From rforno at infowarrior.org Sat Aug 1 00:16:12 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Jul 2009 20:16:12 -0400 Subject: [Infowarrior] - FCC Looking Into Apple's Rejection of Google Voice App Message-ID: FCC Now Looking Into Apple's Rejection of Google Voice App Posted by: Arik Hesseldahl on July 31 http://www.businessweek.com/technology/ByteOfTheApple/blog/archives/2009/07/fcc_now_looking.html The Federal Communications Commission has sent letters to Apple and to AT&T and Google seeking information about the rejection of the Google Voice Application from the iTunes store, according to a story in The Wall Street Journal. The letters ask why the application was rejected, and whether or not Apple removed other applications like it. I just downloaded copies of the letters from the FCC?s Web site, and will include links to them below. In the letter to Apple?s Catherine A. Novelli, Vice President for Worldwide Government Affairs, the commission asks: ?Why did Apple reject the Google Voice application for iPhone and remove related third-party applications from its App Store?? Did Apple act alone, or in consultation with AT&T, in deciding to reject the Google Voice application and related applications? If the latter, please describe the communications between Apple and AT&T in connection with the decision to reject Google Voice. Are there any contractual conditions or non-contractual understandings with AT&T that affected Apple?s decision in this matter??Does AT&T have any role in the approval of iPhone applications generally (or in certain cases)? If so, under what circumstances, and what role does it play? What roles are specified in the contractual provisions between Apple and AT&T (or any non- contractual understandings) regarding the consideration of particular iPhone applications?? But the inquiry goes further that just the Google Voice matter. The commission asks about other VOIP applications that have been approved for the iPhone and about what other applications have been rejected generally. It then goes on to ask what the standards are for approving or rejecting applications and about the approval process. Apple has been directed to answer by Aug. 21. Apple declined to comment citing a policy for not commenting regulatory matters. The Commission?s letter to AT&T asks about what role if any AT&T played in considering the Google Voice app, and what role it plays if any in applications generally, and if any such roles are spelled out in the contractual relationship between Apple and AT&T. It also seeks copies of any communications between them on the subject as well as copies of communications between Apple, AT&T and Google, including summaries of meetings or contacts on the matter. The commission also asks what I think is a key question: ?Please explain whether, on AT&T?s network, consumers? access to and usage of Google Voice is disabled on the iPhone but permitted on other handsets, including Research in Motion?s BlackBerry devices.? I have Google Voice on my Blackberry, which I concede runs not on AT&T but on Verizon. But if AT&T ? theoretically speaking ? can insist that Apple disable a Google Voice app on the iPhone, but can?t insist that Research In Motion, or another handset vendor do the same then I have a problem agreeing with the conclusion that this decision was taken at AT&T?s behest. What?s good enough for the Blackberry is good enough for the iPhone. An AT&T spokesman repeated his company?s position that all decisions relating to applications for the iPhone are Apple?s and Apple?s alone. ?AT&T does not manage or approve applications for the app store,? a spokesman just told me minutes ago, and he otherwise referred me to Apple, who as you know has so far declined to comment. The Commission?s letter to Google, asks for what explanation if any was given to Google for the rejection of the application. It further asks what other Google applications are available and if there are any others pending. It also asks what the standards are for considering applications for the Android platform. One other interesting point that appears in all three letters: ?Blanket? requests for confidentiality in this matter, are deemed unacceptable, which means that we will get to see at least some of the answers from all three companies as a matter of public record. FCC?s letter to Apple. FCC?s letter to AT&T. FCC?s letter to Google. From rforno at infowarrior.org Sat Aug 1 15:31:18 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 1 Aug 2009 11:31:18 -0400 Subject: [Infowarrior] - Amanda Palmer Talks About Connecting With Fan Message-ID: Amanda Palmer Talks About Connecting With Fans: Fans WANT To Support Artists http://techdirt.com/articles/20090731/1501475731.shtml From rforno at infowarrior.org Sat Aug 1 15:44:57 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 1 Aug 2009 11:44:57 -0400 Subject: [Infowarrior] - 'Last Lecture' prof's program to be updated Message-ID: <8B901DCF-37DE-46E5-89B9-26901945CD77@infowarrior.org> 'Last Lecture' prof's program to be updated The Associated Press Friday, July 31, 2009 1:16 PM http://www.washingtonpost.com/wp-dyn/content/article/2009/07/31/AR2009073102068_pf.html PITTSBURGH -- Carnegie Mellon University will release an updated version of the animation-based software developed by late "last lecture" professor Randy Pausch to teach computer programming. Pausch, a Carnegie Mellon computer science professor and pioneer of virtual reality research, was involved with the Alice software project. He died at age 47 of pancreatic cancer last July, 10 months after giving his "last lecture" about facing death that became an Internet sensation and spawned his best-selling book, "The Last Lecture." Alice 3 - expected to debut next week, according to university officials - is designed to teach programming using a "drag and drop" interface to create 3D animations. The latest version, available free athttp://www.alice.org, also lets advanced users create programs in the Java programming language. Users can select hundreds of character objects and scenes from the popular video game "The Sims" to make and control virtual worlds. Hundreds of colleges and numerous middle- and high schools use Alice software to teach programming, according to Carnegie Mellon. Alice "dispels the impression that computer programming is all about arcane notations and requires years of training before it becomes possible to create interesting results," Randal Bryant, dean of the School of Computer Science, said in a statement. Pausch saw an early version of Alice 3 shortly before his death. "To the extent that you can live on in something, I will live on in Alice," he said during his final lecture. ? 2009 The Associated Press From rforno at infowarrior.org Sat Aug 1 23:49:34 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 1 Aug 2009 19:49:34 -0400 Subject: [Infowarrior] - U.S. Weighs Risks of Civilian Harm in Cyberwarfare Message-ID: August 2, 2009 Cyberwar U.S. Weighs Risks of Civilian Harm in Cyberwarfare By JOHN MARKOFF and THOM SHANKER http://www.nytimes.com/2009/08/02/us/politics/02cyber.html?_r=2&partner=rss&emc=rss&pagewanted=print It would have been the most far-reaching case of computer sabotage in history. In 2003, the Pentagon and American intelligence agencies made plans for a cyberattack to freeze billions of dollars in the bank accounts of Saddam Hussein and cripple his government?s financial system before the United States invaded Iraq. He would have no money for war supplies. No money to pay troops. ?We knew we could pull it off ? we had the tools,? said one senior official who worked at the Pentagon when the highly classified plan was developed. But the attack never got the green light. Bush administration officials worried that the effects would not be limited to Iraq but would instead create worldwide financial havoc, spreading across the Middle East to Europe and perhaps to the United States. Fears of such collateral damage are at the heart of the debate as the Obama administration and its Pentagon leadership struggle to develop rules and tactics for carrying out attacks in cyberspace. While the Bush administration seriously studied computer-network attacks, the Obama administration is the first to elevate cybersecurity ? both defending American computer networks and attacking those of adversaries ? to the level of a White House director, whose appointment is expected in coming weeks. But senior White House officials remain so concerned about the risks of unintended harm to civilians and damage to civilian infrastructure in an attack on computer networks that they decline any official comment on the topic. And senior Defense Department officials and military officers directly involved in planning for the Pentagon?s new ?cybercommand? acknowledge that the risk of collateral damage is one of their chief concerns. ?We are deeply concerned about the second- and third-order effects of certain types of computer network operations, as well as about laws of war that require attacks be proportional to the threat,? said one senior officer. This officer, who like others spoke on the condition of anonymity because of the classified nature of the work, also acknowledged that these concerns had restrained the military from carrying out a number of proposed missions. ?In some ways, we are self-deterred today because we really haven?t answered that yet in the world of cyber,? the officer said. In interviews over recent weeks, a number of current and retired White House officials, Pentagon civilians and military officers disclosed details of classified missions ? some only considered and some put into action ? that illustrate why this issue is so difficult. Although the digital attack on Iraq?s financial system was not carried out, the American military and its partners in the intelligence agencies did receive approval to cripple Iraq?s military and government communications systems in the early hours of the war in 2003. And that attack did produce collateral damage. Besides blowing up cellphone towers and communications grids, the offensive included electronic jamming and digital attacks against Iraq?s telephone networks. American officials also contacted international communications companies that provided satellite phone and cellphone coverage to Iraq to alert them to possible jamming and to ask their assistance in turning off certain channels. Officials now acknowledge that the communications offensive temporarily disrupted telephone service in countries around Iraq that shared its cellphone and satellite telephone systems. That limited damage was deemed acceptable by the Bush administration. Another such event took place in the late 1990s, according to a former military researcher. The American military attacked a Serbian telecommunications network and accidentally affected the Intelsat satellite communications system, whose service was hampered for several days. These missions, which remain highly classified, are being scrutinized today as the Obama administration and the Pentagon move into new arenas of cyberoperations. Few details have been reported previously; mention of the proposal for a digital offensive against Iraq?s financial and banking systems appeared with little notice on Newsmax.com, a news Web site, in 2003. The government concerns evoke those at the dawn of the nuclear era, when questions of military effectiveness, legality and morality were raised about radiation spreading to civilians far beyond any zone of combat. ?If you don?t know the consequences of a counterstrike against innocent third parties, it makes it very difficult to authorize one,? said James Lewis, a cyberwarfare specialist at the Center for Strategic and International Studies in Washington. But some military strategists argue that these uncertainties have led to excess caution on the part of Pentagon planners. ?Policy makers are tremendously sensitive to collateral damage by virtual weapons, but not nearly sensitive enough to damage by kinetic? ? conventional ? ?weapons,? said John Arquilla, an expert in military strategy at the Naval Postgraduate School in Monterey, Calif. ?The cyberwarriors are held back by extremely restrictive rules of engagement.? Despite analogies that have been drawn between biological weapons and cyberweapons, Mr. Arquilla argues that ?cyberweapons are disruptive and not destructive.? That view is challenged by some legal and technical experts. ?It?s virtually certain that there will be unintended consequences,? said Herbert Lin, a senior scientist at the National Research Council and author of a recent report on offensive cyberwarfare. ?If you don?t know what a computer you attack is doing, you could do something bad.? Mark Seiden, a Silicon Valley computer security specialist who was a co-author of the National Research Council report, said, ?The chances are very high that you will inevitably hit civilian targets ? the worst-case scenario is taking out a hospital which is sharing a network with some other agency.? And while such attacks are unlikely to leave smoking craters, electronic attacks on communications networks and data centers could have broader, life-threatening consequences where power grids and critical infrastructure like water treatment plants are increasingly controlled by computer networks. Over the centuries, rules governing combat have been drawn together in customary practice as well as official legal documents, like the Geneva Conventions and the United Nations Charter. These laws govern when it is legitimate to go to war, and set rules for how any conflict may be waged. Two traditional military limits now are being applied to cyberwar: proportionality, which is a rule that, in layman?s terms, argues that if you slap me, I cannot blow up your house; and collateral damage, which requires militaries to limit civilian deaths and injuries. ?Cyberwar is problematic from the point of view of the laws of war,? said Jack L. Goldsmith, a professor at Harvard Law School. ?The U.N. Charter basically says that a nation cannot use force against the territorial integrity or political independence of any other nation. But what kinds of cyberattacks count as force is a hard question, because force is not clearly defined.? From rforno at infowarrior.org Sun Aug 2 02:06:38 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 1 Aug 2009 22:06:38 -0400 Subject: [Infowarrior] - Apple keyboard firmware hack Message-ID: <853BA418-05B3-470A-BC6A-AEC9C3DC1846@infowarrior.org> Apple keyboard firmware hack demonstrated Apple needs to patch it ASAP by Charlie Demerjian at Defcon 17 July 31, 2009 http://www.semiaccurate.com/2009/07/31/apple-keyboard-firmware-hack-demonstrated/ APPLE KEYBOARDS ARE vulnerable to a hack that puts keyloggers and malware directly into the keyboard. This could be a serious problem, and now that the presentation and code is out there, the bad guys will surely be exploiting it. The vulnerability was discovered by K. Chen, and he gave a talk on it at Blackhat this year. The concept is simple, a modern Apple keyboard has about 8K of flash memory, and 256 bytes of working ram. For the intelligent, this is more than enough space to have a field day. The machine and keyboard in the demo K. Chen demonstrated the hack to S|A at Defcon today and it worked quite well. You start out by running GDB, and set a breakpoint in Apple's HIDFirmwareUpdaterTool. This tool is meant to update the firmware in human interface devices, hence the name. The tool is run, a breakpoint set, and then you simply cut and paste the new code into the firmware image in memory. That's it. The breakpoint, code and presentation Nothing is encrypted, decrypted, and the process is simple. You then resume HIDFirmwareUpdaterTool, and in a few seconds, your keyboard is compromised. Formatting the OS won't do you any good, the code is in keyboard flash. There are no batteries to pull, no nothing, the keyboard is simply compromised. While you can re-flash a keyboard, that is fairly hard to do if you don't have a keyboard. Apple internal keyboards are USB devices, as are the external ones, so the same hack works for them too. Think about that when you count the dwindling number of external USB ports on modern Macs. The new firmware can do anything you want it to. K. Chen demo'd code that you put in a password, and when you hit return, it starts playing back the last five characters typed in, FIFO. It is a rudimentary keylogger, a proof of concept more than anything else. Since there is about 1K of flash free in the keyboard itself, you can log quite a few keystrokes totally transparently. If you want the code, it is on page 170 of the PDF presentation linked above. This exploit is simple and does things by the rules. K. Chen is very careful not to do anything in an illegal way, and you have to do all the steps manually. It can't easily be done remotely. That said, bad guys intent on stealing your data probably won't have the same high moral standards, and it probably wouldn't take much to exploit the same vulnerability remotely, silently, with code from a compromised web page. Apple needs to patch this problem ASAP. It is completely remotely exploitable, and almost impossible to remove, especially if you don't know it is there. This huge hole that Apple has in it's hardware turns any remote exploit, Apple is full of them, into a huge security problem. We would have called Apple to let them know about this, but the last few times we did, they would not so much as return our phone calls. Until Apple releases a way to detect the validity of keyboard firmware and patches this huge hole in their system, anyone using Apple hardware, regardless of the OS running, is vulnerable. Don't believe them when they try to spin this as minor, owning a keyboard gives you ownership of a system.S|A From rforno at infowarrior.org Sun Aug 2 16:28:43 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 2 Aug 2009 12:28:43 -0400 Subject: [Infowarrior] - DOD eyes hacker con for new recruits Message-ID: <20AB39BB-4AFF-466E-9D39-DA11972F0ED3@infowarrior.org> This story appeared on Network World at http://www.networkworld.com/news/2009/080109-defense-deparment-eyes-hacker-con.html Defense Deparment eyes hacker con for new recruits http://www.networkworld.com/news/2009/080109-defense-deparment-eyes-hacker-con.html The Air Force recruited 60 at last year's hacker conference; this year it's back for more By Robert McMillan , IDG News Service , 08/01/2009 The U.S. Air Force has found an unlikely source of new recruits: The yearly Defcon hacking conference, which runs Thursday through Sunday in Las Vegas. Col. Michael Convertino came to Defcon for the first time last year, and after finding about 60 good candidates for both enlisted and civilian positions decided to come back again. "The principal reason that I'm here is to recruit," said Convertino, commander of the U.S. Air Force's 318th Information Operations Group, speaking Thursday during a panel discussion at Defcon's sister conference, Black Hat. "We have many empty jobs, empty slots that we can't fill." Federal agencies have only recently begun embracing the hacker crowd. When U.S. Department of Defense (DoD) director of futures exploration Jim Christy hosted his first Defcon "Meet the Fed" panel on 1999, he was one of two people onstage. At this week's Defcon, there may be several thousand federal employees in attendance, he said. Federal government employees first started coming to Defcon to get information and build relationships from the hacker community, Christy said during an interview, but now it is becoming more acceptable to find new recruits at the show, despite its reputation as a subversive hacking conference. "The character of Defcon has changed over the years," he said in an interview. "Ninety-five percent of the people here are good guys." And federal agencies have changed too, particularly since the terrorist attacks of Sept. 11, 2001, said Linton Wells II, the former CIO of the U.S. Department of Defense (DoD), now a research professor with the National Defense University in Washington D.C. "The federal government has engaged with a lot of people they wouldn't have even talked to before 9/11," he said. Christy expects that a couple of hundred of this year's attendees will be recruited by federal agencies, but no one is recruiting more aggressively than the Air Force. "The Air Force has always been the leader in this area," he said. Convertino's efforts reflect a government-wide effort to step up cyber- security recruiting. On Monday, the DoD co-sponsored an effort to recruit 10,000 young computer through a series of cyber-contests, known as the U.S. Cyber Challenge In an interview, Convertino said that by next year many of his recruits will have completed the hiring process and will be able to attend the conference and encourage others to enlist. The federal government has long had a hard time attracting and keeping top computer security talent, even at the very top. Although the Obama administration created a new high level cyber security advisor position earlier this year, it remains unfilled. According to a Forbes Magazine report, the job has already been turned down by several qualified candidates. Cyber-security is becoming a hot-button issue, which means more congressional interference, and for people in the field more time spent responding to political pressures instead of real security threats. The recruitment process is long and tedious -- obtaining a security clearance can take 18 months -- and the pay is generally lower than in the private sector. But the challenges are unique and at Defcon this week the DoD's chief security officer made a recruiting pitch to attendees, describing it as a place where geeks could develop world-class cyber security skills. "I have never seen in my entire career a more concerted effort.... to focus on this are area of education, training and awareness," CSO Robert Lentz told conference attendees. "Any one of you in this room who want to seek positions in the government?. the opportunities are there; the resources are there. " There might be one other reason why a government job could appeal to Defcon attendees. The feds like to talk about developing cyber-security capabilities to protect the nation's infrastructure, but they may also be spending time at Defcon looking for people who know how to attack systems as well, said Mikko Hypponen, chief research officer with security vendor F-Secure. "If you want people who know how to attack, this is the place." The IDG News Service is a Network World affiliate. From rforno at infowarrior.org Sun Aug 2 20:37:01 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 2 Aug 2009 16:37:01 -0400 Subject: [Infowarrior] - Fwd: conversation with App(le) Store References: Message-ID: <584D5A82-E76F-4779-904B-6D5A35BC7596@infowarrior.org> (c/o D) A summary transcipt of the conversation the VoiceCentral developer had with a representative of Apple's App Store after Apple pulled the developer's iPhone application: There's No App for That July 28, 2009 As has been widely reported at this point, we are very sorry to announce that Apple removed our VoiceCentral app from the App Store. This happened suddenly, swiftly and with virtually no advance notice from Apple. Repeated emails yesterday to Apple have still been ignored at this point. We did receive a voicemail at our main office from the same Richard who called our competitor. Unfortunately it wasn't until today that we were able to connect for our "conversation". The word conversation really doesn't cover it because what transpired was not informative by design and felt like theater of the absurd. It went roughly like this: Richard: "I'm calling to let you know that VoiceCentral has been removed from the App Store because it duplicates features of the iPhone." Me: "I don't understand that reasoning. By that logic wouldn't apps like Textfree, Skype, fring, or iCall be considered duplicates?" Richard: "I can't discuss other apps with you." Me: "It's not the apps themselves I want to discuss just the lack of consistency in rule enforcement." Richard: "I can only say that yours duplicates features of the iPhone and was causing confusion in the user community. It's against our policy." Me: "So what has changed that it is now against policy? It has been in the store for the last 4 months with no problem. There wasn't a problem for the 1.5 months prior to that when you were 'reviewing' it. And this didn't come up with any of the updates we submitted after it was already in the store." Richard: "I can't say - only that yours is not complying with our policy." Me: "Can you tell me what portions of the app were duplicate features?" Richard: "I can't go into granular detail." Me: "Is there something we can change or alter in order to regain compliance and get back in the Store?" Richard: "I can't say." Me: "Well if we can't figure out the issue then how will we know whether to resubmit the app. And how will we know whether to invest in any other development efforts? Future apps could be impacted." Richard: "I can't help you with that" Me: "So how do we know whether it is still viable for us to consider Apple a partner if this is how the scenario plays out. If you were in my shoes would you continue to invest blood, sweat, tears and money in something that can be killed off at any moment without your say so?" Richard: "I understand your point but I can't help you with that." Me: "Surely someone there at Apple asked you to make this phone call. Can I speak with that person about this?" Richard: "I am the only one you can speak with on this subject." Me: "There has to be someone there I can actually have a back and forth with so that we can make some strategic decisions on whether this partnership makes any sense." Richard: "You can only talk to me" Me: "Nothing personal since I know you have just been tasked to make this call but we aren't really talking here. There's no back and forth and you aren't allowed to answer any questions. Can I implore you to ask your managers if there is anyone who would be willing to speak with me and have a real conversation? I don't care if it needs to be off the record or we need to sign another top-secret NDA but we really have nothing to go on at this point. We will need to make business decisions on whether it makes any sense to continue developing." Richard: "I will relay that to my managers." Now please understand some things lost in the writing of the above dialogue: * First and foremost, the above is quoted just for grammatical presentation and none of it should be considered actual quotations. The conversation followed that basic path but included several other pleasantries and elements that I eliminated so it didn't get any longer than it already was. * Second, while I knew early on that our little chat wasn't going to go anywhere I felt it my personal mission to make him understand the difficulty of the position it puts us in. As in: We are just a small business trying to make it in these tough times and yet we will have to answer to our shared customers so give us something we can tell them. * Finally, Richard was extremely professional and very nice in every way. He was however absolutely impenetrable when it came to getting useful information. But in the end he was the messenger and we will not shoot him. We simply hope that he does in fact relay my heartfelt request for a real conversation to his management. Hopefully one of them will be empowered enough to take us up on that. Where do we go from here? There's a lot of speculation all over today about who's to blame. Is it Apple? AT&T? I'd like to know that answer too. I have my opinion on it but that's not all that important. What is far more important is the way it was handled. Once again the developer is treated terrible, given no data, and left to go back empty-handed, palms up to the collective user community. We won't make any rash decisions until the smoke clears a little over the next few days. We are going to do some more digging and weigh some more options before we announce our plans. But we will say this: someone at Apple owes us a better explanation if not an apology. (My preference would be to speak with Steve Jobs but so far we have not had a response to our email.) What can you do? Complain to Apple: http://www.apple.com/feedback/iphone.html Complain to AT&T: 1-800-331-0500 Stay tuned for more info and announcements here and via Twitter. If you have the app already please know that it will continue to function "as is" for the moment, it will just be impossible for us to provide fixes and improvements obviously. Also spread this blog post so that maybe Apple will get the message even if Richard didn't come through! From rforno at infowarrior.org Mon Aug 3 11:57:05 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Aug 2009 07:57:05 -0400 Subject: [Infowarrior] - Pricing for AP's licensing Message-ID: <8CEDE1EB-486A-4E40-8F2B-509FB5749765@infowarrior.org> Check out the AP's "per word" license fees for using its articles. They even include a handy calculator so you know how much (up to $100) you will spend based on how much of their content you want to reproduce. Three different price tiers - "for profit", "educational", and "non profit" (though the last 2 seem identical pricing) https://license.icopyright.net/rights/offer.act?inprocess=t&sid=36&tag=3.5721%3Ficx_id%3DD99R0U6G0 Talk about lunacy. Guess "AP" stands for "Assinine Press" now? -rf From rforno at infowarrior.org Mon Aug 3 12:05:15 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Aug 2009 08:05:15 -0400 Subject: [Infowarrior] - Apple's gag order on exploding iPod owner Message-ID: <5880DAE1-C57F-4DE1-AEA5-9B404559642C@infowarrior.org> Apple tried to silence owner of exploding iPod with gagging order http://technology.timesonline.co.uk/tol/news/tech_and_web/personal_tech/article6736587.ece Apple attempted to silence a father and daughter with a gagging order after the child?s iPod music player exploded and the family sought a refund from the company. The Times has learnt that the company would offer the family a full refund only if they were willing to sign a settlement form. The proposed agreement left them open to legal action if they ever disclosed the terms of the settlement. The case echoes previous circumstances in which Apple attempted to hush up incidents when its devices overheated. Ken Stanborough, 47, from Liverpool, dropped his 11-year-old daughter Ellie?s iPod Touch last month. ?It made a hissing noise,? he said. ?I could feel it getting hotter in my hand, and I thought I could see vapour?. Mr Stanborough said he threw the device out of his back door, where ?within 30 seconds there was a pop, a big puff of smoke and it went 10ft in the air?. Mr Stanborough contacted Apple and Argos, where he had bought the device for ?162. After being passed around several departments, he spoke to an Apple executive on the telephone. As a result of the conversation, Apple sent a letter to Mr Stanborough denying liability but offering a refund. The letter also stated that, in accepting the money, Mr Stanborough was to ?agree that you will keep the terms and existence of this settlement agreement completely confidential?, and that any breach of confidentiality ?may result in Apple seeking injunctive relief, damages and legal costs against the defaulting persons or parties?. ?I thought it was a very disturbing letter,? said Mr Stanborough, who is self-employed and works in electronic security. He refused to sign it. ?They?re putting a life sentence on myself, my daughter and Ellie?s mum, not to say anything to anyone. If we inadvertently did say anything, no matter what, they would take litigation against us. I thought that was absolutely appalling. ?We didn?t ask for compensation, we just asked for our money back,? he added. Last week it emerged that Apple had tried to keep a number of cases where its iPod digital music players had started to smoke, burst into flames and even burned their owners, out of the public eye. An American reporter obtained 800 pages of documentation on the cases from the Consumer Product Safety Commission (CPSC) following a Freedom of Information Act request in that country. However, she was unable to get hold of the documents for months after ?Apple?s lawyers filed exemption after exemption?. In those cases, CPSC investigators suggested that the iPods? lithium ion batteries could be the source of the problem. In 2006 Apple and Dell recalled millions of lithium ion batteries because of overheating problems in laptop computers causing fires ? some of the biggest consumer electronics recalls in history. As of September last year, 173,000,000 iPods have been sold worldwide. A number of bloggers have reported cases where iPods have exploded ? usually involving older versions of the digital music players. Last year the Japanese Government warned that iPod Nanos presented a potential fire risk, saying there had been 14 cases in the country where the players had caught alight, with two people suffering minor burns. In March, a mother in Ohio began court proceedings against Apple, after her son?s iPod Touch allegedly exploded in his pocket, burning his leg. An Apple spokesman said that, as the company had not looked at the Stanboroughs? damaged iPod, it could not comment. Argos also refused to comment. The Trading Standards Institute said that it could not comment on whether such letters were standard across the industry, but that it could understand that Apple would want to protect its reputation by trying to reach a confidential settlement. From rforno at infowarrior.org Mon Aug 3 12:28:06 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Aug 2009 08:28:06 -0400 Subject: [Infowarrior] - The Prez, The Press, The Pressure Message-ID: <3D27E7A1-2A20-43AD-89C8-FDB571DC69F3@infowarrior.org> The Prez, The Press, The Pressure Networks Grouse About Obama in Prime Time By Howard Kurtz Washington Post Staff Writer Monday, August 3, 2009 http://www.washingtonpost.com/wp-dyn/content/article/2009/08/02/AR2009080202045_pf.html In the days before President Obama's last news conference, as the networks weighed whether to give up a chunk of their precious prime time, Rahm Emanuel went straight to the top. Rather than calling ABC, the White House chief of staff phoned Bob Iger, chief executive of parent company Disney. Instead of contacting NBC, Emanuel went to Jeffrey Immelt, the chief executive of General Electric. He also spoke with Les Moonves, the chief executive of CBS, the company spun off from Viacom. Whether this amounted to undue pressure or plain old Chicago arm- twisting, Emanuel got results: the fourth hour of lucrative network time for his boss in six months. But network executives have been privately complaining to White House officials that they cannot afford to keep airing these sessions in the current economic downturn. The networks "absolutely" feel pressured, says Paul Friedman, CBS's senior vice president: "It's an enormous financial cost when the president replaces one of those prime-time hours. The news divisions also have mixed feelings about whether they are being used." While it is interesting to see how a president handles questions, Friedman says, "there was nothing" at the July 22 session, which was dominated by health-care questions. "There hardly ever is these days, because there's so much coverage all the time." Had Obama not answered the last question that evening -- declaring that the Cambridge police had acted "stupidly" in arresting Henry Louis Gates at his home -- the news conference would have been almost totally devoid of news. And that raises questions about whether the sessions have become mainly a vehicle for Obama to repeat familiar messages. Mark Whitaker, NBC's Washington bureau chief, says Obama "is at risk of overexposure" and suggests the sessions are losing their novelty. "Every time a president holds a press conference there is potential for news to be made, as he did, probably to his regret, with his comments on the Gates case," Whitaker says. Still, he says, "we would feel better" if White House officials "were approaching us with the sense that they had something new to say, rather than that they just wanted to continue a dialogue with the American people. There are other ways of continuing that dialogue than taking up an hour of prime time." Sarah Feinberg, Emanuel's spokeswoman, says that after press secretary Robert Gibbs heard that network officials had concerns about programming conflicts, "Rahm made a round of calls to network executives to discuss ways the White House could accommodate concerns." The upshot was that the news conference was moved up an hour, to 8 p.m. -- a boon to NBC, which had a 9 p.m. special featuring overnight British singing star Susan Boyle. Emanuel tried to create a sense of momentum -- calling Disney's Iger last, for instance, and saying he had secured agreement from the other two networks. Some calls had little impact. Emanuel reached GE's Immelt, a member of Obama's Economic Recovery Advisory Board, after learning that NBC chief executive Jeff Zucker was traveling. But Immelt told him that it was Zucker's decision, and a subsequent call to Zucker yielded an agreement that NBC would provide live coverage. Tensions have been building behind the scenes. Some television executives say the Bush administration informally floated possible news conference dates in advance, while Obama officials basically notify the networks of their plans. Such an approach prompted calls between White House officials and the top executives at each network, and a meeting between Gibbs and the Washington bureau chiefs. But little changed. White House officials essentially dictated the timing when they decided to hold an evening session on the 100th day of Obama's term and again on July 22. In that instance, network executives say, the White House announced the event on its Twitter feed less than an hour after informing them. Since the Reagan era, when cable news was in its infancy, prime-time presidential pressers have been a relative rarity. George H.W. Bush held one in 1992, but the broadcast networks dismissed it as an election-year event and refused to carry it. The following year, when Bill Clinton held his first evening news conference, CBS and ABC stiffed him; NBC carried the first half-hour; only CNN and PBS aired the whole thing. George W. Bush held four such events in eight years. But the networks have deemed Obama a box-office draw, featuring him on everything from "60 Minutes" to "The Tonight Show" to a 90-minute ABC town meeting on health care. Ari Fleischer, a former Bush press secretary, says the 43rd president didn't like evening news conferences -- "he thought they became more about the reporters than about him" -- but that scheduling was crucial. Once, he says, "we scheduled something on a Thursday and NBC went crazy," because several of its hits were on that night. "Frankly, it's commercial," Fleischer says. If it's not a big night for the networks, he says, "they put civic duty and pride first. But you don't go up against 'American Idol' -- not even Barack Obama." Dee Dee Myers, Clinton's first White House press secretary, says ABC and CBS rejected her first prime-time request in 1993 on grounds that the press conference was "not news." "With Obama," she says, "everyone wants to have a relationship with the president because he's been good for ratings. I've been impressed by how easily they seem to be able to roadblock an hour. No other president in TV history would have been able to do it." The financial stakes are considerable. ABC, CBS and NBC have given up as much as $40 million in advertising revenue to carry this year's East Room events. "We lose more than $3 million a show," Moonves told Mediaweek. The Fox broadcast network has declined to carry the last two Obama sessions. Every president exercises considerable control over his encounters with reporters, picking on selected journalists and deflecting questions he doesn't like. But Obama's discursive style has also tended to depress the news value of the sessions. He began the last one with an eight-minute