discuss the Defense Department's cyberspace work only if their names were withheld because of sensitive intelligence issues. But officials involved in the cyberspace debate are sparring over not only what to do but who within the military should do it. Because of the difficulty of training cyber-warriors and the need to closely monitor their work long term, many top Pentagon officials believe that the most advanced cyber-experts should remain at the NSA. A senior Pentagon official said that "exploiting" computer networks to gather intelligence is currently the most important use of cyber- power. "Clearly, the exploitation activities have been preeminent," the official said. But citing Russia's use of cyberspace, some current and former officials believe that the U.S. military services, if allowed, could move beyond intelligence gathering and develop a broad array of offensive capabilities that would fit well with conventional combat. "Let's not mistake intelligence collection with military operations," said Lani Kass, a senior Air Force official and former director of the service's Cyberspace Task Force. "The mission of the NSA is to collect signals intelligence, and it is very good at it. But the NSA is not a war-fighting organization." If the military is allowed to develop more advanced cyber-warfare methods, the United States would be able to routinely launch an airstrike at a target and simultaneously use an electronic attack to disable defenses or spread disinformation, said Wynne, the former Air Force secretary. "It isn't just about protecting your networks," Wynne said. "It is about having a soldier with an invasive tool he can fire at an antenna, and put some information into it, and from there do some damage." While declining to specify every cyberspace activity they might want to develop, military officials emphasized that all such efforts would be governed by the laws of war and international treaties. Other senior officials are skeptical of what they see as "Buck Rogers" scenarios and argue that defending U.S. computer systems is more urgent. The Pentagon is probed every day by hackers and would-be cyber- intruders, making protection of military networks the top priority, said the senior defense official. More importantly, potential U.S. adversaries are unlikely to depend on electronic networks as much as the Pentagon does, the official said. That means defending U.S. capabilities is more vital than disrupting enemy capabilities. "The United States, more than any other military, is a Net-centric operation," the senior official said. "Any adversary we would tend to go after -- anyone we can currently foresee -- wouldn't use it to the same extent. Therefore, defending that capability and making sure it is not denied to you -- that has to be critical." To some, the tension over cyberspace echoes military debates through the centuries. Maj. Gen. William T. Lord, head of the Air Force cyber- effort, said that such discussions were akin to an old military puzzle known as "intelligence gain-loss." "Do you not destroy a target because you can exploit it? Or do you destroy the target -- and lose the ability to exploit -- because troops are in harm's way?" Lord said. "That is not a debate. It is a discussion that goes on in war fighting." Wynne agrees that there will always be such arguments. But unless the military services are given the resources to develop strong offensive capabilities, top officials will not have the option of using them, he said. "This is all about preparedness and making sure the U.S. military is awake and alert," Wynne said. "And I say: Make sure we can do it to them before they can do it to us." julian.barnes at latimes.com From rforno at infowarrior.org Tue Sep 9 00:34:49 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Sep 2008 20:34:49 -0400 Subject: [Infowarrior] - Google mum on Chrome vuln fixes Message-ID: <582DAEE1-60ED-4E98-AFF7-3336F4293B45@infowarrior.org> (Note the 1344 update comment about forced autoupdates....who needs a backdoor now? --rf) September 8, 2008 10:30 AM PDT Google fixes Chrome vulnerabilities--but won't say which http://news.cnet.com/8301-1001_3-10035004-92.html Updated 1:44 p.m. PDT with details that Chrome automatically updates itself with no notification or choice for the user. Google has quietly begun releasing a hastily prepared update to its Chrome browser to fix some security problems. The new version, 0.2.149.29, replaces the 0.2.149.27 that was released when Google launched the Chrome beta version last week. Google started releasing the update Friday, initially to a small number of users, but didn't make much of an announcement about the change. To check if an update is available, click the wrench icon in Chrome's upper-right corner, then select 'about Google Chrome.' "149.29 is a security update and we released it as fast as we could," said Mark Larson, Google Chrome program manager, in a mailing list posting on Sunday. "We would've liked more time to prepare things, but some of the vulnerabilities were made public without giving us a chance to respond, update, and protect our users first. Thanks for being patient as we work out the kinks in all of our processes." However, Google isn't revealing details yet about what security issues it's fixed. "All users have not received the update yet, so we cannot discuss the details of the security issues that were addressed, but we plan to disclose more information once the update has reached all of our user," the company said in a statement Monday. To check if an update is available, Chrome users can click the wrench icon in Chrome's upper-right corner, then select "about Google Chrome." That will show both the version number and a message indicating whether an update is available. Google knows best Without a manual check, Chrome will update itself automatically, Google said. "Google Chrome will automatically checks for updates approximately every five hours. If an update is available, it will be downloaded and applied at the next browser restart," Google said. Google believes it's best if Chrome applies security updates not only without a description of what's changing, but also without an opportunity for users to decide whether to accept the patch. "Users do not get a notification when they are updated...When there are security fixes, it's crucial that we update our users as quickly as possible in order to keep them safe. Thus, it's important for us to not require user intervention," the company said in a statement."There are some security fixes that we'll keep quiet because we don't want to disclose security vulnerabilities to attackers." The automatic update policy applies to security and bug fixes. "For major version updates, when feature changes are involved, we'll explore options for providing users with more details about the changes," Google said. Microsoft and Mozilla encourage users to download and apply updates automatically to Internet Explorer and Firefox, respectively, but users can chose not to do so. Automatic updates can cause indigestion in corporations where internal administrators often want control over what software is running or not for compatibility, security, and other reasons. But browser browser vulnerabilities loom larger as more applications move to the Web and more people rely on those services, and automatic updates can help nip attacks in the bud. Open-source redactions Don't look for clues about the vulnerabilities in the Chrome source code. The open-source Chromium project has publicly available mailing lists and source code, but many recent changes to the code base are redacted to show only a blank page rather than the detailed changelog notes of other changes. "Most of the changes are visible, aside from security changes, which we must keep private in order to keep users safe," Google said of the changelog. Programming fans also won't be able to glean any insights from the Chrome update plug-in, which is proprietary. "We use this updater and the server architecture it interfaces with to update across many of our products, some of which are not open source," Google said. "It's not that we are trying to hide anything; rather, it's just that this update infrastructure is not intended to be used by others who may distribute their own versions of the browser based on Chromium code." Reported vulnerabilities One security problem found in Chrome version 0.2.149.27 is a carpet- bombing vulnerability that could help an attacker install malicious software on a user's computer without giving the user a chance to accept or reject the download. Google assigned the problem a top priority. Another reported issue in Chrome 0.2.149.27 is a buffer overrun that could allow an attacker to run arbitrary code on a user's computer and thereby take control of it, according to Bach Khoa Internet Security. The company was willing to discuss some other details about the update, though. For one thing, the company updated a JavaScript problem that could cause problems using Facebook. For another, it fixed a problem that would crash the entire browser if a person typed "about:%" into the address bar. Google called the problem "non- exploitable, but very annoying," reflecting the removal of the "security" label from the bug report. From rforno at infowarrior.org Tue Sep 9 12:18:10 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Sep 2008 08:18:10 -0400 Subject: [Infowarrior] - Google shortens data retention time Message-ID: <09170C86-26BC-412D-B6AB-30F2D65BB99A@infowarrior.org> Google shortens data retention time Posted by Margaret Kane http://news.cnet.com/8301-1009_3-10036090-83.html Under pressure from European regulators, Google is halving the amount of time its stores IP addresses. In a blog post, Google said it would keep IP addresses on its server logs for nine months before anonymizing them, down from the 18 months it had previously stored the data. A European Commission advisory body issued an opinion paper earlier this year urging search engines to delete data collected about their users after six months. At the time, Google said that the proposals could have an impact on its ability "to provide quality products and services for users, like accurate search results, as well as system security and integrity concerns." Google filed a response to EU regulators yesterday, and said in a blog that it arrived at the new policy of anonymizing data after nine months "after months of work our engineers developed methods for preserving more of the data's utility while also anonymizing IP addresses sooner." "We haven't sorted out all of the implementation details, and we may not be able to use precisely the same methods for anonymizing as we do after 18 months, but we are committed to making it work," Peter Fleischer, global privacy counsel for Google said in the blog. Google had introduced the 18 month policy in 2007. From rforno at infowarrior.org Wed Sep 10 12:48:17 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Sep 2008 08:48:17 -0400 Subject: [Infowarrior] - Widespread cell phone location snooping by NSA? Message-ID: Exclusive: Widespread cell phone location snooping by NSA? Posted by Chris Soghoian 5 comments http://news.cnet.com/8301-13739_3-10030134-46.html If you thought that the National Security Agency's warrantless wiretapping was limited to AT&T, Verizon and Sprint, think again. While these household names of the telecom industry almost certainly helped the government to illegally snoop on their customers, statements by a number of legal experts suggest that collaboration with the NSA may run far deeper into the wireless phone industry. With over 3,000 wireless companies operating in the United States, the majority of industry-aided snooping likely occurs under the radar, with the dirty-work being handled by companies that most consumers have never heard of. A recent article in the London Review of Books revealed that a number of private companies now sell off-the-shelf data-mining solutions to government spies interested in analyzing mobile-phone calling records and real-time location information. These companies include ThorpeGlen, VASTech, Kommlabs, and Aqsacom--all of which sell "passive probing" data-mining services to governments around the world. ThorpeGlen, a U.K.-based firm, offers intelligence analysts a graphical interface to the company's mobile-phone location and call- record data-mining software. Want to determine a suspect's "community of interest"? Easy. Want to learn if a single person is swapping SIM cards or throwing away phones (yet still hanging out in the same physical location)? No problem. In a Web demo (PDF) (mirrored here) to potential customers back in May, ThorpeGlen's vice president of global sales showed off the company's tools by mining a dataset of a single week's worth of call data from 50 million users in Indonesia, which it has crunched in order to try and discover small anti-social groups that only call each other. Clearly, this is creepy, yet highly lucrative, stuff. The fact that human-rights abusing governments in the Middle East and Asia have deployed these technologies is not particularly surprising. However, what about our own human-rights-abusing government here in the U.S.? Could it be using the same data-mining tools? To get a few answers, I turned to Albert Gidari, a lawyer and partner at Perkins Coie in Seattle who frequently represents the wireless industry in issues related to location information and data privacy. When asked if there is a market for these kinds of surveillance data- mining tools in the U.S., Gidari told me: "Of course. It is a global market and these companies have partners in the U.S. or competitors." The question is not if the government would like to use these tools-- after all, what spy wouldn't want to have point-and-click real-time access to the location information on millions of Americans? The real mystery is how the heck the National Security Agency can legally get access to such large datasets of real-time location information and calling records. The answer to that, Gidari said, is the thousands of other, lesser-known companies in the wireless phone and communications industry. The massive collection of customer data comes down to the interplay of two specific issues: First, thousands of companies play small, niche support roles in the wireless phone industry, and as such these firms learn quite a bit about the calling habits of millions of U.S. citizens. Second, the laws relating to information sharing and wiretapping specifically regulate companies that provide services to the general public (such as AT&T and Verizon), but they do not cover the firms that provide services to the major carriers or connect communications companies to one other. Thus, while it may be impossible for the NSA to legally obtain large- scale, real-time customer location information from Verizon, the spooks at Fort Meade can simply go to the company that owns and operates the wireless towers that Verizon uses for its network and get accurate information on anyone using those towers--or go to other entities connecting the wireless network to the landline network. The wiretapping laws, at least in this situation, simply don't apply. Giardi explained it as follows: Networks are more and more disaggregated and outsourced, from customer service call centers overseas with full viewing access to data to key infrastructure components and processing. A single communication is handled by many more parties than the named provider today. Moreover, interoperability protocols include network identifiers--send a message from company A to company B and the acknowledgment of delivery may include location and other information. That's just the way the system is designed--location was about billing in the early years and no one bothered to undo the existing protocols when business models changed and interoperability became common practice or a myriad of new messaging companies came into being...So my point is that there are many access points--albeit less convenient than one-stop shopping at the big carriers--to get information including real-time data. ThorpeGlen's product appears to be a mashup of Google Earth + phone location data (in this case, from 50 million people in Indonesia) (Credit: ThorpeGlen) For example, if a Sprint Wireless customer in Virginia calls a relative in Montana--who is a customer of a small, regional landline carrier--information on the callers will spread far beyond just those two communications companies. Sprint doesn't own any of its own cellular towers, and so TowerCo, the company that owns and operates the towers, of course, learns some information on every mobile phone that communicates with one of its towers. This is just the tip of the iceberg, though. There are companies that provide "backhaul" connections between towers and the carriers, providers of sophisticated billing services, outsourced customer-service centers, as well as Interexchange Carriers, which help to route calls from one phone company to another. All of these companies play a role in the wireless industry, have access to significant amounts of sensitive customer information, which of course, can be obtained (politely, or with a court order) by the government. With the passage of laws like the FISA Amendments Act and the USA Patriot Act, in most cases, requests for customer information come with a gag order, forbidding the companies from notifying the public, or the end users whose calling information is being snooped upon. Gidari summed it up this way: So any entity--from tower provider, to a third-party spam filter, to WAP gateway operator to billing to call center customer service-- can get legal process and be compelled to assist in silence. They likely don't volunteer because of reputation and contractual obligations, but they won't resist either. Seeking clarification, I turned to Paul Ohm, a former federal prosecutor turned cyberlaw professor at the University of Colorado Law School and a noted expert on surveillance laws. Before getting into the details of the issue, Ohm first outlined the basic problem of the various wiretap and surveillance laws; they are extremely confusing and few people fully understand them. The 9th Circuit Court of Appeals seemed to share Ohm's view, stating a few years ago that the Electronic Communications Privacy Act is a "complex, often convoluted area of the law" (United States v. Smith, 155 F.3d 1051). Ohm then said that the "one thing I can say with confidence is that you are correct to note that the [Stored Communication Act's] voluntary disclosure prohibitions (in 18 USC 2702(a)) apply only to providers to the public." After describing all the ways that the government could legally collect real-time data on millions of U.S. citizens, Gidari said that essentially, the existence of such a program would likely remain a secret (barring a whistle-blower or leaks to the press by government officials). Summing it up, he stated that: Whether [a] vendor to a carrier to the public cooperates with agencies (either for a fee or by acquiescence in an order), is something you will not find out as FISA makes it so, regardless of whether the person is in the U.S. or communicating with a person abroad. Such means and methods largely are hidden. However, if the existence of such a program were ever confirmed, Ohm said that Congress would not be too happy: If [the sharing of data by niche telecom providers] is seen as allowing an end-around an otherwise clear prohibition in the SCA, Congress is likely to throw a fit when it is revealed and try to amend the law. DOJ is sensitive to this kind of thing (despite what the NSA wiretapping program would lead you to believe) and would probably try to avoid blatantly bypassing otherwise clear language in this way. From rforno at infowarrior.org Thu Sep 11 12:27:33 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Sep 2008 08:27:33 -0400 Subject: [Infowarrior] - Proposed Copyright Law a 'Gift' to Hollywood Message-ID: Proposed Copyright Law a 'Gift' to Hollywood, Info Groups Say By David Kravets EmailSeptember 10, 2008 | 5:06:36 PM http://blog.wired.com/27bstroke6/2008/09/proposed-copyri.html A dozen special-interest groups urged lawmakers Wednesday to squelch proposed legislation that for the first time would allow the U.S. Justice Department to prosecute civil cases of copyright infringement. Oxy The Enforcement of Intellectual Property Rights Act, (.pdf) scheduled to be heard in the Senate Judiciary Committee on Thursday, also creates a Cabinet-level copyright-patent czar charged with creating a worldwide plan to combat piracy. The czar would "report directly to the president and Congress regarding domestic and international intellectual property enforcement programs." The bill, a nearly identical version the House passed last year, is strongly backed by the music and movie industries. The House and Senate versions encourage federal-state anti-piracy task forces, the training of other countries about IP enforcement and, among other things, institute an FBI piracy unit. In a letter to the Judiciary Committee, the groups said granting the Justice Department the power to file civil lawsuits on behalf of Hollywood and others is "an enormous gift" to copyright holders. "Movie and television producers, software publishers, music publishers, and print publishers all have their own enforcement programs," the letter (.pdf) said. "There is absolutely no reason for the federal government to assume this private enforcement role." The dozen groups include American Association of Law Libraries, American Library Association, Consumer Federation of America, Consumers Union, Digital Future Coalition, Electronic Frontier Foundation, Essential Action, IP Justice, Knowledge Ecology International, Medical Library Association, Public Knowledge and Special Libraries Association. The House version does not contain language granting the Justice Department the ability to sue copyright infringers. The department does prosecute criminal acts of infringement, although rarely. If the Senate version becomes law, it is not immediately clear how the Justice Department's expanded powers would work in practice. For example, would the department assume the role of the Recording Industry Association of America, which has sued more than 30,000 people in the United States for copyright infringement since 2003? From rforno at infowarrior.org Fri Sep 12 02:39:31 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Sep 2008 22:39:31 -0400 Subject: [Infowarrior] - Court: Cops Need Warrant for Cellphone Location Data Message-ID: <7D436ED8-51CB-4053-B977-90E5DCDDA197@infowarrior.org> Cops Need Warrant for Cellphone Location Data, Judge Rules By Ryan Singel EmailSeptember 11, 2008 | 3:51:08 PMCategories: Surveillance http://blog.wired.com/27bstroke6/2008/09/cops-need-warra.html The government cannot force your cellphone provider to turn over stored records about your location without proving to a judge there is probable cause you have violated the law, a federal district court ruled Wednesday. The ruling (.pdf) from Judge Terrence McVerry of the Western Pennsylvania U.S. District Court deals a blow to investigators who have been getting cellphone location data on in the past simply by proving to a judge that the information would be relevant to an investigation. That's the same standard used to force a telephone company to reveal the name and address of a subscriber. McVerry upheld a February decision written by five magistrate judges, who found that the government's request for historic cellphone location data for a person required a stricter standard. Little is known about how often investigators ask for such data, since the hearings are one-sided and the decisions are almost never published so as not to tip off the targets. However, the ruling does not hold force across the country, and as the government's objection to the ruling noted, other judges have disagreed with the logic of protecting this data as if it were very sensitive. The orginal decision(.pdf) found that "location information so broadly sought is extraordinarily personal and potentially sensitive; and that the ex parte nature of the proceedings, the comparatively low cost to the Government of the information requested, and the undetectable nature of a [cellular service provider]'s electronic transfer of such information, render these requests particularly vulnerable to abuse." The government appealed, arguing the records only reveal a phone's location when it is actually used and that there's no constitutional right to have these stored records protected. "Wireless carriers regularly generate and retain the records at issue, and because these records provide only a very general indication of a user?s whereabouts at certain time in the past, the requested cell- site records do not implicate a Fourth Amendment privacy interest," the government wrote (.pdf). But the friend-of-the-court brief (.pdf) from the Electronic Frontier Foundation and the Center for Democracy and Technology and others disagree -- arguing that law enforcement wants the data to pinpoint where a person was or is and that the data will only get more precise in the future. "Law enforcement uses the fact that the suspect?s phone contacted the cell tower nearest his home to infer he is home, nearest the narcotic?s kingpin?s house to infer that they are together, nearest the drop off point to argue that he was present when the contraband was delivered," the groups wrote. "One can also imagine that the government can ask for all the numbers that made calls through the tower nearest a political rally to infer that those callers attended the rally." The distinction matters since generally speaking police officers don't need a warrant to plant a tracking device on a car, unless that vehicle goes onto private property. Tracking someone onto private property requires a warrant. As for what the police need to prove to a judge in order to turn your cellphone into a tracking device -- that's a question that federal judges remain split on, despite the Justice Department's own recommendation that investigators get warrants based on probable cause. From rforno at infowarrior.org Fri Sep 12 04:06:54 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 00:06:54 -0400 Subject: [Infowarrior] - Rule Changes Would Give FBI Agents Extensive New Powers Message-ID: Rule Changes Would Give FBI Agents Extensive New Powers By Carrie Johnson Washington Post Staff Writer Friday, September 12, 2008; A02 http://www.washingtonpost.com/wp-dyn/content/article/2008/09/11/AR2008091103306_pf.html The Justice Department will unveil changes to FBI ground rules today that would put much more power into the hands of line agents pursuing leads on national security, foreign intelligence and even ordinary criminal cases. The overhaul, the most substantial revision to FBI operating instructions in years, also would ease some reporting requirements between agents, their supervisors and federal prosecutors in what authorities call a critical effort to improve information gathering and detect terrorist threats. The changes would give the FBI's more than 12,000 agents the ability at a much earlier stage to conduct physical surveillance, solicit informants and interview friends of people they are investigating without the approval of a bureau supervisor. Such techniques are currently available only after FBI agents have opened an investigation and developed a reasonable suspicion that a crime has been committed or that a threat to national security is developing. Authorities say the changes would eliminate confusion for agents who investigate drug, gang or national security cases. The overhaul touches on several sensitive areas. It would allow, for example, agents to interview people in the United States about foreign intelligence cases without warrants or prior approval of their supervisors. It also would rewrite 1976 guidelines established after Nixon-era abuses that restrict the FBI's authority to intervene in times of civil disorder and to infiltrate opposition groups. "We wanted simpler, clearer and more uniform standards and procedures for domestic operations," said a senior Justice Department official. "We view this as the next step in responding to post-9/11 requests that the FBI become better at collecting intelligence and using that intelligence to prevent attacks." The move comes a year after the Justice Department's inspector general documented widespread lapses involving one of the bureau's most potent investigative tools, secret "national security letters" that FBI agents send to banks and phone companies to demand sensitive information in terrorism probes. The revisions are the latest in a series of efforts to tear down a wall that, prior to the Sept. 11, 2001, attacks, prevented intelligence investigators from sharing some information with their counterparts working on criminal cases. Senior Justice Department and FBI lawyers who discussed the proposal yesterday said such powers are necessary to continue the transformation of the FBI into a proactive organization that can prevent terrorist strikes, as recommended by several independent commissions that addressed intelligence failures after the attacks. The rule revisions require the approval of Attorney General Michael B. Mukasey, who has signaled that they will take effect Oct. 1. FBI agents already are being trained on the changes, though officials said yesterday that they would consider making adjustments after receiving suggestions from interest groups and lawmakers. Congressional aides examined the draft guidelines behind closed doors last month and FBI and Justice lawyers will present them today to an array of civil liberties and privacy advocates, as well as Arab American groups that have expressed concerns about their impact on religious and ethnic minorities. The groups say they fear that agents will use ethnicity or religion as the basis for a threat assessment. But top Justice Department leaders, including the attorney general, noted the illegality of racial profiling and said investigations will not be opened based "solely" or "simply" on a person's race or religion. Previous changes to FBI operating instructions, made by Attorney General John D. Ashcroft in 2002 and 2003, did not receive a public airing before they took effect. Still, civil liberties advocates are asking whether protections built into the rules will be strong enough. "It is an extraordinarily broad grant of power to an agency that has not proven it uses its power in an appropriate manner," said Michael German, policy counsel at the American Civil Liberties Union. The revised rules largely eliminate the requirement that FBI agents file reports to their supervisors on early-stage investigations, in favor of audits at bureau field offices by lawyers in the Justice Department's National Security Division. Threat assessments and early-stage investigations that cover political, religious or media figures and full-scale investigations of people in the United States, however, are special cases that must be flagged for bureau supervisors and lawyers, according to both current standards and the proposed changes. Monitoring conversations between informants who agree to wear recording devices and subjects of investigations, which now requires the permission of an assistant U.S. attorney, could occur without a prosecutor's approval, except in sensitive cases involving state and federal officials and judges, as well as federal prisoners. One of the areas still under discussion, according to a senior Justice Department official, is the standard for the FBI's rare involvement in responding to civil disorder. Under the current standards, FBI involvement requires the approval of the attorney general and can last for only 30 days. The new approach would relax some of those requirements and would expand the investigative techniques that agents could use to include deploying informants. FBI agents monitoring large-scale demonstrations that they believe could turn dangerous also would have new power to use those techniques. Policy guidance for FBI agents and informants who work as "undisclosed participants" in organizations is still being written, the officials said yesterday. From rforno at infowarrior.org Fri Sep 12 12:23:24 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 08:23:24 -0400 Subject: [Infowarrior] - The terrifying cost of feeling safer Message-ID: (c/o Schneierblog - a bit dated of an article but quite relevant.......rf) The terrifying cost of feeling safer * Ross Gittins * August 26, 2008 http://business.smh.com.au/business/the-terrifying-cost-of-feeling-safer-20080826-435l.html?page=fullpage#contentSwap2 We hear a lot less these days about the risk of a terrorist attack in Australia. The last excitement was over some highly suspicious Indian doctor on the Gold Coast, and that didn't end well for our fearless guardians. So does that mean we've calmed down and life at the bottom of the world has returned its former untroubled state? 