From rforno at infowarrior.org Wed Dec 1 10:52:08 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 1 Dec 2010 11:52:08 -0500 Subject: [Infowarrior] - Race Is On to 'Fingerprint' Phones, PCs Message-ID: <5B67382C-8FAF-49EC-A62A-FF62ABEED529@infowarrior.org> Race Is On to 'Fingerprint' Phones, PCs By JULIA ANGWIN And JENNIFER VALENTINO-DEVRIES http://online.wsj.com/article/SB10001424052748704679204575646704100959546.html#printMode IRVINE, Calif.?David Norris wants to collect the digital equivalent of fingerprints from every computer, cellphone and TV set-top box in the world. Companies are developing digital fingerprint technology to identify how we use our computers, mobile devices and TV set-top boxes. WSJ's Simon Constable talks to Senior Technology Editor Julia Angwin about the next generation of tracking tools. He's off to a good start. So far, Mr. Norris's start-up company, BlueCava Inc., has identified 200 million devices. By the end of next year, BlueCava says it expects to have cataloged one billion of the world's estimated 10 billion devices. Advertisers no longer want to just buy ads. They want to buy access to specific people. So, Mr. Norris is building a "credit bureau for devices" in which every computer or cellphone will have a "reputation" based on its user's online behavior, shopping habits and demographics. He plans to sell this information to advertisers willing to pay top dollar for granular data about people's interests and activities. Device fingerprinting is a powerful emerging tool in this trade. It's "the next generation of online advertising," Mr. Norris says. It might seem that one computer is pretty much like any other. Far from it: Each has a different clock setting, different fonts, different software and many other characteristics that make it unique. Every time a typical computer goes online, it broadcasts hundreds of such details as a calling card to other computers it communicates with. Tracking companies can use this data to uniquely identify computers, cellphones and other devices, and then build profiles of the people who use them. Until recently, fingerprinting was used mainly to prevent illegal copying of computer software or to thwart credit-card fraud. BlueCava's own fingerprinting technology traces its unlikely roots to an inventor who, in the early 1990s, wanted to protect the software he used to program music keyboards for the Australian pop band INXS. Tracking companies are now embracing fingerprinting partly because it is much tougher to block than other common tools used to monitor people online, such as browser "cookies," tiny text files on a computer that can be deleted. As controversy grows over intrusive online tracking, regulators are looking to rein it in. This week, the Federal Trade Commission is expected to release a privacy report calling for a "do-not-track" tool for Web browsers. Ad companies are constantly looking for new techniques to heighten their surveillance of Internet users. Deep packet inspection, a potentially intrusive method for peering closely into the digital traffic that moves between people's computers and the broader Internet, is being tested in the U.S. and Brazil as a future means to deliver targeted advertising. Akamai Technologies Inc., an Internet-infrastructure giant that says it delivers 15% to 30% of all Web traffic, is marketing a technique to track people's online movements in more detail than traditional tools easily can. It's tough even for sophisticated Web surfers to tell if their gear is being fingerprinted. Even if people modify their machines?adding or deleting fonts, or updating software?fingerprinters often can still recognize them. There's not yet a way for people to delete fingerprints that have been collected. In short, fingerprinting is largely invisible, tough to fend off and semi-permanent. Device fingerprinting is legal. U.S. Rep. Bobby Rush (D.,Ill.), proposed legislation in July that would require companies that use persistent identifiers, such as device fingerprints, to let people opt out of being tracked online. Fingerprinting companies are racing to meet the $23 billion U.S. online-ad industry's appetite for detailed consumer behavior. Previously, the companies focused on using device fingerprints to prevent software theft or to identify computers making fraudulent transactions, in hopes of preventing future attempts. Mr. Norris's firm, BlueCava, this year spun off from anti-piracy company Uniloc USA Inc. to start offering services to advertisers and others. One of the leading e-commerce fraud-prevention firms, 41st Parameter Inc., has begun testing its device-fingerprinting techniques with several online-ad companies. Another anti-fraud company, iovation Inc. of Portland, Ore., says it is exploring the use of device profiles to help websites customize their content. BlueCava says the information it collects about devices can't be traced back to individuals and that it will offer people a way to opt out of being tracked. Still, Mr. Norris says it's tough to figure out how to alert people their devices are being fingerprinted. "We don't have all the answers, but we're just going to try to be really clear" about how the data is used, he says. Neither BlueCava nor 41st Parameter explicitly notified the people whose devices have been fingerprinted so far. Both companies say the data-gathering is disclosed in the privacy policies of the companies they work with. BlueCava says it doesn't collect personal information such as people's names. Its privacy policy says it gathers "just boring stuff that most people couldn't care less about." Ori Eisen, founder of 41st Parameter, says using fingerprinting to track devices is "fair game" because websites automatically get the data anyway. Some advertisers are enthusiastic about fingerprinting. Steel House Inc., a Los Angeles-based ad company, has been testing 41st Parameter's technology for three months on websites of its clients, which include Cooking.com Inc. and Toms Shoes Inc. (Clients weren't notified of the test, and fingerprints weren't used to display ads.) In its examination of 70 million website visits, 41st Parameter found it could generate a fingerprint about 89% of the time. By comparison, Steel House was able to use cookies for tracking on only about 78% of visits, because some people blocked or deleted cookies. "It's almost like a revolution," says Mark Douglas, founder and CEO of Steel House. "Our intent is that it can completely replace the use of cookies." Steel House offers people a way to opt out of its current cookie-based ads and says it would do the same if it adopts fingerprints. "I definitely don't want to be in the sights of the privacy people," Mr. Douglas says. Computers need to broadcast details about their configuration in order to interact smoothly with websites and with other computers. For example, computers announce which specific Web browsers they use, along with their screen resolution, to help websites display correctly. There are hundreds of parameters. "We call them the 'toys on the table,'" says Mr. Norris of BlueCava. "Everyone has the same toys on the table. It's how you rearrange them or look at them that is the secret sauce" used to fingerprint a specific computer. BlueCava's secret sauce hails from Sydney, Australia, in the early 1990s. Back then, inventor Ric Richardson was helping musicians including the band INXS to use new software for playing their electronic keyboards. "They'd say what sound they wanted, and I'd do it," says Mr. Richardson, who today works out of a van parked near an Australia beach. Mr. Richardson was frustrated when he tried to sell the music software, because there was no way to let people test it before buying. So he designed a "demonstration" version of the software that would let people test it, but not copy it. His idea: Configure his software to work only after it was linked to a unique computer. So, he developed a way to catalog each computer's individual properties. He found many subtle variations, among even outwardly similar machines. "It was amazing how different they were," he says. "There are literally hundreds of things you can measure." In 1992, he borrowed $40,000 from his parents, filed a patent application for a "system for software registration" and founded a company, Uniloc Corp. This year, Uniloc started trying to broaden its business away from software-piracy prevention. It recruited Mr. Norris, then running a company that provided photos for advertisers, to seek new uses for its technology. "What I saw was this different way of looking at things on the Web," Mr. Norris says. Mr. Norris became CEO and spun off BlueCava to market device fingerprinting both to fraud-prevention and online-ad firms. Eventually, he hopes Blue Cava can fingerprint everything from automobiles to the electrical grid. In October, Texas billionaire Mark Cuban led a group of investors who put $5 million into BlueCava. BlueCava embeds its technology in websites, downloadable games and cellphone apps. One of its first customers was Palo Alto, Calif.-based IMVU Inc., which operates an online game where 55 million registered players can build virtual identities and chat in 3-D. It wanted to combat fraudsters who were setting up multiple accounts to buy virtual clothing and trinkets with stolen credit-card numbers. Kevin Dasch, a vice president at IMVU, says BlueCava's technology "has led to a significant decline in our fraud rates." Later this year, BlueCava plans to launch its reputation exchange, which will include all the fingerprints it has collected so far. Unlike most other fraud-prevention companies, BlueCava plans to merge its fraud data with its advertising data. Rivals say they don't mix the two types of data. Greg Pierson, chief executive of iovation, says the company will never disclose specific information about people's Web-browsing behavior, "because it's unnecessary and it's dangerous. It's close to spying." Mr. Norris says collecting that data is "standard practice" in the online-ad business. Mr. Dasch of IMVU says he doesn't mind fingerprints of IMVU customers being added to the exchange, provided that they don't contain personally identifiable information such as user names, and that his company can use other exchange data in return. The idea behind BlueCava's exchange is to let advertisers build profiles of the people using the devices it has identified. For instance, BlueCava will know that an IMVU fingerprint is from someone who likes virtual-reality games. Other advertisers could then add information about that user. BlueCava also plans to link the profiles of various devices?cellphones, for instance?that also appear to be used by the same person. Blue Cava also is seeking to use a controversial technique of matching online data about people with catalogs of offline information about them, such as property records, motor-vehicle registrations, income estimates and other details. It works like this: An individual logs into a website using a name or e-mail address. The website shares those details with an offline-data company, which uses the email address or name to look up its files about the person. The data company then strips out the user's name and passes BlueCava information from offline databases. BlueCava then adds those personal details to its profile of that device. As a result, BlueCava expects to have extremely detailed profiles of devices that could be more useful to marketers. In its privacy policy, BlueCava says it plans to hang onto device data "for the foreseeable future." Advertisers are starting to test BlueCava's system. Mobext, the U.S. cellphone-advertising unit of the French firm Havas SA, is evaluating BlueCava's technology as a way to target users on mobile devices. "It's a better level of tracking," says Rob Griffin, senior vice president at Havas Digital. Phuc Truong, managing director of Mobext, explains that tracking on cellphones is difficult because cookies don't always work on them. By comparison, he says, BlueCava's technology can work on all phones. "I think cookies are a joke," Mr. Norris says. "The system is archaic and was invented by accident. We've outgrown it, and it's time for the next thing." Write to Julia Angwin at julia.angwin at wsj.com and Jennifer Valentino-DeVries at jennifer.valentino-devries at wsj.com From rforno at infowarrior.org Wed Dec 1 14:40:56 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 1 Dec 2010 15:40:56 -0500 Subject: [Infowarrior] - WH FACT SHEET: U.S. Government Mitigation Efforts in Light of the Recent Unlawful Disclosure of Classified Information Message-ID: THE WHITE HOUSE Office of the Press Secretary __________________________________________________________________ For Immediate Release December 1, 2010 FACT SHEET: U.S. Government Mitigation Efforts in Light of the Recent Unlawful Disclosure of Classified Information As part of an integrated federal government approach to respond to the unlawful and irresponsible disclosure of classified information by Wikileaks, the National Security Staff has been coordinating an interagency effort to examine the policies and practices surrounding the handling of classified information, and to put in place safeguards to prevent such a compromise from happening again. The 9/11 attacks and their aftermath revealed gaps in intra-governmental information sharing. During the past decade, departments and agencies have tried to eliminate those gaps, resulting in considerable improvement in information-sharing. At the same time, federal policies underscore the importance of the existing prohibitions, restrictions, and requirements regarding the safeguarding of classified information. Our national security requires that sensitive information be maintained in confidence to protect our citizens, our democratic institutions, our homeland and our partners. Protecting information critical to our nation?s security is the responsibility of each individual and agency granted access to classified information. NATIONAL SECURITY STAFF INITIATIVES On December 1, 2010, the National Security Advisor named Russell Travers to serve as the National Security Staff?s Senior Advisor for Information Access and Security Policy. Travers will lead a comprehensive effort to identify and develop the structural reforms needed in light of the Wikileaks breach. His responsibilities will include: ? Advising the National Security Staff on corrective actions, mitigation measures, and policy recommendations related to the breach. ? Facilitating interagency discussions and developing options for Deputies, Principals, and the President regarding technological and/or policy changes to limit the likelihood of such a leak reoccurring. Additionally, the President?s Intelligence Advisory Board (PIAB) will take an independent look at the means by which the Executive Branch as a whole shares and protects classified information. While the PIAB?s traditional mandate is the examination of intelligence issues, the members? requisite security clearances, deep understanding of the wider United States Government national security mission and appreciation of the scope and complexity of classified government computer networks, make it particularly well-suited to immediately undertake this U.S. Government-wide review. As a part of this undertaking, the PIAB will: ? Work with departments and agencies across the government to ensure they gain a comprehensive appreciation of all relevant challenges and requirements necessary to safeguard classified information and networks. ? Examine the current posture of the whole of government with regard to leaks of classified information. ? Examine the balance between the need to share information and the need to protect information. ? Review the degree to which the government is organized to achieve information handling goals, consistent with our interests in security, information sharing, and transparency. These efforts by the NSS and the PIAB will complement actions being taken across the Federal Government. The Office of Management and Budget (OMB) has directed each department or agency that handles classified information establish a security assessment team consisting of counterintelligence, security, and information assurance experts to review the agency?s implementation of procedures for safeguarding classified information against improper disclosures. The OMB has directed that each review should include (without limitation) evaluation of the agency?s configuration of classified government systems to ensure that users do not have broader access than is necessary to do their jobs effectively, as well as implementation of restrictions on usage of, and removable media capabilities from, classified government computer networks. The OMB, the Information Security Oversight Office, and the Office of the Director of National Intelligence will stand up processes to evaluate, and to assist agencies in their review of security practices with respect to the protection of classified information. Prior to the issuance of this OMB Directive, several agencies had proactively initiated measures to further safeguard classified information and networks. The following are examples of the numerous mitigation efforts underway across the interagency. DEPARTMENT OF STATE INITIATIVES The Secretary of State has commissioned a review of State Department security procedures. The Under Secretary for Management has assembled a team of senior management professionals in all related areas to conduct a thorough review of current policies and procedures to ensure that they are fully abreast of the challenges faced. Their efforts will be coordinated with the Bureau of Intelligence and Research to ensure that a measures taken strike the correct balance between the critical need to protect classified information and the equally compelling requirement to ensure that it is shared with those who need it in their work to advance our national security. This review has already reaffirmed the Department?s policy of deploying ?thin client? computer units without removable media options and limiting the ability to download material from classified terminals to only approved and controlled circumstances. The Department will also deploy an automated tool that will continuously monitor the classified network to detect anomalies that would not be readily apparent. This capability will be backed up by a professional staff who will promptly analyze these anomalies to ensure that they do not represent threats to the system. The mandatory annual training and recertification requirement that all employees must satisfy is being reviewed to see if additional material needs to be added to bolster this on-going effort. In the interim, the Department has suspended access to the Net Centric Diplomacy (NCD) database of diplomatic reporting , and its classified ?ClassNet? web sites and SharePoint sites previously accessible through the Secret Internet Protocol Router Network (SIPRNet), while retaining access via the Joint Worldwide Intelligence Communications System.. DEPARTMENT OF DEFENSE (DoD) INITIATIVES On August 12, 2010, Defense Secretary Robert Gates commissioned two reviews to determine what policy, procedural and/or technological shortfalls contributed to the unauthorized disclosure to the Wikileaks website. He specifically directed an assessment to determine if the DoD had appropriately balanced restrictions associated with information security and the need to provide our front-line personnel with the information needed to accomplish their assigned missions. As a result of these two reviews, a number of findings and recommendations are in the process of being assessed and implemented, including the following: ? Disabling and controlling use of removable storage media on DoD classified networks to prevent download from classified networks. ? Developing procedures to monitor and detect suspicious, unusual or anomalous user behavior (similar to procedures now being implemented by credit card companies to detect and monitor fraud). ? Conducting security oversight inspections in all Combatant Commands. ? Undertaking vulnerability assessments of DoD networks. ? Improving awareness and compliance with information protection procedures. Specific examples being undertaken at the Combatant Command level include: ? Increased ?insider threat? training focusing on awareness of associated activity. ? Multi-discipline training between traditional security, law enforcement and information assurance at all echelons. ? The establishment of ?Insider Threat Working Groups? to address the Wikileaks incident and prevent reoccurrence. ? Component-determined restricted access to the Wikileaks site to prevent further dissemination or downloading of classified information to unclassified DoD networks. ? Restating of policy to all personnel regarding restrictions on downloading to government systems and cautionary advice regarding personal IT systems. Individual DoD components are taking additional action as relevant and appropriate, ranging from random physical inspections to enabling new security features on networks. Leadership reinforcement of workforce responsibilities and new initiatives to safeguard information are key components of DoD?s mitigation efforts. Department-wide, the Pentagon is accelerating its publication of policy issuances related to the information security program as well as focusing increased attention on detecting potential insider threats. OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE (ODNI) INITIATIVES The ODNI is working as part of the integrated whole of government approach to assist agencies in their review of security practices. In coordination with the larger OMB effort, ODNI is developing recommendations to enhance security within the Intelligence Community (IC), to include: ? Insider Threat Assessment Inspections: Departments and Agencies will establish inspection teams, with assistance provided by ODNI/ONCIX, consisting of Counterintelligence (CI), Security, and Information Assurance (IA) experts to identify removable media policies and their implementation. ? Enhanced Automated, On-Line Audit Capability: Systems will monitor user activity on all IC classified computer systems to detect unusual behavior. Additionally, a fully staffed analytic capability will put a human eye on the suspect activity. ? Removable Media Policies Review: Department and Agencies will review current policies and procedures to reduce risk posed by removable media within each organization. ? Policy Compliance Action Plan: Departments and Agencies will assess the level of compliance with existing CI, Security, and IA policies to identify discrepancies and will establish a plan to track and report improvements. ? Information Assurance Training: Departments and Agencies will conduct mandatory regular trainings for all employees on the handling of classified information. ? Review Secure Device Settings: Departments and Agencies will mandate a compliance review of secure system configuration settings. ### The White House ? 1600 Pennsylvania Avenue, NW ? Washington DC 20500 ? 202-456-1111 From rforno at infowarrior.org Wed Dec 1 14:48:36 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 1 Dec 2010 15:48:36 -0500 Subject: [Infowarrior] - WikiLeaks pulled by Amazon after US political pressure Message-ID: <56A44E1C-BCD1-4650-BA94-ACDEDD83C304@infowarrior.org> WikiLeaks website pulled by Amazon after US political pressure Site hosting leaked US embassy cables is ousted from American servers as senator calls for boycott of WikiLeaks by companies ? Ewen MacAskill in Washington ? guardian.co.uk, Wednesday 1 December 2010 19.59 GMT http://www.guardian.co.uk/media/2010/dec/01/wikileaks-website-cables-servers-amazon?CMP=twt_gu The United States struck its first blow against WikiLeaks after Amazon.com pulled the plug on hosting the whistleblowing website in an apparent reaction to heavy political pressure. The main website and a sub-site devoted to the diplomatic documents were unavailable from the US and Europe on Wednesday, as Amazon servers refused to acknowledge requests for data. The plug was pulled as the influential senator and chairman of the homeland security committee, Joe Lieberman, called for a boycott of the site by US companies. "[Amazon's] decision to cut off WikiLeaks now is the right decision and should set the standard for other companies WikiLeaks is using to distribute its illegally seized material," he said. "I call on any other company or organisation that is hosting WikiLeaks to immediately terminate its relationship with them." The department of homeland security confirmed Amazon's move, referring journalists to Lieberman's statement. WikiLeaks tweeted in response: "WikiLeaks servers at Amazon ousted. Free speech the land of the free ? fine our $ are now spent to employ people in Europe." The development came amid increasingly angry and polarised political opinion in America over WikiLeaks, with some conservatives calling for the organisation's founder, Julian Assange, to be executed as a spy. Availability of his website has been patchy since Sunday, when it started to come under a series of internet-based attacks by unknown hackers. WikiLeaks dealt with the attacks in part by moving to servers run by Amazon Web Services, which is self-service. Amazon.com would not comment on its relationship with WikiLeaks or whether it forced the site to leave. Messages seeking comment from WikiLeaks were not immediately returned. The fury building up among rightwingers in the US, ranging from the potential Republican presidential candidate Mike Huckabee to conservative blogsites such as Red State, contrasted with a measured response from the Obama administration. The White House, the state department and the Pentagon continued to denounce the leaks, describing them as "despicable". But senior administration officials, with a sense of weary resignation, also called on people to put the leaks into context and insisted they had not done serious damage to US relations. The White House press secretary, Robert Gibbs, shrugged aside as "ridiculous" a call by Assange, interviewed by Time magazine, via Skype from an undisclosed location, for the resignation of the secretary of state, Hillary Clinton, over an order to spy on the United Nations. "I'm not entirely sure why we care about the opinion of one guy with one website," Gibbs said. "Our foreign policy and the interests of this country are far stronger than his one website." John Kerry, the Democratic head of the Senate foreign relations committee, on Sunday denounced the leaks but he sounded more sanguine at an event in Washington on Tuesday night. He said there was a "silver lining" in that it was now clear where everyone stood on Iran. "Things that I have heard from the mouths of King Abdullah [of Saudi Arabia] and Hosni Mubarak [Egyptian president] and others are now quite public," Kerry said. He went on to say there was a "consensus on Iran". But others, particularly rightwingers, are seeking retribution, with Assange as the prime target. Legal experts in the US were divided over whether the US could successfully prosecute Assange under the 1917 espionage act. Sceptics said the US protections for journalists would make such a prosecution difficult and also cited pragmatic issues, such as the difficulty of extraditing Assange, an Australian. Huckabee, who was among the contenders for the Republican presidential nomination in 2008 and is likely to stand again in 2012, told the Politico website: "Whoever in our government leaked that information is guilty of treason, and I think anything less than execution is too kind a penalty." His later comments suggest he had in mind Bradley Manning, the US private in Iraq who is suspected of leaking the information and is under arrest in Virginia, rather than Assange. Another potential Republican candidate for the presidency, Sarah Palin, had earlier called for Assange to be hunted down. Conservative blogs and commentators are full of ire directed at Assange, and criticism of the Obama administration for its seeming inability to do anything about it. Typical is a blog by lexington_concord on Red State, a popular rightwing site, in which the writers says Assange is a spy. "Under the traditional rules of engagement he is thus subject to summary execution and my preferred course of action would [be] for Assange to find a small calibre round in the back of his head." The attorney general, Eric Holder, this week hinted at legal action but did not clarify whether he had in mind Manning or Assange. A department of justice spokeswoman failed to clarify this : "He [Holder] said the department would pursue those to be found violating the law." The Pentagon press secretary, Geoff Morrell, interviewed on Fox, suggested Holder's reference had been to Assange. Asked why the US was not mounting a cyberattack on WikiLeaks, Morrell said the disclosures were awkward and embarrassing but these were not sufficient grounds for offensive action.He referred back to comments made the previous day by the defence secretary, Robert Gates, who attempted to put the leaks in perspective. Gates said: "Is this embarrassing? Yes. Is it awkward? Yes. Consequences for US foreign policy: I think fairly modest." A former defence secretary under Bill Clinton, William Cohen, echoed Gates, saying that the information was probably not fatal. Cohen joined the chorus calling for Assange to be prosecuted, provided he can be found. "He may be hiding in a cave with Osama bin Laden. We don't know where he is but I am confident we will find him in the near future. He will be arrested and brought to justice," Cohen said. Ruth Wedgwood, a former federal prosecutor and Johns Hopkins law professor, said, in an email exchange, that Assange, an Australian, could prosecuted. "A person who steals or knowingly receives and transmits protected national security information is not exempt from US criminal law merely because he is foreigner. The Espionage Act has been used to prosecute foreign defendants as well as Americans. "Freedom of the press and the First Amendment would not shelter someone who deliberately steals tens of thousands of closely-held communications containing national security and defence information, and wantonly publishes them to both friends and foes alike, with heedless disregard for the damage that is caused." Floyd Abrams, the constitutional expert who has argued before the supreme court on the First Amendment, which enshrines press freedom, was more sceptical. He said the government had a plausible case under the Espionage Act, which is phrased very broadly. The government had looked in 1971 at prosecution of the New York Times over the Pentagon Papers leak and decided against. "Here I think it is a closer call. The documents are much more current and they have the potential to do more harm, for example the reference to the King of Saudi Arabia urging the US to bomb Iran," Abrams said in an phone interview. "I think for the government it must be a close call. On the one hand, the leaks are of such magnitude and involve topics of such sensitivity and currency, it must be tempting to consider prosecution but on the other hand the government would be forced to address difficult and sensitive issues of whether a journalist could be accused of violating the law." He added that Assange was not a journalist but does some of the things associated with journalism. Another legal expert, Scott Silliman, a professor at the Duke University School of Law, said: "A US prosecution of Assange would be possible, but it would be fraught with problems for the government. The applicable statute, section 793(e) of the Espionage Act, is somewhat ambiguous when dealing with a case of this type where the accused claims to be part of or allied with the media. Further, there will probably be difficulties in having Assange extradited to the United States for trial." From rforno at infowarrior.org Wed Dec 1 15:45:51 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 1 Dec 2010 16:45:51 -0500 Subject: [Infowarrior] - DHS Admits It's The Private Police Force Of The Entertainment Industry Message-ID: <4C2F18BE-B9A4-41AA-9681-3BD3D3589547@infowarrior.org> Homeland Security Admits That It's The Private Police Force Of The Entertainment Industry from the your-taxpayer-money-at-work dept http://www.techdirt.com/articles/20101130/23192212067/homeland-security-admits-that-its-private-police-force-entertainment-industry.shtml We've been quite concerned about the legality of Homeland Security's domain name seizures -- especially in cases where they took down sites that had a ton of legitimate content, such as various hip hop blogs, with no due process and no adversarial hearings. One other concern was where Homeland Security's direction on this was coming from. As we noted, in an earlier similar domain name seizure situation, Homeland Security announced the seizures from Disney's headquarters -- which should raise lots of eyebrows. As we said at the time, imagine any other government agency announcing a third party action that benefits a particular company from that company's offices. For example, imagine the FTC announcing antitrust actions against Google from Microsoft's offices. Wouldn't people question the legitimacy of that? Well, apparently, Homeland Security and the folks in its Immigration & Customs Enforcement (ICE) group have no qualms at all about being quite upfront and frank about both the fact that they're acting as Hollywood's private police force and that they have little concern for due process. Entertainment Weekly spoke with Erik Barnett, the "assistant deputy director" for ICE, and he readily admitted that they were taking orders from the industry: "In general, what we can say is, there are specific complaints from rights holders that these sites were infringing on copyrights." That alone should give you pause. Rights holders have a long and very detailed history of greatly over-exaggerating when their rights were supposedly being "infringed" upon. Remember Jack Valenti of the MPAA claiming that the VCR was the Boston Strangler to the movie industry? Why didn't Customs "swoop in" and block all VCRs from being sold? Why? Because that would be ridiculous. So why is it effectively doing the exact same thing here? As for due process, Barnett apparently doesn't care, and pretends that due process is basically ICE says you're guilty, so you are: "I mean, when we're conducting criminal investigations, we don't notify criminals that you need to abate your criminal conduct or there's going to be an enforcement action against you," says Barnett. He is not particularly sympathetic to bloggers who might feel that the shutdowns have damaged their livelihoods without due process. "I understand that this is a question that gets raised," he says. "But from a law enforcement agency standpoint, there's criminal activity. The process that's set up to address that is a law enforcement agency investigates, which is what Homeland Security Investigations does. The Justice Department determines if the elements of the criminal statute have been met. And then a judge determines if the enforcement action that's proposed -- in this case, a seizure warrant -- is appropriate. So that's the process.? Notice he never mentions an actual trial where the other side gets to put forth its arguments. Of course, for those of us who actually understand due process -- as opposed to just Barnett's cowboy process, we understand that normally you have an adversarial hearing where the other side gets to present its case before summarily being declared guilty. If there's "criminal activity" (and even that's questionable -- as it's difficult to see how what these blogs did goes beyond civil infringement, if it really was infringing at all), then you arrest them and put them on trial. You don't just seize the domains. Barnett also claims that this is no different than Customs seizing shipments of counterfeit goods as they enter the US, but that's a huge stretch. Customs' job is to guard what crosses the borders. That's it. Seizing entire domain names because there may be some infringing material on the site (which, again, was never established at a trial) has absolutely nothing to do with protecting the borders. And the very fact that Barnett's already admitted to relying on the industry's say so that these things are infringing is downright scary. Why are our tax dollars being used to protect legacy entertainment industry companies that refuse to adapt? From rforno at infowarrior.org Wed Dec 1 21:13:30 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 1 Dec 2010 22:13:30 -0500 Subject: [Infowarrior] - WikiLeaks May Prompt U.S. to Reverse Post-9/11 Data Sharing Message-ID: <740A712C-7638-4AFB-9A25-A30B0BF5667C@infowarrior.org> WikiLeaks Secrecy Breach May Prompt U.S. to Reverse Post-9/11 Data Sharing By Viola Gienger - Dec 1, 2010 10:45 AM ET Wed Dec 01 15:45:08 GMT 2010 http://www.bloomberg.com/news/2010-12-01/wikileaks-secrecy-breach-may-upturn-post-sept-11-u-s-data-sharing.html The U.S. government is rolling back years of efforts to internally share information on terrorists and other threats, a result that runs counter to WikiLeaks.org founder Julian Assange?s stated goal of making government more open. The July WikiLeaks release of 75,000 records from the Afghan War, October?s leak of 400,000 Army field reports from Iraq and this week?s deluge of 250,000 cables from U.S. embassies around the world have prompted the Pentagon and the State Department to cut back access. White House Budget Director Jacob Lew has ordered all agencies to review security for classified data. The commission that studied the intelligence failures preceding the Sept. 11 terror attacks on New York and the Pentagon said the failure to share critical information among government agencies was partly to blame. The 9/11 Commission called for government agencies to replace their ?need-to-know? strictures with a ?need-to-share? philosophy to raise their odds of piecing together evidence that would prevent attacks. ?Obviously that aperture went too wide,? Defense Secretary Robert Gates told reporters at the Pentagon yesterday. ?There?s no reason for a young officer at a forward operating post in Afghanistan to get cables having to do with? Russian nuclear arms negotiations, he said as an example. Spreading confidential information widely across the government increases the chance of leaks. Secretary of State Hillary Clinton on Monday said WikiLeaks? disclosure of sensitive diplomatic cables could hurt negotiations and in some cases endanger individuals. Balancing Needs The State Department has tightened up the way those documents will be shared in the future. Even people who called for greater sharing following the Sept. 11 attacks say it was time for a correction. ?We understood after 9/11 we didn?t share enough,? White House spokesman Robert Gibbs said today on CNN?s ?American Morning? program. ?Now we understand we have to balance the need to share with the need to know.? ?I think it?s going to swing back,? said Richard Fontaine, a former Senate Armed Services Committee staff member who helped draft legislation implementing the 9/11 Commission?s recommendations. ?The cost of this and the Afghanistan and Iraq leaks seriously outweighs the benefits of having this kind of information? shared so broadly, Fontaine said. The latest release from WikiLeaks includes cables from 274 U.S. embassies, including confidential assessments of foreign leaders such as German President Angela Merkel and sensitive conversations about strategy on Iran, China or Russia. More Restrictions ?There?s going to be more restrictions and greater compartmentalization of information,? said Fontaine, a senior fellow at the Center for a New American Security in Washington. The 9/11 Commission criticized just such restrictions. Its 2004 report cited the case of a plotter who went undetected because information was ?distributed, but in a compartmented channel.? The panel stressed the ?importance of intelligence analysis that can draw on all relevant sources of information.? The military and the State Department are working with the Justice Department to investigate the leaks. U.S. Army intelligence specialist Bradley Manning, who served as an analyst in Iraq, was arrested in June at age 22 on suspicion of illegally releasing classified information. Officials haven?t revealed which contents he is suspected of leaking. Manning, a private first-class, had said in an online chat in May that the documents he downloaded included ?260,000 State Department cables from embassies and consulates all over the world,? the New York Times reported this week. ?Serious Question? ?Why he was able to get from his area of operation all across the government raises a serious question about do we have appropriate compartmentalization,? former Homeland Security Secretary Michael Chertoff, co-founder and managing principal of the Chertoff Group in Washington, said in an interview yesterday. The State Department information leaked this week was kept on a computer network called SIPRNet, for Secret Internet Protocol Router Network, the Defense Department?s largest command-and-control data network, according to its website. The leak undermines the ability of diplomats to gather the kind of information needed to make valid judgments on foreign policy, said former Clinton administration Defense Secretary William Cohen. Informed Decisions ?It is imperative that we have candid reporting from those who are in the field working with their counterparts in order to inform our decision-making back here in Washington,? Secretary of State Hillary Clinton told reporters at the State Department on Nov. 29 after a week of phone calls and meetings to do damage-control with her counterparts worldwide. ?In addition to endangering particular individuals, disclosures like these tear at the fabric of the proper function of responsible government,? Clinton said before leaving on a trip to Central Asia and the Persian Gulf. Her schedule includes a conference where she?ll meet with Arab leaders whose countries were the subject of some of the leaked cables. Among the steps the Pentagon has taken is equipping the system to monitor unusual data usage, Gates said. About 60 percent of SIPRNet is monitored by the system now, and the defense chief said he?s ordered the rest of the work be accelerated. ?Assault on Secrecy? ?The WikiLeaks project seems to be, more than anything else, an assault on secrecy,? Steven Aftergood, an analyst at the Federation of American Scientists in Washington, wrote in his blog on secrecy. ?But if there is a legitimate role for secrecy in military operations, in intelligence gathering or in diplomatic negotiations -- as seems self-evident -- then a different approach is called for.? Mark Stephens, a London attorney for Assange, didn?t respond to an e-mail seeking comment, and a chat website for contacting WikiLeaks staff wasn?t working. Stephens regularly represents several media organizations, including Bloomberg News. Former Senator Bob Kerrey, a Nebraska Democrat and a member of the 9/11 Commission, said he thinks Clinton and Gates will protect against over-correcting and restricting information- sharing too much. The response after the Sept. 11 attacks was probably ?in excess of what was necessary.? ?We made three or four rather simple mistakes, with devastating consequences,? Kerrey said in a telephone interview from his office as president of the New School university in New York. ?All the mistakes that were made were easy to correct.? To contact the reporter on this story: Viola Gienger in Washington at vgienger at bloomberg.net. To contact the editor responsible for this story: Mark Silva at msilva4 at bloomberg.net. From rforno at infowarrior.org Thu Dec 2 06:05:20 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 2 Dec 2010 07:05:20 -0500 Subject: [Infowarrior] - TSA official: Make patdowns a "game" for travelling children Message-ID: Exclusive: TSA frisks groom children to cooperate with sex predators, abuse expert says By Daniel Tencer Wednesday, December 1st, 2010 -- 10:39 am http://www.rawstory.com/rs/2010/12/airport-patdowns-grooming-children-sex-predators-abuse-expert/ An expert in the fight against child sexual abuse is raising the alarm about a technique the TSA is reportedly using to get children to co-operate with airport pat-downs: calling it a "game". Ken Wooden, founder of Child Lures Prevention, says the TSA's recommendation that children be told the pat-down is a "game" is potentially putting children in danger. Telling a child that they are engaging in a game is "one of the most common ways" that sexual predators use to convince children to engage in inappropriate contact, Wooden told Raw Story. Children "don't have the sophistication" to distinguish between a pat-down carried out by an airport security officer and an assault by a sexual predator, he said. The TSA policy could "desensitize children to inappropriate touch and ultimately make it easier for sexual offenders to prey on our children," Wooden added. Following an outcry last month over the use on children of "enhanced pat-downs" -- which involve the touching of genitals -- the TSA announced a new "modified" pat-down for children under 12. However, as the LA Times noted, the new rules are "unclear" on whether TSA agents can touch children's genitals. Addressing the controversy over pat-downs of children last month, TSA regional security director James Marchand told the press the TSA was working on new practices to make children more comfortable during the pat-down process. "You try to make it as best you can for that child to come through. If you can come up with some kind of a game to play with a child, it makes it a lot easier," said Marchand, promising to make it part of TSA training. Wooden, who has testified before Congress on child safety issues on numerous occasions, says he was told by a TSA agent that the practice has been used. "How can experts working at the TSA be so incredibly misinformed and misguided to suggest that full body pat downs for children be portrayed as a game?" Wooden asked in an email. "To do so is completely contrary to what we in the sexual abuse prevention field have been trying to accomplish for the past thirty years." He added: "This policy is also incredibly insensitive to the countless victims who have already been traumatized by unwanted touching in their lives and could be re-traumatized by such pat-downs." On Tuesday, TSA administrator John Pistole said the agency may change its screening rules for victims of sex abuse. He also said the TSA had no plans to continue expanding the airport screening process. "I think we are at the most thorough that we will probably be in terms of our physical screening," he announced. From rforno at infowarrior.org Thu Dec 2 06:29:40 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 2 Dec 2010 07:29:40 -0500 Subject: [Infowarrior] - BlackBerry wins U.S. government security approval Message-ID: <66E6537F-E06D-4086-94ED-9E8834F3313F@infowarrior.org> December 1, 2010 2:58 PM PST BlackBerry wins U.S. government security approval by Lance Whitney http://news.cnet.com/8301-1009_3-20024236-83.html?part=rss&subj=news&tag=2547-1_3-0-20 Research In Motion has been butting heads with foreign governments over its tight security, but its latest BlackBerry 6 OS has won approval from the U.S. government for those same standards. RIM announced today that its BlackBerry 6 operating system is now FIPS 140-2 certified. FIPS (Federal Information Processing Standard) is a series of standards set up by the U.S. government to ensure that computer products meet certain high-level security requirements. The standard is used by government agencies, regulated industries, and other organizations that store and send data dealing with sensitive information. The FIPS 140-2 standard (PDF) specifically addresses cryptographic modules, which cover both hardware and software designed to secure and protect data. "This FIPS certification (PDF) will help extend the reach of BlackBerry 6 to users in a wide range of government agencies and other security-conscious organizations in the U.S.," Scott Totzke, vice president of the BlackBerry Security Group at RIM, said in a statement. "BlackBerry 6 offers an exceptional mobile experience for BlackBerry smartphone users on the most secure wireless platform in the industry." The FIPS certification is important and special for a mobile device company like RIM, according to IDC Mobile Device analyst William Stofega, who told CNET that any type of security certification from the government is highly vetted and not just given to anyone. Other security-oriented companies do receive this type of certification, but very few mobile device makers are on the list. The FIPS certification is validation of RIM's superiority in the area of security, according to Stofega, a key requirement for government. "Government is one of the big buyers of technology," Stofega said. "That's a big part of where a lot of these companies, both tech and tech-related, get there business from." And with RIM being an international player serving multiple global partners and governments, security certification is important among businesses as more users bring their mobile devices into the enterprise. Attaining this level of certification is no small feat either, according to Stofega, who said he believes RIM had to work with the National Security Agency as part of the effort. Making its debut on RIM's Torch smartphone earlier this year, BlackBerry 6 is also available on the BlackBerry Bold and Style phones and can run on other RIM smartphones as well. Ironically, the tight, encrypted security used by RIM on its BlackBerry devices and network has been a sore point among various governments, which have argued that such encryption prevents them from accessing and monitoring that data for national security reasons. RIM has been struggling to work out compromises with the United Arab Emirates, India, and Saudi Arabia that would avoid permanent bans of BlackBerry service throughout those nations. RIM has certainly taken a lot of flack for its tight security among these countries, said Stofega. But security is one of the company's core features, and users in foreign countries like the device, he noted. As a result, the attitudes among these governments over security encryption could end up pushing away business. "If some of these emerging markets or growth markets don't start to adapt these security features, it's a big problem," said Stofega. "A lot of them have governmental interests in terms of wiretapping and other things. But more importantly, if you're a corporation, you don't want your intellectual property being leaked out all over the place." Read more: http://news.cnet.com/8301-1009_3-20024236-83.html#ixzz16xO0qHy9 From rforno at infowarrior.org Thu Dec 2 06:44:46 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 2 Dec 2010 07:44:46 -0500 Subject: [Infowarrior] - Do as we say? Tea "Party" Caucus takes $1B in earmarks Message-ID: <83F851E1-3069-4649-B786-4448D00558AD@infowarrior.org> (I use quotes in "party" because they're NOT a true political party, just a wing of an existing party. -- rick) Tea Party Caucus Takes $1 Billion In Earmarks By Reid Wilson December 2, 2010 | 4:30 AM Members of the Congressional Tea Party Caucus may tout their commitment to cutting government spending now, but they used the 111th Congress to request hundreds of earmarks that, taken cumulatively, added more than $1 billion to the federal budget. According to a Hotline review of records compiled by Citizens Against Government Waste, the 52 members of the caucus, which pledges to cut spending and reduce the size of government, requested a total of 764 earmarks valued at $1,049,783,150 during Fiscal Year 2010, the last year for which records are available. "It's disturbing to see the Tea Party Caucus requested that much in earmarks. This is their time to put up or shut up, to be blunt," said David Williams, vice president for policy at Citizens Against Government Waste. "There's going to be a huge backlash if they continue to request earmarks." In founding the caucus in July, Rep. Michele Bachmann (R-Minn.) said she was giving voice to Americans who were sick of government over-spending. "The American people are speaking out loud and clear. They have had enough of the spending, the bureaucracy, and the government knows best mentality running rampant today throughout the halls of Congress," Bachmann said in a July 15 statement. The group, she wrote in a letter to House Administration Committee chairman Bob Brady, "will serve as an informal group of Members dedicated to promote Americans' call for fiscal responsibility, adherence to the Constitution, and limited government." Bachmann and 13 of her Tea Party Caucus colleagues did not request any earmarks in the last Fiscal Year, according to CAGW's annual Congressional Pig Book. But others have requested millions of dollars in special projects. < -- BIG SNIP -- > http://hotlineoncall.nationaljournal.com/archives/2010/12/tea-party-caucu.php From rforno at infowarrior.org Thu Dec 2 06:48:56 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 2 Dec 2010 07:48:56 -0500 Subject: [Infowarrior] - Federal Reserve Releases Data on Multi-Trillion Dollar Special Bailout Programs Message-ID: Good summary of the key items, along with links to the spreadsheets .... Federal Reserve Releases Data on Multi-Trillion Dollar Special Bailout Programs http://publicintelligence.net/federal-reserve-releases-data-on-multi-trillion-dollar-special-bailout-programs/ From rforno at infowarrior.org Thu Dec 2 21:16:54 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 2 Dec 2010 22:16:54 -0500 Subject: [Infowarrior] - How to Become an Information Security Thought Leader Message-ID: <1A33532B-9854-416A-8402-B4D24027BBEF@infowarrior.org> (c/o Weld) How to Become an Information Security Thought Leader http://www.xtranormal.com/watch/7897173/ Written by Chris Eng. From rforno at infowarrior.org Fri Dec 3 07:32:33 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 3 Dec 2010 08:32:33 -0500 Subject: [Infowarrior] - Lieberman's Crusade Against Wikileaks Message-ID: (The bill seems to criminalise publishing the names of sources AFTER they've been leaked --- possible first amendment issues? Not alone, totally unenforceable on a global scale in this day and age. And you gotta love the catchy name for this bill. Congress gets so creative sometimes. --- rick) Lieberman Introduces Anti-WikiLeaks Legislation ? By Kevin Poulsen ? December 2, 2010 | ? 6:32 pm | ? Categories: Wikileaks http://www.wired.com/threatlevel/2010/12/shield/ Senator Joseph Lieberman and other lawmakers on Thursday introduced legislation that would make it a federal crime for anyone to publish the name of a U.S. intelligence source, in a direct swipe at the secret-spilling website WikiLeaks. ?The recent dissemination by Wikileaks of thousands of State Department cables and other documents is just the latest example of how our national security interests, the interests of our allies, and the safety of government employees and countless other individuals are jeopardized by the illegal release of classified and sensitive information,? said Lieberman in a written statement. ?This legislation will help hold people criminally accountable who endanger these sources of information that are vital to protecting our national security interests,? he continued. The so-called SHIELD Act (Securing Human Intelligence and Enforcing Lawful Dissemination) would amend a section of the Espionage Act that already forbids publishing classified information on U.S. cryptographic secrets or overseas communications intelligence ? i.e., wiretapping. The bill would extend that prohibition to information on HUMINT, human intelligence, making it a crime to publish information ?concerning the identity of a classified source or informant of an element of the intelligence community of the United States,? or ?concerning the human intelligence activities of the United States or any foreign government? if such publication is prejudicial to U.S. interests. Leaking such information in the first place is already a crime, so the measure is aimed squarely at publishers. Lieberman (ID-CT) has been going after WikiLeaks with a fury he once reserved for video-game zombies, pressuring first Amazon, and then data-visualization company Tableau, to blacklist the organization in the wake of this week?s State Department leak. Lieberman?s proposed solution to WikiLeaks could have implications for journalists reporting on some of the more unsavory practices of the intelligence community. For example, former Panamanian dictator Manuel Noriega was once a paid CIA asset. Would reporting that now be a crime? One thing the bill won?t do is put WikiLeaks, or founder Julian Assange, in any new legal jeopardy over the ?Cablegate? database, the Afghan war logs, or the organization?s other recent high-profile leaks. That?s because the Constitution imposes a total ban on ex post facto criminal laws. WikiLeaks first started getting heat over U.S. intelligence sources when it published a detailed and mostly classified log of 77,000 events in the U.S.-led war in Afghanistan last July. Though it took some steps to keep informant?s names from the release, some of the published records nonetheless contained the names of Afghan informants, whom the Pentagon and various NGOs have said face potentially deadly reprisal from the Taliban. Months later, though, there have been no confirmed reports of anyone coming to harm from that leak. WikiLeaks was more cautious with the 400,000 entry Iraq war logs it published in October, using an automated script to redact names from the data dump. And with the quarter-million State Department cables, WikiLeaks is trickling out the documents about 80 at a time, and apparently manually purging the names of U.S. sources as it goes. But on Thursday a German politician admitted that he?d passed confidential information to U.S. diplomats, after a WikiLeaks cable describing an anonymous, well-placed U.S. informant in Germany set off a mole-hunt within that country?s Free Democratic Party. The SHIELD Act is co-sponsored by senators John Ensign (R-NV) and Scott Brown (R-MA). The text of the bill is below. From rforno at infowarrior.org Fri Dec 3 08:21:35 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 3 Dec 2010 09:21:35 -0500 Subject: [Infowarrior] - WikiLeaks Struggles to Stay Online After Cyberattacks Message-ID: ("Intermediary Censorship" is how this practice was described. --- rick) http://www.nytimes.com/2010/12/04/world/europe/04domain.html?_r=1&src=mv&pagewanted=print December 3, 2010 WikiLeaks Struggles to Stay Online After Cyberattacks By RAVI SOMAIYA and ALAN COWELL LONDON ? An American provider of Internet domain names withdrew its service to the WikiLeaks Web site after a barrage of attacks by hackers that threatened to destabilize its entire system, according to the provider and WikiLeaks itself on Friday. But within hours, WikiLeaks said it had registered its domain name in Switzerland. By mid-morning, attempts to access the original Wikileaks.org Web site produced only a page saying: ?The address is not valid.? The new domain name, Wikileaks.ch, appeared to be providing only sporadic access to the site. The action by EveryDNS.net, which provides domain names for about 500,000 Web sites, followed a decision on Wednesday by Amazon.com Inc. to expel WikiLeaks, the whistle-blowing organization, from its servers. WikiLeaks remains on the servers of a Swedish host, Bahnhof, as it continues to anger the United States by publicizing a huge array of some 250,000 leaked State Department documents relating to American foreign policy around the globe. In a statement on its Web site, EveryDNS.com said it terminated WikiLeaks? domain name at around 10 p.m., Eastern Standard Time. ?The services were terminated for violation of the provision which states that a ?member shall not interfere with another member?s use and enjoyment of the service or another entity?s use and enjoyment of similar services.?? It said wikileaks.org ?has become the target of multiple distributed denial of service (DDOS) attacks.? Such attacks usually involve bombarding a Web site with attacks, preventing legitimate users from access, and are designed to make a targeted Web site unavailable. When questioned about similar cyberattacks on Sunday against WikiLeaks, American officials vigorously denied any involvement. The whistle-blowing Web site appears increasingly engaged in a game of digital Whac-A-Mole as it struggles to stay online. The Web infrastructure that supports WikiLeaks is deliberately diffuse and difficult to track, with servers spread through many countries in order to insulate the site from hostile states or companies. According to the Web site whois.com, the new domain, wikileaks.ch, is registered to the Swiss branch of the Swedish Pirate Party, a political organization that has previously worked with Julian Assange, the WikiLeaks founder. Mr. Assange is being sought for questioning in connection to alleged sex crimes in Sweden, which he denies. In an interview with The New York Times earlier this year, the Pirate Party?s leader, Rickard Falkvinge, expressed an open offer to host the WikiLeaks site because ?our organizations generally share the same values ? we value privacy, transparency, democracy and knowledge.? Mr. Falkvinge added that any sharing of Web services between the two organizations would offer ?heightened political protection. Any prosecutors will have to target a political party in us, and the price for doing that is much higher.? WikiLeaks reacted to the domain name switch on its Twitter feed, writing just after midnight on Friday morning: ?WikiLeaks.org domain killed by US everydns.net after claimed mass attacks.? It implored supporters to ?keep us strong? and provided a link for financial donations. Hours later, a message on the WikiLeaks Twitter feed said: ?WikiLeaks moved to Switzerland? and provided the new Web address. Earlier this week, Amazon ? which rents server space to companies in addition to its online retail business ? canceled its relationship with WikiLeaks after inquiries from an aide to Senator Joseph I. Lieberman. The company said the organization was violating the terms of service for the program. ?When companies or people go about securing and storing large quantities of data that isn?t rightfully theirs, and publishing this data without ensuring it won?t injure others, it?s a violation of our terms of service, and folks need to go operate elsewhere,? the company said. Anna Mossberg, Banhof?s chief executive, said her company held ?two physical WikiLeaks servers in our data hall in Stockholm.? Those servers, she said, have been cyberattacked in recent weeks, though Bahnhof has come under no overt government pressure to abandon them. ?But I know we are not the only provider of WikiLeaks? servers ? they are everywhere.? Ravi Somaiya reported from London, Alan Cowell from Paris. Eric Schmitt contributed reporting from Washington and J. David Goodman from New York. From rforno at infowarrior.org Fri Dec 3 13:50:05 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 3 Dec 2010 14:50:05 -0500 Subject: [Infowarrior] - =?windows-1252?q?Feds_Warrantlessly_Tracking_Amer?= =?windows-1252?q?icans=92_Credit_Cards_in_Real_Time?= Message-ID: <4FAE2A81-6D12-4C71-A26E-EDCC3CAF689C@infowarrior.org> (Doc is linked to in the article...--rick) Feds Warrantlessly Tracking Americans? Credit Cards in Real Time ? By Ryan Singel ? December 2, 2010 | ? 5:06 pm | ? Categories: Surveillance http://www.wired.com/threatlevel/2010/12/realtime/ Federal law enforcement agencies have been tracking Americans in real-time using credit cards, loyalty cards and travel reservations without getting a court order, a new document released under a government sunshine request shows. The document, obtained by security researcher Christopher Soghoian, explains how so-called ?Hotwatch? orders allow for real-time tracking of individuals in a criminal investigation via credit card companies, rental car agencies, calling cards, and even grocery store loyalty programs. The revelation sheds a little more light on the Justice Department?s increasing power and willingness to surveil Americans with little to no judicial or Congressional oversight. For credit cards, agents can get real-time information on a person?s purchases by writing their own subpoena, followed up by a order from a judge that the surveillance not be disclosed. Agents can also go the traditional route ? going to a judge, proving probable cause and getting a search warrant ? which means the target will eventually be notified they were spied on. The document suggests that the normal practice is to ask for all historical records on an account or individual from a credit card company, since getting stored records is generally legally easy. Then the agent sends a request for ?Any and all records and information relating directly or indirectly to any and all ongoing and future transactions or events relating to any and all of the following person(s), entitities, account numbers, addresses and other matters?? That gets them a live feed of transaction data. DOJ powerpoint presentation on Hotwatch surveillance orders of credit card transactions It?s not clear what standards an agent would have to follow to get a ?Hotwatch? order. The Justice Department told Sogohian the document is the only one it could find relating to ?hotwatches? ? which means there is either no policy or the department is witholding relevant documents. The Justice Department did not return a call for comment. Every year, the Justice Department does have to report to Congress the numbers of criminal and national security wiretaps undertaken, as well as the number of National Security Letters issued. Tens of thousands of NSLs are issued yearly ? most with gag orders that forbid ISPs or librarians from ever saying they have ever been served with such a subpoena. But the Justice Department does not report or make public the number of times it got real time or historic cell phone location information, nor how often it is using these so-called ?hotwatch? orders. From rforno at infowarrior.org Fri Dec 3 13:54:10 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 3 Dec 2010 14:54:10 -0500 Subject: [Infowarrior] - State Department Telling Students Who Apply For Jobs That If They Mention Wikileaks On Twitter, They Won't Be Hired Message-ID: <9882F047-7C6A-4449-ACE8-55C60BAC0C90@infowarrior.org> State Department Telling Students Who Apply For Jobs That If They Mention Wikileaks On Twitter, They Won't Be Hired from the head-in-sand dept http://www.techdirt.com/articles/20101203/11262712118/state-department-telling-students-who-apply-jobs-that-if-they-mention-wikileaks-twitter-they-wont-be-hired.shtml It appears that the State Department really wants to put its head in the sand when it comes to the whole Wikileaks' release of diplomatic cables. Mathew Ingram points us to the news that a career services person at Columbia University apparently sent around an email, purportedly concerning a conversation they'd had with an alumnus at the State Department warning students who wanted to work in the State Department to ignore Wikileaks. Specifically, it said that, as part of the background check on you, the State Department would review your social networking accounts, like Twitter and Facebook, and if they saw you had talked about Wikileaks, they might think you couldn't handle confidential information: From: "Office of Career Services" Date: November 30, 2010 15:26:53 EST Hi students, We received a call today from a SIPA alumnus who is working at the State Department. He asked us to pass along the following information to anyone who will be applying for jobs in the federal government, since all would require a background investigation and in some instances a security clearance. The documents released during the past few months through Wikileaks are still considered classified documents. He recommends that you DO NOT post links to these documents nor make comments on social media sites such as Facebook or through Twitter. Engaging in these activities would call into question your ability to deal with confidential information, which is part of most positions with the federal government. Regards, Office of Career Services Assuming this is accurate (and it may prove not to be...), it's difficult to think of a much more ridiculous response. Talking about what's going on with Wikileaks is hardly an indication of how one deals with confidential information, because that information is no longer confidential. Pretending that you shouldn't even discuss a rather important and topical story of interest to those who actually do care about diplomacy and public policy, isn't just a "put your head in the sand" approach, it's actively discouraging the folks who might have the most insight and interest into these subjects from getting a job where they might be of assistance. From rforno at infowarrior.org Fri Dec 3 18:59:41 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 3 Dec 2010 19:59:41 -0500 Subject: [Infowarrior] - Understanding Pac-Man Ghost Behavior Message-ID: Understanding Pac-Man Ghost Behavior It only seems right for me to begin this blog with the topic that inspired me to start it in the first place. Not too long ago, I came across Jamey Pittman?s ?Pac-Man Dossier?, which is a ridiculously-detailed explanation of the mechanics of Pac-Man. I found it absolutely fascinating, so this site is my attempt to discover and aggregate similarly-detailed information about other games (albeit in much smaller chunks). However, as a bit of a tribute, I?m going to start with Pac-Man as well, specifically the ghost AI. It?s an interesting topic, and hopefully my explanation will be a bit more accessible than Jamey?s, due to focusing on only the information relevant to ghost behavior. < -- > http://gameinternals.com/post/2072558330/understanding-pac-man-ghost-behavior From rforno at infowarrior.org Fri Dec 3 21:24:06 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 3 Dec 2010 22:24:06 -0500 Subject: [Infowarrior] - USAF Unveils Supercomputer Made of 1,760 PS3s Message-ID: <0B827913-F50D-4DB1-AAE0-E967EC4A9B99@infowarrior.org> "The Air Force Research Laboratory (AFRL) has connected 1,760 PlayStation 3 systems together to create what the organization is calling the fastest interactive computer in the entire Defense Department. The Condor Cluster, as the group of systems is known, also includes 168 separate graphical processing units and 84 coordinating servers in a parallel array capable of performing 500 trillion floating point operations per second (500 TFLOPS), according to AFRL Director of High Power Computing Mark Barnell." http://www.gamasutra.com/view/news/31784/US_Air_Force_Creates_Powerful_Supercomputer_Out_Of_PS3s.php From rforno at infowarrior.org Sat Dec 4 18:45:33 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 4 Dec 2010 19:45:33 -0500 Subject: [Infowarrior] - Cables Discuss Vast Hacking by a China That Fears the Web Message-ID: December 4, 2010 Cables Discuss Vast Hacking by a China That Fears the Web http://www.nytimes.com/2010/12/05/world/asia/05wikileaks-china.html?_r=1&hp=&pagewanted=print By JAMES GLANZ and JOHN MARKOFF As China ratcheted up the pressure on Google to censor its Internet searches last year, the American Embassy sent a secret cable to Washington detailing one reason top Chinese leaders had become so obsessed with the Internet search company: they were Googling themselves. The May 18, 2009, cable, titled ?Google China Paying Price for Resisting Censorship,? quoted a well-placed source as saying that Li Changchun, a member of China?s top ruling body, the Politburo Standing Committee, and the country?s senior propaganda official, was taken aback to discover that he could conduct Chinese-language searches on Google?s main international Web site. When Mr. Li typed his name into the search engine at google.com, he found ?results critical of him.? That cable from American diplomats was one of many made public by WikiLeaks that portray China?s leadership as nearly obsessed with the threat posed by the Internet to their grip on power ? and, the reverse, by the opportunities it offered them, through hacking, to obtain secrets stored in computers of its rivals, especially the United States. Extensive hacking operations suspected of originating in China, including one leveled at Google, are a central theme in the cables. The operations began earlier and were aimed at a wider array of American government and military data than generally known, including on the computers of United States diplomats involved in climate change talks with China. One cable, dated early this year, quoted a Chinese person with family connections to the elite as saying that Mr. Li himself directed an attack on Google?s servers in the United States, though that claim has been called into question. In an interview with The New York Times, the person cited in the cable said that Mr. Li personally oversaw a campaign against Google?s operations in China but the person did not know who directed the hacking attack. The cables catalog the heavy pressure that was placed on Google to comply with local censorship laws, as well as Google?s willingness to comply ? up to a point. That coercion began building years before the company finally decided to pull its search engine out of China last spring in the wake of the successful hacking attack on its home servers, which yielded Chinese dissidents? e-mail accounts as well as Google?s proprietary source code. The demands on Google went well beyond removing material on subjects like the Dalai Lama or the 1989 Tiananmen Square massacre. Chinese officials also put pressure on the United States government to censor the Google Earth satellite imaging service by lowering the resolution of images of Chinese government facilities, warning that Washington could be held responsible if terrorists used that information to attack government or military facilities, the cables show. An American diplomat replied that Google was a private company and that he would report the request to Washington but that he had no sense about how the government would act. Yet despite the hints of paranoia that appear in some cables, there are also clear signs that Chinese leaders do not consider the Internet an unstoppable force for openness and democracy, as some Americans believe. In fact, this spring, around the time of the Google pullout, China?s State Council Information Office delivered a triumphant report to the leadership on its work to regulate traffic online, according to a crucial Chinese contact cited by the State Department in a cable in early 2010, when contacted directly by The Times. The message delivered by the office, the person said, was that ?in the past, a lot of officials worried that the Web could not be controlled.? ?But through the Google incident and other increased controls and surveillance, like real-name registration, they reached a conclusion: the Web is fundamentally controllable,? the person said. That confidence may also reflect what the cables show are repeated and often successful hacking attacks from China on the United States government, private enterprises and Western allies that began by 2002, several years before such intrusions were widely reported in the United States. At least one previously unreported attack in 2008, code-named Byzantine Candor by American investigators, yielded more than 50 megabytes of e-mails and a complete list of user names and passwords from an American government agency, a Nov. 3, 2008, cable revealed for the first time. Precisely how these hacking attacks are coordinated is not clear. Many appear to rely on Chinese freelancers and an irregular army of ?patriotic hackers? who operate with the support of civilian or military authorities, but not directly under their day-to-day control, the cables and interviews suggest. But the cables also appear to contain some suppositions by Chinese and Americans passed along by diplomats. For example, the cable dated earlier this year referring to the hacking attack on Google said: ?A well-placed contact claims that the Chinese government coordinated the recent intrusions of Google systems. According to our contact, the closely held operations were directed at the Politburo Standing Committee level.? The cable goes on to quote this person as saying that the hacking of Google ?had been coordinated out of the State Council Information Office with the oversight? of Mr. Li and another Politburo member, Zhou Yongkang.? Mr. Zhou is China?s top security official. But the person cited in the cable gave a divergent account. He detailed a campaign to press Google coordinated by the Propaganda Department?s director, Liu Yunshan. Mr. Li and Mr. Zhou issued approvals in several instances, he said, but he had no direct knowledge linking them to the hacking attack aimed at securing commercial secrets or dissidents? e-mail accounts ? considered the purview of security officials. Still, the cables provide a patchwork of detail about cyberattacks that American officials believe originated in China with either the assistance or knowledge of the Chinese military. For example, in 2008 Chinese intruders based in Shanghai and linked to the People?s Liberation Army used a computer document labeled ?salary increase ? survey and forecast? as bait as part of the sophisticated intrusion scheme that yielded more than 50 megabytes of e-mails and a complete list of user names and passwords from a United States government agency that was not identified. The cables indicate that the American government has been fighting a pitched battle with intruders who have been clearly identified as using Chinese-language keyboards and physically located in China. In most cases the intruders took great pains to conceal their identities, but occasionally they let their guard down. In one case described in the documents, investigators tracked one of the intruders who was surfing the Web in Taiwan ?for personal use.? In June 2009 during climate change talks between the United States and China, the secretary of state?s office sent a secret cable warning about e-mail ?spear phishing? attacks directed at five State Department employees in the Division of Ocean Affairs of the Office of the Special Envoy for Climate Change. The messages, which purport to come from a National Journal columnist, had the subject line ?China and Climate Change.? The e-mail contained a PDF file that was intended to install a malicious software program known as Poison Ivy, which was meant to give an intruder complete control of the victim?s computer. That attack failed. The cables also reveal that a surveillance system dubbed Ghostnet that stole information from the computers used by the exiled Tibetan spiritual leader, the Dalai Lama, and South Asian governments and was uncovered in 2009 was linked to a second broad series of break-ins into American government computers code-named Byzantine Hades. Government investigators were able to make a ?tenuous connection? between those break-ins and the People?s Liberation Army. The documents also reveal that in 2008 German intelligence briefed American officials on similar attacks beginning in 2006 against the German government, including military, economic, science and technology, commercial, diplomatic, and research and development targets. The Germans described the attacks as preceding events like the German government?s meetings with the Chinese government. Even as such attacks were occurring, Google made a corporate decision in 2006, controversial even within the company, to establish a domestic Chinese version of its search engine, called google.cn. In doing so, it agreed to comply with China?s censorship laws. But despite that concession, Chinese officials were never comfortable with Google, the cables and interviews show. The Chinese claimed that Google Earth, the company?s satellite mapping software, offered detailed ?images of China?s military, nuclear, space, energy and other sensitive government agency installations? that would be an asset to terrorists. A cable sent on Nov. 7, 2006, reported that Liu Jieyi, an assistant minister of foreign affairs, warned the American Embassy in Beijing that there would be ?grave consequences? if terrorists exploited the imagery. A year later, another cable pointed out that Google searches for politically delicate terms would sometimes be automatically redirected to Baidu, the Chinese company that was Google?s main competitor in China. Baidu is known for scrubbing its own search engine of results that might be unwelcome to government censors. Google conducted numerous negotiations with officials in the State Council Information Office and other departments involved in censorship, propaganda and media licensing, the cables show. The May 18, 2009, cable that revealed pressure on the company by Mr. Li, the propaganda chief, said Google had taken some measures ?to try and placate the government.? The cable also noted that Google had asked the American government to intervene with China on its behalf. But Chinese officials became alarmed that Google still did less than its Chinese rivals to remove material Chinese officials considered offensive. Such material included information about Chinese dissidents and human rights issues, but also about central and provincial Chinese leaders and their children ? considered an especially taboo topic, interviews with people quoted in the cables reveal. Mr. Li, after apparently searching for information online on himself and his children, was reported to have stepped up pressure on Google. He also took steps to punish Google commercially, according to the May 18 cable. The propaganda chief ordered three big state-owned Chinese telecommunications companies to stop doing business with Google. Mr. Li also demanded that Google executives remove any link between its sanitized Chinese Web site and its main international one, which he deemed ?an illegal site,? the cable said. Google ultimately stopped complying with repeated censorship requests. It stopped offering a censored version of its search engine in China earlier this year, citing both the hacking attacks and its unwillingness to continue obeying censorship orders. James Glanz reported from New York, and John Markoff from San Francisco. Andrew W. Lehren contributed reporting from New York. From rforno at infowarrior.org Sat Dec 4 18:46:31 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 4 Dec 2010 19:46:31 -0500 Subject: [Infowarrior] - Government Workers Ordered Not to Read Cables Message-ID: December 4, 2010 Government Workers Ordered Not to Read Cables http://www.nytimes.com/2010/12/05/world/05restrict.html By ERIC LIPTON WASHINGTON ? In a classic case of shutting the barn door after the horse has left, the Obama administration and the Department of Defense have ordered the hundreds of thousands of federal employees and contractors not to read the secret cables and other classified documents published by Wikileaks and news organizations around the world unless the workers have the required security clearance or authorization. ?Classified information, whether or not already posted on public websites or disclosed to the media, remains classified, and must be treated as such by federal employees and contractors, until it is declassified by an appropriate U.S. Government authority,? said the notice sent on Friday afternoon by the Office of Management and Budget, which is part of the White House, to agency and department heads, urging them to distribute it to their staff The directive applies to both government computers and private devices that employees or contractors might carry in their briefcases and pockets or have in their homes. It does not advise agencies to block WikiLeaks or other websites on government computer systems, a White House official said Saturday. And it does not prohibit federal employees from reading news stories about the topic. But if they have ?accidentially? already downloaded any of these documents, they are being told to notify their ?information security offices.? The Department of Defense, in its own directive to military personnel and icontractors, says that simply reading these documents, without proper authorization, will violate long-standing rules even though they are accessible to the public at large on Internet sites. "Viewing or downloading still classified documents from unclassified government computers creates a security violation," a spokeswoman said in a statement on Saturday. The effort, while understandable, seems entirely futile, said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a Washington nonprofit group that has combated government efforts to keep certain government documents secret. ?It just may be a little too late for the government to push these documents down the memory hole,? Mr. Rotenberg said, adding that his center did not support the initial public release of the material. ?This is Orwell thought police in the age of the Internet, as these are already so widely accessible on servers around the world.?The Library of Congress has joined in the push, blocked visitors to its reading rooms, or anyone else using its computer system, from accessing the WikiLeaks site, noting that ?unauthorized disclosures of classified documents do not alter the documents? classified status or automatically result in declassification of the documents.? The moves have not apparently discouraged staff at WikiLeaks, as the organization continues to post Twitter feeds mocking the efforts to limit access to the documents, including one note on Saturday reading: ?Digital McCarthyism: U.S. Military Tries to Intimidate Soldiers Into Not Reading Wikileaks?. From rforno at infowarrior.org Sun Dec 5 10:14:13 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 11:14:13 -0500 Subject: [Infowarrior] - Sunday Bobbleheads and WL Message-ID: Gingrich on Fox News Sunday: "WL is conducting information warfare. Assange is an information terrorist." McConnell (Mitch) on MTP: "Assange is a high tech terrorist." Funny how the DC crowd keeps tying Assange to "terrorism" to ratchet up his Evil Quotient(tm) this weekend. I'm sure this week we'll see a USG directive prohibiting the mere mention of WL or Assange unless you're part of the Beltway Circus du Soundbyte. -- rick PS: And a major smackdown to David Gregory for suggesting in his "questioning" of McConnell that the WL fiasco is a problem created the present Administration. (This is only the second or third MTP I've seen since Tim died, btw. The show has taken a major dump since then.) From rforno at infowarrior.org Sun Dec 5 10:30:26 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 11:30:26 -0500 Subject: [Infowarrior] - S Terrorist Use of Social Networking Facebook Case Study Message-ID: <4332667A-238F-4A1B-A706-F789DE0E5D88@infowarrior.org> (U//FOUO//LES) DHS Terrorist Use of Social Networking Facebook Case Study December 5, 2010 in Department of Homeland Security Due to its format, the following document cannot be conclusively dated. However, it is believed to have been created within the last month. TERRORIST USE OF SOCIAL NETWORKING SITES FACEBOOK CASE STUDY ? For Official Use Only ? Law Enforcement Sensitive ? 