opening statement. His answer to the first question, including a follow-up, lasted more than seven minutes. All told, the lengthy responses allowed time for only 10 reporters to be recognized. And Obama's professorial style of explaining policy at length, rather than offering punchy sound bites, may serve him well, but rarely yields dramatic headlines. One result: The audience is gradually dwindling. The last presser drew 24 million viewers, a significant number but a 50 percent decline from Obama's first such event in February. The lingering question is how much of an obligation the networks have to carry these news conferences, given that they're widely available on the cable news channels. One of the broadcast networks could demonstrate its independence, Friedman says, by breaking with the pack and refusing to air Obama's next prime-time extravaganza. But, he says, "that would take an extraordinary amount of courage." From rforno at infowarrior.org Mon Aug 3 13:42:16 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Aug 2009 09:42:16 -0400 Subject: [Infowarrior] - Google Chief Resigns as Apple Director Message-ID: <0581B4E1-E9B6-431A-A134-5BBD786989F3@infowarrior.org> Google Chief Resigns as Apple Director By JACK HEALY Published: August 3, 2009 http://www.nytimes.com/2009/08/04/technology/companies/04apple.html?hp In a sign that two longtime allies in the computer world are beginning to compete for more business, the computer maker Apple announced on Monday that Eric Schmidt, chief executive of Google, was stepping down from its board. Apple cited ?potential conflicts of interest? as Google makes a play into the market for computer operating systems. Mr. Schmidt had been on Apple?s board since August 2006, but Apple?s chief executive Steven P. Jobs said in a statement that Mr. Schmidt?s position would have been ?significantly diminished? because he would have been forced to recuse himself from more of the meetings as Google and Apple began to compete head to head. Apple said Mr. Schmidt?s resignation was a mutual decision, a statement echoed by Mr. Schmidt. ?I have very much enjoyed my time on the Apple board,? Mr. Schmidt said in a statement. ?It?s a fantastic company. But as Apple explained today we?ve agreed it makes sense for me to step down now.? Last month, Google said it was developing an operating system for personal computers based on its Chrome browser, a move that effectively started a foray into Apple?s core business, and would also compete against Microsoft?s Windows operating system. From rforno at infowarrior.org Mon Aug 3 19:36:41 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Aug 2009 15:36:41 -0400 Subject: [Infowarrior] - Hathaway Resigning as Acting Cybersecurity Czar Message-ID: <8D663778-7F47-4DEC-B1EE-4CE80837EF8C@infowarrior.org> White House Acting Cybersecurity Czar Resigns By SIOBHAN GORMAN The White House's acting cybersecurity czar announced her resignation Monday, saying in an interview that she is leaving for personal reasons. Melissa Hathaway, who completed the Obama administration's cybersecurity review in April, had initially been considered a leading contender to fill the post permanently. The White House is still working to fill the top cyberpost, which Mr. Obama created May 29. That post would report to both the National Security Council and the National Economic Council, which some cybersecurity experts said has dissuaded candidates from taking the job. Ms. Hathaway said she took her name out of the running for the post two weeks ago. She said she was leaving for personal reasons and that she plans to remain working in the cybersecurity arena. Her resignation will take effect Aug. 24. Write to Siobhan Gorman at siobhan.gorman at wsj.com http://online.wsj.com/article/SB124932480886002237.html?mod=googlenews_wsj From rforno at infowarrior.org Tue Aug 4 01:32:47 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 3 Aug 2009 21:32:47 -0400 Subject: [Infowarrior] - The AP licensing story gets nuttier.... Message-ID: AP Will Sell You A License To Words It Has No Right To Sellfrom the why-not? dept http://techdirt.com/articles/20090803/0344305756.shtml Last year, you may recall, we pointed out that the Associated Press had a laughable sliding scale price if you wanted to copy and use more than 4 words (the first 4 free!). After that, it cost $12.50 for 5 to 25 words. This, of course, ignores fair use, which (and, yes, it does depend on the circumstances) almost certainly would let most people quote more than 4 words without having to pay. But, of course, it gets worse. Boing Boing points us to a little experiment by James Grimmelmann, testing out the AP's text licensing system, where he discovers that you can put any text you want into the calculator, and the AP will gladly sell you a license. So, just for fun, Grimmelmann paid $12 for a license to a (public domain) quote from Thomas Jefferson, culled not from the AP, but from Jefferson's famous letter to Isaac McPherson, where he warns of the excesses of intellectual monopolies. < - > And, of course, there are similarly ridiculous situations, such as Dave Zatz finding out that it will cost himself $25 to quote himself (thanks johnjac). The AP keeps making a mockery of itself. Of course, the AP has put out a statement, basically mimicking the one it put out last year, saying that the icopyright stuff is not intended for bloggers. But then who is it intended for? Considering that the AP has threatened bloggers in the past for quoting its words, the whole thing seems bizarre. So you can rely on fair use if you're a blogger, but not... if you're something else? How does that make sense? I've read through our copyright laws more than a few times, and I don't recall the clause that says "fair use applies to bloggers, but not others." Update: As a few people have pointed out, after all the media attention, the AP "revoked" the license. Note the language. They didn't apologize. They didn't admit error. They didn't admit awful technology and a silly policies. They "revoked" a license they had no right to sell in the first place. At least they gave him his money back. http://techdirt.com/articles/20090803/0344305756.shtml From rforno at infowarrior.org Tue Aug 4 11:36:01 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Aug 2009 07:36:01 -0400 Subject: [Infowarrior] - OpEd: Let's not replace Hathaway Message-ID: White House ?Cyber Czar? Resigns; Let?s Not Replace Her. ? By Michael Tanji ? August 3, 2009 | ? 4:16 pm | http://www.wired.com/dangerroom/2009/08/white-house-cyber-czar-resigns-good-riddance/ The White House?s acting ?cyber czar? just resigned, with no permanent replacement in sight. Which is just fine. We can make more progress on the network security front without such a ?czar.? For starters, we?ve had reasonable facsimiles of cyber czars before ? to little effect. The studies have been done, the list of tasks complete, yet we continue to fail year after year. Second, the cyber czar, like most actual royalty in the world these days, is destined to be more figurehead than Sun King. He (or she) would have no power of service providers or industries that are both the underpinnings of cyber space and the victims of online assaults. Despite grandiose claims to the contrary, the government has very little direct impact on how safe national resources are online. Finally, even if the czar did have a lot more pull with industry than he actually would; how does she put that juice to good use? Given that the czar and the individual with the power to make things happen in cyber space are not the same person: she doesn?t. A ?czar? position is the exact opposite of what we need to successfully defeat cyber space adversaries. The botnet that denies service to your governmental web sites might have been assembled by a Brazilian, who borrowed code from an Israeli, who launders his money through a Russian. None of them have met in person, and next month they may all switch roles - and throw in some Americans and Chinese to boot - for a totally different attack. A cyber czar is fighting a network with an org chart. Forget trying to shoe-horn technology stars into government cyber security jobs (a worthy if doomed-from-the-start experiment) or creating more useless bureaucracy with another czar. We need a facilitator - someone with a lot of betweenness and closeness, to use some social networking terms - to make sure that the right people are talking, sharing, and collaborating as they best see fit. Collaboration is key to improving security and collaboration comes from trust, not edicts from the Kremlin. We?re not going to abandon our bureaucracies, so let?s move forward using that age-old mechanism for getting things done in bureaucracies: IKAGWKAG (?I know a guy who knows a guy?). The guy who knows the most guys is the guy you want in this job. Find him, and then sit back and watch what happens when you stop fighting real problems with a Visio diagram. From rforno at infowarrior.org Tue Aug 4 16:48:23 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Aug 2009 12:48:23 -0400 Subject: [Infowarrior] - =?windows-1252?q?Feds_at_DefCon_Alarmed_After_RFI?= =?windows-1252?q?D=92s_Scanned?= Message-ID: <9468BBB8-D117-4F09-93C6-83ACB88F7A19@infowarrior.org> Threat Level Privacy, Crime and Security Online Feds at DefCon Alarmed After RFID?s Scanned ? By Kim Zetter ? August 4, 2009 | http://www.wired.com/threatlevel/2009/08/fed-rfid/ LAS VEGAS ? It?s one of the most hostile hacker environments in the country ?- the DefCon hacker conference held every year in the summer in Las Vegas. But despite the fact that attendees know they should take precautions to protect their data, federal agents at the conference got a scare on Friday when they were told they might have been caught in the sights of an RFID reader. The reader, connected to a web camera, sniffed data from RFID-enabled ID cards and other documents carried by attendees in pockets and backpacks as they passed a table where the equipment was stationed in full view. It was part of a security-awareness project set up by a group of security researchers and consultants to highlight privacy issues around RFID. When the reader caught an RFID chip in its sights ? embedded in a company or government agency access card, for example ? it grabbed data from the card, and the camera snapped the card holder?s picture. But the device, which had a read range of 2 to 3 feet, caught only five people carrying RFID cards before Feds attending the conference got wind of the project and were concerned they might have been scanned. Kevin Manson, a former senior instructor at the Federal Law Enforcement Training Center in Florida, was sitting on the ?Meet the Fed? panel when a DefCon staffer known as ?Priest,? who prefers not to be identified by his real name, entered the room and told panelists about the reader. ?I saw a few jaws drop when he said that,? Manson told Threat Level. ?There was a lot of surprise,? Priest says. ?It really was a ?holy shit,? we didn?t think about that [moment].? Law enforcement and intelligence agents attend DefCon each year to garner intelligence about the latest cyber vulnerabilities and the hackers who exploit them. Some attend under their real name and affiliation, but many attend undercover. Although corporate- and government-issued ID cards embedded with RFID chips don?t reveal a card holder?s name or company ? the chip stores only a site number and unique ID number tied to company?s database where the card holder?s details are stored ? it?s not impossible to deduce the company or agency from the site number. It?s possible the researchers might also have been able to identify a Fed through the photo snapped with the captured card data or through information stored on other RFID-embedded documents in his wallet. For example, badges issued to attendees at the Black Hat conference that preceded DefCon in Las Vegas were embedded with RFID chips that contained the attendee?s name and affiliation. Many of the same people attended both conferences, and some still had their Black Hat cards with them at DefCon. But an attacker wouldn?t need the name of a cardholder to cause harm. In the case of employee access cards, a chip that contained only the employee?s card number could still be cloned to allow someone to impersonate the employee and gain access to his company or government office without knowing the employee?s name. Since employee access card numbers are generally sequential, Priest says an attacker could simply change a few digits on his cloned card to find the number of a random employee who might have higher access privileges in a facility. ?I can also make an educated guess as to what the administrator or ?root? cards are,? Priest says. ?Usually the first card assigned out is the test card; the test card usually has access to all the doors. That?s a big threat, and that?s something [that government agencies] have actually got to address.?" In some organizations, RFID cards aren?t just for entering doors; they?re also used to access computers. And in the case of RFID-enabled credit cards, RFID researcher Chris Paget says the chips contain all the information someone needs to clone the card and make fraudulent charges on it ? the account number, expiration date, CVV2 security code and, in the case of some older cards, the card holder?s name. The Meet-the-Fed panel, an annual event at DefCon, presented a target- rich environment for anyone who might have wanted to scan government RFID documents for nefarious purposes. The 22 panelists included top cyber cops and officials from the FBI, Secret Service, National Security Agency, Department of Homeland Security, Defense Department, Treasury Department and U. S. Postal Inspection. And these were just the Feds who weren?t undercover. It?s not known if any Feds were caught by the reader. The group that set it up never looked closely at the captured data before it was destroyed. Priest told Threat Level that one person caught by the camera resembled a Fed he knew, but he couldn?t positively identify him. ?But it was enough for me to be concerned,? he said. ?There were people here who were not supposed to be identified for what they were doing . . . I was [concerned] that people who didn?t want to be photographed were photographed.? Priest asked Adam Laurie, one of the researchers behind the project, to ?please do the right thing,? and Laurie removed the SD card that stored the data and smashed it. Laurie, who is known as ?Major Malfunction? in the hacker community, then briefed some of the Feds on the capabilities of the RFID reader and what it collected. The RFID project was a partnership between Laurie and Zac Franken ? co- directors of Aperture Labs in the United Kingdom and the ones who wrote the software for capturing the RFID data and supplied the hardware ? and Aries Security, which conducts security-risk assessments and runs DefCon?s annual Wall of Sheep project with other volunteers. Each year the Wall of Sheep volunteers sniff DefCon?s wireless network for unencrypted passwords and other data attendees send in the clear and project the IP addresses, login names, and truncated versions of the passwords onto a conference wall to raise awareness about using wireless networks without encryption. This year they planned to add data collected from the RFID reader and camera (at right) ? to raise awareness about a privacy threat that?s becoming increasingly prevalent as RFID chips are embedded into credit cards, employee access cards, state driver?s licenses, passports and other documents. Brian Markus, CEO of Aries who goes by the handle ?Riverside,? said they planned to blur the camera images and superimpose a sheep?s head over faces to protect identities before putting them on the wall. ?We?re not here to gather the data and do bad things with it,? he said, noting that theirs likely wasn?t the only reader collecting data from chips. ?There are people walking around the entire conference, all over the place, with RFID readers [in backpacks],? he says. ?For $30 to $50, the common, average person can put [a portable RFID-reading kit] together. . . . This is why we?re so adamant about making people aware this is very dangerous. If you don?t protect yourself, you?re potentially exposing your entire [company or agency] to all sorts of risk.? In this sense, DefCon isn?t the only hostile environment, since an attacker with a portable reader in a backpack can scan cards at hotels, malls, and subways. A more targeted attack could involve someone positioned outside a specific company or federal facility, scanning employees as they entered and left. ?It take s a few milliseconds to read [a chip] and, depending on what equipment I?ve got, doing the cloning can take a minute,? says Laurie. ?I could literally do it on the fly.? Paget announced he?ll be releasing a $50 kit at the end of August that will make reading 125-kHz RFID chips ? the kind embedded in proximity cards ? trivial. It will include open-source software for reading, storing and re-transmitting card data and will also include a software tool to decode the RFID encryption used in car keys for Toyota, BMW and Lexus models. This would allow an attacker to scan an unsuspecting car-owner?s key, decrypt the data and open the car. He told Threat Level his company H4rdw4re is aiming to achieve a reading range of 12 to 18 inches with the kit. ?I often ask people if they have an RFID card and half the people emphatically say no I do not,? says Paget. ?And then they pull out the cards to prove it and . . . there has been an RFID in their wallet. This stuff is being deployed without people knowing it.? To help prevent surreptitious readers from siphoning RFID data, a company named DIFRWear was doing a brisk business at DefCon selling leather faraday-caged wallets and passport holders (pictured at right) that prevent readers from sniffing RFID chips in proximity cards. (Dave Bullock contributed some reporting to this piece.) From rforno at infowarrior.org Tue Aug 4 16:49:33 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 4 Aug 2009 12:49:33 -0400 Subject: [Infowarrior] - SEC to Ban Flash Trades of U.S. Stocks Message-ID: <9F37D9A7-4D86-4761-B705-674E2FE39FE8@infowarrior.org> SEC to Ban Flash Trades of U.S. Stocks, Schumer Says (Update1) http://www.bloomberg.com/apps/news?pid=20601087&sid=aoCJnYcSVhYk By Edgar Ortega Aug. 4 (Bloomberg) -- The U.S. Securities and Exchange Commission plans to ban flash trades that give some brokerages an advance look at orders, Senator Charles Schumer said, citing a conversation with SEC Chairman Mary Schapiro. Schumer said Schapiro ?personally assured him that the agency plans to ban the practice? in a phone call yesterday, according to a statement. ?We salute the SEC for moving forward with this ban that will restore integrity to the markets,? Schumer said in a statement e-mailed today. ?The agency is absolutely making the right call by stepping up and ending this unfair practice.? Nasdaq OMX Group Inc., Bats Global Markets, Direct Edge Holdings LLC and the CBOE Stock Exchange give information to their clients about orders for a fraction of a second before the trades are routed to rival platforms. The systems are meant to give investors an additional opportunity to complete a transaction. Schumer told the SEC in a July 24 letter to prohibit flash orders, saying he would propose legislation barring them if the agency didn?t act. Nasdaq shares fell as much as 2.3 percent to $20.97 following Schumer?s statement. Goldman Sachs Group Inc., which says it doesn?t use flash orders for its proprietary trading, fell to $163.75 from about $165.10. To contact the reporter on this story: Edgar Ortega in New York at ebarrales at bloomberg.net Last Updated: August 4, 2009 12:01 EDT From rforno at infowarrior.org Wed Aug 5 12:32:57 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Aug 2009 08:32:57 -0400 Subject: [Infowarrior] - OT: Obama administration withholds data on clunkers Message-ID: <5DF15AF9-78E1-452E-A74E-68854478F854@infowarrior.org> Transparency, change, accountability? What's that? Oh, right - another hollow political promise that goes nowhere. Who says modern American politics is just two sides of the same uberparty? :( -rf (c/o L.R) http://news.yahoo.com/s/ap/20090804/ap_on_go_pr_wh/us_cash_for_clunkers_transparency/print Obama administration withholds data on clunkers By BRETT J. BLACKLEDGE, Associated Press Writer Brett J. Blackledge, Associated Press Writer Tue Aug 4, 4:46 pm ET WASHINGTON ? The Obama administration is refusing to quickly release government records on its "cash-for-clunkers" rebate program that would substantiate ? or undercut ? White House claims of the program's success, even as the president presses the Senate for a quick vote for $2 billion to boost car sales. The Transportation Department said it will provide the data as soon as possible but did not specify a time frame or promise release of the data before the Senate votes whether to spend $2 billion more on the program. Transportation Secretary Ray LaHood said Sunday the government would release electronic records about the program, and President Barack Obama has pledged greater transparency for his administration. But the Transportation Department, which has collected details on about 157,000 rebate requests, won't release sales data that dealers provided showing how much U.S. car manufacturers are benefiting from the $1 billion initially pumped into the program. The Associated Press has sought release of the data since last week. Rae Tyson, spokesman for the National Highway Traffic Safety Administration, said the agency will provide the data requested as soon as possible. DOT officials already have received electronic details from car dealers of each trade-in transaction. The agency receives regular analyses of the sales data, producing helpful talking points for LaHood, White House spokesman Robert Gibbs and other officials to use when urging more funding. LaHood said in an interview Sunday he would make the electronic records available. "I can't think of any reason why we wouldn't do it," he said. LaHood, the program's chief salesman, has pitched the rebates as good for America, good for car buyers, good for the environment, good for the economy. But it's difficult to determine whether the administration is overselling the claim without seeing what's being sold, what's being traded in and where the cars are being sold. LaHood, for example, promotes the fact that the Ford Focus so far is at the top of the list of new cars purchased under the program. But the limited information released so far shows most buyers are not picking Ford, Chrysler or General Motors vehicles, and six of the top 10 vehicles purchased are Honda, Toyota and Hyundai. LaHood has called the popular rebates to car buyers "the lifeline that will bring back the automobile industry in America." He and other advocates are citing program data to promote passage of another $2 billion for the incentives -- claiming dealers sold cars that are 61 percent more fuel efficient than trade-ins. LaHood also said this week that even if buyers aren't choosing cars made by U.S. automobile manufacturers, many of the Honda, Toyota and Hyundai cars sold were made in those companies' American plants. But there's no way to verify his claims without access to DOT's data. Senate GOP leader Mitch McConnell of Kentucky has argued against quick approval of $2 billion for the program because little is known about the first round of $3,500 and $4,500 rebates. "We don't have the results of the first $1 billion," McConnell spokesman Don Stewart said. "You don't have them. We don't have them. DOT doesn't have all of it. We'd hate to make a mistake on something like that." From rforno at infowarrior.org Wed Aug 5 12:35:37 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Aug 2009 08:35:37 -0400 Subject: [Infowarrior] - Iraq to impose controls on Internet Message-ID: <2A263CDF-2FEA-4625-B18F-9EBCDF081E65@infowarrior.org> Iraq to impose controls on Internet Aug 4 11:45 AM US/Eastern By SINAN SALAHEDDIN Associated Press Writer http://www.breitbart.com/print.php?id=D99S5FA80&show_article=1 BAGHDAD (AP) - The Iraqi government has decided to crack down on Internet service providers and ban sites that incite violence or carry pornography, officials said Tuesday, a move that has been strongly criticized by freedom of speech advocates as a dangerous first step toward political censorship. The plan to strengthen government control of content and usage will require Internet cafes?and later the service providers as well?to obtain licenses that are subject to government review and cancellation if compliance requirements are not met. "All Web sites that glorify terrorism and incite violence and sectarianism, or those that violate social morals with content such as pornography will be banned," communications ministry spokesman Sameer al-Hasoon told The Associated Press by phone Tuesday. Al-Hasoon refused to divulge further details of the committee's recommendations, but said he expected them to be approved by the Cabinet next week. The next step would be for the government to send the draft legislation to parliament. Another official said the ministry is planning to license five of the 10 wireless Internet service providers currently operating in Iraq. He refused to say why the five were chosen, but said the tightened restrictions will implemented in coordination with the Interior Ministry's anti-Internet crimes directorate. The official spoke on condition of anonymity as he was not authorized to make statements to the media. The plan to tighten government controls has raised concerns about the protection of constitutional freedoms. Since the fall of Saddam Hussein in 2003, Iraq has had relatively lax restrictions on Internet providers compared with some of its Muslim neighbors. The officials said their concern is primarily over sites that promote violence. They also say they want to ensure that the online fare readily available at Internet cafes does not get too far out of step with Iraq's social mores. But the Baghdad-based independent Journalistic Freedom Observatory denounced the step as an "attempt to control the flow of free information on the Internet and limit the knowledge of the citizens." The JFO also claimed the plan violates the Iraqi constitution, which guarantees the freedom of mail, telegrams, phone and electronic communications. The constitution, enacted in 2005, says such communications cannot be "monitored, tabbed or revealed." "Excuses of protecting national security or moral standards are unacceptable," the JFO said in a statement. "It is only being used to censor Internet service and control freedom of expression." The group said the plan opens the door for tighter controls, particularly over political discussions, dissent or debate on issues that are sensitive to the government. It says the controls are a throwback to the days of Saddam, when access to the Internet was limited to just one provider and e-mail and phone calls were monitored and censored by the Ministry of Communications and security agencies. After Saddam was toppled in the 2003 U.S.-led invasion, dozens of wireless Internet providers started business and hundreds of Internet cafes were opened in the capital, Baghdad, and other provinces. "No one opposes blacking out web sites that offer pornography because of the damage such sites bring to society," said Hassan al-Kaabi, the 26-year-old owner of an Internet cafe in Baghdad's eastern Shiite neighborhood of Sadr City. "But the government decision that deals with web sites that incite violence and terrorism is vague and needs more clarification." Al-Kaabi, who has 12 computers and offers wireless service to about 80 subscribers, said he is worried about his future and the gains Iraq has made since Saddam's ouster. "This is just like a trap to me," he said. "This will definitely affect our business." Copyright 2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed. From rforno at infowarrior.org Wed Aug 5 17:24:39 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Aug 2009 13:24:39 -0400 Subject: [Infowarrior] - Apple censoring a dictionary Message-ID: <86F3BFE0-7427-4C9D-8D44-0BBC4C0C619C@infowarrior.org> (c/o DO and GK) Apple's new low: censoring a dictionary http://www.engadget.com/2009/08/05/apples-new-low-censoring-a-dictionary/ From rforno at infowarrior.org Wed Aug 5 18:16:23 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Aug 2009 14:16:23 -0400 Subject: [Infowarrior] - Medical Papers by Ghostwriters Pushed Therapy Message-ID: August 5, 2009 Medical Papers by Ghostwriters Pushed Therapy By NATASHA SINGER http://www.nytimes.com/2009/08/05/health/research/05ghost.html?_r=1&hp=&pagewanted=print Newly unveiled court documents show that ghostwriters paid by a pharmaceutical company played a major role in producing 26 scientific papers backing the use of hormone replacement therapy in women, suggesting that the level of hidden industry influence on medical literature is broader than previously known. The articles, published in medical journals between 1998 and 2005, emphasized the benefits and de-emphasized the risks of taking hormones to protect against maladies like aging skin, heart disease and dementia. That supposed medical consensus benefited Wyeth, the pharmaceutical company that paid a medical communications firm to draft the papers, as sales of its hormone drugs, called Premarin and Prempro, soared to nearly $2 billion in 2001. But the seeming consensus fell apart in 2002 when a huge federal study on hormone therapy was stopped after researchers found that menopausal women who took certain hormones had an increased risk of invasive breast cancer, heart disease and stroke. A later study found that hormones increased the risk of dementia in older patients. The ghostwritten papers were typically review articles, in which an author weighs a large body of medical research and offers a bottom- line judgment about how to treat a particular ailment. The articles appeared in 18 medical journals, including The American Journal of Obstetrics and Gynecology and The International Journal of Cardiology. The articles did not disclose Wyeth?s role in initiating and paying for the work. Elsevier, the publisher of some of the journals, said it was disturbed by the allegations of ghostwriting and would investigate. The documents on ghostwriting were uncovered by lawyers suing Wyeth and were made public after a request in court from PLoS Medicine, a medical journal from the Public Library of Science, and The New York Times. A spokesman for Wyeth said that the articles were scientifically accurate and that pharmaceutical companies routinely hired medical writing companies to assist authors in drafting manuscripts. The court documents provide a detailed paper trail showing how Wyeth contracted with a medical communications company to outline articles, draft them and then solicit top physicians to sign their names, even though many of the doctors contributed little or no writing. The documents suggest the practice went well beyond the case of Wyeth and hormone therapy, involving numerous drugs from other pharmaceutical companies. ?It?s almost like steroids and baseball,? said Dr. Joseph S. Ross, an assistant professor of geriatrics at Mount Sinai School of Medicine in New York, who has conducted research on ghostwriting. ?You don?t know who was using and who wasn?t; you don?t know which articles are tainted and which aren?t.? Because physicians rely on medical literature, the concern about ghostwriting is that doctors might change their prescribing habits after reading certain articles, unaware they were commissioned by a drug company. ?The filter is missing when the reader does not know that the germ of an article came from the manufacturer,? said James Szaller, a lawyer in Cleveland who has spent four years going through the ghostwriting documents on behalf of hormone therapy plaintiffs. Wyeth faces about 8,400 lawsuits from women who claim that the company?s hormone drugs caused them to develop illnesses. Twenty-three of the 31 cases that had been set for trial were resolved in Wyeth?s favor; the company has also settled with five plaintiffs. Others cases are on appeal. Doug Petkus, a spokesman for Wyeth, said the articles on hormone therapy were scientifically sound and subjected to rigorous review by outside experts on behalf of the medical journals that published them. Although Wyeth continues to work with medical writing firms, the company adopted a policy in 2006 mandating that authors become involved early in the publication process and that any financial assistance by Wyeth or contributions by medical writers be acknowledged in the published text, said Stephen Urbanczyk, a lawyer representing Wyeth. Doctors have long debated the merits and risks of hormone therapy to treat the symptoms of menopause. Although studies have shown that hormones have benefits like reducing the incidence of hip fractures, they have also shown that the drugs can increase the risk of various cancers. At one time, the Premarin family of drugs, which dominated the market for hormone therapy, was among Wyeth?s best-selling brands. And the company worked with several ghostwriting companies to maintain that dominance. In 1997, for example, DesignWrite, a medical communications company in Princeton, N.J., proposed to Wyeth a two-year plan that would include the preparation of about 30 articles for publication in medical journals. The development of an article on the treatment of menopausal hot flashes and night sweats illustrates DesignWrite?s methodology. Sometime in 2003, a DesignWrite employee wrote a 14-page outline of the article; the author was listed as ?TBD? ? to be decided. In July 2003, DesignWrite sent the outline to Dr. Gloria Bachmann, a professor of obstetrics and gynecology at the Robert Wood Johnson Medical School in New Brunswick, N.J. Dr. Bachmann responded in an e-mail message to DesignWrite: ?Outline is excellent as written.? In September 2003, DesignWrite e-mailed Dr. Bachmann the first draft of the article. She also pronounced that ?excellent? and added, ?I only had one correction which I highlighted in red.? The article, a nearly verbatim copy of the DesignWrite draft, appeared in 2005 in The Journal of Reproductive Medicine, with Dr. Bachmann listed as the primary author. It described hormone drugs as the ?gold standard? for treating hot flashes and was less enthusiastic about other therapies. The acknowledgments thanked several medical writers for their ?editorial assistance,? not disclosing that those writers worked for DesignWrite, which charged Wyeth $25,000 to generate the article. Dr. Bachmann, who has 30 years of research and clinical experience in menopause, said she played a major role in the publication by lending her expertise. Her e-mail messages do not reflect contributions she may have made during phone calls and in-person meetings, she said. ?There was a need for a review article and I said ?Yes, I will review the draft and make sure it is accurate,? ? Dr. Bachmann said in an interview Tuesday. ?This is my work, this is what I believe, this is reflective of my view.? In response to a query from a reporter, Michael Platt, the president of DesignWrite, wrote that the company ?has not, and will not, participate in the publication of any material in which it does not have complete confidence in the scientific validity of the content, based upon the best available data.? As medical journals learn more about ghostwriting through documents released in lawsuits and in Congress, some editors have started asking authors harder questions. A few leading journals, like The Journal of the American Medical Association, have instituted authorship forms that require contributors to detail their role in an article and to disclose conflicts of interest. But many journals have yet to take such steps. From rforno at infowarrior.org Wed Aug 5 23:12:23 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Aug 2009 19:12:23 -0400 Subject: [Infowarrior] - OT Video: Web Site Story Message-ID: <667C43DF-F667-406C-808B-250D1A80B4AC@infowarrior.org> (c/o Anonymous) We all need some web humour today!!! :) http://www.collegehumor.com/video:1913584 From rforno at infowarrior.org Thu Aug 6 02:41:37 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 5 Aug 2009 22:41:37 -0400 Subject: [Infowarrior] - WH Redefining Counterterrorism Message-ID: Obama's Battle Against Terrorism To Go Beyond Bombs and Bullets By Spencer S. Hsu and Joby Warrick Washington Post Staff Writers Thursday, August 6, 2009 http://www.washingtonpost.com/wp-dyn/content/article/2009/08/05/AR2009080503940.html?hpid=topnews The U.S. government must fundamentally redefine the struggle against terrorism, replacing the "war on terror" with a campaign combining all facets of national power to defeat the enemy, John O. Brennan, President Obama's senior counterterrorism adviser, said Wednesday. Previewing what aides said will be the administration's most comprehensive statement to date of its long-term strategy to defeat al- Qaeda and other violent extremists worldwide, Brennan said in an interview that the United States will maintain "unrelenting" pressure on terrorist safe havens, including those near the Afghanistan- Pakistan border, in Yemen and in Somalia. However, Washington must couple the military strikes that have depleted al-Qaeda's middle ranks with more sustained use of economic, diplomatic and cultural levers to diminish Islamist radicalization, he said, exercising "soft power" in ways that President George W. Bush came to embrace but had trouble carrying out. "It needs to be much more than a kinetic effort, an intelligence, law enforcement effort. It has to be much more comprehensive," said Brennan, who will address the Center for Strategic and International Studies on Thursday. "This is not a 'war on terror.' . . . We cannot let the terror prism guide how we're going to interact and be involved in different parts of the world." Calmer Discussion The U.S. shift in tone comes as Obama national security officials, six months after taking office, are seeking to maintain a fragile bipartisan consensus over continuing Bush-era policies that damaged al- Qaeda. While Obama campaigned on similar themes -- and a White House budget office memo in March notably retired the "Global War on Terror" moniker -- aides now seem to be trying to fill in the blanks, defining the threat and U.S. goals and challenges. The time has come to "lower the temperature of the discourse . . . and soberly discuss what steps we want to take and not take," said Michael E. Leiter, the director of the National Counterterrorism Center, the U.S. clearinghouse for analyzing terrorism threats. "What we've learned over the last several years is, nuance is important here." A Holistic Approach U.S. officials are advancing American ideals -- promoting political participation and economic development -- and attacking the factors that breed terrorism, Brennan said. "We are not saying that poverty causes terrorism, or disenfranchisement causes terrorism, but we can't mistake there are certain phenomena that contribute to it," he said. "Terrorism needs to be fought against and certainly delegitimized or attacked, but some of the underlying grievances that might in fact lead individuals astray to terrorism cannot be ignored." Brennan is in some respects an intriguing choice to deliver the new message. A former career CIA analyst, Saudi Arabia station chief, and chief of staff to former director George J. Tenet, he was heavily involved in CIA counterterrorism operations for most of his 25-year career, helping stand up the NCTC under Bush before retiring in 2004. After liberal critics questioned Brennan's role in post-9/11 detention and interrogation policies, he withdrew from consideration as CIA chief and Obama moved him to the White House. Brennan's "Jesuit-like" demeanor has made him a key bridge between administrations, said David Cohen, a CIA veteran and now New York Police Department counterterrorism official. Brennan has also brought perspective to