'Fraid not. Judging by the polls it means our idea of life has been changed to incorporate the ever-present risk of terrorist attack. Last week the Australian Strategic Policy Institute issued a special report on public opinion towards defence, security and terrorism, written by Ian McAllister, a professor of political science at the Australian National University, and based on that university's most recent Australian Election Study. This nationwide opinion survey found almost two-thirds of people agreeing that acts of terrorism will be part of life in future. Only 14 per cent disagreed. This was similar to the response to the same question in American polls. It's now clear that when people think about defence and national security, the main thing they have in mind is the risk of terrorism, not the risk of invasion by another country. Half of all voters fear being the victim of terrorism and about two- thirds believe there will be a major terrorist attack on Australia in the future and are concerned about it. Again, these are similar to opinions in the US. So great is our concern that most people are willing to see the fight against terrorism involve the curtailment of civil rights. Well over half of voters agree that freedom of speech shouldn't extend to groups that are sympathetic to terrorists. And almost two-thirds agree that police should be allowed to search the houses of people who might be sympathetic to terrorists without a court order. In this we're much more accommodating than the Americans. In the Land of the Free, it seems, people are a lot less willing to give up their freedoms. Since 2001, more than 40 pieces of legislation have been passed by Federal Parliament increasing the powers of domestic security and law- enforcement agencies to conduct counter-terrorism operations and restricting the legal rights of terrorism suspects. To that you can add huge increases in the budgets of those agencies. And yet the study reveals that almost 40 per cent of voters believe the Government should be doing more to prevent terrorism, whereas only 10 per cent believe it's done too much. There's just one small problem with all this. Australians, like people in most countries, have a hugely exaggerated impression of the likelihood of terrorist attacks. Actually, make that two small problems. The other is we have an exaggerated impression of governments' ability to prevent attacks. It's a well-known finding of psychology that humans tend to overestimate the probability of rare events, while underestimating the probability of more common events. That's partly because rare events may be more dramatic and tend to stick in our minds, whereas more frequent events tend to fade into the background. It's hard to forget the events of September 11, 2001, in which 3000 people were killed, and the Bali bombings of October 2002, in which more than 200 people were killed, including 88 Australians. But for a significant terrorist act on Australian soil you have to go back more than 30 years to the Hilton Hotel bombing in 1977, in which just three people died. None of those events gives us a realistic idea of the probability of an attack. Transnational terrorism across the world leads to an average of 420 deaths a year. With a global population of 6.6 billion, that's not a big risk. The chance of being killed in a road accident is very much higher. Australia's annual road toll is four times that figure for the whole globe. And in the US, 10 times as many people are killed on the roads each year as the number killed in the unprecedented and unrepeated events of September 11. Even the chance of contracting HIV/AIDS would be much higher. But modern politicians are much more in the business of pandering to the public's misperceptions - and exploiting them for their own ends - than they are of setting us straight on the facts of life. In a study of terrorism prepared for the Copenhagen Consensus project by Professor Todd Sandler, of the University of Texas, and two other economists, they conclude that "guarding against terrorism can use large resources for little reduction in risk". What's more, defensive measures against terrorism "may simply change the focus of attacks (for example from hijacking to kidnaps) and even increase attacks by creating new grievances". Sandler and his colleagues conducted an analysis of the costs and benefits of five different approaches to combating terrorism. I must warn you that, because of the dearth of information, this study is even more reliant on assumptions than usual. Even so, in three cases the cost of the action so far exceeds the benefits that doubts about the reliability of the estimates recede. Because the loss of life is so low, they measure the benefits of successful counter-terrorism measures in terms of loss of gross domestic product avoided. Trouble is, terrorism does little to disrupt economic growth, as even September 11 demonstrated. Using the case of the US, Sandler estimates that simply continuing the present measures involves costs exceeding benefits by a factor of at least 10. Adopting additional defensive measures (such as stepping up security at valuable targets) would, at best, entail costs 3.5 times the benefits. Taking more pro-active measures (such as invading Afghanistan) would have costs at least eight times the benefits. According to Sandler, only greater international co-operation, or adopting more sensitive foreign policies to project a more positive image abroad, could produce benefits greater than their (minimal) costs. What's that? You don't care what it costs because no one can put a value on saving a human life? Heard of opportunity cost? Taxpayers' money we waste on excessive counter-terrorism measures is money we can't spend reducing the gap between white and indigenous health - or, if that doesn't appeal, on buying Olympic medals. From rforno at infowarrior.org Fri Sep 12 12:28:08 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 08:28:08 -0400 Subject: [Infowarrior] - 'Cybersecurity' worries spur Congress to rethink electrical grid Message-ID: <94776B3D-BFA7-4014-8E4C-5D83717A2A83@infowarrior.org> September 12, 2008 4:00 AM PDT 'Cybersecurity' worries spur Congress to rethink electrical grid Posted by Stephanie Condon http://news.cnet.com/8301-13578_3-10040101-38.html?part=rss&subj=news&tag=2547-1_3-0-20 WASHINGTON--The potential for "cybersecurity" attacks on the United State's electric power grids has spurred politicians to consider legislation to broaden federal authority over electric companies. Congress already has been consulting with federal agencies and industry associations over how to craft such legislation. On Thursday, legislators sought further input at a hearing before the House Energy and Commerce's subcommittee on energy and air quality. Industry representatives endorsed the idea of strengthening federal authority in the event of an imminent cybersecurity threat but cautioned against expanding the government's powers too broadly. "We understand the seriousness of the issue and the need to deal with it," said Susan Kelly, a vice president for the American Public Power Association. "At the same time, we believe that such legislation must be carefully drawn." The draft legislation under consideration would expand the authority of the Federal Energy Regulatory Commission, which already regulates the nation's bulk power system as allowed by the Federal Power Act. A final draft of the bill will likely be considered by the committee next week, following a classified briefing with intelligence agencies, said Rep. Rick Boucher, chairman of the subcommittee. The proposed law could require any owner, user, or operator of the bulk power system to abide by interim measures established by the FERC to address current security threats until FERC could address the threats under its normal protocol. It would also grant the FERC the ability to issue orders to owners of the bulk power system at the directive of the White House, either through the president or the secretary of energy. At issue is whether the law should expand FERC's powers in the case of only a cybersecurity threat, or in the case of other threats to national security as well. FERC chairman Joseph Kelliher said his commission's authority should apply to a broader definition of national security threats because physical attacks can cause equal or greater damage than a so-called cyber attack. "There is no adequate means to take timely action under existing laws," he said. However, industry associations "believe that other government entities, both state and federal, have more direct responsibilities in the general area of national security," Kelly said in her prepared statement. "Moreover, this additional authority is quite vague in its wording and hence potentially all-encompassing in nature, which in and of itself raises substantial concerns." Steven Naumann, a vice president for Exelon, said the legislation should consider how the use of classified information to justify regulations on the energy sector could impact private companies. He said the bill should "provide for ongoing consultation and sharing of information to the extent possible." Kelly seconded the idea that establishing guidelines for power systems should be a collaborative effort between the public and private sectors. "We in the industry think we can bring some expertise on the best ways to set these standards," she said. Rep. James Langevin No one at the hearing disputed the enormity of a potential cybersecurity attack on the country's electric grid. "I believe America is disturbingly vulnerable to a cyber attack against the electric grid that could cause significant consequences to our nation's critical infrastructure," said Representative James Langevin (D-R.I.), a member of the Homeland Security Committee who testified before his fellow congressmen. "Virtually every expert that I've discussed these matters with shares this assessment." "The risk to these systems is steadily increasing," he said. After a particular vulnerability, dubbed "Aurora," was discovered in 2007 at the Idaho National Laboratory, the subcommittee Langevin chairs, along with federal agencies, reviewed the ability of government efforts to protect power sources from the threat. In spite of the requirements and advisories sent to the electric sector to mitigate the vulnerability, it was unclear electric companies had fully protected themselves from the threat, the witnesses at the hearing said. Interviews with 30 companies suggested only two had completely mitigated the Aurora threat. "Initial observations suggest that while no company interviewed ignored the advisory, there was a broad range of compliance based on individual interpretations of the threat," Langevin said in his prepared statement. Kevin Kolevar, the assistant secretary of the Energy Department's office of electricity delivery and energy reliability, said, "Aurora exemplifies... that type of situation that speaks to the need for an interim reliability" for that threat. From rforno at infowarrior.org Fri Sep 12 13:02:01 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 09:02:01 -0400 Subject: [Infowarrior] - Senate panel approves DoJ as Hollywood copyright cops Message-ID: <167CADAC-69B2-42EE-8D5A-BD99D43C562B@infowarrior.org> Senate Panel Approves Bill To Make The Justice Dep't Hollywood's Private Police Force We were just talking about how a huge number of public interest groups had explained to the Senate why the new Enforcement of Intellectual Property Rights Act was a such terrible idea since it would add a Copyright Czar in the White House and let the FBI file civil charges against people caught infringing on copyrights. After all, there's simply no logical explanation for why the FBI should be propping up the obsolete business model of an industry that refuses to change with the market. However, it appears that public interest groups don't fund campaigns like the entertainment industry does. The Senate Judiciary Committee has gone ahead and approved moving the bill forward by a 14-4 margin, basically handing over Justice Department resources to Hollywood to protect its business model with no real justification. The bill's sponsor, Sen. Patrick Leahy's explanation is pretty stunning in its ignorance: "We all know that intellectual property makes up some of the most valuable, and most vulnerable, property we have. We need to do more to protect it from theft and abuse if we hope to continue being a world leader in innovation." Can someone send him a copy of Against Intellectual Monopoly so he can understand how nearly every part of that sentence is wrong. First off, intellectual property, despite the name, is not "property" at all. It's also not "vulnerable" except if you mean that there are better business models out there for dealing with. He gives no convincing reason why we should "protect" it, other than a factually untrue statement about "theft," when infringement and theft are two totally different things and should be dealt with in two totally different ways. Finally, studies have shown that the more "protected" IP is, the less innovation results, so his final clause is simply backwards. This bill will serve to limit American innovation, and open up more foreign innovation instead. But, as long as it means the RIAA doesn't need to innovate... http://techdirt.com/articles/20080911/1804242241.shtml From rforno at infowarrior.org Fri Sep 12 19:46:41 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 15:46:41 -0400 Subject: [Infowarrior] - UN agency (and NSA) eyes curbs on Internet anonymity Message-ID: <6EAAD549-2AD8-42AB-962D-1D0B57C4ECDE@infowarrior.org> September 12, 2008 4:00 AM PDT U.N. agency eyes curbs on Internet anonymity Posted by Declan McCullagh 19 comments http://news.cnet.com/8301-13578_3-10040152-38.html A United Nations agency is quietly drafting technical standards, proposed by the Chinese government, to define methods of tracing the original source of Internet communications and potentially curbing the ability of users to remain anonymous. The U.S. National Security Agency is also participating in the "IP Traceback" drafting group, named Q6/17, which is meeting next week in Geneva to work on the traceback proposal. Members of Q6/17 have declined to release key documents, and meetings are closed to the public. The potential for eroding Internet users' right to remain anonymous, which is protected by law in the United States and recognized in international law by groups such as the Council of Europe, has alarmed some technologists and privacy advocates. Also affected may be services such as the Tor anonymizing network. "What's distressing is that it doesn't appear that there's been any real consideration of how this type of capability could be misused," said Marc Rotenberg, director of the Electronic Privacy Information Center in Washington, D.C. "That's really a human rights concern." Nearly everyone agrees that there are, at least in some circumstances, legitimate security reasons to uncover the source of Internet communications. The most common justification for tracebacks is to counter distributed denial of service, or DDoS, attacks. But implementation details are important, and governments participating in the process -- organized by the International Telecommunication Union, a U.N. agency -- may have their own agendas. A document submitted by China this spring and obtained by CNET News said the "IP traceback mechanism is required to be adapted to various network environments, such as different addressing (IPv4 and IPv6), different access methods (wire and wireless) and different access technologies (ADSL, cable, Ethernet) and etc." It adds: "To ensure traceability, essential information of the originator should be logged." The Chinese author of the document, Huirong Tian, did not respond to repeated interview requests. Neither did Jiayong Chen of China's state- owned ZTE Corporation, the vice chairman of the Q6/17's parent group who suggested in an April 2007 meeting that it address IP traceback. A second, apparently leaked ITU document offers surveillance and monitoring justifications that seem well-suited to repressive regimes: Steve Bellovin (Credit: Declan McCullagh/mccullagh.org) A political opponent to a government publishes articles putting the government in an unfavorable light. The government, having a law against any opposition, tries to identify the source of the negative articles but the articles having been published via a proxy server, is unable to do so protecting the anonymity of the author. That document was provided to Steve Bellovin, a well-known Columbia University computer scientist, Internet Engineering Steering Group member, and Internet Engineering Task Force participant who wrote a traceback proposal eight years ago. Bellovin says he received the ITU document as part of a ZIP file from someone he knows and trusts, and subsequently confirmed its authenticity through a second source. (An ITU representative disputed its authenticity but refused to make public the Q6/17 documents, including a ZIP file describing traceback requirements posted on the agency's password-protected Web site.) Bellovin said in a blog post this week that "institutionalizing a means for governments to quash their opposition is in direct contravention" of the U.N.'s own Universal Declaration of Human Rights. He said that traceback is no longer that useful a concept, on the grounds that few attacks use spoofed addresses, there are too many sources in a DDoS attack to be useful, and the source computer inevitably would prove to be hacked into anyway. Another technologist, Jacob Appelbaum, one of the developers of the Tor anonymity system, also was alarmed. "The technical nature of this 'feature' is such a beast that it cannot and will not see the light of day on the Internet," Appelbaum said. "If such a system was deployed, it would be heavily abused by precisely those people that it would supposedly trace. No blackhat would ever be caught by this." Jacob Appelbaum (Credit: Declan McCullagh/mccullagh.org) Adding to speculation about where the U.N. agency is heading are indications that some members would like to curb Internet anonymity more broadly: ? An ITU network security meeting a few years ago concluded that anonymity should not be permitted. The summary said: "Anonymity was considered as an important problem on the Internet (may lead to criminality). Privacy is required but we should make sure that it is provided by pseudonymity rather than anonymity." ? A presentation in July from Korea's Heung-youl Youm said that groups such as the IETF should be "required to develop standards or guidelines" that could "facilitate tracing the source of an attacker including IP-level traceback, application-level traceback, user-level traceback." Another Korean proposal -- which has not been made public -- says all Internet providers "should have procedures to assist in the lawful traceback of security incidents." ? An early ITU proposal from RAD Data Communications in Israel said: "Traceability means that all future networks should enable source trace-back, while accountability signifies the responsibility of account providers to demand some reasonable form of identification before granting access to network resources (similar to what banks do before opening a bank accounts)." Multinational push to curb anonymous speech By itself, of course, the U.N. has no power to impose Internet standards on anyone. But U.N. and ITU officials have been lobbying for more influence over the way the Internet is managed, most prominently through the World Summit on the Information Society in Tunisia and a followup series of meetings. The official charter of the ITU's Q6/17 group says that it will work "in collaboration" with the IETF and the U.S. Computer Emergency Response Team Coordination Center, which could provide a path toward widespread adoption -- especially if national governments end up embracing the idea. Patrick Bomgardner, the NSA's chief of public and media affairs, told CNET News on Thursday that "we have no information to provide on this issue." He would not say why the NSA was participating in the process (and whether it was trying to fulfill its intelligence-gathering mission or its other role of advancing information security). Toby Johnson, a communications officer with the ITU's Telecommunication Standardization Bureau in Geneva, also refused to discuss Q6/17. "It may be difficult for experts to comment on what state deliberations are in for fear of prejudicing the outcome," he said in an e-mail message on Thursday. U.N. "IP traceback" documents China's proposal obtained by CNET News says "to ensure traceability, essential information of the originator should be logged." Leaked requirements document says governments may need "to identify the source of the negative articles" posted by political adversaries. Korean presentation says standards bodies should be "required to develop standards or guidelines" to facilitate unmasking users. Verisign executive's summary summarizes presentation saying protocols must have "a strong traceback capability, and establishing traceback considerations in developing any new standards." When asked about the impact on Internet anonymity, Johnson replied: "I am not fully acquainted with this topic and therefore not qualified to provide an answer." He said that he expects that any final ITU standard would comport with the U.N.'s Universal Declaration of Human Rights. It's unclear what happens next. For one thing, the traceback proposal isn't scheduled to be finished until 2009, and one industry source stressed that not all members of Q6/17 are in favor of it. The five "editors" are: NSA's Richard Brackney; Tian Huirong from China's telecommunications ministry; Korea's Youm Heung-Youl; Cisco's Gregg Schudel; and Craig Schultz, who works for a Japan-based network security provider. (In keeping with the NSA's penchant for secrecy, Brackney was the lone ITU participant in a 2006 working group who failed to provide biographical information.) In response to a question about the eventual result, Schultz, one of the editors, replied: "The long answer is, as you can probably imagine, this subject can get a little 'tense.' The main issue is the protection of privacy as well as not having to rely on 'policy' as part of a process. A secondary issue is feasibility and cost versus benefit." He said a final recommendation is at least a year off. Another participant is Tony Rutkowski, Verisign's vice president for regulatory affairs and longtime ITU attendee, who wrote a three-page summary for IP traceback and a related concept called "International Caller-ID Capability." In a series of e-mail messages, Rutkowski defended the creation of the IP traceback "work item" at a meeting in April, and disputed the legitimacy of the document posted by Bellovin. "The political motivation text was not part of any known ITU-T proposal and certainly not the one which I helped facilitate," he wrote. Rutkowski added in a separate message: "In public networks, the capability of knowing the source of traffic has been built into protocols and administration since 1850! It's widely viewed as essential for settlements, network management, and infrastructure protection purposes. The motivations are the same here. The OSI Internet protocols (IPv5) had the capabilities built-in. The ARPA Internet left them out because the infrastructure was a private DOD infrastructure." Because the Internet Protocol was not designed to be traceable, it's possible to spoof addresses -- both for legitimate reasons, such as sharing a single address on a home network, and for malicious ones as well. In the early part of the decade, a flurry of academic research focused on ways to perform IP tracebacks, perhaps by embedding origin information in Internet communications, or Bellovin's suggestion of occasionally automatically forwarding those data in a separate message. If network providers and the IETF adopted IP traceback on their own, perhaps on the grounds that security justifications outweighed the harm to privacy and anonymity, that would be one thing. But in the United States, a formal legal requirement to adopt IP traceback would run up against the First Amendment. A series of court cases, including the 1995 decision in McIntyre v. Ohio Elections Commission, provides a powerful shield protecting the right to remain anonymous. In that case, the majority ruled: "Under our Constitution, anonymous pamphleteering is not a pernicious, fraudulent practice, but an honorable tradition of advocacy and of dissent. Anonymity is a shield from the tyranny of the majority." More broadly, the ITU's own constitution talks about "ensuring the secrecy of international correspondence." And the Council of Europe's Declaration on Freedom of Communication on the Internet adopted in 2003 says nations "should respect the will of users of the Internet not to disclose their identity," while acknowledging law enforcement- related tracing is sometimes necessary. "When NSA takes the lead on standard-setting, you have to ask yourself how much is about security and how much is about surveillance," said the Electronic Privacy Information Center's Rotenberg. "You would think (the ITU) would be a little more sensitive to spying on Internet users with the cooperation of the NSA and the Chinese government." From rforno at infowarrior.org Fri Sep 12 23:33:59 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 19:33:59 -0400 Subject: [Infowarrior] - Google mix-up caused $1 billion run on United Message-ID: <3CCCD216-37CA-41D8-9FB7-359F63F30496@infowarrior.org> September 12, 2008 Probe into how Google mix-up caused $1 billion run on United Mike Harvey, Technology Correspondent http://technology.timesonline.co.uk/tol/news/tech_and_web/article4742147.ece The US Securities and Exchange Commission has opened a "preliminary inquiry" into how an outdated bankruptcy story sparked a $1 billion run on an airline?s stock value. The article about how United Airlines filed for bankruptcy in 2002 was revived when it showed up on a newspaper site?s ?most viewed? section on Monday. From there it was picked up by Google News and later seen by alarmed stockholders. The stock plunged from around $12 to just $3 a share before trading was halted. The Chicago-based company?s shares did not fully recover once trading resumed on Monday, and were still down at just over $11 dollars at close of trading yesterday. With the possiblity of legal action in the air, those involved have been hotly disputing who was to blame. The errors provide a salutary lesson for investors of the power and perils of computer automation and throw a spotlight on Google?s News search technology which, using ?Googlebot? algorithms, scours web pages in search of news articles. To many, the episode has been a reminder that computer programs, no matter how sophisticated, can be a poor substitute for human beings. The comedy of errors began with just one reader who went to the South Florida Sun Sentinel?s website and viewed a 2002 article on United Airlines? bankruptcy. That single visit in the early hours of Sunday