From rforno at infowarrior.org Tue Mar 1 08:10:58 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 Mar 2011 09:10:58 -0500 Subject: [Infowarrior] - Facebook now sharing user home addy/phone #s with others Message-ID: c/o AJR. I don't necessarily say this is causality, but with Facebook, you never know. -- rick (if the Huffpo link is broken, visit http://www.bloomberg.com/news/2011-02-28/facebook-plans-to-proceed-with-phone-number-sharing-feature.html) > Rick, > > I am guessing the below privacy change is a smokescreen to cover the latest move: > > http://www.huffingtonpost.com/2011/02/28/facebook-home-addresses-phone-numbers_n_829459.html > > "Facebook will be moving forward with a controversial plan to give third-party developers and external websites the ability to > access users' home addresses and cellphone numbers in the face of criticism from privacy experts, users, and even congressmen. > > Facebook quietly announced the new policy in a note posted to its Developer Blog in January. It suspended the feature just > three days later following user outcry, while promising that it would be "re-enabling this improved feature in the next few > weeks." > > In response to a letter penned by Representatives Edward Markey (D-Mass.) and Joe Barton (R-Texas) expressing concern over the > new functionality, Facebook reaffirmed that it will be allowing third parties to request access to users' addresses and phone > numbers." > > > Great, a new policy. They're still willingly forking over data. From rforno at infowarrior.org Tue Mar 1 08:16:39 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 Mar 2011 09:16:39 -0500 Subject: [Infowarrior] - Democrats call for an investigation of law firm, 3 tech companies Message-ID: Democrats call for an investigation of law firm, 3 tech companies By Dan Eggen Monday, February 28, 2011; 10:26 PM http://www.washingtonpost.com/wp-dyn/content/article/2011/02/28/AR2011022805810_pf.html A group of House Democrats is calling on Republican leaders to investigate a prominent Washington law firm and three federal technology contractors, who have been shown in hacked e-mails discussing a "disinformation campaign" against foes of the U.S. Chamber of Commerce. In a letter to be released Tuesday, Rep. Hank Johnson (D-Ga.) and more than a dozen other lawmakers wrote that the e-mails appear "to reveal a conspiracy to use subversive techniques to target Chamber critics," including "possible illegal actions against citizens engaged in free speech." The lawmakers say it is "deeply troubling" that "tactics developed for use against terrorists may have been unleashed against American citizens." The call for a congressional probe marks the latest development in the controversy over tens of thousands of e-mails stolen from HBGary Federal, whose computer system was attacked in early February by members of a loose collective of unidentified hackers known as Anonymous. The e-mails, which are widely available on file-sharing sites, show HBGary Federal, Berico Technologies and Palantir Technologies teaming up with a sales pitch to undermine chamber opponents. The companies proposed forming a "corporate information reconnaissance cell" and discussed tactics such as creating online personas to infiltrate activist Web sites; planting false information to embarrass U.S. Chamber Watch and other groups; and trolling for personal information using powerful computer software. The e-mails contain test runs in which the firms culled personal information, including family and religious data, on anti-chamber activists. The chamber has denied knowledge of the proposals. The three security firms named in the e-mails have substantial federal contracts. A sales document produced for the Hunton & Williams law firm in November said the firms have "extensive experience in providing game-changing results across the Intelligence Community and defense/government sector." Other e-mails contain similar proposals to target supporters of WikiLeaks on behalf of Bank of America, which fears it will be that group's next target. Bank of America has denied knowledge of the proposals. HBGary Federal chief executive Aaron Barr, whose voluminous and voluble e-mails were at the center of the controversy, announced his resignation Monday. Berico and Palantir have condemned the proposals and severed ties with HBGary Federal. Hunton & Williams, the law and lobbying firm that negotiated with the tech companies, has declined to comment. The Anonymous hacking collective launched its latest apparent attack over the weekend against Americans for Prosperity, a conservative group with ties to the tea party movement. The group's Web site was knocked out of service for extended periods Sunday as a result of the attacks. An Internet statement by a purported Anonymous member Sunday said AFP was targeted because of its ties to Charles and David Koch, the billionaire brothers whose contributions to conservative causes and politicians have become a flashpoint in the ongoing labor dispute in Wisconsin. Several corporate Web sites connected to the Kochs experienced problems Sunday, according to media reports. AFP President Tim Phillips decried the "illegal attack on our free speech rights" in a statement Monday. "Americans for Prosperity will not be intimidated and will not be deterred," he said. From rforno at infowarrior.org Tue Mar 1 08:32:36 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 Mar 2011 09:32:36 -0500 Subject: [Infowarrior] - Judge Dumps Yet Another Mass Infringement Suit In Response To Single, Pro Se Motion To Quash Message-ID: Judge Dumps Yet Another Mass Infringement Suit In Response To Single, Pro Se Motion To Quash from the quashed-indeed dept http://www.techdirt.com/articles/20110226/15103513284/judge-dumps-yet-another-mass-infringement-suit-response-to-single-pro-se-motion-to-quash.shtml The various lawyers who have jumped on the bandwagon of mass lawsuits against people accused of sharing certain porn productions have been finding that courts are becoming more aggressive in dismissing most of the defendants due to clear abuse of the law by the lawyers to file a single case against so many defendants. We've seen a bunch of such cases have all but a single defendant dismissed. However, it looks like one judge in Illinois, Judge Milton Shadur, went beyond even that in dismissing an entire case against all 300 defendants in response to an amateur pro se motion to quash from one of the anonymous defendants. Of course, we've talked about some "kits" that have been put online for such defendants to file motions to quash and some of the folks in our comments insisted that such motions would never work. Oops. In this particular case, brought by one of the "new breed" of P2P mass lawsuit lawyers, John Steele (who was a divorce lawyer before jumping in to these types of cases) sued 300 defendants on behalf of porn producer, CP Productions. The judge seems to think the whole thing was clearly unwarranted, and had made it clear to Steele earlier that he didn't think much of the case at all. Steele pushed forward, but once the motion to quash came in, the judge dumped the whole case, going with his initial intuition that the case never should have been brought in the first place. Ars Technica summarizes the judge's reasoning: "Among other things, the newest motion demonstrates that there is no justification for dragging into an Illinois federal court, on a wholesale basis, a host of unnamed defendants over whom personal jurisdiction clearly does not exist and--more importantly--as to whom CP?s counsel could readily have ascertained that fact," the judge said, apparently referring to the fact the IP lookup services would have shown the lawyers that most defendants were unlikely to be Illinois residents. In addition, the judge saw the joinder of 300 defendants as little more than a ploy for saving cash. "No predicate has been shown for thus combining 300 separate actions on the cheap," he added. "If CP had sued the 300 claimed infringers separately for their discrete infringements, the filing fees alone would have aggregated $105,000 rather than $350." The judge also noted Steele's amazingly fast response to his own initial concerns about the case, which he said seemed to suggest that Steele already knew why the judge would be concerned and had all of his arguments ready to go. To the judge, this showed that Steele knew quite well the "obvious problems" of these types of lawsuits. Nice to see more judges realizing that these lawsuits are a massive abuse of the legal system to squeeze money out of people. From rforno at infowarrior.org Tue Mar 1 08:34:15 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 Mar 2011 09:34:15 -0500 Subject: [Infowarrior] - ICE Boss: It's Okay To Ignore The Constitution If It's To Protect Companies Message-ID: <434F0DB2-2EE4-4E29-AD40-02278A76B6E6@infowarrior.org> ICE Boss: It's Okay To Ignore The Constitution If It's To Protect Companies from the how-nice-of-them dept http://www.techdirt.com/articles/20110228/11122813301/ice-boss-its-okay-to-ignore-constitution-if-its-to-protect-companies.shtml While the folks at Homeland Security keep telling me that they simply cannot speak publicly about the seizure of various domain names -- and specifically the numerous mistakes they've made that appear to clearly violate both the First Amendment and Due Process rules -- it seems they have no problem talking about the domain seizures to folks in the press who don't bother to ask tough questions. ICE boss John Morton did an interview with Politico, where he trots out a bunch of highly questionable statements about the domain seizures, including claiming that it's all okay for them to do this because they're trying to "protect U.S. industry" rather than "regulate the internet." But that's not the role of Homeland Security or ICE. And there are limits on what ICE is actually allowed to do, and Morton's technically clueless agents seem to have ignored many of those rules. "We don't have any interest in going after bloggers or discussion boards," he said. "We're not about what is being said by anybody. We're about making sure that the intellectual property laws of the United States, which are clear, are enforced. When somebody spends hundreds of millions of dollars to develop the next movie or a billion dollars to develop the next heart medicine, the innovation and the enterprise that went into that effort is protected as the law provides. It's that simple." There's so much wrong in that statement that it should be grounds for dismissal. Morton is not representing what has happened, the law or the facts accurately here. He's lying to the American public (and to Politico, who appears to have failed to call him on any of it). First of all, if they don't have any interest in going after bloggers or discussion boards, why did they? Second, if the intellectual property laws of the US are "clear" -- why did ICE not use them and actually get anyone charged with infringement? Third, the laws aren't that clear -- which is why we (normally) have trials to make sure there was actual infringement. If ICE had been willing to let due process play out, it would have avoided embarrassing mistakes, like taking down 84,000 websites because a few may have had illegal content. Or seizing a blog (yes, a blog, despite what he says) that posted links to music elsewhere that was sent by the labels and artists. And, when someone spends all that money to develop something, there are plenty of business models for them to use, and they have every right to use civil laws to go after those who violate their rights. What they shouldn't have is some government agents taking down websites with no due process, seizing plenty of protected speech in the process. Finally, for Morton to claim "it's that simple," when the law is anything but simple should get the man fired. Seriously. No one who knows anything about the law thinks it's that simple. He shouldn't be in charge of ICE if he thinks that the laws are as simple as he makes out. It's not, and either he knows it and he's lying or he doesn't know it and he's unqualified for the job. Which is it? I figure I'll send these questions to my friendly press contact at Homeland Security, and I imagine the answer will be the same: "I'll have to direct you to the Justice Department on those questions." Because actually responding to American citizens whose rights he seems to have no problem trampling is not in his job description. Helping Hollywood by violating multiple parts of the Constitution is much more fun. Morton also seems to think there's simply no legal questions in seizing domain names: "We can seize and forfeit them just like we seize and forfeit bank accounts, houses and vehicles that are used in other crimes," he said. "Any instrument of a crime is subject to our jurisdiction in terms of seizure and forfeit." Again this is incorrect on a number of levels, and again raises questions about Morton's competence to hold the job he holds. You can seize property, but the case law is pretty clear on the different rules when it comes to seizing speech. And he's never responded to that at all. Because, of course, he cannot. John Morton seems to think it's fine to be censor-in-chief and to violate multiple parts of the US Constitution, because it protects a few businesses who have failed to adapt their business models. This is a sickening display of the takeover of the American government by corporations. From rforno at infowarrior.org Tue Mar 1 08:35:02 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 1 Mar 2011 09:35:02 -0500 Subject: [Infowarrior] - Senator vows to reform the PATRIOT Act Message-ID: Senator vows to reform the PATRIOT Act By Eric W. Dolan February 23, 2011 @ 10:37 pm In Breaking Banner,Nation | No Comments http://www.rawstory.com/rs/2011/02/23/senator-vows-to-reform-patriot-act/print/ A Democratic senator from Oregon said Tuesday that Congress must use the three month extension of the PATRIOT Act to amend the legislation so that it does not violate American's civil liberties. "Americans deserve laws that strike the best possible balance between fighting terrorism ferociously and protecting the rights and freedoms of law-abiding American citizens," Senator Ron Wyden, a senior member of the Senate Select Committee on Intelligence, said in a statement. Congress passed a bill last week that extended three controversial provisions [1] of the USA PATRIOT Act until May 27. The bill is expected to be signed into law by President Barack Obama in the coming days. "The Patriot Act does not strike that balance," he continued. "It was written and passed six weeks after the worst terrorist attack in our nation?s history. Congress wisely included sunset dates for the Patriot Act?s most controversial provisions, so that they could be thoughtfully considered at a later time. After ten years, it is clearly time for that debate." Last week, Sen. Wyden introduced a bill to narrow the PATRIOT Act's section 215 provision, which allows law enforcement to obtain "any tangible thing," including library and bookstore records. Under the PATRIOT Act, that information can be obtained without demonstrating that the person whose records are sought is connected to terrorism in any way. "Government agents should not be able to collect this sort of information on law abiding American citizens without showing that they have at least some connection to terrorism or other nefarious activities," Sen Wyden said. Wyden's bill would force law enforcement to demonstrate that the records were in some way connected to terrorism or clandestine intelligence activities before gathering the information. "Senator Wyden should be commended for his effort to narrow the Patriot Act?s reach," ACLU Legislative Counsel Michelle Richardson said. "Holding law enforcement accountable for how it uses its authority will not only help to protect Americans? privacy, it will ultimately keep us safer. We hope the Senate will strongly consider this bill in the next three months as it moves forward with debate on Patriot Act." Senate Judiciary Committee Chairman Patrick Leahy (D-VT) has also recently sought to reform the PATRIOT Act by increasing judicial oversight of government surveillance powers. "I support strengthening oversight while providing the intelligence community the certainty it needs to protect national security," Sen Leahy said. "The bill I hope we will consider before May 27 would give the intelligence community the certainty it needs by extending these expiring authorities while also strengthening congressional and judicial oversight." URL to article: http://www.rawstory.com/rs/2011/02/23/senator-vows-to-reform-patriot-act/ From rforno at infowarrior.org Wed Mar 2 09:15:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 Mar 2011 10:15:29 -0500 Subject: [Infowarrior] - IEEE Decides That Its Own Profits Are More Important Than Sharing Knowledge Message-ID: <1B24C842-A75A-49E8-87E8-73B81250B2F2@infowarrior.org> IEEE Decides That Its Own Profits Are More Important Than Sharing Knowledge from the sad-state-of-affairs dept http://www.techdirt.com/articles/20110301/03305813311/ieee-decides-that-its-own-profits-are-more-important-than-sharing-knowledge.shtml A year ago, we wrote about IEEE's somewhat ridiculous and aggressive policies towards republishing research it publishes. Apparently, it's getting even worse. An anonymous reader sent over Matt Blaze's story about how IEEE has made their policies even more draconian by forbidding authors from sharing the "final" versions of their papers anywhere on the web. Many academics post such papers to their own websites, or in some cases, to other aggregators or collections. This helps spread important knowledge and information -- which is the point of academia. But, as Blaze notes, IEEE and ACM -- who both should know better -- are being quite aggressive in trying to hold back such information sharing, unless they get paid for it. This is a shame, and reflects poorly on two very important organizations in the tech world. Blaze has decided to protest these moves: Enough is enough. A few years ago, I stopped renewing my ACM and IEEE memberships in protest, but that now seems an inadequate gesture. These once great organizations, which exist, remember, to promote the exchange and advancement of scientific knowledge, have taken a terribly wrong turn in putting their own profits over science. The directors and publication board members of societies that adopt such policies have allowed a tunnel vision of purpose to sell out the interests of their members. To hell with them. So from now on, I'm adopting my own copyright policies. In a perfect world, I'd simply refuse to publish in IEEE or ACM venues, but that stance is complicated by my obligations to my student co-authors, who need a wide range of publishing options if they are to succeed in their budding careers. So