internal debates over intelligence policy in the Obama White House, where few senior officials have exposure to the world of spycraft, intelligence officials said. Brennan is known to have opposed declassifying Bush administration legal opinions that authorized harsh CIA interrogations, though the Obama White House acted contrary to his advice. "John understands how intelligence and policy support one another -- that's a major asset," said CIA director Leon Panetta, whom Obama subsequently named. "He is a vital link between the CIA and the NSC." "His portfolio is growing, not shrinking," said Mark Lippert, a longtime Obama foreign policy aide and now chief of staff for the National Security Council, which is run by Brennan's boss, national security adviser James L. Jones. Brennan's role spans terrorism, cybersecurity, swine flu and some intelligence matters. "He has the president's trust. . . . Folks from all parts of the policy and intelligence community respect him," Lippert said. Even as the Obama administration softens U.S. rhetoric, it continues a controversial policy of attacking suspected al-Qaeda and Taliban safe houses inside Pakistan's autonomous tribal region. A missile apparently launched by CIA Predator drone struck a house in Pakistan on Wednesday, killing a woman identified as the wife of Baitullah Mehsud, a Taliban commander linked to the assassination of former Pakistani prime minister Benazir Bhutto. Pressuring Al-Qaeda Unmanned drones have struck targets in Pakistan at least 31 times this year, killing more than 360 people, according to a tally by the Web site the Long War Journal. Such attacks are opposed by some prominent Defense officials who say the strikes are counterproductive because they fuel anti-Western sentiment in Pakistan. Brennan, who declined to comment on CIA operations in the region, acknowledged internal disagreements but said it was important to keep up the pressure on al-Qaeda. "It's important to maintain the offensive against what are clearly terrorist training facilities and camps, and we're working closely with the Afghanistan and Pakistan governments to root out these facilities," he said. At the same time, the use of lethal force must be "very focused, and insure that we are not incurring any type of collateral damage." From rforno at infowarrior.org Thu Aug 6 11:48:25 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Aug 2009 07:48:25 -0400 Subject: [Infowarrior] - Cool kids abandon social networking sites Message-ID: It's SO over: cool cyberkids abandon social networking sites ? Datablog: get the numbers behind this story http://www.guardian.co.uk/media/2009/aug/06/young-abandon-social-networking-sites From uncles wearing skinny jeans to mothers investing in ra-ra skirts and fathers nodding awkwardly along to the latest grime record, the older generation has long known that the surest way to kill a youth trend is to adopt it as its own. The cyberworld, it seems, is no exception. The proliferation of parents and teachers trawling the pages of Facebook trying to poke old schoolfriends and lovers, and traversing the outer reaches of MySpace is causing an adolescent exodus from the social networking sites, according to research from the media regulator Ofcom. The sites, once the virtual streetcorners, pubs and clubs for millions of 15- to 24-year-olds, have now been over-run by 25- to 34-year-olds whose presence is driving their younger peers away. Is Facebook for old fogies? The Guardian's Richard Wray investigates Link to this audio Although their love of being online shows no sign of abating, the percentage of 15- to 24-year-olds who have a profile on a social networking site has dropped for the first time ? from 55% at the start of last year to 50% this year. In contrast, 46% of 25- to 34-year-olds are now regularly checking up on sites such as Facebook compared with 40% last year. Overall, 30% of British adults have a social networking profile, against 21% in 2007 when Ofcom first did the research. Half the UK's online population have a Facebook profile and spend an average of nearly six hours a month on the site compared with four hours in May 2008. "There is nothing to suggest overall usage of the internet among 15-to 24-year-olds is going down," said Peter Phillips, the regulator's head of strategy. "Data suggests they are spending less time on social networking sites." James Thickett, director of market research at Ofcom, said that while older people seemed to be embracing social networking sites, Facebook and MySpace remained immensely popular with children under 16. "Clearly take-up among under 16-year-olds is very high ? so we cannot say for certain whether this is people in a certain age group who are not setting up social networking profiles or whether it's a population shift which is reflecting people getting older and having a social networking profile that they set up two years ago," he said. "The main point is the profile of social networking users is getting older." The arrival of the 25- to 34-year-old age group, meanwhile, also appears to be behind the explosion in usage of Twitter. From rforno at infowarrior.org Thu Aug 6 11:55:12 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Aug 2009 07:55:12 -0400 Subject: [Infowarrior] - Reuters Prez: 'News Linking is Good' Message-ID: Well said!! -rf 16:09 August 4th, 2009 Why I believe in the link economy http://blogs.reuters.com/mediafile/2009/08/04/why-i-believe-in-the-link-economy/ The following is a guest column by Chris Ahearn, President, Media at Thomson Reuters. ?Do unto others? It?s a simple standard my mom taught me when I was a kid ? yours probably taught it too. It isn?t always easy, but in business it?s a good guiding light if you don?t want your company to be evil. Recently there has been a rising crescendo of finger-pointing, shrieking, braying and teeth-gnashing about the future of the news. In the last couple of weeks there have been many comments on the AP?s proposals, Attributor?s proposals, Ian Shapira?s story and fair use. After some of the AP commentary, I posted a tweet directed at Jeff Jarvis that prompted some members in the community to ask me to be more outspoken, asking me to be blatant about it, to post a public statement. For those who know me, I usually don?t need to be asked. To start, yes the global economy is fairly grim and the cyclical aspects of our business are biting extremely hard in the face of the structural changes. But the Internet isn?t killing the news business any more than TV killed radio or radio killed the newspaper. Incumbent business leaders in news haven?t been keeping up. Many leaders continue to help push the business into the ditch by wasting ?resources? (management speak for talented people) on recycling commodity news. Reader habits are changing and vertically curated views need to be meshed with horizontal read-around ones. Blaming the new leaders or aggregators for disrupting the business of the old leaders, or saber-rattling and threatening to sue are not business strategies ? they are personal therapy sessions. Go ask a music executive how well it works. A better approach is to have a general agreement among community members to treat others? content, business and ideas with the same respect you would want them to treat yours. If you are doing something that you would object to if others did it to you ? stop. If you don?t want search engines linking to you, insert code to ban them. I believe in the link economy. Please feel free to link to our stories ? it adds value to all producers of content. I believe you should play fair and encourage your readers to read-around to what others are producing if you use it and find it interesting. I don?t believe you could or should charge others for simply linking to your content. Appropriate excerpting and referencing are not only acceptable, but encouraged. If someone wants to create a business on the back of others? original content, the parties should have a business relationship that benefits both. Let?s stop whining and start having real conversations across party lines. Let?s get online publishers, search engines, aggregators, ad networks, and self-publishers (bloggers) in a virtual room and determine how we can all get along. I don?t believe any one of us should be the self-appointed Internet police; agreeing on a code of conduct and ethics is in everyone?s best interests. Our news ecosystem is evolving and learning how it can be open, diverse, inclusive and effective. With all the new tools and capabilities we should be entering a new golden age of journalism ? call it journalism 3.0. Let?s identify how we can birth it and agree what is ?fair use? or ?fair compensation? and have a conversation about how we can work together to fuel a vibrant, productive and trusted digital news industry. Let?s identify business models that are inclusive and that create a win-win relationship for all parties. This is not code for some hidden agenda ? it is an open call for collective problem solving. Let?s do it wiki-style and edit it in the public domain. Let?s define the code of conduct and ethics we would all like to operate under. My suggestion is we start with ?do unto others? as our guiding spirit ? I bet it would make all of our mothers proud. Post your comments below (good, bad or ugly) or send me an email. You can reach me directly at chris.ahearn at thomsonreuters.com or via twitter From rforno at infowarrior.org Thu Aug 6 12:02:59 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Aug 2009 08:02:59 -0400 Subject: [Infowarrior] - Scientology's Hubbard 'exposed as fraud' Message-ID: <0BB2E71B-6E26-464A-9176-945E6ECC8667@infowarrior.org> August 6, 2009 Secret mission to expose L. Ron Hubbard as a fake Dominic Kennedy, Investigations Editor http://www.timesonline.co.uk/tol/news/uk/article6740831.ece#cid=OTC- RSS&attr=797093 The founder of Scientology, L. Ron Hubbard, was exposed as a fraud 30 years ago by British diplomats who were investigating his qualifications. The science-fiction writer, who invented a religion now followed by celebrities such as Tom Cruise, awarded himself a PhD from a sham ?diploma mill? college that he had acquired, the diplomats found. Such was the climate of fear and paranoia surrounding Scientology that the US believed the sect had sent bogus doctors to declare a high- ranking legal investigator mad and then taken his papers relating to the case. Scientologists threatened to sue the British Government for libel after it acted in 1968 to ban followers from entering the country to visit the sect?s world headquarters in East Grinstead, West Sussex. To defend itself, Britain needed to establish whether Lafayette Ron Hubbard was a charlatan. Department of Health files, some closed until 2019, have been released early to The Times by the National Archives after a successful request under the Freedom of Information Act. The papers include a signed statement by a former senior Scientologist who said that he had been informed of the doctorate scam by one of Hubbard?s collaborators. ?I understand it is asserted that L. Ron Hubbard was awarded the degree of Doctor of Philosophy by Sequoia University on February 10, 1953, in recognition of his outstanding work in the fields of Dianetics and Scientology and that the said degree was recorded with the Department of Education of the State of California,? John McMaster stated. ?The position is L. Ron Hubbard [and others] acquired premises somewhere in Los Angeles which they had registered as a university called Sequoia and immediately awarded each other doctorates.? Dianetics is the so-called ?science? founded by Hubbard to provide spiritual healing. Whitehall officials, keen to learn if Hubbard was truly a man of letters, asked the British Consulate in Los Angeles to investigate him. They sent an urgent confidential request asking whether he had founded the university, if the degree was self-awarded and what was the standing of the institution. ?Grateful if you will make discreet and confidential inquiries and telegraph early reply,? said the author of a telegram from London. The answer came from Los Angeles on April 26, 1977: ?After exhaustive enquiries we have now tracked down organisation named which was closed down by state authorities in 1971 and all documents impounded. The facts are that it neither has nor ever had approval and its status is not recognised in California . . . It is a ?will of the wisp? organisation which has no premises and does not really exist. It has not and never had any authority whatso-ever to issue diplomas or degrees and the dean is sought by the authorities ?for questioning?.? The diplomat said that Californian authorities had voluminous files on the college. Papers released by the National Archives include a Sequoia University brochure offering an osteopathic medicine qualification that was supposedly internationally accredited. A memo from the California education department dated 1974 states that this shows that the ?diploma mill? is ?still in business as usual, in a new field this time?. A letter from the bureau of school approvals states: ?This institution has never been approved or recognised by this office. Repeated attempts have been made to obtain compliance with the legal requirements. None of these attempts have proved successful.? The remarkable allegation that Scientologists were suspected of posing as doctors to rid themselves of an inquisitor and evidence against them emerges in a further British telegram. On May 18, 1977, Louis Sherbourne, of the British Consulate-General in Los Angeles, wrote a confidential message showing how nervous US officials had become of Scientology. ?We have now come up against the usual brick wall of missing files and silence, each and every person and organisation treading very warily for fear of a libel or slander action.? Mr Sherbourne wrote that Sequoia had been founded by ?Rev Fr Damian Hough alias Dr Joseph William Hough? in 1939 as a ?diploma mill?. ?Apart from the suspicion that Hubbard bought the university from Hough to serve the needs of the Scientology organisation, we can establish no other positive connection,? he said. ?United States Internal Revenue Services tried hard to obtain firmer evidence but appear to have failed. A recent attempt to resurrect the enquiry resulted in all the papers from 1939 to 1963 being sent to Sacramento to the office of the State Attorney General. ?By ?an amazing coincidence? the Deputy Attorney General dealing with them was taken ill and after seeing some ?doctors? was retired ?due to his mental health?. My very incensed informant in the California Department of Education is convinced that the ?doctors? were scientologists who hypnotised him into mental ill-health and he feels very bitter but can do nothing about it.? A spokeswoman for the Church of Scientology said the suggestion that Scientologists had hypnotised a deputy attorney general was ?simply reflective of how astronomically paranoid they were?. Branching out from Berlin Germany The Church of Scientology has opened an office in Berlin to act as its main lobbying centre in Europe. The Agency for the Protection of the Constitution (BfV), which monitors terrorist groups, keeps it under close observation. The German Government blocked filming of Valkyrie in certain locations, partly due to the involvement of its star, Tom Cruise, right, in Scientology. France Regards Scientology as a cult. In May a former member sued the Church, saying that she had been pressurised into handing over large sums of money. Britain The protest group Anonymous has demanded that the Church?s tax status be revoked (it is exempt from VAT). Czech Republic The establishment of a ?non-religious? primary school in Brno was approved in May. It will teach children according to L. Ron Hubbard?s methods. Source: Times archives dkennedy at thetimes.co.uk From rforno at infowarrior.org Thu Aug 6 12:11:07 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Aug 2009 08:11:07 -0400 Subject: [Infowarrior] - Is Adobe the next (pre-2002) Microsoft? Message-ID: Is Adobe the next (pre-2002) Microsoft? by Elinor Mills If you are a criminal and you want to break into a network a common attack method is to exploit a hole in software that exists on most computers, has its fair share of holes and isn't automatically updated. In 2002, that would have been Windows. Today, it's likely to be Adobe Reader or Flash Player, whose shares of vulnerabilities and exploits are on the rise while Microsoft's is falling. Nearly half of targeted attacks exploit holes in Acrobat Reader, which is used to read PDF (portable document format) files, according to F- Secure. Meanwhile, the number of PDF files used in dangerous Web drive- by attacks jumped from 128 during the first three and a half months of last year to more than 2,300 during that time this year, the company said. In addition, there are more and more Zero-Day holes, vulnerabilities that are public before a patch is available. Like sitting ducks, users of affected software are left wide open to attack until a fix is available. There have been Zero-Day exploits for the Flash Player plug-in, used for viewing rich media like videos and interactive charts on Web sites. And in one case this spring, a Zero-Day hole in Adobe Reader spurred security experts to recommend that users disable JavaScript. One security researcher at Black Hat last week, who asked to remain anonymous, said: "As a result of the number of Zero-Day attacks on PDFs this year, large banks hate Adobe." < - > http://news.cnet.com/8301-27080_3-10304455-245.html?part=rss&subj=news&tag=2547-1_3-0-20 From rforno at infowarrior.org Thu Aug 6 15:26:36 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Aug 2009 11:26:36 -0400 Subject: [Infowarrior] - Twitter, Livejournal reportedly down Message-ID: Twitter Attacked by Hackers; Service Disrupted Across US Published: Thursday, 6 Aug 2009 | 11:15 AM ET Text Size By: Jim Goldman Silicon Valley Bureau Chief http://www.cnbc.com/id/32315027 The popular social networking site Twitter had its service disrupted acrross the US Thursday, the victim of an attack by hackers. The service has been disrupted since 9 am EST. Another social networking site, LiveJournal, also is down, CNBC has learned. Twitter, whose popularity has exploded over the past year, currently has some 45 million users across the US. Twitter co founder Biz Stone released this statement to CNBC: "We are currently defending against a Denial of Service attack on this otherwise happy Thursday morning. Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. As I said, we are defending against this attack now and we'll continue to update our status blog as we continue to defend and later." ? 2009 CNBC.com From rforno at infowarrior.org Fri Aug 7 02:59:00 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 6 Aug 2009 22:59:00 -0400 Subject: [Infowarrior] - Question: Laptops and PII Message-ID: <8D50B847-2B82-4615-B86F-4103BDA65354@infowarrior.org> Would someone tell me why large quantities of PII are being toted around on a fscking laptop in the first place? -rick Stolen laptop holds Army Guard members' data (2009 - today) http://www.msnbc.msn.com/id/32304147/ns/technology_and_science-security/ ..... then a 5-min Google search going back to 2005: Lost laptop contains 1 million social security numbers (2009) http://blog.internetnews.com/agoldman/2009/04/lost-laptop-okdhs.html Laptop With Social Security Numbers Swiped (2008) http://www.redorbit.com/news/technology/1597808/laptop_with_social_security_numbers_swiped/ Stolen Laptop Had 268,000 Social Security Numbers (2007) http://wcco.com/local/stolen.laptop.social.2.603413.html Lost IRS laptop stored employee fingerprints (2006) http://www.msnbc.msn.com/id/13152636/ UC Berkeley police investigating theft of laptop containing grad student ID data (2005) http://berkeley.edu/news/media/releases/2005/03/28_security.shtml From rforno at infowarrior.org Fri Aug 7 11:16:06 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Aug 2009 07:16:06 -0400 Subject: [Infowarrior] - UK: CCTVs in homes? Message-ID: <77C8C3EB-6392-4063-840A-AB7B9F0018F6@infowarrior.org> (c/o AJ R) Britain To Put CCTV Cameras Inside Private Homes ? By Charlie Sorrel ? August 3, 2009 | ? 8:36 am | http://www.wired.com/gadgetlab/2009/08/britain-to-put-cctv-cameras-inside-private-homes/ -Brit, I?m well aware of the authorities? love of surveillance and snooping, but even I, a pessimistic cynic, am amazed by the governments latest plan: to install Orwell?s telescreens in 20,000 homes. ?400 million ($668 million) will be spend on installing and monitoring CCTV cameras in the homes of private citizens. Why? To make sure the kids are doing their homework, going to bed early and eating their vegetables. The scheme has, astonishingly, already been running in 2,000 family homes. The government?s ?children?s secretary? Ed Balls is behind the plan, which is aimed at problem, antisocial families. The idea is that, if a child has a more stable home life, he or she will be less likely to stray into crime and drugs. It gets worse. The government is also maintaining a private army, incredibly not called ?Thought Police?, which will ?be sent round to carry out home checks,? according to the Sunday Express. And in a scheme which firmly cements the nation?s reputation as a ?nanny state?, the kids and their families will be forced to sign ?behavior contracts? which will ?set out parents? duties to ensure children behave and do their homework.? And remember, this is the left-wing government. The Shadow Home Secretary Chris Grayling, batting for the conservatives, thinks these plans are ?too little, and too late,? implying that even more obtrusive work needs to be done. Rumors that a new detention center, named Room 101, is being constructed inside the Ministry of Love are unconfirmed. UPDATE: Further research shows that the Express didn?t quite have all its facts straight. This scheme is active, and the numbers are fairly accurate (if estimated), but the mentions of actual cameras in people?s homes are exaggerated. The truth is that the scheme can take the most troublesome families out of their homes and move them, temporarily, to a neutral, government-run compound. Here they will be under 24-hour supervision. CCTV cameras are not specifically mentioned, not are they denied, but 24-hour ?supervision? certainly doesn?t rule this out from the camera-loving Brits. It remains, though, that this is still excessively intrusive into the private lives of citizens, cameras or not. I have added links to the source and also more reliable reports. Thanks to everyone who wrote in. From rforno at infowarrior.org Fri Aug 7 11:21:39 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Aug 2009 07:21:39 -0400 Subject: [Infowarrior] - Responses to: Laptops and PII Message-ID: <724F96F1-0E17-4EFB-86A1-4F4315F3B940@infowarrior.org> From various folks last evening: If any one of those lappies is recovered and found WITHOUT total cryp on the hard drive, well, that makes a case for severe public flogging. But... inasmuch as the drive is encrypted? No, fuck it -- that's still freakin' grievous -- when I was on the road for DoD earlier this year, I was assigned a Toughbook. It had several gigs of rather important data, and... well, AFTER I installed TrueCrypt on it (it was given to me without /anything/), I still looked after the damn thing like it was my left nut. Why? Well for one, I didn't wanna' have to replace it! And, you know, all that data that we didn't want released into the open... *sighs* ===== In the US, the Congress are the whores of business. Business tells Congress that business are the victims, and not the individual whose lives might be ruined. For example, until the Identity Theft Assumption and Deterrence Act, only creditors were the victims. Because individuals are generally not considered victims, there is little to no redress for an individual. So businesses know they can loose the information with little to no penalties. This has allowed business to treat individuals with utter contempt and impunity. As an example, TJX?s data breach cost the company about $10 million to settle with 41 attorney general offices [1] (I know this is not a 'lost laptop'). $10 million is a pittance for a company which earns $210 million on sales of $4.4 billion per quarter [2]. Now suppose one-fifth of the 94 million records were unique in the TJX breach [3]. Further suppose that each individual were able to claim $1,000 per incident under some legislation (which the citizens will probably never enjoy). The penalty could now be $18 billion - which is a number that cannot be dismissed as easily as $10 million. Congress serves themselves first, and then business. I don't believe they have any concerns for the citizens at any time other than when it comes time to 'pitch their re-election platforms'. [1] http://www.atg.wa.gov/pressrelease.aspx?id=23062 [2] http://www.marketwatch.com/story/tjx-earnings-per-share-up-14 [3] http://datalossdb.org/incidents/548-hack-exposes-94-million-credit-card-numbers-and-transaction-details ===== I realize your question may be rhetorical, but since there are so many reported incidences of theft there must be many many unreported thefts, and far more cases of people carrying this stuff around. I dealt with it - users who do this - for awhile before becoming internal security and might shed some light on it. In the companies I dealt with, laptops had become the de facto single computer for many users - especially the "more privileged" users, i.e. the higher paid class. Admin assistants secretaries rarely get laptops. So the higher paid class carry *all* their data because they have to in order to have access to it, because they haven't been sufficiently trained (or refuse to accept sufficient training) to use a server that sits behind a hard firewall that can only be reached with an encrypted connection. So they carry the data around. And there seems to also be insufficient awareness in the Windows sysadmin world of high grade encryption. Also, a CIO's goal is to reduce cost, so they often reduce tech support at the direct user interface level. So we get people who aren't trained or indoctrinated being supported by people who aren't trained or indoctrinated, and are carrying around insufficient or no tools to protect the valuables. Personally I think more CIO heads rolling might staunch some of the bleeding in the ranks. (As it always is in warfare.) ===== Rick - it's because we can! We have the ability to bring our work where ever we go and if it's all on a drive then broadband be damned - we can work from anywhere with anything we may need at our immediate disposal... some of us are too busy to think about that kind of risk because it breaches like those happen to other (not as smart) people - not us, ===== Honest answer? 1. Because many companies still aren't able to a) know where their data involving PII is stored, and b) can't control where that same information is saved (local hard drives, removable media, and email come to mind) 2. I'd be confident in saying that most corporate laptops run Windows and probably Microsoft Office. With that said, those pesky "OLK" temporary files get stored for indefinite periods of time without user knowledge. If the company in question knows this and is backing up hard drives or doing other forensics, they should know this: http://www.groovypost.com/howto/microsoft/outlook/find-the-microsoft-outlook-temporary-olk-folder/ More common than people realize, actually: http://datalossdb.org/search?query=stolen+laptop&commit=Search From rforno at infowarrior.org Fri Aug 7 11:30:23 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Aug 2009 07:30:23 -0400 Subject: [Infowarrior] - OMG! Intel Celeron chips in terrorists' hands Message-ID: OMG! Intel Celeron chips in terrorists' hands by Brooke Crothers http://news.cnet.com/8301-13924_3-10305297-64.html?part=rss&subj=news&tag=2547-1_3-0-20 A 24 episode? Probably not. The June 4, 2009 letter (originally marked "confidential") to Intel from the SEC states: "We are aware of a May 2008 news report that PCs in Cuba contain your Celeron processors. Cuba, Iran, Sudan, and Syria are identified by the State Department as state sponsors of terrorism, and are subject to U.S. economic sanctions and export controls." The letter continues. "We note that your Form 10-K does not include disclosure regarding contacts with Cuba, Iran, Sudan, and Syria. Please describe to us the nature and extent of any past, current, and anticipated contacts with the referenced countries, whether through distributors, resellers, licensees, or other direct or indirect arrangements." The letter was cited earlier in The Wall Street Journal. And what kind of computers are we talking about exactly? (It would strain credulity, I think, to cue in a Jack Bauer narration--"The following takes place between 7:00 a.m. and 8:00 a.m"--here.) "The Cuban PCs have Intel Celeron processors with 80 gigabytes of memory (sic) and 512 RAM and are equipped with Microsoft's Windows XP operating system. Both could be violations of a U.S. trade embargo, but not something Washington can do anything about in the absence of diplomatic relations with Havana. Clerks said the PCs were assembled by Cuban companies using parts imported from China." Maybe there's more to this than meets the eye but a lowly Celeron chip (one of Intel's bottom-of-the-performance-barrel processors) is hardly the chip to designate as a threat to national security. In short, data- crunching server farms--assuming they exist--in Cuba are not built with Celeron processors. For the record, an excerpt from the Intel response is as follows: "Intel has no business contacts with the Subject Countries, either directly or indirectly through tacit agreement with its customers. Intel does not provide products or technology to the Subject Countries...." A more productive line of inquiry--by another U.S. government agency-- might be: Where on the world market might these countries be buying sophisticated multiprocessor computer hardware based on, for instance, the newest high-end Intel Nehalem Core i7 processors? Now, there's an idea for a future '24' episode. Brooke Crothers is a former editor at large at CNET News.com, and has been an editor for the Asian weekly version of the Wall Street Journal. He writes for the CNET Blog Network, and is not a current employee of CNET. Contact him at mbcrothers at gmail.com. Disclosure. From rforno at infowarrior.org Fri Aug 7 11:31:14 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Aug 2009 07:31:14 -0400 Subject: [Infowarrior] - UK ID card hacked/cloned in 12 minutes Message-ID: <6BEF79C7-4EAE-40C2-BDFE-6A4C0FD37B37@infowarrior.org> http://www.computerweekly.com/Articles/2009/08/06/237215/uk-national-id-card-cloned-in-12-minutes.htm The prospective national ID card was broken and cloned in 12 minutes, the Daily Mail revealed this morning. The newspaper hired computer expert Adam Laurie to test the security that protects the information embedded in the chip on the card. Using a Nokia mobile phone and a laptop computer, Laurie was able to copy the data on a card that is being issued to foreign nationals in minutes. He then created a cloned card, and with help from another technology expert, changed all the data on the new card. This included the physical details of the bearer, name, fingerprints and other information. He then rewrote data on the card, reversing the bearer's status from "not entitled to benefits" to "entitled to benefits". He then added fresh content that would be visible to any police officer or security official who scanned the card, saying, "I am a terrorist - shoot on sight." According to the paper, Home Office officials said the foreign nationals card uses the same technology as the UK citizens card that will be issued from 2012. Guy Herbert, general secretary of privacy lobby group NO2ID, said it was a mistake to assume that the Home Office cared about the card, or identity theft or citizens' benefit. He said the Home Office wanted the central database to record citizens' personal details in one place for official convenience. "It is that database which will deliver unprecedented power over our lives to Whitehall and make the Home Office king in Whitehall. The card is an excuse to build the database. If the card is cancelled it already intends to use passports as a secondary excuse," he said. Home Office officials said they were working on a response to the story, and would issue a statement later today. From rforno at infowarrior.org Fri Aug 7 11:34:26 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Aug 2009 07:34:26 -0400 Subject: [Infowarrior] - Can you trust Bing? Message-ID: <8A5154CE-199D-4069-8A03-2B6FF3CD2FA3@infowarrior.org> Can you trust Bing? Microsoft's latest tool for marketing By Nick Farrell http://www.theinquirer.net/inquirer/news/1496589/can-trust-bing IT SEEMS THAT Microsoft tinkers with its Bing search algorithms to push its own marketing. According to PC World, if you tap in the phrase "Why is Windows so expensive?" you get as a top link "Why are Macs so expensive?" The rest of the links on the first search page answer everything including the price of windows you can see through and little about the price of the Windows OS. There are a few entries about why Windows hosting providers are so expensive, and one about fish! The five other links on page one are about the expensive price of Macs. The Windows client OS is not even mentioned. If you do the same search at Google, you get a long list of links about whether the Windows OS is expensive. Another search on "Is Microsoft Evil?" gets a top link to a New York Times story about whether or not Google is considered evil, a link about proxy servers, and a link to a story about Microsoft's charity. Searches on Bing for the phrase "Is Linux Good?" turn up fairly neutral to negative results. It seems that PC World has a point, in that Bing's search results for these phrases are not uncensored. To be fair to Google, if you type in the phrase "Is Google Evil?" you do get a fair few negative posts. One wonders what Microsoft was smoking when it thought it could get away with this. However it appears to have been selective and this might even have been an accident. [Uh huh - Ed] If you type in "Steve Ballmer is Evil" you get the top site being his famous monkey boy dance. If you type in "Bill Gates is Evil" you get a discussion about whether Bill is, er... evil or not. Searches on the words "Bill Gates" and "Steve Ballmer" end up at their respective Wackypedia pages, so nothing to see here move along please. Type in "Apple" and you get the fruity religion's Cupertino HQ as the number one result with no references to expensive Macs or Chinese sweatshops. ? From rforno at infowarrior.org Fri Aug 7 16:55:33 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Aug 2009 12:55:33 -0400 Subject: [Infowarrior] - Editorial: Terror alert, gray Message-ID: <84F29E72-E846-4DB2-A1E9-B04BB6EA07FD@infowarrior.org> EDITORIAL: Terror alert, gray America needs a more effective warning system By | Thursday, August 6, 2009 http://www.washingtontimes.com/news/2009/aug/06/terror-alert-gray/?feat= Homeland Security Secretary Janet Napolitano has appointed a 17-member board to review and evaluate the Homeland Security Advisory System, the familiar, if often ignored, five-color terror-alert warning. The system is long overdue for review and should be improved. The system was established in March 2002 as a readiness measure for state and local law enforcement and the public generally. It has been the butt of many jokes, and most Americans have no idea what the current alert level is at any given time. But the system has some utility. It works best when there are concrete signs of increased terrorist activity. The last time the system went to red alert was in 2006 after evidence emerged about a plot in Britain to bomb trans- Atlantic airliners. Unfortunately, the alert status often has fallen victim to politics. During the George W. Bush years, the president's political opponents charged that the administration was trying to whip up hysteria any time the alert status moved up, despite concrete evidence that the terror threat had increased. The political equation at the lower end of the scale is more mundane. The United States has been at yellow alert (signifying "significant risk" of attack) since 2006, with airlines at orange alert ("high risk"). Some localities maintain their own alert levels. For example, the New York City metro area is at orange alert and generally stays one level above the federal alert status. The country as a whole has never been to blue ("general risk") or green ("low risk") alert since the system was implemented, and it probably never will be. In part, this is because the world is a dangerous place, and there always will be some degree of threat. No policymaker will risk lowering the alert status to blue or green because if an attack took place after the change, it would be fatal politically. Lowering the alert level might even encourage terrorists to attack, either because they would assume our guard was down or to demonstrate that they still are a force to be reckoned with. Yellow is bureaucratically safe. It does not court charges of creating undue panic, but neither does it promise we are safe. Yellow is the de facto floor. The Department of Homeland Security could do away with blue and green, and it would make no difference. Reform is necessary. In 2007, Congress instructed the department to make the threat system more precise and to tie threat levels to specific countermeasures. That was not done. In 2003, a major interagency effort was undertaken to find ways to improve the system. Working groups examined a variety of other models, including the British Columbia Threat Advisory System, a very effective Canadian warning program. Unfortunately, the 2003 effort did not lead to any significant changes. The new panel could profitably review the records of that earlier endeavor to avoid some needless duplication of effort. The most important reform would be to take politics out of the warning system. To the extent possible, threat levels should be tied to objective measures determined by counterterrorism experts. Rather than using a national alert system, threat levels could be determined on a regional and local basis by the scores of joint counterterrorism task forces that already operate nationwide. The task forces are closer to the threat, understand it better and can respond more quickly to changing circumstances. Modern global terrorism is decentralized, complex and adaptive. The last thing we need is an alert system that is centralized, sluggish and unchanging. From rforno at infowarrior.org Fri Aug 7 23:44:56 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 7 Aug 2009 19:44:56 -0400 Subject: [Infowarrior] - Top US Cybersecurity Official Steps Down Message-ID: <819766FF-8E9D-4B83-B86B-FDAF2A85DAEF@infowarrior.org> (Released late on a Friday....go figure!! --rf) Top Cybersecurity Official Steps Down By Ellen Nakashima Washington Post Staff Writer Friday, August 7, 2009 6:19 PM http://www.washingtonpost.com/wp-dyn/content/article/2009/08/07/AR2009080702805_pf.html A top operational official in charge of protecting civilian government computer networks has resigned, another blow to the federal effort to enhance cybersecurity. Mischel Kwon, the director of the Department of Homeland Security's U.S. Computer Emergency Response Team, submitted her resignation letter this week. "Moving on is a hard step for me, but one I must take," she said, according to the letter, obtained by The Washington Post. Kwon, who is the fourth U.S.