From rforno at infowarrior.org Mon Aug 1 07:21:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Aug 2011 08:21:46 -0400 Subject: [Infowarrior] - More on.... - Clarke: The coming cyber wars References: Message-ID: <92C24367-78A8-4213-A569-4D263FB0B3D3@infowarrior.org> Begin forwarded message: > From: Yiorgos > >> The coming cyber wars >> >> Obama?s cyber strategy is missing the strategy >> > > Richard, this is a highly misleading article, and this is spotted by > someone who lives abroad and is not a US citizen. Anyone who has even > bothered to read "Inside Cyberwarfare" by J. Carr has seen what the US > position on the matter is on chapter 4 which deals with the Law of > Armed Conflict and Cyber Warfare (and issues like: When we are under > cyber attack by a non-state actor residing at X, can we relaliate with > the use of kinetic force?). > > Since the term "cyber weapon" is void when it referes to anything else > than an actual operative, what would one expect to see? Of course the > US has cyber weapons. And so does Russia and China and ~120 countries. > Again chapter 10 from "Inside Cyberwarfare" deals with the military > doctrine in the cyber space and the book was written in 2009. There > stuff in there that we are now starting to see being deployed, > including Stuxnet (which was found around the same time as chapter 4 > was written by a military officer) and the methods used for the RSA > hack. > > So Clarke can rest assured: The US has cyber weapons of the finest calibre. > From rforno at infowarrior.org Mon Aug 1 08:32:24 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Aug 2011 09:32:24 -0400 Subject: [Infowarrior] - The Perils of Copy Protection Message-ID: Permanent Address: http://www.scientificamerican.com/article.cfm?id=the-perils-of-copy-protection The Perils of Copy Protection Tech companies handcuff our files to protect against digital pirates. The strategy isn't just annoying for customers?it could be hurting sales By David Pogue | Tuesday, July 26, 2011 | 13 Years ago Saturday Night Live featured a hilarious sketch?a talk show called Ruining It for Everyone. The guests were all people whose stupid, destructive acts wound up changing society forever, adding bureaucracy and rules and making life less convenient for the rest of the world. There was the guy who poisoned a Tylenol bottle, which led to the new world of tamper-proof seals; the woman who first drove off without paying for self-serve gas, triggering the era of having to prepay; and the guy who first befouled a restaurant bathroom, so now only paying customers are allowed to use them. They should have had the guy who first pirated music. He, after all, launched the modern age of copy protection?our current crazy world where the honest are penalized and the pirates go free. When the iTunes store opened, every song was copy-protected. You could play the tracks on a computer or an iPod?but not on your cell phone or on any non-Apple music player. Internet movies are also ridiculously protected. For example, once you rent a movie, you generally have 24 hours to finish watching it. That?s idiotic. What if it gets to be bedtime, and you want to finish the movie tomorrow night? Don?t these movie executives have children? And why 24 hours? Does it take 25 for a hacker to remove the copy protection? No, of course not. Nonpaying movie buffs don?t have to strip off the copy protection; they never even see it. They use BitTorrent and get their movies for free. Similarly, the proprietary e-book copy-protection schemes of Amazon, Sony and Barnes & Noble ensure that each company?s titles can?t be read on rivals? machines. It?s an attempt to stop book pirates, of course?but those people are off happily downloading their books from free piracy sites. The biggest problem is that all of this inconvenience is based on a gut feeling. In a world without copy protection, would the e-book, music and movie industries collapse? Instinct?or at least media company executives? instinct?certainly says so. But without some kind of test, nobody can say for sure. Actually there have been such tests?at least three of them. I make most of my income writing computer books. To my great distress, I discovered that they are widely available online as PDF files. But when I griped on my blog, my readers challenged the assumption that I was losing sales. ?First of all,? they said, ?you?re counting a lot of people who never would have bought the book in the first place. Those don?t represent lost sales. And you?re not counting the people who like the PDF so much, they go buy the print edition or discover from the PDF sample that they like your writing.? One reader challenged me to a test: make one book available both on paper and as an unprotected PDF file. Report the effect of sales after one year. I did that. The results were clear: Piracy was rampant. The book was everywhere online. But weirdly, my readers were also proved right. Sales of the printed edition did not suffer; in fact, they rose slightly year over year. A recent satirical children?s book showed how piracy can actually boost sales. Months before the book came out, a PDF of the story was leaked online and promptly went viral. Yet the leak generated so much interest in the book that eager readers soon pushed it to the top of Amazon?s best-seller list. Even the music industry came to realize that copy protection makes life miserable for the honest customers while doing absolutely nothing to stop the pirates. Today virtually no music files sold online are copy-protected. Sure, the online stores still lose sales to music pirates?but not measurably more than before. Meanwhile music copy protection is no longer inconveniencing everybody else. Until that lesson sinks in with the other industries?e-books, movies, television, computer software, maybe even the Transportation Security Administration?I hope Saturday Night Live someday remakes that talk-show skit. Can?t you just see the list of modern Ruining It for Everyone guests? The guy who wrote the first computer virus, the very first spammer, the first person who tried to sneak a bomb through airport security in his shoes.... From rforno at infowarrior.org Mon Aug 1 13:49:55 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Aug 2011 14:49:55 -0400 Subject: [Infowarrior] - Mercenary cyber warfare? Message-ID: <46626733-D0C7-4073-876F-306274F91551@infowarrior.org> (I thought the Beltway Bandits providing 'cyber' expertise were digital mercs already? --- rick) Mercenary cyber warfare? Former NSA & CIA Director Suggests Employing Mercenaries For Cyberwarfare http://www.itproportal.com/2011/08/01/former-nsa-cia-director-suggests-employing-mercenaries-cyberwarfare/ One of the architects of US foreign policy under George W. Bush, General Michael Hayden, suggested that the US Government should consider creating a "Digital Blackwater" during an open conversation with Bloomberg's Allan Holmes and several other cybersecurity specialists on stage, during an event called the Aspen Security Forum. Blackwater refers to the US private military group founded in 1997 and which has been renamed as Xe Services LLC, a move possibly linked with a number of high controversies that arose after the company expanded its security-related operations into Iraq and Afghanistan. Recruiting mercenaries, Hayden suggested ?might be one of those big new ideas in terms of how we have to conduct ourselves in this new cyber domain,? referring to cyber warfare. He continued by saying ?You think back long enough in history and there are times when the private sector was responsible for its own defense,? before adding ?we may come to a point where defense is more actively and aggressively defined even for the private sector and what is permitted there is something that we would never let the private sector do in physical space". Hayden went on to suggest the creation of a digital Blackwater, something that Xe might already be considering before hinting at what will happen next; "private sector expands to fill the empty space" before ominously claiming, "these are the kinds of things that are going to be put into play here very, very soon.? Hayden's comments should not be taken lightly because of his background as the Director of the CIA and also the National Security Agency under George W. Bush; both agencies have either been hacked or been heavily involved in cyber warfare. Under his leadership, both also significantly increased their partnerships with private military groups like Blackwater. Recruiting whitehat hackers in the world of online security is nothing new, but Hayden suggests externalising the process of cyberwarfare away from the US government as it did with private military companies during the last decade. The complete discussion can be found below. http://www.itproportal.com/2011/08/01/former-nsa-cia-director-suggests-employing-mercenaries-cyberwarfare/ From rforno at infowarrior.org Mon Aug 1 14:13:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Aug 2011 15:13:06 -0400 Subject: [Infowarrior] - Democrats Introduce Federal Bill to Collect Online Sales Tax Message-ID: <7F46B708-3E56-4B79-8A7A-6C0F34A5A5D3@infowarrior.org> ? August 1, 2011 01:57am EST ? 14 Comments Democrats Introduce Federal Bill to Collect Online Sales Tax By Mark Hachman http://www.pcmag.com/article2/0,2817,2389490,00.asp A bill introduced Friday by Democrats in Congress would require a federal framework for collecting sales tax from online retailers, essentially providing guidelines for the states. As it did during its earnings call, Amazon supported the "Main Street Fairness Act," co-sponsored by Sen. Dick Durbin (D-IL), Sen. Tim Johnson (D-SD), and Sen. Jack Reed (D-RI) as well as Reps. John Conyers (D-MI), Peter Welch (D-VT) and Heath Schuler (D-NC) in the House. The bill was endorsed by Sears Roebuck & Co., as well. A collection of organizations opposed the bill, which they said would place an unnecessary cost burden on small businesses. Durbin said, however, that small businesses would be exempted from collecting online taxes, subject to the governing board of the agreement. eBay led the opposition, which was joined by the the Electronics Retailing Association, the Computer and Communications Industry Association, TechNet, and the National Taxpayers Union, among others. "Consumers shouldn't have to face the burden of reporting all of their online purchases," Durbin said in a statement. "Main Street retailers collect sales taxes on behalf of consumers, why shouldn't online retailers do the same? In 2012, states across the country, including Illinois, are expected to lose as much as $24 billion in uncollected state and local taxes on internet and catalogue sales. From 2005 to 2010 the state of Illinois estimated it lost $153 million each year. The Main Street Fairness Act doesn't ask anyone to pay a single penny more in taxes. Instead, it would help governors and mayors collect taxes that are already owed." The texts of the two pieces of legislation are now available online: the Senate bill is here, and the House bill is here. A previous version of the Main Street Fairness Act was introduced by Rep. William Delahunt (D-MA) in the last session of Congress. Although Amazon currently benefits from not having to charge sales tax - the cost savings either factor in as pure profit, or as a price decrease that can attract more buyers - Amazon has also said that it charges tax on more than half of its business around the world. "I think in terms of the sales tax issue in total, the way you should think about it, we support a federal simplified approach, as we have for more than 10 years," Thomas J. Szkutak, the company's chief financial officer, told analysts during the company's second-quarter earnings call. He reiterated that Amazon thought that the tax issue was a "federal" one and that Amazon continued to work through those issues. Current law requires retailers which have a physical presence in the states, known as a nexus, to charge sales tax; otherwise, consumers are obligated to pay a "use tax," which they rarely do. In 2008, Amazon first began challenging the law's interpretation, and fought 2008 and 2011 efforts by the State of New York to tax digital goods. Amazon also severed ties with California retailers in response to a new law which broadens the definition of a "nexus," the condition by which sales tax is applied, to include affiliates. "Introduction of your bill returns the discussion of interstate collection of sales tax to Congress, which the Supreme Court says is the appropriate forum to resolve the issue," Paul Misener, Amazon's vice president for global public policy, wrote in a Friday letter to durbin. "Amazon looks forward to working with you and your colleagues in Congress to help enact sales tax collection legislation." Durbin said that the Main Street Fairness Act is supported by the National Governors' Association, National Conference on State Legislatures, Governing Board of the Streamlined Sales and Use Tax Agreement, National Retail Federation, International Council of Shopping Centers, Retail Industry Leaders Association, National Association of Real Estate Investment Trusts, and National Association of College Stores. eBay, which represents a vast network of small businesses and individual sellers, would presumably be forced to require each and every one to charge sales tax. But Rep. Welch also noted that brick-and-mortar shops are also being used as display cases for products later bought online. "When a consumer can walk into a store, try out a product and then go home and buy it online without paying sales tax, Main Street businesses and downtowns lose," he said in a statement. And that has been the basis of eBay acquisitions like RedLaser, which allows users to scan a physical bar code on an item and then look for it more cheaply online. "A collection of state tax commissioners have again been able to get an outdated Internet sales tax bill introduced in Congress, but we are confident that it will be rejected because it would harm small Internet retailers," said Brian Bieron, senior director, of federal government relations and global public policy at eBay, in a statement. "Better policy is reflected by H.Res. 95 from Congressman Dan Lungren (R-CA) and Congresswoman Zoe Lofgren (D-CA) with 27 bipartisan co-sponsors, which says that Congress won't give states 'the authority to impose unfair tax collecting requirements on small online businesses.'" "The giant retailers jockeying for new Internet sales taxes have national store networks that they combine with their major online sales platforms, a business model they know brings some tax collection duties, Bieron added. "Forcing small businesses to take on the same costs and tax burdens as national retail businesses is unrealistic, unfair and will unbalance the playing field between giant retailers and small business retailers on the Internet." Editor's Note: This story was updated at 8:50 AM to add the online locations of the bills and also to correct a reference to a previous version of the Main Street Fairness Act, which was introduced by Rep William Delahunt (D-MA) in the previous session of Congress. For more from Mark, follow him on Twitter @MarkHachman. From rforno at infowarrior.org Mon Aug 1 14:14:04 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Aug 2011 15:14:04 -0400 Subject: [Infowarrior] - US cybersecurity is a revolving door of exiting officials Message-ID: This is leadership? US cybersecurity is a revolving door of exiting officials By Larry Seltzer | Published July 31, 2011, 10:16 AM http://www.betanews.com/article/This-is-leadership-US-cybersecurity-is-a-revolving-door-of-exiting-officials/1312044570 Personally, I never understood what got people so excited about Barack Obama. But back in 2008 people were positively gooey about him, and one of the lesser reasons was "cybersecurity". Obama "got it". He understood the deadly seriousness of this business. In July, 2008 then-Senator Obama told a gathering at Purdue University: "As President, I'll make cybersecurity the top priority that it should be in the 21st century. I'll declare our cyber-infrastructure a strategic asset, and appoint a National Cyber Advisor who will report directly to me. We'll coordinate efforts across the federal government, implement a truly national cyber-security policy, and tighten standards to secure information - from the networks that power the federal government, to the networks that you use in your personal lives". It wasn't long before the importance of it all to the President started to fade, even as the problem grew worse. It was almost a year before he appointed Howard Schmidt (the guy who had done the same job in the Bush administration) as National Cyber Advisor, but he doesn't report directly to the President. Since then Schmidt has carried on the traditional job of senior government cybersecurity advisors by issuing long reports describing the importance of the problem and making vague proposals for addressing it, while being careful not to threaten too many interests too specifically. Schmidt's great accomplishment so far has been the CNCI (Comprehensive National Cybersecurity Initiative), a series of 12 initiatives announced in May of 2010 and which had actually begun in the Bush administration. I don't recall hearing anything about the CNCI since. This must be the way they like it in Washington, because Schmidt is one of the few top cybersecurity officials still standing, as described by Microsoft's Terry Zink recently. Zink's commentary also demonstrates how fragmented authority in this area remains, a problem which can only be solved by solid leadership that has been lacking. The high-level defections started with Rod Beckstr?m, the Department of Homeland Security's cyber-security chief in March 2009. At the time Wired described the atmosphere as one of "power grabs and bureaucratic infighting". Beckstr?m complained in his resignation letter that his group had been without funds or support from the department. In August of 2009 Melissa Hathaway, the interim White House cybersecurity czar who had just finished the Obama administration's cybersecurity review, resigned "for personal reasons" according to the Wall Street Journal: "People familiar with the matter said Ms. Hathaway has been "spinning her wheels" in the White House, where the president's economic advisers sought to marginalize her politically". In the end Obama decided that the National Cyber Advisor would report to both the National Security Council and the National Economic Council, although "detractors said it would require the new official to please too many masters and would accomplish little". The next resignation was in May of this year when Phil Reitinger, the Department of Homeland Security's top cyber and computer crimes official, quit "to spend the summer with his family" according to the National Journal. "Since DHS was given the responsibility to protect the homeland from cyber threats, as well as direct authority to protect dot.gov domains from intrusions, it has competed for resources and attention with the Department of Defense, which stood up an entire cyber command and has the mighty computers of the National Security Agency at its fingertips". I can certainly appreciate wanting to spend summer with your family, but Reitinger had been appointed just two years before and continuity counts for something in these matters. The next official to head for the door, just last Friday, was Randy Vickers, director of the US Computer Emergency Readiness Team. No offense to the other three officials, but I always thought their missions and positions as somewhat nebulous, but CERT does important work. There was no explanation given for Vickers' departure. Who's in charge here? I think it's fair to say that there's as much dejection in the industry now as there was bright-eyed optimism 3 years ago at the dawn of the Obama era. One of those in attendance at the Perdue address was the well-known and respected Eugene Spafford, head of Purdue's Center for Education and Research in Information Assurance and Security. Spafford was specifically mentioned by Obama and Spafford followed up with a blog about the event which gushes about the candidate. But already by June 2009 he was expressing concern about the job being done by the administration. From what I can see, 'Spaf' (as he's known) has been quiet on the matter since. I suspect he'd like to have some good news to write about. But there is no real good news on the matter. This is absolutely a tough job for the government for many reasons and it will take energy, courage and leadership to get us on a positive footing. We're just not there or even headed there. I blame the guy at the top of the org chart. # # # # Larry Seltzer is a freelance writer and consultant, dealing mostly with security matters. He has written recently for Infoworld, eWEEK, Dr. Dobb's Journal, and is a Contributing Editor at PC Magazine and author of their Security Watch blog. He has also written for Symantec Authentication (formerly VeriSign) and Lumension's Intelligent Whitelisting site. From rforno at infowarrior.org Mon Aug 1 21:17:41 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 1 Aug 2011 22:17:41 -0400 Subject: [Infowarrior] - Twitter lands $800 million VC deal, breaking record Message-ID: http://www.mercurynews.com/wiretap/ci_18596988?source=rss Twitter lands $800 million venture capital deal, breaking record By Peter Delevett pdelevett at mercurynews.com Posted: 08/01/2011 06:01:09 PM PDT Updated: 08/01/2011 06:06:59 PM PDT Even as some naysayers have questioned Twitter's business model, the microblogging site has landed the largest venture capital investment in history as part of an $800 million funding deal. Although Twitter would not confirm the size of the round led by Russian venture firm DST Global, saying only that it was "significant," regulatory documents indicate the company has sold $400 million in new shares. That likely values the two-year-old startup at $8 billion, more than double what it was worth after closing its last venture round in December. Accompanying the $400 million investment, according to a person close to the company, is another $400 million to let Twitter's employees and investors cash out some of their shares. DST used the same tactic two years ago in the transaction that put it on Silicon Valley's map: A $400 million investment in Facebook. Half of that money went to the company, and half to give insiders liquidity while easing pressure on management to go public. San Francisco-based Twitter said some of its prior investors participated with DST in the funding round, the company's seventh. Documents from the Secretary of State's office in Delaware, where Twitter is incorporated, indicate that the company agreed to sell about 24.9 million shares of preferred stock, priced at $16.09 apiece, according to VC Experts, a data provider for the venture capital industry. Justin Byers, head of business intelligence for VC Experts, said that stock is divided into two classes, only one of which grants the right to participate in the election of Twitter's board members. Byers noted that in past investments in companies like Groupon and Zynga, DST has declined to take board seats, "so it'll be interesting to see if they did somehow get a seat out of this." In a statement released by Twitter, DST Global founder Yuri Milner called the startup "one of the few companies that has truly changed the world." He added, "We couldn't pass up the chance to be a bigger part of its future." Byers said regulatory filings indicate Twitter now has authorized for sale 600 million shares of common stock. Given the price of the shares authorized in the new agreement, "It's very possible they'd be at an $8 billion valuation." That's 40 times the $200 million in yearly revenues that equity research firm Hudson Square recently estimated Twitter takes in. Byers said there are no regulatory filings concerning the reported $400 million side deal by DST, since that agreement would cover existing stock from shareholders rather than new shares issued by Twitter. Even the $400 million injection the company itself is receiving breaks the record for venture capital deals. "There's nothing else bigger out there," said John Taylor, research association for the Virginia-based National Venture Capital Association. In fact, he said, only four companies have ever received more than $400 million in total venture funding, much less that amount in one fell swoop. According to CrunchBase, Twitter had taken in $360 million in venture capital prior to Monday. Twitter in a statement said it would use the money "to aggressively innovate, hire more great people and invest in international expansion." It noted that in the past year, its head count has grown to 600, and it's more than tripled the number of tweets transmitted each day, to more than 200 million. From rforno at infowarrior.org Tue Aug 2 06:54:56 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Aug 2011 07:54:56 -0400 Subject: [Infowarrior] - Swiss Justice Minister Decides That ISPs Should Have To Retain Data Despite No Legal Basis Message-ID: <120F70E4-4955-4045-BF78-0BE84708318C@infowarrior.org> Swiss Justice Minister Decides That ISPs Should Have To Retain Data Despite No Legal Basis from the well-that's-one-way-to-do-things dept There are big debates in both the US and Europe about the reasonableness and legality of requiring massive data retention by ISPs. However in Switzerland, the Justice Minister, Simonetta Sommaruga, has decided to dispense with all of that and has just told ISPs they have to start retaining all sorts of data even if there's no direct reason for it (link is a Google translation from the original French). Apparently various companies are now protesting this, but it takes a special sort of out of touch politician to simply declare such a thing without realizing the widespread legal debates in other countries about the legality and usefulness of this very thing... http://www.techdirt.com/articles/20110801/04071415343/swiss-justice-minister-decides-that-isps-should-have-to-retain-data-despite-no-legal-basis.shtml From rforno at infowarrior.org Tue Aug 2 07:40:41 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Aug 2011 08:40:41 -0400 Subject: [Infowarrior] - TSA to put Hub fliers on the spot Message-ID: <2558A387-01A3-455C-BF1D-F2888A2F8ACA@infowarrior.org> (The major difference is that the Israeli folks doing these interviews are mostly current/former career intelligence/CI folks, not hourly workers drawn from any type of background, thrown into a uniform, and given broad invasive powers to control people in the name of protecting the motherland and perpetuating the State of Fear(tm). I like the approach but the US execution of this approach will not be useful IMHO -- rick) TSA to put Hub fliers on the spot Some skeptical of new security program By Natalie Sherman and Joe Dwinell Tuesday, August 2, 2011 - Updated 24 minutes ago http://www.bostonherald.com/news/regional/view.bg?articleid=1355725 Boston?s TSA screeners ? part of a security force whose competency has come under fire nationwide ? soon will be carrying out sophisticated behavioral inspections under a first-in-the-nation program that?s already raising concerns of racial profiling, harassment of innocent travelers and longer lines. The training for the Israeli-style screening ? a projected $1 billion national program dubbed Screening Passengers by Observation Techniques ? kicks off today at Logan International Airport and will be put to use in Terminal A on Aug. 15. It requires screeners to make quick reads of whether passengers pose a danger or a terror threat based on their reactions to a set of routine questions. But security experts wonder whether Transportation Safety Administration agents are up to the challenge after an embarrassing string of blunders ? including patting down a 95-year-old grandmother in Florida and making her remove her adult diaper and frisking a 3-year-old girl who screamed ?stop touching me? at a checkpoint in Tennessee. ?I?m not convinced that the TSA has good enough people to make the Israeli approach work on a large scale,? said Glenn Reynolds, a University of Tennessee law professor who has followed the TSA at his blog, Instapundit.com. But he noted, ?Almost anything would be an improvement over the clown show we?ve got now.? A leading proponent of Israel?s detection techniques agreed the TSA will be severely tested. ?The question is obviously, what is the quality of the verbal interaction that is going to be implemented?? asked Rafi Ron, a former Logan consultant and CEO of New-Age Security Solutions. ?If it will have a poor quality, then obviously it will be another way to waste taxpayer money and increase the hassle to passengers. If not, then this will be great.? Civil libertarians argue the screening is TSA showmanship ? coming just weeks before the 10th anniversary of the Sept. 11, 2001, terrorist attacks ? and could quickly devolve into profiling. ?It?s an ineffective waste of taxpayer dollars that has the potential and the reality of leading to profiling based on race and ethnicity,? said Massachusetts ACLU executive director Carol Rose, who dismissed SPOT as ?security theater.? Logan?s TSA Federal Security Director George Naccara said he doesn?t expect to see longer lines, just better security in the long run. ?I?m trying to refocus the screening effort,? he said. ?We have finite resources, so we have to figure out a way to use them more efficiently.? Under the SPOT program, as passengers hand over their boarding passes and identification, specially trained agents will ask three to four questions ? from ?Where have you been?? to ?Do you have a business card?? and ?Where are you traveling?? ? while looking for ?micro expressions,? such as lack of eye contact, that might hint at nefarious intent. Suspicious individuals will be pulled aside for more questioning, full-body scans and pat-downs. If the encounter escalates, agents will call in state police. At Logan, about 70 agents ? all with college degrees ? are undergoing training by an international consulting firm that includes a four-day classroom course and 24 hours of on-the-job experience, said TSA spokeswoman Ann Davis. Logan passenger Lina Texeira, 41, of Clearwater, Fla., a nurse who has done psychiatric training, said yesterday she backs the SPOT program ? to a point. ?You?re telling me someone with a three-week training course is going to be able to do that?? she said. ?It?s not against the TSA. I just don?t think the training they?re getting is enough.? From rforno at infowarrior.org Tue Aug 2 11:11:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Aug 2011 12:11:59 -0400 Subject: [Infowarrior] - =?windows-1252?q?OT=3A_Tea_Party=92s_War_on_Ameri?= =?windows-1252?q?ca?= Message-ID: <9D207CBD-9EAF-40C2-9948-4B2ED6648DD4@infowarrior.org> August 1, 2011 Tea Party?s War on America http://www.nytimes.com/2011/08/02/opinion/the-tea-partys-war-on-america.html By JOE NOCERA You know what they say: Never negotiate with terrorists. It only encourages them. These last few months, much of the country has watched in horror as the Tea Party Republicans have waged jihad on the American people. Their intransigent demands for deep spending cuts, coupled with their almost gleeful willingness to destroy one of America?s most invaluable assets, its full faith and credit, were incredibly irresponsible. But they didn?t care. Their goal, they believed, was worth blowing up the country for, if that?s what it took. Like ideologues everywhere, they scorned compromise. When John Boehner, the House speaker, tried to cut a deal with President Obama that included some modest revenue increases, they humiliated him. After this latest agreement was finally struck on Sunday night ? amounting to a near-complete capitulation by Obama ? Tea Party members went on Fox News to complain that it only called for $2.4 trillion in cuts, instead of $4 trillion. It was head-spinning. All day Monday, the blogosphere and the talk shows mused about which party would come out ahead politically. Honestly, who cares? What ought to matter is not how these spending cuts will affect our politicians, but how they?ll affect the country. And I?m not even talking about the terrible toll $2.4 trillion in cuts will take on the poor and the middle class. I am talking about their effect on America?s still-ailing economy. America?s real crisis is not a debt crisis. It?s an unemployment crisis. Yet this agreement not only doesn?t address unemployment, it?s guaranteed to make it worse. (Incredibly, the Democrats even abandoned their demand for extended unemployment benefits as part of the deal.) As Mohamed El-Erian, the chief executive of the bond investment firm Pimco, told me, fiscal policy includes both a numerator and a denominator. ?The numerator is debt,? he said. ?But the denominator is growth.? He added, ?What we have done is accelerate forward, in a self-inflicted manner, the numerator. And, in the process, we have undermined the denominator.? Economic growth could have gone a long way toward shrinking the deficit, while helping put people to work. The spending cuts will shrink growth and raise the likelihood of pushing the country back into recession. Inflicting more pain on their countrymen doesn?t much bother the Tea Party Republicans, as they?ve repeatedly proved. What is astonishing is that both the president and House speaker are claiming that the deal will help the economy. Do they really expect us to buy that? We?ve all heard what happened in 1937 when Franklin Roosevelt, believing the Depression was over, tried to rein in federal spending. Cutting spending spiraled the country right back into the Great Depression, where it stayed until the arrival of the stimulus package known as World War II. That?s the path we?re now on. Our enemies could not have designed a better plan to weaken the American economy than this debt-ceiling deal. One thing Roosevelt did right during the Depression was legislate into being a social safety net to soften the blows that a free-market economy can mete out in tough times. During this recession, it?s as if the government is going out of its way to make sure the blows are even more severe than they have to be. The debt-ceiling debate reflects a harsher, less empathetic America. It?s sad to see. My own view is that Obama should have played the 14th Amendment card, using its language about ?the validity of the public debt? to unilaterally raise the debt ceiling. Yes, he would have infuriated the Republicans, but so what? They already view him as the Antichrist. Legal scholars believe that Congress would not have been able to sue to overturn his decision. Inexplicably, he chose instead a course of action that maximized the leverage of the Republican extremists. Assuming the Senate passes the bill on Tuesday, the debt ceiling will be a nonissue until after the next election. But the debilitating deficit battles are by no means over. Thanks to this deal, a newly formed supercommittee of Congress is supposed to target another $1.2 trillion to $1.5 trillion in cuts by late November. If those cuts don?t become law by Dec. 23, automatic across-the-board cuts will be imposed, including deep reductions in defense spending. As has been explained ad nauseam, the threat of defense cuts is supposed to give the Republicans an incentive to play fair with the Democrats in the negotiations. But with our soldiers still fighting in Afghanistan, which side is going to blink if the proposed cuts threaten to damage national security? Just as they did with the much-loathed bank bailout, which most Republicans spurned even though financial calamity loomed, the Democrats will do the responsible thing. Apparently, that?s their problem. For now, the Tea Party Republicans can put aside their suicide vests. But rest assured: They?ll have them on again soon enough. After all, they?ve gotten so much encouragement. From rforno at infowarrior.org Tue Aug 2 11:16:04 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Aug 2011 12:16:04 -0400 Subject: [Infowarrior] - Russian minister calls for limits on the Internet Message-ID: <2B5A1BAC-77E4-4268-83CE-E88A9B6DAB75@infowarrior.org> Russian minister calls for limits on the Internet By Guy Faulconbridge 53 mins ago http://old.news.yahoo.com/s/nm/20110802/wr_nm/us_russia_internet/print MOSCOW (Reuters) ? Russia's interior minister called on Tuesday for limits on the Internet to prevent a slide in traditional cultural values among young people, raising fears of controls over the vibrant Russian-language Web. Many of Russia's 53 million web users fear that hardliners around Prime Minister Vladimir Putin would like to impose Chinese-style limits on the Internet to stave off any potential Arab Spring-style unrest ahead of the presidential election. Russia's iPad-wielding president, Dmitry Medvedev, has ruled out draconian controls while suggesting a discussion of how to deal with clearly illegal content such as child pornography. Interior Minister Rashid Nurgaliyev is the most senior official to publicly propose limits for cultural reasons. "It is necessary to work out a set of measures for limiting the activities of certain Internet resources without encroaching on the free exchange of information," ITAR-TASS quoted him as telling an inter-ministerial meeting on fighting extremism. Nurgaliyev, who did not indicate which sites he felt should be curbed, said that Russia's youth needed looking after to prevent young people from being corrupted by "lopsided" ideas, especially in music, that may undermine traditional values. "It seems to me that the time has long been ripe to carry out monitoring in the country to find out what they are listening to, what they are reading, what they are watching," he was quoted as saying of Russia's youth. "They have forgotten the love songs of old, the waltzes, everything that united us, our background and our roots," the 54-year-old former KGB officer said. Nurgaliyev's lament echoes a wider perception among older Russians that morals have slipped in the two decades since the 1991 fall of the Soviet Union, but his call provoked ridicule and concern in the vibrant Russian-language blogosphere. "Well, what can I say? I am not even going to say this is completely absurd," Alexei Nikitin said on his Russian language blog at http://aleks-nikitin97.livejournal.com/32268.html "Sirs, idiocy is taking over the country." Andrei Makarevich, the leader of the popular Russian soft-rock group Mashina Vremeni, or Time Machine, told NTV television that Nurgaliyev's comments were so confusing he could not find words to describe them. But Russian intelligence expert Andrei Soldatov said Nurgaliyev's comments camouflaged a wider drive by law-enforcement forces to establish intrusive monitoring of the Internet. "Nurgaliyev... wants to use budget funds to set up a system to monitor the Internet," Soldatov, head of the think-tank Agentura.ru, told Reuters. "The fact that Russian law-enforcement forces have begun actively working with companies to exchange information in this sphere is turning the concept of 'privacy' into a complete illusion." In a country where much media is state-run, the Internet is one of the last bastions of free speech. Russian bloggers freely criticize authorities, often scathingly, question high-level corruption and swap information without fear of censorship. The Internet has played a crucial role in the unrest that has rocked North Africa and the Middle East, prompting some governments to tighten controls over access. Such turmoil is unlikely in the near future in Russia, but some hardliners appear keen to ensure they could limit content on the Internet in the event of unrest. A senior officer in Russia's Federal Security Service (FSB), the main successor to the Soviet-era KGB, said in April that uncontrolled use of Gmail, Hotmail and Skype were "a major threat to national security" and called for access to the encrypted communication providers. Western diplomats told Reuters that a series of cyber attacks on prominent hosting websites in recent months -- including Medvedev's own blog -- had all the hallmarks of a highly organized, well-financed hacker attack. (Additional reporting by Maria Tsvetkova and Alissa de Carbonnel; Editing by Mark Heinrich) From rforno at infowarrior.org Tue Aug 2 11:30:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Aug 2011 12:30:57 -0400 Subject: [Infowarrior] - 6 Creepy New Weapons the Police and Military Use To Subdue Unarmed People Message-ID: <33CC139F-AB14-43DF-9E53-0A883CF7B955@infowarrior.org> 6 Creepy New Weapons the Police and Military Use To Subdue Unarmed People By Rania Khalek, AlterNet Posted on August 1, 2011, Printed on August 2, 2011 The US is at the forefront of an international arms development effort that includes a remarkable assortment of technologies, which look and sound like they belong in a Hollywood science fiction thriller. From microwave energy blasters and blinding laser beams, to chemical agents and deafening sonic blasters, these weapons are at the cutting edge of crowd control. The Pentagon's approved term for these weapons is "non-lethal" or "less-lethal" and they are intended for use against the unarmed. Designed to control crowds, clear streets, subdue and restrain individuals and secure borders, they are the 21st century's version of the police baton, pepper spray and tear gas. As journalist Ando Arike puts it, "The result is what appears to be the first arms race in which the opponent is the general population." The demand for non-lethal weapons (NLW) is rooted in the rise of television. In the 1960s and '70s the medium let everyday Americans witness the violent tactics used to suppress the civil rights and anti-war movements. Today?s rapid advancements in media and telecommunications technologies allow people to record and publicize images and video of undue force more than ever before. Authorities are well aware of how images of violence play out publicly. In 1997, a joint report from the Pentagon and the Justice Department warned: "A further consideration that affects how the military and law enforcement apply force is the greater presence of members of the media or other civilians who are observing, if not recording, the situation. Even the lawful application of force can be misrepresented to or misunderstood by the public. More than ever, the police and the military must be highly discreet when applying force." The global economic collapse coupled with the unpredictable and increasingly catastrophic consequences of climate change and resource scarcity, along with a new era of austerity defined by rising unemployment and glaring inequality have already led to massive protests in Spain, Greece, Egypt, and even Madison, Wisconsin. From the progressive era to the Great Depression to the civil rights movement, Americans have a rich history of taking to the streets to demand greater equality. Meanwhile, tens of millions of dollars have been invested in the research and development of more media-friendly weapons for everyday policing and crowd control. This has lead to a trade-in of old school weapons for more exotic and controversial technologies. The following are six of the most outrageous "non-lethal" weapons that will define the future of crowd control. < - > http://www.alternet.org/story/151864/6_creepy_new_weapons_the_police_and_military_use_to_subdue_unarmed_people From rforno at infowarrior.org Tue Aug 2 14:10:47 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Aug 2011 15:10:47 -0400 Subject: [Infowarrior] - UK to legalize private copying of CDs: source Message-ID: <212D438D-BAA1-497B-8CE9-76A7FB0C45A7@infowarrior.org> UK to legalize private copying of CDs: source http://old.news.yahoo.com/s/nm/20110802/tc_nm/us_britain_copyright LONDON (Reuters) ? Britain will signal on Wednesday that it intends to legalize copying of CDs or DVDs onto digital music players or computers for personal use, a government source said on Tuesday. The move was one of the recommendations made in a review of Britain's intellectual property framework carried out by Professor Ian Hargreaves earlier this year at the request of Prime Minister David Cameron. Business Secretary Vince Cable will announce on Wednesday the government's response to Hargreaves' report. Hargreaves, professor of digital economy at Cardiff School of Journalism, found that Britain's 300-year-old copyright laws were obstructing innovation and growth and said a shake-up could add nearly 8 billion pounds ($13 billion) to the economy. Cable will signal the government will agree to Hargreaves' recommendation to legalize private copying or "format shifting" of legitimately-purchased copyright works, the source said. The practice has already been legalized in European countries except for Britain, Ireland and Malta. The change will mean a consumer may copy a CD they have bought onto another device such as their iPod or home computer. It will not allow people to share content over the internet without copyright owners' permission, such as on file-sharing sites. The government will also agree to another Hargreaves' recommendation to introduce an exception to copyright for parody, the source said. This will make it legal for comedians to parody someone else's work without seeking permission from the copyright holder. The government has not yet indicated what stance it will take on another Hargreaves' recommendation -- the introduction of a central digital copyright exchange where licenses in copyright could be bought and sold, helping simplify the way businesses purchase rights to material. (Reporting by Adrian Croft; Editing by Mark Heinrich) From rforno at infowarrior.org Tue Aug 2 14:17:17 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 2 Aug 2011 15:17:17 -0400 Subject: [Infowarrior] - Government hankers for hackers Message-ID: <1EA51B49-68B2-4814-90D9-61A7C141A33D@infowarrior.org> Government hankers for hackers By Tabassum Zakaria http://www.reuters.com/article/2011/08/02/us-usa-hackers-idUSTRE7710PY20110802 WASHINGTON | Tue Aug 2, 2011 10:57am EDT (Reuters) - The National Security Agency has a challenge for hackers who think they're hot stuff: prove it by working on the "hardest problems on Earth." Computer hacker skills are in great demand in the U.S. government to fight the cyber wars that pose a growing national security threat -- and they are in short supply. For that very reason an alphabet soup of federal agencies -- DOD, DHS, NASA, NSA -- are descending on Las Vegas this week for Defcon, an annual hacker convention where the $150 entrance fee is cash only -- no registration, no credit cards, no names taken. Attendance is expected to top 10,000. The National Security Agency is among the keen suitors. The spy agency plays both offense and defense in the cyber wars. It conducts electronic eavesdropping on adversaries and protects U.S. computer networks that hold super secret material -- a prize target for America's enemies. "Today it's cyber warriors that we're looking for, not rocket scientists," said Richard "Dickie" George, technical director of the NSA's Information Assurance Directorate, the agency's cyber-defense side. "That's the race that we're in today. And we need the best and brightest to be ready to take on this cyber warrior status," he told Reuters in an interview. The NSA is hiring about 1,500 people in the fiscal year which ends September 30 and another 1,500 next year, most of them cyber experts. With a workforce of just over 30,000, the Fort Meade, Maryland-based NSA dwarfs other intelligence agencies, including the CIA. It also engages in cyber-spying and other offensive operations, something it rarely, if ever, discusses publicly. But at Defcon, the NSA and other "Feds" will be competing with corporations looking for hacking talent too. The NSA needs cyber security experts to harden networks, defend them with updates, do "penetration testing" to find security holes and watch for any signs of cyber attacks. The NSA is expanding its fold of hackers, but George said there is a shortage of those skills. "We are straining to hire the people that we need." MISFITS OR FIT-INS? It might seem to be an odd-couple fit -- strait-laced government types with their rules and missions trying to recruit hackers who by definition want to defy authorities. George said the NSA is actually an environment where the hacker mindset fits right in to work with "a critical mass of people that are just like them." But what about culture rifts? "When I walk down the hall there are people that I see every day and I never know what color their hair's going to be," George said. "And it's a bonus if they're wearing shoes. We've been in some sense a collection of geeks for a long, long time." The agency has long been known for its brilliant, but sometimes eccentric, mathematicians and linguists. Jeff Moss, a hacker known as Dark Tangent, knows something about bridging the two worlds. He founded Defcon and the companion Black Hat conference for security professionals and is now a member of the Department of Homeland Security's Advisory Council, which advises the government on cyber security. "They need people with the hacker skill set, hacker mind-set. It's not like you go to a hacker university and get blessed with a badge that says you're a hacker. It's a self-appointed label -- you think like one or you don't," Moss told Reuters. He drew a distinction between hackers with skills and computer criminals. Of the latter he says with a laugh: "It would not be good to let them in your front door." Moss worries about young hackers who might cross lines and end up breaking laws that did not exist when he got his first computer in the early 1980s. "You can absolutely learn the same skills without breaking any law," he said. While U.S. intelligence agencies' computer systems are believed to be relatively secure, a wave of recent cyber attacks has hit the Pentagon, major defense contractors and others such as the International Monetary Fund. The NSA's tasks include helping the Homeland Security department secure civilian U.S. government networks. One government bureaucratic hindrance that can impede hiring top-flight experts is the security clearance process that can take six months, by which time a candidate may have found other employment. For the NSA, prospective employees must pass a lie-detector test, be drug-free for one year and undergo an extensive background check. BEWARE 'ANKLE BITERS' Unlike the threat from nuclear weapons where it is clear which countries have that capability, cyber attacks can come from anywhere. "So we need to worry about everybody," George said. "In fact we need to worry about significant adversaries hiding among the ankle biters." He explained that it was like finding a single needle in a pile of needles -- much more difficult than in a haystack. Among constant pings from teenagers just fooling around, "the real bad guy can hide in that noise," George said. "That's a big problem for us, trying to identify the real threat from among all the stuff that's not really threatening." George would not name countries that pose high threats but other intelligence officials have expressed concern about China's growing cyber-warfare capabilities, as well as Russia's. The NSA can attract hackers to work within its cloistered walls by dazzling them with the latest technology, appealing to their competitive nature, and giving them a sense of working for the greater good, George said. "We have a wonderful atmosphere, we have great people and we have the hardest problems on Earth. And we need help, the country needs help," he said. But there is one big difference about winning bragging rights at public competitions versus inside the NSA enclosure. "You're not going to make yourself famous working here, that's the downside. You can be internally famous, but you can't be externally famous," George said. The NSA's secretive nature also brings a positive side-effect in striking a work-life balance. "If you come here you really can't take work home with you," George said. "That's a bonus." (Editing by Warren Strobel and Christopher Wilson) From rforno at infowarrior.org Wed Aug 3 06:53:50 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Aug 2011 07:53:50 -0400 Subject: [Infowarrior] - =?windows-1252?q?Report_on_=91Operation_Shady_RAT?= =?windows-1252?q?=92_identifies_widespread_cyber-spying?