instead, I will no longer serve as a program chair, program committee member, editorial board member, referee or reviewer for any conference or journal that does not make its papers freely available on the web or at least allow authors to do so themselves. It would certainly be nice if others followed his lead. From rforno at infowarrior.org Wed Mar 2 11:48:34 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 Mar 2011 12:48:34 -0500 Subject: [Infowarrior] - SCOTUS: US hate group has First Amendment protections Message-ID: As an American, I agree with the Court. Personally, I agree with Justice Alito. What a bunch of intolerant 'tards. -- rick, reflecting on Voltaire http://online.wsj.com/article/SB10001424052748703559604576176323629295598.html?mod=djemalertNEWS#printMode MARCH 2, 2011, 12:37 P.M. ET High Court Rules in Favor of Funeral Protesters By BRENT KENDALL WASHINGTON?The First Amendment protects a fringe religious group that protested the funeral of a U.S. Marine killed in Iraq, the Supreme Court ruled Wednesday. "As a nation we have chosen ... to protect even hurtful speech on public issues to ensure that we do not stifle public debate," Chief Justice John Roberts wrote for the court in a 15-page opinion. "That choice requires that we shield Westboro from tort liability for its picketing in this case." Chief Justice Roberts said the group's messages "may fall short of refined social or political commentary," but the issues they highlight, including the political and moral conduct of the United States and homosexuality in the military, "are matters of public import." That the group was protesting at a funeral didn't transform the legal analysis, the chief justice said. He said the protest wasn't unruly and took place out of sight of those attending the church funeral service. "Any distress occasioned by Westboro's picketing turned on the content and viewpoint of the message conveyed, rather than any interference with the funeral itself," Chief Justice Roberts said. Justice Samuel Alito was the court's lone dissenter to Wednesday's ruling. "Our profound national commitment to free and open debate is not a license for the vicious verbal assault that occurred in this case," Justice Alito wrote. The Westboro church believes that any misfortune America suffers is divine punishment for the nation's failure to follow the sect's doctrine, which condemns gays, Catholics, Jews and others. The tiny church, whose membership largely consists of the founder's family, pickets military funerals to get attention for its message. Free Speech at the Court The Supreme Court has taken a broad view of free-speech rights in recent years, except for a case involving speech by a juvenile. * * * * * Morse v. Frederick (June 2007): A divided Supreme Court rules that an Alaska high-school student who was suspended after unfurling a banner reading "BONG HiTS 4 JESUS" [sic] can't sue the principal for damages. Chief Justice John Roberts says the banner was "reasonably viewed as promoting illegal drug use." In March 2006, the church's leader, Fred W. Phelps Sr., and several of his relatives selected the funeral of Lance Cpl. Matthew Snyder, who was killed in Iraq, at St. John's Catholic Church in Westminster, Md., as a vehicle for their cause. The group complied with local ordinances during its protest. Cpl. Snyder's father, Albert Snyder, said he could see the tops of picket signs as he drove to the funeral, but did not learn of the signs' content until he saw television coverage of the protest. Mr. Snyder later discovered a screed on the church's website attacking him for raising his son a Catholic and supporting his service in the armed forces. The Supreme Court said the online attack didn't factor into its analysis because Mr. Snyder didn't mention it in his petition to the high court. Mr. Snyder sued for intentional infliction of emotional distress, and ultimately was awarded $5 million in damages. He argued that Westboro's speech was entitled to less First Amendment protection in part because the group exploited his son's funeral as a platform for its message. A federal appeals court overturned the jury verdict on First Amendment grounds, saying the Constitution protected Westboro's speech. "Our reaction is, thank God and praise his name. He has a message and we're going to deliver it," said Margie Phelps, the daughter of Westboro's founder and the lawyer who argued the group's case before the high court. Ms. Phelps said the case "has brought a megaphone to the mouth of this small church." She said the group's picketing had quadrupled since the case was filed. Write to Brent Kendall at brent.kendall at dowjones.com From rforno at infowarrior.org Wed Mar 2 12:19:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 Mar 2011 13:19:59 -0500 Subject: [Infowarrior] - Software: The Broken Door of Cyberspace Security Message-ID: <7A9F28B0-B80A-407D-9E55-2D742DE8FA99@infowarrior.org> (c/o JH) (I also recommend reading Mark Minasi's "The Software Conspiracy" as a more wideranging examination into the sorry state of IT products/services these days. --- rick) Software: The Broken Door of Cyberspace Security Posted on Feb 27, 2011 By Fred D. Taylor, Jr.* ? http://harvardnsj.com/2011/02/software-the-broken-door-of-cyberspace-security/ ?Software is most of the problem. We have to write software which has many fewer errors and which is more secure? ? Dr Ed Amoroso, head of AT&T Network Security in Cyber War. The Internet has become integrated into the everyday life of millions of people around the world. It is the undercarriage for international banking, commerce and defense. The development of advanced software has increased office productivity, management, command, control, communications, computers and intelligence (C4I). Software is the door to the Internet ? and the door is broken, allowing thieves, malcontents and the curious the opportunity to steal, deny or degrade the information and capabilities we hold most dear. The extensive reliance on software has created new and expanding opportunities. Along with these opportunities, there are new vulnerabilities putting the global infrastructure and our national security at risk. The ubiquitous nature of the Internet and the fact that it is serviced by common protocols and processes has allowed anyone with the knowledge to create software to engage in world-wide activities. However, for most software developers there is no incentive to produce software that is more secure. The software industry is vibrant and healthy. In the desire to add more functionality in a fast-changing market there is less emphasis on quality software that is secure and error-free. Companies and users accept that there will be flaws with their software. Why? In any other industry it would be unacceptable to allow an industry to produce a faulty product and shirk responsibility. Instead of taking responsibility for defects in their software, the software producers have been able to transfer responsibility to the user. Software companies are able to pass on responsibility for the security of their software to the consumer. Thus, consumers are obligated to purchase security software to address software shortfalls, which has fueled a growing business sector for security software. In 2010, worldwide security software revenue was expected to reach $16.5B worldwide. However, this pales in comparison to the enterprise software market, which will reach $246.6B in 2011 according to a 2010 Gartner software market report. Software development is a growing business but the investment is not in secure software. If motivated, the software industry could apply greater effort in producing better quality software, but to date that motivation is still lacking. Given this back-drop what should we do to address the problem? ? The government must take an active role to define software quality standards. Consider instituting something similar to the lemon laws for automobiles, which were enacted to protect consumers from faulty products by forcing responsibility on the automobile industry to monitor and improve quality. A lemon law applied to the software industry would restrict the sale of any software that does not meet security standards. Additionally, software companies would be liable for damage or losses resulting from flaws in their software. This concept could also be applied to imported software, requiring review before entering the market place. Software that does not meet standards will be denied access to the U.S. market. ? Motivate the software industry, through government incentives and regulation, to invest in better software design and development. The software industry should partner with the government, academic and the science and technology community to develop new software coding that is more secure, easier to evaluate and more stringently tested. For example, research into advanced artificial intelligence software development tools can help further this goal. ? The consumer must no longer accept flawed software. The government should take responsibility for reviewing and evaluating software for quality and security compliance. With expanded scope and authority, existing organizations such as U.S. Department of Homeland Security/Department of Commerce could serve in this capacity. Cyberspace security is a vital national security interest, and the United States should take an active role in improving the quality of the software which undergirds the Internet. The majority of cyberspace security issues can be traced back to software. Better quality software will have a marked effect on improving cyberspace security. In turn, cybercrime will be reduced, intellectual property will be more secure, and critical infrastructure will be better protected. Software will never be perfect, but if we resign ourselves to accept inferior products, it will not improve. A concerted effort by private industry, government, and the consumer will generate more secure software. It is time to fix the broken door to the Internet. *Fred D. Taylor, Jr. is a Lt. Colonel in the United States Air Force and a National Security Fellow at the Harvard Kennedy School. The views expressed in this article are those of the author and do not reflect the official policy or position of the United States Air Force, Department of Defense, or the U.S. Government. From rforno at infowarrior.org Wed Mar 2 17:41:10 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 Mar 2011 18:41:10 -0500 Subject: [Infowarrior] - Ibuprofen may reduce risk of Parkinson's disease Message-ID: Ibuprofen may reduce risk of Parkinson's disease By Mary Brophy Marcus, USA TODAY Updated Mar 02, 2011 5:00 PM | http://yourlife.usatoday.com/health/medical/story/2011/03/Ibuprofen-may-reduce-risk-of-getting-Parkinsons-disease-by-a-third/44420904/1?csp=34news Regular use of the common over-the-counter pain reliever ibuprofen may cut the risk of developing Parkinson's disease, a new study suggests. In one of the largest studies to investigate the possible benefits of the drug on Parkinson's ? a brain disorder that causes tremors and movement problems and affects mostly elderly people ? Harvard Medical School scientists found that people who take ibuprofen regularly have a 38% lower risk of developing the condition, compared to those who don't use it. Other pain relievers, such as aspirin and acetaminophen, did not show the same effect, researchers said. "Our study suggests ibuprofen could be a potential neuroprotective agent against Parkinson's," says author Xiang Gao, a research scientist at Harvard School of Public Health, and instructor of medicine at Harvard Medical School. The study was published in the online edition of the journal Neurology on Wednesday and is scheduled to appear in the March 8, print edition. Researchers analyzed data taken from 136,197 nurses and other health professionals who reported their use of ibuprofen and similar pain relievers, known as non-steroidal anti-inflammatory drugs, or NSAIDs. Taking ibuprofen two or more times a week was considered regular use. After six years, 291 participants were diagnosed with Parkinson's; people who took ibuprofen regularly had a 38% lower risk of developing the disorder compared to those who didn't use the drug. Additional analysis combining several other studies on ibuprofen and other NSAIDs showed ibuprofen users had a 27% lower risk of developing the disease, scientists found. The idea that there is inflammation involved in the process of Parkinson's is not new, says neurologist Alessandro Di Rocco, director of the Parkinson's and Movement Disorders Division at NYU's Langone Medical Center. Knowing ibuprofen may have a positive impact though, is a step further, he says. "By understanding what chemical interactions in the brain are affected by ibuprofen, we may gain a broader understanding of what causes the disease and develop more effective ways to intervene to stop its progression," says Di Rocco. In the general population, about 16% regularly use ibuprofen, says Gao. Among Parkinson's patients, close to 10% do. It's too early for doctors to prescribe ibuprofen to prevent Parkinson's, which affects about 1 million Americans, says the author of an accompanying editorial, James Bower, an associate professor of neurology at the Mayo Clinic in Rochester, Minn. "The study itself was scientifically very sound. But an association does not mean causation. That's what I want to make sure we remember," says Bower. "It's very tempting to extract from this and go to the next step: Why not give ibuprofen to everybody? But there are reasons not to. It's a drug that is more powerful than it appears," says Di Rocco, who lists kidney, digestive, and urological complications related to ibuprofen's use. Another study out this week in Urology suggests ibuprofen and other NSAIDs could also be linked to erectile dysfunction. "The other reason not to jump on this is that we don't know how many years you have to take these drugs to really have an effect, at what age do you start, and what is the optimal dose?" says Di Rocco. From rforno at infowarrior.org Wed Mar 2 17:44:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 Mar 2011 18:44:13 -0500 Subject: [Infowarrior] - Terror Arrest Does Not Justify REAL ID Revival Message-ID: Terror Arrest Does Not Justify REAL ID Revival Posted by Jim Harper http://www.cato-at-liberty.org/terror-arrest-does-not-justify-real-id-revival/ The zeitgeist on Capitol Hill in Washington, D.C. may be for limited, constitutional government, but that doesn't mean that big-government conservatives aren't going to use the reprieve voters gave Republicans in the fall to once again advance big-government goals. On Monday, House Judiciary Committee Chairman Lamar Smith (R-Texas), Homeland Security Committee Chairman Peter King (R-N.Y.) and Crime, Terrorism, and Homeland Security Subcommittee Chairman James Sensenbrenner (R-Wisc.) sent a letter to Department of Homeland Security Secretary Janet Napolitano encouraging her to fully implement our national ID law, the REAL ID Act of 2005. The deadline for state implementation of the national ID law lapsed nearly three years ago. Half the states in the country have affirmatively barred themselves from implementing REAL ID or they have passed resolutions objecting to the national ID law. But the Department of Homeland Security has repeatedly extended the deadline and reduced the compliance bar to suggest progress on the flagging national ID effort. With another faux implementation deadline looming in May, the DHS is almost certain to issue a blanket extension of the compliance deadline again soon. Smith, King, and Sensenbrenner don't want that to happen. They cite the arrest of Khalid Aldawsari in Texas as a reason for "immediate implementation of REAL ID." According to the government's affidavit, Aldawsari planned to acquire a false birth certificate and multiple false drivers licenses, assumedly to assist in his getaway after executing his formative bombing plans. But if you read the affidavit, you can see just how remote and speculative his use of any false identification is compared to the real acts that go into his plans. You can also see the web of identifiers that law enforcement use to effectively track and surveil their targets, including phone numbers, license plates, physical addresses, immigration records, email addresses, and Internet Protocol addresses. Aldawsari was nowhere near slipping through the net, and having a false driver's license would have made no difference after a North Carolina chemical supply company reported to the FBI his suspicious attempt to purchase the chemical phenol. Nor would false identification have made a difference had he succeeded in an attack of any significance. Having a national ID is the fantastical way of addressing the fantastical part of Aldawsari's alleged plot. Thankfully, the real plot was disrupted using real law enforcement techniques, which include the reporting of suspicious behavior and narrowly targeted, lawful surveillance. From rforno at infowarrior.org Wed Mar 2 20:17:56 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 2 Mar 2011 21:17:56 -0500 Subject: [Infowarrior] - Documents Reveal TSA Plan To Body-Scan Pedestrians, Train Passengers Message-ID: <99624F69-D57A-4213-8335-B7AEC726C8D3@infowarrior.org> Documents Reveal TSA Plan To Body-Scan Pedestrians, Train Passengers Mar. 2 2011 - 6:05 pm | 0 views | 0 recommendations | 6 comments By ANDY GREENBERG http://blogs.forbes.com/andygreenberg/2011/03/02/docs-reveal-tsa-plan-to-body-scan-pedestrians-train-passengers/ A sample streetside scan image from American Sciences & Engineering. Giving Transportation Security Administration agents a peek under your clothes may soon be a practice that goes well beyond airport checkpoints. Newly uncovered documents show that as early as 2006, the Department of Homeland Security has been planning pilot programs to deploy mobile scanning units that can be set up at public events and in train stations, along with mobile x-ray vans capable of scanning pedestrians on city streets. The non-profit Electronic Privacy Information Center (EPIC) on Wednesday published documents it obtained from the Department of Homeland Security showing that from 2006 to 2008 the agency planned a study of of new anti-terrorism technologies that EPIC believes raise serious privacy concerns. The projects range from what the DHS describes as ?a walk through x-ray screening system that could be deployed at entrances to special events or other points of interest? to ?covert inspection of moving subjects? employing the same backscatter imaging technology currently used in American airports. The 173-page collection of contracts and reports, acquired through a Freedom of Information Act request, includes contracts with Siemens Corporations, Northeastern University, and Rapiscan Systems. The study was expected to cost more than $3.5 