-CERT director in five years, was frustrated by bureaucratic obstacles and a lack of authority to fulfill her mission, according to colleagues who spoke condition of anonymity. Her departure follows the resignation of the lead White House cybersecurity official, Melissa E. Hathaway, who said last week that she would step down. In March, another DHS cybersecurity official, Rod Beckstrom resigned, citing a lack of support inside the agency and what he described as a power grab by the National Security Agency. The resignations, although unrelated, point to a larger inability by the federal government to hire, retain and effectively utilize qualified personnel, experts said. Two months after President Obama pledged to "personally" select someone to be the White House's cybersecurity coordinator, the position remains unfilled. On Friday, Phil Reitinger, director of the National Cybersecurity Center at DHS, said in a statement that the administration "has made cybersecurity a top priority." Amit Yoran, chief executive of NetWitness, a consulting firm, and the U.S.-CERT's first director, said Kwon would be "sorely missed in government." "It's a shame to lose her talent from public service at this critical time," Yoran said. In her letter, Kwon states that she would like her last day to be Sept. 2. She is expected to take a position in the private sector. From rforno at infowarrior.org Sun Aug 9 16:40:28 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 9 Aug 2009 12:40:28 -0400 Subject: [Infowarrior] - Are the Glory Days Long Gone for I.T.? Message-ID: <890A30CF-9674-48FF-95C5-37EC1431D76C@infowarrior.org> August 9, 2009 Digital Domain Are the Glory Days Long Gone for I.T.? By RANDALL STROSS http://www.nytimes.com/2009/08/09/business/09digi.html?pagewanted=print IF Thomas M. Siebel can accurately see the future, computer science students with the entrepreneurial gene may want to look for a different major. And investors who think that information technology is a sector that will produce outsized returns should wake up. In Mr. Siebel?s view, I.T. is a mature industry that will grow no faster than the larger economy. He contends that its glory days are past ? long past, having ended in 2000. I believe that Mr. Siebel may well be wrong. But his own illustrious career in I.T. makes his opinions a matter of uncommon interest. Earning both a master?s degree in computer science and an M.B.A. at the University of Illinois at Urbana-Champaign, he was an executive at Oracle from 1984 to 1990. In 1993, he founded Siebel Systems, which sells software for tracking customers and sales prospects; the company was acquired in 2006 by Oracle, which paid almost $6 billion. In Mr. Siebel?s self-deprecating narrative, he was simply standing in the right place at the right time. Addressing Stanford students in February as a guest of the engineering school, Mr. Siebel called attention to 20 sweet years, from 1980 to 2000, when, he said, worldwide I.T. spending grew at a compounded annual growth rate of 17 percent. ?All you had to do was show up and not goof it up,? he said. ?All ships were rising.? Since 2000, however, that rate has averaged only 3 percent, he said. His explanation for the sharp decline is that ?the promise of the post- industrial society has been realized.? No new technological advances, he believes, would impel I.T. customers to replace the computer technology they already had: ?I would suggest to you that most of what?s going on today is not very exciting.? In his view, far larger opportunities are to be found in businesses that address needs in food, water, health care and energy. Though Silicon Valley was ?where the action was? when he finished graduate school, he says, ?if I were graduating today, I would get on a boat and I would get off in Shanghai.? When I called him last month to discuss his provocative arguments, he was disarmingly modest. ?I?m just an old has-been, I don?t present myself as an expert in this or any other area,? he said. The huge difference in growth rates, pre- and post-2000, may seem so stark as to leave no room for an alternative view of I.T.?s prospects. But the recent drop is not as steep as it seems at first. I asked Shane Greenstein, an economist at Northwestern University?s Kellogg School of Management who has written extensively about the computer industry, to take a look at the raw data upon which those numbers were supposedly based: the annual I.T. spending estimates published by IDC. Mr. Greenstein?s calculations produced a more moderate compounded annual growth rate of 11.6 percent for 1980 to 2000, instead of 17 percent. (Mr. Siebel?s personal assistant said last week that the 17 percent in the Stanford talk came from a staff member who calculated from a reading of a chart, not from precise figures.) When Mr. Greenstein looked at the full IDC data set, which goes back to 1961, and used other breakpoints to compare growth in earlier and later periods, he found that the most golden years of I.T. were in the 1960s, when use of mainframe computers spread widely. From 1961 to 1971, the compounded annual growth rate was 35.7 percent, more than three times the rate in the 1980-2000 period celebrated by Mr. Siebel. Declining growth rates over time are to be expected, Mr. Greenstein said. After all, it doesn?t take many sales to show huge percentage gains when the base is small. TIMOTHY BRESNAHAN, a Stanford economist, similarly does not accept Mr. Siebel?s contention that the decline in growth rates this decade, which encompasses two recessions, signals a permanent end to I.T.?s record of growing faster than the larger economy. ?It is early days to say the game is over,? he said. When the economy recovers, there is no dearth of unfinished projects for I.T., he said, like ?automating white-collar work and automating buying and selling in markets.? And when one company dominates a certain area of technology, it can be a bottleneck along the road to innovation ? an obstacle to the technology of others. Mr. Bresnahan says that this has happened with Microsoft in the PC side of corporate information technology, and in earlier times with I.B.M. in computers and AT&T in telecommunications. But he said that entrepreneurial companies of those earlier days ? like Siebel Systems ? ultimately invented around bottlenecks and ?innovation-led growth picked up again.? The biggest decline in I.T.?s growth came at the end of the 1960s, well before Mr. Siebel?s own I.T. career. A fortune or two could still be made, it turns out. Siebel Systems, which its founder says attained $2 billion in revenue annually in only seven years, was founded after the growth rate of I.T. spending dropped precipitously. Entrepreneurial engineers in the United States should take heart. There?s no cause for mass flight to Shanghai. Randall Stross is an author based in Silicon Valley and a professor of business at San Jose State University. E-mail: stross at nytimes.com. From rforno at infowarrior.org Sat Aug 15 01:40:04 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 14 Aug 2009 21:40:04 -0400 Subject: [Infowarrior] - Care to Write Army Doctrine? With ID, Log On Message-ID: August 14, 2009 Care to Write Army Doctrine? With ID, Log On By NOAM COHEN http://www.nytimes.com/2009/08/14/business/14army.html?_r=1&pagewanted=print Join the Army, where you can edit all that you can edit. In July, in a sharp break from tradition, the Army began encouraging its personnel ? from the privates to the generals ? to go online and collaboratively rewrite seven of the field manuals that give instructions on all aspects of Army life. The program uses the same software behind the online encyclopedia Wikipedia and could potentially lead to hundreds of Army guides being ?wikified.? The goal, say the officers behind the effort, is to tap more experience and advice from battle-tested soldiers rather than relying on the specialists within the Army?s array of colleges and research centers who have traditionally written the manuals. ?For a couple hundred years, the Army has been writing doctrine in a particular way, and for a couple months, we have been doing it online in this wiki,? said Col. Charles J. Burnett, the director of the Army?s Battle Command Knowledge System. ?The only ones who could write doctrine were the select few. Now, imagine the challenge in accepting that anybody can go on the wiki and make a change ? that is a big challenge, culturally.? In recent years, collaborative projects like the Firefox Internet browser or Wikipedia pages have flourished with the growth of the Internet, showing the power of thousands of contributors pulling together. Not surprisingly, top-down, centralized institutions have resisted such tools, fearing the loss of control that comes with empowering anyone along the chain of command to contribute. Yet the Army seems willing to accept some loss of control. Under the three-month pilot program, the current version of each guide can be edited by anyone around the world who has been issued the ID card that allows access to the Army Internet system. About 200 other highly practical field manuals that will be renamed Army Tactics, Techniques and Procedures, or A.T.T.P., will be candidates for wikification. As is true with Wikipedia, those changes will appear immediately on the site, though there is a team assigned to each manual to review new edits. Unlike Wikipedia, however, there will be no anonymous contributors. Many in the Army have been suspicious about the idea, questioning if each soldier ? specialist or not ? should have an equal right to create doctrine, Colonel Burnett said. ?We?ve gotten the whole gamut of responses from black to white,? he said, ? ?The best thing since sliced bread? to ?the craziest idea I have ever heard.? ? The colonel said that he was hopeful that by reaching out to the 140,000 members of the Army?s online forums, he would be tapping the kind of people who would be comfortable collaborating on the Web. ?Our motto is, ?If you ever thought what would I do if the Army let me write doctrine, now is your chance,? ? he said. The idea has support at the highest ranks. Lt. Gen. William B. Caldwell, the commander of the Combined Arms Center at Fort Leavenworth, Kan., wrote on the center?s blog on July 1, that ?by embracing technology, the Army can save money, break down barriers, streamline processes and build a bright future.? The seven guides in the pilot program frequently touch on areas that the rank-and-file soldier has had to master because of the wars in Iraq and Afghanistan, including topics like Desert Operations, Army Unmanned Aircraft Systems Operations and the movements of an infantry rifle platoon within a stryker brigade combat team. For example, on July 7, a staff sergeant added his personal experience in Iraq to a guide for a stryker brigade combat team. Soldiers must understand, the original field manual says, ?their vital role as collectors of combat information during the platoon intelligence activities.? The sergeant illustrated the idea with an incident in 2004 where a soldier met ?an Iraqi family who was fluent in the Spanish language.? An officer investigated and found ?no ill will towards the United States or our allies, the goal of the family was to travel through Spanish-speaking nations into Mexico and then enter the United States.? But, the wiki contributor noted, there was a potential for terrorists trying to enter the country, concluding that this encounter demonstrated ?the importance of passing along such intelligence to the proper channels.? The introduction of wikis is part of a revamping of the Army?s field manual system, which currently has more than 500 different guides that cover crucial, so-called capstone doctrine ? like interrogation or counterterrorism ? as well as highly specialized guidance on, say, how to stay warm during cold-weather operations. Under the new plan, 50 or so capstone guides will remain field manuals and will not be open to collaborative editing, said Clinton Ancker, a retired colonel who, as director of the Combined Arms Doctrine Directorate at Fort Leavenworth, is supervising the pilot program. More than 200 other former field guides are likely to be consolidated or even scrapped, he said. Christopher R. Paparone, an associate professor in the Army Command and General Staff College?s Department of Logistics and Resource Operations at Fort Lee, Va., who has been advising the Army to change its hierarchical thinking, wrote in an e-mail message that he was heartened by the Army?s willingness to experiment. ?My view (not an official view) is that we have been much too rigid in our doctrine,? he wrote. ?By using wiki, we begin to challenge dogmatic thinking,? adding that wikis made rank ?immaterial.? Still, the reaction of the rank and file thus far has been tepid. A visit to the site hosting the seven wikified guides shows that there has been little editing over the first six weeks. In part, this slow acceptance reflects the different priorities between Army theorists and the working Army, according to Mr. Paparone, a retired colonel with a Ph.D. in public administration. ?The field Army is very busy and many who are out there ?operating? do not necessarily see much usefulness in doctrine anyway (except maybe as a start point to improvise from and something taught at our Army schools),? he wrote. Mr. Ancker said he remained optimistic, however, in part because soldiers, even in an open-source world, still know how to take an order. ?One of the great advantages we have is that we are a disciplined force,? he said. ?We are hierarchical. When the boss says ?do this,? it tends to get done. Even those who don?t like to write will add something.? From rforno at infowarrior.org Sun Aug 16 22:44:24 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 16 Aug 2009 18:44:24 -0400 Subject: [Infowarrior] - Is It Time To Burn This Book? Message-ID: Is It Time To Burn This Book? When Fahrenheit 451 becomes a comic book, it's time to worry.By Sarah Boxer Posted Sunday, Aug. 16, 2009, at 8:08 AM ET Article URL: http://www.slate.com/id/2223495/ As the end time for printed books draws near, Fahrenheit 451, the 1953 novel that envisioned it all, has just been published, again. And this time it reads like a joke?an extended, ironic, illustrated joke. Because this time, Ray Bradbury's novel about firemen who burn books instead of putting out fires is?oof!?a comic book. Think back to the original novel. Comic books are the only books shallow enough to go unburned, the only ones people are still allowed to read. Beatty, the fire chief, who seems to have loved books once and whom Bradbury has called "a darker side of me," explains it all to the hero, Guy Montag, the reluctant fireman. When photography, movies, radio, and television came into their own, he says, books started to be "leveled down to a sort of pastepudding norm." Burning them isn't so tragic, he suggests, because they are already so degraded. "Books cut shorter. Condensations. Digests, Tabloids. ? Classics cut ? to fill a two-minute book column. ? Speed up the film, Montag, quick. Click, Pic, Look, Eye, Now, Flick, Here, There, Swift, Pace, Up, Down, In, Out, Why, How, Who, What, Where, Eh? Uh! Bang! Smack! Wallop, Bing, Bong, Boom! Digest-digests, Digest-digest-digests! Politics? One column, two sentences, a headline! Then, in mid-air, all vanishes!" (Sounds like the Internet, doesn't it? News articles become blogs, blogs become tweets.) "School is shortened, discipline relaxed, philosophies, histories, languages dropped, English and spelling gradually neglected, finally almost completely ignored." (Texting, anyone?) "More cartoons in books. More pictures. The mind drinks less and less." Fast forward 56 years to a condensed, comic-book version of the very novel in which comic books and condensations are presented as pap. Surely this is black humor, a resigned joke about the imminent eclipse of books on paper by images, both digital and analog. Except that it isn't. The graphic novel of Fahrenheit 451, with pictures by Tim Hamilton and a condensed text authorized by Bradbury himself, seems quite earnest. It's hard to know what on earth Bradbury was thinking. Did he just give in to the enemy? And what was the artist, Hamilton, thinking, when he illustrated the fire chief's rant with his own tableau of degraded books: Hamlet for Dimwits, Time magazine, and, yes, two Classic Comics editions, Moby Dick and Treasure Island. (Hamilton himself illustrated a comic-book version of Treasure Island before taking on Fahrenheit 451.) It's as if author and artist were vigorously waving a white flag and shouting, "We couldn't beat 'em, so we joined 'em!" Maybe there's another explanation, though. Maybe Bradbury sees the comic book as a kind of life raft, a salvation, for books. At the end of Fahrenheit 451, an underground society of persecuted book lovers picks volumes to memorize before burning them. They recite them to others. It's back to the oral tradition to save the literary world. Today a similar thing (minus the burning) is happening in reality, as graphic novelists pick out classics to retell in their own way. Fahrenheit 451 is but one of many. This year alone, there are new graphic novel versions of Moby Dick, The Trial, Crime and Punishment, The Great Gatsby, and the Bible. Is Bradbury saying that it's back to pictographs to save the literary world? I don't think so. Graphic novels may win some new readers, but the text is almost always shortened to make way for pictures, and what survives of it is radically different: It's mostly dialogue, like a screenplay. In the graphic-novel version of Fahrenheit 451, almost all of the words are spoken. Even the pictures confirm that the novel has become a script. Montag is drawn in deep, spooky shadow, as if he were telling his tale out loud, by a bonfire or with a flashlight under his chin. And this only deepens the irony, for Fahrenheit 451 seems to be just as much against movies, theater, and television as it is against comic books. In the novel, insipid housewives spend their time memorizing scripts for soap operas starring themselves that are piped into their homes and projected onto room-size screens (like reality TV, except more interactive). Montag's wife, Mildred, is addicted to these "parlor walls." She explains the attraction: "When it comes time for the missing lines, they all look at me out of the three walls and I say the lines." She calls the walls her "family." Her only complaint is that she doesn't have a "fourth wall." (Yes, that's what she calls it.) Then she could be both audience and actor. Home theater would become real life. And so, it seems, we are back to the first hypothesis: The comic book is more surrender than salvation?white flag, not life raft. Bradbury appears to have decided to hurry the apocalypse for books, or at least to announce it, by helping transpose Fahrenheit 451 into the perfect anti-book (in Fahrenheit 451 terms)?both theatrical script and comic strip. But there's yet another possibility: Maybe Bradbury really does not feel about books the way the fire chief, Beatty, does. Beatty seems to have loved books once, but only the weighty classics, whereas Bradbury, in his many introductions to the original Fahrenheit 451, has professed his love for all kinds of books, high and low, and all kinds of magazines. His two early publishers were Playboy and the sci- fi magazine Galaxy. He loves movies. (He was thrilled with Truffaut's movie version of Fahrenheit 451, and he was friends with Fellini.) He helped turn Fahrenheit 451 into an opera. He made a screenplay out of Moby Dick for John Huston. And, yes, he loves comics; he's always loved comics! (Flash Gordon and Buck Rogers were his boyhood favorites.) Bradbury is no Beatty. He's a pluralist. He loves high and low, literature and comics, opera and movies. He's adapted his novel for just about every medium. Given this, perhaps the message of the comic- book rendition of Farenheit 451 is that the elitist, nostalgic, black- and-white thinking of a Beatty is part of the problem and leads to black-and-white solutions like censorship and book burning. Beatty has a love-hate relationship with the paper he burns. Bradbury does not. It turns out that Bradbury has another alter ego in Fahrenheit 451?a scholar named Faber, who helps the fireman Montag leave the book- burning business. And here is his take on printed books: "Books were only one type of receptacle where we stored a lot of things we were afraid we might forget. There is nothing magical in them at all." Pow! Take that, books! If we want to hold onto books in some form, we have to let go of the idea that there is an ideal form for books. It's tempting to say that Bradbury, speaking through Faber, was foreseeing the great shift from print to pixel 56 years ago. Maybe, maybe not. But I'm guessing that Bradbury might not mind seeing a nonprint, totally digital edition of Fahrenheit 451. If and when Fahrenheit 451 does come out in a Kindle edition, then the progression from printed book to condensed script to comic book to kindling will, at last, be complete. Beatty and Faber will both be right. Sarah Boxer is the author of Ultimate Blogs and In the Floyd Archives: A Psycho-Bestiary. Article URL: http://www.slate.com/id/2223495/ From rforno at infowarrior.org Mon Aug 17 17:28:36 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Aug 2009 13:28:36 -0400 Subject: [Infowarrior] - Beware Flash Cookies Message-ID: Epicenter The Business of Tech You Deleted Your Cookies? Think Again * By Ryan Singel Email Author * August 10, 2009 | * 7:39 pm | * Categories: Advertising http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/ More than half of the internet?s top websites use a little known capability of Adobe?s Flash plug-in to track users and store information about them, but only four of them mention the so-called Flash Cookies in their privacy policies, UC Berkeley researchers reported Monday. Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not. What?s even sneakier? Several services even use the surreptitious data storage to reinstate traditional cookies that a user deleted, which is called ?re-spawning? in homage to video games where zombies come back to life even after being ?killed,? the report found. So even if a user gets rid of a website?s tracking cookie, that cookie?s unique ID will be assigned back to a new cookie again using the Flash data as the ?backup.? Even the Whitehouse.gov showed up in the report, with researchers reporting they found a Flash cookie with the name ?userId.? The site does say in its privacy policy that it uses tracking technology but it does not mention Flash or tell users how to get rid of the Flash cookie. The report is being submitted Monday as a comment in the government?s proceeding about the use of cookies on federal websites. Federal websites have traditionally been banned from using tracking cookies, despite being common around the web ? a situation the Obama administration is proposing to change as part of an attempt to modernize government websites. But the debate shouldn?t be about allowing browser cookies or not, according Ashkan Soltani, a UC Berkeley graduate student who helped lead the study. ?If users don?t want to be tracked and there is a problem with tracking, then we should regulate tracking, not regulate cookies,? Soltani said. The study also comes as Congress and federal regulators are looking at ways of reining in the online tracking and advertising industry, whose attempts at self-regulation have conspicuously failed to make the industry transparent about when, how and why it collects data about internet users. Websites and advertisers track users closely in order to improve services and to prove to advertisers that an ad has been shown one time to 1 million users, and not 10 times to the same 100,000 people. Ad networks also collect the information in order to segment users into different groups, such as ?car fanatic? or ?fashionista,? in order to charge advertisers a premium for reaching just the slice of the populace that the company thinks will be most receptive to its ad. Smelling possible regulation coming, third party ad networks recently agreed to an updated voluntary code of conduct, though it prohibits little and has no enforcement mechanism. For instance, when it comes to sensitive health information, the networks are free to collect as much information as they like, so long as it does not involve an actual prescription. Soltani led a summer research team at Berkeley, under the direction of Chris Hoofnagle, the Director of Information Privacy Programs at the Berkeley Center for Law and Technology. The team tested the top 100 sites to see what their privacy policies said, what their tracking technology actually does and what happens if a user blocks the Flash cookie. The study found that 54 of the top 100 set Flash cookies, which vary from simply setting audio preferences to tracking users by a unique identifier. Wired.com, for instance, placed on this writer?s work computer to set the volume of a video player. Adobe?s Flash software is installed on an estimate 98 percent of personal computers, and has been a key component in the explosion of online video, powering video players for sites such as YouTube and Hulu. Websites can store up to 100K of information in the plug-in, 25 times what a browser cookie can hold. Sites like Pandora.com also use Flash?s storage capability to preload portions of songs or videos to ensure smooth playback. All modern browsers now include fine-grained controls to let users decide what cookies to accept and which to get rid of, but Flash cookies are handled differently. These are fixed through a web page on Adobe?s site, where the controls are not easily understood (There is a panel for Global Privacy Settings and another for Website Privacy Settings ? the difference is unclear). In fact, the controls are so odd, the page has to tell you that it is the control, not just a tutorial on how to use the control. This so-called behavioral targeting is coming under scrutiny, in part since Google bought one of the largest practitioners ? DoubleClick ? and recently announced it would start using its troves of user data to deliver targeted ads. Its main money makers, the small text ads next to search results and on websites across the net, simply rely on the words in a search or on a webpage to place ads, a tactic known as contextual ads. Defenders of behavioral ads say that privacy shouldn?t be a concern since cookies really identify a browser, not a person. Moreover, they argue that users would prefer to have relevant ads. Targeted Behavioral Ads could also help save online journalism. Under this theory, Google text ads don?t work on a news story about the governor raising the sales tax, since there?s no product that goes with that context. But if the site knew the reader was in the market for a car, it could show an ad for the new Lexus and earn much more. The report names two companies, Clearspring and QuantCast, as companies whose technologies reinstate cookies for other websites. Clearspring, the makers of the popular AddThis tool that lets users share a link by e-mail or on social networking sites, used its Flash cookie to reinstated deleted browser cookies for AOL.com, Answers.com and Mapquest.com, according to the report. The company defends its behavior, saying everyone uses Flash cookies these days, that it discloses its use of Flash in its privacy policy and that the copying of data back into cookies is a simply way to speed up pages by transferring data into HTML cookies, which browsers read faster. Clearspring?s AddThis tool is used by more than 300,000 publishers and the company collects data on some 525 million unique internet users monthly, according to Clearspring CEO Hooman Radfar. The data will soon be used to personalize the AddThis widget, making it so that a user who has previously shared a story by Twitter and Friendfeed will see those options first, rather than social networks he doesn?t use. ?We have the president, the pope and the queen of England using us,? Hooman told Wired.com in an interview a few weeks ago. ?If they can trust us, then you can.? Tools: Users who want to control or investigate Flash cookies have several options, according to reader Brian Carpenter: Windows: * Better Privacy extension for Firefox - https://addons.mozilla.org/en-US/firefox/addon/6623 * Ccleaner - http://www.ccleaner.com/ Mac OS X: http://machacks.tv/2009/01/27/flushapp-flash-cookie-removal-tool-for-os-x/ Where to find these flash cookies: * Windows: LSO files are stored typically with a ?.SOL? extension, within each user?s Application Data directory, under Macromedia \FlashPlayer\#SharedObjects. * Mac OS X: For Web sites, ~/Library/Preferences/Macromedia/ FlashPlayer. For AIR Applications, ~/Library/Preferences/[package name (ID)of your app] and ~/Library/Preferences/Macromedia/FlashPlayer/ macromedia.com/Support/flashplayer/sys * GNU-Linux: ~/.macromedia UpdateL 8/11/2009 - This story was updated to include more statistics on Flash cookies and to note that Wired.com uses one. Photo: Fake Zombies attacking an innocent driver. Andy330/Flickr From rforno at infowarrior.org Mon Aug 17 18:15:33 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 17 Aug 2009 14:15:33 -0400 Subject: [Infowarrior] - =?windows-1252?q?Twitter_is_40=25_=91Pointless_Ba?= =?windows-1252?q?bble=92=3A_Repor?= Message-ID: <66AC3847-F467-4BB6-9BDE-42AB98D5911A@infowarrior.org> Twitter is 40% ?Pointless Babble?: Report TWITTER, INTERNET, MEDIA, SOCIAL NETWORKING, TECHNOLOGY CNBC.com | 17 Aug 2009 | 10:27 AM ET Twitter followers are more likely to hear about what people are having for their lunch than read anything actually interesting or worthwhile, according to Pear Analytics. Less than one in ten tweets have any real "pass-along value" and more than 40 percent of tweets are ?pointless babble,? a study by the research firm showed. The research carried out by Pear Analytics was designed to take a snapshot of what people actually used the booming social networking site for. They delved into the endless steam of tweets every 30 minutes between 11 am and 5 pm Central Standard time on weekdays over two weeks to collect a total of 2,000 messages. They then grouped the messages into one of six categories: news, spam, self-promotion, pointless babble, conversational and those with pass- along value. Messages classed as babble included such gems as ?I?m having a sandwich,? Pear Analytics said. Only 8.7 percent of messages were found to have pass-along value. Pointless babble was the largest category with 40.5 percent. Conversational tweets were 37.5 percent, but self promotion and spam only grabbed 5.9 percent and 3.8 percent respectively. Fears that the site was becoming overrun with spam and self-promotion from companies getting on the Twitter bandwagon were refuted by the findings, Pear Analytics said. "With the new face of Twitter, it will be interesting to see if they take a heavier role in news, or continue to be a source for people to share their current activities that have little to do with everyone else," Ryan Kelly, founder of Pear Analytics, said of the findings. ? 2009 CNBC.com URL: http://www.cnbc.com/id/32446935/ From rforno at infowarrior.org Tue Aug 18 10:49:03 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Aug 2009 06:49:03 -0400 Subject: [Infowarrior] - DNA Evidence Can Be Fabricated, Scientists Show Message-ID: <094179C2-E434-4E94-A712-890750CCB136@infowarrior.org> August 18, 2009 DNA Evidence Can Be Fabricated, Scientists Show By ANDREW POLLACK http://www.nytimes.com/2009/08/18/science/18dna.html?_r=1&src=twt&twt=nytimes&pagewanted=print Scientists in Israel have demonstrated that it is possible to fabricate DNA evidence, undermining the credibility of what has been considered the gold standard of proof in criminal cases. The scientists fabricated blood and saliva samples containing DNA from a person other than the donor of the blood and saliva. They also showed that if they had access to a DNA profile in a database, they could construct a sample of DNA to match that profile without obtaining any tissue from that person. ?You can just engineer a crime scene,? said Dan Frumkin, lead author of the paper, which has been published online by the journal Forensic Science International: Genetics. ?Any biology undergraduate could perform this.? Dr. Frumkin is a founder of Nucleix, a company based in Tel Aviv that has developed a test to distinguish real DNA samples from fake ones that it hopes to sell to forensics laboratories. The planting of fabricated DNA evidence at a crime scene is only one implication of the findings. A potential invasion of personal privacy is another. Using some of the same techniques, it may be possible to scavenge anyone?s DNA from a discarded drinking cup or cigarette butt and turn it into a saliva sample that could be submitted to a genetic testing company that measures ancestry or the risk of getting various diseases. Celebrities might have to fear ?genetic paparazzi,? said Gail H. Javitt of the Genetics and Public Policy Center at Johns Hopkins University. Tania Simoncelli, science adviser to the American Civil Liberties Union, said the findings were worrisome. ?DNA is a lot easier to plant at a crime scene than fingerprints,? she said. ?We?re creating a criminal justice system that is increasingly relying on this technology.? John M. Butler, leader of the human identity testing project at the National Institute of Standards and Technology, said he was ?impressed at how well they were able to fabricate the fake DNA profiles.? However, he added, ?I think your average criminal wouldn?t be able to do something like that.? The scientists fabricated DNA samples two ways. One required a real, if tiny, DNA sample, perhaps from a strand of hair or drinking cup. They amplified the tiny sample into a large quantity of DNA using a standard technique called whole genome amplification. Of course, a drinking cup or piece of hair might itself be left at a crime scene to frame someone, but blood or saliva may be more believable. The authors of the paper took blood from a woman and centrifuged it to remove the white cells, which contain DNA. To the remaining red cells they added DNA that had been amplified from a man?s hair. Since red cells do not contain DNA, all of the genetic material in the blood sample was from the man. The authors sent it to a leading American forensics laboratory, which analyzed it as if it were a normal sample of a man?s blood. The other technique relied on DNA profiles, stored in law enforcement databases as a series of numbers and letters corresponding to variations at 13 spots in a person?s genome. From a pooled sample of many people?s DNA, the scientists cloned tiny DNA snippets representing the common variants at each spot, creating a library of such snippets. To prepare a DNA sample matching any profile, they just mixed the proper snippets together. They said that a library of 425 different DNA snippets would be enough to cover every conceivable profile. Nucleix?s test to tell if a sample has been fabricated relies on the fact that amplified DNA ? which would be used in either deception ? is not methylated, meaning it lacks certain molecules that are attached to the DNA at specific points, usually to inactivate genes. From rforno at infowarrior.org Tue Aug 18 15:06:28 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Aug 2009 11:06:28 -0400 Subject: [Infowarrior] - DISA teaching open source Message-ID: <4D493E73-D549-450F-8B72-67EF566FA2CF@infowarrior.org> U.S. defense agency teaching open source by Matt Asay http://news.cnet.com/8301-13505_3-10311789-16.html?part=rss&subj=news&tag=2547-1_3-0-20 It says something about open source's impact on the world when the the U.S. Defense Information Systems Agency--a division in the Department of Defense--starts running seminars on how to shift to open-source software. Could there be a better sign that open source has arrived? After all, it's one thing to adopt open source, which the U.S. federal government has in earnest--but to advocate for it and teach it? That's a higher level. The September 1 seminar, co-hosted by the Defense Information Systems Agency (DISA) and the Open Source Software Institute (OSSI), promises to detail the Open Source Corporate Management Information System (OSCMIS) program, a "Web-based federal administrative software suite consisting of more than 50 applications which handles human resource, training, security, acquisition and related functions for DISA's more than 16,000 users worldwide." John Weathersby, executive director of the OSSI, told me over e-mail that "this is about transparency and sharing and making available resources which have already been paid for." It's not some utopian open-source ideology; it's about opening up government by opening up software. If you're interested in attending the training in Washington, D.C., seating is limited but still available. More details can be found at OSSI's Web site. From rforno at infowarrior.org Tue Aug 18 22:49:41 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Aug 2009 18:49:41 -0400 Subject: [Infowarrior] - Predictive Blacklisting Message-ID: Predictive Blacklisting as an Implicit Recommendation System Authors: Fabio Soldo, Anh Le, Athina Markopoulou (Submitted on 14 Aug 2009) http://arxiv.org/abs/0908.2007 Abstract: A widely used defense practice against malicious traffic on the Internet is through blacklists: lists of prolific attack sources are compiled and shared. The goal of blacklists is to predict and block future attack sources. Existing blacklisting techniques have focused on the most prolific attack sources and, more recently, on collaborative blacklisting. In this paper, we formulate the problem of forecasting attack sources (also referred to as predictive blacklisting) based on shared attack logs as an implicit recommendation system. We compare the performance of existing approaches against the upper bound for prediction, and we demonstrate that there is much room for improvement. Inspired by the recent Netflix competition, we propose a multi-level prediction model that is adjusted and tuned specifically for the attack forecasting problem. Our model captures and combines various factors, namely: attacker- victim history (using time-series) and attackers and/or victims interactions (using neighborhood models). We evaluate our combined method on one month of logs from Dshield.org and demonstrate that it improves significantly the state-of-the-art. Comments: Comments: 11 pages; Submitted to INFOCOM 2010 Subjects: Networking and Internet Architecture (cs.NI) Cite as: arXiv:0908.2007v1 [cs.NI] Submission history From: Fabio Soldo [view email] [v1] Fri, 14 Aug 2009 03:45:12 GMT (528kb,D) http://arxiv.org/abs/0908.2007 From rforno at infowarrior.org Wed Aug 19 03:06:26 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 18 Aug 2009 23:06:26 -0400 Subject: [Infowarrior] - =?windows-1252?q?FBI_Agents=92_Role_Is_Transforme?= =?windows-1252?q?d_by_Terror_Fight?= Message-ID: <1A11A7A5-C64F-4CC4-B231-FA99DA3BDBF5@infowarrior.org> August 19, 2009 F.B.I. Agents? Role Is Transformed by Terror Fight By ERIC SCHMITT http://www.nytimes.com/2009/08/19/us/19terror.html?