= Message-ID: <596E5CF7-667F-46B2-9750-450A8E817220@infowarrior.org> Report on ?Operation Shady RAT? identifies widespread cyber-spying By Ellen Nakashima, Published: August 2 | Updated: Wednesday, August 3, 7:00 AM http://www.washingtonpost.com/national/national-security/report-identifies-widespread-cyber-spying/2011/07/29/gIQAoTUmqI_print.html A leading computer security firm has used logs produced by a single server to trace the hacking of more than 70 corporations and government organizations over many months, and experts familiar with the analysis say the snooping probably originated in China. Among the targets were the Hong Kong and New York offices of the Associated Press, where unsuspecting reporters working on China issues clicked on infected links in e-mail, the experts said. Other targets included the networks of the International Olympic Committee, the United Nations secretariat, a U.S. Energy Department lab, and a dozen U.S. defense firms, according to a report released Wednesday by McAfee, a security firm that monitors network intrusions around the world. McAfee said hundreds of other servers have been used by the same adversary, which the company did not identify. But James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said ?the most likely candidate is China.? The target list?s emphasis on Taiwan and on Olympic organizations in the run-up to the Beijing Games in 2008 ?points to China? as the perpetrator, he said. ?This isn?t the first we?ve seen. This has been going on from China since at least 1998.? Another computer expert with knowledge of the study, who spoke on the condition of anonymity out of reluctance to blame China publicly, said the intrusions appear to have originated in China. McAfee dubbed the intrusions ?Operation Shady RAT,? with the acronym standing for ?remote access tool.? The intruders were after data on sensitive U.S. military systems, the McAfee report says, as well as material from satellite communications, electronics, natural gas companies and even bid data from a Florida real estate company. Forty-nine of the 72 compromised organizations were in the United States. ?We?re facing a massive transfer of wealth in the form of intellectual property that is unprecedented in history,? said Dmitri Alperovitch, McAfee?s vice president of threat research. He would not name the private entities targeted, but said McAfee helped half a dozen of them investigate intrusions. Some of the intrusions ? such as one into the World Anti-Doping Agency in Montreal ? are continuing, he said. Spokesmen for that organization and for the International Olympic Committee said they were not aware of the intrusions. A U.N. spokesman said technicians analyzing the logs have not seen evidence of stolen data. The Energy Department had no comment. According to the report, which does not identify the AP by name, the organization?s New York office was targeted in August 2009 in an intrusion that lasted, on and off, for eight months. Its Hong Kong bureau was penetrated at the same time, in an intrusion that continued for 21 months. AP spokesman Jack Stokes said the company was aware of the report. ?We do not comment on network security,? he said. The Associated Press has been targeted before. A March 2009 report by Canadian researchers about allegations of Chinese espionage against the Tibetan community found that computer systems in AP offices in Hong Kong and Britain had been compromised. McAfee had been aware for years of a ?command and control? server located in a Western country that was used to control malware deployed on target computers. But the firm just recently discovered that the hackers had made a tradecraft mistake, configuring the server to generate logs that identified every Internet protocol address the server had controlled since 2006. Google?s disclosure early last year that hackers in China had broken into its networks and stolen valuable source code was a watershed moment: A major U.S. company volunteered that it had been hacked. Google also said that more than 20 other large companies were similarly targeted. Scott Borg, chief economist at the U.S. Cyber Consequences Unit, a research group, has assessed the annual loss of intellectual property and investment opportunities across all industries at $6 billion to $20 billion, with a big part owing to oil industry losses. These firms spend hundreds of millions of dollars to explore oil fields before bidding on them, Borg said. One measure of pain came recently when EMC Corp. disclosed that it had taken a $66 million charge to cover remediation costs associated with a March intrusion of its RSA division. That intrusion, which industry experts say appeared to have originated in China, resulted in the compromise of RSA?s SecurID computer tokens that companies and governments worldwide use to log on remotely to workplace systems. As a result of the compromise, at least a dozen major financial institutions are switching to other vendors, said Gary McGraw, chief technology officer at Cigital, a security firm that works with banks. Stina Ehrensvard, chief executive of YubiKey in Palo Alto, Calif., said at least 25 firms have switched to YubiKey or are testing its token as a result of the RSA breach. Staff researcher Julie Tate contributed to this report. ? The Washington Post Company From rforno at infowarrior.org Wed Aug 3 07:58:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Aug 2011 08:58:13 -0400 Subject: [Infowarrior] - Microsoft locks down Wi-Fi geolocation service after privacy concerns Message-ID: <66A6917A-EFEC-4E5A-B7CF-EE09AC42D801@infowarrior.org> Microsoft locks down Wi-Fi geolocation service after privacy concerns By Peter Bright | Published about 10 hours ago http://arstechnica.com/microsoft/news/2011/08/microsoft-locks-down-wi-fi-location-service-after-privacy-concerns.ars Microsoft has restricted its Wi-Fi-powered geolocation database after a researcher investigating Wi-Fi geolocation and position tracking raised privacy concerns about the information recorded. This follows a similar move from Google, amidst identical privacy complaints. A number of companies including Microsoft, Google, and Skyhook operate Wi-Fi geolocation databases as a means of providing quick and reasonably effective location information to phones, tablets, and laptop computers. Every Wi-Fi and Ethernet device has a unique identifier called a MAC address. Wi-Fi access points broadcast their MAC addresses so that any nearby machines can see the access point and connect to it. Companies building geolocation databases collect access point MAC addresses and GPS locations, then publish this information online. (Community projects such as Wigle accumulate similar databases.) Smartphones and laptops can use these databases to perform quick location finding whenever they're connected to a Wi-Fi access point. They do this by querying the database for the location of the access point that they're currently using. As long as it's in the database?and hasn't moved too far from wherever it was when its information was recorded?they then know that they're close to the access point's location. The initial data to populate these databases comes from two main sources. Both Microsoft and Google have vehicles that are driven around to listen for access points and note their MAC addresses and locations. The companies also use data from smartphones; Windows Phone and Android devices can all send access point MACs and GPS co-ordinates to the companies' respective services, so that the databases can be expanded to make them more accurate and useful. They also send cell tower IDs, if available, for the same reason. This data collection has itself come under scrutiny, after both Apple and Google were found to be storing the data on-phone, potentially allowing other software on the phone (or software with access to handset backups on a computer) to determine not only your current location, but everywhere you have been in the past. Microsoft sidestepped this particular issue, as Windows Phone doesn't keep such a history (and the company even released the source code to prove that it does nothing untoward). The new privacy concern is that these databases can capture MAC addresses that belong not to access points, but rather to smartphones themselves. Many phones have the ability to act as a mobile hotspot?converting themselves into a miniature access point to share their connections. If an Android or Windows Phone connects to one of these access points and sends the data to the central database, the information recorded is not merely the location of a mobile access point; it's the location of someone's phone, and by extension, the person themselves. CNET reported on Google's database in June after it was discovered to be chock full not only of access point MAC addresses but also laptop and smartphone addresses. A couple of weeks after that report, Google modified its service to restrict access. Specifically, Google changed the service so that it required two nearby MAC addresses to be entered instead of just one. This alteration meant that it was no longer possible just to query a particular phone's MAC address to find out where the person was. Microsoft altered its service in response to a similar CNET report, based on work from researcher Elie Bursztein. Bursztein was investigating the ability to track where a laptop had been by analyzing the Wi-Fi data stored by Windows whenever it connects to an access point. To do this, he needed a MAC location database. Initially he used Google's but had to revert to using Microsoft's after Google made their change. Now Microsoft's service isn't an option, either; with the change Redmond has made, its service too requires multiple MAC addresses to be sent before it will return a location. If you want an approximate location when only one access point is visible?perhaps a rarity in the city, but far from unheard of in less built-up areas?Microsoft isn't going to give you one. The best solution? In many ways, the change is unfortunate. Wi-Fi-based positioning is a useful feature to have, especially for laptop computers that are regularly Wi-Fi enabled but usually lack GPS hardware. Geolocation is a feature found in HTML5 and supported by all modern browsers to enable services such as foursquare and location-based search. Instead of restricting the feature, a move in the opposite direction?publishing the API, making it readily accessible to third parties, and building in system-wide support for it?would be a valuable improvement both to Windows and the Internet-connected world as a whole. Windows 7 offers a standardized API for GPS and other sensors, but it's not widely-used. A third-party Wi-Fi positioning module exists, which enables Windows to, for example, automatically pick the right location for its weather widget, but it suffers from a lack of high quality databases. A first-party equivalent, using Microsoft's database, would be a welcome addition to the platform. It's also not clear just how big the privacy issue even is. The MAC addresses of stationary Wi-Fi access points are not in any meaningful sense "private"?they're broadcast to the world, and the only information they can communicate is the device or chipset's manufacturer. CNET claims that "hundreds of milions" of smartphones are used as mobile access points. With many network operators making Wi-Fi tethering a paid extra, and the popular iPhone not even supporting tethering until earlier this year, that's a number that feels more than a little high. 3G base stations are also susceptible to this tracking issue, but equally, there aren't hundreds of millions of those in circulation. So long as Microsoft's database isn't routinely recording the whereabouts of every MAC address it sees but only those belonging to access points, then smartphone entries in the database should be unusual. There's no evidence that Microsoft is indiscriminately recording MACs (though there is some evidence that Google has done so), and so its database ought to be relatively "clean." If the company were to automatically remove those access points that appear to move around?as Google does?then the ability to track phones, laptops, and 3G base stations would be diminished further still. A blacklist feature to allow privacy-conscious users to forbid the recording of their access point or smartphone MAC addresses would appear to address any remaining privacy concerns. And since MAC addresses do generally identify manufacturers, some entries?those from companies which make smartphones but not Wi-Fi access points?could also be rejected; there's no reason to ever accept a MAC originating from HTC, for example. Google and Microsoft have, however, made their choices; they've plumped for privacy over convenience and robustness. From rforno at infowarrior.org Wed Aug 3 08:21:23 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Aug 2011 09:21:23 -0400 Subject: [Infowarrior] - Costly Drone Is Poised to Replace U-2 Spy Plane Message-ID: <9B715575-4171-47A2-B677-CE89C00C9A39@infowarrior.org> August 2, 2011 Costly Drone Is Poised to Replace U-2 Spy Plane By CHRISTOPHER DREW https://www.nytimes.com/2011/08/03/business/global-hawk-is-poised-to-replace-u-2-spy-plane.html PALMDALE, Calif. ? Tucked away here in the Mojave Desert, the assembly plant for the high-flying Global Hawk jet resembles a giant hobby shop. Work tables surround a handful of fuselages, and an unusually long wing ? needed to slip through the thin air at 60,000 feet ? is ready to be bolted into place. Open panels await controls for cameras and eavesdropping gear, and bright blue tool bins and parts vats are scattered around the concrete floor. Just 50 people work in the factory and a test hangar, and only five of the drones will be built this year. But despite a spate of delays, second-guessing and cost overruns, the Global Hawk is once again on track to replace one of America?s most noted aircraft: the U-2 spy plane, famed for its role in the cold war and more recently Afghanistan. The Air Force decided last month to stick with its $12 billion Global Hawk program, betting that the unmanned drone can replicate the aging U-2?s ability to sweep up a broad mix of intelligence from commanding heights, and do it more safely and for much longer stretches than the piloted U-2. The Navy is also onboard, with plans to spend $11 billion on a version that could patrol vast ocean areas. The continued push for the Global Hawk reflects how drones are changing warfare and how critical high-altitude spying can be in any type of fight. Still, the program remains ensnared in military politics and budget battles, and the aircraft itself awaits some important technical changes that could slow its unveiling. In particular, creating the new models and their high-tech sensors, which can cost more than the planes, has been difficult. And in an era in which remotely piloted planes are seen as relatively cheap and easy solutions, the Global Hawk has become the Escalade of drones, the gold-plated one that nearly broke the bank. ?The Global Hawk is a very impressive product, but it is also a very expensive product,? said Richard L. Aboulafia, an aviation analyst at the Teal Group, a consultancy in Fairfax, Va. ?Those U-2s were paid for a long time ago.? Since 2001, the cost of the Air Force program has more than doubled, and the service recently cut its planned fleet of Global Hawks to 55 from 77. That lifted the total estimate for each plane, including the sensors and all the research and development, to $218 million, compared with $28 million for the Reaper, the largest armed drone. Pentagon tests also suggested last fall that the new Air Force model was not reliable enough to provide sustained surveillance. Parts failed frequently, and the equipment for intercepting telephone and radio conversations, a vital requirement for replacing the U-2, had trouble pinpointing the source of the calls. Pentagon officials and executives at Northrop Grumman, which is building the Global Hawk, say they are trimming costs and replacing the faulty parts. Since March, commanders have rushed nine of the planes into use over Japan, Libya and Afghanistan, and they say they have done a good job in taking images of the earthquake damage in Japan and bombing targets in the war zones. But analysts say the biggest test ? and perhaps the next step in the shift from manned to robotic aircraft ? will come if Northrop can field enough Global Hawks with better eavesdropping gear to make the commanders feel comfortable about retiring the U-2. That transition was originally supposed to happen this year. Edward A. Walby, a business development director at Northrop, said the company now expected to have enough Global Hawks in the air by the end of 2012. That would give the Air Force time to check them out before phasing out the 32 U-2s by 2015. But even that could change. Congress has said it will not approve any shift that would leave significant intelligence gaps. Mr. Aboulafia, the aviation analyst, said cuts in the military budget could also slow the transition. And critics of the military?s contracting practices say that instead of revamping the Global Hawk project, the Pentagon should have tabled it until all the technology was ready. ?Once again, we have a system that has failed to meet effectiveness and suitability requirements, but one that no doubt will proceed post-haste into full production and deployment,? said Thomas P. Christie, a former top Pentagon testing official. The Global Hawks, monitored by shifts of pilots on computers in California, fly 24-hour missions, twice as long as a U-2 pilot can stay up, and the Pentagon says they will be cheaper to operate. Like the U-2, they can peer down from twice the height of a commercial airliner and spot a group of insurgents or a tank 50 to 100 miles away. The images can be sent directly to troops in a firefight or to intelligence centers, where analysts examine them and send out more in-depth reports. The U-2 was created in the 1950s to monitor Soviet nuclear sites. It is still used, as the Global Hawk will be, to supplement satellites by gazing into North Korea and Iran from outside their borders. But the towering heights have also enabled the U-2 to survey so much territory in Afghanistan, and scoop up so many Taliban phone calls, that it has become one of the best sources of tips for where to send the Predator and Reaper drones, which fly at lower altitudes and fire missiles. Intelligence officials say the combination of images and intercepted conversations from the same area provides a richer picture of what is going on, and they want the Global Hawk to be able to act as a similar trigger for dispatching other planes. A more basic version of the Global Hawk has supplied battlefield images in Afghanistan and Iraq since shortly after the 2001 terror attacks. But the effort to enlarge the plane to carry eavesdropping gear and other new sensors required a more substantial redesign than expected. And Northrop is now trying to resolve the problems with the parts. It is replacing faulty electrical generators and navigation systems and improving the eavesdropping software. Under the latest plans, the Air Force will buy 31 of the Global Hawks with upgraded cameras and the eavesdropping gear and 11 with a sensor that could more closely track the movements of enemy troops and vehicles. The Navy would build 68 of the maritime models, Germany is buying a few of the planes, and NATO might buy some, too. Here in Palmdale, where Northrop also built the B-2 bombers and is now working on fuselages for the F-35 fighter, there is a sense of relief that the Global Hawk finally seems a little closer to moving from a sidekick role to the spotlight. Inside the beige factory, Mr. Walby, the Northrop official and a former U-2 pilot, said he sometimes gets flak from his old buddies, who delight in having been able to keep the U-2 relevant. Most of the U-2 pilots know the changeover is inevitable. But a few would rather not acknowledge, he said, that the U-2 is also ?limited by the man.? Not only are there limits to how long each mission can last, but U-2 pilots are subject to disorienting decompression illnesses. ?And there?s a small group, when I?m at a U-2 reunion, that I have to remind about how we buried four U-2 pilots while I was with the program,? Mr. Walby said, referring to crashes. ?I said: ?Is it really worth it? Now that we have the technology to stop that from happening, is it worth it?? ? From rforno at infowarrior.org Wed Aug 3 16:30:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 3 Aug 2011 17:30:13 -0400 Subject: [Infowarrior] - WH: Need to monitor online 'extremism' Message-ID: <81578335-5FDF-4193-95D9-517A1428CC96@infowarrior.org> August 3, 2011 1:11 PM PDT White House: Need to monitor online 'extremism' by Declan McCullagh http://news.cnet.com/8301-31921_3-20087677-281/white-house-need-to-monitor-online-extremism/ A White House terrorism strategy released today says Facebook, Twitter, and other social networks aid in "advancing violent extremist narratives" and should be monitored by the government. The 12-page strategy (PDF), which outlines ways to respond to violent extremism, promises that: "We will continue to closely monitor the important role the Internet and social-networking sites play in advancing violent extremist narratives." President Obama said in a statement accompanying the report that the federal government will start "helping communities to better understand and protect themselves against violent extremist propaganda, especially online." While much of the White House document is focused on al Qaeda--which The Washington Post recently reported is on the "brink of collapse"--it also talks about domestic terrorists, neo-Nazis, anti-Semitic groups, and a broad "range of ideologies" that promote radicalization. Today's announcement may signal that monitoring of social networks will broaden beyond the U.S. Department of Homeland Security already does. Depending on the details, it could also raise concerns about how to balance Americans' privacy rights with desire of security agencies to collect and analyze information that is, more or less, publicly available. In June 2010, the U.S. Department of Homeland Security confirmed publicly (PDF) that its agents were permitted to create accounts on social-networking sites in some situations. DHS's National Operations Center "will monitor activities on the social-media sites" using search engines, aggregators, and other tools, last year's announcement said. "The NOC will gather, store, analyze, and disseminate relevant and appropriate de-identified information to federal, state, local, and foreign governments, and private sector partners..." In addition, the Electronic Frontier Foundation unearthed documents showing that DHS officials were sending "friend" requests to people applying for U.S. citizenship. DHS conducted extensive monitoring of social networks during Obama's inauguration. In 2009, CIA investment arm In-Q-Tel invested in Visible Technologies, which monitors millions of posts on social-networking Web sites, Wired reported. Tax collectors, too, are "nabbing scofflaws by mining information posted on social-networking Web sites," according to The Wall Street Journal, and the FBI has previously supported legislation that would allow federal police to monitor the Internet for "illegal activity." This move toward monitoring social networks hasn't been without controversy. A New York Times editorial suggested these techniques may go too far: "If government agents are joining social networks under false pretenses to spy without a court order, for example, that might be crossing a line." It's also not been limited to the United States. In 2009, the U.K. Home Office announced that it would monitor all conversations on social-networking sites, including Facebook, MySpace, Bebo, Twitter, and Skype, in a crackdown on terrorists' use of the Internet. So has the Chilean government. And, of course, some repressive regimes have simply blocked Web sites completely. Declan McCullagh E-mail Declan McCullagh Declan McCullagh is the chief political correspondent for CNET. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site. From rforno at infowarrior.org Thu Aug 4 10:23:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Aug 2011 11:23:59 -0400 Subject: [Infowarrior] - White House Names a New Chief of Information Technology Message-ID: <19438967-B8CD-43D6-AEC7-C7ACB4B57C34@infowarrior.org> White House Names a New Chief of Information Technology By STEVE LOHR https://www.nytimes.com/2011/08/04/technology/white-house-picks-new-information-chief.html?_r=1&pagewanted=print Steven VanRoekel, a former Microsoft executive, will become the next chief information officer for the federal government ? a bigger, more policy-oriented technology job than any he held at the software giant. Mr. VanRoekel, 41, who joined the Obama administration from Microsoft in 2009 as managing director of the Federal Communications Commission, will succeed Vivek Kundra, the White House plans to announce on Thursday. The federal government spends about $80 billion a year on information technology, more than any corporation. But the government, analysts agree, has not achieved the kind of productivity gains from its technology investment that is evident in the private sector. The long-term trend of productivity growth in the private sector, said Jeffrey D. Zients, a deputy director of the Office of Management and Budget, has been about 1.5 percent a year. Yet productivity growth in the federal government, he noted, has been less than a third that level. Senior administration officials came into office convinced that computing technology could be bought and used more intelligently to save money, reduce waste and make government work better. ?We believe that the use of information technology is the single biggest reason for the gap between the public and private sector,? Mr. Zients said in an interview on Wednesday. Mr. Kundra, 36, led the effort to overhaul the government?s approach to technology for more than two years. He is going to Harvard to take a joint appointment at the Kennedy School of Government and the Berkman Center for Internet and Society at the law school. Mr. Kundra, analysts say, came in with an ambitious agenda and made some progress. When he arrived at the White House, Mr. Kundra recalled, he was handed a thick pile of papers, documenting $27 billion in technology projects that where running well over budget and well behind schedule. To address the problem, the administration built IT Dashboard, a Web site accessible to the public that tracks the spending and progress federal technology projects. Mr. Kundra and his team have used the project-tracking data to conduct TechStat sessions, reviews of the government?s largest, most troubled technology initiatives. As a result, projects have been pared back or eliminated, saving $3 billion, the government estimates. Under Mr. Kundra, analysts say, the government agencies have moved to adopt new technologies that can improve efficiency. The government is shifting to cloud computing, in which people access applications like e-mail over the Internet rather than in desktop software. Another tool is software that shares computing tasks across several machines in a data center, reducing the number of computers ? and data centers ? needed. The government has begun a program intended to close 800 of its 2,000 data centers over the next four years. That effort is on track to close 195 computer centers this year. The pace of technology projects has accelerated as well. The government estimates that the average time needed to deliver a software application or component has been trimmed to eight months, from 24 months. In its drive to make its technology less costly and more nimble, the government has, said Shawn P. McCarthy, an analyst at IDC, ?definitely made progress down that path, though probably not as much as Vivek Kundra had wanted.? The administration has also put all kinds of government data on the Web, mostly on the Web site Data.gov, including economic, health care, environmental and other information. There are now more than 389,000 data sets online, and citizen programmers have created more than 230 applications using the data. Mr. VanRoekel worked for Microsoft for 15 years, including a stint as an assistant to Bill Gates, the co-founder. Mr. VanRoekel was a supporter of President Obama, attended the inauguration, and after a conversation with Julius Genachowski, the new chairman of the F.C.C., went to work for him. As the government?s chief information officer, Mr. VanRoekel said he planned to move ahead with the work Mr. Kundra began. ?We?re trying to make sure that the pace of innovation in the private sector can be applied to the model that is government,? Mr. VanRoekel said. From rforno at infowarrior.org Thu Aug 4 12:16:17 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Aug 2011 13:16:17 -0400 Subject: [Infowarrior] - NYSE Glitch Halts Derivatives Trading, Updates Message-ID: NYSE Glitch Halts Derivatives Trading, Updates By Nandini Sukumar and Sarah Jones - Aug 4, 2011 http://www.bloomberg.com/news/print/2011-08-04/nyse-says-fault-halted-some-derivatives-trades-equity-index-price-updates.html NYSE Euronext (NYX) said a computer malfunction suspended derivatives trading on its Liffe market and halted price updates on its European stock indexes for almost an hour as equities plunged the most in 15 months. Derivatives trading resumed at 6:10 p.m. in Paris and gauges in Paris, Brussels, Lisbon and Amsterdam were suspended from 4:28 p.m. to 5:20 p.m., NYSE Euronext said on its website today. Trading in individual equities was unaffected. The Stoxx Europe 600 Index tumbled 3.4 percent to 243.3, the biggest drop since May 7, 2010, amid concern the global economy is weakening. ?For the system to be down today is a total disaster,? said Lex Van Dam, a London-based fund manager at Hampstead Capital LLP, which oversees $500 million. ?This is a really scary market. It?s so busy and for people not to be able to get out of their positions or hedge on today of all days is really terrible.? NYSE Euronext matches equity trades on its Universal Trading Platform while Deutsche Boerse AG (DB1), with which it?s seeking to merge, uses its Xetra technology and is developing a new system for all its markets. The two exchanges have said they will seek to save more than 51 million euros ($72 million) by having common trading and clearing infrastructure and combining networks. They haven?t said whose systems they will use after the takeover is completed. Euribor Futures The Liffe system that went down today halted trading in short-term interest rate derivatives including Euribor futures and contracts based on FTSE indexes. Contracts that passed their settlement time will be settled at 6:30 p.m. Paris time, the exchange said. Today?s fault was the sixth in less than two months for NYSE Euronext. The company?s equity indexes in France, Belgium, Portugal and the Netherlands didn?t update for almost two hours on July 29 and 3 1/2 hours on July 12. That followed a June 27 glitch that stopped trading in CAC 40 stocks for more than 45 minutes and two incidents the previous week that delayed the start of trading by an hour in Paris, Amsterdam, Brussels, Luxembourg and Lisbon and halted transactions in the largest Dutch and Belgian stocks. NYSE Euronext, formed when the operator of the New York Stock Exchange bought Europe?s second-largest exchange in 2007, has cited improving computer systems as a goal of its combination with Deutsche Boerse, first announced in February. The transaction will give Deutsche Boerse 60 percent of the combined entity, while NYSE Euronext Chief Executive Officer Duncan Niederauer will run the organization. Italy?s FTSE MIB Index also stopped updating today, according to Borsa Italiana, which is owned by London Stock Exchange Group. To contact the reporters on this story: Nandini Sukumar in London at nsukumar at bloomberg.net; Sarah Jones in London at sjones35 at bloomberg.net To contact the editor responsible for this story: Andrew Rummer at arummer at bloomberg.net From rforno at infowarrior.org Thu Aug 4 12:38:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 4 Aug 2011 13:38:46 -0400 Subject: [Infowarrior] - U.S. Joint Forces Command formally dissolved Message-ID: <9B5EF79F-3AA8-458F-B09C-EC2102EC358B@infowarrior.org> http://www.washingtonpost.com/blogs/checkpoint-washington/post/us-joint-forces-command-formally-dissolved/2011/08/04/gIQAQbzBuI_blog.html U.S. Joint Forces Command formally dissolved By Jason Ukman The four-star military command known as JFCOM is officially no more. On Thursday, a year after then-Defense Secretary Robert M. Gates recommended the closing of the Hampton Roads-based U.S. Joint Forces Command, the colors were rolled up, the commemorative plaque unveiled and the 12-year-old combatant command dissolved. The command was set up to coordinate training and military doctrine among the branches of the armed services. But in tough fiscal times, and with the spirit of ?jointness? far more inculcated in the services than it was a decade ago, Gates decided the command?s functions no longer justified an annual budget of nearly $1 billion. While the Pentagon said it would assign some of the command?s functions to other combatant commands and individual services, t he decision drew howls from Virginia officials, who warned about the loss of jobs in and around Norfolk and the economic impact in the region. A year later, it appears the closure of JFCOM has proven painful but not devastating. Of the command?s roughly 6,000 personnel, about half were contractors. Those contractors have taken the biggest hit in the cuts, but some ? along with hundreds of the troops at JFCOM ? will retain their jobs under different leadership. Adm. Mike Mullen, chairman of the Joint Chiefs of Staff, said at a ceremony in Suffolk on Thursday that the closure is ?in the nation?s best interest.? He also lauded the command?s accomplishments in facilitating collaboration among the services, saying such collaboration has become critical to their success. As an example, he cited the U.S. military?s ability to quickly implement a no-fly zone in Libya. ?The world,? Mullen said, ?has become so flat so fast, and so interconnected, we can no longer draw neat lines between the sea and the shore, the horizon and the sky.? The command?s top officer, Gen. Ray Odierno, has been nominated as Army chief of staff. From rforno at infowarrior.org Fri Aug 5 12:11:01 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Aug 2011 13:11:01 -0400 Subject: [Infowarrior] - Pentagon's Lightning Gun Sold for Scraps on eBay Message-ID: <3DDAC6C0-BBDD-4404-8D3B-E778BE49C869@infowarrior.org> (c/o GP) http://www.wired.com/dangerroom/2011/08/pentagons-lightning-gun/ There was a time, not all that long ago, when the Pentagon sank tens of millions of dollars into remote-controlled lightning guns that it hoped would fry insurgent bombs before they killed any more troops. Now, disassembled parts from the one-time wonder-weapons are being sold on eBay. At least one buyer snatched up the gear, hoping to use it in his latest art project for Burning Man. All of which would make for a funny little story, if that buyer didn't discover that the multimillion dollar "Joint Improvised Explosive Device Neutralizers," or JINs, were kluged together from third-rate commercial electronics, and controlled by open Wi-Fi signals. In other words, the Pentagon didn't just overpay for a flawed weapon. On the off-chance the JIN ever worked, the insurgents could control it, too. "This is the hack of all hacks," says Cody Oliver, a freelance technologist in San Francisco. "And this is what they were selling to the government? Holy shit." OK, that story is kind of funny, too. In its own dark way. It started one day last April, Oliver says. He was brainstorming with sometime-employer, Elon Musk, about their next project for Burning Man. For the last three years, Oliver had built for Musk "art cars" - tricked-out jalopies - in the shape of rocket ships that Musk then drove around the festival. (Musk is the founder of the rocket-maker SpaceX, among other firms.) This year, Oliver suggested something different - a remote-controlled art car. Musk liked the idea. So Oliver started trolling eBay for robotic control systems. He figured he'd get something industrial grade, that already had all the safety and interference issues sorted out. Oliver quickly found a pair of Omnitech Robotics NGCM1 controllers - the kind of high-end electronics that ordinarily sold for tens, if not, hundreds of thousands of dollars. Oliver bought a pair for a thousand bucks. He sent his dad down to a nondescript warehouse in Tucson, Arizona to pick the stuff up. Oliver knew there was something different about these controllers almost as soon as he took them out of the crate. The steering wheel was outfitted with black buttons labeled "Enable Weapon" and "Weapon On." In the center was a big red button marked, "STOP!" Things got more curious when he started poking around the software. There was no password on the gear that was supposed to be outfitted on the robot, so he was able to type "root," and get right in. Then he checked out the operator's equipment, which ran a Java app on Windows XP. He decompiled it, and found a string in the code: "IONPaysBills=true." ION was the stock market symbol for Ionatron, the company that managed to convince Paul Wolfowitz, the Deputy Defense Secretary during the early years of the George W. Bush administration, to give the firm $30 million for its bomb-zappers. Shaped like golf carts, the remote-controlled JINs were supposed to use short-pulse lasers to carve conductive channels in the air. Electricity could then be sent down those channels, frying bombs from a safe distance. A company press release quoted Brig. Gen. Joseph Votel, head of the Pentagon's Joint IED Defeat Task Force as saying, "The Ionatron system was just the type of out of the box, new technology solution we're looking for." But the JINs never quite lived up to their overheated claims. In early 2006, the Washington Post recounts, two JINs were flown to Afghanistan. At one point, "the kill switch failed and the device continued to fire bolts of electricity. Steep mountain terrain and poor roads also proved difficult; one JIN rolled downhill and flipped over." Eventually, the Pentagon soured on the JINs. Ionatron lost most of its cash, changed its name, and got wrapped up in a series of shareholder lawsuits and insider trading scandals. A couple of years ago, the broken firm reached out to Tuscon's Southwest Liquidators, who helped clear the Ionatron warehouse of its useless inventory of electronics. "We took it all," says Southwest's Keith Tearne. Then they put it on eBay. Oliver kept going through the strange gear he had indirectly acquired from Ionatron. The wireless router that was supposed to be mounted on the robot was a standard Linksys model, the kind that filled countless homes with Wi-Fi. There was no encryption, and no password to protect the information. Anyone could've tapped in. "All the video, all the commands, there were all in the clear, over standard 802.11 Wi-Fi," Oliver says, his voice rising. There was one difference, though, between this Linksys router and a standard one: The tell-tale blue plastic had been removed, and the serial numbers were carefully shaved off. As if someone didn't want the government to know that they were using commercial parts. That was fine by Oliver - he was using the gear for Burning Man, not for Baghdad. But he figured he ought to e-mail the CEO of Omnitech Robotics, Ionatron's supplier, to find out what was up - and see if he could get some configuration files. "I also got a LOL on some of the code statements," Oliver wrote. "Guess this should read 'TAXPaysBill = true.'" The CEO, David Parish, quickly answered back. "Those systems were sold to Ionatron under NDA [nondisclosure agreement] . If you openly disclose this type of information and violate NDA or copyrights, you and or Ionatron may be liable for infringement," he wrote. "Any use of the scrap parts you have is dangerous, at your own risk, and not authorized or supported by Omnitech." "The random comments you noted in some files were software programmers attempt at humor, nothing more. I do not share their sense of humor, and take this compromise and potential threat seriously. I suggest you act responsibly and heed this warning," Parish added. Oliver eventually dropped the idea of using the Ionatron gear for Burning Man - and not because of Parish's threat. The gear just seemed too jury-rigged. Its network detector was a wire connected to the "on" light on the front of the router. "I just don't trust it," he says. The military, on the other hand, continues to have some faith in Ionatron's technology, investing additional millions into their lightning weapons. The Marines combined the JIN with a mine-roller, used to crush buried bombs. Then they hung the whole thing in front of a truck, and called it a "JOLLER." A May 2009, Marine Corps briefing (.pdf) shows the phallic contraption shooting electricity into the ground. "Lightening Bolt: Pricele$$," it reads. At least, until it goes up for sale on eBay. From rforno at infowarrior.org Fri Aug 5 20:38:53 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 5 Aug 2011 21:38:53 -0400 Subject: [Infowarrior] - S&P downgrades U.S. credit rating for first time Message-ID: S&P downgrades U.S. credit rating for first time By Zachary A. Goldfarb, Updated: Friday, August 5, 8:33 PM http://www.washingtonpost.com/business/economy/sandp-considering-first-downgrade-of-us-credit-rating/2011/08/05/gIQAqKeIxI_print.html Standard & Poor?s announced Friday night that it has downgraded the United States credit rating for the first time, dealing a huge symbolic blow to the world?s economic superpower in what was a sharply worded critique of the American political system. Lowering the nation?s rating one-notch below AAA, the credit rating company said ?political brinkmanship? in the debate over the debt the debate over the debt had made the U.S. government?s ability to manage its finances ?less stable, less effective and less predictable.? It said the bi-partisan agreement reached this week to find $2.1 trillion in budget savings ?fell short? of what was necessary to tame the nation?s debt over time and predicted that leaders would have no luck achieving more savings later on. The decision came after a day of furious back-and-forth between the Obama administration and S&P. Government officials fought back hard, arguing that S&P made a flawed analysis of the potential for political agreement and had mathematical errors in its initial analysis, which was submitted to the Treasury earlier in the day. The analysis overstated the U.S. deficit over 10 years by $2 trillion. ?A judgment flawed by a $2 trillion error speaks for itself,? a Treasury spokesperson said Friday. The downgrade will push the global financial markets into unchartered territory after a volatile week fueled by concerns over the European debt crisis and the slowdown in the U.S. economy. Analysts say that, over time, the downgrade is likely to push up borrowing costs for the U.S. government, costing taxpayers tens of billions of dollars a year. It could also drive up costs for borrowing for consumers and companies seeking mortgages, credit cards and business loans. A downgrade could also have a cascading series of effects on states and localities, including nearly all of those in the Washington metro area. These governments could lose their AAA credit ratings as well, potentially raising the cost of borrowing for schools, roads and parks. But the exact impact of the downgrade won?t be known until at least Sunday night, when Asian markets open, and perhaps not fully grasped for months. Analysts say the impact on the markets may be modest because they have been anticipating an S&P downgrade for weeks. Federal officials are also examining the impact of a downgrade in large but esoteric financial markets where U.S. government bonds serve an extremely important function. They were generally confident that markets would hold up, but were closely monitoring the situation. S&P?s action is the most tangible vote of disapproval so far by Wall Street on the deal between President Obama and Congress to cut the deficit by at least $2.1 trillion over 10 years. S&P has said that it wanted at least $4 trillion of deficit reduction. The downgrade is likely to be used as a weapon by both Republicans and Democrats as they argue the other side has not taken deficit reduction seriously. Other credit rating agencies ? Moody?s Investors Service and Fitch Ratings ? have decided not to downgrade the United States credit rating. But they?ve warned that, if the economy deteriorates significantly or the government does not take additional steps to tame the debt, they could move to downgrade too. In April, S&P first said it might downgrade the United States credit rating on concerns that lawmakers would not be able to come to a deal on reducing the debt. In July, as efforts stagnated, S&P said the odds of a downgrade within three months had moved up to 50 percent. The ultimate deal between Obama and Congress ultimately failed S&P?s benchmark. Obama administration officials have been critical of S&P for making what was essentially a political judgment and for failing to conclude that the country was making a strong first step to reducing its deficit. ? The Washington Post Company From rforno at infowarrior.org Sat Aug 6 11:36:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 6 Aug 2011 12:36:13 -0400 Subject: [Infowarrior] - U.S. Downgrade Heralds a New Financial Era Message-ID: U.S. Downgrade Heralds a New Financial Era By Mohamed El Erian | Posted: 08-06-11 | 08:21 AM | E-mail Article This article was originally published August 6, 2011 on FT.com. http://www.ft.com/intl/cms/s/0/7c3f7704-c012-11e0-8016-00144feabdc0.html There will be endless debate on whether S&P, the rating agency, was justified in stripping America of its AAA rating and ? adding insult to injury ? even attaching a negative outlook to the new AA+ rating. But this historic action has now taken place, and the global system must adjust. There are consequences, uncertainties, and a silver lining. Not so long ago, it was deemed unthinkable that America could lose its AAA. Indeed, ?risk free? and ?US Treasuries? were interchangeable terms ? so much so that the global financial system was constructed, and has operated on the assumption that America?s AAA was a constant at the core, and not a variable. Global financial markets will reopen on Monday to a changed reality. There are immediate operational consequences, from re-coding risk and trading systems to evaluating collateral and liquidity management. Key market segments will be closely watched, including the money market complex and the reaction of America?s largest foreign creditors. Meanwhile, for the real economy, credit costs for virtually all American borrowers will be higher over time than they would have been otherwise. Animal spirits, already hobbled by the debt ceiling debacle, will again be dampened, constituting yet another headwind to the generation of investment and employment. It is hard to imagine that, having downgraded the US, S&P will not follow suit on at least one of the other members of the dwindling club of sovereign AAAs. If this were to materialise and involve a country like France, for example, it could complicate the already fragile efforts by Europe to rescue countries in its periphery. The future role of rating agencies will also now come under close scrutiny, bringing to the fore the question of who rates the rating agencies? S&P?s action will likely unite governments in America and Europe in an effort to erode their monopoly power and operational influence. This will also force all investors to do something that they should have been doing for years: conduct their own ratings due diligence, rather than rely on outsiders. More worryingly, there will now be genuine uncertainties as to wider systemic impact of this change. With America occupying the core of the world?s financial system, Friday?s downgrade will erode over time the standing of the global public goods it supplies - from the dollar as the world?s reserve currency to its financial markets as the best place for other countries to outsource their hard-earned savings. This will weaken the effectiveness of the US as the global anchor, accelerating the unsteady migration to a multi polar system while increasing the risk of economic fragmentation. These factors will play out over time, and will possibly do so in a non-linear fashion. Some of the immediate impact will be forestalled by the fact that no other country is able and willing to replace the US at the core of the global system. Other than a general increase in risk premia and volatility, it is therefore hard to predict with a high degree of conviction how the global system will react. Specifically, will it simply come to a new normality, with an AA+ at its core, or are further structural changes now inevitable? All of that said, there a sliver of a silver lining ? and an important one. America?s downgrade may serve as a wakeup call for its policymakers. It is an unambiguous and loud signal of the country?s eroding economic strength and global standing. It renders urgent the need to regain the initiative through better economic policymaking and more coherent governance. There is a risk, of course, that different political factions will use S&P?s action as a vindication of their prior beliefs. Democrats would argue that it is recent Republican political sabotage that pushed S&P over the edge while Republicans would argue that we are here due to irresponsible government spending by the Democrats. For the sake of their country and the wider global economy, both parties should resist the urge to begin bickering. Instead they should seize this potential ?Sputnik Moment? ? a visible shock to the national psyche that can unify Americans around a common vision and a renewed sense of purpose ? that of halting gradual secular decline by putting the country back on the path of high growth, job creation and financial soundness. Dr. Mohamed El-Erian is the CEO and co-CIO of PIMCO. He re-joined PIMCO at the end of 2007 after serving for two years as president and CEO of Harvard Management Company. He first joined PIMCO in 1999 and was a senior member of PIMCO's portfolio management and investment strategy group. From rforno at infowarrior.org Sun Aug 7 08:11:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Aug 2011 09:11:59 -0400 Subject: [Infowarrior] - Boeing rolls out 787 Dreamliner after years of delay Message-ID: <196EB382-6750-47EF-B895-B4312F62DDF8@infowarrior.org> Boeing rolls out 787 Dreamliner after years of delay http://edition.cnn.com/2011/TRAVEL/08/07/boeing.dreamliner/ Everett, Washington (CNN) -- The Boeing 787 Dreamliner sparkled Saturday in the Pacific Northwest sunshine as the plane made its long-awaited debut. Three years overdue and billions of dollars over the budget, Boeing will finally deliver the 787 Dreamliner to Japan's All Nippon Airways next month in Tokyo. The plane is scheduled to be the first to carry commercial passengers in the 787 Dreamliner series, which has been plagued by delays but promises to revolutionize air travel. "We are rolling out the first delivery airplane, the first 787. That's an amazing thing for those who have worked on the program five, six, seven years, here at Boeing and our partners around the world," said Scott Fancher, Boeing's vice president and general manager of the 787 program. The plane is the first commercial airliner to be made mostly of carbon composites or super durable plastic. Those materials mean a lighter plane that Boeing says could use 20% less fuel than conventional airliners, making way for a more environmentally-friendly and cost effective aircraft option for airlines. So far, according to Boeing, the manufacturer has more than 800 orders for the 787 Dreamliner, which has a list price of about $200 million per plane. The interior of the plane also sports a variety of upgrades. Gone are traditional plane window shades. Instead, a button on the window allows passengers to gradually darken their surroundings. Boeing is developing two Dreamliners. The first version, the 787-8, holds 210 to 250 passengers on routes. A second version, the 787-9, holds 250 to 290 passengers and is designed for longer international routes. All Nippon Airways has ordered 55 Dreamliners and Mitsuo Morimoto, the airline's senior vice president, said the airline will develop new routes around the Dreamliner's capabilities. "We plan to use the 787 to expand our business, particularly our international routes. We plan to increase our revenue from international route significantly and the 787 will play an instrumental role in this," Morimoto said. The airline is considering a route from Japan to the U.S. or Europe that would employ the 787 Dreamliner, Morimoto said. Despite the 787 Dreamliner's revolutionary promise, Boeing has struggled to manufacture the plane. Boeing's outsourcing of much of the plane's construction to an army of contractors around the world led to delays and cost overruns. The future of a new assembly plant in South Carolina is also in doubt. Boeing's machinist union accuses the manufacturer of putting the plant there rather than in Washington state to take advantage of South Carolina's weaker labor laws. The National Labor Relations Board has threatened to shut down the plant. To meet demand for the new plane, Boeing said it will need to increase production of the plane from two 787 Dreamliners a month to 10 a month by the end of 2013. "It's an extraordinary challenge, no one has ever built a wide body aircraft at the rate of 10 per month before. So I think Boeing has its work cut out for it," said John Ostrower, a writer for Flight International Magazine. "I would say the biggest challenge is as they head into this ramp up is making sure 787 is as profitable for themselves as they hope it will be for their customers," Ostrower said. The airline will inaugurate the 787 Dreamliner on a special charter from Tokyo to Hong Kong this fall, the company said. Links referenced within this article Find this article at: http://edition.cnn.com/2011/TRAVEL/08/07/boeing.dreamliner From rforno at infowarrior.org Sun Aug 7 08:43:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Aug 2011 09:43:13 -0400 Subject: [Infowarrior] - Panetta Compares Cyber Threat To Pearl Harbor Message-ID: Another reference by a policymaker invoking the sensational cyber attack = Pearl Harbor analogy. *headsmash* http://www.airforcetimes.com/news/2011/08/ap-panetta-visit-offutt-air-base-nebraska-080511/ August 6, 2011 Panetta Compares Cyber Threat To Pearl Harbor By Margery A. Beck, Associated Press OFFUTT AIR FORCE BASE, Neb. ? The United States must remain diligent in protecting itself from terror threats, including possible cyber attacks, Defense Secretary Leon Panetta warned Friday at a military base near Omaha. "We could face a cyber attack that could be the equivalent of Pearl Harbor," he said to about 100 military personnel stationed at Offutt Air Force Base. Such an attack, Panetta said, could "take down our power grid system, take down our financial systems in this country, take down our government systems, take down our banking systems." "They could virtually paralyze this country," he said. "We have to be prepared to deal with that." Panetta followed the warning by reiterating one he issued a day earlier: Cutting too deeply into America's defense budget could damage the country's security. His remarks came in the wake of the compromise debt deal struck in Washington earlier this week that will slice $350 billion from projected military spending over the next 10 years. Panetta, who was White House budget chief in the Clinton administration, said he has no qualms about those cuts, noting the Pentagon has to "do its part" in helping meet deficit reductions. But the defense secretary does have a problem with the potential for up to $500 billion more in defense cuts. As part of the debt deal, a 12-member, House-Senate committee must propose up to $1.5 trillion more in cuts over a decade and do so by Nov. 23. If the committee deadlocks or if Congress rejects its recommendations, the Obama administration would be required to impose automatic, across-the-board spending cuts of up to $1.2 trillion, with half coming from defense. "The last thing we need to do is to hollow out our force," Panetta told the military gathering in Nebraska. "The last thing we need to do is weaken the United States of America at a very important time in our history. Listen, people are questioning the political leadership. People are questioning the economic situation. The last thing people should question is the ability of the United States to defend itself." Those attending Panetta's address Friday were part of U.S. Strategic Command, the 55th Wing and the Air Force Weather Agency. It was Panetta's first visit to the Air Force base. He was sworn in as defense secretary on July 1. Nebraska's U.S. Sens. Ben Nelson, a Democrat, and Mike Johanns, a Republican, also attended the defense secretary's address, as did GOP Rep. Lee Terry of Nebraska. Nelson, a member of the Senate Armed Services Committee, introduced Panetta and told those attending that the defense secretary had assured him that plans for a new U.S. Strategic Command headquarters at Offutt have not changed. "While bringing down the debt remains priority No. 1, we won't shortchange essential projects, such as replacement of the aging and outdated StratCom headquarters," Nelson said. From rforno at infowarrior.org Sun Aug 7 14:52:11 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 7 Aug 2011 15:52:11 -0400 Subject: [Infowarrior] - When Data Disappears Message-ID: August 6, 2011 When Data Disappears http://www.nytimes.com/2011/08/07/opinion/sunday/when-data-disappears.html By KARI KRAUS Kari Kraus is an assistant professor in the College of Information Studies and the English department at the University of Maryland. LAST spring, the Harry Ransom Center at the University of Texas acquired the papers of Bruce Sterling, a renowned science fiction writer and futurist. But not a single floppy disk or CD-ROM was included among his notes and manuscripts. When pressed to explain why, the prophet of high-tech said digital preservation was doomed to fail. ?There are forms of media which are just inherently unstable,? he said, ?and the attempt to stabilize them is like the attempt to go out and stabilize the corkboard at the laundromat.? Mr. Sterling has a point: for all its many promises, digital storage is perishable, perhaps even more so than paper. Disks corrode, bits ?rot? and hardware becomes obsolete. But that doesn?t mean digital preservation is pointless: if we?re going to save even a fraction of the trillions of bits of data churned out every year, we can?t think of digital preservation in the same way we do paper preservation. We have to stop thinking about how to save data only after it?s no longer needed, as when an author donates her papers to an archive. Instead, we must look for ways to continuously maintain and improve it. In other words, we must stop preserving digital material and start curating it. At first glance, digital preservation seems to promise everything: nearly unlimited storage, ease of access and virtually no cost to making copies. But the practical lessons of digital preservation contradict the notion that bits are eternal. Consider those 5 1/4-inch floppies stockpiled in your basement. When you saved that unpublished manuscript on them, you figured it would be accessible forever. But when was the last time you saw a floppy drive? And even if you could find the right drive, there?s a good chance the disk?s magnetic properties will have decayed beyond readability. The same goes, generally speaking, for CD-ROMs, DVDs and portable drives. Even the software needed to read the bits may prove elusive. Like Egyptian hieroglyphs, whose code was indecipherable until the rediscovery of the Rosetta Stone, the string of 1s and 0s on a floppy is meaningless in the absence of a set of computer instructions for translating them. If you don?t have a copy of WordPerfect 2 around, you?re out of luck. No wonder preservationists often wax ominous about the ?digital dark ages.? Of course, there?s always the option of migrating data from old to new media. But migration isn?t as simple as copying files ? it?s more like translating from Japanese to Hungarian. Information is invariably lost; do it enough times and the result will be like the garbled message at the end of a game of telephone. Another option is emulation, in which a software program impersonates a retro hardware environment; essentially, an emulator temporarily ?downgrades? a modern computer to act like an old one. But over time, emulation becomes unwieldy: because the host systems for which emulators are designed will themselves become obsolete, emulators must eventually be moved to new computer platforms ? emulators to run emulators, ad infinitum. Nor is the problem just with the medium. We generate over 1.8 zettabytes of digital information a year. By some estimates, that?s nearly 30 million times the amount of information contained in all the books ever published. Even if we had perfectly stable storage, could we ever have enough to preserve everything? The short answer is no ? but only because we?re trying to replicate the practices used for decades to maintain paper archives. In this model, preservation begins only after a record is past its use. With data, intervention needs to happen earlier, ideally at an object?s creation. And tough decisions need to be made, early on, regarding what needs to be saved. We must replace digital preservation with digital curation. Perhaps the most impressive effort to curate digital information is taking place in the realm of video games. In the face of negligence from the game industry, fans of ?Super Mario Bros.? and ?Pac-Man? have been creating homegrown solutions to collecting, documenting, reading and rendering games, creating an evolving archive of game history. They coordinate efforts and share the workload ? sometimes in formal groups, sometimes as loose collectives. Nor does the data just sit around. These are gamers, after all, so they are constantly engaged with the files. In the process, they update them, create duplicates and fix bugs. Despite often operating in legal gray areas, such curatorial activism can be a model for other digital domains. A similar pattern is emerging in data-intensive fields like genetics, where published data sets are often ?cleaned? by third-party curators to purge them of inaccuracies. It might seem silly to look to video-game fans for lessons on how to save our informational heritage, but in fact complex interactive games represent the outer limit of what we can do with digital preservation. By figuring out how to keep a complex game, like a classic first-person shooter, alive, we develop a better idea of how to preserve simulations of genetic evolution or the behavior of star systems. True, not all data is worth saving. But that?s as true for bits as it is for sheets of paper. In this model, at least, the decisions on what to save are informed by a deep knowledge of the field, while the cost is shared by everyone involved. Above all, the model allows us to see preservation as active and continuing: managing change to data rather than trying to prevent it, while viewing data as a living resource for the future rather than a relic of the past. From rforno at infowarrior.org Mon Aug 8 06:11:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Aug 2011 07:11:59 -0400 Subject: [Infowarrior] - Insanity: Getting Worked Up Over One Company's Slight Change Of Opinion In The Creditworthiness Of The US Message-ID: <350FB595-F7A7-4087-8475-9199BEF87449@infowarrior.org> (IMHO the second paragraph is key here -- though I do agree with S&P's political analysis of the US' ability to fix things. --rick) Insanity: Getting Worked Up Over One Company's Slight Change Of Opinion In The Creditworthiness Of The US from the it's-an-opinion dept http://www.techdirt.com/articles/20110806/00153115421/insanity-getting-worked-up-over-one-companys-slight-change-opinion-creditworthiness-us.shtml You may have heard (or, at least, I hope you heard) that, late Friday, S&P downgraded the US's credit rating from AAA to AA-plus, causing all sorts of hair pulling and worry. Here's the part that makes no sense: S&P's rating of the safety of US debt is simply an opinion. It's certainly a high profile opinion, but it's still an opinion. What I can't figure out is why anyone is making a big deal of one private company making a slight change to its opinion. People are acting as if this change is a change in facts. They're acting as if an S&P downgrade actually makes US debt less trusthworthy. It does not. The US may very well not be that trustworthy on its debt (in fact, I find that argument quite compelling these days), but having one company say that is meaningless. We've discussed this before. For absolutely no good reason, the US government decided to put the opinion of various rating agencies into law, requiring certain institutions to maintain certain percentages of "highly rated" bonds in order to engage in certain activities. The insanity is that it effectively forced the world to think about ratings from S&P and Moody's as if they were fact, even though they're really just opinions. And to do all of this even if their ratings go against one's own opinion. And, of course, we all know that the ratings agencies are far from perfect, and have an unfortunate history that suggests that, at times, they've succumbed to pressure. So, even if you believe that the US government's financial position is a disaster (and, again, a case can be made for that), it's crazy to pretend that one company changing its opinion (just slightly) has any actual meaning. Most of the market can and does make its own decisions on the creditworthiness of US debt, no matter what S&P says. In other words, the (slim) risk of the US actually defaulting is already priced in. The S&P saying what people are already thinking doesn't mean that anything fundamental changed... other than its opinion. Markets are made based on the interaction of buyers and sellers. Not the (sometimes questionable) opinions of just a few firms. From rforno at infowarrior.org Mon Aug 8 06:14:11 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Aug 2011 07:14:11 -0400 Subject: [Infowarrior] - Credibility, Chutzpah And Debt Message-ID: August 7, 2011 Credibility, Chutzpah And Debt By PAUL KRUGMAN https://www.nytimes.com/2011/08/08/opinion/credibility-chutzpah-and-debt.html?