2010 Terrorists have traditionally sought to exploit new and alternative media, particularly on the Internet, to spread their propaganda and to a lesser extent, operational and tactical guidance to prospective supporters through websites, forums, blogs, chat rooms etc. In recent years, Islamic terrorists have expanded the purview of their online endeavors into social networking sites, websites that create and foster online communities organized around shared affinities and affiliations that connect people based on interests and relationships. In most cases, social networking sites are openly viewable to any participant on the site. As part of this trend, jihad supporters and mujahideen are increasingly using Facebook, one of the largest, most popular and diverse social networking sites, both in the United States and globally, to propagate operational information, including IED recipes primarily in Arabic, but in English, Indonesian, Urdu and other languages as well. While some tactical information is available on Facebook, the majority of extremist use of Facebook focuses on disseminating ideological information and exploiting the site as an alternative media outlet for terrorist propaganda. However, to a lesser degree, the site is used as a gateway to radical forums and jihadi sites with explicit radical agendas (and easily downloadable operational information) and as a platform to promulgate some tactical and operational information. Terrorist Use of Facebook: ? As a way to share operational and tactical information, such as bomb recipes, AK-47 maintenance and use, tactical shooting, etc. ? As a gateway to extremist sites and other online radical content by linking on Facebook group pages and in discussion forums. ? As a media outlet for terrorist propaganda and extremist ideological messaging. ? As a wealth of information for remote reconnaissance for targeting purposes. < --- BIG SNIP --- > http://publicintelligence.net/ufouoles-dhs-terrorist-use-of-social-networking-facebook-case-study/ From rforno at infowarrior.org Sun Dec 5 12:17:49 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 13:17:49 -0500 Subject: [Infowarrior] - MPAA To Target Pirating College Students and Rogue Universities Message-ID: <5E47F556-394C-4CA4-BE24-CB183309ED7A@infowarrior.org> MPAA To Target Pirating College Students and Rogue Universities Written by Ernesto on December 05, 2010 http://torrentfreak.com/mpaa-to-target-pirating-college-students-and-rogue-universities-101205/ Starting tomorrow, the MPAA will send out letters to higher education institutions in the United States, urging them to protect the interests of the six major movie and television studios. In addition, the MPAA will announce that it will start warning college and university students who are illegally sharing motion picture movies on college campus networks. Those who don?t abide will have to face the consequences. The RIAA is famous for targeting college students with DMCA takedown notices or even full lawsuits. The MPAA however, has never been active on this front. Individual movie companies have sent thousands of infringement notices but these campaigns have never been led by the MPAA, until now. This week the MPAA will notify all college and university presidents about this upcoming policy change, and at the same time the movie industry outfit will urge institutions to do whatever they can to stop illegal downloading on their campus networks. In July this year, the US put into effect a new requirement for colleges and universities to stop illicit file-sharing on their networks. This legislation puts defiant schools at risk of losing federal funding if they don?t do enough to stop illicit file-sharers on their campus. With this ammunition in hand the MPAA drafted a letter which TorrentFreak received a copy of this weekend, a few days before it will be mailed to the universities. In the letter the MPAA politely asks the colleges and universities to help the movie industry to fight the evil that piracy is. The MPAA writes that the jobs of 2.4 million US workers are at stake, if proper countermeasures are not taken. ?For these workers and their families, online theft means declining incomes, lost jobs, reduced health and retirement benefits, and a lessened ability to provide their children with an education at institutions like yours,? MPAA?s anti-piracy head Daniel Mandil writes. ?In addition, online theft is a job-killer that also reduces the number of opportunities for graduates of your institution to make a living in the creative sectors.? ?Beyond the negative economic consequences for both the current workforce and future employment, the downloading and distribution of copyrighted works are serious offenses that carry with them the risk of substantial monetary damages and, in some cases, criminal prosecution,? Mandil adds. Of course, between the lines the MPAA also notes that colleges and universities who fail to implement proper anti-piracy policies, may lose federal funding. The letter further notes that the MPAA itself will get involved in sending out warning letters to higher education institutions for any ?illegal activity? they detect. This, in addition to the DMCA takedown notices that individual film and television studios have been sending out already. Of course, the MPAA doesn?t only warn universities, they also offer solutions. One option that is recommended by the MPAA is to block students and employees access to ?rogue web sites.? This means, actively censoring BitTorrent search engines and indexes such as The Pirate Bay, Demonoid and isoHunt. Aside from commercial censorship there are also less aggressive methods such as ?educational seminars,? monitoring the browsing habits of students, or blocking all P2P-traffic entirely which some of the appointed ?role model? schools do. Naturally, the additional DMCA notices and expensive countermeasures will take away a few hundred thousand dollars a year from the education budget, but it?s for a good cause. After all, if piracy continues at this rate many of the current students might not even be able to get a job when they graduate. From rforno at infowarrior.org Sun Dec 5 14:03:24 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 15:03:24 -0500 Subject: [Infowarrior] - more on.....Sunday Bobbleheads and WL References: <20101205191738.GA6358@gsp.org> Message-ID: <5499A54F-1495-42A8-99A3-238B653A22D7@infowarrior.org> I agree w/RSK's observation. I would add that another part of this problem is that "the powers that be" choose to focus the majority of their wrath not on those not who disclose stuff (Manning) or their own internal oversights that allow such situations to happen as much as those who facilitate that disclosure more broadly (Wikileaks). The USG is in spin control, not necessarily about political embarrassment from Cablegate, but because it doesn't want or know how, to deal with really fixing the underling technical, social, cultural, and political reasons that led to the incident ot begin with. --- rick Begin forwarded message: > From: Rich Kulawiec > Date: December 5, 2010 2:17:38 PM EST > > It's occurred to me that many folks out there have (for their own > reasons and purposes) played this card: > > "What if someone dies as a result of what Wikileaks publishes?" > > Then they will have died for the truth. > > But people die for lies EVERY DAMN DAY. Half a million (at least) have > died in Iraq since 2003 -- ours, theirs, neither -- because of a lie. > And that's just one notable/recent/large instance: anyone who follows > the news can find more at will. > > Why is this sense of outrage not directed at the liars instead of > those who are telling the truth? > > ---rsk > From rforno at infowarrior.org Sun Dec 5 16:18:39 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 17:18:39 -0500 Subject: [Infowarrior] - The Airport Scanner Scam: Trading Dignity for False Security Message-ID: <15C4333E-90E1-4C7E-A637-835A8CF25AC5@infowarrior.org> (via IP) > Stephen H. Unger > Professor Emeritus > Computer Science and Electrical Engineering > Columbia University > ............ > > The latest high-tech weapons in the war on terror are back-scatter > X-ray and millimeter-wave scanners, intended to determine if > passengers are carrying concealed weapons or explosives by generating > images of naked bodies that can be inspected by security people. We > are assured by the manufacturers and the Transportation Security > Administration that these devices will do the job without harming > us. Travelers can opt out of the scanning process only by submitting > to full-body manual searches that include agents laying hands on > private parts. Various experts have raised serious questions about > both the efficacy and the safety of this process. An even bigger > question is whether the dangers it addresses really justify such > drastic measures. I have explored this matter in an article entitled, > "Land of the Free: Frantic Feds Feel-up Fliers to Foil Fumbling Foes", > accessible from > http://www1.cs.columbia.edu/~unger/myBlog/endsandmeansblog.html From rforno at infowarrior.org Sun Dec 5 20:22:36 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 21:22:36 -0500 Subject: [Infowarrior] - ProFTPD backdoored for 3 days Message-ID: Hackers poison well of open-source FTP app http://www.theregister.co.uk/2010/12/02/proftpd_backdoored/ ProFTPD backdoored for 3 days By Dan Goodin in San Francisco ? Get more from this author Posted in Security, 2nd December 2010 19:37 GMT Updated Hackers breached the main server hosting ProFTPD and remained undetected for three days, causing anyone who downloaded the popular open-source file transfer application during that time to be infected with a backdoor that grants unauthorized access to their systems. The unknown attackers gained entry to ProFTPD's main distribution server by exploiting an unpatched vulnerability in the FTP application itself, project managers said late Wednesday night. The attackers then replaced the source files for the most recent version, ProFTPD 1.3.3c, with a backdoor. The compromise affected downloads from secondary mirror sites as well. ?The backdoor introduced by the attackers allows unauthenticated users remote root access to systems which run the maliciously modified version of the ProFTPD daemon,? project managers wrote. ?Users are strongly advised to check systems running the affected code for security compromises and compile/run a known good version of the code.? It's the latest hack attack to hit a popular open-source distribution system. On Tuesday, the Free Software Foundation said its massive repository of free software was compromised by hackers who exploited holes in Savane, a widely used software hosting application. Project managers for GNU Savannah said they couldn't rule out the possibility that the attackers gained root access to their system. ProFTPD is file transfer protocol software whose source code is freely available by anyone to review or modify. It runs on Linux and Unix and is used by a long roster of organizations, including Harvard Law School, Virginia Tech Computer Science Lab, and Cisco Systems' Linksys division. John Morrissey, a member of the ProFTPD core team, said in an email sent Thursday afternoon that members "currently believe the vulnerability used to gain access to ftp.proftpd.org was previously announced and fixed in ProFTPD, but was unpatched on the system in question." If correct, that means there's no evidence there's a critical vulnerability in the most recent version of the program. The advisory and Morrissey's email have yet to say how many downloads of the infected software were logged from November 28 to December 1. ? This article was updated to report details included in Morrissey's email. From rforno at infowarrior.org Sun Dec 5 20:49:17 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 21:49:17 -0500 Subject: [Infowarrior] - How to Fight and Win the Cyberwar Message-ID: <1706CFCB-8770-49F7-8849-80142C205F6F@infowarrior.org> Dear Mort: We had a Manhattan Project for this stuff in the mid-90s. Its report and findings have been the basis of every strategy, assessment, and policy review since that dealt with critical infrastructure, information security, and cybersecurity. Oddly enough, the mid-90s initiative was called the "Manhattan Cyber Project". But we're worse off now than we would have been if Those in Charge had listened to the PCCIP members (and others) who predicted these incidents would happen and emphasised the need for us to be proactive about dealing with them before they occurred But that didn't happen.....just new reports, strategies, and policy reviews that rehash the PCCIP's recommendations every so often during the ensuing years. These incidents you're talking about have happened not because folks weren't warned, but because there wasn't the multilevel components of the *national will* to make the appropriate and necessary changes to our infrastructure. There still isn't, in my view. And thus the problem remains. Many of your other concerns and worries are at least ten years old, too. -- rick PS: "Cyberterrorism" does not exist. But ignorant fear-mongering sure does. How to Fight and Win the Cyberwar By MORTIMER ZUCKERMAN < -- > The task is of such a scale that it needs nothing less than a souped-up Manhattan Project, like the kind that broke the scientific barriers to the bomb that ended World War II. Our vulnerabilities are increasing exponentially. Cyberterrorism poses a threat equal to that of weapons of mass destruction. A large scale attack could create an unimaginable degree of chaos in America. < - > http://online.wsj.com/article/SB10001424052748703989004575652671177708124.html From rforno at infowarrior.org Sun Dec 5 20:51:04 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 21:51:04 -0500 Subject: [Infowarrior] - Twitter Appears to Censor Wikileaks-Related Trends Message-ID: Though Twitter is not an instrument of democracy but a corporate service ... ergo I don't necessarily agree w/the latter part of that note ... but the pressure to filter anything to do with WL, if true, is interesting. --- rick Twitter Appears to Censor Wikileaks-Related Trends posted by Eugenia Loli-Queru on Mon 6th Dec 2010 00:24 UTC http://www.osnews.com/story/24100/Twitter_Appears_to_Censor_Wikileaks-Related_Trends I'm (was?) a Twitter user. This past week I found it utterly weird that none of the words #wikileaks, #cablegate, #cables, #Assange were actually "trending". I even tweeted about this 5 days ago. Today, my fears of secret censorship are coming true. It appears that Twitter is censoring all these words, so they don't appear in the (much-used) Twitter "trends" list. It has done so for a whole week, and continues to do so. The only related trend today that currently trends in a few countries is the much less popular #imwikileaks, which probably shows us that Twitter's filter engine simply hasn't added that keyword too in their filter, YET! If Twitter was to delete Wikileaks' Twitter account based on some Terms of Service reasons (like Amazon did), I wouldn't like it, but I could swallow it. But witnessing Twitter [according to third party stats and common sense] censoring plain words, it shows me that what Twitter does is censoring the DEMOCRATIC NATURE of trends. THIS censorship is much more profoundly unacceptable, because they don't just block one account, one voice, but they censor & MANIPULATE the COLLECTIVE VOICE. Among those, my voice. At that point, censorship transcends Wikileaks, it even transcends that collective voice, and it becomes personal. Now, I'd probably could give them the benefit of the doubt, but seeing how Twitter suspended their own scheduled server maintenance last year in order to not interrupt its users from tweeting on Iran's (failed) revolution, for me, this is a good indication about how ONE-SIDED, and POLITICAL, their motivations are in nature. I will say this: Twitter this week appears to have tried to manipulate public opinion by enabling/disabling the right bits each time, as it sees fit, and then serving the net result back to us, as something that traditionally was considered "democratically popular". It's obviously not so. And who knows how many times they've already done this in the past. Like Digg.com, Twitter became what it is today because it made its users believe that they're part of an internet force that embodied democracy on the way information is becoming popular. Therefore, Twitter has no excuse censoring trends, because it's like going against its own roots. From rforno at infowarrior.org Sun Dec 5 22:00:19 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 5 Dec 2010 23:00:19 -0500 Subject: [Infowarrior] - Social Networking: The Future Message-ID: Social Networking: The Future 13 hours ago http://techcrunch.com/2010/12/05/social-networking-future/ Editor?s note: This is the third of a three-part guest post by venture capitalist Mark Suster of GRP Partners on ?Social Networking: The Past, Present, And Future.? Read Part I and Part II first. This series is an adaptation of a recent talk Suster gave at the Caltech / MIT Enterprise Forum on ?the future of social networking.? You can watch the video here , or you can scroll quickly through the Powerpoint slides embedded at the bottom of the post or here on DocStoc. Follow him on Twitter @msuster. In my first post I talked about the history of social networking from 1985-2002 dominated by CompuServe, AOL & Yahoo! In the second post I explored the current era which covers Web 2.0 (blogs, YouTube, MySpace, Facebook), Realtime (Twitter), and mobile (Foursquare). Is the game over? Have Facebook & Twitter won or is their another act? No prizes for guessing ? there?s always a second (and third, and fourth, and fifth) act in technology. So where is social networking headed next? I make eight predictions below. 1. The Social Graph Will Become Portable Right now our social graph (whom we are connected to and their key information like email addresses) is mostly held captive by Facebook. There is growing pressure on Facebook to make this portable and they have made some progress on this front. Ultimately I don?t believe users or society as a whole will accept a single company ?locking in? our vital information. Facebook will succumb to pressure and over time make this available to us to allow us more choice in being part of several social networks without having to spam all of our friends again. I know in 2010 this doesn?t seem obvious to everybody but it?s my judgment. Either they make our social graph portable or we?ll find other networks to join. I predict this will come before the end of 2012. 2. We Will Form Around ?True? Social Networks: Quora, HackerNews, Namesake, StockTwits Since 2006 I have been lamenting what I see as ?the Facebook problem? ? they are trying to lump me into one big social network. Nobody exists in one social network. I have the one with my friends where I want to talk about how wasted we were at the party last weekend that I don?t want to share with my family network where I share pictures of the kids with my parents and siblings. I don?t want either of these mixed with the business social network in which I want to maintain the appearance that I?m ?all business? and certainly don?t want to see college pictures of me in Mexico floating around. I don?t want to mix my ?public network? with my ?private networks.? Facebook has jumbled these all together and then tried to bandage it by making groups available. I don?t think this really solves the problem. And young people aren?t stupid ? they certainly aren?t as digitally na?ve as their elders like to think. To get around all of this jumbling of social graphs they simply create multiple Facebook accounts under pseudonyms or ?nom du guerre? for their real discussions and more pristine Facebook accounts for their real names. I wonder how many of Facebook?s 500 million users are created for this purpose? I?ve confirmed this trend with several young people. I believe that people already form topical social networks as evidenced in places like HackerNews or Quora. We are also seeing the growth of social networks around topics of interest like StockTwits for people interested in investing in the stock market. There are new networks forming to try and address the needs of specific social networks such as Namesake that is in its experimental stage but sees a world in which people want to network outside of Facebook. 3. Privacy Issues Will Continue to Cause Problems: Diaspora Facebook made a deal with us that our social network was private. When they jealously watched the rise of Twitter they decided that it should be made more public, but that wasn?t the bargain we made when we signed up in the first place. If I were Facebook I would have simply created two places where you could network, Facebook ?private? and Facebook ?open.? The latter product could have competed directly with Twitter and could have had an asymmetric follow model. Sure, we would have had to choose which followers to have in that separate timeline and they wouldn?t have gotten all the synergies that they have by just lumping them together. But if they would have done it this way they never would have crossed the ethical lines that they did and we could all just love Facebook instead of our love-hate relationships. I?m still there daily to see pictures of my nieces & nephews ? but I never connect more broadly with anybody in the business community. So 95% of my social networking time goes to Twitter. I know most people aren?t troubled by the loosening of their information ? but I believe that?s because most people don?t understand it. What I realized in working with so many startup technology firms is that even if you don?t give permission to third-party apps to access your information much of it is available anyways as long as somebody you?re connected to is more promiscuous with third-party apps. Also, all of those ?Facebook Connect? buttons on websites are awesome for quickly logging in, but each gives those websites unprecedented access to your personal information. I believe that privacy leaks will cause a longer-term backlash against misusing our information but in the short-term not enough people understand the consequences to be alarmed. Diaspora was created in direct response to the growing concerns about Facebook privacy and lock-in. Whether or not Diaspora will take off is anybody?s guess. But a lot of people would love to see them or similar players emerge. 4. Social Networking Will Become Pervasive: Facebook Connect meets Pandora, NYTimes As our social graph becomes more portable I believe that social networking will become a feature in everything we do. You can already see it slipping into services like Pandora where my social graph instantly appears and my friends? musical tastes are displayed without my knowing this would happen. On NY Times I?m getting recommended articles by friends and I didn?t explicitly turn this feature on. This trend of social pervasiveness will continue. 5. Third-Party Tools Will Embed Social Features in Websites: Meebo One thing that is obvious to me is that while many websites want to have Facebook Connect log-ins to know more about you, they don?t really know what to do with you once they have that information. They?re mostly now thinking about serving demographically targeted ads to you, but that?s not very interesting. Third-party software companies will start to offer features to websites to actually drive social features. This will take a few years but players such as Meebo are already innovating in this category though their toolbar. 6. Social Networking (like the web) Will Split Into Layers: SimpleGeo, PlaceIQ One of the most interesting trends in the last few years has been watching the Internet split into layers. At the bottom end of the stack is storage (S3) and processing (EC2). At the top end is the business logic created by startups and established technology companies. I?m going to write a whole post on BothSid.es in the next few weeks on the layering of the Internet and the most important layer that will emerge in the next few years. We know that the layering of the PC era led to huge innovation at each layer in the stack and I expect the same to continue to emerge on the Internet. But for now suffice it to say that we?re already seeing this happen in social networks. One interesting layer is the ?mapping layer? that is emerging in mobile social networks. If every startup had to figure out the locations of every business, what type of business they were and where they were located on a map we?d have very few startups. SimpleGeo is designed with the idea that startups can create new mobile products without having to each build their own mapping functionality. This is an awesome trend and will further lower the cost of startup development. I predict that SimpleGeo will do well in the mapping layer but I see more innovative companies emerging at the data layer. And there are other companies racing to create horizontal platforms. One I saw recently was PlaceIQ. Their goal is to create a horizontal platform that allows marketers or developers to know a lot more about the geo-locations and not just the specific businesses / points-of-interest. They?re capturing information about the demographics of map tiles, levels of LBS activity, what certain zones are known for (i.e. romantic spot, financial district) and want to make this available to others. 7. Social Chaos Will Create New Business Opportunities: Klout, Sprout Social, CoTweet, awe.sm, (next gen) Buzzd The explosion of data is creating opportunities just in the management of the data in and of itself. Once we?re uber-connected and getting information online from people we?ve only met online we need to know more about the ?authority? of the people we?re following. Enter Klout, a service that tracks the influence of individuals in social networks. It can be imported into other products (e.g. StockTwits) where you really want to know more about the person giving you advice. We know that Twitter is leading to customer service opportunities for businesses but the opposite is also true. If you don?t manage what is said about you in social networks it could be detrimental. Products such as Sprout Social and CoTweet are emerging to help businesses better track and communicate with their customers and leads. Products like awe.sm (I?m an investor) will help you manage the efficacy of your social media marketing campaigns. And one of the cooler new products that will emerge in 2011 is being created by Nihal Mehta, who has pivoted from his previous company Buzzd, but I?m sworn to secrecy on what he?s up to until he releases it publicly. I saw the product recently in New York and loved it. It will address the world of what happens when businesses and consumers are increasingly mobile & social. 8. Facebook Will Not be the Only Dominant Player I know that in 2010 it seems ridiculous to say anything other than ?Facebook has won?the war is over? and I know that it feels that way right now. Facebook is so dominant it is astounding. In a complete return to where we all began with AOL?the world is ?closed? again as Facebook has become this generation?s walled garden. When you?re on Facebook you?re not on the Internet?you?re on the InterNOT. It is an amazing service and I use it regularly myself (although much less than I use Twitter). But it makes me laugh to now see so many brands advertising their ?fan pages? as they did their AOL Keywords back in the day. Plus ?a change ? Well, here?s a quick history primer that may change your mind: ? In 1998 the Department of Justice launched an anti-trust case against Microsoft. People feared they were going to have a monopoly over the Internet due to ?bunding? Internet Explorer with their operating system. A bit laughable in 2010, just 12 years later. These days people would sooner fear Apple than Microsoft, proving that reality is stranger than fiction. ? In April of 2000 there were fears that the AOL / Time Warner merger would create a monopoly on the Internet. As you know, Time Warner eventually spun off AOL for peanuts. AOL is in the process of rebuilding itself and emulating a little-known LA-based startup called Demand Media. AOL seems to be doing great things to reinvent itself under the leadership of Tim Armstrong, but monopoly? Never. ? In May 2007 there were fears that Google was becoming a monopoly. It controlled two-thirds of all Internet searches in the US and as we all knew?search was inevitably going to be the portal to finding information on the Internet. Or was it? We now know that social networking is having a profound impact on how we discover and share content online. ? So . . . now it is November 2010 and Facebook has more than 500 million users. They have more page views than even Google. More than 10% of all time on the web is now Facebook. They have become a juggernaut in online advertising, pictures, video and online games. And now they want to revolutionize email. It is no doubt that the next decade belongs to Facebook. But the coincidence is that 10 years out will be 2020 and when we look back from that date I?m certain that people will also find a Facebook monopoly a bit laughable. From rforno at infowarrior.org Mon Dec 6 10:49:15 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 11:49:15 -0500 Subject: [Infowarrior] - great timing: Amazon adds DNS service for Net addresses Message-ID: <8C51C9E2-E15E-4C0D-985B-A7E8E1B37513@infowarrior.org> Sure....and if they don't like your website they'll yank your DNS records and/or kick you off their cloud! -- rick Amazon adds DNS service for Net addresses by Stephen Shankland http://news.cnet.com/8301-30685_3-20024665-264.html It probably wouldn't have helped WikiLeaks' struggle to stay on the Web last week, but Amazon.com has launched a new service for companies whose Internet operations need Domain Name Service. DNS is technology that connects the Internet address that people use, such as www.flickr.com, to its numeric address, 68.142.214.24. It's that numeric Internet Protocol (IP) address that computers and network gear need to route data over the Internet. DNS functions not unlike a phone book, where you can find a phone number by looking up a person's name. Now Amazon is offering DNS for a fee as part of Amazon Web Services called Route 53. It's currently in beta testing, according to Amazon's Route 53 site: Route 53 performs two DNS functions. First, it lets you manage the IP addresses listed for your domain names in the Internet's DNS phone book. These listings are called DNS "records." Second, like a directory assistance service, Route 53 answers requests to translate specific domain names into their corresponding IP addresses. These requests are called "queries." The service fits into the AWS pay-as-you-go model. It costs $1 per month for each hosted zone--a set of DNS records at Amazon. On top of that, it costs 50 cents per million queries up to a billion per month, then 25 cents per million queries after during that month. DNS queries typically run about one-tenth the pace of page views for a given Web site, AWS evangelist Jeff Barr said in a blog post yesterday. DNS is a necessary element of running a Web site, as WikiLeaks illustrated last week. The controversial site was still available after Amazon stopped hosting WikiLeaks. But WikiLeaks disappeared from the Internet for a time last week when its DNS provider terminated service, not long after Amazon stopped hosting the WikiLeaks site. Stephen Shankland Read more: http://news.cnet.com/8301-30685_3-20024665-264.html#ixzz17LpI7tzd From rforno at infowarrior.org Mon Dec 6 16:22:41 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 17:22:41 -0500 Subject: [Infowarrior] - DHS Warnings @ Walmart Message-ID: <4835FB73-C03D-4F09-A96B-EAED8951E305@infowarrior.org> Oh, no, this isn't Orwellian at all. No, not in the least. -- rick Press Office U.S. Department of Homeland Security Dec. 6, 2010 http://www.dhs.gov/ynews/releases/pr_1291648380371.shtm WASHINGTON -- Department of Homeland Security (DHS) Secretary Janet Napolitano today announced the expansion of the Department?s national ?If You See Something, Say Something? campaign to hundreds of Walmart stores across the country?launching a new partnership between DHS and Walmart to help the American public play an active role in ensuring the safety and security of our nation. ?Homeland security starts with hometown security, and each of us plays a critical role in keeping our country and communities safe,? said Secretary Napolitano. ?I applaud Walmart for joining the ?If You See Something, Say Something? campaign. This partnership will help millions of shoppers across the nation identify and report indicators of terrorism, crime and other threats to law enforcement authorities.? The ?If You See Something, Say Something? campaign?originally implemented by New York City?s Metropolitan Transportation Authority and funded, in part, by $13 million from DHS? Transit Security Grant Program?is a simple and effective program to engage the public and key frontline employees to identify and report indicators of terrorism, crime and other threats to the proper transportation and law enforcement authorities. More than 230 Walmart stores nationwide launched the ?If You See Something, Say Something? campaign today, with a total of 588 Walmart stores in 27 states joining in the coming weeks. A short video message, available here, will play at select checkout locations to remind shoppers to contact local law enforcement to report suspicious activity. Over the past five months, DHS has worked with its federal, state, local and private sector partners, as well as the Department of Justice, to expand the ?If You See Something, Say Something? campaign and Nationwide SAR Initiative to communities throughout the country?including the recent state-wide expansions of the ?If You See Something, Say Something? campaign across Minnesota and New Jersey. Partners include the Mall of America, the American Hotel & Lodging Association, Amtrak, the Washington Metropolitan Area Transit Authority, sports and general aviation industries, and state and local fusion centers across the country. In the coming months, the Department will continue to expand the ?If You See Something, Say Something? campaign nationally with public education materials and outreach tools designed to help America?s businesses, communities and citizens remain vigilant and play an active role in keeping the county safe. From rforno at infowarrior.org Mon Dec 6 16:24:57 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 17:24:57 -0500 Subject: [Infowarrior] - Frankenbombers are 'new kind of terrorism Message-ID: <20A22E99-FEB7-478F-B5DF-3395606A5818@infowarrior.org> Frankenbombers are 'new kind of terrorism': Al Qaeda hopes to surgically implant bombs into thugs BY James Gordon Meek DAILY NEWS WASHINGTON BUREAU Monday, December 6th 2010, 4:00 AM http://www.nydailynews.com/news/national/2010/12/06/2010-12-06_al_qaeda_is_truly_gutless_terror_doc_eyes_sewing_bombs_in_thugs.html WASHINGTON - Jihadis bent on concocting a "new kind of terrorism" are brainstorming how to surgically implant explosives to make undetectable Frankenbombers. "What is your opinion about surgeries through which I can implant the bomb ...inside the operative's body?" an apparent mad surgeon recently asked an online forum used by Al Qaeda affiliates. He called on bombmakers and doctors to cook up the perfect solution to murder "larger numbers of unbelievers and apostates." "I am waiting for the interaction of the experienced brothers to connect the two sciences together and produce a new kind of terrorism, Allah willing," he wrote, according to a translation by terror experts at the SITE Intelligence Group. The scheming comes amid controversy over body scanners and pat-downs in airports that some Americans complain are too invasive. The ideas for a "surgically booby-trapped martyrdom seeker" were chillingly concise for the doctor of death monitored by SITE. Stitching a bomb into the abdominal cavity made of plastic or liquid explosives - such as semtex or PETN - was judged the best method. "It must be planted near the surface of the body, because the human body absorbs shocks," advised one terrorist. Prior to the attempted destruction of a Detroit-bound flight last Christmas by accused underwear bomber Farouk Abdulmutallab, Al Qaeda in the Arabian Peninsula almost assassinated a Saudi prince with a bomb believed to have been concealed inside a body cavity; it was recently clarified that it was the first attempt at an explosive hidden in undies. Unproven body cavity bombs worry security agents, though "no one has figured out how to actually do it," said a counterterror official. Last month, Transportation Security Administration chief John Pistole said his agency wouldn't do cavity checks because secondary screening procedures and technology can find fuses and detonators, which must be outside the body. "You have to have some external device to cause that initiation," he said. "That's what the advanced imaging technology machine will pick up: any anomaly outside of the body." Still experts worry about the doctors among the terrorists' ranks and their willingness to kill. Al Qaeda's No. 2 is Ayman al-Zawahiri, an Egyptian doctor, and last year a Jordanian doctor known as "Abu Dujana al-Khorasani" killed seven CIA officers in a suicide bombing in Afghanistan. "In the same way that drug smugglers have placed bags of narcotics in the body cavities of animals and had people ingest condoms filled with drugs, it would not be out of the realm of Al Qaeda operational planners to conceive of such a technique," said Mark Rossini, a former senior FBI counterterror agent. "No technique is off-limits to Al Qaeda to achieve its destructive goals." Read more: http://www.nydailynews.com/news/national/2010/12/06/2010-12-06_al_qaeda_is_truly_gutless_terror_doc_eyes_sewing_bombs_in_thugs.html#ixzz17NBvecpM From rforno at infowarrior.org Mon Dec 6 16:28:58 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 17:28:58 -0500 Subject: [Infowarrior] - Report: Assange to hand himself in to police after arrest warrant is Message-ID: <56E29AC1-53B0-4EA4-A306-33523EBA0AFE@infowarrior.org> (From the I'll believe it when I see it department, obvously. Does that mean the keys to the insurance file will be forthcoming, too? --- rick) WikiLeaks: Julian Assange to hand himself in to police after arrest warrant issued http://www.telegraph.co.uk/news/worldnews/wikileaks/8185247/WikiLeaks-Julian-Assange-to-hand-himself-in-to-police-after-arrest-warrant-issued.html Julian Assange, the founder of WikiLeaks, will hand himself in to police - possibly as early as Tuesday - after a fresh European Arrest Warrant was issued by the Swedish authorities. By Caroline Gammell, Christopher Hope and Steven Swinford 9:16PM GMT 06 Dec 2010 Mr Assange is expected to voluntarily attend a police station within the next 24 hours, and will then appear in a magistrates? court. He is wanted over allegations of sexual assault in Sweden. He is currently in hiding in the south-east of England but police are understood to have the necessary paperwork to arrest him. Mark Stephens, Mr Assange?s British lawyer, said: ?We are in discussions about him going to the police by consent.? Mr Assange suffered another setback on Monday when Swiss authorities closed one of his bank accounts, one of the sources of funding for the WikiLeaks site. The 39-year-old Australian has been under intense pressure since the release of thousands of secret documents in recent weeks. Kristinn Hrafnsson, spokesman for WikiLeaks, said Mr Assange had been forced to keep a low profile after several threats on his life. Sweden?s Supreme Court upheld a court order to detain Mr Assange for questioning on suspicion of ?rape, sexual molestation and unlawful coercion? after he appealed against two lower court rulings. He denies the allegations. His details were also added to Interpol?s most wanted website, alerting police forces around the world. A European Arrest Warrant was issued by the Swedish last month but could not be acted upon because it did not contain sufficient information for the British authorities. A spokesman for Marianne Ny, the Swedish prosecutor, said the extra details were sent last week and were being processed. Mr Stephens said he would fight any bid to extradite his client. He added that Mr Assange ?has been trying to meet with the Swedish prosecutor since August this year?. Mr Assange?s troubles deepened when his Swiss bank account was shut down after it was found he had given a false address. Postfinance, the financial arm of Swiss Post, said: ?The Australian citizen provided false information regarding his place of residence during the account opening process.? Mr Assange had allegedly told Postfinance he lived in Geneva but could offer no proof that he was a Swiss resident. News of his potential arrest came as WikiLeaks was criticised for publishing details of hundreds of sites around the world that could be targeted in terrorist attacks. Among the British sites listed are a transatlantic undersea cable landing in Cornwall; naval and motoring engineering firm MacTaggart Scott, based in the small Scottish town of Loanhead; and BAE Systems sites, including one in Preston, Lancashire. The revelations prompted Sir Peter Ricketts, David Cameron?s national security adviser, to order a review of computer security across all government departments. From rforno at infowarrior.org Mon Dec 6 16:51:47 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 17:51:47 -0500 Subject: [Infowarrior] - US Copyright Group Drops Cases Against Thousands of BitTorrent Users Message-ID: <23F679EB-1C42-413A-B288-0B5811B3C4D2@infowarrior.org> US Copyright Group Drops Cases Against Thousands of BitTorrent Users Written by Ernesto on December 07, 2010 http://torrentfreak.com/us-copyright-group-drops-cases-against-thousands-of-bittorrent-users-101206/ The US Copyright Group (USCG) campaign to turn piracy into profit is starting to fall apart. Today, the anti-piracy lawyers dropped 97% of the alleged BitTorrent file-sharers from the Far Cry case because of a lack of jurisdiction. This setback seriously limits the profitability of the law firm?s business model, and is a clear victory for thousands of people who were pressured to pay expensive settlements. Since the beginning of this year the United States Copyright Group (USCG) has sued tens of thousands of BitTorrent users who allegedly shared films without the consent of copyright holders. One of the copyright holders who teamed up with USCG are Achte/Neunte, the makers of the movie Far Cry. This case originally had 4,577 defendants, all of whom were accused of distributing the film via BitTorrent. However, three weeks ago District Court Judge Rosemary Collyer ordered USCG to limit their case only to those defendants who the Court has jurisdiction over, and in an amended complaint filed today the anti-piracy lawyers have done just that. Of the thousands of defendants, only 140 remain in the latest complaint. The remaining 4,437 were dropped from the case without prejudice. The new complaint specifically states that the remaining defendants reside in the District of Columbia, where the case was filed. ?The named Defendant resides in this District. Although the true identity of each remaining Doe Defendant is unknown to the Plaintiff at this time, on information and belief, each remaining Doe Defendant may be found in this District and/or a substantial part of the acts of infringement complained of herein occurred in this District,? the lawyers write. These recent developments are welcome news to the thousands of people who have been pressured to pay thousands of dollars in settlements over the past months, including those in the Hurt Locker case. As it now stands, all people being chased by USCG outside of the Court?s jurisdiction can have their case dropped. ?This is certainly a reassuring decision for file sharing defendants in parallel cases around the country although they remain vulnerable to file sharing suits brought in their home states,? Stewart Kellar, a California attorney representing several defendants in the Far Cry Case, told TorrentFreak in a comment. It has to be noted, however, that the cases have been dropped without prejudice, which effectively means that USCG can file suit against defendants again at a later stage if they so choose. That said, having to file cases in dozens of states will significantly increase the workload for USCG?s lawyers, not to mention escalating costs. The question now is whether or not the scheme will remain financially viable. Right now there is little doubt that what first seemed to be a relatively effective and profitable way to turn piracy into a healthy revenue stream, is rapidly turning into a nightmare for the anti-piracy lawyers and their partners. From rforno at infowarrior.org Mon Dec 6 17:21:54 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 18:21:54 -0500 Subject: [Infowarrior] - Shirky: Wikileaks and the Long Haul Message-ID: <196502F2-8B43-4A99-9462-AFDBD89E93CA@infowarrior.org> http://www.shirky.com/weblog/2010/12/wikileaks-and-the-long-haul/ Wikileaks and the Long Haul Like a lot of people, I am conflicted about Wikileaks. Citizens of a functioning democracy must be able to know what the state is saying and doing in our name, to engage in what Pierre Rosanvallon calls ?counter-democracy?*, the democracy of citizens distrusting rather than legitimizing the actions of the state. Wikileaks plainly improves those abilities. On the other hand, human systems can?t stand pure transparency. For negotiation to work, people?s stated positions have to change, but change is seen, almost universally, as weakness. People trying to come to consensus must be able to privately voice opinions they would publicly abjure, and may later abandon. Wikileaks plainly damages those abilities. (If Aaron Bady?s analysis is correct, it is the damage and not the oversight that Wikileaks is designed to create.*) And so we have a tension between two requirements for democratic statecraft, one that can?t be resolved, but can be brought to an acceptable equilibrium. Indeed, like the virtues of equality vs. liberty, or popular will vs. fundamental rights, it has to be brought into such an equilibrium for democratic statecraft not to be wrecked either by too much secrecy or too much transparency. As Tom Slee puts it, ?Your answer to ?what data should the government make public?? depends not so much on what you think about data, but what you think about the government.?* My personal view is that there is too much secrecy in the current system, and that a corrective towards transparency is a good idea. I don?t, however, believe in total transparency, and even more importantly, I don?t think that independent actors who are subject to no checks or balances is a good idea in the long haul. If the long haul were all there was, Wikileaks would be an obviously bad thing. The practical history of politics, however, suggests that the periodic appearance of such unconstrained actors in the short haul is essential to increased democratization, not just of politics but of thought. We celebrate the printers of 16th century Amsterdam for making it impossible for the Catholic Church to constrain the output of the printing press to Church-approved books*, a challenge that helped usher in, among other things, the decentralization of scientific inquiry and the spread of politically seditious writings advocating democracy. This intellectual and political victory didn?t, however, mean that the printing press was then free of all constraints. Over time, a set of legal limitations around printing rose up, including restrictions on libel, the publication of trade secrets, and sedition. I don?t agree with all of these laws, but they were at least produced by some legal process. Unlike the United States? current pursuit of Wikileaks.* I am conflicted about the right balance between the visibility required for counter-democracy and the need for private speech among international actors. Here?s what I?m not conflicted about: When authorities can?t get what they want by working within the law, the right answer is not to work outside the law. The right answer is that they can?t get what they want. The Unites States is ? or should be ? subject to the rule of law, which makes the extra-judicial pursuit of Wikileaks especially nauseating. (Calls for Julian?s assassination are even more nauseating.) It may be that what Julian has done is a crime. (I know him casually, but not well enough to vouch for his motivations, nor am I a lawyer.) In that case, the right answer is to bring the case to a trial. IIn the US, however, the government has a ?heavy burden? for engaging in prior restraint of even secret documents, an established principle since New York Times Co. vs. The United States*, when the Times published the Pentagon Papers. If we want a different answer for Wikileaks, we need a different legal framework first. Though I don?t like Senator Joseph Lieberman?s proposed SHIELD law (Securing Human Intelligence and Enforcing Lawful Dissemination*), I do like the fact that it is a law, and not an extra-legal avenue (of which Senator Lieberman is also guilty.*) I also like the fact that the SHIELD Law makes it clear what?s at stake: the law proposes new restraints on publishers, and would apply to the New York Times and The Guardian as it well as to Wikileaks. (As Matthew Ingram points out, ?Like it or not, Wikileaks is a media entity.?*) SHIELD amounts to an attempt to reverse parts of New York Times Co. vs. The United States. I don?t think such a law should pass. I think the current laws, which criminalize the leaking of secrets but not the publishing of leaks, strike the right balance. However, as a citizen of a democracy, I?m willing to be voted down, and I?m willing to see other democratically proposed restrictions on Wikileaks put in place. It may even be that whatever checks and balances do get put in place by the democratic process make anything like Wikileaks impossible to sustain in the future. The key, though, is that democracies have a process for creating such restrictions, and as a citizen it sickens me to see the US trying to take shortcuts. The leaders of Myanmar and Belarus, or Thailand and Russia, can now rightly say to us ?You went after Wikileaks? domain name, their hosting provider, and even denied your citizens the ability to register protest through donations, all without a warrant and all targeting overseas entities, simply because you decided you don?t like the site. If that?s the way governments get to behave, we can live with that.? Over the long haul, we will need new checks and balances for newly increased transparency ? Wikileaks shouldn?t be able to operate as a law unto itself anymore than the US should be able to. In the short haul, though, Wikileaks is our Amsterdam. Whatever restrictions we eventually end up enacting, we need to keep Wikileaks alive today, while we work through the process democracies always go through to react to change. If it?s OK for a democracy to just decide to run someone off the internet for doing something they wouldn?t prosecute a newspaper for doing, the idea of an internet that further democratizes the public sphere will have taken a mortal blow. From rforno at infowarrior.org Mon Dec 6 17:29:22 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 18:29:22 -0500 Subject: [Infowarrior] - US Copyright Czar: Expect More Domain Censorship Message-ID: <15DAFDF3-3429-44AD-88E1-B4C2DD667DC5@infowarrior.org> US Copyright Czar: Expect More Domain Censorship from the free-speech-ain't-free dept http://www.techdirt.com/articles/20101206/11325112148/us-copyright-czar-expect-more-domain-censorship.shtml The US "IP Czar," Victoria Espinel, said at a conference this week that Homeland Security's seizure of a bunch of domain names was apparently just the beginning of a larger plan to go after such folks. Espinel has been making the rounds over the past few months, working to get various companies to voluntarily start censoring websites in this manner, even without the COICA bill being in place. This isn't really a surprise. Espinel has stated in the past that her job is to focus on the enforcement side of copyright law, so it's no surprise she's supportive of such seizures. What's scary, though, is the fact that she doesn't seem willing to recognize how these seizures appear to go way past "enforcing" copyright law, and move into blatant censorship. In her comments, she noted that "We are going after the piraters and counterfeiters," but she seems to ignore that caught in that net are perfectly legitimate search engines and (more seriously) blogs with plenty of non-infringing content. If that's not the definition of prior restraint and blatant government censorship, I don't know what is. What's sad is that Espinel has appeared in the past as someone who actually recognized these issues -- and while she's under a lot of pressure from the entertainment industry lobbyists who apparently get to write her performance reports -- if these sorts of activities keep up, she's going to go down as the US's chief censor. What a shame. From rforno at infowarrior.org Mon Dec 6 20:12:44 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 6 Dec 2010 21:12:44 -0500 Subject: [Infowarrior] - How America will collapse (by 2025) Message-ID: How America will collapse (by 2025) Four scenarios that could spell the end of the United States as we know it -- in the very near future By Alfred McCoy This piece originally appeared on TomDispatch. A soft landing for America 40 years from now? Don?t bet on it. The demise of the United States as the global superpower could come far more quickly than anyone imagines. If Washington is dreaming of 2040 or 2050 as the end of the American Century, a more realistic assessment of domestic and global trends suggests that in 2025, just 15 years from now, it could all be over except for the shouting. Despite the aura of omnipotence most empires project, a look at their history should remind us that they are fragile organisms. So delicate is their ecology of power that, when things start to go truly bad, empires regularly unravel with unholy speed: just a year for Portugal, two years for the Soviet Union, eight years for France, 11 years for the Ottomans, 17 years for Great Britain, and, in all likelihood, 22 years for the United States, counting from the crucial year 2003. Future historians are likely to identify the Bush administration?s rash invasion of Iraq in that year as the start of America's downfall. However, instead of the bloodshed that marked the end of so many past empires, with cities burning and civilians slaughtered, this twenty-first century imperial collapse could come relatively quietly through the invisible tendrils of economic collapse or cyberwarfare. But have no doubt: when Washington's global dominion finally ends, there will be painful daily reminders of what such a loss of power means for Americans in every walk of life. As a half-dozen European nations have discovered, imperial decline tends to have a remarkably demoralizing impact on a society, regularly bringing at least a generation of economic privation. As the economy cools, political temperatures rise, often sparking serious domestic unrest. Available economic, educational, and military data indicate that, when it comes to U.S. global power, negative trends will aggregate rapidly by 2020 and are likely to reach a critical mass no later than 2030. The American Century, proclaimed so triumphantly at the start of World War II, will be tattered and fading by 2025, its eighth decade, and could be history by 2030. Significantly, in 2008, the U.S. National Intelligence Council admitted for the first time that America's global power was indeed on a declining trajectory. In one of its periodic futuristic reports, Global Trends 2025, the Council cited "the transfer of global wealth and economic power now under way, roughly from West to East" and "without precedent in modern history," as the primary factor in the decline of the "United States' relative strength -- even in the military realm." Like many in Washington, however, the Council?s analysts anticipated a very long, very soft landing for American global preeminence, and harbored the hope that somehow the U.S. would long "retain unique military capabilities? to project military power globally" for decades to come. No such luck. Under current projections, the United States will find itself in second place behind China (already the world's second largest economy) in economic output around 2026, and behind India by 2050. Similarly, Chinese innovation is on a trajectory toward world leadership in applied science and military technology sometime between 2020 and 2030, just as America's current supply of brilliant scientists and engineers retires, without adequate replacement by an ill-educated younger generation. By 2020, according to current plans, the Pentagon will throw a military Hail Mary pass for a dying empire. It will launch a lethal triple canopy of advanced aerospace robotics that represents Washington's last best hope of retaining global power despite its waning economic influence. By that year, however, China's global network of communications satellites, backed by the world's most powerful supercomputers, will also be fully operational, providing Beijing with an independent platform for the weaponization of space and a powerful communications system for missile- or cyber-strikes into every quadrant of the globe. Wrapped in imperial hubris, like Whitehall or Quai d'Orsay before it, the White House still seems to imagine that American decline will be gradual, gentle, and partial. In his State of the Union address last January, President Obama offered the reassurance that "I do not accept second place for the United States of America." A few days later, Vice President Biden ridiculed the very idea that "we are destined to fulfill [historian Paul] Kennedy's prophecy that we are going to be a great nation that has failed because we lost control of our economy and overextended." Similarly, writing in the November issue of the establishment journal Foreign Affairs, neo-liberal foreign policy guru Joseph Nye waved away talk of China's economic and military rise, dismissing "misleading metaphors of organic decline" and denying that any deterioration in U.S. global power was underway. Ordinary Americans, watching their jobs head overseas, have a more realistic view than their cosseted leaders. An opinion poll in August 2010 found that 65 percent of Americans believed the country was now "in a state of decline." Already, Australia and Turkey, traditional U.S. military allies, are using their American-manufactured weapons for joint air and naval maneuvers with China. Already, America's closest economic partners are backing away from Washington's opposition to China's rigged currency rates. As the president flew back from his Asian tour last month, a gloomy New York Times headline summed the moment up this way: "Obama's Economic View Is Rejected on World Stage, China, Britain and Germany Challenge U.S., Trade Talks With Seoul Fail, Too." Viewed historically, the question is not whether the United States will lose its unchallenged global power, but just how precipitous and wrenching the decline will be. In place of Washington's wishful thinking, let?s use the National Intelligence Council's own futuristic methodology to suggest four realistic scenarios for how, whether with a bang or a whimper, U.S. global power could reach its end in the 2020s (along with four accompanying assessments of just where we are today). The future scenarios include: economic decline, oil shock, military misadventure, and World War III. While these are hardly the only possibilities when it comes to American decline or even collapse, they offer a window into an onrushing future. < -- > http://www.salon.com/news/feature/2010/12/06/america_collapse_2025 From rforno at infowarrior.org Tue Dec 7 07:05:41 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 08:05:41 -0500 Subject: [Infowarrior] - Assange op-ed via Australia Message-ID: <2F646E20-72BD-4B1A-9728-F49130850804@infowarrior.org> http://blogs.theaustralian.news.com.au/mediadiary/index.php IN 1958 a young Rupert Murdoch, then owner and editor of Adelaide?s The News, wrote: ?In the race between secrecy and truth, it seems inevitable that truth will always win.? His observation perhaps reflected his father Keith Murdoch?s expose that Australian troops were being needlessly sacrificed by incompetent British commanders on the shores of Gallipoli. The British tried to shut him up but Keith Murdoch would not be silenced and his efforts led to the termination of the disastrous Gallipoli campaign. Nearly a century later, WikiLeaks is also fearlessly publishing facts that need to be made public. I grew up in a Queensland country town where people spoke their minds bluntly. They distrusted big government as something that could be corrupted if not watched carefully. The dark days of corruption in the Queensland government before the Fitzgerald inquiry are testimony to what happens when the politicians gag the media from reporting the truth. These things have stayed with me. WikiLeaks was created around these core values. The idea, conceived in Australia , was to use internet technologies in new ways to report the truth. WikiLeaks coined a new type of journalism: scientific journalism. We work with other media outlets to bring people the news, but also to prove it is true. Scientific journalism allows you to read a news story, then to click online to see the original document it is based on. That way you can judge for yourself: Is the story true? Did the journalist report it accurately? Democratic societies need a strong media and WikiLeaks is part of that media. The media helps keep government honest. WikiLeaks has revealed some hard truths about the Iraq and Afghan wars, and broken stories about corporate corruption. People have said I am anti-war: for the record, I am not. Sometimes nations need to go to war, and there are just wars. But there is nothing more wrong than a government lying to its people about those wars, then asking these same citizens to put their lives and their taxes on the line for those lies. If a war is justified, then tell the truth and the people will decide whether to support it. If you have read any of the Afghan or Iraq war logs, any of the US embassy cables or any of the stories about the things WikiLeaks has reported, consider how important it is for all media to be able to report these things freely. WikiLeaks is not the only publisher of the US embassy cables. Other media outlets, including Britain ?s The Guardian, The New York Times, El Pais in Spain and Der Spiegel in Germany have published the same redacted cables. Yet it is WikiLeaks, as the co-ordinator of these other groups, that has copped the most vicious attacks and accusations from the US government and its acolytes. I have been accused of treason, even though I am an Australian, not a US, citizen. There have been dozens of serious calls in the US for me to be ?taken out? by US special forces. Sarah Palin says I should be ?hunted down like Osama bin Laden?, a Republican bill sits before the US Senate seeking to have me declared a ?transnational threat? and disposed of accordingly. An adviser to the Canadian Prime Minister?s office has called on national television for me to be assassinated. An American blogger has called for my 20-year-old son, here in Australia, to be kidnapped and harmed for no other reason than to get at me. And Australians should observe with no pride the disgraceful pandering to these sentiments by Prime Minister Gillard and US Secretary of State Hillary Clinton have not had a word of criticism for the other media organisations. That is because The Guardian, The New York Times and Der Spiegel are old and large, while WikiLeaks is as yet young and small. We are the underdogs. The Gillard government is trying to shoot the messenger because it doesn?t want the truth revealed, including information about its own diplomatic and political dealings. Has there been any response from the Australian government to the numerous public threats of violence against me and other WikiLeaks personnel? One might have thought an Australian prime minister would be defending her citizens against such things, but there have only been wholly unsubstantiated claims of illegality. The Prime Minister and especially the Attorney-General are meant to carry out their duties with dignity and above the fray. Rest assured, these two mean to save their own skins. They will not. Every time WikiLeaks publishes the truth about abuses committed by US agencies, Australian politicians chant a provably false chorus with the State Department: ?You?ll risk lives! National security! You?ll endanger troops!? Then they say there is nothing of importance in what WikiLeaks publishes. It can?t be both. Which is it? It is neither. WikiLeaks has a four-year publishing history. During that time we have changed whole governments, but not a single person, as far as anyone is aware, has been harmed. But the US , with Australian government connivance, has killed thousands in the past few months alone. US Secretary of Defence Robert Gates admitted in a letter to the US congress that no sensitive intelligence sources or methods had been compromised by the Afghan war logs disclosure. The Pentagon stated there was no evidence the WikiLeaks reports had led to anyone being harmed in Afghanistan . NATO in Kabul told CNN it couldn?t find a single person who needed protecting. The Australian Department of Defence said the same. No Australian troops or sources have been hurt by anything we have published. But our publications have been far from unimportant. The US diplomatic cables reveal some startling facts: The US asked its diplomats to steal personal human material and information from UN officials and human rights groups, including DNA, fingerprints, iris scans, credit card numbers, internet passwords and ID photos, in violation of international treaties. Presumably Australian UN diplomats may be targeted, too. King Abdullah of Saudi Arabia asked the US Officials in Jordan and Bahrain want Iran ?s nuclear program stopped by any means available. Britain?s Iraq inquiry was fixed to protect ?US interests?. Sweden is a covert member of NATO and US intelligence sharing is kept from parliament. The US is playing hardball to get other countries to take freed detainees from Guantanamo Bay . Barack Obama agreed to meet the Slovenian President only if Slovenia took a prisoner. Our Pacific neighbour Kiribati was offered millions of dollars to accept detainees. In its landmark ruling in the Pentagon Papers case, the US Supreme Court said ?only a free and unrestrained press can effectively expose deception in government?. The swirling storm around WikiLeaks today reinforces the need to defend the right of all media to reveal the truth. Julian Assange is the editor-in-chief of WikiLeaks. From rforno at infowarrior.org Tue Dec 7 07:07:52 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 08:07:52 -0500 Subject: [Infowarrior] - Assange Arrested in London Over Rape Case Message-ID: (Would he have received an Interpol red notice for these charges were he not the center of Wikileaks situation? I think not. --- rick) WikiLeaks Founder Assange Arrested in London Over Rape Case By Erik Larson and Janina Pfalzer - Dec 7, 2010 7:27 AM ET Tue Dec 07 12:27:14 GMT 2010 http://www.bloomberg.com/news/2010-12-07/assange-arrested-in-u-k-on-international-warrant-for-swedish-rape-probe.html Julian Assange, founder of the WikiLeaks website that leaked thousands of classified U.S. military and State Department documents, was arrested by London police over rape allegations made in Sweden. Assange, 39, was arrested ?by appointment? today at 9:30 a.m. after Swedish police requested the Australian?s detention, a Metropolitan Police spokesman said today in a phone interview. He is to appear at City of Westminster Magistrate?s Court at 2 p.m. today, a court official said. ?There is very little room for maneuver within the European arrest warrant process,? said Peter Watson, a lawyer with Allen & Overy LLP in London, who isn?t involved in the case. ?In the normal course, the Brits will have to produce or send Mr. Assange back to Sweden within 90 days.? WikiLeaks, created in 2006, drew condemnation from the U.S. for posting thousands of classified State Department documents on its website. WikiLeaks.org receives confidential material and posts the information on the Internet ?so readers and historians alike can see evidence of the truth,? the organization says on its website. The arrest follows a European warrant on one count of unlawful coercion, two counts of sexual molestation and one count of rape allegedly committed in August 2010, the police?s extradition unit said in an e-mailed statement. Stockholm, Enkoeping The alleged crimes took place in Stockholm and Enkoeping while Assange was in Sweden lecturing about publishing classified U.S. military documents related to the war in Afghanistan. Mark Stephens, Assange?s U.K. lawyer, has said his client had consensual sex with the women. Stephens, of the firm Finers Stephens Innocent LLP in London, who regularly represents several media organizations including Bloomberg News, didn?t immediately return a call seeking comment on the arrest. He said earlier today that his client was in talks with police regarding the warrant. If the U.S. were to charge Assange in relation to the leaks, the country could have a difficult time invoking its extradition agreement with the U.K. to win custody, Watson said. ?The European arrest warrant will trump that request, because it?s already underway,? Watson said. The U.S. embassy in London said it wouldn?t be sending representatives to today?s hearings. International Search An international search for Assange began after a Swedish court on Nov. 19 approved the warrant. An appeals court upheld the warrant while reducing the case to a ?less serious? rape charge. On Dec. 2, the Supreme Court in Sweden rejected Assange?s request to review the case. A rape sentence in Sweden normally leads to between two and six years in prison. A ?serious? case, which involves violence and threats, has a maximum sentence of 10 years. A ?less serious? case has an upper limit of four years, Deputy Director of Public Prosecution Mikael Bjoerk said in an interview Dec. 2. Sweden accepts extradition requests from non-EU countries if the allegations involved are also illegal in Sweden, said Mikael Baaz, an associate law professor at the University of Gothenburg. WikiLeaks? actions don?t appear to have gone beyond Sweden?s so-called ?right to inform,? which protects public employees who leak information to the press, Baaz said today in an interview. Competing Extradition Request The U.S. could send the U.K. a competing extradition request, possibly forcing Britain?s Home Secretary, Theresa May, to decide which request serves a greater public interest, said Helen Malcolm, a lawyer with Three Raymond Buildings in London. ?That would be a very difficult line to run politically, that our relationship with the U.S. is more important than these women?s? claims,? Malcolm, who isn?t involved in the case, said in an interview. The arrest warrant was sought by prosecutor Marianne Ny, who said she had been unable to question Assange. Ny started her investigation on Sep. 1 after Stockholm-based Chief Public Prosecutor Eva Finne dropped the rape charge and reduced the molestation charges. A lawyer