million. One project allocated to Northeastern University and Siemens would mount backscatter x-ray scanners and video cameras on roving vans, along with other cameras on buildings and utility poles, to monitor groups of pedestrians, assess what they carried, and even track their eye movements. In another program, the researchers were asked to develop a system of long range x-ray scanning to determine what metal objects an individual might have on his or her body at distances up to thirty feet. ?This would allow them to take these technologies out of the airport and into other contexts like public streets, special events and ground transit,? says Ginger McCall, an attorney with EPIC. ?It?s a clear violation of the fourth amendment that?s very invasive, not necessarily effective, and poses all the same radiation risks as the airport scans.? It?s not clear to what degree the technologies outlined in the DHS documents have been implemented. Multiple contacts at the DHS public affairs office didn?t respond to a request for comment Wednesday afternoon. A privacy assessment included in the documents for one aspect of the plans that focused on train security suggests that images wouldn?t be tied to any personally identifiable information such as a subject?s name. Any images shared outside the project or used for training purposes would have faces blurred, and employees using the system would be trained to avoid privacy violations, the document says. If the scanners were to adopt privacy enhancements deployed in new versions of the airport full body scanners currently being tested by the TSA, they would also use nondescript outlines of people rather than defined images, only showing items of interest on the subject?s body. But EPIC?s McCall says that those safeguards are irrelevant: If scanners are deployed in public settings, it doesn?t matter if they show full naked images or merely the objects in a user?s pockets. ?When you?re out walking on the street, it?s not acceptable for an officer to come up and search your bag without probable cause or consent.,? she says. ?This is the digital equivalent.? In August of last year, Joe Reiss, the vice president of marketing of security contractor American Sciences & Engineering told me in an interview that the company had sold more than 500 of its backscatter x-ray vans to governments around the world, including some deployed in the U.S. Those vans are capable of scanning people, the inside of cars and even the internals of some buildings while rolling down public streets. The company claims that its systems? ?primary purpose is to image vehicles and their contents,? and that ?the system cannot be used to identify an individual, or the race, sex or age of the person.? But Reiss admitted that the van scans do penetrate clothing, and EPIC president Marc Rotenberg called them ?one of the most intrusive technologies conceivable.? On top of exposing research into possible expansion of the scanner program, EPIC has also filed a lawsuit against the DHS that fights the use of the scanners in airports. The group is arguing its case in a D.C. appellate court next week, though some expect the scanners to be ruled constitutional. Check out the full documents obtained by EPIC below: http://blogs.forbes.com/andygreenberg/2011/03/02/docs-reveal-tsa-plan-to-body-scan-pedestrians-train-passengers/ From rforno at infowarrior.org Thu Mar 3 07:56:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 Mar 2011 08:56:06 -0500 Subject: [Infowarrior] - New meaning of 'wrong number' perhaps? Message-ID: Black Widow attempted New Year Moscow attack but blew herself up by mistake A "Black Widow" suicide bomber planned a terrorist attack in central Moscow on New Year's Eve but was killed when an unexpected text message set off her bomb too early, according to Russian security sources. < - > http://www.telegraph.co.uk/news/worldnews/europe/russia/8284279/Black-Widow-attempted-New-Year-Moscow-attack-but-blew-herself-up-by-mistake.html From rforno at infowarrior.org Thu Mar 3 08:25:15 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 3 Mar 2011 09:25:15 -0500 Subject: [Infowarrior] - Very OT: The 'Where's Waldo?' presidency Message-ID: This is a rare pure-political item for the list, but one that echoes what I've been hearing from people of all political orientations in recent months and I think worthy to pass along. I agree 100% with the sentiment expressed within and believe this does not present an image of effective leadership, presence, or active engagement in American affairs at the WH these days......a far cry from what the country was promised in '08. --- rick Obama's 'Where's Waldo?' presidency By Ruth Marcus Wednesday, March 2, 2011; 12:00 AM http://www.washingtonpost.com/wp-dyn/content/article/2011/03/01/AR2011030105489_pf.html For a man who won office talking about change we can believe in, Barack Obama can be a strangely passive president. There are a startling number of occasions in which the president has been missing in action - unwilling, reluctant or late to weigh in on the issue of the moment. He is, too often, more reactive than inspirational, more cautious than forceful. Each of these instances can be explained on its own terms, as matters of legislative strategy, geopolitical calculation or political prudence. He didn't want to get mired in legislative details during the health-care debate for fear of repeating the Clinton administration's prescriptive, take-ours-or-leave-it approach. He doesn't want to go first on proposing entitlement reform because history teaches that this is not the best route to a deal. He didn't want to say anything too tough about Libya for fear of endangering Americans trapped there. He didn't want to weigh in on the labor battle in Wisconsin because, well, it's a swing state. Yet the dots connect to form an unsettling portrait of a "Where's Waldo?" presidency: You frequently have to squint to find the White House amid the larger landscape. This tough assessment from someone who generally shares the president's ideological perspective may be hard to square with the conservative portrait of Obama as the rapacious perpetrator of a big-government agenda. If the president is being simultaneously accused of overreaching ambition and gutless fight-ducking, maybe he's doing something right. Maybe, or else Obama has at times managed to do both simultaneously. On health care, for instance, he took on a big fight without being able to articulate a clear message or being willing to set out any but the broadest policy prescriptions. Lawmakers, not to mention the public, were left guessing about what, exactly, the administration wanted to see in the measure and where it would draw red lines. That was not an isolated case. Where, for example, is the president on the verge of a potential government shutdown - if not this week, then a few weeks from now? Aside from a short statement from the Office of Management and Budget threatening a presidential veto of the House version of the funding measure, the White House - much to the frustration of some congressional Democrats - has been unclear in public and private about what cuts would and would not be acceptable. By contrast, a few weeks before the shutdown in 1995, Clinton administration aides had dispatched Cabinet members and other high-ranking officials to spread the message that cuts in education, health care and housing would harm families and children. Obama seems more the passive bystander to negotiations between the House and Senate than the chief executive leading his party. He performs best on a stage that permits the grandest sweep. He rises to the big occasion, from his inspiring introduction to the public in his 2004 Democratic convention speech to his healing words in the aftermath of the Tucson shootings. The president has faltered, though, when called on to translate that rhetoric to more granular levels of specificity: What change, exactly, does he want people to believe in? How, even more exactly, does he propose to get there? "Winning the future" doesn't quite do it. My biggest beef is with the president's slipperiness on fiscal matters. Obama has said he agrees with some of his fiscal commission's recommendations and disagrees with others. Which ones does he disagree with? I asked this question the other day of Austan Goolsbee, the chairman of the Council of Economic Advisers. Here's what I got: "The view espoused by some of the . . . commission that we ought to do Social Security 100 percent off of benefit cuts for sure he doesn't agree with." But of course, the plan that 11 of the commission members endorsed did nothing of the sort. I was unfair to Goolsbee because I asked him a question he didn't have the leeway to answer. You can't blame the aide for ducking when the boss fudges. Where's Obama? No matter how hard you look, sometimes he's impossible to find. From rforno at infowarrior.org Fri Mar 4 09:33:39 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 4 Mar 2011 10:33:39 -0500 Subject: [Infowarrior] - Web Video Rivalry Sparks U.S. Probe Message-ID: <24EA1972-8FBF-4FB6-A5B3-E42727F487E0@infowarrior.org> Web Video Rivalry Sparks U.S. Probe By THOMAS CATAN http://online.wsj.com/article/SB10001424052748703752404576178833590548792.html The Justice Department is investigating whether a group representing some top technology firms is unfairly trying to smother a free rival technology for delivering online video that is backed by Google Inc., according to people familiar with the matter. Access thousands of business sources not available on the free web. Learn More Much the way firms battled in the 1980s over VHS and Betamax video formats, tech rivals are fighting over the technology used to deliver and display Web video. Currently, video-streaming services like Netflix Inc. and Google's YouTube pay patent royalties, as do makers of Blu-ray disc players and other hardware. These firms pay royalties to an organization called MPEG LA, which is the target of the formal antitrust probe, the people familiar with the matter said. MPEG has amassed pools of patents covering widely used video formats and collects royalties for its members, which include Apple Inc. and Microsoft Corp. Antitrust enforcers are investigating whether MPEG LA, or its members, are trying to cripple an alternative format called VP8 that Google released last year?by creating legal uncertainty over whether users might violate patents by employing that technology, these people added. The probe, which pits Google and open-source software advocates against some technology giants like Apple, could help determine whether anyone will own rights over the creation and broadcast of online video in the next major Web programming language, called HTML 5. At stake is "who is going to have competitive clout in the world after television," said Eben Moglin, a Columbia University professor who supports free and open software. The California State Attorney General's office is also investigating the matter, according to people familiar with the matter. MPEG LA didn't confirm or deny it is under investigation. But the group says it isn't acting to kill a competitor. It said it's simply offering a service for patent holders and is agnostic about which video format prevails. "We are effectively a convenience store" for licensing patents, said Larry Horn, MPEG LA's chief executive. "We have no dog in that fight." Representatives of both law enforcement agencies as well as Apple and Google declined to comment. Microsoft didn't respond to a request for comment. MPEG LA, which was formed in the late 1990s,manages the licensing of more than 1,700 patents used in a high-definition video encoding standard known as H.264. The Justice Department is concerned the group's actions may stifle competition to that dominant format, the people familiar with the matter said. Google has been offering an alternative. The Silicon Valley giant last year paid $125 million to buy a company that developed the video-compression format called VP8. Google later released it as a royalty-free standard under an open license that enables software developers to use it any way they wish. At present, no patent royalties are charged for using Google's VP8 format. But MPEG LA has questioned that status, and last month issued a call for companies to submit patents they believe may be infringed by VP8. "I can tell you: VP8 is not patent-free," Mr. Horn said. "It's simply nonsense." For some people in the tech industry, the issue is less about cost and more about competition and control over technologies at the heart of the Internet. "How could it come to pass that it's illegal to compete?" asked Monty Montgomery, who runs a free software foundation, XIPH.org, and supports VP8. "That's when everybody's antitrust bells should be going off." The threat of future lawsuits has helped persuade some companies to forsake VP8. Apple's chief executive, Steve Jobs, explained in an email to the Free Software Foundation last year that a patent pool was assembled to "go after" a previous open-source format. "All video codecs are covered by patents," Mr. Jobs wrote. "Unfortunately, just because something is open-source, it doesn't mean or guarantee that it doesn't infringe on others patents." Write to Thomas Catan at thomas.catan at wsj.com From rforno at infowarrior.org Fri Mar 4 09:36:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 4 Mar 2011 10:36:59 -0500 Subject: [Infowarrior] - More carry-on luggage costing TSA millions a year Message-ID: <5B5E7E38-E663-401E-9326-6FB3192EC94A@infowarrior.org> More carry-on luggage costing TSA millions a year http://news.yahoo.com/s/ap/us_tsa_baggage_fees By ALICIA A. CALDWELL, Associated Press Alicia A. Caldwell, Associated Press ? Thu Mar 3, 4:49 pm ET WASHINGTON ? Choosing to carry your luggage onto a plane instead of checking it with an airline might save you a few bucks at the ticket counter but it's costing taxpayers about a quarter-billion dollars a year. Homeland Security Secretary Janet Napolitano told Congress this week that luggage fees have prompted more passengers to hold onto their bags, which means more items for Transportation Security Administration officers to inspect at security checkpoints at a cost of about $260 million annually. "When you have to pay to check a bag it increases carry-on luggage and that means there is more to inspect at the gate and so forth for passengers to get on planes," Napolitano said during testimony before a Senate Appropriations subcommittee on homeland security. Napolitano was addressing a question from Sen. Mary Landrieu, a Louisiana Democrat and chairwoman of the subcommittee, who asked whether airlines should help make up for some of the extra costs. "Checked bagged fees are increasing, it looks like, the cost to TSA because people don't want to pay the fees so they are not checking bags and putting more on the planes," Landrieu said the hearing Wednesday. "My question is, do the taxpayers have to pick up this fee? Or should we be looking at the airlines for some of the profits that they make from these fees to offset the cost the taxpayer." Without commenting on the question of airlines paying more, Napolitano said an increase in airport security fees ? passengers pay up to $5 for each one-way ticket ? would bring her department about $600 million a year. A security fee increase has been proposed nearly every year since it was first introduced in 2002 but Congress has never approved it. Rising fares, combined with fewer flights and more fees for passengers, have helped the airline industry post its first moneymaking year since 2007. The government estimates that the country's eight largest airlines are likely to earn more than $5 billion this year and $5.6 billion in 2012. From rforno at infowarrior.org Fri Mar 4 10:48:58 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 4 Mar 2011 11:48:58 -0500 Subject: [Infowarrior] - =?windows-1252?q?Liver=2C_Not_Brain=2C_May_Be_Ori?= =?windows-1252?q?gin_of_Alzheimer=92s_Plaques?= Message-ID: <7858648C-E197-46F1-8790-C11C3FA9CB1A@infowarrior.org> http://www.sciencedaily.com/releases/2011/03/110303134435.htm Liver, Not Brain, May Be Origin of Alzheimer?s Plaques ScienceDaily (Mar. 3, 2011) ? Unexpected results from a Scripps Research Institute and ModGene, LLC study could completely alter scientists' ideas about Alzheimer's disease -- pointing to the liver instead of the brain as the source of the "amyloid" that deposits as brain plaques associated with this devastating condition. The findings could offer a relatively simple approach for Alzheimer's prevention and treatment. The study was published online March 3 in The Journal of Neuroscience Research. In the study, the scientists used a mouse model for Alzheimer's disease to identify genes that influence the amount of amyloid that accumulates in the brain. They found three genes that protected mice from brain amyloid accumulation and deposition. For each gene, lower expression in the liver protected the mouse brain. One of the genes encodes presenilin -- a cell membrane protein believed to contribute to the development of human Alzheimer's. "This unexpected finding holds promise for the development of new therapies to fight Alzheimer's," said Scripps Research Professor Greg Sutcliffe, who led the study. "This could greatly simplify the challenge of developing therapies and prevention." An estimated 5.1 million Americans have Alzheimer's disease, including nearly half of people age 85 and older. By 2050, the number of people age 65 and over with this disease will range from 11 million to 16 million unless science finds a way to prevent or effectively treat it. In addition to the human misery caused by the disease, there is the unfathomable cost. A new report from the Alzheimer's Association shows that in the absence of disease-modifying treatments, the cumulative costs of care for people with Alzheimer's from 2010 to 2050 will exceed $20 trillion. A Genetic Search-and-Find Mission In trying to help solve the Alzheimer's puzzle, in the past few years Sutcliffe and his collaborators have focused their research on naturally occurring, inherited differences in neurological disease susceptibility among different mouse strains, creating extensive databases cataloging gene activity in different tissues, as measured by mRNA accumulation. These data offer up maps of trait expression that can be superimposed on maps of disease modifier genes. As is the case with nearly all scientific discovery, Sutcliffe's research builds on previous findings. Several years ago, researchers at Case Western Reserve mapped three genes that modify the accumulation of pathological beta amyloid in the brains of a transgenic mouse model of Alzheimer's disease to large chromosomal regions, each containing hundreds of genes. The Case Western scientists used crosses between the B6 and D2 strains of mice, studying more than 