_r=1&hp=&pagewanted=print To understand the furor over the decision by Standard & Poor?s, the rating agency, to downgrade U.S. government debt, you have to hold in your mind two seemingly (but not actually) contradictory ideas. The first is that America is indeed no longer the stable, reliable country it once was. The second is that S.& P. itself has even lower credibility; it?s the last place anyone should turn for judgments about our nation?s prospects. Let?s start with S.& P.?s lack of credibility. If there?s a single word that best describes the rating agency?s decision to downgrade America, it?s chutzpah ? traditionally defined by the example of the young man who kills his parents, then pleads for mercy because he?s an orphan. America?s large budget deficit is, after all, primarily the result of the economic slump that followed the 2008 financial crisis. And S.& P., along with its sister rating agencies, played a major role in causing that crisis, by giving AAA ratings to mortgage-backed assets that have since turned into toxic waste. Nor did the bad judgment stop there. Notoriously, S.& P. gave Lehman Brothers, whose collapse triggered a global panic, an A rating right up to the month of its demise. And how did the rating agency react after this A-rated firm went bankrupt? By issuing a report denying that it had done anything wrong. So these people are now pronouncing on the creditworthiness of the United States of America? Wait, it gets better. Before downgrading U.S. debt, S.& P. sent a preliminary draft of its press release to the U.S. Treasury. Officials there quickly spotted a $2 trillion error in S.& P.?s calculations. And the error was the kind of thing any budget expert should have gotten right. After discussion, S.& P. conceded that it was wrong ? and downgraded America anyway, after removing some of the economic analysis from its report. As I?ll explain in a minute, such budget estimates shouldn?t be given much weight in any case. But the episode hardly inspires confidence in S.& P.?s judgment. More broadly, the rating agencies have never given us any reason to take their judgments about national solvency seriously. It?s true that defaulting nations were generally downgraded before the event. But in such cases the rating agencies were just following the markets, which had already turned on these problem debtors. And in those rare cases where rating agencies have downgraded countries that, like America now, still had the confidence of investors, they have consistently been wrong. Consider, in particular, the case of Japan, which S.& P. downgraded back in 2002. Well, nine years later Japan is still able to borrow freely and cheaply. As of Friday, in fact, the interest rate on Japanese 10-year bonds was just 1 percent. So there is no reason to take Friday?s downgrade of America seriously. These are the last people whose judgment we should trust. And yet America does have big problems. These problems have very little to do with short-term or even medium-term budget arithmetic. The U.S. government is having no trouble borrowing to cover its current deficit. It?s true that we?re building up debt, on which we?ll eventually have to pay interest. But if you actually do the math, instead of intoning big numbers in your best Dr. Evil voice, you discover that even very large deficits over the next few years will have remarkably little impact on U.S. fiscal sustainability. No, what makes America look unreliable isn?t budget math, it?s politics. And please, let?s not have the usual declarations that both sides are at fault. Our problems are almost entirely one-sided ? specifically, they?re caused by the rise of an extremist right that is prepared to create repeated crises rather than give an inch on its demands. The truth is that as far as the straight economics goes, America?s long-run fiscal problems shouldn?t be all that hard to fix. It?s true that an aging population and rising health care costs will, under current policies, push spending up faster than tax receipts. But the United States has far higher health costs than any other advanced country, and very low taxes by international standards. If we could move even part way toward international norms on both these fronts, our budget problems would be solved. So why can?t we do that? Because we have a powerful political movement in this country that screamed ?death panels? in the face of modest efforts to use Medicare funds more effectively, and preferred to risk financial catastrophe rather than agree to even a penny in additional revenues. The real question facing America, even in purely fiscal terms, isn?t whether we?ll trim a trillion here or a trillion there from deficits. It is whether the extremists now blocking any kind of responsible policy can be defeated and marginalized. From rforno at infowarrior.org Mon Aug 8 06:15:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Aug 2011 07:15:33 -0400 Subject: [Infowarrior] - Latest North Korean Threat: An Army of Online Gaming Hackers Message-ID: August 4, 2011 Seoul Warns of Latest North Korean Threat: An Army of Online Gaming Hackers https://www.nytimes.com/2011/08/05/world/asia/05korea.html?_r=3&pagewanted=print By CHOE SANG-HUN SEOUL, South Korea ? The North Korean leader Kim Jong-il has found a novel way of raising badly needed cash, according to the South Korean authorities: unleashing young hackers on South Korea?s immensely popular online gaming sites to find ways to rack up points convertible to cash. Despite its decrepit economy, North Korea is believed to train an army of computer programmers and hackers. The police in Seoul said Thursday that four South Koreans and a Korean-Chinese had been arrested on charges of drawing on that army to organize a hacking squad of 30 young video gaming experts. Working from Northern China, the police said, the squad created software that breached the servers for such popular South Korean online gaming sites as ?Lineage? and ?Dungeon and Fighter.? The breach allowed round-the-clock play by ?factories? of dozens of unmanned computers. Their accumulated gaming points were exchanged for cash at Web sites where human players are focused on acquiring enhancements for their online personas, or avatars. The gaming software was also sold, the police said; such factories, while illegal, are common in South Korea and China. In a little less than two years, the police said, the organizers made $6 million. They gave 55 percent of it to the hackers, who forwarded some of it to agents in Pyongyang, the capital of North Korea. ?They regularly contacted North Korean agents for close consultations,? Chung Kil-hwan, a senior officer at the police agency?s International Crime Investigation Unit, said during a news briefing. Mr. Chung said the hackers, all graduates of North Korea?s elite science universities, were dispatched from two places: the state-run Korea Computer Center in Pyongyang and the Korea Neungnado General Trading Company. The company, he said, reports to a shadowy Communist Party agency called Office 39, which gathers foreign hard currency for Mr. Kim through drug trafficking, counterfeiting, arms sales and other illicit activities. South Korean and American officials say they believe the slush fund is worth billions, and that Mr. Kim uses it to help finance his nuclear weapons programs and to smuggle Rolex watches and other luxury goods, which he doles out to buy the allegiance of the party and the military elite. Meanwhile, the bulk of his people suffer privation and myriad hardships. A series of United Nations sanctions imposed after North Korea?s nuclear and ballistic missile tests in recent years aim to squeeze the cash flow by curtailing trade with the North Korean companies suspected of illicit activities. They also ban exports of luxury goods to North Korea. The North Korean computer experts were each required to send at least $500 a month back to the Pyongyang government, the police said. It remained unclear how much of the rest of their profits they pocketed for themselves, given different layers of party and military officials involved in a typical illicit operation. What appeared clear from the case, the police said, was that North Korean agencies, increasingly hamstrung by international sanctions, were exploring any new means to raise cash for Mr. Kim and prove their loyalty. The two Koreas, which have remained technically at war for almost 60 years, operate in an environment of mutual suspicion. The tensions extend to the virtual world: Seoul accused North Korea of spreading malicious software that paralyzed the Web sites of South Korean government agencies and financial institutions in July 2009 and again in March. In May, the South blamed North Korea for an attack that brought down a South Korean bank?s network. North Korea denied responsibility and accused Seoul of inventing a conspiracy. From rforno at infowarrior.org Mon Aug 8 07:22:17 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Aug 2011 08:22:17 -0400 Subject: [Infowarrior] - Dozens Of Web Companies Sued For 'ETag' Tracking Message-ID: http://www.mediapost.com/publications/?fa=Articles.printFriendly&art_aid=155234 Dozens Of Web Companies Sued For 'ETag' Tracking Wendy Davis, Aug 03, 2011 06:18 PM Two California residents have brought a privacy lawsuit against KISSmetrics and 25 separate Web companies, including iVillage, Spotify and GigaOm, for allegedly using KISSmetrics' analytics to track visitors. The case, filed by John Kim and Dan Schutzman, is the second major lawsuit stemming from KISSmetrics' technology, which relies on ETags for tracking. Last week, two different Web users sued KISSmetrics and Hulu for allegedly violating federal and state laws with ETags. The technology is controversial because ETags can be used to track consumers even when they delete their cookies. Kim and Schutzman say in their complaint that they "expected their browser controls to block or delete cookies, preventing them from being tracked online, profiled, and served behaviorally targeted advertisements." Their lawsuit, filed on Monday in the Northern District of California, alleges violations of the federal wiretap law and various California state laws. They are seeking class-action status. GigaOm declined to comment for this article; KISSMetrics, Spotify and iVillage have not responded to requests for comment about the lawsuits. KISSmetrics stopped using the controversial ETags this weekend, shortly after researchers at UC Berkeley published a report about the technology. The company's long-term plans for ETags are still unknown. The UC Berkeley report said that KISSmetrics used ETags to store information in people's browser caches. When those people deleted their cookies, they could be recreated with information from the ETags. Until the company revised its practices over the weekend, the only way for users to avoid KISSmetrics' tracking was either by clearing their browser caches between each Web site visit or by installing the AdBlock Plus extension. Hulu and Spotify suspended their use of KISSmetrics late last week. KISSmetrics told Wired last week that its technology is used by publishers to track people on their own sites, but not to track people across more than one site. But Ashkan Soltani, a privacy researcher who co-authored the report, says that KISSmetrics' technology enables companies to compile profiles of users based on their activity across the Web. It's not yet known whether the publisher sites that worked with KISSmetrics did so. Scott Kamber, the lawyer representing consumers who are suing KISSmetrics and the sites it works with, says he believes that users were tracked across more than one site. Kim and Schutzman allege in their complaint that the Web sites that worked with KISSmetrics violated consumers' expectations about online privacy. They allege in the complaint that they "believe their Web-browsing is private and not the business of anyone except the Website with which they choose to communicate." They add that they wouldn't have knowingly visited sites that used "unauthorized persistent cookies" for tracking. Kamber has brought other privacy cases against a host of companies including Netflix, Facebook and Google. He also was among the lawyers who represented consumers in similar litigation against companies that allegedly used hard-to-delete Flash cookies to track people. Two California residents have brought a privacy lawsuit against KISSmetrics and 25 separate Web companies, including iVillage, Spotify and GigaOm, for allegedly using KISSmetrics' analytics to track visitors. Three companies -- Quantcast, Clearspring and Say Media (formerly VideoEgg) -- paid a total of $3.4 million to settle that litigation; a lawsuit against ad network Specific Media is currently pending. From rforno at infowarrior.org Mon Aug 8 13:53:22 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Aug 2011 14:53:22 -0400 Subject: [Infowarrior] - =?windows-1252?q?HFT_is_killing_the_emini=92=2C_s?= =?windows-1252?q?ays_Nanex?= Message-ID: <5147EE55-4B9B-479E-AB78-0A9364E1FE55@infowarrior.org> HFT is killing the emini?, says Nanex Posted by Izabella Kaminska on Aug 08 09:56. Nanex?s Eric Scott Hunsader ? the guy who likes to dig through trading data to unearth weirdly fascinating algorithmic patterns ? is out with quite a chart on Monday: http://ftalphaville.ft.com/blog/2011/08/08/646276/hft-is-killing-the-emini-says-nanex/ And no it?s not a new design for a Missoni scarf. It?s actually a chart tracking the deteriorating market depth in the emini future contract. The red line at the bottom reflecting the most recent data. That?s quite a large drop over the last few months. Furthermore, Hunsader is adamant it?s nothing to do with the holiday calm period. He believes it?s actually the result of one particularly harsh algo, which he calls ?the disruptor?: < - > Take the electronic S&P 500 futures contract, known as the emini, for example. This is, or used to be, a very liquid market. The cumulative size in the 10 levels in the depth of book was often 20,000 contracts on each side. That means a trader could buy or sell 20,000 contracts ?instantly? and only move the market 10 ticks or price levels. Even during the flash crash, when hot potatoes where flying everywhere, the depth would still accommodate an instant sale of 5,000 to 10,000 or more contracts. Not anymore. On Friday, 2,000 contracts would have sliced right through the entire book. Not during a quiet period, or before a news event. Pretty much any minute of trading that day after the 9:54 slide. And it wasn?t just Friday, the trend in the depth of book size has been declining rapidly over the last few week. What used to be the most liquid and active contract in the world, which served as a proxy for the true price of the US stock market for decades, is getting strangled by the speed of light, a weapon wielded by HFT. Without going into detail at this time, we think we know one cause of the drop in liquidity. A certain HFT algorithm that we affectionately refer to as The Disruptor, will sell (or buy) enough contracts to cause a market disruption. At the same exact time, this algo softens up the market in ETFs such as SPY, IWM, QQQ, DIA and other market index symbols and options on these symbols. When the disruptor strikes, many professional arbitrageurs who had placed their bids and offers in the emini suddenly find themselves long or short, and when they go to hedge with ETFs or options, find that market soft and sloppy and get poor fills. Naturally, many of these arbitrageurs realize the strategy no longer works, so they no longer post their bids and offers in the emini. Other HFT algos teach the same lesson ? bids or offers resting in the book will only become liabilities to those who can?t compete on speed. Hence the reduction in liquidity. < - > So, because people have caught on to the antics of ?the disruptor?, they?re reluctant to offer any depth in their emini bids and offers. Which presumably means ?the disruptor? will be looking to move on to some other market soon enough. In the meantime, we suggest it?s at least a good name for the world?s first high-frequency-trading inspired rollercoaster ride. From rforno at infowarrior.org Mon Aug 8 19:38:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 8 Aug 2011 20:38:57 -0400 Subject: [Infowarrior] - Cyber War Worrywarts Message-ID: <375B4E8E-1F44-4A98-B1AD-AC4401B3B5DD@infowarrior.org> (c/o MS) Cyber War Worrywarts http://battleland.blogs.time.com/2011/08/08/cyber-war-worrywarts/ From rforno at infowarrior.org Tue Aug 9 06:15:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Aug 2011 07:15:06 -0400 Subject: [Infowarrior] - =?windows-1252?q?Market_a_Spoiled_Baby_Crying_to_?= =?windows-1252?q?=91Daddy_Bernanke=92=3A_Manager?= Message-ID: <7B978123-CCBC-41C1-A963-105243D41F6C@infowarrior.org> (S&P futures down 30 when I go to bed; up 18 when I wake up. But I think this article is spot-on. -- rick) Market a Spoiled Baby Crying to ?Daddy Bernanke?: Manager CNBC.com | August 09, 2011 | 03:14 AM EDT http://www.cnbc.com/id/44070145 Following huge losses for the Dow on Monday and further selling in Asia overnight, the markets are watching what the Fed and Ben Bernanke will do at their July Meeting today. Speculation is mounting that the Fed will attempt to restore calm but one fund manager thinks that policy action is unnecessary. ?The markets have become like a spoiled baby who expects daddy Bernanke to rush for help whenever they feel a little bit of pain? Pedro Noronha, a fund manager at Noster Capital in London, told CNBC.com on Monday. ?This correction was long overdue and it is healthy, as it allows assets to pass from weak into stronger hands and to be more fairly priced? said Noronha. The problem for Noronha is that attempts to stop the market reacting to events via intervention mean the market cannot find its footing. ?It is important that the market learns how to find its own footing again without the constant band aids and quick fix medicines that quickly alleviate the pain but do nothing to solve the issues at hand? said Noronha. The sell-off witnessed across the world in the last few trading sessions is a classic secular bear market sell-off according to Chris Watling, the CEO of Longview Economics who thinks another round of quantitative easing is on the cards. ?It reflects how 'financialized' the Western economies have become?and as such how financial markets are unable to stay elevated without plentiful liquidity? Watling said in an interview with CNBC.com. ?Expect more QE to be announced soon by the Fed (and others)?perhaps as early as today. That, if large enough, should begin to start to stabilize financial markets,? he said. The US will not fall back into recession , according to Watling who is advising clients to sit on the sidelines until things stabilize before a stocks rally into the end of the year. In the last hour stocks have recovered some poise but remain lower. One analyst believes a lot now depends on what Bernanke does tonight. "Although it is encouraging to see the recovery in stocks overnight, an awful lot now seems to be riding on the outcome of tonight's FOMC meeting. That is a significant concern? said Simon Derrick, the head of global currency research at Bank of New York Mellon. From rforno at infowarrior.org Tue Aug 9 06:24:14 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Aug 2011 07:24:14 -0400 Subject: [Infowarrior] - London Riots? Blame The Blackberry! Message-ID: <725914C2-157B-492B-A6B0-9C36F2DC7842@infowarrior.org> London Riots? Blame The Blackberry! from the oh-come-on dept http://www.techdirt.com/blog/wireless/articles/20110808/16081115441/london-riots-blame-blackberry.shtml The London riots sound a bit crazy, but perhaps even crazier is the fact that officials now seem to want to blame messaging via Blackberry devices for the riots: < - > Steve Kavanagh, the deputy assistant commissioner of the Metropolitan police, said that "really inflamatory, inaccurate" messages on Twitter were mainly to blame for the disorder. "Social media and other methods have been used to organise these levels of greed and criminality," he said at a press conference on Monday afternoon. Ah, right, just like vocal cords, pamphlets, telephones and other communication tools "were mainly to blame" for previous riots. Hint to the Metropolitan police: if you're going to always blame the tool, you're not going to do a very good job dealing with riots. If people want to speak out, they'll figure out a way to speak out. It's not the technology that is to blame. The technology is just a tool, and if you block off one path, you can be damn sure that they'll figure out another path instead. < - > Of course, the downside of officials misleadingly blaming the technology is that you get folks like this Dutch politician who took to Twitter about this to ask why police don't just turn off Blackberry Messenger in London -- perhaps not realizing that shutting that channel of communications down wouldn't stop anything -- but likely would anger people even more. From rforno at infowarrior.org Tue Aug 9 06:26:36 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Aug 2011 07:26:36 -0400 Subject: [Infowarrior] - Apple ID account/device limits gain attention Message-ID: <5F78A6B1-862B-4F6A-A6A8-E64252132DC6@infowarrior.org> Apple ID account/device limits gain attention by Erica Sadun Aug 9th 2011 at 12:00AM http://www.tuaw.com/2011/08/09/apple-id-account-device-limits-gain-attention/ Trevor Sheridan sent us a note earlier today, asking if we'd look at his blog post about encountering Apple ID limits with iOS devices. Although Trevor just now encountered this issue, the policy actually went into effect a couple of months ago, back in June. When you use Apple's new multi-device download feature, you will be limited to a total of 10 devices and computers, each authorized with the same Apple ID. What's more, once a device or computer has been assigned to an Apple ID, it cannot be reassigned for 90 days. Apple's Knowledge Base support article details how you can deauthorize devices, and how to check the wait time before they can be re-assigned. Naturally, this is bad news for anyone who shares an iPhone or other iOS device with a loved one and who switches around the Apple ID accordingly. Once an Apple ID is authorized for media downloads, that authorization is going to stick for a few months at least. At some point, Apple is going to have to start seriously re-evaluating how real life meets Apple ID accounts, in terms of separating data within a family. Some examples: keeping only kid-friendly material on certain devices, even when iCloud backups and data sharing are in force (also known as the "cheating spouse outed by iCloud" scenario), joining data between adults (marriage and cohabitation), and when joint accounts need to be split (divorce and separation). For now, all authorization decisions seem to be motivated more by rights management than day-to-day practicalities. This new policy indicates that Apple continues to be a little tone-deaf when it comes to human relationships and how people really use their iOS devices. Think about the Duggars or the children of divorce; when newly-single Dad buys the kids an iPod, whose account do they get to use? It may seem tangential to drag all this into a write-up about a new Apple DRM protection policy, but these are the real world challenges that make these policies more than a minor annoyance. From rforno at infowarrior.org Tue Aug 9 08:12:55 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Aug 2011 09:12:55 -0400 Subject: [Infowarrior] - Are Google's best days behind it? Message-ID: <53AD50D7-1417-45B0-A39B-515E37257081@infowarrior.org> Published on InfoWorld (https://www.infoworld.com) Home > Technology Business > Are Google's best days behind it? > Are Google's best days behind it? Are Google's best days behind it? By Neil McAllister Created 2011-08-08 03:00AM https://www.infoworld.com/print/168900 Few companies have made a splash in the tech industry as big as Google has. Launched by Larry Page and Sergey Brin from Page's Stanford University dorm room in 1998, the company became a $27 billion titan overnight when it went public six years later. Soon it was the darling of Silicon Valley, sweeping competitors aside and taking Microsoft head on. For a while, at least, it seemed Google could do no wrong. On June 30, 2011, Larry Page closed his first full quarter as Google's new CEO, succeeding Eric Schmidt. Page has never led a public company, and the pressures of leading Google certainly differ from when he last held the helm in 2001. In January, Page told the New York Times, "One of the primary goals I have is to get Google to be a big company that has the nimbleness and soul and passion and speed of a startup." [ Get the no-nonsense explanations and advice you need to take real advantage of cloud computing in InfoWorld editors' 21-page Cloud Computing Deep Dive PDF special report. | Stay up on the cloud with InfoWorld's Cloud Computing Report newsletter. ] But that may be wishful thinking. Not only have more experienced CEOs seldom managed to strike such a balance, but Google is no startup. Today the search giant's full-time head count is almost 30,000 employees. It has offices in 42 countries on six continents. In terms of market capitalization, it's bigger than Ford, GM, Starbucks, FedEx, United Airlines, and Viacom combined. With Google's rapid growth have come new challenges. It faces intense competition in all of its major markets, even as it enters new ones. Its newer initiatives have often struggled to reach profitability. It must answer multiple ongoing legal challenges, to say nothing of antitrust probes in the United States and Europe. Privacy advocates accuse it of running roughshod over individual rights. As a result, it's becoming more cautious and risk-averse. But worst of all, as it grows ever larger and more cumbersome, it may be losing its appeal to the highly educated, impassioned workers that power its internal knowledge economy. Despite Page's best intentions, Google's salad days may be over. The hard days may already be on their way. Google's river of money Not that the search giant isn't successful. Last year, Google reported $29.3 billion in revenue, and it's on track to earn even more in 2011. But Google is unique. Unlike most tech companies, which make their money by selling or licensing products and services, fully 97 percent of Google's income derives from a rather more prosaic source: advertising. In one sense that's a good thing. Think of Google's revenue as an endless river of money flowing in from advertisers -- those that want to advertise on Google's sites and those that want to reach other sites through Google AdSense, AdWords, and DoubleClick. Whenever Google has an idea for an innovative new technology or service, it just dips a bucket into the river. But in the bigger picture, Google's total reliance on advertising means innovative product development isn't truly central to its business model. Google spent $3.8 billion on R&D in 2010, or about 13 cents of every dollar it earned. That level of investment has to justify itself somehow -- and yet, in 2010 Google earned just $1.2 billion from all nonadvertising sources combined. That may limit the search giant's reach into markets that offer fewer advertising opportunities. For example, enterprises don't want their data mined for targeted ads, which means products such as Google Apps for Business must be underwritten by customer subscriptions. Yet the subscription fees Google earned in 2010 were just a tiny fraction of the $18.6 billion that Microsoft Business Division, which produces Office, earned over the same period. Google stands little chance of making further inroads into that lucrative market as long as its product development is so completely subsidized by advertising. After all, it makes little sense to prioritize feature requests from customers that make up less than 3 percent of your business. It's only logical that customers of its ad-supported offerings, which drive the most revenue, get the most attention. And which upgrade will do more to bolster Google's bottom line -- improving Gmail's UI, or refining its email indexing algorithm to deliver more targeted ads? Your privacy is your concern Google's reliance on the ad market may further impair its ability to shore up new revenue streams, as the need to monetize its services through advertising may influence Google to innovate in ways customers might not like. In particular, Google has demonstrated a tin ear for individual privacy concerns. The watchdog group Privacy International has gone as far as to describe the company as "hostile to privacy." In 2004, Sergey Brin told Playboy magazine he had been surprised by public outcry over the use of targeted ads in Gmail. The email service came under fire again in 2010, when Google began mining Gmail users' personal data for its Google Buzz social network without their consent. That same year, Google admitted that it had inadvertently intercepted emails, website addresses, and passwords as part of a Wi-Fi mapping project. The Wi-Fi snooping earned Google at least seven class-action lawsuits. The Google Buzz blunder triggered an inquiry by the Federal Trade Commission, and the search giant now must submit to independent privacy audits for the next 20 years. Google has also drawn legal challenges in several countries over privacy issues related to Google Street View. But none of this may be enough for Google to learn its lesson. The supply of ad dollars isn't infinite, and competition is heating up. The temptation for Google to increase the value of its ads by mining ever more personal data from its users must be great, as must the temptation to focus its efforts on products that increase its share of the overall ad market. Both could come back to bite Google, particularly if the legal climate around individual privacy grows more hostile to advertisers. An elephant's graveyard of products Diversification could help the search giant reach new markets, but as much as Google insists that it won't shy away from innovative, risky projects, its track record for turning them into successful products is spotty at best. If a particular product fails to capture the public's imagination, Google is often quicker to pull the plug than to invest in making it a more attractive offering. A few such aborted initiatives include Google Wave, a much-hyped messaging technology that we were told would reinvent Internet communications; Google Health, an ambitious effort to kick-start electronic medical records; PowerMeter, a tool for monitoring home energy consumption; Realtime Search, an aggregator of up-to-the-minute information from Twitter and other social networks; and Lively, a 3-D virtual world similar to Second Life. Still other ideas aren't quite dead, yet lumber along listlessly -- remember iGoogle? Part of the problem may simply be too many ideas. Google's product development tends to be scattershot and engineering-driven, leading to a company with its hands in too many pies at once and too few marketable products to show for it. Google's stated mission is "to organize the world's information and make it universally accessible and useful," yet it currently has initiatives under way covering everything from Web browsers to mobile phones, e-books, streaming music, video on demand, programming languages, social networking, home automation, cloud computing, and even self-driving cars. Google also tends to fixate on its favorite ideas even when they seem impractical. For example, it has invested heavily to develop Chromebooks, an attempt to reinvent the PC as a dedicated Web browsing terminal. But this idea shows few signs of gaining traction with either businesses or consumers, no matter how near and dear it is to Google's heart. In other cases, Google can't seem to grasp what customers really want. The market for video on demand is exploding, yet the ballyhooed Google TV effort has fallen flat, with Logitech reporting returns of its Google TV boxes now exceeding new sales. Following, not leading A company with pockets as deep as Google's can shrug off a few such missteps, but not forever. After a while, it's only natural to forsake novelty and take your inspiration from your competitors -- even for a company that prides itself on its engineering culture, as Google does. Take Google+, for example. It's Google's most buzzed-about launch in recent memory, but it's hardly the company's first foray into social networking. (It's the fourth, if you count Buzz, Wave, and Orkut.) It is, however, the first time Google has unabashedly aped its top rival. The Google+ Stream layout is a virtual clone of Facebook's News Feed -- ditto for its profile pages. Squint your eyes and the Google+ favicon even looks like Facebook's "F." That's quite a turnabout for Google, which earlier this year accused Microsoft of copying its search results. While imitation may be the sincerest form of flattery, the risk is that users may not find Google's offering sufficiently different enough to switch. So far there has been no mass migration from Facebook; although Google+ gained 20 million users in its first three weeks, its momentum already appears to be slowing. In its quest for growth, Google may also tend to redouble its emphasis on existing offerings, such as Gmail, YouTube, and especially search. Of the $28.1 billion Google earned from advertising in 2010, two-thirds came from Google's own sites, rather than its ad networks. The risk there is that too much emphasis on its core products could put Google on the same road as Microsoft: For all its recent attempts to innovate in new markets, the Redmond-based giant has never managed to shake its reliance on Windows and Office, which still account for more than half its revenue. Some critics already see evidence of calcification at the Googleplex. Former Google engineer Dhanji Prasanna describes the company's much-hyped software infrastructure as "10 years old, aging and designed for building search engines and crawlers"; for other purposes, he says, it is "well and truly obsolete." Similarly, Prasanna says the house-built tools that power Google's products are "ancient, creaking dinosaurs" that make prototyping new products excessively difficult. A tangled legal Web Technology aside, Google's ability to innovate is also constrained by legal concerns. Tech companies are increasingly using the courts as a means to gain competitive advantage, particularly in the more hotly contested markets. As a result, Google and its partners must answer to multiple ongoing lawsuits over patents and other intellectual property. Google's Android smartphone OS has become a particular snake pit of litigation. Most prominently, Oracle claims Android's Dalvik virtual machine violates several key Java patents and is seeking billions in damages. Meanwhile, Gemalto is suing Google and its partners HTC, Motorola, and Samsung over patents related to its Java Card technology. NTP alleges Google has violated its wireless email delivery patents. Microsoft has signed patent licensing agreements with at least five Android device makers, while Apple is seeking an injunction banning HTC from importing its handsets. It seems anyone involved with building Android devices can expect to find themselves in court sooner or later, and the patent-licensing toll may soon rise high enough that it negates any cost advantage of the otherwise "free" OS. Google's recent purchase of 1,000 patents from IBM may slow the tide, but won't stem it. Then there are the antitrust probes. As Google has grown larger and its commanding share of the Web search market has solidified, it has drawn ever closer scrutiny from antitrust regulators, both in the United States and abroad. The Federal Trade Commission has probed Google over its purchase of mobile ad provider AdMob, its acquisition of travel industry software maker ITA, and an ad-sharing partnership with Yahoo. The first two deals were approved; the last was not. The agency now says it is ready to press forward with a more formal antitrust investigation, citing questions about Google's search and advertising businesses. European regulators launched a similar investigation in November. Individuals can't innovate None of this bodes well if you're a Google staffer with big ambitions. Famously, Google engineers are encouraged to spend 20 percent of their hours working on what they think will most benefit the company, irrespective of their regular duties. But as Google has grown more cautious and its management structure has grown more rigid, 20 Percent Time projects are less and less likely to become full-fledged products. Larger development teams have become the norm, and decisions require countless rounds of meetings and conferences. In 2009, former CEO Eric Schmidt observed, "There was a time when three people at Google could build a world-class product and deliver it, and it is gone." Little wonder, then, that Google has gradually scaled back its commitment to 20 Percent Time. In 2008, Valleywag reported that managers were curbing the practice when mission-critical projects fell behind schedule. This year Google shut down Google Labs, a hub that allowed the public to experiment with 20 Percent projects and give feedback. Google insists that the death of Google Labs won't mean the end of 20 Percent Time. Yet a neutered, ineffectual 20 Percent program may be the worst of both worlds. On the one hand, Google has burdened itself with an engineering staff that operates at just 80 percent efficiency, given its growing reluctance to experiment. On the other, engineers whose personal projects go nowhere may resent that their entrepreneurial instincts are wasted at Google. Combine that resentment with inefficiency, micromanagement, overwork, underutilization, and a rising corporate bureaucracy, and they may ultimately seek work elsewhere. Wars of attrition Former CEO Eric Schmidt flatly denies any brain drain at Google, insisting the company's attrition rate remained constant throughout his tenure. But that stability is hard won; in recent years Google has offered hefty raises and six-figure bonuses to stave off its competitors' overtures. In November 2010, it increased its entire pay scale by 10 percent. Where Googlers go when they leave is no surprise. Many of them turn up at its closest competitors. Microsoft is reportedly engaged in an all-out hiring war with the search giant, as is Facebook, which has poached at least 142 Google staffers, including its top chef. Still others find new homes at startups. Curiously, throughout it all Google has persisted with some of the most arduous hiring practices in the industry. While lots of tech companies claim to want the best and brightest, Google has refined its screening process to such a degree that some critics feel it may actually be sabotaging its own recruitment efforts. Although Google says it's on a "hiring high," not everyone need apply. Hiring at Google typically involves multiple meetings with teams of Google staffers, over weeks or even months. Academic achievement is particularly stressed. Even administrative and HR positions are likely to be staffed by graduates of top schools. Interviews focus on brain teasers and mental gymnastics rather than on-the-job experience. Commenters on the career community site Glassdoor.com describe being asked to show their college and even high school GPAs, despite decades of professional experience. Little effort is made to sell seasoned candidates on a job at Google; often, prospects won't even be told what actual work they're being interviewed for. A new Page for Google? All this is in keeping with Google's origins as a Stanford University project, as well as the tone Larry Page has set for the company. Page's predecessor as CEO, Eric Schmidt, liked to joke that he was brought in to provide "adult supervision" for Page and Brin. He was only half kidding. In meetings, the co-founders have been known to pace the room, climb on furniture, play with Lego, or simply sit silently. During his own first tenure as CEO, the retiring Page reportedly told his PR staff that he would only give them eight hours of his time for appearances and speaking engagements for an entire year. He's also not known for his practicality; once, when told that Microsoft employed about 25,000 engineers, he announced, "We should have a million." Such eccentricities might be endearing in the founder of a startup, but in the CEO of a multi-billion-dollar public company they inspire little confidence. If ever there was a time that Google needed grown-up leadership, it is now. Google director of research Peter Norvig describes the search giant's culture as "a cross between a startup and grad school," where employees get the perks of both. But in reality Google is neither. It is a large and growing corporation, with obligations to its shareholders, its customers, and its staff. Among those obligations are to use its resources wisely, to compete vigorously, and to protect the interests of its customers, including their privacy. But perhaps above all else, it must also learn to assess itself honestly and recognize that its days as an arcadia for hacker savants may be coming to an end. It's time for Google to graduate. From rforno at infowarrior.org Tue Aug 9 10:15:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Aug 2011 11:15:33 -0400 Subject: [Infowarrior] - "V/R" must be stopped. Message-ID: Does anyone else find "V/R" or "Very Respectfully" used when signing emails to be sickeningly patronising and annoying to see it used so effing much on a daily basis? Respectfully grumbling out loud, -- rick From rforno at infowarrior.org Tue Aug 9 10:41:07 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Aug 2011 11:41:07 -0400 Subject: [Infowarrior] - China's Defense Ministry releases iPhone app Message-ID: China's Defense Ministry releases iPhone app http://economictimes.indiatimes.com/tech/software/chinas-defence-ministry-releases-iphone-app/articleshow/9540745.cms BEIJING - The Ministry of National Defense launched its first official application on the Apple Store on Monday, which will allow users to track what the People's Liberation Army (PLA) is doing in another effort to promote transparency. The application, or app, is a newsreader and provides the latest information, pictures and videos for smartphone users. It is based on the mobile operating system iOS, which supports Apple devices such as the iPhone, iPod touch, iPad and Apple TV, and has the highest share of the global telecom market. "Users will not only receive important information released on that day by the ministry, but also comprehensive coverage of key military issues, as well as breaking news from the PLA Daily," the ministry said on its website. A report on the website ismashphone.com says that growth in the iPhone market in China increased by nearly 250 percent year-over-year during the first quarter of 2011, and China has become the second-largest iPhone app market in the world. The first is the United States. The app was praised by many netizens. They said it is one of the great achievements by the Chinese military in promoting transparency. "As a military fan, I have never thought that the ministry could keep pace with the times to release this app, whose webpage and content are amazing. I hope it can provide more videos and let us know the progress of Chinese military construction," said a netizen named Xu Liyang. Peng Guangqian, a Beijing-based military strategist, said the ministry's app will help the world and the public know more about China's military development and eliminate misunderstandings caused by rumors and speculation. Cooperation with Apple is also helping the ministry to form a new public image, one that is more open and modernized, he said. Meanwhile, China Military Online, supported by PLA Daily, and the ministry's website were also comprehensively upgraded on Aug 1 for the 84th anniversary of the founding of the PLA. China Military Online provides a wide range of information with 85 channels and 1,233 columns, while the ministry's official website features 25 channels and 169 columns in English and Chinese simplified and traditional characters. Defense Minister Liang Guanglie expressed his congratulations on the release of the new sources for information, saying he hopes that they play a bigger role in the promotion and influence of the Chinese military. From rforno at infowarrior.org Tue Aug 9 21:28:18 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 9 Aug 2011 22:28:18 -0400 Subject: [Infowarrior] - DHS Funds Real-time Spy Cams on SF Buses Message-ID: DHS Funds Real-time Spy Cams on SF Buses http://www.infowars.com/dhs-funds-real-time-spy-cams-on-sf-buses/ Kurt Nimmo Infowars.com August 9, 2011 The Department of Homeland Security will fund an effort by San Francisco to install real-time video cameras on 358 city buses, according to the San Francisco Chronicle. The existing system, installed a decade ago, stores footage on tape located on each vehicle. DHS?s Imaging System for Immersive Surveillance introduced this year. The new surveillance system will use a wireless network ?that will enable SFMTA personnel to view, download and store the captured video images wirelessly and view them in real-time or through the Internet.? According to city documents, ?the new system will provide real-time viewing of images, inside and outside the bus, by law enforcement officers, emergency responders and other authorized personnel on a real-time basis from a distance of about 500 yards in case the bus is hijacked and used for terrorism activities.? In March, it was reported the DHS planned to introduce new mobile surveillance technology at train stations, stadiums and streets. The new technology allows the government to ?track your eye movements, capture and record your facial dimensions for face-recognition processing, bathe you in X-rays to look under your clothes, and even image your naked body using whole-body infrared images that were banned from consumer video cameras because they allowed the camera owners to take ?nude? videos of people at the beach,? Mike Adams writes for Natural News. Documents discussing the technology were obtained by the Electronic Privacy Information Center. ?EPIC calls these vans ?mobile strip search devices? because they give the federal government technology to look under your clothes without your permission or consent,? Adams notes. ?It?s also being done without probable cause, so it?s a violation of the Fourth Amendment protections that are guaranteed to Americans under the Bill of Rights.? California and San Francisco have received increased money from the federal government over the last few years. In 2010, the state received $268 million dollars from the DHS, approximately 16 percent of the $1.7 billion that DHS awarded nationally. San Francisco alone has received $200 million, according to the Homeland Security Newswire. In 2007, it was reported that the DHS was spending hundred of millions of dollars on video surveillance systems around the country. Homeland Security Department spokesman Russ Knocke said surveillance systems are a valuable tool and ?we will encourage their use in the future,? Newsmax reported. The government claims the cameras will prevent terrorism, but as the Boston Globe reported in 2007 that the ?proliferation of cameras could mean that Americans will feel less free because legal public behavior ? attending a political rally, entering a doctor?s office, or even joking with friends in a park ? will leave a permanent record, retrievable by authorities at any time.? From rforno at infowarrior.org Wed Aug 10 06:40:55 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 07:40:55 -0400 Subject: [Infowarrior] - Privacy groups challenge proposal expanding access to terrorist watch list Message-ID: <728E55BD-4E2F-452E-933C-93136790DA34@infowarrior.org> Privacy groups challenge proposal expanding access to terrorist watch list By Charles S. Clark cclark at govexec.com August 8, 2011 http://www.govexec.com/story_page.cfm?articleid=48478&oref=todaysnews The Homeland Security Department's plan to centralize and expand in-house access to the FBI's database of suspected terrorists has prompted a letter of protest from a coalition of Washington privacy organizations. In public comments submitted Aug. 5, a coalition led by the Electronic Privacy Information Center challenged a proposed rule under which Homeland Security would duplicate an existing system of records to create the DHS Watchlist Service. It will contain individuals' names, dates and places of birth, biometric and photographic data, passport information, driver's license information and "other available identifying particulars." Homeland Security during the past year has been reviewing the eight-year-old terrorist screening database used at airports and is preparing, as set out in the July 6 proposal, to widen employee access to a mirror copy of the records created by the FBI and Justice Department "in order to automate and simplify the current method for transmitting" the data to DHS component agencies including the Transportation Security Administration. TSA uses the terrorist watch list for the Secure Flight program, which allows it to instantly check passenger names that airlines were given by ticket purchasers against a consistent national watch list of suspected terrorists. David Heyman, assistant Homeland Security secretary for policy, told the Senate Homeland Security and Governmental Affairs Committee in July that DHS had identified screening gaps during a review of the terrorism suspect database. Hence the department "has transitioned the Secure Flight program to use all terrorist watch list records containing a full name and a full date of birth and designates matches to those records as selectees subject to enhanced physical screening prior to boarding a flight," Heyman said. Most notably, in the view of the privacy advocates, the proposed rule stated, "The department proposes to exempt portions of the system of records from one or more provisions of the Privacy Act because of criminal, civil and administrative enforcement requirements." In their joint letter, the groups argued that the new system carried risks both to security and privacy and noted that the 1974 Privacy Act "requires DHS to notify subjects of government surveillance in addition to providing a meaningful opportunity to correct information that could negatively affect them." The plan is problematic, the letter said, because "secretive government lists without any meaningful safeguards present a very real risk of 'mission creep,' in which a system is pressed into unintended or unauthorized uses. Under this proposal, the agency would have the right to maintain and rely upon information it does not know to be accurate, relevant, timely, or complete without recourse -- the right to subject citizens to arbitrary decisions." The letter demanded that Homeland Security reconsider and narrow the proposal. "Rather than claiming blanket exemptions, the DHS could promulgate rules that would require notification only after an active investigation had been concluded, or with sensitive information, such as the identity of confidential informants, redacted prior to release," it stated. "Given the centrality of individual rights to notice, access and correction, DHS should withdraw its