_r=1&hp=&pagewanted=print NORWALK, Calif. ? The report last month was chilling: a 55-gallon drum of radioactive material had gone missing during shipment from North Carolina to California. Even worse, the person who signed for the cargo was not an employee of the company that ordered the load. The Federal Bureau of Investigation here ramped up, consulting health officials, questioning radiation specialists and tracking down the trucker who dropped off the material, which could be used in a radioactive-bomb attack. Three hours later, the shipper found the drum ? still sitting on a loading dock 20 miles from its destination in the Los Angeles area ? having confused it with a similar shipment sent to a different company on the same day. For an F.B.I. team here that vets tips and threats about possible terrorist activity, it was yet another false alarm in a job largely defined by hoaxes and bogus leads that must still be run to ground. ?A lot of time we are chasing shadows,? said Lee Ann Bernardino, a 20- year F.B.I. special agent who handled the case, ?but it?s better to do that than find out later you let something get by.? Spending two days with Agent Bernardino?s 21-member threat squad, known as Counterterrorism 6, or CT-6, offered a rare window on the daily workings of an F.B.I. transformed after the attacks of Sept. 11, 2001. The bureau now ranks fighting terrorism as its No. 1 priority. It has doubled the number of agents assigned to counterterrorism duties to roughly 5,000 people, and has created new squads across the country that focus more on deterring and disrupting terrorism than on solving crimes. But the manpower costs of this focus are steep, and the benefits not always clear. Of the 5,500 leads that the squad has pursued since it was formed five years ago, only 5 percent have been found credible enough to be sent to permanent F.B.I. squads for longer-term investigations, said Supervisory Special Agent Kristen von KleinSmid, head of the squad. Only a handful of those cases have resulted in criminal prosecutions or other law enforcement action, and none have foiled a specific terrorist plot, the authorities acknowledge. As part of the larger debate about the transformation of the F.B.I., some counterterrorism specialists question the value of threat squads ? which are also in Washington, New York and a few other cities. ?Just chasing leads burns through resources,? said Amy Zegart, a professor at the University of California, Los Angeles, who writes extensively on intelligence matters. ?You?re really going to get bang for the buck when you chase leads based on a deeper assessment of who threatens us, their capabilities and indicators of impending attack. Right now, there?s more chasing than assessing.? The F.B.I. director, Robert S. Mueller III, has acknowledged the toll of the shift of agents to counterterrorism and intelligence duties. It comes at the cost of resources to combat corporate and financial fraud, and the deadly drug war in Mexico. About 40 percent of the bureau?s agents are devoted to fighting terrorism. The threat squad here is just one part of the F.B.I.?s sprawling Los Angeles field office. About 30 percent of the office?s 750 agents work on terrorism cases, including Al Qaeda, Hamas, terrorism financing and animal rights extremists. Federal agents say a major lesson of the Sept. 11 attacks is that all credible reports of possible terrorist activity must be checked. And they say it is more efficient for one squad with specially trained investigators to assess these tips, allowing other agents to stay focused on longer-term terrorist inquiries. The squad?s work here has yielded important results, officials say. In March 2008, Seyed Maghloubi, an Iranian-born American citizen, was sentenced to 41 months in prison for plotting to illegally export 100,000 Uzi submachine guns to Iran, via Dubai. His arrest stemmed from a tip from a police informant whom Mr. Maghloubi contacted about buying the weapons. The threat squad picked up the tip and developed information that led to a federal sting operation against Mr. Maghloubi. Responsible for overseeing seven counties and 19 million people in Southern California, the threat squad was created in May 2004 after threats to shopping malls on the West Side of Los Angeles diverted about 100 agents from other counterterrorism inquiries. Working out of a drab office building here 15 miles southeast of downtown Los Angeles, the investigators sift through tips and threats called in by the public or passed on by a regional intelligence center. The agents check databases and conduct field interviews before deciding whether to act on a case immediately, farm it out to another F.B.I. squad or refer it to another law enforcement agency. ?Someone has to go out and knock on the doors,? said Frank Leal, a 29- year detective with the Los Angeles County Sheriff?s Department assigned to the threat squad along with investigators from 10 other local, state and federal agencies. ?You don?t want any one of those leads to go boom.? The squad now gets about 80 leads a month, down from a peak of about 140 a month a few years ago, a decline Agent von KleinSmid attributed in part to greater screening of tips by other intelligence analysts. Recent reported threats range from the mundane to the bizarre. On Aug. 1, a man called in a bomb threat to a Marriott-chain hotel in Hollywood. The authorities found nothing in a sweep of the hotel. A few hours later, the same man called to ask if the hotel had by any chance lowered its rates recently, and if it would do so if a bomb threat came in. Security guards have questioned people taking pictures of oil refineries in the Los Angeles area. Many turned out to be college students fulfilling assignment for class projects. Another recent reported threat sounded like a Hollywood thriller. In June, a college student told her University of California, Riverside, professor that her father, a Pakistani microbiologist, was secretly testing botulism toxins on animals in their basement on the outskirts of Los Angeles. F.B.I. agents, backed by police and hazardous-material experts, moved in on the house only to find nothing. The student had been trying to impress her professor in a weird way, investigators said. Nicholas M. Legaspi, the lead F.B.I. special agent on the bogus biolaboratory case, said he had no regrets about the effort devoted to the false alarm, which he said had served as an excellent training exercise. Agent Legaspi said his initial frustration about working on the threat squad was tempered by overseas assignments in which he investigated the attacks in Mumbai, India; worked alongside American Special Forces in Afghanistan; and interrogated Qaeda detainees at the American prison at Guant?namo Bay, Cuba. ?For the first several years, it was very disappointing always chasing ghosts,? said Agent Legaspi, a former officer in the Army and the California Highway Patrol. ?But looking at what goes on overseas keeps me sharp. I realized the terrorists are deadly serious. It makes me hungry to do this job.? From rforno at infowarrior.org Wed Aug 19 10:43:12 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Aug 2009 06:43:12 -0400 Subject: [Infowarrior] - Senator Moves to Stop Scientific Ghostwriting Message-ID: <3CC84640-8BCF-47DC-8EEE-D1930D4637A5@infowarrior.org> August 19, 2009 Senator Moves to Stop Scientific Ghostwriting By NATASHA SINGER http://www.nytimes.com/2009/08/19/health/research/19ethics.html?hp=&pagewanted=print A growing body of evidence suggests that doctors at some of the nation?s top medical schools have been attaching their names and lending their reputations to scientific papers that were drafted by ghostwriters working for drug companies ? articles that were carefully calibrated to help the manufacturers sell more products. Experts in medical ethics condemn this practice as a breach of the public trust. Yet many universities have been slow to recognize the extent of the problem, to adopt new ethical rules or to hold faculty members to account. Those universities may not have much longer to get their houses in order before they find themselves in trouble with Washington. With a letter last week, a senator who helps oversee public funding for medical research signaled that he was running out of patience with the practice of ghostwriting. Senator Charles E. Grassley, an Iowa Republican who has led a long-running investigation of conflicts of interest in medicine, is starting to put pressure on the National Institutes of Health to crack down on the practice. That is significant because the N.I.H., a federal agency in Bethesda, Md., underwrites much of the country?s medical research. Many of the nation?s top doctors depend on federal grants to support their work, and attaching fresh conditions to those grants could be a powerful lever for enforcing new ethical guidelines on the universities. Like many of the universities, N.I.H. appears reluctant to tackle the issue. A spokesman said the agency was committed to maintaining objectivity in science. But he added that in the case of ghostwriting allegations, universities and other institutions that employ researchers are responsible for setting and enforcing their own ethics policies. ?How long does it have to go on before it actually is stopped? One way to stop it would be if the actual authors were punished in some way,? said Dr. Carl Elliott, a professor at the Center for Bioethics of the University of Minnesota. ?But the academics who are complicit in it all never seem to be punished at all.? The full scope of the ghostwriting problem is still unclear, but recent revelations suggest that the practice is widespread. Dozens of medical education companies across the country draft scientific papers at the behest of drug makers. And placing such papers in medical journals has become a fundamental marketing practice for most of the large pharmaceutical companies. ?Just three days ago, I got a request to be the author of a ghostwritten article about the effectiveness of a cholesterol-lowering drug,? Dr. James H. Stein, professor of cardiology at the University of Wisconsin School of Medicine, said this month. ?This happens all the time.? He declined to attach his name to the paper. Allegations of industry-sponsored ghostwriting date back at least a decade, to scientific articles about fen-phen, the diet drug combination that was taken off the market in 1997 amid concerns that it could cause heart-valve damage. But evidence of the breadth of the practice has come to light only gradually, most recently in documents released in litigation over menopause drugs made by Wyeth. The documents offer a look at the inner workings of DesignWrite, a medical writing company hired by Wyeth to prepare an estimated 60 articles favorable to its hormone drugs. In one publication plan, for example, DesignWrite wrote that the goal of the Wyeth articles was to de-emphasize the risk of breast cancer associated with hormone drugs, promote the drugs as beneficial and blunt competing drugs. The articles were published in medical journals between 1998 and 2005 ? continuing even though a big federal study was suspended in 2002 after researchers found that menopausal women who took certain hormones had an increased risk of invasive breast cancer and heart disease. Wyeth has changed its policy in the years since the hormone papers were published, according to Douglas Petkus, a company spokesman, and now requires that scientific articles acknowledge any participation by Wyeth or a Wyeth-sponsored writer. Some leading medical journals have also beefed up their disclosure policies for authors. Some of the authors of the Wyeth hormone articles played significant roles in the work, while others made minor changes to drafts that were prepared for them, the documents show. But, in the main, the articles did not disclose that they had been drafted by outside writers paid to advance the drug company?s views. Many universities have been slow to react to evidence about the extent of the practice. In December, for example, Mr. Grassley released documents indicating that DesignWrite had drafted an article that was published under the name of a gynecology professor at New York University School of Medicine. Eight months later, a spokeswoman said the school had not looked into the matter. ?If we had received a complaint, we would have investigated,? said Deborah Bohren, the vice president for public affairs at New York University Langone Medical Center. ?But we have not received a complaint.? She added N.Y.U. never condoned ghostwriting and was now drafting a written policy to that effect. Faculty members, however, are responsible for the integrity of their own work, she said. But bioethicists said that medical schools must take responsibility for faculty members whose publications do not explicitly acknowledge the work of writers receiving industry support. Such subsidized articles allow pharmaceutical companies to use the imprimatur of respected academics ? and by extension, the stature of their institutions ? to increase sales of certain drugs, ultimately skewing patient care, they said. ?To blow this off is not acceptable,? said Dr. Ross McKinney, the director of the Trent Center for Bioethics at Duke University Medical Center. Duke has a policy that prohibits ghostwriting and advises faculty to keep records of their participation in preparing scientific articles. ?Our ultimate responsibility is to provide good care, and research is the foundation of that care,? Dr. McKinney said. ?Presenting information where the bias is not made clear is inconsistent with our mission.? In one measure of the extent of the problem, the medical school of a single university, Columbia, is home to three professors who were authors of Wyeth-financed articles. The three are also recipients of N.I.H. grants, according to the letter from Mr. Grassley. A spokeswoman for Columbia said that Dr. Lee Goldman, the dean of the medical school, who is not among the professors linked to Wyeth articles, was not available for an interview because he was out of the country. She did not answer a query seeking comment from Columbia. One of the authors discussed in DesignWrite documents is Dr. Michelle P. Warren, a professor of obstetrics and gynecology at Columbia. Her article was published in The American Journal of Obstetrics and Gynecology in 2004, when women feared that Wyeth?s brand of hormone drugs could be causing particular problems. The thesis of the article was that no one hormone therapy was safer than another. The published article acknowledged help from four people. But it did not disclose that DesignWrite employed two of those people and the other two worked at Wyeth. Court documents show DesignWrite sent a prepublication copy to Wyeth for vetting and charged Wyeth $25,000 for the article, information not disclosed in the paper. In a phone interview, Dr. Warren said the article was intended to clear up confusion over the risks of hormone drugs. She said she worked on the project in phone conversations and in meetings ? contributions not reflected in the court documents, she added. She said that it was a mistake not to have disclosed the writers? payment and affiliations in the acknowledgment; articles published today involve more detailed disclosures, she said. DesignWrite scoured the scientific literature on hormone therapy for the article, she said. ?I would never undertake this without some help,? said Dr. Warren, who is the Wyeth-Ayers Professor of Women?s Health at Columbia. ?It?s too much work. I am not getting paid for it.? A new policy at Columbia took effect in January. It prohibits medical school faculty, trainees and students from being authors or co-authors of articles written by employees of commercial entities if the author?s name or Columbia title is used without substantive contribution. The policy, which does not retroactively cover articles like Dr. Warren?s, requires any article written with a for-profit company to include full disclosure of the role of each author, as well as any other industry contribution. But Dr. Elliott, the bioethicist, said universities should go further than mere disclosure, prohibiting faculty members from working with industry-sponsored writers. Policies asking only for disclosure ?allow pharmaceutical companies to launder their marketing messages,? he said. From rforno at infowarrior.org Wed Aug 19 18:03:26 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Aug 2009 14:03:26 -0400 Subject: [Infowarrior] - Swiss to reveal UBS accounts to settle U.S. tax fight Message-ID: Swiss to reveal UBS accounts to settle U.S. tax fight Wed Aug 19, 2009 1:12pm EDT http://www.reuters.com/article/newsOne/idUSLJ59987220090819?sp=true By Jason Rhodes and Kim Dixon BERNE/WASHINGTON (Reuters) - Switzerland has agreed to hand over details of about 4,450 UBS AG bank accounts to U.S. authorities to settle a tax dispute that challenged Swiss banking secrecy and now threatens to spill over to other banks. With Switzerland's famed banking secrecy under fire, the Swiss have also agreed to process requests by the United States seeking information from its banks besides UBS about account holders who may have tried to evade U.S. taxes. "This announcement today should send a signal - no matter what institution you're with, the IRS is willing to pursue both the institution and the individual," Internal Revenue Service Commissioner Doug Shulman told reporters on Wednesday. The accounts were at one time worth $18 billion, Shulman said, though he could not provide a current figure. U.S. authorities would not name any other foreign banks under probe but the IRS is expected to use the Swiss deal as a template to pursue further prosecutions. "The IRS is now gaining institutional skill and knowledge in how to pursue these types of cases and they're going to use that. This is, I believe, the beginning and not the end," said Peter Hardy, a former federal prosecutor and specialist in white-collar crime at Post & Schell in Philadelphia. The UBS dispute had strained relations between the United States and Switzerland and challenged the latter's jealously guarded bank secrecy laws. The deal may add steam to a global effort among cash-strapped governments to crack down on tax-evading jurisdictions. But the settlement could help UBS, the world's second-largest wealth manager, restore an image that has been battered by the financial crisis and the U.S. dispute, and may open the way for the Swiss government to sell its UBS stake. "It's good to get this out of the way but the confidence of a lot of clients has been compromised so I'm not sure we will see inflows return in Q3. It will take time to recover reputation from this," said Jaap Meijer, an analyst at Evolution Securities in London. Switzerland's Finance Minister Hans-Rudolf Merz said the government wants to sell its stake as quickly as possible and while it would be good business, it also has to consider other factors. UBS shares closed down nearly one percent at 16.74 Swiss francs, having reversed some of their earlier losses. Swiss rival Credit Suisse ended down 1.3 percent and Julius Baer dropped 0.8 percent. UBS Chairman Kaspar Villiger said the agreement helps resolve one of UBS' most pressing issues. "I am confident that the agreement will allow the bank to continue moving forward to rebuild its reputation through solid performance and client service." In February, UBS agreed to pay $780 million and disclose about 250 client names to settle a criminal probe by U.S. authorities. One former UBS banker testified that he smuggled a client's diamonds into the United States in a tube of toothpaste. Wednesday's deal effectively ends a separate civil lawsuit by U.S. authorities that sought up to 52,000 account names. OTHER BANKS Other Swiss banks are fretting that the U.S. taxman's spotlight may now fall on them. The Wall Street Journal reported on Wednesday that more European banks have been identified in the U.S. tax probe, including Switzerland's Credit Suisse, Julius Baer, Zuercher Kantonalbank and Union Banque Privee (UBP). Switzerland may claim its banking secrecy remains intact, but some private bankers say it is no longer a selling point for its banks, which will need to offer other skills like wealth management and legacy planning to attract clients. "The majority of assets in Swiss private banks are from European Union citizens," said David Williams, an analyst at Fox-Pitt Kelton in London. "I think it won't be long before we see action from the European Union along similar lines." The new treaty between the United States and Switzerland would allow action in the case of "tax fraud and the like" in the UBS case, the Swiss government said. Precise details will be published 90 days after the agreement comes into force. The U.S. government retains the right to go back and use a summons to collect the names, which roughly equal the number of accounts, if the settlement process fails, said IRS chief Shulman. The client accounts to be disclosed will likely belong to people suspected of committing tax fraud under the terms of a double taxation agreement that obliges Switzerland to provide help if Washington seeks it in a criminal investigation. Shulman said notices from UBS to clients would go out in stages, but warned U.S. citizens to come forward now. "Once the Swiss government turns over names, all bets are off," Shulman said, noting these clients could face civil and criminal prosecution. Under a temporary amnesty program in effect until September 23, U.S. citizens can come forward and declare accounts, pay fines and in general avoid criminal prosecutions. The UBS case has added significant steam to that program. The agency saw about 400 people come forward during one week in July compared to about 100 during all of 2008 alone. (Additional reporting by Steve Slater in London and Jeremy Pelofsky in Washington; Editing by Erica Billingham and Tim Dobbyn) ? Thomson Reuters 2009 All rights reserved Share: Del.icio.us Digg Mixx Yahoo! Facebook LinkedIn Next Article:Buffett says unchecked U.S. debt threatens economy: report also on reuters Blog: Americans like tall, square-jawed presidents Dreaming of a Ferrari? Rental is the answer Video Video: Drivers get virtual "guardian angel" More Top News Buffett says unchecked U.S. debt threatens economy: report Central bankers to mull crisis lessons at retreat Baghdad blasts kill 95, Iraqi security criticized | Video Karzai says Taliban will fail to wreck Afghan vote | Video Canadian eastern provinces in Bill's path More Top News... Editor's Choice Slideshow A selection of our best photos from the past 24 hours. Slideshow Search Results Results for "" More results for ""... Most Popular on Reuters ? Articles ? Video ? Canadian eastern provinces in Bill's path ? Swiss to reveal UBS accounts to settle U.S. tax fight ? Views unchanged on Obama's healthcare plans: poll ? Honey, I cheated, and blah blah blah... ? Buffett says unchecked U.S. debt threatens economy: report ? Baby boomers still getting high ? Building block of life found on comet ? PlayStation 3 slims down in size, price ? Hijackers threatened to blow up mystery ship: reports ? Frustrated tweets new headache for airlines Most Popular Articles RSS Feed Video ? Drivers get virtual "guardian angel" ? Rally drivers hits horse at speed ? Lockerbie bomber drops appeal ? Wildfire rages in Greece. ? Thai elephant given prosthetic leg ? Gunmen seize Kabul building ? More violence, deaths in Mexico ? El-Erian: Stocks have hit a wall ? Tweeting to God in Israel ? Scores dead in Baghdad attacks Most Popular Videos RSS Feed Reuters.com: Help and Contact Us | Advertise With Us | Mobile | Newsletters | RSS | Labs | Journalism Handbook | Archive | Site Index | Video Index Thomson Reuters Corporate: Copyright | Disclaimer | Privacy | Professional Products | Professional Products Support | About Thomson Reuters | Careers From rforno at infowarrior.org Wed Aug 19 20:57:49 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 19 Aug 2009 16:57:49 -0400 Subject: [Infowarrior] - OpEd: Schneier on Generational Online Privacy Message-ID: <278B7E0B-E16E-44FE-A6F2-FB7BAC0DF7D9@infowarrior.org> http://search.japantimes.co.jp/cgi-bin/nc20090819a1.html Wednesday, Aug. 19, 2009 TECHNOLOGY Offhand but on record More and more people are using computers to chat with each other, but there's no such thing as a passing conversation on the Web By BRUCE SCHNEIER Special to The Japan Times Facebook recently made changes to its service agreement in order to make members' data more accessible to other computer users. Amuse, Inc. announced last week that hackers stole credit-card information from about 150,000 clients. Hackers broke into the social network Twitter's system and stole documents. Your online data is not private. It may seem private, but it's not. Take e-mail, for example. You might be the only person who knows your e-mail password, but you're not the only person who can read your e- mail. Your e-mail provider can read it too ? along with anyone he gives access to. That can include any backbone provider who happened to route that mail from the sender to you. In addition, if you read your e-mail from work, various people at your company have access to it, too. And, if they have taps at the correct points, so can the police, the U.S. National Security Agency, and any other well-funded national intelligence organization ? along with any hackers or criminals sufficiently skilled to break into one of these sites. Think about your Mixi or Facebook site. You're the only one with your password, but lots of other people can read your updates and look at your pictures. Your friends can see a lot of information about you ? that's the whole point of these sites ? and you don't really know who they share their information with. A lot of your stuff is public by default, and you probably keep it that way. You might respond to quizzes, and who knows where that data goes or who can see it. Workers at Mixi and Facebook can see everything, of course. They also grant access to portions of your data to third parties who want to sell their products to you. You could set every privacy setting on your Mixi or Facebook site to maximum, but few of us do that ? most of us don't even know how. You could encrypt your e-mail, but almost no one does that ? and, anyway, that doesn't work with Webmail very easily. Maintaining your privacy is hard, even if you're an expert. Cloud computing exacerbates this problem. If your company uses software- as-a-service providers such as Salesforce.com, contact management or MessageLabs e-mail filtering, those companies have access to your data. If you use Google Docs, Google has access to your data. But even if you leave your data in your computer at home, you have to worry about your family or roommates, burglars, police with warrants and Internet hackers and other criminals as well. It's not just your online data that is at risk. It's your cell phone data ? both the phone numbers you call and who call you, and the SMS messages you send and receive. It's your buying history, sitting in some credit card company's database. It's your medical records. It's the itemized list of everything you buy when you use a card that identifies you. These risks are new. Twenty years ago, if someone wanted to look through your correspondence, they had to break into your house. Now, they can just break into your ISP. Ten years ago, your voicemail was on an answering machine in your office; now it's on a computer owned by a telephone company. Your financial accounts are on remote Web sites protected only by passwords; your credit history is collected, stored and sold by companies whose names you probably don't even know. Your digital data is no longer under your control. And more data is being generated. Lists of everything you buy, and everything you look at but choose not to buy, are stored by online merchants both in Japan and abroad. A record of everything you browse can be stored by your ISP if they choose to. What were cash transactions are now credit card transactions. What used to be a face- to- face chat is now an e-mail, instant message, or SMS conversation ? or maybe a conversation within Mixi or Facebook. Think of the number of people and companies that can know your location. Your cell phone knows where you are. Your air-travel history is stored in various airline databases, and unless you buy your tickets anonymously, your rail travel history is stored in JR's and other databases. Even your credit card company can reconstruct your whereabouts from your purchases. All these systems are ostensibly private and secure, but many people have legitimate access and even more ? such as hackers and criminals ? can get illegitimate access. Japan's Personal Information Protection Act provides only some protections and may not apply if the computers that store your information are located in some other country. Anonymity doesn't help much. Mixi might not know your real name and address, but there are many ways to link your identity to your account. Maybe your e-mail address identifies you or your ISP knows who you are. Your cell phone identifies you and your computer might, too. Use a credit card from your account and that identifies you. True anonymity is very difficult; we regularly identify ourselves online even if we think we do not. The lesson in all of this is that little we do is ephemeral anymore. We leave electronic audit trails everywhere we go, with everything we do. This won't change: We can't turn back technology. But as technology makes our conversations less ephemeral, we need laws to step in and safeguard our privacy. We need comprehensive data privacy laws, protecting our data and communications regardless of where it is stored or how it is processed. We need laws forcing companies to keep it private and delete it as soon as it is no longer needed, and laws giving us the right to delete our data from third-party sites. And we need international cooperation to ensure that companies cannot flaunt data privacy laws simply by moving themselves offshore. Laws can only go so far, though. Law or no law, when something is made public, it's too late. And many of us like having complete records of all our e-mail at our fingertips; it's like our offline memory. In the end, this is a cultural issue. The Internet is creating the greatest generation gap since rock 'n' roll. We're now witnessing one aspect of that generation gap: The younger generation chats digitally, and the older generation treats those chats as written correspondence. Until our CEOs blog, our Diet members all Twitter, and our world leaders send each other LOLcats ? until we have a national election where all the candidates have a complete history on social networking sites from before they were teenagers ? we aren't fully an information age society. When everyone leaves a public digital trail of their personal thoughts since birth, no one will think twice about it being there. Some of us might be on the younger side of the generation gap, but the rules we're operating under were written by the older side. It will take another generation before our privacy laws catch up with the death of the ephemeral conversation. Until then, we're just going to have to live with this loss of privacy. Bruce Schneier is a leading computer security specialist and the author of "Secrets and Lies: Digital Security in a Networked World." Read about him at schneier.com From rforno at infowarrior.org Thu Aug 20 10:57:26 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Aug 2009 06:57:26 -0400 Subject: [Infowarrior] - Fwd: [attrition] Gartner Gartner Gartner Gartner Gartner Gartner (morons) References: Message-ID: Begin forwarded message: > From: security curmudgeon > Date: August 19, 2009 9:55:47 PM EDT > To: attrition at attrition.org > Subject: [attrition] Gartner Gartner Gartner Gartner Gartner Gartner > (morons) > Reply-To: staff at attrition.org > > > Gartner is a company that provides research and analysis to stuff. > I've > never taken them seriously, because they are mostly analysts that > spend > time writing about technology, not using or troubleshooting it. > > Gartner also does predictions on technology trends. Gartner charges > for > this research for the most part. Gartner's insight is often about > the same > as you would get from a first year MCSE or first year CISSP. > > Gartner. See their name? We cannot say it, or so they claim. This mail > will be archived on the attrition site, and I believe we have other > pages > that mention their name. Wonder if we get a C&D from Gartner. > > Gartner, analysts turned morons turned impotent lawyers. Big surprise. > > - > > http://www.networkworld.com/community/node/44252 > When censorship goes too far, we cannot say Gar-ner anymore > Gar-ner gets what it deserves, all blogs deleted with company name > in it as an act of protest > By Larry Chaffin on Sun, 08/09/09 - 10:36am. > > ______________________________________________ > Attrition Mailing List (http://attrition.org) > From rforno at infowarrior.org Thu Aug 20 11:23:01 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Aug 2009 07:23:01 -0400 Subject: [Infowarrior] - Hollywood scared of Twitter? Message-ID: <4E5A1438-DAF7-4BEB-88EB-E786076E2676@infowarrior.org> Perhaps just another non-story about the "threat" of technology to decaying business models, but amusing anyway. If Hollywood "risks" having tons of people learn very quickly that a movie sucks, which in turn leads to lower revenues per film, might they realize the error of their ways and start producting better movies? At least that's the logic ---- but then again, we all know how logic fares in certain industries. :) -rf Twittering May Have Impact at Box Office From News Services Thursday, August 20, 2009 http://www.washingtonpost.com/wp-dyn/content/article/2009/08/19/AR2009081904279.html?hpid=artsliving Although word of mouth could always make or break a movie, it usually took days to affect the box office. But the rise of social networking tools such as Twitter might be narrowing that time frame to hours. And that has Hollywood on edge. This summer, movies such as "Br?no" and "G.I. Joe" have had unexpected tumbles at the box office -- just within their opening weekends -- while "Transformers: Revenge of the Fallen" survived blistering critical reaction to become a blockbuster. Box-office watchers say the dramatic swings might be caused by Twitter and other social networking sites that can blast instant raves -- or pans -- to hundreds of people just minutes after the credits roll. "Almost every time after I go out [to a movie], I'll tweet about it," says Lindsay Wailes, a cook and barista from Westminster, Md. "I tweeted about 'G.I. Joe' as soon as I left the theater." Her take: "If you like science or plot, this isn't a movie for you; if you like explosions for no reason, you'll love it." She also listens to what others have to say: She turned her back on "Br?no" because of downbeat Twitter reviews. Studios are trying to gauge the impact of an avalanche of tweets and how it affects the staying power of a movie. Was the 39 percent box- office drop of "Br?no" from Friday to Saturday a case of disappointed moviegoers tweeting from theater lobbies? Or did a limited fan base for "Br?no" exhaust itself on that first day? "I think Twitter can't be stopped," says Stephen Bruno, the Weinstein Co.'s senior director of marketing. "Now you have to see it as an addition to the campaign of any movie. People want real-time news, and suddenly a studio can give it to them in a first-person way." Eamonn Bowles, president of Magnolia Pictures, says studios are worrying about a time when "people will be Twittering during the opening credits -- and leaving when they don't like them." But he also warns, "The next step [for the Twitter Effect] is for studio marketing to manipulate it." The Weinstein Co. has done that big-time for the Friday release of the Quentin Tarantino-Brad Pitt World War II epic "Inglourious Basterds." The company packed a screening at San Diego's Comic-Con with people who won access via Twitter. It also staged "the first ever Red Carpet Twitter meet-up" during the movie's premiere at Grauman's Chinese Theatre in Hollywood, generating celebrity tweets, including Sarah Silverman's "just made me smile forever" and Tony Hawk's "another Tarantino classic." Twitter has broadened the reach of bloggers and other aspiring opinionmakers. "Just two years ago, if I saw a movie I loved or I hated, I'd be able to tell a dozen friends, tops," says John Singh, who works for the movie and social networking Web site Flixster. "Now I can be walking out of a theater as the credits are rolling and immediately tell 500 people what I thought. . . . It's never been this easy to be this influential." Take "The Proposal," a film that had little buzz yet has become one of the summer's most profitable productions. (It cost $40 million and is grossing upward of $159 million.) Flixster, which runs the movie application for iPhones, worked with Disney/Touchstone to promote the Sandra Bullock-Ryan Reynolds romantic farce. Singh credits the campaign with increasing the film's opening-weekend haul by 30 percent. Positive reviews from her Twitter friends can persuade Wailes to attend a film if she's "undecided." If it "gets raves from people I network with, since I know I have something in common with these people, I figure there must be something in the movie that I might want to see." Gregg Kilday, film editor of the Hollywood Reporter, notes that it's impossible to separate the factors that would explain a film's drop or rise in box office. "Even if you don't have Twitter, a lot of people, especially kids, have long had the ability to text each other, sometimes from within the theater," he says. "And for a lot of the mass-market movies, the potential audience will go whether friends tell them they're good or not." Brandon Gray, president and founder of Boxofficemojo.com, notes that the hit teen-romance vampire film "Twilight" dropped 41 percent from Friday to Saturday without any discussion of the Twitter Effect. "There have been many indications through the years that films targeting teens and young adults will have a huge Friday and a more front-loaded weekend," Gray says. "That's just kind of how it goes." Movietickets.com recently ran a poll in which 88 percent of the voting sample said Twitter had no effect on them. Joel Cohen, the company's executive vice president and general manager, thinks "we may be putting too much weight onto the Twitter Effect. But you can see Twitter's benefits as a communications tool that spreads the word about a film, and the negatives have yet to be proven." Bowles, who distributed the documentary "Food, Inc.," acknowledges that "we did some Twitter-specific things, including a Twitter-cast with the movie's director, Robby Kenner." But he's cautious when it comes to describing Twitter as a "revolutionary" force. "Revolutionize moviegoing? No," he said. "But all the tiny little bits together [Twitter, MySpace, Facebook and others] can add up to something meaningful." From rforno at infowarrior.org Thu Aug 20 13:54:57 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Aug 2009 09:54:57 -0400 Subject: [Infowarrior] - Beloit's Annual Depressing Survey Message-ID: <76B34232-62C0-44AB-808B-6CFB6A2044C5@infowarrior.org> Depressing, because, at the very least, it is another reminder of how OLD we are becoming!!!! :) ---rf The Beloit College Mindset List for the Class of 2013 http://www.beloit.edu/mindset/2013.php Most students entering college for the first time this fall were born in 1991. ? For these students, Martha Graham, Pan American Airways, Michael Landon, Dr. Seuss, Miles Davis, The Dallas Times Herald, Gene Roddenberry, and Freddie Mercury have always been dead. ? Dan Rostenkowski, Jack Kevorkian, and Mike Tyson have always been felons. ? The Green Giant has always been Shrek, not the big guy picking vegetables. ? They have never used a card catalog to find a book. ? Margaret Thatcher has always been a former prime minister. ? Salsa has always outsold ketchup. ? Earvin "Magic" Johnson has always been HIV-positive. ? Tattoos have always been very chic and highly visible. ? They have been preparing for the arrival of HDTV all their lives. ? Rap music has always been main stream. ? Chocolate chip cookie dough ice cream has always been a flavor choice. ? Someone has always been building something taller than the Willis (n?e Sears) Tower in Chicago. ? The KGB has never officially existed. ? Text has always been hyper. ? They never saw the ?Scud Stud? (but there have always been electromagnetic stud finders.) ? Babies have always had a Social Security Number. ? They have never had to ?shake down? an oral thermometer. ? Bungee jumping has always been socially acceptable. ? They have never understood the meaning of R.S.V.P. ? American students have always lived anxiously with high-stakes educational testing. ? Except for the present incumbent, the President has never inhaled. ? State abbreviations in addresses have never had periods. ? The European Union has always existed. ? McDonald's has always been serving Happy Meals in China. ? Condoms have always been advertised on television. ? Cable television systems have always offered telephone service and vice versa. ? Christopher Columbus has always been getting a bad rap. ? The American health care system has always