for the two alleged victims in the case had appealed Finne?s decision. Ny heads the Prosecution Authority Development Center in Gothenburg, which handles appeals involving prosecutor decisions in sex-crime cases. Assange, born in Townsville, Australia, began as a computer hacker in his native country and pleaded guilty in 1996 to 24 counts of violating the Crimes Act by accessing and inserting information into computers, including those of Nortel Networks Corp. He received a fine and three years probation. To contact the reporter on this story: Janina Pfalzer in Stockholm at jpfalzer at bloomberg.net. To contact the editor responsible for this story: Angela Cullen at acullen8 at bloomberg.net. From rforno at infowarrior.org Tue Dec 7 07:10:43 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 08:10:43 -0500 Subject: [Infowarrior] - OT: Can Ayatollah haz ninjas pls? Message-ID: Tehran conscripts Ninja masters to crush democracy By Joe Fay ? Get more from this author Posted in Government, 7th December 2010 12:57 GMT http://www.theregister.co.uk/2010/12/07/iran_ninja/ The Iranian government has been attempting to co-opt the country's Ninjas and other martial artists to help out with some light repression duties, US diplomatic cables released by Wikileaks claim. Authorities in the country have been attempting to outsource some of the grunt work involved in political repression to martial arts enthusiasts, as well as getting them to the train their own security forces, the cable claims. The cable, sent from the US's Embassy in Baku, Azerbaijan, last year, bears the subject line: Ninja Black Belt Master Details Use of Martial Arts Clubs for Repression. It reports that the Ninja master told the Baku Iran watcher "that private martial arts clubs and their managers are under intense pressure to cooperate with Iranian intelligence and Revolutionary Guard organizations, both in training members and in working as 'enforcers' in repression of protests and politically motivated killings." At the same time, authorities are suspicious of the clubs' potential to offer similar skills to pro-democracy supporters. A fair enough guess, possibly, particularly as the cable notes the Shah's regime used the country's martial arts clubs in the same way. The cable also recounts how an acquaintance of the source has carried out assassinations of intellectuals and young pro-democracy activists for the authorities, only to be "suicided" by the authorities himself. The Wikileaks version of the cable is careful to redact the name of the Ninja master, and apparently, his location, except insofar as he does not appear to be based in Tehran. Which is all well and good, assuming there are enough black belts in this most esoteric of martial arts in Iran to afford the said Ninja master some plausible deniability. Otherwise, the Ninja master will likely need to employ every trick of his craft in the very near future just to survive. ? From rforno at infowarrior.org Tue Dec 7 07:37:45 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 08:37:45 -0500 Subject: [Infowarrior] - Why WikiLeaks Is Good for America Message-ID: <4D15C752-7A12-475B-BE5D-07AA67C90E84@infowarrior.org> Why WikiLeaks Is Good for America Evan Hansen is Editor-in-Chief of Wired.com http://www.wired.com/threatlevel/2010/12/wikileaks-editorial/ A truly free press ? one unfettered by concerns of nationalism ? is apparently a terrifying problem for elected governments and tyrannies alike. It shouldn?t be. In the past week, after publishing secret U.S. diplomatic cables, secret-spilling site WikiLeaks has been hit with denial-of-service attacks on its servers by unknown parties; its backup hosting provider, Amazon, booted WikiLeaks off its hosting service; and PayPal has suspended its donation-collecting account, damaging WikiLeaks? ability to raise funds. MasterCard announced Monday it was blocking credit card payments to WikiLeaks, saying the site was engaged in illegal activities, despite the fact it has never been charged with a crime. Meanwhile, U.S. politicians have ramped up the rhetoric against the nonprofit, calling for the arrest and prosecution and even assassination of its most visible spokesman, Julian Assange. Questions about whether current laws are adequate to prosecute him have prompted lawmakers to propose amending the espionage statute to bring Assange to heel or even to declare WikiLeaks a terrorist organization. WikiLeaks is not perfect, and we have highlighted many of its shortcomings on this web site. Nevertheless, it?s time to make a clear statement about the value of the site and take sides: WikiLeaks stands to improve our democracy, not weaken it. The greatest threat we face right now from Wikileaks is not the information it has spilled and may spill in the future, but the reactionary response to it that?s building in the United States that promises to repudiate the rule of law and our free speech traditions, if left unchecked. Secrecy is routinely posited as a critical component for effective governance, a premise that?s so widely accepted that even some journalists, whose job is to reveal the secret workings of governments, have declared WikiLeaks? efforts to be out of bounds. We should embrace the site as an expression of the fundamental freedom that is at the core of our Bill of Rights. Transparency, and its value, look very different inside the corridors of power than outside. On the campaign trail, Barack Obama vowed to roll back the secrecy apparatus that had been dramatically expanded under his predecessor, but his administration has largely abandoned those promises and instead doubled-down on secrecy. One of the core complaints against WikiLeaks is a lack of accountability. It has set up shop in multiple countries with liberal press protections in an apparent bid to stand above the law. It owes allegiance to no one government, and its interests do not align neatly with authorities?. Compare this, for example, to what happened when the U.S. government pressured The New York Times in 2004 to drop its story about warrantless wiretapping on grounds that it would harm national security. The paper withheld the story for a year-and-a-half. WikiLeaks? role is not the same as the press?s, since it does not always endeavor to vet information prior to publication. But it operates within what one might call the media ecosystem, feeding publications with original documents that are found nowhere else and insulating them against pressures from governments seeking to suppress information. Instead of encouraging online service providers to blacklist sites and writing new espionage laws that would further criminalize the publication of government secrets, we should regard WikiLeaks as subject to the same first amendment rights that protect The New York Times. And as a society, we should embrace the site as an expression of the fundamental freedom that is at the core of our Bill of Rights, not react like Chinese corporations that are happy to censor information on behalf of their government to curry favor. WikiLeaks does not automatically bring radical transparency in its wake. Sites like WikiLeaks work because sources, more often than not pricked by conscience, come forward with information in the public interest. WikiLeaks is a distributor of this information, if an extraordinarily prolific one. It helps guarantee the information won?t be hidden by editors and publishers who are afraid of lawsuits or the government. WikiLeaks has beaten back the attacks against it with the help of hundreds of mirror sites that will keep its content available, despite the best efforts of opponents. Blocking WikiLeaks, even if it were possible, could never be effective. A government?s best and only defense against damaging spills is to act justly and fairly. By seeking to quell WikiLeaks, its U.S. political opponents are only priming the pump for more embarrassing revelations down the road. Evan Hansen is Editor-in-Chief of Wired.com. From rforno at infowarrior.org Tue Dec 7 10:16:46 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 11:16:46 -0500 Subject: [Infowarrior] - Bank of Ireland ATM and online systems fail Message-ID: 7 December 2010 Last updated at 07:54 ET http://www.bbc.co.uk/news/uk-northern-ireland-11937654 Bank of Ireland ATM and online systems fail Customers have been unable to use the bank's cash machines One of Ireland's biggest banks has issued an apology to customers after a systems failure meant that, for a time, they were unable to access their cash accounts. The Bank of Ireland said it became aware at 1000 GMT on Tuesday that ATMs were not working and customers were unable to make online transactions. A spokesperson said the fault had been largely rectified. However the amount of cash that can be withrdrawn via ATMs may be restricted. In a statement the bank confirmed that "an unforeseen technical issue" had impacted on in-branch and online banking systems. The bank confirmed that all branches were open although some debit cards might be unable to conduct point of sale transactions. The Bank of Ireland has 44 branches throughout Northern Ireland. From rforno at infowarrior.org Tue Dec 7 12:46:38 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 13:46:38 -0500 Subject: [Infowarrior] - Shanghai Students Top World Rankings on Math Test; U.S. Teans Ranked 25th Message-ID: <0E69DC13-C971-49B5-A768-82804F3B9597@infowarrior.org> Shanghai Students Top World Rankings on Math Test; U.S. Teans Ranked 25th By John Hechinger - Dec 7, 2010 12:04 PM ET Tue Dec 07 17:04:43 GMT 2010 http://www.bloomberg.com/news/2010-12-07/teens-in-u-s-rank-25th-on-math-test-trail-in-science-reading.html Fifteen-year-olds in the U.S. ranked 25th among peers from 34 countries on a math test and scored in the middle in science and reading, while China?s Shanghai topped the charts, raising concern that the U.S. isn?t prepared to succeed in the global economy. The Paris-based Organization of Economic Cooperation & Development, which represents 34 countries, today released the 2009 Program for International Student Assessment. For the first time, the test broke out the performance of China?s Shanghai region, which topped every country in all academic categories. The U.S. government considers the test one of the most comprehensive measures of international achievement. The results show that U.S. students must improve to compete in a global economy, Education Secretary Arne Duncan said yesterday in a telephone interview. President Barack Obama?s administration is promoting national curriculum standards and a revamping of teacher pay that stresses performance rather than credentials and seniority. ?The brutal fact here is there are many countries that are far ahead of us and improving more rapidly than we are,? Duncan said. ?This should be a massive wake-up call to the entire country.? ?Key Schools? China?s success in Shanghai results from the government?s abandonment of a system of ?key schools? for elites and the institution of ?a more inclusive system in which all students are expected to perform at high levels,? the OECD said in the report. China also raised teacher pay and standards and reduced rote learning, while giving students and local authorities more choice in curriculum. Shanghai was the first city in China to achieve universal primary and junior-secondary education, and more than 80 percent of students of college age are admitted into higher-education institutions, compared with the national figure of 24 percent, according to the report. China?s Hong Kong is also a top performer. The OECD test, first administered in 2000 and given every three years, aims to measure skills achieved near the end of compulsory schooling. In the U.S., 165 public and private schools and 5,233 students participated in the two-hour paper- and-pencil assessment, given in September and November 2009. It consisted of multiple-choice and open-response questions. Beating the U.S. In all, 470,000 students worldwide took the exam. The test also measured countries and regions outside the OECD, or a total of 65 countries and economies. Asian countries and regions, including South Korea, Japan, Singapore and Hong Kong, all outpaced the U.S., as did Finland. U.S. 15-year-olds had an average score of 487 in math on a 1,000-point scale. Shanghai students scored 600, Singapore, 562; South Korea, Hong Kong, 555; Finland, 541. The U.S. is traditionally ranked against other OECD countries. On an absolute basis, students from 24 of 34 OECD countries had higher scores than U.S. students, and the Education Department said 17 were better on a statistically significant basis. U.S. math scores rose from 474 in 2006, when they ranked 25th of 30 OECD countries. The average U.S. reading score of 500 ranked 14th among OECD countries, which were led by South Korea, Finland and Canada. Only six had scores that were better statistically, the Education Department said. Shanghai students scored 556. Because of an error in printing test booklets, no U.S. reading results were reported in 2006. Science Score The average U.S. science score of 502 ranks 17th in the OECD nations, which were led by Finland, Japan and South Korea. Twelve scores were statistically better, the Education Department said. Shanghai students scored 575. The U.S., which scored 489 in 2006, ranked 21st among 30 OECD countries that year. The U.S. faces educational challenges from its immigrant and heterogeneous population, an OECD report said. In contrast with the U.S., Finland benefited from relative homogeneity, according to the report. While the U.S. is wealthier than most of its OECD peers and its parents are better educated, the country fails to put the most-talented teachers in the most-challenging classrooms, Andreas Schleicher, who oversees the test for OECD, said in a telephone interview. Policy Lessons The success of top-scoring education systems holds lessons for U.S. policy, according to the report. Successful countries provide comparable opportunities to all students regardless of wealth, offer autonomy to individual schools in terms of curriculum and prioritize teacher pay over smaller classes, according to the report. Microsoft Corp. Chairman Bill Gates urged top U.S. public- school officials to overhaul teacher pay, saying on Nov. 19 that instructors should be rewarded for results rather than seniority or advanced degrees. Gates, whose Seattle-based Bill & Melinda Gates Foundation funds education programs, said the U.S. may also find money for merit pay by increasing class size. Duncan has also endorsed that approach. ?Great teachers and great principals elevate the entire profession,? Duncan said yesterday. ?There are huge lessons we can learn from countries that are both doing better than we are and improving more rapidly.? To contact the reporter on this story: John Hechinger in Boston at jhechinger at bloomberg.net; To contact the editor responsible for this story: Jonathan Kaufman at jkaufman17 at bloomberg.net From rforno at infowarrior.org Tue Dec 7 14:05:36 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 15:05:36 -0500 Subject: [Infowarrior] - Irony: US to hold 'World Press Freedom Day' in 2011 Message-ID: http://www.state.gov/r/pa/prs/ps/2010/12/152465.htm U.S. to Host World Press Freedom Day in 2011 Press Statement Philip J. Crowley Assistant Secretary, Bureau of Public Affairs Washington, DC December 7, 2010 The United States is pleased to announce that it will host UNESCO?s World Press Freedom Day event in 2011, from May 1 - May 3 in Washington, D.C. UNESCO is the only UN agency with the mandate to promote freedom of expression and its corollary, freedom of the press. The theme for next year?s commemoration will be 21st Century Media: New Frontiers, New Barriers. The United States places technology and innovation at the forefront of its diplomatic and development efforts. New media has empowered citizens around the world to report on their circumstances, express opinions on world events, and exchange information in environments sometimes hostile to such exercises of individuals? right to freedom of expression. At the same time, we are concerned about the determination of some governments to censor and silence individuals, and to restrict the free flow of information. We mark events such as World Press Freedom Day in the context of our enduring commitment to support and expand press freedom and the free flow of information in this digital age. Highlighting the many events surrounding the celebration will be the awarding of the UNESCO Guillermo Cano World Press Freedom Prize at the National Press Club on May 3rd. This prize, determined by an independent jury of international journalists, honors a person, organization or institution that has notably contributed to the defense and/or promotion of press freedom, especially where risks have been undertaken. The Newseum will host the first two days of events, which will engage a broad array of media professionals, students, and citizen reporters on themes that address the status of new media and internet freedom, and challenges and opportunities faced by media in our rapidly changing world. The State Department looks forward to working with UNESCO and the U.S. executive committee spearheaded by the Center for International Media Assistance at the National Endowment for Democracy, IREX, and the United Nations Foundation and the many civil society organizations they have brought together in support of the organization of events unfolding in Washington. For further information regarding World Press Freedom Day Events for program content, please visit the World Press Freedom Facebook page http://www.connect.connect.facebook.com/WPFD2011 From rforno at infowarrior.org Tue Dec 7 14:21:41 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 15:21:41 -0500 Subject: [Infowarrior] - Lieberman wants NYT investigated for Wikileaks cables Message-ID: <2BA53CBE-2618-4D3F-A28F-306A30ADE55E@infowarrior.org> That's Joe for you -- always good for a crackpot soundbyte on something he knows nothing about. --- rick Joe Lieberman: New York Times Should Be Investigated For Publishing WikiLeaks Cables (VIDEO) The Huffington Post | Jack Mirkinson First Posted: 12- 7-10 02:20 PM | Updated: 12- 7-10 02:40 PM http://www.huffingtonpost.com/2010/12/07/lieberman-times-crime-wikileaks_n_793293.html Senator Joe Lieberman said that the New York Times may have committed a crime by accepting and publishing the State Department cables from WikiLeaks, and should be investigated for potential violations of the Espionage Act. Speaking on Fox News on Tuesday, Lieberman told anchor Jenna Lee that WikiLeaks and its leader, Julian Assange, had committed the biggest violation of the Espionage Act in American history. "Are other media outlets that have posted what WikiLeaks has put out there also culpable in this and could be charged with something?" Lee asked. Lieberman responded that the question raised sensitive issues, because "it gets into America's First Amendment." But he said that, since WikiLeaks had certainly violated the Espionage Act, it was a real question whether the Times had also done so by accepting it. "I'm not here to make a final judgment on that, but to me the New York Times has committed at least an act of bad citizenship," he said. "Whether they've committed a crime, I think there's very intensive inquiry by the Justice Department." From rforno at infowarrior.org Tue Dec 7 15:30:03 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 16:30:03 -0500 Subject: [Infowarrior] - Why Wikileaks polarizes America's Internet politics Message-ID: Why Wikileaks polarizes America's Internet politics by Milton Mueller on Tue 07 Dec 2010 03:06 PM EST | Permanent Link | ShareThis At IGP we pride ourselves on having a pretty good bead on internet governance issues, but we have to admit that the emergence of Wikileaks as a global governance issue took us by surprise. The internet has proven itself to be a source of political disruption in a way we did not anticipate. There have been strategic leaks of diplomatic information many times before. Often the practitioners are diplomats or other insiders in the political-military-diplomatic axis who use it as a form of policy influence. What makes this case different are the following things: < - > http://blog.internetgovernance.org/blog/_archives/2010/12/7/4698146.html From rforno at infowarrior.org Tue Dec 7 18:47:28 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 19:47:28 -0500 Subject: [Infowarrior] - UPS to require photo IDs for shipping packages Message-ID: UPS to require photo IDs for shipping packages ? Tue Dec 7, 11:25 am ET http://news.yahoo.com/s/ap/20101207/ap_on_bi_ge/us_ups_enhanced_security_2 NEW YORK ? UPS is now requiring photo identification from customers shipping packages at retail locations around the world, a month after explosives made it on to one of the company's planes. The Atlanta-based package courier said Tuesday the move is part of an ongoing review to enhance security. The directive will apply at The UPS Store, Mail Boxes Etc. locations and other authorized shipping outlets. UPS customer centers have required government-issued photo identification since 2005. In late October, a printer cartridge on a UPS cargo plane bound for Chicago was stopped in London after explosives were discovered. The package was later traced to a retail location in Yemen. The stepped-up security also comes as UPS prepares for its busiest shipping day of the year. United Parcel Service expects to deliver 430 million packages between Thanksgiving and Christmas, and 24 million packages alone on its busiest day, projected to be Dec. 22. That's up 60 percent from a normal day. "Since retail centers experience a significant increase in business from occasional shippers during the busy holidays, this enhancement adds a prudent step in our multi-layered approach to security," UPS Vice President of small business and retail marketing Dale Hayes said in a statement. Shares of UPS Inc. rose 66 cents to $72.35 in morning trading Tuesday after rising to a 52-week high of $72.42 earlier in the session. From rforno at infowarrior.org Tue Dec 7 18:56:40 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 19:56:40 -0500 Subject: [Infowarrior] - LOL - the neo-con response to Wikileaks Message-ID: <28A6DEB7-2931-44E1-B798-FFB39D3652F5@infowarrior.org> AEI's Marc Thiessen offers the neo-con approach to dealing with Wikileaks in today's WaPo: This little ditty from the end of the third paragraph should tell you everything you need to know about what he/they want to do: "Assange has threatened America with the cyber equivalent of thermonuclear war." ... and then this little bit: "If "one guy with a laptop" can shut down WikiLeaks even temporarily, imagine what the 1,100 cyber-warriors at U.S. Cyber Command could do." This guy just does not understand that which he is pontificating about. But it's not the first time he's done so in this context, either. Anyway, if you want to be sick, or giggle like a loon, read his entire rant, amusingly titled "You're either with us, or you're with WikiLeaks." Source - http://www.washingtonpost.com/wp-dyn/content/article/2010/12/06/AR2010120603074_pf.html From rforno at infowarrior.org Tue Dec 7 19:02:41 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 7 Dec 2010 20:02:41 -0500 Subject: [Infowarrior] - Ellsberg, Rowley, Wilkerson, et. al praise WikiLeaks Message-ID: Daniel Ellsberg praises WikiLeaks http://www.sfgate.com/cgi-bin/blogs/opinionshop/detail?entry_id=78596 By Daniel Ellsberg, Frank Grevil, Katharine Gun, David MacMichael, Ray McGovern, Craig Murray, Coleen Rowley and Larry Wilkerson WikiLeaks has teased the genie of transparency out of a very opaque bottle, and powerful forces in America, who thrive on secrecy, are trying desperately to stuff the genie back in. How far down the United States has slid can be seen, ironically enough, in a recent commentary in Pravda (that's right, Russia's Pravda): "What WikiLeaks has done is make people understand why so many Americans are politically apathetic ... After all, the evils committed by those in power can be suffocating, and the sense of powerlessness that erupts can be paralyzing, especially when ... government evildoers almost always get away with their crimes. ..." So shame on Barack Obama, Eric Holder, and all those who spew platitudes about integrity, justice and accountability while allowing war criminals and torturers to walk freely upon the earth. ... the American people should be outraged that their government has transformed a nation with a reputation for freedom, justice, tolerance and respect for human rights into a backwater that revels in its criminality, cover-ups, injustices and hypocrisies. Odd, isn't it, that it takes a Pravda commentator to drive home the point that the Obama administration is on the wrong side of history. Most of our own media are demanding that WikiLeaks leader Julian Assange be hunted down -- with some of the more bloodthirsty politicians calling for his murder. The corporate-and-government dominated media are apprehensive over the challenge that WikiLeaks presents. Perhaps deep down they know, as Dickens put it, "There is nothing so strong ... as the simple truth." As part of their attempt to blacken WikiLeaks and Julian Assange, pundit commentary over the weekend has tried to portray Assange's exposure of classified materials as very different from -- and far less laudable than -- what Daniel Ellsberg did in releasing the Pentagon Papers in 1971. Ellsberg strongly rejects the mantra "Pentagon Papers good; WikiLeaks material bad." "That's just a cover for people who don't want to admit that they oppose any and all exposure of even the most misguided, secretive foreign policy. The truth is that EVERY attack now made on WikiLeaks and Julian Assange was made against me and the release of the Pentagon Papers at the time." Motivation? WikiLeaks' reported source, Army Pvt. Bradley Manning, having watched Iraqi police abuses, and having read of similar and worse incidents in official messages, reportedly concluded, "I was actively involved in something that I was completely against." Rather than simply go with the flow, Manning wrote: "I want people to see the truth ... because without information you cannot make informed decisions as a public," adding that he hoped to provoke worldwide discussion, debates and reform. There is nothing to suggest that WikiLeaks/Assange's motives were any different. Granted, mothers are not the most impartial observers. Yet, given what we have seen of Assange's behavior, there was the ring of truth in Assange' mother's recent remarks in an interview with an Australian newspaper. She put it this way: "Living by what you believe in and standing up for something is a good thing. ... He sees what he is doing as a good thing in the world, fighting baddies, if you like." That may sound a bit quixotic, but Assange and his associates appear the opposite of benighted. Still, with the Pentagon PR man Geoff Morrell and even Holder making thinly disguised threats of extrajudicial steps, Assange may be in personal danger. The media: again, the media is key. No one has said it better than Monsignor (Oscar) Romero of El Salvador, who just before he was assassinated 25 years ago warned, "The corruption of the press is part of our sad reality, and it reveals the complicity of the oligarchy." Sadly, that is also true of the media situation in America today. The big question is not whether Americans can handle the truth. We believe they can. The challenge is to make the truth available to them in a straightforward way so they can draw their own conclusions -- an uphill battle given the dominance of the mainstream media, most of which have mounted a hateful campaign to discredit Assange and WikiLeaks. So far, the question of whether Americans can handle the truth has been an academic rather than an experience-based one, because Americans have had very little access to the truth. Now, however, with the WikiLeaks disclosures, they do. Indeed, the classified messages from the Army and the State Department released by WikiLeaks are, quite literally, "ground truth." How to inform American citizens? As a step in that direction, on Oct.23 we Sam Adams Associates for Integrity in Intelligence presented our annual award for integrity to Julian Assange. He accepted the honor "on behalf of our sources, without which WikiLeaks' contributions are of no significance." In presenting the award, we noted that many around the world are deeply indebted to truth-tellers like WikiLeaks and its sources. Daniel Ellsberg, Frank Grevil, Katharine Gun, David MacMichael, Ray McGovern, Craig Murray, Coleen Rowley and Larry Wilkerson are associated with Sam Adams Associates for Integrity in Intelligence. From rforno at infowarrior.org Wed Dec 8 11:00:57 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 8 Dec 2010 12:00:57 -0500 Subject: [Infowarrior] - Cyberattacks Are Retaliation for Pressure on WikiLeaks Message-ID: <60EE093B-A81F-4C1E-ACAD-3F7E43C69E10@infowarrior.org> December 8, 2010 Cyberattacks Are Retaliation for Pressure on WikiLeaks By RAVI SOMAIYA http://www.nytimes.com/2010/12/09/world/09wiki.html?hp=&pagewanted=print LONDON ? A broad campaign of cyberattacks appeared to be under way on Wednesday in support of the beleaguered antisecrecy organization WikiLeaks, which has drawn governmental criticism from around the globe for its release of classified American documents and whose founder, Julian Assange, is being held in Britain on accusations of rape. Attacks were reported on Mastercard.com, which stopped processing donations for WikiLeaks; on the lawyer representing the two Swedish women who have accused Mr. Assange of sexual improprieties; and on PostFinance, the Swiss postal system?s financial arm, which closed Mr. Assange?s account after saying he provided false information by saying that he resided in Switzerland. At least some of the attacks involved distributed denials of service, in which a site is bombarded by requests from a network of computers until it reaches capacity and, effectively, shuts down. It was unclear whether the various attacks were independently mounted, but suspicion was immediately focused on Anonymous, a leaderless group of activist hackers that had vowed to wreak revenge on any organization that lined up against WikiLeaks and that claimed responsibility for the Mastercard attack. The group, which gained notoriety for their cyberattacks on targets as diverse as the Church of Scientology and the rock musician Gene Simmons, released two manifestos over the weekend vowing revenge against enemies of WikiLeaks. ?We fight for the same reasons,? said one. ?We want transparency and we counter censorship.? The manifestos singled out companies like PayPal and Amazon, who had cut off service to WikiLeaks after the organization?s recent release of classified diplomatic documents from a cache of 250,000 it had obtained. In recent days, Gregg Housh, an activist who has worked on previous Anonymous campaigns, said that a core of 100 or so devout members of the group, supplemented by one or two extremely expert hackers, were likely to do most of the damage. Mr. Housh, who disavows any illegal activity himself, said the reason Anonymous had declared its campaign was amazingly simple. Anonymous believes that ?information should be free, and the Internet should be free,? he said, Mr. Assange was jailed in Britain on Tuesday after being denied bail in a London court hearing on a warrant for his extradition to Sweden to face accusations of sexual offenses. On the courthouse steps, his lawyer, Mark Stephens, told reporters that support shown for Mr. Assange and WikiLeaks so far was ?the tip of the iceberg.? In words that now seem prophetic, he added that the battle for WikiLeaks and its founder?s future was ?going to go viral.? From rforno at infowarrior.org Wed Dec 8 11:02:23 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 8 Dec 2010 12:02:23 -0500 Subject: [Infowarrior] - Australia Blames U.S. for Leaked Cables Message-ID: <2DD7DAF2-242C-4AF2-A345-BE95F96FDBC0@infowarrior.org> December 8, 2010 Australia Blames U.S. for Leaked Cables http://www.nytimes.com/reuters/2010/12/08/world/international-us-wikileaks-assange-australia.html By REUTERS Filed at 1:38 a.m. ET BRISBANE, Australia (Reuters) - The Australian government Wednesday blamed the United States, not the WikiLeaks founder, for the unauthorized release of about 250,000 secret U.S. diplomatic cables and said those who originally leaked the documents were legally liable. Foreign Minister Kevin Rudd also said the leaks raised questions over the "adequacy" of U.S. security over the cables. "Mr (Julian) Assange is not himself responsible for the unauthorized release of 250,000 documents from the U.S. diplomatic communications network," Rudd told Reuters in an interview. "The Americans are responsible for that," said Rudd, who had been described in one leaked U.S. cable as a "control freak." WikiLeaks founder Assange defended his Internet publishing site Wednesday, saying it was crucial to spreading democracy and likening himself to global media baron Rupert Murdoch in the quest to publish the truth. Assange has angered the United States and governments across the globe by publishing details of secret U.S. documents. The original source of the leak is unknown, though a U.S. Army private who worked as an intelligence analyst in Iraq, Bradley Manning, has been charged by military authorities with unauthorized downloading of more than 150,000 State Department cables. U.S. officials have declined to say whether those cables are the same ones now being released by WikiLeaks. ASSANGE IN UK CUSTODY Assange was remanded in custody by a British court on Tuesday over allegations of sex crimes in Sweden. "I think there are real questions to be asked about the adequacy of their (U.S.) security systems and the level of access that people have had to that material over a long period of time," said Rudd. "The core responsibility, and therefore legal liability, goes to those individuals responsible for that initial unauthorized release," he said. In an opinion piece in Murdoch's The Australian newspaper, headlined "Don't shoot the messenger for revealing uncomfortable truths," Assange said WikiLeaks deserved protection, not attacks. "In 1958 a young Rupert Murdoch, then owner and editor of Adelaide's The News, wrote: 'In the race between secrecy and truth, it seems inevitable that truth will always win'," wrote Assange. He cited the late Keith Murdoch, Rupert's father, who during World War One exposed the needless loss of Australian life at Gallipoli, where Australian troops under British command were slaughtered in a failed attack against the Turks. "Keith Murdoch would not be silenced and his efforts led to the termination of the disastrous Gallipoli campaign," Assange wrote. "Nearly a century later, WikiLeaks is also fearlessly publishing facts that need to be made public." Assange made no comment about his arrest in Britain after Sweden issued a European Arrest Warrant for sex crimes allegations. Assange, 39, denies the charges, and was remanded in jail until a fresh hearing on December 14. Assange, a 39-year-old Australian, referred to his upbringing in a small Australian country town, where people "spoke their minds bluntly" and distrusted big government. "WikiLeaks was created around these core values," he wrote. He said WikiLeaks was set up as a way of using new technology to report the truth and said not one person had been harmed by any information published over the past four years. "Democratic societies need a strong media and WikiLeaks is part of that media. The media helps keep government honest. WikiLeaks has revealed some hard truths about the Iraq and Afghan wars, and broken stories about corporate corruption," he wrote. Assange questioned why only WikiLeaks was under attack, when other media outlets like Britain's The Guardian, The New York Times and Germany's Der Spiegel had also published U.S. cables. "There is a separate and secondary legal question...which is the legal liabilities of those responsible for the dissemination of that information, whether it's WikiLeaks, whether it's Reuters, or whether it is anybody else," said Rudd. WikiLeaks has vowed to continue releasing details of the secret U.S. documents it obtained. Monday, Rudd defended Australia's relations with China as "robust" after a WikiLeaks document showed he had advised Washington it might need to use force to contain Beijing. Another cable said Rudd was a control freak focused on the media. Rudd said Wednesday Australia would provide Assange with consular help in relation to the court hearings in Britain over his possible extradition to Sweden. Assange's UK lawyer, Mark Stephens, has said a renewed bail application would be made and that his client is "fine." He said many people felt the prosecution was politically motivated. But a Swedish prosecutor was cited in newspaper Aftonbladet as saying the case was not connected with Assange's WikiLeaks work. The Australian foreign minister also expressed concerns over any threats made against Assange, who says he has even faced calls for his assassination. "We'd be concerned about the safety and security of all Australians. People should be free from any such threats," said Rudd. (Editing by Mchael Perry and Mark Bendeich) From rforno at infowarrior.org Wed Dec 8 18:46:39 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 8 Dec 2010 19:46:39 -0500 Subject: [Infowarrior] - Palin riding the WL victim train? Message-ID: Ummm yeah, I like their log "evidence" ---- rick Sarah Palin Claims Site Hacked, Credit Card Details Stolen, But Doubts Surface This Is Merely Attempt At Attention Whoring http://www.zerohedge.com/article/sarah-palin-claims-site-hacked-credit-card-details-stolen-doubts-surface-merely-attempt-atte Submitted by Tyler Durden on 12/08/2010 17:27 -0500 Operation Payback has supposedly taken its latest victim: Sarah Palin, who previously called for the execution of Assange, has had her site hacked, and her credit card details taken. Her take: "No wonder others are keeping silent about Assange's antics,? Palin emailed. ?This is what happens when you exercise the First Amendment and speak against his sick, un-American espionage efforts." Frankly, we very much doubt anyone, let alone a sophisticated hacker network, would bother with someone of Palin's "intellectual" capacity and significance, and would actively demand that she produce her serverlog (assuming she knows what this is) to confirm the fact, as many have already voice a suspicion this is just the latest attempt of the vice presidential candidate pathetically whoring for yet more media attention. From ABC: The website and personal credit card information of former Gov. Sarah Palin were cyber-attacked today by Wikileaks supporters, the 2008 GOP vice presidential candidate tells ABC News in an email. Hackers in London apparently affiliated with ?Operation Payback? ? a group of supporters of Julian Assange and Wikileaks ? have tried to shut down SarahPac and have disrupted Sarah and Todd Palin?s personal credit card accounts. ?No wonder others are keeping silent about Assange's antics,? Palin emailed. ?This is what happens when you exercise the First Amendment and speak against his sick, un-American espionage efforts.? Palin has criticized Wikileaks founder Assange, writing on Facebook that his ?past posting of classified documents revealed the identity of more than 100 Afghan sources to the Taliban. Why was he not pursued with the same urgency we pursue al-Qaeda and Taliban leaders?...Assange is not a 'journalist' any more than the 'editor' of al-Qaeda's new English-language magazine Inspire is a 'journalist.? He is an anti-American operative with blood on his hands." Added SarahPAC aide Rebecca Mansour, ?the governor voiced her opinion knowing full well that she was speaking out against a shady disreputable organization with no regard for laws or human life. This is how they operate. The world should not be intimidated by them." SarahPAC.com technical aides say that on their server log this morning it showed the attacks coming from a browser identified as wikileaks.org, though it has since spread to others entitled "anonymous." Mansour added that Wikileaks supporters claim to be ?in favor of free speech yet they attack Sarah Palin for exercising her free speech.? She said SarahPAC.com was not harmed because Palin?s staff was able to move quickly to protect the site. ....The attacks were coming from wikileaks.org??? Are these people seriously that bloody stupid? From rforno at infowarrior.org Wed Dec 8 19:05:34 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 8 Dec 2010 20:05:34 -0500 Subject: [Infowarrior] - LOIC DDOS tool Message-ID: <499CD351-51D0-4485-8177-DBEFC006DB04@infowarrior.org> (LOIC download page@ http://pastehtml.com/view/1c8i33u.html) What Is LOIC? http://gizmodo.com/5709630/what-is-loic LOIC ("Low Orbit Ion Cannon") is an application developed by 4Chan-affiliated hackers designed to?when used en masse by thousands of anonymous users?launch Distributed Denial of Service (DDoS) attacks on websites. Like Visa.com and Mastercard.com, for instance. It's a pushbutton application... The idea behind LOIC is that it can allow you to participate in attacks even if you've no clue how to hack. Just download a copy of LOIC (available for Windows, Mac, and Linux!), punch in the target information like a URL or an IP address and zap. ...that can be controlled by a central user... The Windows version of LOIC has a "Hivemind" feature that lets you point your copy at an Internet Relay Chat server, allowing someone else?say, the Anon Admins behind Operation Payback, the campaign that is currently striking out against Visa, Mastercard, and other financial organizations in retaliation for their decision to stop doing business with Wikileaks?to control at what site all connected LOIC clients are aimed. And because it takes thousands of LOICs all pointed at a single site to make a real impact, letting a central administrator press the big button of website destruction makes the whole network more effective. Giving hackers control of your computer by choice? Sounds dangerous. But because the LOIC client is open source, the chances that a virus or backdoor into a user's own system could be a hidden payload is minimal. ...to launch a flood of killer internet packets... LOIC basically turns your computer's network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server?garbage requests can easily ignored while legit requests for web pages are responded to as normal. But when thousands of users run LOIC at once, the wave of requests become overwhelming, often shutting a web server (or one of its connected machines, like a database server) down completely, or preventing legitimate requests from being answered. ...with little risk to the user. Because a DDoS knocks everything offline?at least when it works as intended?the log files that would normally record each incoming connection typically just don't work. And even if they do, many LOIC users claim that another user was on their network or that their machine was part of a bot net?a DDoS client delivered by virus that performs like a hivemind LOIC, minus the computer owner actually knowing they are participating. Send an email to Joel Johnson, the author of this post, at joel at gizmodo.com. From rforno at infowarrior.org Wed Dec 8 19:10:24 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 8 Dec 2010 20:10:24 -0500 Subject: [Infowarrior] - Never Let the Terrorists Know How We're Storing Road Salt Message-ID: <2AB216AE-465B-4C8D-A582-A34F1AE60011@infowarrior.org> Never Let the Terrorists Know How We're Storing Road Salt http://www.schneier.com/blog/archives/2010/12/never_let_the_t.html This seems not to be a joke: The American Civil Liberties Union has filed a lawsuit against the state after it refused to release the construction plans for a barn used to store road salt, on the basis that doing so would be a security risk. [...] Chiaffarano filed an OPRA request for the state's building plans, but was denied her request as the state cited a 2002 executive order by Gov. James McGreevey. The order, issued in the wake of the Sept. 11 terrorist attacks on the World Trade Center and the Pentagon, allows the state to decline the release of public records that would compromise the state's ability to "protect and defend the state and its citizens against acts of sabotage or terrorism." Lisa Ryan, spokeswoman for the Department of Community Affairs, declined to comment on the pending lawsuit. From rforno at infowarrior.org Wed Dec 8 19:41:27 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 8 Dec 2010 20:41:27 -0500 Subject: [Infowarrior] - Hackers Defend WikiLeaks, Testing Online Speech Message-ID: December 8, 2010 Hackers Defend WikiLeaks, Testing Online Speech By ASHLEE VANCE and MIGUEL HELFT http://www.nytimes.com/2010/12/09/technology/09net.html A hacking free-for-all has exploded on the Web, and Facebook and Twitter are stuck in the middle. On Wednesday, anonymous hackers took aim at companies perceived to have harmed WikiLeaks after its release of a flood of confidential diplomatic documents. MasterCard, Visa and PayPal, which had cut off people?s ability to donate money to WikiLeaks, were hit by attacks that tried to block access to the companies? Web sites and services. To organize their efforts, the hackers have turned to sites like Facebook and Twitter. That has drawn these Web giants into the fray and created a precarious situation for them. Both Facebook and Twitter ? but particularly Twitter ? have received praise in recent years as outlets for free speech. Governments trying to control the flow of information have found it difficult to block people from voicing their concerns or setting up meetings through the sites. At the same time, both Facebook and Twitter have corporate aspirations that hinge on their ability to serve as ad platforms for other companies. This leaves them with tough public relations and business decisions around how they should handle situations as politically charged as the WikiLeaks developments. Some internet experts say the situation highlights the complexities of free speech issues on the Internet, as grassroots Web companies evolve and take central control over what their users can make public. Clay Shirky, who studies the Internet and teaches at New York University, said that although the Web is the new public sphere, it is actually ?a corporate sphere that tolerates public speech.? Marcia Hofmann, a lawyer at the Electronic Frontier Foundation, said, ?Any Internet user who cares about free speech or has a controversial or unpopular message should be concerned about the fact that intermediaries might not let them express it.? She added, ?Your free speech rights are only as strong as the weakest intermediary.? The problem came into relief on Wednesday, when a group calling itself Operation Payback spent much of the day posting notes on Facebook and Twitter that told followers which companies to single out and that documented hacking successes. But Facebook banned one of the group?s pages, saying that organizing attacks like that violated its terms of use. The group went to Twitter to complain. A Facebook spokesman issued a statement saying that the company was ?sensitive to content that includes pornography, bullying, hate speech, and threats of violence? and would ?take action on content that we find or that?s reported to us that promotes unlawful activity.? In an interview Wednesday morning, Joe Sullivan, Facebook?s chief security officer, addressed WikiLeaks?s own presence on the site. He said the company had not received any official requests to disable pages or accounts associated with the WikiLeaks organization. The company decided on its own to ban the Operation Payback page. He added that Facebook generally resists requests by governments or advocacy groups to take down material if that material is not illegal or does not violate Facebook?s terms of service, which prohibit attacks on individuals or incitements to violence. ?Facebook is a place where people come to talk about all sorts of things, including controversial topics,? Mr. Sullivan said. Twitter allowed the Operation Payback account to stay active most of Wednesday. But the group?s account was disabled late in the day, after it posted a link to a file that provided thousands of consumer credit card numbers, according to a person with direct knowledge of the situation. A Twitter spokesman declined to discuss the details of the situation. ?We don?t comment about the specific actions we take around user accounts,? he said. The company is not overly concerned about hackers? attacking Twitter?s site, he said, explaining that it faces security issues all the time and has technology to deal with the situation. Twitter is in a particularly delicate situation because its founders have celebrated their service?s role in political protest and free speech. They have not been shy about trying to capitalize on the good will engendered by playing that role. WikiLeaks?s own Twitter account remains active, and it is the group?s main channel for reaching supporters and the media. Last week, Amazon.com fell into a similar position when it decided to stop storing files for WikiLeaks. Advocates of WikiLeaks complained that Amazon.com was bowing to political pressure to cut the organization from its Web services. An Amazon.com spokesman said the company was simply banning an organization that had violated its terms of service by trying to distribute documents it did not own. The last week has given rise to a hacking war in which groups have blocked access to WikiLeaks?s Web sites by bombarding them with requests. Some hackers have claimed to attack WikiLeaks on patriotic grounds. And now the WikiLeaks supporters have responded in kind, flying the freedom of speech banner as the motivation for their actions. Claire Cain Miller contributed reporting. From rforno at infowarrior.org Thu Dec 9 08:17:00 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 9 Dec 2010 09:17:00 -0500 Subject: [Infowarrior] - Schneier on Wikileaks Message-ID: <84F4B028-9C40-4837-8AA7-828EE9A98FED@infowarrior.org> Schneier on Security http://www.schneier.com/blog/archives/2010/12/wikileaks_1.html December 9, 2010 WikiLeaks I don't have a lot to say about WikiLeaks, but I do want to make a few points. 1. Encryption isn't the issue here. Of course the cables were encrypted, for transmission. Then they were received and decrypted, and -- so it seems -- put into an archive on SIPRNet, where lots of people had access to them. 2. Secrets are only as secure as the least trusted person who knows them. The more people who know a secret, the more likely it is to be made public. 3. I'm not surprised that these cables were available to so many people. We know that access control is hard, and that it's impossible to know beforehand what information someone will need to do their job. What is surprising is that there wasn't any audit logs kept about who accessed all these cables. That seems like a no-brainer. 4. This has little to do with WikiLeaks. WikiLeaks is just a website. The real story is that "least trusted person" who decided to violate his security clearance and make these cables public. In the 1970s he would have mailed them to a newspaper. Today he uses WikiLeaks. Tomorrow he will have his choice of a dozen similar websites. If WikiLeaks didn't exist, he could have put them up on BitTorrent. 5. I think the government is learning what the music and movie industries were forced to learn years ago: it's easy to copy and distribute digital files. That's what's different between the 1970s and today. Amassing and releasing that many documents was hard in the paper and photocopier era; it's trivial in the Internet era. And just as the music and movie industries are going to have to change their business models for the Internet era, governments are going to have to change their secrecy models. I don't know what those new models will be, but they will be different. From rforno at infowarrior.org Thu Dec 9 09:42:30 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 9 Dec 2010 10:42:30 -0500 Subject: [Infowarrior] - Roundup: Anonymous hackers' Wikileaks 'infowar' Message-ID: Original URL: http://www.theregister.co.uk/2010/12/09/operation_payback_anonymous_wikileaks_infowar_latest/ Anonymous hackers' Wikileaks 'infowar' LATEST ROUNDUP DDoS bombardment spreads: Op Payback to spare Twitter By Lewis Page Posted in Government, 9th December 2010 14:08 GMT http://www.theregister.co.uk/2010/12/09/operation_payback_anonymous_wikileaks_infowar_latest/print.html Online "warfare" between the friends and enemies of Wikileaks continues, with an increasing number of organisations involved. The hacktivist collective Anonymous, operating under the banner Operation:Payback, has continued to mount various types of hacking attacks including DDoS strikes ? supplemented by the use of illegal botnets ? against targets assessed as being anti-Wikileaks. The anarchic hacker group has itself been subject to online interference from still-shadowier adversaries, perhaps self-styled American "patriots" who consider that Wikileaks' ongoing public drip-feed of classified US files allegedly passed to it by US soldier Bradley Manning (now in military custody) must be suppressed. Payment organisations such as MasterCard, Visa and PayPal are being consistently hit by Operation:Payback, with ongoing website outages and some interference with payment operations reported by multiple sources. Anonymous members are angry with the payment firms for refusing to process contributions to Wikileaks, which can be presumed to be hurting Assange's organisation as Wikileaks' Icelandic payment processor is now threatening legal action against MasterCard and Visa. Apart from the money movers, Anonymous has also attacked US Senator Joe Lieberman's official government site, causing outages, and that of erstwhile vice-presidential candidate Sarah Palin ? in both cases for making public statements critical of Wikileaks or its spokesman Julian Assange. There are also suggestions that as the online "infowar" escalates, outside observers are being targeted by one side or the other. A blog [1] run by security firm Panda Labs, which has followed the DDoS battle closely and is one of the best sources of information, has itself come under DDoS attack - though it's not clear from which side. Similarly there has been much discussion among the anarchic Anonymous collective on attacking Twitter ? it being suggested that Twitter has purposely prevented the "infowar" becoming a trending topic under various tags. Meanwhile the @anon_operation Twitter account purporting to be a channel for Anonymous announcements has been suspended [2]: but there is now a new one [3], Op_Payback. (Various media have quoted an individual using the alias "Coldblood" as an Anonymous spokesman, and it's entirely possible that this person is participating in the Op Payback effort, but Anonymous purists despise the use of individual handles in public ? we're told that the term among the inner circle for one indulging in such antics is "namefag"*). Anonymous will spare the 'Twitosphere' Our sources*, however, suggest that the Anonymous consensus does not favour attacking Twitter. We're told: Many news outlets reporting Twitter as potential target, this is not the case and never will be. There were some poorly informed calls to target the Twitosphere yesterday but we got their facts straight. Anonymous also insists that it is on top in the online fight: Your claim that this is somehow a two sided fight with patriotic dos-ers is flawed, counter-attacks have been minimal in effectiveness. Panda Labs' analyst begs to differ, stating that anonops.net ? the internet headquarters of Operation:Payback ? has suffered many outages, though mostly brief in duration. As this piece is written, the hacktivist portal was showing 504 gateway time-out errors from London. Panda Labs has had little success in identifying who could be behind the DDoSing of Op Payback, but it is presumably a subset of those who have been mounting attacks against Wikileaks itself for some time. Enter the contras These possible contra-hacktivista "patriots" seem to be even less publicly chatty or identifiable than Anonymous, so far lacking even a visible badge or slogan, though they have apparently taken to using bots to flood the Anonymous chatrooms with jabber ("You have failed your people", "Cooperation is worthless" etc). Panda Labs has managed to identify how Operation:Payback's apparently limited resources ? the LOIC Hivemind volunteer botnet typically has only a few hundred machines attached ? achieve their results. Some members of Anonymous are apparently muscling up the collective's DDoS using illegal, non-voluntary botnets they have created by infecting other people's machines with malware. The security analysts have an interview with one such cowboy, who is herding a claimed 1,300-machine botnet, who added that a friend of his also contributes a 30,000-strong zombie herd. This individual said he had built up his net by distributing malware via torrents, and that thus far he had not profited personally from it ? but that he intended to make money from botnets in future. He (we're guessing probably he, but we don't know) claimed to be 19 years old. The online battles have focused principally on Wikileaks and its spokesman Assange (now jailed in London facing an extradition request from Sweden, which wants to speak to him in connection with alleged sexual offences against two women). However it isn't always remembered that in fact the principal actor against US government secrecy was not Wikileaks but Bradley Manning, the American soldier who allegedly supplied almost all Wikileaks' interesting information. The channel Manning allegedly chose to use to distribute his vast caches of information lifted from the US government's classified networks is, in fact, relatively unimportant. He might have chosen simply to place it all on a server himself: suitable advertising in the right fora would probably have ensured that it would soon be downloaded and mirrored way beyond the US authorities' ability to suppress. Alternatively he might have chosen an established channel such as Cryptome. Instead, the rogue army private allegedly chose Wikileaks, which has propelled the organisation and Assange to global fame ? while Manning has become almost forgotten by everyone except the US military police. But not entirely: the city council of Berkeley in California is to vote next Tuesday on a resolution which would declare him a hero and call for his release, the AP reports. Councillor Bob Meola, who drafted the resolution, told [4] the San Francisco Chronicle that Manning is a patriot and deserves a medal. ? Bootnotes *Needless to say our source on this and other such matters remains Anonymous. Apparently your correspondent's flagging-up [5] of a spelling mistake by this individual is, perhaps fairly, regarded as a low blow ? it was the only typo in the email, putting the missive well up in the top bracket of those we've received from more or less any source. We are also asked whether el Reg has a strong editorial policy "against this [Anonymous] movement". As to the rights and wrongs of the matter the Reg takes no stance - but as a news outfit we have to admit that we're quite pleased to have such a splendid and colourful online scrap to report on. Register management, having witnessed the disasters befalling other online organisations which have angered Anonymous, would like to point out that Lewis Page is an unimportant, low-paid employee who is in no way representative of the Reg as a whole. Only a certain misguided sympathy for his cripplingly expensive alcoholism and many other personal problems has led to his continued employment, and they would ask that this charitable impulse not be punished too harshly. Links ? http://pandalabs.pandasecurity.com/tis-the-season-of-ddos-wikileaks-editio/ ? http://twitter.com/Anon_Operation/status/12447755402215424 ? http://twitter.com/Op_Payback/status/12811210932097024 ? http://news.yahoo.com/s/ap/20101208/ap_on_re_us/us_wikileaks_berkeley ? http://www.theregister.co.uk/2010/12/08/wikileaks_assange_ddos_dustup/ From rforno at infowarrior.org Thu Dec 9 09:52:07 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 9 Dec 2010 10:52:07 -0500 Subject: [Infowarrior] - =?windows-1252?q?Against_Amazon=92s_TOS=2C_But_Fo?= =?windows-1252?q?r_Sale_In_The_Kindle_Store?= Message-ID: WikiLeaks Against Amazon?s TOS, But For Sale In The Kindle Store Alexia Tsotsis http://techcrunch.com/2010/12/09/wikileaks-against-amazons-tos-but-for-sale-in-the-kindle-store/ Oh Amazon. Amazon Web Services stopped hosting the WikiLeaks Cables last week citing that the content was against its Terms of Service. As first reported on The Next Web, at least one appreciator of irony has now uploaded them to the Kindle store, and you can now buy the otherwise free cables in Amazon Books under the title ?WikiLeaks documents expose US foreign policy conspiracies. All cables with tags from 1- 5000.? From the Amazon blog regarding pulling WikiLeaks from AWS: ?For example, our terms of service state that ?you represent and warrant that you own or otherwise control all of the rights to the content? that use of the content you supply does not violate this policy and will not cause injury to any person or entity.? It?s clear that WikiLeaks doesn?t own or otherwise control all the rights to this classified content.? This is about to get really interesting, as Amazon is now profiting off of content that it has very publicly stated was against its TOS. Also this is the second Kindle books issue in the past couple of months, as Amazon recently came under controversy for the polarizing ?A Pedophile?s Guide,? which eventually got pulled down because of a 10,000 strong Facebook group and mass customer concern. Judging by some of the comments on the Kindle store page, customers are also not happy with the seeming hypocrisy of allowing the sale of the eBook. Stay tuned for how this will play out. From rforno at infowarrior.org Thu Dec 9 11:24:38 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 9 Dec 2010 12:24:38 -0500 Subject: [Infowarrior] - Cyber-Thiessen, Part 2 Message-ID: To my knowledge, Mark Thiessen is a political hack who has never served one day in an operational IT or cybersecurity role (let alone as an academic or career cyber SME), which should tell you something about his level of knowledge in pontificating about this sort of stuff. He also works at AEI, which also should tell you something about his perspective. (http://www.aei.org/scholar/100066) WikiLeaks: The worm turns http://voices.washingtonpost.com/postpartisan/2010/12/wikileaks_the_worm_turns.html ZMGWEREALLGONNADIE!!!!!! --- rick From rforno at infowarrior.org Thu Dec 9 12:13:09 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 9 Dec 2010 13:13:09 -0500 Subject: [Infowarrior] - Hacker Threatens More Attacks on WikiLeaks Foes Message-ID: December 9, 2010 Hacker Threatens More Attacks on WikiLeaks Foes By JOHN F. BURNS and RAVI SOMAIYA http://www.nytimes.com/2010/12/10/world/10wiki.html?_r=1&hp=&pagewanted=print LONDON ? In a campaign that had some declaring the start of a ?cyberwar,? hundreds of Internet activists mounted retaliatory attacks on the Web sites of multinational companies and other organizations they deemed hostile to the WikiLeaks antisecrecy organization and its jailed founder, Julian Assange. Within 12 hours of a British judge?s decision to deny Mr. Assange bail in a Swedish extradition case, attacks on the Web sites of WikiLeaks?s ?enemies,? as defined by the organization?s impassioned supporters around the world, caused several corporate Web sites to become inaccessible or slow down markedly on Wednesday. Targets of the attacks, in which activists overwhelmed the sites with traffic, included the Web site of MasterCard, which had stopped processing donations for WikiLeaks; Amazon.com, which revoked the use of its computer servers; and PayPal, which stopped accepting donations for Mr. Assange?s group. Visa.com was also affected by the attacks, as were the Web sites of the Swedish prosecutor?s office and the lawyer representing the two women whose allegations of sexual misconduct are the basis of Sweden?s extradition bid. On Thursday, Gregg Housh, an activist with the loosely affiliated group of so-called hacktivists, said the group was redoubling its efforts to bring down PayPal, which is better protected than some other sites. PayPal, an online payment service company, said the attacks had slowed its Web site ?but have not significantly impacted payments.? No other major Web sites appeared to be suffering disruptions in service early Thursday, however, suggesting that the economic impact of the attacks was limited. The Internet assaults underlined the growing reach of self-described ?cyberanarchists,? antigovernment and anticorporate activists who have made an icon of Mr. Assange, a 39-year-old Australian. The speed and range of the attacks Wednesday appeared to show the resilience of the backing among computer activists for Mr. Assange, who has appeared increasingly isolated in recent months amid the furor stoked by WikiLeaks?s posting of hundreds of thousands of secret Pentagon documents on the wars in Afghanistan and Iraq. Mr. Assange has come under renewed attack in the past two weeks for posting the first tranche of a trove of 250,000 secret State Department cables that have exposed American diplomats? frank assessments of relations with many countries, forcing Secretary of State Hillary Rodham Clinton to express regret to world leaders and raising fears that they and other sources would become more reticent. The New York Times and four other news organizations last week began publishing articles based on the archive of cables made available to them. In recent months, some of Mr. Assange?s closest associates in WikiLeaks abandoned him, calling him autocratic and capricious and accusing him of reneging on WikiLeaks?s original pledge of impartiality to launch a concerted attack on the United States. He has been simultaneously fighting a remote battle with the Swedish prosecutors, who have sought his extradition for questioning on accusations of ?rape, sexual molestation and forceful coercion? made by the Swedish women. Mr. Assange has denied any wrongdoing in the cases. American officials have repeatedly said that they are reviewing possible criminal charges against Mr. Assange, a step that could lead to a bid to extradite him to the United States and confront him with having to fight for his freedom on two fronts. The cyberattacks in Mr. Assange?s defense appear to have been coordinated by Anonymous, a loosely affiliated group of activist computer hackers who have singled out other groups before, including the Church of Scientology. Last weekend, members of Anonymous vowed in two online manifestos to take revenge on any organization that lined up against WikiLeaks. Anonymous claimed responsibility for the MasterCard attack in Web messages and, according to Mr. Housh, the activist associated with the group, conducted waves of attacks on other companies during the day. The group said the actions were part of an effort called Operation Payback, which began as a way of punishing companies that tried to stop Internet file-sharing and movie downloads. Mr. Housh, who disavows a personal role in any illegal online activity, said that 1,500 supporters had been in online forums and chat rooms organizing the mass ?denial of service? attacks. His account was confirmed by Jose Nazario, a senior security researcher at Arbor Networks, a Chelmsford, Mass., firm that tracks malicious activity on computer networks. Most of the corporations whose sites were targeted did not explain why they severed ties with WikiLeaks. But PayPal issued statements saying its decision was based on ?a violation? of its policy on promoting illegal activities. The sense of an Internet war was reinforced Wednesday when netcraft, a British Internet monitoring firm, reported that the Web site being used by the hackers to distribute denial-of-service software had been suspended by a Dutch hosting firm, Leaseweb. A sense of the belligerent mood among activists was given when one contributor to a forum the group uses, WhyWeProtest.net, wrote of the attacks: ?The war is on. And everyone ought to spend some time thinking about it, discussing it with others, preparing yourselves so you know how to act if something compels you to make a decision. Be very careful not to err on the side of inaction.? Mr. Housh acknowledged that there had been online talk among the hackers of a possible Internet campaign against the two women who have been Mr. Assange?s accusers in the Swedish case, but he said that ?a lot of people don?t want to be involved.? A Web search showed new blog posts in recent days in which the two women, identified by the Swedish prosecutors only as Ms. A. and Ms. W., were named, but it was not clear whether there was any link to Anonymous. The women have said that consensual sexual encounters with Mr. Assange became nonconsensual when he stopped using condoms. The cyberattacks on corporations Wednesday were seen by many supporters as a counterstrike against the United States. Mr. Assange?s online supporters have widely condemned the Obama administration as the unseen hand coordinating efforts to choke off WikiLeaks by denying it financing and suppressing its network of computer servers. Mr. Housh described Mr. Assange in an interview as ?a political prisoner,? a common view among WikiLeaks supporters who have joined Mr. Assange in condemning the sexual abuse accusations as part of an American-inspired ?smear campaign.? Another activist used the analogy of the civil rights struggle for the cyberattacks. ?Are they disrupting business?? a contributor using the name Moryath wrote in a comment on the slashdot.org technology Web site. ?Perhaps, but no worse than the lunch counter sit-ins did.? John Markoff and Ashlee Vance contributed reporting from San Francisco, and Alan Cowell from Paris. From rforno at infowarrior.org Thu Dec 9 12:52:54 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 9 Dec 2010 13:52:54 -0500 Subject: [Infowarrior] - Wait...that's classified? Message-ID: US, Canada are close allies. That's classified? By MATT APUZZO, Associated Press Matt Apuzzo, Associated Press ? Thu Dec 9, 6:27 am ET http://news.yahoo.com/s/ap/20101209/ap_on_re_us/wikileaks_that_s_classified WASHINGTON ? Wanna hear a secret? The U.S. and Canada are probably going to remain friends. And the conservative and liberal party leaders in England? They don't like each other. But keep that under wraps. The U.S. doesn't want that sort of sensitive information getting out for a decade or so. While the recent leak of government documents onto the website WikiLeaks has revealed government secrets on such topics as Iran, North Korea and Yemen, the disclosure also unmasked another closely guarded fact: Much of what the government says is classified isn't much of a secret at all. Sometimes, classified documents contained little more than summaries of press reports. Political banter was treated as confidential government intelligence. Information that's available to anyone with an Internet connection was ordered held under wraps for years. Days after President Barack Obama's inauguration, the White House received a classified message from the U.S. Embassy in Ottawa. It was a primer for the president's upcoming trip to Canada and it included this sensitive bit of information, marked confidential: "No matter which political party forms the Canadian government during your Administration, Canada will remain one of our staunchest and most like-minded of allies, our largest trading and energy partner, and our most reliable neighbor and friend." The document could not be made public until 2019, for national security reasons. Such non-secrets have a cost. The more stuff the government classifies, the more money it takes to keep it all concealed. The government spent at least $9 billion keeping classified information under wraps last year, and that doesn't include the CIA, Defense Intelligence Agency and others that keep their spending on classified information classified. Most Americans can do little but take it on faith that those secrets are actually worth keeping. And advocates for open government say that when too much is classified, it makes it harder for the government to cry foul when legitimate secrets are leaked. "The problem is, we've got a system that keeps way too much that is secret, and as a result we can't protect the real secrets nearly as well," said Thomas Blanton, the director of the National Security Archives, a private research institute at George Washington University. "And the stuff we really need to know is buried under a mass of trivia." State Department spokesman P.J. Crowley would not discuss specific cables such as the one discussing Canada's friendship. But generally, he said, "I haven't seen any strong evidence there's an abuse of the classification system in the cables I've seen." The U.S. can classify documents if they "could reasonably be expected to cause identifiable or describable damage to the national security." In March 2009, U.S. officials in England attended the spring political conference of the Liberal Democrats. The event was widely covered in the British media, but the U.S. Embassy's summary, a combination of speech excerpts and hallway chatter, was labeled classified. Among the revelations: Liberal Democratic leader Nick Clegg and Conservative David Cameron "don't get along." Besides being politically obvious, this tidbit was available at any newsstand in England. The British press has reported that Clegg dubbed Cameron "the con man of British politics." Cameron dismissed Clegg as a "joke" and privately called him "Calamity Clegg." Information sometimes is classified to protect a source, even when that source has said all the same things publicly. In September 2009, British Treasury chief Alistair Darling warned the U.S. Embassy in London of political backlash if banks handed out huge bonuses. On the economy, Darling "remained cautious, but expected a return to growth by the end of the year," a diplomatic message said. Weeks earlier, Darling told the Guardian newspaper the same thing. He was cautiously optimistic about the economy, he said, and expected growth "round the turn of the year." And as one of the government's leading critics of bank bonuses, Darling's opposition to them was hardly a state secret. By comparison, this would be like the British Embassy in Washington sending a classified note to London this week saying Republican Rep. John Boehner wanted tax cuts or Obama wanted to repeal the "don't ask, don't tell" policy on gays in the military. Sometimes, U.S. diplomats conducted no interviews and the classified messages appeared to be simply rehashed media reports. In October 2009, the U.S. Embassy in Moscow sent Washington a message titled "Is Stalin's Ghost a Threat to Academic Freedom?" It described government efforts to recast Soviet dictator Josef Stalin's place in history. The details in the cable had been widely covered in the media, including an Agence France-Presse story that ran just days earlier under the headline "Russian historians fear crackdown on sensitive research." Even the term "Stalin's ghost" was used in news stories leading up to the diplomatic cable, which was marked classified until 2019. In a few instances, diplomats classified information lifted directly from the news. After the failed assassination of Saudi Arabia's assistant interior minister, the U.S. Embassy in Riyadh sent a message to Washington that included these classified sentences: "According to today's edition of `Okaz,' the suspect managed to make his way from Yemen into Saudi Arabia some weeks ago, and finally rented a furnished apartment in Jeddah," the cable said. "We anticipate that such reports will inevitably spur some introspection into how well the security services are patrolling the Asir region." A summary of a political speech in the U.K.? Classified. The consensus from leading sociologists that Russia missed an opportunity to invest in the middle class? Classified. A diplomatic report saying Brazil is a strong democracy and a U.S. ally on foreign policy? Classified. Sometimes, a document is classified even if it has no classified information in it. In January, the State Department asked the U.S. Embassy in Ankara, Turkey, for information on a reported plot to assassinate Deputy Prime Minister Bulent Arinc. Every paragraph was marked unclassified. The document was classified. From rforno at infowarrior.org Thu Dec 9 21:04:55 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 9 Dec 2010 22:04:55 -0500 Subject: [Infowarrior] - First Wikileaks, now OpenLeaks? Message-ID: <2278EEF3-BC3A-48AE-BA61-2894A922F8CF@infowarrior.org> ?A new WikiLeaks? revolts against Assange Uppdaterat 2010-12-09 22:17. Publicerat 2010-12-09 22:16 http://www.dn.se/nyheter/varlden/a-new-wikileaks-revolts-against-assange-1.1224764 The pressure on WikiLeaks is increasing. DN.se reveals that several key figures behind the website that publishes anonymous submissions and leaks of sensitive governmental, corporate, organizational or religious documents have resigned in protest against the controversial leader Julian Assange only to launch a new service for the so-called whistleblowers. The goal: to leak sensitive information to the public. The new project, ?Openleaks,? has been under way for some time and will be launched Monday. DN.se has spoken to individuals behind the new site and the message is clear. ?Our long term goal is to build a strong, transparent platform to support whistleblowers--both in terms of technology and politics--while at the same time encouraging others to start similar projects,? says a colleague wishing to remain anonymous. Annons: ?As a short-term goal, this is about completing the technical infrastructure and ensuring that the organization continues to be democratically governed by all its members, rather than limited to one group or individual.? The news comes in turbulent times for WikiLeaks. Thousands of documents infuriating global leaders and policy-makers have been unveiled to the public via Cablegate. Meanwhile, Julian Assange has been arrested in Great Britain on suspected rape charges based in Sweden. News about WikiLeaks has been over-shadowed by Assange's personal problems. Earlier this year, WikiLeaks experienced accessibility issues. According to information revealed to DN.se, the problem was not linked to outsiders trying to sabotage, but came from the inside as a signal to Julian Assange to step down. The colleagues were dissatisfied with the operation's association with Assange's personal problems and how he used the organization in his explanation of the criminal charges. It is the top-down management style which is under critique. On the other hand, the DN.se source emphasizes the fact that the new website is supportive of WikiLeaks purpose and goal. ?The two organizations are similar in that aspect that both are focusing on providing means for whistleblowers to anonymously provide the public with information,? one insider says. Unlike WikiLeaks, Openleaks will not receive and publish information directly for the public eye. Instead, other organizations will access the Openleaks system and in turn, present their audience with the material. Documents will be processed and published by various collaborating organizations. ?We intend to split the work in a way where we handle only the anonymity and receiving end of the information,? says another colleague. According to the internal documents shared with DN.se, Openleaks intends to establish itself as a neutral intermediary ?without a political agenda except from the dissemination of information to the media, the public, non-profit organizations, trade- and union organizations and other participating groups.? ?All editorial control and responsibility rests with the publishing organization. We will, as far as possible, take the role of the messenger between the whistleblower and the organization the whistleblower is trying to cooperate with,? says one anonymous informant. Another intended consequence is to avoid the pressure from world leaders that WikiLeaks has experienced. ?As a result of our intention not to publish any document directly and in our own name, we do not expect to experience the kind of political pressure which WikiLeaks is under at this time. In that aspect, it is quite interesting to see how little of politicians' anger seems directed at the newspapers using WikiLeaks sources.? Translation: Majsan Bostr?m. Ossi Carp ossi.carp at dn.se From rforno at infowarrior.org Fri Dec 10 05:43:44 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 06:43:44 -0500 Subject: [Infowarrior] - OT: Major new WL disclosure Message-ID: (thx to SM) Like, wow. http://www.ding.net/wikileaks/234867.txt * runs * From rforno at infowarrior.org Fri Dec 10 09:01:01 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 10:01:01 -0500 Subject: [Infowarrior] - 2600 Magazine condemns WL-related DDOS attacks Message-ID: <8670004D-9CEC-479D-ACC6-AD07D73BB750@infowarrior.org> PRESS RELEASE - 2600 MAGAZINE CONDEMNS DENIAL OF SERVICE ATTACKS Posted 10 Dec 2010 04:45:38 UTC PRESS RELEASE http://www.2600.com/news/view/article/12037 HACKER MAGAZINE CONDEMNS DENIAL OF SERVICE ATTACKS New York, NY, December 10, 2010 - 2600 Magazine, a quarterly journal for the hacker community that has published since 1984, is speaking out against numerous media reports that hackers are responsible for a spate of attacks on numerous e-commerce corporations as part of the ongoing Wikileaks controversy. Denial of service attacks against PayPal, Amazon, Visa, Mastercard, and other corporations and entities have been underway for the last few days, as widely reported in the mainstream media. Each of these targets had previously taken some sort of action against the whistleblower website wikileaks.org and its affiliates. The media reports almost invariably refer to "hackers" as being behind these actions. While there is great sympathy in the hacker world for what Wikileaks is doing, this type of activity is no better than the strong-arm tactics we are fighting against. These attacks, in addition to being a misguided effort that doesn't accomplish very much at all, are incredibly simple to launch and require no technical or hacker skills. While writing such programs requires a good degree of ingenuity and knowledge of security weaknesses, this doesn't mean that everyone who runs them possesses the same degree of proficiency, nor should we necessarily believe people who claim to be doing this on behalf of the hacker community. What the above named corporations have done to Wikileaks is inexcusable and constitutes a different sort of denial of service attack, one that is designed to eliminate an organization, an individual, or an idea. We find it inexplicable that donations can easily be made to hate groups and all sorts of convicted criminals through these same services, yet somehow a website that publishes leaked information - and which has never been charged or convicted of a crime - is considered unacceptable. We believe it's not the place of credit card companies or banks to judge the morality or potential threat level of anyone, let alone those who are following in the long tradition of journalists and free speech advocates worldwide. The assault on Wikileaks must not be overshadowed by the recent denial of service attacks and these certainly must not be allowed to be associated with the hacker community. This will play right into the hands of those who wish to paint us all as threats and clamp down on freedom of speech and impose all kinds of new restrictions on the Internet, not to mention the fact that the exact same types of attacks can be used on "us" as well as "them." (Interestingly, it was only a week ago that "hackers" were blamed for denial of service attacks on Wikileaks itself. That tactic was ineffectual then as well.) Most importantly, these attacks are turning attention away from what is going on with Wikileaks. This fight is not about a bunch of people attacking websites, yet that is what is in the headlines now. It certainly does not help Wikileaks to be associated with such immature and boorish activities any more than it helps the hacker community. From what we have been hearing over the past 24 hours, this is a viewpoint shared by a great many of us. By uniting our voices, speaking out against this sort of action, and correcting every media account we see and hear that associates hackers with these attacks, we stand a good chance of educating the public, rather than enflaming their fears and assumptions. There are a number of positive steps people - both inside and outside of the hacker community - can take to support Wikileaks and help spread information. Boycotts of companies that are trying to shut Wikileaks down can be very effective and will not win them any sympathy, as the current attacks on their websites are unfortunately doing. Mirroring Wikileaks is another excellent method of keeping the flow of information free. Communicating with friends, family, classes, workplaces, etc. is not only a way of getting the word out, but will also help to sharpen your skills in standing up for what you believe in. This is never accomplished when all one tries to do is silence one's opponent. That has not been, and never should be, the hacker way of dealing with a problem. 