morning, a period of low traffic, apparently bumped it into a "Popular Stories" in the business section. At 1:37am, an electronic Google program swept through the paper?s website for new stories and spotted the link. Google says its program scanned the piece and, seeing there was no 2002 dateline, indexed the article for inclusion on its news pages. Three minutes and two seconds later, Google News readers started viewing the story on the Sun Sentinel?s Web site. A Florida investment firm found the story on Monday morning with a Google search and posted a summary on the Bloomberg financial information service. That visibility - Bloomberg is seen by thousands of investment managers and traders - sparked the run on United shares. What is in dispute between Tribune, the owners of the Sun Sentinel, and Google is whether the Googlebot should have known it was an old story. Tribune said the story was not republished, and the link was simply a link to the archive version of the story. Google spokesman Gabriel Stricker said that the only date the automated Google News software found on the Sun Sentinel site was from early Sunday eastern time. ?In the same way that the reader was unable to determine the original date, our search algorithm was similarly misled by that date," Mr Stricker said. Tribune spokesman Gary Weitman said other clues would have made it clear to a human reader that the story was old, including a reference to UAL?s 97-cent share price (it was trading around $12 on Monday) and comments from readers further down the page that were posted in 2002. "It appears that no one who passed this story along actually bothered to read the story itself,? he said. ?Despite the company?s earlier request and the confusion caused by Googlebot and Google News earlier this week, we believe that Googlebot continues to misclassify stories," Tribune said. The investment newsletter that posted a summary of the story to Bloomberg, Income Securities Advisors Inc. in Florida, has also said there was nothing on the Sun Sentinel website to indicate that the story was old. The page also fooled Bloomberg. Bloomberg News staffers posted headlines noting first the UAL share price drop, and then, at 11:06 a.m. EDT, a bankruptcy denial from United. A different Bloomberg News staffer working the story found the bankruptcy story on the Sun Sentinel site and, at 11:07a.m., posted a headline about the bankruptcy. Investors then dumped the stock at a huge rate and here algorithms again played their part. Experts said the automated trading programs were applied to the trading of shares based on market-moving information trawled from the internet. Last year, algorithms handled some 30 percent of all equity trading volume, according to a recent study by Aite Group. The study projected that algorithms would grow to handle half of equity trading by 2010, and noted similar growth in derivatives and other asset classes as a hunger for faster trading grows. The lack of confidence investors have in the troubled US airline industry also undoubtedly played its part in the stock drop. Investors mistakenly figured that United Airlines, having filed for bankruptcy once, was more likely to do it again. United is still considering what, if anything, to do about the affair. From rforno at infowarrior.org Fri Sep 12 23:43:35 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 19:43:35 -0400 Subject: [Infowarrior] - ITU-T IP-Traceback Message-ID: Basic Information on the ITU-T IP-Traceback and International Caller- ID Capability Initiatives Two highly important cybersecurity standards initiatives in ITU-T are now underway as a result of recent approvals in Study Group 17 (Security) on 18 April 2008 and Study Group 2 (Operations) on 15 May 2008. These include IP-traceback and International caller-ID. The former pertains to connectionless transport generally, while the latter is specific to voice telephony service. This note identifies the materials and summarizes the developments related to these initiatives. < - > http://www.itu.int/osg/csd/cybersecurity/WSIS/3rd_meeting_docs/Rutkowski_IPtraceback_callerID_rev0.pdf From rforno at infowarrior.org Fri Sep 12 23:49:27 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 19:49:27 -0400 Subject: [Infowarrior] - Report: DHS lacking 'open source' intelligence Message-ID: <4470664B-25DF-48A0-853C-EB615C6A177F@infowarrior.org> Homeland Security lacking 'open source' intelligence Posted by Stephanie Condon 1 comment http://news.cnet.com/8301-13578_3-10040939-38.html?part=rss&subj=news&tag=2547-1_3-0-20 The U.S. Department of Homeland Security has not met requirements to provide "open source" intelligence--that is, publicly available information--for state and local law enforcement, a new report shows. The House Committee on Homeland Security released a report Friday criticizing the department after interviewing more than 350 state, local, and tribal law enforcement officials about the DHS's open source intelligence efforts. While 82 percent of law enforcement officials surveyed said they use open source information, 60 percent said the DHS needed to establish a training program on how to use the department's open source material. Half of respondents said the DHS's open source products did not meet their needs. "The proliferation of Internet use and other advanced forms of communication is rapidly leading to an information revolution among terrorists groups," the report says. "The sooner the Department of Homeland Security recognizes the value in this type of unclassified information, the sooner DHS analysts can analyze it and provide useful open source intelligence to state, local and tribal law partners." The Homeland Security Act of 2002 requires DHS, whenever possible, to make available unclassified reports and analyses based on open source information like newspapers, Internet resources, or scientific journals. To reinforce that requirement, the House in July passed the Homeland Security Open Source Information Enhancement Act, requiring the Secretary of Homeland Security to establish an open source program. Despite this, "DHS' efforts have lagged behind the rest of the Federal government," the report says. The Director of National Intelligence and the Central Intelligence Agency have established stronger open source programs, even though the DHS is responsible for sharing terrorism threat information with state and local law enforcement. "The Department is far behind the rest of the Intelligence Community in implementing a comprehensive open source intelligence program," said Rep. Bennie Thompson, chair of the Homeland Security Committee. "I am convinced that the department must make a concerted effort to understand their intelligence needs and produce intelligence products that provide actionable recommendations for the cop on the beat." From rforno at infowarrior.org Fri Sep 12 23:51:02 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 19:51:02 -0400 Subject: [Infowarrior] - Report Text: DHS OSINT Message-ID: PDF of the report cited in previous message http://homeland.house.gov/SiteDocuments/OpenSourceReport.pdf From rforno at infowarrior.org Sat Sep 13 03:22:00 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Sep 2008 23:22:00 -0400 Subject: [Infowarrior] - FBI Outlines Plan to Expand Agents' Tactics; Hill Hearings Set Message-ID: <2D9AB963-DC06-4CC7-B378-DDFA05B94660@infowarrior.org> FBI Outlines Plan to Expand Agents' Tactics; Hill Hearings Set By Carrie Johnson Washington Post Staff Writer Saturday, September 13, 2008; A09 http://www.washingtonpost.com/wp-dyn/content/article/2008/09/12/AR2008091203133_pf.html FBI officials yesterday briefed civil liberties advocates and religious groups on a plan to offer agents an array of tactics to track national security threats, as lawmakers prepared to demand more information at a pair of oversight hearings next week. The ground rules, known as Attorney General guidelines, have been in the works for nearly 18 months. Authorities say they are designed to harmonize the techniques that FBI agents can use to investigate ordinary crimes, collect foreign intelligence or pursue possible terrorist threats. Under the new plan, agents pursuing national security leads could employ physical surveillance, deploy informants and engage in "pretext" interviews with their identities hidden to assess the danger posed by a subject. Such threat assessments could be initiated even without a particular fact or concrete lead that a person had engaged in wrongdoing. Community activists and the American Civil Liberties Union, which attended yesterday's briefing, question how a subject's race, ethnicity or religious orientation might become part of attracting FBI interest. A senior Justice official and a top FBI representative said race could never be the sole factor for opening an investigation. But it might be taken into account when investigators scrutinize groups, such as Hezbollah or the Aryan Brotherhood, that draw their members from specific populations, or, for example, when they follow leads about suspicious groups of Muslim men boarding an airplane. FBI Director Robert S. Mueller III will appear next week before the House and Senate Judiciary committees, where lawmakers say he will be asked about the timing and rationale for overhauling the rules. House and Senate Democrats already are characterizing the move as a last- ditch bid to change intelligence-gathering only weeks before the presidential election. But senior FBI and Justice officials, who briefed reporters on condition they not be identified, asserted that the changes were merely the latest in a series of steps to make the bureau more proactive after intelligence failures before the Sept. 11, 2001 attacks. The measures are scheduled to take effect Oct. 1, though changes still could be made in some areas, including ground rules for FBI agents who secretly infiltrate activist groups or collect intelligence at public demonstrations and events without a suspected terrorist threat. The plan also would allow FBI agents to collect information in the United States on behalf of foreign intelligence authorities, as long as their participation aligned with U.S. interests. It would allow agents to gather intelligence from citizens within the United States about areas of general interest, such as Venezuelan oil supply, at the direction of the White House or the director of national intelligence. Michael German, a policy counsel at the ACLU, urged lawmakers to do a "thorough investigation" of the guidelines and the way they will work in practice. More than 30 years ago, "the abuse of these authorities is exactly what caused the department to create the guidelines in the first place," he said. From rforno at infowarrior.org Sun Sep 14 15:37:44 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Sep 2008 11:37:44 -0400 Subject: [Infowarrior] - A Privacy Shield Against the Campaigns Message-ID: A Privacy Shield Against the Campaigns By Shaun Dakin Saturday, September 13, 2008; A17 http://www.washingtonpost.com/wp-dyn/content/article/2008/09/12/AR2008091202658_pf.html While John McCain and Barack Obama have plenty to fight about, there is at least one thing that they agree on: Voters who interact with their campaigns have no privacy rights. What does this mean? It's simple: Voters do not have the right to opt out of unwanted campaign communications, either online or off-line. Voters don't have the right to decide who will contact them or how they will be contacted by the presidential campaigns. This invasion of the voters' privacy is bipartisan. Republicans do it. Democrats do it. Heck, even Libertarians do it. This week, I received an e-mail from the Obama campaign that had the subject line: "Your Neighbors." Intrigued, I opened the message and learned that the campaign was launching a sophisticated program called "Neighbor-to-Neighbor" that makes "it easier than ever to connect with potential supporters in your community by phone or door-to-door." It continues: "Neighbor-to-Neighbor gives you the option to make phone calls or knock on doors -- the choice is yours." The choice may be yours, but what about your neighbors, who may not want you to bother them at their homes? This new program is both tech-cool and privacy-rights-scary. When I clicked through to myBarackObama.com, I was able to create "walk lists" using a Google map showing me exactly where potential Obama supporters near me live. The Web site provided the names, addresses and phone numbers of these targeted neighbors and offered a prompt for printing out the list. The last step? Log back in and record the results of your "door-to-door" conversations with voters. I don't know about you, but I do not want my neighbors knocking on my door asking me whom I'm going to vote for. I certainly do not want my name, address and phone number printed on a Google map for the world to see. And, without a doubt, I do not want anyone calling me at home during dinner. This is an invasion of privacy, because these voters never explicitly gave their permission to have themselves targeted in a database that invites their neighbors to walk "door to door" to try to persuade them to vote for a particular candidate. When I tried to opt out of this tool, I learned that while I could opt out of campaign e-mail spam, there was no way that I could quickly, securely and comprehensively opt out of voter communications that I do not want to receive. John McCain's Web site is much the same: It provides no mechanism for voters to opt out of unwanted communications other than e-mail. What can be done? As a spokesperson for millions of voters inundated by political campaigns, I have testified this year before the Senate Rules Committee in support of the Robocall Privacy Act. Our members report receiving as many as 15 robocalls a day during election season. Mothers have their babies awakened from naps. Night-shift workers who sleep during the day can't get the rest they need. Seniors and others fear that a health emergency could occur while their phone is tied up. While commercial organizations are required by law to respect the privacy rights of consumers, politicians at the federal level and in all but a few states have exempted themselves from these laws. More than 160 million phone numbers have been placed on the National Do Not Call Registry, which requires commercial organizations to stop calling consumers within 30 days of those consumers listing their numbers. Political campaigns will call many of those 160 million numbers with impunity this fall. Why should commercial companies be required by law to stop invading the privacy of potential customers while politicians are allowed to do whatever they wish to reach potential voters? To answer this question, candidates usually cite the First Amendment -- the right to speak freely as part of the our nation's vital democratic process. That might be a legitimate criticism of an outright ban but not of a system in which voters are given the choice to opt out of unwelcome communications. Thus, the real reason for their personal exemptions is obvious: Politicians write the laws, and politicians like regulation only when it applies to someone else. The time has come for a Voter Privacy Bill of Rights built on a single, straightforward principle: Voters should have the right to opt out of all direct political communications that they do not want to receive. Period. The writer is chief executive and founder of Citizens for Civil Discourse, a nonprofit group that has launched the National Political Do Not Contact Registry at StopPoliticalCalls.org. From rforno at infowarrior.org Sun Sep 14 18:21:53 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Sep 2008 14:21:53 -0400 Subject: [Infowarrior] - Two questions Message-ID: a) What is the deal with these Microsoft tv commercials with Bill Gates and Jerry Seinfeld? Does anyone understand WHAT they're trying to convey or communicate to viewers, customers, users, or potential customers? Yes, these ads are quite Seinfeldian in that they're commercials "about nothing" ... but am I alone in scratching my head over their meaning or strategy as advertisements? IMHO they're an insult to Seinfeld fans! And much more importantly --- b) Any thoughts or reco's on Sony or Philips LCD TVs? (Yes, it's getting close to upgrade time.....and while I'd love to wait until the holidays, Costco has some real beauties @ the moment @ decent prices.) Thx -rf From rforno at infowarrior.org Sun Sep 14 18:25:26 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Sep 2008 14:25:26 -0400 Subject: [Infowarrior] - Crypto: Cube Attacks on Tweakable Black Box Polynomials Message-ID: Cryptology ePrint Archive: Report 2008/385 Cube Attacks on Tweakable Black Box Polynomials Itai Dinur and Adi Shamir http://eprint.iacr.org/2008/385 Abstract: Almost any cryptographic scheme can be described by \emph{tweakable polynomials} over $GF(2)$, which contain both secret variables (e.g., key bits) and public variables (e.g., plaintext bits or IV bits). The cryptanalyst is allowed to tweak the polynomials by choosing arbitrary values for the public variables, and his goal is to solve the resultant system of polynomial equations in terms of their common secret variables. In this paper we develop a new technique (called a \emph{cube attack}) for solving such tweakable polynomials, which is a major improvement over several previously published attacks of the same type. For example, on the stream cipher Trivium with a reduced number of initialization rounds, the best previous attack (due to Fischer, Khazaei, and Meier) requires a barely practical complexity of $2^{55}$ to attack $672$ initialization rounds, whereas a cube attack can find the complete key of the same variant in $2^{19}$ bit operations (which take less than a second on a single PC). Trivium with $735$ initialization rounds (which could not be attacked by any previous technique) can now be broken with $2^{30}$ bit operations, and by extrapolating our experimentally verified complexities for various sizes, we have reasons to believe that cube attacks will remain faster than exhaustive search even for $1024$ initialization rounds. Whereas previous attacks were heuristic, had to be adapted to each cryptosystem, had no general complexity bounds, and were not expected to succeed on random looking polynomials, cube attacks are provably successful when applied to random polynomials of degree $d$ over $n$ secret variables whenever the number $m$ of public variables exceeds $d+log_dn$. Their complexity is $2^{d-1}n+n^2$ bit operations, which is polynomial in $n$ and amazingly low when $d$ is small. Cube attacks can be applied to any block cipher, stream cipher, or MAC which is provided as a black box (even when nothing is known about its internal structure) as long as at least one output bit can be represented by (an unknown) polynomial of relatively low degree in the secret and public variables. In particular, they can be easily and automatically combined with any type of side channel attack that leaks some partial information about the early stages of the encryption process (which can typically be represented by a very low degree polynomial), such as the Hamming weight of a byte written into a register. Category / Keywords: secret-key cryptography / Cryptanalysis, algebraic attacks, cube attacks, Date: received 13 Sep 2008, last revised 14 Sep 2008 Contact author: itai dinur at weizmann ac il Available formats: PDF | BibTeX Citation Version: 20080914:160327 (All versions of this report) http://eprint.iacr.org/2008/385 From rforno at infowarrior.org Sun Sep 14 18:30:46 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Sep 2008 14:30:46 -0400 Subject: [Infowarrior] - Conflict Over Spying Led White House to Brink Message-ID: <653AA852-4AC5-4C76-9D20-9528ABE0B03B@infowarrior.org> Conflict Over Spying Led White House to Brink By Barton Gellman Washington Post Staff Writer Sunday, September 14, 2008; A01 This is the first of two stories adapted from "Angler: The Cheney Vice Presidency," to be published Tuesday by Penguin Press. Original source notes are denoted in [brackets] throughout. < - > http://www.washingtonpost.com/wp-dyn/content/article/2008/09/13/AR2008091302284_pf.html From rforno at infowarrior.org Sun Sep 14 21:15:22 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Sep 2008 17:15:22 -0400 Subject: [Infowarrior] - Tribute to LTG William Odom Message-ID: <7628A3A5-E536-418F-BF09-DB20234CE3BD@infowarrior.org> http://www.amconmag.com/article/2008/sep/08/00006/ General Principles While other top brass played press agents for the administration?s war, William Odom told the truth about Iraq?though few listened. By Ron Unz Much as the capital loves ceremony, Washington won?t pause on Sept. 8 when Lt. Gen. William Odom is laid to rest at Arlington Cemetery. While he is worthy of his laurels, he did not court the favor of the Beltway political class. Instead, he disdained their blindness to history, their partisan fixations, their herd mentality. Brave men often stand alone. Those with knowledge of military affairs recognize different types of courage. There is combat courage?the resolve to storm a position or hold a trench against heavy odds. There is command courage?the willingness of officers to take decisive action and sustain losses to secure victory. And there is a third variety, crucial at the topmost ranks of America?s officer corps but increasingly rare?political courage, the willingness to speak truth to political power. Bill Odom, whom I greatly admired and respected, exemplified this last, most elusive kind of courage, which is why his death of a heart attack on May 30 leaves such a void in America?s foreign-policy debate. He passed away too soon, but in some ways Odom had already lived past his time, the era of Cold War liberal internationalism. After graduating from West Point in 1954, he served in Germany and Vietnam and was later posted to the Moscow embassy. Following several years of teaching at West Point, he came to Washington as an aide to Zbigniew Brzezinski, President Carter?s national security adviser. There, he gained a reputation as ?Zbig?s superhawk? for his staunch opposition to d?tente and his prescient speculations about the possible break-up of the Soviet Union before the end of the century. He went on to serve as assistant chief of staff of the Army for Intelligence and director of the National Security Agency under President Reagan. In the wake of Sept. 11, this retired three-star general, long a pillar of the foreign-policy establishment, seemed uniquely qualified to be heard. Indeed, he was one of the earliest senior military figures to issue public warnings as the hysterical drive to invade Iraq eventually became a calamitous occupation, an outcome that he later described as ?the greatest strategic disaster in U.S. history. < - > As a serious scholar, Bill Odom knew his Thucydides. But the country he leaves behind does not. http://www.amconmag.com/article/2008/sep/08/00006/ From rforno at infowarrior.org Sun Sep 14 21:19:44 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Sep 2008 17:19:44 -0400 Subject: [Infowarrior] - YouTube bans terrorism training videos Message-ID: <2DAA8EEE-6D45-4217-A02F-3896232570E2@infowarrior.org> YouTube bans terrorism training videos Friday, 12 September, 2008 http://news.sbs.com.au/worldnewsaustralia/youtube_bans_terrorism_training_videos_557508 Terrorist training videos will be banned from appearing on YouTube, under revised new guidelines being implemented by the popular video- sharing site. The Google-owned portal will ban footage that advertises terrorism or extremist causes and supporters of the change hope it will blunt al- Qaeda's strong media online campaign. The move comes after pressure on the internet search engine from Connecticut Senator Joseph Lieberman. In addition to the ban on terror training videos, the new YouTube guidelines includes bans on videos that incite others to commit violent acts, videos on how to make bombs, and footage of sniper attacks. The internet has become a powerful tool for terrorism recruitment. What was once conducted at secret training camps in Afghanistan is now available to anyone, anywhere because of the web. Chatrooms are potent recruitment tools, but counterterrorism officials have found terrorist-sponsored videos are also key parts of al-Qaeda's propaganda machine. "It's good news if there are less of these on the web," FBI spokesman Richard Kolko said. "But many of these jihadist videos appear on different websites around the world, and any time there is investigative or intelligence value we actively pursue it." How to slit throats There have been online terror-training videos ranging from how to slit a victim's throat and how to make suicide vests to how to make explosives from homemade ingredients and how to stalk people and ambush them, said Bruce Hoffman, a counterterrorism expert and professor at Georgetown University. Hoffman said he does not know whether the videos were posted on YouTube, but they have been available at other sites online. A year ago, a Homeland Security Department intelligence assessment said: "The availability of easily accessible messages with targeted language may speed the radicalisation process in the homeland for those already susceptible to violent extremism." Recognising the growing threat of radicalisation, Lieberman - the Democrat-turned-independent who chairs the Senate Homeland Security and Governmental Affairs Committee - asked Google to ban videos from al-Qaeda and other Islamist terror groups. He said the private sector also has a role in protecting the United States from terrorists. By banning these videos on YouTube, "Google will make a singularly important contribution to this important national effort," Lieberman wrote to Google's chairman and chief executive, Eric Schmidt, in May. Dealing with extremists Representatives of Google and YouTube would not respond to questions about Lieberman's appeal. Despite the move there is a debate among radicalisation experts of whether shutting down extremist sites is the most effective way to counter the threat. They say keeping them online allows analysts and investigators to monitor what is being said and in some cases who is saying it. "The reality is by shutting it down, it is more or less a game of whack-a-mole: it pops up somewhere else," said Frank Ciluffo, homeland security director at George Washington University. However, he said, forcing extremists to find other ways to post videos could give officials a better opportunity to monitor them. Source: AAP From rforno at infowarrior.org Mon Sep 15 00:53:18 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Sep 2008 20:53:18 -0400 Subject: [Infowarrior] - Pew study: cloud computing popular, privacy worries linger Message-ID: <914E5F3B-7EF9-4F0D-99BF-EF5E04F1EB60@infowarrior.org> (Report link: http://www.pewinternet.org/PPF/r/262/report_display.asp) Pew study: cloud computing popular, privacy worries linger By Julian Sanchez | Published: September 14, 2008 - 05:55PM CT http://arstechnica.com/news.ars/post/20080914-pew-cloud-computing-study-debuts-at-google-event-in-progress.html A new survey by the Pew Internet and American Life project, released Friday morning at Google's Washington, DC headquarters, finds cloud computing applications taking off among Internet users. But respondents also told pollsters that they have profound concerns about ways their personal data might be used?among them, the kind of ad- targeting practiced by... Google. As Internet users increasingly find themselves using multiple (potentially incompatible) networked devices to get online from a variety of locations, it should come as little surprise that large numbers of them are availing themselves of "cloud" services that offload computing or data storage functions to someone else's server, allowing e-mail, photos, or documents to be accessed anywhere. More than half of Internet users have used Web-based e-mail services, which study author John Horrigan called the "starter drug" of cloud computing, while just over a third have stored personal photos on sites like Flickr or Photobucket. Cloud apps like Google Documents and Adobe Photoshop Express were third most popular, with 29 percent of respondents saying they'd used one, while fewer than 10 percent had used Web-based services to store personal videos or back up their hard drives. All told, 69 percent of users had used at least one form of cloud computing; 40 percent had used two or more. For users under 30, those numbers jumped to 87 percent and 59 percent respectively. Perhaps more surprising is that 68 percent of respondents who said they'd used cloud services declared that they would be "very" concerned, and another 19 percent at least "somewhat" concerned, if their personal data were analyzed to provide targeted advertising. This, of course, is precisely what many Web mail services, such as Google's own Gmail, do?which implies that at least some of those who profess to be "very" concerned about the practice are probably nevertheless subjecting themselves to it. Practices like the selling of files to third parties and the use of personal photos or other data in marketing campaigns were almost universally condemned, while only 49 percent of cloud app users said they would be "very" concerned if an online service turned over private files at the request of a law enforcement agency. Cloud Computing Event at Google DC Author Horrigan was joined at Google's DC offices by a panel of commentators who highlighted some of the policy challenges raised by the growing popularity of cloud computing services. Ari Schwartz of the Center for Democracy and Technology pointed out that courts have traditionally refused to recognize any Fourth Amendment privacy interest in information turned over to third-party institutions, such as banks. Schwartz warned that as "cloud" storage of personal data and documents becomes more prevalent, this formal distinction would dilute privacy protections unless courts took steps to "bring the Fourth Amendment into the 21st century." He also suggested