proposed exemptions and narrow the grounds on which it purports to avoid its obligations under the Privacy Act." Groups joining with the Electronic Privacy Information Center include the American Library Association's Washington office, the Bill of Rights Defense Committee, the Center for Financial Privacy and Human Rights, the Center for Media and Democracy, Consumer Action, the Consumer Federation of America, the Cyber Privacy Project, the Electronic Frontier Foundation, the Liberty Coalition, OMBWatch, OpenTheGovernment.org, Patient Privacy Rights, Privacy Activism, the Privacy Journal, Privacy Rights Clearinghouse and the Privacy Rights Now Coalition. In response, Homeland Security spokesman Chris Ortman told Government Executive "the introduction of the Watchlist Service is a positive step for privacy." Under the previous system, checks against the terrorist screening database "were done via CD-ROM and involved multiple copies -- a process that was vulnerable to inefficiencies, delays and inaccurate information," he said. The new system "streamlines the process throughout the department, and guarantees that DHS components have the most up-to-date information," Ortman said in an email, "improving speed and efficiency, reducing the possibility for misidentification and other errors, and in compliance with the Fair Information Practice Principles laid out in the Privacy Act." Gavin Baker, federal information policy analyst at OMBWatch, wrote Monday in a blog that "DHS' approach twists the purpose of the Privacy Act exemptions almost beyond recognition. Exemptions should be limited to the time when they're needed, and no longer. But the proposed exemptions would never expire, even if the subjects in the database aren't under active investigation. This isn't necessary to protect the integrity of investigations, and it invites abuses." Baker noted that the proposal would allow Homeland Security "to waive the exemptions 'on a case-by-case basis.' While this may sound like a reasonable approach," he wrote, "it would radically undermine the right to know." From rforno at infowarrior.org Wed Aug 10 06:47:09 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 07:47:09 -0400 Subject: [Infowarrior] - Security flaw found in feds' digital radios Message-ID: <4738BBB8-DD89-49FF-8B65-153F91FEB92F@infowarrior.org> http://news.cnet.com/8301-31921_3-20090434-281/security-flaw-found-in-feds-digital-radios/ Security flaw found in feds' digital radios By: Declan McCullagh August 9, 2011 11:59 PM PDT This pink children's toy can disrupt expensive digital radios used by the FBI and Secret Service. And it's only $30. Expensive high-tech digital radios used by the FBI, Secret Service, and Homeland Security are designed so poorly that they can be jammed by a $30 children's toy, CNET has learned. A GirlTech IMME, Mattel's pink instant-messaging device with a miniature keyboard that's marketed to pre-teen girls, can be used to disrupt sensitive radio communications used by every major federal law enforcement agency, a team of security researchers from the University of Pennsylvania is planning to announce tomorrow. Converting the GirlTech gadget into a jammer may be beyond the ability of a street criminal for now, but that won't last, says associate professor Matt Blaze, who co-authored the paper that will be presented tomorrow at the Usenix Security symposium in San Francisco. CNET obtained a copy of the paper, which will be made publicly available in the afternoon. "It's going to be someone somewhere creating the Project 25 jamming kit and it'll be something that you download from the Net," Blaze said. "We're not there right now, but we're pretty close." Project 25, sometimes abbreviated as P25, is the name of the wireless standard used in the radios, which have been widely adopted across the federal government and many state and local police agencies over the last decade. The plan was to boost interoperability, so different agencies would be able to talk to one another, while providing secure encrypted communications. The radios aren't cheap. A handheld Midland P25 Digital sells for $3,295, and scanners are closer to $450. But federal agents frequently don't turn encryption on, the researchers found. (Their paper is titled "A Security Analysis of the APCO Project 25 Two-Way Radio System," and the other authors are Sandy Clark, Travis Goodspeed, Perry Metzger, Zachary Wasserman, and Kevin Xu.) Here's an excerpt: < - > The traffic we monitored routinely disclosed some of the most sensitive law enforcement information that the government holds, including: Names and locations of criminal investigative targets, including those involved in organized crime... Information relayed by Title III wiretap plants...Plans for forthcoming arrests, raids and other confidential operations... On some days, particularly weekends and holidays, we would capture less than one minute, while on others, we captured several hours. We monitored sensitive transmissions about operations by agents in every Federal law enforcement agency in the Department of Justice and the Department of Homeland Security. Most traffic was apparently related to criminal law enforcement, but some of the traffic was clearly related to other sensitive operations, including counter- terrorism investigations and executive protection of high ranking officials... < - > To intercept the Project 25 radio communications, the researchers used a high-quality receiver that cost about $1,000 and can be purchased off-the-shelf. But, Blaze said, it's possible to do it on the cheap: "You can do everything you need with equipment you can buy at Radio Shack... hobbyist-grade equipment." Blaze said he has contacted the Justice Department and the Defense Department, which also uses Project 25 digital radios. "They are now aware of the problem and are trying to mitigate against it," he said. Representatives of the Association of Public-Safety Communications Officials (APCO), which has championed the Project 25 standard, did not respond to a request for comment this afternoon. Neither did the Telecommunications Industry Association, which maintains the standard. The University of Pennsylvania researchers did not discover any vulnerabilities in the actual encryption algorithms used in the radios. They also chose not to disclose which agencies were the worst offenders, what cities the monitoring took place in, or what frequencies they found each agency used. A third vulnerability they found was that each radio contains a unique identifier, akin to a phone number, that is broadcast in unencrypted form. So is the unique ID of the destination radio. That allows an eavesdropper to perform what's known as traffic analysis, meaning tracking who's talking to whom. The reason jamming is relatively easy is that the Project 25 doesn't use spread spectrum, which puts the would-be jammer at a disadvantage. By contrast, P25 relies on metadata that must be transmitted perfectly for the receiver to make sense of the rest of the communication. A pulse lasting just 1/100th of a second, it turns out, is enough to disrupt the transmission of the metadata. This isn't the first time that University of Pennsylvania researchers have taken a critical look at Project 25. Many of the same authors published a security analysis last November, which concluded that it's "strikingly vulnerable to a range of attacks." From rforno at infowarrior.org Wed Aug 10 07:01:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 08:01:57 -0400 Subject: [Infowarrior] - Too Many Secrets Message-ID: Los Angeles Times August 10, 2011 Too Many Secrets The United States government is overzealous in classifying information. http://www.latimes.com/news/opinion/commentary/la-oe-leonard-classified-information-20110810,0,5688807.story By J. William Leonard Every 6-year-old knows what a secret is. But apparently our nation's national security establishment does not. Consider this strange case from earlier this year. On June 8, the National Security Agency, a top-secret government spy agency, heralded the "declassification" of a 200-year-old publication, translated from the original German, on cryptography. It turns out, however, as reported by Steven Aftergood of the Federation of American Scientists on his blog Secrecy News, that the 1809 study had long been publicly available and had even been digitized and published online through Google Books several years earlier. In fact, the 19th century study had not met the government's own standards for classification in the first place. The day after this odd "declassification," the government's four-year prosecution of NSA whistleblower Thomas Drake under the Espionage Act collapsed when the government withdrew charges. The official explanation was that the government had to drop its prosecution to protect sensitive information about the NSA's targeting of a particular telecommunications technology that the judge would have compelled it to disclose. But in my opinion, the classified information Drake was charged with having possessed illegally -- like the 1809 study -- never should have been classified in the first place. Drake, once a high official at the NSA, was prosecuted because, as the government put it, he was found in "unauthorized possession of a document relating to the national defense, namely, a classified e-mail." The charges stem from Drake's leaking of information to a journalist. Drake acknowledges that he approached a Baltimore Sun reporter with information, but he insists that he never offered any classified information. "I went to a reporter with a few key things: fraud, waste and abuse," he said in an interview with the New Yorker. Having served as an expert witness for Drake's defense, I have read the email in question, and it clearly does not meet even the minimal criteria for classification, namely that it "reasonably could be expected to result in damage to the national security." Various government officials involved in the Drake case have made the point that individual employees do not get to decide on their own that information they have access to should be declassified; that is the government's role. Still, government officials are obligated to follow the standards set forth by the president through a 2009 executive order. They are not allowed to exceed its prohibitions and limitations in deciding what to classify. Classifying information that should not be kept secret can be just as harmful to the national interest as unauthorized disclosures of appropriately classified information. In fact, the executive order governing classification treats unauthorized disclosures of classified information and inappropriate classification of information as equal violations, subjecting perpetrators to comparable administrative or other sanctions in accordance with applicable law. But while government workers, members of the military and government contractors are routinely disciplined or prosecuted for unauthorized disclosures, I know of no case in which an official was sanctioned for inappropriately classifying information. The Obama administration, which has criminally prosecuted more leakers of purportedly classified information than all previous administrations combined, needs to stop and assess the way the government classifies information in the first place. The president has said he will not tolerate leaks to the media of war plans that could harm our troops. Of course such actions shouldn't be tolerated, but that is in no way what Drake did. Classification is a critical national security tool. The ability to deny information to an enemy and to protect sensitive intelligence sources and methods is vital to our nation's well-being. To be effective, however, this tool must be applied with discernment, distinguishing truly sensitive information that can be used to harm our nation from that which cannot. Currently, the strong impulse within the U.S. government is to overclassify. The administration needs to begin sanctioning those who inappropriately classify information, and it needs to take far greater care in what it decides to label secret. Otherwise, it will continue to find itself prosecuting cases it can't win and denying the public access to information it should possess. ----- J. William Leonard spent 34 years working for the federal government in national security, including five years as director of the Information Security Oversight Office during the George W. Bush administration. From rforno at infowarrior.org Wed Aug 10 08:26:32 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 09:26:32 -0400 Subject: [Infowarrior] - Experimental Mach-20 aircraft set for launch at Vandenberg AFB Message-ID: <6214E205-5AB5-4D2B-A3A0-4082D5AFADA7@infowarrior.org> Experimental Mach-20 aircraft set for launch at Vandenberg AFB http://www.latimes.com/business/la-fi-vandenberg-hypersonic-aircraft-20110810,0,6272069.story The Falcon Hypersonic Technology Vehicle 2 is part of a program that would deliver a military strike anywhere in the world in less than an hour. By W.J. Hennigan, Los Angeles Times August 10, 2011 An experimental, arrowhead-shaped aircraft that could reach blistering speeds of 13,000 mph above the Pacific Ocean is set to blast off on a test flight Wednesday from Vandenberg Air Force Base, northwest of Santa Barbara. The flight is scheduled to test new technology that would provide the Pentagon with a vehicle capable of delivering a military strike anywhere in the world in less than an hour. The unmanned aircraft, dubbed Falcon Hypersonic Technology Vehicle 2, is scheduled to be launched at 7 a.m. PDT into the upper reaches of the Earth's atmosphere aboard an eight-story Minotaur IV rocket made by Orbital Sciences Corp. The aircraft will separate from the booster, dive back toward Earth, level out and glide above the Pacific at 20 times the speed of sound, or Mach 20. To demonstrate how fast that is: an aircraft at that speed would zip from Los Angeles to New York in less than 12 minutes. The aircraft is expected to splash down about half an hour later and sink near Kwajalein Atoll, about 4,000 miles from Vandenberg. The launch Wednesday will be the second flight of the Falcon. The first flight, which took place in April 2010, ended prematurely with only 9 minutes of flight time. The U.S. Defense Advanced Research Projects Agency, which is funding the program, said the first flight was "used to improve aerodynamic models and to optimize the vehicle design and trajectory for flight 2." Sustaining hypersonic flight, or speeds beyond Mach 5, has been extremely difficult for aeronautical engineers to perfect over the years. In June, the U.S. Air Force had to prematurely end a test flight of its experimental X-51 WaveRider plane when a lapse in airflow to the jet engine caused a shutdown. The second flight of the Falcon Hypersonic Technology Vehicle 2, which is built by Lockheed Martin Corp., is set to be its last ? unless the government provides more funding. And unlike many rocket launches these days, it is not set to be webcast. From rforno at infowarrior.org Wed Aug 10 09:29:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 10:29:29 -0400 Subject: [Infowarrior] - Twitter refuses to close accounts of UK rioters Message-ID: <695C2C54-3748-4AC4-8FBE-9F0A5BA07D73@infowarrior.org> Twitter refuses to close accounts of rioters to protect their 'freedom of expression' http://www.dailymail.co.uk/news/article-2024295/UK-riots-2011-Spooks-trail-BlackBerry-Messenger-ringleaders.html From rforno at infowarrior.org Wed Aug 10 12:48:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 13:48:29 -0400 Subject: [Infowarrior] - Offensive Cyber Tools to Get Legal Review, Air Force Says Message-ID: <7FAA4489-05FD-4B0A-BB2D-3A68CFC2C3AD@infowarrior.org> Offensive Cyber Tools to Get Legal Review, Air Force Says August 10th, 2011 by Steven Aftergood https://www.fas.org/blog/secrecy/2011/08/af_cyber.html Even the most highly classified offensive cyberwar capabilities that are acquired by the Air Force for use against enemy computer systems will be subject to ?a thorough and accurate legal review,? the U.S. Air Force said in a new policy directive (pdf). The directive assigns the Judge Advocate General to ?ensure all cyber capabilities being developed, bought, built, modified or otherwise acquired by the Air Force that are not within a Special Access Program are reviewed for legality under LOAC [Law of Armed Conflict], domestic law and international law prior to their acquisition for use in a conflict or other military operation.? In the case of cyber weapons developed in tightly secured Special Access Programs, the review is to be performed by the Air Force General Counsel, the directive said. See ?Legal Reviews of Weapons and Cyber Capabilities,? Air Force Instruction 51-402, 27 July 2011. The Air Force directive is somewhat more candid than most other official publications on the subject of offensive cyber warfare. Thus, ?for the purposes of this Instruction, an Air Force cyber capability requiring a legal review prior to employment is any device or software payload intended to disrupt, deny, degrade, negate, impair or destroy adversarial computer systems, data, activities or capabilities.? On the other hand, cyber capabilities requiring legal review ?do not include a device or software that is solely intended to provide access to an adversarial computer system for data exploitation,? the directive said. One challenge facing such legal reviews is that law and policy in the relatively new field of cyberwar are not fully articulated. Another challenge is that where applicable law and policy do exist, they may be inconsistent with the use of offensive cyber tools. In response to a question (pdf) on cyberwarfare from the Senate Armed Services Committee at his confirmation hearing last year, Lt. Gen. Keith Alexander of U.S. Cyber Command said: ?President Obama?s cybersecurity sixty-day study highlighted the mismatch between our technical capabilities to conduct operations and the governing laws and policies, and our civilian leadership is working hard to resolve the mismatch.? (page 9) But he added: ?Given current operations, there are sufficient law, policy, and authorities to govern DOD cyberspace operations. If confirmed, I will operate within applicable laws, policies, and authorities. I will also identify any gaps in doctrine, policy and law that may prevent national objectives from being fully realized or executed to the Commander, U.S. Strategic Command and the Secretary of Defense.? Asked whether DoD possesses ?significant capabilities to conduct military operations in cyberspace,? Gen. Alexander would only provide an answer on a classified basis. The Pentagon does not often acknowledge the existence of offensive cyber capabilities. The ?Department of Defense Strategy for Operating in Cyberspace? (pdf) that was released in unclassified form last month does not address offensive cyber warfare at all. From rforno at infowarrior.org Wed Aug 10 20:01:17 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 21:01:17 -0400 Subject: [Infowarrior] - Hacker Triggers Halt on Hong Kong Exchange Message-ID: Hacker Triggers Halt on Hong Kong Exchange By Lynn Thomasson - Aug 10, 2011 http://www.bloomberg.com/news/print/2011-08-10/hong-kong-exchange-halts-some-trading-after-website-glitch-1-.html Hong Kong Exchanges & Clearing Ltd., the world?s biggest bourse operator by market value, said it suspended trading for companies including HSBC Holdings Plc (HSBA) after its website was hacked. Europe?s largest bank by market capitalization, Cathay Pacific Airways Ltd. (293) and five other stocks were halted after a ?malicious attack? on the exchange?s website for corporate filings, Chief Executive Officer Charles Li said yesterday. The website was partially disabled as companies including Hong Kong Exchanges reported earnings. The bourse joins companies from Sony Corp. to Citigroup Inc. and Nasdaq OMX Group Inc. that have been targeted by hackers. The attack came as Hong Kong stocks were rebounding after losing $323 billion in value since Aug. 1 amid a global rout spurred by concern that the U.S. economy is slowing and Europe won?t be able to contain its sovereign-debt crisis. ?This has affected the creditability and trustworthiness of information at a very critical time,? said Charles Mok, who heads the Hong Kong division of the Internet Society, an international standard-setting group. ?The situation is very worrying because the hacking is targeted at the information disclosure mechanism.? Suspensions The exchange suspended trading of companies which published price-sensitive information, including on earnings and acquisitions, after 12 p.m. to ensure investors had equal access to statements, Li said. It set up an online bulletin board as an alternative, and will place advertisements in newspapers to tell investors where to find filings, Mark Dickens, the exchange?s head of listing, said. ?Our current assessment is that this is the result of malicious attack by outside hacking,? Li said at a press conference to announce a 14 percent increase in first-half earnings. The exchange is working to discover the objective of the attack, he said. The Technology Crime Division of the Hong Kong Police?s Commercial Crime Bureau is investigating the matter, said Anita Chow, a spokeswoman for the force. The Securities and Futures Commission is also following up, spokesman Jonathan Li said. In March, the U.S. National Security Agency was reported to have joined an investigation of an October 2010 attack on Nasdaq OMX. The second-largest U.S. equity exchange operator of trading market share, said in February that ?suspicious files? discovered on a website prompted it to start an investigation with federal authorities into possible computer hacking. ?Proper Measures? Trading of HSBC, which makes up 15 percent of Hong Kong?s Hang Seng Index, and Hong Kong Exchanges, which has a 2.6 percent weighting, was suspended. Cathay Pacific, Dah Sing Banking Group Ltd. (2356), Dah Sing Financial Group, China Resources Microelectronics Ltd. and China Power International Development Ltd. (2380) were also suspended. HSBC, Hong Kong Exchanges, Dah Sing Banking, Dah Sing Financial said in filings yesterday that they will resume trading today. The other suspended companies haven?t yet made statements. HSBC said it was halted because of its statement on the sale of its U.S. card and retail-services units. The exchange ?should have had the proper measures to make sure this is secure,? said Terrace Chum, Hong Kong-based managing director of greater China equities for Manulife Asset Management, which oversees $210 billion. ?In other media channels, you can always find falsified news and rumors, but this is supposed to be more official.? Increased Hacking Companies in Hong Kong face an increase in computer intrusions as hackers target security flaws in some software, Roy Ko, centre manager at Hong Kong Computer Emergency Response Team Coordination Centre, said by phone today. The center, funded by the government, found 22 websites this year whose content was ?defaced? by hackers, Ko said. The suspensions didn?t disrupt the calculation of the Hang Seng Index (HSI), said Vincent Kwan, director and general manager at Hang Seng Indexes Co. in Hong Kong. The last trades before the halt were used to calculate the equity gauge, he said. ?Trust is something that takes years to build and accumulate, so one little incident is not enough to cause a lot of damage to the confidence in the exchange,? said Jonas Kan, a Hong Kong-based analyst at Daiwa Securities Capital Markets. ?It?s not something you can lose overnight.? Sony, Japan?s largest exporter of consumer electronics, estimated the attack that crippled its online services this year may cost the company 14 billion yen ($183 million). The International Monetary Fund said in June it was hacked. 493,000 Attacks China was the target of 493,000 cyber attacks last year, according to a report by the National Computer Network Emergency Response Coordination Center of China, the state-run Xinhua News Agency said Aug. 9. About half the attacks originated from internet protocol addresses outside the nation, including from the U.S. and India, the report said. ?Anything that disrupts the flow of information is serious,? said Steve Vickers, chief executive of Steve Vickers Associates, a Hong Kong-based risk-consulting company. ?Can you defend a website absolutely against attack? The answer is no.? To contact the reporter on this story: Lynn Thomasson in Hong Kong at lthomasson at bloomberg.net To contact the editors responsible for this story: Nick Gentle at ngentle2 at bloomberg.net; Hwee Ann Tan at hatan at bloomberg.net From rforno at infowarrior.org Wed Aug 10 21:49:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Aug 2011 22:49:29 -0400 Subject: [Infowarrior] - LinkedIn pulls Facebook-style stunt Message-ID: LinkedIn pulls Facebook-style stunt Privacy invasion by default By Richard Chirgwin http://www.theregister.co.uk/2011/08/11/linkedin_privacy_stuff_up/ Posted in Security, 11th August 2011 02:00 GMT LinkedIn has become the latest social networking site to decide that new features can be added and switched on by default, and users don?t have to be notified. The feature allows LinkedIn to use profile information like names and photos in third-party advertising, and seems to have been first noticed by blogger Steve Woodruff here. The feature ? hidden away in the Orwellian-named ?Manage Social Advertising? option ? has to be switched off through a user?s account settings. Permission for this is tucked away in a new condition in LinkedIn?s Terms of Use, which makes it an opt-out feature. Already, Radio Netherlands Worldwide has reported that the new profile setting may breach Dutch privacy law. The CBP, The Netherlands? data protection agency, says the use of LinkedIn members? photographs can only be used in advertising material with the users? explicit consent. The Radio Netherlands piece notes that the Dutch view is in line with that of the EU Data Protection Working Party, and also states that LinkedIn failed to properly notify users of the change. ? From rforno at infowarrior.org Thu Aug 11 06:22:26 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Aug 2011 07:22:26 -0400 Subject: [Infowarrior] - Record Label Says That Pulling Music From Spotify 'Protects Artists' Message-ID: <9D563C45-4ED3-4DBA-A961-2D33E00F7307@infowarrior.org> Record Label Says That Pulling Music From Spotify 'Protects Artists' from the no,-it-doesn't... dept We've definitely seen plenty of confusion from record labels over the value of Spotify and similar services. But, a heavy metal/hardcore label, Century Media (which runs a variety of smaller labels: InsideOutMusic, Superballmusic, Ain't no Grave Records, Hollywood Waste and People Like You) has claimed that it's pulling all its music from Spotify to "protect artists." It's a funny way to "protect" artists by punishing fans who want to hear them. They complain that "physical sales are dropping drastically in all countries where Spotify is active." Their assumption appears to be that correlation is causation, and merely removing their works from Spotify will now shoot sales back up. But that's not how things work. If anything, it seems likely that this move will accelerate their problems with physical sales. Not only will people not want to buy CDs, they won't even know about the musicians on this label. They'll just listen to someone else instead. The way you protect artists is by helping them to better connect with fans, not making it even more difficult. If I were a band on a Century Label, I'd be pretty pissed off that the label has unilaterally decided to piss off a bunch of my fans and stop many potential fans from discovering my music. http://www.techdirt.com/articles/20110810/12143715467/record-label-says-that-pulling-music-spotify-protects-artists.shtml From rforno at infowarrior.org Thu Aug 11 07:32:07 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Aug 2011 08:32:07 -0400 Subject: [Infowarrior] - PACOM's Joint Test Project For Cyber Ops Signs First Field Test Report Message-ID: Inside the Pentagon - 08/11/2011 More milestones anticipated http://defensenewsstand.com/component/option,com_ppv/Itemid,287/id,2372549/ PACOM's Joint Test Project For Cyber Ops Signs First Field Test Report A major Defense Department cyberdefense exercise aimed at developing new techniques has completed a key milestone and expects to release a draft of tactics, techniques and procedures developed during the test this fall. U.S. Pacific Command has been working with the Pentagon's operational testing shop on a Joint Cyber Operations Joint Test project since Michael Crisp, the deputy director for air warfare within the testing office, signed off on the initiative's charter in August 2010 (Inside the Pentagon, March 2, p1). The Joint Cyber Operations (JCO) Joint Test completed its first field test in April and May, and officials signed out a report last month, PACOM joint test director Matt Goda said. "It provided informal feedback to the Joint Program Office (JPO) on the accomplishment of the test event objectives, problems or issues encountered and the Joint Test director's comments on the way ahead," Goda said of the "for-official-use-only" report. The command plans to release a revision of the cyberdefense tactics, techniques and procedures tested during the project this fall. A classified draft of the TTP was prepared during the recently wrapped-up field test, Goda said. Additionally, the Pentagon and PACOM will hold meetings to review field test findings, conclusions and recommendations, as well as the project's Concept of Operations and TTP development. A Joint Warfighter Advisory Group (JWAG) and the General Officer Steering Committee (GOSC) will be held next month to "share our assessments with the cyber community leadership," Goda said. According to a July 2011 newsletter from the Pentagon's Joint Test and Evaluation shop, the project's director "chaired several Test Readiness Reviews" prior to field test 1 with test team participants and two main test events were used. The first scenario, a test which took place April 18-29 in Hawaii, "involved conducting [Virtual Secure Enclave] network protection and malicious attack detection using the Adaptive Cyber Defense (ACD) TTP." Participants from the military services then used the ACD TTP to "conduct defense cyber operations and VSE installation in both laboratory and realistic operational environments." The second scenario occurred on the live Secret Internet Protocol Router Network May 20-25 in conjunction with the PACOM exercise, Terminal Fury 2011. "VSE nodes were established at six locations and involved personnel from PACOM, COMPACFLT, Seventh Fleet, Pacific Air Forces, Marine Forces Pacific and Joint Warfighting Center," the newsletter states. Inside the Pentagon previously reported that the virtual secure enclave (VSE) strategy was a particular focus of the test project. A VSE could look like "a little part on a computer rack," but pragmatically, the operational strategy "provides some interior boundaries," Goda told ITP at the time. "The thing about the cyber domain is, we created it. We can change it and we can adapt it. And so we're building up these interior defenses, because a computer defense is always going to be a defense-in-depth," Goda said. "It's always going to be a layered defense. Any time you're going to put all your eggs into one basket, so to speak, if that one criteria . . . is discovered to have one vulnerability, everything is vulnerable." A VSE works by beginning to lay out those additional layers, working similar to a "high ground" strategy in the land domain of warfare. -- Amanda Palleschi From rforno at infowarrior.org Thu Aug 11 18:05:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Aug 2011 19:05:06 -0400 Subject: [Infowarrior] - U.S. Anti-Piracy Police Kept Secret From The Public Message-ID: U.S. Anti-Piracy Police Kept Secret From The Public ? Ernesto ? August 11, 2011 http://torrentfreak.com/u-s-anti-piracy-police-kept-secret-from-the-public-110811/ Last month the MPAA and RIAA made a deal with all the major Internet providers in the United States to systematically hunt down file-sharers. The new ?Copyright Alerts? system will directly affect millions of Internet users, but thus far the participating parties have refused to disclose which monitoring company will act as anti-piracy detectives. It?s time for the big reveal. Starting in a few months, the copyright police will start to track down ?pirates? as part of an agreement with all major U.S. Internet providers. All parties agreed to warn copyright infringers that their behavior is unacceptable. After six warnings the ISP may then take a variety of repressive measures, which include slowing down the offender?s connection. The new system is a formalized version of the existing takedown system already operated by copyright holders, and was announced under the name ?Copyright Alerts?. When the agreement was made public in July, two questions immediately came to mind. The first one concerns where data on alleged infringers will be collected, by whom and how long it will be stored. Secondly, which company will be tasked with ?spying? on millions of BitTorrent users. During the last month TorrentFreak tried to get answers on these vital questions, but to our surprise it was impossible to get a response through the official channels. On multiple occasions we contacted the RIAA, A2IM, the Center for Copyright Information, the PR firm of Center for Copyright Information and participating ISPs, but none of these entities were willing to provide more information on the record. Only when we contacted people off the record we were able to find out more. Independently of each other, two sources involved in copyright enforcement informed us that DtecNet is the company that will be tracking unauthorized file-sharing under the new copyright alert system. So who are DtectNet and why is their alleged appointment being kept from the public? Looking at the history of DtecNet we find that the company originally stems from the anti-piracy lobby group Antipiratgruppen, which represents the music and movie industry in Denmark. And there are more direct ties to the entertainment industry. Kristian Lakkegaard, one of DtecNet?s employees, used to work for the RIAA?s global partner IFPI. Last year the Danish company was acquired by the US brand protection firm MarkMonitor, but continues to operate under its own name. As an established anti-piracy company, DtecNet already works closely with the RIAA and MPAA. In addition, they are responsible for collecting data on copyright infringers as part of the Irish three-strikes program. Although little is known about the accuracy of DtecNet?s tracking software, TorrentFreak has previously pointed out that the company knows very little about how BitTorrent works. A whitepaper published by DtecNet claimed that BitTorrent traffic had plummeted and was littered with painful errors and false assumptions. The report in question has since been retracted (copy here), indicating that in hindsight DtecNet wasn?t very happy with it either. DtecNet?s parent company MarkMonitor also made the headlines with a report that branded the file-hosting site RapidShare as the leading digital piracy site. RapidShare, a company that has gone to extreme lengths both in and outside of court to emphasize its legitimacy, was outraged and threatened to sue MarkMonitor for defamation. MarkMonitor at the time told TorrentFreak that their research was completely independent, but with revenues coming from both the RIAA and MPAA their objectivity has to be in doubt. So now we know that DtecNet will likely be the monitoring company used for the copyright alerts program, one of our questions has been answered. However, we still don?t know what will happen to the information DtecNet collects and where this will be stored. For the sake of transparency, we hope that the Center for Copyright Information will be more open about this in the future. In a final attempt to get DtecNet?s appointment officially confirmed TorrentFreak contacted Te Smith, Vice President of Communications at MarkMonitor, who would not confirm or deny our findings. ?As a company, our policy is never to comment on whether someone (or some company, organization or group) is or isn?t a client,? Te informed us. But with two sources pointing at DtecNet we are confident that they will be tracking U.S. file-sharers under the copyright alert program. Nevertheless, this secrecy does raise new questions that are perhaps just as interesting as the others we?ve asked previously. Why would DtecNet?s involvement be kept a secret from the public? Why isn?t there more openness about how the personal information of millions of alleged file-sharers is to be handled? What do the groups behind these copyright alerts have to hide? From rforno at infowarrior.org Fri Aug 12 11:04:49 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Aug 2011 12:04:49 -0400 Subject: [Infowarrior] - Navy: Excessive Security Can Degrade Effectiveness Message-ID: <21E37522-E63B-4997-84CC-871D3DD65424@infowarrior.org> Navy: Excessive Security Can Degrade Effectiveness August 12th, 2011 by Steven Aftergood https://www.fas.org/blog/secrecy/2011/08/navy_opsec.html There can be such a thing as too much security, the Navy said in a new Instruction on ?Operations Security? (pdf) or OPSEC. OPSEC refers to the control of unclassified indicators that an adversary could use to derive ?critical information? (CI) concerning military or intelligence programs. ?Properly applied, OPSEC contributes directly to operational effectiveness by withholding CI from an adversary, thereby forcing an adversary?s decisions to be based on information friendly forces choose to release,? the new Navy Instruction said. ?Inadequate OPSEC planning or poor execution degrades operational effectiveness by hindering the achievement of surprise.? But even if adequately planned and executed, not all OPSEC is necessary or useful; sometimes it is actually counterproductive. ?Excessive OPSEC countermeasures? can degrade operational effectiveness by interfering with the required activities such as coordination, training and logistical support,? the Instruction said. See ?Operations Security,? OPNAV Instruction 3432.1A, 4 August 2011. Unfortunately, the Instruction does not and perhaps cannot provide criteria for distinguishing between proper OPSEC and excessive OPSEC. Instead, it directs commanders and program managers to ?evaluate? each operation and draw the appropriate conclusions. What if the program manager is shortsighted or simply makes a mistake? What if OPSEC is justified from a security perspective, but also undermines government accountability or public confidence in government integrity? The Instruction has nothing to say about that. Because of the subjective element in such decisions, the use of OPSEC (like the application of national security classification controls) is often arbitrary and disputed. After 30 U.S. servicemen, including 17 Navy SEALs, were killed in Afghanistan on August 6 when their helicopter was shot down, U.S. Special Operations Command asked that the names of the SEALs not be disclosed for security reasons. Secretary of Defense Leon Panetta rejected that view and the names were released by the Pentagon yesterday. But in a questionable nod to OPSEC, the name of the unit to which the SEALs were attached ? the Naval Special Warfare Development Group (DEVGRU) ? was not cited by the Pentagon, Bloomberg News reported. Instead, the DoD press release referred only to ?an East Coast-based Naval Special Warfare unit.? Yet the Navy itself has previously acknowledged and referred by name to the same SEAL unit. See ?Pentagon Releases Identities of SEALs Killed, Not Unit Name? by Tony Capaccio, Bloomberg News, August 11. From rforno at infowarrior.org Fri Aug 12 19:47:56 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Aug 2011 20:47:56 -0400 Subject: [Infowarrior] - OpEd: Department of Internet Defense Message-ID: Department of Internet Defense By David Ignatius, Friday, August 12, 8:12 PM ASPEN, Colo. http://www.washingtonpost.com/opinions/department-of-internet-defense/2011/08/12/gIQAPQcxBJ_print.html ?Cybersecurity? is one of those hot topics that has launched a thousand seminars and strategy papers without producing much in the way of policy. But that?s beginning to change, in one of 2011?s most important but least noted government moves. This summer, with little public fanfare, the Obama administration rolled out a strategy for cybersecurity that couples the spooky technical wizardry of the National Security Agency with the friendly, cops-and-firefighters ethos of the Department of Homeland Security. This partnership may be the smartest aspect of the policy, which has so far avoided the controversies that usually attach themselves like viruses to anything involving government and the Internet. The new initiative was explained at a conference here last week sponsored by the Aspen Strategy Group, a forum that has been meeting each summer for 30 years to discuss defense issues. Among the participants were the two people who helped frame the plan, William Lynn and Jane Holl Lute, the deputy secretaries of defense and homeland security, respectively. What?s driving the policy is a growing recognition that the Internet is under attack ? right now, every day ? by foreign intelligence agencies and malicious hackers alike. Experts cite some frightening examples: An attack in May on Citigroup, in which hackers stole credit card information on 360,000 clients; a still-mysterious assault last October on the Nasdaq stock exchange; a 2009 breach of the U.S. electrical grid by Russian and Chinese intruders; and a 2009 heist of plans for the F-35 joint strike fighter. And that?s just what?s public. McAfee, the computer security firm, registers 60,000 new bits of malicious software every day. But classified estimates are said to be much scarier ? with a hundred attacks for every one that?s publicly disclosed. It?s good to be skeptical about such unspecified threats ? when officials warn direly, ?If only you knew what we know? ? but in this case, the danger is obviously real. The question is what to do about it. The heart of the new cyberdefense strategy is to spread the use of secret tools developed by the NSA. For example, the spy agency devised a system known as Tutelage to defend against malicious intrusions of military networks; a DHS version called Einstein 3 is now being used to protect civilian agencies. These systems are known as ?active defense? because they use sensors and other techniques to block malicious code before it can affect operations. This summer?s big innovation was using the government?s expertise to begin shielding the nation?s critical private infrastructure. In late May, the Pentagon and Homeland Security launched what they called the DIB Cyber Pilot (that?s short for ?defense industrial base?). To protect about 20 defense companies that volunteered for the experiment, Homeland Security worked with four major Internet service providers, or ISPs, to help them clean malicious software from the Internet feed going to the contractors. What made this recipe powerful was that the NSA provided what officials like to call its ?special sauce,? in the form of electronic signatures of malicious software, which the NSA gathers 24-7 through its intelligence network. The experiment has been running for 90 days now, and officials say that it?s working. The ISPs have blocked hundreds of attempted intrusions before they could get to the defense companies. The lesson for Lynn: ?It?s possible for the government to share threat information with private industry? under existing laws. The National Security Council soon will be debating whether to extend this pilot program to other sectors of critical infrastructure. Obvious candidates are the big financial institutions supervised by the Treasury Department and the national laboratories and nuclear-energy facilities overseen by the Energy Department. Two questions down the road are whether to set regulatory standards that mandate all ISPs to provide a clean Internet pipe to key users and how to extend protection to the huge and nakedly vulnerable world of the dot-coms. Here?s what I took from five days of discussion: The Internet was deliberately built with an open architecture, which was once its greatest strength but is now a vulnerability. Regulatory norms may be useful (just like fire codes and clean-water standards). But real security will come when it?s a moneymaker for private companies that want to satisfy public demand for an Internet that isn?t crawling with bugs. The NSA can help by sharing its secret tools. But it needs a civilian interface, in Homeland Security, to reassure the public that this is about security, not spying. davidignatius at washpost.com ? The Washington Post Company From rforno at infowarrior.org Sat Aug 13 16:23:51 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Aug 2011 17:23:51 -0400 Subject: [Infowarrior] - Google+ public posts being inserted into search results Message-ID: <2A1A282F-1762-43D0-B7C9-36C251316F5C@infowarrior.org> Google+ public posts being inserted into search results http://www.digitaltrends.com/social-media/google-public-posts-being-inserted-into-search-results/ If you are an early adopter of the Google+ social network, be careful what links you are posting on the service. Google is taking those link recommendations and using them for search. Coming off the a recent dissolution of a partnership with Twitter for real-time search results, Google has started to intertwine public posts made on Google+ with search results. When a user is signed into any Google service and performs a search, they will see annotations about links shared on Google+ from their friends and connections of friends. However, the text only shows that a person shared the link, not their opinion on it. If a friend shares a link to restaurant website on Google+ to mock the terrible food or service, it would still show up on Google as ?Friend Name shared this on Google?. It?s possible to that disliked links will appear as recommendations. However, if a user clicks the Google+ link underneath the search result, they can see the full Google+ post to understand why the link was posted. Google was quick to stress that only public posts will appear in search results. Any links or posts shared within a circle of friends won?t appear on a Google results page. Micrsoft?s Bing launched a similar feature recently that ties search results into the Facebook API. When searching for a term on Bing, any links that have been ?liked? by Facebook friends become more prominent in the results. This requires the user to be logged into Facebook while performing a search on Bing. This announcement likely ties into Google?s attempt to make sure that all Google+ users are listing their own names on the service. Google has recently shifted its policy from banning accounts without notice to giving users 4 days notice to change the Google+ account to the legal name. In some cases, they are even requesting scans of government issued ID to prove that a user has that name. After the grace period of four days, the account is suspended by Google. From rforno at infowarrior.org Mon Aug 15 06:00:10 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Aug 2011 07:00:10 -0400 Subject: [Infowarrior] - =?windows-1252?q?DHS/FBI_=93Body_Packing=94_Crimi?= =?windows-1252?q?nal_Tactic_with_Possible_Terrorist_Applications?= Message-ID: <7D5E76D5-719F-40E3-AE2C-6505E75A4D95@infowarrior.org> (I would have just told readers to watch 'The Dark Knight' -- rick) This is the text of the DHS document that was reported on in July regarding so-called ?body bombs? that would be inserted surgically into the bomber?s bodies. It was posted to a forum for the Colbert Report television show after being taken from the body of an email from the South Carolina Information and Intelligence Center, the local fusion center for the state of South Carolina. http://publicintelligence.net/ufouo-dhsfbi-body-packing-criminal-tactic-with-possible-terrorist-applications/ From rforno at infowarrior.org Mon Aug 15 06:19:04 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Aug 2011 07:19:04 -0400 Subject: [Infowarrior] - Apollo Surface Panoramas Message-ID: Stunning photos. --- rick Apollo Surface Panoramas Apollo Surface Panoramas is a digital library of photographic panoramas that the Apollo astronauts took while exploring the Moon's surface. These images provide a spectacular boots-on-the-ground view of the lunar landscape. The panoramas are stitched together from individual 70mm Hasselblad frames, each of which is also accessible through this new atlas. Lunar surface features captured in the panoramas can be studied using zoom and pan tools. An annotated version of each panorama is also available to assist users with the identification of major geographic features around each Apollo landing site. http://www.lpi.usra.edu/resources/apollopanoramas/ From rforno at infowarrior.org Mon Aug 15 06:36:35 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Aug 2011 07:36:35 -0400 Subject: [Infowarrior] - Google to acquire Motorola Mobility Message-ID: <16AC4C2C-CE34-401E-8674-BF8A06E5701E@infowarrior.org> http://finance.yahoo.com/news/Google-to-Acquire-Motorola-bw-4079820793.html Google to Acquire Motorola Mobility Combination will Supercharge Android, Enhance Competition, and Offer Wonderful User Experiences Press Release Source: Google Inc. and Motorola Mobility Holdings, Inc. On Monday August 15, 2011, 7:30 am MOUNTAIN VIEW, Calif. & LIBERTYVILLE, Ill.--(BUSINESS WIRE)-- Google Inc. (NASDAQ:GOOG - News) and Motorola Mobility Holdings, Inc. (NYSE:MMI - News) today announced that they have entered into a definitive agreement under which Google will acquire Motorola Mobility for $40.00 per share in cash, or a total of about $12.5 billion, a premium of 63% to the closing price of Motorola Mobility shares on Friday, August 12, 2011. The transaction was unanimously approved by the boards of directors of both companies. The acquisition of Motorola Mobility, a dedicated Android partner, will enable Google to supercharge the Android ecosystem and will enhance competition in mobile computing. Motorola Mobility will remain a licensee of Android and Android will remain open. Google will run Motorola Mobility as a separate business. Larry Page, CEO of Google, said, ?Motorola Mobility?s total commitment to Android has created a natural fit for our two companies. Together, we will create amazing user experiences that supercharge the entire Android ecosystem for the benefit of consumers, partners and developers. I look forward to welcoming Motorolans to our family of Googlers.? Sanjay Jha, CEO of Motorola Mobility, said, ?This transaction offers significant value for Motorola Mobility?s stockholders and provides compelling new opportunities for our employees, customers, and partners around the world. We have shared a productive partnership with Google to advance the Android platform, and now through this combination we will be able to do even more to innovate and deliver outstanding mobility solutions across our mobile devices and home businesses.? Andy Rubin, Senior Vice President of Mobile at Google, said, ?We expect that this combination will enable us to break new ground for the Android ecosystem. However, our vision for Android is unchanged and Google remains firmly committed to Android as an open platform and a vibrant open source community. We will continue to work with all of our valued Android partners to develop and distribute innovative Android-powered devices.? The transaction is subject to customary closing conditions, including the receipt of regulatory approvals in the US, the European Union and other jurisdictions, and the approval of Motorola Mobility?s stockholders. The transaction is expected to close by the end of 2011 or early 2012. From rforno at infowarrior.org Mon Aug 15 07:09:54 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Aug 2011 08:09:54 -0400 Subject: [Infowarrior] - Paper: Persistent Web Cookies Message-ID: <048BB0CD-B7B6-4488-8EF3-D91784BEAD4B@infowarrior.org> RESPAWN REDUX (Follow up to Flash Cookies and Privacy II) Ashkan Soltani 08/11/2011 I thought I'd take the time to elaborate a bit further regarding the technical mechanisms described in our 'Flash Cookies and Privacy II' paper that generated a bit of buzz recently. For a bit of background, I, along with Chris Hoofnagle and Nathan Good, had the honor of supervising Mika Ayenson and Dietrich J. Wambach in replicating our previous 2009 study which found that websites were circumventing user choice by deliberately restoring previously deleted HTTP cookies using persistent storage outside of the control of the browser (a practice we dubbed ?respawning?). In our follow up study, we found that Hulu was still respawning deleted user cookies using homegrown Flash and Javascript code present on the Hulu.com site. Additionally, Hulu, Spotify, and many others were also respawning using code provided by analytics firm KISSmetrics.