500 progeny. Using the results from this study, Sutcliffe turned his databases of gene expression to the mouse model of Alzheimer's, looking for differences in gene expression that correlated with differences in disease susceptibility between the B6 and D2 strains. This intensive work involved writing computer programs that identified each genetic difference that distinguished the B6 and D2 genomes, then running mathematical correlation analysis (known as regression analysis) of each difference. Correlations were made between the genotype differences (B6 or D2) and the amount of mRNA product made from each of the more than 25,000 genes in a particular tissue in the 40 recombinant inbred mouse strains. These correlations were repeated 10 times to cover 10 tissues, the liver being one of them. "A key aspect of this work was learning how to ask questions of massive data sets to glean information about the identities of heritable modifier genes," Sutcliffe said. "This was novel and, in a sense, groundbreaking work: we were inventing a new way to identify modifier genes, putting all of these steps together and automating the process. We realized we could learn about how a transgene's pathogenic effect was being modified without studying the transgenic mice ourselves." Looking for a Few Good Candidates Sutcliffe's gene hunt offered up good matches, candidates, for each of the three disease modifier genes discovered by the Case Western scientists, and one of these candidates -- the mouse gene corresponding to a gene known to predispose humans carrying particular variations of it to develop early-onset Alzheimer's disease -- was of special interest to his team. "The product of that gene, called Presenilin2, is part of an enzyme complex involved in the generation of pathogenic beta amyloid," Sutcliffe explained. "Unexpectedly, heritable expression of Presenilin2 was found in the liver but not in the brain. Higher expression of Presenilin2 in the liver correlated with greater accumulation of beta amyloid in the brain and development of Alzheimer's-like pathology." This finding suggested that significant concentrations of beta amyloid might originate in the liver, circulate in the blood, and enter the brain. If true, blocking production of beta amyloid in the liver should protect the brain. To test this hypothesis, Sutcliffe's team set up an in vivo experiment using wild-type mice since they would most closely replicate the natural beta amyloid-producing environment. "We reasoned that if brain amyloid was being born in the liver and transported to the brain by the blood, then that should be the case in all mice," Sutcliffe said, "and one would predict in humans, too." The mice were administered imatinib (trade name Gleevec, an FDA-approved cancer drug), a relatively new drug currently approved for treatment of chronic myelogenous leukemia and gastrointestinal tumors. The drug potently reduces the production of beta amyloid in neuroblastoma cells transfected by amyloid precursor protein (APP) and also in cell-free extracts prepared from the transfected cells. Importantly, Gleevec has poor penetration of the blood-brain barrier in both mice and humans. "This characteristic of the drug is precisely why we chose to use it," Sutcliffe explained. "Because it doesn't penetrate the blood-brain barrier, we were able to focus on the production of amyloid outside of the brain and how that production might contribute to amyloid that accumulates in the brain, where it is associated with disease." The mice were injected with Gleevec twice a day for seven days; then plasma and brain tissue were collected, and the amount of beta amyloid in the blood and brain was measured. The findings: the drug dramatically reduced beta amyloid not only in the blood, but also in the brain where the drug cannot penetrate. Thus, an appreciable portion of brain amyloid must originate outside of the brain, and imatinib represents a candidate for preventing and treating Alzheimer's. As for the future of this research, Sutcliffe says he hopes to find a partner and investors to move the work into clinical trials and new drug development. In addition to Sutcliffe, the authors of the study, titled "Peripheral reduction of ?-amyloid is sufficient to reduce brain A?: implications for Alzheimer's disease," include Peter Hedlund and Elizabeth Thomas of Scripps Research, and Floyd Bloom and Brian Hilbush of ModGene, LLC, which funded the project. Email or share this story: The above story is reprinted (with editorial adaptations by ScienceDaily staff) from materials provided byScripps Research Institute.Story Source: Journal Reference: J. Gregor Sutcliffe, Peter B. Hedlund, Elizabeth A. Thomas, Floyd E. Bloom, Brian S. Hilbush. Peripheral reduction of ?-amyloid is sufficient to reduce brain ?-amyloid: Implications for Alzheimer's disease. Journal of Neuroscience Research, March 3, 2011 DOI: 10.1002/jnr.2260 From rforno at infowarrior.org Sat Mar 5 11:42:31 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 5 Mar 2011 12:42:31 -0500 Subject: [Infowarrior] - Saudi king offered to buy Facebook to end the revolt: report Message-ID: <00835496-0CAF-4430-8651-F7C7B9FD44E9@infowarrior.org> (note the source, take as you will. --- rick) Saudi king to buy Facebook to end the revolt: report http://www.tehrantimes.com/index_View.asp?code=236523 In what is being termed as pure Wall Street Gordon Gecko tactics, King Abdullah of Saudi Arabia has decided to make an offer of $150 billion to buy out Facebook. Inside sources within the kingdom suggest that the King is very upset with Mark Zukerberg for allowing the revolt to get out of control, Ahlul Bayt News Agency reported. In a personal meeting between Mark Zuckerberg and King Abdullah on Jan 25, 2011, Zuckerberg had promised that he would not allow any revolt pages to be formed on Facebook even while he allowed Egypt and Libya revolt pages to be formed. Left with no option, Abdullah advised by Goldman Sachs has decided to buy out Facebook and ?clean out the weeds?. The offer on the table is $150 billion. Facebook balance sheet was shown to King Abdullah and his kingdom advisors had mentioned that it is not even worth $1 billion given that it generates no profit. But the King threw the report into the dustbin and fired his advisors and decided to hand over the investment banking mandate to Goldman Sachs who put the value at $150 billion. The deal will be all cash. Most analysts believe that Zuckerberg will not take the offer and will wait for King Abdullah to up the offer to at least $500 billion. In the meanwhile king Abdullah has now logged on the Facebook and was busy profiling some of the models in the Goldman Sachs presentation. From rforno at infowarrior.org Sat Mar 5 11:43:44 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 5 Mar 2011 12:43:44 -0500 Subject: [Infowarrior] - NERC Sets Up Cyber Task Force to Protect Power Grid Message-ID: <64843891-A147-49F1-A343-67CDC0BCAFEB@infowarrior.org> NERC Sets Up Cyber Task Force to Protect Power Grid http://www.thenewnewinternet.com/2011/03/04/nerc-sets-up-cyber-task-force-to-protect-power-grid/ The North American Electric Reliability Corporation is setting up a cyber-attack task force to evaluate and help protect the U.S. power grid in the event of an web assault, according to a release from the electric reliability organization. The 40-volunteer strong task force will identify opportunities to boost existing protection, resilience and recovery capabilities associated with power system practices, plans and procedures, as well as the tools and systems operators rely upon to manage the reliable operation of the bulk power system. ?Operators are trained to spot anomalies and take the appropriate actions in real time,? said Mark Engels, director of IT risk management at Dominion, who also chairs the task force. ?The Cyber Attack Task Force will build on that existing knowledge with recommendations that make it easier to detect and respond to indicators of an organized attack.? Last year, NERC and the Energy Department released the report ?High-Impact, Low-Frequency Event Risk to the North American Bulk Power System,? which found that the best approach to handling risks would be through an organized combination of industry-led task forces and NERC staff initiatives. ?NERC and the electricity industry have been actively addressing cybersecurity risks for some years now,? said Gerry Cauley, president and CEO of NERC. ?This initiative will more thoroughly examine the potential impact of a targeted cyber attack and how the industry should best coordinate the preparedness and response actions of cybersecurity experts with power grid operators.? From rforno at infowarrior.org Sat Mar 5 11:54:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 5 Mar 2011 12:54:33 -0500 Subject: [Infowarrior] - Anyone who visited GeoHot's PS3 jailbreak website is now part of Sony lawsuit Message-ID: <9AD37980-EC66-4A80-80AD-3E74B4DEEA78@infowarrior.org> Anyone who visited GeoHot's PS3 jailbreak website is now part of Sony lawsuit Andrew Couts Andrew Couts ? 42 mins ago http://news.yahoo.com/s/digitaltrends/20110305/tc_digitaltrends/anyonewhovisitedgeohotsps3jailbreakwebsiteisnowpartofsonylawsuit A US federal magistrate judge has ruled that Sony may learn the identities of anyone who visited the website of PlayStation 3 jailbreak hacker George Hotz since January 2009, Wired reports. Hotz ? a renowned 21-year-old hacker, famous for his iPhone jailbreaks, who goes by the handle GeoHot ? has been accused of violating the Digital Millennium Copyright Act for hacking the Sony PS3 in a way that allows users to install whatever software they like on the normally-closed device. After completing the jailbreak hack, Hotz published an encryption key and software tools on his website, providing anyone with the means to recreate the hack on their own PS3. The subpoena, issued by Magistrate Joseph Spero of San Francisco, requires Bluehost, which hosts geohot.com, to provide Sony with ?documents reproducing all server logs, IP address logs, account information, account access records and application or registration forms? related to Hotz?s website. This includes ?any other identifying information corresponding to persons or computers who have accessed or downloaded files hosted using your service and associated with the www.geohot.com website, including but not limited to the geohot.com/jailbreak.zip file.? Additional subpoenas give Sony the right to access information from YouTube about anyone who watched a video showing the Hotz jailbreak in action, or simply commented on the video. Google must hand over logs related to Hotz?s Blogger.com blog, and Twitter must also relinquish any information related to Hotz?s tweets, including ?documents sufficient to identify all names, addresses, and telephone numbers associated with the Twitter account.? Sony?s reasons for requesting such a wide-reaching subpoena are two fold: First, they want to show how pervasive Hotz?s PS3 jailbreak is. And second, they want to provide evidence that a large number of people in northern California downloaded the jailbreak file, which would help justify them suing Hotz in San Francisco rather his home-state of New Jersey. Technology rights advocates at the Electronic Frontier Foundation (EFF) say the subpoenas are too far-reaching. ???I think the these subpoenas, the information they seek, is inappropriate,?? Sony says Hotz?s jailbreak has helped people run pirated copies of games, which is one of their primary reasons for filing the lawsuit. Hotz contends that his jailbreak was written in such a way as to thwart pirates as much as possible. From rforno at infowarrior.org Sat Mar 5 11:55:54 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 5 Mar 2011 12:55:54 -0500 Subject: [Infowarrior] - The Evolution of Anonymous Message-ID: <51FD8844-30EE-417C-BB02-148785DB7E07@infowarrior.org> From Lulz to Labor Unions: The Evolution of Anonymous Mar 4 2011, 12:11 PM ET By Gillian Terzis Comment http://www.theatlantic.com/technology/archive/2011/03/from-lulz-to-labor-unions-the-evolution-of-anonymous/72001/ The fuzzy goals of the loosely affiliated group Anonymous have changed in the last year. It wasn't so long ago that Anonymous staked its identity on relentlessly subverting culture for the lulz. The group became renowned for its mockery of egregious displays of political correctness, hypocrisy, social conservatism and lameness by way of constructing humorous memes, or by mythologizing these flaws in their satirical wiki, Encyclopedia Dramatica. Needless to say, their work had narrow appeal -- appreciated mainly by members of the group's forums. It took the inimitable trolling of Oprah -- which led to her hysterical announcement to middle America that a known pedophile network by the name of Pedobear was equipped with "over 9,000 penises that were all raping children" -- to garner the group significant time in the media spotlight. These days, the narrative could not be more different. Over the past few months, Anonymous has constantly been in the headlines, but for reasons that are political rather than "lulzy." It seems the group has squarely concentrated its efforts on promoting freedom of information and speech by way of illegal, distributed denial-of-service attacks to crash the websites of authoritarian regimes in Africa and bolster the group's campaign for unfettered freedom of expression worldwide. For the most part, the mainstream media remains befuddled by Anonymous, not knowing quite what to make of the group's m?lange of illegal activity, political motivations and sardonic sense of humor. Moreover, as the group does not visibly toil on any ideological coalface, media outlets have been tempted to portray Anonymous as a group of lonesome hackers with nebulous but shadowy intent. Mass rallies -- like the ones in Wisconsin -- make for an easy, linear media narrative. But electronic subterfuge and virtual activism are often depicted as a bloodless sport -- the least compelling kind. But now, things are getting bloody -- especially in the United States where Anonymous has gained considerable clout. This week, the group's actions spectacularly forced the resignation of beleaguered HBGary Federal CEO Aaron Barr after it was revealed that HBGary -- in tandem with Palantir Technologies, Berico Securities and Hunton and Williams -- were planning to initiate a disinformation campaign against pro-union organizers and opponents of the U.S. Chamber of Commerce. The group uncovered the astonishing lengths the three firms would go to in order to discredit their enemies: They planned to set up fake personas on social network sites to damage their opponents and contemplated using malware to steal private information. This has now prompted the Democrats to push for a Congressional investigation. (Being Anonymous, they also brandished their signature irreverence by hacking Barr's twitter account and announcing that he was a "sweaty ballsack of caterpillars.") But certain aspects of Anonymous' methodology continue to divide those outside and inside the hacker community. DDoS attacks are useful for garnering media attention to certain political causes, but they can also be interpreted as an ironic attack on the opposing side's right to free speech. The persuasiveness of this argument depends on the size and character of Anonymous' targets. Multinational corporations and governments may seem fair game, but what about private citizens? Are critics right to suggest Anonymous is eroding an already blurry distinction between public and private spheres? Pinning down a cogent ideology of the group is difficult, too. We can surmise a few things with confidence: Anonymous is a zealous defender of freedom of information; the free exchange of information; the right to be irreverent; and the necessity of calling out gross abuses of power. But how committed are they to, say, social justice? This excerpt of a recent missive against the Koch brothers goes as far to imply some level of solidarity with America's working classes and union movement, but it is hard to tell if the group's motives are genuine: "Anonymous hears the voice of the downtrodden American people, whose rights and liberties are being systematically removed one by one ... we are calling for all supporters of true Democracy, and Freedom of The People, to boycott all Koch Industries' paper products. We welcome unions across the globe to join us in this boycott to show that you will not allow big business to dictate your freedom." Generally speaking, as Anonymous is a decentralized, online community of individuals, it is probably misguided to slap a political label on the group. As a member explained to a newspaper in Baltimore: "We all have this agenda that we all agree on and we all coordinate and act, but all act independently toward it." It's a fairly vague description of the group's politics, to say the least. This brand of civil disobedience is a stark contrast to the centralized, "real-life" social movements of the past, which generally had an identifiable leader and hierarchical order. Theoretically, anyone can become a member, as long as they profess a loose identification with the group's objectives. Coldblood, a spokesperson for the group illustrates just how elastic this identification can be, suggesting that Anonymous is in fact an "online living consciousness, comprised of different individuals with, at times, coinciding ideals and goals." So what happens when these ideals and goals fail to coincide, as was the case when Anonymous threw its support behind WikiLeaks? Well, the results could be kind of anarchic. In the WikiLeaks scenario, disagreement arose over how Anonymous should show its support. Agreeing on the duration of DDoS attacks on Visa, Mastercard and PayPal -- as well as agreeing on the attacks themselves -- proved a point of contention. The group splintered off into factions -- Operation Leakspin, Operation Payback and Operation Avenge Assange -- each outlining different tactics to demonstrate their support. Anonymous even published a press release addressing "perceived dissent" within its membership. For better or worse, Anonymous is a by-product of the political freedoms we often take for granted. The group's ability to induce actual changes in social and political policy may be limited, but their ultimate value to democracy lies in their capacity to perform vital checks on institutional power. Their methods may be radical, but for now their outcomes have proved nothing more than regulatory. From rforno at infowarrior.org Sat Mar 5 15:43:03 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 5 Mar 2011 16:43:03 -0500 Subject: [Infowarrior] - Saudi king offered to buy Facebook to end the revolt: report In-Reply-To: <00835496-0CAF-4430-8651-F7C7B9FD44E9@infowarrior.org> References: <00835496-0CAF-4430-8651-F7C7B9FD44E9@infowarrior.org> Message-ID: <7A42B46A-3CD9-486B-92D0-BEA8C6376364@infowarrior.org> No, Saudi Arabia?s King Abdullah did not offer to buy Facebook for $150 billion http://www.digitaltrends.com/social-media/no-saudi-arabias-king-abdullah-did-not-offer-to-buy-facebook-for-150-billion/ .... as I said in the original post, "take as you will." :) A bit early for April Fools, I think.....but it's making the rounds on the net bigtime today. (Still plausable in theory, though -- I mean the guy's got tons of "f---k you money" lying around.) -- rick From rforno at infowarrior.org Sun Mar 6 08:33:53 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 Mar 2011 09:33:53 -0500 Subject: [Infowarrior] - China's tightens controls on foreign media Message-ID: <1711027C-00D6-427F-8A63-A711CB87A3C6@infowarrior.org> China's capital tightens controls on foreign media (AP) ? 