2600 Magazine has been publishing news, tutorials, and commentary by, about, and for the hacker community since 1984. We were sued in 2000 by the Motion Picture Association of America for linking to a website containing source code enabling Linux machines to play DVDs and thus became the first test case of the Digital Millennium Copyright Act. In a similar vein, we are supporting Wikileaks by linking to their existing website through wikileaks.2600.com. We've already changed where this address points to twice as Wikileaks sites have been taken down, and will continue to ensure that this link always manages to get to wherever Wikileaks happens to be. We hope people follow that link and support the existence of Wikileaks through whatever method is being publicized on their site. ### CONTACT: 2600 MAGAZINE: THE HACKER QUARTERLY webmaster at 2600.com Emmanuel Goldstein, Editor Emmanuel at goldste.in www.2600.com +1 631 751 2600 From rforno at infowarrior.org Fri Dec 10 09:10:16 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 10:10:16 -0500 Subject: [Infowarrior] - =?windows-1252?q?LOIC_DDOS_comes_to_the_slab_=96_?= =?windows-1252?q?or_any_browser?= Message-ID: Join in the Wikileaks DDoS war from your iPhone or iPad Low Orbit Ion Cannon comes to the slab ? or any browser By Lewis Page ? Get more from this author Posted in Enterprise Security, 10th December 2010 13:41 GMT http://www.theregister.co.uk/2010/12/10/loic_for_iphone/ The online "infowar" precipitated by the media circus surrounding Wikileaks and Julian Assange continues, with DDoS attacks occurring against a bewildering variety of websites assessed as having either aided or failed to aid the leak-publisher ? or often merely for commenting on the brouhaha. Meanwhile, interest has focused on the methods used to mount the DDoS attacks. It appears that in general most of the muscle is coming from botnets of the usual sort: ones made up of zombie machines infected with malware using the same methods as ordinary online criminals and spammers (and just as illegal). However, some of the battling communities ? for instance the loosely organised hacktivist collective Anonymous, aligned in support of Assange and Wikileaks ? also use collaborative tools where supporters can voluntarily attach their machines to a botnet in order to assist with a DDoS attack. The preferred tools are usually some version of the Low Orbit Ion Cannon (LOIC) software. Machines running LOIC can then be controlled via IRC or some other channel (again the campaigners are aping criminals by using Twitter of late). Downloading and installing LOIC (the code is freely available at such places as Sourceforge) is simple enough, but evidently off-putting enough that not many people are doing it. The LOIC hivemind net run by Anonymous has generally had only a few hundred machines in it, far too few to mount a serious DDoS, and most of the grunt has been delivered by larger malware-based botnets controlled by individual Anonymous members (just one reportedly containing more than 30 times as many machines as the anonops.net hivemind). But in the last day or two, a new wrinkle has begun to gain prominence. It is now possible to visit a webpage which will convert your browser into a pocket LOIC instance, delivering DDoS packets from whatever device you are using to browse ? not necessarily even a computer. As Panda Labs analyst Sean-Paul Correll notes: Only a browser is needed, so you can even launch the attack from your fone, I just tested it with my iPhone ... Of course I tested that it was real and worked, but I didn?t send any attack out. Such a webpage will typically give you the option of adjusting how many requests per second to send to the target website (handy in the case of a phone or perhaps a fondle-slablet device with a limited data package and/or bandwidth) and allow you to attach an insulting message of your own devising. This would appear to be rather less sophisticated than a proper IRC or Twitter-controlled LOIC install, but has the merit of being simpler. Whether this tremendously simple way of joining in botnets will finally mobilise large numbers of pro- or anti-Wikileaks vigilantes remains to be seen. For now, it appears that the effective DDoS attacks ? and other more sophisticated meddling going on ? are emanating from relatively small numbers of people. It would seem that in general most people are aware how relatively unimportant and easily replaceable a part Julian Assange and Wikileaks have played in the release of the classified US files, which continue to mildly interest the outside world. ? Bootnote 1) Reader be warned: Participating willingly in a DDoS attack is a crime in many countries. Even if this doesn't bother you, you download software and visit webpages of this sort at your own significant risk: campaigners on both sides have shown little in the way of scruples, and ordinary criminal scammers are now exploiting the situation too. From rforno at infowarrior.org Fri Dec 10 09:13:53 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 10:13:53 -0500 Subject: [Infowarrior] - America, Y Ur Peeps B So Dumb? Message-ID: America, Y Ur Peeps B So Dumb? Ignorance and Courage in the Age of Lady Gaga By JOE BAGEANT Ajijic, Jalisco, Mexico If you hang out much with thinking people, conversation eventually turns to the serious political and cultural questions of our times. Such as: How can the Americans remain so consistently brain-fucked? Much of the world, including plenty of Americans, asks that question as they watch U.S. culture go down like a thrashing mastodon giving itself up to some Pleistocene tar pit. One explanation might be the effect of 40 years of deep fried industrial chicken pulp, and 44 ounce Big Gulp soft drinks. Another might be pop culture, which is not culture at all of course, but marketing. Or we could blame it on digital autism: Ever watch commuter monkeys on the subway poking at digital devices, stroking the touch screen for hours on end? That wrinkled Neolithic brows above the squinting red eyes? But a more reasonable explanation is that, (A) we don't even know we are doing it, and (B) we cling to institutions dedicated to making sure we never find out. < -- > http://www.counterpunch.org/bageant12102010.html From rforno at infowarrior.org Fri Dec 10 15:06:52 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 16:06:52 -0500 Subject: [Infowarrior] - Military Bans Disks, Threatens Courts-Martial to Stop New Leaks Message-ID: <94EF3779-99C4-4C8D-B609-1E16917434A5@infowarrior.org> Military Bans Disks, Threatens Courts-Martial to Stop New Leaks ? By Noah Shachtman ? December 9, 2010 | ? 7:02 pm | ? Categories: Info War http://www.wired.com/dangerroom/2010/12/military-bans-disks-threatens-courts-martials-to-stop-new-leaks/ It?s too late to stop WikiLeaks from publishing thousands more classified documents, nabbed from the Pentagon?s secret network. But the U.S. military is telling its troops to stop using CDs, DVDs, thumb drives and every other form of removable media ? or risk a court martial. Maj. Gen. Richard Webber, commander of Air Force Network Operations, issued the Dec. 3 ?Cyber Control Order? ? obtained by Danger Room ? which directs airmen to ?immediately cease use of removable media on all systems, servers, and stand alone machines residing on SIPRNET,? the Defense Department?s secret network. Similar directives have gone out to the military?s other branches. ?Unauthorized data transfers routinely occur on classified networks using removable media and are a method the insider threat uses to exploit classified information. To mitigate the activity, all Air Force organizations must immediately suspend all SIPRNET data transfer activities on removable media,? the order adds. It?s one of a number of moves the Defense Department is making to prevent further disclosures of secret information in the wake of the WikiLeaks document dumps. Pfc. Bradley Manning says he downloaded hundreds of thousands of files from SIPRNET to a CD marked ?Lady Gaga? before giving the files to WikiLeaks. To stop that from happening again, an August internal review suggested that the Pentagon disable all classified computers? ability to write to removable media. About 60 percent of military machines are now connected to a Host Based Security System, which looks for anomalous behavior. And now there?s this disk-banning order. One military source who works on these networks says it will make the job harder; classified computers are often disconnected from the network, or are in low-bandwidth areas. A DVD or a thumb drive is often the easiest way to get information from one machine to the next. ?They were asking us to build homes before,? the source says. ?Now they?re taking away our hammers.? The order acknowledges that the ban will make life trickier for some troops. ?Users will experience difficulty with transferring data for operational needs which could impede timeliness on mission execution,? the document admits. But ?military personnel who do not comply ? may be punished under Article 92 of the Uniformed Code of Military Justice.? Article 92 is the armed forces? regulation covering failure to obey orders and dereliction of duty, and it stipulates that violators ?shall be punished as a court-martial may direct.? But to several Defense Department insiders, the steps taken so far to prevent another big secret data dump have been surprisingly small. ?After all the churn?. The general perception is business as usual. I?m not kidding,? one of those insiders says. ?We haven?t turned a brain cell on it.? Tape and disk backups, as well as hard drive removals, will continue as normal in the military?s Secure Compartmented Information Facilities, where top-secret information is discussed and handled. And removable drives have been banned on SIPRNET before. Two years ago, the Pentagon forbade the media?s use after the drives and disks helped spread a relatively unsophisticated worm onto hundreds of thousands of computers. The ban was lifted this February, after the worm cleanup effort, dubbed ?Operational Buckshot Yankee,? was finally completed. Shortly thereafter, Manning says he started passing information to WikiLeaks. Specialists at the National Security Agency are looking for additional technical ways to limit, disable or audit military users? actions. Darpa, the Pentagon?s leading-edge research arm, has launched an effort to ?greatly increase the accuracy, rate and speed with which insider threats are detected ? within government and military interest networks.? But, like all Darpa projects, this one won?t be ready to deploy for years ? if ever. For now, the Pentagon is stuck with more conventional methods to WikiLeak-proof its networks. From rforno at infowarrior.org Fri Dec 10 15:07:35 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 16:07:35 -0500 Subject: [Infowarrior] - Movie Studios Purposely Crippling Rental DVDs Message-ID: <46261D7F-02B7-4D4B-8F35-EB1084688D78@infowarrior.org> Movie Studios Purposely Crippling Rental DVDs In Misguided Effort To Get People To Buy from the taking-away-features-is-not-a-strategy dept What is it about the entertainment industry that actually makes them think that it's a smart move to take features away from consumers? They seem to focus on building business models by pissing off as many people as possible, and then wondering why those people seek out alternatives. Case in point, visual77 points us to the news that movie studios are increasingly offering up feature-limited DVDs for the rental market, and then encouraging you to buy the DVD itself if you want all the features. As Consumerist reports: Consumerist reader Joseph brought this to our attention after he spent $3.99 to rent the DVD of Scott Pilgrim Vs. The World from Blockbuster. When he went to the disc's main menu and attempted to watch the Blooper Reel special feature, he was greeted by a screen telling him: "This disc is intended for rental purposes and only includes the feature film. Own it on Blu-Ray or DVD to view these bonus features and complete your movie watching experience." This is the same thinking that leads the studios to seek to have rental places delay movies for a month. The entire business model seems to be centered on creating artificial scarcities that piss off people. Is it really so difficult for the industry to realize that they can make more money by adding value and actually delivering what people want? http://www.techdirt.com/articles/20101209/16561912221/movie-studios-purposely-crippling-rental-dvds-misguided-effort-to-get-people-to-buy.shtml From rforno at infowarrior.org Fri Dec 10 15:16:57 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 16:16:57 -0500 Subject: [Infowarrior] - Ex-Goldman Programmer Found Guilty in Code Theft Message-ID: <943CF218-3C9A-49A3-8AA1-60CA30716F84@infowarrior.org> http://online.wsj.com/article/SB10001424052748704457604576011564066524404.html NEW YORK?A former Goldman Sachs Group Inc. computer programmer was convicted Friday of stealing the confidential source code of the investment bank's high-speed trading system. High-speed trading and other financial firms aggressively protect their code, considering it a trade secret and a competitive advantage. Goldman required employees to sign a confidentiality agreement as part of their employment and that any software created by them in their jobs were the property of the investment bank. Sergey Aleynikov's conviction is the second guilty verdict in as many months involving the theft of high-speed trading code. Last month, Samarth Agrawal, a former Soci?t? G?n?rale trader, was convicted of stealing the bank's high-frequency trading code after he freely admitted to sharing aspects of the bank's computer code with a rival. The trial of Mr. Aleynikov focused on the complex computer programs used by investment banks, hedge funds and other securities firms to squeeze more profits from their trading operations. Such high-frequency trading involves rapid-fire buy and sell orders aimed at capitalizing on miniscule differences in price. In its second day of deliberations, the jury found Mr. Aleynikov guilty of theft of trade secrets and transportation of stolen property. He faces as much as 10 years in prison on the trade secrets charge. Deal Journal U.S. District Judge Denise Cote changed his bail conditions after the verdict, requiring Mr. Aleynikov to be subject to home confinement pending sentencing. The judge also suggested that his name be added to a watch list to prevent him from leaving the country. Mr. Aleynikov is originally from Russia. Kevin Marino, Mr. Aleynikov's lawyer, declined to comment after the verdict. Goldman Sachs declined to comment on the verdict. Federal prosecutors in Manhattan had alleged that Mr. Aleynikov secretly copied Goldman Sachs's confidential source code for its high-frequency trading platform in his last days at the investment bank and uploaded it to a server in Germany. Prosecutors had alleged that Mr. Aleynikov, 40 years old, intended to use it to build a similar trading platform at his new employer, Teza Technologies LLC. Portions of the testimony of four witnesses, including three current or former Goldman employees, were closed during the Aleynikov trial. Prosecutors had asked that portions of the trial be closed to the public to protect Goldman's trade secrets. Mr. Marino contended Mr. Aleynikov simply made a mistake in trying to download open-source code from Goldman, but didn't steal proprietary information from the investment bank. He said Mr. Aleynikov made no efforts to sell the information he took and didn't share it with Teza. In his closing argument Thursday, Mr. Marino said Teza actually was better at high-frequency trading than Goldman. "The general common notion that Goldman Sachs is the New York Yankees and Goldman's systems are the best ain't necessarily so," Mr. Marino said. In her closing argument Thursday, Assistant U.S. Attorney Rebecca Rohr said Mr. Aleynikov was eager to please his new bosses at Teza. Prosecutors said he used the code as a cheat sheet for his new job. Mr. Aleynikov was offered compensation worth about $1.15 million at Teza, nearly three times the amount he was making at Goldman at the time. "He absolutely knew he was taking Goldman Sachs's trading secrets...and he planned to use them for his own benefit," Ms. Rohr said. From rforno at infowarrior.org Fri Dec 10 19:44:02 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 20:44:02 -0500 Subject: [Infowarrior] - Ron Paul: Lying is Not Patriotic (wikileaks) Message-ID: Lying is Not Patriotic http://paul.house.gov/index.php?option=com_content&view=article&id=1804:lying-is-not-patriotic&catid=16:speeches WikiLeaks? release of classified information has generated a lot of attention world-wide in the past few weeks. The hysterical reaction makes one wonder if this is not an example of killing the messenger for the bad news. Despite what is claimed, information so far released, though classified, has caused no known harm to any individual, but it has caused plenty of embarrassment to our government. Losing a grip on our empire is not welcomed by the neo-conservatives in charge. There is now more information confirming that Saudi Arabia is a principle supporter and financier of Al Qaeda and this should set off alarm bells since we guarantee its Sharia-run government. This emphasizes even more the fact that no Al Qaeda existed in Iraq before 9/11, and yet we went to war against Iraq based on the lie that it did. It has been charged, by self-proclaimed experts, that Julian Assange, the internet publisher of this information, has committed a heinous crime deserving prosecution for treason and execution or even assassination. But should we not at least ask how the U.S. government can charge an Australian citizen with treason for publishing U.S. secret information, that he did not steal? And if Wikileaks is to be prosecuted for publishing classified documents, why shouldn?t the Washington Post, New York Times, and others that have also published these documents be prosecuted? Actually, some in Congress are threatening this as well. The New York Times, as a result of a Supreme Court ruling, was not found guilty in 1971 for the publication of the Pentagon Papers. Daniel Ellsberg never served a day in prison for his role in obtaining these secret documents. The Pentagon Papers were also inserted into the Congressional Record by Senator Mike Gravel with no charges being made of breaking any National Security laws. Yet the release of this classified information was considered illegal by many, and those who lied us into the Vietnam War and argued for its prolongation were outraged. But the truth gained from the Pentagon Papers revealed that lies were told about the Gulf of Tonkin attack which perpetuated a sad and tragic episode in our history. Just as with the Vietnam War, the Iraq War was based on lies. We were never threatened by Weapons of Mass Destruction or Al Qaeda in Iraq, though the attack on Iraq was based on this false information. Any information that challenges the official propaganda for the war in the Middle East is unwelcome by the administration and supporters of these unnecessary wars. Few are interested in understanding the relationship of our foreign policy and our presence in the Middle East to the threat of terrorism. Revealing the real nature and goal for our presence in so many Muslim countries is a threat to our empire and any revelation of this truth is highly resented by those in charge. Questions to consider: 1. Do the American people deserve to know the truth regarding the ongoing war in Iraq, Afghanistan, Pakistan and Yemen? 2. Could a larger question be: how can an Army Private gain access to so much secret material? 3. Why is the hostility mostly directed at Assange, the publisher, and not our government?s failure to protect classified information? 4. Are we getting our money?s worth from the $80 billion per year we spend on our intelligence agencies? 5. Which has resulted in the greatest number of deaths; lying us into war, or WikiLeaks? revelations or the release of the Pentagon Papers? 6. If Assange can be convicted of a crime for publishing information, that he did not steal, what does this say about the future of the First Amendment and the independence of the internet? 7. Could it be that the real reason for the near universal attacks on WikiLeaks is more about secretly maintaining a seriously flawed foreign policy of empire than it is about national security? 8. Is there not a huge difference between releasing secret information to help the enemy in the time of a declared war?which is treason?and the releasing of information to expose our government lies that promote secret wars, death, and corruption? 9. Was it not once considered patriotic to stand up to our government when it?s wrong? Thomas Jefferson had it right when he advised: ?Let the eyes of vigilance never be closed.? From rforno at infowarrior.org Fri Dec 10 19:45:05 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 20:45:05 -0500 Subject: [Infowarrior] - Ron Paul: Focus on the policy, not Wikileaks Message-ID: Focus on the policy, not Wikileaks http://paul.house.gov/index.php?option=com_content&view=article&id=1802:focus-on-the-policy-not-wikileaks&catid=31:texas-straight-talk We may never know the whole story behind the recent publication of sensitive U.S. government documents by the Wikileaks organization, but we certainly can draw some important conclusions from the reaction of so many in government and media. At its core, the Wikileaks controversy serves as a diversion from the real issue of what our foreign policy should be. But the mainstream media, along with neoconservatives from both political parties, insist on asking the wrong question. When presented with embarrassing disclosures about U.S. spying and meddling, the policy that requires so much spying and meddling is not questioned. Instead, the media focus on how so much sensitive information could have been leaked, or how authorities might prosecute the publishers of such information. No one questions the status quo or suggests a wholesale rethinking of our foreign policy. No one suggests that the White House or the State Department should be embarrassed that the U.S. engages in spying and meddling. The only embarrassment is that it was made public. This allows ordinary people to actually know and talk about what the government does. But state secrecy is anathema to a free society. Why exactly should Americans be prevented from knowing what their government is doing in their name? In a free society, we are supposed to know the truth. In a society where truth becomes treason, however, we are in big trouble. The truth is that our foreign spying, meddling, and outright military intervention in the post-World War II era has made us less secure, not more. And we have lost countless lives and spent trillions of dollars for our trouble. Too often "official" government lies have provided justification for endless, illegal wars and hundreds of thousands of resulting deaths and casualties. Take the recent hostilities in Korea as only one example. More than fifty years after the end of the Korean War, American taxpayers continue to spend billions for the U.S. military to defend a modern and wealthy South Korea. The continued presence of the U.S. military places American lives between the two factions. The U.S. presence only serves to prolong the conflict, further drain our empty treasury, and place our military at risk. The neoconservative ethos, steeped in the teaching of Leo Strauss, cannot abide an America where individuals simply pursue their own happy, peaceful, prosperous lives. It cannot abide an America where society centers around family, religion, or civic and social institutions rather than an all powerful central state. There is always an enemy to slay, whether communist or terrorist. In the neoconservative vision, a constant state of alarm must be fostered among the people to keep them focused on something greater than themselves-- namely their great protector, the state. This is why the neoconservative reaction to the Wikileaks revelations is so predictable: ?See, we told you the world was a dangerous place,? goes the story. They claim we must prosecute- or even assassinate- those responsible for publishing the leaks. And we must redouble our efforts to police the world by spying and meddling better, with no more leaks. We should view the Wikileaks controversy in the larger context of American foreign policy. Rather than worry about the disclosure of embarrassing secrets, we should focus on our delusional foreign policy. We are kidding ourselves when we believe spying, intrigue, and outright military intervention can maintain our international status as a superpower while our domestic economy crumbles in an orgy of debt and monetary debasement. From rforno at infowarrior.org Fri Dec 10 19:46:07 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 20:46:07 -0500 Subject: [Infowarrior] - Govt Response to Wikileaks Said to Cause More Damage Message-ID: <0575D7B2-1CCA-40FF-8E31-3FC3CB054E47@infowarrior.org> Govt Response to Wikileaks Said to Cause More Damage December 10th, 2010 by Steven Aftergood http://www.fas.org/blog/secrecy/2010/12/govt_response.html The U.S. Government insists that the classification markings on many of the leaked documents being published by Wikileaks and other organizations are still in force, even though the documents are effectively in the public domain, and it has directed federal employees and contractors not to access or read the records outside of a classified network. But by strictly adhering to the letter of security policy and elevating security above mission performance, some say the government may be causing additional damage. ?At DHS we are getting regular messages [warning not to access classified records from Wikileaks],? one Department of Homeland Security official told us in an email message. ?It has even been suggested that if it is discovered that we have accessed a classified Wikileaks cable on our personal computers, that will be a security violation. So, my grandmother would be allowed to access the cables, but not me. This seems ludicrous.? ?As someone who has spent many years with the USG dealing with senior officials of foreign governments, it seems to me that the problem faced by CRS researchers (and raised by you) is going to be widespread across our government if we follow this policy.? ?Part of making informed judgments about what a foreign government or leader will do or think about something is based on an understanding and analysis of what information has gone into their own deliberative processes. If foreign government workers know about something in the Wikileaks documents, which clearly originated with the U.S., then they will certainly (and reasonably) assume that their US counterparts will know about it too, including the staffers. If we don?t, they will assume that we simply do not care, are too arrogant, stupid or negligent to find and read the material, or are so unimportant that we?ve been intentionally left out of the information loop. In any such instance, senior staff will be handicapped in their preparation and in their inter-governmental relationships,? the DHS official said. ?I think more damage will be done by keeping the federal workforce largely in the dark about what other interested parties worldwide are going to be reading and analyzing. It does not solve the problem to let only a small coterie of analysts review documents that may be deemed relevant to their own particular ?stovepiped? subject area. Good analysis requires finding and putting together all the puzzle pieces.? So far, however, this kind of thinking is not finding a receptive audience in government. There has been no sign of leadership from any Administration official who would stand up and say: ?National security classification is a means, and not an end in itself. What any reader in the world can discover is no longer a national security secret. We should not pretend otherwise.? From rforno at infowarrior.org Fri Dec 10 20:34:54 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 10 Dec 2010 21:34:54 -0500 Subject: [Infowarrior] - Is The CIA Hosting A Wikileaks Mirror? Message-ID: <1E2649DA-E174-4ACB-8BAC-111C07153959@infowarrior.org> Is The CIA Hosting A Wikileaks Mirror? from the honeypot-or-not? dept http://www.techdirt.com/articles/20101210/16462512242/is-cia-hosting-wikileaks-mirror.shtml Whatis42? points us to an interesting post on Reddit, which is initially just highlighting a Google heatmap showing the locations from which people are searching for the term "wikileaks." Not surprisingly, the hottest spot on the heatmap is the Northern Virginia, Washington DC area. Shocking, I know. But, perhaps more interesting is a comment on the thread, which notes that it appears at least one of the Wikileaks mirrors appears to be hosted by the CIA, or at the very least a company associated with the CIA using (for a time) a CIA netblock. The address, wikileaks.psytek.net no longer appears to be hosting anything (right now it just leads you to a standard Apache install page that says "It works!"). There's an interesting discussion in the Reddit comments over what this means -- ranging from everything to someone suggesting this is just a joke, to the "honeypot" question, to the one that seems most plausible to me: as a mirror that is quickly updated as Wikileaks puts up new documents, it allows the CIA to get access to what's being released as quickly as possible. From rforno at infowarrior.org Sun Dec 12 08:31:01 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 12 Dec 2010 09:31:01 -0500 Subject: [Infowarrior] - WL implications for "the cloud" Message-ID: <1110D245-A749-4B0B-876D-B816349619ED@infowarrior.org> Cory Doctorow said the other day that contrary to the popular perception, the Internet today is not a public sphere but rather a "commercial one with a public component." I don't mean to sound libertarian (and don't agree with some of Naughton's exampes), but this ties in to what I've been arguing for years --- the Cloud(tm) is a wonderful concept, but what capablities do we as individuals or organisations give up (or what dependencies/vulnerabilities do we accept) by embracing this wonderous cure-all for our current information environment? --- rick WikiLeaks row: why Amazon's desertion has ominous implications for democracy Amazon's decision to abandon WikiLeaks sends out a clear message: you can publish what you like ? as long as it meets with the government's approval John Naughton guardian.co.uk, Saturday 11 December 2010 10.00 GMT http://www.guardian.co.uk/technology/2010/dec/11/wikileaks-amazon-denial-democracy-lieberman One of the most interesting aspects of the WikiLeaks controversy is the light it has shed on the providers of cloud computing. One after another they have fallen over like dominoes when the going got rough. First, some of the ISPs hosting WikiLeaks caved in; then EveryDNS, the company that mapped its domain names (eg wikileaks.org) on to machine addresses, dropped it; then Amazon, which had enough computer power and bandwidth to resist even the most determined cyber-attacks, took it off its computers; then PayPal and later Mastercard, the online conduits for donations, cancelled its accounts. The rationalisations these outfits gave for dropping WikiLeaks had a common theme, namely that it had violated the terms and conditions under which the terminated services had been provided. Amazon is the most interesting case. It provides so-called "cloud computing services" by renting out some of the thousands of computers used to run its online store. WikiLeaks moved its site on to Amazon's cloud to ensure that it would not be crippled by the denial-of-service attacks that had brought other ISPs to their knees. But then the company received a call from senator Joseph Lieberman, the kind of politician who gives loose cannons a bad name, who had been frothing about WikiLeaks being "implacably hostile to our military and the most basic requirements of our national security". Some time after that, Amazon terminated WikiLeaks's account. Lieberman then declared: "I will be asking Amazon about the extent of its relationship with WikiLeaks and what it and other web service providers will do in the future to ensure that their services are not used to distribute stolen, classified information." Amazon denied that it had caved in to "a government inquiry" but declared that it had kicked WikiLeaks out because it was not adhering to the company's terms and conditions ? which require that "you warrant that you own or otherwise control all of the rights to the content" and "that use of the content you supply... will not cause injury to any person or entity". "It's clear," pontificated Amazon, "that WikiLeaks doesn't own or otherwise control all the rights to this classified content. Further, it is not credible that the extraordinary volume of 250,000 classified documents that WikiLeaks is publishing could have been carefully redacted in such a way as to ensure that they weren't putting innocent people in jeopardy." The more you think about it, the more disturbing this becomes. What gives a US senator the right to ask anybody about "the extent of its relationship" with WikiLeaks? His declaration led the New Yorker's Amy Richardson to wonder "if Lieberman feels that he, or any senator, can call in the company running the New Yorker's printing presses when we are preparing a story that includes leaked classified material, and tell it to stop us". And what about Amazon's assertion that WikiLeaks "doesn't own or otherwise control" all the rights to the classified cables that it published? As Markus Kuhn, a computer security researcher at the Cambridge Computer Lab, pointed out to me, any work "prepared by an officer or employee of the US government as part of that person's official duties" is not entitled to domestic copyright protection under US law. So, in the US at least, the leaked cables are not protected by copyright and it doesn't matter whether WikiLeaks owns the rights or not. But, in a way, that's the least worrying aspect of Amazon's behaviour. More troubling is what its actions portend for democracy. Rebecca MacKinnon, a scholar who has written incisively about China's efforts to censor the net, wrote a sobering essay about this last week. "A substantial, if not critical amount of our political discourse," she points out, "has moved into the digital realm. This realm is largely made up of virtual spaces that are created, owned and operated by the private sector." As far as the law of contract is concerned, Amazon can do what it likes. But this isn't just about contracts any more. "While Amazon was within its legal rights," MacKinnon warns, "the company has nonetheless sent a clear signal to its users: if you engage in controversial speech that some individual members of the US government don't like? Amazon is going to dump you at the first sign of trouble." Yep. For years people have extolled cloud computing as the way of the future. The lesson of the last week is simple: be careful what you wish for. From rforno at infowarrior.org Sun Dec 12 15:32:12 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 12 Dec 2010 16:32:12 -0500 Subject: [Infowarrior] - Why do we let this creepy company called Google spy on our emails? Message-ID: <085B4AF1-5BE0-41C1-9ED3-55E97A026AD4@infowarrior.org> Why do we let this creepy company called Google spy on our emails? By Angela Levin Last updated at 3:23 AM on 12th December 2010 http://www.dailymail.co.uk/debate/article-1337837/Google-Why-let-creepy-company-spy-emails.html To many, the colourful home page of Google is the friendly face of the internet. Indeed, the company, which was created 12 years ago by two American PhD students, Larry Page and Sergey Brin, has always prided itself on its quirky presentation. The hallways of the ?Googleplex? headquarters in California are stuffed with pianos, lava lamps, games and funky furniture for the enjoyment of staff, its webpage often features specially designed logos for days such as Halloween, Christmas and national festivals and ? crucially ? Google gives away its software for free. Add to that its rather hippyish business principles (?You can make money without doing evil?, ?You can be serious without a suit?, ?Work should be challenging and the challenge should be fun?), its corporate philanthropy and its clashes with the Chinese government over free speech, and it is easy to see why Google is often regarded as a warm, fluffy ?good guy?. Pride: The 'Googleplex' headquarters in California, pictured, are packed with lava lamps, pianos and funky furniture The only mystery seemed to be how, exactly, it managed to achieve revenues of more than ?15 billion last year. In truth, though, it is a creepy, multi?national company that spies on us, as I found out a week ago after I foolishly left my laptop in the back of a London taxi. I made some disconcerting discoveries about Google that have left me deeply unhappy about the business practices of this most apparently ?cuddly? of corporate giants. Like 190 million others, I had signed up for Google?s free service Gmail to write and receive emails. This was a new development for me, replacing Microsoft Office Outlook, which was largely trouble-free but which I found cumbersome to use away from my home internet connection. Various friends advised me to switch to Gmail, saying it was easy to use and accessible from anywhere. It was simple to set up an account, and at first I barely noticed the advertisements that pay for the service. There is space for eight adverts down the side of the screen on the Gmail page, plus another across the top. I was bereft when I lost my laptop and absolutely overjoyed a few days later when the taxi driver emerged from the snowed-in wilds of Essex and returned it to me. I immediately emailed friends with the good news. But within a second of the email being sent, a column of adverts had appeared down the right hand side of my Gmail screen. The adverts offered me the chance to ?save hundreds? on a new PC. A shiver slid slowly down my spine. The adverts were being specifically targeted at me because of what I had written in a private email to a friend. Though I found the discovery deeply creepy, I carried on using Gmail, noticing all the time that I couldn?t write anything to anyone without Gmail offering me comments, suggestions and temptations. Electronic spy: Angela Levin found that using Gmail made her a target for adverts based on information in her private emails This might just be tolerable when the email is innocuous. But it certainly was not when I recently emailed a lawyer about a difficult and sensitive problem and back came a host of offers advertising various lawyers and help with a legal compromise agreement. I felt as if I were being stalked and the experience left me with a raft of questions. What does Google know about me? How dare they invade my privacy? And is there a hidden agenda? A honey-voiced Google spokesman was quick to respond to my call and insisted the adverts were generated not by a human being, but by a computer programme that all servers use to scan emails looking for spam and viruses. And that no information was read or sold to advertisers. That may be true, but Google does use the content of your emails for commercial gain. It scans your words and searches for key words in the same way it does when you use the Google search engine. When a key word from your email matches a key word in an advert in the Google bank, the relevant adverts electronically line up to hit first your email page and then your pocket. Advertisers are invited to bid for key words. Popular phrases such as ?cheap flights? command vastly more money than, say, ?arachibutyrophobia? ? the fear of peanut butter sticking to your mouth. The advertiser is then charged on a cost-per-click basis ? the more people who click on the advert and go through to the advertiser?s website, the more they pay. This is how Google makes its ?15 billion a year and it is what you are signing up for, however inadvertently, when you click on Google?s terms and conditions. It doesn?t, of course, explain why they also scan emails that arrive from non-Gmail users. In theory, there are ways you can fool Google and block the adverts. The robotic searchers seem to have a smidgin of sen?sitivity, and if you mention suicide, murder, death, 9/11 or some other catastrophe in your email no adverts will appear, but only, it seems, if you type in the word often enough. An American professor of new media, Joe McKay, discovered that the ads disappear if you mention something tragic at least once every 167 words. Another twist: The Google street-mapping car gathered personal information You can get the same effect through the liberal use of vile four-letter words in your email, but this seems more to protect the sensibilities of the advert?isers, who might not want their products to be associated with such language. In practice, of course, neither course of action is workable. It also helps to carefully ?balance the pros and cons of using Gmail. On the one hand it is free, but then so are Hotmail and Yahoo ? which both also rely on advertising, but which don?t appear to trawl through your emails and hit you with intrusive ads within milliseconds. Gmail does have some advantages ? it allows several people to have access to documents at the same time. But given that your messages are stored on vast remote servers that could be vulnerable to hackers, it makes sense for you to delete emails that contain sensitive information, and also to create a separate email address for online shopping, as these are the messages that will draw the most attention for marketing. And remember that while emails may seem ephemeral, they can be difficult to delete. Once a message is erased, it may take up to 60 days before it disappears from the Google servers - and Google admits that it keeps back-up copies in case of system failure. Whatever precautions you take, anyone signing up for a Gmail account must trust that Google won?t use the sensitive, revealing information contained in the emails you send and receive for any other purpose. But can it really be trusted? Consider the Street View debacle. A few years ago, Google offered detailed aerial pictures of the whole world to viewers of its Google Earth service. Then, at what must have been enormous cost, Google sent out vehicles with specialised equipment across several continents to capture street-level views of both main and side roads in cities, town and villages. Initially it sounded fun to have the possibility of a virtual tour of any street. And how philanthropic to record our landscape for posterity. But the next thing we heard was that these vehicles were not just taking pictures, but also searching electronically for wireless networks, logging whether individuals had secure or insecure wi-fi ? and gathering personal information. It was a gross invasion of privacy and rightly caused an uproar. Google quickly apologised, saying it was a mistake. But how could it mistakenly do something that had nothing to do with its stated purpose? The question remains: if a company can misbehave so badly once, why can?t it happen again? If Google is so ethical and friendly, then how has it become a sinister multinational giant that spies on the contents of my personal email? As for me, I am switching back to the less sophisticated Microsoft Office Outlook. I?ve come to believe that free email is worth exactly what you pay for it. From rforno at infowarrior.org Sun Dec 12 16:00:02 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 12 Dec 2010 17:00:02 -0500 Subject: [Infowarrior] - Fool the TSA's Scanners with Pancakes Message-ID: Fool the TSA's Scanners with Pancakes http://gizmodo.com/5712481/fool-the-tsas-scanners-with-pancakes Since current airport security technology is largely reactive to known threats, competent evil doers will eventually change their tactics to skirt by and do their worst. With that in mind, a new tactic could be pancakes. Not pancakes you'd necessarily eat, of course, but PETN pancakes. Potential attackers would take the notoriously explosive material and smooth it into a pancake shape to mimic the contours of the abdomen using dimensions of about about 15-20cm in diameter and 1cm thick. Voila, hidden explosive. This, according to a report in the Journal of Transportation Security (emphasis mine): It is very likely that a large (15-20 cm in diameter), irregularly-shaped, cm-thick pancake with beveled edges, taped to the abdomen, would be invisible to this technology, ironically, because of its large volume, since it is easily confused with normal anatomy. Thus, a third of a kilo of PETN, easily picked up in a competent pat down, would be missed by backscatter "high technology". Forty grams of PETN, a purportedly dangerous amount, would fit in a 1.25 mm-thick pancake of the dimensions simulated here and be virtually invisible. Packed in a compact mode, say, a 1 cm?4 cm?5 cm brick, it would be detected. Where a simple pat down would effectively mitigate this threat (Cost: TSA worker's salary), the multi-million dollar nudie machines would do nothing. Oh, and conspicuous wires and thin blades? Potentially invisible as well: The images are very sensitive to the presence of large pieces of high Z material, e. g., iron, but unless the spatial resolution is good, thin wires will be missed because of partial volume effects. It is also easy to see that an object such as a wire or a box- cutter blade, taped to the side of the body, or even a small gun in the same location, will be invisible. While there are technical means to mildly increase the conspicuity of a thick object in air, they are ineffective for thin objects such as blades when they are aligned close to the beam direction. I guess I've never had too much of an issue being scanned, so it's not even a privacy issue anymore, with me. It's just the incredible waste of money on an ineffective technology that really bothers me (more than any curious gloved TSA hand ever could, anyway). I would say the same of a professional football team that bought the latest and greatest hockey sticks for their linemen. [Journal of Transportation Security (PDF) via Boing Boinghttp://www.boingboing.net/2010/12/11/pornoscanners-trivia.html] From rforno at infowarrior.org Sun Dec 12 20:06:21 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 12 Dec 2010 21:06:21 -0500 Subject: [Infowarrior] - Gawker Shuts Down After Hackers Message-ID: December 12, 2010 Gawker Shuts Down After Hackers By BRIAN STELTER http://www.nytimes.com/2010/12/13/business/media/13gawker.html Web sites belonging to Gawker Media abruptly stopped publishing on Sunday after mischief-making hackers gained access to the company?s servers. People who had accounts on the flagship Gawker, Gizmodo, Jezebel and the company?s other Web sites were told to change their passwords because, it said in a statement, ?our user databases appear to have been compromised.? Working anonymously, the hackers indicated that they had found more than 1.3 million user names and passwords, though it was unclear whether all of the data had been decrypted. The hackers published the passwords of some Gawker staff members and mockingly identified thousands of users who had listed their password as ?password.? ?We?re deeply embarrassed by this breach,? Gawker said in a statement that was posted across its suite of Web sites Sunday afternoon. The incident was a black eye for Gawker, an eight-year-old digital media company founded by Nick Denton that has grown up in New York. The company has long been a pioneer, setting and then resetting standards for blogging and online publishing, and of late it has been preparing a broad redesign of its Web sites. Gawker?s Web sites run on a homegrown content management system, and some of the source code for that system was leaked by the hackers on Sunday. The hackers, who worked under the name ?Gnosis,? published an article on Gawker that contained a link to the code. Gawker Media became aware of the hacking attempt on Saturday, and staff scrambled to figure out how much virtual damage had been done. On Sunday afternoon, publishing came to a halt, apparently because the company was resetting the passwords for its dozens of writers and editors. On Twitter, one of the bloggers for Jezebel wrote, ?I?d write a post about how we?ve been hacked and can?t publish, but we?ve been hacked and can?t publish.? The hackers suggested they had chosen Gawker out of spite. They said Gawker writers had been critical of the online message board 4chan, a chaotic group that mounts attacks on Web sites and individuals. An affiliated group, Anonymous, gained attention last week for apparently taking down Web sites like MasterCard?s in a show of support for WikiLeaks, the organization that facilitated the release of secret State Department cables. The Gawker hackers wrote in a document Sunday afternoon, ?You would think a site that likes to mock people, such as gawker, would have better security and actually have a clue what they are doing. But as we?ve proven, those who think they are beyond our reach aren?t as safe as they would like to think!? The hackers also seemed to want to impart a lesson about the user names and passwords that are a common part of business on the Web. Before listing the accounts of thousands of people who used the word ?password? as their password, the hackers wrote, ?Maybe naming and shaming you all will encourge you all to use better passwords in the future? Probably not.? From rforno at infowarrior.org Mon Dec 13 06:59:19 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 13 Dec 2010 07:59:19 -0500 Subject: [Infowarrior] - Major Ad Networks Found Serving Malicious Ads Message-ID: <0B6EDC36-103F-4763-8ED9-8D278799A244@infowarrior.org> Major Ad Networks Found Serving Malicious Ads By Dennis Fisher Created 12/12/2010 - 6:00pm https://threatpost.com/en_us/print/7723 Two major online ad networks--DoubleClick and MSN--were serving malware via drive-by download exploits over the last week, experts say, after a group of attackers was able to trick the networks into displaying their ads by impersonating an online advertising provider. The scheme involved a group of attackers who registered a domain that was one letter away from that of ADShuffle.com, an online advertising technology firm. The attackers then used the fake domain--ADShufffle.com--to dupe the advertising networks into serving their malicious banner ads. The ads used various exploits to install malware on victims' PCs through drive-by downloads, according to information compiled by security vendor Armorize. The ad networks only served the malicious content for a short period of time, but the episode shows just how difficult the drive-by download problem can be to address. "Users visit websites that incorporate banner ads from DoubleClick or rad.msn.com, the malicious javascript is served from ADShufffle.com (notice the three f's), starts a drive-by download process and if successful, HDD Plus and other malware are installed into the victim's machine, without having the need to trick the victim into doing anything or clicking on anything. Simply visiting the page infects the visitors," Armorize CTO Wayne Huang said in a blog post describing the scheme [1]. "Known sites affected: Sites that incorporate DoubleClick or rad.msn.com banners, including for example Scout.com (using DoubleClick), realestate.msn.com, msnbc.com (using both), and mail.live.com. We'd like to note here it's very possible that multiple exchanges, besides those listed here, have been serving the fake ADShufffle's ads." In some instances, the attackers used the notorious Eleonore exploit pack [2] and the Neosploit package to accomplish the drive-by downloads. The attacks exploited a wide variety of vulnerabilities in browsers and Adobe Reader. When a victim visited a site that was displaying one of the malicious banner ads, the user's browser tries to render the malicious ad and contacts the back-end ad server. The server pulls in the malicious ad content from ADShufffle, which uses some malicious JavaScript to exploit one of a number of vulnerabilities. The JavaScript generated an iFrame that used the Eleonore exploit pack to finish the compromise and drop some malicious files on the PC. It's a classic drive-by download scenario, but in this case it's made all the more troublesome by the broad reach of the legitimate ad networks that were victimized by the attack. Armorize researchers contacted officials at DoubleClick after discovering the scheme. "We reached out to DoubleClick and in less than a few hours time they arranged a meeting with a group of their experts on anti-malvertising and incidence response. We were very surprised and impressed with the speed that DoubleClick acted. We provided details, and DoubleClick said they were already on top of the issue," Huang said. "At the same time, our CEO Caleb Sima received a private email indicating that mail.live.msn, together with other big websites, were serving drive-by downloads via malvertising. We started to investigate other ad exchanges, because it was apparent that ADShufffle.com was able to trick multiple ad exchanges into serving their malicious javascript." A spokesman for Google, which owns DoubleClick, told the IDG News Service [3] that the malicious ads were only being served for a short amount of time, and that the company's own malware filters detected the ads, as well. From rforno at infowarrior.org Mon Dec 13 07:45:30 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 13 Dec 2010 08:45:30 -0500 Subject: [Infowarrior] - EFF: Wikileaks, the Law, and You Message-ID: <64FA6A26-5DA6-4BE2-92D2-69613048F259@infowarrior.org> Information is the Antidote to Fear: Wikileaks, the Law, and You Legal Analysis by Kevin Bankston http://www.eff.org/deeplinks/2010/12/information-antidote-fear-wikileaks-law-and-you When it comes to Wikileaks, there's a lot of fear out there on the Internet right now. Between the federal criminal investigation into Wikileaks, Senator Joe Lieberman's calls for companies to stop providing support for Wikileaks and his suggestion that the New York Times itself should be criminally investigated, Senator Dianne Feinstein's recent Wall Street Journal op-ed calling for prosecution of Wikileaks founder Julian Assange, and even the suggestion by some that he should be assassinated, a lot of people are scared and confused. Will I break the law if I host or mirror the US diplomatic cables that have been published by Wikileaks? If I view or download them? If I write a news story based on them? These are just a few of the questions we've been getting here at EFF, particularly in light of many US companies' apparent fear to do any business with Wikileaks (with a few notable exceptions). We unfortunately don't have the capacity to offer individualized legal advice to everyone who contacts us. What we can do, however, is talk about EFF's own policy position: we agree with other legal commentators who have warned that a prosecution of Assange, much less of other readers or publishers of the cables, would face serious First Amendment hurdles ([1], [2]) and would be "extremely dangerous" to free speech rights. Along with our friends at the ACLU, "We're deeply skeptical that prosecuting WikiLeaks would be constitutional, or a good idea." Even better than commentary, we can also provide legal information on this complicated issue, and today we have for you some high quality legal information from an expert and objective source: Congress' own research service, CRS. The job of this non-partisan legal office is to provide objective, balanced memos to Congress on important legal issues, free from the often hysteric hyperbole of other government officials. And thanks to Secrecy News, we have a copy of CRS' latest memo on the Wikileaks controversy, a report entitled "Criminal Prohibitions on the Publication of Classified Defense Information" and dated this Monday, December 6. Like this blog post itself, the CRS memo isn't legal advice. But it is a comprehensive discussion of the laws under which the Wikileaks publishers ? or anyone else who obtains or publishes the documents, be it you or the New York Times ? might be prosecuted and the First Amendment problems that such a prosecution would likely raise. Notably, the fine lawyers at CRS recognize a simple fact that statements from Attorney General Eric Holder, the Senators, the State Department and others have glossed over: a prosecution against someone who isn't subject to the secrecy obligations of a federal employee or contractor, based only on that person's publication of classified information that was received innocently, would be absolutely unprecedented and would likely pose serious First Amendment problems. As the summary page of the 21-page memo succinctly states, This report identifies some criminal statutes that may apply [to dissemination of classified documents], but notes that these have been used almost exclusively to prosecute individuals with access to classified information (and a corresponding obligation to protect it) who make it available to foreign agents, or to foreign agents who obtain classified information unlawfully while present in the United States. Leaks of classified information to the press have only rarely been punished as crimes, and we are aware of no case in which a publisher of information obtained through unauthorized disclosure by a government employee has been prosecuted for publishing it. There may be First Amendment implications that would make such a prosecution difficult, not to mention political ramifications based on concerns about government censorship. The report proceeds to discuss the Espionage Act of 1917 and a number of other potentially applicable statutes, followed by an extended discussion (at pp. 14-20) of how the Supreme Court's First Amendment decisions ? and in particular the Pentagon Papers case ? could complicate such a prosecution. For anyone interested in or concerned about the legality of publishing the Wikileaks documents and the legal and political challenges to a successful prosecution, this CRS memo is an absolute must-read. Hopefully, this information will help counter much of the fear that our government's so-called "war" against Wikileaks has generated. Meanwhile, we will continue our effort to oppose online censorship and provide additional news and commentary on the ongoing WikiLeaks saga, which is shaping up to be the first great free speech battle of the 21st century. We hope you'll join us in the fight. From rforno at infowarrior.org Mon Dec 13 10:52:21 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 13 Dec 2010 11:52:21 -0500 Subject: [Infowarrior] - Forbes' decent analysis of Gawker mess Message-ID: <220EC1A1-13CB-4737-8DE4-BDAD383BAA30@infowarrior.org> (c/o anonymous) The Real Lessons Of Gawker?s Security Mess http://blogs.forbes.com/firewall/2010/12/13/the-lessons-of-gawkers-security-mess/ From rforno at infowarrior.org Mon Dec 13 11:33:53 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 13 Dec 2010 12:33:53 -0500 Subject: [Infowarrior] - OT: "NoLabels" PAC launches Message-ID: <9A737B76-D56E-4492-837A-1F3132E78613@infowarrior.org> http://nolabels.org/ Who We Are We live in the time of the movement -- where views and opinions of our citizens can be aggregated and collected and heard as one voice through social media and online organizing technology. There is a new movement afoot -- one that represents the majority of Americans left out of the current political debate--it's called No Labels. Organized around a single and simple idea, this movement encourages leaders to "put the labels aside" in an effort to seek common sense solutions to our nation's problems. No Labels is not a centrist, conservative, or liberal movement. In fact, No Labels is not about ideology; it is about an attitude and new approach. We do not ask any political leader to ever give up their label - merely put it aside -- in order to work together and find practical solutions to our nation's problems. If an idea has merit and is fact-based -- No labels pays no heed to whether it is a Republican or Democratic idea, the only concern is that it offers a practical solution for our nation?s many ills. No Labels intends to unite Republicans, Democrats and Independents with a simple, single idea -- our leaders need to work together to do what government was intended to do: solve problems. No Labels is not a political party nor aspires to be one, our focus is on building a broad citizen movement, not running any one individual for office. Too often in today?s world -- political gamesmanship gets in the way of solving problems and leads to gridlock. No Labels seeks to change the dynamics of our political culture and provide support for those politicians who will put their labels aside and work across the aisle to solve problems. Ideological extremism and political litmus tests are toxic and destructive to creating a space where the best ideas can be found and enacted. We need to change the culture in Washington so that government can work effectively to solve problems. The people's voice needs to be heard loud and clear if our leaders' behavior is to change. No Labels is about changing behavior and making it acceptable again to work across party lines and focus on practical solutions. Only until our leaders put the labels aside can we have confidence in them to make the right decisions for our nation. No Labels is a simple and clear unifying idea whose time has come. It is not a political party and does not have an issues platform. We represent a new voice for our citizens. As the movement expands there may be issues that the movement embraces and advocates but we will not prescribe what they will be in our formation and launch. From rforno at infowarrior.org Mon Dec 13 13:45:20 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 13 Dec 2010 14:45:20 -0500 Subject: [Infowarrior] - Cyberwar? What Cyberwar? Message-ID: <0886D8D2-2247-4653-AC89-45939025EB12@infowarrior.org> Cyberwar? What Cyberwar? December 13, 2010 By BryanHalfpap Comments (0) http://ctovision.com/2010/12/cyberwar-what-cyberwar/ Ladies and Gentlemen, put down the keyboards, stop reading the screen for a moment, and take a deep breath. I?ll wait. Ok. Now that you?ve done that, you can relax with the knowledge that we are not currently ? nor have we ever been in ? a ?cyberwar? with any foreign power or group. Yes, including China. So far there have not been any verified examples of cyberwar of any kind. At this point, you probably either think me crazy or correct, but really when we get down to it, this is because our views differ on what the exact meaning of the word ?war? is. Now we?re done with the Op-Ed for the moment. War is commonly defined as a conflict between two parties, usually two states or the agents thereof. When a country such as the United States goes to war, typically a declaration of war is created by Congress. Once in a war, a participant is expected to be hostile to an enemy, attack targets, and attempt to win objectives. Espionage, on the other hand, is another bag of tricks altogether. Espionage is defined by the following: Espionage: the use of spies by a government to discover the military and political secrets of other nations. (Reference.com) So what makes cyberwar cyberwar and what makes cyber-spying cyber-spying? Well the difference on what crosses into where really depends on your interpretation of what an act of war is. Does stealing plans for a fighter jet constitute an act of war? (JSF Plans Stolen) Does breaking into confidential and sensitive email accounts count?(Operation Aurora) What about unauthorized access of government systems?(GhostNet) These acts are all acts of espionage. A foreign spy or spys are collecting information about the United States by stealing it through computers, and to many people, these acts should be interpreted as acts of war. Attacks aren?t limited to the United States, however. In fact, a 2008 cyberattack originating from inside Russia against Georgia is the closest thing to a cyberwar the world has yet seen. The 2008 conflict in South Ossetia generated a flurry of speculation in online communities about cyberwar attacks originating in Russia against the government services of Georgia. A good article explaining some of what happened is available here from ZDnet, but the basics are that before and during the Russian occupancy of Georgia, such devastating cyberattacks were launched that during the invasion the Georgian government?s technological infrastructure and online presence were decimated during their attack. Officially the Russian government is not implicated. The attacks were instead attributed to a network known to rent out botnets and provide ?bulletproof? hosting to malware domains was used ? The Russian Business Network. The RBN is widely accepted to have some sort of political ties to the Russian government. It would be so easy to just jump from here to the conclusion that Russia is responsible for this, but you can?t make that conclusion in good faith ? and here?s an example why: Recently, a group of users from 4chan have been distributing a hivemind (voluntary botnet) DDOS application known as the Low-Orbit Ion Cannon, or LOIC. LOIC is one of hundreds of out-of-the-box denial of service programs made by hackers and distributed among the less skilled ?Script Kiddies?. These widely-availible tools were recently used to cripple Paypal, Visa, and Mastercard to the point where transactions were being affected all over the world. These websites handle much more traffic per day than the Georgian government does. This demonstrates that a cyber-milita can be built in a day with a few vigorous posts on a message board urging hacktivism (a form of activism leveraging computer hacks or denial of service attacks). 4chan?s ?anonymous? is particularly good at this, as it has demonstrated, and patriotism is a powerful force. Perhaps it was lone hackers, script kiddies, or teenagers with access to these simple tools that attacked Georgia out of patriotism, not solely a sinister network selling botnets to the Russian government. Another oft-touted example of cyberwar is the stuxnet virus. Stuxnet was an act of espionage. Sure, it could have been used as a cyberwar tool if its authors had come out and declared its purpose and target from the beginning. Otherwise it is simply a very targeted attack against countries using specific SCADA control systems running a uranium centrifuge at specific frequencies. Nobody knows who wrote it. With this sort of evidence and the anonymity, this super-virus is a textbook case of sabotage. Back to the Op-Ed: The media and security companies must stop this fear-mongering. I shouldn?t be reading about cyberwar in the news every day or hear radio advertisements for cyberwar prevention solutions. ?Cyberwar? might sell papers and security consulting gigs, but it makes people scared and causes them ask all the wrong questions, like ?Why are we not at war with China if they are launching these Cyber-War attacks??. We should be asking ? ?How are we defending our country against sabotage and espionage??. Cyber-war and its negative connotations simply encourage a hostile attitude between the United States and China in a already-tense political climate and misinform the public about computer security issues. Instead of ?Cyberwar attacks? and ?cyberwar?, perhaps call it espionage or cyber-espionage if you really need the cyber prefix that much. From rforno at infowarrior.org Mon Dec 13 13:50:18 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 13 Dec 2010 14:50:18 -0500 Subject: [Infowarrior] - SCOTUS: You May Not Be Able To Legally Sell A Product First Made Outside The US Message-ID: <634D8704-E939-4433-85EE-9FE322BD3C6D@infowarrior.org> Supreme Court Ruling: You May Not Be Able To Legally Sell A Product First Made Outside The US from the this-is-bad dept http://www.techdirt.com/articles/20101213/09353512255/supreme-court-ruling-you-may-not-be-able-to-legally-sell-product-first-made-outside-us.shtml Earlier this year, we covered a rather important copyright case in the Supreme Court, between watchmaker Omega and retailing giant Costco. The crux of the issue was that Costco bought a bunch of Omega watches that were not meant for sale in the US, imported them, and started selling them in the US for less than Omega was selling other watches here. Your basic principles of "you bought it, you can resell it" seemed to apply, but Omega had a nasty copyright trick up it's sleeve. It had put a little 0.5 cm "globe" design on the underside of the watches -- where no one would see it, and then claimed copyright on the design. Thus, they claimed that Costco's attempt to resell the watches was copyright infringement. Of course, US copyright law has a right of first sale (the same "you bought it, you can resell it" concept), but Omega's lawyers craftily sought out a loophole in US copyright law. The Copyright Act's section that deals with first sale rights (section 109(a) for those playing along with the home game) notes that it only applies to copies "lawfully made under this title." Omega's lawyers argued that the design on the watches does not count because the watchers were made outside of the US, and thus not covered by US copyright law and thus the design was not lawfully made under US copyright law. The Ninth Circuit appeals court -- which certainly has a history of wacky rulings -- agreed with Omega's interpretation of the law and the case was appealed to the Supreme Court. The court deadlocked on the issue today, coming to a 4-4 tie (with Justice Kagan not taking part, since she had filed an amicus brief in the case as Solicitor General), meaning that the 9th Circuit ruling stands and copyrighted products first made outside the US may no longer have a right of first sale. In other words, be careful if you buy a book that was first published outside the US. Technically, you may no longer have a legal right to sell it -- or even to lend it to to others, which is why librarians were reasonably worried about this decision. If there's any sort of silver lining to all of this, the fact that the Justices deadlocked, rather than coming to a full decision means that it's not a precedential ruling and a different case could allow them to decide differently later on. Though, if you were wondering, when Kagan filed the amicus brief as Solicitor General... she sided with Omega, and said the Supreme Court should not take the case, since the 9th Circuit's ruling was just fine. From rforno at infowarrior.org Mon Dec 13 16:25:45 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 13 Dec 2010 17:25:45 -0500 Subject: [Infowarrior] - =?windows-1252?q?Alzheimer=92s=3A_Threads_of_Disc?= =?windows-1252?q?overy=2C_to_Weave_a_Plan_of_Attack?