* Hitten Shah, the founder of KISSmetrics, initially confirmed that the research surrounding respawning was correct in an interview with Ryan Singel although he later criticized the findings after a lawsuit was filed. < - > http://ashkansoltani.org/docs/respawn_redux.html From rforno at infowarrior.org Mon Aug 15 09:44:30 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Aug 2011 10:44:30 -0400 Subject: [Infowarrior] - Another music rights fight brewing Message-ID: August 15, 2011 Record Industry Braces for Artists? Battles Over Song Rights https://www.nytimes.com/2011/08/16/arts/music/springsteen-and-others-soon-eligible-to-recover-song-rights.html?hp=&pagewanted=print By LARRY ROHTER Since their release in 1978, hit albums like Bruce Springsteen?s ?Darkness on the Edge of Town,? Billy Joel?s ?52nd Street,? the Doobie Brothers? ?Minute by Minute,? Kenny Rogers?s ?Gambler? and Funkadelic?s ?One Nation Under a Groove? have generated tens of millions of dollars for record companies. But thanks to a little-noted provision in United States copyright law, those artists ? and thousands more ? now have the right to reclaim ownership of their recordings, potentially leaving the labels out in the cold. When copyright law was revised in the mid-1970s, musicians, like creators of other works of art, were granted ?termination rights,? which allow them to regain control of their work after 35 years, so long as they apply at least two years in advance. Recordings from 1978 are the first to fall under the purview of the law, but in a matter of months, hits from 1979, like ?The Long Run? by the Eagles and ?Bad Girls? by Donna Summer, will be in the same situation ? and then, as the calendar advances, every other master recording once it reaches the 35-year mark. The provision also permits songwriters to reclaim ownership of qualifying songs. Bob Dylan has already filed to regain some of his compositions, as have other rock, pop and country performers like Tom Petty, Bryan Adams, Loretta Lynn, Kris Kristofferson, Tom Waits and Charlie Daniels, according to records on file at the United States Copyright Office. ?In terms of all those big acts you name, the recording industry has made a gazillion dollars on those masters, more than the artists have,? said Don Henley, a founder both of the Eagles and the Recording Artists Coalition, which seeks to protect performers? legal rights. ?So there?s an issue of parity here, of fairness. This is a bone of contention, and it?s going to get more contentious in the next couple of years.? With the recording industry already reeling from plummeting sales, termination rights claims could be another serious financial blow. Sales plunged to about $6.3 billion from $14.6 billion over the decade ending in 2009, in large part because of unauthorized downloading of music on the Internet, especially of new releases, which has left record labels disproportionately dependent on sales of older recordings in their catalogs. ?This is a life-threatening change for them, the legal equivalent of Internet technology,? said Kenneth J. Abdo, a lawyer who leads a termination rights working group for the National Academy of Recording Arts and Sciences and has filed claims for some of his clients, who include Kool and the Gang. As a result the four major record companies ? Universal, Sony BMG, EMI and Warner ? have made it clear that they will not relinquish recordings they consider their property without a fight. ?We believe the termination right doesn?t apply to most sound recordings,? said Steven Marks, general counsel for the Recording Industry Association of America, a lobbying group in Washington that represents the interests of record labels. As the record companies see it, the master recordings belong to them in perpetuity, rather than to the artists who wrote and recorded the songs, because, the labels argue, the records are ?works for hire,? compilations created not by independent performers but by musicians who are, in essence, their employees. Independent copyright experts, however, find that argument unconvincing. Not only have recording artists traditionally paid for the making of their records themselves, with advances from the record companies that are then charged against royalties, they are also exempted from both the obligations and benefits an employee typically expects. ?This is a situation where you have to use your own common sense,? said June M. Besek, executive director of the Kernochan Center for Law, Media and the Arts at the Columbia University School of Law. ?Where do they work? Do you pay Social Security for them? Do you withdraw taxes from a paycheck? Under those kinds of definitions it seems pretty clear that your standard kind of recording artist from the ?70s or ?80s is not an employee but an independent contractor.? Daryl Friedman, the Washington representative of the recording academy, which administers the Grammy Awards and is allied with the artists? position, expressed hope that negotiations could lead to a ?broad consensus in the artistic community, so there don?t have to be 100 lawsuits.? But with no such talks under way, lawyers predict that the termination rights dispute will have to be resolved in court. ?My gut feeling is that the issue could even make it to the Supreme Court,? said Lita Rosario, an entertainment lawyer specializing in soul, funk and rap artists who has filed termination claims on behalf of clients, whom she declined to name. ?Some lawyers and managers see this as an opportunity to go in and renegotiate a new and better deal. But I think there are going to be some artists who feel so strongly about this that they are not going to want to settle, and will insist on getting all their rights back.? So far the only significant ruling on the issue has been one in the record labels? favor. In that suit heirs of Jamaican reggae star Bob Marley, who died in 1981, sued Universal Music to regain control of and collect additional royalties on five of his albums, which included hits like ?Get Up, Stand Up? and ?One Love.? But last September a federal district court in New York ruled that ?each of the agreements provided that the sound recordings were the ?absolute property? ? of the record company, and not Marley or his estate. That decision, however, applies only to Marley?s pre-1978 recordings, which are governed by an earlier law that envisaged termination rights only in specific circumstances after 56 years, and it is being appealed. Congress passed the copyright law in 1976, specifying that it would go into effect on Jan. 1, 1978, meaning that the earliest any recording can be reclaimed is Jan. 1, 2013. But artists must file termination notices at least two years before the date they want to recoup their work, and once a song or recording qualifies for termination, its authors have five years in which to file a claim; if they fail to act in that time, their right to reclaim the work lapses. The legislation, however, fails to address several important issues. Do record producers, session musicians and studio engineers also qualify as ?authors? of a recording, entitled to a share of the rights after they revert? Can British groups like Led Zeppelin, the Rolling Stones, Pink Floyd, and Dire Straits exercise termination rights on their American recordings, even if their original contract was signed in Britain? These issues too are also an important part of the quiet, behind-the-scenes struggle that is now going on. Given the potentially huge amounts of money at stake and the delicacy of the issues, both record companies, and recording artists and their managers have been reticent in talking about termination rights. The four major record companies either declined to discuss the issue or did not respond to requests for comment, referring the matter to the industry association. But a recording industry executive involved in the issue, who spoke on condition of anonymity because he is not authorized to speak for the labels, said that significant differences of opinion exist not only between the majors and smaller independent companies, but also among the big four, which has prevented them from taking a unified position. Some of the major labels, he said, favor a court battle, no matter how long or costly it might be, while others worry that taking an unyielding position could backfire if the case is lost, since musicians and songwriters would be so deeply alienated that they would refuse to negotiate new deals and insist on total control of all their recordings. As for artists it is not clear how many have already filed claims to regain ownership of their recordings. Both Mr. Springsteen and Mr. Joel, who had two of the biggest hit albums of 1978, as well as their managers and legal advisers, declined to comment on their plans, and the United States Copyright Office said that, because termination rights claims are initially processed manually rather than electronically, its database is incomplete. Songwriters, who in the past typically have had to share their rights with publishing companies, some of which are owned by or affiliated with record labels, have been more outspoken on the issue. As small independent operators to whom the work for hire argument is hard to apply, the balance of power seems to have tilted in their favor, especially if they are authors of songs that still have licensing potential for use on film and television soundtracks, as ringtones, or in commercials and video games. ?I?ve had the date circled in red for 35 years, and now it?s time to move,? said Rick Carnes, who is president of the Songwriters Guild of America and has written hits for country artists like Reba McEntire and Garth Brooks. ?Year after year after year you are going to see more and more songs coming back to songwriters and having more and more influence on the market. We will own that music, and it?s still valuable.? In the absence of a definitive court ruling, some recording artists and their lawyers are talking about simply exercising their rights and daring the record companies to stop them. They complain that the labels in some cases are not responding to termination rights notices and predict that once 2013 arrives, a conflict that is now mostly hidden from view is likely to erupt in public. ?Right now this is kind of like a game of chicken, but with a shot clock,? said Casey Rae-Hunter, deputy director of the Future of Music Coalition, which advocates for musicians and consumers. ?Everyone is adopting a wait-and-see posture. But that can only be maintained for so long, because the clock is ticking.? From rforno at infowarrior.org Mon Aug 15 10:54:01 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Aug 2011 11:54:01 -0400 Subject: [Infowarrior] - Repressing the Internet, Western-Style Message-ID: <8912EBDE-9CA6-40EB-9CF5-B45B253E56A0@infowarrior.org> ? LIFE & CULTURE ? AUGUST 13, 2011 Repressing the Internet, Western-Style By EVGENY MOROZOV http://online.wsj.com/article/SB10001424053111903918104576502214236127064.html?mod=WSJ_hpp_MIDDLE_Video_Top Technology has empowered all sides in the London skirmish: the rioters, the vigilantes and the government. Did the youthful rioters who roamed the streets of London, Manchester and other British cities expect to see their photos scrutinized by angry Internet users, keen to identify the miscreants? In the immediate aftermath of the riots, many cyber-vigilantes turned to Facebook, Flickr and other social networking sites to study pictures of the violence. Some computer-savvy members even volunteered to automate the process by using software to compare rioters' faces with faces pictured elsewhere on the Internet. The rioting youths were not exactly Luddites either. They used BlackBerrys to send their messages, avoiding more visible platforms like Facebook and Twitter. It's telling that they looted many stores selling fancy electronics. The path is short, it would seem, from "digital natives" to "digital restives." Technology has empowered all sides in this skirmish: the rioters, the vigilantes, the government and even the ordinary citizens eager to help. But it has empowered all of them to different degrees. As the British police, armed with the latest facial-recognition technology, go through the footage captured by their numerous closed-circuit TV cameras and study chat transcripts and geolocation data, they are likely to identify many of the culprits. Authoritarian states are monitoring these developments closely. Chinese state media, for one, blamed the riots on a lack of Chinese-style controls over social media. Such regimes are eager to see what kind of precedents will be set by Western officials as they wrestle with these evolving technologies. They hope for at least partial vindication of their own repressive policies. Some British politicians quickly called on the BlackBerry maker Research in Motion to suspend its messaging service to avoid an escalation of the riots. On Thursday, Prime Minister David Cameron said that the government should consider blocking access to social media for people who plot violence or disorder. After the recent massacre in Norway, many European politicians voiced their concern that anonymous anti-immigrant comments on the Web were inciting extremism. They are now debating ways to limit online anonymity. Does the Internet really need an overhaul of norms, laws and technologies that gives more control to governments? When the Egyptian secret police can purchase Western technology that allows them to eavesdrop on the Skype calls of dissidents, it seems unlikely that American and European intelligence agencies have no means of listening the calls of, say, a loner in Norway. We tolerate such drastic proposals only because acts of terror briefly deprive us of the ability to think straight. We are also distracted by the universal tendency to imagine technology as a liberating force; it keeps us from noticing that governments already have more power than is healthy. The domestic challenges posed by the Internet demand a measured, cautious response in the West. Leaders in Beijing, Tehran and elsewhere are awaiting our wrong-headed moves, which would allow them to claim an international license for dealing with their own protests. The yare also looking for tools and strategies that might improve their own digital surveillance. After violent riots in 2009, Chinese officials had no qualms about cutting off the Xinjiang region's Internet access for 10 months. Still, they would surely welcome a formal excuse for such drastic measures if the West should decide to take similar measures in dealing with disorder. Likewise, any plan in the U.S. or Europe to engage in online behavioral profiling?trying to identify future terrorists based on their tweets, gaming habits or social networking activity?is likely to boost the already booming data-mining industry. It would not take long for such tools to find their way to repressive states. But something even more important is at stake here. To the rest of the world, the efforts of Western nations, and especially the U.S., to promote democracy abroad have often smacked of hypocrisy. How could the West lecture others while struggling to cope with its own internal social contradictions? Other countries could live with this hypocrisy as long as the West held firm in promoting its ideals abroad. But this double game is harder to maintain in the Internet era. In their concern to stop not just mob violence but commercial crimes like piracy and file-sharing, Western politicians have proposed new tools for examining Web traffic and changes in the basic architecture of the Internet to simplify surveillance. What they fail to see is that such measures can also affect the fate of dissidents in places like China and Iran. Likewise, how European politicians handle online anonymity will influence the policies of sites like Facebook, which, in turn, will affect the political behavior of those who use social media in the Middle East. Should America and Europe abandon any pretense of even wanting to promote democracy abroad? Or should they try to figure out how to increase the resilience of their political institutions in the face of the Internet? As much as our leaders might congratulate themselves for embracing the revolutionary potential of these new technologies, they have shown little evidence of being able to think about them in a nuanced and principled way. ?Mr. Morozov is a visiting scholar at Stanford University and the author of "The Net Delusion: The Dark Side of Internet Freedom." From rforno at infowarrior.org Mon Aug 15 13:09:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Aug 2011 14:09:06 -0400 Subject: [Infowarrior] - SF cell shutdown: Safety issue, or hint of Orwell? Message-ID: SF cell shutdown: Safety issue, or hint of Orwell? Aug 13 06:19 PM US/Eastern By TERRY COLLINS Associated Press http://www.thenewstribune.com/2011/08/14/1782118/san-francisco-cell-shutdown-safety.html SAN FRANCISCO (AP) - An illegal, Orwellian violation of free-speech rights? Or just a smart tactic to protect train passengers from rowdy would-be demonstrators during a busy evening commute? The question resonated Saturday in San Francisco and beyond as details emerged of Bay Area Rapid Transit officials' decision to cut off underground cellphone service for a few hours at several stations Thursday. Commuters at stations from downtown to near the city's main airport were affected as BART officials sought to tactically thwart a planned protest over the recent fatal shooting of a 45-year-old man by transit police. Two days later, the move had civil rights and legal experts questioning the agency's move, and drew backlash from one transit board member who was taken aback by the decision. "I'm just shocked that they didn't think about the implications of this. We really don't have the right to be this type of censor," said Lynette Sweet, who serves on BART's board of directors. "In my opinion, we've let the actions of a few people affect everybody. And that's not fair." Similar questions of censorship have arisen in recent days as Britain's government put the idea of curbing social media services on the table in response to several nights of widespread looting and violence in London and other English cities. Police claim that young criminals used Twitter and Blackberry instant messages to coordinate looting sprees in riots. Prime Minister David Cameron said that the government, spy agencies and the communications industry are looking at whether there should be limits on the use of social media sites like Twitter and Facebook or services like BlackBerry Messenger to spread disorder. The suggestions have met with outrage?with some critics comparing Cameron to the despots ousted during the Arab Spring. In the San Francisco instance, Sweet said BART board members were told by the agency of its decision during the closed portion of its meeting Thursday afternoon, less than three hours before the protest was scheduled to start. "It was almost like an afterthought," Sweet told The Associated Press. "This is a land of free speech and for us to think we can do that shows we've grown well beyond the business of what we're supposed to be doing and that's providing transportation. Not censorship." But there are nuances to consider, including under what conditions, if any, an agency like BART can act to deny the public access to a form of communication?and essentially decide that a perceived threat to public safety trumps free speech. These situations are largely new ones, of course. A couple of decades ago, during the fax-machine and pay-phone era, the notion of people organizing mass gatherings in real time on wireless devices would have been fantasy. BART Deputy Police Chief Benson Fairow said the issue boiled down to the public's well-being. "It wasn't a decision made lightly. This wasn't about free speech. It was about safety," Fairow told KTVU-TV on Friday. BART spokesman Jim Allison maintained that the cellphone disruptions were legal as the agency owns the property and infrastructure. He added while they didn't need the permission of cellphone carriers to temporarily cut service, they notified them as a courtesy. The decision was made after agency officials saw details about the protest on an organizer's website. He said the agency had extra staff and officers aboard trains during that time for anybody who wanted to report an emergency, as well as courtesy phones on station platforms. "I think the entire argument is that some people think it created an unsafe situation is faulty logic," Allison said. "BART had operated for 35 years without cellphone service and no one ever suggested back then that a lack of it made it difficult to report emergencies and we had the same infrastructure in place." But as in London, BART's tactic drew immediate comparisons to authoritarianism, including acts by the former president of Egypt to squelch protests demanding an end to his rule. Authorities there cut Internet and cellphone services in the country for days earlier this year. He left office shortly thereafter "BART officials are showing themselves to be of a mind with the former president of Egypt, Hosni Mubarak," the Electronic Frontier Foundation said on its website. Echoing that comparison, vigorous weekend discussion on Twitter was labeled with the hashtag "muBARTek." Aaron Caplan, a professor at Loyola Law School in Los Angeles who specializes in free-speech issues, was equally critical, saying BART clearly violated the rights of demonstrators and other passengers. "We can arrest and prosecute people for the crimes they commit," he said. "You are not allowed to shut down people's cellphones and prevent them from speaking because you think they might commit a crime in the future." Michael Risher, the American Civil Liberty Union's Northern California staff attorney, echoed the sentiment in a blog: "The government shouldn't be in the business of cutting off the free flow of information. Shutting down access to mobile phones is the wrong response to political protests, whether it's halfway around the world or right here in San Francisco." The ACLU already has a scheduled meeting with BART's police chief on Monday about other issues and Thursday's incident will added to the agenda, spokeswoman Rebecca Farmer said. But others said that while the phone shutdown was worth examining, it may not have impinged on First Amendment rights. Gene Policinski, executive director of the First Amendment Center, a nonprofit educational organization, said freedom of expression can be limited in very narrow circumstances if there is an immediate threat to public safety. "An agency like BART has to be held to a very high standard," he said. "First of all, it has to be an immediate threat, not just the mere supposition that there might be one. And I think the response has to be what a court would consider reasonable, so it has to be the minimum amount of restraint on free expression." He said if BART's actions are challenged, a court may look more favorably on what it did if expression was limited on a narrow basis for a specific area and time frame, instead of "just indiscriminately closing down cellphone service throughout the system or for a broad area." University of Michigan law professor Len Niehoff, who specializes in First Amendment and media law issues, found the BART actions troublesome for a few reasons. He said the First Amendment generally doesn't allow the government to restrict free speech because somebody might do something illegal or to prohibit conversations based on their subject matter. He said the BART actions have been portrayed as an effort to prevent a protest that would have violated the law, but there was no guarantee that would have happened. "What it really did is it prevented people from talking, discussing ... and mobilizing in any form, peaceful or unpeaceful, lawful or unlawful," he said. "That is, constitutionally, very problematic." The government does have the right to break up a demonstration if it forms in an area where protests are prohibited and poses a risk to public safety, Niehoff said. But it should not prohibit free speech to prevent the possibility of a protest happening. "The idea that we're going to keep people from talking about what they might or might not do, based on the idea that they might all agree to violate the law, is positively Orwellian," he said. ___ Associated Press reporters Tom Murphy in Indianapolis; Gene Johnson in Seattle; Jonathan Cooper in Portland, Ore.; and Cassandra Vinograd and David Stringer in London contributed. From rforno at infowarrior.org Tue Aug 16 07:59:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Aug 2011 08:59:46 -0400 Subject: [Infowarrior] - Righthaven rocked, owes $34, 000 after "fair use" loss Message-ID: Righthaven rocked, owes $34,000 after "fair use" loss By Nate Anderson | Published about 10 hours ago http://arstechnica.com/tech-policy/news/2011/08/righthaven-rocked-owes-34000-after-fair-use-loss.ars The wheels appear to be coming off the Righthaven trainwreck-in-progress. The litigation outfit, which generally sues small-time bloggers, forum operators, and the occasional Ars Technica writer, has just been slapped with a $34,000 bill for legal fees. Righthaven v. Hoehn, filed in Nevada federal court, has been an utterly shambolic piece of litigation. Righthaven sued one Wayne Hoehn, a longtime forum poster on the site Madjack Sports. Buried in Home>>Forums>>Other Stuff>>Politics and Religion, Hoehn made a post under the username "Dogs That Bark" in which he pasted in two op-ed pieces. One came from the Las Vegas Review-Journal, which helped set up the Righthaven operation. Righthaven sued. This was the salvation of the news business? Targeting forum posters in political subforums of sports handicapping sites? But at least it looked like Righthaven had a point; copying had certainly occurred. Had infringement? Before it was all over, the judge decided that Righthaven had no standing even to bring the case, since only a copyright holder can file an infringement suit (Righthaven's contract only gave it a bare right to sue? which is no right at all). Then the irritated judge decided that Hoehn's cut-and-paste job was fair use, helping establish a precedent that could undercut the entire Righthaven approach. Then the defense lawyers wanted to be paid. They asked for $34,000 in fees, arguing that they had won the case. To avoid paying the opposing lawyers, Righthaven recently argued that fees could not be awarded; since Righthaven had no standing to sue in the first place, it argued, the court had no jurisdiction over the case at all, not even to assign legal fees. Defense attorney Marc J. Randazza was furious. "Righthaven deserves some credit for taking this position, as it requires an amazing amount of chutzpah," he wrote to the judge. "Righthaven seeks a ruling holding that, as long as a plaintiff?s case is completely frivolous, then the court is deprived of the right to make the frivolously sued defendant whole, whereas a partially frivolous case might give rise to fee liability. Righthaven?s view, aside from being bizarre, does not even comport with the law surrounding prudential standing." The judge agreed. In a terse order today, he decided that Hoehn had won the case (as the "prevailing party") and "the attorney?s fees and costs sought on his behalf are reasonable." Righthaven has until September 14 to cut a check for $34,045.50. This is the second case in weeks in which Righthaven has to pay the Randazza Legal Group. The first time, Righthaven sent its $3,815 check to the wrong address. By e-mail, Randazza commented, "We find it unfortunate that Righthaven didn't just settle this matter when they could have. Murum aries attigit." Didn't catch that last bit? It's Latin for "The [battering] ram touches the wall," and it goes back to Julius Caesar. As Caesar told a group of unfortunates the Roman legions were about to overrun, he would "spare the state, if they should surrender themselves before the battering-ram should touch the wall." But once the assault had begun, there would be no mercy. From rforno at infowarrior.org Tue Aug 16 08:33:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Aug 2011 09:33:29 -0400 Subject: [Infowarrior] - DOD Probe Will Review Every Darpa Contract Message-ID: Pentagon Probe Will Review Every Darpa Contract By Noah Shachtman August 16, 2011 http://www.wired.com/dangerroom/2011/08/pentagon-darpa-probe/ Since Regina Dugan became the director of Darpa, the Pentagon?s top research division has signed millions of dollars? worth of contracts with her family firm, which in turn owes her at least a quarter-million dollars. It?s an arrangement that has raised eyebrows in the research community, and has now drawn the attention of the Defense Department?s internal auditors and investigators. The Pentagon?s Inspector General is launching an audit of those deals ? and of every other research contract Darpa has signed during Dugan?s two-year tenure. This is just ?the first in a series of planned audits to review [Darpa's] contracting processes,? the Inspector General?s office promises. The probe isn?t itself an accusation of wrongdoing; just an investigation to see if any occurred. Darpa representatives have insisted that the agency acted properly in its dealings with RedXDefense ? the bomb detection firm Dugan co-founded with her father, Vince Dugan. She recused herself from any decisions involving the company, they say, and RedXDefense won its $1.7 million in research contracts from Darpa fair and square. ?At no time did Dr. Dugan participate in any dealings between the Agency and RedXDefense related to the contract,? Darpa spokesman Eric Mazzacone told Danger Room in March. (He declined to comment for this story.) Nevertheless, the Inspector General?s office wants to take a closer look. Not only does Dugan still own tens of thousands of dollars? worth of stock in RedXDefense; according to a financial report she filed last year, the company (now led by her father) has yet to reimburse Dugan for a ?note/loan? with ?no schedule of payment or guarantee of repayment.? That?s one reason, presumably, why the IG is also launching a separate inquiry into ?Regina Dugan?s continued financial and familial relations with Darpa contractor RedXDefense,? the office noted in a letter to the Project on Government Oversight, a watchdog group. The look into Darpa?s deal-making won?t end there, however. Every research contract issued by the agency over the last two fiscal years will be reviewed, to ?determine the adequacy of Darpa?s selection, award, and administration of contracts and grants,? the IG?s office wrote in a July 26 memorandum to other military agencies. So will Darpa?s relationship with airship-builder (and one-time agency contractor) Aeros, which now counts former Darpa director Tony Tether as a member of its board of advisors. The scrutiny of Darpa?s $3 billion budget is needed, agency insiders say. Darpa gets wide latitude from the rest of the Pentagon ? and from Congress ? in how it hands out its contracts. ?You could pull a lot of money out of that place if you really wanted to,? a recently retired Darpa official tells Danger Room. ?There really isn?t any due diligence there.? The potential for the appearance of conflicts of interest is also quite high. Many of Darpa?s chosen research fields ? pathogen detection, biomorphic robotics, brain-controlled prosthetics ? are relatively small and tightknit. Any Darpa official worth his or her salt is bound to run into former co-workers while on the job. These interactions with one-time colleagues used to be tightly proscribed. During Tony Tether?s tenure, if there was even a slight chance that a company might bid on a Darpa research project, that firm and and that program manager were disqualified to work on that particular effort. If the program manager owned stock in a defense contractor, that financial relationship had to be severed. ?With Tony, there wasn?t a little line. There was a valley. You either sell your stock [in your old firm], or there?s the door,? one former Darpa program manager says. ?With Regina, things were very different.? And not without some justification. Tether?s bright ethical guidelines had unintended consequences. If a company allowed an employee to take a sabbatical to join Darpa, the firm was essentially blocking itself from millions of dollars in agency research projects. Under Dugan, program managers with potential ethical conflicts could designate someone else at Darpa ? usually someone in a more senior position ? to make decisions about their former company or university. In a speech last year, Darpa deputy director Ken Gabriel called the new conflict of interest rules ?more realistic.? One of the things that makes Darpa?s deals with RedXDefense so unusual is that those decisions weren?t passed to a more senior defense official, who would, in theory, be immune to any influence from Dugan. The decisions were left to a subordinate, who might feel all kinds of pressure to do right by the boss, and by the company run by her dad. ?These policies and practices are in place so that qualified people can come to government service and to ensure that all organizations have access to fair and open competition; neither favored nor disfavored,? Mazzacone said. Nick Schwellenbach, director of investigations at the Project on Government Oversight, isn?t convinced. ?If I was a Darpa employee,? he says, ?I wouldn?t want to be in a position of depriving my boss? family members of a large contract.? From rforno at infowarrior.org Tue Aug 16 21:07:31 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Aug 2011 22:07:31 -0400 Subject: [Infowarrior] - Amazon releases secure cloud for government Message-ID: <70A91C81-78F9-477C-BB1C-AF1DC8F487EF@infowarrior.org> One wonders where little ol' Tattoo is -- I can almost hear him shouting "de cloud! de cloud!" these days. --- rick Amazon releases secure cloud for government By: Dave Rosenberg August 16, 2011 4:52 PM PDT http://news.cnet.com/8301-13846_3-20093243-62/amazon-releases-secure-cloud-for-government/ Cloud service provider Amazon Web Services (AWS) today announced AWS GovCloud, a new AWS Region designed to allow U.S. government agencies and contractors to move more sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements. Amazon's move reflects the ongoing adoption of public cloud services by government entities, including the U.S. Treasury's Recovery Accountability and Transparency board, which hosts Recovery.gov and Treasury.gov on AWS, as well as NASA's Jet Propulsion Laboratory, which processes telemetry data and high-resolution images on an array of EC2 cluster compute instances. The announcement also addresses key compliance regulation issues related to the storage of sensitive data: < - > Previously, government agencies with data subject to compliance regulations such as the International Traffic in Arms Regulations (ITAR), which governs how organizations manage and store defense-related data, were unable to process and store data in the cloud that the federal government mandated be accessible only by U.S. persons. Because AWS GovCloud is physically and logically accessible by U.S. persons only (the actual instances reside within an AWS virtual private cloud), government agencies can now manage more heavily regulated data in AWS while remaining compliant with strict federal requirements. The new Region offers the same high level of security as other AWS Regions, and supports existing AWS security controls and certifications such as FISMA, FIPS 140-2 compliant end points, SAS-70, ISO 27001, and PCI DSS Level 1. AWS also provides an environment that enables agencies to comply with HIPAA regulations. < - > Beyond the offering itself, what AWS is proving is that even the most sensitive data and workloads no longer have to be kept behind the firewall or in private data centers. And, perhaps more interesting than the offering, is seeing AWS leave every other provider in the dust not just in terms of technical innovation but also in the business of cloud services. Who would have guessed that a bookstore would pave the way for how we use computing resources. From rforno at infowarrior.org Wed Aug 17 10:59:10 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Aug 2011 11:59:10 -0400 Subject: [Infowarrior] - ICANN chief Beckstrom says he will go in July 2012 Message-ID: ICANN chief Beckstrom says he will go in July 2012 Confirming decision apparently not made by him By Kevin Murphy ? Get more from this author http://go.theregister.com/feed/www.theregister.co.uk/2011/08/17/icann_chief_quits/ Posted in Hosting, 17th August 2011 12:32 GMT Rod Beckstrom, the president and CEO of domain name industry overseer ICANN, has announced that he will leave the job when his contract expires in July next year. "I have decided to wrap up my service at ICANN July 2012," he wrote on Twitter last night. ICANN later followed up with a press release listing his accomplishments. The speculative view among ICANN watchers is that, rather than jumping, Beckstrom was probably pushed overboard by the organisation's board of directors, reportedly unhappy with his performance. Domain name conference organiser Kieren McCarthy, formerly both an ICANN staffer and an El Reg hack, wrote: "We understand Beckstrom's 'decision' was made for him at a secret Board meeting earlier this month." Beckstrom joined ICANN in July 2009, a few months after he noisily resigned from his role as head of the US National Cyber Security Center. On his watch, ICANN entered into a new, lighter-touch oversight relationship with the US Department of Commerce, which was well-received for the greater independence it gave the organisation. He notably presided over the launch of the "internationalized domain names" programme, which gives top-level domains in non-Latin scripts, such as Arabic and Chinese, to various national authorities. He also oversaw the introduction of the DNSSEC security standard to the domain name system's root system a year ago, and the approval of the new generic top-level domains programme this June. But Beckstrom regularly came under fire for the way in which ICANN was perceived to have been managed, in particular for the fact that many senior staffers quit or were fired over the last two years. ICANN was seen as tardy in replacing key personnel, while at the same time making a few curious hires, such as the secret appointment of a self-help guru as vice president, which did not go down well in the ICANN community. This criticism came to a head at ICANN's public meeting in San Francisco this March, during which its staffing priorities were questioned by, among others, .uk chief Lesley Cowley, who has made the topic one of her pet policy peeves. In recent months, many observers have seen the non-renewal of Beckstrom's contract as a foregone conclusion. But in the 10 months remaining before his departure, ICANN has a number of important milestones to navigate. In particular, it needs to look at its so-called IANA contract with the US government, which gives ICANN its powers over the domain name system, is set to be renewed next March. Beckstrom had pushed unsuccessfully for looser terms, but it seems more likely that the US, upset with some of ICANN's recent decisions, will exert greater control over the organisation. ICANN's new gTLD programme is also set to kick off in January, although some are now privately speculating that it could be delayed by legal action in the US. ? From rforno at infowarrior.org Wed Aug 17 19:11:32 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Aug 2011 20:11:32 -0400 Subject: [Infowarrior] - Researchers identify first flaws in AES Message-ID: Researchers identify first flaws in the Advanced Encryption Standard Posted on 17 August 2011. http://www.net-security.org/secworld.php?id=11474 Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by experts. In the last decade, many researchers have tested the security of the AES algorithm, but no flaws were found so far. In 2009, some weaknesses were identified when AES was used to encrypt data under four keys that are related in a way controlled by an attacker; while this attack was interesting from a mathematical point of view, the attack is not relevant in any application scenario. The new attack applies to all versions of AES even if it used with a single key. The attack shows that finding the key of AES is four times easier than previously believed; in other words, AES-128 is more like AES-126. Even with the new attack, the effort to recover a key is still huge: the number of steps to find the key for AES-128 is an 8 followed by 37 zeroes. To put this into perspective: on a trillion machines, that each could test a billion keys per second, it would take more than two billion years to recover an AES-128 key. Note that large corporations are believed to have millions of machines, and current machines can only test 10 million keys per second. Because of these huge complexities, the attack has no practical implications on the security of user data; however, it is the first significant flaw that has been found in the widely used AES algorithm and was confirmed by the designers. The AES algorithm is used by hundreds of millions of users worldwide to protect internet banking, wireless communications, and the data on their hard disks. In 2000, the Rijndael algorithm, designed by the Belgian cryptographers Dr. Joan Daemen (STMicroelectronics) and Prof. Vincent Rijmen (K.U.Leuven), was selected as the winner of an open competition organized by the US NIST (National Institute for Standards and Technology). Today AES is used in more than 1700 NIST-validated products and thousands of others; it has been standardized by NIST, ISO, and IEEE and it has been approved by the NSA for protecting secret and even top secret information. The attack is a result of a long-term cryptanalysis project carried out by Andrey Bogdanov (K.U.Leuven, visiting Microsoft Research at the time of obtaining the results), Dmitry Khovratovich (Microsoft Research), and Christian Rechberger (ENS Paris, visiting Microsoft Research). From rforno at infowarrior.org Thu Aug 18 06:20:54 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Aug 2011 07:20:54 -0400 Subject: [Infowarrior] - DHS / US Chamber Cranking Up The Fear Message-ID: <61DB090B-1EBA-4612-BED4-CAB8092E7507@infowarrior.org> (Even includes spooky music! Remember the 10-year of 9/11 is coming up soon, and we must not forget we're living in the Age of Perma-Fear, Fear of the Strange, and the New Normal. --- rick) DHS Releases Television PSAs to Promote Suspicious Activity Reporting http://publicintelligence.net/dhs-releases-television-psas-to-promote-suspicious-activity-reporting/ < - > The new ?If You See Something, Say Something?? campaign PSAs will be distributed to television and radio stations across the country. The radio and televisions PSAs, available at www.dhs.gov/IfYouSeeSomethingSaySomething, present scenarios involving suspicious activity and educate viewers on how to notify authorities regarding potential threats. < - > From rforno at infowarrior.org Thu Aug 18 06:22:07 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Aug 2011 07:22:07 -0400 Subject: [Infowarrior] - US Court Tells Brazilian Court To Stop Ruling On Copyright Issue That It Wants To Rule On First Message-ID: <647EFAEE-F8CD-441E-B857-8C55C4C4CCBB@infowarrior.org> US Court Tells Brazilian Court To Stop Ruling On Copyright Issue That It Wants To Rule On First http://www.techdirt.com/articles/20110817/12071915559/us-court-tells-brazilian-court-to-stop-ruling-copyright-issue-that-it-wants-to-rule-first.shtml From rforno at infowarrior.org Thu Aug 18 07:14:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Aug 2011 08:14:13 -0400 Subject: [Infowarrior] - =?windows-1252?q?Big_Sis=92_Latest_Terrorists=3A_?= =?windows-1252?q?More_White_Americans?= Message-ID: <169C3C2A-B5EA-4F34-9118-157B0381EEBA@infowarrior.org> (I don't often post stuff from 'edge of moderate' sites here but every now and then something warrants further distribution. -- rick) Big Sis? Latest Terrorists: More White Americans http://www.infowars.com/big-sis-latest-terrorists-more-white-americans/ New DHS video ignores previous controversy over deliberate racial overtones Paul Joseph Watson Infowars.com August 17, 2011 Despite causing controversy last month with a video that portrayed white middle class Americans as the most likely terrorists, the Department of Homeland Security has released yet another PSA that depicts an attempt to bomb a subway station not by Al-Qaeda Muslims, but well-dressed white people. A new Public Service Announcement entitled ?The Drop Off ? If You See Something, Say Something? was unveiled by none other than Big Sis herself, Janet Napolitano, on the Homeland Security website today. The PSA, which will be played on television and radio stations, shows a well dressed attractive white woman exiting a taxi before walking into a subway station. The taxi driver ? a white man ? then makes a phone call and sets a timer on a device in the trunk of the car. The woman then leaves her bag in the station. ?If you see something, say something ? report suspicious activity to local authorities,? states the voiceover as the clip ends with other commuters reporting the incident to a black security guard and a black police officer. In her accompanying statement to the video, DHS chief Napolitano also hints that gun stores could be a prime breeding ground for terrorists, making reference to a recent case where, ?the owner of a gun store near Ft. Hood called authorities when an individual in his store was behaving in a suspicious manner.? As we highlighted last month, a longer PSA recently produced by the DHS overwhelmingly went to significant lengths to portray white Americans as the most likely terrorists, despite the fact that the 126 people who were indicted on terrorist-related charges in the United States over the last two years were all Muslim. Bizarrely, the majority of the people shown reporting suspicious activity to authorities were portrayed as non-whites. The story, first featured on Infowars.com, went viral and prompted a furious response from many, appearing on the Drudge Report, Fox News, Breitbart.tv, the Daily Mail as well as featuring highly amongst the most read articles on the entire Internet during that 24 hour period. The Fox Nation version of the story received well over 2000 comments. Despite the DHS? claims to the contrary, many saw the ad as being deliberately racially motivated. Some concluded that this was merely a nod to political correctness while others viewed it as part of a pattern of demonizing white middle class Americans ? many of whom are furious with the federal government for all manner of different reasons - as the DHS increasingly targets its anti-terror apparatus against politically motivated citizens. Of the numerous different scenarios shown in the video, no less than 12 of them depict white people as terrorists whereas only three are non-whites. In addition, of the people depicted as patriotic Americans for reporting the terrorists, only one of them is white, while seven are non-white. As Pajamas Media highlighted, ?The DHS video goes out of its way to avoid showing any terrorist who fits the profile of the actual terrorists who have been waging war on us for more than a decade: Young men primarily from the Middle East. Instead, it tends to show them as middle aged white men. And it doesn?t really show them doing much of what actual terrorists do. It?s as if DHS is trying to make a completely useless anti-terrorism video.? Watch the video that prompted last month?s controversy below. ********************* Paul Joseph Watson is the editor and writer for Prison Planet.com. He is the author of Order Out Of Chaos. Watson is also a regular fill-in host for The Alex Jones Show. From rforno at infowarrior.org Thu Aug 18 07:16:17 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Aug 2011 08:16:17 -0400 Subject: [Infowarrior] - =?windows-1252?q?Computer_lab=92s_Chinese-made_pa?= =?windows-1252?q?rts_raise_spy_concerns?= Message-ID: <98BC0DCB-0110-48F3-A2A9-D692DA79BA19@infowarrior.org> Computer lab?s Chinese-made parts raise spy concerns By Eli Lake The Washington Times Tuesday, August 16, 2011 http://www.washingtontimes.com/news/2011/aug/16/computer-labs-parts-raise-spy-concerns/print/ A U.S. supercomputer laboratory engaged in classified military research concluded a recent deal involving Chinese-made components that is raising concerns in Congress about potential electronic espionage. The concerns are based on a contract reached this summer between a computer-technology firm and the National Center for Computational Engineering at the University of Tennessee, whose supercomputers simulate flight tests for next-generation U.S. military aircraft and spacecraft, and simulate submarine warfare for the Navy. The storage system for the contract calls for using software from U.S. cybersecurity firm Symantec installed over devices made by Huawei Technologies, a Chinese telecommunications giant that U.S. officials have said has close ties to China's military. Huawei and Symantec formed a joint venture in 2008, with Huawei owning 51 percent of the shares of the enterprise. Last week, four Republican senators and one member of the House Permanent Select Committee on Intelligence urged the Pentagon and Energy Department in a letter to review the contract for potential risks to national security. The lawmakers' request highlights tensions between the intelligence community and high-technology companies on how sensitive computer servers, microchips and software that are designed or produced in foreign countries can provide foreign intelligence services backdoor access to sensitive information systems. "Given Huawei's close ties to the [Chinese] government and its military and intelligence sectors, its history of alleged corrupt practices and infringement on intellectual-property rights, and concerns it may act as an agent for a foreign government, Huawei is not an appropriate partner for advanced U.S. research centers - especially those working on critical or classified defense projects for the United States government," the five lawmakers stated in an Aug. 9 letter to Defense Secretary Leon E. Panetta, Energy Secretary Steven Chu and Mary Schapiro, chairwoman of the Securities and Exchange Commission. The lawmakers were Sens. Jon Kyl of Arizona, Jim DeMint of South Carolina and Tom Coburn and Sen. James M. Inhofe, both of Oklahoma, and Rep. Sue Wilkins Myrick, a North Carolina Republican who chairs the House Intelligence subcommittee that oversees counterintelligence. Huawei's vice president for external affairs, William Plummer, said in an interview Tuesday that the concerns expressed by the lawmakers are misplaced. "This letter is just the most recent chapter in what has become a tiresome book promoting fear about China and slandering Huawei as a proxy," he said. "The fiction is growing old." Huawei was founded in 1988 by Ren Zhengfei, a former engineer for the People's Liberation Army, the Chinese military. U.S. intelligence agencies suspect the company of having the capability of bugging microchips it seeks to install in U.S. networks and equipment that could give China's government the equivalent of a listening post inside U.S. telecommunications architecture. In 2008, the Treasury Department-led Committee on Foreign Investment in the United States blocked a proposed sale of the software company 3com to Huawei, based on national security grounds. Last year, representatives of the National Security Agency urged major telecommunications companies such as AT&T and Sprint to cancel a deal that would put Huawei firmware and hardware on the cell towers of the national 4G wireless network. "My understanding is the ownership of Huawei is closely tied to the government of China," said retired Air Force Col. John Toomer, who left the service this year as deputy director of the cyber and information operations directorate. "We've had that fear for a long time, of having chips compromised by intelligence services," he said. "You are inviting a risk by using chips manufactured by Huawei at such a sensitive facility." Mr. Plummer said in response to that allegation that his company should not be singled out. "Cybersecurity concerns are real, they are global, they are agnostic to national borders and they apply equally to the entire information, communication, technology industry supply chain," Mr. Plummer said. "It is incorrect to suggest that the gear of one vendor is somehow less secure than the gear of another." A 2009 white paper prepared for the congressional U.S.