5 hours ago http://www.google.com/hostednews/ap/article/ALeqM5h5w6xOIykOeEGD7N4B-V5AE4JKgw?docId=8238d91b916f46019f983c72c06f5465 BEIJING (AP) ? Officials in China's capital said Sunday that foreign reporters must seek government permission to conduct interviews in Beijing, taking a hard interpretation of current, more liberal regulations amid Internet calls for Middle East-style popular protests. Li Honghai, vice director of Beijing's Foreign Affairs Office, said reporters must apply and get government permission to conduct any news gathering within the city center. Li's announcement at a news conference makes explicit restrictions that police began imposing more than a week ago following online postings of unknown origin for protests at designated spots in Beijing, Shanghai and other Chinese cities every Sunday. In the past week, police have followed foreign reporters in Beijing, and in some cases stopped foreign TV news crews from filming even innocuous subjects because they lacked permission. On the third such Sunday since the postings first appeared, no apparent demonstrations occurred in Beijing or Shanghai, though like previous weeks the designated sites drew onlookers and heavy security. In Shanghai, as a cold rain fell, police detained at least 17 foreign reporters for showing up at the protest site, People's Square, for not having permission to be there. The requirement for permission shows how nervous the authoritarian government is about the calls for protests, even though China's economy continues to hum and living standards improve. Beijing officials used the news conference to denounce the Internet appeals as an attempt to undermine China's stability. "All clear-minded people will know that these people have chosen the wrong place and have the wrong idea. The things they want to see take place have not and cannot occur in Beijing," said city government spokeswoman Wang Hui. Requiring permission marks a rollback of more relaxed regulations governing foreign reporters that were first instituted for the 2008 Beijing Olympics and then made permanent. Those rules dropped an earlier requirement of official permission to report, and instead said reporters only needed the consent of the "work unit" or person they wanted to interview. Li denied that requiring permission marked a retreat. Rather, he said, the need for permission was the Beijing government's interpretation of the regulations. "Beijing's local policy is a further and more detailed measure," Li said. In a sign of official jitters, police swarmed over a shopping mall in Beijing's university district Sunday afternoon and disrupted some cell phone services after large numbers of students congregated there, witnesses said. "I saw a lot more people, some of them students, than there normally are outside at midday today. There were people wearing red armbands and police officers," said a woman surnamed Wang at the Caoyuanfanmaishi restaurant in the shopping mall. At the two designated protest sites in Beijing, both busy shopping streets, large numbers of uniformed and plainclothes police patrolled and scrutinized passers-by. Foreign reporters who managed to pass or avoid police checkpoints at Wangfujing were followed and videotaped. At the other Beijing site, Xidan, officers checked identification cards of people and questioned and filmed journalists outside the nearby subway station. Reporters were told to leave and were made to board a parked bus where their press accreditation details were recorded. Associated Press writers Gillian Wong and Charles Hutzler in Beijing and Elaine Kurtenbach in Shanghai contributed to this report. From rforno at infowarrior.org Sun Mar 6 08:39:40 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 Mar 2011 09:39:40 -0500 Subject: [Infowarrior] - =?windows-1252?q?Forget_Google_=96_it=27s_Apple_t?= =?windows-1252?q?hat_is_turning_into_the_evil_empire?= Message-ID: <8768BF4E-140E-44A9-B731-93EB8A8607AB@infowarrior.org> Forget Google ? it's Apple that is turning into the evil empire You may think you own your iPad or iPhone but in reality an invisible string links it back to Apple HQ ? John Naughton ? The Observer, Sunday 6 March 2011 http://www.guardian.co.uk/commentisfree/2011/mar/06/john-naughton-apple-dominates-market Once upon a time, when Apple was mainly a computer manufacturer, people used to liken it to BMW. That was because it made expensive, nicely designed products for a niche market made up of affluent, design-conscious customers who also served as enthusiastic ? nay fanatical ? evangelists for the brand. It was seen as innovative and quirky but not part of the industry's mainstream, which was dominated by Microsoft and the companies making the PCs that ran Windows software. This view of Apple was summed up by Jack Tramiel, the boss of Commodore, when Steve Jobs first showed him the Macintosh computer. "Very nice, Steve," growled Tramiel. "I guess you'll sell it in boutiques." That was a long time ago. Now, with a market capitalisation of just over $331bn, Apple is the second most valuable company in the world ? bigger than Microsoft ($220bn), Oracle ($167bn) or Google ($196bn). The quirky little computer company has grown into a giant. But not necessarily a giant of the Big Friendly variety, as the world's magazine publishers have recently discovered and as the music and software industries have known for some time. For Apple now controls the commanding heights of the online content business and it looks like doing the same to the mobile phone business. At the moment, it looks as though nobody has a good idea of how to stop it. Every year, Fortune magazine polls a sample of US CEOs asking for their opinions of their competitors. The results for 2011 have just been released and they show that Apple is the "most admired" company in America. This is the sixth year in a row that it has held that title. The reasons are obvious. On the product side, Apple creates beautifully designed, highly functional and user-friendly devices that delight customers and provide fat profit margins; it has a corporate culture that reliably delivers these products by specified dates; it's much more innovative than any of its competitors; and it has a unique mastery of both hardware and software. On the strategic side, the company has displayed a deep understanding of technology and a shrewd appreciation of potential devices and services for which people will pay over the odds. Most CEOs would kill to run a company that possessed a quarter of these competencies. Apple appears to have them all. Its current dominance is built on three big ideas. The first is that design really matters. It's not something you can outsource to a design consultancy ? which is what most companies do ? and design is as much about ease of use as it is about aesthetics. The second insight was that the maelstrom of illicit music downloading triggered by Napster couldn't last and that the first company to offer a simple way of legally purchasing music (and, later, other kinds of content) online would clean up. And third ? and most important ? there was the insight that mobile phones are really just hand-held computers that happen to make voice calls and that it's the computing bit that really matters. Most of the media commentary about Apple attributes all of these insights to Steve Jobs, the company's charismatic co-founder, on the grounds that Apple's renaissance began when he returned to the company in 1996. This may well be true, though it seems unlikely that such a comprehensive corporate recovery could be the work of a single individual, no matter how charismatic. What's more plausible is that Apple's corporate culture took on some of the characteristics of its CEO's personality, much as Microsoft was once a corporate extension of Bill Gates, with all that implied in terms of aggression and drive. Whatever the explanation, the fact is that Apple now has a dominant position in several key businesses (content distribution and mobile computing) and is having a seriously disruptive impact on the mobile phone industry. In particular, its iTunes Store gives it control of the tollgate through which billions of paid-for music tracks and albums, videos and apps cascade down to millions of customers worldwide. It levies a commission on everything that passes through that gate. And every Apple mobile device sold can only be activated by hooking up to the gate. This gives Apple unparalleled power. Lots of other organisations offer paid-for downloads, but none has the credit card details of so many internet users who are accustomed to paying for stuff online. This was one reason why proprietors of print magazines began to slaver when the iPad appeared. Here at last was a way of getting people to pay for online content: just make it available on iTunes and let Apple collect the money. Sure, it rankled that Apple took 30%, but ? hey ? at least it would bring to an end the parasitic free riding that was endemic on the web. Henceforth, the web was dead: publishing magazines as iPad apps was the future. Then Apple abruptly changed the rules, stipulating that any publisher selling a digital subscription on a website must also make the same subscription offer within the app, from which Apple would take a 30% cut. Publishers have been furious about this, but there's nothing they can do about it. If they want to do business on the iTunes store, then they have to do it Apple's way. In itself, this was just an example of the Big Unfriendly Giant flexing its muscles, but it could be a harbinger of things to come. Umberto Eco once wrote a memorable essay arguing that the Apple Mac was a Catholic device, while the IBM PC was a Protestant one. His reasoning was that, like the Roman church, Apple offered a guaranteed route to salvation ? the Apple Way ? provided one stuck to it. PC users, on the other hand, had to take personal responsibility for working out their own routes to heaven. Eco's metaphor applies with a vengeance to the new generations of Apple iDevices, which are rigidly controlled appliances. You may think you own your lovely, shiny new iPhone or iPad, but in reality an invisible virtual string links it back to Apple HQ at One Infinite Loop, Cupertino. You can't install anything on it that hasn't had the prior approval of Mr Jobs and his subordinates. And if you are foolish enough to break the rules and seek your own route to salvation, then you may find when you next try to sync it with iTunes that it has turned into an expensive, beautifully designed paperweight. If that isn't power, then I don't know what is. From rforno at infowarrior.org Sun Mar 6 08:47:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 Mar 2011 09:47:33 -0500 Subject: [Infowarrior] - Quantum Cryptography School for Young Students Message-ID: How awesome is this??? ---- rick http://iqc.uwaterloo.ca/conferences/qcsys2011 The Quantum Cryptography School for Young Students (QCSYS) is an exciting week-long program offered to students in Grades 10-12. This year the program will run through August 8-12, 2011. The program is run by the Institute for Quantum Computing in conjunction with the University of Waterloo. Students will be given a first-hand look into one of the most exciting topics in contemporary science - quantum cryptography. Not only will students be exposed to cutting-edge topics like quantum physics and cryptography - they will have the opportunity to meet some of the most renowned researchers the field has to offer. In addition, students will get a tour of quantum computing and quantum cryptography experiments. High school students ages 15 and older are eligible to apply. The majority of enrolments will be reserved for Grade 11 students, however the program is open to accepting Grade 10 and Grade 12 applicants. The QCSYS requires that applicants have taken (or are currently finishing) Grade 11 Mathematics (or higher). Grade 11 Physics, while not mandatory, is recommended. Those students in Grade 10 will be an exception. As the school will be conducted in English, students are expected to be fluent in this language. The program has space for 40 students including a few spots for international students. There is no cost to attend. IQC will cover the cost of all airfare, lodging, meals and supplies. E-mail iqc.qcsys at uwaterloo.ca for more information. From rforno at infowarrior.org Sun Mar 6 08:49:11 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 Mar 2011 09:49:11 -0500 Subject: [Infowarrior] - Wall Street's secretive 'expert networks' Message-ID: <835B8EF6-5BDD-43B2-81C2-578BBCC1080E@infowarrior.org> Wall Street's secretive 'expert networks' The trial of Galleon hedge fund founder Raj Rajaratnam on insider-dealing charges has exposed a little-known world ? Simon Goodley ? guardian.co.uk, Friday 4 March 2011 18.26 GMT http://www.guardian.co.uk/business/2011/mar/04/sec-expert-networks-hedge-funds It is July 21, 2009, and one Wall Street hedge fund manager has a sudden change of heart. Having bought more than 1m shares in the giant technology company AMD over the past two weeks, the trader loses confidence in his bet and swiftly dumps a third of his stake. The volte-face immediately looks shrewd. As the markets close that evening, AMD makes a quarterly earnings announcement admitting to a $330m (?201m) loss and a 13% drop in revenues. One day later, AMD shares slump 13%, meaning the hedge fund manager had avoided losses of at least $140,355. Despite appearances, the unnamed trader's move may have been neither clever nor lucky: in the hours preceding AMD's announcement, the seller had conducted a 10-minute phone call with one Mark Anthony Longoria, who is AMD's supply-chain manager. That case is now part of the huge insider-dealing inquiry fixating Wall Street, which became even more sensational last week when the US securities and exchange commission filed civil charges against Rajat Gupta, the former head of the management consulting firm McKinsey. Gupta, who denies any wrongdoing, is alleged to have passed corporate secrets learned as a board member of Goldman Sachs to Raj Rajaratnam, the founder of the Galleon hedge fund, whose own trial on several counts of fraud and insider trading is due to start on Tuesday. Insider dealing is as old as markets themselves and the Financial Services Authority, the UK regulator, said there were "abnormal pre-announcement price movements" before 30.6% of 2009 takeover announcements. While Gupta's name makes the US inquiry among the highest-profile pursuits of insider traders since the groundbreaking Wall Street investigations of the 1980s, what is really unusual about this crackdown is how the likes of Longoria have become embroiled in the controversy. Plea bargaining The 44-year-old from Round Rock, Texas, made the fateful AMD call while moonlighting as a paid consultant for Primary Global Research (PGR), a so-called "expert network" firm that matches industry experts with money managers looking for informed corporate news. Court papers state that Longoria, who is plea bargaining, was paid $300 an hour to provide information to PGR clients and, from January 2008 to March 2010, received more than $130,000 for his time. Little is known about the world of expert networks. Even the grandaddy of the sector ? Gerson Lehrman Group (GLG) ? was once dubbed New York's "most valuable company no one outside of Wall Street has ever heard of". The business practice is perfectly legal, unless inside information is exchanged and used, but increasingly there are suspicions that impropriety is occurring more often than regulators would like. In November, one Don Chu, a PGR employee, was arrested after evidence gleaned from wiretaps and the co-operation of Richard Choo-Beng Lee, who had already pleaded guilty to insider trading in the Galleon case and is now a key witness. Also that month, Yves Benhamou ? a French doctor who was reportedly part of the Guidepoint Global Investors expert network ? was charged after allegedly tipping off a hedge fund manager with confidential information about a clinical trial. The questions these cases raised over the expert network industry have been limited to the US, where many of the firms are based, and there is no suggestion of any wrongdoing in London where the FSA privately plays down such firms' significance. However, the Guardian has unearthed eight expert network firms operating within London ? with one hired "expert" claiming that he alone has conducted "consultations" with more than 70% of the top investment banks in the City. Big players including GLG, Coleman Research and the Benhamou-linked Guidepoint all operate out of London, as do other firms including AlphaSights, CognoLink, DeMatteo Monness, ExpertView and Informed Edge. Apart from ExpertView, none of the firms would speak publicly to this newspaper about their industry or the impact the US inquiry is having on their business. Bespoke research However, ExpertView's founder, Martin Tripp, said: "Expert networks are a brilliant bespoke research tool, but you absolutely have to know the questions you can ask. We have had letters from US companies asking if we have any of their employees on our network and to remove them if we have. We have spent a lot of time and money getting our compliance right. We have telephone conversations with every single expert that we sign to the network. They are not authorised unless we've spoken to them." While ExpertView, which bills itself as a niche player concentrating on "quality not quantity", says it speaks to all its experts, that is not always true of some of the bigger players who conduct much of their vetting online. GLG claims to have more than 850 clients worldwide, served by 300,000 experts in sectors such as healthcare, energy, accounting and finance. One UK-based expert with GLG said: "You get 15 minutes' ethics training but it's very basic. They tell you 'don't say anything if it is confidential'. It is that level. I don't think there is much vetting. It is 'buyer beware'." Another GLG expert insisted said there was "quite a stringent process of form filling", while in a recent note to clients after the industry-wide controversy, GLG's chief executive, Alexander Saint-Amand, said: "We believe our policies and approach are the most robust in our industry and add significant transparency and controls over many types of uncontrolled and undocumented methods of information-gathering that exist outside of an expert network framework." Still, despite these efforts, even experts admit that problems occur. John Ansell, a pharmaceutical consultant who has conducted over 200 consultations for GLG over four years, added: "Only once has there been a problem. I told a bank something based on a rumour but they didn't want to hear it. It can happen inadvertently." Big names accused Last week's announcement that Rajat Gupta, the former head of management consulting group McKinsey, was among those charged in the securities and exchange commission's long-running insider dealing investigation propelled the inquiry's profile to new heights. Gupta, who denies any wrongdoing, is a former Goldman Sachs and Procter & Gamble director as well as being a one-time adviser to the United Nations and the biggest name to be directly dragged into the investigation thus far. It is alleged he passed corporate secrets to Raj Rajaratnam, whose hedge fund Galleon is being examined in another part of the case, which in turn triggered charges against four further hedge fund managers. One-time Olympic speed skating hopeful, Donald Longueuil, and Noah Freeman ? who both once worked at $12bn hedge fund SAC Capital ? have been charged with Samir Barai, founder of Barai Capital Management, and his employee Jason Pflaum. Prosecutors allege the four men swapped tips from employees of public companies and from expert network consultants. Former hedge fund analyst Danielle Chiesi, who compared insider dealing to an orgasm, has admitted making $4m (?2.45m) from the illicit deals. SAC founded by famed trader, Steven A Cohen, has a high profile on Wall Street but the fund has been embarrassed by names of other former employees being dragged into the glare of this SEC investigation. Following the charges against Longueuil and Freeman the company said it was outraged by their alleged actions. From rforno at infowarrior.org Sun Mar 6 19:22:36 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 Mar 2011 20:22:36 -0500 Subject: [Infowarrior] - =?windows-1252?q?Traders_=91short=92_dollar_as_cu?