that, in addition to site-specific privacy controls, cloud providers work to implement "meta-controls" that woul allow users to set uniform privacy preferences for all their data, across a range of sites. Michael Nelson, formerly director of technology policy at the FCC, compared cloud computing in 2008 to the Web in 1993, predicting that it the cloud model would come to be regarded as "important as the Web was 15 years ago." But he called public policy the "rate limiting step" in technological progress, and warned of the need to "futureproof" policy. Nelson, who before his stint at the FCC advised Al Gore on telecom infrastructure and e-commerce issues at the Office of Science and Technology Policy, declared himself a "cyberlibertarian Democrat" who had learned that "government has an almost unlimited capacity to screw things up when they can't see the future?which none of us can." The best policy, he suggested, is therefore for government to lead by example: Nelson cited the decision to create a White House Web site linking to the sites of other agencies?whether they had one ready or not?as among the most important policy choices made during his time in the Clinton administration. One of those myriad ways government might screw things up, suggested Salesforce.com public policy VP Daniel Burton, would be to yield to protectionist impulses by imposing data export restrictions. Domestic industry, he suggested, might be tempted to seek limits on the transfer of information overseas?perhaps in the guise of consumer protection or privacy regulation?which would function as a non-tarriff trade barrier. Horrigan, for his part, observed that the viability of the cloud model going forward would depend in significant part on its adaptability to mobile computing. That, in turn, would depend on a spectrum policy designed to enable ubiquitous wireless broadband connectivity? something lawmakers appear to have deemed less important than ensuring we can all watch HD reruns of House on broadcast television. From rforno at infowarrior.org Mon Sep 15 13:03:39 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Sep 2008 09:03:39 -0400 Subject: [Infowarrior] - DoJ Brief on FBI Investigation Guidelines Message-ID: <9664410D-1C3A-4278-B31F-65ED2E4BAF38@infowarrior.org> Transcript of Background Briefing with Department of Justice Officials on Consolidated Attorney General Guidelines < - > http://www.usdoj.gov/opa/pr/2008/September/08-opa-814.html From rforno at infowarrior.org Mon Sep 15 17:23:30 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Sep 2008 13:23:30 -0400 Subject: [Infowarrior] - Poll: Public opposes increased presidential power Message-ID: <2F0AA4CC-6849-41C9-9F05-17CB125B5D1D@infowarrior.org> Poll: Public opposes increased presidential power http://news.yahoo.com/s/ap/20080915/ap_on_go_ot/ap_national_constitution_center_poll&printer=1;_ylt=Amyk7kBnApEgE_MzU35Offh2wPIE By MARK SHERMAN, Associated Press Writer Mon Sep 15, 6:37 AM ET Americans strongly oppose giving the president more power at the expense of Congress or the courts, even to enhance national security or the economy, according to a new poll. The Associated Press-National Constitution Center poll of views on the Constitution found people wary of governmental authority after years of controversy over the Bush administration's expansion of executive power, and especially skeptical of increasing the president's powers. "There is clearly a concern about executive power and the balance of power that comes out in a couple of different ways," said Joseph Torsella, president of the Philadelphia-based organization. The nonpartisan center is dedicated to educating the public about the Constitution. Torsella said he believes the polls reflect long-standing skepticism of presidential power. "I think it's a basic chord in the American song and it gets louder and stronger depending on what's happening in the headlines," he said. The survey also found overwhelming opposition to the government's power to take private property for redevelopment and to amending the Constitution to allow foreign-born citizens to be president. Americans are divided over government recognition of gay marriage, but younger people are far more likely to support it. President Bush and Congress are at record low approval ratings in recent polls, with Congress even less popular than the president. But in the new poll, the public is more reluctant to expand the president's powers than those of Congress. Two-thirds of Americans oppose altering the balance of power among the three branches of government to strengthen the presidency, even when they thought that doing so would improve the economy or national security. People were more evenly split over giving Congress more power in the same circumstances. "The Constitution sets up three branches of government and to increase the power of one at the expense of the others endangers the fundamental structure," said poll participant James Crowder, 74, of Cockeysville, Md., a Baltimore suburb. "This current president and his vice president have distorted the office of president so much that it will take an enormous amount of time, if ever, for us to recover from that." Crowder is a Democrat and a retired Episcopal priest. In one area, the poll found Americans clearly on Congress' side. They said Congress should have the power to require senior presidential aides to testify before House and Senate committees ? a topic currently wending its way through the courts. The administration is trying to prevent former White House counsel Harriet Miers from testifying about the firing of nine U.S. attorneys. The government's power to take private property for redevelopment had little support in the poll, not even when owners are paid a fair price and the project creates local jobs. Participants said they consider private property rights conferred by the Constitution as important as freedom of speech and religion. The Fifth Amendment allows the government to seize property for public use with just compensation. In 2005, the Supreme Court ruled 5-4 that governments may seize people's homes and businesses ? even against their will ? for private economic development when there is a corresponding public purpose of bringing more jobs and tax revenue. In the new poll of people's views on the Constitution, 75 percent disagreed. Opposition to the government power known as eminent domain was as strong among liberals as conservatives. Cities, backed by some liberals, generally see the power to seize private property as an important tool for urban renewal projects crucial to revitalizing cities. Many conservatives ? particularly in the West ? have called the high court decision a dangerous interpretation of the Constitution that would lead to abuse of individual rights. Since the ruling, 39 states have enacted legislation or passed ballot measures restricting the government's power to take property, according to the National Conference of State Legislatures. The poll also found a split on whether governments should recognize gay marriage. But a majority said same-sex couples should be entitled to the same benefits as married, heterosexual couples. The answers to these questions revealed a sharp generational split. More than two-thirds of people under 35 favor recognition of gay marriage, compared with less than 40 percent of those 35 and older. Majorities also favor following the rule of law, even if that sometimes comes at the expense of short-term public safety considerations and protecting the rights of everyone in the face of majority opposition. The public broadly supports government aid to religious organizations for social service programs. But that support drops sharply when organizations also promote their religious beliefs while providing help to the homeless and other social services. The AP-National Constitution Center poll involved telephone interviews with 1,000 adults nationwide. The survey was conducted Aug. 22-29 by Abt SRBI Inc. and had a margin of sampling error of plus or minus 3.1 percentage points. From rforno at infowarrior.org Mon Sep 15 17:39:17 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Sep 2008 13:39:17 -0400 Subject: [Infowarrior] - Google's "sea barge" data centers? Message-ID: <371A5424-94E1-4948-A0EF-3B59A3DBB7BB@infowarrior.org> September 15, 2008 Google search finds seafaring solution Murad Ahmed, Technology Reporter http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article4753389.ece Google may take its battle for global domination to the high seas with the launch of its own ?computer navy?. The company is considering deploying the supercomputers necessary to operate its internet search engines on barges anchored up to seven miles (11km) offshore. The ?water-based data centres? would use wave energy to power and cool their computers, reducing Google?s costs. Their offshore status would also mean the company would no longer have to pay property taxes on its data centres, which are sited across the world, including in Britain. In the patent application seen by The Times, Google writes: ?Computing centres are located on a ship or ships, anchored in a water body from which energy from natural motion of the water may be captured, and turned into electricity and/or pumping power for cooling pumps to carry heat away.? The increasing number of data centres necessary to cope with the massive information flows generated on popular websites has prompted companies to look at radical ideas to reduce their running costs. The supercomputers housed in the data centres, which can be the size of football pitches, use massive amounts of electricity to ensure they do not overheat. As a result the internet is not very green. Data centres consumed 1 per cent of the world?s electricity in 2005. By 2020 the carbon footprint of the computers that run the internet will be larger than that of air travel, a recent study by McKinsey, a consultancy firm, and the Uptime Institute, a think tank, predicted. In an attempt to address the problem, Microsoft has investigated building a data centre in the cold climes of Siberia, while in Japan the technology firm Sun Microsystems plans to send its computers down an abandoned coal mine, using water from the ground as a coolant. Sun said it could save $9 million (?5 million) of electricity costs a year and use half the power the data centre would have required if it was at ground level. Technology experts said Google?s ?computer navy? was an unexpected but clever solution. Rich Miller, the author of the datacentreknowledge.com blog, said: ?It?s really innovative, outside- the-box thinking.? Google refused to say how soon its barges could set sail. The company said: ?We file patent applications on a variety of ideas. Some of those ideas later mature into real products, services or infrastructure, some don?t.? Concerns have been raised about whether the barges could withstand an event such as a hurricane. Mr Miller said: ?The huge question raised by this proposal is how to keep the barges safe.? From rforno at infowarrior.org Mon Sep 15 17:50:35 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Sep 2008 13:50:35 -0400 Subject: [Infowarrior] - Best Buy to Buy Napster Message-ID: <1BEA95A2-320C-4CAF-9A2B-46719537A09A@infowarrior.org> Best Buy to Buy Napster In $121 Million Acquisition By AJA CARMICHAEL September 15, 2008 9:12 a.m. http://online.wsj.com/article/SB122148359646535989.html?mod=hpp_us_whats_news Best Buy Inc. has agreed to buy Napster Inc. for $121 million, a deal that the consumer-electronics giant said it will use to reach new customers. The deal, which includes $67 million of cash and short-term investments on Napster's books, values the provider of digital music at $2.65 a share, nearly double Friday's closing price of $1.36. The acquisition, which is set to close in the fourth quarter, includes Napster's 700,000 digital entertainment subscribers, Web-based customer-service platform and mobile capabilities. "Best Buy intends to use Napster's capabilities and digital subscriber base to reach new customers with an enhanced experience for exploring and selecting music and other digital entertainment products over an increasing array of devices," said Best Buy President and Chief Operating Officer Brian Dunn. Best Buy has been expanding its wireless products and services, rolling out cellphone departments to all of its U.S. stores. In May, the consumer electronics retailer paid $2.1 billion to form a joint venture with U.K.-based Carphone Warehouse Group PLC. Napster said Chief Executive Chris Gorog and the company's senior executives will remain in their posts. The company does not plan to relocate its Los Angeles headquarters. In late May, Napster began selling songs in the unrestricted MP3 format, a move the company hoped would bolster its position against Apple Inc.'s iTunes and Amazon.com Inc.'s online store. Napster also continued selling restricted tracks via its subscription service. Shares of Best Buy fell 3.3% to $43.01 in premarket trading amid broad weakness caused by the weekend's unprecedented developments in the financial sector. Write to Aja Carmichael at aja.carmichael at wsj.com From rforno at infowarrior.org Mon Sep 15 23:23:12 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Sep 2008 19:23:12 -0400 Subject: [Infowarrior] - FINRA Investor Safety Guidelines Message-ID: <8BB89C17-F599-48ED-9948-A2822DE7E8EE@infowarrior.org> If a Brokerage Firm Closes Its Doors Given the turbulence affecting the financial services industry these days?including recent announcements concerning Lehman Brothers?you may be wondering what would happen to your securities account if your brokerage firm closed its doors... < - > http://www.finra.org/Investors/ProtectYourself/InvestorAlerts/P116996 ABOUT FINRA: The Financial Industry Regulatory Authority (FINRA), is the largest non-governmental regulator for all securities firms doing business in the United States. All told, FINRA oversees nearly 5,000 brokerage firms, about 173,000 branch offices and approximately 677,000 registered securities representatives. Created in July 2007 through the consolidation of NASD and the member regulation, enforcement and arbitration functions of the New York Stock Exchange, FINRA is dedicated to investor protection and market integrity through effective and efficient regulation and complementary compliance and technology-based services. From rforno at infowarrior.org Mon Sep 15 23:34:31 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Sep 2008 19:34:31 -0400 Subject: [Infowarrior] - =?windows-1252?q?Pink_Floyd=92s_Richard_Wright_Di?= =?windows-1252?q?es_at_65?= Message-ID: <838D9EC6-A9FC-407B-B7D8-E248AF47FAFC@infowarrior.org> September 15, 2008 Pink Floyd?s Richard Wright Dies at 65 By THE ASSOCIATED PRESS Filed at 6:11 p.m. ET http://www.nytimes.com/aponline/arts/AP-EU-Britain-Pink-Floyd.html LONDON (AP) -- Richard Wright, a founding member of the rock group Pink Floyd, died Monday. He was 65. Pink Floyd's spokesman, Doug Wright, who is not related to the artist, said Wright died after a battle with cancer at his home in Britain. He says the band member's family did not want to give more details about his death. Wright met Pink Floyd members Roger Waters and Nick Mason in college and joined their early band, Sigma 6. Along with the late Syd Barrett, the four formed Pink Floyd in 1965. The group's jazz-infused rock and drug-laced multimedia ''happenings'' made them darlings of the London psychedelic scene, and their 1967 album, ''The Piper at the Gates of Dawn,'' was a hit. In the early days of Pink Floyd, Wright, along with Barrett, was seen as the group's dominant musical force. The London-born musician and son of a biochemist wrote songs and played the keyboard. ''Rick's keyboards were an integral park of the Pink Floyd sound,'' said Joe Boyd, a prominent record producer who worked with Pink Floyd early in its career. The band released a series of commercially and critically successful albums including 1973's ''Dark Side of the Moon,'' which has sold more than 40 million copies. Wright wrote ''The Great Gig in the Sky'' and ''Us and Them'' for that album, and later worked on the group's epic compositions such as ''Atom Heart Mother,'' ''Echoes'' and ''Shine on You Crazy Diamond.'' But tensions grew among Waters, Wright and fellow band member David Gilmour. The tensions came to a head during the making of ''The Wall'' when Waters insisted Wright be fired. As a result, Wright was relegated to the status of session musician on the tour of ''The Wall,'' and did not perform on Pink Floyd's 1983 album, ''The Final Cut.'' Wright formed a new band Zee with Dave Harris, from the band Fashion, and released one album, ''Identity,'' with Atlantic Records. Waters left Pink Floyd in 1985 and Wright began recording with Mason and Gilmour again, releasing the albums ''The Division Bell'' and ''A Momentary Lapse of Reason'' as Pink Floyd. Wright also released the solo albums ''Wet Dream'' (1978) and ''Broken China'' (1996). In July 2005, Wright, Waters, Mason and Gilmour reunited to perform at the ''Live 8'' charity concert in London -- the first time in 25 years they had been onstage together. Wright also worked on Gilmour's solo projects, most recently playing on the 2006 album ''On an Island'' and the accompanying world tour. Gilmour paid tribute to Wright on Monday, saying his input was often forgotten. ''He was gentle, unassuming and private but his soulful voice and playing were vital, magical components of our most recognized Pink Floyd sound,'' he said. ''I have never played with anyone quite like him.'' From rforno at infowarrior.org Mon Sep 15 23:39:18 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Sep 2008 19:39:18 -0400 Subject: [Infowarrior] - NBC to Net - "Gimme OUR Video Back!" Message-ID: <787CD311-37A6-4636-B2F2-CB73CF4C1A74@infowarrior.org> I don't care what NBCU thinks about their business models and competencies, they still do not know the nature of the Internet. If nobody's charging money to watch the SNL skit, NBC should be thankful for getting the free viral buzz out there. But nooooo, NBCU goes back into Industrial-Age thinking mode and sends out the lawyers. What maroons. :( -rf NBC Universal Zaps YouTube Uploads of SNL Skit On Sarah Palin By Sarah Lai Stirland EmailSeptember 15, 2008 | 4:27:50 PMCategories: Election '08 http://blog.wired.com/27bstroke6/2008/09/nbc-universal-z.html Google searches for the terms "SNL Palin," "Saturday Night Live," and "Tina Fey as Palin" rocketed off the roof over the week-end, as people around the United States e-mailed each other and blogged about Fey's uncannily-close impersonation of the Republican vice-presidential nominee. Fey, Saturday Night Live's former head writer and creator of the show 30 Rock, appeared with SNL's Amy Poehler as Hillary Clinton to "battle sexism" in the show's opening skit. Soon after the episode aired, e-mails with links to the inevitable YouTube uploads flew around listservs. But the take-down notices went out just as quickly, notifying YouTube that the clips had infringed upon NBC Universal's copyright. One of the uploads had already been removed as of Sunday, but several more managed to stay up on YouTube as of Monday. And other web sites such as LiveLeak also hosted clips. NBC Universal has since posted the skit up on its own web site. Below is an embed of the clip. From rforno at infowarrior.org Tue Sep 16 22:24:07 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Sep 2008 18:24:07 -0400 Subject: [Infowarrior] - First Al Gore, now John McCain's invented something.... Message-ID: <4993E9D2-0AB2-448B-A137-2F2566C66AF5@infowarrior.org> (Sorry, couldn't resist.......-rf) http://www.politico.com/blogs/jonathanmartin/0908/HoltzEakin_McCain_helped_create_BlackBerry.html?showall Holtz-Eakin: McCain helped create BlackBerry Asked what work John McCain did as chairman of the Senate Commerce Committee that helped him understand the financial markets, the candidate's top economic adviser wielded visual evidence: his BlackBerry. "He did this," Douglas Holtz-Eakin told reporters this morning, holding up his BlackBerry. "Telecommunications of the United States is a premier innovation in the past 15 years, comes right through the Commerce Committee. So you're looking at the miracle John McCain helped create and that's what he did." Al Gore, call your office. (Courtesy of Amie Parnes, on the trail with McCain) From rforno at infowarrior.org Tue Sep 16 22:36:41 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Sep 2008 18:36:41 -0400 Subject: [Infowarrior] - NIH's open access science in peril Message-ID: Oh Goodie....the cluebot Howard "Hollywood" Berman is at it again. But then again, he's fully-owned by the copyright cartels. But the best paragraph comes toward the end where it suggests Congresscritters get a primer in academic publishing activities. --rf Congress's copyright fight puts open access science in peril By John Timmer | Published: September 16, 2008 - 12:55PM CT http://arstechnica.com/articles/culture/open-access-science.ars Backlash against open access In recent years, scientific publishing has changed profoundly as the Internet simplified access to the scientific journals that once required a trip to a university library. That ease of access has caused many to question why commercial publishers are able to dictate the terms by which publicly funded research is made available to the public that paid for it. Open access proponents won a big victory when Congress voted to compel the National Institutes of Health to set a policy of hosting copies of the text of all publications produced by research it funds, a policy that has taken effect this year. Now, it appears that the publishing industry may be trying to get Congress to introduce legislation that will reverse its earlier decision under the guise of strengthening copyright protections. Under existing law, the products of federally funded research belong to the scientists that perform it and institutions that host them. Academic journals have traditionally had researchers transfer the copyright of publications resulting from this research to the journals. The current NIH policy requires that authors they fund reserve the right to place the text and images of their publication in an NIH database hosted at PubMed Central (PMC). To protect commercial publishers, papers submitted to PMC are not made accessible until a year after publication, and are not required to include the formatting and integration of images performed by the publisher. This one-year limit is shorter than that required by other governments and private funding bodies such as the Howard Hughes Medical Institute and the Wellcome Trust. Many publishers have embraced this policy, and allow the fully formatted paper to be made available, sometimes after a shorter embargo. Open Access meets resistance Not all publishers have embraced it, however, and some have tried to exact exorbitant fees for allowing manuscripts to be transferred to PMC. Others have engaged in aggressive lobbying against open access efforts. Those efforts may be paying off. The House of Representatives has seen the introduction of legislation, HR 6845 that, depending on its final format, may significantly curtail or eliminate the NIH's ability to continue its open access policy. The current bill would prevent any arm of the federal government from making research funding contingent upon "the transfer or license to or for a Federal agency of... any right provided under paragraph (1) or (2) of section 106 in an extrinsic work, to the extent that, solely for purposes of this subsection, such right involves the availability to the public of that work." Those Section 106 rights include the reproduction of the work. Although that would seem to rule out the existing NIH policy, there is a certain amount of legal wiggle room there. For example, the NIH could fund a private entity to maintain PMC, and thus have the right to reproduction transferred to an independent entity. Nevertheless, the bill would appear to directly target the prior legislation that put the NIH in the business of mandating public access in the first place. The Intellectual Property Subcommittee comes up to speed Last week, the Judiciary Committee's Subcommittee on Courts, the Internet, and Intellectual Property held a hearing on the proposed legislation. If anyone was thinking that policies related to publicly funded scientific research were free of politicking and rampant self- interest so frequently involved in the copyright and intellectual property battles, the hearings would have erased them. Legislators questioned whether it made sense to mandate the transfer of copyrights at a time when the US government was pushing for other governments to respect those rights. At one point, hearing chair Howard Berman (D-CA) noted that the N in NIH shouldn't stand for Napster. It also became apparent that there was a bit of a turf battle going on. The Intellectual Property Subcommittee clearly felt that it had been ignored during the original passage of the bill that compelled the NIH's open access policy, and several members expressed displeasure at having been bypassed, and suggested the bill was useful simply for allowing them to have a voice on the matter. That said, many of the representatives were clearly in need of a primer in academic publishing. Different members of the Subcommittee expressed surprise at various aspects of the current system, such as the fact that peer reviewers perform the function free (although, as noted, the process of arranging for peer review can be expensive). Also eliciting surprise was the revelation that authors are not paid by publishers for the transfer of copyright. In fact, many publishers charge money for the publication of scientific research, even those that obtain copyright to the work in the process. Dr. Elias Zerhouni, director of the NIH, shocked Berman when he mentioned that the NIH hands out $100 million a year to grant recipients specifically to cover the cost of publishing their results. It would certainly have been possible for those testifying in favor of the open access policy to argue that the public pays part of the cost of nearly every stage of the publishing process, and might expect to have some access to the end product. From rforno at infowarrior.org Wed Sep 17 01:36:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Sep 2008 21:36:38 -0400 Subject: [Infowarrior] - Network Attack Traceback Message-ID: <679ED3DF-5867-464B-B6B6-D9525F2272D3@infowarrior.org> http://cryptome.org/traceback.htm Add updated URL for BAA-05-04-IFKA, Network Attack Traceback (latest change dated June 11, 2008): https://www.fbo.gov/index?tab=core&s=opportunity&mode=form&id=7ef41b20f512818767c257c180108ae4&cck=1&au=&ck= Related news report of September 12, 2008: http://news.cnet.com/8301-13578_3-10040152-38.html From rforno at infowarrior.org Wed Sep 17 01:43:05 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Sep 2008 21:43:05 -0400 Subject: [Infowarrior] - DRM Paper: Rethinking Anticircumvention's Interoperability Policy Message-ID: Rethinking Anticircumvention's Interoperability Policy Aaron K. Perzanowski University of California, Berkeley - School of Law; Berkeley Center for Law & Technology http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1224742 UC Davis Law Review, Forthcoming Abstract: Interoperability is widely touted for its ability to spur incremental innovation, increase competition and consumer choice, and decrease barriers to accessibility. In light of these attributes, intellectual property law generally permits follow-on innovators to create products that interoperate with existing systems, even without permission. The anticircumvention provisions of the Digital Millennium Copyright Act (DMCA) represent a troubling departure from this policy, resulting in patent-like rights to exclude technologies that interoperate with protected platforms. Although the DMCA contains internal safeguards to preserve interoperability, judicial misinterpretation and a narrow textual focus on software-to-software interoperability render those safeguards largely ineffective. Subjecting restrictions on interoperability to antitrust scrutiny, and the resulting mandatory disclosure of technical information, is one approach to holding anticircumvention law in check. But a number of considerations suggest antitrust is a poor tool for lessening the DMCA's impact on interoperability. Whether characterized as tying, denial of essential facilities, or refusal to deal, the use of anticircumvention law to impede interoperability is unlikely to consistently trigger antitrust enforcement. In part, the limits on the ability of antitrust to address the impact of the DMCA stem from its deference to the legislative process. Antitrust rarely interferes with the exercise of legitimately acquired IP rights. Rather than relying on antitrust to limit the DMCA's restriction of interoperability, this Article proposes a solution that addresses that restriction at its source. Expanding the DMCA's existing interoperability exemption would create an environment more hospitable to interoperable technologies. But in order to preserve the protections the DMCA offers copyright holders, this expanded exemption must disaggregate restrictions on the use of interoperable software and devices from the restrictions on access and copying that Congress intended to enable. The former can be ignored only to the extent the latter are respected. Keywords: interoperability, DRM, DMCA, anticircumvention Accepted Paper Series Date posted: September 06, 2008 ; Last revised: September 14, 2008 http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1224742 From rforno at infowarrior.org Wed Sep 17 01:56:33 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Sep 2008 21:56:33 -0400 Subject: [Infowarrior] - Hollywood Control of DVD-Copying at Crossroads Message-ID: Hollywood Control of DVD-Copying at Crossroads By David Kravets EmailSeptember 16, 2008 | 5:24:30 PMCategories: Intellectual Property http://blog.wired.com/27bstroke6/2008/09/hollywoods-grip.html