-China Economic and Security Review Commission said China's military has "begun employing this capability to mount a large-scale computer-network exploitation effort for intelligence-gathering purposes against the U.S. and many countries around the world." The five lawmakers, in their letter, raised concerns that Huawei is seeking to place its gear inside sensitive installations by partnering with U.S. vendors. In the case of the University of Tennessee National Center for Computational Engineering, a company called MPAK Technologies won the bid. That company specializes in data-storage architecture, and it has sensitive contracts with the FBI and other U.S. government agencies. In an interview, MPAK founder and CEO Michael Kornblum said his storage architecture was not at risk of being compromised by an intelligence service. Data for the system would be encrypted, and the storage system will not be connected to the Internet. He also said the Huawei hardware was not installed on the disc drives, where the data would be stored. "If you were to do the kinds of activities the senators are talking about, you would put that technology in the disk drives because the data lives on the disk drives," Mr. Kornblum said. "Huawei does not manufacture the disk drives." Jeffrey Carr, the CEO and founder of Taia Global, a cybersecurity firm said, however, that encryption is not enough. "There are so many alternative ways of compromising a network. It can be done through a thumb drive, a printer server," he said. "It could be done through a vendor that seeks to install or to service the equipment, it could be done through an insider, an alternative communication channel like Bluetooth or another peer-to-peer network. It could done through an internal email." Mr. Carr, who first wrote about the lab's contract on his blog last month, said: "If you are targeting an advanced facility, the bad guy will figure out the layout of the network." Another concern expressed by the lawmakers is that Huawei has been subsidized by the Chinese government, giving it an unfair advantage over U.S. companies such as Cisco Systems. In the letter, the U.S. lawmakers stated that Chinese policy gives Huawei the ability to offer much lower prices than their competitors. Mr. Kornblum said his company's bid to build the storage system for the supercomputer was "significantly cheaper." "It's no mystery that Huawei is trying to get into the U.S. market," he said. "They have done some things to enter the U.S. market that were less publicized. But they are going to get into the market, and they are going to eat Cisco's lunch. Huawei's technology is superior." Huawei's Mr. Plummer said his company was given $25 billion in credit from 28 banks around the world, including the Chinese development bank. Mr. Plummer added: "We are doing business no differently than anyone else does business. We have customers, and we have partners, and we have suppliers, and that is how business is done." ? Copyright 2011 The Washington Times, LLC. Click here for reprint permission. From rforno at infowarrior.org Fri Aug 19 08:29:07 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Aug 2011 09:29:07 -0400 Subject: [Infowarrior] - RIAA Targets YouTube Over Leaked Britney Spears Concert Message-ID: RIAA Targets YouTube Over Leaked Britney Spears Concert ? Ernesto ? August 19, 2011 https://torrentfreak.com/riaa-targets-youtube-over-leaked-britney-spears-concert-110819/ As part of a criminal investigation the RIAA has filed a declaration at a federal court in California to obtain the personal details of one of YouTube?s users. Through the legal action against YouTube, the RIAA hopes to find out more about the person who uploaded a recording of Britney Spears? concert at the MGM Grand in Las Vegas a few weeks ago. The RIAA has launched a criminal investigation into a high-quality recording of a Britney Spears concert that was uploaded to YouTube last month. As part of the investigation the music industry group has requested a subpoena against YouTube. Although it?s quite common for the major music labels to send takedown requests to YouTube, as far as we?re aware this is the first time the RIAA has filed legal action against the video hosting site in order to obtain the personal details of an uploader. In a declaration to the court the RIAA?s Vice President of Online Piracy, Mark McDevitt, requests a subpoena ordering YouTube to reveal the IP-address, email address, and any other information that may be used to identify the person who uploaded the concert. TorrentFreak asked the RIAA for a response but their spokesman declined to comment on the case. The video in question has since been removed from YouTube but copies of the full concert can still be found elsewhere on the video site. Although YouTube is listed as a defendant in the court documents, this doesn?t mean YouTube is being held liable for copyright infringement. The filing is for a so-called DMCA subpoena which the RIAA occasionally files as part of ongoing investigations into more ?severe? acts of copyright infringement. The court docket shows that the RIAA filed the legal action against YouTube last month, and that the case was closed after a week. A copyright lawyer informed TorrentFreak that this most likely means that the subpoena was granted by the court and that YouTube agreed to hand over the personal details that were requested. Earlier this year the RIAA filed a similar declaration at a federal court in California, where it requested a subpoena to obtain the personal details of several Box.net users. These individuals were allegedly storing pre-release music on their accounts. Box.net said at the time that they would hand over the requested details if the subpoena was granted. ?We take the confidentiality of our customers? information very seriously, but just like all other businesses, we are legally required to comply with court orders,? the company told THR. Thus far we are not aware of any criminal lawsuits that have appeared as a result of the RIAA?s efforts to track down these alleged copyright infringers. In 2008 the RIAA announced that it would no longer start mass-lawsuits against alleged copyright infringers using P2P networks. However, they reserved the right to go after individuals who leak unreleased content. From rforno at infowarrior.org Sat Aug 20 14:48:53 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Aug 2011 15:48:53 -0400 Subject: [Infowarrior] - OpEd: Flying? Increasingly for the Birds Message-ID: August 19, 2011, 9:00 pm Flying? Increasingly for the Birds By DICK CAVETT Dick Cavett on his career in show business, and more. http://opinionator.blogs.nytimes.com/2011/08/19/flying-increasingly-for-the-birds/ ?I?ll be passing the back of my hand over your buttocks and then come up the insides of your legs up toward the private parts. Is that O.K.?? ?Sounds peachy to me,? I knew not to say. You?re not supposed to joke with airport security, as people have learned the hard way. This makes sense, but as with so much about airport security ? or as someone has called it, ?Security Theater? ? it seems a bit silly. Are terrorists known for their tendency to joke? (Is there a paperback called ?Jokes for Jihadists??) When you refuse, as I do, to be ordered into the big scanner with its ?safe? amount of X-ray, you are made to feel like a wimp and told to ?Stand over there!? And over there ? with maybe one or two others who have also noted that whatever X-rays you are urged to get in life are invariably ?safe? ? you stand, a little ashamed, waiting until the patter gets back from the toilet. On a recent patting (and the patters, I should say, are a nice lot, picked perhaps for their demeanor) the description ?toward the private parts? had a grain of inaccuracy. The rising hands didn?t stop short, causing a slight ?ow? on my part. ?Sorry? was delivered feelingly (no pun intended). Another time, after having been felt up in public, I fell into a pleasant chat with the man with the business-like hands. He?d recognized me, and there were no other pattees waiting. I asked, ?What sort of jokes are you tiredest of by the one patted?? ?Oh, you can probably guess,? my guy said cheerfully. ?Something like, ?Hey, cute stuff, whatcha doin? after the show?? ? I guessed. ?You got it.? ?Any of the would-be humorists ask what sort of man would seek a job patting other men?? ?You got it again.? ?How are you supposed to behave in the face of such wit?? ?Smile and keep patting.? I?m sure no professional patter lives in fear that an accumulation of such micro-erotic experiences will endanger his orientation. Or the passenger?s. As you know, if you endure the increasingly dismal experience of flying, some airports are markedly better then others. Detroit Metro Airport deserves a valentine. My wife, a million-miler out of Detroit from years lived in Ohio, views it as an oasis. The employees seem to have been picked for their helpfulness. And you never stand in a line that seems to stretch to the horizon while additional lanes are closed for no apparent reason. (Saving money with fewer employees?) And the security is just plain better. They find things other places don?t. A friend states, ?I?m horrified at stuff I mistakenly put in my carry-on. And it?s been missed everywhere. Except Detroit.? In my case, a lethal-looking metal letter-opener stuck to the lining of my carry-on bag had passed undiscovered at various less diligent airports by who knows how many previous ?inspectors.? In Detroit it was rightfully seized; but seized in a nice, unnecessarily apologetic ? but professional ? manner, rather than with that cold air of enjoyed power so often seen in the airport worker. Bringing to mind Shakespeare?s ?Dress?d in a little, brief authority.? (A chilling note: another affable patter in another major city, when I asked him if anyone was still dumb enough to try to get bad stuff through security, said, ?Mr. Cavett, you?d be amazed at how many guns we get this way.? I gulped and asked what would be happening to me now if I had one. ?See that guy at the coffee counter? He?s a cop. I raise my hand and next thing you know you?re wearing his ?bracelets.? You go away for a good long time.? ?Thanks,? I said, too stunned to ask who those reckless heat-toters were. From his manner it was clear they weren?t merely licensed gun-carriers who wear them all the time and just forgot.) Another thing about Detroit: they don?t run out of those plastic tubs so you stand around in your stockings while a new load eventually arrives, apparently from another state. Why should there be such a contrast between flying from Detroit and, say, from that bad dream posing as an airport, grubby LaGuardia? Is there a director of some special genius behind the operation? If so, would that person please publish his secrets in a book and pass it around? At LaGuardia, my wife, a seasoned traveler, dutifully presented the see-through plastic bag containing a few small bottles of the approved size containing liquid. One was seized. It contained something she valued. Pointing out that it was regulation size, she got, ?It ain?t labeled, lady.? Supposing whatever possibly dangerous substance it contained had, say, ?olive oil? written on it, I inquired, then would it be O.K.? ?Yes.? ?Do you see anything a little stupid about that?? I asked in my sunniest manner. He appeared not to. He dropped the bottle into the barrel beside him. ?One more question. Do you ever feel a little funny about standing eight inches from a barrel full of possible explosives for the rest of the day?? He went into that mode of looking into the distance, instead of at you. I leaned into his gaze, just for fun. ?Move on,? he sort of belched. Security Theater. That fun house, LaGuardia. From rforno at infowarrior.org Sun Aug 21 09:34:04 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Aug 2011 10:34:04 -0400 Subject: [Infowarrior] - Is the SEC Covering Up Wall Street Crimes? Message-ID: <54454BB9-A489-4CDF-8359-7CB05F454F7B@infowarrior.org> Is the SEC Covering Up Wall Street Crimes? A whistle-blower claims that over the past two decades, the agency has destroyed records of thousands of investigations, whitewashing the files of some of the nation's worst financial criminals. by: Matt Taibbi < - big snip - > http://www.rollingstone.com/politics/news/is-the-sec-covering-up-wall-street-crimes-20110817 From rforno at infowarrior.org Sun Aug 21 09:37:07 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Aug 2011 10:37:07 -0400 Subject: [Infowarrior] - Fmr Moody's analyst reveals ratings firm corruption/conflicts Message-ID: MOODY'S ANALYST BREAKS SILENCE: Says Ratings Agency Rotten To Core With Conflicts Henry Blodget | Aug. 19, 2011, 11:33 AM | 86,164 | 78 A former senior analyst at Moody's has gone public with his story of how one of the country's most important rating agencies is corrupted to the core. The analyst, William J. Harrington, worked for Moody's for 11 years, from 1999 until his resignation last year. From 2006 to 2010, Harrington was a Senior Vice President in the derivative products group, which was responsible for producing many of the disastrous ratings Moody's issued during the housing bubble. Harrington has made his story public in the form of a 78-page "comment" to the SEC's proposed rules about rating agency reform, which he submitted to the agency on August 8th. The comment is a scathing indictment of Moody's processes, conflicts of interests, and management, and it will likely make Harrington a star witness at any future litigation or hearings on this topic. The primary conflict of interest at Moody's is well known: The company is paid by the same "issuers" (banks and companies) whose securities it is supposed to objectively rate. This conflict pervades every aspect of Moody's operations, Harrington says. It incentivizes everyone at the company, including analysts, to give Moody's clients the ratings they want, lest the clients fire Moody's and take their business to other ratings agencies. Moody's analysts whose conclusions prevent Moody's clients from getting what they want, Harrington says, are viewed as "impeding deals" and, thus, harming Moody's business. These analysts are often transferred, disciplined, "harassed," or fired. In short, Harrington describes a culture of conflict that is so pervasive that it often renders Moody's ratings useless at best and harmful at worst. Harrington believes the SEC's proposed rules will make the integrity of Moody's ratings worse, not better. He also believes that Moody's recent attempts to reform itself are nothing more than a pretty-looking PR campaign. We've included highlights of Harrington's story below. Here are some key points: ? Moody's ratings often do not reflect its analysts' private conclusions. Instead, rating committees privately conclude that certain securities deserve certain ratings--but then vote with management to give the securities the higher ratings that issuer clients want. ? Moody's management and "compliance" officers do everything possible to make issuer clients happy--and they view analysts who do not do the same as "troublesome." Management employs a variety of tactics to transform these troublesome analysts into "pliant corporate citizens" who have Moody's best interests at heart. ? Moody's product managers participate in--and vote on--ratings decisions. These product managers are the same people who are directly responsible for keeping clients happy and growing Moody's business. ? At least one senior executive lied under oath at the hearings into rating agency conduct. Another executive, who Harrington says exemplified management's emphasis on giving issuers what they wanted, skipped the hearings altogether. Harrington's story at times reads like score-settling: The constant conflicts and pressures at Moody's clearly grated on him, especially as it became ever clearer that his only incentive not to "cave" to an issuer's every demand was his own self-respect. But Harrington's story also makes clear just how imperative it is that the ratings-agency problem be addressed and fixed. The current system, in which the government blesses organizations as deeply conflicted as Moody's with the power to determine sanctioned bond ratings is untenable. And the SEC's proposed rule changes won't fix a thing. Harrington's story is startling, both in its allegations and specificity. (He names many Moody's executives and describes many instances that regulators and plaintiffs will probably want to take a closer look at.) Given this, we expected Moody's might want to say it has full confidence in its processes or denounce Harrington as a disgruntled ex-employee or something. Instead, Moody's did not return multiple calls seeking comment. Here are key highlights from Harrington's story >>>> < - snip - > http://www.businessinsider.com/moodys-analyst-conflicts-corruption-and-greed-2011-8 From rforno at infowarrior.org Sun Aug 21 10:03:47 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Aug 2011 11:03:47 -0400 Subject: [Infowarrior] - Fwd: Banks told of security flaw with use of caller ID References: Message-ID: <558F8832-5839-4BFE-91E1-8491BCD19CCE@infowarrior.org> Begin forwarded message: > From: Monty Solomon > > Banks told of security flaw with use of caller ID > By Hiawatha Bray > Globe Staff / August 20, 2011 > > A Boston consumer advocate warned yesterday that JPMorgan Chase & Co. > and Bank of America Corp. make it too easy for data thieves to steal > personal information from their credit card customers. > > Former Massachusetts assistant attorney general Edgar Dworsky, who > now runs the consumer education website Consumerworld.org, discovered > the flaw after reading a Globe story about "caller ID spoofing'' > services - Internet sites used to trick caller ID systems into > believing a call comes from a different phone number. > > Identity thieves who know a customer's ZIP code and the last four > digits of his credit card number can use such services to pose as a > customer when calling an automated bank customer service line, > Dworsky said. Retail stores often print the last four numbers of a > credit card account on sales receipts, which a thief could recover > from the trash if discarded by the customer. > > ... > > http://www.boston.com/business/technology/articles/2011/08/20/banks_told_of_security_flaw_with_use_of_caller_id/ > From rforno at infowarrior.org Sun Aug 21 10:18:08 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Aug 2011 11:18:08 -0400 Subject: [Infowarrior] - New data spill shows risk of online health records Message-ID: http://old.news.yahoo.com/s/ap/20110821/ap_on_hi_te/us_tec_medical_data_minefield/print New data spill shows risk of online health records By JORDAN ROBERTSON, AP Technology Writer 6 mins ago SAN FRANCISCO ? Until recently, medical files belonging to nearly 300,000 Californians sat unsecured on the Internet for the entire world to see. There were insurance forms, Social Security numbers and doctors' notes. Among the files were summaries that spelled out, in painstaking detail, a trucker's crushed fingers, a maintenance worker's broken ribs and one man's bout with sexual dysfunction. At a time of mounting computer hacking threats, the incident offers an alarming glimpse at privacy risks as the nation moves steadily into an era in which every American's sensitive medical information will be digitized. Electronic records can lower costs, cut bureaucracy and ultimately save lives. The government is offering bonuses to early adopters and threatening penalties and cuts in payments to medical providers who refuse to change. But there are not-so-hidden costs with modernization. "When things go wrong, they can really go wrong," says Beth Givens, director of the nonprofit Privacy Rights Clearinghouse, which tracks data breaches. "Even the most well-designed systems are not safe. ... This case is a good example of how the human element is the weakest link." Southern California Medical-Legal Consultants, which represents doctors and hospitals seeking payment from patients receiving workers' compensation, put the records on a website that it believed only employees could use, owner Joel Hecht says. The personal data was discovered by Aaron Titus, a researcher with Identity Finder who then alerted Hecht's firm and The Associated Press. He found it through Internet searches, a common tactic for finding private information posted on unsecured sites. The data were "available to anyone in the world with half a brain and access to Google," Titus says. Titus says Hecht's company failed to use two basic techniques that could have protected the data ? requiring a password and instructing search engines not to index the pages. He called the breach "likely a case of felony stupidity." One of the patients affected was Paul Thompson, who learned of the breach from Titus. The Sugarloaf, Calif., electrician blew out his shoulder four years ago on a job wiring up a multiplex movie theater. His insurance company denied his claim, which led to a protracted dispute. He eventually settled. Thompson says his injury has been a "long, painful road." Unable to afford surgery in the U.S. to fix his torn rotator cuff, he paid a medical tourism company that was supposed to schedule a cheaper procedure in Costa Rica. The company went bankrupt, however, and Thompson said he lost nearly $7,300. To have his personal information exposed on top of that was a final indignity. "I'm totally disgusted about everything," he said, calling the breach "another kick in the stomach." Thomson is worried that hackers may have spotted his information online and tagged him for future financial scams. He contacted his bank and set up a fraud alert with the credit reporting agencies. He says the prospect of all health records going electronic ? which federal law mandates should happen by 2014 ? "scares the living hell out of me." When mistakes occur, the fallout can be more severe than the typical breach of email addresses or credit card numbers. In the wrong hands, health records can be used for blackmail and public humiliation. The information can also be used by insurance companies to inflate rates, or by employers to deny job applicants. Usually when personal data are exposed, it's the result of a network break-in by a hacker or a theft of computer equipment. Sometimes, it can be a simple case of someone mishandling the information. Leaks are more likely the more data are passed around within the health industry's increasingly interconnected networks. Dozens of companies can be authorized to handle a single person's medical records. The further away from the health care provider the records get, the flimsier the enforcement mechanisms for ensuring the data are protected. That's exactly what happened at Hecht's company. "Our internal security policies and procedures weren't followed," Hecht says. "When we were notified, we took immediate steps to remediate the situation and took long-term steps to make sure it never happened again." The firm has since put the information behind a password, an approach that has its own security risks. Hecht declined to go into further detail about how the information ended up online. He says many of the Social Security numbers and basic details about people's injuries were part of a database his firm compiled from information regularly sent by the state. Patricia Ortiz, spokeswoman for the state Division of Workers' Compensation, says doctor's notes and other documentation in such cases are publicly available, but they have to be requested one by one. The state stopped including Social Security numbers in those files in 2008; the exposed data came from older files. Ortiz said that once workers' compensation information leaves the state's control, its security is the recipient's responsibility. California, like most states, has a law requiring companies to notify consumers when their information has been breached. Hecht did not return calls from the AP seeking an update on how many patients had been notified. Large-scale medical data breaches have been on the rise in recent years. In one of the biggest, government health data was at risk in 2006 when a laptop with data on 26.5 million veterans was stolen from a government employee's home. The computer equipment was recovered, and the FBI said the sensitive files weren't accessed. This year, hard drives containing health histories, financial information and Social Security numbers of 1.9 million Health Net insurance customers disappeared from an office. State regulators launched investigations into Health Net's security procedures. The California company declined to comment, saying the incident was still under investigation. The latest incident is "an eye-opener, and we're going to get eye-opener after eye-opener," says Jim Dempsey, a security and public policy expert at the Center for Democracy & Technology. As instances of data mishandling become more commonplace, government officials may seek greater control over security policies of companies with access to health care records that aren't currently regulated. "It should be yet another warning bell for companies: You've got your reputation on the line, and you're also facing enforcement action if you don't pay attention to the security of the data you collect and process," Dempsey says. ___ Jordan Robertson can be reached at jrobertson(at)ap.org. From rforno at infowarrior.org Sun Aug 21 17:47:41 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Aug 2011 18:47:41 -0400 Subject: [Infowarrior] - Researchers discover common cause of all forms of amyotrophic lateral sclerosis Message-ID: <19AB581E-BC85-459B-B5C6-86973E75FD41@infowarrior.org> Major breakthrough as researchers discover common cause of all forms of amyotrophic lateral sclerosis August 21, 2011 http://medicalxpress.com/news/2011-08-major-breakthrough-common-amyotrophic-lateral.html The underlying disease process of amyotrophic lateral sclerosis (ALS and Lou Gehrig's disease), a fatal neurodegenerative disease that paralyzes its victims, has long eluded scientists and prevented development of effective therapies. Scientists weren't even sure all its forms actually converged into a common disease process. But a new Northwestern Medicine study for the first time has identified a common cause of all forms of ALS. The basis of the disorder is a broken down protein recycling system in the neurons of the spinal cord and the brain. Optimal functioning of the neurons relies on efficient recycling of the protein building blocks in the cells. In ALS, that recycling system is broken. The cell can't repair or maintain itself and becomes severely damaged. The discovery by Northwestern University Feinberg School of Medicine researchers, published in the journal Nature, provides a common target for drug therapy and shows that all types of ALS are, indeed, tributaries, pouring into a common river of cellular incompetence. "This opens up a whole new field for finding an effective treatment for ALS," said senior author Teepu Siddique, M.D., the Les Turner ALS Foundation/Herbert C. Wenske Professor of the Davee Department of Neurology and Clinical Neurosciences at Northwestern's Feinberg School and a neurologist at Northwestern Memorial Hospital. "We can now test for drugs that would regulate this protein pathway or optimize it, so it functions as it should in a normal state." The discovery of the breakdown in protein recycling may also have a wider role in other neurodegenerative diseases, specifically the dementias. These include Alzheimer's disease and frontotemporal dementia as well as Parkinson's disease, all of which are characterized by aggregations of proteins, Siddique said. The removal of damaged or misfolded proteins is critical for optimal cell functioning, he noted. This breakdown occurs in all three forms of ALS: hereditary, which is called familial; ALS that is not hereditary, called sporadic; and ALS that targets the brain, ALS/dementia. In related research, Feinberg School researchers also discovered a new gene mutation present in familial ALS and ALS/dementia, linking these two forms of the disease. Siddique has been searching for the causes and underlying mechanism of ALS for more than a quarter century. He said he was initially drawn to it because, "It was one of the most difficult problems in neurology and the most devastating, a disease without any treatment or known cause." Siddique's efforts first showed in 1989 that molecular genetics techniques were applicable to ALS, then described the first ALS gene locus in 1991, which led to the discovery of SOD1 and engineering of the first genetic animal model for ALS. ALS affects an estimated 350,000 people worldwide, including children and adults, with about 50 percent of people dying within three years of its onset. In the motor disease, people progressively lose muscle strength until they become paralyzed and can no longer move, speak, swallow and breathe. ALS/dementia targets the frontal and temporal lobes of the brain, affecting patients' judgment, the ability to understand language and to perform basic tasks like planning what to wear or organizing their day. "These people in the prime of their lives and the peak of their productivity get this devastating illness that kills them," Siddique said. "The people who get ALS/dementia, an even more vicious disease, have a double whammy." BROKEN DOWN RECYCLING SYSTEM Feinberg School scientists found the cause of ALS by discovering a protein, ubiquilin2, whose critical job is to recycle damaged or misfolded proteins in motor and cortical neurons and shuttle them off to be reprocessed. In people with ALS, Feinberg researchers found ubiquilin2 isn't doing its job. As a result, the damaged proteins and ubiquilin2 loiter and accumulate in the motor neurons in the spinal cord and cortical and hippocampal neurons in the brain. The protein accumulations resemble twisted skeins of yarn -- characteristic of ALS -- and cause the degeneration of the neurons. Researchers found ubiquilin2 in these skein-like accumulations in the spinal cords of ALS cases and in the brains of ALS/dementia cases. The scientists also discovered mutations in ubiquilin2 in patients with familial ALS and familial ALS/dementia. But the skein-like accumulations were present in people's brains and spinal cords in all forms of ALS and ALS/dementia, whether or not they had the gene mutation. "This study provides robust evidence showing a defect in the protein degradation pathway causes neurodegenerative disease," said Han-Xiang Deng, M.D., lead author of the paper and associate professor of neurology at the Feinberg School. "Abnormality in protein degradation has been suspected, but there was little direct evidence before this study." The other lead author is Wenjie Chen, senior research technologist in neurology. Provided by Northwestern University From rforno at infowarrior.org Sun Aug 21 18:58:08 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Aug 2011 19:58:08 -0400 Subject: [Infowarrior] - =?windows-1252?q?Wall_Street_Aristocracy_Got_=241?= =?windows-1252?q?=2E2_Trillion_in_Fed=92s_Secret_Loans?= Message-ID: <2E80B002-2043-4999-AA32-C18E6DCA7E56@infowarrior.org> Wall Street Aristocracy Got $1.2 Trillion in Fed?s Secret Loans By Bradley Keoun and Phil Kuntz - Aug 21, 2011 7:01 PM ET Citigroup Inc. (C) and Bank of America Corp. (BAC) were the reigning champions of finance in 2006 as home prices peaked, leading the 10 biggest U.S. banks and brokerage firms to their best year ever with $104 billion of profits. By 2008, the housing market?s collapse forced those companies to take more than six times as much, $669 billion, in emergency loans from the U.S. Federal Reserve. The loans dwarfed the $160 billion in public bailouts the top 10 got from the U.S. Treasury, yet until now the full amounts have remained secret. Fed Chairman Ben S. Bernanke?s unprecedented effort to keep the economy from plunging into depression included lending banks and other companies as much as $1.2 trillion of public money, about the same amount U.S. homeowners currently owe on 6.5 million delinquent and foreclosed mortgages. The largest borrower, Morgan Stanley (MS), got as much as $107.3 billion, while Citigroup took $99.5 billion and Bank of America $91.4 billion, according to a Bloomberg News compilation of data obtained through Freedom of Information Act requests, months of litigation and an act of Congress. ?These are all whopping numbers,? said Robert Litan, a former Justice Department official who in the 1990s served on a commission probing the causes of the savings and loan crisis. ?You?re talking about the aristocracy of American finance going down the tubes without the federal money.? < - > http://www.bloomberg.com/news/2011-08-21/wall-street-aristocracy-got-1-2-trillion-in-fed-s-secret-loans.html From rforno at infowarrior.org Sun Aug 21 20:20:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Aug 2011 21:20:33 -0400 Subject: [Infowarrior] - In a Race to Out-Rave, 5-Star Web Reviews Go for $5 Message-ID: <5232C886-37C4-4585-BD24-917B3266862A@infowarrior.org> (c/o DG) August 19, 2011 In a Race to Out-Rave, 5-Star Web Reviews Go for $5 By DAVID STREITFELD http://www.nytimes.com/2011/08/20/technology/finding-fake-reviews-online.html In tens of millions of reviews on Web sites like Amazon.com, Citysearch, TripAdvisor and Yelp, new books are better than Tolstoy, restaurants are undiscovered gems and hotels surpass the Ritz. Or so the reviewers say. As online retailers increasingly depend on reviews as a sales tool, an industry of fibbers and promoters has sprung up to buy and sell raves for a pittance. ?For $5, I will submit two great reviews for your business,? offered one entrepreneur on the help-for-hire site Fiverr, one of a multitude of similar pitches. On another forum, Digital Point, a poster wrote, ?I will pay for positive feedback on TripAdvisor.? A Craigslist post proposed this: ?If you have an active Yelp account and would like to make very easy money please respond.? The boundless demand for positive reviews has made the review system an arms race of sorts. As more five-star reviews are handed out, even more five-star reviews are needed. Few want to risk being left behind. Sandra Parker, a freelance writer who was hired by a review factory this spring to pump out Amazon reviews for $10 each, said her instructions were simple. ?We were not asked to provide a five-star review, but would be asked to turn down an assignment if we could not give one,? said Ms. Parker, whose brief notices for a dozen memoirs are stuffed with superlatives like ?a must-read? and ?a lifetime?s worth of wisdom.? Determining the number of fake reviews on the Web is difficult. But it is enough of a problem to attract a team of Cornell researchers, who recently published a paper about creating a computer algorithm for detecting fake reviewers. They were instantly approached by a dozen companies, including Amazon, Hilton, TripAdvisor and several specialist travel sites, all of which have a strong interest in limiting the spread of bogus reviews. ?The whole system falls apart if made-up reviews are given the same weight as honest ones,? said one of the researchers, Myle Ott. Among those seeking out Mr. Ott, a 22-year-old Ph.D. candidate in computer science, after the study was published was Google, which asked for his r?sum?, he said. Linchi Kwok, an assistant professor at Syracuse University who is researching social media and the hospitality industry, explained that as Internet shopping has become more ?social,? with customer reviews an essential part of the sales pitch, marketers are realizing they must watch over those opinions as much as they manage any other marketing campaign. ?Everyone?s trying to do something to make themselves look better,? he said. ?Some of them, if they cannot generate authentic reviews, may hire somebody to do it.? Web retailers are aware of the widespread mood of celebration among their reviewers, even if they are reluctant to discuss it. Amazon, like other review sites, says it has a preponderance of positive reviews because of a feedback loop: Products with high-star ratings sell more, so they get more reviews than products with poor ratings. But they are concerned about the integrity of those reviews. ?Any one review could be someone?s best friend, and it?s impossible to tell that in every case,? said Russell Dicker, Amazon?s director of community. ?We are continuing to invest in our ability to detect these problems.? The Cornell researchers tackled what they call deceptive opinion spam by commissioning freelance writers on Mechanical Turk, an Amazon-owned marketplace for workers, to produce 400 positive but fake reviews of Chicago hotels. Then they mixed in 400 positive TripAdvisor reviews that they believed were genuine, and asked three human judges to tell them apart. They could not. ?We evolved over 60,000 years by talking to each other face to face,? said Jeffrey T. Hancock, a Cornell professor of communication and information science who worked on the project. ?Now we?re communicating in these virtual ways. It feels like it is much harder to pick up clues about deception.? So the team developed an algorithm to distinguish fake from real, which worked about 90 percent of the time. The fakes tended to be a narrative talking about their experience at the hotel using a lot of superlatives, but they were not very good on description. Naturally: They had never been there. Instead, they talked about why they were in Chicago. They also used words like ?I? and ?me? more frequently, as if to underline their own credibility. How far a business can go to get a good review is a blurry line. A high-end English hotel, The Cove in Cornwall, was recently accused in the British media of soliciting guests to post an ?honest but positive review? on TripAdvisor in exchange for a future discount of 10 percent. Nearly all the recent reviews of the Cove are glowing except for the one headlined, ?Sadly let down by overhyped reviews.? The hotel said it was a loyalty scheme that was being misconstrued. TripAdvisor, though, posted a warning about the Cove?s favorable notices on its page for the hotel. The site declined to say how often it has had to post such caveats. Founded 11 years ago, TripAdvisor never expected to see so many positive reviews. ?We were worried it was going to be a gripe site,? said the chief executive, Stephen Kaufer. ?Who the heck would bother to write a review except to complain?? Instead, the average of the 50 million reviews is 3.7 stars out of five, bordering on exceptional but typical of review sites. Negative reviews also abound on the Web; they are often posted on restaurant and hotel sites by business rivals. But as Trevor J. Pinch, a sociologist at Cornell who has just published a study of Amazon reviewers, said, ?There is definitely a bias toward positive comments.? Mr. Pinch?s interviews with more than a hundred of Amazon?s highest-ranked reviewers found that only a few ever wrote anything critical. As one reviewer put it, ?I prefer to praise the ones I love, not damn the ones I did not!? The fact that just about all the top reviewers in his study said they got free books and other material from publishers and others soliciting good notices may have also had something to do with it. Even if you get a failing grade or two, all is not lost. Dot-coms like Main Street Hub manage the reputations of small businesses for a fixed fee. ?A courteous response to a negative review can persuade the reviewer to change their reviews from two to three or four stars,? said Main Street?s chief executive, Andrew Allison. ?That?s one of the highest victories a local business can aspire to with respect to their critics.? The result, he said: ?It?s like Lake Wobegon. Everyone is above average.? From rforno at infowarrior.org Mon Aug 22 16:24:41 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Aug 2011 17:24:41 -0400 Subject: [Infowarrior] - RIAA files appeal in Jammie Thomas case Message-ID: <28CA434F-2E25-4E01-BC3C-6F062AAECF59@infowarrior.org> (Can we all agree that "RIAA" stands for "Really Ignorant Antagonistic A--hats"?? -- rick) RIAA files appeal in Jammie Thomas case By: Greg Sandoval August 22, 2011 11:39 AM PDT http://news.cnet.com/8301-31001_3-20095566-261/riaa-files-appeal-in-jammie-thomas-case The large record companies have filed an appeal in their long-running copyright case against Jammie Thomas-Rasset, a Minnesota woman who was found liable for illegal file sharing. In court documents filed with the U.S. Court of Appeals for the Eighth Circuit in St. Louis, the Recording Industry Association of America (RIAA) says it is appealing several decisions made during the case, going back to 2008. Last month, a federal court once again lowered the amount a jury ordered Thomas-Rasset to pay to compensate the RIAA for damages. Last year, Rasset was ordered to pay $62,500 for each of the 24 songs she was accused of uploading illegally to the Web. But U.S. District Court Judge Michael Davis in Minnesota lowered the sum to $2,250 per song and with that, instead of owing the music labels $1.5 million, Thomas-Rasset currently owes them $54,000. According to the documents filed with the appeals court by the RIAA, the trade group that represents all four of the largest trade companies wants the judges to determine: Whether the district court erred by concluding that making a copyrighted work available for download on an online file-sharing network is insufficient to constitute a 'distribution' under 106(3) of the Copyright Act, and therefore refusing to enjoin defendant from making plaintiffs' copyrighted sound recordings available to the public. Whether the district court erred by concluding that it had committed an error in instructing the jury that making a copyrighted work available for download on a online file-sharing network constitutes a "distribution" under 1063 of the Copyright Act and therefore vacating the jury's verdict and ordering a new trial. Whether the district court erred by holding that the jury's award of statutory damages for defendant's willful copyright infringement violated the due process clause even though it was well within the range of damages awards authorized by 504(c) of the Copyright Act. More to come From rforno at infowarrior.org Mon Aug 22 17:37:02 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Aug 2011 18:37:02 -0400 Subject: [Infowarrior] - Investigative look at FBI's use of informants in terror cases Message-ID: <5D366FB6-6205-4D90-94DC-193B41B691DC@infowarrior.org> Via BB: Michael from Mother Jones sez, "This is a yearlong investigation by Mother Jones and the Investigative Reporting Program at UC-Berkeley explores the network of thousands of informants the FBI employs in its domestic counter-terrorism program, operating in gray area where the snitches don't merely observe and report, but actively push their targets (in many cases hapless losers who never would have acted otherwise) to pursue their darkest fantasies. In the process, MoJo created a searchable database of 509 terror prosecutions." (http://boingboing.net/2011/08/22/how-paid-fbi-anti-terror-informants-lead-terrorist-attacks-that-the-fbi-foils.html) Full article @ http://motherjones.com/special-reports/2011/08/fbi-terrorist-informants From rforno at infowarrior.org Mon Aug 22 20:23:58 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Aug 2011 21:23:58 -0400 Subject: [Infowarrior] - S&P president steps down Message-ID: <8ECCA767-4214-4DB0-A122-9D5150EED596@infowarrior.org> August 23, 2011 1:21 am Sharma to step down as S&P president By David Gelles and John McDermott in New York http://www.ft.com/intl/cms/s/0/a25b647c-cd12-11e0-88fe-00144feabdc0.html Deven Sharma is stepping down as president of Standard & Poor?s only weeks after the rating agency issued an unprecedented downgrade of the credit of the US, according to people familiar with the matter. Mr Sharma will remain as an adviser to S&P?s owner, McGraw-Hill, for four months and leave the company at the end of the year, they said. Mr Sharma will be replaced as S&P president by Douglas Peterson, chief operating officer of Citibank, the banking unit of Citigroup, they said. The downgrade of US credit on August 5 led to the worst single day fall in US equity prices since the depths of the financial crisis, and triggered weeks of global market volatility. People familiar with the matter said Mr Sharma?s departure was unrelated to the downgrade or reports that S&P is being investigated by the justice department in connection with its ratings of dozens of mortgage securities in the years leading up to the financial crisis. The McGraw-Hill board made the decision to replace Mr Sharma at a meeting on Monday, where it also discussed an ongoing strategic review. People close to the company said the search for Mr Sharma?s replacement has been going on for six months, and was triggered by the split of its data, pricing and analytics business from its ratings business. The creation of that new group, McGraw-Hill Financial, reduced the scope of Mr Sharma?s oversight, they said. S&P has been subject to intense criticism following its decision to downgrade the rating on US sovereign debt from triple A to double A plus. This came after an agreement to raise the US debt limit fell short of the $4,000bn-worth of deficit reduction measures that S&P suggested would be necessary to avert a downgrade. Obama administration officials attacked the ratings agency for an ?error? in its methodology that meant it initially forecast a debt-to-GDP ratio of 93 per cent by 2021 rather than the 85 per cent that was projected in its final downgrade report. S&P quickly agreed with US Treasury officials that its analysis was based on different baseline scenarios but disagreed with the ?error? characterisation. ?I think S&P has shown really terrible judgment and they?ve handled themselves poorly, and they have shown a stunning lack of knowledge about basic US fiscal budget math, and I think they came to exactly the wrong conclusion,? Tim Geithner, US Treasury secretary, told MSNBC. Company officials hope that Mr Peterson?s appointment will help repair relations with Washington. Mr Peterson is known in the financial community as a seasoned banker with solid operating experience. McGraw-Hill is also under pressure from activist investors seeking a break-up of the company and has acknowledged it has begun a strategic review of its entire portfolio. ?Everything is being scrutinised [and] we expect to continue this process with a number of significant actions in the second half of this year,? Terry McGraw, chairman and chief executive, told analysts last week. Mr Sharma joined S&P in 2006 as an executive vice-president and was appointed president in 2007. For the previous five years, he had worked for the McGraw-Hill Companies, S&P?s parent company. He previously worked at the management consulting firm Booz Allen Hamilton. Under his leadership, S&P, along with other major credit rating agencies, has come under attack for its analysis of structured products such as collateralised debt obligations linked to subprime mortgages. The Dodd-Frank Act, a landmark piece of financial regulation passed just over a year ago, made proposals to diminish the influential role of credit ratings in financial markets. Copyright The Financial Times Limited 2011. You may share using our article tools. Please don't cut articles from FT.com and redistribute by email or post to the web. From rforno at infowarrior.org Tue Aug 23 06:49:35 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Aug 2011 07:49:35 -0400 Subject: [Infowarrior] - Serious Crypto Bug Found in PHP 5.3.7 Message-ID: (c/o MC) August 22, 2011, 9:45AM Serious Crypto Bug Found in PHP 5.3.7 by Dennis Fisher https://threatpost.com/en_us/blogs/serious-crypto-bug-found-php-537-082211 The maintainers of the PHP scripting language are warning users about a serious crypto problem in the latest release and advising them not to upgrade to PHP 5.3.7 until the bug is resolved. PHP 5.3.7 was just released last week and that version contained fixes for a slew of security vulnerabilities. But now a serious flaw has been found in that new release that is related to the way that one of the cryptographic functions handles inputs. In some cases, when the crypt() function is called using MD5 salts, the function will return only the salt value instead of the salted hash value. The problem does not occur when using Blowfish or DES, only with MD5. The initial bug report on the problem in the PHP system appeared Aug. 17, the day before the public stable release of PHP 5.3.7. "If crypt() is executed with MD5 salts, the return value conists of the salt only. DES and BLOWFISH salts work as expected. I tested with php from openSUSE PHP5 repository," the report said. Several other users reproduce the problem on various other platforms. The PHP Group, which maintains the scripting language, said in a bug report on the crypt () problem that it has fixed the issue in an intermediate build and plans to release a new stable version of PHP in the next few days. PHP is one of the more widely used scripting languages and is also a frequent attack vector for Web-based attacks, as are other popular scripting languages. Because of its popularity, PHP vulnerabilities and attacks can be quite serious and potentially affect millions of users. However, because PHP 5.3.7 is only a few days old, it's likely that many users have not yet upgraded. The PHP Group released PHP 5.3.7 on August 18 and the new version had fixes for quite a few bugs, including six security problems. One of the issues that 5.3.7 fixed was a problem with the crypt() function, but it was a separate bug from the current problem with salts. From rforno at infowarrior.org Tue Aug 23 12:57:54 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Aug 2011 13:57:54 -0400 Subject: [Infowarrior] - 5.8 quake just hit Northern Virginia Message-ID: <3129F61D-768C-4D6F-9B32-47FA099EA7CD@infowarrior.org> 5.8 quake just hit Northern Virginia From rforno at infowarrior.org Tue Aug 23 13:00:23 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Aug 2011 14:00:23 -0400 Subject: [Infowarrior] - VA quake details Message-ID: <59076DA4-6E91-4DC4-914F-6F98423FBE04@infowarrior.org> Magnitude 5.8 - VIRGINIA 2011 August 23 17:51:03 UTC ? Details ? Maps ? Tsunami http://earthquake.usgs.gov/earthquakes/recenteqsww/Quakes/at00lqe6x3.php Earthquake Details ? This event has been reviewed by a seismologist. Magnitude 5.8 (Preliminary magnitude ? update expected within 15 minutes) Date-Time ? Tuesday, August 23, 2011 at 17:51:03 UTC ? Tuesday, August 23, 2011 at 01:51:03 PM at epicenter Location 37.875?N, 77.908?W Depth 6 km (3.7 miles) set by location program Region VIRGINIA Distances ? 15 km (9 miles) S (179?) from Mineral, VA ? 18 km (12 miles) SSE (154?) from Louisa, VA ? 26 km (16 miles) ENE (58?) from Columbia, VA ? 54 km (34 miles) NW (314?) from Richmond, VA ? 139 km (87 miles) SW (214?) from Washington, DC Location Uncertainty Error estimate not available Parameters NST= 17, Nph= 17, Dmin=59.5 km, Rmss=0.33 sec, Gp=173?, M-type="moment" magnitude from initial P wave (tsuboi method) (Mi/Mwp), Version=1 Source ? West Coast and Alaska Tsunami Warning Center/NOAA/NWS Event ID at00lqe6x3 From rforno at infowarrior.org Tue Aug 23 14:53:45 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Aug 2011 15:53:45 -0400 Subject: [Infowarrior] - Virginia nuclear plant shut down by quake Message-ID: <3ACBF0EB-0AF6-4E2B-A5FD-EF8375B8345E@infowarrior.org> Virginia nuclear plant shut down by quake By the CNN Wire Staff August 23, 2011 3:43 p.m. EDT http://www.cnn.com/2011/US/08/23/virginia.quake.nuclear/ (CNN) -- Tuesday's Virginia earthquake triggered the shutdown of a nearby nuclear power plant and "unusual event" declarations at nine others across the East Coast, U.S. authorities reported. Dominion Virginia Power said both reactors at its North Anna plant, less than 20 miles from the epicenter of the magnitude-5.9 quake, shut down after the first tremors. Amanda Reidelbach, an emergency management spokeswoman for Louisa County, said the plant was running on emergency power and was venting steam, but there was no release of radioactive material. Dominion Virginia said reactors at its other nuclear station, the Surry plant near Newport News, were still running. David McIntyre, a spokesman for the Nuclear Regulatory Commission, said North Anna and Surry declared an "unusual event," the lowest level of emergency at a U.S. nuclear plant. Other plants issuing similar declarations were the Calvert Cliffs plant in Maryland; Pennsylvania's Susquehanna, Three Mile Island, Limerick and Peach Bottom plants; and the Oyster Creek, Hope Creek and Salem plants in New Jersey. From rforno at infowarrior.org Tue Aug 23 15:01:27 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Aug 2011 16:01:27 -0400 Subject: [Infowarrior] - Samsung cites science fiction as prior art in US iPad patent case Message-ID: Tuesday, August 23, 2011 Samsung cites science fiction as prior art in US iPad patent case By Daniel Eran Dilger Published: 03:10 PM EST (12:10 PM PST) http://www.appleinsider.com/articles/11/08/23/samsung_cites_science_fiction_as_prior_art_in_us_ipad_patent_case.html In its opposition brief against Apple's US motion for a preliminary injunction against sales of its Galaxy S, Infuse 4G, Droid Charge and Galaxy Tab 10.1, Samsung is claiming a depiction of a video device from "2001: a Space Odyssey" as prior art. Samsung's full opposition filing isn't yet public as it was filed under seal, but FOSS Patents has reported on one element the company plans to use in its defense: that the appearance of a device in a work of science fiction could be referenced as prior art to invalidate design patents. Samsung depicts a scene from "2001" where actors in the futuristic 1968 Stanley Kubrick film watch a TV news broadcast from what appears to be a digital newspaper while they eat a meal. The company describes the scene as depicting astronauts "using personal tablet computers." Samsung states that "the tablet disclosed in the clip has an overall rectangular shape with a dominant display screen, narrow borders, a predominately flat front surface, a flat back surface (which is evident because the tablets are lying flat on the table's surface), and a thin form factor." The movie does not, however, depict any interaction with a user interface on the device. Other works of science fiction have depicted tablet computers in various forms. Fictional or artistic representations of inventions can be used to invalidate design patents. Robert A. Heinlein, who was described as one of the "Big Three" science fiction writers alongside Isaac Asimov and Arthur C. Clarke, wrote detailed descriptions of the concept of a waterbed while hospitalized in the mid 1930s. His writings were later used as prior art to prevent a patent from being awarded in the 1960s as the waterbed started to become popular. Apple was recently sued by Klausner Technologies over a patent claim against the iPhone's Visual Voicemail, a feature that could have similarly been defended with science fiction prior art. However, Apple settled with the company and licensed its patent. Apple's US case against Samsung However, Samsung has far more at stake in this case because Apple is seeking to block a wide range of its products as willfully infringing copies, rather than just seeking some licensing revenue. Apple notes it its complaint that it "is limiting this motion to new products that Samsung recently released in the U.S. Apple has not targeted the unreleased Galaxy S 2 phone and GalaxyTab 8.9 tablet computer. Apple reserves the right to seek a preliminary injunction against those two products as their release becomes imminent." The company adds that "unless enjoined, Samsung's sales of a new round of copycat products will cause irreparable harm to Apple that cannot be adequately compensated by damages. Accordingly, Apple requests that the Court issue a preliminary injunction and ensure that innovation ? not unlawful imitation ? is protected." Apple's patent claims Apple's US case for a preliminary injunction against Samsung relates to three US Design Patents (D618,677, D593,087 and D504,889) and a technology patent (7,469,381 described as "list scrolling and document translation, scaling, and rotation on a touch-screen display") which Apple has previously asserted against HTC and Nokia. Apple's D677 and D087 patents relate to the design of the front face of the iPhone, while D889 pertains to the iPad's overall design. The '381 patent is "a clever method for displaying images on touch screens: when one uses a finger to drag a displayed page past its bottom edge, for example, and releases the finger, the page bounces back to fill the full screen." Apple stated that Nokia previously initiated a reexamination of the '381 patent "which included the best prior art references Nokia could find," but the Patent Office confirmed the validity of all twenty claims related to the patent. Samsung's "2001" prior art appears to be directed at elements of the D889 design patent. However, Apple's complaint cites previous court decisions ruling that "the critical issue is whether 'the effect of the whole design [is] substantially the same' ? 'minor differences between a patent design and an accused article?s design cannot, and shall not, prevent a finding of infringement.'" Another case Apple cites found "if the accused design has copied a particular feature of the claimed design that departs conspicuously from the prior art, the accused design is naturally more likely to be regarded as deceptively similar to the claimed design, and thus infringing." Apple's complaint notes that "the Samsung Galaxy Tab 10.1 is substantially, even strikingly, similar to Apple?s minimalist, patented D889 design, which in turn looks very different from the prior art," referencing actual design patents for tablet computers filed by IBM and Hitachi. From rforno at infowarrior.org Tue Aug 23 16:42:43 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Aug 2011 17:42:43 -0400 Subject: [Infowarrior] - Verizon's (looney) Moneymaking Plans Message-ID: <19853A28-F2A9-497B-843D-11D33A7BBD60@infowarrior.org> Verizon Moneymaking Plans: Low Bandwidth Caps + New High Bandwidth Services = Profits? from the or-pissed-off-customers dept http://www.techdirt.com/articles/20110823/02050815630/verizon-moneymaking-plans-low-bandwidth-caps-new-high-bandwidth-services-profits.shtml We've argued before that the rush by various mobile operators to push for (very low) bandwidth caps is going to backfire. They're trying to get more people using their services, while at the same time making it harder for them to actually make use of those services. Now users have to be a lot more aware of how much bandwidth something is using, which also creates serious mental transaction costs. Verizon recently put in place extremely low data caps (2 gigs?!?) with extremely high overage fees ($10 per gig?). And... just a few weeks later the company announces a (high bandwidth) video on demand offering and set it up so you can't use it over WiFi. In other words, the only way to use this high bandwidth offering is over the network with the low caps and the high overage fee. Have fun paying for those videos you watch. That's going to add up fast. From rforno at infowarrior.org Tue Aug 23 16:46:53 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Aug 2011 17:46:53 -0400 Subject: [Infowarrior] - DHS's earthquake advice: Don't call Message-ID: <543D620D-1A19-4080-A040-BD7848C633F0@infowarrior.org> DHS's earthquake advice: Don't call By: Tony Romm August 23, 2011 04:17 PM EDT http://dyn.politico.com/printstory.cfm?uuid=183F6631-EB3C-4DFB-85A6-2C312557C4B4 The Department of Homeland Security had some advice for people trying to contact family members in the wake of Tuesday?s earthquake: ?Avoid calls.? While wireless carriers said their systems weren?t hurt by the 5.9 quake, the resulting call volume did them in. ?Very high call volumes post East Coast quake, but no known network damage at Verizon. As you place calls, you may get temp. busy signals,? Verizon tweeted to followers. A spokesman for Verizon Wireless later told POLITICO there?s no damage to the wireless network, ?which is built for reliability in situations like this.? While the spokesman did note there was ?some network congestion,? he added the network has ?been returning to normal quickly.? T-Mobile also noted ?higher call volumes,? and urged customers to try email or text message. Sprint noticed trouble too, alerting customers via Twitter. ?We are currently experiencing an intermittent mass calling event as is expected following an incident of this nature,? a spokesman later told POLITICO. ?There are no reported physical impacts to our networks and we encourage customers to be patient, and send a text message rather than call at this time if they need to reach family and friends.? AT&T, meanwhile, only said, ?We are seeing no reports of network damage but we are seeing heavy call volumes.? The difficulty in communicating after Tuesday?s earthquake echoed the problems New Yorkers and Washingtonians faced amid the Sept. 11 attacks. It also served as a stark reminder: Nearly 10 years after those attacks, Congress has not yet found common ground on efforts to build a nationwide data network for public safety officials. It is unclear if public safety communications were affected by Tuesday?s earthquake. But the difficulties with the commercial wireless system led DHS to suggest over Twitter: ?tell friends/family you are OK via text, email and social media.? This article first appeared on POLITICO Pro at 3:50 p.m. on August 23, 2011. From rforno at infowarrior.org Wed Aug 24 07:13:30 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Aug 2011 08:13:30 -0400 Subject: [Infowarrior] - With CIA help, NYPD moves covertly in Muslim areas Message-ID: <91BE8E50-0A40-4366-941C-C3B95F4221BA@infowarrior.org> With CIA help, NYPD moves covertly in Muslim areas By ADAM GOLDMAN - Associated Press, MATT APUZZO - Associated Press | AP ? 