been in critical condition. ? Bobby Cox has always managed the Atlanta Braves. ? Desperate smokers have always been able to turn to Nicoderm skin patches. ? There has always been a Cartoon Network. ? The nation?s key economic indicator has always been the Gross Domestic Product (GDP). ? Their folks could always reach for a Zoloft. ? They have always been able to read books on an electronic screen. ? Women have always outnumbered men in college. ? We have always watched wars, coups, and police arrests unfold on television in real time. ? Amateur radio operators have never needed to know Morse code. ? Belarus, Moldova, Ukraine, Uzbekistan, Armenia, Latvia, Georgia, Lithuania, and Estonia have always been independent nations. ? It's always been official: President Zachary Taylor did not die of arsenic poisoning. ? Madonna?s perspective on Sex has always been well documented. ? Phil Jackson has always been coaching championship basketball. ? Ozzy Osbourne has always been coming back. ? Kevin Costner has always been Dancing with Wolves, especially on cable. ? There have always been flat screen televisions. ? They have always eaten Berry Berry Kix. ? Disney?s Fantasia has always been available on video, and It?s a Wonderful Life has always been on Moscow television. ? Smokers have never been promoted as an economic force that deserves respect. ? Elite American colleges have never been able to fix the price of tuition. ? Nobody has been able to make a deposit in the Bank of Credit and Commerce International (BCCI). ? Everyone has always known what the evening news was before the Evening News came on. ? Britney Spears has always been heard on classic rock stations. ? They have never been Saved by the Bell ? Someone has always been asking: ?Was Iraq worth a war?? ? Most communities have always had a mega-church. ? Natalie Cole has always been singing with her father. ? The status of gays in the military has always been a topic of political debate. ? Elizabeth Taylor has always reeked of White Diamonds. ? There has always been a Planet Hollywood. ? For one reason or another, California?s future has always been in doubt. ? Agent Starling has always feared the Silence of the Lambs. ? ?Womyn? and ?waitperson? have always been in the dictionary. ? Members of Congress have always had to keep their checkbooks balanced since the closing of the House Bank. ? There has always been a computer in the Oval Office. ? CDs have never been sold in cardboard packaging. ? Avon has always been ?calling? in a catalog. ? NATO has always been looking for a role. ? Two Koreas have always been members of the UN. ? Official racial classifications in South Africa have always been outlawed. ? The NBC Today Show has always been seen on weekends. ? Vice presidents of the United States have always had real power. ? Conflict in Northern Ireland has always been slowly winding down. ? Migration of once independent media like radio, TV, videos and compact discs to the computer has never amazed them. ? Nobody has ever responded to ?Help, I?ve fallen and I can?t get up.? ? Congress could never give itself a mid-term raise. ? There has always been blue Jell-O. From rforno at infowarrior.org Thu Aug 20 14:06:36 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Aug 2009 10:06:36 -0400 Subject: [Infowarrior] - Leagues See Bloggers in the Bleachers as a Threat Message-ID: <7E7C8CBA-3486-4D0E-A262-958FAC40D464@infowarrior.org> August 20, 2009 Leagues See Bloggers in the Bleachers as a Threat By KEN BELSON and TIM ARANGO http://www.nytimes.com/2009/08/20/sports/ncaafootball/20rights.html?hpw=&pagewanted=print Camera phones, hand-held video cameras and social networking sites like Twitter have turned sports fans with Web sites into instant reporters and broadcasters. But one of the nation?s leading college leagues is drawing a line in the turf. The Southeastern Conference, home to some of the nation?s most prominent and lucrative university athletic programs, has issued rules in the past week prohibiting fans from distributing photographs or video of its games in real time for commercial use. Like a growing number of pro and college teams nationwide, the conference sees money to be made online from the exploits of its athletes. The rules are aimed not at the casual fan who might post a few pictures of Saturday?s football game on a personal Web site, but rather those who copy television broadcasts, create their own highlight reels and post them on sites charging for access or advertising. That is no small number. Prominent teams can each have hundreds of unofficial fan Web sites, some updated and visited around the clock. The University of Florida?s Gators, who compete in the Southeastern Conference and claimed last season?s national championship in football, have attracted scores of sites, like Gator Sports Nation and Alligator Army, which trade in all manner of news and rumor related to the program. Leagues and teams at many levels have tried to restrict how their games are covered while also creating their own thriving media divisions. That has already pitted them against traditional news media outlets, like newspapers and radio stations, for readers and listeners and advertising dollars. Now, they are trying to curtail rabid fans who run Web sites devoted to the teams they love ? or hate. The Southeastern Conference did not identify specific Web sites that might have prompted its policy changes. But mainstream media organizations and their defenders have joined bloggers in rushing to fight the new rules. Sandra Baron, the executive director of the Media Law Resource Center, a nonprofit organization that focuses on First Amendment matters, said the rules were a ?continuing effort to put a stranglehold on objective, third-party news organizations.? Ethan Jaynes, writing on the Web site SECfootballblogger.com, said the SEC had been media friendly. But, he wrote, ?now that Big Brother ESPN is in the picture everything has to be corporate and very ?NFL?ish.? The rules are part of an effort to protect a vast online video archive of games and file footage that the conference will market to fans this fall. The SEC Digital Network, as it will be known, is not unlike what Major League Baseball and other professional leagues have done with video from their games to create highlight reels, slide shows and other montages. Conference officials said they were not trying to prevent fans from sending personal messages or brief descriptions of games to their Facebook pages or on Twitter, as some fans fear. Enforcing such a policy would be impractical and counterproductive because social media platforms help promote the conference?s teams, said Charles Bloom, a spokesman for the SEC. Last August, the conference signed 15-year television contracts with ESPN and CBS. But ?the line is drawn at game footage video,? Mr. Bloom said. ?We want to protect our rights to have video between the conference and its members, and ban the commercial sale of photo images. Fans can post photos on their site or Facebook page, but they can?t be for sale.? Mr. Bloom added that technology was becoming so sophisticated so quickly that the conference wanted to protect itself against new innovations in coming years. The issue extends to the professional game. With the proliferation of new media forms, from Twitter to blogging to social networks, sports leagues and mainstream media outlets have been wrestling over access and ownership rights to images and transmissions of audio and video from stadiums. The issue often becomes particularly contentious at the start of seasons, when leagues issue rules that journalists must follow if they want credentials to cover games. ?We?re dealing with this all the time,? said Lou Ferrara, the vice president and managing editor for sports, entertainment and interactive for The Associated Press. ?It?s about access, and the ability to inform the public in an unbiased way.? A few years ago, Major League Baseball sought to restrict the number of photographs that newspapers could use in slide shows on their Web sites. Pat Courtney, a spokesman for baseball, said the policy was not aimed at outlets reporting news, but at individuals who ?take 600 pictures of last night?s game? and put them on their Web sites. The custom of leagues allowing local television stations to air a two- minute highlight video clip has not extended to the digital age. Newspapers, which were not in the business of transmitting video before the advent of the Internet, have sought the same rights as TV stations. ?It?s hard to say we should have free access to this if ESPN and Yahoo Sports have stepped up and paid for it,? said Jeff Price, the former president for digital businesses at Sports Illustrated, who is now a sports industry consultant. (ESPN and Yahoo pay Major League Baseball for the right to transmit highlight clips over the Internet.) The dispute has reached high school sports. In Wisconsin, for example, Gannett, the newspaper chain that owns The Post-Crescent in Appleton, Wisc., has been enmeshed for months in a legal battle with the Wisconsin Interscholastic Athletic Association. The controversy touches on a number of issues, including the live streaming of games, the definition of live blogging and the ownership of photographs taken during games. ?They are challenging our authority to run our tournaments,? said Todd Clark, a spokesman for the athletic association. Debate over in-game blogging has been particularly contentious in Wisconsin. Last year, the athletic association sent $100 invoices ? the fee it charges radio stations to cover games ? to newspapers that it determined were publishing play-by-play blogs. The newspapers ignored the bills. ?It was absolutely ludicrous,? said Peter Fox, the executive director of the Wisconsin Newspaper Association. ?You can?t do play-by-play in a blog. You can?t type that fast, for crying out loud.? The SEC, the Big Ten and other collegiate conferences said they had not gone to court to shut down any media outlets that used their content without a license. But given how fast new technology has emerged, the number of media outlets wanting to broadcast professional and collegiate sports is likely to grow, along with efforts to police them. From rforno at infowarrior.org Fri Aug 21 00:14:09 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Aug 2009 20:14:09 -0400 Subject: [Infowarrior] - Make Digital Data Self-Destruct Message-ID: (Paper being presented @ USENIX - http://vanish.cs.washington.edu/research.html) New Technology to Make Digital Data Self-Destruct By JOHN MARKOFF Published: July 20, 2009 http://www.nytimes.com/2009/07/21/science/21crypto.html?_r=1 A group of computer scientists at the University of Washington has developed a way to make electronic messages ?self destruct? after a certain period of time, like messages in sand lost to the surf. The researchers said they think the new software, called Vanish, which requires encrypting messages, will be needed more and more as personal and business information is stored not on personal computers, but on centralized machines, or servers. In the term of the moment this is called cloud computing, and the cloud consists of the data ? including e-mail and Web-based documents and calendars ? stored on numerous servers. The idea of developing technology to make digital data disappear after a specified period of time is not new. A number of services that perform this function exist on the World Wide Web, and some electronic devices like FLASH memory chips have added this capability for protecting stored data by automatically erasing it after a specified period of time. But the researchers said they had struck upon a unique approach that relies on ?shattering? an encryption key that is held by neither party in an e-mail exchange but is widely scattered across a peer-to-peer file sharing system. Public key cryptography makes it possible for two parties who have never physically met to share a digital secret and as a result engage in a secure electronic conversation sheltered from potential eavesdroppers. The technology is at the heart of most modern electronic commerce systems. Vanish uses a key-based encryption system in a different way, making it possible for a decrypted message to be automatically re-encrypted at a specified point in the future without fear that a third party will be able to gain access to the key needed to read the message. The pieces of the key, small numbers, tend to ?erode? over time as they gradually fall out of use. To make keys erode, or timeout, Vanish takes advantage of the structure of a peer-to-peer file system. Such networks are based on millions of personal computers whose Internet addresses change as they come and go from the network. This would make it exceedingly difficult for an eavesdropper or spy to reassemble the pieces of the key because the key is never held in a single location. The Vanish technology is applicable to more than just e-mail or other electronic messages. Tadayoshi Kohno, a University of Washington assistant professor who is one of Vanish?s designers, said Vanish makes it possible to control the ?lifetime? of any type of data stored in the cloud, including information on Facebook, Google documents or blogs. In addition to Mr. Kohno, the authors of the paper, "Vanish: Increasing Data Privacy with Self-Destructing Data," include Roxana Geambasu, Amit A. Levy and Henry M. Levy. The potential value of such technology was brought into stark relief last week when a computer hacker stole data belonging to the social media company Twitter and e-mailed it to Web publishing companies in the United States and France. The significance of the advance is that the Vanish ?trust model? does not depend on the integrity of third parties, as other systems do. The researchers cite an incident in which a commercial provider of encrypted e-mail services revealed the contents of digital communication when served with a subpoena by a Canadian law enforcement agency. The researchers acknowledged that there are unexplored legal issues surrounding the use of their technology. For example, certain laws require that corporations archive e-mails and make them accessible. The researchers have developed a prototype of the Vanish system based on a plug-in module for the Mozilla Firefox Web browser. Using the system requires that both parties of the communication have a copy of the module, which is one of the limits of the technology. Mr. Kohno said that he did not envision Vanish being used for all communications, but only for sensitive ones. From rforno at infowarrior.org Fri Aug 21 01:47:48 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Aug 2009 21:47:48 -0400 Subject: [Infowarrior] - REAL ID Reanimated Message-ID: <279536A1-3E9F-40B0-B6C8-2D0DABEF1893@infowarrior.org> August 20th, 2009 PASS ID: REAL ID Reanimated http://www.eff.org/deeplinks/2009/08/pass-id-real-id-reanimated News Update by Richard Esguerra In February, the opponents of REAL ID were given a bit of hope when Homeland Security Secretary Janet Napolitano said that she wanted to repeal the REAL ID Act, the federal government's failed plan to impose a national identification card through state driver's licenses. But what has taken place since is no return to sanity, as political machinations have produced a cosmetic makeover called "PASS ID" that has revived the push for a national identification card. The PASS ID Act (S. 1261) seeks to make many of the same ineffectual, dangerous changes the REAL ID Act attempted to impose. Fundamentally, PASS ID operates on the same flawed premise of REAL ID -- that requiring various "identity documents" (and storing that information in databases for later access) will magically make state drivers' licenses more legitimate, which will in turn improve national security. Proponents seem to be blind to the systemic impotence of such an identification card scheme. Individuals originally motivated to obtain and use fake IDs will instead use fake identity documents to procure "real" drivers' licenses. PASS ID creates new risks -- it calls for the scanning and storage of copies of applicants' identity documents (birth certificates, visas, etc.). These documents will be stored in databases that will become leaky honeypots of sensitive personal data, prime targets for malicious identity thieves or otherwise accessible by individuals authorized to obtain documents from the database. Despite some alterations to the scheme, PASS ID is still bad for privacy in many of the same ways the REAL ID was. And proponents of the national ID effort seem blissfully unaware of the creepy implications of a "papers please" mentality that may grow from the issuance of mandatory federal identification cards. Despite token provisions that claim to give states the freedom to issue non-federal identification cards, the card will be mandatory for most -- the PASS ID Act seeks to require everyone to show the federally recognized ID for "any official purpose," including boarding a plane or entering a federal building. At the moment, health care reform is commanding tremendous attention and effort on the hill, so the PASS ID Act seems to be on the backburner for now. But after the August recess, anything can happen. So stay tuned for more about PASS ID and critical opportunities to flag your opposition to this flawed national ID scheme. Related Issues: Privacy, Real ID From rforno at infowarrior.org Fri Aug 21 02:22:59 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 20 Aug 2009 22:22:59 -0400 Subject: [Infowarrior] - Ridge: DHS pressured to raise terror levels Message-ID: <410C851D-A492-4180-847E-7B797ED6178B@infowarrior.org> Ridge Claims That He Was Pressured to Elevate Threat Warning Updated 7:42 p.m. By Garance Franke-Ruta http://voices.washingtonpost.com/44/2009/08/20/ridge_claims_in_book_that_he_w.html?hpid=news-col-blog Former Pennsylvania governor Tom Ridge, the first director of the Department of Homeland Security, says that he was pressured by other agency heads to raise the national security-threat level on the eve of the 2004 presidential election -- a move he rejected as having political undertones. The disclosure comes in promotional materials for Ridge's new book, due out Sept. 1, in which he writes that Defense Secretary Donald H. Rumsfeld and Attorney General John D. Ashcroft tried to pressure him to raise the threat level. "After that episode, I knew I had to follow through with my plans to leave the federal government for the private sector," Ridge writes in the book, "The Test of Our Times: America Under Siege ... and How We Can Be Safe Again," according to publishers Thomas Dunne Books. He submitted his resignation within the month. Another official in George W. Bush's administration, White House homeland security adviser Frances Fragos Townsend, told the Associated Press on Thursday that Ridge "was certainly not pressured," while a spokesman for Rumsfeld rejected Ridge's assertion. "The story line advanced by his publisher seemingly to sell copies of the book is nonsense," Keith Urbahn said in a statement. "During the fall of 2004, Osama bin Laden and an American member of al-Qaeda released videotapes that said in no uncertain terms that al-Qaeda intended to launch more attacks against Americans. ... Given those facts, it would seem reasonable for senior administration officials to discuss the threat level." Ridge's publicist, Joe Rinaldi, said Thursday that the former secretary was not doing interviews. Ridge will also say in the book that his relationship with Rumsfeld had been distant, with the Pentagon chief rarely making himself available for meetings with his domestic security counterpart. And Ridge will also reveal that he was never invited to a White House National Security Council meeting -- Condoleezza Rice was NSC director during President George W. Bush's first term -- that he was routinely "blindsided" by an information-withholding Federal Bureau of Investigation during Oval Office briefings, and that his efforts to establish regional Homeland Security offices in New Orleans and six other major cities in the years before Hurricane Katrina were thwarted by bureaucracy. The man who oversaw America's airport screening was himself singled out for screening more than two dozen times, he will say. Threat-level warnings became a subject of controversy in 2004 after one rise was declared just days after the Democratic National Convention that summer. The move was seen by some at the time as redirecting public attention toward an issue where Bush was stronger (terrorism) and away from questions about the war in Iraq being raised by challenger Sen. John F. Kerry (D-Mass.). Some of the intelligence behind the alert was ultimately revealed to be three to four years old, though newly obtained. "We don't do politics in the Department of Homeland of Security," Ridge said at the time. From rforno at infowarrior.org Sun Aug 23 14:43:04 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 23 Aug 2009 10:43:04 -0400 Subject: [Infowarrior] - 25 Great Pirate Bay Alternatives Message-ID: 25 Great Pirate Bay Alternatives http://torrentfreak.com/25-great-pirate-bay-alternatives-090822/ From rforno at infowarrior.org Mon Aug 24 12:31:45 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Aug 2009 08:31:45 -0400 Subject: [Infowarrior] - New Unit to Question Key Terror Suspects Message-ID: New Unit to Question Key Terror Suspects Move Shifts Interrogation Oversight From the CIA to the White House By Anne E. Kornblut Washington Post Staff Writer Monday, August 24, 2009 http://www.washingtonpost.com/wp-dyn/content/article/2009/08/23/AR2009082302598.html?hpid=topnews President Obama has approved the creation of an elite team of interrogators to question key terrorism suspects, part of a broader effort to revamp U.S. policy on detention and interrogation, senior administration officials said Sunday. Obama signed off late last week on the unit, named the High-Value Detainee Interrogation Group, or HIG. Made up of experts from several intelligence and law enforcement agencies, the interrogation unit will be housed at the FBI but will be overseen by the National Security Council -- shifting the center of gravity away from the CIA and giving the White House direct oversight. < - > Under the new guidelines, interrogators must stay within the parameters of the Army Field Manual when questioning suspects. The task force concluded -- unanimously, officials said -- that "the Army Field Manual provides appropriate guidance on interrogation for military interrogators and that no additional or different guidance was necessary for other agencies," according to a three-page summary of the findings. The officials spoke on the condition of anonymity to discuss intelligence matters freely. Using the Army Field Manual means certain techniques in the gray zone between torture and legal questioning -- such as playing loud music or depriving prisoners of sleep -- will not be allowed. Which tactics are acceptable was an issue "looked at thoroughly," one senior official said. Obama had already banned certain severe measures that the Bush administration had permitted, such as waterboarding. Still, the Obama task force advised that the group develop a "scientific research program for interrogation" to develop new techniques and study existing ones to see whether they work. In essence, the unit would determine a set of best practices on interrogation and share them with other agencies that question prisoners. From rforno at infowarrior.org Mon Aug 24 19:55:51 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Aug 2009 15:55:51 -0400 Subject: [Infowarrior] - Holder to Appoint Prosecutor to Investigate CIA Terror Interrogations Message-ID: <5FA53ACB-C1D8-4606-A46C-83CCC5C944A1@infowarrior.org> Holder to Appoint Prosecutor to Investigate CIA Terror Interrogations By Carrie Johnson Washington Post Staff Writer Monday, August 24, 2009 2:23 PM http://www.washingtonpost.com/wp-dyn/content/article/2009/08/24/AR2009082401743_pf.html Attorney General Eric H. Holder Jr. has decided to appoint a prosecutor to examine nearly a dozen cases in which CIA interrogators and contractors may have violated anti-torture laws and other statutes when they allegedly threatened terrorism suspects, according to two sources familiar with the move. Holder is poised to name John Durham, a career Justice Department prosecutor from Connecticut, to lead the inquiry, according to the sources, who spoke on condition of anonymity because the process is not complete. Durham's mandate, the sources added, will be relatively narrow: to look at whether there is enough evidence to launch a full-scale criminal investigation of current and former CIA personnel who may have broken the law in their dealings with detainees. Many of the harshest CIA interrogation techniques have not been employed against terrorism suspects for four years or more. The attorney general selected Durham in part because the longtime prosecutor is familiar with the CIA and its past interrogation regime. For nearly two years, Durham has been probing whether laws against obstruction or false statements were violated in connection with the 2005 destruction of CIA videotapes. The tapes allegedly depicted brutal scenes including waterboarding of some of the agency's high value detainees. That inquiry is proceeding before a grand jury in Alexandria, although lawyers following the investigation have cast doubt on whether it will result in any criminal charges. Word of Holder's decision comes on the same day that the Obama administration will issue a 2004 report by the then-CIA Inspector General. Among other things, the IG questioned the effectiveness of harsh interrogation tactics that included simulated drowning and wall slamming. A federal judge in New York forced the administration to release the secret report after a lawsuit from the American Civil Liberties Union. A separate internal Justice Department ethics report on the professionalism of lawyers who blessed the questioning techniques continues to undergo declassification review and is not likely to be released imminently. The New York Times reported Monday that the ethics report recommended that Holder take another look at several episodes of alleged detainee abuse that previously had been declined for prosecution during the Bush years, bolstering his decision to appoint a prosecutor. Leaders at the Justice Department and the intelligence community have clashed this year over the release of sensitive interrogation memos, military photographs of detainee abuse and how to handle the cases of more than 200 detainees at the prison in Guantanamo Bay, Cuba. Holder's decision could complicate the Justice Department's relationship with the White House, where President Obama has repeatedly expressed a desire to move forward from the national security controversies of the Bush administration. Deputy White House press secretary Bill Burton told reporters Monday that the president had complete faith in Holder and that the decision whether to launch an investigation was the attorney general's sole prerogative. "The White House supports the attorney general making the decisions on who gets prosecuted and investigated," Burton said. Holder acknowledges the possible fallout from his decision, but has concluded in recent days that he has no other choice than to probe whether laws were broken in connection with the Bush administration's interrogation program, the two sources said. Fewer than a dozen cases will be examined, most from Iraq and Afghanistan. Any criminal investigation into the CIA conduct faces serious hurdles, according to current and former government lawyers, including such challenges as missing evidence, nonexistent or unreliable witnesses, no access to some bodies of detainees who died, and the passage of up to seven years since the questionable activity occurred far from American soil. During the Bush years, a team of more than a half-dozen career prosecutors in the Eastern District of Virginia, which is renown for its expertise in probing clandestine operations, reviewed about 20 cases of alleged prisoner abuse after receiving referrals from the military and then-CIA Inspector General John Helgerson. Among the assistant U.S. attorneys involved in the review was Robert Spencer, who successfully prosecuted al-Qaeda operative Zacharias Moussaoui and who later won one of the highest awards the Justice Department bestows. In only one of the cases did the lawyers recommend seeking a grand jury indictment. A federal appeals court earlier this month affirmed the assault conviction of David A. Passaro, a CIA contractor who wielded a metal flashlight against a detainee at a military base in Afghanistan. Passaro was not charged with murder. Abdul Wali, the detainee he questioned, died shortly after the beating but investigators could not conclusively link his death to the flashlight attack. A former government official involved in the previous review said that, given problems with evidence, there was "no conceivable way we could have come out different" and sought criminal indictments. The official said that analysis might change if new and reliable witnesses emerged. Current and former CIA officials from both Democratic and Republican administrations have cited the prior review by prosecutors as one of several reasons why the Obama Justice Department need not act. They fear that any criminal investigation will chill intelligence activities and alienate operatives who are responsible for protecting national security. In a message distributed to employees Monday morning, CIA Director Leon Panetta noted that the agency repeatedly had sought legal advice from the Justice Department, receiving "multiple written assurances that its methods were lawful. The CIA has a strong record in terms of following legal guidance and informing the Department of Justice of potentially illegal conduct." The Justice Department investigation has roiled activists from across the political spectrum for weeks even before it became a reality Monday. The left-leaning ACLU and Alliance for Justice, as well as groups that represent torture victims, exhorted Holder to undertake a wide-ranging probe of Bush lawyers and administration officials who helped develop the interrogation policy. But nine GOP senators who occupy prominent roles on the Judiciary Committee last week urged Holder not to act at all, arguing that further investigation was both unnecessary and unwise. "The intelligence community will be left to wonder whether actions taken today in the interest of national security will be subject to legal recriminations when the political winds shift," said the letter, signed by lawmakers including Sens. Jon Kyl (Ariz.), Jeff Sessions (Ala.), John Cornyn (Tex.), Orrin Hatch (Utah) and Charles Grassley (Iowa). With Monday's looming public announcement, however, the attorney general and his national security team appear to be staking out a middle ground -- rejecting a broad inquiry that could result in possible prosecutions of Justice Department lawyers in the Bush years as well as cabinet officers who developed counterterrorism policy; but giving civil liberties advocates at least part of what they wanted without supporting a full, independent truth commission to examine a host of Bush national security practices. From rforno at infowarrior.org Mon Aug 24 20:09:42 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 24 Aug 2009 16:09:42 -0400 Subject: [Infowarrior] - Link: CIA IG Report on Terror Interrogations (2004) Message-ID: <84C26ECF-02D2-423A-A66A-F4CB22692619@infowarrior.org> Released today (PDF) http://media.washingtonpost.com/wp-srv/nation/documents/cia_oig_report.pdf From rforno at infowarrior.org Tue Aug 25 11:20:46 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Aug 2009 07:20:46 -0400 Subject: [Infowarrior] - Court: Fed must release bank loan reports Message-ID: Fed Must Release Reports on Emergency Bank Loans, Judge Says http://www.bloomberg.com/apps/news?pid=20670001&sid=aMO_r2xLw7e8 By Mark Pittman and Karen Gullo Aug. 25 (Bloomberg) -- The Federal Reserve must make records about emergency lending to financial institutions public within five days because it failed to convince a judge the documents should be exempt from the Freedom of Information Act. Manhattan Chief U.S. District Judge Loretta Preska rejected the central bank?s argument that the records aren?t covered by the law because their disclosure would harm borrowers? competitive positions. The collateral lists ?are central to understanding and assessing the government?s response to the most cataclysmic financial crisis in America since the Great Depression,? according to the lawsuit that led to yesterday?s ruling. The Fed has refused to name the borrowers, the amounts of loans or the assets put up as collateral under 11 programs, saying that doing so might set off a run by depositors and unsettle shareholders. Bloomberg LP, the New York-based company majority-owned by Mayor Michael Bloomberg, sued Nov. 7 on behalf of its Bloomberg News unit. ?When an unprecedented amount of taxpayer dollars were lent to financial institutions in unprecedented ways and the Federal Reserve refused to make public any of the details of its extraordinary lending, Bloomberg News asked the court why U.S. citizens don?t have the right to know,? said Matthew Winkler, the editor-in-chief of Bloomberg News. ?We?re gratified the court is defending the public?s right to know what is being done in the public interest.? ?Involuntary Investor? Bloomberg said in the suit U.S. taxpayers need to know the risks behind the central bank?s $2 trillion in lending because the public is an ?involuntary investor? in the nation?s banks. The Federal Reserve?s balance sheet about doubled beginning in September to more than $2 trillion because of a historic attempt to rescue financial institutions. For the week ended Aug. 19, Fed assets rose 2.3 percent to $2.06 trillion as the central bank bought more mortgage-backed securities. Non- government securities were allowed to be purchased by the Fed for the first time. The Freedom of Information Act obliges federal agencies to make government documents available to the press and public. The Bloomberg suit, filed in New York, doesn?t seek money damages. David Skidmore, a Fed spokesman, said the board?s staff was reviewing the ruling and declined to comment on it at this time. The case is Bloomberg LP v. Board of Governors of the Federal Reserve System, 08-CV-9595, U.S. District Court, Southern District of New York (Manhattan). To contact the reporters on this story: Mark Pittman in New York at mpittman at bloomberg.net ; Karen Gullo in San Francisco at kgullo at bloomberg.net. Last Updated: August 25, 2009 00:01 EDT From rforno at infowarrior.org Tue Aug 25 11:36:50 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Aug 2009 07:36:50 -0400 Subject: [Infowarrior] - SCO = STD? Message-ID: <5A8BF2D4-4685-4E69-9D07-844FA07AB42D@infowarrior.org> The title of this article is a good one -- like an STD, this case refuses to go away!!! -rf Threat Level Privacy, Crime and Security Online It?s Baaaack ? Appeals Court Resurrects SCO Lawsuit ? By David Kravets ? August 24, 2009 | ? 8:50 pm | ? Categories: Miscellaneous http://www.wired.com/threatlevel/2009/08/sco/ A federal appeals court on Monday ruled that the SCO Group has a right to a jury trial on its claim that it owns the Unix operating system, a ruling that could lead to renewed legal entanglements for Unix?s open- source cousin, Linux. The 10th U.S. Circuit Court of Appeals reversed a lower court judge who had ruled against SCO in 2007, a decision that suspended an aggressive legal campaign by the company. In 1995, SCO Group (then known as Santa Cruz Operation) bought the Unix operating system from Novell for $149 million. But which company owned the copyrights wasn?t clear, and years of litigation ensued. SCO Group filed for bankruptcy two years ago after a Utah federal judge said SCO Group ? considered a Utah-based copyright troll by the open source community ? was not the owner despite the $149 million deal. While the case ground through the courts, SCO Group tried to collect licensing fees from some 1,500 corporate Linux users, claiming that portions of Linux are based on Unix, and thus violated SCO Group?s copyrights. Novell did not make a similar claim. Monday?s ruling could revive SCO?s separate high-stakes lawsuit against IBM. SCO Group is seeking more than $1 billion from Big Blue on allegations it used SCO-copyrighted Unix code in its Linux-based systems. The case was sidelined after the Utah federal judge said SCO group didn?t own the copyrights at issue. Still, the copyright fight is far from being settled. The appellate court, without taking any sides, ordered a jury trial to determine whether SCO Group properly owned the Unix and UnixWare copyrights. The court, in short, said the case was too close to call without a trial. ?We take no position on which party ultimately owns the Unix copyrights or which copyrights were required for Santa Cruz to exercise its rights under the agreement,? the court wrote. ?Such matters are for the finder of fact on remand.? From rforno at infowarrior.org Tue Aug 25 20:36:16 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Aug 2009 16:36:16 -0400 Subject: [Infowarrior] - Science Report: Cellphones and Brain Tumors Message-ID: <5531F4B3-8BC4-482D-965A-7513174DB98D@infowarrior.org> http://www.radiationresearch.org/pdfs/15reasons.asp August 25, 2009 - Cellphones Cause Brain Tumors A new report was released today by the International EMF Collaborative entitled "Cellphones and Brain Tumors: 15 Reasons for Concern, Science, Spin and the Truth Behind Interphone". Media contactsUS Contact: Lloyd Morgan - Tel: +01 510 841 4362 - E- mail: bilovsky at aol.com UK Contact: Alasdair Philips - Tel: +44 (0)1353 778422 - E-mail: alasdair at powerwatch.org.uk Groups affiliated with the report include Powerwatch and the EM Radiation Research Trust in the UK, and the EMR Policy Institute, ElectromagneticHealth.org and The Peoples Initiative Foundation in the US. The expos? discusses research on cellphones and brain tumors and concludes: ? There is a risk of brain tumors from cellphone use; ? Telecom funded studies underestimate the risk of brain tumors, and; ? Children have larger risks than adults for brain tumors. This report, sent to government leaders and media today, details eleven design flaws of the 13-country, Telecom-funded Interphone study. The Interphone study, begun in 1999, was intended to determine the risks of brain tumors, but its full publication has been held up for years. Components of this study published to date reveal what the authors call a 'systemic-skew', greatly underestimating brain tumor risk. The design flaws include categorizing subjects who used portable phones (which emit the same microwave radiation as cellphones,) as 'unexposed'; exclusion of many types of brain tumors; exclusion of people who had died, or were too ill to be interviewed, as a consequence of their brain tumor; and exclusion of children and young adults, who are more vulnerable. International scientists endorsing the report include Ronald B. Herberman, MD, Director Emeritus, University of Pittsburgh Cancer Institute; David Carpenter, MD, Director, Institute for Health and the Environment, University at Albany; Martin Blank, PhD, Associate Professor of Physiology and Cellular Biophysics, Columbia University; Professor Yury Grigoriev, Chairman of Russian National Committee on Non-Ionizing Radiation Protection, and many others. From rforno at infowarrior.org Wed Aug 26 01:24:26 2009 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 25 Aug 2009 21:24:26 -0400 Subject: [Infowarrior] - Brazen Careerist: LinkedIn for Gen Y Message-ID: <96AC1A95-42FE-4698-87D1-17266D7357E3@infowarrior.org> Brazen Careerist: LinkedIn for Gen Y By Jennifer Martinez | Tuesday, August 25, 2009 | 5:04 PM PT | 1 comment http://gigaom.com/2009/08/25/brazen-careerist-linkedin-for-gen-y/ Brazen Careerist, the blog network spearheaded by well-known career advice blogger and columnist Penelope Trunk, launched a professional social network today aimed at connecting employers with prospective Generation Y hires. The new social network juxtaposes features from popular social sites such as Twitter, Facebook and LinkedIn so that it?s easy for that demographic to get started on the site and start adding content to it. Unlike LinkedIn, Monster.com and other career web sites, a person?s profile on Brazen Careerist is not centered solely around their resume, but on an ?idea feed? where people list their goals, interests and career strengths. As Trunk points out, LinkdedIn?s profile content is dedicated to people listing their past work experience ? something Generation Y-ers don?t have much of due to their age. The idea feed on Brazen Careerist, on the other hand, will allow employers find the best Gen Y candidates based on whether their ideas match the company?s, rather than the employer judging them solely on their limited work experience. For Gen Y-ers, Facebook came on the scene when many of us were at the beginning our college careers. It was a site where we could add quirky information about ourselves and connect with our peers over wall posts, photo albums and status updates. But college career counselors were quick to warn us that employers were using Facebook as a proxy for background checks, so many of us modified our Facebook profiles to make our social network identity more HR-friendly. But now, Brazen Careerist offers a way for young adults to finally separate our personal and professional online identities. Trunk said the Madison, Wisc.