RealNetworks caught Hollywood by surprise when it privately informed the studios two weeks ago that it was releasing, by month's end, a $30 application called RealDVD allowing movie fans to easily make copies of their DVDs with their computer. As expected, heads spun as executives began to wonder whether the studios were losing even more control of the coveted DVD and its $16 billion in annual sales. Hollywood is already reeling from open source DVD decryption software that is free on the internet. It also says it's losing billions in sales because of BitTorrent tracking services like The Pirate Bay that allow users to upload and download decrypted movies and other content for free. With RealDVD, Kaleidescape and other services, Hollywood's already loosening grip on the DVD is at a crossroads. The music industry years ago lost much control of its CD, which is not encrypted, to peer-to-peer file sharing services and technology allowing CDs to be burned easily -- even by the technologically unsophisticated. That is among the reasons legitimate DVDs are encrypted with the content-scramble system licensed by the DVD Copy Control Association. The association is a group consisting of electronics and computer manufacturers, and Hollywood studios. But the association seems to be losing its grip on the DVD -- at least for now. It is suing, so far unsuccessfully, Silicon Valley electronics company Kaleidescape for breach of contract for producing a $10,000 machine allowing users to copy and store up to 1,360 of their DVDs. Is RealDVD next on the lawsuit block? "We're studying it closely," said Elizabeth Kaltman, a spokeswoman for the Motion Picture Association of America. All of which begs the question of whether it is legal to copy an encrypted DVD for personal use. The courts have not squarely decided the issue as applied to CDs or DVDs, although the music and movie industry oppose copying. "The law is deeply unclear. The reality, as far as I know, nobody has ever been sued for making a personal use DVD or CD," said Fred von Lohmann, an Electronic Frontier Foundation attorney. Still, more than 30,000 people have been sued for Copyright Act violations for sharing music online. Rarely, if ever, are people sued for decrypting DVDs and uploading them or downloading them from illicit torrent-tracking services, largely because many torrent services usually provide users more anonymity than music-sharing services. At least for now, the movie studios are attacking DVD copying services and, in some instances, putting them out of business -- like Studio 321 that sold a DVD decryption program. The Digital Millennium Copyright Act says descrambling or circumventing encryption is a violation of up to $2,500 per DVD. But RealDVD and Kaleidescape allow users to make a persistent copy still in its original encrypted form stored in the comfort of one's home. They and other similar services say their wares prevent the movies from being uploaded to torrent trackers. But the Copy Control Association maintains that part of the CSS license granted to Kaleidescape, for example, requires that the DVD must be in the machine for the movie to play -- all for the obvious reason of disallowing the copying of DVDs and to prevent the so-called "rent, rip and return" concept. But a judge ruled (.pdf) in Kaleidescape's favor last year, a decision that is now on appeal. A Santa Clara County, California judge said the CSS license did not have such a requirement ? a decision that paved the way for the RealDVD application and one allowing Kaleidescape to remain on the market. The Copy Control Association appealed to the 6th District Court of Appeal in San Jose, California. In court documents, the association said the lower court "reached the absurd result of reading out of the license agreement provisions that are essential to the agreement's central purpose of preventing the unauthorized copying of copyrighted DVD content." Kaleidescape's attorney, Keith Slenkovich, maintains in court documents (.pdf) that the contract does not include so-called "phantom provisions" claiming a duty by licensees "to prevent the creation of persistent digital copies of DVD content" and "to implement architectures in which the user must have the physical DVD disc in the drive during authentication and playback." The appeal is pending. Despite the conflicting opinions regarding the CSS playback contract, the Copy Control Association, which has issued more than 350 similar licenses, has not clarified the contract's language to clearly spell out its terms. Whether it has the political will or legal muscle to do so is an open question. The association's board consists of members from Warner Brothers, Fox, Universal, Sony Pictures, Paramount, Disney, Sony Electronics, Pioneer, Toshiba, Hewlett Packard, Intel, and Microsoft. Insiders said the group faces potential antitrust issues if it amends its contracts to exclude a competitor's product, especially a competitor who already has a license. Publicly, however, the group says the playback licensing agreement remains unchanged because of the board's divergent interests. "This is a fairly robust organization," said association spokesman Greg Larsen. "It represents individuals from three major industries." From rforno at infowarrior.org Wed Sep 17 11:24:45 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Sep 2008 07:24:45 -0400 Subject: [Infowarrior] - DHS Oversaw $15 Billion in Failed Contracts Message-ID: <543A121D-EF72-4B0A-B3AE-4CEB4870BB62@infowarrior.org> (I guess DHS is now a properly-functioning federal 'security' agency, eh? ---rf) Homeland Security Department Oversaw $15 Billion in Failed Contracts By Jason Leopold The Public Record Tuesday, September 16, 2008 http://www.pubrecord.org/politics/327.html?task=view Since it was created in 2003, the Department of Homeland Security has overseen about $15 billion in failed contracts?a third of the agency?s contract spending?for a a wide-range of projects, according to documents and other data obtained by the House Committee on Homeland Security. On Wednesday, a lawyer with the watchdog group the Project on Government Oversight, an official with the Government Accountability Office and the DHS deputy inspector general will testify before the House Subcommittee on Management, Investigations and Oversight about overhauling the acquisitions process that resulted in wasteful spending. The Washington Post, which first reported the story late Tuesday, said the witnesses will ?talk about a series of problem projects: About $351 million was wasted and not properly overseen in the U.S. Coast Guard's Deepwater program after ships were built and then scrapped, according to Homeland Security committee staffers and oversight agency reports. A $1.5 billion Boeing program to help secure U.S. borders with electronic sensors and other equipment is being shelved after it was over-budget, late and had technology problems.? ?A $10 billion program called US VISIT, a computer system designed to record the entry and exit of visitors to the United States at airports and border crossings, is behind schedule and not being managed well, according to figures prepared by the committee staff,? the Washington Post reported. ?And $200 million was mismanaged and poorly spent in buying trailers from Bechtel and Fluor for Hurricane Katrina, according to committee staffers, the GAO and other oversight reports. DHS was created five years ago by merging the Federal Emergency Management Agency, the Immigration and Naturalization Service, the Coast Guard and the Transportation Security Administration, and more than a dozen other agencies. The agency employs more than 200,000 people and has an annual budget of roughly $50 billion. Its contract spending has skyrocketed from $3.4 billion a year to $12.2 billion last year. From rforno at infowarrior.org Wed Sep 17 11:27:40 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Sep 2008 07:27:40 -0400 Subject: [Infowarrior] - Another stupid 'don't link to us' lawsuit Message-ID: Sheboygan women files landmark case over Web links By JOHN DIEDRICH jdiedrich at journalsentinel.com Posted: Aug. 23, 2008 http://www.jsonline.com/story/index.aspx?id=786584 Can a city stop people from posting a link to its Web site? Advertisement That?s the question at the center of a federal lawsuit brought by a Sheboygan woman against the mayor and other officials there, in what appears to be a first-of-its-kind case, according to an Internet law expert. Jennifer Reisinger says the Sheboygan city attorney ordered her to remove from her Web site a link to the city?s police department, in what she believes was retaliation for her support of recalling Mayor Juan Perez, according to the suit filed last week. The city went further, the lawsuit claims, launching a criminal investigation of Reisinger for linking to the department on one of her sites. The city?s actions torpedoed Reisinger?s Web site marketing business and led to death threats against her, according to the lawsuit. ?The mayor decided to use his office to get back at Jennifer for her efforts in the recall and picked this to do it,? said her attorney, Paul Bucher. ?There is more than a mistake here. There have been repercussions.? The mayor, City Attorney Stephen McLean, the police chief and city clerk are named as defendants in the lawsuit. Perez and McLean did not return calls for comment. Reisinger alleges her First Amendment rights were violated by the city. She seeks $250,000 in compensatory damages, unspecified punitive damages and unspecified declaratory relief. First of its kind Bruce Boyden, an assistant law professor at Marquette University who specializes in Internet law and copyright, called the case novel. ?If this goes all the way to trial and produces a decision, I believe this would be a first in United States,? he said. Boyden said some companies require other Web sites to get permission to link to them, but he knew of no companies, much less a government body, that have tried to enforce violations of that condition if the links didn?t infringe on a copyright or trademark. Boyden said not all speech is protected, including links. For instance, someone might use a link to communicate a threat or violate a copyright, and that wouldn?t be protected. The lawsuit doesn?t show how Reisinger used the link to Sheboygan police or the city?s cease-and-desist order, but Boyden said it appeared from the lawsuit to be protected speech. ?Linking to the Web site is no different than listing the street address of the Sheboygan police department,? he said. Bucher also said the case was a first as far as he knows. ?I have never heard that you can?t link to a government Web site that, by the way, is paid for with taxpayer money,? he said. War over a link Reisinger ran several Web sites and also was active in an unsuccessful recall effort against the mayor. A recall site she created later showed a Fourth of July parade photograph of Perez with a U.S. flag that had been digitally replaced with a Mexican flag and the caption, ?Power to illegals?? Reisinger told a Journal Sentinel reporter in July 2006 she did not know who put up the altered photo because the Web site allowed anyone to upload to the site. According to her lawsuit: Separate from the recall, Reisinger ran the Brat City Web Design site, which featured several links, including one to the Sheboygan police department. On Oct. 18, 2007, the mayor?s secretary e-mailed McLean, the city attorney, asking if Reisinger could link to a city Web site. McLean answered, ?Anyone can create a link to someone else?s Web site very easily without the knowledge or consent of the linked party.? Nonetheless, McLean said he could issue a ?cease and desist? order to Reisinger, and the mayor said to do it. Reisinger said she felt intimidated by McLean?s letter and removed the link. Then a police lieutenant told Reisinger he was investigating her use of links to city government sites, the suit says. That is when Reisinger hired Bucher, who told her to put the link back up. In November, the city withdrew its demand that Reisinger not link to city government sites. From rforno at infowarrior.org Wed Sep 17 11:29:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Sep 2008 07:29:38 -0400 Subject: [Infowarrior] - S.3325 opposition lines are open... Message-ID: Help keep the USG from becoming a fully-owned enforcer of Hollywood's cartels!! -rf http://www.publicknowledge.org/node/1743 Last week, the Senate Judiciary Committee gave the green light to S. 3325, the Enforcement of Intellectual Property Act of 2008. We need you to show them the red light, NOW! This intellectual property enforcement bill lets the DOJ enforce civil copyright claims and lets the government do the MPAA and RIAA?s intellectual property rights enforcement work for them?at tax payers? expense. CLICK HERE TO CALL THE SENATE JUDICIARY MEMBERS NOW (We?re using the awesome Cause Caller for this alert, so be ready to speak to a number of different Senate offices, rapid-fire style! We?ve picked Senators who may be like-minded in opposing this bill. Of course, feel free to call your own Senators.) CLICK HERE TO SEND A FAX TO YOUR SENATORS By allowing the federal government to sue infringers in civil court, the DOJ would be asking a court for monetary damages on behalf of content owners. In a civil suit brought by the government, the defendant loses many of the protections he possesses in a criminal action?including his right to free legal representation. What?s more, the government?s legal burden of proof is lower: the government only needs to prove infringement with a ?preponderance of the evidence,? meaning that it?s more likely than not that infringement occurred, as opposed to the usual criminal standard of ?beyond a reasonable doubt.? Does the content industry need this help from the Department of Justice? Absolutely not! In the last five years, the RIAA filed or threatened more than 30,000 suits against alleged infringers. If the Enforcement bill passes, not only will the number of such suits increase?they?ll also be paid for with your tax dollars. Now, the bill?s backers are pushing to have it pass the Senate as early as today via a streamlined procedure, without the full Senate voting on the measure. Tell members of the Senate Judiciary Committee that you don?t want your tax dollars spent on DOJ?s civil enforcement of copyright, and to put a hold on the bill. From rforno at infowarrior.org Wed Sep 17 13:26:27 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Sep 2008 09:26:27 -0400 Subject: [Infowarrior] - New bill would tighten rules for DHS border laptop searches Message-ID: New bill would tighten rules for DHS border laptop searches By Nate Anderson | Published: September 16, 2008 - 01:30PM CT http://arstechnica.com/news.ars/post/20080916-new-bill-wants-tighter-rules-for-laptop-border-searches.html Customs and Border Patrol agents can grab your laptop, BlackBerry, or external hard drive without needing so much as a reason, but a new bill introduced last week to Congress would at least put some limits on how border searches could be done. "I was deeply concerned to learn about the lack of protections individuals' have when their electronic equipment is randomly seized," said Rep. Loretta Sanchez (D-CA), who introduced the bill. "With the passage of the Border Search Accountability Act of 2008, Americans will be able to travel with more peace of mind knowing that their data will be further protected and that there are stringent accountability measures in place for safeguarding their personal information." Note what her bill will not do?make searches more difficult. Earlier this year, the Ninth Circuit Court of Appeals found that border searches of electronic devices (even those without any probably cause) did not run afoul of the Fourth Amendment's unreasonable search and seizure clause. Judges noted that precedent already allows searches of 1) briefcases and luggage, 2) a purse, wallet, or pocket, 3) papers found in pockets, and 4) pictures, films, and other graphic material. So why not laptops? While such searches would not appear to be legal within the country, courts have long recognized the government's right to "protect its territorial integrity" by controlling the material passing across its borders. Sanchez's bill would bring more routine to the search process. The bill requires the government to draft additional rules regarding information security, the number of days a device can be retained, receipts that must be issued when devices are taken, ways to report abuses, and it requires the completion of both a privacy impact study and a civil liberties impact study. Travelers would also have the explicit right to watch as the search is conducted. Sanchez also wants data about the searches, which would have to be turned over to Congress once per quarter. Specifically, she wants to know how many searches are being done, where they take place, and the race and nationality of those being searched. The Department of Homeland Security actually issued search rules over the summer; while they were the first rules made public on the process, which had started to look quite ad-hoc, they still came in for criticism from groups like the Association of Corporate Travel Executives. ACTE, which doesn't like have executive laptops pinched whenever someone travels overseas, complained in early August that devices could basically be kept indefinitely, the data could be shared with foreign governments, and no data destruction procedures were spelled out. Coming so close to the end of this Congressional session, Sanchez's bill is unlikely to see action this year. It currently sits in the House Committee on Homeland Security, where it will likely expire when Congress adjourns. Given the tremendous uncertainty the electronic search process creates for travelers, 40 civil liberties groups asked Congress back in May to hold hearings on the issue; so far, that has yet to happen, but Ars has spoken with several frequent travelers who already that precautions with sensitive corporate and personal data before going on international trips. Perhaps the laptop search program will turn out to be as much of a boon for online data repositories as it will for the federal government. From rforno at infowarrior.org Wed Sep 17 13:27:27 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Sep 2008 09:27:27 -0400 Subject: [Infowarrior] - Critics: DHS unprepared for cyberthreats Message-ID: <34E3CF71-31B0-42C7-A619-009F04940587@infowarrior.org> Critics: Homeland Security unprepared for cyberthreats Posted by Stephanie Condon http://news.cnet.com/8301-13578_3-10043665-38.html?part=rss&subj=news&tag=2547-1_3-0-20 WASHINGTON--When politicians got together six years ago and decided to glue together a medley of federal agencies to create the U.S. Department of Homeland Security, one of the justifications was a better focus on cybersecurity. "The department will gather and focus all our efforts to face the challenge of cyberterrorism," President Bush said when signing the 500- or-so-page bill into law in November 2002. "This department will be charged with encouraging research on new technologies that can detect these threats in time to prevent an attack." That was then. Now, Homeland Security is weathering a deluge of criticism of its lackluster cybersecurity efforts on grounds that they have proven to be inefficient, bureaucratic, and not even able to do a decent job of monitoring federal computer networks. This week, it even led to what would have been unthinkable a year or two ago--a suggestion that Homeland Security can no longer be trusted with its cybersecurity mission and it should be handed to another federal agency. "While DHS has improved, oversight for cybersecurity must move elsewhere," James Lewis, a director and senior fellow at the hawkish Center for Strategic and International Studies, said Tuesday. "The conclusion we reached is only the White House has the authority and oversight for cybersecurity. This is now a serious national security problem and should be treated as such." Lewis was testifying at at a hearing of the House Homeland Security's subcommittee on emerging threats, cybersecurity, and science and technology. Lewis appeared on behalf of CSIS's Commission on Cybersecurity for the 44th Presidency, a group made up of 40 cybersecurity and government experts. They're expected to release a final report in November with recommendations for the next administration. Adding to the public criticism of Homeland Security were two new reports published by the Government Accountability Office (No. 1 and No. 2) detailing the department's shortcomings. Since 2005, the GAO has been reporting on DHS' cybersecurity efforts and has made 30 recommendations to the department, yet the department "still has not fully satisfied any of them," said David Powner, the GAO's director of information management issues. The GAO's new reports include descriptions of the department's failure to fully address 15 key cyberanalysis and warning attributes related to activities such as monitoring government networks for unusual activity. For instance, warnings sent to federal offices regarding threats were neither consistently actionable nor timely, the GAO reported. "We're not prepared" to handle cyberthreats, Powner said. Lewis pleaded with politicians to remain focused on the topic. "Congress has to be involved with this," Lewis said, "to support building the infrastructure that will keep us secure." Subcommittee Chairman Rep. James Langevin, D-R.I., announced at the hearing the creation of a House Cybersecurity Caucus, a forum for House members from various committees to discuss cybersecurity. The new caucus will begin work in January 2009. Naming names The GAO reports were released just one day after DHS Deputy Secretary Paul Schneider and a group of other federal officials who work on cybersecurity sought to address the many unanswered questions about the governemnt's secretive National Cyber Security Initiative. Schneider made it clear at a forum on Monday that Robert Jamison, the DHS undersecretary for national protection and programs, is leading the department's cybersecurity efforts. However, witnesses and congressmen at Tuesday's hearing said there was a lack of leadership in the DHS. "There really is no one in charge right now at DHS, and that's why they have struggled," said Paul Kurtz, a partner and COO for Good Harbor Consulting, who testified Tuesday. "You have several people with their hands on the steering wheel." Rep. Bill Pascrell of New Jersey, D-N.J., said it was time to "name names" of who was responsible for the department's problems. "Robert Jamison, the undersecretary, gave himself a solid C in cybersecurity the last time he came before the full committee," Pascrell said. "When was getting a C a good mark?" Pascrell complained that the administration has been too secretive about the National Cyber Security Initiative. "The Senate tried for months to get the information public, and the White House refused," he said. Pascrell pointed out that Marie O'Neill Sciarrone, a special assistant to the president, spoke at Monday's forum regarding federal cybersecurity efforts--but the event, hosted by the Information Technology Association of America, cost $50 for government employees to attend. The witnesses at the hearing concurred the DHS has been too secretive. "There's no reason to classify (the cyber initiative)," Lewis said. However, he also said the initiative has produced some useful results. "We've made a little progress," he said. While it may be the norm for a new administration to completely revamp such a program, "we can't afford" to have that progress set back, Lewis said. "It'd be a lot easier to avoid that fumble if it wasn't top secret." A new administration, a new start Lewis said that a cybersecurity strategy "should be one of the first documents the new administration issues." People representing both the Obama and McCain campaigns are on the CSIS commission, Lewis said, and both campaigns have recognized the need for greater cybersecurity. "We've asked to brief them on our recommendations, and we believe in the next month or so we'll have that opportunity," he said. The federal government is already working to establish working relationships with the private sector to improve cybersecurity, but the next administration will have to consider whether to consider all sectors of equal importance, Powner said. The three most critical sectors to work with, Lewis said, are the finance, electricity, and telecom industries. "Existing partnerships are not meeting the needs of public or private sector," Lewis said. "The first need is to rebuild trust." Harry Raduege, chairman of the Deloitte Center for Network Innovation, said another reason to make cybersecurity a priority for the White House is to better coordinate international efforts. Officials from other countries often ask, "'Who should we come to talk to in the United States about your overarching strategy?'" Raduege said. "There was never one place I could recommend they go, no one individual with an entire national strategy perspective." From rforno at infowarrior.org Thu Sep 18 01:30:16 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Sep 2008 21:30:16 -0400 Subject: [Infowarrior] - =?windows-1252?q?Palin=92s_E-Mail_Account_Hacked?= =?windows-1252?q?=2C_Published_on_Web_Site?= Message-ID: <98E89BA2-DFF1-4A23-867C-699C028AD5A6@infowarrior.org> Palin?s E-Mail Account Hacked, Published on Web Site by FOXNews.com Wednesday, September 17, 2008 http://elections.foxnews.com/2008/09/17/palins-e-mail-account-hacked-published-on-web-site/ In the latest of a series of invasions into Sarah Palin?s personal life, hackers have broken into the Republican vice presidential candidate?s private e-mail account, and a widely read Web site has published screen grabs from it. An article Wednesday in Gawker.com posts family photos and snapshots of e-mail exchanges the Alaska governor had with colleagues. Gawker says the-email account has since been shut down, but it will leave the images up on its site for all to see. ?Here are the screenshots of the emails saved before the account went dark, along with the contact list. It?s newsworthy and we will not be taking it down!? the site declares. Rick Davis, campaign manager for John McCain, released a statement calling the publication a ?shocking invasion of the governor?s privacy and a violation of law.? ?The matter has been turned over to the appropriate authorities and we hope that anyone in possession of these e-mails will destroy them. We will have no further comment,? Davis said. The article boasts about the lengths to which the reporter went to verify the account, saying he or she even called a phone number listed for Palin?s teenage daughter, Bristol, which apparently went to her voicemail. The site also listed dozens of contact e-mails from the account. Both WIRED and Gawker reported that members claiming to be with a group known as Anonymous took credit for hacking into Palin?s account. Screen grabs were published on other Web sites and then deleted, Gawker reported. They reportedly came from a Yahoo e-mail account Palin uses ? one separate from another private account that was publicized in The Washington Post last week. Gawker complained that Palin has since ?deleted? the account, and suggested she was trying to ?destroy evidence.? Palin has faced scrutiny for using her private account to do government business. The Washington Post reported last week that a local Republican activist is trying to get Palin to release more than 1,100 e-mails she withheld from a public records request. The appeal reportedly questions why Palin and her aides shift between public and private e-mail accounts. A spokeswoman in the governor?s office in Alaska declined to comment Wednesday, referring questions from FOXNews.com to the McCain-Palin campaign. ?Primarily we?re referring people to the campaign because honestly people wouldn?t be asking these questions if she wasn?t a candidate for [vice president],? spokeswoman Kate Morgan said. The Palin family was subjected to intense scrutiny after she was selected as John McCain?s running mate on Aug. 29. Reporters descended on her home town of Wasilla, Alaska, as the media focused on her unwed teenage daughter?s pregnancy. From rforno at infowarrior.org Thu Sep 18 11:41:02 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Sep 2008 07:41:02 -0400 Subject: [Infowarrior] - TSA Screeners Bypass Checkpoints Message-ID: <7D1D7309-D7EB-429C-9A9C-5128658ECD2B@infowarrior.org> Airport screeners bypassing security http://www.9news.com/news/article.aspx?storyid=99941&catid=339 DENVER ? A new policy lets airport screeners at Denver International Airport bypass security screening checkpoints that passengers have to go through. The Transportation Security Administration (TSA) rolled out the new uniforms and new screening policy at airports nationwide on Sept. 11. The new policy says screeners can arrive for work and walk behind security lines without any of their belongings examined or X-rayed. "Lunch or a bomb, you can walk right through with it," said Mike Boyd, an aviation consultant in Evergreen. "This is a major security issue." At DIA, 9NEWS videotaped a dozen TSA screeners walk through a side gate and enter the sterile area of the airport carrying backpacks, purses and lunch boxes. Nothing was screened. Sources tell 9Wants to Know, the reason for the security change may be tied to the new uniforms and badges. The old, white TSA uniforms had yellow cloth badges sewn on them. The new, blue uniforms have metal badges that set off alarms when screeners go through the checkpoints. Sources say the TSA is worried that the screeners will remove the badges while going through security and that they'll get lost or stolen. The TSA says that is not the reason for the policy change. "We have to put our resources where we believe the risk is greatest. Does it really make sense for the Transportation Security officers to spend time screening each other rather than focusing on