= =?windows-1252?q?rrency_loses_attraction?= Message-ID: Traders ?short? dollar as currency loses attraction By Peter Garnham in London Published: March 6 2011 20:10 | Last updated: March 6 2011 20:10 http://www.ft.com/cms/s/0/e050b72e-4823-11e0-b323-00144feab49a.html Hedge funds and forex dealers are betting record amounts against the dollar, reflecting a growing belief that the US currency has lost its haven appeal and that eurozone interest rates will soon rise. As the crisis in the Middle East has worsened, the latest exchange data show that traders are selling ?short? the currency. The big US fiscal deficit and concerns about the effect of rising oil prices have been blamed by some for the dollar?s slide. Figures from the Chicago Mercantile Exchange, which are often used as a proxy for hedge fund activity, showed that short dollar positions surged from 200,564 contracts in the week ending February 22 to 281,088 on March 1. This meant that the value of bets against the dollar on the CME rose $11.5bn in the week to March 1 to $39bn, $3bn more than the previous record of $36bn in 2007. In contrast, speculators have added to their euro holdings amid expectations that the European Central Bank will soon raise interest rates to head off rising inflation. Jean-Claude Trichet, ECB president, said last week that ?strong vigilance? was warranted, a phrase used throughout the bank?s 2005-08 rate-tightening cycle to pave the way for a rate increase at the next governing council meeting. That strengthened the market view in financial markets that the ECB could raise rates at its April meeting and the euro last week rose to a four-month high of $1.3997 against the dollar, taking its gains from a 16-week low of $1.2871 in January to nearly 9 per cent. ?Dollar bears have become a marauding horde,? said David Watt, analyst at RBC Capital Markets. Given the continued losses for the dollar this month, he said it was likely that investors had since added to their bets against the US currency, short of an ?absolutely stunning? reversal in sentiment. ?We may be seeing a turn in the longer-term outlook for the dollar ? for the worse,? said Kit Juckes, head of FX strategy at Soci?t? G?n?rale. He said the US Federal Reserve was likely to react more dovishly to a supply-side inflationary shock caused by rising oil prices than other central banks. The figures showed that speculators on the CME had raised the value of their bets that the euro would rise against the dollar to $8.8bn, the largest since January 2008, in the week to March 1. The data confirm the sharp turnround in sentiment towards the single currency from speculative investors, who as recently as January were betting on losses for the single currency on worries over the eurozone sovereign debt crisis. Analysts said the prospect of ECB monetary tightening was outweighing investors? concerns over the eurozone?s fiscal problems. Indeed, since March 1, it is likely that speculators added to their long euro positions. Beat Siegenthaler, forex strategist at UBS, said further gains for the euro against the dollar were likely given that other investors, such as pension funds and asset managers, had not yet joined short-term, leveraged investors such as hedge funds in adjusting their bets against the single currency. ?Clearly some asset managers, presumably the more speculative in orientation, joined hedge funds in putting on long euro exposure, but on a longer view, asset managers remain significantly short and private clients have not even started to turn round their bearish euro positioning,? Mr Siegenthaler said. He said an April interest rate rise from the ECB could therefore boost the single currency as these investors turned their positions round. ?For real money investors, the ECB decision could mean more euro buying over the medium term,? he said. ?Longer-term positioning still looks short the euro.? From rforno at infowarrior.org Sun Mar 6 19:25:56 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 Mar 2011 20:25:56 -0500 Subject: [Infowarrior] - =?windows-1252?q?ChronoPay=92s_Scareware_Diaries?= Message-ID: ChronoPay?s Scareware Diaries If your Windows PC has been hijacked by fake anti-virus software or ?scareware? anytime in the past few years, chances are good that the attack was made possible by ChronoPay, Russia?s largest processor of online payments. Tens of thousands of documents stolen and leaked last year from ChronoPay offer a fascinating look into a company that has artfully cultivated and handsomely profited from the market for scareware, programs that infiltrate victim PCs to display fake security alerts in a bid to frighten users into paying for worthless security software. < - > http://krebsonsecurity.com/2011/03/chronopays-scareware-diaries/ From rforno at infowarrior.org Sun Mar 6 21:38:01 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 6 Mar 2011 22:38:01 -0500 Subject: [Infowarrior] - Sites Like Twitter Absent From Free Speech Pact Message-ID: March 6, 2011 Sites Like Twitter Absent From Free Speech Pact By VERNE G. KOPYTOFF http://www.nytimes.com/2011/03/07/technology/07rights.html?hpw=&pagewanted=print SAN FRANCISCO ? When Google, Yahoo and Microsoft signed a code of conduct intended to protect online free speech and privacy in restrictive countries, the debate over censorship by China was raging, and Internet companies operating there were under fire for putting profit ahead of principle. It seemed the perfect rallying moment for a core cause, and the companies hoped that other technology firms would follow their lead. But three years later, the effort known as the Global Network Initiative has failed to attract any corporate members beyond the original three, limiting its impact and raising questions about its potential as a viable force for change. At the same time, the recent Middle East uprisings have highlighted the crucial role technology can play in the world?s most closed societies, which leaders of the initiative say makes their efforts even more important. ?Recent events really show that the issues of freedom of expression and privacy are relevant to companies across the board in the technology sector,? said Susan Morgan, executive director of the initiative. ?Things really seem to be accelerating.? But the global initiative is not. All of the participating companies are American. Also, Facebook and Twitter are notably absent despite their large audience and wide use by activists, in the Middle East and elsewhere. Bennett Freeman, senior vice president of the mutual fund company Calvert Investments and a G.N.I. board member, pointed out that the three current members were among the biggest Internet companies, but acknowledged that ?we are going to have to add some new companies soon to be truly influential.? The biggest test yet for the initiative comes later this year, when member companies are judged on whether they have adequate policies in place to address privacy and free speech issues. Independent auditors will issue a report after examining whether the companies narrowly interpret government demands for user information and whether they store users? data in countries where free speech is protected, for example. Next year, the companies are to undergo a more thorough review of whether they lived up to code of conduct?s principles. The initiative was created in 2008 after human rights groups and politicians condemned the top Internet companies for complying with China?s restrictive laws rather than jeopardizing their business interests by challenging them. Yahoo had turned over data that led to the imprisonment of several Chinese activists. Microsoft had shut down a blog by a Chinese journalist who worked for The New York Times. Meanwhile, Google had introduced a censored search engine in China (although the company has since shut down that site). The initiative is modeled on previous voluntary efforts aimed at eradicating sweatshops in the apparel industry and stopping corruption in the oil, natural gas and mining industries. As with those efforts at self-regulation, this one came at a time when Internet companies were seeking to polish their image and potentially ward off legislation. The code of conduct says that companies must try ?to avoid or minimize the impact of government restrictions on freedom of expression? and protect user privacy when demands by government ?compromise privacy in a manner inconsistent with internationally recognized laws and standards.? In practice, however, the code offers flexibility. Companies that go along with a country?s censorship requirements can remain in compliance as long as they disclose it, as Microsoft does with its censored search results in China. A number of participants, which also include human rights groups, academics and firms specializing in socially responsible investing, agree that the initiative started slowly. Much of the focus since its founding has been on getting organized and hiring. Originally, the membership was supposed to include the entire spectrum of software, hardware and telecommunications firms along with Internet companies. The idea was that a bigger roster would mean greater influence and credibility. But recruiting efforts have been fruitless. Some companies have cited the auditing process as being too onerous, according to Global Network Initiative participants who spoke on the condition of anonymity because they did not want to discourage companies from joining in the future. Other companies do not see any financial benefit or think they can do it alone. Andrew Noyes, a spokesman for Facebook, declined to address why Facebook had not joined. But he said that his company took seriously the issue of user trust and was in regular contact with governments and human rights groups. ?As Facebook grows, we?ll continue to expand our outreach and participation, but it?s important to remember that our global operations are still small, with offices in only a handful of countries,? Mr. Noyes said. Twitter declined to comment. Where the initiative has been most effective so far is in creating a forum for companies to easily get advice and share ideas. For instance, as the initiative?s participants were creating the code of conduct, human rights groups contacted Google after it removed videos in 2007 from YouTube showing police abuse in Egypt because of guidelines prohibiting violence. Google ultimately decided to restore the videos and adjust its policy to allow such clips. Some human rights groups said the initiative?s code of conduct was weaker than they would have liked. Getting companies to sign on would have been impossible otherwise, they acknowledged, describing the code?s final version as the best that could be hoped for at the time. Even with the code of conduct to help guide them, companies will inevitably come across issues that have no easy answers, said Rebecca MacKinnon, a senior fellow at the New America Foundation who specializes in online privacy and is a participant in the initiative. ?Most of these issues aren?t black and white,? Ms. MacKinnon said. ?The idea is to help them do the right thing rather than play ?gotcha? after they mess up.? From rforno at infowarrior.org Mon Mar 7 08:03:05 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 09:03:05 -0500 Subject: [Infowarrior] - Radio Daze Message-ID: <1395C385-10A5-4F9E-9520-D77C60BDFF17@infowarrior.org> Radio Daze This week?s parasha introduces a medium for distinguishing truth from falsehood. On the radio, where actors are hired to read scripts and pretend to be real people, things aren?t so simple. By Liel Leibovitz | Feb 11, 2011 7:00 AM | Print | Email | Share http://www.tabletmag.com/life-and-religion/58759/radio-daze/ Last year, a young man called in to a radio station with a problem. He?d recently attended a bachelor party, he said, and a friend of the groom-to-be, clueless of the unwritten etiquette of maledom, brought his girlfriend along, derailing what was supposed to be a weekend of gambling, girls, and general debauchery. The caller told his story with passion and verve, and then asked the station?s listeners for their advice on how to treat his clueless pal. Or at least he would have, had this been a real conversation. The young man?who asked to remain nameless in order to protect his chances for future employment?was an actor, and the staged call an audition. A short while later, he received the following email: ?Thank you for auditioning for Premiere On Call,? it said. ?Your audition was great! We?d like to invite you to join our official roster of ?ready-to-work? actors.? The job, the email indicated, paid $40 an hour, with one hour guaranteed per day. But what exactly was the work? The question popped up during the audition and was explained, the actor said, clearly and simply: If he passed the audition, he would be invited periodically to call in to various talk shows and recite various scenarios that made for interesting radio. He would never be identified as an actor, and his scenarios would never be identified as fabricated?which they always were. ?I was surprised that it seemed so open,? the actor told me in an interview. ?There was really no pretense of covering it up.? Curious, the actor did some snooping and learned that Premiere On Call was a service offered by Premiere Radio Networks, the largest syndication company in the United States and a subsidiary of Clear Channel Communications, the entertainment and advertising giant. Premiere syndicates some of the more sterling names in radio, including Rush Limbaugh, Glenn Beck, and Sean Hannity. But a great radio show depends as much on great callers as it does on great hosts: Enter Premiere On Call. ?Premiere On Call is our new custom caller service,? read the service?s website, which disappeared as this story was being reported (for a cached version of the site click here). ?We supply voice talent to take/make your on-air calls, improvise your scenes or deliver your scripts. Using our simple online booking tool, specify the kind of voice you need, and we?ll get your the right person fast. Unless you request it, you won?t hear that same voice again for at least two months, ensuring the authenticity of your programming for avid listeners.? The actors hired by Premiere to provide the aforementioned voice talents sign confidentiality agreements and so would not go on the record. But their accounts leave little room for doubt. All of the actors I questioned reported receiving scripts, calling in to real shows, pretending to be real people. Frequently, one actor said, the calls were live, sometimes recorded in advance, but never presented on-air as anything but real. Michael Harrison, the editor of Talkers Magazine, the talk-radio world?s leading trade publication, said he knew nothing of this particular service but was not altogether surprised to hear that it was in place. There was, he said, a tradition of ?creating fake phone calls for the sake of entertainment on some of the funny shows, shock jocks shows, the kind of shows you hear on FM music stations in the morning, they would regularly have scenarios, crazy scenarios of people calling up and doing pranks.? Rachel Nelson, a Premiere Radio Networks spokesperson, defended the Premiere on Call service and said that responsibility for how it is employed falls ultimately to those who use it. ?Premiere provides a wide variety of audio services for radio stations across the country, one of which is connecting local stations in major markets with great voice talent to supplement their programming needs,? Nelson wrote in an email. ?Voice actors know this service as Premiere On Call. Premiere, like many other content providers, facilitates casting?while character and script development, and how the talent?s contribution is integrated into programs, are handled by the varied stations.? *** In a strange way, this week?s Torah portion anticipates the state of affairs brought about by Premiere On Call. The parasha discusses a priestly vestment known as the hoshen. It?s a breastplate worn by the high priest, fitted with 12 jewels and looking a bit like a telephone keypad. And, like a telephone, it was an instrument of communication: The hoshen housed the urim and thummim, mysterious holy objects that, most scholars believe, were used for divination. In particularly fraught times, when truth and lies had to be sorted apart, the hoshen was called into service. It was, in a way, one of our earliest pieces of technology, a man-made object used to communicate, in this