-based company plans to monetize the new social network by using a similar revenue model as LinkedIn, except it doesn?t plan on charging Gen Y-ers for subscriptions. The revenue model will be a hybrid of a pay-for-hire model, charging companies for posting a job ad and contacting prospective job candidates directly. Brazen Careerist will start charging companies for these services by the end of this year. From rforno at infowarrior.org Wed Aug 26 13:06:33 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Aug 2009 09:06:33 -0400 Subject: [Infowarrior] - AP's hypocracy Message-ID: <9A2C58D7-2E02-4669-A9B5-5702A9106F10@infowarrior.org> Given AP's lunatic "DRM" policy recently announced (and the goals behind it) does anyone else find the firm's protesting the SEC's own policies laughable as well? Gannett, AP Refuse to Sign New Sports Credential Policy http://www.editorandpublisher.com/eandp/news/article_display.jsp?vnu_content_id=1004005855 From rforno at infowarrior.org Wed Aug 26 19:46:06 2009 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 26 Aug 2009 15:46:06 -0400 Subject: [Infowarrior] - PGP and OSX 10.6 ? Message-ID: <7B022033-8533-4011-B35C-F243C0090A80@infowarrior.org> So OSX 10.6 is being released later this week. As such, does anyone know if PGP will be supporting 10.6 anytime soon? The company's been mum on the matter....a fact made more disturbing by their history of not being timely in their support for new OSX updates (dot updates or full versions) and for the amusing practice of 'supporting' products and essential features (Mail plugin) that they still deem 'unsupported'. Hence, inquiring minds want to know if PGP will be supported. Bueller? Bueller? Bueller? -rf From rforno at infowarrior.org Thu Aug 27 12:02:10 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Aug 2009 08:02:10 -0400 Subject: [Infowarrior] - ACLU Sues for Records on Border Laptop Searches Message-ID: ACLU Sues for Records on Border Laptop Searches http://www.techpolitik.com/2009/08/26/aclu-sues-for-records-on-border-laptop-searches/ The American Civil Liberties Union said Wednesday that it had filed a lawsuit under the Freedom of Information Act (FOIA), demanding records from the U.S. Customs and Border Protection?s (CBP) policy of searching laptops at border crossings without any suspicion of wrongdoing. CBP instituted the policy last year, saying it had the right to look at the contents of traveler?s laptops without any need for a warrant. Obviously, the agency is framing this as an anti-terrorism measure, hoping to prevent terrorists and other criminals from entering the country. However, the scope of what they can search is quite expansive. According to the ACLU, personal financial information, web site histories, and photgraphs are fair game, as well as ?documents, books, pamphlets and other printed material, as well as computers, disks, hard drives and other electronic or digital storage devices.? It is irrelevant whether or not the traveler is a US citizen or not: everyone is subject to search at the CBP?s discretion. The ACLU argues that this is a violation of the Fourth Amendment, which reads: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. ?Under CBP?s policy, innumerable international travelers have had their most personal information searched by government officials and retained by the government indefinitely,? ACLU attorney Larry Schwartztol said. He said the group was using the lawsuit to see if the CBP may be violating the Constitution under this policy. While I can understand the Border Patrol?s desire to use this policy as an anti-terrorism tool, its expansiveness as to what it can include makes me leery. There is too much of an opportunity here for abuse, and it seems to violate in some way our rights to privacy, especially for American citizens that may have been subjected to these searches. The CBP did not respond to requests for comment on the ACLU?s action. From rforno at infowarrior.org Thu Aug 27 17:27:38 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Aug 2009 13:27:38 -0400 Subject: [Infowarrior] - USG: Any music downloading is stealing Message-ID: <648CC218-B087-4F7D-B726-0E47F4CF1982@infowarrior.org> US Gov't Briefing For All Employees: All Music Downloads Are Stolen, Risky from the accuracy-not-so-important dept A bunch of folks have sent over a post on Slashdot detailing how a mandatory US gov't briefing on "information security" uses incredibly hyperbolic and inaccurate information, including the idea that all music downloads are theft and insecure. You can see the (flash-heavy) video briefing. The actual part with the music downloads is pretty far into the presentation (you can jump forward through the chapters), when it hits an interactive bit where you get to go through "real-life scenarios" of "threats." In the bottom left corner, there's a scenario involving a colleague who says he's found a "cool site" from which you can "download music" and asks you how do you respond: ? I'd rather download the music from home -- email me the link ? Is it safe to download? ? Since we're on our lunch hour, I see no harm. Here's my thumb drive! ? That's stealing. Choices one and three seem obviously wrong, but choice two actually does seem like the most relevant. After all, the "cool site" in question could be any number of "cool sites" that offer up legal free music, like Jamendo or CCMixter. But what happens if you select the second choice and ask if it's safe to download? You're told no, that's wrong < - > http://techdirt.com/articles/20090826/1957236010.shtml From rforno at infowarrior.org Thu Aug 27 17:31:03 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Aug 2009 13:31:03 -0400 Subject: [Infowarrior] - DHS issues PIA for border laptop searches Message-ID: <99DB9FE4-C0BF-4A5C-8C04-DB6B4A1CE4B0@infowarrior.org> This afternoon DHS plans to issue a Privacy Impact Assessment (PIA) for Border Searches of Electronic Devices. The PIA will be found on our web site at http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_cbp_laptop.pdf (it's there now ----rf) If you have any questions, we will hold a conference call at 2:15 PM EDT today, August 27. The dial in number for the call is 1-800-320-4330, Pin: 149035. From rforno at infowarrior.org Fri Aug 28 02:22:25 2009 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 27 Aug 2009 22:22:25 -0400 Subject: [Infowarrior] - Relief From the Robo-Calls Is Coming Message-ID: Relief From the Robo-Calls Is Coming By Deborah Yao Associated Press Friday, August 28, 2009 http://www.washingtonpost.com/wp-dyn/content/article/2009/08/27/AR2009082703822_pf.html Americans tired of having their dinners interrupted by phone calls touting car warranties or vacation packages will soon get some relief. The Federal Trade Commission said Thursday it is banning many types of prerecorded telemarketing solicitations, known as robo-calls. Currently, consumers must specifically join a do-not-call list to avoid them. Starting Sept. 1, telemarketers will first need written permission from the customer to make such calls. "American consumers have made it crystal clear that few things annoy them more than the billions of commercial telemarketing robo-calls they receive every year," said Jon Leibowitz, chairman of the FTC. Violators will face penalties of up to $16,000 per call. Don't expect phone solicitations to disappear completely, though. Calls that are not trying to sell goods and services to consumers will be exempt, such as those that provide information such as flight cancellations and delivery notices and those from debt collectors. Other calls not covered include those from politicians, charities that contact consumers directly, banks, insurers and phone companies, as well as surveys and certain health-care messages such as prescription notifications. The FTC said those do not fall under its jurisdiction. And calls made by humans rather than automated systems will still be allowed, unless the phone number is on the National Do Not Call Registry. But the FTC said the ban should cover most robo-calls, forcing marketers to turn to more expensive live calls, or ramp up efforts in direct mail, e-mail and TV ads. The ban is part of a series amendments to the FTC's Telemarketing Sales Rule that were announced a year ago. Because the ban has been known, telemarketers already have been phasing out robo-calls, said Tim Searcy, chief executive of the American Teleservices Association, a trade group whose members include telemarketers. He said the public will not see much of a change. Searcy also said the ban will do little to stop calls touting illegal scams. People who get an unauthorized call can file complaints with the commission online or by calling 877-382-4357 (877-FTC-HELP). From rforno at infowarrior.org Fri Aug 28 12:22:58 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 28 Aug 2009 08:22:58 -0400 Subject: [Infowarrior] - Emergency Presidential control of Internet? Message-ID: <18EE84FB-4856-486B-9B73-25CCA96932F5@infowarrior.org> August 28, 2009 12:34 AM PDT Bill would give president emergency control of Internet by Declan McCullagh http://news.cnet.com/8301-13578_3-10320096-38.html?part=rss&subj=news&tag=2547-1_3-0-20 Internet companies and civil liberties groups were alarmed this spring when a U.S. Senate bill proposed handing the White House the power to disconnect private-sector computers from the Internet. They're not much happier about a revised version that aides to Sen. Jay Rockefeller, a West Virginia Democrat, have spent months drafting behind closed doors. CNET News has obtained a copy of the 55-page draft (excerpt), which still appears to permit the president to seize temporary control of private-sector networks during a so-called cybersecurity emergency. The new version would allow the president to "declare a cybersecurity emergency" relating to "non-governmental" computer networks and do what's necessary to respond to the threat. Other sections of the proposal include a federal certification program for "cybersecurity professionals," and a requirement that certain computer systems and networks in the private sector be managed by people who have been awarded that license. "I think the redraft, while improved, remains troubling due to its vagueness," said Larry Clinton, president of the Internet Security Alliance, which counts representatives of Verizon, Verisign, Nortel, and Carnegie Mellon University on its board. "It is unclear what authority Sen. Rockefeller thinks is necessary over the private sector. Unless this is clarified, we cannot properly analyze, let alone support the bill." Representatives of other large Internet and telecommunications companies expressed concerns about the bill in a teleconference with Rockefeller's aides this week, but were not immediately available for interviews on Thursday. A spokesman for Rockefeller also declined to comment on the record Thursday, saying that many people were unavailable because of the summer recess. A Senate source familiar with the bill compared the president's power to take control of portions of the Internet to what President Bush did when grounding all aircraft on Sept. 11, 2001. The source said that one primary concern was the electrical grid, and what would happen if it were attacked from a broadband connection. When Rockefeller, the chairman of the Senate Commerce committee, and Olympia Snowe (R-Maine) introduced the original bill in April, they claimed it was vital to protect national cybersecurity. "We must protect our critical infrastructure at all costs--from our water to our electricity, to banking, traffic lights and electronic health records," Rockefeller said. The Rockefeller proposal plays out against a broader concern in Washington, D.C., about the government's role in cybersecurity. In May, President Obama acknowledged that the government is "not as prepared" as it should be to respond to disruptions and announced that a new cybersecurity coordinator position would be created inside the White House staff. Three months later, that post remains empty, one top cybersecurity aide has quit, and some wags have begun to wonder why a government that receives failing marks on cybersecurity should be trusted to instruct the private sector what to do. Rockefeller's revised legislation seeks to reshuffle the way the federal government addresses the topic. It requires a "cybersecurity workforce plan" from every federal agency, a "dashboard" pilot project, measurements of hiring effectiveness, and the implementation of a "comprehensive national cybersecurity strategy" in six months-- even though its mandatory legal review will take a year to complete. The privacy implications of sweeping changes implemented before the legal review is finished worry Lee Tien, a senior staff attorney with the Electronic Frontier Foundation in San Francisco. "As soon as you're saying that the federal government is going to be exercising this kind of power over private networks, it's going to be a really big issue," he says. Probably the most controversial language begins in Section 201, which permits the president to "direct the national response to the cyber threat" if necessary for "the national defense and security." The White House is supposed to engage in "periodic mapping" of private networks deemed to be critical, and those companies "shall share" requested information with the federal government. ("Cyber" is defined as anything having to do with the Internet, telecommunications, computers, or computer networks.) "The language has changed but it doesn't contain any real additional limits," EFF's Tien says. "It simply switches the more direct and obvious language they had originally to the more ambiguous (version)...The designation of what is a critical infrastructure system or network as far as I can tell has no specific process. There's no provision for any administrative process or review. That's where the problems seem to start. And then you have the amorphous powers that go along with it." Translation: If your company is deemed "critical," a new set of regulations kick in involving who you can hire, what information you must disclose, and when the government would exercise control over your computers or network. The Internet Security Alliance's Clinton adds that his group is "supportive of increased federal involvement to enhance cyber security, but we believe that the wrong approach, as embodied in this bill as introduced, will be counterproductive both from an national economic and national secuity perspective." From rforno at infowarrior.org Sat Aug 29 01:46:55 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 28 Aug 2009 21:46:55 -0400 Subject: [Infowarrior] - PGP.Com Sucks (OSX support) Message-ID: <86E16A15-11E7-4AD7-A50B-F8976F11BAEA@infowarrior.org> Snow Leopard comes out for OSX users today. OSX 10.6. Hurray! While watching the Redskins-Patriots on the big screen, I go about trying to upgrade my test laptop only to discover the Apple DVD is not recognizing the hard drive as something that can support OSX. WTFO? Resourceful as ever, I begin to Google for answers. As I Google, an email[1] arrives from PGP.COM saying that their current product is incompatible with 10.6 and if users want to use PGP they should not upgrade but that if we "intend to upgrade to Snow Leopard, you must decrypt all PGP encrypted drives and uninstall PGP Desktop before upgrading the system to Mac OS X 10.6." They go on to say that 10.6 support is forthcoming in their next major release but offer no details on when it will be, except to say they're accepting beta applications now. *blink* Taking beta applications now? There are freeware and shareware developers whose products are fully compatible with 10.6 and PGP only now is soliciting beta testers? Did the company just realize that OSX 10.6 was coming out today? Didn't they get the memo? Are there no OSX users at PGP Headquarters? So back to my stalled Snow Leopard upgrade on my laptop: Thanks to Google's timely archiving of the Apple support boards[2] I found out that not only did I have to uninstall PGP, repair disk permissions, and reboot (which still didn't fix the problem), but since PGP apparently does something to the OSX partition table, I had to enter Disk Utility and dynamically resize my laptop's hard drive a few megabytes in size just so a new partition table could be written --- at which point I was able to install OSX 10.6 just fine. (Note that I had installed, but did not use, PGP on this computer, and certainly did not use their Whole Disk Encryption.) What kind of stuff did PGP have to write to my partition table to make it unreadable by Apple's own installation disk? Unfortunately, after many years of dealing with their quirky product registration system and hiccups with routine OS upgrades, tonight's news has forced to say that PGP has lost me as a customer --- their annoying corporate quirks aside, I cannot trust any security product that tweaks (nay, borks) my system in such a troublesome manner and certainly one that seems to treat Mac users as third-class citizens. [3] I'm not the only one who feels this way, either -- indeed they are correct in titling their concerns the Audacity of Hopelessness. [4] Accordingly, I will follow the lead of my coworkers and other securitygeek friends and embrace GPG for my encryption needs. Alas, PGP, I bid thee a sad adieu. -rick [1] http://blog.pgp.com/index.php/2009/08/sneak-peek-pgp-whole-disk-encryption-for-snow-leopard/ [2] http://discussions.apple.com/thread.jspa?messageID=10063151 [3] How about their officially-unsupported but unofficially-supported Mail.App plug-in? After nearly a decade of OSX in the marketplace they still don't officially support Apple's Mail program? [4] http://pgpsucks.wordpress.com/ . From rforno at infowarrior.org Sat Aug 29 03:58:46 2009 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 28 Aug 2009 23:58:46 -0400 Subject: [Infowarrior] - War is not a video game Message-ID: http://www.salon.com/opinion/feature/2009/08/29/military_marketing/print.html War is not a video game The military's marketing machine gives potential recruits science fiction instead of the bloody reality of war By David Sirota Aug. 29, 2009 | I'm a video game geek, so as I sat through movie previews a few weeks ago, I was sure I was watching Nintendo ads. There on the cinema's screen was a super-sleek plane flying over a moonscape while communicating with an orbiting satellite. In the next moment, a multicolored topographical map, orders being barked ? and in my own mind, memories of "Call of Duty" graphics. And then, finally, two guys in front of a computer console, and the jarring punch line: "It's not science fiction; it's what we do every day," said the bold type, followed by a U.S. Air Force symbol. Before giving the audience a chance to digest the slogan, it was onto another montage, this one of helicopters and explosions with 1970s music playing in the background. A preview for a Steve McQueen-themed game, I thought. Then, though, the familiar kicker: "The drones fight terrorism and protect America, and in the process, they keep the front lines unmanned," said the voiceover, adding, "This isn't science fiction; this is life in the United States Navy." The ads preceded "The Hurt Locker" ? a dramatized movie about soldiers who defuse roadside bombs in the midst of Iraq's horrifying carnage. And even with its fictionalized dialogue, the film was far more honest than the U.S. military's fantastical sales pitch. Join the armed forces, the ads suggest, and you don't have to experience the blood- and-guts consequences of combat. Instead, you get to hang out stateside, entertaining yourself with a glorified PlayStation. During this, one of the bloodiest months in the Afghanistan war, the spots promote a somewhat comforting, if disturbingly misleading, message ? and it is aimed not just at potential soldiers, but also at the public at large. For the former, the goal is reassurance. As Bush-era attempts to conflate bellicosity and patriotism were undermined by persistent body bags, military recruitment has become more challenging. In response, the Pentagon hopes to make prospective volunteers believe their tours of duty will be as safe as a night on the couch. For the general public, the objective is sedation. New polls show the country strongly opposes the Afghanistan and Iraq wars ? but military officials want to preserve the possibility of an escalation in Afghanistan and a permanent deployment in Iraq. So along with persuading President Obama to withhold photos documenting fog-of-war brutalities at Afghanistan and Iraq prisons, the Pentagon is seeking an opiate to placate the war-averse populace. What better anodyne than a marketing campaign implying wars are fun video games? Certainly, the ads aren't pure "science fiction." As the armed forces build more unmanned drones, Popular Science magazine reports that recruiters are indeed looking to add new remote pilots. The "science fiction" is the specific assertion that "the front lines are unmanned." Claims like that are deeply destructive, beyond their obvious insult to the thousands killed, wounded or currently stationed on those very front lines. For instance, it's a good bet more than a few enlistees will expect their service to be happy video game tournaments, only to find themselves dodging real bullets in a Baghdad shooting gallery. More broadly, the American psyche's slow progress toward an increasingly peaceful disposition could be stunted by the propaganda's powerful paradox: While sanitizing ads play to the country's growing disgust with militarism, they could ultimately lead us to be more supportive of militarism. How? By convincing us that violence can be just another innocuous expression of adolescent technophilia. If we end up thinking that, we will have once again forgotten what all wars, even the justifiable ones, always are: lamentable human tragedies. ? 2009 Creators Syndicate Inc. -- By David Sirota From rforno at infowarrior.org Sat Aug 29 15:44:49 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 29 Aug 2009 11:44:49 -0400 Subject: [Infowarrior] - Wells Fargo Bank Will No Longer Password Protect Business Accounts Message-ID: <631AF426-EE15-4D77-9F7B-2155CF4E1812@infowarrior.org> (via IP) Begin forwarded message: From: Lauren Weinstein Date: August 28, 2009 6:59:21 PM EDT Warning! Wells Fargo Bank Will No Longer Password Protect Business Accounts http://lauren.vortex.com/archive/000608.html Greetings. This is just a quick heads-up. I've been informed, and have verified through multiple sources, that Wells Fargo Bank will now refuse to password protect business banking accounts. Callers punching directly through to an agent without entering identifying information may be able to obtain full account access using only an account (e.g. checking account) number, and last four digits of taxpayer ID or SSN -- all data elements that tend to be widely available in the course of doing business for many entities. Note that Wells Fargo phone agents do not routinely ask for PINs, either. In theory, Wells claims that if a business already has a password assigned it will still be honored for now -- but in practice it appears that many phone agents are simply ignoring the passwords, and will refuse to set a new one. Nor can businesses even go into a branch to assign a password (as, supposedly, consumer account holders still are permitted to do). Wells' explanation for this change is that supposedly too many people forgot their passwords, and that the passwords could be bypassed anyway with other easily obtainable information. In fairness, all Wells Fargo representatives I've spoken to about this agree that's it's a dangerous and stupid (their words!) policy. After all, just because some people lock themselves out of their cars, and it's possible to break in through windows, we still expect auto manufacturers to provide locks. Businesses with their accounts at Wells Fargo may wish to reevaluate their situation in light of this information. I'll update if and when I learn more about this significantly outrageous policy change. --Lauren-- Lauren Weinstein lauren at vortex.com Tel: +1 (818) 225-2800 http://www.pfir.org/lauren Co-Founder, PFIR - People For Internet Responsibility - http://www.pfir.org From rforno at infowarrior.org Mon Aug 31 00:47:33 2009 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 30 Aug 2009 20:47:33 -0400 Subject: [Infowarrior] - Facebook Exodus Message-ID: <08B2583F-4334-42C0-8047-A610E8446A99@infowarrior.org> August 30, 2009 The Medium Facebook Exodus By VIRGINIA HEFFERNAN http://www.nytimes.com/2009/08/30/magazine/30FOB-medium-t.html?_r=1&ref=magazine&pagewanted=print Things fall apart; the center cannot hold. Facebook, the online social grid, could not command loyalty forever. If you ask around, as I did, you?ll find quitters. One person shut down her account because she disliked how nosy it made her. Another thought the scene had turned desperate. A third feared stalkers. A fourth believed his privacy was compromised. A fifth disappeared without a word. The exodus is not evident from the site?s overall numbers. According to comScore, Facebook attracted 87.7 million unique visitors in the United States in July. But while people are still joining Facebook and compulsively visiting the site, a small but noticeable group are fleeing ? some of them ostentatiously. Leif Harmsen, once a Facebook user, now crusades against it. Having dismissed his mother?s snap judgment of the site (?Facebook is the devil?), Harmsen now passionately agrees. He says, not entirely in jest, that he considers it a repressive regime akin to North Korea, and sells T-shirts with the words ?Shut Your Facebook.? What especially galls him is the commercialization and corporate regulation of personal and social life. As Facebook endeavors to be the Web?s headquarters ? to compete with Google, in other words, and to make money from the information it gathers ? it?s inevitable that some people would come to view it as Big Brother. ?The more dependent we allow ourselves to become to something like Facebook ? and Facebook does everything in its power to make you more dependent ? the more Facebook can and does abuse us,? Harmsen explained by indignant e-mail. ?It is not ?your? Facebook profile. It is Facebook?s profile about you.? The disillusionment with Facebook has come in waves. An early faction lost faith in 2008, when Facebook?s beloved Scrabble application, Scrabulous, was pulled amid copyright issues. It was suddenly clear that Facebook was not just a social club but also an expanding force on the Web, beholden to corporate interests. A later group, Harmsen?s crowd, grew frustrated last winter when Facebook seemed to claim perpetual ownership of users? contributions to the site. (Facebook later adjusted its membership contract, but it continues to integrate advertising, intellectual property and social life.) A third wave of dissenters appears to be bored with it, obscurely sore or just somehow creeped out. My friend Alex joined four years ago at the suggestion of ?the coolest guy on the planet,? she told me in an e-mail message. For a while, they cultivated a cool-planet online gang. But then Scrabulous was shut down, someone told her she was too old for Facebook, her teenage stepson seemed to be losing his life to it and she found the whole site crawling with mercenaries trying to sell books and movies. ?If I am going to waste my time on the Internet,? she concluded, ?it will be playing in online backgammon tournaments.? Another friend, who didn?t want his name used, found that Facebook undermined his whole notion of online friendship. ?It?s easy to think of your circle of ?Friends? as a coherent circle, clear and moated, when in fact the splay of overlap/network makes drip/action painting a better (visual) analogy.? Something happened to this drip painting that he won?t discuss. He said, ?Postings that seem private can scatter and slip unpredictably into a sort of semipublic status.? That friend was not the only Facebook dissenter who was reticent about specifics. Many seem to have just lost their appetite for it: they just stopped wanting to look at other people?s photos and r?sum?s and updates, or have their own subject to scrutiny. Some ex-users seemed shaken, even heartbroken, by their breakups with Facebook. ?I primarily left Facebook because I was wasting so much time on it,? my friend Caroline Harting told me by e-mail. ?I felt fairly detached from my Facebook buddies because I rarely directly contacted them.? Instead, she felt as if she stalked them, spending hours a day looking at their pages without actually saying hello. But then came the truly weird part: ?Facebook was stalking me,? Harting wrote. One day, on another Web site, she responded to an invitation to rate a movie she saw. The next time she logged on to Facebook, there was a message acknowledging that she had made the rating. ?I didn?t appreciate being monitored so closely,? she wrote. She quit. Julie Klam, a writer and prolific and eloquent Facebook updater, said in her own e-mail message, ?I have noticed the exodus, and I kind of feel like it?s kids getting tired of a new toy.? Klam, who still posts updates to Facebook but now prefers Twitter for professional networking, added, ?Facebook is good for finding people, but by now the novelty of that has worn off, and everyone?s been found.? As of a few months ago, she told me, Facebook ?felt dead.? Is Facebook doomed to someday become an online ghost town, run by zombie users who never update their pages and packs of marketers picking at the corpses of social circles they once hoped to exploit? Sad, if so. Though maybe fated, like the demise of a college clique. Points of Entry: This Week?s Recommendations THE QUIT Put ?Why I Quit? into Google, and the search engine proposes you look into both ?Why I Quit Facebook? and ?Why I Quit Church.? If you aim to be a lapsed social networker, wikiHow, the collaborative how-to guide, provides a useful step-by-step way to disengage, emotionally and practically: wikihow.com/quit-facebook. AN INQUIRY You?re not the first to think it?s creepy to have your personal life commercialized. J?rgen Habermas has been especially eloquent about this. Start with ?The Theory of Communicative Action.? Copies are available on AbeBooks.com. Also interesting on this score: ?The Purchase of Intimacy,? by Viviana Zelizer. GET BOARD ONLINE Scrabble is alive and well in cyberspace. If you like Scrabble, try lexulous.com. For backgammon: ItsYourTurn.com. From rforno at infowarrior.org Mon Aug 31 12:57:11 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Aug 2009 08:57:11 -0400 Subject: [Infowarrior] - TJX hacker pleads guilty in one case, gets 15-20 Message-ID: <85476E89-458C-4FD2-8CA7-A9121539DA8E@infowarrior.org> (c/o DO) Accused TJX hacker faces 15 to 20 The largest (known) identity theft caper in US history By Austin Modine Posted in Crime, 28th August 2009 23:59 GMT The hacker accused of orchestrating the largest-known identity theft in US history will serve between 15 to 25 years in prison under a plea deal filed Friday. Albert "Segvec" Gonzalez is accused (http://www.theregister.co.uk/2009/08/17/heartland_payment_suspect/ ) of leading a hacking circle that stole 130 million credit and debit card numbers from major retail chains like Barnes and Noble, T.J. Maxx, Sports Authority, and OfficeMax. The former government informant agreed to plead guilty to 19 felony counts in Massachusetts by September 11. Court documents also indicate Gonzalez will plead guilty to a separate New York indictment accusing him of similar crimes that targeted 11 Dave & Buster's restaurants. The deal does not cover a third indictment in New Jersey against Gonzalez related to the alleged theft of data from more than 130 million credit card accounts from card payment processor Heartland Payment Systems and retailers Hannaford Brothers and 7-Eleven. Gonzalez, who is already in jail, will also forfeit nearly $1.65m in cash, his Miami condominium, a 2006 BMW, laptop computers, three Rolex watches, and other items according to the filing. Authorities said in court papers Gonzalez faces 15 to 25 years in prison under the deal. The US Attorney's Office for the District of New Jersey stated the case is believed to constitute the largest hacking and identity theft case ever prosecuted by the US Department of Justice. From rforno at infowarrior.org Mon Aug 31 13:50:49 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Aug 2009 09:50:49 -0400 Subject: [Infowarrior] - Where Have You Gone, Bell Labs? Message-ID: <4193365A-A109-41E9-8B94-CF0AEBB012EB@infowarrior.org> The Future of Tech August 27, 2009, 5:00PM EST text size: TT Where Have You Gone, Bell Labs? How basic research can repair the broken U.S. business model By Adrian Slywotzky http://www.businessweek.com/print/magazine/content/09_36/b4145036681619.htm Name an industry that can produce 1 million new, high-paying jobs over the next three years. You can't, because there isn't one. And that's the problem. America needs good jobs, soon. We need 6.7 million just to replace losses from the current recession, then another 10 million to spark demand over the next decade. That's 15 million to 17 million new jobs. In the 1990s, the U.S. economy created a net 22 million jobs (a rate of 2.2 million per year), so we know it can be done. Between 2000 and the end of 2007 (the beginning of the current recession), however, the economy created new jobs at a rate of 900,000 a year, so we know it isn't doing it now. The pipeline is dry because the U.S. business model is broken. Our growth engine has run out of a key source of fuel? critical mass, basic scientific research. The U.S. scientific innovation infrastructure has historically consisted of a loose public-private partnership that included legendary institutions such as Bell Labs, RCA Labs, Xerox PARC XRX, the research operations of IBM IBM, DARPA, NASA, and others. In each of these organizations, programs with clear commercial potential were supported alongside efforts at "pure" research, with the two streams often feeding one another. With abundant corporate and venture-capital funding for eventual commercialization, these research labs have made enormous contributions to science, technology, and the economy, including the creation of millions of high-paying jobs. Consider a few of the crown jewels from Bell Labs alone: ? The first public demonstration of fax transmission (1925) ? First long-distance TV transmission (1927) ? Invention of the transistor (1947) ? Invention of photovoltaic cell (1954) ? Creation of the UNIX operating system (1969) ? Technology for cellular telephony (1978) Decline in Lab Funding In the decades after these initial discoveries, vibrant industries and companies were born. The transistor alone is the building block for the modern computer and consumer-electronics industries. Likewise, DARPA's creation of the Internet (as ARPAnet) in 1969 and Xerox PARC's development of the Ethernet and the graphic user interface (GUI) further developed the transformative computer and Internet industries. The basic research breakthroughs unleashed subsequent cycles of applied innovation that created entirely new sectors of our economy. But since the 1990s, labs dedicated to pure research?to the pursuit of scientific discovery?have seen funding slowly decline and their mission shift from open-ended problem solving to short-term commercial targets, from pure discovery to applied research. Bell Labs had 30,000 employees as recently as 2001; today (owned by Alcatel-Lucent ALU) it has 1,000. That's symbolic and symptomatic of the broken link in the U.S. business model. With upstream invention and discovery drying up, downstream, industry-creating innovation is being reduced to a trickle. It's easy to ascribe current job losses in the U.S. to the deep recession or outsourcing. Both are to blame, but neither is at the root of the larger problem, which is lack of new, high-quality job creation. We are in the throes of the fourth recession since 1981. We have been outsourcing jobs for decades, but we have always bounced back with a new industry?a blockbuster industry. Discovery drives innovation, innovation drives productivity, productivity drives economic growth. But this time it's different, and whenever the current recession mercifully ends, the U.S. economy will not respond with the same job-creating vigor we have come to expect. Job Creation a Huge Challenge In the past, when the U.S. exported millions of high-paying jobs to low-wage countries, we replaced them with an even greater number of high-paying jobs in industries whose inception could be traced back to science done decades earlier. The PC, Internet, and cellular industries, born in the 1980s and 1990s, more than offset the loss of high-paying jobs in manufacturing industries like consumer electronics, steel, and others as the economy shifted from a manufacturing to a knowledge base. But in recent years, the software and manufacturing jobs lost have been largely replaced by millions of low-wage jobs in fast-food and retail or other service businesses. Finance has been a source of ongoing job growth, but recent events have proven that growth to be unsustainable. We've stopped creating new high-paying jobs. We should not underestimate the magnitude of the job creation challenge. Outsourcing and extended recessions are not the only job destroyers in our system. There is also the constant pressure of value migration (the flow of value from old business models to new), which continues to be the major force reshaping our economy and will eliminate a large number of jobs in the next decade. (Think of all the old business models you know, from newspapers, to printing, to landline telephony, to the mighty, but now vulnerable, PC). As a consequence of exporting good jobs that are not fully replaced, the U.S. demand engine is broken. Of the roughly 130 million jobs in the U.S., only 20% (26 million) pay more than $60,000 a year. The other 80% pay an average of $33,000. That ratio is not a good foundation for a strong middle class and a prosperous society. Rather than a demand engine, it's a decay curve. As a nation, we have papered over our declining incomes by accepting the need for two incomes per household and by borrowing heavily, often against paper assets inflated by financial bubbles (dot-com and housing). In recent years, personal debt has grown much faster than personal income. In 1985 the ratio of household debt to household income was 0.7 to 1; in 2000 it was 1 to 1; in 2008, it was 1.7 to 1. We earned