1 hr 56 mins ago NEW YORK (AP) ? In New Brunswick, N.J., a building superintendent opened the door to apartment No. 1076 one balmy Tuesday and discovered an alarming scene: terrorist literature strewn about the table and computer and surveillance equipment set up in the next room. The panicked superintendent dialed 911, sending police and the FBI rushing to the building near Rutgers University on the afternoon of June 2, 2009. What they found in that first-floor apartment, however, was not a terrorist hideout but a command center set up by a secret team of New York Police Department intelligence officers. From that apartment, about an hour outside the department's jurisdiction, the NYPD had been staging undercover operations and conducting surveillance throughout New Jersey. Neither the FBI nor the local police had any idea. Since the terrorist attacks of Sept. 11, 2001, the NYPD has become one of the country's most aggressive domestic intelligence agencies. A months-long investigation by The Associated Press has revealed that the NYPD operates far outside its borders and targets ethnic communities in ways that would run afoul of civil liberties rules if practiced by the federal government. And it does so with unprecedented help from the CIA in a partnership that has blurred the bright line between foreign and domestic spying. Neither the city council, which finances the department, nor the federal government, which contributes hundreds of millions of dollars each year, is told exactly what's going on. The department has dispatched teams of undercover officers, known as "rakers," into minority neighborhoods as part of a human mapping program, according to officials directly involved in the program. They've monitored daily life in bookstores, bars, cafes and nightclubs. Police have also used informants, known as "mosque crawlers," to monitor sermons, even when there's no evidence of wrongdoing. NYPD officials have scrutinized imams and gathered intelligence on cab drivers and food cart vendors, jobs often done by Muslims. Many of these operations were built with help from the CIA, which is prohibited from spying on Americans but was instrumental in transforming the NYPD's intelligence unit. A veteran CIA officer, while still on the agency's payroll, was the architect of the NYPD's intelligence programs. The CIA trained a police detective at the Farm, the agency's spy school in Virginia, then returned him to New York, where he put his new espionage skills to work inside the United States. And just last month, the CIA sent a senior officer to work as a clandestine operative inside police headquarters. While the expansion of the NYPD's intelligence unit has been well known, many details about its clandestine operations, including the depth of its CIA ties, have not previously been reported. The NYPD denied that it trolls ethnic neighborhoods and said it only follows leads. In a city that has repeatedly been targeted by terrorists, police make no apologies for pushing the envelope. NYPD intelligence operations have disrupted terrorist plots and put several would-be killers in prison. "The New York Police Department is doing everything it can to make sure there's not another 9/11 here and that more innocent New Yorkers are not killed by terrorists," NYPD spokesman Paul Browne said. "And we have nothing to apologize for in that regard." But officials said they've also been careful to keep information about some programs out of court, where a judge might take a different view. The NYPD considers even basic details, such as the intelligence division's organization chart, to be too sensitive to reveal in court. One of the enduring questions of the past decade is whether being safe requires giving up some liberty and privacy. The focus of that debate has primarily been federal programs like wiretapping and indefinite detention. The question has received less attention in New York, where residents do not know for sure what, if anything, they have given up. The story of how the NYPD Intelligence Division developed such aggressive programs was pieced together by the AP in interviews with more than 40 current and former New York Police Department and federal officials. Many were directly involved in planning and carrying out these secret operations for the department. Though most said the tactics were appropriate and made the city safer, many insisted on anonymity, because they were not authorized to speak with reporters about security matters. The story begins with one man. < - big snip - > http://news.yahoo.com/cia-help-nypd-moves-covertly-muslim-areas-090019915.html From rforno at infowarrior.org Wed Aug 24 07:26:32 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Aug 2011 08:26:32 -0400 Subject: [Infowarrior] - Airport Screening Follies Message-ID: <628085F0-3F4A-4FB0-9870-3B1F4F735115@infowarrior.org> August 23, 2011 Civil Liberties and the TSA Airport Screening Follies by WILLIAM JOHN COX http://www.counterpunch.org/2011/08/23/airport-screening-follies/ Google ?TSA stupidity? and you will find that almost one-and-a-half million websites have something to say about the subject. If the United States is to avoid another major terrorist attack on its air transportation system without placing greater restrictions on the civil liberties of air travelers, the Transportation Security Administration (TSA) had better get smart. Everyone who travels by air in the United States has a depressing story to tell about airport screening. Media stories of a gravely ill 95-year-old grandmother forced to remove her adult diaper before being allowed on a plane and viral videos showing terrified children being intimately touched by TSA agents are more than depressing. They are a chilling commentary on the police state increasingly accepted by the American public in the name of security. Air travelers dare not complain. TSA standards focus additional scrutiny on travelers who are ?very arrogant? and express ?contempt against airport passenger procedures.? Is such repression the only choice? Or, can TSA officers be trained to exercise the necessary discretion to detect would-be terrorists, while allowing innocent travelers to swiftly and safely pass through screening? A reasonable and practical balance in airport security screening policy must be obtained before another terrorist attack results in even greater repression. Today?s TSA Shocked that poorly-trained airport security guards allowed terrorists armed with box cutters to board and use four passenger airplanes as flying missiles of mass destruction, Congress established the TSA two months after 9-11. Fifty thousand Transportation Security Officers (TSO) were quickly hired and rushed through one-week training courses. Although these officers are now federal employees and receive improved training, they are still security guards. Even so, as ?officers? of Homeland Security, they exercise great power over the flying public. TSA transformed contract screening guards into quasi-law enforcement officers and provided uniform training and policies; however, the TSA was organized as a top-down directed organization which allows very little discretion to individual officers. It?s ?one size fits all? approach to screening results in well intended, but outrageous conduct by its agents. In an attempt to prevent collective bargaining and to avoid adding Democratic-leaning permanent workers to the federal bureaucracy, the Republican-controlled Congress exempted TSA employees from most federal civil service laws. Instead, the Secretary of Homeland Security and the TSA administrator were given virtually unlimited authority to create a personnel system. This action was to have a number of unintended consequences. Although legislation has been introduced to bring TSA officers into the federal civil service, the TSA administrator retains absolute control over the personnel system. Exercising this power, administrator John Pistole granted some bargaining rights earlier this year. While Pistole?s order provides greater job protection to officers, it does nothing to improve the existing TSA personnel selection system. As presently constituted, the employment process perpetuates mediocrity and limits the ability of TSA managers to hire and promote the most qualified officers. Currently TSA job applicants primarily use the Internet to identify job announcements for TSA airport operations at more than 450 airports, complete applications and take an online test to measure their ability to operate screening equipment. All English-speaking U.S. citizens over the age of 18 with a high school diploma, a GED, or one year of experience as a security officer or x-ray technician, meet the basic requirements for TSA officers, as long as they are current in their payment of income taxes and child support. The main problem is that, once applicants meet these minimum requirements and pass a physical examination, drug screening and perfunctory background investigation, they are lumped together with all other applicants in a hiring pool for each job site. Unlike general civil service rules, there are no ranked lists of the most qualified applicants within these pools. Under the personnel standards established by the TSA administrator, local managers are required to select officers from the hiring pool based on the earliest applicant first, irrespective of their additional qualifications. Thus, a local TSA manager must hire a high-school dropout with a GED and no experience who applied one day before a college graduate with a degree in criminal justice and who earned his or her way through college working for the campus police department. While some managers conduct oral interviews of candidates, only in rare cases are they allowed to reject candidates who meet the minimum qualifications. Laboring under a flawed selection process and making the best of available candidates, TSA has identified three basic ways to achieve mission effectiveness: baggage inspection, passenger screening and, most recently, behavior observation. Although every checked bag is not hand inspected, passengers are not allowed to lock baggage unless special TSA locks are used. As a result most bags are inspected by inspectors who are either working alone or under limited supervision. There have been some recent improvements in baggage security; however, the New York Press reports that ?according to Transportation Security Administration records, press reports and court documents, . . . approximately 500 TSA officers? have been ?fired or suspended for stealing from passenger luggage since the agency?s creation. . . .? Every passenger is personally screened before boarding commercial aircraft and the majority of TSA officers are deployed to handle this task. Having a mission in which officers ?literally touch passengers? and their most private possessions ?requires a workforce of the best and brightest? according to Nico Melendez, TSA Public Affairs Manager of the Pacific Region. Unfortunately, because of low hiring standards and minimum training, many, if not most screening officers possess poor people skills and manage to offend a large portion of the flying public on a daily basis. Seeking to emulate the Israeli model of ?identifying the bomber, rather than the bomb,? TSA deployed Behavior Detection Officers (BDO) in 2007 under its Screening of Passengers by Observation Techniques (SPOT) program. Officers randomly ask passengers questions, such as ?Where are you traveling,? while looking for facial cues that might indicate deception or terrorist intent, leading to additional questioning and closer inspection of baggage. Thousands of BDOs are now working in hundreds of airports and the program is being expanded; however, they are generally selected from screening personnel and only given two weeks of training before being deployed. There has been no scientific validation of the program and, although there have been hundreds of criminal arrests, most have been for documentation issues, such as immigration violations and outstanding warrants. Would improved personnel selection procedures of TSA officers better insure the safety of the flying public and reduce the incidence of civil rights violations? Building a Better TSA The essential question is whether TSA officers are security guards or police officers when it comes to the manner in which they lay hands on the bodies and belongings of passengers. The difference in the two roles being the manner and extent to which they make decisions. Security guards with minimal training cannot be expected to exercise discretion in critical matters. They are told exactly what or what not to do. The result is that screaming children are being felt up by strangers and the sick and elderly are publicly humiliated. On the other hand, even with the ?mandatory? criminal laws passed in the past 30 years, America?s free society still requires the exercise of arrest, prosecution and sentencing discretion in the criminal justice system, if there is to be individual justice in an individual case. TSA must rethink the manner in which its officers are hired and trained to allow greater discretion, without an unacceptable rise in the risk of a terrorist attack. The TSA has been moving in this direction with its ?risk-based intelligence-driven screening process?; however, its steps have been hesitant and unsure, as it has staggered from incident to increasingly negative incident. Melendez believes the key to successful screening is a workforce capable of implementing a risk-based screening process based upon updated software and equipment and ready access to an improved data base. So, how can a marginally trained group of 50,000 security guards be converted into a professional workforce, which has the intellectual ability and training to use sophisticated detection equipment and computer data bases and which allows TSA officers to decide which sick person or young child should be allowed to proceed without a mandatory body search? Selection. A former high-level TSA manager, who declined to be publicly identified, firmly believes that TSA could build an elite organization, if local managers were simply allowed to rank the hiring pools by qualifications, rather than having to hire the candidate who filed the earliest application. Certainly there is a need to avoid discrimination in hiring and to create a ?diverse and inclusive? workforce that is reflective of the public it serves; however, police departments have used a civil service process for decades that involves testing and interviews to establish priority lists to ensure the employment and promotion of the most qualified candidates. Among the federal law enforcement agencies, the FBI moves applicants though a multi-phase selection process in which advancement depends upon ?their competitiveness among other candidates?; Secret Service applicants must pass several examinations and a series of in-depth interviews; and ATF applicants who pass entrance exams and assessment tests have to successfully complete a ?field panel interview.? The current recession and high unemployment rate has resulted in a gigantic pool of highly-qualified and well-educated people who are looking for work. At the same time, TSA has been experiencing a fairly high turnover of employees, even though it offers a generous salary and benefit package. Given all of this, there is a golden opportunity to improve the quality of the TSA workforce, particularly as it relates to the ability of its officers to exercise discretion. A recent informal survey of airport car rental employees revealed that all of them were college graduates; however, they generally earned less and had fewer benefits than the TSA officers who worked in the same building. In fact, most national car rental companies require all applicants to have college degrees. Avis says, ?College graduates, start your engines? in its attempt to attract ?energetic pro-active college graduates who are eager to accelerate their careers in a fast-paced environment.? Enterprise ?prefers? college degrees since applicants will ?be involved in a comprehensive business skills training program that will help you make crucial business decisions. . . .? Clearly it is neither necessary nor appropriate for all TSA applicants to be college graduates; however, local TSA managers should be allowed to consider levels of education, as well as length and quality of relevant experience, in establishing priority lists for hiring replacement officers and for promoting officers to supervisory or BDO positions. Revised personnel policies that rank applicants by qualifications for these advanced positions would also allow TSA managers to directly hire more qualified candidates, such as retired police officers, for positions requiring a higher level of decision making. Training. Currently, most training of TSA officers is conducted through online applications of standardized instruction. While such training may be adequate to communicate rule-based procedures to security guards, it is inadequate to teach the more finely nuanced insights required for officers to safely exercise discretion in individual cases. Behavior Detection Officers and supervisors are currently selected from the ranks of TSOs and receive as little as two weeks of additional training upon promotion. However, a successful risk-based screening process involving critical thinking requires more intensive development and training. Obviously, TSA can?t fire 50,000 officers and start all over again from scratch, but surely there is a way to safely maintain the basic security guard approach to screening yet allow for higher levels of discretion during the process? Assuming that TSA managers are allowed to more effectively promote officers and to select supervisors and Behavior Detection Officers from outside the organization, and further that TSA could improve the training of supervisors and BDOs, they could begin to exercise the quality of discretion which would allow small children and elderly grandmothers to safely pass through security without impermissible assaults. TSA should consider establishing regional training academies at the larger facilities around the country to provide classroom training for newly-appointed supervisors and BDOs into the nature of policy, the concept of rational profiling and the exercise of security discretion in a free society. Policy. The concept of policy, as differentiated from procedures and rules, is that policies are intended as broad guidelines for the exercise of discretion allowing decision makers some flexibility in their application. The exercise of critical discretion will fail in the absence of effective policies. This was recognized by the National Advisory Commission on Criminal Justice Standards and Goals in its Report on the Police in 1973: ?If police agencies fail to establish policy guidelines, officers are forced to establish their own policy based on their understanding of the law and perception of the police role. Errors in judgment may be an inherent risk in the exercise of discretion, but such errors can be minimized by definitive policies that clearly establish limits of discretion.? We are all aware of the insidious and repressive nature of racial profiling that has been practiced by some law enforcement agencies. Indeed, one criticism of the TSA Behavior Detection program involved Newark BDOs known as ?Mexican hunters? was that they concentrated on Hispanic-appearing individuals, resulting in a large number of arrests for immigration violations. Well-considered policies can allow BDOs to productively direct their attention to the most suspicious candidates for extended questioning, rather than to mindlessly and repetitively ask every single traveler where they are going. With improved policy guidance and greater discretion, BDOs might actually identify and stop a real threat, but they will only offend even more travelers if they continue to follow rote procedures. Perhaps most importantly, such polices can provide commonsense guidelines for qualified decision makers at each screening station to allow obviously harmless grandmothers and children to avoid intrusive body contact, while focusing attention on those individuals more likely to be a terrorist. The Right Direction According to TSA 101, a 2009 overview of the TSA, the agency seeks to evolve itself ?from a top-down, follow-the-SOP culture to a networked, critically-thinking, initiative-taking, proactive team environment.? TSA Administrator John Pistole wants ?to focus our limited resources on higher-risk passengers while speeding and enhancing the passenger experience at the airport.? On June 2, 2011, Pistole testified before Congress that ?we must ensure that each new step we take strengthens security. Since the vast majority of the 628 million annual air travelers present little to no risk of committing an act of terrorism, we should focus on those who present the greatest risk, thereby improving security and the travel experience for everyone else.? It appears TSA is moving in the right direction and John Pistole may the person to keep in on course. Prior to his appointment by President Obama in May 2010, he served as the Deputy Director of the FBI and was directly involved in the formation of terrorism policies. Most significantly, his regard for civil rights was suggested by his approval of FBI policy placing limits on the interrogation of captives taken during the ?war on terror.? The policy prohibited agents from sitting in on coercive interrogations conducted by third parties, including the CIA, and required agents to immediately report any violations. Hopefully, Mr. Pistole will exercise his authority to bring about improved selection and training of TSA personnel and will promulgate thoughtful screening policies which will result in a safer and less stressful flying experience for everyone. # # # William John Cox is a retired prosecutor and public interest lawyer, author and political activist. He authored the portions of the Police Task Force Report on the role of the police and policy formulation for the National Advisory Commission on Criminal Justice Standards and Goals in 1973. He can be contacted at u2cox at msn.com. From rforno at infowarrior.org Wed Aug 24 07:52:02 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Aug 2011 08:52:02 -0400 Subject: [Infowarrior] - Comscore, Website Data Tracker, Sued for Alleged Secret Software Installs Message-ID: <7232AC36-D918-4321-AFD0-4749619638D0@infowarrior.org> Comscore, Website Data Tracker, Sued for Alleged Secret Software Installs By Andrew Harris - Aug 24, 2011 12:01 AM ET http://www.bloomberg.com/news/2011-08-23/comscore-website-data-tracker-sued-for-alleged-secret-software-installs.html Comscore Inc. (SCOR), a company that measures website traffic, was accused in a lawsuit by two Internet users of surreptitiously installing data-mining software on their computers. The company?s secret installation of the programs, which come bundled with free screen-saver software and other applications, violates Illinois and U.S. laws including the federal Electronic Communications Privacy Act, according to a federal lawsuit filed yesterday in Chicago. ?The scope and breadth of data that Comscore collects from unsuspecting customers is terrifying,? Californian Jeff Dunstan and Illinois resident Mike Harris said in their complaint. Comscore, based in Reston, Virginia, compiles Internet traffic data from about 2 million consumers in 170 countries and then markets the information to financial analysts, advertising agencies and other businesses, according to its own website. Harris and Dunstan said the company?s software collects user names and passwords, credit card numbers, and prices paid for consumer goods purchased on line, in addition to logging the sites consumers visited and ads they?ve clicked on. ?We have reviewed the lawsuit and find it to be without merit and full of factual inaccuracies,? Andrew Lipsman, a Comscore vice president, said in an e-mailed statement. ?Comscore intends to aggressively defend itself against these claims.? The plaintiffs seek a class action, or group, status to sue on behalf of anyone who had Comscore surveillance software installed without their permission and on behalf of anyone who, like Dunstan, paid to have it professionally uninstalled. They also asked for a court order barring the company from continuing its allegedly unlawful practices. The case is Harris v. Comscore Inc., 11cv5807, U.S. District Court, Northern District of Illinois (Chicago). To contact the reporter on this story: Andrew Harris in Chicago at aharris16 at bloomberg.net To contact the editor responsible for this story: Michael Hytha at mhytha at bloomberg.net From rforno at infowarrior.org Thu Aug 25 06:32:16 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Aug 2011 07:32:16 -0400 Subject: [Infowarrior] - =?windows-1252?q?Dyson=3A_What=92s_in_a_Domain_Na?= =?windows-1252?q?me=3F?= Message-ID: <5C7BED84-3122-4D1C-B83C-3311FAF2435D@infowarrior.org> What?s in a Domain Name? Esther Dyson http://www.project-syndicate.org/commentary/dyson35/English NEW YORK ? A name is just a sound or sequence of letters. It carries no value or meaning other than as a pointer to something in people's minds ? a concept, a person, a brand, or a particular thing or individual. In modern economies, people distinguish between generic words, which refer to concepts or a set of individual things (a certain kind of fruit, for example), and trademarks, which refer to specific goods or services around which someone has built value. By law, actual words can?t be trademarks, but specific arrangements of words ? such as Evernote or Apple Computer ? can be protected. The Internet?s domain-name system (DNS) was formalized in the late 1990?s by the Internet Corporation for Assigned Names and Numbers (ICANN). I was ICANN?s founding chairman, and we more or less followed the rules of trademarks, with an overlay of ?first come, first served.? If you could show that you owned a trademark, you could get the ?.com? domain for that name, unless someone else with a similar claim had gotten there first. (The whole story is more complex, but too long to go into here.) Our mission was to create competition for Network Solutions, the monopoly player at the time, but we did so only in part. Network Solutions retained control of the .com registry, whereas we created a competitive market for the reseller business whereby registrars sold names directly to users. Now ICANN is taking a different tack, allowing for a dramatic expansion of the namespace with a host of new Top-Level Domains (TLDs), the suffixes that go after the dot, such as .com, .org, and, soon, .anything. The problem is that expanding the namespace ? allowing anyone to register a new TLD such as .apple ? doesn?t actually create any new value. The value is in people?s heads ? in the meanings of the words and the brand associations ? not in the expanded namespace. In fact, the new approach carves up the namespace: the value formerly associated with Apple could now be divided into Apple.computers, apple.phone, ipod.apple, and so on. If this sounds confusing, that is because it is. Handling the profusion of names and TLDs is a relatively simple problem for a computer, even though it will require extra work to redirect hundreds of new names (when someone types them in) back to the same old Web site. It will also create lots of work for lawyers, marketers of search-engine optimization, registries, and registrars. All of this will create jobs, but little extra value. To me, useless jobs are, well, useless. And, while redundant domain names are not evil, I do think that they are a waste of resources. Imagine you own a patch of land and have made it valuable through careful farming practices ? good seeds, irrigation, fertilizers, and bees to pollinate the crops. But now someone comes along and says, ?We will divide your land into smaller parcels and charge you to protect each of them.? Coca-Cola is that farmer. It and other trademark holders are now implicitly being asked to register Coca-Cola in each new TLD ? as well as to buy its own new TLDs. Otherwise, someone else may create and register those new TLDs. ICANN?s registrars are already offering services to do this for companies, at a cost of thousands of dollars for a portfolio of trademarks. That just strikes me as a protection racket. The problem is not the shortage of space in the field of all possible names, but the subdivision of space in Coca-Cola?s cultivated namespace. The only shortage is a shortage of space in people?s heads. The issues are slightly different when it comes to ?generic? TLDs, such as .green. I recently had a Twitter conversation with Annalisa Roger, founder of DotGreen.org, who told me about the value her group will be adding to .green: marketing, brand identity, raising money for NGOs. But I couldn?t help wondering why she can?t just add the same value to DotGreen.org. Instead, she will have to start with a $185,000 application fee to ICANN, and spend thousands more on lawyers to study and fill in application forms. Of course, you could argue that ?green? already has quite a bit of value ? as a generic term that stands for something. Indeed, it makes me slightly uncomfortable that ICANN can claim control of it in order to sell it to someone. Suppose, for example, that a cheese maker buys .cheese (as was suggested by one person at a new-TLD meeting recently) and uses it to favor only its own brands? Proponents argue that more TLDs would foster innovation. But the real innovation has been in companies such as Facebook, LinkedIn, Twitter, and Foursquare, which are creating their own new namespaces rather than hijacking the DNS. Indeed, when ICANN started more than ten years ago, we were accused of commercializing the Internet. In fact, we were building an orderly market, setting policies for how much registries could charge, fostering competition among registrars, and making sure that we served the public interest. Unfortunately, we failed to deliver on that promise. Most of the people active in setting ICANN?s policies are involved somehow in the domain-name business, and they would be in control of the new TLDs as well. It?s worth it to them to spend their time at ICANN meetings (or to send staffers), whereas domain names are just a small part of customers? and user? lives. And that means that the new TLDs are likely to create money for ICANN?s primary constituents, but only add costs and confusion for companies and the public at large. Of course, if I am right, the DNS will lose its value over time, and most people will get to Web sites and content via social networks and apps, or via Google (or whatever supersedes it in the competitive marketplace). The bad news is that there could well be much superfluous expense and effort in the meantime. Esther Dyson, CEO of EDventure Holdings, is an active investor in a variety of start-ups around the world. Her interests include information technology, health care, private aviation, and space travel. Copyright: Project Syndicate, 2011. www.project-syndicate.org From rforno at infowarrior.org Thu Aug 25 09:19:47 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Aug 2011 10:19:47 -0400 Subject: [Infowarrior] - Rob "CmdrTaco" Malda Resigns From Slashdot Message-ID: Rob "CmdrTaco" Malda Resigns From Slashdot Posted by CmdrTaco on Thursday August 25, @09:00AM from the steve-got-front-cutsies dept. http://meta.slashdot.org/story/11/08/25/1245200/Rob-CmdrTaco-Malda-Resigns-From-Slashdot After 14 years and over 15,000 stories posted, it's finally time for me to say Good-Bye to Slashdot. I created this place with my best friends in a run down house while still in college. Since then it has grown to be read by more than a million people, and has served Billions and Billions of Pages (yes, in my head I hear the voice). During my tenure I have done my best to keep Slashdot firmly grounded in its origins, but now it's time for someone else to come aboard and find the *future*. Personally I don't have any plans, but if you need to get ahold of me for any reason, you can find me as @cmdrtaco on twitter or Rob Malda on Google+. You could also update my mail address to be malda at cmdrtaco dot net. Hit the link below if you want to read some nostalgic saccharine crap that I need to get out of my system before I sign off for the last time. It was the summer of '97 and I was a college kid working part time as a programmer at an ad agency. I wrote a simple CMS: practically my first perl program (I was so happy to not have to write in anything Microsoft!). I got an old DEC Alpha Multia in exchange for some freelance Java work. I stuffed it under my desk at work and registered the domain name in October. Jeff "Hemos" Bates chipped in on the registration fee. Within months we were serving thousands of people per day on a system that looked remarkably similar to the Slashdot you see today. It was simple: I just was sharing stories that I stumbled on with a small group of friends. When I wrote the essay "Simple Solutions" a few months later, we doubled in traffic almost overnight. New hardware had to be purchased. Soon we exceeded the bandwidth capacity of our ISP and had to start co-locating. This meant banner ads. I barely made it through the end of college, working night and day on a site that was growing so fast, it was all I could do to keep up. We started making a little money and I eventually was able to quit my job and dedicate myself full-time to Slashdot. I barely graduated. Soon my friends followed me, eventually forming our company Blockstackers. As my little hobby became a full blown business, it became clear that we needed help. The burden of running Sales and Marketing and HR it was to much for us. Slashdot was sold to Andover in '99. Since Slashdot was founded, my business card has read Blockstackers, Andover, Andover.net, VA Linux Systems, VA Software, OSDN, OSTG, SourceForge, and finally Geeknet. My title has changed several times: from my first card which read "Lies and Misinformation", until today when my title read "Editor-in-Chief of Slashdot.org". During that entire time, my job has been some version of the same thing: Make Slashdot Great. I always did my best, and I'd like to think that I got it right more often than not. In the last 14 years, Slashdot has covered so many amazing events: The explosion of Linux. The rise of Google. The return of Apple. The Dot Com Bubble. The DMCA. 9/11. Wars. Elections. Numerous successful Shuttle Launches and one Disaster. Scientific Breakthroughs galore. Cool toys. Web2.0! Social Networking. Blogging! Podcasting! Micro-Blogging! The Lord of the Rings being filmed and an entire trilogy of new Star Wars. OMG Ponies!! So many moments that I could run this paragraph for hours with moments where we shared something important, meaningful, or just stupid. But the most important to me was my marriage proposal to Kathleen. Slashdot has posted Over 114,000 stories so far. And there will be many more to come. I just won't be the one picking them. Slashdot has been read by kernel engineers and billionaires. By sys-admins and CEOs. By high school kids and government bureaucrats. But what brings so many of them together is that we are nerds. It never ceases to amaze me the similarities that I find between us all when I climb out of my dungeon and go meet readers. From the inside of some of the most wonderful places on earth, to conference halls with useless wireless connections, to cube farms, you guys always reminded me of why I started this thing in the first place. We share something important and unquantifiable. The internet has changed dramatically since I started here, and that's part of my reason for leaving. For me, the Slashdot of today is fused to the Slashdot of the past. This makes it really hard to objectively consider the future of the site. While my corporate overlords and I haven't seen eye to eye on every decision in the last decade, I am certain that Jeff Drobick and the other executives at Geeknet will do their best. I am unquestionably confident in the abilities of the Slashdot editors and engineers- some of whom have been here just short of forever. They have proven themselves in the best and worst of conditions to be capable and dedicated. As part of my resignation, after this story appears I will lose the ability to post. For me, this is the most bitter pill to swallow. Posting stories has always been my favorite part of the job. I created Slashdot to share these stories with my friends from IRC and school. It was never 'work'. Now I will have to go cold turkey. I'm walking away from the soapbox I built. I wish I could continue to post stories forever, but those closest to me know that if I maintained the ability to post, I'd never move on. I'll continue to read Slashdot and hopefully my occasional story submissions will make the cut. My old mantra: News for Nerds, Stuff that Matters still holds true here today. Nobody does it better. As for what's next, I really don't know. I don't have a job lined up. I have no plans. I'm gonna spend some time with my boys and my wife. Read some books that have been on my shelf forever. Maybe it's time to write a book of my own. If you want to get ahold of me, my email is now malda at cmdrtaco dot net. Geeknet has graciously agreed to continue to forward malda at slashdot dot org forever, but you should still update your address books if you care. I'm available on twitter as @cmdrtaco and Google+. My homepage hasn't been updated in a decade, but it's still CmdrTaco.net. And since I'm going to have to find a job in a few months, I'm on LinkedIn as well. Thanks to everyone who helped build Slashdot over the years: the list is far to long to fit in this textfield but you know who you are, and you all know that I've got your back in a knife fight. Lastly, thanks to every Slashdot reader for giving me your time all these years. I hope I've wasted it efficiently and enjoyably. Pants are optional. From rforno at infowarrior.org Thu Aug 25 19:44:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Aug 2011 20:44:13 -0400 Subject: [Infowarrior] - =?windows-1252?q?more_on_=2E=2E=2E_Dyson=3A_What?= =?windows-1252?q?=92s_in_a_Domain_Name=3F?= References: <4E56C385.5080408@cavebear.com> Message-ID: Karl used to be an ICANN director and was a voice of reason on the Board and in subsequent public discussions about ICANN and DNS policy. -- rick Begin forwarded message: > From: Karl Auerbach > Date: August 25, 2011 5:49:57 PM EDT > > > There is a subtle distinction that is often lost in these discussions about ICANN and top level domains. > > I, personally, believe that there is a lot of hyperbole and balloon thinking about new top level domains, of any kind, cc, g, etc. Buy why should my opinion matter enough to prevent other people from engaging in lawful activities? > > The issue for me is not whether various people believe that TLD expansion will be profitable or useful to one group, another group, or everybody. > > Rather, the issue for me is whether ICANN ought to have the authority to deny people the right to act on their beliefs, to risk their own capital, and to expend their own efforts. > > We've tended to adopt the IETF/IAB notion of the internet as a place where a benevolent technocracy of enlightened techno kings can deny people from engaging in acts, otherwise lawful acts, that the benevolent lords think is unwise of contrary to the spirit of the internet as they personally perceive it. > > These judgments regarding "the best use" of the internet are often wrapped as technical arguments which sometimes, maybe even often, start to wobble when one begins to question the foundational assumptions. > > In the late 1960's there were efforts by the benevolent overlords of the internet of that era, the telephone network, to deny light and air to what they believed was the wrongheaded idea that data could be moved in the form of packets that are bounced around a network of routing nodes. Fortunately that idea got some light and air and became the internet. > > And an example of a policy wrapped as a technical argument occurred in the early 1950's with the Hush-a-Phone where AT&T and its captive regulatory body, the FCC, claimed, as a technical matter, that a passive plastic hand attached to a telephone mouthpiece would cause operators to go deaf, linemen to be jolted off of poles, and other forms of telephonic catastrophe to occur. Of course, all that was false and merely served to provide cover for what was an attempt by AT&T to preserve its business model. > > The idea of free and open internet innovation has somewhat ossified under the i-bodies (IETF, IAB, ISOC, ICANN) into something that to my view is rather similar to the images of common during the 1930's where technology, white and pure, free of dirty politics and craven motivations, would rule the world and make it the utopia. That was the image of films such as "Things to Come" and books such as "Stranger in a Strange Land". > > There are those of us who believe that ICANN's role should be that which was professed when it was created - the role of assuring technical stability, meaning that domain name query packets are efficiently, quickly, and accurately transformed into domain name response packets with no bias against any query source or query question. > > Such a role would not engage in speculation about whether a TLD is "good" or "bad", or even whether the proponent is engaged in lawful activities (there are enough law enforcement bodies without the need to pin a badge onto ICANN.) It would merely require that the proponent engage in broadly accepted and practiced, written, technical guidelines and standards regarding the operation of DNS servers. > > But that is not where ICANN has gone. And it is that straying that allows people to try to be a tail that wags the ICANN dog to coerce the uses of the internet into channels of their personal liking. > > --karl-- > From rforno at infowarrior.org Thu Aug 25 21:08:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Aug 2011 22:08:33 -0400 Subject: [Infowarrior] - C.I.A. Demands Cuts in Book About 9/11 and Terror Fight Message-ID: August 25, 2011 C.I.A. Demands Cuts in Book About 9/11 and Terror Fight By SCOTT SHANE http://www.nytimes.com/2011/08/26/us/26agent.html WASHINGTON ? In what amounts to a fight over who gets to write the history of the Sept. 11 attacks and their aftermath, the Central Intelligence Agency is demanding extensive cuts from the memoir of a former F.B.I. agent who spent years near the center of the battle against Al Qaeda. The agent, Ali H. Soufan, argues in the book that the C.I.A. missed a chance to derail the 2001 plot by withholding from the F.B.I. information about two future 9/11 hijackers living in San Diego, according to several people who have read the manuscript. And he gives a detailed, firsthand account of the C.I.A.?s move toward brutal treatment in its interrogations, saying the harsh methods used on the agency?s first important captive, Abu Zubaydah, were unnecessary and counterproductive. Neither critique of the C.I.A. is new. In fact, some of the information that the agency argues is classified, according to two people who have seen the correspondence between the F.B.I. and C.I.A., has previously been disclosed in open Congressional hearings, the report of the national commission on 9/11 and even the 2007 memoir of George J. Tenet, the former C.I.A. director. Mr. Soufan, an Arabic-speaking counterterrorism agent who played a central role in most major terrorism investigations between 1997 and 2005, has told colleagues he believes the cuts are intended not to protect national security but to prevent him from recounting episodes that in his view reflect badly on the C.I.A. Some of the scores of cuts demanded by the C.I.A. from Mr. Soufan?s book, ?The Black Banners: The Inside Story of 9/11 and the War Against Al Qaeda,? seem hard to explain on security grounds. Among them, according to the people who have seen the correspondence, is a phrase from Mr. Soufan?s 2009 testimony at a Senate hearing, freely available both as video and transcript on the Web. Also chopped are references to the word ?station? to describe the C.I.A.?s overseas offices, common parlance for decades. The agency removed the pronouns ?I? and ?me? from a chapter in which Mr. Soufan describes his widely reported role in the interrogation of Abu Zubaydah, an important terrorist facilitator and training camp boss. And agency officials took out references to the fact that a passport photo of one of the 9/11 hijackers who later lived in San Diego, Khalid al-Midhar, had been sent to the C.I.A. in January 2000 ? an episode described both in the 9/11 commission report and Mr. Tenet?s book. In a letter sent Aug. 19 to the F.B.I.?s general counsel, Valerie E. Caproni, a lawyer for Mr. Soufan, David N. Kelley, wrote that ?credible sources have told Mr. Soufan that the agency has made a decision that this book should not be published because it will prove embarrassing to the agency.? In a statement, Mr. Soufan called the C.I.A?s redactions to his book ?ridiculous? but said he thought he would prevail in getting them restored for a later edition. He said he believed that counterterrorism officers have an obligation to face squarely ?where we made mistakes and let the American people down.? He added: ?It saddens me that some are refusing to address past mistakes.? A spokeswoman for the C.I.A., Jennifer Youngblood, said, ?The suggestion that the Central Intelligence Agency has requested redactions on this publication because it doesn?t like the content is ridiculous. The C.I.A.?s pre-publication review process looks solely at the issue of whether information is classified.? She noted that under the law, ?Just because something is in the public domain doesn?t mean it?s been officially released or declassified by the U.S. government.? A spokesman for the F.B.I., Michael P. Kortan, declined to comment. The book, written with the assistance of Daniel Freedman, a colleague at Mr. Soufan?s New York security company, is scheduled to go on sale Sept. 12. Facing a deadline this week, the publisher, W. W. Norton and Company, decided to proceed with a first printing incorporating all the C.I.A.?s cuts. If Mr. Soufan ultimately prevails in negotiations or a legal fight to get the excised material restored, Norton will print the unredacted version, said Drake McFeely, Norton?s president. ?The C.I.A.?s redactions seem outrageous to me,? Mr. McFeely said. But he noted that they are concentrated in certain chapters and said ?the book?s argument comes across clearly despite them.? The regular appearance of memoirs by Bush administration officials has continued a debate over the facts surrounding the failure to prevent 9/11 and the tactics against terrorism that followed. In former Vice President Dick Cheney?s memoir, set for publication next week, he writes of the harsh interrogations that ?the techniques worked.? A book scheduled for publication next May by Jos? A. Rodriguez Jr., a former senior C.I.A. official, is expected to give a far more laudatory account of the agency?s harsh interrogations than that of Mr. Soufan, as is evident from its tentative title: ?Hard Measures: How Aggressive C.I.A. Actions After 9/11 Saved American Lives.? Government employees who hold security clearances are required to have their books vetted for classified information before publication. But because decisions on what should be classified can be highly subjective, the prepublication review process often becomes a battle. Several former spies have gone to court to fight redactions to their books, and the Defense Department spent nearly $50,000 last year to buy and destroy the entire first printing of an intelligence officer?s book, which it said contained secrets. The C.I.A. interrogation program sharply divided the C.I.A. and the F.B.I., whose director, Robert S. Mueller III, ordered agents to stop participating in the program after Mr. Soufan and other agents objected to the use of physical coercion. But some C.I.A. officers, too, opposed the brutal methods, including waterboarding, and it was their complaint to the C.I.A.?s inspector general that eventually led to the suspension of the program. ?The Black Banners? traces the origins and growth of Al Qaeda and describes the role of Mr. Soufan, 40, a Lebanese-American, in the investigations of the East African embassy bombings of 1998, the attack on the American destroyer Cole in 2000, 9/11 and the continuing campaign against terrorism. Starting in May, F.B.I. officials reviewed Mr. Soufan?s 600-page manuscript, asking the author for evidence that dozens of names and facts were not classified. Mr. Soufan and Mr. Freedman agreed to change wording or substitute aliases for some names, and on July 12 the bureau told Mr. Soufan its review was complete. In the meantime, however, the bureau had given the book to the C.I.A. Its reviewers responded this month with 78-page and 103-page faxes listing their cuts. From rforno at infowarrior.org Thu Aug 25 21:09:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Aug 2011 22:09:46 -0400 Subject: [Infowarrior] - In Britain, a Meeting on Limiting Social Media Message-ID: <2C85FED9-5F80-45BE-99BD-A8759FAF356C@infowarrior.org> In Britain, a Meeting on Limiting Social Media By RAVI SOMAIYA http://www.nytimes.com/2011/08/26/world/europe/26social.html LONDON ? British officials and representatives of Twitter, Facebook and BlackBerry met Thursday to discuss voluntary ways to limit or restrict the use of social media to combat crime and periods of civil unrest, while trying to dodge charges of hypocrisy and censorship that trailed Prime Minister David Cameron?s call to restrict use of the networks after this month?s riots. The government?s home minister, Theresa May, according to one account of the meeting, said that the aim was not to ?discuss restricting Internet services,? but to instead ?crack down on the networks being used for criminal behavior.? A spokeswoman for Ms. May said the government ?would not be seeking any additional powers.? But the discussion, according to those present, was still aimed at reeling in social media and strengthening the hand of law enforcement in gathering information from those networks. In the wake of revolutions that have seen widespread calls for freedom and democracy, free-speech advocates have said, the British government is considering similar policies to those it has criticized in totalitarian and one-party states. ?You do not want to be on a list with the countries that have cracked down on social media during the Arab Spring,? said Jo Glanville, the editor of Index on Censorship, a magazine that campaigns for freedom of expression, noting that such actions could ?undermine democracy.? Indeed, Iran, criticized by the West for restricting the Internet and curbing free speech, seemed to savor the moment and offered in the immediate aftermath of the riots to ?send a human rights delegation to Britain to study human rights violations in the country,? according to the semiofficial Fars News Agency. Mr. Cameron had called for stronger controls on social media after nimble, smartphone-armed rioters and looters used the networks to outmaneuver the police. But while his call drew an outcry in some quarters, it also received heartfelt applause in others, where restoring order was seen as a higher priority than the rights of social networkers. ?I can understand why some people would feel uneasy,? said Gordon Scobbie, a senior police officer who leads efforts to sharpen the force?s social media presence and who was present at the meeting of Facebook, Twitter and the company that owns BlackBerry, Research in Motion. ?But if they?re allowing criminal activity ? and this was high-end criminality, people lost their lives in these riots ? I struggle to see how that can just go on.? ?We have a duty to protect people,? he added, ?and that?s always balanced with human rights, online or offline. It?s no different now.? The officials and the executives met in private in government offices. The companies declined, beyond carefully written statements, to say what specific new measures they would be taking in cooperation with the British police and government. But Mr. Scobbie said the group had discussed how far the networks might be willing to bend privacy rules to assist the police in pursuing online criminal activity. Twitter, he said, giving an example, might consider compelling people to use their real names instead of anonymous handles. Research In Motion has already agreed to provide the British police information from the BlackBerry Messenger network ? used by many rioters to organize and strategize ? under certain circumstances, he said. They might consider allowing ?protocols? for easier access in future. RIM has previously negotiated with Saudi Arabia and India to allow some monitoring of users? messages. Mr. Scobbie and others present at the meeting said that the police were also considering using social media analysis software tools to parse enormous quantities of data available online for signs of future unrest. ?When people use a telephone, under certain circumstances, law enforcement has a means of intercepting that,? he said. ?Just because it?s different media, we shouldn?t stand back and say, ?We don?t play in that space.? ? The police, he said, must have authority online and in real life. But Heather Brooke, a freedom-of-information advocate who has written extensively about privacy online, cautioned that such secret negotiations came ?with no judicial review or accountability,? adding, ?Who?s checking to see whether the police are just going around fishing for information on the whole population, or going for people or groups they don?t like?? Ms. Glanville, the free-speech advocate, described ?a panic, a knee-jerk response to criminality and immorality? behind such measures, citing the cases of two men sentenced to four years in jail each for posting Facebook messages encouraging rioting, though no riots occurred. Politicians and the British judiciary were ?out of touch,? she said. The police, she said, have found social media a useful tool, helping to catch hapless looters who posted pictures of stolen goods online, and communities have used the same networks to gather together to repair their neighborhoods. ?It?s not about social media, it?s about the state of the nation. Instead of taking about our great difficulties, we?re talking about the medium.? It is not the first time Britain has wrestled with such dilemmas. Last year, Paul Chambers, 26, frustrated by an airport?s closing, threatened in a jokey Twitter message to blow the airport ?sky high.? When he was arrested and fined, losing his job in the process, he became a cause c?l?bre, with the comedian Stephen Fry among those offering support for his case. This year, tens of thousands of Twitter users flouted a court order imposed on more traditional media and named a soccer player, Ryan Giggs, who was said to have had an affair with a reality TV star. Some of the nations that have been criticized by the West for their own draconian crackdowns on inconvenient freedoms of speech have watched Britain?s recent struggles with barely disguised glee. In China, The Global Times, a government-controlled newspaper, praised Mr. Cameron?s comments, writing that ?the open discussion of containment of the Internet in Britain has given rise to a new opportunity for the whole world.? From rforno at infowarrior.org Fri Aug 26 20:55:39 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Aug 2011 21:55:39 -0400 Subject: [Infowarrior] - AT&T Now Charging You For Not Using Enough Long Distance Message-ID: AT&T Now Charging You For Not Using Enough Long Distance Company's Nickel and Diming Continues Despite T-Mobile Desires http://www.dslreports.com/shownews/ATT-Now-Charging-You-For-Not-Using-Enough-Long-Distance-115869 AT&T has been engaging in a lot of nickel-and-diming behavior of late that's normal for an anti-competitive giant, but a little odd for a company trying to sell regulators on their $39 billion acquisition of T-Mobile. After imposing some of the lowest caps and highest rates in the wireless industry, AT&T imposed new usage caps on broadband users without making sure the meters work. They followed that up by cracking down on unofficial tetherers (imposing a fee for doing nothing while crippling smartphones) and then substantially jacking up the price of SMS service by killing off one of their most popular SMS plans. Now according to the Cleveland Plain Dealer, AT&T has added a new $2-a-month "minimum use" fee to traditional landline users (all six of you left) who don't use enough long distance for AT&T's liking: AT&T has added a new $2-a-month "minimum use" fee to the phone bills of landline customers who don't have long-distance calling plans. In other words, customers who rarely, if ever, make long-distance calls are the ones most likely to pay the fee. Those customers can avoid the fee, a company spokeswoman said, as long as they make at least $2 worth of long-distance calls a month. Imposing obnoxious fees at every opportunity certainly isn't new (check out the real obnoxious fee experts in the banking industry). Neither is this particular effort, since Verizon started imposing a fee like this back in 2007. Still, you'd expect AT&T to tone this stuff down slightly while trying to convince regulators on how fantastic the T-Mobile deal would be for the public. AT&T's total unwillingness to rein this behavior down in any of their business sectors suggests that the company knows full well that they'll get T-Mobile deal approval. Given AT&T has contributed more to political campaigns than any corporation since 1989 suggests they're probably right. The T-Mobile deal aside, nickel and diming a declining userbase doesn't do AT&T any favors. Landline service is inexpensive to provide, and pissing off a contingent that's already fleeing to cable VoIP alternatives in droves is the kind of logic only found in phone company board rooms. You can only imagine the kind of new and "innovative" fees Verizon and AT&T will concoct with an 80% wireless industry market share. From rforno at infowarrior.org Sun Aug 28 08:28:15 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Aug 2011 09:28:15 -0400 Subject: [Infowarrior] - =?windows-1252?q?25_years_later=2C_how_=91Top_Gun?= =?windows-1252?q?=92_made_America_love_war?