= Message-ID: <0D2CF352-397D-4E6E-968C-11487E8AE5BF@infowarrior.org> December 13, 2010 Threads of Discovery, to Weave a Plan of Attack By GINA KOLATA http://www.nytimes.com/2010/12/14/health/14alzheimers.html Alzheimer?s researchers are obsessed with a small, sticky protein fragment, beta amyloid, that clumps into barnaclelike balls in the brains of patients with this degenerative neurological disease. It is a normal protein. Everyone?s brain makes it. But the problem in Alzheimer?s is that it starts to accumulate into balls ? plaques. The first sign the disease is developing ? before there are any symptoms ? is a buildup of amyloid. And for years, it seemed, the problem in Alzheimer?s was that brain cells were making too much of it. But now, a surprising new study has found that that view appears to be wrong. It turns out that most people with Alzheimer?s seem to make perfectly normal amounts of amyloid. They just can?t get rid of it. It?s like an overflowing sink caused by a clogged drain instead of a faucet that does not turn off. That discovery is part of a wave of unexpected findings that are enriching scientists? views of the genesis of Alzheimer?s disease. In some cases, like the story of amyloid disposal, the work points to new ways to understand and attack the disease. If researchers could find a way to speed up disposal, perhaps they could slow down or halt the disease. Researchers have also found that amyloid, in its normal small amounts, seems to have a purpose in the brain ? it may be acting like a circuit breaker to prevent nerve firing from getting out of control. But too much amyloid can shut down nerves, eventually leading to cell death. That means that if amyloid levels were reduced early in the disease, when excess amyloid is stunning nerve cells but has not yet killed them, the damage might be reversed. Yet another line of research involves the brain?s default network: a system of cells that is always turned on at some level. It includes the hippocampus, the brain?s memory center, but also other areas, and is the brain?s mind-wandering mode ? the part that is active when, for instance, you?re driving in your car and you start thinking about what you will make for dinner. That brain system, scientists find, is exactly the network that is attacked by Alzheimer?s, and protecting it in some way might help keep the brain healthier longer. For example, during nondreaming sleep, the default network is thought to be less active, like a light bulb that has been dimmed. The network also ramps down during intense and focused intellectual activity, which uses different areas of the brain. One emerging theory suggests that if the default network can be rested, amyloid production might be decreased, allowing even an amyloid disposal system that was partly hobbled by Alzheimer?s to do a better job. The result of all this work is a renewed vigor in the field. After years in which it was not clear how to attack this devastating disease, scientists have almost an embarrassment of riches. The research is in early stages, of course, and there are many questions about which discoveries and insights will lead to prevention or a treatment that works. But there is a new hopefulness that, at long last, this terrible disease may eventually be conquered, said Richard Mohs, Alzheimer?s group team leader at Eli Lilly. ?We are much closer and quite optimistic that we will be able to do it,? Dr. Mohs said. A Key Question When Dr. Randall Bateman first tried to get funds for an effort to answer a sort of chicken-and-egg question about Alzheimer?s, some grant reviewers turned him down, saying they doubted it would work. But they were wrong. He got his answer, although it took much longer than he expected, and his paper describing his results was just published online Thursday by Science.The question came to him in 2003, when he was a neurology resident. One day he was sitting in the hospital cafeteria at Washington University in St. Louis, taking advantage of free soup and rolls. Dr. David M. Holtzman, a neurology professor, joined him, and the two began to talk about the puzzle of Alzheimer?s. Why, Dr. Bateman wondered, did beta amyloid build up in patients? brains? Were people making too much? Or were they unable to dispose of what they made? Great question, Dr. Holtzman replied, but what kind of test could you do to answer it? Dr. Bateman pondered the issue for a year and finally figured out a method. It would not be easy ? study subjects would have to sit around for 36 hours with a catheter in their spinal column collecting cerebrospinal fluid. ?I said, ?I think I can probably develop and do this in about six months,? ? he told Dr. Holtzman. Dr. Holtzman had his doubts. ?I thought his idea could work conceptually, but for everything to work just right in a human being was a long shot,? he said. Dr. Bateman?s plan was to put a catheter into a person?s vein and infuse an ingredient, the amino acid leucine, that cells need to make beta amyloid. The infused leucine would be chemically modified with a form of carbon that did not affect its function or safety but that made it easy to detect newly made amyloid as it was flushed out into the spinal fluid. And since he knew how much leucine he gave people, he could measure how much amyloid they made and then see how fast it was drained. When the study began, Dr. Bateman was his own first subject. He then did the test on people in their 30s and 40s, as well as healthy older people and people with Alzheimer?s. He finally completed the study, getting his answer in seven years, rather than the six months he had na?vely expected. The problem in Alzheimer?s, he found, is disposal. Beta amyloid, he found, normally is disposed of extremely quickly ? within eight hours, half the beta amyloid in the brain has been washed away, replaced by new beta amyloid. With Alzheimer?s disease, Dr. Bateman discovered, beta amyloid is made at a normal rate, but it hangs around, draining at a rate that is 30 percent slower than in healthy people the same age. And healthy older people, in turn, clear the substance from their brains more slowly than healthy younger people. That means that it might be possible to attack Alzheimer?s not just by getting rid of beta amyloid but also by speeding its disposal. And, he says, there is a clear message in his results. ?What we think may be happening is that a clearance mechanism is broken first,? Dr. Bateman says. Slowly, as years go by, beta amyloid starts to accumulate in the brain. If that clearance can be fixed, or enhanced, the buildup might never occur. Beta Amyloid as Signal Control For years, Alzheimer?s researchers wondered if the brain used small molecules of beta amyloid or if those fragments, produced when a larger protein is snipped, were more like scraps of fabric, serving no purpose and just getting in the way. Now, some say they may have an answer. Beta amyloid, in small quantities, seems to control signaling between nerve cells, reducing the strength of signals when they are too strong. But when it accumulates, the brain can have too much of a good thing. Nerve impulses can be stopped dead, nerves can die, and the disease can take hold, according to this idea. The work leading to this conclusion began a few years ago when Dr. Roberto Malinow of the University of California, San Diego, decided to look at whether beta amyloid affects synapses, the functional connections between nerve cells. Electrical signals are transmitted through synapses as they travel from nerve cell to nerve cell. And nerve cells make beta amyloid and release it onto their synapses. Was it doing anything there? One way to find out, Dr. Malinow reasoned, would be to genetically engineer nerves to overproduce beta amyloid and determine what happened to their signaling in laboratory experiments. The signals, he found, were muffled. As Dr. Malinow and his colleagues inquired further they discovered that beta amyloid seemed to be part of a nerve cell feedback loop. A nerve will start firing, but under some conditions, the signal can get too intense. Then the nerve releases beta amyloid, bringing the signaling down to normal levels, at which point the nerve stops releasing beta amyloid. The impact of beta amyloid on synapses was ?a very clear effect,? at least in the lab, Dr. Malinow said. ?We proposed that maybe a-beta was normally part of a negative feedback system,? Dr. Malinow said, using a shorthand reference to beta amyloid. The damage ? and Alzheimer?s disease ? comes in if there are too many clumps of beta amyloid in the brain. When that happens, the signals between nerve cells are reduced too much, effectively stopping communication. ?Too much of a good thing is bad,? says Dr. Dennis Selkoe, a professor of neurologic diseases at Harvard Medical School. Still, treatment at that point, before the nerves are dying, might reverse the disease. There may be another way to protect nerves from too much beta amyloid, and it involves a different protein linked to Alzheimer?s. Problems with it show up in the brains of Alzheimer?s patients later, after there has already been a buildup of beta amyloid. The protein is tau, an integral part of normal cells. It becomes tangled and twisted in Alzheimer?s, after cells are already dying, looking like strands of tangled spaghetti. For decades researchers have argued about whether those distorted tau molecules were a cause or an effect of nerve cell death. Now, they believe they may have an answer, which is spurring the search for drugs to salvage tau and protect the brain from beta amyloid. New studies by Dr. Lennart Mucke, a neurology professor at the University of California, San Francisco, and director of the Gladstone Institute of Neurological Disease there, and others suggest that tau facilitates beta amyloid?s lethal effects. In genetically engineered mice and in laboratory experiments, the researchers found that without tau, beta amyloid cannot impair nerve cells. If tau also plays the same role in the brains of humans, that might resolve a longstanding mystery. Occasionally, in autopsies pathologists find that people who had normal memories had lots of plaques in their brains. Perhaps those people, for some reason, made very little tau or were naturally resistant to the injurious interaction between tau and beta amyloid. Could that be why they somehow endured a buildup of beta amyloid? ?That?s a very interesting question,? Dr. Mucke said. ?We don?t know the answer.? But, he adds, researchers ?should try to learn from such cases how to better fight the disease.? Early Detection Crucial In order to treat Alzheimer?s before it is too late, scientists now believe they have to detect it much earlier, before there are symptoms. To do that, they have developed several new methods, including brain scans that can show amyloid plaques in living patients. And for Dr. Marcus E. Raichle, a neurologist at Washington University, what the scans showed was a revelation. ?I was absolutely struck by where this stuff was accumulating in the brain,? he said. Amyloid was in exactly the areas he was studying, the default network. It is used not only in daydreaming but in memory and in the sense of self. For example, if a man is shown a list of adjectives ? honest, kind, thoughtful ? and asked if they reflect the way he thinks of himself, the man will use his default network. ?It seems to be a target of Alzheimer?s disease, which I found stunning,? Dr. Raichle said. The entire default network, and only the default network, was under attack. The default network is costly for the brain to run, using huge amounts of glucose, Dr. Raichle said. And one indication that a person is getting Alzheimer?s is that in scans, the brain?s glucose use is markedly lower. The observation that Alzheimer?s attacks the default network, then, explains the observation that a low use of glucose by the brain is associated with Alzheimer?s disease. ?The default network has a unique metabolic profile,? Dr. Raichle said. ?That opens up a whole set of biological questions about how these synapses are operating.? ?Why does Alzheimer?s attack that region?? he asked. ?The simple answer is, we don?t know.? Meanwhile, Dr. Holtzman was doing a different sort of experiment that turned out to bear directly on what Dr. Raichle was finding. He found a way to measure amyloid levels in the brains of living mice. He would drill a small hole in each one?s skull and insert a probe that allowed beta amyloid to be collected. Dr. Holtzman kept the probes in while the animals were eating and running around their cages and when they were sleeping. Beta amyloid synthesis increased when they were awake, when the default network is most active, and decreased when they slept. His colleagues, Dr. David Brody at Washington University and Dr. Sandra Magnoni of Milan University, then devised an experiment in people. Their subjects were in comas following head trauma or strokes. Often, doctors drill a small hole in these patients? skulls and insert a catheter to monitor fluids in the brain. Dr. Brody and Dr. Magnoni asked if they could also measure beta amyloid. They found that the less active the person?s brain, the less beta amyloid it made. That made the researchers ask whether something similar was happening during sleep ? the default network was less active, so perhaps less beta amyloid was being made. If so, the implication, which Dr. Holtzman is studying, is that people who are sleep-deprived might be at greater risk of Alzheimer?s. Another question is whether, as observations have suggested, people with more education are less prone to develop Alzheimer?s disease. Dr. Holtzman?s hypothesis is that education, by encouraging more deliberate problem-solving and thought, decreases the activity of the default network, which is not highly engaged with such focused activity. At this point, with so many threads of research pointing to so many ideas about Alzheimer?s, everything is a target for treatments to prevent or slow the disease ? enhancing the brain?s beta amyloid disposal system, interfering with nerve cells? feedback loops, blocking tau, protecting the brain?s default network by focusing on its unique metabolic properties. But researchers say the best hope for the immediate future is with experimental drugs, now being tested, that slow beta amyloid production. The hope is that if the flow of amyloid into the brain is slowed, levels can go down even if the amyloid drain is slightly clogged. The drugs might work even if the problem is with the drain, not the faucet. The trick in Alzheimer?s, though, might be to start treatment before too much damage is done. And, said Dr. Samuel E. Gandy, a neurology professor at Mount Sinai School of Medicine, there are some big questions that will have to be answered soon. ?The question for the amyloid folks is, How early is early enough to start treatment? How long is long enough to treat? And what are the other targets we should be attacking?? But for now, Dr. Holtzman says, the new findings are offering hope. ?We have a richer view of the genesis of Alzheimer?s disease as well as new directions for research, prevention and treatment,? he said. From rforno at infowarrior.org Tue Dec 14 09:50:23 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 14 Dec 2010 10:50:23 -0500 Subject: [Infowarrior] - Assange makes bail in UK Message-ID: <6A68B4C4-1B67-432C-A2C9-DC5F88B013E2@infowarrior.org> UK court grants bail to WikiLeaks' Julian Assange http://news.yahoo.com/s/ap/20101214/ap_on_bi_ge/eu_wikileaks_assange LONDON ? A British judge granted bail to WikiLeaks founder Julian Assange on Tuesday, saying he must abide by strict bail conditions as he fights extradition to Sweden in a sex-crimes investigation. The 39-year-old Australian has been held in a London prison for a week after surrendering to Scotland Yard due to a Swedish arrest warrant. Assange is wanted for questioning after two women accused him of sexual misconduct in separate encounters in Sweden over the summer. Lawyers for Assange say he denies the allegations and will contest Sweden's attempt to extradite him. A number of eminent international figures had offered to post bond worth at least 200,000 pounds ($315,000) to help secure Assange's release, his lawyer, high-profile human rights advocate Geoffrey Robertson, told the hearing in London on Tuesday. Lawyer Gemma Lindfield, acting on behalf of Swedish authorities, asked the court to deny Assange bail because the allegations in Sweden were serious, Assange had only weak ties to Britain and he had money enough "to abscond." Supporters outside City of Westminster Magistrates' Court erupted in cheers when they heard news of the judge's ruling. From rforno at infowarrior.org Tue Dec 14 10:09:11 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 14 Dec 2010 11:09:11 -0500 Subject: [Infowarrior] - iPhone snitch network launched Message-ID: iPhone snitch network launched http://www.infowars.com/iphone-snitch-network-launched/ Jason Douglass Infowars.com December 13, 2010 A new iPhone App with the misleading name ?PatriotApp? attempts to draw on the power of the patriot movement, turning smartphone users into a gigantic snitch network. You might think an app with such a patriotic name might have useful functions like a pocket constitution or quotes from our forefathers. But contrary to the services one might expect, this app allows users to report any ?suspicious? behavior directly linking them with top government agencies. Much like the new DHS program ?If you see something, say something? this app is meant to turn average citizens into a network of spies feeding information back to the federal government. Citizen Concepts, a company formed by insiders from DHS, defines the use of such an app on their homepage: Citizen Concepts announces the launch of PatriotAppTM, the world?s first iPhone application that empowers citizens to assist government agencies in creating safer, cleaner, and more efficient communities via social networking and mobile technology. This app was founded on the belief that citizens can provide the most sophisticated and broad network of eyes and ears necessary to prevent terrorism, crime, environmental negligence, or other malicious behavior. Simply download, report (including pictures) and submit information to relevant government agencies, employers, or publish incident data to social network tools. Key Features: Integrated into Federal Agencies points of contacts FBI EPA GAO CDC Custom integration with user employers Fully integrated with Social Media (Facebook, Twitter) Multiple menus and data fields View FBI Most Wanted Simple graphical user interface Uses: Enable citizens to record and communicate: National Security, Suspicious activities, Crime Government Waste Environmental Crime or possible violations White collar crime Workplace harassment, discrimination, or other violations Public Health concerns PatriotApp encourages active citizen participation in the War on Terror and in protecting their families and surrounding communities. Fresh food that lasts from eFoods Direct (Ad) An app like this is meant to solidify the climate of fear in which our leaders want us to exist. The threat of terrorism must be palpable in order for the ?War on Terror? to be justified and to validate all the extreme measures instituted in its name. From rforno at infowarrior.org Tue Dec 14 18:36:25 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 14 Dec 2010 19:36:25 -0500 Subject: [Infowarrior] - USAF blocks NYTimes, Guardian, and official access to other sites Message-ID: Now this is just *stupid*. --- rick Air Force Blocks Media Sites With Leaked Cables By SPENCER E. ANTE And JULIAN E. BARNES http://online.wsj.com/article/SB10001424052748704694004576019944121568506.html The U.S. Air Force is blocking its personnel from using work computers to view the websites of the New York Times and other major publications that have posted classified diplomatic cables, people familiar with the matter said. Air Force users who try to view the websites of the New York Times, Britain's Guardian, Spain's El Pais, France's Le Monde or German magazine Der Spiegel instead get a page that says, "ACCESS DENIED. Internet Usage is Logged & Monitored," according to a screen shot reviewed by The Wall Street Journal. The notice warns that anyone who accesses unauthorized sites from military computers could be punished. The Air Force said it had blocked more than 25 websites that contained the documents, originally obtained by the website WikiLeaks and published starting late last month, in order to keep classified material off unclassified computer systems. Major Toni Tones, a spokeswoman for Air Force Space Command, wouldn't name the websites but said they might include media sites. Removing such material after it ends up on a computer could require "unnecessary time and resources," Major Tones said. "The U.S. Air Force will need to block every single news website, because WikiLeaks was covered by virtually every single news organization on earth," a New York Times spokeswoman said. The move was ordered by the 24th Air Force, which is responsible for maintaining Air Force computer networks. The Army, Navy and Marines aren't blocking the sites, and the Defense Department hasn't told the services to do so, according to spokespeople for the services and the Pentagon. The Office of the Secretary of Defense has issued guidance against visiting WikiLeaks or downloading documents posted there, according to defense officials. The Air Force told its own personnel in August to avoid those actions. Service commanders have authority to go beyond Pentagon guidance and issue orders to protect classified information. One senior defense official questioned the wisdom of blocking the newspaper sites or even prohibiting service members from visiting them on military computers, arguing that the information has spread on the Internet and that sites like the New York Times contain other, useful information. The defense official said blocking the New York Times was a misinterpretation of military guidance to avoid visiting websites that post classified material. The new order doesn't prevent Air Force personnel from viewing the media websites on nonmilitary computers, one Air Force official said. The block can also be lifted if accessing one of the news sites is essential to a person's job, according to the screen shot. From rforno at infowarrior.org Tue Dec 14 20:51:29 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 14 Dec 2010 21:51:29 -0500 Subject: [Infowarrior] - FBI allegedly backdoored OpenBSD IPSEC stack? Message-ID: http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 List: openbsd-tech Subject: Allegations regarding OpenBSD IPSEC From: Theo de Raadt Date: 2010-12-14 22:24:39 Message-ID: 201012142224.oBEMOdWM031222 () cvs ! openbsd ! org [ Download message RAW] I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, in particular the IPSEC stack. Around 2000-2001. Since we had the first IPSEC stack available for free, large parts of the code are now found in many other projects/products. Over 10 years, the IPSEC code has gone through many changes and fixes, so it is unclear what the true impact of these allegations are. The mail came in privately from a person I have not talked to for nearly 10 years. I refuse to become part of such a conspiracy, and will not be talking to Gregory Perry about this. Therefore I am making it public so that (a) those who use the code can audit it for these problems, (b) those that are angry at the story can take other actions, (c) if it is not true, those who are being accused can defend themselves. Of course I don't like it when my private mail is forwarded. However the "little ethic" of a private mail being forwarded is much smaller than the "big ethic" of government paying companies to pay open source developers (a member of a community-of-friends) to insert privacy-invading holes in software. ---- From: Gregory Perry To: "deraadt at openbsd.org" Subject: OpenBSD Crypto Framework Thread-Topic: OpenBSD Crypto Framework Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg== Date: Sat, 11 Dec 2010 23:55:25 +0000 Message-ID: <8D3222F9EB68474DA381831A120B1023019AC034 at mbx021-e2-nj-5.exch021.domain.local> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Status: RO Hello Theo, Long time no talk. If you will recall, a while back I was the CTO at NETSEC and arranged funding and donations for the OpenBSD Crypto Framework. At that same time I also did some consulting for the FBI, for their GSA Technical Support Center, which was a cryptologic reverse engineering project aimed at backdooring and implementing key escrow mechanisms for smart card and other hardware-based computing technologies. My NDA with the FBI has recently expired, and I wanted to make you aware of the fact that the FBI implemented a number of backdoors and side channel key leaking mechanisms into the OCF, for the express purpose of monitoring the site to site VPN encryption system implemented by EOUSA, the parent organization to the FBI. Jason Wright and several other developers were responsible for those backdoors, and you would be well advised to review any and all code commits by Wright as well as the other developers he worked with originating from NETSEC. This is also probably the reason why you lost your DARPA funding, they more than likely caught wind of the fact that those backdoors were present and didn't want to create any derivative products based upon the same. This is also why several inside FBI folks have been recently advocating the use of OpenBSD for VPN and firewalling implementations in virtualized environments, for example Scott Lowe is a well respected author in virtualization circles who also happens top be on the FBI payroll, and who has also recently published several tutorials for the use of OpenBSD VMs in enterprise VMware vSphere deployments. Merry Christmas... Gregory Perry Chief Executive Officer GoVirtual Education "VMware Training Products & Services" 540-645-6955 x111 (local) 866-354-7369 x111 (toll free) 540-931-9099 (mobile) 877-648-0555 (fax) http://www.facebook.com/GregoryVPerry http://www.facebook.com/GoVirtual From rforno at infowarrior.org Tue Dec 14 20:52:47 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 14 Dec 2010 21:52:47 -0500 Subject: [Infowarrior] - Email protected by Fourth Amendment, says appeals court Message-ID: Email protected by Fourth Amendment, says appeals court Dan Goodin in San Francisco ? Get more from this author Posted in Networks, 15th December 2010 01:28 GMT http://www.theregister.co.uk/2010/12/15/email_fourth_amendment/ Police must obtain a warrant before accessing emails stored by internet service providers, a federal appeals court has ruled in a landmark decision that also struck down part of a 1986 law that allows warrantless interception of some digital data. The unanimous decision (PDF), from a three-judge panel of the Sixth Circuit Court of Appeals, rejected prosecutors' arguments that there was no reasonable expectation that email is private when it's stored for more than 180 days. Such reasoning is antiquated today, when email conveys people's most guarded personal and business secrets and often lives on servers for years. As such, email should enjoy protection from unreasonable searches and seizures, the judges said. ?Given the fundamental similarities between email and traditional forms of communication, it would defy common sense to afford emails lesser Fourth Amendment protection,? the ruling stated. ?Email is the technological scion of tangible mail, and it plays an indispensable part in the Information Age.? The judges went on to declare part of the Stored Communications Act unconstitutional because it allowed the government to compel ISPs to turn over customer email without first obtaining a warrant based on probable cause. Civil liberties advocates hailed the ruling. ?This is a very big deal,? Freedom to Tinker's Paul Ohm blogged. ?It marks the first time a federal court of appeals has extended the Fourth Amendment to email with such care and detail. This is the opinion privacy activists and many legal scholars, myself included, have been waiting and calling for, for more than a decade. It may someday be seen as a watershed moment in the extension of our Constitutional rights to the internet.? The ruling came in the criminal case of one Steven Warshak, a penis-enhancement marketer who was convicted of multiple fraud charges. In the course of the investigation, prosecutors accessed thousands of Warshak's emails without a warrant. Tuesday's appeals ruling sent the case back to the lower court for a new sentence but upheld the conviction itself because police relied ?in good faith? on their interpretation of the surveillance law. Warshak's 25-year-prison sentence was tossed on issues unrelated to the email seizure. It's the latest in a string of victories for privacy advocates and comes on the heels of rulings that said the Fourth Amendment protects cellphone tower data and GPS tracking. ? From rforno at infowarrior.org Tue Dec 14 21:12:51 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 14 Dec 2010 22:12:51 -0500 Subject: [Infowarrior] - JASON Report: The Science of Cyber-Security Message-ID: <4C1C121B-A6AC-4BF6-841B-B584306B7EF5@infowarrior.org> JASON was requested by the DoD to examine the theory and practice of cyber-security, and evaluate whether there are underlying fundamental principles that would make it possible to adopt a more scientific approach, identify what is needed in creating a science of cyber-security, and recommend specific ways in which scientific methods can be applied. Our study identified several sub-fields of computer science that are specifically relevant and also provides some recommendations on further developing the science of cyber-security. Report@ http://www.fas.org/irp/agency/dod/jason/cyber.pdf From rforno at infowarrior.org Wed Dec 15 07:19:30 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 15 Dec 2010 08:19:30 -0500 Subject: [Infowarrior] - Zuckerberg is Time's Man of The Year Message-ID: <8B540337-2055-4999-A245-294DA2CB0DE5@infowarrior.org> Okay....person who runs a giant social media service, or someone who revealed how the world really exists versus how others want us to believe it exists (Assange). Assange got runner-up status, though. The conspiratorial part of me wonders if Time didn't bow to pressure *not* to give it to Assange. But who knows? --- rick Person of the Year 2010 For connecting more than half a billion people and mapping the social relations among them; for creating a new system of exchanging information; and for changing how we all live our lives, Mark Elliot Zuckerberg is TIME's 2010 Person of the Year. http://www.time.com/time/specials/packages/article/0,28804,2036683_2037181,00.html From rforno at infowarrior.org Wed Dec 15 07:25:50 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 15 Dec 2010 08:25:50 -0500 Subject: [Infowarrior] - Open Source Digital Forensics Message-ID: <3D8AB351-0721-4BC7-B6A8-FF43AF5A2C00@infowarrior.org> Open Source Digital Forensics The Open Source Digital Forensics site is a reference for the use of open source software in digital investigations (a.k.a. digital forensics, computer forensics, incident response). Open source tools may have a legal benefit over closed source tools because they have a documented procedure and allow the investigator to verify that a tool does what it claims. http://www2.opensourceforensics.org/home From rforno at infowarrior.org Wed Dec 15 15:20:25 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 15 Dec 2010 16:20:25 -0500 Subject: [Infowarrior] - Fwd: Amazon gets into the book-banning business References: <20101215195622.GA3810@gsp.org> Message-ID: <1252279A-62C3-4B74-9BB3-01E0950C10E5@infowarrior.org> Begin forwarded message: > From: Rich Kulawiec > Date: December 15, 2010 2:56:22 PM EST > To: Richard Forno , Dave Farber > Subject: Amazon gets into the book-banning business > > ( And, I think, makes a compelling argument why nobody should ever buy > a Kindle or any content for it. ) > > (h/t to Slashdot) > > Amazon in the Book Banning Business > http://theselfpublishingrevolution.blogspot.com/2010/12/amazon-in-book-banning-business.html > > Excerpt: > > On December 9, 2010, I was contacted by CreateSpace (Amazon's > Print on Demand service) who publishes my print books. They > informed me that my title, Back to the Garden, had been > removed for violating their "content guidelines." When > I consulted their guidelines I found them so vague as to > be useless--were they saying my content was illegal? Public > domain? Stolen? Offensive? (All of these were on the list). When > I inquired as to the specifics of the violation, they were not > forthcoming, and sent a form letter response stating that Amazon > "may, in its sole discretion, at any time, refuse to list or > distribute any content that it deems inappropriate." > > [...] > > When some of my readers began checking their Kindle archives for > books of mine they'd purchased on Amazon, they found them missing > from their archives. When one reader called to get a refund for > the book she no longer had access to, she was chastised by the > Amazon customer service representative about the "severity" > of the book she'd chosen to purchase. > > ---rsk > From rforno at infowarrior.org Wed Dec 15 16:45:39 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 15 Dec 2010 17:45:39 -0500 Subject: [Infowarrior] - House Judiciary: Wikileaks Hearing 12/16 Message-ID: (should be amusing... --- rick) Hearing on: Hearing on the Espionage Act and the Legal and Constitutional Issues Raised by WikiLeaks Thursday 12/16/2010 - 9:30 a.m. 12:00 p.m.10:00 a.m. 2141 Rayburn House Office Building Full Committee Witness List Abbe D. Lowell Partner McDermott Will & Emery LLP Washington, DC Kenneth L. Wainstein Partner O'Melveny & Myers LLP Washington, DC Geoffrey R. Stone Edward H. Levi Distinguished Service Professor and Former Dean University of Chicago Law School Chicago, IL Gabriel Schoenfeld, Ph.D. Senior Fellow Hudson Institute New York, NY Thomas S. Blanton Director National Security Archive at George Washington University Washington, DC Stephen I. Vladeck Professor of Law American University Washington College of Law Washington, DC Ralph Nader Legal Advocate and Author Washington, DC From rforno at infowarrior.org Wed Dec 15 17:08:05 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 15 Dec 2010 18:08:05 -0500 Subject: [Infowarrior] - Appeals Court Rebuffs Obama on Warrantless Cell-Site Tracking Message-ID: Court Rebuffs Obama on Warrantless Cell-Site Tracking ? By David Kravets ? December 15, 2010 | ? 3:52 pm | ? Categories: Surveillance, privacy http://www.wired.com/threatlevel/2010/12/cell-site-warrants/ A federal appeals court on Wednesday rejected the Obama administration?s contention the government is never required to get a court warrant to obtain cell-site information that mobile-phone carriers retain on their customers. The decision (.pdf) by the 3rd U.S. Circuit Court of Appeals is one in a string of court decisions boosting Americans? privacy in the digital age ? rulings the government fought against. The most significant and recent decision came Tuesday, when a different federal appeals court said for the first time the government must obtain a court warrant for an internet service provider to grant the authorities access to a suspect?s e-mail. The case concluded Wednesday concerns so-called historical cell-site location information, which carriers usually retain for about 18 months. The data identifies the cell tower to which the customer was connected to at the beginning of a call and at the end of the call ? and is often used in criminal prosecutions and investigations. ?Prosecutors across the country use the statute in criminal investigations to obtain a wide range of evidence,? (.pdf) the administration told the Philadelphia-based 3rd Circuit. The appeals court had ruled in September that judges had the discretion to require a warrant under the Fourth Amendment to obtain the cell-site information. It was the first appellate court to reach that conclusion, despite a handful of lower-court decisions freeing the government from that requirement. The Obama administration urged the appellate court to reconsider its position, an offer the court declined Wednesday without commenting on the merits. The administration has also asked the U.S. Court of Appeals for the District of Columbia Circuit to reverse its August ruling requiring court warrants to affix GPS devices to vehicles to track their every move. The administration said Americans should expect no privacy ?in the totality of his or her movements in public places.? The appellate court?s answer is pending. From rforno at infowarrior.org Thu Dec 16 07:28:17 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 16 Dec 2010 08:28:17 -0500 Subject: [Infowarrior] - Study Confirms That Fox News Makes You Stupid Message-ID: <84B994BE-8688-4B40-8ABD-C5A519F68E32@infowarrior.org> (I'm sure I'll hear back from folks on this, but worth tossing some red meat into the lions' den anyway. The op-ed is clearly anti-Fox, however the WPO link page has a much more balanced write-up about this issue that I think does deserve closer analysis in American society. -- rick) Study Confirms That Fox News Makes You Stupid http://www.alternet.org/media/149193/study_confirms_that_fox_news_makes_you_stupid A new survey of American voters shows that Fox News viewers are significantly more misinformed than consumers of news from other sources. December 15, 2010 | Yet another study has been released proving that watching Fox News is detrimental to your intelligence. World Public Opinion, a project managed by the Program on International Policy Attitudes at the University of Maryland, conducted a survey of American voters that shows that Fox News viewers are significantly more misinformed than consumers of news from other sources. What?s more, the study shows that greater exposure to Fox News increases misinformation. So the more you watch, the less you know. Or to be precise, the more you think you know that is actually false. This study corroborates a previous PIPA study that focused on the Iraq war with similar results. And there was an NBC/Wall Street Journal poll that demonstrated the break with reality on the part of Fox viewers with regard to health care. The body of evidence that Fox News is nothing but a propaganda machine dedicated to lies is growing by the day. In eight of the nine questions below, Fox News placed first in the percentage of those who were misinformed (they placed second in the question on TARP). That?s a pretty high batting average for journalistic fraud. Here is a list of what Fox News viewers believe that just aint so: ? 91 percent believe the stimulus legislation lost jobs ? 72 percent believe the health reform law will increase the deficit ? 72 percent believe the economy is getting worse ? 60 percent believe climate change is not occurring ? 49 percent believe income taxes have gone up ? 63 percent believe the stimulus legislation did not include any tax cuts ? 56 percent believe Obama initiated the GM/Chrysler bailout ? 38 percent believe that most Republicans opposed TARP ? 63 percent believe Obama was not born in the U.S. (or that it is unclear) The conclusion is inescapable. Fox News is deliberately misinforming its viewers and it is doing so for a reason. Every issue above is one in which the Republican Party had a vested interest. The GOP benefited from the ignorance that Fox News helped to proliferate. The results were apparent in the election last month as voters based their decisions on demonstrably false information fed to them by Fox News. By the way, the rest of the media was not blameless. CNN and the broadcast network news operations fared only slightly better in many cases. Even MSNBC, which had the best record of accurately informing viewers, has a ways to go before it can brag about it. The conclusions in this study need to be disseminated as broadly as possible. Fox?s competitors need to report these results and produce ad campaigns featuring them. Newspapers and magazines need to publish the study across the country. This is big news and it is critical that the nation be advised that a major news enterprise is poisoning their minds. This is not an isolated review of Fox?s performance. It has been corroborated time and time again. The fact that Fox News is so blatantly dishonest, and the effects of that dishonesty have become ingrained in an electorate that has been been purposefully deceived, needs to be made known to every American. Our democracy cannot function if voters are making choices based on lies. We have the evidence that Fox is tilting the scales and we must now make certain its corporate owners do not get away with it. From rforno at infowarrior.org Thu Dec 16 09:06:45 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 16 Dec 2010 10:06:45 -0500 Subject: [Infowarrior] - Schneier: Security in 2020 Message-ID: <5811918E-5808-48E2-A974-59AAF878FF07@infowarrior.org> Security in 2020 bruce_schneier http://www.schneier.com/blog/archives/2010/12/security_in_202.html There?s really no such thing as security in the abstract. Security can only be defined in relation to something else. You?re secure from something or against something. In the next 10 years, the traditional definition of IT security? that it protects you from hackers, criminals, and other bad guys? will undergo a radical shift. Instead of protecting you from the bad guys, it will increasingly protect businesses and their business models from you. Ten years ago, the big conceptual change in IT security was deperimeterization. A wordlike grouping of 18 letters with both a prefix and a suffix, it has to be the ugliest word our industry invented. The concept, though? the dissolution of the strict boundaries between the internal and external network? was both real and important. There?s more deperimeterization today than there ever was. Customer and partner access, guest access, outsourced e-mail, VPNs; to the extent there is an organizational network boundary, it?s so full of holes that it?s sometimes easier to pretend it isn?t there. The most important change, though, is conceptual. We used to think of a network as a fortress, with the good guys on the inside and the bad guys on the outside, and walls and gates and guards to ensure that only the good guys got inside. Modern networks are more like cities, dynamic and complex entities with many different boundaries within them. The access, authorization, and trust relationships are even more complicated. Today, two other conceptual changes matter. The first is consumerization. Another ponderous invented word, it?s the idea that consumers get the cool new gadgets first, and demand to do their work on them. Employees already have their laptops configured just the way they like them, and they don't want another one just for getting through the corporate VPN. They?re already reading their mail on their BlackBerrys or iPads. They already have a home computer, and it?s cooler than the standard issue IT department machine. Network administrators are increasingly losing control over clients. This trend will only increase. Consumer devices will become trendier, cheaper, and more integrated; and younger people are already used to using their own stuff on their school networks. It?s a recapitulation of the PC revolution. The centralized computer center concept was shaken by people buying PCs to run VisiCalc; now it?s iPads and Android smart phones. The second conceptual change comes from cloud computing: our increasing tendency to store our data elsewhere. Call it decentralization: our email, photos, books, music, and documents are stored somewhere, and accessible to us through our consumer devices. The younger you are, the more you expect to get your digital stuff on the closest screen available. This is an important trend, because it signals the end of the hardware and operating system battles we've all lived with. Windows vs. Mac doesn't matter when all you need is a web browser. Computers become temporary; user backup becomes irrelevant. It?s all out there somewhere? and users are increasingly losing control over their data. During the next 10 years, three new conceptual changes will emerge, two of which we can already see the beginnings of. The first I'll call deconcentration. The general-purpose computer is dying and being replaced by special-purpose devices. Some of them, like the iPhone, seem general purpose but are strictly controlled by their providers. Others, like Internet-enabled game machines or digital cameras, are truly special purpose. In 10 years, most computers will be small, specialized, and ubiquitous. Even on what are ostensibly general-purpose devices, we?re seeing more special-purpose applications. Sure, you could use the iPhone?s web browser to access the New York Times website, but it?s much easier to use the NYT?s special iPhone app. As computers become smaller and cheaper, this trend will only continue. It'll be easier to use special-purpose hardware and software. And companies, wanting more control over their users? experience, will push this trend. The second is decustomerization? now I get to invent the really ugly words ?the idea that we get more of our IT functionality without any business relation ship. We?re all part of this trend: every search engine gives away its services in exchange for the ability to advertise. It?s not just Google and Bing; most webmail and social networking sites offer free basic service in exchange for advertising, possibly with premium services for money. Most websites, even useful ones that take the place of client software, are free; they are either run altruistically or to facilitate advertising. Soon it will be hardware. In 1999, Internet startup FreePC tried to make money by giving away computers in exchange for the ability to monitor users? surfing and purchasing habits. The company failed, but computers have only gotten cheaper since then. It won't be long before giving away netbooks in exchange for advertising will be a viable business. Or giving away digital cameras. Already there are companies that give away long-distance minutes in exchange for advertising. Free cell phones aren't far off. Of course, not all IT hardware will be free. Some of the new cool hardware will cost too much to be free, and there will always be a need for concentrated computing power close to the user ?game systems are an obvious example? but those will be the exception. Where the hardware costs too much to just give away, however, we'll see free or highly subsidized hardware in exchange for locked-in service; that?s already the way cell phones are sold. This is important because it destroys what?s left of the normal business rela tionship between IT companies and their users. We?re not Google?s customers; we?re Google?s product that they sell to their customers. It?s a three-way relation ship: us, the IT service provider, and the advertiser or data buyer. And as these noncustomer IT relationships proliferate, we'll see more IT companies treating us as products. If I buy a Dell computer, then I'm obviously a Dell customer; but if I get a Dell computer for free in exchange for access to my life, it?s much less obvious whom I?m entering a business relationship with. Facebook?s continual ratcheting down of user privacy in order to satisfy its actual customers ?the advertisers?and enhance its revenue is just a hint of what?s to come. The third conceptual change I've termed depersonization: computing that removes the user, either partially or entirely. Expect to see more software agents: programs that do things on your behalf, such as prioritize your email based on your observed preferences or send you personalized sales announcements based on your past behavior. The ?people who liked this also liked? feature on many retail websites is just the beginning. A website that alerts you if a plane ticket to your favorite destination drops below a certain price is simplistic but useful, and some sites already offer this functionality. Ten years won't be enough time to solve the serious artificial intelligence problems required to fully real ize intelligent agents, but the agents of that time will be both sophisticated and commonplace, and they'll need less direct input from you. Similarly, connecting objects to the Internet will soon be cheap enough to be viable. There?s already considerable research into Internet-enabled medical devices, smart power grids that communicate with smart phones, and networked automobiles. Nike sneakers can already communicate with your iPhone. Your phone already tells the network where you are. Internet-enabled appliances are already in limited use, but soon they will be the norm. Businesses will acquire smart HVAC units, smart elevators, and smart inventory systems. And, as short-range communications ?like RFID and Bluetooth?become cheaper, everything becomes smart. The ?Internet of things? won't need you to communicate. The smart appliances in your smart home will talk directly to the power company. Your smart car will talk to road sensors and, eventually, other cars. Your clothes will talk to your dry cleaner. Your phone will talk to vending machines; they already do in some countries. The ramifications of this are hard to imagine; it?s likely to be weirder and less orderly than the contemporary press describes it. But certainly smart objects will be talking about you, and you probably won't have much control over what they?re saying. One old trend: deperimeterization. Two current trends: consumerization and decentralization. Three future trends: deconcentration, decustomerization, and depersonization. That?s IT in 2020? it?s not under your control, it?s doing things without your knowledge and consent, and it?s not necessarily acting in your best interests. And this is how things will be when they?re working as they?re intended to work; I haven't even started talking about the bad guys yet. That?s because IT security in 2020 will be less about protecting you from traditional bad guys, and more about protecting corporate business models from you. Deperimeterization assumes everyone is untrusted until proven otherwise. Consumerization requires networks to assume all user devices are untrustworthy until proven otherwise. Decentralization and deconcentration won?t work if you?re able to hack the devices to run unauthorized software or access unauthorized data. Deconsumerization won?t be viable unless you?re unable to bypass the ads, or whatever the vendor uses to monetize you. And depersonization requires the autonomous devices to be, well, autonomous. In 2020? 10 years from now ?Moore?s Law predicts that computers will be 100 times more powerful. That'll change things in ways we can't know, but we do know that human nature never changes. Cory Doctorow rightly pointed out that all complex ecosystems have parasites. Society?s traditional parasites are criminals, but a broader definition makes more sense here. As we users lose control of those systems and IT providers gain control for their own purposes, the definition of ?parasite? will shift. Whether they?re criminals trying to drain your bank account, movie watchers trying to bypass whatever copy protection studios are using to protect their profits, or Facebook users trying to use the service without giving up their privacy or being forced to watch ads, parasites will continue to try to take advantage of IT systems. They'll exist, just as they always have existed, and like today security is going to have a hard time keeping up with them. Welcome to the future. Companies will use technical security measures, backed up by legal security measures, to protect their business models. And unless you?re a model user, the parasite will be you. This essay was originally written as a foreword to Security 2020, by Doug Howard and Kevin Prince. From rforno at infowarrior.org Thu Dec 16 10:52:42 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 16 Dec 2010 11:52:42 -0500 Subject: [Infowarrior] - U.S. Urges Web Privacy 'Bill Of Rights' Message-ID: <71DC2060-6A32-4619-BD8F-32D66C1FE6C2@infowarrior.org> DECEMBER 16, 2010, 11:46 A.M. ET U.S. Urges Web Privacy 'Bill Of Rights' By JULIA ANGWIN http://online.wsj.com/article/SB10001424052748703395204576023521659672058.html The Obama administration called Thursday for the creation of a Privacy Policy Office that would help develop an Internet "privacy bill of rights" for U.S citizens and coordinate privacy issues globally. The U.S. Commerce Department's report stopped short of calling directly for specific privacy legislation. Instead, it recommends a "framework" to protect people from a burgeoning personal data-gathering industry and fragmented U.S. privacy laws that cover certain types of data but not others. The report marks a turning point for federal Internet policy. During the past 15 years of the commercial Internet, Congress and executive branch agencies have largely taken a hands off approach to the Internet out of a concern that a heavy government hand would stifle innovation. The report cites comments from some major technology companies, including Microsoft Corp. and Google Inc., expressing concerns about the current patchwork of rules and guidelines governing online privacy. The 88-page Commerce Department report states that the use of personal information has increased so much that privacy laws may now needed to restore consumer trust in the medium. The report is preliminary and will be completed next year. At that time, the administration is expected to make more specific legislative recommendations. The report rejects the current state of Internet privacy notices. It says people shouldn't be expected to read and understand the legal jargon contained in privacy policies "that nobody understands, if they say anything about privacy at all." A better approach, the report suggests, might be for companies to conduct privacy impact assessments that would be available to the public. Such reports "could create consumer awareness of privacy risks in a new technological context," the report said. The Commerce report says people should be notified when data about them is being used in a way that is different than the reason for which it was collected. "Consumers need to know that when their data are re-used, the re-use will not cause them harm or unwarranted surprise," the report says. It calls for a Privacy Policy Office that would "serve as a center of commercial data privacy policy expertise." The agency wouldn't oversee government use of data or existing health and financial privacy laws. Instead, it would aim to help the personal data-gathering industry develop codes of conduct that could be enforced by the Federal Trade Commission. The report also calls for the development of a national data breach law that would make it easier for companies to navigate the current patchwork of state data breach laws. It also calls for strengthening the existing wiretapping law?written in 1986?to protect more types of data from government surveillance. Write to Julia Angwin at julia.angwin at wsj.com Copyright 2010 Dow Jones & Company, Inc. All Rights Reserved From rforno at infowarrior.org Thu Dec 16 12:07:04 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 16 Dec 2010 13:07:04 -0500 Subject: [Infowarrior] - Facebook Tracks and Traces Everyone: Like This! Message-ID: <65C913C2-3E8E-42A5-8E40-CA853D5817B6@infowarrior.org> Facebook Tracks and Traces Everyone: Like This! Arnold Roosendaal TILT, Tilburg University November 30, 2010 Abstract: Numerous websites have implemented the Facebook Like button to let Facebook members share their interests, therewith promoting websites or news items. It is, thus, an important business tool for content providers. However, this article shows that the tool is also used to place cookies on the user?s computer, regardless whether a user actually uses the button when visiting a website. As an alternative business model this allows Facebook to track and trace users and to process their data. It appears that non-Facebook members can also be traced via the Like button. This means that Facebook?s tentacles reach far beyond their own platform and members. Due to the extensive web coverage with Like buttons, Facebook has a potential connection with all web users. Web activity can be linked to individual accounts or a separate data set can be created for individuals who are not (yet) a Facebook member. The hidden collection of data on browsing behavior and the creation of individual data sets has implications for the privacy of individuals. This article discusses privacy issues arising from third party cookie use and connectivity of web activity and devices, using the technical process behind the Facebook Like button as an example. Keywords: Facebook, Like button, Cookies, Profiling, privacy, Data protection JEL Classifications: K00, K10, K30 Working Paper Series http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1717563 From rforno at infowarrior.org Thu Dec 16 12:08:48 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 16 Dec 2010 13:08:48 -0500 Subject: [Infowarrior] - US Looking To Use Computer Hacking Law Against Assange Message-ID: <57DF5131-6EF6-4059-9CAC-F03D67D1FB98@infowarrior.org> US Looking To Use Computer Hacking Law Against Assange from the stretchety-stretch-stretch dept It appears that the US government is realizing the fact that an espionage charge against Julian Assange over Wikileaks is unlikely to succeed and would probably freak out the press (at least those in the press who remember the details of the First Amendment). So, instead, it's moved on to trying to use the Computer Fraud and Abuse Act (CFAA), commonly known as our anti-hacking law. Of course, as we noted a few months ago, this law has been twisted and abused regularly to bring charges against people by pretending it covers things it doesn't. The most famous, of course, was the Lori Drew case, where prosecutors tried to charge Lori Drew with computer hacking, because she was part of a trio of people who used MySpace to bully a young girl, who later committed suicide. How was that "hacking"? Well, the prosecutors claimed that she didn't obey MySpace's terms of service, and thus "illegally accessed" MySpace. Luckily, the judge eventually tossed that out. So what about Julian Assange? How could he have possibly violated a US anti-hacking while not being in the US at all? Well, the feds are apparently scanning through the chat logs between Bradley Manning and Adrian Lamo to see if there's any evidence at all that Assange could be charged with conspiracy under the CFAA in somehow aiding Manning in leaking the secrets. You can read the CFAA here if you want to see the full act. The argument, then, is that if they can drum up enough proof that Assange somehow aided Manning, it becomes a conspiracy and Assange can be charged under that act as well. So far, about the best they've apparently come up with is that Manning hinted that he had a "relationship" with Assange -- but the details in the chat logs suggest they talked a few times and that's about the extent of the "relationship." Separately, Assange gave Manning (and potentially other sources) a more direct FTP account to upload materials. Once again, this seems like grasping at straws, and seems so trumped up that it will continue to do more to hurt America's reputation than anything leaked by Wikileaks. The problem is that it seems pretty clear that any association between Assange and Manning was a loose one. Suggesting that working with a source, and offering them an easy way to give you information is a conspiracy to commit computer hacking would create a massive chilling effect on anyone in the press who regularly reports on secret information. Bob Woodward, Seymour Hersh and a variety of other famous investigative reporters have clearly been much more closely connected to their sources, but it would be ridiculous to charge them with "conspiracy." It's really sad that our government is wasting tax dollars trying to find trumped up charges for Assange. http://www.techdirt.com/articles/20101216/00384912296/us-looking-to-use-computer-hacking-law-against-assange.shtml From rforno at infowarrior.org Fri Dec 17 08:19:32 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 17 Dec 2010 09:19:32 -0500 Subject: [Infowarrior] - Revamping of airport checkpoint system urged Message-ID: <4B1654C6-DF44-4CCB-8F85-AA51B0182AE7@infowarrior.org> Revamping of airport checkpoint system urged By Anne E. Kornblut and Ashley Halsey III Washington Post Staff Writers Friday, December 17, 2010; 12:00 AM http://www.washingtonpost.com/wp-dyn/content/article/2010/12/16/AR2010121606216_pf.html Nine years after the Sept. 11 attacks and decades after hijackers first began to target passenger airliners, the United States has invested billions of dollars in an airport system that makes technology the last line of defense to intercept terrorists. It has yet to catch one. In every known recent attempt, terrorists have used a different tactic to evade the latest technology at airport checkpoints, only to be thwarted by information unearthed through intelligence work - or by alert passengers in flight. The result is an emerging consensus among experts and lawmakers that the checkpoint-heavy approach - searching nearly every passenger - may not be the most effective. Instead, many of them say, the system should focus more urgently on individuals, gathering a greater range of information about people to identify those most likely to present a real danger. Scanners, pat-downs and bomb-sniffing dogs are all vital parts of the process but should be integrated into a multilayered system that includes far-reaching, computer-filtered data about people, along with face-to-face monitoring by the modern equivalent of a beat cop, several officials and experts said. Technology matters, they said, but it is akin to putting up a series of picket fences for terrorists to evade. U.S. officials and lawmakers acknowledge that broader revisions may be necessary, saying it is only a matter of time before the airport security apparatus fails. "Let's be honest: We've been lucky the last few times," said Senate Homeland Security Committee Chairman Joseph I. Lieberman (I-Conn.). "With the Christmas Day bomber over Detroit and the Times Square bomber and the air cargo attempt, they did not succeed, but that's because of their own inadequacies, not because we were able to stop them." As a result of those attempts, passengers must surrender sharp objects (a response to the Sept. 11 attacks) and slip off their shoes (a response to the 2001 would-be shoe bomber). They must remove liquids from their bags (a result of a 2006 plot to blow up planes), and, as of a few weeks ago, they must submit to body scans or pat-downs (a process accelerated by the attempted airline bombing last Christmas Day). Yet lawmakers and government reports question the capability of some specific measures. Year after year, undercover testers manage to sneak loaded weapons past screeners in embarrassing evasions. More broadly, skeptics describe the extreme focus on airport checkpoints as incomplete, too often focused on the last attack rather than the next one. Even Transportation Security Administration head John S. Pistole, in an interview, described his agency as merely a "last line of defense on a continuum of government national security efforts." Like others interviewed, Pistole said he hopes to move to a more intelligence-based system, but said the previous attacks could never be ignored. "We always have to look out for yesterday's threats," he said. "Shame on us if there's ever a repeat of 9/11 or the shoe bomber or the underwear bomber, if we haven't hardened our targets." New layersof security Some critics have given the labyrinthine airport security system the nickname "security theater," saying it is riddled with loopholes. Airport workers are not screened daily, making them capable of passing into secure areas with weapons. Lines inside the terminal are vulnerable to a would-be suicide bomber. Packages sent as cargo go through a comparatively light screening process - one that is being tightened but was exploited by al-Qaeda operatives in October when they sent bombs hidden in printer cartridges. "After 9/11, the attacks failed because of the poor skills of the terrorists rather than anything we've done," said Rafi Ron, former security director at Tel Aviv's Ben Gurion International Airport. "In every one of these later attacks, the security checkpoint was overcome by terrorists who took advantage of the loopholes." For al-Qaeda, forcing the United States to continually add layers of air security amounts to victory in its own right. "If your opponent covers his right cheek, slap him on his left," its writers gloated in the organization's magazine, Inspire. "The continuous attempts that followed 9-11 . . . have forced the West to spend billions of dollars to defend its airplanes." The strategy, they wrote, is one of "a thousand cuts" to "bleed the enemy to death." The repeated attempts have pushed U.S. officials into a costly pattern of trial and error, testing what works - and what the public will accept. Since 2002, the TSA budget has totaled $57.2 billion - about what the government spends on intelligence programs in a single year. Still, there have been obvious aviation excesses. Machines, such as the $160,000-a-pop "puffer portals" introduced in 2004, have been introduced and then jettisoned. The color-coded terrorism alert program is on its way out. Britain plans to abandon its restrictions on liquids in April, and U.S. officials say they would like to do the same, although they question whether it's too soon. Other changes may soon follow. Rep. John L. Mica (R-Fla.) wants to replace TSA workers with private screeners, as 17 airports nationwide have done, to make them more efficient and accountable. Others would shift to a system that incorporates more passenger data into the screening system, on top of the new identity markers - including a passenger's sex and birthday - that airlines recently started to gather. More immediately, Pistole said he wants to see modifications to the scanning machines that caused such an uproar, "so you see a stick figure of the blurred image versus the, quote, 'naked photos,' " he said. The new technology is being tested but yields too many false positives to be used, he said. Even the system's fiercest advocates acknowledge its imperfections, saying alterations are almost certain. "Nothing's perfect. The strategy is evolving, and it's a work in progress," said Rep. Peter T. King (R-N.Y.), the incoming chairman of the House Homeland Security Committee. "We're fighting the last war; we're trying to anticipate the next war. There's inconvenience. Some things have worked; others haven't. There's no silver bullet." He added: "But let's face it: We haven't been attacked. If anyone back on September 12, 2001, would have said we'd go eight, nine years without a successful aviation attack, no one would have believed them." Fighting the last war Whether the new patchwork system deserves credit for the stability of the past nine years is up for debate. Although none of the dozens of suspected terrorists arrested in the United States during that time were caught at aviation checkpoints, it is impossible to know how many were deterred by airport security from even trying. Several took aim at softer targets: New York subways, as in the case of Najibullah Zazi, or a car in Times Square, as in the case of Faisal Shahzad. But would today's mechanisms even block a future Umar Farouk Abdulmutallab? The question troubles security experts, who see persistent flaws - from gaps at checkpoints for flights originating overseas, as Abdulmutallab's did, to problems with the way full-body scanners work. The advanced imaging technology scanners were in use at 19 airports when Abdulmutallab allegedly tried to ignite explosives in his underwear on Christmas Day last year as his flight from Amsterdam landed in Detroit. The administration accelerated the machines' rollout, to 500 nationwide by this Christmas, in case someone tries the same tactic domestically. Some critics question whether the machines expose travelers to too much radiation. Even more are concerned about the technology's intrusiveness and whether the method will work. According to independent analyses, it would not detect explosives placed deep inside a body cavity or in large rolls of body fat. "It remains unclear whether the AIT would have detected the weapon used in the December 2009 incident," said a Government Accountability Office report in March. "If you're hiding something in an orifice, that's hard to detect," said Vahid Motevalli, head of the department of mechanical engineering technology at Purdue University. Senior U.S. officials played down those concerns, saying that in order for a bomb to explode properly it must be close to the body's surface. The body acts as "a retardant for the explosion," said one senior official, who spoke on the condition of anonymity so he could discuss security issues freely. Therefore, it is unclear whether body-cavity bombs will become the wave of the future. The importanceof intelligence Although profiling carries the burden of a racist history in the United States, a more sophisticated version is an integral part of the Israeli model. Israeli profiling targets more than Palestinians, Arabs or Muslims, though they may receive the closest scrutiny. The most widely celebrated example was the interception in 1986 of Anne-Marie Murphy, 32, who was six months pregnant when she attempted to board an El Al flight from London to Tel Aviv, unaware that her fiance had placed a bomb in her bag. Experts say the United States is unlikely to adopt the Israeli model. It "includes ethnical and national profiling, " said Ron, the former Israeli airport security director. "Being a Palestinian in Israel is not an advantage, obviously. In the U.S., any ethnical or national profiling is illegal or unacceptable for the American public." But more than a dozen U.S. officials, lawmakers and experts interviewed said they would like to move to a system that relies more on passenger data than on airport checkpoint screening. "I would like to see a lot more profiling," said the Israeli-born Yossi Sheffi, who is an expert on risk analysis and directs the Massachusetts Institute of Technology Center for Transportation and Logistics. "If you're tall and dark and going to Yemen and your name is bin Laden, you should be searched more than an old grandmother from Kansas City with a walker," he said. But as the recent furor - albeit temporary - over the full-body scanners illustrated, there are obstacles to introducing new measures, especially those that invade privacy. After Sept. 11, 2001, the George W. Bush administration proposed a $380 million program that would have combined commercial data about passengers with flight manifests to give a more complete picture of travelers. Civil liberties groups objected and the program was dropped, but some now say it might make sense to consider a revised version. Department of Homeland Security officials already have access to some commercial data about passengers traveling from overseas. But if the security system were allowed to access even more - such as personal information collected by companies that do credit ratings - suspicious passengers would be more readily identified, experts say. Asked whether he would be open to revisiting that idea, Pistole replied: "Sure, if Congress said we should do that." "Honestly, the more we know about a person, the more informed we can be and the more intel-based approach we can use the better," he said. "But it just comes down to civil liberties, privacy, all those hot-button issues." Rep. Bennie Thompson (D-Miss.), the outgoing chairman of the House Homeland Security Committee, also said he would be open to collecting more commercial data, and King, the incoming chairman, agreed. But, Thompson said, concerns about civil liberties remain a "delicate balance." "I'd be open to looking at it," Lieberman said. "You have to give some weight to privacy concerns, but I wouldn't close the door to it." kornbluta at washpost.com halseya at washpost.com Staff researcher Julie Tate contributed to this report. From rforno at infowarrior.org Fri Dec 17 08:20:56 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 17 Dec 2010 09:20:56 -0500 Subject: [Infowarrior] - Chart: How terrorists are caught: Does the TSA play a role? Message-ID: <4EBFB0DF-EB3B-4718-9B9D-E6DF6804516E@infowarrior.org> How terrorists are caught: Does the TSA play a role? A look at the effectiveness of various screening measures implemented by the Transportation Security Administration since Sept. 11, 2001. http://www.washingtonpost.com/wp-dyn/content/graphic/2010/12/16/GR2010121607786.html?hpid=topnews From rforno at infowarrior.org Fri Dec 17 08:22:42 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 17 Dec 2010 09:22:42 -0500 Subject: [Infowarrior] - Searching for more than suspicious packages Message-ID: <3DC93E96-CE03-440C-A87B-DCCD76E1D724@infowarrior.org> Searching for more than suspicious packages http://www.washingtonpost.com/wp-dyn/content/article/2010/12/16/AR2010121607404.html?hpid=topnews Plainclothes officers often trail a few feet behind, watching bystanders' reactions to the bomb-detection dogs. If passengers become nervous or run for the exits, it can be a sign that they were planning to do harm, senior U.S. security officials said. "Most people are not put off by a dog, unless it's a snarling German shepherd or something," said John S. Pistole, the head of the Transportation Security Administration. Referring to the Nigerian passenger who allegedly tried to ignite a bomb mid-flight last Christmas Day, he said: "But if it's an Abdulmutallab type, I can almost guarantee, when they see a dog, he or she is going to think that's a bomb-sniffing dog and take evasive action. That's what we're looking for." The work of behavior detection officers is one of the TSA's more subtle approaches, a tacit admission that machines alone cannot stop the next attack. But according to experts and lawmakers, persistent holes in aviation security must be addressed. Among their concerns: l Air cargo. Pistole describes air cargo as a top worry, illustrated by the October attempt by al-Qaeda in the Arabian Peninsula. The screening process - especially for packages sent from overseas - remains riddled with holes. In the "Yemen cargo plot," authorities tracked down packages with printer cartridges repurposed as bombs after receiving a tip from Saudi authorities. Even then, finding them took several attempts. The incident spurred the TSA to ban large cartridges and all cargo originating in Yemen. It also renewed interest in strengthening cargo standards. Currently, all cargo carried on domestic passenger flights is screened, but compliance cannot be enforced abroad. The Government Accountability Office estimates that 55 percent to 65 percent of all foreign-launched cargo on passenger flights is thoroughly screened before heading to the United States. At issue now is whether the United States should seek 100 percent cargo screening on U.S.-bound cargo planes, a goal that Rep. Edward J. Markey (D-Mass.) is pursuing legislation to mandate but that others say is absurd. "I don't believe that the 100 percent cargo screening, whether it's in the aviation or maritime environment, will ever equal 100 percent security," Rep. Charlie Dent (R-Pa.), a member of the House Homeland Security Committee, said in June. "It provides the appearance of increased security without any new increase in security." Aviation officials say that all high-risk cargo coming from abroad is checked. But, said a congressional aide who works on aviation security, "the big fight is over the definition of the word 'screen.' " "You'll hear, 'We do 100 percent screening of high-risk packages,' but it's that they run an algorithm and see if it comes up a high-risk package or not." Referring to the October plot, the aide said: "Those two packages were sent from Yemen, where we knew there is al-Qaeda in the Arabian Peninsula, to a synagogue. If that's not a high-risk package, I don't know exactly what is." l Security lines at the checkpoint. Officials said there is little to stop a terrorist from detonating a bomb while waiting in line outside a secure area. Agents patrol the entire airport, but Pistole compared the situation to any big, open area where people congregate, "whether it's Tysons Corner or the Mall of America." The work of the behavior detection officers is critical in that regard. They have caught at least one suspicious passenger outside a checkpoint carrying explosive material, officials said. But experts who have watched developments abroad note that a favored technique of terrorists is to approach a checkpoint and detonate a bomb, something that remains a concern here. l Airport employees. Although airport job applicants undergo background checks before they are hired, they are not scanned every day. According to the TSA, the airport operator determines which secure areas the employees can access, but the workers face random inspections and are continuously vetted against terrorist watch lists. l Matching bags to passengers. In the aftermath of Sept. 11, 2001, checked luggage wasn't allowed on a plane if the passenger did not board the plane, too. That policy was abandoned, but Arnold I. Barnett, an aviation security expert who teaches statistics at the Massachusetts Institute of Technology, argues that it should be reinstituted. "They stopped because they began putting bags through the explosives detectors, but the explosives detectors are not perfect," he said. l Better security on overflights. The TSA requires enhanced security for foreign flights headed to the United States. Vahid Motevalli, head of the department of mechanical engineering technology at Purdue University, said the same strict standards should be applied to international flights that pass over the United States without landing. Many are flying from Europe to Mexico, passing high above "prime targets on the U.S. East Coast." "An overflight could be taken over [by terrorists] in a 9/11-type attack," Motevalli said. U.S. officials have access to information about who is traveling aboard many of the more than 300,000 overflights each year. They have turned away flights based on passenger manifests, but they are seeking more data and security. l Lack of passenger interviews. It would be impossible to replicate the Israeli model - in which many air passengers are questioned before boarding - but experts think some interviews would give the TSA more leeway to ferret out suspicious passengers. Currently, the TSA must call in law enforcement to talk to passengers. kornbluta at washpost.com halseya at washpost.com Staff researcher Julie Tate contributed to this report. From rforno at infowarrior.org Fri Dec 17 09:03:25 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 17 Dec 2010 10:03:25 -0500 Subject: [Infowarrior] - UN mulls internet regulation options Message-ID: <7B6460B1-2509-40EA-9E36-25CFAC5CBDA8@infowarrior.org> UN mulls internet regulation options By John Hilvert on Dec 17, 2010 9:51 AM (16 hours ago) Filed under Security http://www.itnews.com.au/News/242051,un-mulls-internet-regulation-options.aspx WikiLeaks sparks push for tighter controls. The United Nations is considering whether to set up an inter-governmental working group to harmonise global efforts by policy makers to regulate the internet. Establishment of such a group has the backing of several countries, spearheaded by Brazil. At a meeting in New York on Wednesday, representatives from Brazil called for an international body made up of Government representatives that would to attempt to create global standards for policing the internet - specifically in reaction to challenges such as WikiLeaks. The Brazilian delegate stressed, however, that this should not be seen as a call for an "takeover" of the internet. India, South Africa, China and Saudi Arabia appeared to favour a new possible over-arching inter-government body. However, Australia, US, UK, Belgium and Canada and attending business and community representatives argued there were risks in forming yet another working group that might isolate itself from the industry, community users and the general public. "My concern is that if we were to make a move to form a governmental-only body then that would send a very strong signal to civil society that their valuable contribution was not required or was not being looked for," an un-named Australian representative told the meeting. Debate on the creation of a new inter-governmental body stemmed from a UN Economic and Social Council resolution 2010/2 of 19 July. The resolution invited the UN Secretary-General "to convene open and inclusive consultations involving all Member States and all other stakeholders with a view to assisting the process towards enhanced cooperation in order to enable Governments on an equal footing to carry out their roles and responsibilities in respect of international public policy issues pertaining to the Internet but not of the day-to-day technical and operational matters that do not impact upon those issues." Much debate concerned the meaning of "enhanced cooperation" and whether a new inter-governmental body was required. Participants also debated the roles of existing organisations - such as the Internet Governance Forum, ICANN and the ITU. The IGF - an organisation that informs the UN but makes no decisions - is running close to the end of a five-year mandate, due to expire at ?the end of the year. The likes of ISOC, ICANN and more recently the World Information Technology and Services Alliance (WITSA) have recently expressed concerns [PDF]? that a working panel to decide on the future of the IGF has been limited to representatives from member-states. "Australia is a very strong supporter of the Internet Governance Forum," the unidentified Australian UN representative said at the New York meeting this week. "That is very much due to the multi-stake-holder approach of the IGF. It is an inclusive process." Australia's Department of Broadband, Communications and the Digital Economy said that Australian Government welcomed the resolution of the Second Committee of the United Nation General Assembly (UNGA) to extend the Internet Governance Forum (IGF) for a further five years. The DBCDE said it would like to see the organisation retain an open and participatory membership. "Australia has always supported the participation of civil society and the private sector in the IGF and regards their participation as being integral to the IGF's success," a spokesman told iTnews. Copyright ? iTnews.com.au . All rights reserved. From rforno at infowarrior.org Fri Dec 17 15:19:04 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 17 Dec 2010 16:19:04 -0500 Subject: [Infowarrior] - TSA Fail: Misses a .40 handgun in carryon Message-ID: <457F7DC1-9870-4D49-9A82-E87619313448@infowarrior.org> (c/o RSK) TSA misses enormous, loaded .40 calibre handgun in carry-on bag http://www.boingboing.net/2010/12/17/tsa-misses-enormous.html From rforno at infowarrior.org Fri Dec 17 22:49:29 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 17 Dec 2010 23:49:29 -0500 Subject: [Infowarrior] - White House Issues Long-Delayed Science Guidelines Message-ID: <73FBB403-F296-4807-8818-E5C657C3AAB0@infowarrior.org> December 17, 2010 White House Issues Long-Delayed Science Guidelines http://www.nytimes.com/2010/12/18/science/18research.html?