the unknown out there?" asked Carrie Harmon, TSA public affairs manager. The TSA says the new policy is part of a risk-based security screening process where there are multiple layers of security. "We have a finite amount of resources and we allocate those where we think the risk is greatest," said Harmon. "It's based on intelligence; it's based on knowledge of our people and our processes." The TSA says its employees have background checks before they are hired. TSA policy says employees are supposed to report any other arrest, including an alcohol related arrest, within 24 hours or, due to circumstances beyond their control, as soon as possible after that. An Aviation Director Access Security Program team at airports can also search any employee in the airport at any time. "TSA employees are subject to random, unpredictable screening," said Harmon. Critics think it's important to also physically screen the TSA workers every day. "A background check means nothing, absolutely nothing," said Boyd. "And a random screen is like getting an IRS audit. It means I can get through 80 percent of the time. How many people take a chance on that? It's the same thing." Harmon says while it's possible that a TSA worker could smuggle something behind security, they are security professionals and deserve to be treated that way. However, two TSA workers in Atlanta were arrested this year for smuggling drugs and cash past screening checkpoints onto airplanes. Other screeners nationwide have been caught stealing from passengers. At DIA this year, a screener got caught bringing a gun through the checkpoint. Under the TSA's current policy, that gun would have gone undetected inside the airport. While screeners won't be subjected to searches, airline pilots will still have to go through security screening checkpoints. Some passengers were surprised at the new policy for screeners. "I think that this kind of thing is going to encourage the possibility of foul play. I think it's a real big mistake," said Jim Casey of Minneapolis. "I think it creates, especially when it becomes public knowledge, it becomes a really ridiculous loophole." The new blue uniforms also have patches on the shoulder that depict a picture of an eagle, the twin towers, nine stars and 11 stripes. It cost $12 million to outfit the TSA's 43,000 employees with the new uniforms and badges. (Copyright KUSA*TV. All rights reserved.) From rforno at infowarrior.org Thu Sep 18 12:28:43 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Sep 2008 08:28:43 -0400 Subject: [Infowarrior] - German police raids for Skype whistleblower Message-ID: <7A367DE2-7F8D-4EBC-B211-941F09F5C257@infowarrior.org> Pirate Party Official Raided after Uncovering State Trojan Written by Ernesto on September 17, 2008 http://torrentfreak.com/pirate-party-official-raided-after-uncovering-state-trojan-080917/ The spokesperson of the German Pirate Party saw his house raided after the party published a leaked document which showed that the government uses a homemade ?trojan? to wiretap Skype conversations. In addition, a server from another party member was seized. The Pirate Party is known for it?s battle against the ever increasing government surveillance on the public. So, when an anonymous whistleblower sent them a internal document which showed that the government went as far as installing trojans on computers, they didn?t hesitate to publish it. German authorities weren?t too happy about the leak, which might be illegal according to a criminal law specialist, and went after the source. Earlier this week police searched the home of the Pirate Party spokesperson where they hoped to find more information. In addition to the home search, a server from another party member was seized. The server, however, was fully encrypted, so chances are low that it will uncover the whistleblower. In a response, Andreas Popp, Chairman of the Bavarian Pirate Party said: ?A brave person leaks documents to the Pirate Party, to inform the public about a procedure of the Bavarian Government, which is highly likely to violate the constitution. Now this persons is hunted like a criminal. Private rooms are raided, servers get seized.? Pirate Parties around the world will continue to speak out against these, and other privacy threats. The trojan in question (German) was able to tap into Skype calls and intercept traffic to encrypted websites. From rforno at infowarrior.org Thu Sep 18 12:31:22 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Sep 2008 08:31:22 -0400 Subject: [Infowarrior] - OT: For a Bailout, Press 'One' . . . Message-ID: For a Bailout, Press 'One' . . . By Alan Neff Thursday, September 18, 2008; Page A21 http://www.washingtonpost.com/wp-dyn/content/article/2008/09/17/AR2008091702976.html?nav=rss_opinion/columns "Hello! You've reached the United States Treasury's automated bailout hotline. Please listen carefully, because our options have recently changed. If you're too big to fail, press or say 'one.' If not, hang up and dial 1-800-FOR-FEMA.' " "One." "Great! You've selected Option One. If you're a bank, press or say 'one.' If you're a brokerage firm, press or say 'two.' If you're an insurance company, press or say 'three.' " "Three." "You've selected Option Three, which means you're an insurance firm. Did I get that right?" "Yes." "Okay, let's drill down a little further. If you're calling because you're besieged by class-action lawsuits brought by take-no-prisoners plaintiffs' attorneys because your large corporate policyholders committed innumerable mass toxic torts, press or say 'one.' If you're calling because you insured billions of dollars' worth of undocumented, nonperforming mortgages, press or say 'two.' " "Two. No, wait, one. I mean, uh, both." "I'm sorry. I didn't understand. Let's try something else. If you're the CEO of an insurance company with a servile compensation committee that gave you an irrevocable golden parachute, press or say 'one.' If you've served on corporate boards with Henry Paulson, press or say 'two.' If you believe in strict market Darwinism for every company but yours, press or say 'three.' " "Three." "If you want your check automatically deposited into your company's bank account, press or say 'one.' If you want cash in small, unmarked, used, nonsequential bills delivered to a branch office in Zurich or the Cayman Islands, press or say 'two.' " [Silence. Thinking. Surge of fiduciary energy.] "One." "Okay. Please enter the amount you want using the number keys. Use the star sign for a decimal point and press pound when you've finished." [Lengthy series of numbers entered, followed by the pound sign.] "Wow! You are in trouble! Your funds should clear in three business days. When you have another claim, call back. Thank you for calling, and have a great day!" Alan Neff is a lawyer and novelist. He lives in Chicago. From rforno at infowarrior.org Thu Sep 18 12:41:24 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Sep 2008 08:41:24 -0400 Subject: [Infowarrior] - Software spots the spin in political speeches Message-ID: Software spots the spin in political speeches * 17 September 2008 * From New Scientist Print Edition. Subscribe and get 4 free issues * Stu Hutson http://technology.newscientist.com/article/mg19926746.200-software-spots-the-spin-in-political-speeches.html BLINK and you would have missed it. The expression of disgust on former US president Bill Clinton's face during his speech to the Democratic National Convention as he says "Obama" lasts for just a fraction of a second. But to Paul Ekman it was glaringly obvious. "Given that he probably feels jilted that his wife Hillary didn't get the nomination, I would have to say that the entire speech was actually given very gracefully," says Ekman, who has studied people's facial expressions and how they relate to what they are thinking for over 40 years. It seems that Clinton's micro-expression gave away more about his true feelings than he intended. Politicians do not usually give themselves away so tellingly, and many of us would like to know whether they mean what they are saying. So how are we to know when they are lying? Technology is here to help. Software programs that analyse a person's speech, voice or facial expressions are building upon the work of researchers like Ekman to help us discover when the truth is being stretched, and even by how much. "The important thing to recognise is that politicians aren't typically good at out-and-out lies, but they are very adept at dancing around the truth," says David Skillicorn, a mathematics and computer science researcher at Queen's University in Kingston, Ontario, Canada. "The 2008 election has so far given us plenty of chances to see them in action." Skillicorn has been watching out for verbal "spin". He has developed an algorithm that evaluates word usage within the text of a conversation or speech to determine when a person "presents themselves or their content in a way that does not necessarily reflect what they know to be true". The algorithm counts usage of first person nouns - "I" tends to indicate less spin than "we", for example. It also searches out phrases that offer qualifications or clarifications of more general statements, since speeches that contain few such amendments tend to be high on spin. Finally, increased rates of action verbs such as "go" and "going", and negatively charged words, such as "hate" and "enemy", also indicate greater levels of spin. Skillicorn had his software tackle a database of 150 speeches from politicians involved in the 2008 US election race (see diagram). When he analysed the speeches of John McCain, Barack Obama and Hillary Clinton, he found that even though the speeches were rehearsed, written by professionals and delivered by trained speakers, there were discernable differences between them. "It's clear that the speeches are still highly individualised," says Skillicorn. "This makes sense as the speeches have to, in some manner, reflect the speaker's own voice and opinions. Otherwise, they wouldn't be able to deliver them convincingly." Additionally, he says, little details count: pronouns such as "we" and "I" are often substituted subconsciously, no matter what is written in the script. Each of the candidates had made speeches containing very high and very low levels of spin, according to Skillicorn's program, depending on the occasion. In general though, Obama's speeches contain considerably higher spin than either McCain or Clinton. For example, for their speeches accepting their party's nomination for president, Obama's speech scored a spin value of 6.7 - where 0 is the average level of spin within all the political speeches analysed, and positive values represent higher spin. In contrast, McCain's speech scored -7.58, while Hillary Clinton's speech at the Democratic National Convention scored 0.15. Skillicorn also found that Sarah Palin's speeches contain slightly more spin than average. So the analysis appears to back up McCain's claim that he is a "straight talker". However, for the purposes of political speech- making this may not be an entirely good thing for him. "Obama uses spin in his speeches very well," says Skillicorn. For example, Obama's spin level skyrockets when facing problems in the press, such as when Jeremiah Wright, the reverend of his former church, made controversial comments to the press. "When you see these crises come along, the spin goes up," Skillicorn says. "Obama is very good at using stirring rhetoric to deal with the issues. And it seems to work if you look at what happens in the polls afterwards." McCain does not seem as adept at using spin to his advantage, and his "straight talk" can make his speeches fall flat from a motivational point of view, according to Branka Zei Pollermann, founder of the Vox Institute in Geneva, Switzerland, who has analysed the candidates' voices for communication consultants Clearwater Advisors, based in London. "The voice analysis profile for McCain looks very much like someone who is clinically depressed," says Pollermann, a psychologist who uses voice analysis software in her work with patients. Previous research on mirror neurons has shown that listening to depressed voices can make others feel depressed themselves, she says. "John McCain's voice analysis profile looks like that of someone who is clinically depressed" Pollermann uses auditory analysis software to map seven parameters of a person's speech, including pitch modulation, volume and fluency, to create a voice profile. She then compares that profile with the speaker's facial expressions, using as a guide a set of facial expressions mapped out by Ekman, called the Facial Action Coding System, to develop an overall picture of how they express themselves. Her analysis shows that McCain's voice changes little in pitch as he speaks, and so conveys very little emotion or impact. Whether he is addressing positive prospects or discussing sad facts, his voice always sounds the same. Additionally, McCain's voice and facial movements often do not match up, says Pollermann, and he often smiles in a manner that commonly conveys sarcasm when addressing controversial statements. "That might lead to what I would call a lack of credibility." People are unlikely to trust statements made in a flat tone, particularly when they do not match the person's facial expressions. According to Pollermann's analysis, it may not make any difference that McCain does not pepper his speeches with spin, if the way he talks does not strike people as believable. Obama, by comparison, speaks with greater pitch modulation, and his facial expressions correlate very well with what he is saying. His one facial foible may be a tendency to furrow his brow, she says, conveying constant concern. This is similar to the UK prime minister Gordon Brown, whose expressions tend to be limited to sadness, anger and disgust, according to the Vox Institute's analysis. But Obama's fluency, high speech rate and good use of pitch make him a dynamic speaker. So what does all of this actually say about the honesty of politicians? "Our society treats political candidates like used-car salesmen," Ekman says. "The fact is that the candidates almost certainly believe what they are saying, even if they are giving some facts a much lighter treatment than others. In that way, actually catching someone in a blatant lie is relatively rare." Indeed, Bill Clinton's fleeting facial slip was the only clear example that Ekman could recount of a politician saying something that they did not mean during both the Republican and Democratic national conventions. However, facial recognition technology may one day be able to pick up on telltale signs that humans would have trouble spotting. For example, Yoshimasa Ohmoto and colleagues at the University of Tokyo in Japan are developing a facial recognition system for robots and artificial intelligence agents that analyses basic eye, nose and mouth movements, such as a slightly averted gaze when talking to someone, to detect if a person is telling a lie. In trials in which people played the bluffing game Indian poker, the system has already proved to be as reliable as humans trained to detect lies (AI & Society, vol 23, p 187). "Technology is quickly catching up with psychology," says Pawan Sinha, who leads a team at the Massachusetts Institute of Technology that specialises in computerised facial-recognition technology. "It's not quite there yet, because the visualisation systems just can't work fast enough to replace the human eye and mind. But computer processing is getting faster and our recognition systems are getting better," he says. "Someday soon, computers may be able read us better than any psychologist. I imagine that will be a pretty scary day for politicians." From issue 2674 of New Scientist magazine, 17 September 2008, page 22-23 From rforno at infowarrior.org Thu Sep 18 13:01:02 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Sep 2008 09:01:02 -0400 Subject: [Infowarrior] - A Category 4 Financial Storm Message-ID: Scrambling to Clean Up After A Category 4 Financial Storm By Steven Pearlstein Washington Post Staff Writer Thursday, September 18, 2008; Page A01 http://www.washingtonpost.com/wp-dyn/content/article/2008/09/17/AR2008091703834.html?hpid=topnews You know you're in a heap of trouble when the lender of last resort suddenly runs out of money. Having pumped $100 billion into the banking system and lent $115 billion more to rescue Bear Stearns and AIG, the Federal Reserve was forced to ask the Treasury yesterday to borrow some extra money to replenish its coffers. If there was any good news in that, it was that investors here and abroad were eager to help out, having decided that the only safe place to put their money is in U.S. government securities. Indeed, demand was so brisk at one point yesterday that, for an investor, the effective yield on a three-month Treasury bill was driven below zero, once the broker's fee was figured in. This is what a Category 4 financial crisis looks like. Giant blue-chip financial institutions swept away in a matter of days. Banks refusing to lend to other banks. Russia closing its stock market to stop the panicked selling. Gold soaring $70 in a single trading session. Developing countries' currencies in a free fall. Money-market funds warning they might not be able to return every dollar invested. Daily swings of three, four, five hundred points in the Dow Jones industrial average. What we are witnessing may be the greatest destruction of financial wealth that the world has ever seen -- paper losses measured in the trillions of dollars. Corporate wealth. Oil wealth. Real estate wealth. Bank wealth. Private-equity wealth. Hedge fund wealth. Pension wealth. It's a painful reminder that, when you strip away all the complexity and trappings from the magnificent new global infrastructure, finance is still a confidence game -- and once the confidence goes, there's no telling when the selling will stop. ad_icon But more than psychology is involved here. What is really going on, at the most fundamental level, is that the United States is in the process of being forced by its foreign creditors to begin living within its means. That wasn't always the case. In fact, for most of the past decade, foreigners seemed only too willing to provide U.S. households, corporations and governments all the cheap money they wanted -- and Americans were only too happy to take them up on their offer. The cheap money was used by households to buy houses, cars and college educations, along with more health care, extra vacations and all manner of consumer goods. Governments used the cheap money to pay for services and benefits that citizens were not willing to pay for with higher taxes. And corporations and investment vehicles -- hedge funds, private-equity funds and real estate investment trusts -- used the cheap financing to buy real estate and other companies. Two important things happened as a result of the availability of all this cheap credit. The first was that the price of residential and commercial real estate, corporate takeover targets and the stock of technology companies began to rise. The faster they rose, the more that investors were interested in buying, driving the prices even higher and creating even stronger demand. Before long, these markets could best be characterized as classic bubbles. At the same time, many companies in many industries expanded operations to accommodate the increased demand from households that decided that they could save less and spend more. Airlines added planes and pilots. Retail chains expanded into new malls and markets. Auto companies increased production. Developers built more homes and shopping centers. Suddenly, in early 2007, something important happened: Foreigners began to lose their appetite for financing much of this activity -- in particular, the non-government bonds used to finance subprime mortgages, auto loans, college loans and loans used to finance big corporate takeovers. What should have happened at that point was that the interest rate on those loans should have increased, demand for that kind of borrowing should have decreased, the price of real estate and corporate stocks should have leveled off, takeover activity should have slowed and companies should have begun to cut back on expansion. Mostly, however, that didn't happen. Instead, the Wall Street banks that originally made these loans before selling them off in pieces decided to try to keep the good times rolling -- and, significantly, keep the lucrative underwriting fees pouring in. Some used their own "AAA" credit ratings to borrow more money and keep the loans on their own balance sheets or those of "structured investment vehicles" they created to hide these new liabilities from regulators and investors. Others went back to the foreigners and offered to insure those now- unwanted takeover loans and asset-backed securities against credit losses, through the miracle of a new kind of derivative contract known as the credit-default swap. As a result, when the inevitable crash finally came, it wasn't only those unsuspecting foreigners who bought those leveraged loans and asset-backed securities who wound up taking the hit. It was also their creators -- Bear Stearns, Merrill Lynch, Citigroup, Lehman Brothers, AIG and others -- who made the mistake of doubling-down on their credit risk at the very moment they should have been cutting back. We are now nearing the end of the rocky process of uncovering the full extent of the credit losses of the major Wall Street banks and hedge funds. But as Robert Dugger, an economist and partner in a leading hedge fund likes to points out, the markets have only just begun to force some financial discipline on the majority of U.S. households that relied on borrowed money to maintain their lifestyles. With nobody willing to finance those lifestyles, there are really only two choices. One is to turn to Uncle Sam to keep the economy and the financial system afloat. Unlike businesses, households and Wall Street firms, the Treasury can still borrow from foreign banks and investors at incredibly attractive rates. And by acting as an intermediary, the Treasury and the Federal Reserve have shown a newfound willingness to use those funds to keep the housing market and the financial system from totally collapsing. Last spring, the government borrowed $165 billion to send tax rebates to households in an effort to boost consumer spending. Now, some Democrats want to create a new agency that would use money borrowed by the Treasury to recapitalize troubled financial institutions by buying some of their unwanted loans and securities at discounted prices. The same strategy was used successfully during the Great Depression and the savings and loan crisis of the 1990s, and even some Republicans are warming to the idea. In the end, however, there is only so much the government can borrow and so much the government can do. The only other choice is for Americans to finally put their spending in line with their incomes and their need for long-term savings. For any one household, that sounds like a good idea. But if everyone cuts back at roughly the same time, a recession is almost inevitable. That's a bitter pill in and of itself, involving lost jobs, lower incomes and a big hit to government tax revenues. But it could be serious trouble for regional and local banks that have balance sheets loaded with loans to local developers and builders who will be hard hit by an economic downturn. Think of that, says Dugger, as the inevitable second round of this financial crisis that, alas, still lies ahead. From rforno at infowarrior.org Thu Sep 18 13:08:40 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Sep 2008 09:08:40 -0400 Subject: [Infowarrior] - MS: No More Seinfeld ads Message-ID: <6772F9EB-6954-408A-8D45-2CA078DF0617@infowarrior.org> Gee, what took 'em so long to figure this out? How much ridicule and WTFs did they need? --rf http://valleywag.com/5051455/microsoft-to-announce-jerry-seinfeld-ads-cancelled-tomorrow Microsoft announcement tomorrow: No more Seinfeld ads! Remember those awful Microsoft ads with Jerry Seinfeld and Bill Gates? Well, now you can forget them. Microsoft flacks are desperately dialing reporters to spin them about "phase two" of the ad campaign ? a phase, due to be announced tomorrow, which will drop the aging comic altogether. Microsoft's version of the story: Redmond had always planned to drop Seinfeld. The awkward reality: The ads only reminded us how out of touch with consumers Microsoft is ? and that Bill Gates's company has millions of dollars to waste on hiring a has-been funnyman to keep him company. Update: In a phone call, Waggener Edstrom flack Frank Shaw confirms that Microsoft is not going on with Seinfeld, and echoes his underlings' spin that the move was planned. There is the "potential to do other things" with Seinfeld, which Shaw says is still "possible." He adds: "People would have been happier if everyone loved the ads, but this was not unexpected." From rforno at infowarrior.org Fri Sep 19 00:06:02 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Sep 2008 20:06:02 -0400 Subject: [Infowarrior] - IO: DoD wages infowar on itself Message-ID: <0FE12451-647F-4B34-96C1-60D3CA28CC8B@infowarrior.org> The threat from within E-mail overload degrades military decision-making By Col. Peter R. Marksteiner http://www.afji.com/2008/09/3640424 If a technological or biological weapon were devised that could render tens of thousands of Defense Department knowledge workers incapable of focusing their attention on cognitive tasks for more than 10 minutes at a time, joint military doctrine would clearly define the weapon as a threat to national security. Indeed, according to the principles of network attack under Joint Publication 3-13, ?Information Operations (IO),? anything that degrades or denies information or the way information is processed and acted upon constitutes an IO threat. That same publication cautions military leaders to be ever-vigilant in protecting against evolving technologically based threats. Yet throughout the Defense Department and the federal government, the inefficient and undisciplined use of technology by the very people technology was supposed to benefit is degrading the quality of decision-making and hobbling the cognitive dimension of the information environment. Commentators use terms such as data smog, informania, data asphyxiation, attentional overload and cyber-indigestion to describe a newly recognized phenomenon: information overload. Lax digital hygiene and the careless use of technology exacerbate the harmful effects of information overload. As a result, commanders and decision-makers at all levels are rendered less aware and less capable of resolving complex issues and maintaining decision dominance across the range of military operations. Joint doctrine unambiguously recognizes that ?information is a strategic resource vital to national security,? and that ?dominance of the information environment is a reality that extends to the Armed Forces of the U.S. at all levels.? Though IO doctrine doesn?t specifically appear to address unintentional internally generated threats, JP 3-13?s definitions and analytical framework clearly illuminate an evolving IO threat to which we routinely subject our decision-making processes by neglecting to manage information overload. Information overload is taking on greater prominence in academic and mainstream media, with coverage cast primarily on lost productivity, economic impacts, and worker health and satisfaction. From the relentless torrent of e-mail, to the Internet?s seductive capacity to draw knowledge workers away from productive cognitive engagement like intellectual crack cocaine, there?s a growing consensus that while information is generally a good thing, too much of it clearly is not. IO threats come in many different forms. Maybe it?s a server-clogging 12 megabyte PowerPoint slide with an embedded photo of a tropical sunset inviting you to a retirement luncheon for someone you?ve never met. Perhaps it?s the eighth volley of a ?reply to all? e-mail chain recounting a discussion that?s irrelevant to you and 47 of the other 50 CC?d addressees. Or it could be the important deadline you overlooked because the task and due date were buried somewhere in the middle of a rambling narrative, the subject line of which failed to differentiate it in any way from the inescapable rising tide of inconsequential flotsam already choking your inbox. We all receive too much e-mail. According to the Radacati Research Group, roughly 541 million knowledge workers worldwide rely on e-mail to conduct business, with corporate users sending and receiving an average of 133 messages per day ? and rising. While no open-source studies address how the Defense Department?s e-mail volume compares to corporate users?, my own anecdotal experience and that of legions of colleagues suggests a striking similarity. Without fail, they report struggling every day to keep up with an e-mail inbox bloated with either poorly organized slivers of useful data points that must be sifted like needles from stacks of nonvalue-adding informational hay or messages that are completely unrelated to any mission- furthering purpose. E-mail is a poor tool for communicating complex ideas. Text-only communication, or ?lean media,? as it is referred to by researchers who study the comparatively new field of computer mediated communication, lacks the nonverbal cues, such as facial expression, body language, vocal tone and tempo, that inform richer means of communication. Moreover, aside from its qualitative shortcomings and viral-like reproductive capacity, a growing body of research suggests e-mail?s interruptive nature is perhaps the most pressing threat to decision-making in the cognitive dimension. Interruptions are carcinogenic to complex decision making. Cheri Speier, associate professor of information systems at Michigan State University, explains that ?more frequent interruptions are likely to place a greater processing load on the