case, with the divine. We?ve come a long way. Far from harbingers of truth, our media are now increasingly used to shake the foundations of the real. We know this to be the case with television, where the stars of reality programming are frequently found to follow the blueprints of writers and producers. And we know it to be the case online, where identity has become a playground and masquerading the norm. But radio seemed different. We listen to radio because the voice, we think, doesn?t lie. The voice is immediate and intimate and present. We attach ourselves to radio personalities with an intensity we?d never dream to extend to, say, television hosts?just look at the fierce and unparalleled devotion to Howard Stern?and this is because we feel as if we know them and trust them. It is time to question this notion as well. The next caller you hear, the next personal story that makes you sniffle or shout with rage, may be the doing of someone at some faceless casting agency, hiring actors and writing scripts designed to titillate. The point is, without something like the hoshen, an object capable of channeling the celestial spirit and telling truth from lie, we?ll never know. From rforno at infowarrior.org Mon Mar 7 08:55:35 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 09:55:35 -0500 Subject: [Infowarrior] - Feds want new ways to tap the Web Message-ID: <4D571BAA-CD4C-4BF2-A027-4E887BE55D6F@infowarrior.org> Feds want new ways to tap the Web By: Jennifer Martinez March 7, 2011 04:32 AM EST http://dyn.politico.com/printstory.cfm?uuid=8E59FC52-B301-DD35-F0823F631C3A0F4D When it comes to criminal investigations, federal law enforcement is eager to get access to the bread crumb trail that suspects leave on the Web. In the age of Facebook, Twitter and Skype, however, the FBI and other agencies often must operate within the constraints of laws and regulations that haven?t been updated in more than a decade. The Obama administration is considering new regulations to require Web-based communications services to incorporate surveillance capabilities in their products, so law enforcement can conduct digital wiretaps if suspects message Facebook ?friends? or conspire via Skype. FBI General Counsel Valerie Caproni told the House Judiciary Committee in late February about a case the agency was investigating involving a pimp allegedly trafficking underage girls and producing child pornography on a social-networking service. But that social network ? which she didn?t name ? lacked ?the necessary technological capability to intercept the electronic communications.? The result was ?a weaker case and a lighter sentence than might otherwise have occurred,? she said. The administration has not yet submitted a formal proposal to Congress, but already forces are mobilizing against the idea, warning that new regulations may jeopardize privacy and deter innovation. ?It?s clear that some kind of mandate at the application level to build in what?s essentially a back door is going to be chilling to innovation,? said Leslie Harris, president of the Center for Democracy & Technology. Here are five social media technologies that the administration could target: 1. Web-based e-mail and real-time chat The challenge for law enforcement is that these cyber conversations are often encrypted ? meaning the data are scrambled ? and sometimes companies don?t store the exchanges on their servers so that authorities can retrieve them later. Google operates such services in Gmail, the Web-mail program, and Google Chat, an instant messaging platform. Within Gmail, users can opt to take a Google Chat conversation ?off the record? so it?s not saved within their Gmail account. Google said it does not store these ?off the record? chats. From January to June of last year, the search company received more than 4,280 requests for user data from the U.S. government, up from 3,580 requests made during the previous six-month period. Google is still the only major tech company to provide figures on the number of user-information requests it receives. The company does not release the number of requests it grants. In addition, spokesman Brian Richardson said the company sometimes fills requests only partially. ?The hope is we can one day provide that information in a useful way for people, but we haven?t figured out the best way to do that yet,? Richardson told POLITICO. It?s also unclear whether law enforcement can tap instant-message conversations over Google Chat in real time. Google declined to comment on specifics, but a company spokesman said, ?We do comply with valid legal processes.? 2. Private tweets Most information people share in their Twitter profile and their tweets is public. However, there is an option to keep your tweets private ? for a select audience ? and users can send private messages directly to another user. That?s an area where law enforcement might want to eavesdrop. Twitter notes in its law-enforcement guidelines that ?some information may only be stored for a very brief period? because of the service?s real-time nature, and it ?is not able to provide images or videos that a user may share through their account? other than a person?s profile image and decorative background they may choose for their profile. Twitter declined to comment, noting its guidelines are on its site. But the San Francisco-based company recently broke from those guidelines after receiving a request for the account information of three people associated with WikiLeaks. Twitter states on its website that the company will notify a user if information about that user?s account is being sought, unless it is ?prohibited from doing so by statute or court order.? In the WikiLeaks case, there was a court order. Twitter decided to challenge that order, which eventually was unsealed and now is subject to a challenge by the Twitter users. ?The easiest way to go about it when you have to comply with [law enforcement] is to tell the user, ?These people want your information. It?s up to you what to do, but here are public resources you might want to contact,?? Twitter cofounder Biz Stone recently told POLITICO. 3. Your whereabouts from IP ?addresses? Internet service providers and other Web-based services store a key piece of data about customers: their Internet Protocol ? or IP ? addresses, which help keep track of customers? whereabouts. An IP address is a numeric label tagged to a computer, printer or other device on a network. Internet providers such as Comcast maintain a 180-day, rolling log of IP addresses assigned to a subscriber?s account. If law enforcement contacts Comcast after that, the company is not able to provide that information. As a caveat, a Comcast spokesperson noted that an IP address is assigned only to a customer?s account and not to an actual person, ?so we can?t tell you who was actually using that account or what they were doing.? In addition, Comcast also provides an e-mail service to subscribers. If law enforcement provides the proper legal request for information, the Internet provider will turn over e-mail messages for a requested period. However, there are always ways for savvy Web users to keep their e-mail messages out of Comcast?s grasp. ?If they delete [an e-mail] quickly, it?s gone. Or if they copy it to a hard disk, it?s gone ? it?s out of our reach,? a Comcast spokesperson said. 4. Social networks Social networks are repositories for everything from r?sum?s, photos and contacts to conversations on instant messaging services and ?wall? posts. Facebook, the Palo Alto, Calif.-based social network, said any of this data can be retrieved by law enforcement, provided authorities show probable cause and obtain a court order. All of Facebook?s user information is stored on its servers in the United States and therefore is subject to law enforcement requests for that. However, Facebook weighs each request for user information before taking any action, and if a request is ?deemed appropriate,? the social network will share only the ?minimum amount of information,? the company said. If Facebook believes the law does not support a request for information, it has sometimes gone to court to object to government demands. Facebook declined to comment about whether law enforcement can tap real-time conversations on its instant-message feature. The social network may notify a user first before taking any action on an information request. ?It varies, depending on the situation,? Facebook Chief Security Officer Joe Sullivan told POLITICO. ?We don?t have a blanket notification policy.? 5. Peer-to-peer calling services Skype allows people to make voice or video calls on the Web, much like the traditional telephone. But a potential snag for law enforcement is that the Luxembourg-based company only provides the technology that enables people to make calls and does not store any users? conversations. ?There?s no central Skype server where the government can say, ?This is where we?re going to place our wiretap,?? said Josh Gruenspecht, the cybersecurity fellow at the Center for Democracy & Technology. However, Skype can tell you whether a user is online and logged in to the service. ?All it does is act as a signal that this person is online and this person is not online,? Gruenspecht said. Skype has filed for an initial public offering so the company was unable to comment, a spokesman said, because of a Securities and Exchange Commission-mandated ?silent period.? From rforno at infowarrior.org Mon Mar 7 08:57:31 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 09:57:31 -0500 Subject: [Infowarrior] - Fluffy Senator OpEd: How to make Internet more secure? Message-ID: How to make Internet more secure? By: Sen. Susan Collins March 7, 2011 04:31 AM EST http://dyn.politico.com/printstory.cfm?uuid=8D04D0B8-C317-34C2-12E4AFC419844EC8 The Internet is vital to virtually every facet of Americans? daily lives and essential to the free flow of ideas and information. It has changed how we communicate with family and friends, how we exchange information, even how we bank and shop. As we have seen in the Middle East, the Internet has literally helped change the world. The Internet and our access to it must be protected to ensure both the reliability of its critical services and the availability of information. We must be mindful that the Internet is vulnerable to exploitation and attack. Those vulnerabilities increase every day as more and more activity finds its way onto cyberplatforms. Every month, an estimated 1.8 billion cyberattacks target the computer systems of Congress and executive branch agencies, according to the Senate?s sergeant at arms. The annual cost of cybercrime worldwide has climbed to more than $1 trillion ? $8 billion annually in the United States. These dangers pose serious threats. Hackers could attack critical civilian infrastructures, like electric grids and transportation systems, harming whole regions. Our military assets are at risk, too. Adversaries have acquired thousands of files from U.S. networks as well as from U.S. allies and industry partners, including weapons blueprints and operational plans. In fact, military officials now describe cyberspace as the fifth domain of war ? in addition to land, sea, air and space. But cyberspace is unique, they note, because it is the only battlefield invented by humans. Clearly, the Internet must be made more secure, but in a manner that does not infringe on our constitutional rights to receive information and express views. Last year, Sens. Joe Lieberman (I-Conn.), Tom Carper (D-Del.) and I introduced legislation to strengthen the government?s efforts to safeguard U.S. cybernetworks from attack and prevent presidential overreach. That bill was unanimously approved by the Senate Homeland Security and Governmental Affairs Committee. Last month, we introduced a new version with stronger, more explicit provisions that would prevent the president from ever shutting down the Internet. It would also provide an opportunity for judicial review of designations of our most sensitive systems and assets as ?covered critical infrastructure.? President Hosni Mubarak?s actions in January to shut down the Internet in Egypt were, and are, totally inappropriate. Freedom of speech is a fundamental right that must be protected, and his ban was clearly designed to limit criticism of or action against his government. Our bill would not only prevent such a shutdown but also would make America?s critical assets safer. Our bill would: ? Establish a cybersecurity leader within the Department of Homeland Security who would have the authority to coordinate policy and to mandate protective measures across all federal civilian agencies. This leader would head a new National Cybersecurity Center ? much like the National Counterterrorism Center ? that would bring together expertise from across the federal government. ? Promote information-sharing on cyber vulnerabilities and protective measures, distributing data to federal, state, local and tribal governments and private-sector stakeholders. ? Create incentives for the private sector to develop cybersecurity ?best practices,? with special focus on helping small businesses. ? Provide specific authority to the National Cybersecurity Center ? from a risk-based, collaborative model ? to identify and mitigate cyber vulnerabilities, where disruptions could result in catastrophic loss of life and property. ? Prevent the president or any official from shutting down the Internet. This legislation would help our nation be better equipped to anticipate, neutralize and build additional safeguards against cyberattacks. It would protect the ever-evolving frontier of cyberspace, which encompasses so much of modern life and will only grow in importance. If we don?t build adequate protections into our federal networks and critical infrastructure, malicious hackers ? including nation-states and terrorist groups ? are likely to exploit, attack and destroy them. As a nation, we must be prepared to aggressively, and proactively, meet this emerging global cyberthreat. We cannot afford to wait for a ?cyber Sept. 11? before our government finally realizes the importance of protecting our digital resources, limiting our vulnerabilities and mitigating the consequences of penetrations of our networks. We must be ready. It is crucial that we build a strong public-private partnership to protect cyberspace. It is a vital engine of our economy, our government, our country and our future. Sen. Susan Collins (R-Maine) is the ranking member of the Senate Homeland Security and Governmental Affairs Committee. From rforno at infowarrior.org Mon Mar 7 08:58:12 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 09:58:12 -0500 Subject: [Infowarrior] - House OpEd: Feds not best guard of cyberspace Message-ID: <6414E04B-F3D2-41CF-9FAE-26A6728FC88C@infowarrior.org> Feds not best guard of cyberspace By: Rep. Bob Goodlatte March 7, 2011 04:31 AM EST http://dyn.politico.com/printstory.cfm?uuid=8D156113-A590-D967-37B04D71AAF221A6 More than 90 percent of the nation?s critical information infrastructure is operated by the private sector. Protecting cyberspace, however, is not just about securing our nation?s critical information infrastructure, but promoting economic security. The online and physical worlds have become so intertwined that vulnerabilities in the information infrastructure now pose real risks to physical establishments and individuals. One can easily envision a situation in which a hacker could electronically break into a critical infrastructure and cause the failure of a physical establishment ? such as a hospital ? which would result in serious injury or death. In 2004, worldwide economic damage from digital attacks was between $46 billion and $56 billion, according to a Congressional Research Service estimate. In 2009, the White House released the ?Cyberspace Policy Review,? that estimated 2008 losses from data theft to be as high as $1 trillion. These numbers represent a good reason for the private sector to take cybersecurity seriously. The security of the American people is of paramount importance. While the government has a crucial role to play, any policy to improve private-sector cybersecurity should not be overly burdensome and counterproductive to economic prosperity. Regulatory mandates are not only unlikely to lead to private-sector cybersecurity improvements, they would likely hinder economic growth. The regulatory process is time-consuming and does not move at the speed of the online world. Online capabilities and capacities change rapidly ? so rapidly, that any regulations for cybersecurity would probably be obsolete by the time they could be enacted, if not before. In addition, imposing a regulatory scheme that increases costs for United States companies would put them at a competitive disadvantage to their foreign counterparts. Similarly, any government effort to take control of the Internet through a ?kill switch? should be strongly resisted. Such a drastic measure has the ability to fundamentally alter the way the Internet functions and the way online business is transacted. Congress should be looking for ways to encourage the private sector to do more to protect its infrastructure from cyberattacks. One way would be to provide limited liability protection to companies that take steps to improve their cybersecurity capabilities. After Sept. 11, terrorism insurance was virtually nonexistent, even as the nation needed anti-terrorism products and services more than ever. The lack of insurance was a hindrance for many companies. Congress responded with the Support Anti-Terrorism by Fostering Effective Technologies Act, which provides liability protection for manufacturers whose products and services are used in combating terrorism. Providing civil-liability safe harbors to companies that demonstrate compliance with cybersecurity best practices would encourage the private sector to adopt effective measures. An additional security component of cyber space is public engagement. When companies understand and appreciate the potential losses that can occur through a cyberintrusion, it becomes in their best economic interest to improve their cybersecurity capabilities. Corporate entities should be encouraged to share experiences and best practices to help identify vulnerabilities and solutions. The government should be a partner in this. Congress should also look at the criminal code to ensure that cybercrime laws are up to date and can deal with the evolving threats posed by hackers and other cybercriminals. Our nation?s law enforcement agencies should have the necessary tools to investigate, apprehend and prosecute cybercriminals. The nature and manner of cyber crime is continuously evolving ? and we must ensure that our laws address the realities of this changing threat. Finally, because unsecure individual computers can be used to launch attacks against others, it is