_r=1&hp=&pagewanted=print By KENNETH CHANG The Obama administration issued long-awaited, long-delayed guidelines on Friday to insulate government scientific research from political meddling and to base policy decisions on solid data. Under the guidelines, government scientists are in general free to speak to journalists and the public about their work, and agencies are prohibited from editing or suppressing reports by independent advisory committees. And the agencies are instructed that when communicating a scientific finding to the public, they should describe its underlying assumptions. For instance, they are told to describe ?probabilities associated with both optimistic and pessimistic projections? ? a guideline that, had it been in place last summer, might have helped the administration avoid overly optimistic estimates of the BP oil spill. In a blog entry on the White House Web site, John P. Holdren, President Obama?s science adviser, said the guidelines set ?minimum standards? that federal agencies will be expected to meet. The agencies are to report to Dr. Holdren within 120 days, detailing how they will carry out the policy. Some scientists praised the new guidelines. ?I think they represent several steps in the right direction,? said Albert H. Teich, director of science and policy programs at the American Association for the Advancement of Science in Washington. But others were disappointed that the four-page document did not provide more specifics. ?The guidelines are substantively quite thin,? said Roger A. Pielke Jr., a professor of environmental studies at the University of Colorado. The guidelines have their roots in a series of scientific controversies that erupted during the administration of President George W. Bush. Officials were repeatedly accused of suppressing or even altering research findings, particularly on climate change, to match the political views of the White House. So in March 2009, when Mr. Obama overturned Bush administration limits on stem cell research, he set out several principles to ?guarantee scientific integrity throughout the executive branch? and added, ?We make scientific decisions based on facts, not ideology.? But though the president called on Dr. Holdren to come up with recommendations within four months, the guidelines did not emerge for over a year and a half. Dr. Pielke said on Friday that considering the guidelines were merely ?a starting line for agencies to consider these issues, what is surprising is how long it took to get these out.? Dr. Holdren told a House panel in February that the process took longer than expected because of ?the difficulties of constructing a set of guidelines that would be applicable across all the agencies and accepted by all concerned.? With the delay, some Republicans have charged that the Obama administration was manipulating scientific data in the same way it said the Bush administration had done ? to justify policy decisions on climate change, fuel mileage standards, nuclear waste disposal and other issues. ?In fact, what I see from this administration, seems to me they?re holding on to the idea that the world is flat,? Representative Paul Broun, Republican of Georgia, said at the panel hearing. Francesca T. Grifo, director of the scientific integrity program at the Union of Concerned Scientists, praised the guidelines but cautioned, ?A lot of the details are left to the agencies.? The document states, ?Federal scientists may speak to the media and the public about scientific and technological matters based on their official work,? but then adds a caveat: ?with appropriate coordination with their immediate supervisor and their public affairs office.? ?That could mean so many different things,? Dr. Grifo said ? for example, that a scientist should keep their colleagues informed, or that a supervisor could prohibit appearances. Dr. Grifo said the language would not prevent a recurrence of the kind of situation that arose in 2006, when James E. Hansen, director of the NASA Goddard Institute for Space Studies in New York, accused White House officials of trying to keep him from talking about findings that connected emissions of carbon dioxide with rising global temperatures. ?I don?t like the ambiguities,? Dr. Grifo said. ?I don?t like the discretion it gives to the agencies.? From rforno at infowarrior.org Sat Dec 18 09:01:22 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 18 Dec 2010 10:01:22 -0500 Subject: [Infowarrior] - =?windows-1252?q?Early_Tests_for_Alzheimer=92s_Po?= =?windows-1252?q?se_Diagnosis_Dilemma?= Message-ID: <26969DD2-5A0F-41E1-80D5-3072F7B007A6@infowarrior.org> December 17, 2010 Early Tests for Alzheimer?s Pose Diagnosis Dilemma http://www.nytimes.com/2010/12/18/health/18moral.html By GINA KOLATA Marjie Popkin thought she had chemo brain, that fuzzy-headed forgetful state that she figured was a result of her treatment for ovarian cancer. She was not thinking clearly ? having trouble with numbers, forgetting things she had just heard. One doctor after another dismissed her complaints. Until recently, since she was, at age 62, functioning well and having no trouble taking care of herself, that might have been the end of her quest for an explanation. Last year, though, Ms. Popkin, still troubled by what was happening to her mind, went to Dr. Michael Rafii, a neurologist at the University of California, San Diego, who not only gave her a thorough neurological examination but administered new tests, like an M.R.I. that assesses the volume of key brain areas and a spinal tap. Then he told her there was something wrong. And it was not chemo brain. It most likely was Alzheimer?s disease. Although she seemed to be in the very early stages, all the indicators pointed in that direction. Until recently, the image of Alzheimer?s was the clearly demented person with the sometimes vacant stare, unable to follow a conversation or remember a promise to meet a friend for lunch. Ms. Popkin is nothing like that. To a casual observer, the articulate and groomed Ms. Popkin seems perfectly fine. She is in the vanguard of a new generation of Alzheimer?s patients, given a diagnosis after tests found signs of the disease years before actual dementia sets in. But the new diagnostic tests are leading to a moral dilemma. Since there is no treatment for Alzheimer?s, is it a good thing to tell people, years earlier, that they have this progressive degenerative brain disease or have a good chance of getting it? ?I am grappling with that issue,? Dr. Rafii said. ?I give them the diagnosis ? we are getting pretty good at diagnosis now. But it?s challenging because what do we do then?? It is a quandary that is emblematic of major changes in the practice of medicine, affecting not just Alzheimer?s patients. Modern medicine has produced new diagnostic tools, from scanners to genetic tests, that can find diseases or predict disease risk decades before people would notice any symptoms. At the same time, many of those diseases have no effective treatments. Does it help to know you are likely to get a disease if there is nothing you can do? ?This is the price we pay? for the new knowledge, said Dr. Jonathan D. Moreno, a professor of medical ethics and the history and sociology of science at the University of Pennsylvania. ?I think we are going to go through a really tough time,? he added. ?We have so much information now, and we have to try to learn as a culture what information we do not want to have.? Some doctors, like Dr. John C. Morris of Washington University in St. Louis, say they will not offer the new diagnostic tests for Alzheimer?s ? like M.R.I.?s and spinal taps ? to patients because it is not yet clear how to interpret them. He uses them in research studies but does not tell subjects the results. ?We don?t know for certain what these results mean,? Dr. Morris said. ?If you have amyloid in your brain, we don?t know for certain that you will become demented, and we don?t have anything we can do about it.? But many people want to know anyway and say they can handle the uncertainty. That issue is facing investigators in a large federal study of early signs of Alzheimer?s. The researchers, who include Dr. Morris, have been testing and following hundreds of people aged 55 to 90, some with normal memories, some with memory problems and some with dementia. So far, only investigators know the results. Now, the question is, should those who want to learn what their tests show be told? ?We are just confronting this,? said Dr. Richard J. Hodes, director of the National Institute on Aging. ?Bioethicists are talking with scientists and the public about what is the right thing to do.? Risk Levels, but No Scores Dr. Rafii learned about the new tests and how to use them because he is an investigator in that large federal study. But many who come to the memory disorders clinic at the University of California, San Diego, where Dr. Rafii works, are not part of that study, the Alzheimer?s Disease Neuroimaging Initiative, and simply want to know what is wrong with their brains. So Dr. Rafii sometimes offers the study?s diagnostic tests: spinal taps and M.R.I.?s to look for shrinkage in important areas of the brain; PET scans to look for the telltale signs of Alzheimer?s in the brain. He calls it ?ADNI in the real world,? referring to the study?s acronym. Others, too, offer such tests, although doctors differ in how far they will go. Dr. Mony J. de Leon of New York University, for example, takes a middle ground. He is studying people at increased risk for Alzheimer?s or other dementias, especially those whose mothers had Alzheimer?s. That sort of family history, he has found, makes the disease more likely. Many who come to his clinic have no memory problems, but are worried. So Dr. de Leon enrolls them in a study and regularly subjects them to an array of tests ? ones that probe their memory, and ones like spinal taps and brain scans that look for signs of Alzheimer?s. But he only provides people with a sort of general assessment, telling them they are at increased risk, decreased risk or somewhere in the middle. ?We do not reveal their scores,? Dr. de Leon said. Some are satisfied with that. Enzo Simone, for example, learned that, at age 43, his tests results do not indicate an increased risk. He was glad to know, but is not convinced he has escaped what he sees as a family fate. His mother, grandmother and great-grandmother had Alzheimer?s. They got the disease in their 60s. Mr. Simone, who lives in Amawalk, N.Y., reasoned that he had 20 years before it was likely to strike. And he intends to continue being tested as part of Dr. de Leon?s study. And for those who demand more details than just a ?yes,? ?no? or ?maybe,? Dr. de Leon refuses. ?We say, ?It is a statistical exercise, it is a proof of concept, it is a baby test,? ? Dr. de Leon said. ?Some say: ?That?s not good enough. I come back to you every year, and if you want me to continue I need more than that.? ? But Dr. de Leon said he was constrained by his hospital?s ethics board, which has to approve his studies. It is extremely difficult, he says, to convince the board that giving out uncertain information about risk can help people, given that there is no effective treatment. And so, he says, he tells patients, ?You are here to do an experiment.? Others, like Dr. Lawrence Honig of Columbia University, say they sometimes see patients with no symptoms of memory loss who are nonetheless worried about their risk. Some of them have already gotten one of the early diagnostic tests, like a spinal tap or brain scan, from a neurologist in private practice, and have been told they were on their way to developing Alzheimer?s. They come to Dr. Honig, hoping he will say it is not true. That situation, Dr. Honig says, ?has become more and more common over the last few years.? He says that when test results are consistent with Alzheimer?s, he is honest about it, telling patients that the results are ?suggestive of Alzheimer?s? but adding that all he can say for sure is ?at some point in the future, you might be faced with that condition.? He agonizes, though, over telling people news like that. ?I think it?s pretty terrible,? Dr. Honig said. ?It is psychologically invasive.? But for neurologists like Dr. de Leon, the future is fast approaching, as patients increasingly demand to know. ?The floodgate is about to open,? Dr. de Leon said. Information?s Burden At Boston University, Dr. Robert Green faced an ethical dilemma. He wanted to test people for a gene, APOE, that has three variants. People with two copies of one of the variants, APO e4, have a 12- to 15-fold increased risk of Alzheimer?s disease. People with even one copy of the gene variant have about a threefold increased risk. Five different published consensus statements by ethicists and neurologists had considered the question of whether people should be told the results of APOE tests. And every one of those committee said the answer is no, do not tell. Dr. Green wondered if that answer was right. ?It seemed rather strange to be in a position where family members are coming to you and saying, ?I really understand APOE genotyping and the idea of a risk gene, and I want to know my genotype,? and then to say to them, ?I could tell you that, but I?m not going to.? ? After all, he said, ?Part of what we do in medicine is to inform.? He knew what it meant to tell people they were at high risk. ?Alzheimer?s is a fearsome disease,? he said. ?You can?t get much more fearsome than Alzheimer?s.? And yet, he said, ?People still wanted to know.? He decided to do a study to see what would happen if he told. The first surprise was how many people wanted to know. To be in the study, a person had to have a first-degree relative who had had Alzheimer?s, making it more likely that they would have an APO e4 variant. Dr. Green thought maybe a small percentage of the people he approached would want to have the genetic test. Instead, nearly a quarter did. ?Frankly, we were terrified in early days of this study,? Dr. Green said. ?We did not want to harm anyone. We were very, very thoughtful and intense. We sat with people beforehand and asked if they were really sure they wanted to do this.? But his subjects were fine with the testing. After they gave the subjects their test results, researchers looked for psychological effects, observing participants in conversations and administering standardized questions designed to detect anxiety or depression or suicidal thoughts. They found nothing. The main difference between those who found out they had APO e4 and those who found out they did not have that gene variant is that the APO e4 subjects were more likely to buy long term care insurance, were more likely to start exercising and were more likely to start taking vitamins and nutritional supplements, even though these practices and products have never been shown to protect against Alzheimer?s. For many, though, the news was good ? they did not have APO e4. That is what happened with Alan Whitney, a 66-year-old radio astronomer at the Massachusetts Institute of Technology, whose mother and mother?s father both had Alzheimer?s. He wanted the test, he said, knowing what it meant to have APO e4. ?That was a gamble I took,? he said. And he was lucky. If he had had an APO e4 gene, he said, he might have taken early retirement and traveled. ?Now I feel I have some time.? Dr. Whitney said. Robert Stuart-Vail, an 83-year-old retired columnist for his local newspaper in Lincoln, Mass., was not so lucky. He found out he has one copy of the APO e4 gene. His father had Alzheimer?s and so did his wife, who died from it, so he knows full well what the disease entails ?I wanted to know,? Mr. Stuart-Vail said. ?I wanted to be able to tell my children.? When he told them, though, they did not say much, Mr. Stuart-Vail said. ?I don?t think it meant that much to them. Alzheimer?s ? that?s something that happens to old people.? Mr. Stuart-Vail?s children are middle-aged. As for Mr. Stuart-Vail, he believes staying active will help stave off the disease if it is in his future. And he has come to terms with his genetics. ?You play the cards you are dealt,? he said. The Days Get Harder In San Diego, Marjie Popkin said her memory problems had gotten steadily worse in the year since she first saw Dr. Rafii. For example, she says, she has two cats. ?I have to remember when I walk out that door that they can?t come with me.? She used to read ?all the time.? Now, she says, reading is difficult. She depends on a friend, Taffy Jones, who took her to her appointment with Dr. Rafii, and who visits often and calls her every day. But that is hard for Ms. Jones. In many respects, Ms. Jones said, Ms. Popkin is perfectly normal. She remembers to feed her cats, she changes their litter box every day, she showers. ?Other things she is not able to deal with at all,? Ms. Jones said. Getting dressed has become a problem, and Ms. Jones has to call Ms. Popkin every morning and every night to remind her to take her pills. Ms. Popkin can no longer drive and relies on Ms. Jones to help with routine things, like getting groceries. Helping Ms. Popkin has become a time-consuming chore. Ms. Popkin is all too aware of the situation she is in, dependent on the kindness of neighbors and Ms Jones. ?I am trying to adjust, but it?s not easy,? Ms. Popkin said in a telephone conversation. ?I am pretty pragmatic. I know what the score is.? Sometimes she sits in her apartment and just cries and cries. She has no family, and Ms. Jones is her only remaining friend; the others have drifted away. The diagnosis of early-stage Alzheimer?s disease was a shock, Ms. Popkin said, like ?a punch in the stomach.? ?This brain?s been with me since I was born ? how can it change like that? Sometimes I have to think, ?Is this really happening to me?? ? Her only consolation, she says, is that her father, her last remaining family member other than a cousin in North Carolina, died a few years ago, before she got the diagnosis. ?He would have been devastated.? And Ms. Popkin ? is she glad now that she found out what is wrong? ?I wish I didn?t know,? she said. From rforno at infowarrior.org Sat Dec 18 09:08:11 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 18 Dec 2010 10:08:11 -0500 Subject: [Infowarrior] - OT: Tron Jeremy [Video] Message-ID: <03CE01F3-A071-42AB-A5C1-E29316652EDC@infowarrior.org> Some weekend humour ... yes, it's SFW! In Tron: Jeremy, Ron Jeremy, the almighty and immortal god of adult entertainment, enters the world of TRON. Oh, and for those who are afraid that this might not be safe for work, fear not, unless you consider Mr. Jeremy?s face to be NSFW in itself. http://www.geeksaresexy.net/2010/12/17/tron-jeremy-video/ From rforno at infowarrior.org Sat Dec 18 14:52:43 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 18 Dec 2010 15:52:43 -0500 Subject: [Infowarrior] - Congress passes DADT repeal Message-ID: Senate votes to overturn military gay ban http://www.washingtonpost.com/wp-dyn/content/article/2010/12/18/AR2010121800600.html?hpid=topnews By ANNE FLAHERTY The Associated Press Saturday, December 18, 2010; 3:32 PM WASHINGTON -- In a landmark for gay rights, the Senate on Saturday voted to let gays serve openly in the military, giving President Barack Obama the chance to fulfill a campaign promise and repeal the 17-year policy known as "don't ask, don't tell." Obama was expected to sign it next week, although the change wouldn't take immediate effect. The legislation says the president and his top military advisers must certify that lifting the ban won't hurt troops' fighting ability. After that, there's a 60-day waiting period for the military. "It is time to close this chapter in our history," Obama said in a statement after a test vote cleared the way for final action. "It is time to recognize that sacrifice, valor and integrity are no more defined by sexual orientation than they are by race or gender, religion or creed." The Senate vote was 65-31. The House had passed an identical version of the bill, 250-175, on Wednesday. Repeal would mean that, for the first time in American history, gays would be openly accepted by the military and could acknowledge their sexual orientation without fear of being kicked out. More than 13,500 service members have been dismissed under the 1993 law. Rounding up a filibuster-proof majority in the Senate was a historic victory for Obama, who made repeal a campaign promise in 2008. It also was a political triumph for congressional Democrats who struggled in the final hours of the postelection session to overcome GOP objections on several legislative priorities before Republicans regain control of the House in January. "As Barry Goldwater said, 'You don't have to be straight to shoot straight,'" said Senate Majority Leader Harry Reid, D-Nev., referring to the late GOP senator from Arizona. Sen. John McCain, Obama's GOP rival in 2008, led the opposition. The Arizona Republican acknowledged he didn't have the votes to stop the bill and he blamed elite liberals with no military experience for pushing their social agenda on troops during wartime. "They will do what is asked of them," McCain said of service members. "But don't think there won't be a great cost." In the end, six GOP senators broke with their party on the procedural vote to let the bill move ahead and swung behind repeal after a recent Pentagon study concluded the ban could be lifted without hurting the ability of troops to fight. Advocacy groups who lobbied hard for repeal hailed the vote as a significant step forward in gay rights. The Servicemembers Legal Defense Network called the issue the "defining civil rights initiative of this decade." Supporters of repeal filled the visitor seats overlooking the Senate floor, ready to protest had the bill failed. "This has been a long fought battle, but this failed and discriminatory law will now be history," said Joe Solmonese, president of the Human Rights Campaign. The Pentagon study found that two-thirds of service members didn't think changing the law would have much of an effect. But of those who did predict negative consequences, a majority were assigned to combat arms units. Nearly 60 percent of the Marine Corps and Army combat units, such as infantry and special operations, said in the survey they thought repealing the law would hurt their units' ability to fight. The Pentagon's uniformed chiefs are divided on whether this resistance might pose serious problems. Marine Corps Commandant Gen. James Amos has said he thinks lifting the ban during wartime could cost lives. "I don't want to lose any Marines to the distraction," he told reporters this week. "I don't want to have any Marines that I'm visiting at Bethesda (Naval Medical Center) with no legs be the result of any type of distraction." Adm. Mike Mullen and Marine Gen. James Cartwright, the chairman and vice chairman of the Joint Chiefs of Staff, respectively, have said the fear of disruption is overblown. They note the Pentagon's finding that 92 percent of troops who believe they have served with a gay person saw no effect on their units' morale or effectiveness. Among Marines in combat roles who said they have served alongside a gay person, 84 percent said there was no impact. --- Online: Pentagon study:http://tinyurl.com/23lxc49 Servicemembers Legal Defense Network:http://www.sldn.org/ Information on the bill, H.R. 2965, can be found athttp://thomas.loc.gov From rforno at infowarrior.org Sun Dec 19 09:42:47 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 19 Dec 2010 10:42:47 -0500 Subject: [Infowarrior] - US Bullies Spain into Proposed Website Blocking Law Message-ID: December 17th, 2010 Not-So-Gentle Persuasion: US Bullies Spain into Proposed Website Blocking Law Call To Action by Gwen Hinze https://www.eff.org/deeplinks/2010/12/not-so-gentle-persuasion-us-bullies-spain-proposed It?s no secret that the US government has used its annual Special 301 Report to intimidate other countries into adopting more stringent copyright and patent laws by singling out particular countries for their "bad" intellectual property policies, and naming them on a tiered set of "watch lists". Listing results in heightened political pressure and in some cases, the potential for trade sanctions, which encourages foreign trading partners to change their laws to mirror those in the US. But now some of the cables provided by WikiLeaks to Spanish newspaper El Pais confirm that the US government has pushed other countries to adopt measures that go beyond US law, unleashing the fury of Spanish Internet users. A set of cables reported on by El Pais make clear that the US government played a key role in Spain?s controversial website blocking law ? the 2009 Sustainable Economy Bill, which the Spanish government is now trying to sneak it through a Committee in a pre-holiday session on 21st December. (Spanish readers, please see Action you can take below). El Pais reports that in February 2008 the US government threatened to put Spain on the annual Special 301 Watch List issued by the Office of the US Trade Representative unless the new Spanish government announced new measures to address Internet piracy, including a law that requires ISPs to terminate the Internet access of subscribers accused three times of file sharing - like the French ?HADOPI? Three Strikes law. In a February 2008 cable, the US Embassy in Madrid stated that: ?We propose to tell the new government that Spain will appear on the Watch List if it does not do three things by October 2008. First, issue a [Government of Spain] announcement stating that internet piracy is illegal, and that the copyright levy system does not compensate creators for copyrighted material acquired through peer-to-peer file sharing. Second, amend the 2006 ?circular? that is widely interpreted in Spain as saying that peer-to-peer file sharing is legal. Third, announce that the GoS will adopt measures along the lines of the French and/or UK proposals aimed at curbing Internet piracy by the summer of 2009.? Let?s be clear what this means; a US official apparently pressured the government of Spain to adopt novel and untested legislative measures that have never been proposed in the US Congress, and as the other cables published by El Pais show, did so at the request of US IP rightsholders. The ?French proposal? mentioned in the cable is the controversial 2009 HADOPI law, which provides for the French authority, the Haute Autorite pour la Diffusion des Oeuvres et la Protection des droits sur Internet, to send notices to ISPs recommending that they suspend the Internet accounts of users at identified IP addresses for up to a year, on the third allegation of copyright infringement. The ?UK Proposal? appears to be a reference to UK IP rightsholders? demands that ISPs disconnect their subscribers after three allegations of copyright infringement in consultations that were convened by the UK government?s Department of Business, Enterprise and Regulatory Reform in 2007-2008, following a recommendation in the landmark Gowers report on UK IP law reform. Those consultations and a subsequent agreement were the precursor to the Digital Economy Act enacted in early 2010. The UK ultimately decided not to adopt Three Strikes. (To date, only the governments of France and South Korea have passed these novel laws, but a draft law is pending in New Zealand). The Digital Economy Act requires ISPs to forward notices of alleged infringement to their subscribers, but does not currently require ISPs to disconnect their subscribers upon a third allegation of copyright infringement ? although it leaves open the possibility that the UK government could require such ?technical measures? in the future. The cables show that the US Embassy in Madrid had devised a detailed ?roadmap? in 2007 with short, medium and long-term strategies to increase pressure upon Spain to take action to strengthen IP laws by the March 2008 elections. This would ?require continued constant high-level attention from Embassy and occasional help from Washington agencies over the coming 3 to 4 years?, including meetings with visiting US government officials from the USPTO and State Department. The Spanish government apparently did not act fast enough on US demands. The US made good on their threat to add Spain to the Watch List in the US Trade Representative?s Special 301 Report in 2008 and 2009. In November 2009, the Spanish government proposed a new anti-piracy law, the Sustainable Economy Bill, which raises serious concerns for Spanish citizens? rights of due process, privacy and freedom of expression. The good news is that the proposed legislation does not require ISPs to adopt Three Strikes Internet disconnection of individuals. However, the bad news is that it follows the recent trend towards imposing obligations on Internet intermediaries to block content. Similar laws have been proposed in the U.S. (COICA) and the UK (through the reserved powers in the Digital Economy Act). The proposed Sustainable Economy law would allow a new government Commission to direct ISPs to block service or remove content on websites after receiving complaints on certain grounds. These include national defense, public order, public safety, public health, protection of minors, and ?safeguarding IP rights?. It would also require ISPs to respond to requests from authorized entities for the identification and disclosure of persons responsible for IP infringements ? an issue that IP rightsholders had pursued and lost in the 2008 European Court of Justice?s ruling in Promusica v. Telefonica. A US Embassy cable from December 2009 describes the massive Internet community protests that soon followed the introduction of the legislation. It notes that the Government of Spain had ?disavowed any intention to implement a graduated response regime such as contemplated in recently enacted legislation in France. Their specific intent is rather to impede access to infringing content.? The cable reports back to Washington officials on the respective reactions of senior representatives of the recording industry and motion picture industry, the local affiliates of the International Federation of Phonographic Industries and the Motion Picture Association of Europe. Many content providers, including the President of the Federation for Intellectual Property in Audiovisual works (FAP) , reportedly thought that the legislation was the most that could currently be achieved and would pave the way for more stringent laws in the future, but the Spanish music industry representative was not satisfied, claiming that ?this limitation [i.e., the legislation?s failure to oblige ISPs to adopt a Three Strikes Internet disconnection regime] will leave users free to continue in unauthorized P2P downloading?. After the Spanish Parliament failed to adopt the legislation in 2009, Spain was again put on the Watch List in the USTR?s Special 301 Report in April 2010. The reasons given reiterate each of the points of contention described in the cables: ?Spain will remain on the Watch List in 2010. The United States remains concerned about particularly significant Internet piracy in Spain, and strongly urges prompt and effective action to address the issue. The Spanish government has not amended portions of a 2006 Prosecutor General Circular that appears to decriminalize illegal peer-to-peer file sharing of infringing materials, contributing to a public misperception in Spain that such activity is lawful. Spain?s existing legal and regulatory framework has not led to cooperation between Internet service providers (ISPs) and rights holders to reduce online piracy. On the contrary, rights holders in Spain report an inability to obtain information necessary to prosecute online IPR infringers, further reducing their ability to seek appropriate remedies. Spain?s legal system also generally does not result in criminal penalties for intellectual property infringement. The United States is encouraged by some recent positive developments in Spain, including the establishment of an Inter-Ministerial Commission with a mandate to propose changes in Spanish law and policy that will strengthen efforts to reduce Internet piracy. In January 2010, the Commission proposed legislation that would allow a committee based in the Ministry of Culture to request that an ISP block access to infringing materials hosted online. The United States urges Spain to continue taking positive steps to address Internet piracy, and will closely monitor progress in the next year.? This is how the entertainment industry works with the US government to bully governments to create harmonized laws that continuously ratchet up copyright protection, one country at a time. The Sustainable Economy Bill will be debated in the Committee of Economy and Finance of Spain?s Congress next Tuesday, 21st December, just before the holiday recess. It could then be adopted by the Senate by the end of February 2011. The past is behind us, but the future is in your hands. If you are a Spanish citizen, call your Congressional representative and demand that this legislation be debated in open Parliament with the full attention that it deserves, not adopted by sleight of hand because of background political pressure. Our Spanish friends ask that you focus on representatives of the independent parties (some of whom have called for the Bill to be debated in a plenary session) - the Catalonian party (CIU), the Vasc Party (PNV), and the Canarian Island Pary (CC). More information is available at Asociacion de Internautas' campaign page; Red-SoS and here, and follow @La_EX_ on Twitter. From rforno at infowarrior.org Mon Dec 20 06:58:32 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 20 Dec 2010 07:58:32 -0500 Subject: [Infowarrior] - State Department Spending Millions To 'Train' Foreign Judges About 'Intellectual Property' Message-ID: State Department Spending Millions To 'Train' Foreign Judges About 'Intellectual Property' from the who-writes-the-curriculum dept http://www.techdirt.com/articles/20101217/14003712324/state-department-spending-millions-to-train-foreign-judges-about-intellectual-property.shtml The State Department has put out a press release announcing that it has approved spending $3.36 million next year to "train" foreign judges and other law enforcement officials about "intellectual property." There are 15 different projects, which all come down to various training programs for judges, police, law enforcement in how to kowtow to American industry in dealing with infringement of copyrights, trademarks and patents. Given the way our government seems to think that whatever the industry says is accurate -- no matter how many times it's been disproved -- you have to imagine that any "training" is going to be laughably one-sided. For example, I note that one of the projects is: Latin American Online Piracy $142,944 Training for judges from Peru, Chile, Brazil, Argentina, Paraguay and Uruguay on combating digital/online copyright piracy crimes. Except, last I checked, those countries had their own copyright laws, and didn't need to obey US specific laws. In the case of Brazil, for example, it's been contemplating new copyright laws that would be much more respectful of fair use and the public domain. Yet, given the way the State Department has acted in the past on these issues, why do I get the feeling that "fair use" isn't a part of the training campaign? From rforno at infowarrior.org Mon Dec 20 07:38:50 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 20 Dec 2010 08:38:50 -0500 Subject: [Infowarrior] - Influence: Orwell-v-Huxley Message-ID: A few Orwell-v-Huxley graphics that are pretty interesting, especially for those in (or interested in) the influence business. Once again, does literature reflect life? --- rick What we learn from Wikileaks - Huxley was right. http://www.snapbuzz.com/image/21371/what-we-learn-from-wikileaks-huxley-was-right From rforno at infowarrior.org Mon Dec 20 08:00:03 2010 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 20 Dec 2010 09:00:03 -0500 Subject: [Infowarrior] - WaPo Report: "Monitoring America" Message-ID: <7D15DCBC-DBCD-4787-B3F4-11AB45B326F9@infowarrior.org> Monitoring America Monday, December 20, 2010; 1:40 AM http://projects.washingtonpost.com/top-secret-america/articles/monitoring-america/print/ Nine years after the terrorist attacks of 2001, the United States is assembling a vast domestic intelligence apparatus to collect information about Americans, using the FBI, local police, state homeland security offices and military criminal investigators. The system, by far the largest and most technologically sophisticated in the nation's history, collects, stores and analyzes information about thousands of U.S. citizens and residents, many of whom have not been accused of any wrongdoing. The government's goal is to have every state and local law enforcement agency in the country feed information to Washington to buttress the work of the FBI, which is in charge of terrorism investigations in the United States. Other democracies - Britain and Israel, to name two - are well acquainted with such domestic security measures. But for the United States, the sum of these new activities represents a new level of governmental scrutiny. This localized intelligence apparatus is part of a larger Top Secret America created since the attacks. In July, The Washington Post described an alternative geography of the United States, one that has grown so large, unwieldy and secretive that no one knows how much money it costs, how many people it employs or how many programs exist within it. Today's story, along with related material on The Post's Web site, examines how Top Secret America plays out at the local level. It describes a web of 4,058 federal, state and local organizations, each with its own counterterrorism responsibilities and jurisdictions. At least 935 of these organizations have been created since the 2001 attacks or became involved in counterterrorism for the first time after 9/11. The months-long investigation, based on nearly 100 interviews and 1,000 documents, found that: * Technologies and techniques honed for use on the battlefields of Iraq and Afghanistan have migrated into the hands of law enforcement agencies in America. * The FBI is building a database with the names and certain personal information, such as employment history, of thousands of U.S. citizens and residents whom a local police officer or a fellow citizen believed to be acting suspiciously. It is accessible to an increasing number of local law enforcement and military criminal investigators, increasing concerns that it could somehow end up in the public domain. * Seeking to learn more about Islam and terrorism, some law enforcement agencies have hired as trainers self-described experts whose extremist views on Islam and terrorism are considered inaccurate and counterproductive by the FBI and U.S. intelligence agencies. * The Department of Homeland Security sends its state and local partners intelligence reports with little meaningful guidance, and state reports have sometimes inappropriately reported on lawful meetings. Counterterrorism on Main Street In cities across Tennessee and across the nation local agencies are using sophisticated equipment and techniques to keep an eye out for terrorist threats -- and to watch Americans in the process. Launch Gallery ? The need to identify U.S.-born or naturalized citizens who are planning violent attacks is more urgent than ever, U.S. intelligence officials say. This month's FBI sting operation involving a Baltimore construction worker who allegedly planned to bomb a Maryland military recruiting station is the latest example. It followed a similar arrest of a Somali-born naturalized U.S. citizen allegedly seeking to detonate a bomb near a Christmas tree lighting ceremony in Portland, Ore. There have been nearly two dozen other cases just this year. "The old view that 'if we fight the terrorists abroad, we won't have to fight them here' is just that - the old view," Homeland Security Secretary Janet Napolitano told police and firefighters recently. The Obama administration heralds this local approach as a much-needed evolution in the way the country confronts terrorism. Top Secret America is a project two years in the making that describes the huge security buildup in the United States after the Sept. 11, 2001, attacks. Today?s story is about those efforts at the local level, including law enforcement and homeland security agencies in every state and thousands of communities. View previous stories, explore relationships between government organizations and the types of work being done, and view top-secret geography on an interactive map. However, just as at the federal level, the effectiveness of these programs, as well as their cost, is difficult to determine. The Department of Homeland Security, for example, does not know how much money it spends each year on what are known as state fusion centers, which bring together and analyze information from various agencies within a state. The total cost of the localized system is also hard to gauge. The DHS has given $31 billion in grants since 2003 to state and local governments for homeland security and to improve their ability to find and protect against terrorists, including $3.8 billion in 2010. At least four other federal departments also contribute to local efforts. But the bulk of the spending every year comes from state and local budgets that are too disparately recorded to aggregate into an overall total. The Post findings paint a picture of a country at a crossroads, where long-standing privacy principles are under challenge by these new efforts to keep the nation safe. The public face of this pivotal effort is Napolitano, the former governor of Arizona, which years ago built one of the strongest state intelligence organizations outside of New York to try to stop illegal immigration and drug importation. Napolitano has taken her "See Something, Say Something" campaign far beyond the traffic signs that ask drivers coming into the nation's capital for "Terror Tips" and to "Report Suspicious Activity." She recently enlisted the help of Wal-Mart, Amtrak, major sports leagues, hotel chains and metro riders. In her speeches, she compares the undertaking to the Cold War fight against communists. "This represents a shift for our country," she told New York City police officers and firefighters on the eve of the 9/11 anniversary this fall. "In a sense, this harkens back to when we drew on the tradition of civil defense and preparedness that predated today's concerns." ---- From Afghanistan to Tennessee On a recent night in Memphis, a patrol car rolled slowly through a parking lot in a run-down section of town. The military-grade infrared camera on its hood moved robotically from left to right, snapping digital images of one license plate after another and analyzing each almost instantly. Suddenly, a red light flashed on the car's screen along with the word "warrant." "Got a live one! Let's do it," an officer called out. The streets of Memphis are a world away from the streets of Kabul, yet these days, the same types of technologies and techniques are being used in both places to identify and collect information about suspected criminals and terrorists. The examples go far beyond Memphis. * Hand-held, wireless fingerprint scanners were carried by U.S. troops during the insurgency in Iraq to register residents of entire neighborhoods. L-1 Identity Solutions is selling the same type of equipment to police departments to check motorists' identities. * In Arizona, the Maricopa County Sheriff's Facial Recognition Unit, using a type of equipment prevalent in war zones, records 9,000 biometric digital mug shots a month. * U.S. Customs and Border Protection flies General Atomics' Predator drones along the Mexican and Canadian borders - the same kind of aircraft, equipped with real-time, full-motion video cameras, that has been used in wars in Kosovo, Iraq and Afghanistan to track the enemy. The special operations units deployed overseas to kill the al-Qaeda leadership drove technological advances that are now expanding in use across the United States. On the front lines, those advances allowed the rapid fusing of biometric identification, captured computer records and cellphone numbers so troops could launch the next surprise raid. Here at home, it's the DHS that is enamored with collecting photos, video images and other personal information about U.S. residents in the hopes of teasing out terrorists. The DHS helped Memphis buy surveillance cameras that monitor residents near high-crime housing projects, problematic street corners, and bridges and other critical infrastructure. It helped pay for license plate readers and defrayed some of the cost of setting up Memphis's crime-analysis center. All together it has given Memphis $11 million since 2003 in homeland security grants, most of which the city has used to fight crime. "We have got things now we didn't have before," said Memphis Police Department Director Larry Godwin, who has produced record numbers of arrests using all this new analysis and technology. "Some of them we can talk about. Some of them we can't." One of the biggest advocates of Memphis's data revolution is John Harvey, the police department's technology specialist, whose computer systems are the civilian equivalent of the fancier special ops equipment used by the military. Harvey collects any information he can pry out of government and industry. When officers were wasting time knocking on the wrong doors to serve warrants, he persuaded the local utility company to give him a daily update of the names and addresses of customers. When he wanted more information about phones captured at crime scenes, he programmed a way to store all emergency 911 calls, which often include names and addresses to associate with phone numbers. He created another program to upload new crime reports every five minutes and mine them for the phone numbers of victims, suspects, witnesses and anyone else listed on them. Now, instead of having to decide which license plate numbers to type into a computer console in the patrol car, an officer can simply drive around, and the automatic license plate reader on his hood captures the numbers on every vehicle nearby. If the officer pulls over a driver, instead of having to wait 20 minutes for someone back at the office to manually check records, he can use a hand-held device to instantly call up a mug shot, a Social Security number, the status of the driver's license and any outstanding warrants. The computer in the cruiser can tell an officer even more about who owns the vehicle, the owner's name and address and criminal history, and who else with a criminal history might live at the same address. Take a recent case of two officers with the hood-mounted camera equipment who stopped a man driving on a suspended license. One handcuffed him, and the other checked his own PDA. Based on the information that came up, the man was ordered downtown to pay a fine and released as the officers drove off to stop another car. That wasn't the end of it, though. A record of that stop - and the details of every other arrest made that night, and every summons written - was automatically transferred to the Memphis Real Time Crime Center, a command center with three walls of streaming surveillance video and analysis capabilities that rival those of an Army command center. There, the information would be geocoded on a map to produce a visual rendering of crime patterns. This information would help the crime intelligence analysts predict trends so the department could figure out what neighborhoods to swarm with officers and surveillance cameras. But that was still not the end of it, because the fingerprints from the crime records would also go to the FBI's data campus in Clarksburg, W.Va. There, fingerprints from across the United States are stored, along with others collected by American authorities from prisoners in Saudi Arabia and Yemen, Iraq and Afghanistan. There are 96 million sets of fingerprints in Clarksburg, a volume that government officials view not as daunting but as an opportunity. This year for the first time, the FBI, the DHS and the Defense Department are able to search each other's fingerprint databases, said Myra Gray, head of the Defense Department's Biometrics Identity Management Agency, speaking to an industry group recently. "Hopefully in the not-too-distant future," she said, "our relationship with these federal agencies - along with state and local agencies - will be completely symbiotic." ---- The FBI's 'suspicious' files At the same time that the FBI is expanding its West Virginia database, it is building a vast repository controlled by people who work in a top-secret vault on the fourth floor of the J. Edgar Hoover FBI Building in Washington. This one stores the profiles of tens of thousands of Americans and legal residents who are not accused of any crime. What they have done is appear to be acting suspiciously to a town sheriff, a traffic cop or even a neighbor. If the new Nationwide Suspicious Activity Reporting Initiative, or SAR, works as intended, the Guardian database may someday hold files forwarded by all police departments across the country in America's continuing search for terrorists within its borders. The effectiveness of this database depends, in fact, on collecting the identities of people who are not known criminals or terrorists - and on being able to quickly compile in-depth profiles of them. "If we want to get to the point where we connect the dots, the dots have to be there," said Richard A. McFeely, special agent in charge of the FBI's Baltimore office. In response to concerns that information in the database could be improperly used or released, FBI officials say anyone with access has been trained in privacy rules and the penalties for breaking them. But not everyone is convinced. "It opens a door for all kinds of abuses," said Michael German, a former FBI agent who now leads the American Civil Liberties Union's campaign on national security and privacy matters. "How do we know there are enough controls?" The government defines a suspicious activity as "observed behavior reasonably indicative of pre-operational planning related to terrorism or other criminal activity" related to terrorism. State intelligence analysts and FBI investigators use the reports to determine whether a person is buying fertilizer to make a bomb or to plant tomatoes; whether she is plotting to poison a city's drinking water or studying for a metallurgy test; whether, as happened on a Sunday morning in late September, the man snapping a picture of a ferry in the Newport Beach harbor in Southern California simply liked the way it looked or was plotting to blow it up. Suspicious Activity Report N03821 says a local law enforcement officer observed "a suspicious subject . . . taking photographs of the Orange County Sheriff Department Fire Boat and the Balboa Ferry with a cellular phone camera." The confidential report, marked "For Official Use Only," noted that the subject next made a phone call, walked to his car and returned five minutes later to take more pictures. He was then met by another person, both of whom stood and "observed the boat traffic in the harbor." Next another adult with two small children joined them, and then they all boarded the ferry and crossed the channel. All of this information was forwarded to the Los Angeles fusion center for further investigation after the local officer ran information about the vehicle and its owner through several crime databases and found nothing. Authorities would not say what happened to it from there, but there are several paths a suspicious activity report can take: At the fusion center, an officer would decide to either dismiss the suspicious activity as harmless or forward the report to the nearest FBI terrorism unit for further investigation. At that unit, it would immediately be entered into the Guardian database, at which point one of three things could happen: The FBI could collect more information, find no connection to terrorism and mark the file closed, though leaving it in the database. It could find a possible connection and turn it into a full-fledged case. Or, as most often happens, it could make no specific determination, which would mean that Suspicious Activity Report N03821 would sit in limbo for as long as five years, during which time many other pieces of information about the man photographing a boat on a Sunday morning could be added to his file: employment, financial and residential histories; multiple phone numbers; audio files; video from the dashboard-mounted camera in the police cruiser at the harbor where he took pictures; and anything else in government or commercial databases "that adds value," as the FBI agent in charge of the database described it. That could soon include biometric data, if it existed; the FBI is working on a way to attach such information to files. Meanwhile, the bureau will also soon have software that allows local agencies to map all suspicious incidents in their jurisdiction. The Defense Department is also interested in the database. It recently transferred 100 reports of suspicious behavior into the Guardian system, and over time it expects to add thousands more as it connects 8,000 military law enforcement personnel to an FBI portal that will allow them to send and review reports about people suspected of casing U.S. bases or targeting American personnel. And the DHS has created a separate way for state and local authorities, private citizens, and businesses to submit suspicious activity reports to the FBI and to the department for analysis. As of December, there were 161,948 suspicious activity files in the classified Guardian database, mostly leads from FBI headquarters and state field offices. Two years ago, the bureau set up an unclassified section of the database so state and local agencies could send in suspicious incident reports and review those submitted by their counterparts in other states. Some 890 state and local agencies have sent in 7,197 reports so far. Of those, 103 have become full investigations that have resulted in at least five arrests, the FBI said. There have been no convictions yet. An additional 365 reports have added information to ongoing cases. But most remain in the uncertain middle, which is why within the FBI and other intelligence agencies there is much debate about the effectiveness of the bottom-up SAR approach, as well as concern over the privacy implications of retaining so much information on U.S. citizens and residents who have not been charged with anything. The vast majority of terrorism leads in the United States originate from confidential FBI sources and from the bureau's collaboration with federal intelligence agencies, which mainly work overseas. Occasionally a stop by a local police officer has sparked an investigation. Evidence comes from targeted FBI surveillance and undercover operations, not from information and analysis generated by state fusion centers about people acting suspiciously. "It's really resource-inefficient," said Philip Mudd, a 20-year CIA counterterrorism expert and a top FBI national security official until he retired nine months ago. "If I were to have a dialogue with the country about this . . . it would be about not only how we chase the unknowns, but do you want to do suspicious activity reports across the country? . . . Anyone who is not at least suspected of doing something criminal should not be in a database." Charles Allen, a longtime senior CIA official who then led the DHS's intelligence office until 2009, said some senior people in the intelligence community are skeptical that SARs are an effective way to find terrorists. "It's more likely that other kinds of more focused efforts by local police will gain you the information that you need about extremist activities," he said. The DHS can point to some successes: Last year the Colorado fusion center turned up information on Najibullah Zazi, an Afghan-born U.S. resident planning to bomb the New York subway system. In 2007, a Florida fusion center provided the vehicle ownership history used to identify and arrest an Egyptian student who later pleaded guilty to providing material support to terrorism, in this case transporting explosives. "Ninety-nine percent doesn't pan out or lead to anything" said Richard Lambert Jr., the special agent in charge of the FBI's Knoxville office. "But we're happy to wade through these things." ---- Expert training? Ramon Montijo has taught classes on terrorism and Islam to law enforcement officers all over the country. "Alabama, Colorado, Vermont," said Montijo, a former Army Special Forces sergeant and Los Angeles Police Department investigator who is now a private security consultant. "California, Texas and Missouri," he continued. What he tells them is always the same, he said: Most Muslims in the United States want to impose sharia law here. "They want to make this world Islamic. The Islamic flag will fly over the White House - not on my watch!" he said. "My job is to wake up the public, and first, the first responders." With so many local agencies around the country being asked to help catch terrorists, it often falls to sheriffs or state troopers to try to understand the world of terrorism. They aren't FBI agents, who have years of on-the-job and classroom training. Instead, they are often people like Lacy Craig, who was a police dispatcher before she became an intelligence analyst at Idaho's fusion center, or the detectives in Minnesota, Michigan and Arkansas who can talk at length about the lineage of gangs or the signs of a crystal meth addict. Now each of them is a go-to person on terrorism as well. "The CIA used to train analysts forever before they graduated to be a real analyst," said Allen, the former top CIA and DHS official. "Today we take former law enforcement officers and we call them intelligence officers, and that's not right, because they have not received any training on intelligence analysis." State fusion center officials say their analysts are getting better with time. "There was a time when law enforcement didn't know much about drugs. This is no different," said Steven W. Hewitt, who runs the Tennessee fusion center, considered one of the best in the country. "Are we experts at the level of [the National Counterterrorism Center]? No. Are we developing an expertise? Absolutely." But how they do that is usually left up to the local police departments themselves. In their desire to learn more about terrorism, many departments are hiring their own trainers. Some are self-described experts whose extremist views are considered inaccurate and harmful by the FBI and others in the intelligence community Like Montijo, Walid Shoebat, a onetime Muslim who converted to Christianity, also lectures to local police. He too believes that most Muslims seek to impose sharia law in the United States. To prevent this, he said in an interview, he warns officers that "you need to look at the entire pool of Muslims in a community." When Shoebat spoke to the first annual South Dakota Fusion Center Conference in Sioux Falls this June, he told them to monitor Muslim student groups and local mosques and, if possible, tap their phones. "You can find out a lot of information that way," he said. A book expanding on what Shoebat and Montijo believe has just been published by the Center for Security Policy, a Washington-based neoconservative think tank. "Shariah: The Threat to America" describes what its authors call a "stealth jihad" that must be thwarted before it's too late. The book's co-authors include such notables as former CIA director R. James Woolsey and former deputy undersecretary of defense for intelligence Lt. Gen. William G. Boykin, along with the center's director, a longtime activist. They write that most mosques in the United States already have been radicalized, that most Muslim social organizations are fronts for violent jihadists and that Muslims who practice sharia law seek to impose it in this country. Frank Gaffney Jr., director of the center, said his team has spoken widely, including to many law enforcement forums. "Members of our team have been involved in training programs for several years now, many of which have been focused on local law enforcement intelligence, homeland security, state police, National Guard units and the like," Gaffney said. "We're seeing a considerable ramping-up of interest in getting this kind of training." Government terrorism experts call the views expressed in the center's book inaccurate and counterproductive. They say the DHS should increase its training of local police, using teachers who have evidence-based viewpoints. DHS spokeswoman Amy Kudwa said the department does not maintain a list of terrorism experts but is working on guidelines for local authorities wrestling with the topic. So far, the department has trained 1,391 local law enforcement officers in analyzing public information and 400 in analytic thinking and writing skills. Kudwa said the department also offers counterterrorism training through the Federal Emergency Management Agency, which this year enrolled 94 people in a course called "Advanced Criminal Intelligence Analysis to Prevent Terrorism." ---- A lack of useful information The DHS also provides local agencies a daily flow of information bulletins. These reports are meant to inform agencies about possible terror threats. But some officials say they deliver a never-ending stream of information that is vague, alarmist and often useless. "It's like a garage in your house you keep throwing junk into until you can't park your car in it," says Michael Downing, deputy chief of counterterrorism and special operations for the Los Angeles Police Department. A review of nearly 1,000 DHS reports dating back to 2003 and labeled "For Official Use Only" underscores Downing's description. Typical is one from May 24, 2010, titled "Infrastructure Protection Note: Evolving Threats to the Homeland." It tells officials to operate "under the premise that other operatives are in the country and could advance plotting with little or no warning." Its list of vulnerable facilities seems to include just about everything: "Commercial Facilities, Government Facilities, Banking and Financial and Transportation . . ." Bart R. Johnson, who heads the DHS's intelligence and analysis office, defended such reports, saying that threat reporting has "grown and matured and become more focused." The bulletins can't be more specific, he said, because they must be written at the unclassified level. Recently, the International Association of Chiefs of Police agreed that the information they were receiving had become "more timely and relevant" over the past year. Downing, however, said the reports would be more helpful if they at least assessed threats within a specific state's boundaries. States have tried to do that on their own, but with mixed, and at times problematic, results. In 2009, for instance, after the DHS and the FBI sent out several ambiguous reports about threats to mass-transit systems and sports and entertainment venues, the New Jersey Regional Operations Intelligence Center's Threat Analysis Program added its own information. "New Jersey has a large mass-transit infrastructure," its report warned, and "an NFL stadium and NHL/NBA arenas, a soccer stadium, and several concert venues that attract large crowds." In Virginia, the state's fusion center published a terrorism threat assessment in 2009 naming historically black colleges as potential hubs for terrorism. From 2005 to 2007, the Maryland State Police went even further, infiltrating and labeling as terrorists local groups devoted to human rights, antiwar causes and bike lanes. And in Pennsylvania this year, a local contractor hired to write intelligence bulletins filled them with information about lawful meetings as varied as Pennsylvania Tea Party Patriots Coalition gatherings, antiwar protests and an event at which environmental activists dressed up as Santa Claus and handed out coal-filled stockings. ---- 'We have our own terrorists' Even if the information were better, it might not make a difference for the simplest of reasons: In many cities and towns across the country, there is just not enough terrorism-related work to do. In Utah on one recent day, one of five intelligence analysts in the state's fusion center was writing a report about the rise in teenage overdoses of an over-the-counter drug. Another was making sure the visiting president of Senegal had a safe trip. Another had just helped a small town track down two people who were selling magazine subscriptions and pocketing the money themselves. In the Colorado Information Analysis Center, some investigators were following terrorism leads. Others were looking into illegal Craigslist postings and online "World of Warcraft" gamers. The vast majority of fusion centers across the country have transformed themselves into analytical hubs for all crimes and are using federal grants, handed out in the name of homeland security, to combat everyday offenses. This is happening because, after 9/11, local law enforcement groups did what every agency and private company did in Top Secret America: They followed the money. The DHS helped the Memphis Police Department, for example, purchase 90 surveillance cameras, including 13 that monitor bridges and a causeway. It helped buy the fancy screens on the walls of the Real Time Crime Center, as well as radios, robotic surveillance equipment, a mobile command center and three bomb-sniffing dogs. All came in the name of port security and protection to critical infrastructure. Since there hasn't been a solid terrorism case in Memphis yet, the equipment's greatest value has been to help drive down city crime. Where the mobile surveillance cameras are set up, criminals scatter, said Lt. Mark Rewalt, who, on a recent Saturday night, scanned the city from an altitude of 1,000 feet. Flying in a police helicopter, Rewalt pointed out some of the cameras the DHS has funded. They are all over the city, in mall parking lots, in housing projects, at popular street hang-outs. "Cameras are what's happening now," he marveled. Meanwhile, another post-9/11 unit in Tennessee has had even less terrorism-related work to do. The Tennessee National Guard 45th Weapons of Mass Destruction Civil Support Team, one of at least 50 such units around the country, was created to respond to what officials still believe is the inevitable release of chemical, biological or radiological material by terrorists. The unit's 22 hazardous-materials personnel have the best emergency equipment in the state. A fleet of navy-blue vehicles - command, response, detection and tactical operations trucks - is kept polished and ready to roll in a garage at the armory in Smyrna. The unit practices WMD scenarios constantly. But in real life, the crew uses the equipment very little: twice a year at NASCAR races in nearby Bristol to patrol for suspicious packages. Other than that, said Capt. Matt Hayes, several times a year they respond to hoaxes. The fact that there has not been much terrorism to worry about is not evident on the Tennessee fusion center's Web site. Click on the incident map, and the state appears to be under attack. Red icons of explosions dot Tennessee, along with blinking exclamation marks and flashing skulls. The map is labeled: "Terrorism Events and Other Suspicious Activity. But if you roll over the icons, the explanations that pop up have nothing to do with major terrorist plots: "Johnson City police are investigating three 'bottle bombs' found at homes over the past three days," one description read recently. ". . . The explosives were made from plastic bottles with something inside that reacted chemically and caused the bottles to burst." Another told a similar story: "The Scott County Courthouse is currently under evacuation after a bomb threat was called in Friday morning. Update: Authorities completed their sweep . . . and have called off the evacuation." Nine years after 9/11, this map is part of the alternative geography that is Top Secret America, where millions of people are assigned to help stop terrorism. Memphis Police Director Godwin is one of them, and he has his own version of what that means in a city where there have been 86 murders so far this year. "We have our own terrorists, and they are taking lives every day," Godwin said. "No, we don't have suicide bombers - not yet. But you need to remain vigilant and realize how vulnerable you can be if you let up." Staff researcher Julie Tate contributed to this story. From rforno at infowarrior.org Tue Dec 21 05:53:49 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 21 Dec 2010 06:53:49 -0500 Subject: [Infowarrior] - Idiotic USG solution to WL 'pollution' Message-ID: <9D4C9384-F584-48F4-BE3C-DD213A114288@infowarrior.org> Feds Seek Computer Firewall to Block WikiLeaks 'Pollution' Dec 20, 2010 ? 