decision-maker. Each interruption requires a recovery period where reprocessing of some primary task information occurs. Consequently, the number of recovery periods, the recovery time and likelihood of errors all increase as the frequency of interruption increases.? Gloria Mark, who teaches informatics at the University of California, Irvine, found that knowledge workers spend an average of only 11 minutes on a project before being interrupted. Round-the-clock checking According a recent study conducted by Basex Inc., an IT business consultancy whose work on information overload has repeatedly been featured in national media, ?the majority of knowledge workers ... tend to open new e-mail immediately or shortly after notification, rather than waiting until they have a lull in their work.? The latest Basex observation comports with other study results, including AOL?s 2007 Third Annual E-mail Addiction Survey, which found people check e- mail around the clock. Fifty-nine percent of those with portable devices check every time a new e-mail arrives. Basex says interruptions already consume about 28 percent of the average knowledge worker?s day, and e-mail-driven interruptions continue to increase, contributing to an estimated $650 billion a year in lost productivity for U.S. companies. Several U.S. and European firms are experimenting with policies designed to curtail the inefficient use of e-mail and reinvigorate person-to-person communication. Last October, the Wall Street Journal reported that ?growing numbers of employers are imposing or trying out ?no e-mail? Fridays or weekends.? Companies that have instituted such rules report positive reviews from the rank and file, including a Georgia-based company that found overall e-mail volume dropped 75 percent throughout the work week after imposing a no e-mail Friday policy. From cell phones to iPods to MySpace Web pages, as IT becomes ubiquitous in peoples? daily lives, it becomes harder for employers to draw lines between personal and official IT use in the workplace. ?It is typical for workers to read their personal e-mail, make personal phone calls and even surf the Web recreationally from their offices,? says Jonathon Spira, Basex CEO and senior researcher. ?Thanks to the Internet, it is taken rather for granted now that a knowledge worker should have access to cartoons, games and an enormous variety of trivial information at any time.? If a person can send an instant message or answer a cell phone in the produce aisle or church pew, the prospect of doing so ?on the clock? doesn?t seem unreasonable. Consider the following statistics: ? A 2008 survey of 20 Welsh firms found that ?up to 91 percent of workplace Internet use in Wales is spent on social networking sites like Facebook.? ? Investigating Internet use at the IRS, the Treasury Department found that 51 percent of the time an employee was online was for personal use. ? Websense, an Internet filtering and Web consultant company, reports that 60 percent of employees who access the Internet at work do so for personal reasons, such as ?shopping, banking, checking stocks or watching sports events, playing online poker, booking travel, and accessing pornography sites.? ? A 2007 AOL survey reported that 60 percent of people who use e-mail admit to checking their personal e-mail at work an average of three times per day. We don?t know whether the Defense Department work force is subject to the same sort of undisciplined Internet use or the extent to which that sort of use, if it?s going on, affects mission capability. What we do know is that during Minot Air Force Base, N.D.?s second failed nuclear surety inspection, inspectors observed as a guard played video games on his cell phone instead of keeping watch. Also, according to a Defense Information Services Agency study, of the top 10 Air Force user circuits, which account for one-third of all Air Force Internet traffic, Amazon.com was the fifth-most-frequently accessed domain. Sports news sites, streaming audio and video sites, banking, humor and Internet dating sites also numbered in the top 25. Minimizing the time wasted on nonproductive pursuits is hardly a new leadership or management challenge. What?s relatively new is the ease with which employees can access nonproductive pursuit without leaving their desks and the numberless array of activities that can keep them unproductively occupied once they wander off task. Mark notes: ?The ease of access compounds the distractive potential of the Internet for information workers.? Based on a preliminary review of a study she?s conducting on Internet use, she observed, ?It seems to me that most Internet use is a distraction from work. ... It?s really the great distracter because it?s very easy to get wrapped up in one distraction that leads to another, and another.? Techno creep Militarily, our reliance on IT-based asymmetrical advantages in the sensor-to-shooter, logistics and service-delivery arenas occupies continuing prominence in strategic planning and resourcing discussions at the highest levels. However, our institutionally injudicious use of IT in support of the business end of Defense Department operations has fostered a culture among action officers, planners and decision-makers that accepts efficiency-choking and cognition-degrading data smog as just another aspect of modern bureaucracy. The ease with which information is accessed, generated and distributed has also facilitated a sort of IT-enabled mission creep ? techno creep. Techno creep is the misplaced reliance on abundance of information to improve the timeliness and quality of decision-making, instead of focusing energy and resources to ensure decision-makers have the right information on which to act. The result is unintended or unaccounted for costs that degrade rather than enhance an organization?s cognitive output capacity. The problem is so ubiquitous as to be almost unrecognizable as a threat. Though academia and the business world have taken notice of the economic consequences of information overload, the threat to the cognitive dimension of the information environment doesn?t appear to have been taken up as a national security matter. The notion that battles are won and lost in the cognitive dimension is not limited to decisions about target selection or battlefield execution. Decision dominance is a doctrinal mandate at all organizational levels and across the spectrum of conflict, wherever humans observe, orient, decide and act. Time-tested axioms inform military thinking that technological advances present not only evolving and novel opportunities but also evolving and novel threats, and contemporary IO doctrine sternly cautions us to be ever-vigilant to identify and respond to those threats as they present themselves. Though the Internet and e-mail provide incredibly convenient ways to access, generate and transmit massive amounts of information to nearly numberless recipients, that same level of convenience may also be the paramount challenge of the information age. The first step in countering the threat presented by information overload will require organizations to adopt and enforce a sense of what David Shipley and Will Schwalbe, authors of ?Send: The Essential Guide to E-mail for Office and Home,? refer to as ?digital mindedness? with respect to e-mail. Sensible e-mail policy While volumes have been written on fixing the e-mail problem, at the risk of overgeneralizing, the nuts and bolts of a sensible e-mail policy should include the following: ? Any tasker or suspense transmitted via e-mail must include (1) a word such as ?task? or ?suspense? or some other service- specific buzz phrase that informs the recipient the correspondence requires action, and (2) a clearly identified date by which the response is due. ? If the text of the e-mail is four lines or more, it must include a ?bottom line up front (BLUF)? or ?summary? or similar phrase, no more than two lines, that gives the recipient a general overview of what the correspondence contains. For example, a lengthy note requesting an opinion on a draft regulation or publication might contain a BLUF, right under the salutation, which reads: ?request your input(s) on attached draft regulation NLT 15 Sep 08.? Details of the request, format of the desired response, etc., can then follow in additional narrative. ? A recipient should never have to open an attachment to discover what the substance of the correspondence is. For example, a lunch invitation or proposed organizational course of action described in a PowerPoint slide must be accompanied by text in the e-mail that describes who, what, when, where, etc., so that the recipient can prioritize the correspondence without having to open one or more attachments. ? Transmitting via ?reply to all? or to address groups should be done sparingly, and correspondence should never be forwarded to address groups without a short BLUF or overview that allows recipients to assess very quickly whether additional attention is required. For example, award solicitations for all sorts of categories of personnel are routinely group forwarded to entire installation address groups with introductions such as ?FYSA? or ?for your attention.? A subject line and BLUF saying something such as ?solicitation for pilot of the year award? would minimize the cognitive interruption visited on nonflying recipients of such correspondence. ? If the rules continue to permit e-mail use for unofficial purposes, such as digital water-cooler discussions or unofficial lunch invitations, those e-mails should be highlighted with the little blue down arrow provided in Microsoft Outlook, or some other immediately recognizable identifier that tells the recipient, ?If you don?t read this, there will be no mission impact.? Stick to the mission The second step will require organizations to restrict Internet use to mission-related purposes. IT policymakers are beginning to impose variants of ?black list? or ?white list? rules governing Internet use. The black list prevents users from accessing certain sites or domains; the white list permits users to visit only approved sites or domains. A one-size-fits-all rule isn?t the answer. Personnel working in different career fields require differing mission- related access to information. For example, knowledge management- centric functions, such as intelligence, criminal investigation or legal work, require unrestricted access to myriad and constantly changing sources of information, making the ?white list? system unresponsive. Other less information-dependent functions may not require that same level of access. Blanket rules are conceptually easy to manage but fail to account for varying mission requirements. Overly permissive rules and policies, such as those currently in effect, do little to prevent cognition-degrading Internet abuse. The complex nature of the threat requires a complex, carefully tailored fix. For all career fields, there?s value in allowing employees to attend to limited personal business without leaving their workplaces. In order to balance that interest against the Internet?s distractive potential, Defense Department organizations should impose strict rules permitting users to engage in such nonmission-furthering activities only before or after the established duty day or during an approved lunch period. fog and friction Information overload is the digital age?s fog and friction. Misused and overused e-mail degrades the quality of decision-making and denies knowledge workers access to the right information because the unstructured environment forces them to attempt to digest so much information. The scope of the impact of information overload is difficult to assess, but the fact that it?s having an impact ? a profoundly negative one ? seems incontrovertible. Though not specifically invoking the term ?information overload,? the 9/11 Commission noted that ?the U.S. government has access to a vast amount of information. ... But the U.S. Government has a weak system for processing and using what it has.? We don?t know whether the same sort of informational forest-and-tree problem contributed to the headline-grabbing misrouting or mishandling of sensitive military components in recent months, but it?s difficult to conceive how such oversights could occur in a healthy, efficiently running 21st century information environment. Addressing the information overload threat will require sustained, uninterrupted attention and some complex, high-functioning, i.e., nondegraded, decision-making. When business enterprises idly permit the hobbling of their collective decision-making capacities, they sacrifice competitive advantage and risk eventual insolvency. When governments and military organizations permit unchecked proliferation in threats to the cognitive dimension, they risk much, much more. Maxwell?s mail overload moment In an ironic demonstration of the reason the U.S. Defense Department needs stricter rules for e-mail use, Maxwell Air Force Base, Ala., suffered an internally generated data smog outbreak in the middle of the annual Air Force Cyber Symposium, which it hosted July 15-17. More than 200 experts from across the Air Force and the Defense Department gathered to ?identify strengths, weaknesses, opportunities and threats to the Air Force in the cyberspace domain,? according to the symposium Web site. That same week, New York City hosted the inaugural meeting of the Information Overload Research Group, a team of international academic and industry experts, whose charter is to ?work together to build awareness of the world?s greatest challenge to productivity, ... and help make the business case for fighting information overload.? Just as both conferences were getting underway, an e-mail from a well- intentioned but digitally undisciplined user announcing an opportunity to participate in what the sender called ?the funniest card/dice game? was sent to several recipients? Air Force e-mail accounts. The ensuing barrage of ?please take me off your list? requests ? sent to huge address groups on two installations ? swelled in boxes all over Maxwell, the very installation hosting the cyber conference. It would be difficult to concoct a timelier example demonstrating the need for more exacting rules regarding the use of e-mail. ? COL. PETER R. MARKSTEINER is director, Air Force Legal Operations Agency, Legal Information Services, at Maxwell Air Force Base, Ala. The views expressed in this article are the author?s own and do not necessarily reflect those of the Air Force or Defense Department. From rforno at infowarrior.org Fri Sep 19 19:38:53 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Sep 2008 15:38:53 -0400 Subject: [Infowarrior] - New Al Qaeda Tape Surfaces Despite US Efforts to Block It Message-ID: New Al Qaeda Tape Surfaces Despite US Efforts to Block It Cyber War as US Disrupts Terrorists' Propaganda Effort By BRIAN ROSS, REHAB EL-BURI and RICH ESPOSITO http://www.abcnews.go.com/Blotter/story?id=5841873&page=1 September 19, 2008? Al Qaeda's annual September 11 propaganda video surfaced today, delayed eight days by a concerted US effort to block it. The tape showed no new pictures or statements from Osama bin Laden, although an al Qaeda figure was interviewed saying bin Laden was in "good health." Al Qaeda also showed a video it said was captured from a US bounty hunter, Keith "Jack" Idema, as he appeared to threaten to kill an Afghani citizen during an interrogation. (click here to watch video) Idema was later convicted by an Afghan court and sentenced to prison there. He maintained at his trial that he was secretly working for US intelligence in the hunt for bin Laden, an assertion flatly denied by US officials. It was the first time in seven years that al Qaeda failed to get its "anniversary message" publicly released on or before September 11. US officials declined to comment on what role the government played, saying it is their policy not to comment on sensitive intelligence operations. But intelligence sources say the US, with help from German and Malaysian authorities, were able to disrupt al Qaeda's normal internet release method. "It's something we've been trying to do for some time," said former CIA intelligence officer John Kiriakou, an ABC News consultant. Intelligence sources say the US has made major strides in infiltrating the al Qaeda internet distribution network and chose to use its knowledge this year to keep the 9/ll tape from coming out immediately. US officials said they did not expect they could keep the tape permanently blocked . "They are determined communicators," said one senior law enforcement official. Copyright ? 2008 ABC News Internet Ventures From rforno at infowarrior.org Fri Sep 19 19:48:38 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Sep 2008 15:48:38 -0400 Subject: [Infowarrior] - Info-Sharing, A Simple Recipe Message-ID: <0626B43F-756F-44AB-BFF8-76D5BB1FC7BE@infowarrior.org> (Mike's hit the nail on the head as always with this latest blog entry. I agree 100% with his sentiment and is something I've been arguing has been necessary for over 10 years now.......-rf) Sharing. Revisited. Again http://haftofthespear.com/2008/09/sharing-revisited-again/ < - > There are some things that would facilitate sharing: 1. Make it Easy. When the only way to report data to Uncle Sam is through yet another closed system with more security credentials and more overhead, people won?t report or they?ll report trivial items that don?t take a lot of time. A PGP-wrapped attachment in email is secure enough (If your network is pwned what difference does it make? If it isn?t, what good is the data X years from now once the crypto is cracked?). 2. Make it Fair. Feds take but never give, so eventually industry stops giving: a familiar refrain. So implement an anonymization system that allows meaning and insight to be communicated back and forth without revealing sensitive data. Adapting the ?arbitrary unit designator? concept from intelligence analysis (e.g. If an IP address is too sensitive to share, give it a random but fixed alpha-numeric ID for the purposes of sharing) is a start. 3. Make it Legal. Industry-government sharing initiatives tend to fail because industry has these people called ?shareholders? and ?auditors? that get riled up if a company says it?s been breached. Legal top cover for corporations would go a long way towards improving cooperation. It?s not about hiding misconduct or culpability but avoiding the fickle inclinations of the market. 4. Pay for It. DHS has asked for private sector expertise, but only at the expense of industry. Corporations want to help, but when they pay someone a salary they like that person to show up to work. Industry experts will participate in secondments if the government stops trying to do everything on the cheap and just expands the IPA program to cover the people they want. The fixes themselves are easy enough to implement; actually getting to the point where they can be implemented is hard and costs money. Again, if we?re serious about cyber security then we should be willing to deal with the expense and level of effort. You?ll know we?re not serious if more or less this same discussion is repeated in a year or two. From rforno at infowarrior.org Sat Sep 20 02:27:21 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Sep 2008 22:27:21 -0400 Subject: [Infowarrior] - Comcast's Internet Filtering FAQ Message-ID: <08E2503D-CE26-49AB-8AC0-D9D87C2B3D3D@infowarrior.org> Comcast Opens Curtains On How They Filter Your Traffic Comcast has just released a series of documents in response to the Federal Communications Commission detailing how, exactly, the ISP filters your traffic. Based on their traffic analysis, five protocols (Ares, BitTorrent, eDonkey, FastTrack and Gnutella) were especially filtered. Not anymore. Now Comcast is going to be throttling ALL traffic you generate, even if it's from their own Fancast streaming video service, if you're generating abnormally high traffic compared to your peers. On the bright side, it's good that your torrents aren't getting slowed down, but on the other hand, "legal" applications like Netflix or Amazon will be affected as well. This probably won't be a big deal to all that many of you, as Comcast says the throttling only occurs during periods of congestion, and in total will only impact 1% of users. (It's likely that many Giz readers are in that 1% of bandwidth hogs though.) In any case, you'll still have to watch out that you don't run over the 250GB monthly cap, or else your net will become disconnected entirely. FAQ below: < - > http://gizmodo.com/5052628/comcast-opens-curtains-on-how-they-filter-your-traffic From rforno at infowarrior.org Sat Sep 20 02:43:11 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Sep 2008 22:43:11 -0400 Subject: [Infowarrior] - Interesting Market Numbers from this past week Message-ID: This economic blog entry shows an HSBC Security analyst's comparison of the market closes for the week of 9/12 and 9/19. Despite *all* the volatility this past week, and all the panic and fear in the world markets, from a pure numbers perspective, the major US indices and rates are nearly unchanged from a week ago before the latest iteration of Mister Market's Wild Ride. http://bigpicture.typepad.com/comments/2008/09/what-did-you-mi.html As the blogger notes, and which I agree 100% with, it sure didn't feel like a 'flat' week!! -rick From rforno at infowarrior.org Sat Sep 20 02:47:27 2008 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Sep 2008 22:47:27 -0400 Subject: [Infowarrior] - New FBI Tech: E-Guardian Message-ID: http://www.fbi.gov/page2/sept08/eguardian_091908.html CONNECTING THE DOTS Using New FBI Technology The eGuardian system?which is being piloted by several agencies and will start being rolled out in phases nationwide by year?s end, complete with training?will enable near real-time sharing and tracking of terror information and suspicious activities with our local, state, tribal, and federal partners. It?s actually a spin-off of a similar but classified tool called Guardian that we?ve been using inside the Bureau?and sharing with vetted partners?for the past four years. How eGuardian works. In a very similar way, except it will be available through our secure Law Enforcement Online Internet portal to more than 18,000 agencies, which will be able to run searches and input their own reports. Their entries will be automatically sent to a state ?fusion center? (or a similar intelligence-based hub) for vetting, where trained personnel will evaluate it and then either monitor it, close it, or refer it to the appropriate FBI terror task force. Ultimately, eGuardian will add additional capabilities like geo- spatial mapping, live chats, and link analysis. What happens if an incident has no probable link to terrorism? The report is deleted to ensure personal data is not being needlessly stored. If the information is deemed ?inconclusive,? it will remain in eGuardian for up to five years, in accordance with federal regulations. From rforno at infowarrior.org Sun Sep 21 02:11:06 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Sep 2008 22:11:06 -0400 Subject: [Infowarrior] - More on Treasury Bailout Plan.... Message-ID: <953BB199-B4B9-4AD3-8C96-0B1C8F465D40@infowarrior.org> Here's a link to the proposed Treasury "Bailout" being discussed this weekend. Note Section 8: "Decisions by the Secretary pursuant to the authority of this Act are non-reviewable and committed to agency discretion, and may not be reviewed by any court of law or any administrative agency." (Where have we heard this before, and what 'other shoe' will fall if/when Paulson gets such blanket indemnification for Treasury's actions/decisions in this matter?) -- Link: http://calculatedrisk.blogspot.com/2008/09/bailout-proposal.html ....and more from Bloomberg on the controversial proposal in general.... http://www.bloomberg.com/apps/news?pid=20601087&sid=a1hr1v2FUeAg&refer=home Sept. 20 (Bloomberg) -- The Bush administration asked Congress for unchecked power to buy $700 billion in bad mortgage investments from U.S. financial companies in what would be an unprecedented government intrusion into the markets. The plan, designed by Treasury Secretary Henry Paulson, is aimed at averting a credit freeze that would bring the financial system and economic growth to a standstill. The bill would bar courts from reviewing actions taken under its authority. < - > The plan would raise the ceiling on the national debt and spend as much as the combined annual budgets of the Departments of Defense, Education and Health and Human Services. Paulson is asking for the power to hire asset managers and award contracts to private companies. Most provisions of the proposal expire after two years from the date of enactment. From rforno at infowarrior.org Sun Sep 21 15:39:20 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Sep 2008 11:39:20 -0400 Subject: [Infowarrior] - Gov.Palin@Hacked.Com Message-ID: <4FA6B052-84E3-4C3E-AC3E-F6F595DEDE8D@infowarrior.org> Gov.Palin at Hacked.Com By Farhad Manjoo Sunday, September 21, 2008; Page B02 http://www.washingtonpost.com/wp-dyn/content/article/2008/09/19/AR2008091902806.html?hpid=opinionsbox1 Sometime last Tuesday, an unknown hacker gained access to gov.palin at yahoo.com , an e-mail account that Gov. Sarah Palin has used for personal and possibly also state business in Alaska. The hacker posted the e-mail password to a section of 4Chan, a discussion site known as a haven for Web "trolls" -- deliberate online troublemakers. For a brief time, Palin was an open book. Readers of 4Chan trudged through her inbox, saving screen shots of her correspondence with friends and supporters, a list of her frequent contacts and pictures of her family. Then a good Samaritan reset Palin's password, triggering a Yahoo security measure that alerted Palin to the breach. Soon after, gov.palin at yahoo.com and another account Palin has reportedly used to conduct official business -- gov.sarah at yahoo.com -- were deleted. The gossipy Web site Gawker.com has posted a few screen shots of the messages found in Palin's account; they reveal nothing damaging about the governor, other than the fact that she has a penchant for typing in ALL CAPS when exercised. ("Does he want someone OPPOSED to the life issue in Congress?" Palin wrote to Lt. Gov. Sean Parnell.) Still, in a statement sent to reporters on Wednesday, the McCain campaign called the incident "a shocking invasion of the Governor's privacy and a violation of law." In fact, if there's anything remotely shocking here, it probably has to do with Palin's e-mail habits. Why was she using Yahoo? Critics say that she was taking a page from former White House political mastermind Karl Rove, who cooked up the idea of using an off-site e- mail address to confound investigations of his Bush administration activities. (In 2007, the White House admitted that Rove and other officials had used Republican National Committee addresses for some of their correspondence; as a result, the White House said it couldn't track down a trove of e-mail messages requested by congressional investigators looking into those fishy U.S. attorney firings.) ad_icon Palin's e-mail policies do show a certain Rovian (or perhaps Cheneyesque) partiality for secrecy. The New York Times reported last Sunday that shortly after she took office, Palin's aides discussed the benefits of using private e-mail accounts, with one assistant noting that messages sent to Palin's BlackBerry "would be confidential and not subject to subpoena." In June, Andr?e McLeod, a Republican activist in Alaska, filed a public-records request for copies of all e- mails sent between two of Palin's aides, Ivy Frye and Frank Bailey. (McLeod suspected the aides of various ethical violations.) Palin's office parted with four boxes of e-mail, but it refused to disclose more than 1,000 other messages, claiming executive privilege. Rovian tactics aside, last week's hacking episode proves that it's rather boneheaded to put state business on Yahoo. True, all e-mail addresses are vulnerable to hacking. But Yahoo is a particularly big target. Lots of people spend a lot of time trying to crack Yahoo accounts. Do a quick search for "hack yahoo," and you'll be presented with myriad methods of attack. When you forget your e-mail address, Yahoo asks you a "challenge question" to verify your identity before giving you your password. But because we know a great deal about Palin (her kids' names, her husband's favorite sport, her date of birth), the challenge question seems not to have been much of a challenge for the hacker. On a message board, the supposed culprit explained last week that he got into Palin's e-mail by guessing where she'd met her husband, Todd. He says that he typed in "Wasilla high" -- and was able to trick Yahoo into assigning the account a new password, "popcorn." This echoes the other major celebrity e-mail theft of recent memory: Paris Hilton's cell phone was successfully hacked because the thief knew that her pet Chihuahua is named Tinkerbell. Palin probably won't be the last politician whose e-mail gets hacked. Until now, this has been rare, mainly because many big-time pols don't e-mail. Despite apparently having invented the BlackBerry (as a campaign aide suggested last week), John McCain abstains from e-mail, as does President Bush. Bill Clinton sent just two messages during his time in the White House (and one was a test e-mail). But other politicians are addicted to e-mail: Barack Obama, Hillary Rodham Clinton, Mitt Romney and Al Gore are always on their BlackBerrys. The BlackBerry is known to be tough to hack; that is, it has shown no major tech vulnerabilities that would allow easy access to intruders. But keeping all devices safe from attackers takes work -- choosing strong passwords, changing them often, making sure you haven't left them lying around somewhere. Politicians are probably no better at that than you or I. And we know all their pets' names. Farhad Manjoo is Slate's technology columnist. From rforno at infowarrior.org Sun Sep 21 