= Message-ID: <6721E640-90D3-40B4-9972-E04623BBE42A@infowarrior.org> 25 years later, how ?Top Gun? made America love war By David Sirota, Published: August 26 http://www.washingtonpost.com/opinions/25-years-later-remembering-how-top-gun-changed-americas-feelings-about-war/2011/08/15/gIQAU6qJgJ_print.html Americans are souring on the wars in Iraq and Afghanistan. The military budget is under siege as Congress looks for spending to cut. And the Army is reporting record suicide rates among soldiers. So who does the Pentagon enlist for help in such painful circumstances? Hollywood. In June, the Army negotiated a first-of-its-kind sponsorship deal with the producers of ?X-Men: First Class,? backing it up with ads telling potential recruits that they could live out superhero fantasies on real-life battlefields. Then, in recent days, word leaked that the White House has been working with Oscar-winning director Kathryn Bigelow on an election-year film chronicling the operation that killed Osama bin Laden. A country questioning its overall military posture, and a military establishment engaging in a counter-campaign for hearts and minds ? if this feels like deja vu, that?s because it?s taking place on the 25th anniversary of the release of ?Top Gun.? That Jerry Bruckheimer blockbuster, made in collaboration with the Pentagon, came out in the mid-1980s, when polls showed many Americans expressing doubts about the post-Vietnam military and about the constant saber rattling from the White House. But the movie?s celebration of sweat-shined martial machismo generated $344 million at the box office and proved to be a major force in resuscitating the military?s image. Not only did enlistment spike when ?Top Gun? was released, and not only did the Navy set up recruitment tables at theaters playing the movie, but polls soon showed rising confidence in the military. With Ronald Reagan wrapping military adventurism in the flag, with the armed forces scoring low-risk but high-profile victories in Libya and Grenada, America fell in love with Maverick, Iceman and other high-fivin? silver-screen super-pilots as they traveled Mach 2 while screaming about ?the need for speed.? Today, ?Top Gun? lives on in cable reruns, in the American psyche and, most important, in how it turned the Hollywood-Pentagon relationship into a full-on Mav-Goose bromance that ideologically slants films from their inception. The 1986 movie, starring Tom Cruise and Kelly McGillis, was the template for a new Military-Entertainment Complex. During production, the Pentagon worked hand-in-hand with the filmmakers, reportedly charging Paramount Pictures just $1.8 million for the use of its warplanes and aircraft carriers. But that taxpayer-subsidized discount came at a price ? the filmmakers were required to submit their script to Pentagon brass for meticulous line edits aimed at casting the military in the most positive light. (One example: Time magazine reported that Goose?s death was changed from a midair collision to an ejection scene, because ?the Navy complained that too many pilots were crashing.?) Although ?Top Gun? was not the first movie to exchange creative input for Pentagon assistance and resources, its success set that bargain as a standard for other filmmakers, who began deluging the Pentagon with requests for collaboration. By the time the 1991 Persian Gulf War began, Phil Strub, the Pentagon?s liaison to the movie industry, told the Hollywood Reporter that he?d seen a 70 percent increase in the number of requests from filmmakers for assistance ? effectively changing the way Hollywood works. As Mace Neufeld, the producer of the 1990 film ?The Hunt for Red October,? later recounted to Variety, studios in the post-?Top Gun? era instituted an unstated rule telling screenwriters and directors to get military cooperation ?or forget about making the picture.? Economics drives that directive, Time magazine reported in 1986. ?Without such billion-dollar props, producers [have to] spend an inordinate amount of time and money searching for substitutes? and therefore might not be able to make the movie at all, the magazine noted. Emboldened by Hollywood?s obsequiousness, military officials became increasingly blunt about how they deploy the carrot of subsidized hardware and the stick of denied access to get what they want. Strub described the approval process to Variety in 1994: ?The main criteria we use is .?.?. how could the proposed production benefit the military .?.?. could it help in recruiting [and] is it in sync with present policy?? Robert Anderson, the Navy?s Hollywood point person, put it even more clearly to PBS in 2006: ?If you want full cooperation from the Navy, we have a considerable amount of power, because it?s our ships, it?s our cooperation, and until the script is in a form that we can approve, then the production doesn?t go forward.? The result is an entertainment culture rigged to produce relatively few antiwar movies and dozens of blockbusters that glorify the military. For every ?Hurt Locker? ? a successful and critical war film made without Pentagon assistance ? American moviegoers get a flood of pro-war agitprop, from ?Armageddon,? to ?Pearl Harbor,? to ?Battle Los Angeles? to ?X-Men.? And save for filmmakers? obligatory thank you to the Pentagon in the credits, audiences are rarely aware that they may be watching government-subsidized propaganda. Until this year, this Top Gun Effect seemed set in stone. But a quarter-century after that hagiographic tribute to the military?s ?best of the best,? an odd alignment of partisan interests has prompted some in Congress to question the arrangement. Rep. Peter T. King (R-N.Y.), who chairs the House Homeland Security Committee, recently sent letters to the CIA and the Defense Department demanding an investigation of the upcoming Bin Laden movie. He criticized the practice of granting ideologically compliant filmmakers access to government property and information that he says should be available to all. The ?alleged collaboration belies a desire of transparency in favor of a cinematographic view of history,? he argued. Considering King?s previous silence on such issues, it?s not clear whether he?s standing on principle; more likely, he is trying to prevent a particular piece of propaganda from aiding a political opponent. Yet, even if inadvertent, King?s efforts make possible a broader look at how the U.S. government uses taxpayer resources to suffuse popular culture with militarism. If and when King holds hearings on the matter, we could finally get to the important questions: Why does the Pentagon treat public hardware as private property? Why does the government grant and deny access to that hardware based on a filmmaker?s willingness to let the Pentagon influence the script? And doesn?t such a practice violate the First Amendment?s prohibition against government abridging freedom of speech? From rforno at infowarrior.org Sun Aug 28 14:02:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Aug 2011 15:02:33 -0400 Subject: [Infowarrior] - Perfect Storm of Hype Message-ID: Perfect Storm of Hype: Politicians, the media and the Hurricane Irene apocalypse that never was By Toby Harnden World Last updated: August 28th, 2011 http://blogs.telegraph.co.uk/news/tobyharnden/100102355/perfect-storm-of-hype-politicians-the-media-and-the-hurricane-irene-apocalypse-that-never-was/ For the television reporter, clad in his red cagoule emblazoned with the CNN logo, it was a dramatic on-air moment, broadcasting live from Long Island, New York during a hurricane that also threatened Manhattan. ?We are in, right, now?the right eye wall, no doubt about that?there you see the surf,? he said breathlessly. ?That tells a story right there.? Stumbling and apparently buffeted by ferocious gusts, he took shelter next to a building. ?This is our protection from the wind,? he explained. ?It?s been truly remarkable to watch the power of the ocean here.? The surf may have told a story but so too did the sight behind the reporter of people chatting and ambling along the sea front and just goofing around. There was a man in a t-shirt, a woman waving her arms and then walking backwards. Then someone on a bicycle glided past. Across the screen, the ?Breaking News: Irene Batters Long Island? caption was replaced by stern advice from the Federal Emergency Management Agency (FEMA): ?Stay inside, stay safe.? The images summed up Hurricane Irene ? the media and the United States federal government trying to live up to their own doom-laden warnings and predictions while a sizeable number of ordinary Americans just carried on as normal and even made gentle fun of all the fuss. There was almost palpable disappointment among the TV big guns rolled out for the occasion when Irene was downgraded to a mere ?tropical storm?. In New York city, CNN?s silver-haired Anderson Cooper, more usually seen in a tight t-shirt in a famine or war zone, was clad in what one wag dubbed ?disaster casual?. He looked crestfallen fell briefly silent when a weatherwoman told him that the rain was not going to get any worse. ?Wow, because this isn?t so bad,? he said. ?It?s an annoying rain but it isn?t even a sideways rain.? Then came the press conferences from the politicians, with Governor Chris Christie of New Jersey that his evacuation of the Jersey Shore was ?a pre-emptive measure that I am confident saved lives? and there could still be damage worth ?tens of billions? of dollars. Janet Napolitano, the Homeland Security chief, declared that there was ? a ways to go with Irene? but ?with the evacuations and other precautions taken we have dramatically decreased the risk to life?. Mayor Michael Bloomberg of New York seemed thoroughly delighted with himself, as if he personally had calmed the waters and stifled the winds. The truth is that the dire warning beforehand suited both politicians and journalists. Just as with the minor earthquake that shook the east coast last week causing no loss of life and virtually no damage, Irene became a huge story because it was where the media lived. For politicians, Irene was a chance to either make amends or appear in control. The White House sent out 25 Irene emails to the press on Saturday alone. There were photographs of President Barack Obama touring disaster centres and footage of him asking sombre, pertinent questions. With his poll ratings plummeting, Obama needed to project an aura of seriousness and command. He was all too aware that the political fortunes of his predecessor George W. Bush never recovered after the Hurricane Katrina disaster of 2005. The press mostly reported the message the White House had carefully crafted: ?Obama takes charge? read the headline of one wire service story. At the state level, Irene was a chance for political redemption. Christie had been lambasted around the start of the year for taking a holiday during one of the worst snow storms in New Jersey history. Bloomberg, who ordered a mandatory evacuation of residents in low-lying areas during Irene that thousands ignored, had been widely criticised for inadequate clean-up plans during the same blizzards. There was some loss of life during Irene, though significantly less than during dozens of other weather events across the US this year. Preparation for the worst-case scenario makes sense and could have saved hundreds during Katrina. But the worst-case scenario was largely portrayed as inevitable. Some of the footage of television reporters putting themselves in the most extreme position possible just to get the best ?stand-up? live shot was beyond parody. First prize went to Tucker Barnes, a reporter for Fox 5, who went live from Ocean City, Maryland amid a strange, brown foamy substance. He reported that it ?didn?t taste great? and had a ?sandy consistency?. Apparently, it was raw sewage. As Howard Kurtz notes, The media and politicians enjoy a symbiotic relationship during possible impending disasters. The resultant perfect storm of hype over Irene runs the risk of making Americans even more like to ignore warnings in the future. By lunchtime on Sunday, the sun was peeking through over New York. The TV anchors were expressing their relief at the good news that the east coast had ?dodged a bullet? and Irene had not been the apocalypse they had predicted. Perhaps it would be a bit too much to hope that they and certain politicians felt a little sheepish too. From rforno at infowarrior.org Sun Aug 28 14:22:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Aug 2011 15:22:29 -0400 Subject: [Infowarrior] - 9/11: The Tapping Point Message-ID: September 2011 9/11: The Tapping Point What if, two years before the 9/11 attacks?with the installation of a cell-phone-and-Internet system in Afghanistan?the U.S. had been handed complete access to al-Qaeda and Taliban calls and e-mails? A secret deal was in place in 1999, the author reveals, but Washington dropped the ball. < - > http://www.vanityfair.com/politics/features/2011/09/preventing-9-11-201109.print From rforno at infowarrior.org Mon Aug 29 07:59:44 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Aug 2011 08:59:44 -0400 Subject: [Infowarrior] - CATEGORY FEH: So, why the big Irene blowup? Message-ID: <105AFA6C-E1C5-40F4-8BF1-C7574F7D63BB@infowarrior.org> (Yes, it is good to be prepared and get the word out for worst-case scenarios. But I agree the media was hyping the hell out of this thing. As usual. -- rick) http://www.philly.com/philly/news/20110829_CATEGORY_FEH__So__why_the_big_Irene_blowup_.html Mon, Aug. 29, 2011 CATEGORY FEH: So, why the big Irene blowup? Will Bunch Daily News columnist BY YESTERDAY morning, a new kind of tropical depression moved over Lower Manhattan - reporters who'd promised viewers that Irene would be the storm of the century, but found themselves standing in what looked and felt like a middling rainstorm. "Wow, because this isn't so bad," CNN's Anderson Cooper was quoted telling a weather expert after learning that the peak of Irene's mild fury had passed Manhattan. "It's an annoying rain but it isn't even a sideways rain." If Cooper - as quoted by Toby Harnden, of Britain's Daily Telegraph in a piece calling Irene "the perfect storm of hype" - seemed surprised at the lack of devastation at Battery Park, that was probably because he'd been watching too much CNN. As the cleanup from Irene's whirlwind weekend visit continues today in Philadelphia and elsewhere on the Eastern Seaboard, the cyclone leaves behind a Category 5 controversy. Were the hot winds of nonstop media hype more powerful than the actual storm? You can certainly argue that Irene wasn't overhyped, since the storm caused at least 18 deaths, widespread flooding and power outages for more than 1 million customers. You can also make the case that more people might have died were it not for the unusually expansive evacuation orders and the media coverage that they received. On the other hand, the nonstop TV hyping of worst-case scenarios even after more-responsible forecasters saw as early as Thursday that Irene would not be a major hurricane caused millions to expect something far, far worse - "the East Coast Katrina," or maybe the water wall from The Ten Commandments - than what showed up. Longtime media writer Howard Kurtz, now with the Daily Beast, nailed the disparity when he said that although Irene did prove to be a Category 1 storm, causing significant disruption, it received Category 5 coverage into the weekend. Jason Samenow, chief meteorologist with the Washington Post's Capital Weather Gang, which is receiving kudos for its accurate and restrained reporting, said last night that some cable anchors were still reporting that Irene could strike New Jersey and New York as a major hurricane long after his team determined that it clearly was weakening. "You want to raise awareness of the possible worst-case scenarios in order to take the storm seriously - but in order to do so some media outlets resort to hysteria and hype," Samenow said. He added that such reporting can be spun as a public service even as fear and hype drive the ultimate real goal of any for-profit venture like the Weather Channel (owned by Philadelphia's Comcast), which is higher ratings. "The gulf between informing people and exploiting this is very, very wide," agreed Jeff Jarvis, director of the Tow-Knight Center for Entrepreneurial Journalism at City University of New York and a well-known media critic. But there were lots of mixed motives here. Journalists wanted higher ratings and maybe a career-making story (remember, CNN's Cooper got a prime-time gig for his wrenching Katrina coverage in 2005) - while politicians wanted to keep citizens safe but also boost their flagging poll numbers. After all, New Jersey Gov. Chris Christie and New York Mayor Michael Bloomberg - who gave frequent news conferences and ordered suprisingly large evacuation zones - were both under the gun for lame responses to last winter's major blizzard (Christie had decamped to Disney World, you may recall). President Obama, who addressed the nation from FEMA headquarters and again last night, seized a chance to display command in the week when his Gallup approval rating hit a record low of 38 percent. Of course, a cynic would say that their nonstop news conferences fed a media beast that was constantly searching for more of what Jarvis called "#stormporn" on his Twitter feed. But is there really a danger in hurricane hype? Some experts think so. Earlier this year, noted meteorologist James Spann argued that the ability of Doppler radar to pick up even relatively small tornadoes, and the zeal of TV news channels in reporting them, may have provoked a blase response to warnings of what proved to be a major twister killing 41 people in Alabama. Today, some experts are wondering whether Irene media overkill will lead to similar inaction the next time a storm barrels up the Atlantic - even if it really does prove to be a major hurricane. Jarvis said bluntly last night that his warning to many journalists is that "you've ruined your credibility. The next time when it is a Category 5 storm . . . it's going to sound like this one." From rforno at infowarrior.org Mon Aug 29 11:01:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Aug 2011 12:01:59 -0400 Subject: [Infowarrior] - more on....CATEGORY FEH: So, why the big Irene blowup? References: Message-ID: <8656CA2E-5127-415B-8EF9-416ADF16E235@infowarrior.org> Begin forwarded message: > From: Dan > Date: August 29, 2011 11:41:52 AM EDT > > One really odd thing was that at the same time as the 90mph Irene was > cruising up the East Coast of the US, the island of Taiwan had a 160+mph > typhoon go right over the island. But I saw no mentions whatsoever in any > US media outlet about this major storm in this population center. > > It wasn't a disaster there as the government of Taiwan is much better > prepared than the US, as it has upgraded its infrastructure to handle such > events. Unlike the US, which has a major government force that seems to be > determined to defenestrate the country. But the media outlets won't say > that either. On Aug 29, 2011, at 11:58 , ---------wrote: > > The hurricane could easily have been worse, so attention was warranted. They originally said it would hit us in PA at 2pm yesterday, and it wound up being 2am - hurricane behavior analysis is not an exact science. > > The media overhypes everything--whether it be a royal wedding, something involving a Kardashian, or a story about a pet that saves a life. They do so at the expense of real stories, such as the famine in Somalia. That's why many folks have eliminated network and cable news from their lives. (Doing so improved my quality of life dramatically.) > > I'd say this marks an improvement over their typical fare. The coverage made folks pay attention, and may have even saved a couple lives (by deterring surfers, etc.). When has a Lindsay Lohan story done that? > > Maybe Toby Harnden was looking for a higher body count, but the storm has significantly affected millions of people. We shouldn't be asking whether the Irene story was over-hyped; we should be asking what the media would have been overhyping had there been no hurricane. From rforno at infowarrior.org Mon Aug 29 19:19:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Aug 2011 20:19:06 -0400 Subject: [Infowarrior] - Hackers acquire Google certificate, could hijack Gmail accounts Message-ID: <3F8A8E66-D3E5-4245-9371-BD11BE42EA72@infowarrior.org> Hackers acquire Google certificate, could hijack Gmail accounts Repeat of Comodo affair last March; foreign government may be behind theft, says researcher Gregg Keizer August 29, 2011 (Computerworld) http://www.computerworld.com/s/article/print/9219569/Hackers_acquire_Google_certificate_could_hijack_Gmail_accounts Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said today. Criminals could use the certificate to conduct "man-in-the-middle" attacks targeting users of Gmail, Google's search engine or any other service operated by the Mountain View, Calif. company. "This is a wildcard for any of the Google domains," said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday. "[Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user's credentials," said Andrew Storms, director of security operations at nCircle Security. Man-in-the-middle attacks could also be launched via spam messages with links leading to a site posing as, say, the real Gmail. If recipients surfed to that link, their account login username and password could be hijacked. Details of the certificate were posted on Pastebin.com last Saturday. Pastebin.com is a public site where developers -- including hackers -- often post source code samples. According to Schouwenberg, the SSL (secure socket layer) certificate is valid, and was issued by DigiNotar, a Dutch certificate authority, or CA. DigiNotar was acquired earlier this year by Chicago-based Vasco, which bills itself on its site as "a world leader in strong authentication." Vasco did not reply to a request for comment. Security researcher and Tor developer Jacob Applebaum confirmed that the certificate was valid in an email answer to Computerworld questions, as did noted SSL researcher Moxie Marlinspike on Twitter. "Yep, just verified the signature, that pastebin *.google.com certificate is real," said Marlinspike. Because the certificate is valid, a browser would not display a warning message if its user went to a website signed with the certificate. It's unclear whether the certificate was obtained because of a lack of oversight by DigiNotar or through a breach of the company's certificate issuing website. Schouwenberg urged the company to provide more information as soon as possible. "Given their ties to the government and financial sectors it's extremely important we find out the scope of the breach as quickly as possible," Schouwenberg said. The situation was reminiscent of a breach last March, when a hacker obtained certificates for some of the Web's biggest sites, including Google and Gmail, Microsoft, Skype and Yahoo. Then, Comodo said that nine certificates had been fraudulently issued after attackers used an account assigned to a company partner in southern Europe. Initially, Comodo argued that Iran's government may have been involved in the theft. Days later, however, a solo Iranian hacker claimed responsibility for stealing the SSL certificates. Today, Kaspersky's Schouwenberg said "nation-state involvement is the most plausible explanation" for the acquisition of the DigiNotar-issued certificate. "For one [thing], there's the type of information being looked for -- from Google users," said Schouwenberg. "This hints towards an intelligence operation rather than anything else. Secondly, this type of attack only works when the attacker has some control over the network, but not over the actual machine." Others were more skeptical because of the claim that a single hacker pulled off the Comodo heist. "I think it might still be a stretch to attribute this to the Iranian government," said Marlinspike on Twitter shortly before 4 p.m. ET. "We all know how that went last time." The google.com certificate was issued July 10, but was not revoked -- the first step in blocking its use -- until today at 1 p.m. EDT. Last March, browser makers, including Google, Microsoft and Mozilla, rushed out updates that added the stolen Comodo certificates to their applications' blacklists. Today, Storms said he expected Google to quickly update Chrome, and that Microsoft, Mozilla and other would do the same some time later. "I suspect that if asked [Microsoft and Mozilla] will also issue updates, as there is already a precedent," said Storms. Google did not reply to a request for comment on the rogue certificate. ------- Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His e-mail address is gkeizer at ix.netcom.com. From rforno at infowarrior.org Tue Aug 30 06:02:31 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Aug 2011 07:02:31 -0400 Subject: [Infowarrior] - =?windows-1252?q?It=92s_official=3A_Google_wants_?= =?windows-1252?q?to_own_your_online_identity?= Message-ID: <90756FAB-F86D-4C02-B131-A18D127846E0@infowarrior.org> It?s official: Google wants to own your online identity By Mathew Ingram Aug. 29, 2011, 10:03am PT http://gigaom.com/2011/08/29/its-official-google-wants-to-own-your-online-identity/ From rforno at infowarrior.org Tue Aug 30 06:06:25 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Aug 2011 07:06:25 -0400 Subject: [Infowarrior] - Attrition updates Gregory Evans page Message-ID: <7E3FE31F-E490-414E-A579-50074481B79E@infowarrior.org> Gregory D. Evans / LIGATT Security A supposed "hi-tech hustler", "WORLD'S NO 1 HACKER" and convicted felon (Bureau of Prisons #13432-112), Gregory Dante Evans has invented himself as some form of hacker with the ability to break into anything and spin that supposed knowledge into advising companies on security. In reality, Evans and his company have little real knowledge beyond pedestrian hacking techniques found in plagiarized books and beginner hacking texts. His company, LIGATT Security International, offers a "suite" of products that are bloated version of common tools such as ping and nmap. Evans, who plagiarizes content rather than write it himself, is over US$11 million in debt due to his own history of crime and his inability to run a company. Every press release, every video cast, every public communication is full of discrepancies, half-truths and outright lies. < - > http://attrition.org/errata/charlatan/gregory_evans/ From rforno at infowarrior.org Tue Aug 30 06:07:37 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Aug 2011 07:07:37 -0400 Subject: [Infowarrior] - If ACTA Is Approved In The US, It May Open The Door For The President To Regularly Ignore Congress On International Agreements Message-ID: If ACTA Is Approved In The US, It May Open The Door For The President To Regularly Ignore Congress On International Agreements from the bad-news dept http://www.techdirt.com/articles/20110828/23583815721/if-acta-is-approved-us-it-may-open-door-president-to-regularly-ignore-congress-international-agreements.shtml On of the sneakier parts of ACTA is that the White House has insisted from the beginning that the document is not a binding treaty. Instead, it insists that ACTA is merely an "executive agreement." Of course, the only real difference is that an executive agreement doesn't require the Senate to ratify it. Basically, the US is calling it an executive agreement so that the administration can sign on without any oversight or scrutiny on the treaty. The Europeans, in the meantime, never got the "ix-nay on the inding-bay eaty-tray" notice from the US folks, and have been happily declaring ACTA a binding treaty as it clearly is. However, many legal experts have noted that this raises serious constitutional questions, as the Constitution simply does not allow this kind of agreement to be signed without Senate approval. Amusingly, Senator Biden -- back during the previous administration -- was one of the leading voices in trying to prevent President Bush from signing an "executive agreement" with Russia, without getting Senate approval. One wonders if he's magically changed his mind. However, more and more people are getting concerned about this breach of the Constitution. James Love points us to a new paper at the American Society for International Law by Oona A. Hathaway and Amy Kapczynski, which worries about the precedent this will set if Obama signs it as an executive agreement and bypasses the Senate entirely. No comparable agreement has been concluded in this way. Thus if concluded as a sole executive agreement, it would represent a significant expansion of the scope of such agreements. As a result, it could pave the way for more extensive use of sole executive agreements in the future. That, in turn, could have implications for the nature of democratic control over international legal agreements concluded by the United States, as well as the legitimacy of these agreements both at home and abroad. Furthermore, the report notes that it does not seem Constitutional for the President to sign such a document as an executive agreement. The only things that can be signed as an executive agreement are things that are solely under the President's mandate. But intellectual property laws are clearly afforded to Congress and not the President under the Constitution -- meaning that he has no authority to sign this document without it first being approved by the Senate. The report notes that President Bush also tried to expand executive agreements, and ACTA would be a massive expansion in what could be covered under such agreements, taking away tremendous authority and oversight from Congress. "Setting a precedent for more expansive use of sole executive agreements has consequences not only for intellectual property law, but for any area in which an international agreement may be concluded?which is to say, nearly any area of law. International law now reaches into almost every aspect of our day-to-day lives. The possibility that such legal commitments could be made by the President without the input, much less approval, of Congress or the public raises serious questions about the potential of these agreements to undermine democratic lawmaking writ large" This is pretty troubling for a variety of different reasons, and it seems like Congress itself should be pretty concerned about this attempt to take away its oversight on international agreements. From rforno at infowarrior.org Tue Aug 30 06:08:31 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Aug 2011 07:08:31 -0400 Subject: [Infowarrior] - US pressured EU to approve Oracle-Sun merger Message-ID: <06F24A12-8922-4596-ABDB-3B345F823F05@infowarrior.org> (c/o MC) Cable: US pressured EU to approve Oracle-Sun merger By Brett Winterford on Aug 30, 2011 12:07 PM (9 hours ago) http://www.itnews.com.au/News/268523,cable-us-pressured-eu-to-approve-oracle-sun-merger.aspx Leak reveals US Government lobbied on behalf of Oracle. The US Government met with European competition officials to lobby on behalf of Oracle during its purchase of Sun Microsystems, according to leaked diplomatic cables. The cables, released this week by whistleblowing site Wikileaks, reveal that the Obama administration had monitored the European Union?s investigation into the competition issues that could arise from the merger and tried to convince them to let the deal go ahead. The EU had investigated the merger due to concerns for the future of Java and the open source MySQL database. The cable noted that Oracle representatives were ?unwilling or unable to make certain divestitures to satisfy the Commission's concerns? and that without the merger Sun would ?go bankrupt.? The cable suggests the US Government lobbied on behalf of Oracle to prevent Sun from shedding any further jobs and to save face for the US Department of Justice?s Antitrust division, which had approved the acquisition months earlier. ?The Department of Justice/Antitrust views this matter as a high priority,? said the Deputy Chief of the US Mission to the European Union, Ambassador Christopher W. Murray. ?Its senior officials and investigative staff are currently engaging productively and intensely with their DG COMP [EU Director-General for Competition] counterparts, and are in close touch with Oracle and Sun, in the hopes of preventing a divergent outcome.? One month later, another cable sent to the US Secretary of State Hillary Clinton, the USTR (United States Trade Representative), the US National Security Council, the US Departments of Treasury, Justice and Commercial and the Federal Trade Commission, went into great detail about the EU?s competition commissioner?s opinions on the open source software movement. Anthony Whelan, chef du cabinet to Competition Commissioner Neelie Kroes told the US Mission to the EU that Kroes sympathised with ?the argument that open source software is by definition pro-competitive, since the theory is that everyone has access to it and can contribute to improving open source programs" but was equally swayed by ?subtle and complex counterarguments to this.? Whelan was quoted in a second cable as saying that "in the dynamic, real marketplace in Europe, this open source argument needs to be examined." Copyright ? iTnews.com.au . All rights reserved. From rforno at infowarrior.org Tue Aug 30 07:05:19 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Aug 2011 08:05:19 -0400 Subject: [Infowarrior] - Are airline pilots forgetting how to fly? Message-ID: <83AC0898-02A8-4892-AADE-24F9FA1FE150@infowarrior.org> Are airline pilots forgetting how to fly? Industry is suffering from 'automation addiction,' industry insider says By JOAN LOWY http://www.msnbc.msn.com/id/44324527/ns/business/#.TlzRZ5ZJvx4 WASHINGTON ? Are airline pilots forgetting how to fly? As planes become ever more reliant on automation to navigate crowded skies, safety officials worry there will be more deadly accidents traced to pilots who have lost their hands-on instincts in the air. Hundreds of people have died over the past five years in "loss of control" accidents in which planes stalled during flight or got into unusual positions that pilots could not correct. In some cases, pilots made the wrong split-second decisions, with catastrophic results ? for example, steering the plane's nose skyward into a stall instead of down to regain stable flight. Spurred in part by federal regulations that require greater reliance on computerized flying, the airline industry is suffering from "automation addiction," said Rory Kay, an airline captain and co-chairman of a Federal Aviation Administration committee on pilot training. "We're seeing a new breed of accident with these state-of-the art planes," he added. Pilots use automated systems to fly airliners for all but about three minutes of a flight: the takeoff and landing. Most of the time pilots are programming navigation directions into computers rather than using their hands on controls to fly the plane. They have few opportunities to maintain their skills by flying manually, Kay's advisory committee warns. Fatal airline accidents have decreased dramatically in the U.S. over the past decade. However, The Associated Press interviewed pilots, industry officials and aviation safety experts who expressed concern about the implications of decreased opportunities for manual flight, and reviewed more than a dozen loss-of-control accidents around the world. Discouraged from flying Airlines and regulators discourage or even prohibit pilots from turning off the autopilot and flying planes themselves, the committee said. Safety experts say they're seeing cases in which pilots who are suddenly confronted with a loss of computerized flight controls don't appear to know how to respond immediately, or they make errors ? sometimes fatally so. A draft FAA study found pilots sometimes "abdicate too much responsibility to automated systems." Because these systems are so integrated in today's planes, one malfunctioning piece of equipment or a single bad computer instruction can suddenly cascade into a series of other failures, unnerving pilots who have been trained to rely on the equipment. The study examined 46 accidents and major incidents, 734 voluntary reports by pilots and others as well as data from more than 9,000 flights in which a safety official rode in the cockpit to observe pilots in action. It found that in more than 60 percent of accidents, and 30 percent of major incidents, pilots had trouble manually flying the plane or made mistakes with automated flight controls. A typical mistake was not recognizing that either the autopilot or the auto-throttle ? which controls power to the engines ? had disconnected. Others failed to take the proper steps to recover from a stall in flight or to monitor and maintain airspeed. In the most recent fatal airline crash in the U.S., in 2009 near Buffalo, N.Y., the co-pilot of a regional airliner programmed incorrect information into the plane's computers, causing it to slow to an unsafe speed. That triggered a stall warning. The startled captain, who hadn't noticed the plane had slowed too much, responded by repeatedly pulling back on the control yoke, overriding two safety systems, when the correct procedure was to push forward. An investigation later found there were no mechanical or structural problems that would have prevented the plane from flying if the captain had responded correctly. Instead, his actions caused an aerodynamic stall. The plane plummeted to earth, killing all 49 people aboard and one on the ground. Two weeks after the New York accident, a Turkish Airlines Boeing 737 crashed into a field while trying to land in Amsterdam. Nine people were killed and 120 injured. An investigation found that one of the plane's altimeters, which measures altitude, had fed incorrect information to the plane's computers. That, in turn, caused the auto-throttle to reduce speed to a dangerously slow level so that the plane lost lift and stalled. Dutch investigators described the flight's three pilots' "automation surprise" when they discovered the plane was about to stall. They hadn't been closely monitoring the airspeed. Last month, French investigators recommended that all pilots get mandatory training in manual flying and handling a high-altitude stall. The recommendations were in response to the 2009 crash of an Air France jet flying from Brazil to Paris. All 228 people aboard were killed. 'The human factor' An investigation found that airspeed sensors fed bad information to the Airbus A330's computers. That caused the autopilot to disengage suddenly and a stall warning to activate. The co-pilot at the controls struggled to save the plane, but because he kept pointing the plane's nose up, he actually caused the stall instead of preventing it, experts said. Despite the bad airspeed information, which lasted for less than a minute, there was nothing to prevent the plane from continuing to fly if the pilot had followed the correct procedure for such circumstances, which is to continue to fly levelly in the same direction at the same speed while trying to determine the nature of the problem, they said. In such cases, the pilots and the technology are failing together, said former US Airways Capt. Chesley "Sully" Sullenberger, whose precision flying is credited with saving all 155 people aboard an Airbus A320 after it lost power in a collision with Canada geese shortly after takeoff from New York's LaGuardia Airport two years ago. "If we only look at the pilots ? the human factor ? then we are ignoring other important factors," he said. "We have to look at how they work together." The ability of pilots to respond to the unexpected loss or malfunction of automated aircraft systems "is the big issue that we can no longer hide from in aviation," said Bill Voss, president of the Flight Safety Foundation in Alexandria, Va. "We've been very slow to recognize the consequence of it and deal with it." The foundation, which is industry-supported, promotes aviation safety around the world. Airlines are also seeing smaller incidents in which pilots waste precious time repeatedly trying to restart the autopilot or fix other automated systems when what they should be doing is "grasping the controls and flying the airplane," said Bob Coffman, another member of the FAA pilot training committee and an airline captain. Paul Railsback, operations director at the Air Transport Association, which represents airlines, said: "We think the best way to handle this is through the policies and training of the airlines to ensure they stipulate that the pilots devote a fair amount of time to manually flying. We want to encourage pilots to do that and not rely 100 percent on the automation. I think many airlines are moving in that direction." In May, the FAA proposed requiring airlines to train pilots on how to recover from a stall, as well as expose them to more realistic problem scenarios. But other new regulations are going in the opposite direction. Today, pilots are required to use their autopilot when flying at altitudes above 24,000 feet, which is where airliners spend much of their time cruising. The required minimum vertical safety buffer between planes has been reduced from 2,000 feet to 1,000 feet. That means more planes flying closer together, necessitating the kind of precision flying more reliably produced by automation than human beings. The same situation is increasingly common closer to the ground. The FAA is moving from an air traffic control system based on radar technology to more precise GPS navigation. Instead of time-consuming, fuel-burning stair-step descents, planes will be able to glide in more steeply for landings with their engines idling. Aircraft will be able to land and take off closer together and more frequently, even in poor weather, because pilots will know the precise location of other aircraft and obstacles on the ground. Fewer planes will be diverted. But the new landing procedures require pilots to cede even more control to automation. "Those procedures have to be flown with the autopilot on," Voss said. "You can't afford a sneeze on those procedures." Even when not using the new procedures, airlines direct their pilots to switch on the autopilot about a minute and a half after takeoff, when the plane reaches about 1,000 feet, Coffman said. The autopilot generally doesn't come off until about a minute and a half before landing, he said. Pilots still control the plane's flight path. But they are programming computers rather than flying with their hands. Limited opportunities to fly manually Opportunities to fly manually are especially limited at commuter airlines, where pilots may fly with the autopilot off for about 80 seconds out of a typical two-hour flight, Coffman said. But it is the less experienced first officers starting out at smaller carriers who most need manual flying experience. Airline training programs are focused on training pilots to fly with the automation, rather than without it. Senior pilots, even if their manual flying skills are rusty, can at least draw on experience flying older generations of less automated planes. Adding to concerns about an overreliance on automation is an expected pilot shortage in the U.S. and many other countries. U.S. airlines used to be able to draw on a pool of former military pilots with extensive manual flying experience. But more pilots now choose to stay in the armed forces, and corporate aviation competes for pilots with airlines, where salaries have dropped. Changing training programs to include more manual flying won't be enough because pilots spend only a few days a year in training, Voss said. Airlines will have to rethink their operations fundamentally if they're going to give pilots realistic opportunities to keep their flying skills honed, he said. The International Air Transport Association says the most common type of airline accident is one in which planes stalled or otherwise lost control in flight. It counted 51 such accidents in the past five years. Copyright 2011 The Associated Press. All rights reserved. This material may not be published, broadcast From rforno at infowarrior.org Tue Aug 30 14:38:53 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Aug 2011 15:38:53 -0400 Subject: [Infowarrior] - Verizon Removes FTP Access For Security... Well, Security Of Its Revenue At Least Message-ID: Verizon Removes FTP Access For Security... Well, Security Of Its Revenue At Least from the lame dept http://www.techdirt.com/articles/20110828/22170015717/verizon-removes-ftp-access-security-well-security-its-revenue-least.shtml It's really amazing that companies don't recognize that taking away features to charge for them almost never goes over well. Adding features that can be charged for will work, but removing features that were free and widely used is rarely a good idea. It appears that Verizon is still learning that lesson. The company apparently provides some hosting space for all of its customers, and until recently allowed subscribers to access that space via FTP. However, it recently announced that it was doing away with FTP access and instead, users were now forced to make use of Verizon's own clunky web tools interface. That's quite a nuisance for some users. But where this gets more interesting is that it appears Verizon is simply lying about the reasons why. The company is telling users it's for "security" reasons. But... while it's discontinuing FTP for its regular subscribers, those who pay up for a higher level hosting plan (starting at $5.95 per month) seem to still be able to use FTP. In other words, it's only a security problem if you're not paying -- suggesting that the "security" is more about Verizon's revenue than the security of your content. And while it's true that unencrypted FTP can have some security issues (mainly on untrusted networks), there are ways to deal with that with secure, encrypted FTP offerings. From rforno at infowarrior.org Wed Aug 31 08:07:42 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Aug 2011 09:07:42 -0400 Subject: [Infowarrior] - 9/11 US privacy oversight board remains dormant Message-ID: National privacy oversight board remains dormant By Jim McElhatton The Washington Times Tuesday, August 30, 2011 http://www.washingtontimes.com/news/2011/aug/30/national-privacy-oversight-board-remains-dormant/print/ An independent oversight board recommended by the 9/11 Commission to ensure that national security policies do not infringe on Americans' civil liberties has remained dormant for years, raising concerns among watchdogs that a crucial Constitution safeguard does not exist. Well past the halfway point of his term, President Obama has appointed only two of the five members for the Privacy and Civil Liberties Oversight Board, which also languished under President Bush. "There are no excuses for not getting this board up and running," said Sharon Bradford Franklin, senior counsel at the Constitution Project, one of more than a dozen groups that recently petitioned the administration to get the board operational. Analysts say a host of national security issues ? such as airport screening, cybersecurity policies and an upcoming Supreme Court case on whether law enforcement can attach a satellite tracking device without a warrant ? would have benefited from independent oversight. "The launch of an independent oversight board is long overdue," Ms. Franklin said. The White House has no explanation for why the board vacancies have proved so hard to fill, and declined an opportunity to comment for this article. According to the board's 2007 report to Congress, one of its tasks was to review the FBI's use of national security letters, which allow authorities to get financial, credit and other information on U.S. citizens without a court order. "If the board is no longer meeting, one would assume it is no longer performing this oversight role, which is concerning given the recent extension of the Patriot Act," Jennifer Lynch, staff attorney for the Electronic Freedom Foundation, said in an email. Civil liberties groups have pushed for years to get the board fully operational after Congress strengthened it in 2007 and gave it subpoena powers. But since then, neither Mr. Bush nor Mr. Obama nominated enough members. Mr. Obama nominated two members last year, but three vacancies remain. Mr. Obama's nominees so far are James Dempsey, vice president of public policy at the Center for Democracy and Technology, and Elizabeth Collins Cook, a lawyer in private practice who worked in the Justice Department in the Bush administration. Last week, more than a dozen organizations wrote to Mr. Obama expressing concerns about the lack of nominations to the board. "Sadly, although Congress took the important step of creating an independent body tasked with both advising the executive branch on policy and overseeing its implementation, the [privacy board] has remained an unfilled promise," the groups wrote in a letter to the White House. Among the groups that signed the letter were the Constitution Project and Electronic Frontier Foundation. The oversight board was formed in 2004. It came under criticism for being too close to the Bush White House, so Congress made it an independent panel in 2007. However, the lack of activity by the board has been a concern for years. "Among our major disappointments has been the administration has not impaneled the Privacy and Civil Liberties Oversight Board," former Rep. Lee Hamilton, vice chairman of the 9/11 Commission, testified to a Senate committee in March. "I can't figure it out," Mr. Hamilton added. "I just cannot figure it out. I don't know what President Bush and President Obama think. They just have not put an effective board in place and I can't understand why." The White House declined to comment on the letter from civil liberties groups about the slow pace of naming panel members in response to an inquiry by The Washington Times last week. Meanwhile, a separate internal privacy and civil liberties board within the Justice Department has quietly fizzled. The board was launched in 2006, but Justice Department officials told The Times that the panel hasn't met since the Bush administration and that the current Justice Department had decided not to renew it. The spokeswoman, Gina Talamona, said the board became inactive at the end of the Bush administration and officials decided not to start it up again under the Obama administration. "The board hasn't existed since the previous administration. It was created during the previous administration and it became inactive during the previous administration," she said. Ms. Talamona said the work that the board had conducted "during a brief period of time" is being conducted by existing offices and divisions within the Justice Department, including its chief privacy officer. Another Justice Department spokeswoman, Xochitl Hinojosa, said despite the absence of an internal oversight board, the department had stepped up enforcement of civil rights laws. Through the Freedom of Information Act, The Times sought all meeting minutes and agendas for the Justice Department's privacy board over a period of years. But after taking more than a year to process the request, the department produced few documents, disclosing one agenda and several pages describing the board's goals and structure. ? Copyright 2011 The Washington Times, LLC. From rforno at infowarrior.org Wed Aug 31 08:18:50 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Aug 2011 09:18:50 -0400 Subject: [Infowarrior] - 9|11: The Winners Message-ID: <0EA1F678-489C-422C-BDF3-9445D6FC4E23@infowarrior.org> 9|11 The Winners For some people, the terrorist attacks have been a gold mine By Graham Rayman published: August 31, 2011 < BIG SNIP > http://www.villagevoice.com/2011-08-31/news/9-11-the-winners-profiting-from-september-eleventh/ < - > "The September 11, 2001 attacks have been a symbol of many things and many causes, but like the lavish, flag-draped rebuilding of the site, it has also been a vehicle for enrichment. From corporations to politicians to government officials to nonprofits to the security industry to publishers to the health industry (not to mention the incidents of outright fraud over the years), many people have found ways to profit from one of the nation's biggest disasters. 9/11 has created an economy all its own. "The intersection of 9/11 and money is a busy intersection," says retired New York City firefighter Kenny Specht. Glenn Corbett, a professor of fire science at John Jay College, active in a range of 9/11 issues, puts it this way: "Lots of people have got their hand in the till. A lot of people and a lot of companies have made a lot of money off of 9/11." Is it sacrilege to point this out?" From rforno at infowarrior.org Wed Aug 31 11:01:26 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Aug 2011 12:01:26 -0400 Subject: [Infowarrior] - US moves to block ATT-TMobile merger Message-ID: U.S. Files Antitrust Complaint to Block AT&T, T-Mobile Merger By Tom Schoenberg - Aug 31, 2011 11:06 AM ET http://www.bloomberg.com/news/2011-08-31/u-s-files-antitrust-complaint-to-block-proposed-at-t-t-mobile-merger.html Aug. 31 (Bloomberg) -- The U.S. government sued to block AT&T Inc.?s proposed $39 billion acquisition of T-Mobile USA Inc., saying the deal would "substantially lessen competition" in the wireless market. The Justice Department complaint was filed today in federal court in Washington. Peter Cook reports on Bloomberg Television's "InBusiness with Margaret Brennan." (Source: Bloomberg) The U.S. government sued to block AT&T Inc. (T)?s proposed $39 billion acquisition of T-Mobile USA Inc., saying the deal would ?substantially lessen competition? in the wireless market. AT&T shares fell as much as 5 percent. In the complaint filed today in federal court in Washington, the U.S. is seeking a declaration that Dallas-based AT&T?s takeover of T-Mobile, a unit of Deutsche Telekom AG (DTE), would violate U.S. antitrust law. The U.S. also asked for a court order blocking any arrangement implementing the deal. ?AT&T?s elimination of T-Mobile as an independent, low- priced rival would remove a significant competitive force from the market,? the U.S. said in its filing. Should regulators reject the deal, which would create the biggest U.S. wireless carrier, AT&T would have to pay Deutsche Telekom $3 billion in cash. It would also provide T-Mobile USA with wireless spectrum in some regions and reduced charges for calls into AT&T?s network, for a total package valued at as much as $7 billion, Deutsche Telekom said this month. Philipp Schindera, a spokesman at Bonn-based Deutsche Telekom, declined to immediately comment on the filing. Jessica Smith, a Justice Department spokeswoman, declined to comment on the suit. Michael Balmoris, an AT&T spokesman, didn?t immediately respond to an e-mail and phone calls seeking comment. Shares Drop AT&T fell $1.02, or 3.4 percent, to $28.60 at 10:55 a.m. in New York Stock Exchange composite trading after declining as much as $1.49. Deutsche Telekom American depositary receipts dropped as much as 6.4 percent, to $12.93. The purchase of Bellevue, Washington-based T-Mobile would combine the second- and fourth-largest carriers to create a new market leader ahead of No. 1 Verizon Wireless. The new company would have dwarfed current No. 3 carrier Sprint Nextel Corp., which argued against the deal. Overland Park, Kansas-based Sprint?s shares jumped as much as 9.9 percent. Some U.S. lawmakers have said the deal may reduce competition and raise consumer costs. The Federal Communications Commission has given itself more time to study new data presented by AT&T. Economic Models AT&T in a July 25 filing at the FCC submitted new economic models that it said showed the merger would lower prices and increase service in large metropolitan markets. The models offer ?further detailed support? for arguments that the merger will lessen strains on the company?s wireless network, lower costs and increase quality, AT&T said in the filing. ?Given the size of the cancellation fee that was negotiated into his agreement, AT&T has the incentive to fight,? said Andrew Gavil, a law professor at Howard University in Washington. ?The fact that the Justice Department is challenging the deal doesn?t mean they won?t negotiate a resolution at some point.? The case is U.S. v. AT&T Inc., 11-01560, U.S. District Court for the District of Columbia (Washington). To contact the reporter on this story: Tom Schoenberg in Washington at tschoenberg at bloomberg.net To contact the editor responsible for this story: Michael Hytha at mhytha at bloomberg.net From rforno at infowarrior.org Wed Aug 31 11:22:22 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Aug 2011 12:22:22 -0400 Subject: [Infowarrior] - Mary Ann Davidson picked a fight with Veracode Message-ID: Someone's truly MAD about "security!" -- rick Mary Ann Davidson Blog - Those Who Can?t Do, Audit By user701213 on Aug 24, 2011 http://blogs.oracle.com/maryanndavidson/entry/those_who_can_t_do ... and the response.... Veracode Blog - Musings on Custer?s Last Stand by Chris Wysopal http://www.veracode.com/blog/2011/08/musings-on-custers-last-stand/ From rforno at infowarrior.org Wed Aug 31 19:09:32 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Aug 2011 20:09:32 -0400 Subject: [Infowarrior] - OT: George Lucas at it again Message-ID: Lucasfilm changes original Star Wars trilogy again http://news.cnet.com/8301-17938_105-20100085-1/lucasfilm-changes-original-star-wars-trilogy-again/ In regards to the "New NO!" dialogue, I confess to thinking the first "No" kindasorta makes sense and adds to the dramatic conflict Vader is facing. However, the second, ROTS-sounding "Nooooo" as he hurls the Emperor into the chasm totally kills the scene and feels utterly forced. And Obi-Wan's "new" Karyat Dragon scream sounds like someone happy that a fresh keg's been tapped in 'Animal House' -- though I think there's another analogy that's more appropriate and snarky, but I won't mention it. *headdesk* Moreover, how many hours were spent to make the Ewoks blink now? I'd have preferred them be removed entirely from the movie, but that's just me. That said, grumbles aside, I will be ordering the BluRay anyway. Because Han always did, and always will, shoot first. Even if George says otherwise. ;) -- rick