3:22 PM http://www.aolnews.com/2010/12/20/feds-seek-computer-firewall-to-block-wikileaks-pollution/ Sharon Weinberger Contributor Among the more striking aspects of the still unfolding WikiLeaks controversy are government demands that their workers -- and even federal contractors -- refrain from reading leaked classified documents, even though they are in the public domain. Now, according to one network security company, the government wants to install a system that can block unclassified computers from accessing WikiLeaks documents no matter where they originate. Fidelis Security, a Boston-based network security company that works with the military and other government agencies, says it's being asked to set up a firewall against WikiLeaks document traffic, regardless of whether it flows from a website, e-mail or other source. Fidelis sells a network security system to federal agencies that is designed to prevent "data extrusion," or leaks, but it can also be used to prevent data -- in this case, classified documents released by WikiLeaks -- from coming into a network. "The interesting twist by our customers is they now want it to be used on inbound traffic to prevent consumption of classified materials from WikiLeaks and other places," Kurt Bertone, the company's vice president and security strategist, told AOL News in an interview. For government agencies, which have declared the WikiLeaks documents off limits, such software offers a potential solution to what Bertone calls "pollution" of the unclassified networks by classified documents leaked on the Internet. At issue are the more than 250,000 leaked diplomatic cables -- many of them classified -- that are being posted on the Web by WikiLeaks, the anti-secrecy organization. WikiLeaks has also released tens of thousands of military documents related to the wars in Iraq and Afghanistan. Those documents are also posted on a number of "mirror" WikiLeaks websites and are being re-posted by some news media and other independent outlets. "Once that classified information gets out into the wild, you don't know where it's going to come from, and it may come back into the network," Bertone said. Fidelis software can be used to block e-mails, websites and other Internet traffic containing the WikiLeaks documents by using keyword searches. Sponsored Links Bertone said that WikiLeaks presents a unique challenge for government because the leaked documents -- many of them classified -- are being re-posted on multiple websites, which is problematic if the government wants to prevent access to them. The Air Force, for example, has started blocking news media sites such as The New York Times that have re-posted some of the documents. But Bertone said that the Air Force approach wouldn't prevent someone from being e-mailed a leaked document, or accessing a website that hasn't been specifically blocked by the Air Force. "This information is going over the entire Internet, and it's impossible to block access to every site that re-posts WikiLeaks cables," he said. Bertone declined to name which government customers have asked Fidelis to block WikiLeaks documents, but the military is listed as one of the company's clients. A Pentagon spokesman was not immediately able to comment today on whether the Defense Department had requested Fidelis' help with blocking access to WikiLeaks cables. From rforno at infowarrior.org Tue Dec 21 09:18:04 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 21 Dec 2010 10:18:04 -0500 Subject: [Infowarrior] - Schneier Reviews Clarke's 'Cyberwar' Message-ID: Book Review: Cyber War Cyber War: The Next Threat to National Security and What to do About It by Richard Clarke and Robert Knake, HarperCollins, 2010. http://www.schneier.com/blog/archives/2010/12/book_review_cyb.html Cyber War is a fast and enjoyable read. This means you could give the book to your non-techy friends, and they'd understand most of it, enjoy all of it, and learn a lot from it. Unfortunately, while there's a lot of smart discussion and good information in the book, there's also a lot of fear-mongering and hyperbole as well. Since there's no easy way to tell someone what parts of the book to pay attention to and what parts to take with a grain of salt, I can't recommend it for that purpose. This is a pity, because parts of the book really need to be widely read and discussed. The fear-mongering and hyperbole is mostly in the beginning. There, the authors describe the cyberwar of novels. Hackers disable air traffic control, delete money from bank accounts, cause widespread blackouts, release chlorine gas from chemical plants, and -- this is my favorite -- remotely cause your printer to catch on fire. It's exciting and scary stuff, but not terribly realistic. Even their discussions of previous "cyber wars" -- Estonia, Georgia, attacks against U.S. and South Korea on July 4, 2009 -- are full of hyperbole. A lot of what they write is unproven speculation, but they don't say that. Better is the historical discussion of the formation of the U.S. Cyber Command, but there are important omissions. There?s nothing about the cyberwar fear stoked that accompanied this: by the NSA's General Keith Alexander -- who became the first head of the command -- or by the NSA's former director, current military contractor, by Mike McConnell, who?s Senior Vice President at Booz Allen Hamilton, and by others. By hyping the threat, the former has amassed a lot of power, and the latter a lot of money. Cyberwar is the new cash cow of the military-industrial complex, and any political discussion of cyberwar should include this as well. Also interesting is the discussion of the asymmetric nature of the threat. A country like the United States, which is heavily dependent on the Internet and information technology, is much more vulnerable to cyber-attacks than a less-developed country like North Korea. This means that a country like North Korea would benefit from a cyberwar exchange: they'd inflict far more damage than they'd incur. This also means that, in this hypothetical cyberwar, there would be pressure on the U.S. to move the war to another theater: air and ground, for example. Definitely worth thinking about. Most important is the section on treaties. Clarke and Knake have a lot of experience with nuclear treaties, and have done considerable thinking about how to apply that experience to cyberspace. The parallel isn't perfect, but there's a lot to learn about what worked and what didn't, and -- more importantly -- how things worked and didn't. The authors discuss treaties banning cyberwar entirely (unlikely), banning attacks against civilians, limiting what is allowed in peacetime, stipulating no first use of cyber weapons, and so on. They discuss cyberwar inspections, and how these treaties might be enforced. Since cyberwar would be likely to result in a new worldwide arms race, one with a more precarious trigger than the nuclear arms race, this part should be read and discussed far and wide. Sadly, it gets lost in the rest of the book. And, since the book lacks an index, it can be hard to find any particular section after you're done reading it. In the last chapter, the authors lay out their agenda for the future, which largely I agree with. ? We need to start talking publicly about cyber war. This is certainly true. The threat of cyberwar is going to consume the sorts of resources we shoveled into the nuclear threat half a century ago, and a realistic discussion of the threats, risks, countermeasures, and policy choices is essential. We need more universities offering degrees in cyber security, because we need more expertise for the entire gamut of threats. ? We need to better defend our military networks, the high-level ISPs, and our national power grid. Clarke and Knake call this the "Defensive Triad." The authors and I disagree strongly on how this should be done, but there is no doubt that it should be done. The two parts of that triad currently in commercial hands are simply too central to our nation, and too vulnerable, to be left insecure. And their value is far greater to the nation than it is to the corporations that own it, which means the market will not naturally secure it. I agree with the authors that regulation is necessary. ? We need to reduce cyber crime. Even without the cyber warriors bit, we need to do that. Cybercrime is bad, and it's continuing to get worse. Yes, it's hard. But it's important. ? We need international cyberwar treaties. I couldn't agree more about this. We do. We need to start thinking about them, talking about them, and negotiating them now, before the cyberwar arms race takes off. There are all kind of issues with cyberwar treaties, and the book talks about a lot of them. However full of loopholes they might be, their existence will do more good than harm. ? We need more research on secure network designs. Again, even without the cyberwar bit, this is essential. We need more research in cybersecurity, a lot more. ? We need decisions about cyberwar -- what weapons to build, what offensive actions to take, who to target -- to be made as far up the command structure as possible. Clarke and Knake want the president to personally approve all of this, and I agree. Because of its nature, it can be easy to launch a small-scale cyber attack, and it can be easy for a small-scale attack to get out of hand and turn into a large-scale attack. We need the president to make the decisions, not some low-level military officer ensconced in a computer-filled bunker late one night. This is great stuff, and a fine starting place for a national policy discussion on cybersecurity, whether it be against a military, espionage, or criminal threat. Unfortunately, for readers to get there, they have to wade through the rest of the book. And unless their bullshit detectors are already well-calibrated on this topic, I don't want them reading all the hyperbole and fear-mongering that comes before, no matter how readable the book. Note: I read Cyber War in April, when it first came out. I wanted to write a review then, but found that while my Kindle is great for reading, it?s terrible for flipping back and forth looking for bits and pieces to write about in a review. So I let the review languish. Finally, I borrowed a paper copy from my local library. From rforno at infowarrior.org Tue Dec 21 09:33:51 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 21 Dec 2010 10:33:51 -0500 Subject: [Infowarrior] - Auditors question TSA's use of and spending on technology Message-ID: Auditors question TSA's use of and spending on technology By Dana Hedgpeth Washington Post Staff Writer Tuesday, December 21, 2010; 12:55 AM http://www.washingtonpost.com/wp-dyn/content/article/2010/12/20/AR2010122005599_pf.html Before there were full-body scanners, there were puffers. The Transportation Security Administration spent about $30 million on devices that puffed air on travelers to "sniff" them out for explosives residue. Those machines ended up in warehouses, removed from airports, abandoned as impractical. The massive push to fix airport security in the United States after the attacks of Sept. 11, 2001, led to a gold rush in technology contracts for an industry that mushroomed almost overnight. Since it was founded in 2001, the TSA has spent roughly $14 billion in more than 20,900 transactions with dozens of contractors. In addition to beefing up the fleets of X-ray machines and traditional security systems at airports nationwide, about $8 billion also paid for ambitious new technologies. The agency has spent about $800 million on devices to screen bags and passenger items, including shoes, bottled liquids, casts and prostheses. For next year, it wants more than $1.3 billion for airport screening technologies. But lawmakers, auditors and national security experts question whether the government is too quick to embrace technology as a solution for basic security problems and whether the TSA has been too eager to write checks for unproven products. "We always want the best, the latest and greatest technology against terrorists, but that's not necessarily the smartest way to spend your money and your efforts," said Kip Hawley, who served as the head of the TSA from 2005 until last year. "We see a technology that looks promising, and the temptation is to run to deploy it before we fully understand how it integrates with the multiple layers we already have in place like using a watch list, training officers at every checkpoint to look for suspicious behavior and using some pat-downs." Some say the fact that the United States hasn't had another 9/11-level terrorist attack shows that the investment was money well spent. But government auditors have faulted the TSA and its parent agency, the Department of Homeland Security, for failing to properly test and evaluate technology before spending money on it. The puffer machines, for example, were an early TSA attempt at improving electronic screening in airport security lines. Designed to dislodge explosive particles by shooting air blasts at passengers, the detectors turned out to be unreliable and expensive to operate. But they were deployed in many airports before the TSA had fully tested them, according to the Government Accountability Office. The puffers were "deployed even though TSA officials were aware that tests conducted during 2004 and 2005 on earlier [puffer] models suggested they did not demonstrate reliable performance in an airport environment," according to a GAO report from October 2009. TSA officials told the GAO that they had deployed the puffers to "respond quickly to the threat posed by a suicide bomber" after incidents on Russian airliners in 2004. The agency stopped buying and deploying the puffer machines to airports in June 2006. The GAO said in its October 2009 report that 116 puffers were in storage. A TSA spokesman said the agency had "since disposed of" the machines or transferred them to other agencies. Analyzing risk The government auditors expressed similar concerns that the TSA hasn't done good assessments of the risk, cost benefits or performances of other new technologies for screening at checkpoints. The GAO has said that the TSA has "not conducted a risk assessment or cost-benefit analysis, or established quantifiable performance measures" on its new technologies. "As a result, TSA does not have assurance that its efforts are focused on the highest priority security needs." In other cases, equipment to trace explosives and other devices for screening passengers have had technical problems and projected cost overruns, according to a recent GAO report. The full-body scanners that have made headlines in recent weeks for their revealing images of passengers were tested more thoroughly than the puffer machines before being deployed, the GAO has found. But the auditors faulted the agency for not fully justifying their cost, saying that the agency's plan to double the number of body scanners in coming years will require more personnel to run and maintain them - an expense of as much as $2.4 billion. "They're adding layers of security and technology, but they need to do a cost-benefit analysis to make sure this is worthwhile," said Steve Lord of the GAO's Homeland Security and Justice team, who has reviewed the TSA's purchases. "They need to look at whether there is other technology to deploy at checkpoints. Are we getting the best technology for the given pot of money? Is there a cheaper way to provide the same level of security through other technology?" John Huey, an airport security expert, said the TSA's contracts with vendors to buy more equipment and devices often aren't done in a "systematic way." "TSA has an obsession of finding a single box that will solve all its problems," Huey said. "They've spent and wasted money looking for that one box, and there is no such solution. . . . They respond to congressional mandates and the latest headlines of attempted terrorist attacks without any thought to risk management or separating out the threats in a logical way." TSA officials disagree. They say there are responsible processes in place to research, develop and fund new technologies for airport security. And they point out that some gee-whiz equipment that vendors have pitched has taken too long to develop or has been too expensive to produce. "We have to be predictive and acquire the best technology today to address the known threats by being informed of the latest intelligence and be proactive in working on what could be the next threats," said TSA Administrator John Pistole. "It is a tall order." He said that technology isn't the only security effort underway. The TSA uses a combination of tactics, including terrorist watch lists, intelligence gathering and training security officers, to look for suspicious behavior. Trial and error The billions of dollars the TSA has spent on technology has been "a good investment," Pistole said, but he said that developing devices is full of risk. "It is a lot of art with the science. We're always competing for the best technology at the best price. It is just a constantly changing dynamic environment." After 9/11, there was talk of cargo containers that could withstand explosions, for example, but airport security experts said they never came to fruition, in part because they were too heavy and airlines didn't want to pay for the extra fuel to carry them. Another much talked-about device, a shoe scanner that would allow passengers to keep their shoes on while going through a checkpoint, has not been fully deployed to airports. Twelve companies are vying to provide shoe scanners to U.S. airports, but the TSA has not chosen one. Contractors said they were responding to the requests the agency puts out for new ways to prevent terrorists in a world that has an ever-changing threat. Executives at airport security companies say they find that the TSA often buys its screening equipment and technologies to face the most recent threat rather than anticipating what might come next. "We don't always see a well-defined roadmap of what they want," said Tom Ripp, president of the Security and Detection Systems division of L-3 Communications, a major security contractor. Part of the problem is that experts disagree about what constitutes an effective airport security system, and policy makers are reluctant to embrace some techniques - such as profiling - that American society finds objectionable. "Since the introduction of metal detectors in the 1970s, technologies have been bought and cobbled together in a somewhat piecemeal approach," said Tom LaTourrette, a security expert at RAND Corp., a nonprofit research institute. "No one has been able to provide a satisfactory answer to the question of how to best structure aviation security," he said. Quick solutions The rush to improve security and quickly protect the public has also led to some shortcuts in contracting procedures, according to government reports. A March audit from the Department of Homeland Security's inspector general looked at 29 support service contracts that the TSA had issued to buy new technologies for baggage and passenger screening equipment, worth a total of $662 million. It found that the agency "did not provide adequate management and oversight" on the contracts. It concluded that the TSA "did not have reasonable assurance that contractors were performing as required, that it contracted for the services it needed, that it received the services it paid for, or that taxpayers were receiving the best value." The TSA said it has made improvements in its contracting process and oversight efforts. Although big companies have been quick to respond to the new government market for air security, smaller firms - which often are incubators for cutting-edge technologies - say they have faced frustrations. Clint Seward of Acton, Mass., started trying in the late 1980s to sell the government a device about the size of a laptop called a BCT (bottle content tester) that would detect hazardous liquids in bottles and allow people to carry water bottles or sodas on planes. "We were trying to convince them this made sense, but you couldn't get a consensus to get them to roll it out," Seward said. Then 9/11 happened. "The day after they said, 'Can you give us a quote for 1,500 of these?' " Seward said. "I'm thinking, 'Sure.' " He did the quote, but he said that the TSA didn't have the money to fund it at first, and then he faced competition on the idea. "By the time TSA got the money for it, the big guys took over," Seward said. "They realized it was big money to be made with TSA. They pushed their way in." Last year, the TSA bought 500 bottled-liquid scanners in a $22 million contract with Smiths Detection. It has deployed more than 600 of the scanners to airports nationwide and expects to deploy more next year. hedgpethd at washpost.com Staff researcher Julie Tate contributed to this report. From rforno at infowarrior.org Tue Dec 21 09:46:23 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 21 Dec 2010 10:46:23 -0500 Subject: [Infowarrior] - Berkman Report: Distributed Denial of Service (DDoS) Attacks Message-ID: <66AD1A97-C9C8-4E25-BEC6-81FAEFE23A8D@infowarrior.org> 2010 Report on Distributed Denial of Service (DDoS) Attacks Published December 20, 2010 Authored by Ethan Zuckerman, Hal Roberts, Ryan McGrady, Jillian York, John Palfrey Introduction Distributed Denial of Service (DDoS) is an increasingly common Internet phenomenon capable of silencing Internet speech, usually for a brief interval but occasionally for longer. In this paper, we explore the specific phenomenon of DDoS attacks on independent media and human rights organizations, seeking to understand the nature and frequency of these attacks, their efficacy, and the responses available to sites under attack. Our report offers advice to independent media and human rights sites likely to be targeted by DDoS but comes to the uncomfortable conclusion that there is no easy solution to these attacks for many of these sites, particularly for attacks that exhaust network bandwidth. This paper makes recommendations for how independent sites can best mitigate the impact of DDoS. < -- > http://cyber.law.harvard.edu/publications/2010/DDoS_Independent_Media_Human_Rights From rforno at infowarrior.org Tue Dec 21 21:03:04 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 21 Dec 2010 22:03:04 -0500 Subject: [Infowarrior] - CIA launches task force to assess impact of U.S. cables' exposure by WikiLeaks Message-ID: <2F3A8B10-875F-4F15-A888-A281753656E3@infowarrior.org> CIA launches task force to assess impact of U.S. cables' exposure by WikiLeaks By Greg Miller Washington Post Staff Writer Tuesday, December 21, 2010; 5:24 PM http://www.washingtonpost.com/wp-dyn/content/article/2010/12/21/AR2010122104599_pf.html The CIA has launched a task force to assess the impact of the exposure of thousands of U.S. diplomatic cables and military files by WikiLeaks. Officially, the panel is called the WikiLeaks Task Force. But at CIA headquarters, it's mainly known by its all-too-apt acronym: W.T.F. The irreverence is perhaps understandable for an agency that has been relatively unscathed by WikiLeaks. Only a handful of CIA files have surfaced on the WikiLeaks Web site, and records from other agencies posted online reveal remarkably little about CIA employees or operations. Even so, CIA officials said the agency is conducting an extensive inventory of the classified information, which is routinely distributed on a dozen or more networks that connect agency employees around the world. And the task force is focused on the immediate impact of the most recently released files. One issue is whether the agency's ability to recruit informants could be damaged by declining confidence in the U.S. government's ability to keep secrets. "The director asked the task force to examine whether the latest release of WikiLeaks documents might affect the agency's foreign relationships or operations," CIA spokesman George Little said. The panel is being led by the CIA's Counterintelligence Center but has more than two dozen members from departments across the agency. To some agency veterans, WikiLeaks has vindicated the CIA's long-standing aversion to sharing secrets with other government agencies, a posture that came under sharp criticism after it was identified as a factor that contributed to the nation's failure to prevent the attacks of Sept. 11, 2001. Even while moving to share more information over the past decade, the agency "has not capitulated to this business of making everything available to outsiders," said a former high-ranking CIA official who recently retired. "They don't even make everything available to insiders. And by and large the system has worked." CIA veterans said most of the agency's international correspondence is classified at the "Secret" level, same as the records that ended up online. But the agency has always insisted on using its own systems. As recently as two years ago, the agency rejected a request to make more of its intelligence reports available on the SIPRNET, the classified network used by the Pentagon to pass information around the world. "We simply said we weren't going to do it," another former CIA official said. "The consensus was there were simply too many people potentially who had access." The former officials spoke on condition of anonymity because they weren't authorized to discuss agency security measures. Among those people with access to SIPRNET was a low-level U.S. Army intelligence analyst, Bradley E. Manning, who has been charged with disclosing classified information and is suspected of using a simple thumb drive to steal the files that were sent to WikiLeaks. The CIA has had its own computer scandals. Security clearances for former CIA director John Deutch were suspended in the late 1990s after he was accused of keeping classified information on his computer at home. Officials said the agency has also had internal difficulty keeping track of laptops that are sent to overseas stations, as well as sensitive information shared with thousands of contractors that the CIA has hired as part of a build-up over the past 10 years. The agency employs software measures to minimize the chance of a WikiLeaks-like leak. Agency systems send warnings to administrators whenever a large amount of data is downloaded. And most of the CIA's computers are not equipped to allow the use of a removable drive. Asked what might happen if he had inserted a thumb drive into the machine at his desk, the former senior CIA official quipped: "There would probably be a little trap door under my chair." Even so, CIA security experts have fretted for years about the implications of moving secret information from pieces of paper to digital files that can be distributed online. "It's just a huge vulnerability," the former high-ranking CIA officer said. "Nobody could carry out enough paper to do what WikiLeaks has done." From rforno at infowarrior.org Tue Dec 21 21:06:39 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 21 Dec 2010 22:06:39 -0500 Subject: [Infowarrior] - Wall St. Computers Read the News, and Trade on It Message-ID: <916802CA-B196-494B-9A6D-1389689D818B@infowarrior.org> December 21, 2010 Wall St. Computers Read the News, and Trade on It By GRAHAM BOWLEY http://www.nytimes.com/2010/12/22/technology/22trading.html The number-crunchers on Wall Street are starting to crunch something else: the news. Math-loving traders are using powerful computers to speed-read news reports, editorials, company Web sites, blog posts and even Twitter messages ? and then letting the machines decide what it all means for the markets. The development goes far beyond standard digital fare like most-read and e-mailed lists. In some cases, the computers are actually parsing writers? words, sentence structure, even the odd emoticon. A wink and a smile ? ;) ? for instance, just might mean things are looking up for the markets. Then, often without human intervention, the programs are interpreting that news and trading on it. Given the volatility in the markets and concern that computerized trading exaggerates the ups and downs, the notion that Wall Street is engineering news-bots might sound like an investor?s nightmare. But the development, years in the making, is part of the technological revolution that is reshaping Wall Street. In a business where information is the most valuable commodity, traders with the smartest, fastest computers can outfox and outmaneuver rivals. ?It is an arms race,? said Roger Ehrenberg, managing partner at IA Ventures, an investment firm specializing in young companies, speaking of some of the new technologies that help traders identify events first and interpret them. Many of the robo-readers look beyond the numbers and try to analyze market sentiment, that intuitive feeling investors have about the markets. Like the latest economic figures, news and social media buzz ? ?unstructured data,? as it is known ? can shift the mood from exuberance to despondency. Tech-savvy traders have been scraping data out of new reports, press releases and corporate Web sites for years. But new, linguistics-based software goes well beyond that. News agencies like Bloomberg, Dow Jones and Thomson Reuters have adopted the idea, offering services that supposedly help their Wall Street customers sift through news automatically. Some of these programs hardly seem like rocket science. Working with academics at Columbia University and the University of Notre Dame, Dow Jones compiled a dictionary of about 3,700 words that can signal changes in sentiment. Feel-good words include obvious ones like ?ingenuity,? ?strength? and ?winner.? Feel-bad ones include ?litigious,? ?colludes? and ?risk.? The software typically identifies the subject of a story and then examines the actual words. The programs are written to recognize the meaning of words and phrases in context, like distinguishing between ?terribly,? ?good? and ?terribly good.? Vince Fioramonti, a portfolio manager at Alpha Equity Management, a $185 million equities fund in Hartford, uses Thomson Reuters software to measure sentiment over weeks, rather than minutes or hours, and pumps that information directly into his fund?s trading systems. ?It is an aggregate effect,? Mr. Fioramonti said. ?These things give you the ability to assimilate more information.? Bloomberg monitors news articles and Twitter feeds and alerts its customers if a lot of people are suddenly sending Twitter messages about, say, I.B.M. Lexalytics, a text analysis company in Amherst, Mass., that works with Thomson Reuters, says it has developed algorithms that make sense out of Twitter messages. That includes emoticons like the happy-face :) and the not-so-happy :\. Skeptics abound, but proponents insist such software will eventually catch on with traders. ?This is where the news breaks,? said Jeff Catlin, the chief executive of Lexalytics. ?You have a leg up if you are a trader.? The computer-savvy traders known as quants are paying attention. According to Aite Group, a financial services consulting company, about 35 percent of quantitative trading firms are exploring whether to use unstructured data feeds. Two years ago, about 2 percent of those firms used them. Quants often use these programs to manage their risks by, say, automatically shutting down trading when bad news hits. But industry experts say the programs are also moving the markets. Last May, as Greece?s financial crisis deepened, Wall Street computers seized on a news story with the word ?abyss? in the headline and initiated sell orders, according to industry experts. But some warn of a growing digital divide in the markets. Well-heeled traders who can afford sophisticated technology have an edge over everyone else, these people say. Paul Tetlock, an associate professor at Columbia University who did research that was used to create the news algorithms, worries that technology has skewed the playing field. Regulators, he said, should keep a close eye on these high-speed traders. ?People are trading news at very high frequency,? he said. ?People worry about that.? But the experts are already talking about the next thing ? programs to automatically digest broadcast and closed-caption television. Adam Honor?, the research director at Aite Group, said the innovations did not end there. He said some traders were using software that monitored public statements by corporate executives and administered the computer equivalent of a lie-detector test. ?It is the next wave of trading,? Mr. Honor? said of unstructured data. ?It goes hand in hand with more and more of everyday life being digitized.? From rforno at infowarrior.org Wed Dec 22 22:41:15 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 22 Dec 2010 23:41:15 -0500 Subject: [Infowarrior] - BAC Prepares to Get WikiLeaked by Buying Up Negative Domain Names Message-ID: Bank of America Prepares to Get WikiLeaked by Buying Up Negative Domain Names ? 12/22/10 at 08:55 AM http://nymag.com/daily/intel/2010/12/wikileaks_newest_ally_gorbache.html Bank of America isn't waiting around for the media to confirm whether or not it's the target of WikiLeaks's next leak. The company has been trying to hoover up negative domain names about its CEO, Brian Moynihan, registering BrianMoynihanBlows.com, BrianMoynihanSucks.com, BrianTMoynihanBlows.com, and BrianTMoynihanSucks.com ? in some case, the .net and .org versions as well, all in the last month. Oh, Bank of America, you vastly underestimate the Internet's creativity. In addition to giving the hacktivists a handy "To Hack" list, you've also shown your hand. What exactly does Bank of America think is in these documents, which WikiLeaks said will expose ?flagrant violations? and ?unethical practices," that would make the public want to launch websites about their leader sucking and blowing? Maybe the CIA's WikiLeaks Task Force (known around headquarters by its initials) has some idea. Julian Assange, meanwhile, is not at a loss for media partners after picking a fight with the Guardian for publishing a leak on the leaker. Rupert Murdoch's Times U.K. was happy to take up the cause. And now it looks like former Soviet leader Mikhail Gorbachev has joined in. Novaya Gazeta, a Moscow newspaper controlled by Gorbachev and Russian billionaire Alexander Lebedev, the 488th richest billionaire in the world, has joined forces with WikiLeaks and agreed to make public some material on Russia that has yet to be published. Novaya Gazeta is known for its muckraking coverage on the Kremlin, exposing bribes under Vladimir Putin and military abuses in Chechnya. In fact, the paper is so good at exposing injustices that one of its reporters discovered that Israel Shamir, WikiLeaks's anti-Semitic content aggregator in Russia, faked some information in a cable about Mahmoud Ahmadinejad. We would say the plot thickens, but really at this point, the WikiLeaks saga could use some thinning out. From rforno at infowarrior.org Thu Dec 23 08:49:25 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 23 Dec 2010 09:49:25 -0500 Subject: [Infowarrior] - JFK On Secrecy And Censorship Message-ID: JFK On Secrecy And Censorship from the blast-from-the-past dept http://www.techdirt.com/articles/20101206/01134912143/jfk-secrecy-censorship.shtml Glyn Moody points us to a blog post that has a video/audio clip of a John F. Kennedy speech to the press about secrecy and censorship, which is getting some attention for the contrast to the way our government is responding to the Wikileaks controversy. The key paragraph is the one that opens the video: The very word "secrecy" is repugnant in a free and open society; and we are as a people inherently and historically opposed to secret societies, to secret oaths and to secret proceedings. We decided long ago that the dangers of excessive and unwarranted concealment of pertinent facts far outweighed the dangers which are cited to justify it. Even today, there is little value in opposing the threat of a closed society by imitating its arbitrary restrictions. Even today, there is little value in insuring the survival of our nation if our traditions do not survive with it. And there is very grave danger that an announced need for increased security will be seized upon by those anxious to expand its meaning to the very limits of official censorship and concealment. That I do not intend to permit to the extent that it is in my control. And no official of my Administration, whether his rank is high or low, civilian or military, should interpret my words here tonight as an excuse to censor the news, to stifle dissent, to cover up our mistakes or to withhold from the press and the public the facts they deserve to know. Compare that to the way our government has been responding -- demanding that US companies block access to Wikileaks and other such moves. Of course, if you read the full speech from JFK (which was given to the American Newspaper Publishers Association), it's really quite nuanced. JFK argues forcefully against censorship from the government -- but actually is suggesting that the press consider self-censoring itself, taking into account the impact that it could have if it publishes certain information. However, he does try to make it clear that he does not want criticism or errors to be shielded from the public -- just that he hopes the press will decide for themselves to avoid publishing info that directly reveals vital points to enemies of the country. In the end, I actually think these two paragraphs may be even more powerful than the one that most people are talking about: I not only could not stifle controversy among your readers--I welcome it. This Administration intends to be candid about its errors; for as a wise man once said: "An error does not become a mistake until you refuse to correct it." We intend to accept full responsibility for our errors; and we expect you to point them out when we miss them. Without debate, without criticism, no Administration and no country can succeed--and no republic can survive. That is why the Athenian lawmaker Solon decreed it a crime for any citizen to shrink from controversy. And that is why our press was protected by the First Amendment-- the only business in America specifically protected by the Constitution- -not primarily to amuse and entertain, not to emphasize the trivial and the sentimental, not to simply "give the public what it wants"--but to inform, to arouse, to reflect, to state our dangers and our opportunities, to indicate our crises and our choices, to lead, mold, educate and sometimes even anger public opinion. Too bad we're not hearing much of that from our politicians today. From rforno at infowarrior.org Thu Dec 23 09:05:06 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 23 Dec 2010 10:05:06 -0500 Subject: [Infowarrior] - Happy Holidays Message-ID: <244289F0-D9D2-4F42-92BA-DCEC92236889@infowarrior.org> Just a short note to wish all list readers, lurkers, and contributers the very best for a safe, happy, and relaxing holiday season. May the best of your 2010 be but the worst of your 2011! -- Rick And as traditional, I repost below the holiday scene from of my favourite BBC shows from the early 1980s. < -- > (Video@ http://www.youtube.com/watch?v=vShJa6GobFQ) Bernard: Before you go home for the holidays, Minister, Sir Humphrey has something to say to you. Sir Humphrey: Minister, Just one thing. I wonder if I might crave your momentary indulgence in order to discharge a, by-no-means disagreeable obligation, which is over the years become more-or-less, an established practice within government circles, as we approach the terminal period of the year, calendar of-course not financial. In fact not to put a too fine a point on it, week 51, and submit to you, with all appropriate deference for your consideration at a convenient juncture, a sincere and sanguine expectation and indeed confidence. Indeed one might go so far to say, hope, that the aforementioned period may be, at the end of the day, when all relevant factors have been taken into consideration, susceptible of being deemed to be such as, to merit the final verdict of having been, by-no-means unsatisfactory in it?s overall outcome and in the final analysis to give grounds for being judged, on mature reflection to have been conducive to generating a degree of gratification, which will be seen in retrospect to have been significantly higher than the general average. Jim Hacker: Humphrey, are you saying Happy Christmas? Sir Humphrey: Yes Minister! From rforno at infowarrior.org Thu Dec 23 15:44:25 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 23 Dec 2010 16:44:25 -0500 Subject: [Infowarrior] - Good Grief, BYTE is Coming Back! Message-ID: <64334599-5EEF-4313-BB34-87D3A127E150@infowarrior.org> (Speaking of nostalgia, anyone have fond memories of Enter Magazine or the programmer-centric Nibble? -- rick) Good Grief, BYTE is Coming Back! By Harry McCracken | Posted at 10:25 pm on Wednesday, December 22, 2010 http://technologizer.com/2010/12/22/good-grief-byte-is-coming-back/ What?s the most-loved computer magazine of all time? There?s really only one contender: BYTE, which was founded in 1975 and ceased print publication a dozen years ago. If you worked in computer magazines, as I did, you got used to old-timers comparing your publication unfavorably to BYTE. (And actually, come to think of it, BYTE aficonados also liked to compare the current BYTE unfavorably to BYTE as it was in its golden age?which lasted roughly from its inception until the magazine stopped running a cover painting by Robert Tinney on every issue circa 1987. It remained a very solid publication until the end, though.) BYTE was one of the first major computer magazines (it was preceded by the similarly influential Creative Computing); it was the first massively successful one; it spawned BIX, an online service which I still miss. Most important, it was just plain good?well-written, well-edited, and as sophisticated and technical as the people who read it. (I learned a lot from Phil Lemmons, a BYTE editor who later became my boss at PC World.) Its review of the original Mac is a nice example of what made BYTE, well, BYTE. It died shortly after tech publisher CMP acquired it and the rest of McGraw-Hill?s tech division in 1998. Given the resonance of the BYTE name, shutting it down seemed like an odd, ill-advised move at the time, even though the magazine, once morbidly obese with advertising, was no longer a cash cow. CMP did keep the Web site alive for years, in increasingly unambitious form, but even that bit the dust a few years ago. But now United Business Media?the current owner of what was once CMP?is brining BYTE back. BYTE.com is relaunching in the second quarter of next year, and my friend Gina Smith will be the editor. Back in BYTE?s glory days, it was highly technical and dedicated to in-depth coverage of every significant computing platform, even as IBM PC clones came to dominate. The new BYTE doesn?t sound like it?ll pick up precisely where the old one left off, but it does sound like it?ll have a useful mission. Here?s part of the press release, with a quote from another friend, Fritz Nelson: Byte, which originally started in 1975, will serve as the professional?s guide to consumer technology, providing news, analysis, reviews, and insight across the media gamut ? from slide shows and video, to written columns and news commentary. The site will launch in Q2 2011 as part of UBM TechWeb?s growing digital portfolio. [snip] ?IT is faced with new, pervasive user expectations ? that all technology should work like the technology end users have at home, and that they can actually bring that technology into the work place,? said InformationWeek editorial director Fritz Nelson. ?This includes smart phones, tablets, social networks, and a host of gadgets and productivity software. IT needs to both manage and exploit the business value of these technologies.? That does reflect at least a slice of the old BYTE. If it had never stopped publishing, I?d sure be curious to hear what it had to say about the iPhone, tablets, Facebook, and other stuff which didn?t exist in BYTE?s heyday. I suspect some old-time BYTE fans won?t be thrilled by any incarnation of the brand that doesn?t have a hardcore technical focus, Tinney art, a column by Jerry Pournelle, and other signature features from the first time around. That?s okay: If they grumble that the new BYTE isn?t as good as the old BYTE, they?ll just be giving it the same treatment that a multitude of other tech-media brands have gotten. Me, I?m glad it?s coming back?I mean, BYTE.com is one of the best domain names on the planet, and there should be something worthwhile there? From rforno at infowarrior.org Thu Dec 23 16:47:05 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 23 Dec 2010 17:47:05 -0500 Subject: [Infowarrior] - Economic Comment by Bill Gross: Welcome to Allentown Message-ID: <11097CF2-7FF8-4D01-AA18-BBF9AE1465DC@infowarrior.org> Investment Outlook William H. Gross | December 2010 Allentown http://www.pimco.com/Pages/AllentownDecember2010.aspx Well we?re living here in Allentown And they?re closing all the factories down Out in Bethlehem they?re killing time Filling out forms Standing in line And we?re living here in Allentown ? Billy Joel, 1982 We?re all Allentowners now. Granted, 90% of the workforce is still reporting for work on time, but our standard of living, our confidence in the future ? we?re standing in line in Allentown. Lost in the policy debate surrounding the elections and the subsequent demonization of the Federal Reserve?s Quantitative Easing (?QE2?) policies has been any recognition of why we no longer live on Ronald Reagan?s shining hill or how we might possibly reclaim higher ground. There are two fundamental explanations: 1) The global economy is suffering from a lack of aggregate demand. In simple English that means that consumers are not buying enough things and that companies are not hiring enough people because of it. Growth slows down, especially in developed as opposed to developing countries, and the steel mills of Allentown, USA and Sheffield, England close down. This shortfall of global demand is a nearly impossible concept to grasp amongst politicians and their citizenry. Don?t people always want to buy more things and isn?t demand theoretically insatiable? They do, and it is. Yet economic growth is a delicate dance between production and finance and when a nation?s or a family?s credit card gets maxed out, then demand/spending slows measurably. We are witnessing these commonsensical repercussions across the entire continent of Europe today and to a lesser extent in the United States. Developing nations and their consumers want to buy things too. And while their economies are growing fast, their overall size is not yet sufficient to pull along the economies of Europe, Japan and the U.S. Their financial systems are still maturing and reminiscent of a spindly-legged baby giraffe, having lots of upward potential, but still striving for balance after a series of missteps, the most recent of which was the trio of the 1997?98 Asian crisis, the 1998 Russian default and the 2001 Argentine default. And so their policies are oriented towards export to debt-laden developed nations instead of internal consumption, leaving a gaping hole in global aggregate demand. China is a locomotive to be sure, but it cannot pull the global economy uphill on the basis of mercantilistic exports alone. It needs to develop many more of its own shopping malls and that will take years, if not decades. 2) With insufficient demand, nations compete furiously for their share of the diminishing global growth pie. All look to borrow growth from somewhere else. Nearly a half century ago, the undisputed champion of global growth was the United States ? it held all the cards: an unscathed post-WWII industrial base, an acknowledged Bretton Woods reserve currency and an educated workforce able to out-innovate any and all competitors. No wonder our policies encouraged open markets and free trade policies that would only feed the United States hegemon. At some point in the 1970s to 1980s, however, the rest of the world began to catch up. Japan produced better cars than Detroit, the Iron Curtain fell, and the rise of China was soon to rock American/developed economies out of their presumption that the world was their export oyster. Billy Joel?s Allentown was transformed from an iron and coke/chromium steel behemoth into an unemployment center, filling out forms ? standing in line. And so the United States and its developed economy counterparts face an unfamiliar crisis of unrecognized dimensions and potentially endless proportions. Politicians and respective electorates focus on taxes or healthcare when the ultimate demon is a lack of global demand and the international competitiveness to thrive. The solution for more jobs is seen as a simple quick step of extending the Bush tax cuts or incenting small businesses to hire additional workers, or in the case of Euroland, shoring up government balance sheets with emergency funding. It is not. These policies only temporarily bolster consumption while failing to address the fundamental problem of developed economies: Job growth is moving inexorably to developing economies because they are more competitive. Free trade and open competition, like a stretched rubber band, have snapped the U.S. and many of its Euroland counterparts in the face. By many estimates, Chinese labor works for 10% or less than its American counterparts. In addition, and importantly, it is able to innovate as quickly or replicate what we do. Jobs, in other words, can never come back to the level or the prosperity reminiscent of 1960s? Allentown, Pennsylvania until the playing field is leveled. This phrase of a ?level playing field? opens up endless possibilities. If, in fact, the solution to how we can reclaim the vision of Ronald Reagan?s ?shining hill? and the Allentown of decades past is to ?level the playing field,? there are obviously a number of ways to do it. The constructive way is to stop making paper and start making things. Replace subprimes, and yes, Treasury bonds with American cars, steel, iPads, airplanes, corn ? whatever the world wants that we can make better and/or cheaper. Learn how to compete again. Investments in infrastructure and 21st century education and research, as opposed to 20th century education are mandatory, as is a withdrawal from resource-draining foreign wars. It will be a tough way back, but it can be done with sacrifice and appropriate public policies that encourage innovation, education and national reconstruction, as opposed to Wall Street finance and Main Street consumption. The second route to the level playing field involves political and financial chicanery: trade and immigration barriers, currency devaluation and military domination of foreign oil-producing nations. It is by far the less preferable route, but unfortunately the one that is easier and, therefore, most politically feasible. Politicians do not get elected on the basis of ?sacrifice.? They get elected by pointing to foreign demons, be they in the Middle East or in Asia. The Chinese yuan is a far easier target than the American workers earning ten times their Chinese counterparts and producing an inferior product to boot. Politicians also get elected by promising to keep taxes low, even for the rich, with the argument that small business owners cannot afford the increase. The real beneficiaries however, are the mega-millionaires of Wall Street and Newport Beach. And yes, policymakers at the Fed write trillions of dollars? worth of checks under the guise of quantitative easing, a policy which takes Charles Ponzi one step further by purchasing the government?s own paper in a last gasp effort to support asset prices. Faced with these two decidedly different routes to ?level the playing field? it seems obvious that the United States is opting for ?Easy Street? as opposed to ?Buckle Down Road.? Granted, ?The Ben Bernank? as a YouTube cartoon rather hilariously labeled him, has for several months importuned Congress and the Executive Branch to institute substantive reforms, while he attempts to keep the patient alive via non-conventional monetary policy. But very few others are willing to extract their heads from the sand. The President?s debt commission with its insistence on low personal and corporate income tax rates and a mere 15 cent increase in the gasoline tax was one example. The Republicans? reluctance to advance detailed ideas for budget balancing is another. And the Democrats? two-year focus on the biggest entitlement program since Social Security ? healthcare ? as opposed to fundamental reforms to counter our lack of global competitiveness ? is perhaps the most grievous example of lost opportunity. Unlike the United Kingdom, where Prime Minister Cameron has championed fiscal conservatism, or even Euroland, which is being forced in the direction of Angela Merkel?s Germanic work ethic, the United States seems to acknowledge no bounds to what it can spend to bolster consumption or how much it can print to support its asset markets. We will more than likely continue to ?level the playing field? via currency devaluation and an increasing emphasis on trade barriers and immigration, as opposed to constructive policies to make this country more competitive in the global marketplace. If so, investors should recognize that an emphasis on currency depreciation and trade restrictions are counter to their own interests. Not only would their dollar-denominated investments lose purchasing power over time from a global perspective, but they would do so also via a policy of near 0% interest rates, which are confiscatory in real terms when accompanied by positive and eventually accelerating inflation. In addition, although corporate profits are in many cases broadly diversified across national borders, there should be little doubt that the objective of tariffs and trade barriers is to advantage domestic labor as opposed to domestic capital; profits, therefore will ultimately not benefit. Unless developed economies learn to compete the old-fashioned way ? by making more goods and making them better ? the smart money will continue to move offshore to Asia, Brazil and other developing economies, both in asset and in currency space. The United States in short, needs to make things not paper, but that is not likely unless we see a policy revolution in Washington DC. In the meantime, our unemployed will continue to fill out forms and stand in line. We?re living here in Allentown. William H. Gross Managing Director From rforno at infowarrior.org Thu Dec 23 17:21:10 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 23 Dec 2010 18:21:10 -0500 Subject: [Infowarrior] - OpEd: Wikileaks and the First Amendment Message-ID: <43D462B2-27E8-464B-8132-AAC57E0810F7@infowarrior.org> Of Secrets and Mad Dogs Wikileaks and the First Amendment By RALPH NADER http://www.counterpunch.org/nader12212010.html Thomas Blanton, the esteemed director of the National Security Archive at George Washington University described Washington's hyper-reaction to Wikileaks' transmission of information to some major media in various countries as "Wikimania." In testimony before the House Judiciary Committee last Thursday, Blanton urged the Justice Department to cool it. Wikileaks and newspapers like The New Yorks Times and London's Guardian, he said, are publishers protected by the First Amendment. The disclosures are the first small installment of a predicted much larger forthcoming trove of non-public information from both governments and global corporations. The leakers inside these organizations come under different legal restrictions that those who use their freedom of speech rights to publish the leaked information. The mad dog, homicidal demands to destroy the leaders of Wikileaks by self-styled liberal Democrat and Fox commentator, Bob Beckel, the radio and cable howlers and some members of Congress, may be creating an atmosphere of panic at the politically sensitive Justice Department. Attorney General Eric Holder has made very prejudicial comments pursuant to his assertion that his lawyers considering how they may prosecute Julian Assange, the Wikileaks leader. Mr. Holder declared that both "the national security of the United States" and "the American people have been put at risk." This level of alarm was not shared by the public statements of defense Secretary Robert Gates and Secretary of States Hillary Clinton who downplayed the impact of these disclosures. The Attorney General, who should be directing more of his resources to the corporate crime wave in all its financial, economic and hazardous manifestations, is putting himself in a bind. If he goes after Wikileaks too broadly using the notorious Espionage Act of 1917 and other vague laws, how is he going to deal with The New York Times and other mass media that reported the disclosures? Consider what Harvard Law Professor Jack Goldsmith, who was head of the Office of Legal Counsel in George W. Bush's Justice Department just wrote: "In Obama's Wars, Bob Woodward, with the obvious assistance of many top Obama administration officials, disclosed many details about top secret programs, code names, documents, meetings, and the like. I have a hard time squaring the anger the government is directing towards Wikileaks with its top officials openly violating classification rules and opportunistically revealing without authorization top secret information." On the other hand, if Mr. Holder goes the narrow route to obtain an indictment of Mr. Assange, he will risk a public relations debacle by vindictively displaying prosecutorial abuse (i.e. fixing the law around the enforcement bias.) Double standards have no place in the Justice Department. Wikileaks is also creating anxiety in the corporate suites. A cover story in the December 20, 2010 issue of Forbes magazine reports that early next year a large amount of embarrassing material will be sent to the media by Wikileaks about a major U.S. bank, followed by masses of expos? material on other global corporations. Will these releases inform the people about very bad activities by drug, oil, financial and other companies along with corruption in various countries? If so, people may find this information useful. We can only imagine what sleazy or illegal things our government has been up to that have been covered up. Soon, people may reject the those who would censor Wikileaks. Many people do want to size up what's going on inside their government in their name and with their tax dollars. Wasn't it Jefferson who said that "information is the currency of democracy" and that, given a choice between government and a free press, he'll take the latter? Secrecy?keeping the people and Congress in the dark?is the cancer eating at the vitals of democracy. What is remarkable about all the official hullabaloo by government officials, who leak plenty themselves, is that there never is any indictment or prosecution of government big wigs who continually suppress facts and knowledge in order to carry out very devastating actions like invading Iraq under false pretenses and covering up corporate contractors abuses. The morbid and corporate-indentured secrecy of government over the years has cost many American lives, sent Americans to illegal wars, bilked consumers of billions of dollars and harmed the safety and economic well-being of workers. As Cong. Ron Paul said on the House floor, why is the hostility directed at Assange, the publisher, and not at our government's failure to protect classified information? He asked his colleagues which events caused more deaths, "Lying us into war, or the release of the Wikileaks papers?" Over-reaction by the Obama administration could lead to censoring the Internet, undermining Secretary Clinton's Internet Freedom initiative, which criticized China's controls and lauded hacktivism in that country, and divert attention from the massive over classification of documents by the Executive Branch. A full throttle attack on Wikileaks is what the government distracters want in order to take away the spotlight of the disclosures on their misdeeds, their waste and their construction of an authoritarian corporate state. Professor and ex-Bushite Jack Goldsmith summed up his thoughts this way: "The best thing to do?.would be to ignore Assange and fix the secrecy system so this does not happen again." That presumably is some of what Peter Zatko and his crew are now trying to do at the Pentagon's famed DARPA unit. That secret initiative may ironically undermine the First Amendment should they succeed too much in hamstringing the Internet earlier advanced by that same Pentagon unit. Ralph Nader is the author of Only the Super-Rich Can Save Us!, a novel. From rforno at infowarrior.org Thu Dec 23 18:26:32 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 23 Dec 2010 19:26:32 -0500 Subject: [Infowarrior] - DHS intimidating / retaliating against whistleblowing pilot? Message-ID: <1E476CDF-ED6E-4608-91D8-AC4379DB6DE0@infowarrior.org> Sacramento-area pilot punished for YouTube video George Warren Last updated 10 hrs ago Posted: 12/22/2010 http://www.news10.net/news/article.aspx?storyid=113529 SACRAMENTO, CA - An airline pilot is being disciplined by the Transportation Security Administration (TSA) for posting video on YouTube pointing out what he believes are serious flaws in airport security. The 50-year-old pilot, who lives outside Sacramento, asked that neither he nor his airline be identified. He has worked for the airline for more than a decade and was deputized by the TSA to carry a gun in the cockpit. He is also a helicopter test pilot in the Army Reserve and flew missions for the United Nations in Macedonia. Three days after he posted a series of six video clips recorded with a cell phone camera at San Francisco International Airport, four federal air marshals and two sheriff's deputies arrived at his house to confiscate his federally-issued firearm. The pilot recorded that event as well and provided all the video to News10. At the same time as the federal marshals took the pilot's gun, a deputy sheriff asked him to surrender his state-issued permit to carry a concealed weapon. A follow-up letter from the sheriff's department said the CCW permit would be reevaluated following the outcome of the federal investigation. The YouTube videos, posted Nov. 28, show what the pilot calls the irony of flight crews being forced to go through TSA screening while ground crew who service the aircraft are able to access secure areas simply by swiping a card. "As you can see, airport security is kind of a farce. It's only smoke and mirrors so you people believe there is actually something going on here," the pilot narrates. Video shot in the cockpit shows a medieval-looking rescue ax available on the flight deck after the pilots have gone through the metal detectors. "I would say a two-foot crash ax looks a lot more formidable than a box cutter," the pilot remarked. A letter from the TSA dated Dec. 6 informed the pilot that "an administrative review into your deputation status as a Federal Flight Deck Officer has been initiated." According to the letter, the review was directly related to the discovery by TSA staff of the YouTube videos. "The content and subject of these videos may have violated regulations concerning disclosure of sensitive security information," the letter said. The pilot's attorney, Don Werno of Santa Ana, said he believed the federal government sent six people to the house to send a message. "And the message was you've angered us by telling the truth and by showing America that there are major security problems despite the fact that we've spent billions of dollars allegedly to improve airline safety," Werno said. The pilot said he is not in trouble with his airline, but a supervisor asked him to remove public access to the YouTube videos. He does, however, face potential civil penalties from the TSA. He said he would likely go public when it becomes clear what the government plans to do with him. By George Warren, GWarren at news10.net News10/KXTV From rforno at infowarrior.org Thu Dec 23 20:06:14 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 23 Dec 2010 21:06:14 -0500 Subject: [Infowarrior] - WL Shows That ACTA Secrecy Is Way Beyond Normal Message-ID: <46122CA2-12A4-4659-A4F4-4B4E114DD131@infowarrior.org> Leaked Cable Shows That ACTA Secrecy Is Way Beyond Normal from the didn't-we-say-that? dept http://www.techdirt.com/articles/20101222/10033012382/leaked-cable-shows-that-acta-secrecy-is-way-beyond-normal.shtml As more and more attention was paid to the ridiculous level of secrecy concerning the ACTA negotiators last year, a bunch of ACTA supporters tried to claim that the level of secrecy (such as calling it a state secret involving national security) was perfectly normal for such agreements. A year ago, we went through a rather detailed explanation of how similar negotiations were much more open. The response we heard was that we were wrong and that this was "entirely normal." Turns out, even the diplomats involved knew this was bunk. One of the latest cable leaks from Wikileaks shows an Italian diplomat complaining to a US official about the level of secrecy involved in ACTA, noting that it's much higher than normal and that it makes it more difficult to get stuff done: "The level of confidentiality in these ACTA negotiations has been set at a higher level than is customary for non-security agreements. According to Mazza, it is impossible for member states to conduct necessary consultations with IPR stakeholders and legislatures under this level of confidentiality." Can't wait to see defenders of ACTA secrecy try to backtrack their claims that the secrecy level was perfectly normal. Separately, this particular cable shows some of the problems with the USTR's annual Special 301 report in which it makes up a list of who's been naughty and who's been nice when it comes to intellectual property issues -- based not on evidence, but almost entirely on entertainment industry and pharma industry say so. The Italian official complained to the US that Italy had been working hard to crack down on infringement in Italy, but the USTR slammed them anyway and made no mention of all of the efforts they'd already put towards pushing through changes that Hollywood (via the State Department) was demanding. The Italian official was worried that this would actually lead to a setback, as Italian government officials wondered why they should bother if the USTR was just going to slam them no matter what they did. Of course, none of this is a surprise. The same points about both the Special 301 process and ACTA secrecy were made by many folks, including us at Techdirt, and every time we did, supporters mocked us for "crying wolf" and making stuff up. Yet, now, it turns out that the points many folks were raising were also being stated by government officials. From rforno at infowarrior.org Sun Dec 26 08:15:19 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 26 Dec 2010 09:15:19 -0500 Subject: [Infowarrior] - =?windows-1252?q?You=92ve_Got_to_Have_=28150=29_F?= =?windows-1252?q?riends?= Message-ID: You?ve Got to Have (150) Friends By ROBIN DUNBAR Published: December 25, 2010 http://www.nytimes.com/2010/12/26/opinion/26dunbar.html MORE than anything since the invention of the postal service, Facebook has revolutionized how we relate to one another. But the revolution hasn?t come in quite the way that the people behind it and other social networking sites assume. These sites may have allowed us to amass thousands of ?friends,? but they have not yet devised a way to cut through the clunky, old-fashioned nature of relationships themselves. Our circle of actual friends remains stubbornly small, limited not by technology but by human nature. What Facebook has done, though, is provide us a way to maintain those circles in a fractured, dynamic world. Social networking and other digital media have long promised to open up wonderful new vistas, all from the comfort of our own homes. The limitations of face-to-face interaction that have, until now, bound us to our small individual worlds ? the handful of people we meet in our everyday lives ? would be overcome. The critical component in social networking is the removal of time as a constraint. In the real world, according to research by myself and others, we devote 40 percent of our limited social time each week to the five most important people we know, who represent just 3 percent of our social world and a trivially small proportion of all the people alive today. Since the time invested in a relationship determines its quality, having more than five best friends is impossible when we interact face to face, one person at a time. Instant messaging and social networking claim to solve that problem by allowing us to talk to as many people as we like, all at the same time. Like the proverbial lighthouse blinking on the horizon, our messages fan out into the dark night to every passing ship within reach of an Internet connection. We can broadcast, literally, to the world. I use the word ?broadcast? because, despite Facebook?s promise, that is the fundamental flaw in the logic of the social-networking revolution. The developers at Facebook overlooked one of the crucial components in the complicated business of how we create relationships: our minds. Put simply, our minds are not designed to allow us to have more than a very limited number of people in our social world. The emotional and psychological investments that a close relationship requires are considerable, and the emotional capital we have available is limited. Indeed, no matter what Facebook allows us to do, I have found that most of us can maintain only around 150 meaningful relationships, online and off ? what has become known as Dunbar?s number. Yes, you can ?friend? 500, 1,000, even 5,000 people with your Facebook page, but all save the core 150 are mere voyeurs looking into your daily life ? a fact incorporated into the new social networking site Path, which limits the number of friends you can have to 50. What?s more, contrary to all the hype and hope, the people in our electronic social worlds are, for most of us, the same people in our offline social worlds. In fact, the average number of friends on Facebook is 120 to 130, just short enough of Dunbar?s number to allow room for grandparents and babies, people too old or too young to have acquired the digital habit. This isn?t to say that Facebook and its imitators aren?t performing an important, even revolutionary, task ? namely, to keep us in touch with our existing friends. Until relatively recently, almost everyone on earth lived in small, rural, densely interconnected communities, where our 150 friends all knew one another, and everyone?s 150 friends list was everyone else?s. But the social and economic mobility of the past century has worn away at that interconnectedness. As we move around the country and across continents, we collect disparate pockets of friends, so that our list of 150 consists of a half-dozen subsets of people who barely know of one another?s existence, let alone interact. Our ancestors knew the same people their entire lives; as we move around, though, we can lose touch with even our closest friends. Emotional closeness declines by around 15 percent a year in the absence of face-to-face contact, so that in five years someone can go from being an intimate acquaintance to the most distant outer layer of your 150 friends. Facebook and other social networking sites allow us to keep up with friendships that would otherwise rapidly wither away. And they do something else that?s probably more important, if much less obvious: they allow us to reintegrate our networks so that, rather than having several disconnected subsets of friends, we can rebuild, albeit virtually, the kind of old rural communities where everyone knew everyone else. Welcome to the electronic village. Robin Dunbar is a professor of evolutionary anthropology at Oxford and the author of ?How Many Friends Does One Person Need? Dunbar?s Number and Other Evolutionary Quirks.? From rforno at infowarrior.org Sun Dec 26 10:20:35 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 26 Dec 2010 11:20:35 -0500 Subject: [Infowarrior] - Cambridge's Ross Anderson rocks Message-ID: <84D56102-6083-4EB0-8B66-55CBFDC8E6D7@infowarrior.org> Cambridge university refuses to censor student's thesis on chip-and-PIN vulnerabilities Cory Doctorow at 8:33 AM Saturday, Dec 25, 2010 After the UK banking trade association wrote to Cambridge university to have a student's master's thesis censored because it documented a well-known flaw in the chip-and-PIN system, Cambridge's Ross Anderson sent an extremely stiff note in reply: < -- > http://www.boingboing.net/2010/12/25/cambridge-university-1.html (full thesis @ http://www.cl.cam.ac.uk/~osc22/docs/mphil_acs_osc22.pdf) From rforno at infowarrior.org Sun Dec 26 10:24:16 2010 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 26 Dec 2010 11:24:16 -0500 Subject: [Infowarrior] - Cables Portray Expanded Reach of Drug Agency Message-ID: <05C0F310-2AB9-4999-AE31-D30CA8C4ACA5@infowarrior.org> December 25, 2010 Cables Portray Expanded Reach of Drug Agency http://www.nytimes.com/2010/12/26/world/26wikidrugs.html?pagewanted=print By GINGER THOMPSON and SCOTT SHANE WASHINGTON ? The Drug Enforcement Administration has been transformed into a global intelligence organization with a reach that extends far beyond narcotics, and an eavesdropping operation so expansive it has to fend off foreign politicians who want to use it against their political enemies, according to secret diplomatic cables. In far greater detail than previously seen, the cables, from the cache obtained by WikiLeaks and made available to some news organizations, offer glimpses of drug agents balancing diplomacy and law enforcement in places where it can be hard to tell the politicians from the traffickers, and where drug rings are themselves mini-states whose wealth and violence permit them to run roughshod over struggling governments. Diplomats recorded unforgettable vignettes from the largely unseen war on drugs: ?In Panama, an urgent BlackBerry message from the president to the American ambassador demanded that the D.E.A. go after his political enemies: ?I need help with tapping phones.? ?In Sierra Leone, a major cocaine-trafficking prosecution was almost upended by the attorney general?s attempt to solicit $2.5 million in bribes. ?In Guinea, the country?s biggest narcotics kingpin turned out to be the president?s son, and diplomats discovered that before the police destroyed a huge narcotics seizure, the drugs had been replaced by flour. ?Leaders of Mexico?s beleaguered military issued private pleas for closer collaboration with the drug agency, confessing that they had little faith in their own country?s police forces. ?Cables from Myanmar, the target of strict United States sanctions, describe the drug agency informants? reporting both on how the military junta enriches itself with drug money and on the political activities of the junta?s opponents. Officials of the D.E.A. and the State Department declined to discuss what they said was information that should never have been made public. Like many of the cables made public in recent weeks, those describing the drug war do not offer large disclosures. Rather, it is the details that add up to a clearer picture of the corrupting influence of big traffickers, the tricky game of figuring out which foreign officials are actually controlled by drug lords, and the story of how an entrepreneurial agency operating in the shadows of the F.B.I. has become something more than a drug agency. The D.E.A. now has 87 offices in 63 countries and close partnerships with governments that keep the Central Intelligence Agency at arm?s length. Because of the ubiquity of the drug scourge, today?s D.E.A. has access to foreign governments, including those, like Nicaragua?s and Venezuela?s, that have strained diplomatic relations with the United States. Many are eager to take advantage of the agency?s drug detection and wiretapping technologies. In some countries, the collaboration appears to work well, with the drug agency providing intelligence that has helped bring down traffickers, and even entire cartels. But the victories can come at a high price, according to the cables, which describe scores of D.E.A. informants and a handful of agents who have been killed in Mexico and Afghanistan. In Venezuela, the local intelligence service turned the tables on the D.E.A., infiltrating its operations, sabotaging equipment and hiring a computer hacker to intercept American Embassy e-mails, the cables report. And as the drug agency has expanded its eavesdropping operations to keep up with cartels, it has faced repeated pressure to redirect its counternarcotics surveillance to local concerns, provoking tensions with some of Washington?s closest allies. Sticky Situations Cables written in February by American diplomats in Paraguay, for example, described the D.E.A.?s pushing back against requests from that country?s government to help spy on an insurgent group, known as the Paraguayan People?s Army, or the EPP, the initials of its name in Spanish. The leftist group, suspected of having ties to the Colombian rebel group FARC, had conducted several high-profile kidnappings and was making a small fortune in ransoms. When American diplomats refused to give Paraguay access to the drug agency?s wiretapping system, Interior Minister Rafael Filizzola threatened to shut it down, saying: ?Counternarcotics are important, but won?t topple our government. The EPP could.? The D.E.A. faced even more intense pressure last year from Panama, whose right-leaning president, Ricardo Martinelli, demanded that the agency allow him to use its wiretapping program ? known as Matador ? to spy on leftist political enemies he believed were plotting to kill him. The United States, according to the cables, worried that Mr. Martinelli, a supermarket magnate, ?made no distinction between legitimate security targets and political enemies,? refused, igniting tensions that went on for months. Mr. Martinelli, who the cables said possessed a ?penchant for bullying and blackmail,? retaliated by proposing a law that would have ended the D.E.A.?s work with specially vetted police units. Then he tried to subvert the drug agency?s control over the program by assigning nonvetted officers to the counternarcotics unit. And when the United States pushed back against those attempts ? moving the Matador system into the offices of the politically independent attorney general ? Mr. Martinelli threatened to expel the drug agency from the country altogether, saying other countries, like Israel, would be happy to comply with his intelligence requests. Eventually, according to the cables, American diplomats began wondering about Mr. Martinelli?s motivations. Did he really want the D.E.A. to disrupt plots by his adversaries, or was he trying to keep the agency from learning about corruption among his relatives and friends? One cable asserted that Mr. Martinelli?s cousin helped smuggle tens of millions of dollars in drug proceeds through Panama?s main airport every month. Another noted, ?There is no reason to believe there will be fewer acts of corruption in this government than in any past government.? As the standoff continued, the cables indicate that the United States proposed suspending the Matador program, rather than submitting to Mr. Martinelli?s demands. (American officials say the program was suspended, but the British took over the wiretapping program and have shared the intelligence with the United States.) In a statement on Saturday, the government of Panama said that it regretted ?the bad interpretation by United States authorities of a request for help made to directly confront crime and drug trafficking.? It said that Panama would continue its efforts to stop organized crime and emphasized that Panama continued to have ?excellent relations with the United States.? Meanwhile in Paraguay, according to the cables, the United States acquiesced, agreeing to allow the authorities there to use D.E.A. wiretaps for antikidnapping investigations, as long as they were approved by Paraguay?s Supreme Court. ?We have carefully navigated this very sensitive and politically sticky situation,? one cable said. ?It appears that we have no other viable choice.? A Larger Mandate Created in 1973, the D.E.A. has steadily built its international turf, an expansion primarily driven by the multinational nature of the drug trade, but also by forces within the agency seeking a larger mandate. Since the 2001 terrorist attacks, the agency?s leaders have cited what they describe as an expanding nexus between drugs and terrorism in further building its overseas presence. In Afghanistan, for example, ?DEA officials have become convinced that ?no daylight? exists between drug traffickers at the highest level and Taliban insurgents,? Karen Tandy, then the agency?s administrator, told European Union officials in a 2007 briefing, according to a cable from Brussels. Ms. Tandy described an agency informant?s recording of a meeting in Nangarhar Province between 9 Taliban members and 11 drug traffickers to coordinate their financial support for the insurgency, and she said the agency was trying to put a ?security belt? around Afghanistan to block the import of chemicals for heroin processing. The agency was embedding its officers in military units around Afghanistan, she said. In 2007 alone, the D.E.A. opened new bureaus in Tajikistan, Kyrgyzstan and Dubai, United Arab Emirates, as well as in three Mexican cities. Cables describe lengthy negotiations over the extradition to the United States of the two notorious arms dealers wanted by the D.E.A. as it reached beyond pure counternarcotics cases: Monzer al-Kassar, a Syrian arrested in Spain, and Viktor Bout, a Russian arrested in Thailand. Both men were charged with agreeing to illegal arms sales to informants posing as weapons buyers for Colombian rebels. Notably, neither man was charged with violating narcotics laws. Late last year in a D.E.A. case, three men from Mali accused of plotting to transport tons of cocaine across northwest Africa were charged under a narco-terrorism statute added to the law in 2006, and they were linked to both Al Qaeda and its North African affiliate, called Al Qaeda in the Islamic Maghreb. The men themselves had claimed the terrorism link, according to the D.E.A., though officials told The New York Times that they had no independent corroboration of the Qaeda connections. Experts on the desert regions of North Africa, long a route for smuggling between Africa and Europe, are divided about whether Al Qaeda operatives play a significant role in the drug trade, and some skeptics note that adding ?terrorism? to any case can draw additional investigative resources and impress a jury. New Routes for Graft Most times, however, the agency?s expansion seems driven more by external forces than internal ones, with traffickers opening new routes to accommodate new markets. As Mexican cartels take control of drug shipments from South America to the United States, Colombian cartels have begun moving cocaine through West Africa to Europe. The cables offer a portrait of the staggering effect on Mali, whose deserts have been littered with abandoned airplanes ? including at least one Boeing 727 ? and Ghana, where traffickers easily smuggle drugs through an airport?s ?VVIP (Very Very Important Person) lounge.? Top-to-bottom corruption in many West African countries made it hard for diplomats to know whom to trust. In one 2008 case in Sierra Leone, President Ernest Bai Koroma moved to prosecute and extradite three South American traffickers seized with about 1,500 pounds of cocaine, while his attorney general was accused of offering to release them for $2.5 million in bribes. In Nigeria, the D.E.A. reported a couple of years earlier that diplomats at the Liberian Embassy were using official vehicles to transport drugs across the border because they were not getting paid by their war-torn government and ?had to fend for themselves.? A May 2008 cable from Guinea described a kind of heart-to-heart conversation about the drug trade between the American ambassador, Phillip Carter III, and Guinea?s prime minister, Lansana Kouyat?. At one point, the cable said, Mr. Kouyat? ?visibly slumped in his chair? and acknowledged that Guinea?s most powerful drug trafficker was Ousmane Cont?, the son of Lansana Cont?, then the president. (After the death of his father, Mr. Cont? went to prison.) A few days later, diplomats reported evidence that the corruption ran much deeper inside the Guinean government than the president?s son. In a colorfully written cable ? with chapters titled ?Excuses, Excuses, Excuses? and ?Theatrical Production? ? diplomats described attending what was billed as a drug bonfire that had been staged by the Guinean government to demonstrate its commitment to combating the drug trade. Senior Guinean officials, including the country?s drug czar, the chief of police and the justice minister, watched as officers set fire to what the government claimed was about 350 pounds of marijuana and 860 pounds of cocaine, valued at $6.5 million. In reality, American diplomats wrote, the whole incineration was a sham. Informants had previously told the embassy that Guinean authorities replaced the cocaine with manioc flour, proving, the diplomats wrote, ?that narco-corruption has contaminated? the government of Guinea ?at the highest levels.? And it did not take the D.E.A.?s sophisticated intelligence techniques to figure out the truth. The cable reported that even the ambassador?s driver sniffed out a hoax. ?I know the smell of burning marijuana,? the driver said. ?And I didn?t smell anything.? Andrew W. Lehren contributed reporting. From rforno at infowarrior.org Tue Dec 28 08:08:30 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 28 Dec 2010 09:08:30 -0500 Subject: [Infowarrior] - =?windows-1252?q?Howard_Schmidt=3A_Cyber_Threat_?= =?windows-1252?q?=91Exaggerated=92?