16:03:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Sep 2008 12:03:28 -0400 Subject: [Infowarrior] - Anxiety-detecting machines could spot terrorists Message-ID: <94778BF3-7D46-4F33-9584-FE1086BE7A0A@infowarrior.org> (False positives, here we come!! --rf) http://www.usatoday.com/tech/news/techinnovations/2008-09-18-bioscanner_N.htm?loc=interstitialskip Anxiety-detecting machines could spot terrorists By Thomas Frank, USA TODAY UPPER MARLBORO, Md. ? A scene from the airport of the future: A man's pulse races as he walks through a checkpoint. His quickened heart rate and heavier breathing set off an alarm. A machine senses his skin temperature jumping. Screeners move in to question him. Signs of a terrorist? Or simply a passenger nervous about a cross- country flight? It may seem Orwellian, but on Thursday, the Homeland Security Department showed off an early version of physiological screeners that could spot terrorists. The department's research division is years from using the machines in an airport or an office building ? if they even work at all. But officials believe the idea could transform security by doing a bio scan to spot dangerous people. Critics doubt such a system can work. The idea, they say, subjects innocent travelers to the intrusion of a medical exam. The futuristic machinery works on the same theory as a polygraph, looking for sharp swings in body temperature, pulse and breathing that signal the kind of anxiety exuded by a would-be terrorist or criminal. Unlike a lie-detector test that wires subjects to sensors as they answer questions, the "Future Attribute Screening Technology" (FAST) scans people as they walk by a set of cameras. "We're picking up things with sensors that can't necessarily be detected by the human eye," said Jennifer Martin, a consultant to Homeland Security's Science and Technology division. The five-year project, in its second year, is the department's latest effort to thwart terrorism by spotting suspicious people. The Transportation Security Administration (TSA) has trained more than 2,000 screeners to observe passengers as they walk through airports, questioning those who seem oddly agitated or nervous. The system would be portable and fast, said project manager Robert Burns, who envisions machines that scan people as they walk into airports, train stations or arenas. Those flagged by the machines would be interviewed in front of cameras that measure minute facial movements for signs they are lying. Like the TSA's program, FAST raises reliability questions. Even if machines accurately spot someone whose heart rate jumps suddenly, that may signal the agitation of learning a flight is delayed, said Timothy Levine, a Michigan State University expert on deceptive behavior. "What determines your heart rate is a whole bunch of reasons besides hostile intent," Levine said. "This is the whole reason behavioral profiles don't work." John Verdi, a lawyer at the Electronic Privacy Information Center, calls physiological screening a "medical exam" that the government has no business conducting. "This is substantially more invasive than screening in airports," Verdi said. Burns said the measurements would not be stored and would give a quick read on someone. Previous research, Burns added, has found that people planning to cause harm act differently from the anxious or annoyed. To pinpoint the physiological reactions that indicate hostile intent, researchers have set up two lab-like trailers on an equestrian center outside Washington, D.C. Science and Technology recruited 140 local people with newspaper and Internet ads seeking testers in a "security study." Each person receives $150. On Thursday, subjects walked one by one into a trailer with a makeshift checkpoint. A heat camera measured skin temperature. A motion camera watched for tiny skin movements to measure heart and breathing rates. As a screener questioned each tester, five observers in another trailer looked for sharp jumps on the computerized bands that display the person's physiological characteristics. Some subjects were instructed in advance to try to cause a disruption when they got past the checkpoint, and to lie about their intentions when being questioned. Those people's physiological responses are being used to create a database of reactions that signal someone may be planning an attack. More testing is planned for the next year. Find this article at: http://www.usatoday.com/tech/news/techinnovations/2008-09-18-bioscanner_N.htm?loc=interstitialskip From rforno at infowarrior.org Mon Sep 22 01:28:20 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Sep 2008 21:28:20 -0400 Subject: [Infowarrior] - Treasury Widens Scope of Bad-Debt Plan Message-ID: ...looks like Treasury is trying to get the jump on the next tidal wave of credit problems that we all know are coming in the form of consumer debt, credit cards, school and auto loans, etc. That said, I still think this whole plan is a scary short-term fix of the symptoms, not a long-term cure for the underlying problem. --rf U.S. Treasury Widens Scope of Bad-Debt Plan Beyond Mortgages By Dawn Kopecki http://www.bloomberg.com/apps/news?pid=20601087&sid=aYXtwpG9mw9g&refer=home Sept. 21 (Bloomberg) -- The Bush administration widened the scope of its $700 billion plan to avert a financial meltdown by including assets other than mortgage-related securities. The U.S. Treasury submitted revised guidance to Congress on its plan, referring to its proposal to purchase so-called troubled assets, a change from its original plan for investments tied to home loans, according to a document obtained by Bloomberg News and confirmed by a congressional aide. The change suggests the inclusion of instruments such as car and student loans, credit-card debt and any other troubled asset. Firms that are headquartered outside the U.S. will now be eligible, in another change from the guidance sent to Congress yesterday, according to the document. The size of the plan remains unchanged. To contact the reporter on this story: Dawn Kopecki in Washington at dkopecki at bloomberg.net From rforno at infowarrior.org Tue Sep 23 14:43:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Sep 2008 10:43:28 -0400 Subject: [Infowarrior] - Schneier: The Two Classes of Airport Contraband Message-ID: September 23, 2008 The Two Classes of Airport Contraband http://www.schneier.com/blog/archives/2008/09/the_two_classes.html Airport security found a jar of pasta sauce in my luggage last month. It was a 6-ounce jar, above the limit; the official confiscated it, because allowing it on the airplane with me would have been too dangerous. And to demonstrate how dangerous he really thought that jar was, he blithely tossed it in a nearby bin of similar liquid bottles and sent me on my way. There are two classes of contraband at airport security checkpoints: the class that will get you in trouble if you try to bring it on an airplane, and the class that will cheerily be taken away from you if you try to bring it on an airplane. This difference is important: Making security screeners confiscate anything from that second class is a waste of time. All it does is harm innocents; it doesn't stop terrorists at all. Let me explain. If you're caught at airport security with a bomb or a gun, the screeners aren't just going to take it away from you. They're going to call the police, and you're going to be stuck for a few hours answering a lot of awkward questions. You may be arrested, and you'll almost certainly miss your flight. At best, you're going to have a very unpleasant day. This is why articles about how screeners don't catch every -- or even a majority -- of guns and bombs that go through the checkpoints don't bother me. The screeners don't have to be perfect; they just have to be good enough. No terrorist is going to base his plot on getting a gun through airport security if there's decent chance of getting caught, because the consequences of getting caught are too great. Contrast that with a terrorist plot that requires a 12-ounce bottle of liquid. There's no evidence that the London liquid bombers actually had a workable plot, but assume for the moment they did. If some copycat terrorists try to bring their liquid bomb through airport security and the screeners catch them -- like they caught me with my bottle of pasta sauce -- the terrorists can simply try again. They can try again and again. They can keep trying until they succeed. Because there are no consequences to trying and failing, the screeners have to be 100 percent effective. Even if they slip up one in a hundred times, the plot can succeed. The same is true for knitting needles, pocketknives, scissors, corkscrews, cigarette lighters and whatever else the airport screeners are confiscating this week. If there's no consequence to getting caught with it, then confiscating it only hurts innocent people. At best, it mildly annoys the terrorists. To fix this, airport security has to make a choice. If something is dangerous, treat it as dangerous and treat anyone who tries to bring it on as potentially dangerous. If it's not dangerous, then stop trying to keep it off airplanes. Trying to have it both ways just distracts the screeners from actually making us safer. From rforno at infowarrior.org Tue Sep 23 16:43:05 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Sep 2008 12:43:05 -0400 Subject: [Infowarrior] - China to make foreign firms reveal secret info Message-ID: <81C350F0-DDDD-4A33-8852-08D3F021975B@infowarrior.org> China to make foreign firms reveal secret info The Yomiuri Shimbun http://www.yomiuri.co.jp/dy/business/20080919TDY01306.htm The Chinese government plans to introduce a new system requiring foreign firms to disclose secret information about digital household appliances and other products starting from May, sources said Thursday. The envisaged system is likely to target products such as IC cards, digital copiers and possibly flat-panel TVs. If a company refuses to disclose such information, the Chinese government plans to ban the firm from exporting the product to the Chinese market, as well as bar production and sales in the country, according to the sources. Critics worry that such a system risks seeing the intellectual property of foreign firms passed onto their Chinese competitors. In addition, the envisaged system poses security concerns if coding technology used in digital devices developed in other countries is leaked to China, they added. Observers say the issue could develop into a serious international trade dispute, with Japan's Economy, Trade and Industry Ministry and U.S. Trade Representatives expected to urge the Chinese government to drop the plan. The Chinese government is calling the planned system an "obligatory accreditation system for IT security products," according to the sources. Specifically, foreign companies will be obliged to disclose relevant products' source code, or a sequence of statements written in computer programming language designed to control digital appliances and other high-tech products. The system, whereby manufacturers will be allowed to sell their products on the Chinese market only after they pass tests based on disclosed source code and inspections by an accreditation body, is said to be unprecedented. Products expected to be subject to the system are those equipped with secret coding, such as the Felica contactless smart card system developed by Sony Corp., digital copiers and computer servers. The Chinese government said it needs the source code to prevent computer viruses taking advantage of software vulnerabilities and to shut out hackers. However, this explanation is unlikely to satisfy concerns that disclosed information might be handed from the Chinese government to Chinese companies. There also are fears that Chinese intelligence services could exploit such confidential information by making it easier to break codes used in Japanese digital devices. Source code is considered a company's intellectual property. Microsoft Corp., for instance, kept secret its Windows' source code, helping it earn huge profits from licensing. (Sep. 19, 2008) From rforno at infowarrior.org Tue Sep 23 23:50:23 2008 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Sep 2008 19:50:23 -0400 Subject: [Infowarrior] - DHS Reads Your Mind Message-ID: Homeland Security Detects Terrorist Threats by Reading Your Mind Tuesday, September 23, 2008 By Allison Barrie http://www.foxnews.com/story/0,2933,426485,00.html Baggage searches are SOOOOOO early-21st century. Homeland Security is now testing the next generation of security screening ? a body scanner that can read your mind. Most preventive screening looks for explosives or metals that pose a threat. But a new system called MALINTENT turns the old school approach on its head. This Orwellian-sounding machine detects the person ? not the device ? set to wreak havoc and terror. MALINTENT, the brainchild of the cutting-edge Human Factors division in Homeland Security's directorate for Science and Technology, searches your body for non-verbal cues that predict whether you mean harm to your fellow passengers. It has a series of sensors and imagers that read your body temperature, heart rate and respiration for unconscious tells invisible to the naked eye ? signals terrorists and criminals may display in advance of an attack. But this is no polygraph test. Subjects do not get hooked up or strapped down for a careful reading; those sensors do all the work without any actual physical contact. It's like an X-ray for bad intentions. Currently, all the sensors and equipment are packaged inside a mobile screening laboratory about the size of a trailer or large truck bed, and just last week, Homeland Security put it to a field test in Maryland, scanning 144 mostly unwitting human subjects. Related * Column Archive o Homeland Security Detects Terrorist Threats by Reading Your Mind o Going Underground: Homeland Security Works on Tool to Prevent Tunnel Disasters o Recharge: American Troops May Become Their Own Batteries o 'Merchants of Death': Arms Dealers Go to Work in Paris o Project Hydra: Keeping Power Out of the Hands of Terrorists Full-page Security Barrier Archive While I'd love to give you the full scoop on the unusual experiment, testing is ongoing and full disclosure would compromise future tests. ? Click here for an exclusive look at MALINTENT in action. But what I can tell you is that the test subjects were average Joes living in the D.C. area who thought they were attending something like a technology expo; in order for the experiment to work effectively and to get the testing subjects to buy in, the cover story had to be convincing. While the 144 test subjects thought they were merely passing through an entrance way, they actually passed through a series of sensors that screened them for bad intentions. Homeland Security also selected a group of 23 attendees to be civilian "accomplices" in their test. They were each given a "disruptive device" to carry through the portal ? and, unlike the other attendees, were conscious that they were on a mission. In order to conduct these tests on human subjects, DHS had to meet rigorous safety standards to ensure the screening would not cause any physical or emotional harm. So here's how it works. When the sensors identify that something is off, they transmit warning data to analysts, who decide whether to flag passengers for further questioning. The next step involves micro- facial scanning, which involves measuring minute muscle movements in the face for clues to mood and intention. Homeland Security has developed a system to recognize, define and measure seven primary emotions and emotional cues that are reflected in contractions of facial muscles. MALINTENT identifies these emotions and relays the information back to a security screener almost in real- time. This whole security array ? the scanners and screeners who make up the mobile lab ? is called "Future Attribute Screening Technology" ? or FAST ? because it is designed to get passengers through security in two to four minutes, and often faster. If you're rushed or stressed, you may send out signals of anxiety, but FAST isn't fooled. It's already good enough to tell the difference between a harried traveler and a terrorist. Even if you sweat heavily by nature, FAST won't mistake you for a baddie. "If you focus on looking at the person, you don't have to worry about detecting the device itself," said Bob Burns, MALINTENT's project leader. And while there are devices out there that look at individual cues, a comprehensive screening device like this has never before been put together. While FAST's batting average is classified, Undersecretary for Science and Technology Adm. Jay Cohen declared the experiment a "home run." As cold and inhuman as the electric eye may be, DHS says scanners are unbiased and nonjudgmental. "It does not predict who you are and make a judgment, it only provides an assessment in situations," said Burns. "It analyzes you against baseline stats when you walk in the door, it measures reactions and variations when you approach and go through the portal." But the testing ? and the device itself ? are not without their problems. This invasive scanner, which catalogues your vital signs for non-medical reasons, seems like an uninvited doctor's exam and raises many privacy issues. But DHS says this is not Big Brother. Once you are through the FAST portal, your scrutiny is over and records aren't kept. "Your data is dumped," said Burns. "The information is not maintained ? it doesn't track who you are." DHS is now planning an even wider array of screening technology, including an eye scanner next year and pheromone-reading technology by 2010. The team will also be adding equipment that reads body movements, called "illustrative and emblem cues." According to Burns, this is achievable because people "move in reaction to what they are thinking, more or less based on the context of the situation." FAST may also incorporate biological, radiological and explosive detection, but for now the primary focus is on identifying and isolating potential human threats. And because FAST is a mobile screening laboratory, it could be set up at entrances to stadiums, malls and in airports, making it ever more difficult for terrorists to live and work among us. Burns noted his team's goal is to "restore a sense of freedom." Once MALINTENT is rolled out in airports, it could give us a future where we can once again wander onto planes with super-sized cosmetics and all the bottles of water we can carry ? and most importantly without that sense of foreboding that has haunted Americans since Sept. 11. Allison Barrie, a security and terrorism consultant with the Commission for National Security in the 21st Century, is FOX News' security columnist. From rforno at infowarrior.org Thu Sep 25 02:52:32 2008 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Sep 2008 22:52:32 -0400 Subject: [Infowarrior] - White House Opposes Expanded DOJ Copyright Enforcement Message-ID: White House Opposes Expanded DOJ Copyright Enforcement By David Kravets EmailSeptember 24, 2008 | 12:55:08 PMCategories: Intellectual Property http://blog.wired.com/27bstroke6/2008/09/bush-administra.html The Bush administration is opposing sweeping legislation granting it the ability to prosecute civil cases of copyright infringement. The legislation, backed by Hollywood, labor unions and manufacturers, sailed through the Senate Judiciary Committee, 14-4, on Sept. 11. In a letter (.pdf) to Sens. Patrick Leahy and Arlen Specter, who were among the sponsors of the legislation, the Justice Department wrote Tuesday it "strongly" opposes expanding its powers. Doing so, the letter said, could undermine the department's prosecution of criminal cases and transform it into an office "serving as pro bono lawyers for private copyright holders." The Justice Department said the private sector should remain responsible for enforcing its copyrights in federal civil lawsuits. "Civil copyright enforcement has always been the responsibility and prerogative of private copyright holders, and U.S. law already provides them with effective legal tools to protect their rights," the Justice Department and Commerce Department wrote. The government agencies wrote that the proposal "could result in Department of Justice prosecutors serving as pro bono lawyers for private copyright holders regardless of their resources. In effect, taxpayer- supported department lawyers would pursue lawsuits for copyright holders, with monetary recovery going to industry." In all, the Bush administration agreed with digital rights groups and others who said the measure goes too far and is a gift to copyright holders who normally use the civil courts to sue copyright infringers. The Recording Industry Association of America, for example, has sued more than 30,000 individuals for infringement. The Enforcement of Intellectual Property Rights Act (.pdf) creates a Cabinet-level copyright-patent czar charged with creating a worldwide plan to combat piracy. The czar would "report directly to the president and Congress regarding domestic and international intellectual property enforcement programs." The bill, nearly identical to the version the House passed last year, encourages government anti-piracy task forces, the training of other countries about IP enforcement and, among other things, institutes an FBI piracy unit. The House version does not contain language granting the Justice Department the ability to sue copyright infringers. The department does prosecute criminal acts of infringement, although rarely. Illustration psd From rforno at infowarrior.org Thu Sep 25 13:26:45 2008 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Sep 2008 09:26:45 -0400 Subject: [Infowarrior] - Judge to RIAA: "attempted copyright infringement" is bogus Message-ID: <84C3DC2E-BC2C-4782-BFE9-05D44561C089@infowarrior.org> September 24th, 2008 Capitol v. Thomas: Judge Orders New Trial, Implores Congress to Lower Statutory Penalties for P2P Legal Analysis by Corynne McSherry http://www.eff.org/deeplinks/2008/09/capitol-v-thomas-judge-orders-new-trial-implores-c Joining the ranks of federal district judges in Arizona and Massachusetts, District of Minnesota Chief Judge Michael Davis today concluded [44-page PDF] that simply making a music file available in a shared file does not violate copyright law, and ordered a new trial in Capitol Records v. Jammie Thomas. The case made headlines last year as the first peer-to-peer file- sharing case to go all the way to trial. In October 2007, a jury held Thomas liable and awarded $222,000 in damages to the record companies, based in whole or in part (it wasn't clear) on an instruction that merely making a file available violates a copyright owner's distribution right. Earlier this year, Chief Judge Davis said he was concerned that he might have made a mistake with that instruction and asked for more briefing on whether Thomas deserved a new trial. EFF, joined by Public Knowledge, the United States Internet Industry Association, and the Computer and Communications Industry Association filed an amicus brief urging the Court to reject the RIAA's making available theory. One key holding: The Court?s examination of the use of the term ?distribution? in other provisions of the Copyright Act, as well as the evolution of liability for offers to sell in the analogous Patent Act, lead to the conclusion that the plain meaning of the term ?distribution? does not including making available and, instead, requires actual dissemination. . . . If simply making a copyrighted work available to the public constituted a distribution, even if no member of the public ever accessed that work, copyright owners would be able to make an end run around the standards for assessing contributor copyright infringement. In addition, Chief Judge Davis called on Congress to amend the Copyright Act: The Court would be remiss if it did not take this opportunity to implore Congress to amend the Copyright Act to address liability and damages in peer-to-peer network cases such as the one currently before this Court. . . . While the Court does not discount Plaintiffs? claim that, cumulatively, illegal downloading has far-reaching effects on their businesses, the damages awarded in this case are wholly disproportionate to the damages suffered by Plaintiffs. Thomas allegedly infringed on the copyrights of 24 songs?the equivalent of approximately three CDs, costing less than $54, and yet the total damages awarded is $222,000?more than five hundred times the cost of buying 24 separate CDs and more than four thousand times the cost of three CDs. While the Copyright Act was intended to permit statutory damages that are larger than the simple cost of the infringed works in order to make infringing a far less attractive alternative than legitimately purchasing the songs, surely damages that are more than one hundred times the cost of the works would serve as a sufficient deterrent. . . . Unfortunately, by using Kazaa, Thomas acted like countless other Internet users. Her alleged acts were illegal, but common. Her status as a consumer who was not seeking to harm her competitors or make a profit does not excuse her behavior. But it does make the award of hundreds of thousands of dollars in damages unprecedented and oppressive. EFF applauds Chief Judge Davis's thorough rejection of the RIAA's effort to rewrite copyright law and thereby avoid the trouble of actually proving any infringement has occurred. And we wholeheartedly endorse the court's call to amend the Copyright Act's oppressive damages provisions. From rforno at infowarrior.org Sun Sep 28 00:23:54 2008 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Sep 2008 20:23:54 -0400 Subject: [Infowarrior] - OpEd on Congressional Ignorance Message-ID: America's Financial Crisis: Who's Really Living In A Cave? Richard Forno -- www.infowarrior.org (c) 2008 Richard Forno. Permission Granted to reproduce freely in its entirety with credit given to author. (2008-09-27) As America's financial markets churn and burn, and those around the world hang in the balance in the hopes that a Wall Street bailout will remedy this credit crisis, Congress is plugging away on a legislative solution in the manner that only they can do. Of course, like sausage, we really don't want to see how this deal is made -- we just hope it tastes good and that the cook didn't spit in our meal before serving it. (Whether or not it solves the long-term problem of our being hungry is another matter -- if not, we can just make more.) Until last Thursday afternoon, the Administration, House Democrats, Senate Republicans, and Senate Democrats reportedly were close to a mutually acceptable agreement on the Wall Street bailout package, and there were signs of true bipartisan progress at work and a 'done deal' was practically certain. Both sides even said so! Then, late Thursday afternoon, the deal was derailed when a group of House Republicans began proposing their own legislative remedy and refused to participate in the ongoing negotiations with the other four parties mentioned above. Back to square one, it seemed. During an interview with Margaret Warner on Friday night's "NewsHour With Jim Lehrer", Republican Congressman Mike Pence was asked about the sudden and surprise actions taken by House Republicans in shutting down negotiations given how close the deal was to completion. His response, quite simply, was amazing: < - > http://infowarrior.org/articles/pence-woodshed.html N.B.: An abridged version of this commentary will appear Monday at Counterpunch.Org. From rforno at infowarrior.org Mon Sep 29 19:28:18 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Sep 2008 15:28:18 -0400 Subject: [Infowarrior] - We are witnessing history... Message-ID: <1FA23768-35BC-4A47-86CD-96148316286E@infowarrior.org> Dow down 701 NASDAQ down 173 S&P down 99 Yeesh. -rf From rforno at infowarrior.org Tue Sep 30 01:56:28 2008 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Sep 2008 21:56:28 -0400 Subject: [Infowarrior] - Reuters suing GMU over Zotero-EndNote Message-ID: ...another reason why I REFUSE to use EndNote, as if I needed any more already. --rf http://www.courthousenews.com/2008/09/17/Reuters_Says_George_Mason_University_Is_Handing_Out_Its_Proprietary_Software.htm Reuters Says George Mason University Is Handing Out Its Proprietary Software RICHMOND, VA. (CN) - Thomson Reuters demands $10 million and an injunction to stop George Mason University from distributing its new Web browser application, Zotero software, an open-source format that allows users to convert Reuters' EndNote Software. Reuters claims George Mason is violating its license agreement and destroying the EndNote customer base. Thomson Reuters also sued the Commonwealth of Virginia, in Richmond City Court. George Mason, founded in 1972, is a state institution. Reuters says its EndNote Software "allows end users to search online bibliographic databases, organize their references, images, and .pdfs in any language, and instantly create bibliographic reference style files and figure lists in Thomson's proprietary .ens style format for over 3,500 journals and publications." The complaint states, "Dr. Daniel J. Cohen, Associate Professor, Department of History and Art History, and the director of GMU's Center for History and New media, developed Zotero, which is a freely distributable, open-source software based research tool that allows users to gather, organize and analyze sources, including citations, and freely share the results with others." The Center for History and New Media release "a new beta version of Zotero to the general public" on July 8. Reuters adds, "A significant and highly touted feature of the new beta version of Zotero, however, is its ability to convert - in direct violation of the License Agreement - Thomson's 3,500 plus proprietary .ens style files within the EndNote Software into free, open source, easily distributable Zotero .csl files." It claims GMU reverse engineered Reuters' EndNote software to create Zotero. Reuters is represented by Gary Noyes of Tysons Corner.