less, so we borrowed more. In 2007 we reached our limit. This cycle looks only to be getting worse. The effects of the massive scaling back of American science and engineering research in the 1990s and 2000s may just be beginning. Unless reversed, it is likely to have its greatest impact a decade from now, when the missing discoveries of a generation earlier would have been expected to come to commercial fruition. It's time to identify?and fix?the root of the problem. Rebuild Research Labs The good news is that restarting the innovation engine is quite doable and doesn't require a massive investment relative to other spending. The return on investment is very high, especially if you consider the return across the companies and entire industries that are built on the foundation of the initial discoveries. The venture-capital and initial public offering components of the business model are still in place; we just have to rebuild the upstream labs that focused on basic research, the headwaters for the whole innovation ecosystem. Science is funny. It's a crapshoot. It takes hundreds of people with high IQs, PhDs, and an incredible curiosity, work ethic, and persistence. It also takes critical mass, lab support, the right equipment and instrumentation, peer review, etc. It takes open communication among peers, and other subtle but critical cultural factors. It takes a tolerance for risk. A tolerance for failure. A willingness to think and apply innovation laterally (many of the big breakthroughs were originally aimed at other targets). It takes a culture that attracts, encourages, and rewards the best minds. The innovation path emerging from success is equally unpredictable. In many cases, the economic payoff is a decade away. Sometimes a decade and a half. And the success can lead in unexpected directions. Who in 1975 could have predicted how the PC would evolve, how it created networking, and giants like Cisco (CSCO), which enabled the entire online sector and already two generations of blockbuster businesses (from Amazon AMZN and eBay EBAY to Google GOOG and Facebook). Who in 1980 would have envisioned that the work at Bell Labs on novel cellular communications technology would lead to the global mobile revolution that is reaching into the most rural and remote corners of the world, creating millions of jobs and raising productivity and incomes? Many of the classic scientific research labs, such as Bell Labs and RCA Labs (now Sarnoff Corp.), were started and funded by companies with virtual monopolies and very strong, predictable cash flows. They were able to embrace the uncertainty and serendipity of pure research in the context of their business. But such companies don't exist today. With the increasing focus on shareholder value that began in the 1990s as global competition heated up, Fortune 500 companies could no longer justify open-ended research that might not directly impact their bottom line. Today, corporate research is almost exclusively engineering R&D, tending more toward applied research with a 3- to 5- year time horizon (or shorter). IBM, Microsoft MSFT, and Hewlett- Packard HPQ, for example, collectively spend $17 billion a year on R&D but only 3% to 5% of that is for basic science. Basic Science Gives Way to Fast Payoffs Consider what has been lost. The diminution of Bell Labs?the crown jewel of the innovation ecosystem?is most jarring. Bell Labs was founded in 1925 as a joint venture of AT&T T and Western Electric (AT&T's manufacturing arm) to develop equipment for the Bell System phone companies. Bell Labs scientists have won six Nobel prizes in physics. However, starting in 2001, funding and staffing at Bell Labs was drastically reduced due to budget cuts. In 2008, parent Alcatel- Lucent announced it would be pulling out of its last remaining areas of basic science?material physics and semiconductor research?to focus on projects that promise more immediate payoffs. The legendary Bell Labs, an engine of scientific discovery and industry creation for more than 80 years, is essentially gone. A similar fate has befallen Sarnoff Corp. Born as RCA Labs in 1942 to support the war effort, it developed technologies such as improved radar antennas, radar-jamming antennas, and acoustical depth charges for maritime warfare. In the 1950s and 1960s, RCA Labs produced breakthroughs in numerous broadcasting and related fields, including color TV, tape recording, transistors, lasers, advanced vacuum tubes, solar cells, and infrared imaging. At its peak in the 1970s, RCA was generating more patents than rival Bell Labs. In 1986, RCA was purchased by General Electric GE, which spun off Sarnoff Lab as Sarnoff Corp., a wholly owned subsidiary of SRI International. Sarnoff is now a shadow of its former self, developing smaller technologies with a commercial focus on a drastically reduced budget. If the 1950s and 1960s belonged to Bell Labs and RCA, the 1970s and 1980s belonged to Xerox PARC (Palo Alto Research Corp.) and DARPA. PARC was the legendary Silicon Valley spawning ground of the Ethernet, movable real-time computer text, and graphical user interfaces. Companies such as Apple AAPL, Microsoft, and Adobe ADBE have built global businesses that have created hundreds of thousands of high- paying jobs, based in large measure on PARC's breakthroughs. Xerox missed most of these opportunities, but has created a multibillion laser-printing business based on work done at PARC. But PARC's research staff has shrunk drastically as Xerox's performance has forced dramatic budget cuts. The Defense Advanced Research Projects Agency (DARPA), originally launched in 1958 as a response to the Soviet launch of Sputnik, is responsible for the Internet and numerous technologies with applications beyond the military. Threatened by Soviet technological advances, the Eisenhower Administration formed DARPA to ensure that American expertise in science and engineering would lead the world. The result: breakthroughs in time-sharing computers, computer graphics, microprocessors, very large-scale integration (VSLI) design, RISC processing, parallel computing, local area networks, and the Internet. DARPA progeny include Amazon, eBay, Yahoo YHOO, Google, Facebook, YouTube (GOOG), and hundreds of other companies that might never have come to life without DARPA's open-ended research that led to the Internet. How to Reignite Innovation In a post-September 11 world, DARPA's mission has shifted from science to tactical projects with short-term military applications, but it's not clear that shifting to a short-term applied approach will be as effective for the military as open-ended research. As military historian John Chambers has noted, none of the most important weapons transforming warfare in the 20th century?the airplane, tank, radar, jet engine, helicopter, electronic computer, not even the atomic bomb? owed its initial development to a doctrinal requirement or request of the military. Indeed, without DARPA's breakthroughs in information technology, military tools such as unmanned systems (drones) and global positioning systems would never have been possible. For any institution?whether an individual company or government agency? cutting back on investment in basic science research may make great sense in the short term. Economic realities and shifting agendas force trade-offs. For a time, you can free-ride off the investments of others. But when everybody makes the same decision society suffers the "tragedy of the commons"?wherein multiple actors operating in their self interest do harm to the overall public good. We've reached that point. We're just beginning to see the consequences. We need to reverse the cycle, and we need to do it quickly. As we consider reigniting the innovation engine, there are precedents that we can examine to show how the process of innovation can be speeded up. Given the current crisis and the urgency of generating high-paying jobs on a large scale, reducing the time lag between research and commercialization will be critical. While the timeline for translating research efforts to tangible outcomes is typically 15 years or longer, that cycle can be accelerated. We've done it twice: First, the Manhattan Project, which responded to intelligence reports of Nazi research and created the atomic bomb in six years; and second, the Apollo Program, which landed a man on the moon eight years after President John F. Kennedy responded to Russian cosmonaut Yuri Gagarin's successful space flight. These examples provide a useful template we can to consider in responding to today's crisis. Strong Leadership is Key Spurred in part by a letter from Albert Einstein, President Franklin D. Roosevelt authorized a military program to explore the development of an atomic weapon as early as 1939. But despite a handful of scientific breakthroughs, including the discovery of plutonium at the University of California, Berkeley in 1941, the project languished for three years under lackluster leadership. In 1942, with the war in Europe going badly, theoretical physicist J. Robert Oppenheimer convened a meeting of leading atomic scientists at Berkeley, where the experts debated the conceptual options?fission vs. fusion, uranium vs. plutonium, and various ways to organize the fissile material?and reached a broad consensus about the design for the bomb. Shortly thereafter, President Roosevelt named a new leader for the project, General Leslie Groves of the U.S. Army Corp of Engineers, who had just overseen the rapid construction of the Pentagon. Groves ordered the purchase of 1,250 tons of high-quality Belgian Congo uranium ore to be stored on Staten Island, N.Y., purchased 52,000 acres of land in Tennessee to be the future site of Oak Ridge National Laboratories, and named Oppenheimer the project's director. Based on the Corps' tradition of naming projects after the headquarters' city, Groves named the effort the Manhattan Project. With as many as 130,000 employees (including thousands of brilliant engineers and physicists), the project conducted research at more than 30 sites in three countries (including Canada and Britain) and spent close to $2 billion (equivalent to $24 billion today). By mid-1945, six years after Roosevelt first laid down a marker and less than three years after Groves took over, two atomic bombs were constructed and used at Hiroshima and Nagasaki to force Japan's surrender and the end of the war. No comparable scientific project of similar scale and urgency was pursued in the U.S. until the Apollo Program of the 1960s. When President Kennedy vowed in 1961 to land an astronaut on the moon and return him to earth "within the decade," only one American (Alan Shepard) had traveled into space. The difficulties were daunting, but the number and variety of technical innovations developed for the moon mission were remarkable. To power the instruments and computer on board the spacecraft, the world's first fuel cells were invented. To fabricate the structural components of the spacecraft with sufficient precision, computer-controlled machining was conceived and implemented for the first time. Insulation barriers to protect delicate instruments from radiation, "cool suits" to keep astronauts safe during space walks, water purification systems, freeze-drying of foods, innovations in integrated-circuit design and robotics, and digital image processing (later incorporated into computer-aided tomography (CAT) and magnetic resonance imaging (MRI)) all were technologies developed by NASA during the Apollo Program. Presidential Support Crucial Neil Armstrong landed on the moon on June 20, 1969, just a little more than eight years after President Kennedy's speech. Five more Apollo missions landed on the moon, the only occasions on which human beings have set foot on another heavenly body. The cost: $25 billion (about $135 billion in today's money), the largest commitment of resources ever made by a nation during peacetime. At its peak, the Apollo Program employed 400,000 people. And they accomplished the impossible. Both Manhattan and Apollo delivered on their primary objectives. Both also created substantial new scientific discoveries that fueled new innovations across many other domains. Their success can be mapped to five crucial success factors: 1) full and sustained Presidential support; 2) effective leadership with a clearly defined mandate; 3) access to resources; 4) parallel paths/processing to save time; and 5) private sector outsourcing. Distilled, that means leadership, management, and money?not rocket science. The Manhattan and Apollo programs offer important lessons as the U.S. government confronts huge social and economic challenges?energy, health care, infrastructure, transportation, communications, water supply, and climate change. Perhaps the most important lesson is the simplest one?it can be done?and the most difficult task may be singling out one or two challenges on which to focus. But when the will, resources, and energy are harnessed, human ingenuity is capable of converting mind-numbing challenges into mind-boggling achievements. Today's challenges require the government to unleash a series of highly focused, aggressively managed projects supported by a growing research investment in a dozen or more leading companies that in the aggregate reproduce the cumulative impact of Bell Labs, RCA Labs, Xerox PARC, and others. In essence, this approach combines reliance on the broad ecosystem of industrial and national labs with the accelerated urgency of the two major national programs. Congress and the Obama Administration have begun the dialogue on energy and health care, which is encouraging, although we're far from consensus on an approach. Critical Mass of Labs Needed But repairing the missing link in the innovation infrastructure cannot be solved by government alone; corporate labs, collaborating with universities, are needed to shorten the path between discovery and commercialization. The alliance between DuPont DD and the Massachusetts Institute of Technology exemplifies this model: Funded by $60 million since 2000 to study biotechnology, biomaterials, and catalysis, the alliance is now expanding beyond bio-based science to include nanocomposites, nanoelectronic materials, alternative energy technologies, and next-generation safety and protection materials. Such an arrangement enables the corporation to leverage the intellectual capital of top universities. Conversely, the university's connection to real-world needs provides a quicker path to market testing and commercialization. Collaboration is necessary, but the real key is achieving critical mass, in essence replacing Bell Labs' force of 30,000, and then some. Science has lost its allure as the domain for our best and brightest. Much of the best technical talent has been drawn to the promise of riches from Wall Street and financial engineering. We need to reestablish a culture that rewards and celebrates the scientist who is willing to work on tough problems even if the commercial return is less certain. Given that the U.S. economy is so much bigger than it was 40 years ago, and so much less competitive internationally, 10 or more equivalent corporate research labs are needed for critical mass. The most likely candidates are the top research corporations today? IBM, Hewlett Packard, Cisco, Google, Exxon Mobil XOM, DuPont, Microsoft, Apple, 3M MMM, General Electric, Boeing BA, and others. Many of these companies already have hundreds of PhD researchers and scientists on staff, and while their labs mostly focus on shorter-term development goals, they still retain the spirit of scientific pursuit. Even in an era of budget constraints, it's important to recognize that money is not the central problem. True, many of the cutbacks in research have resulted from budget cuts, but the fact is that the will and the strategic commitment to basic research is the more difficult part of the equation. It may be counterintuitive to create this kind of long-term investment when we have so many pressing immediate needs both in the private sector (protecting jobs and profits) and the public sector (finding ways to pay for health care, spending to repair crumbling roads, paying teachers, unemployment benefits). But we need exactly this kind of approach if we are going to reverse the cycle. Tax Incentives Could Help Consider that the Bell Labs budget peaked at $1.6 billion in 1982 (about $3.6 billion in today's dollars), and $20 billion would fund, say, three large labs and five smaller ones. Split in some ratio between public and private sources, $20 billion is not a large number. As noted earlier, IBM, Microsoft, and HP already spend $17 billion annually on R&D. If leading companies committed 5% to 10% of those R&D budgets to pure research (up from 0% to 5% today), in exchange for a tax credit or a government match, a new innovation ecosystem would quickly begin to build critical mass. From the government's perspective, the money put toward innovation today is the highest- return investment it can make. Just as a company's success is driven by blockbuster products, the exceptional economic growth of the U.S. has been driven by blockbuster industries?cars and petroleum in the 1920s, movies and radio in the 1930s, defense in the 1940s, appliances and television in the 1950s, pharmaceuticals in the 1960s, aerospace in the 1970s, PCs in the 1980s, the Internet and cellular telephony in the 1990s. What's next? Biotech, genomics, and life sciences? Alternative energy and synthetic fuels? Preventive medicine and health-care delivery? Each can be the source of millions of high-value jobs. We need them. Soon. The choice facing the country is to do nothing and risk the inevitable decline of innovation, which will weaken an already sputtering demand engine, or act boldly by reasserting its faith in scientific inquiry and discovery. That will give the U.S. a shot at holding or increasing market share of the highest-value jobs in the world in electronics, biotech, aerospace, energy, nanotechnology, and materials?and at creating 15 to 17 million high-paying new jobs over the next decade. How to Get Back on Track We can't do this as a series of half steps that are expensive but ineffectual, that don't reach critical mass or critical rate of change. This middle-road approach might well describe NASA over the past 30 years?not a good model. The better model is the previous U.S. business model, with a dynamic public-private network of labs and a venture-capital industry waiting downstream to commercialize ideas and turn them into large public companies that create hundreds of thousands of new jobs. Here's what's needed to get that model back on track: ? Clear national goals in two or three key areas, such as carbon-free energy and preventive medicine. ? Government commitment of $10 billion a year above and beyond spending for national agencies to jump-start new industrial research labs ? Government tax credits for corporations that commit to spending 5% to 10% (or more) of R&D on basic research Government can do a lot by, for example, refocusing DARPA on increasing energy security. But it cannot do it alone. A single page from our economic history, in 1946, might illuminate what needs to happen, and why. A Lesson from RCA Labs In 1943, Elmer Engstrom was put in charge of RCA Labs in Princeton, N.J. After the war, as he reflected on the task before him and his team, he came up with a few extraordinary observations. He talked about "the depletion of basic knowledge" resulting from the years of shifting resources away from basic science and towards war-related applications. He said that universities were great institutions, but "you couldn't count on them alone" to close the knowledge gap. Engstrom believed that is was an obligation, a duty of the great industrial labs, to "rebuild the war-depleted inventory of basic scientific knowledge." He also believed, however, that "by doing work in this field [fundamental research] of a quality which will command the respect of scientific investigators in universities, we will stimulate work there which will, in effect, enlarge the scope of the work done within RCA Laboratories and thus bring about more rapid progress." Although the causes are different, Engstrom could be providing a precise description and prescription for our situation today. He could be calling out from 1946 to our business leaders today, articulating a challenge and a solution. If only a dozen major companies respond to that challenge they can, in collaboration with the government, solve our jobs problem within a decade. If they don't? Slywotzky, a partner at management consultants Oliver Wyman, has written several books on profitability and growth. From rforno at infowarrior.org Mon Aug 31 14:42:31 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Aug 2009 10:42:31 -0400 Subject: [Infowarrior] - OT: Disney buying Marvel Comics Message-ID: (For geeks everywhere...) Disney to Pay $4 Billion for Comic Giant Marvel By THE NEW YORK TIMES http://www.nytimes.com/2009/09/01/business/media/01disney.html?_r=1&hp=&pagewanted=print The Walt Disney Company said Monday that it would buy the comic book giant Marvel Entertainment for about $4 billion. Under the terms of the deal, Marvel shareholders will receive a $30 a share in cash plus about 0.745 Disney shares for each Marvel share they own. The boards of both companies have approved the deal, which was valued at $50 a share. With the acquisition, Disney will acquire more than 5,000 Marvel characters, including Spider-Man, Iron Man, Captain America, Hulk and the X-Men. ?We believe that adding Marvel to Disney?s unique portfolio of brands provides significant opportunities for long-term growth and value creation,? the chief executive of Disney, Robert A. Iger, said in a statement. Ike Perlmutter, Marvel?s chief executive, said: ?Disney is the perfect home for Marvel?s fantastic library of characters given its proven ability to expand content creation and licensing businesses. This is an unparalleled opportunity for Marvel to build upon its vibrant brand and character properties by accessing Disney?s tremendous global organization and infrastructure around the world.? Mr. Perlmutter will oversee the Marvel properties, and will work directly with Disney?s global lines of business to build and further integrate Marvel?s properties. The acquisition comes as Disney, with its vast theme park operations and television advertising business, has been struggling because of soft advertising sales at ABC and ESPN and drooping consumer spending at theme parks. Disney?s profit in the third quarter, which ended June 27, dropped 26 percent. Over all, Disney?s net income fell to $954 million, or 51 cents a share, from $1.28 billion, or 66 cents a share, in the year-ago period. Revenue fell 7 percent, to $8.6 billion. Earnings per share for the current quarter included a one-cent restructuring charge related to an accounting gain. Excluding that charge, Disney narrowly beat Wall Street?s expectations. From rforno at infowarrior.org Mon Aug 31 14:44:40 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Aug 2009 10:44:40 -0400 Subject: [Infowarrior] - Ridge backpedals on pressure to raise terror alert level References: <4A9BE133.5010400@inetassoc.com> Message-ID: Believe what you like. Politics is politics.....semantics are semantics......conspiracy theories abound everywhere. --rf > http://www.usatoday.com/news/washington/2009-08-30-tom-ridge_N.htm > > Ridge backpedals on pressure to raise terror alert level > > By Mimi Hall, USA TODAY > WASHINGTON ? Former Homeland Security secretary Tom Ridge, speaking > for the first time about accusations made in his new book, says he > did not mean to suggest that other top Bush administration officials > were playing politics with the nation's security before the 2004 > presidential election. > > "I'm not second-guessing my colleagues," Ridge said in an interview > about The Test of Our Times, which comes out Tuesday and recounts > his experiences as head of the nation's homeland security efforts in > the first several years after the Sept. 11, 2001, attacks. > > In the book, Ridge portrays his fledgling department as playing > second fiddle to other Cabinet-level heavyweights. As secretary, he > says he was never invited to participate in National Security > Council meetings, he was left out of the information loop by the FBI > and his proposal to establish Homeland Security offices in major > cities such as New Orleans were rejected. > > His most explosive accusation: that Secretary of Defense Donald > Rumsfeld and Attorney General John Ashcroft pressed him to raise the > national threat level after Osama bin Laden released a videotape > criticizing President Bush shortly before Election Day 2004. Ridge > writes he rejected raising the level because bin Laden had released > nearly 20 such tapes since 9/11 and the latest contained nothing > suggesting an imminent threat. > > Noting that Bush's approval ratings typically went up when the > threat level was raised, Ridge writes that Ashcroft and Rumsfeld > pushed to elevate it during a "vigorous" discussion. > > "Ashcroft strongly urged an increase in the threat level, and was > supported by Rumsfeld," he writes. "There was absolutely no support > for that position within our department. None. I wondered, 'Is this > about security or politics?' " > > Although he prevailed and the threat level was not elevated, Ridge > writes that the episode reinforced his decision to resign. He did so > weeks after the election. > > Last week, when word got out about Ridge's accusations, Rumsfeld's > spokesman Keith Urbahn issued a statement calling them "nonsense." > > Now, Ridge says he did not mean to suggest he was pressured to raise > the threat level, and he is not accusing anyone of trying to boost > Bush in the polls. "I was never pressured," Ridge said. > > The former secretary and Pennsylvania governor, who now heads a > security consulting firm called Ridge Global, also said in the > interview that: > > ? He and his immediate successor, Michael Chertoff, recently were > asked to speak with a panel considering changes to the color-coded > threat advisory system for new Homeland Security Secretary Janet > Napolitano. > > ? He is "dumbfounded" that the government still has no way to track > foreign visitors who don't leave the country when their visas > expire, noting that two of the 9/11 hijackers were in the country on > expired visas. > > ? Government officials and members of Congress rarely discuss > homeland security issues and have "lost the sense of urgency" about > protecting the nation from terrorist attacks. Because of the economy > and growing budget deficits, he also is worried about funding for > future efforts to tighten security. > > From rforno at infowarrior.org Mon Aug 31 14:49:48 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Aug 2009 10:49:48 -0400 Subject: [Infowarrior] - As Internet turns 40, barriers threaten its growth Message-ID: <8816ECF8-E839-4FBF-8289-D4593E58DA69@infowarrior.org> As Internet turns 40, barriers threaten its growth By ANICK JESDANUN The Associated Press Sunday, August 30, 2009 3:00 PM http://www.washingtonpost.com/wp-dyn/content/article/2009/08/30/AR2009083001406_pf.html NEW YORK -- Goofy videos weren't on the minds of Len Kleinrock and his team at UCLA when they began tests 40 years ago on what would become the Internet. Neither was social networking, for that matter, nor were most of the other easy-to-use applications that have drawn more than a billion people online. Instead the researchers sought to create an open network for freely exchanging information, an openness that ultimately spurred the innovation that would later spawn the likes of YouTube, Facebook and the World Wide Web. There's still plenty of room for innovation today, yet the openness fostering it may be eroding. While the Internet is more widely available and faster than ever, artificial barriers threaten to constrict its growth. Call it a mid-life crisis. A variety of factors are to blame. Spam and hacking attacks force network operators to erect security firewalls. Authoritarian regimes block access to many sites and services within their borders. And commercial considerations spur policies that can thwart rivals, particularly on mobile devices like the iPhone. "There is more freedom for the typical Internet user to play, to communicate, to shop - more opportunities than ever before," said Jonathan Zittrain, a law professor and co-founder of Harvard's Berkman Center for Internet & Society. "On the worrisome side, there are some longer-term trends that are making it much more possible (for information) to be controlled." Few were paying attention back on Sept. 2, 1969, when about 20 people gathered in Kleinrock's lab at the University of California, Los Angeles, to watch as two bulky computers passed meaningless test data through a 15-foot gray cable. That was the beginning of the fledgling Arpanet network. Stanford Research Institute joined a month later, and UC Santa Barbara and the University of Utah did by year's end. The 1970s brought e-mail and the TCP/IP communications protocols, which allowed multiple networks to connect - and formed the Internet. The '80s gave birth to an addressing system with suffixes like ".com" and ".org" in widespread use today. The Internet didn't become a household word until the '90s, though, after a British physicist, Tim Berners-Lee, invented the Web, a subset of the Internet that makes it easier to link resources across disparate locations. Meanwhile, service providers like America Online connected millions of people for the first time. That early obscurity helped the Internet blossom, free from regulatory and commercial constraints that might discourage or even prohibit experimentation. "For most of the Internet's history, no one had heard of it," Zittrain said. "That gave it time to prove itself functionally and to kind of take root." Even the U.S. government, which funded much of the Internet's early development as a military project, largely left it alone, allowing its engineers to promote their ideal of an open network. When Berners-Lee, working at a European physics lab, invented the Web in 1990, he could release it to the world without having to seek permission or contend with security firewalls that today treat unknown types of Internet traffic as suspect. Even the free flow of pornography led to innovations in Internet credit card payments, online video and other technologies used in the mainstream today. "Allow that open access, and a thousand flowers bloom," said Kleinrock, a UCLA professor since 1963. "One thing about the Internet you can predict is you will be surprised by applications you did not expect." That idealism is eroding. An ongoing dispute between Google Inc. and Apple Inc. underscores one such barrier. Like some other mobile devices that connect to the Internet, the iPhone restricts the software that can run on it. Only applications Apple has vetted are allowed. Apple recently blocked the Google Voice communications application, saying it overrides the iPhone's built-in interface. Skeptics, however, suggest the move thwarts Google's potentially competing phone services. On desktop computers, some Internet access providers have erected barriers to curb bandwidth-gobbling file-sharing services used by their subscribers. Comcast Corp. got rebuked by Federal Communications Commission last year for blocking or delaying some forms of file- sharing; Comcast ultimately agreed to stop that. The episode galvanized calls for the government to require "net neutrality," which essentially means that a service provider could not favor certain forms of data traffic over others. But that wouldn't be a new rule as much as a return to the principles that drove the network Kleinrock and his colleagues began building 40 years ago. Even if service providers don't actively interfere with traffic, they can discourage consumers' unfettered use of the Internet with caps on monthly data usage. Some access providers are testing drastically lower limits that could mean extra charges for watching just a few DVD- quality movies online. "You are less likely to try things out," said Vint Cerf, Google's chief Internet evangelist and one of the Internet's founding fathers. "No one wants a surprise bill at the end of the month." Dave Farber, a former chief technologist at the Federal Communications Commission, said systems are far more powerful when software developers and consumers alike can simply try things out. Farber has unlocked an older iPhone using a warrantee-voiding technique known as jail-breaking, allowing the phone to run software that Apple hasn't approved. By doing that, he could watch video before Apple supported it in the most recent version of the iPhone, and he changed the screen display when the phone is idle to give him a summary of appointments and e-mails. While Apple insists its reviews are necessary to protect children and consumer privacy and to avoid degrading phone performance, other phone developers are trying to preserve the type of openness found on desktop computers. Google's Android system, for instance, allows anyone to write and distribute software without permission. Yet even on the desktop, other barriers get in the way. Steve Crocker, an Internet pioneer who now heads the startup Shinkuro Inc., said his company has had a tough time building technology that helps people in different companies collaborate because of security firewalls that are ubiquitous on the Internet. Simply put, firewalls are designed to block incoming connections, making direct interactions between users challenging, if not impossible. No one's suggesting the removal of all barriers, of course. Security firewalls and spam filters became crucial as the Internet grew and attracted malicious behavior, much as traffic lights eventually had to be erected as cars flooded the roads. Removing those barriers could create larger problems. And many barriers throughout history eventually fell away - often under pressure. Early on, AOL was notorious for discouraging users from venturing from its gated community onto the broader Web. The company gradually opened the doors as its subscribers complained or fled. Today, the company is rebuilding its business around that open Internet. What the Internet's leading engineers are trying to avoid are barriers that are so burdensome that they squash emerging ideas before they can take hold. Already, there is evidence of controls at workplaces and service providers slowing the uptake of file-sharing and collaboration tools. Video could be next if consumers shun higher-quality and longer clips for fear of incurring extra bandwidth fees. Likewise, startups may never get a chance to reach users if mobile gatekeepers won't allow them. If such barriers keep innovations from the hands of consumers, we may never know what else we may be missing along the way. --- Anick Jesdanun, deputy technology editor at The Associated Press, has been writing about the Internet since its 30th anniversary in 1999. He can be reached at njesdanun(at)ap.org. ? 2009 The Associated Press From rforno at infowarrior.org Mon Aug 31 17:47:09 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Aug 2009 13:47:09 -0400 Subject: [Infowarrior] - Gmail may hand over IP addresses of journalists Message-ID: <2679788A-AE82-4761-9E0F-8F7A45D1406B@infowarrior.org> Gmail may hand over IP addresses of journalists From Wikileaks Monday August 31, 2009 By Julian Assange (WikiLeaks) http://www.wikileaks.org/wiki/Gmail_may_hand_over_IP_addresses_of_journalists A California court has issued a subpoena demanding Google reveal the IP addresses of journalists writing for a corruption busting journal from the Caribbean. The August 28 subpoena, issued by the Superior Court, County of Santa Clara, as part of a "libel tourism" action taken by non-US property developers, demands detailed information about the operators of "tcijournal at gmail.com ". The account is the main email address of the TCI Journal, the most influential journal covering the Turks & Caicos Islands. The Islands are a tourist mecca and tax haven in the Caribbean sea, and until August 14 were an independent British protectorate. Exposures in the Journal culminated in a dramatic UK governance takeover of the Islands on August 14. A trail of evidence dug up by the TCI Journal, a UK commission of inquiry, and others, showed that foreign property developers were giving millions in secret loans and payments to senior Islander politicians, including an alleged $500,000 cash payment to the Island's now former Premier, Michael Misick. The Commission of Inquiry Final Report was released on the 18th of July this year in significatly redacted form. A full version was released by WikiLeaks. A High Court case ensued which initially enjoined all media in the Islands from reporting the redacted findings, however within a few days this restriction was overturned. The Gmail subpeona applicant, property developer Dr. Cem Kinay, along with his two companies, Turks Ltd, and Star Platinum Island, were mentioned several times during public oral hearings of the Commission of Inquiry and featured significantly in the redacted portions of the Commission's Final Report. In particular there are allegations of bribery of public officials (e.g of the Premier with an irregular payment of $500,000), in the acquisition of public land valued by the government appraiser at approximately $60 - $100 million dollars U.S., for a price of $3.2 million dollars. On August 14, the UK announced that it had taken direct rule over the Islands and suspended its parliament. According to the notifying letter from Google to the Journal, Google intends to hand over the requested records in just over two weeks, without any defense, and states that the Journal may file a counter- motion with the Santa-Clara court itself. Subpoenas for records are rubber-stamped by US courts, meaning that anyone in a position to start law suits in California can obtain private information about Gmail users who are not in a position to respond in kind, including cash-strapped corruption busting journalists from the Caribbean. Google has elected to keep extensive, non-anoymized records on its users, but not defend these records from disclosure. This combination, together with inequitable access to justice in Californian courts, is toxic. From rforno at infowarrior.org Mon Aug 31 17:48:48 2009 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 31 Aug 2009 13:48:48 -0400 Subject: [Infowarrior] - Suppressed TI cryptographic signing keys, 28 Aug 2009 Message-ID: <24DBFBA5-EBEB-41DD-81A1-0DA97BF20599@infowarrior.org> http://www.wikileaks.org/wiki/Suppressed_Texas_Instruments_cryptographic_signing_keys%2C_28_Aug_2009 Suppressed Texas Instruments cryptographic signing keys, 28 Aug 2009 Texas Instruments, a large US electronics company, is the market leader for sophisticated programable calculators used by millions of students and engineers. Recently, TI has served internet publishers with DMCA legal threats for distributing cryptographic keys that permit owners of TI calculators to install third-party system software on TI calculators -- an anti-competitive, and arguably unethical act by TI. The file here presents the Operating System signing keys for different Texas Instruments calculators. The key for the TI-83 calculator was first published by someone at the unitedti.org forum [1]. He or she needed several months to crack it. The other keys were found after a few weeks by the unitedti.org community through a distributed computing project. The keys make it possible for people to create new OS software to be used on Texas Instruments calculators. Texas Instruments contacted several people with DMCA notices to take down the keys from their websites. Some of the websites which got a DMCA notice are: unitedti.org, brandonw.net and reddit.com. One of these DCMA notices can be found here: http://brandonw.net/calcstuff/DMCA_notice.txt http://www.wikileaks.org/wiki/Suppressed_Texas_Instruments_cryptographic_signing_keys%2C_28_Aug_2009