= Message-ID: <2D8E7B52-85E3-4719-9DC4-44E99613F94F@infowarrior.org> (I agree 110% with Howard on this --- I've said the same thing for years myself. -- rick) Howard Schmidt: Cyber Threat ?Exaggerated? http://www.thenewnewinternet.com/2010/12/22/howard-schmidt-cyber-threat-exaggerated/ Howard A. Schmidt, White House You can barely turn a page in a newspaper?or on your e-reader?without getting bombarded with an impending sense of doom originating from cyber attacks and malicious hackers. However, according to White House Cybersecurity Coordinator Howard Schmidt, that threat has been overplayed??exaggerated,? as the cyber czar put it in a recent interview. ?Things have to be taken in perspective, and if you look at the billions of transactions that take place online every day, whether it?s e-commerce [or] watching online videos [or] online banking, there?s a tremendous amount of really wonderful, rich robust things that are taking place,? he told Newsweek.?But like anything else, the things that make the news are the things that aren?t working well.? And what has not been working well? Just look back at what 2010 has brought in terms of cyber(in)security: Operation Aurora, Stuxnet, Cablegate, theMasterCard and PayPal attacks, to mention a few. Commenting on Operation Payback, cyber assaults against credit card companies in retaliation for their decision to bid good riddance to WikiLeaks, Schmidt shrugged the attacks off as nothing more than a light nuisance. ?We?ve seen over time [street] protests in cities that shut down traffic, and this is not dissimilar in the online world,? he told Newsweek. ?There may be a disruption for a short period of time, but the bottom line is we continue to work to make sure that the impact is minimal.? Schmidt, however, agreed with the notion that the cyber threat has evolved into something much more advanced and targeted than compared to past years, saying he recognizes ?there?s a real threat out there.? ?But the threat sort of follows the way we build our defenses against it, and I think those things continue to move in parallel,? he noted. From rforno at infowarrior.org Tue Dec 28 08:20:33 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 28 Dec 2010 09:20:33 -0500 Subject: [Infowarrior] - Putin orders switch to Linux Message-ID: <587A8A92-2F04-410E-8256-56750071C18D@infowarrior.org> Nice! -- rick Putin ordered the transfer of power on Linux (translated) http://translate.google.com/translate?js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&sl=auto&tl=en&u=http://open.cnews.ru/news/top/index.shtml%3F2010/12/27/421556 Plan timeline (translated): http://translate.google.com/translate?hl=en&ie=UTF-8&sl=auto&tl=en&u=http://filearchive.cnews.ru/doc/2010/06/17/2299p.doc&prev=_t&rurl=translate.google.com&twu=1 From rforno at infowarrior.org Tue Dec 28 08:57:17 2010 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 28 Dec 2010 09:57:17 -0500 Subject: [Infowarrior] - The Man Who Took on Big Sis Message-ID: Chris Liu: I am the YouTube airline pilot George Warren Last updated 12 hrs ago Posted: 12/27/2010 http://www.news10.net/news/story.aspx?storyid=114138&catid=2 COLFAX, CA - WORLD EXCLUSIVE: The airline pilot who lost his federally-issued gun and badge for posting video on YouTube critical of airport security has chosen to go public with his identity. "My name is Chris Liu and I'm an airline pilot," Liu said during an exclusive interview Monday with News10 at his home in Colfax. Liu's cell phone video tour of security at San Francisco International Airport led to a team of six federal agents and sheriff's deputies coming to his home on Dec. 2 to take his handgun and Federal Flight Deck Officer (FFDO) credentials. Liu's state-issued permit to carry a concealed weapon was also suspended by the Placer County sheriff. Liu contacted News10 last Tuesday to share his story, but insisted that neither he nor his airline be identified for fear of retaliation. Liu decided to reveal his identity Monday because he wants to become actively involved in changing what he believes is a major flaw in airport security. "I just found a disparity between what happens upstairs and what happens downstairs," Liu explained. As Liu pointed out in the video, pilots and flight crew are subjected to real-time TSA security screening while ground crew are not. "Upstairs they're going through the metal detectors and the X-ray machines, and downstairs they're swiping a card," he said. News10 established a relationship with the Liu family last July after their rental home in Sacramento's Oak Park was destroyed by an arsonist. Four firefighters were injured when the house exploded. Although Liu is no longer an FFDO, his flight status with his airline has not changed. Liu's wife, Sandra, said she worries about repercussions from the publicity, but supported her husband's decision to go public. "I think my husband was very courageous. He did what he believed what right," Sandra said. "It's not all about us. It's about the safety of every American." by George Warren, GWarren at news10.net From rforno at infowarrior.org Wed Dec 29 07:54:34 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 29 Dec 2010 08:54:34 -0500 Subject: [Infowarrior] - =?windows-1252?q?The_Military=92s_Worst_Tweeters?= Message-ID: <5CCA71EC-D181-41F1-A8F1-9347F8A4A1BD@infowarrior.org> ttp://www.wired.com/dangerroom/2010/12/general-fail-the-militarys-worst-tweeters/ General FAIL: The Military?s Worst Tweeters By Spencer Ackerman December 28, 2010 | 1:47 pm | Categories: Info War Generals and admirals are powerful people. Their decisions determine the course of thousands of lives, with aftereffects that can affect millions more. Their budgets that can dwarf those of entire countries. Their words are parsed like the Talmud for clues about the future of American warfare. And they absolutely cannot tweet. Twitter may be nearing 200 million users worldwide. But the military has a love-hate relationship with microblogging: The Marines, for instance, banned it last year, along with other social networking services. But communications officers are coming around to the argument that it?s a tweet-or-be-tweeted-about information world. If the military doesn?t use tools like Twitter to spread its message, the argument goes, it?ll risk losing control of stories and influencing people. Adm. Mike Mullen, the chairman of the Joint Chiefs of Staff, has become a prolific tweeter as @thejointstaff, weighing in oncontroversies like the repeal of Don?t Ask, Don?t Tell. The result: more than 32,000 followers. Mullen, alas, is an exception. Twitter and flag officers still generally go together like oil and water. It?s a new medium, after all, and no one says they?ve got to go ALL-CAPS EVERYTHING like Kanye or get into tweet-fights with detractors to use the medium well. But for some, the growing pains are apparent, even if we?re not seeing any Direct-Message Fails. (Full disclosure: The Pentagon asked me a few months ago to share some thoughts about social media at a recent forum.) Just because you can set up a Twitter account doesn?t mean you use it well. Here?s our guide to some of the lamest military Twitter feeds. 1. Adm. James Stavridis. Stavridis, NATO?s supreme allied commander and former Southern Command leader, is considered by many to be one of the brightest lights in the military, a well-respected strategic thinker and all-but-certain future Joint Chiefs chairman. He?s also a technophile ? he once assured bloggers that he personally replies to wall posters on his Facebook page ? and prolific blogger. Here?s Stavridis riffing off of Dr. Strangelove to discuss a recent NATO strategic-planning document, for instance. Natural-born tweeter, right? If only. Stavridis? Facebook friends get jokey photos of his wife with a giant ?fish? they ?caught? in the Caribbean. And @stavridisj?s followers get the kind of updates you?d expect from a co-worker who?s really excited about the deli?s new sandwich. Dec. 1: ?Just briefed SECDEF and headed home to Belgium!? Last week, he let us know he had a briefing in Stuttgart, because we were curious. As if he?s worried about Mullen or Defense Secretary Robert Gates looking over his shoulder, Stavridis keeps us updated on when he meets with, say, the Belgians on Afghanistan. Come on, admiral, you?re supposed to be the most social-media-forward officer in the military. More like these updates onNATO?s help in combating Israel?s recent forest fires in real time; less ?Just finished an off-site with a dozen of my key Admirals and Generals ? finding efficiencies and interagency integration.? You can fit the Strangelove reference into 140 characters. 2. Gen. Carter Ham. Is it really necessary to tweet ?Thanks!!!? to everyone who fills out a survey? Ham, the next commander of all U.S. troops in Africa, had the unenviable task this year of studying troops? attitudes to the repeal of Don?t Ask, Don?t Tell. By all accounts, he did a thorough and professional job. But if @GenCarterHam was supposed to supplement Ham?s effort, it didn?t exactly take advantage of Twitter. Not only did Ham tweet a mere 42 times between March and September, only 12 of those tweets asked troops to fill out online surveys about the repeal ? and only half ofthose actually gave his tweeps the URL to do so. None used the popular #DADT hashtag to attract nonfollowers? attention. Instead, Ham gave gold stars to everyone who took the survey, without discussing any interesting issues raised. The Coast Guard gave ?insightful comments and questions,? and you don?t get to know what they were. Fort Hood gave a ?lively? discussion, making it ?easy to see why they call it ?The Great Place!?? Same with the Naval Academy: ?Great insights from staff, faculty and Midshipmen. But, I didn?t enjoy taunting about recent football results ? It isn?t just Army cadets who need to step their game up. 3. Gen. Martin Dempsey. Another missed opportunity. Dempsey commands the Army?s Training and Doctrine Command ? basically the ground service?s brain. All the Army?s long-term thinking about the future of land warfare and how to adapt to it runs through TRADOC, as it?s known. Which is why following @Martin_Dempsey ought to be a real-time account of an adaptive Army. But what do we get? ?I encourage you to share your stories and photos of Fort Monroe?s rich heritagefor a new book. Details at: http://bit.ly/ftmonroe? Or, in March: ?Outstanding morning of briefers, ideas, and insight at the TRADOC Senior Leaders Conference here in WIlliamsburg, VA.? Maybe you could share with us what you learned? Instead, Dempsey prefers to tweet out speeches or guidance that he gives on modernizing the force. Far be it for a blog to deride the use of Twitter for self-promotion, but here?s an opportunity for Dempsey to interact with soldiers and learn what they think is necessary for the Army?s future. Indeed, here?s @Martin_Dempsey tweeting a speech he gave about getting soldiers to ?engage the Army on what it means to be part of a profession,? rather than just calling them to do so on Twitter. All told, he asked for soldiers? input a grand total of twice, and didn?t retweet a single reply. For TRADOC not to cash in on a transformative technological innovation is just too ironic. 4. Brig. Gen. Steven Spano. The previous tweeters are stingy with their big-think. But Spano, the communications chief for the Air Force?s Air Combat Command, has no shortage of way-out-there-in-the-blue tweets. His feed is actually one of my favorites, because rarely am I sure what @accsix is actually tweeting about. ?Best practices in theory often result in best intentions in reality,? begins Spano?s Dec. 22 gem, ?unique variables must drive unique practices in similar business lines.? Come again? ?If the value of information at rest greatly diminishes over time, shouldn?t our security model be more flexible and adaptive?? If only, general! Run with that! Lead the way! I promise it?ll get you more followers. 5. Gen. Will Fraser. Spano?s boss at Air Combat Command seems to view Twitter as primarily a morale booster. @ACCBoss is a feed filled with you-guys-rule tweets like: ?Superb visit to 705 CTS [Combat Training Squadron] at Kirtland AFB ? tremendous progress has been made with distributed mission operations.? And: ?Promoted MajGen Ted Kresge to LtGen ? he is off to command 13th Air Force ? we wish him all the best and thank him for his continued service.? All of which is cool. But this is a revolutionary moment for air combat, with remotely piloted aircraft playing the role that fighter jets once played. Maybe Fraser has some Twitter-friendly perspectives on that he could share? There?s more to social networking than sharing a reenlistment ceremony at the Talladega Superspeedway. Bottom line, sirs: Donald Rumsfeld has a better Twitter feed than you do right now. You going to let that stand? From rforno at infowarrior.org Wed Dec 29 16:02:58 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 29 Dec 2010 17:02:58 -0500 Subject: [Infowarrior] - Playstation 3 Code Signing Cracked For Good Message-ID: <1194D392-D939-4CA5-9A39-C3415D47113D@infowarrior.org> http://psgroove.com/content.php?581-Sony-s-PS3-Security-is-Epic-Fail-Videos-Within This morning was the big unveil at the Chaos Communication Congress in Berlin, and it did not disappoint. Here is a brief synopsis for those that missed it. The first few minutes of the conference were spent explaining the state of security on other consoles (Wii, 360, etc). Following this, the group went on to explain the current state of affairs on the PS3. First, explaining Geohot's memory line glitching exploit from earlier this year. The team then went on to explain the current PS3 security bypasses, such as jailbreaking and service mode/downgrading. Approximately a half hour in, the team revealed their new PS3 secrets, the moment we all were waiting for. One of the major highlights here was, dongle-less jailbreaking by overflowing the bootup NOR flash, giving complete control over the system. The other major feat, was calculating the public private keys (due to botched security), giving users the ability to sign their own SELFs Following this, the team declared Sony's security to be EPIC FAIL! The recent advent of these new exploits means current firmware is vulnerable, v3.55 and possibly beyond. It will be very difficult for Sony to fix the described exploits. The team then displayed the website http://fail0verflow.com/ were we assume will host examples of the new exploits and further details. They stated that easy to use tools would be coming next month. Stay tuned to this article and PSGroove.com we will be updating it as more info is availble. Also for those that missed the stream we will be posting links for you to download the entire stream. From rforno at infowarrior.org Wed Dec 29 16:06:55 2010 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 29 Dec 2010 17:06:55 -0500 Subject: [Infowarrior] - =?windows-1252?q?Simplest_Phones_Open_to_=91SMS_o?= =?windows-1252?q?f_Death=92?= Message-ID: <9FB6047A-564B-4193-A952-0145A6B25D98@infowarrior.org> Simplest Phones Open to ?SMS of Death? ? By John Borland ? December 28, 2010 | ? 2:20 pm | ? Categories: Chaos Computer Club http://www.wired.com/threatlevel/2010/12/simplest-phones-open-to-%E2%80%9Csms-of-death%E2%80%9D/ BERLIN ? It?s a scene from an as-yet-unmade thriller: Across a country, tens of thousands of cellphones all blink white at the same, and turn themselves off. Calls are lost, phones are rendered useless, and the affected mobile operator is forced to pay a ransom or lose customers. Once phones, now glowing bits of plastic. It hasn?t happened yet. But speaking at the Chaos Computer Club Congress here, German researchers showed how vulnerabilities in some the simplest, but most common phones in the world could conceivably lead to just such a scenario. Mobile phone security has been a growing concern due to the increasing popularity of smartphones, whose web-browsing and app-running capabilities allow attacks similar to those made against computers. Yet more than 85 percent of the world?s cellphones are feature phones ? simple devices with the ability to play MP3s or browse the web, but without the power of the iPhone or Android-based handsets. Vulnerabilities have been found in this type of phone before, but new open source tools allowing individuals to set up their own private GSM networks have helped researchers find a host of bugs ranging from pesky to serious in many of the world?s most common handsets. ?With the openness in the GSM on the network side, we can look at the closed stuff now,? said Collin Mulliner, a researcher at Berlin?s Technical University. ?And if we?re able to look at closed stuff, it usually breaks.? Mulliner and colleague Nico Golde set up their own GSM network in their lab, allowing them to freely test the effects of sending SMS messages containing a variety of potentially damaging payloads. The result was bugs, and plenty of them. Popular models of phones from Nokia (the S40 and related models, except for the very newest release), Sony Ericsson (w800 and several related models), LG (LG 320), Samsung (S5230 Star and S3250) Motorola (the RAZR, ROKR, and SVLR L7) and India?s Micromax (X114) all proved susceptible to what researchers termed an ?SMS of death.? The exact results differed for each phone. In the worst cases, including the Nokia and Sony Ericsson, the message would disconnect the phone and force it to reboot, without registering the fact of the message?s receipt ? in most cases forcing the operator?s network to continue sending the message and triggering the shutdown cycle again. Fixing the problem required putting the SIM card into a new, unsusceptible phone. In the other cases, the payload-laden messages forced the phones? interfaces to shut down, and disconnected the devices from the network. The researchers stressed that other phones likely had similar problems, but their research had focused on these common models. At first glance, these problems appear to be relatively minor compared to the botnet or trojan susceptibilities of smartphones. But these simple attacks could cause serious problems, potentially for a single well-chosen target, or ? more disturbingly ? if launched on a large scale. This could be relatively easily done, Mulliner said. In Germany, for example, mobile-phone-number prefixes are associated with specific operators, allowing large-scale attacks to be mounted on a single operator?s customer base relatively easily. Bulk SMS messages tailored to attack specific common phones by the thousands could be sent using commercial SMS spam services, by activating botnets hiding on mobile phones, or even by an insider at a telephone company. This kind of large-scale attack potential raises the possibility that a telco itself could be held hostage by an outsider threatening to flood its customers with reboots or even broken phones, researchers said. Alternately, some police forces around the world rely on cellphones to communicate in areas where their two-way radios function poorly. An attack on a common model used by a police force could disrupt communications at a critical time. The problem is these problems aren?t easy to fix. Inexpensive ?feature phones? rarely if ever receive firmware updates today. But the potential for abuse of bugs that are becoming easier to find means this practice might have to change, the researchers said. ?Manufacturers need to find a way to do firmware updates, and make sure to advertise them,? Mulliner said. From rforno at infowarrior.org Thu Dec 30 07:38:46 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 30 Dec 2010 08:38:46 -0500 Subject: [Infowarrior] - Ford Focus and Parental Controls Message-ID: <8ACD37BF-B3EE-4E3C-8021-798E3498B040@infowarrior.org> Paging Mrs Lovejoy....Ford Motor on Line 2 --- rick Ford MyKey adds radio censorship to further control teen driving habits http://www.engadget.com/2010/12/30/ford-mykey-adds-radio-censorship-to-further-control-teen-driving/ Daddy doesn't have to take the T-Bird away, he can just take all the fun out of driving it. That is, if the T-Bird is actually a Taurus. Ford's MyKey system has been engendering teen resentment since the release of the 2010 Focus, allowing parents to limit max speeds and cap radio volume, but parental control doesn't stop there -- the 2011 MyKey can selectively block radio stations. Starting next year, parents will have the option to block 16 Sirius radio channels from the car's dial, among them Howard Stern, Playboy, and Hip-Hop Nation. Optional radio censorship isn't the only new feature for MyKey, which allows owners to program a key to fit their specific level of paranoia -- the new version allows parents to set top speeds between 65 and 80mph, instead of the previous fixed cap of 80mph. Other controls carrying over from the original system include a chime that sounds at 10mph intervals, starting at 45mph, and an advanced notice when fuel levels are low. The new features will come standard issue on the 2011 Ford Taurus and Ford Explorer, and will eventually reach across both the Ford and Lincoln brands. From rforno at infowarrior.org Thu Dec 30 07:39:59 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 30 Dec 2010 08:39:59 -0500 Subject: [Infowarrior] - Amazon: USG one of its biggest cloud customers Message-ID: <866B9B3A-CA4D-4023-AAD7-4567F7BFE1D3@infowarrior.org> Just Weeks After Cutting Off Wikileaks, Amazon Brags About How US Federal Gov't Is One Of Its Biggest AWS Customers? from the must-be-a-coincidence,-huh? dept http://www.techdirt.com/articles/20101229/11182612453/just-weeks-after-cutting-off-wikileaks-amazon-brags-about-how-us-federal-govt-is-one-its-biggest-aws-customers.shtml While Senator Joe Lieberman took credit for pressuring Amazon to stop hosting Wikileaks content via its Amazon Web Services infrastructure, Amazon insisted that government pressure had nothing to do with it. Still, it seems rather odd that just weeks after booting Wikileaks, Amazon sent out a press release bragging about how the US federal government is one of its biggest customers (found via Slashdot). Now, obviously, lots of tech companies do plenty of business with the federal government, but the timing of the two events at least creates an impression that Amazon will kick you off its service if the federal government disapproves of what you've done (even if no legal charges have been filed against you). Again, no one is saying that Amazon has no right to deny service to whomever it wishes, but it does seem a bit odd from a PR standpoint, and raises questions about how much anyone should trust working with Amazon web services. I know it's making me reconsider my own use of the platform for various projects. From rforno at infowarrior.org Thu Dec 30 07:42:25 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 30 Dec 2010 08:42:25 -0500 Subject: [Infowarrior] - FCC Claims Broadcasters Give Up 1st Amendment Rights Message-ID: <7E7FF64C-55BF-4259-A7C9-68DD4CCDC354@infowarrior.org> Janet Jackson's Wardrobe Malfunction Leads To FCC Malfunction: Claims Broadcasters Give Up 1st Amendment Rights from the fcc-malfunction dept http://www.techdirt.com/articles/20101229/03441112448/janet-jacksons-wardrobe-malfunction-leads-to-fcc-malfunction-claims-broadcasters-give-up-1st-amendment-rights.shtml Would you believe that the FCC, CBS and the courts are still fighting over the FCC's right to fine CBS over Janet Jackson's infamous "wardrobe malfunction" during the half-time show of the Superbowl in 2004 (yes, seven years ago). There have actually been a series of related cases bouncing up and down through the court system, trying to establish whether or not the FCC's policies on "fleeting expletives" or "fleeting nudity" are arbitrary and if they violate the First Amendment. A court had originally found the FCC's policies to be arbitrary and tossed them out. The Supreme Court, in a related but different case (focusing on the fleeting expletives), ruled extremely narrowly that the FCC was allowed to change its policies, but did not rule on the constitutionality of the policy itself. The Second Circuit appeals court then ruled that even if the rule change was allowed, it still violated the First Amendment. From that, the court then asked -- if such rules on fleeting expletives are not allowed -- does that also cover fleeting nudity -- but that involved a separate case involving a scene of a bare rear end on NYPD Blue. But, of course, the Janet Jackson case, in the Third Circuit, also is relevant here as well. Which brings us mostly up-to-date, other than the latest news in the Janet Jackson case, which is that the FCC is now trying to claim that broadcasters give up some of their First Amendment rights when they get a government license to broadcast over public airwaves. This seems like a huge stretch as a legal interpretation, which would have serious implications for anyone using public airwaves. I don't recall the First Amendment saying "Congress shall make no law... except if it involves public airwaves." Either way, as the article linked above notes, this will all be going back to the Supreme Court eventually. From rforno at infowarrior.org Thu Dec 30 09:08:46 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 30 Dec 2010 10:08:46 -0500 Subject: [Infowarrior] - Internet groups fear UN could threaten cyberspace Message-ID: <82C1C5EF-9828-4309-A0FC-7BB7EA11FB0A@infowarrior.org> Internet groups fear UN could threaten cyberspace http://toronto.ctv.ca/servlet/an/local/CTVNews/20101228/un-governments-future-of-the-internet-101230/20101230/?hub=TorontoNewHome Updated: Thu Dec. 30 2010 7:13:09 AM Ian Munroe, CTV.ca News Officials from 18 countries held an impromptu, late-night meeting earlier this month at the United Nations office in Geneva, and made a decision that rattled Internet technocrats around the world. Autocratic governments like China and Iran attended the meeting, as did several democratic ones. Despite protests by Portugal and the United States, they voted to staff a working group on the future of the Internet Governance Forum -- an important theatre of discussion on matters of cyberspace -- by governments alone. The seemingly arcane move reverberated through a community of technical experts, academics and civil society groups who felt they had been unfairly excluded. Fourteen technical organizations that help oversee how cyberspace runs wrote an open letter asking the UN Commission on Science and Technology for Development (UNCSTD) to reverse its decision. Meanwhile the Internet Society, an umbrella group that helps manage technical standards online, posted a petition to its website in protest. "A significant fuss has been kicked up about it," said Byron Holland, president and CEO of the Canadian Internet Registration Authority, which manages the .ca domain. Even Google waded into the fray. Vint Cerf, a vice-president at the online behemoth and one of the pioneers of the Internet, added his name to the petition, alongside 2,600 others. He also attacked the UN decision in a Dec. 17 blog post on Google's website. "We don't believe governments should be allowed to grant themselves a monopoly on Internet governance," Cerf wrote. "The current bottoms-up, open approach works -- protecting users from vested interests and enabling rapid innovation. Let's fight to keep it that way." Eleven days later the UNCSTD buckled under the pressure, according to the Internet Society, and agreed to include up to 20 non-governmental groups. The episode underscored what has become an uneasy relationship between organizations that have helped gently steer the Internet since its infancy, and UN bodies that came to focus on Internet governance during the 2000s as cyberspace continued to unfurl across the brick-and-mortar world. "The root of the debate here is a philosophical difference between how you approach the future governance of the Internet," Holland told CTV.ca by phone. "Everything that goes forward from that will have a very different tone or direction." Technocrats like Holland have also been hinting at a specific threat: that the UN could become a forum where authoritarian governments who are riled by the free flow of information work to put the breaks on its superhighway. Cyber peace treaty A second UN body -- the International Telecommunications Union (ITU), which manages the world's radio frequencies and orbiting satellites -- has been debating who should govern the Internet for years. Its secretary general, Hamadoun Toure, would like to spearhead the creation of a "cyber peace treaty" to prevent the Internet from becoming another domain in which countries wage war against one another, as they do by air or at sea. "Cyber threats can reach critical infrastructure of any country, the nerve centre of any nation," Toure said by phone from Geneva. "A sophisticated attack can bring even the most powerful nation to its knees." There have been several recent examples of such events. During a dispute with Russia in 2007, Estonia was hit by widespread cyber attacks that knocked out bank, newspaper and government websites. Similar denial-of-service attacks struck Georgian media and government websites a year later as Russian tanks rolled into South Ossetia. Then last July, the discovery of the Stuxnet worm led to speculation that a foreign government was trying use malicious software to cripple Iran's nuclear program. But there are a number of hurdles to creating an international agreement that would discourage such attacks. One is who would forge it. "If we were to have a roundtable on this, you would see not only governments around it. Are we mentally prepared for that, to have around the same table private sector, civil society, consumer groups and governments?" Toure said. "That is what it will take for meeting the challenges of a cyber peace treaty." Risky business Critics of Toure's proposal worry that non-governmental groups would not be given an equal seat at the table, and point to the ITU's plenipotentiary conference in October. There, delegates discussed a Russian proposal to take over managing Internet domain names. Currently that task falls to the Internet Corporation for Assigned Names and Numbers, a private organization whose president and CEO was barred from attending the meeting. Others say the ITU's government-to-government approach is too slow and clunky to manage something as fast-moving as the Internet, or that it could pave the way for less open regimes to introduce new online controls. "We have to be careful about what institutions take the lead," said Ron Deibert, director of the Citizen Lab and the Canada Centre for Global Security Studies at the University of Toronto. "The Chinas, the Irans, the Saudi Arabias of the world want to impose a territorial vision of control over cyberspace -- and if the ITU got its wishes, that's essentially what would happen." In future, the debate over who should govern the Internet would do well to bare in mind its success stories like Google and Facebook, said Olaf Kolkman, director of NLnet Labs and chair of the Internet Architecture Board. If the ease of accessing an unfettered online world helped those billion-dollar corporations evolve from tiny start-ups in garages or university dorm rooms, he suggested, then closing off the Web could lead to stagnation. It might also wall off opportunities for everyone who has yet to set foot in cyberspace. "If we can preserve the spirit of openness moving forward," Kolkman wrote in an email, "we will see much of the innovation coming from developing countries, and the billions of people who have yet to come online but who will change the shape of the Internet when they do." From rforno at infowarrior.org Thu Dec 30 22:17:03 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 30 Dec 2010 23:17:03 -0500 Subject: [Infowarrior] - State Dept: Epic Fail in Infosec Message-ID: Finally something useful appears in the MSM about the Wikileaks situation....now if only the Powers That Be will learn from it. -- rick WikiLeaks cable dump reveals flaws of State Department's information-sharing tool By Joby Warrick Washington Post Staff Writer Thursday, December 30, 2010; 10:42 PM http://www.washingtonpost.com/wp-dyn/content/article/2010/12/30/AR2010123004962_pf.html Before the infamous leak, the 250,000 State Department cables acquired by anti-secrecy activists resided in a database so obscure that few diplomats had heard of it. It had a bureaucratic name, Net-Centric Diplomacy, and served an important mission: the rapid sharing of information that could help uncover threats against the United States. But like many bureaucratic inventions, it expanded beyond what its creators had imagined. It also contained risks that no one foresaw. Millions of people around the world now know that the State Department's secret cables became the property of WikiLeaks. But only recently have investigators understood the critical role played by Net-Centric Diplomacy, a computer initiative that became the conduit for what was perhaps the biggest heist of sensitive U.S. government documents in modern times. Partly because of its design but also because of confusion among its users, the database became an inadvertent repository for a vast array of State Department cables, including records of the U.S. government's most sensitive discussions with foreign leaders and diplomats. Unfortunately for the department, the system lacked features to detect the unauthorized downloading by Pentagon employees and others of massive amounts of data, according to State Department officials and information-security experts. The result was a disastrous setback for U.S. diplomatic efforts around the globe. "This was as bad as it gets," said Patrick F. Kennedy, undersecretary of state for management, referring to the diplomatic fallout. "We had, over the course of many years, built up a huge amount of faith and trust. That's ruptured now, all over the world." U.S. officials and security analysts describe the leak as a cautionary tale, one that underscores flaws in security for secret government data while also exposing a downside to the U.S. government's enthusiastic embrace of information-sharing in the months after the Sept. 11, 2001, terrorist attacks. Investigations into the attacks concluded that government agencies had failed to share critical information that could have helped uncover the Sept. 11 plot. Because of that lapse, Congress tasked the Office of the Director of National Intelligence with pressuring key government agencies - including the Pentagon, the Homeland Security Department and the State Department - to find ways to rapidly share information that could be relevant to possible terrorist plots and other threats. The State Department, with its hundreds of diplomatic posts worldwide, was already making tens of thousands of classified cables available to intelligence and military officials with secret security clearances. But in 2005, the DNI and the Defense Department agreed to pay for a new State Department computer database that could allow the agency's cables to flow more easily to other users throughout the federal government. "It was consistent with the concept of needing to share information after September 11th," said State Department spokesman P.J. Crowley. "We were asked to do it, and the Pentagon paid for it." Plagued by user errors Net-Centric Diplomacy was launched in 2006 and tied into a giant Defense Department system known as the Secret Internet Protocol Router Network, or SIPRnet. Soon, nearly half a million government employees and contractors with security clearances could tap into the diplomatic cables from computer terminals around the globe. The State Department's new database quickly garnered praise as a model of interagency collaboration. The database was named a finalist for an Excellence in Government award in 2006. The following year, then-Director of National Intelligence John D. Negroponte, whose agency led the push for information-sharing, congratulated State Department officials for making their secret cables "available in a timely, user-friendly way." "The State Department's commitment shows the way for other agencies," Negroponte wrote in a Jan. 29, 2007, letter to then-Secretary of State Condoleezza Rice. The flaws did not become apparent until much later. One of biggest problems: Sensitive cables were often dumped willy-nilly into the database regardless of whether they belonged there, according to two department officials familiar with the internal procedures for data storage. Thousands of cables and other documents pass through Foggy Bottom daily, and to ensure that they are routed properly, each is assigned a code or codes, similar to a Zip code. One such six-letter code - SIPDIS - flags a computer to route the document to the Net-Centric database, allowing it to be viewed by intelligence officers and military personnel worldwide. In practice, embassy employees added the code word SIPDIS by rote, often without fully understanding what it meant, said one of the department officials, who spoke on the condition of anonymity because he was not authorized to discuss the subject. "It wasn't clear what was to be shared or not shared," the official said. "So you end up with a cable in the database that contains embarrassing stuff about [German Prime Minister Angela] Merkel. Is that the kind of stuff that a war fighter really needs to see?" Limited oversight A few State Department officials expressed early concerns about unauthorized access to the database, but these worries mostly involved threats to individual privacy, department officials said. In practice, agency officials relied on the end-users of the data - mostly military and intelligence personnel - to guard against abuse. The department was not equipped to assign individual passwords or perform independent scrutiny over the hundreds of thousands of users authorized by the Pentagon to use the database, said Kennedy, the undersecretary of state. "It is the responsibility of the receiving agency to ensure that the information is handled, stored and processed in accordance with U.S. government procedures," he said. To prevent illegal intrusion, the State Department has long maintained safeguards that make it difficult for an individual to download sensitive information onto a portable device such as a flash drive or compact disc. But Kennedy acknowledged that the department had no means of overseeing practices by other agencies using its data. U.S. investigators suspect that Bradley Manning, an Army private stationed in the Persian Gulf, downloaded the 250,000 State Department cables to compact discs from a computer terminal in Kuwait. He then allegedly provided the files to WikiLeaks, which shared them with newspapers and posted hundreds of them online. In the wake of the leak, State Department officials cut off outside access to Net-Centric Diplomacy pending a review. Some secret documents are still being made available to other agencies through a different network designed to handle highly classified data, Kennedy said. Although it is perhaps small comfort, the disclosures could have been worse. In May, the Obama administration's top intelligence officer asked the State Department to expand the amount of material available to other agencies through Net-Centric Diplomacy. In a letter to Secretary of State Hillary Rodham Clinton, then-Director of National Intelligence Dennis C. Blair urged that the database include not only cables but also e-mails between State Department officials. Such a move would "ensure that critical information will reach the necessary readers across the government," Blair wrote. Clinton refused. From rforno at infowarrior.org Thu Dec 30 22:21:51 2010 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 30 Dec 2010 23:21:51 -0500 Subject: [Infowarrior] - As frustration grows, airports consider ditching TSA Message-ID: <7FE0EC40-1929-4BB1-A1D5-06675D862C83@infowarrior.org> As frustration grows, airports consider ditching TSA By Derek Kravitz Washington Post Staff Writer Thursday, December 30, 2010; 10:04 PM http://www.washingtonpost.com/wp-dyn/content/article/2010/12/30/AR2010123005225_pf.html Every spring, private security officers at San Francisco International Airport compete in a workplace "March Madness"-style tournament for cash prizes, some as high as $1,500. The games: finding illegal items and explosives in carry-on bags; successfully picking locks on difficult-to-open luggage; and spotting a would-be terrorist (in this case Covenant Aviation Security's president, Gerald L. Berry) on security videos. "The bonuses are pretty handsome," Berry said. "We have to be good - equal or better than the feds. So we work at it, and we incentivize." Some of the nation's biggest airports are responding to recent public outrage over security screening by weighing whether they should hire private firms such as Covenant to replace the Transportation Security Administration. Sixteen airports, including San Francisco and Kansas City International Airport, have made the switch since 2002. One Orlando airport has approved the change but needs to select a contractor, and several others are seriously considering it. The Metropolitan Washington Airports Authority, which governs Dulles International and Reagan National airports, is studying the option, spokeswoman Tara Hamilton said. For airports, the change isn't about money. At issue, airport managers and security experts say, is the unwieldy size and bureaucracy of the federal aviation security system. Private firms may be able to do the job more efficiently and with a personal touch, they argue. Airports that choose private screeners must submit the request to the TSA. There are no specific criteria for approval, but federal officials can decide whether to grant the request "based on the airport's record of compliance on security regulations and requirements." The TSA pays for the cost of the screening and has the final say on which company gets the contract. Rep. John L. Mica (R-Fla.), the incoming chairman of the House Transportation and Infrastructure Committee, has written to 200 of the nation's largest airports, urging them to consider switching to private companies. The TSA was "never intended to be an army of 67,000 employees," he said. "If you look at [the TSA's] performance, have they ever stopped a terrorist? Anyone can get through," Mica said in an interview. "We've been very lucky, very fortunate. TSA should focus on its mission: setting up the protocol, adapting to the changing threats and gathering intelligence." The debate The differences between private firms' employees and federal workers are often imperceptible to the everyday traveler. Covenant security details use different badges and insignia and have higher pay for new employees. Procedures in airport security lines do not change. Thirty private firms are contracted by the TSA to potentially work as screeners, and their employees are required by federal law to undergo the same training, use the same pat-down techniques and operate the same equipment - such as full-body scanners - that the TSA does. With a reduced role, the TSA could become more of a regulatory agency, leaving much of the daily work on the ground to for-profit companies. But federal officials say the expertise and training offered at the 457 TSA-regulated airports are unparalleled. "U.S. aviation security technology and procedures are driven by the latest intelligence and give us the best chance to detect and disrupt any potential threat, given the tools currently available," TSA spokesman Nicholas Kimball said. It's unclear whether private screeners cost the TSA more. One independent report found that private security contracts were 9 to 17 percent higher than the TSA's costs. Mica says the difference is "concocted." The TSA also offers performance-based incentives. Employees who reach the highest performance rating can get a pay raise and a $2,500 bonus. Many security and airline industry officials say the switch to a network of privately run screeners could hinder much of the government's progress since the Sept. 11, 2001, terrorist attacks. Robert W. Mann, an industry analyst and former airline executive based in New York, said airports who are considering a switch to private screeners are simply responding to "consumer outrage." Mann says a a better solution is tougher regulations and training for federal security officers. "We can't go back to the late '90s when private screeners had McDonald's-level wages and attention spans to match," Mann said. "A uniform, tough government system makes a lot of sense." The American Federation of Government Employees, the labor union for TSA employees, has questioned the privatization of airport security as well, calling it an ineffective "patchwork quilt." Passenger-rights groups' opinions are mixed. Weary of big business but locked in a long-running fight over federal security methods, many travelers say they would like to see far-reaching government reforms and a limited amount of privatization. "The private security is pretty good and rigid," said Kate Hanni, who runs Flyers Rights out of Napa, Calif., which counts more than 30,000 members. "But as long as the scanners and pat-downs are in place, the experience is going to be the same." Hanni said trade groups, nonprofit organizations, airports and federal officials are working to "get on the good side of Mica" as he becomes chairman of the House transportation committee. But what the debate over private-vs.-government security most clearly shows is TSA's customer-service issues, said Paul Light, a professor of public service at New York University who has followed the TSA since it was created in 2001. In its early days, the TSA consulted Marriott International, the Walt Disney Co. and Intel on ways to speed people through checkpoints and make fliers happy. "TSA forgot about customer service," Light said. "The early executives were worried about smiley faces, wait times. They've lost sight of that." Advocates Convenant, based in Mica's home district in northeastern coastal Florida, has airport screening contracts in Sioux Falls, S.D., Tupelo, Miss., and seven small airports in northern and eastern Montana. Its deal at San Francisco International is by far its largest. Covenant employs nearly 1,100 people in the bay area, who make up nearly all of its 1,150 workers. The last four-year contract, from 2006 to 2010, totaled $314 million. A new contract has been put out for competitive bids. Meanwhile, Covenant is operating on a two-month contract ending in February. San Francisco airport officials say that they are happy with the Covenant contract and that "by allowing Covenant to worry about staffing, TSA can focus on the security," airport spokesman Michael C. McCarron said. Berry, Covenant's president and a former Marine colonel who served two tours flying helicopters in Vietnam, has become the face of the private security movement, extolling the virtues of private business in fostering better and safer environments on television news programs and before congressional panels. "We're smaller, we can react much quicker to things and I think a lot of airports want to be more customer service-oriented," he said. "There's a reason not one of the 16 airports that have opted out have gone back to TSA." Few government or third-party reports have been produced in the past eight years that compare the performance of private companies with that of the government in airport security. The lone outside study, commissioned by the TSA and written by an Arlington County information technology firm, compared a dozen airports and looked at data from 2004 through 2007. It found that private screeners perform at a level "equal to or better" than their government counterparts. The full study's findings have never been released. Orlando's two commercial airports, Orlando International and Orlando Sanford International, were bringing in Covenant and FirstLine last month for presentations on taking over airport security. Orlando Sanford approved the change to privatization in October, before the uproar over the TSA's screening methods even began. Orlando Sanford President Larry Dale said private screening would be "more enjoyable" for the traveling public and potentially spur business. "This country was built on competition, on private investment," Dale said, "and I've gotten a lot of complaints from passengers about the new screening. We're a business after all, and we have to look out for our customers." Other airports, including Oklahoma City's Will Rogers World Airport and Indianapolis International Airport, have said publicly they are studying whether a change would improve their bottom line. The Kansas City airport, which was one of the first tochoose a private security operator, said the biggest difference in using private screeners is the ability to get security issues resolved quickly. "Unlike a government job, these contract employees can be removed immediately with poor performance, attitude or unsuitability," said Kansas City airport director Mark VanLoh. "It shows in our passenger surveys for customer satisfaction each year." From rforno at infowarrior.org Fri Dec 31 07:45:40 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Dec 2010 08:45:40 -0500 Subject: [Infowarrior] - EU Approves Universal Smartphone Charger Standard Message-ID: <2D45D13C-D487-458D-8E66-41BBBBF52184@infowarrior.org> EU Approves Universal Smartphone Charger Standard News by Bryan Chaffin | 3:35 PM, Dec. 30th, 2010 http://www.macobserver.com/tmo/article/eu_approves_universal_smartphone_charger_standard/ The European Union?s regulatory authorities at the European Commission announced Thursday the approval of a universal standard for smartphone chargers sold in Europe. The standard was developed with cooperation and backing from fourteen of the top handset manufacturers, including Nokia, Research In Motion, Apple and Samsung, according to the BBC. The intention of setting up a standard for smartphone chargers is to eliminate the need to have new chargers provided with each phone, and to make existing chargers interoperable. This will reduce e-waste, and could conceivably reduce costs to consumers. Failing that, it will increase profits for some corporate entity or another. The standard effectively resolves to the micro USB protocol ? that?s the tiniest of the USB ports that are most often found in digital cameras, some cell phones, and other small devices. This, of course, begs the question of how Apple will implement this standard on iPhone and other iOS devices. The company currently uses its ?Dock? connector, and has used that connector to help control who and what is licensed to make third party products that connect to Apple?s devices through its MFi licensing program. Apple controls the the technology and patents pertaining to its Dock, and thus it can control who uses it. If the company were to institute some open standard like micro USB all willy nilly, it could lose some of that control over licensing. That Apple signed off on the new standard, however, suggests that the company has a plan to meet this new charger standard while preserving data connection to its devices. For instance, adding a micro USB port for charging while limiting data pass-through (with or without ? but probably with, because requiring two cables to connect and charge is so inelegant and un-Stevelike ? charging capabilities) to its Dock connector would fit the bill nicely. Apple isn?t talking yet, but the European Commission said the first phones to adhere to the new standard will be appearing in early 2011. Apple?s next iPhone update is expected in the Summer, but the next iPad update is expected in late Spring. Should the company be planning to use the smartphone standard for all its devices to keep them interchangeable like they are today, Apple could begin the conversion process at any time. From rforno at infowarrior.org Fri Dec 31 14:30:26 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Dec 2010 15:30:26 -0500 Subject: [Infowarrior] - OT: Lake Superior State University 2011 List of Banished Words Message-ID: Amusing how many of these are Palinisms.....or "tea partyisms" ;) --- rick Lake Superior State University 2011 List of Banished Words http://www.lssu.edu/banished/current.php From rforno at infowarrior.org Fri Dec 31 14:32:48 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Dec 2010 15:32:48 -0500 Subject: [Infowarrior] - 1 Decade, 10 Technologies that Changed Our Lives Message-ID: 1 Decade, 10 Technologies that Changed Our Lives 12:30 PM - December 30, 2010 by Wolfgang Gruener - source: Tom's Hardware US http://www.tomshardware.com/news/10-technologies-that-changed-our-lives,11866.html#xtor=RSS-181 Here is our selection of technologies of the past 10 years that have made the biggest advances and changed our life. Feel free to jump in and add your favorites. If you were to live in the year 2000 now, which technology you are used to today would you miss the most? 10. Digital Camera In 2000, I was the proud owner of a $700, 2.2MP Kodak DC280 snapshot camera that came standard with a 20 MB Compact Flash memory card. The four AA batteries were good for about 30 pictures. For tradeshows I used the amazing $1000 Sony Mavica FD97 (2MP) with a 20x optical zoom, which stored 3 pictures on a standard floppy disk. True photo enthusiasts had to pay tens of thousands of dollars for a decent DSLR camera or relied on regular film cameras. Ten years later, the film camera is dead, we are well past 10 MP, and our cameras record high definition video and store hundreds of high-resolution pictures on small Flash cards. The first digital camera in a cellphone was first released in 2000 and has become a standard feature in virtually every phone and is available as front- and backward-facing versions in high-end phones. While it is likely that the picture quality delivered by cellphone cameras will never reach that of snapshot cameras, the quality is now good enough for small prints - which has turned those phones effectively into our daily snapshot digital and video camera. 9. Netflix Netflix was founded in 1997 as part of the dotcom boom and was largely invisible for the first few years of its existence. Back in 2000, we were still used to stop by a Blockbuster store, pick out movies from a shelf and pay huge fines if we forgot to bring that movie back in time. Netflix revolutionized that idea with DVDs-via-mail delivery, that gave you as many movies as you wanted to watch for a flat fee, which caught its rivals, mainly Blockbuster sleeping and by surprise. Ten years later, Blockbuster is in bankruptcy and Netflix is the first company that has made video streaming successful. Netflix now offers a library of more than 100,000 titles and has more than 10 million subscribers. Over the past years, Netflix has become synonymous with video rentals and changed the way we acquire content for our TVs. 8. Microprocessor The pace of processor evolution and the way we perceive the role of the processor has been truly breathtaking. Ten years ago, we were introduced to the gigahertz race between AMD and Intel, which AMD led initially with the demonstration of the first 1 GHz Athlon in late 1999 at ISSCC and the commercial introduction of a stable 1 GHz CPU in the first quarter of 2000. Intel struggled to keep the pace with its Pentium III initially, but accelerated the increase of the clock speed with the introduction of its Netburst architecture and Pentium 4 in late 2000. Intel's Pat Gelsinger predicted that we would be using 20 GHz processor in nuclear power plant-like environments by 2010. In 2005, however, the gigahertz died just before reaching 4 GHz because of current leakage and the enormous heat generation of the Pentium 4 processor. AMD, which had trouble following Intel in the gigahertz race and had not been able to match Intel's marketing message, changed its strategy in 2003 to a different processor architecture with integrated memory controllers as well as more efficient processors. Intel saw the end of the gigahertz race as well and began developing power-efficient processors in 2003 with the mobile Banias chip. Intel decided to transition to dual-core processors in 2005 with the 90 nm Smithfield core (Pentium 4 D 800 series) and was brought down to its knees especially by performance capability of the AMD Athlon X2 processor series. Intel struck back in mid-2006 with Core 2 Duo (Conroe core), which was based on the Banias foundation and Intel's first desktop processor that focused on power efficiency and cut the power consumption of its direct predecessor from 130 watts to 65 watts. The price war that Intel triggered with the Pentium 4 D (dual-core) processors caused heavy losses for AMD. The Core 2 Duo generation helped Intel to regain its dominance and margins, while AMD was unable to recover and was later split into a chip design and a manufacturing company. The processor may be somewhat boring today, the but the rivalry between AMD and Intel was amazing to witness over the past 10 years and brought an entirely different processor to our computers than what we use in 2000. 7. Facebook Maintaining your own homepage isn't exactly a new concept. Some may remember Geocities, which gave people an opportunity to own their own website. MySpace or Facebook follows the same basic idea, to give people around the world a presence on the Internet. However, Facebook was the among the first to recognize a need for simplicity, organization and communication. Founded in 2004, more than 550 million people now use the network to communicate with friends and colleagues, share images and videos and play games. Next to Google and Email, it has become the most important reason to be on the Internet for many people among us. 6. iPod I did not think much of this white MP3 player Steve Jobs pulled out of his pocket pants in 2001 and predicted it would change the way we listen to music. It was just another music player, albeit a nice one, that was, however, rather expensive. Alright, so Apple had its own MP3 player. So what? We know better today. Apple sold more than 260 million units so far and holds about 70% of the market. The iPod has become synonymous with the word 'MP3 player' and lives through the iTunes ecosystem that has changed the way we acquire music. You may have downloaded music illegally from Napster in 2000, but most of us may purchase their music now through iTunes. 5. PS2 If there was one game console that defined the way we are playing video games today, then it is Sony's PS2. The iconic device has sold almost 150 million units to date. Despite the arrival of the PS3 in late 2006, the PS2 remained a popular (and affordable) gaming console to date and is actually still in use in our household today. 4. Wi-Fi If you were traveling in 2000, you were lucky to find a hotel with available Internet access, for which it charged nosebleed prices. You used a telephone cable you brought along and used 56K dial-up access, possibly AOL. In many cases you had to program the dial-in procedure of your modem in order to obtain optimal connectivity. If you ask our kids today, they that wireless access for granted and you see strange faces when you are using Ethernet cables for Internet connectivity. We have come a long way, from Intel's first Wi-Fi kit the company sold in 2001 on a limited basis for a staggering $1300 (one router, two Wi-Fi cards). Wi-Fi is standard in virtually all computing devices today, it is included in many set-top boxes, in game consoles, and in TVs. 3. Notebooks Wi-Fi, of course, brings up the notebook as the computer device of choice. Mobile Internet detached the computer and turned the notebook into a more popular computer than the traditional desktop PC. Today, notebooks deliver vastly more processing and graphics horsepower in relation to the desktop computer, offer a wide variety of screen sizes from 10 to 17 inches at prices that range from about $200 to more than $4000. There are no signs that the traditional notebook form factor will fade away, even if we are now seeing tablets as complementing segment and evolutionary stage for the mainstream notebook. 2. Google There is no other company that I was so wrong about than Google. I interviewed Sergey Brin in early 2000 in his messy office with empty soup bowls and an overstuffed trash bin. Back then, web portals were the way to go and Yahoo, Excite and Lycos showed the way. We believed banner advertising would be the only way to earn money on the web. Then Google pitched text-based contextual advertising. I had my doubts about Google's chances to stick around. By 2003, we already knew that Google was the best search engine around, but the company was still in its infancy and companies such as Microsoft did not take Google serious. Today, Google is on its way to be the next Microsoft with search and advertising at its core, a mobile operating system that is leading the world market and a software services ecosystem that may be leading the way into cloud computing for the consumer. 1. Cell phone If we are honest, the cell phone of 2000 was a very rough device that was trying to find its direction. It was a voice device and, here in the U.S. we did not even use SMS as a communication service. Back then, I remember that I subscribed to a Sprint WAP data service with traffic reports for $50 per month. It took us some time to catch up with the data usage models that came out of Europe and Asia, but we eventually got the message and now quickly adopt a new generation of smartphones that are predicted to replace entry-level notebooks in many scenarios. Many of us may already be using a phone as their main email and communication device as well as the basic Internet and entertainment device on the road. I often have to think back to an interview with a Sun executive in 2000, when I was told that the cell phone would assume many more function and not just the feature of a traveller's alarm clock. He was right: It is now our MP3 player, a mobile video player, a digital camera, a video camera, a mobile game console, an Internet device, as well as a universal communication device. I may have been able to live without my cell phone in 2000 for a few days, but it has become essential to my communication needs today. It is the one device I would not want to miss anymore. From rforno at infowarrior.org Fri Dec 31 14:36:04 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Dec 2010 15:36:04 -0500 Subject: [Infowarrior] - 'Rosie the Riveter' from WWII poster dies Message-ID: <02D0330F-7992-4580-AAE0-CA46819630B2@infowarrior.org> 'Rosie the Riveter' from WWII poster dies Posted 35m ago | Comment | Recommend E-mail | Save | Print | http://www.usatoday.com/money/industries/manufacturing/2010-12-31-rosie-the-riveter_N.htm LANSING, Mich. (AP) ? When a photographer snapped Geraldine Doyle's picture in an Ann Arbor factory during World War II, the 17-year-old had no idea she would inspire others to contribute to the country's war effort. Doyle said it took more than 40 years for her to learn that her image from that photo was placed on the illustrated "We Can Do It!" poster urging women to take on jobs traditionally held by the men fighting battles in Europe and the Pacific. Doyle died Sunday in Lansing at age 86. A memorial service is scheduled for Jan. 8. "She was definitely one of the Rosies," said Sandy Soifer, executive director of the Michigan Women's Historical Center and Hall of Fame, in referring to the fictional "Rosie the Riveter." That was the name given to women working in plants during WWII. The image of the headscarf-wearing woman with the flexed bicep beneath a rolled-up shirt sleeve helped prompt scores of daughters, sisters and mothers to trade in the tools of housework for those of manufacturing and take jobs in plants across Michigan and the country. "It's our belief that she is the model for the drawing that is most commonly used in the posters and on the products," added Soifer. Doyle told the Lansing State Journal in 2002 that she didn't realize the illustrated face on the poster commissioned by the U.S. War Production Coordinating Committee was her own until 1984, when she saw a reproduction of it in Modern Maturity magazine. "It was great for her when she finally learned about it," Doyle's daughter, Stephanie Gregg of Eaton Rapids, told the Associated Press. Gregg, 65, said her mother was "very glamorous" as a young woman. The forgotten photo was taken in 1942 at a metal pressing plant about 33 miles southwest of Detroit. "There were other Rosies. She said she was the model for that poster," said Gladys Beckwith, former director of the Michigan Women's Historical Center and Hall of Fame. The poster was "symbolic of an active woman who was taking an active part in the war effort, and it was empowering for a woman to see that," Beckwith said. "Rosie the Riveter" was the title of a popular 1940s song. Like the woman in the "We Can Do It!" poster, a woman holding a rivet gun in a Norman Rockwell painting was called "Rosie the Riveter." Doyle herself didn't spend much time at the factory, her daughter said. She found other work after learning that her predecessor had hurt her hand on the job. "My mother played the cello" and didn't want to put her musical ability at risk, Gregg said. Copyright 2010 The Associated Press. All rights res From rforno at infowarrior.org Fri Dec 31 14:37:26 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Dec 2010 15:37:26 -0500 Subject: [Infowarrior] - FBI in hunt for pro-WikiLeaks hackers: report Message-ID: <78A66081-5D52-441B-A442-3BD202DBB155@infowarrior.org> FBI in hunt for pro-WikiLeaks hackers: report (AFP) ? 45 minutes ago http://www.google.com/hostednews/afp/article/ALeqM5jvBh43hRP1Fc-fmZYMbMWdvDHXBA WASHINGTON ? The FBI has joined the hunt for hackers who took down websites like PayPal, after they stopped processing payments to whistle-blowing website WikiLeaks, US media reports said Friday. The Smoking Gun website published five pages of an FBI affidavit, detailing an operation that took US federal investigators to Europe, Canada and back to the United States as they hunted down the "Internet activists" who launched attacks "against perceived corporate enemies of WikiLeaks." The attacks earlier this month targeted firms including electronic payments site PayPal, and Visa and Mastercard credit cards, which had suspended or frozen WikiLeaks?s accounts after the whistle-blowing website published thousands of sensitive Department of State cables. In mid-December, the FBI traced Internet protocol addresses for the hackers to Canada and then back to California where a virtual server that was assigned one of the IP addresses used to launch the attacks was housed. At around the same time, a separate investigation into the pro-WikiLeaks attacks by Germany's Federal Criminal Police (BKA) found that other commands to launch denial of service attacks on PayPal had come from an IP address assigned to a Texas-based company that hosts servers. The FBI raided the Texas firm on December 16, according to the Smoking Gun, which uses Freedom of Information requests to obtain material from government and law enforcement sources. During the Texas server-farm raid, FBI agents reportedly copied two hard drives inside a server, but "court records do not detail what was found on those drives, nor whether the information led to a suspect or, perhaps, a continuing electronic trail," the Smoking Gun says. The FBI probes are ongoing, and are being coordinated from field offices in California. FBI agents were not immediately available for comment. From rforno at infowarrior.org Fri Dec 31 14:47:21 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Dec 2010 15:47:21 -0500 Subject: [Infowarrior] - 2011: Investing in a Structurally Unbalanced World Message-ID: <78B44843-64C7-4357-8E81-0C2BC9CBB501@infowarrior.org> Investing in a Structurally Unbalanced World http://www.ritholtz.com/blog/2010/12/investing-in-a-structurally-unbalanced-world/ Peter T Treadway, PhD Historical Analytics LLC www.thedismaloptimist.com pttreadway-at-hotmail.com MACRO/INVESTMENT THEMES FOR 2011 From rforno at infowarrior.org Fri Dec 31 20:51:07 2010 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 31 Dec 2010 21:51:07 -0500 Subject: [Infowarrior] - =?windows-1252?q?Giving_Alzheimer=92s_Patients_Th?= =?windows-1252?q?eir_Way=2C_Even_Chocolate?= Message-ID: <2B40540E-1F47-421E-B75E-886DBFF7EEA3@infowarrior.org> December 31, 2010 Giving Alzheimer?s Patients Their Way, Even Chocolate By PAM BELLUCK http://www.nytimes.com/2011/01/01/health/01care.html PHOENIX ? Margaret Nance was, to put it mildly, a difficult case. Agitated, combative, often reluctant to eat, she would hit staff members and fellow residents at nursing homes, several of which kicked her out. But when Beatitudes nursing home agreed to an urgent plea to accept her, all that changed. Disregarding typical nursing-home rules, Beatitudes allowed Ms. Nance, 96 and afflicted with Alzheimer?s, to sleep, be bathed and dine whenever she wanted, even at 2 a.m. She could eat anything, too, no matter how unhealthy, including unlimited chocolate. And she was given a baby doll, a move that seemed so jarring that a supervisor initially objected until she saw how calm Ms. Nance became when she rocked, caressed and fed her ?baby,? often agreeing to eat herself after the doll ?ate? several spoonfuls. Dementia patients at Beatitudes are allowed practically anything that brings comfort, even an alcoholic ?nip at night,? said Tena Alonzo, director of research. ?Whatever your vice is, we?re your folks,? she said. Once, Ms. Alonzo said: ?The state tried to cite us for having chocolate on the nursing chart. They were like, ?It?s not a medication.? Yes, it is. It?s better than Xanax.? It is an unusual posture for a nursing home, but Beatitudes is actually following some of the latest science. Research suggests that creating positive emotional experiences for Alzheimer?s patients diminishes distress and behavior problems. In fact, science is weighing in on many aspects of taking care of dementia patients, applying evidence-based research to what used to be considered subjective and ad hoc. With virtually no effective medical treatment for Alzheimer?s yet, most dementia therapy is the caregiving performed by families and nursing homes. Some 11 million people care for Alzheimer?s-afflicted relatives at home. In nursing homes, two-thirds of residents have some dementia. Caregiving is considered so crucial that several federal and state agencies, including the Department of Veterans Affairs, are adopting research-tested programs to support and train caregivers. This month, the Senate Special Committee on Aging held a forum about Alzheimer?s caregiving. ?There?s actually better evidence and more significant results in caregiver interventions than there is in anything to treat this disease so far,? said Lisa P. Gwyther, education director for the Bryan Alzheimer?s Disease Research Center at Duke University. The National Institute on Aging and the Administration on Aging are now financing caregiving studies on ?things that just kind of make the life of an Alzheimer?s patient and his or her caregiver less burdensome,? said Sidney M. Stahl, chief of the Individual Behavioral Processes branch of the Institute on Aging. ?At least initially, these seem to be good nonpharmacological techniques.? Techniques include using food, scheduling, art, music and exercise to generate positive emotions; engaging patients in activities that salvage fragments of their skills; and helping caregivers be more accepting and competent. Changing the Mood Some efforts involve stopping anti-anxiety or antipsychotic drugs, used to quell hallucinations or aggression, but potentially harmful to dementia patients, who can be especially sensitive to side effects. Instead, some experts recommend primarily giving drugs for pain or depression, addressing what might be making patients unhappy. Others recommend making cosmetic changes to rooms and buildings to affect behavior or mood. A study in The Journal of the American Medical Association found that brightening lights in dementia facilities decreased depression, cognitive deterioration and loss of functional abilities. Increased light bolsters circadian rhythms and helps patients see better so they can be more active, said Elizabeth C. Brawley, a dementia care design expert not involved in the study, adding, ?If I could change one thing in these places it would be the lighting.? Several German nursing homes have fake bus stops outside to keep patients from wandering; they wait for nonexistent buses until they forget where they wanted to go, or agree to come inside. And Beatitudes installed a rectangle of black carpet in front of the dementia unit?s fourth-floor elevators because residents appear to interpret it as a cliff or hole, no longer darting into elevators and wandering away. ?They?ll walk right along the edge but don?t want to step in the black,? said Ms. Alonzo, who finds it less unsettling than methods some facilities use, bracelets that trigger alarms when residents exit. ?People with dementia have visual-spatial problems. We?ve actually had some people so wary of it that when we have to get them on the elevator to take them somewhere, we put down a white towel or something to cover it up.? When elevator doors open, Beatitudes staff members stand casually in front, distracting residents with ?over-the-top? hellos, she said: ?We look like Cheshire cats,? but ?who?s going to want to get on the elevator when here?s this lovely smiling person greeting you? It gets through to the emotional brain.? New research suggests emotion persists after cognition deteriorates. In a University of Iowa study, people with brain damage producing Alzheimer?s-like amnesia viewed film clips evoking tears and sadness (?Sophie?s Choice,? ?Steel Magnolias?), or laughter and happiness (Bill Cosby, ?America?s Funniest Home Videos?). Six minutes later, participants had trouble recalling the clips. But 30 minutes later, emotion evaluations showed they still felt sad or happy, often more than participants with normal memories. The more memory-impaired patients retained stronger emotions. Justin Feinstein, the lead author, an advanced neuropsychology doctoral student, said the results, being studied with Alzheimer?s patients at Iowa and Harvard, suggest behavioral problems could stem from sadness or anxiety that patients cannot explain. ?Because you don?t have a memory, there?s this general free-floating state of distress and you can?t really figure out why,? Mr. Feinstein said. Similarly, happy emotions, even from socializing with patients, ?could linger well beyond the memories that actually caused them.? One program for dementia patients cared for by relatives at home creates specific activities related to something they once enjoyed: arranging flowers, filling photo albums, snapping beans. ?A gentleman who loved fishing could still set up a tackle box, so we gave him a plastic tackle box? to set up every day, said the program?s developer, Laura N. Gitlin, a sociologist at Thomas Jefferson University in Philadelphia and newly appointed director of the Center on Aging and Health at Johns Hopkins University. After four months, patients seemed happier and more active, and showed fewer behavior problems, especially repetitive questioning and shadowing, following caregivers around. And that gave caregivers breaks, important because studies suggest that ?what?s good for the caregiver is good for the patient,? Professor Gwyther said. Aiding the Caregiver In fact, reducing caregiver stress is considered significant enough in dementia care that federal and state health agencies are adopting programs giving caregivers education and emotional support. One, led by Mary S. Mittelman, a New York University dementia expert, found that when people who cared for demented spouses were given six counseling sessions as well as counselors whom they could call in a crisis, it helped them handle caregiving better and delayed by 18 months placing patients in nursing homes. ?The patient did not have fewer symptoms,? Dr. Mittelman said. ?It was the caregiver?s reaction that changed.? The Veterans Affairs Department is adopting another program, Resources for Enhancing Alzheimer?s Caregiver Health, providing 12 counseling sessions and 5 telephone support group sessions. Studies showed that these measures reduced hospital visits and helped family caregivers manage dementia behaviors. ?Investing in caregiver services and support is very worthwhile,? saving money and letting patients remain home, said Deborah Amdur, chief consultant for care management and social work at the Veterans Affairs Department. Beatitudes, which takes about 30 moderate to severe dementia sufferers, introduced its program 12 years ago, focusing on individualized care. ?In the old days,? Ms. Alonzo said, ?we would find out more about somebody from their obituary than we did when they were alive.? The dementia floor was named Vermillion Cliffs, after colorfully layered rock formations formed by centuries of erosion, implying that, ?although weathered, although tested by dementia, people are beautiful? and ?have certain strengths,? said Peggy Mullan, the president of Beatitudes. The facility itself is institutional-looking, dowdy and ?extremely outdated,? Ms. Mullan said. ?It?s ugly,? said Jan Dougherty, director of family and community services at Banner Alzheimer?s Institute in Phoenix. But ?they?re probably doing some of the best work? and ?virtually have no sundowning,? she said, referring to agitated, delusional behavior common with Alzheimer?s, especially during afternoon and evening. Beatitudes eliminated anything potentially considered restraining, from deep-seated wheelchairs that hinder standing up to bedrails (some beds are lowered and protected by mats). It drastically reduced antipsychotics and medications considered primarily for ?staff convenience,? focusing on relieving pain, Ms. Alonzo said. It encouraged keeping residents out of diapers if possible, taking them to the toilet to preserve feelings of independence. Some staff members resisted, Ms. Alonzo said, but now ?like it because it saves time? and difficult diaper changes. Family members like Nancy Mendelsohn, whose mother, Rose Taran, was kicked out of facilities for screaming and calling 911, appreciate it. ?The last place just put her in diapers, and she was not incontinent at all,? Ms. Mendelsohn said. Ms. Alonzo declined to pay workers more to adopt the additional skills or night work, saying, ?We want people to work here because it?s your bag.? Finding Favorite Things For behavior management, Beatitudes plumbs residents? biographies, soothing one woman, Ruth Ann Clapper, by dabbing on White Shoulders perfume, which her biographical survey indicated she had worn before becoming ill. Food became available constantly, a canny move, Ms. Dougherty said, because people with dementia might be ?too distracted? to eat during group mealtimes, and later ?be acting out when what they actually need is food.? Realizing that nutritious, low-salt, low-fat, doctor-recommended foods might actually discourage people from eating, Ms. Alonzo began carrying chocolate in her pocket. ?For God?s sake,? Ms. Mullan said, ?if you like bacon, you can have bacon here.? Comforting food improves behavior and mood because it ?sends messages they can still understand: ?it feels good, therefore I must be in a place where I?m loved,? ? Ms. Dougherty said. Now, when Maribeth Gallagher, Beatitudes? dementia program director, learns someone?s favorite foods, ?I?m going to pop that on your tongue, and you?re going to go ?yum,? ? she said. ?Isn?t that better than an injection?? Beatitudes also changed activity programming. Instead of group events like bingo, in which few residents could actually participate, staff members, including housekeepers, conduct one-on-one activities: block-building, coloring, simply conversing. State regulators initially objected, saying, ?Where?s your big group, and what you?re doing isn?t right and doesn?t follow regulations,? Ms. Alonzo said. Ms. Mullan said, ?I don?t think we ever got cited, but it was a huge fight to make sure we didn?t.? These days, hundreds of Arizona physicians, medical students, and staff members at other nursing homes have received Beatitudes? training, and several Illinois nursing homes are adopting it. The program, which received an award from an industry association, the American Association of Homes and Services for the Aging, also appears to save money. Arlene Washington?s family moved her to Beatitudes recently, pulling her from another nursing home because of what they considered inattentive and ?improper care,? said her husband, William. Mrs. Washington, 86, was heavily medicated, tube fed and unable to communicate, ?like she had no life in her,? said Sharon Hibbert, a friend. At Beatitudes, Dr. Gillian Hamilton, administrative medical director, said she found Mrs. Washington ?very sedated,? took her off antipsychotics, then gradually stopped using the feeding tube. Now Mrs. Washington eats so well she no longer needs the insulin she was receiving. During a recent visit, she was alert, even singing a hymn. That afternoon, Ms. Nance, in her wheelchair, happily held her baby doll, which she named Benjamin, and commented about raising her sons decades ago. Ms. Alonzo had at first considered the doll an ?undignified? and demeaning security blanket. But Ms. Gallagher explained that ?for a lot of people who are parents, what gives them joy is caring for children.? ?I was able,? Ms. Gallagher said, ?to find Margaret?s strength.? Ms. Gallagher said she learned when approaching Ms. Nance to ?look at her baby doll, and once I connect with the doll, I can look at her.? She squatted down, complimented Benjamin?s shoes, and said, ?You?re the best mom I know.? Ms. Nance nodded earnestly. ?It?s good to know,? Ms. Nance said, ?that somebody knows that you care.?