important for the government to convey to citizens how important they are to our nation?s cybersecurity efforts. Computer users need to realize just how vital it is for individual Americans to take their cybersecurity seriously, not just as a matter of personal safety ? but for our country?s security. By implementing relatively simple measures, they are not only protecting themselves and their families, they are contributing to our national efforts to secure critical infrastructures, such as telecommunications, energy, manufacturing, water, health care, transportation and emergency and financial services. Rep. Bob Goodlatte (R-Va.) is chairman of the House Judiciary Subcommittee on Intellectual Property, Competition and the Internet. From rforno at infowarrior.org Mon Mar 7 09:00:01 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 10:00:01 -0500 Subject: [Infowarrior] - OpEd: Cybersecurity needs complete plan Message-ID: <798C443C-436B-47F9-86AE-BEC381AB936D@infowarrior.org> Cybersecurity needs complete plan By: Sen. Sheldon Whitehouse March 7, 2011 04:31 AM EST http://dyn.politico.com/printstory.cfm?uuid=8D587513-F55D-BEB0-A25C03B5B2018326 The Internet has nurtured a remarkable amount of innovation, commerce, freedom of expression and economic connectivity. But these great benefits are accompanied by an ever-growing number of serious cybersecurity threats. Cybercrime has put our country on the losing end of what could be the largest illicit transfer of wealth in world history. Whatever its form ? copying source code, industrial espionage of military product designs, identity theft, online piracy or outright theft from banks ? cybercrime cripples American innovation, kills jobs, undermines our economic security and violates individual privacy. The most dangerous threat is the potential for a hostile nation to use cyberattacks to weaken our military capabilities or to sabotage our critical infrastructure ? from our electric grid to our banking system. These cybersecurity threats are not going away. Cyberattacks are relatively easy and low risk for cybercriminals and hostile foreign agents. All you need is a room full of hackers. And the potential rewards are enormous: As early as 2007, cyberintrusions at U.S. agencies and departments resulted in the loss of data equal to the entire Library of Congress. I am glad that Majority Leader Harry Reid (D-Nev.) and the chairmen of the relevant Senate committees have recognized the need for legislation to address this growing threat. Working together in a bipartisan manner, we can find a solution that makes America safer from cyberthieves and cyberterrorists. One important focus should be the proper structure and distribution of government authorities. Resolving this crucial issue will enhance our effectiveness in combating cybersecurity threats. But it is merely one of many technical, legal, and political issues our nation faces in the cybersecurity realm. Six areas need particular attention. First, the public has little awareness about cyberthreats. Threat information affecting the .gov and .mil domains is largely classified, while entities in the .com, .net and .org domains often consider the information proprietary. Companies worry that shareholders, customers and regulators would look dimly on news that they have suffered a major cyberintrusion. If the public knew the stakes ? that cybercriminals have pulled off bank heists that make Willie Sutton look like a petty thief ? they would demand swift action. We cannot prevail against our cybersecurity threats without public support. Congress should ensure that legislation includes mechanisms to bring the public out of the dark. Second, we need to improve the means for industry sectors to deploy common defense strategies ? like the westward pioneers circling their wagons. We should also enable industries to work more effectively with the government when appropriate. These conversations need to be made ?safe? for industries. The courts also have a role to play in this corporate self-defense. Creative technical experts and lawyers at Microsoft, for example, were able to mount an impressive counterattack against the Waledac botnet, which had created a network of zombie computers to send spam. They obtained a federal court order requiring VeriSign, the domain name registrar, to cut off domains associated with the botnet ? effectively disabling it. Private corporations can achieve remarkable cybersecurity goals through the courts. Third, we need to provide end-users, ISPs and software and hardware suppliers with basic rules of the road. The vast majority of cyberattacks can be defeated with off-the-shelf technology. There would also be a national security advantage if the federal government focuses its cybersecurity efforts on the remaining more complex threats. Fourth, we must provide the federal government adequate authority and capability to protect critical private infrastructure ? including our financial, communications, transportation and energy sectors. Cyberattacks happen at the speed of light, so the best defense requires speed-of-light awareness and response. We need to evaluate when and where it would be appropriate to pre-position some defensive capabilities. For example, we should consider creating secure domains in which cybersecurity defenses could be both lawful and effective. This would obviously have to be done in a transparent manner, subject to very strict oversight. Fifth, we must put more cybercriminals behind bars. For all the laudable efforts of the Justice Department, the FBI and other agencies, law enforcement needs more tools. A lot more. Finally, we must more clearly define the rules of engagement for covert action against cyberthreats. The president must have access to as many lawful and appropriate tools as possible ? subject to clear executive policies and procedures, as well as vigilant congressional oversight. Our American way of life depends on networked information technologies. The expansion of this powerful new cybertechnology has meant great things for our world ? but it also makes us uniquely vulnerable. We must prepare our nation for this new threat. Sen. Sheldon White house (D-R.I.) is a member of the Senate Judiciary Committee and a former member of the Intelligence Committee. He served as chairman of the bipartisan Cyber Task Force in 2010. From rforno at infowarrior.org Mon Mar 7 13:34:21 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 14:34:21 -0500 Subject: [Infowarrior] - Recursive DMCA takedowns Message-ID: <480DF053-C047-404A-8876-5B4DB4AE16B0@infowarrior.org> Fox DMCA Takedowns Order Google to Remove Fox DMCA Takedowns http://torrentfreak.com/fox-dmca-takedowns-demand-google-to-remove-fox-dmca-takedowns-110307/ Sending DMCA takedown notices in bulk has become increasingly fashionable during recent years but thanks to the database at Chilling Effects, we are able to see who is sending what to whom. As concerns mount over the amount of checking carried out before items are taken down, it appears that Fox has managed to get Google to delist DMCA complaints on Chilling Effects, which were originally sent by Fox themselves and submitted to Chilling Effects by Google. The Chilling Effects web archive was founded in 2001 as a response to the usually secretive practice of sending so-called ?takedown notices? to have content removed from the web. This, according to the activists involved, was having a ?chilling effect? on free speech. In a show of openness, big companies such as Google, Yahoo, Twitter and Digg began sending DMCA takedown notices they received to Chilling Effects. In 2010 the clearing house received more than 12,000 such cease-and-desist notices which in turn contained thousands of links to content to be removed. At times this archive makes fascinating reading, as highlighted today by occasional TorrentFreak contributor SearchFreak. The URL http://chillingeffects.org/dmca512c/notice.cgi?NoticeID=31773 shows a DMCA notice sent by Twentieth Century Fox Film Corporation to Google which contains a list of URLs which allegedly link to the movie Avatar. Fox demanded that Google should take them all down from its index, which it appears to have done. However, if one enters this URL into a Google search, the only results listed are where other pages refer to this URL. The actual page with this URL is nowhere to be found. Indeed, as can be seen from the screenshot below, Google has removed the result due to a DMCA takedown complaint. Fortunately we can see what this complaint was about and who sent it by, ironically, going to ChillingEffects. The DMCA complaint in question was sent by Fox to Google and contains dozens of links its anti-piracy division has culled from the web, allegedly linking to their movie Avatar. However, deep into the complaint Fox has demanded that Google take down links to two pages on Chilling Effects (1) (2). Their crime? Containing links to the Avatar movie. So, let?s have a little recap since this is becoming like an episode from Soap. Chilling Effects is setup to stop the ?chilling effects? of Internet censorship. Google sees this as a good thing and sends takedown requests it receives to be added to the database. Fox sends takedown requests to Google for pages which the company says contain links to material it holds the copyright to. Those pages include those on Chilling Effects which show which links Fox wants taken down. Google delists the Chilling Effects pages from its search engine, thus completing the circle and defeating the very reason Chilling Effects was set up for in the first place. Fox has repeated this somewhat ridiculous ?error? several times (1) (2) (3) (4) but they are not on their own. It seems that the UFC have also been trying to have ChillingEffects notices removed (1) (2) (3) (4) (5) but currently they remain listed by Google. While the Fox takedowns happened a while ago, those sent by UFC are just a few weeks old. Let?s hope that when receiving these requests in future Google simply throws them in the trash, where they belong. From rforno at infowarrior.org Mon Mar 7 14:23:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 15:23:57 -0500 Subject: [Infowarrior] - Obama restarts Guantanamo trials Message-ID: <6A887E3C-0F08-4FDF-B23A-31DC5E8E9FD3@infowarrior.org> Obama restarts Guantanamo trials By LOLITA C. BALDOR The Associated Press Monday, March 7, 2011; 3:08 PM http://www.washingtonpost.com/wp-dyn/content/article/2011/03/07/AR2011030702669_pf.html WASHINGTON -- President Barack Obama approved Monday the resumption of military trials for detainees at the U.S. prison at Guantanamo Bay, Cuba, ending a two-year ban. It was the latest acknowledgement that the detention facility Obama had vowed to shut down within a year of taking office will remain open for some time to come. "I strongly believe that the American system of justice is a key part of our arsenal in the war against al-Qaida and its affiliates, and we will continue to draw on all aspects of our justice system - including Article III courts - to ensure that our security and our values are strengthened," the president said in a statement. Article III courts are civilian federal courts. Under Obama's order, Defense Secretary Robert Gates will rescind his January 2009 ban against bringing new cases against the terror suspects at the detention facility. Closure of the facility has become untenable because of questions about where terror suspects would be held. ? 2011 The Associated Press From rforno at infowarrior.org Mon Mar 7 17:20:56 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 7 Mar 2011 18:20:56 -0500 Subject: [Infowarrior] - The new cyber arms race Message-ID: <51FAA16F-F7AC-4386-8C1C-874C10CEF2B7@infowarrior.org> The new cyber arms race Tomorrow's wars will be fought not just with guns, but with the click of a mouse half a world away that will unleash weaponized software that could take out everything from the power grid to a chemical plant. By Mark Clayton Christian Science Monitor March 7, 2011 http://www.csmonitor.com/USA/Military/2011/0307/The-new-cyber-arms-race From rforno at infowarrior.org Tue Mar 8 05:56:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 Mar 2011 06:56:59 -0500 Subject: [Infowarrior] - Amtrak vs. TSA Message-ID: (c/o AJR) Newswire: Amtrak vs. TSA TRAINS exclusive: Amtrak police chief bars Transportation Security Administration from some security operations By Don Phillips Published: March 3, 2011 http://cs.trains.com/TRCCS/forums/p/188504/2059127.aspx WASHINGTON ? In late February, the Transportation Security Administration took over the Amtrak station in Savannah, Ga., and thoroughly searched every person who entered. None of the passengers got into trouble, but the TSA certainly did ? big time. Amtrak Police Chief John O?Connor said he first thought a blog posting about the incident was a joke. When he discovered that the TSA?s VIPR team did at least some of what the blog said, he was livid. He ordered the VIPR teams off Amtrak property, at least until a firm agreement can be drawn up to prevent the TSA from taking actions that the chief said were illegal and clearly contrary to Amtrak policy. ?When I saw it, I didn?t believe it was real,? O?Connor said. When it developed that the posting on an anti-TSA blog was not a joke, ?I hit the ceiling.? Video of the screening is available at: www.liveleak.com. O?Connor said the TSA VIPR teams have no right to do more than what Amtrak police do occasionally, which has produced few if any protests and which O?Connor said is clearly within the law and the Constitution. More than a thousand times, Amtrak teams (sometimes including VIPR) have performed security screenings at Amtrak stations. These screenings are only occasional and random, and inspect the bags of only about one in 10 passengers. There is no wanding of passengers and no sterile area. O?Connor said the TSA violated every one of these rules. A posting in late February to the Transportation Security Administration?s blog, which serves as a public relations tool of the TSA, tried to explain why TSA agents took over the Amtrak station in Savannah. But O?Connor said the ?facts? as posted on the TSA blog were incorrect. He said the blog indicated that Amtrak had approved of the operation, but it had not. He called the TSA?s posting on blog.tsa.gov ?inaccurate and insensitive.? As of the time this story was filed, the same posting remained on the blog. A TSA spokesman said he could not elaborate on the blog posting. O?Connor said he must take some of the blame because he did not more carefully observe what the VIPR teams were doing. He said the TSA had apologized repeatedly to him, but they must agree to firm restrictions before he will consider allowing them back on Amtrak property. The search was first revealed on the blog gizmodo.com. However, that blog got it at least half wrong. The TSA did not, as the blog said, funnel people who arrived by train into the station for a search. Instead, the TSA took over the station and posted notes outside saying that anyone who entered would be ?subject to mandatory screening.? Those who know the Savannah station realize that it generally is not necessary for anyone arriving or departing by train to go into the station. It is much easier to park the car or be dropped off near the platform. Therefore, why was the TSA searching only anyone entering the station? It might even be easier to explain why they might have searched everyone. For instance, such questions as, did they have a tip someone was carrying a small atomic bomb? In the end, it is not even possible to discern a reason for what they actually did. Why search only people unfortunate enough to need to enter the station ? people who needed to buy tickets, an elderly person who was dropped off and needed a place to sit while waiting, a mom whose infant badly needed a diaper change? The group involved is TSA?s VIPR operation, which deals with surface transportation. VIPR is short for ?visible intermodal protection and response.? It turns out that VIPR has been far more active than imagined. Teams have searched bus passengers all over the country, have done similar things at train stations, and have even blocked traffic on bridges to search trucks and cars. That even included the busy Chesapeake Bay Bridge near Washington. The VIPR teams were rolled out on Dec. 12, 2005, then promptly pulled back two days later when it turned out that no one had informed numerous local governments. It was a fiasco. Several local jurisdictions said they had no interest and opted out, including the Washington Metro system. But teams, moving slowly, have apparently re-infiltrated surface transportation facilities. Unlike the TSA at airports, these teams have access to firepower. Although the TSA is not allowed to carry weapons, some armed Federal Air Marshals have been switched to ground duty. One major unanswered question is: why? What purpose is being served other than to justify employment? You will certainly hea From rforno at infowarrior.org Tue Mar 8 07:21:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 Mar 2011 08:21:57 -0500 Subject: [Infowarrior] - Ebooks: durability is a feature, not a bug Message-ID: Ebooks: durability is a feature, not a bug HarperCollins' attempt to ensure ebooks in libraries can only be loaned out 26 times is indefensible ? Cory Doctorow ? guardian.co.uk, Tuesday 8 March 2011 11.41 GMT http://www.guardian.co.uk/technology/2011/mar/08/ebooks-harpercollins-26-times When I was a high-school student in Toronto, I loved working in libraries. I spent a glorious summer inputting the ISBN of every book in a junior-high-school library for a new automated catalogue (if that doesn't sound glorious, think of this: I had to get down and handle every single book in a mid-sized library, which was an education in and of itself). I worked at a high-school library for a time. Then I graduated to the big leagues: working in the business and urban affairs section of the North York Central Library, a huge, multi-storey library with dozens of collections and hundreds of librarians, public service clerks, and pages ? that was my job, page, and it meant doing all the drudgework from re-shelving books to repairing the newspapers. Yes, repairing the newspapers. We were the business collection, and that meant that people came in to find out what had been in any of the nation's daily papers (as well as a few international papers) over the past month. After 30 days, we'd get microfilm editions of the papers, which were kind of a pain to read, but they were at least designed from the ground up to be used by the general public over a period of years. You can't say the same thing about the print edition of a newspaper. Newspapers are practically designed to self-destruct after a single reading ? if you've ever picked up a daily paper in a cafe around suppertime after it's been handled by a day's worth of patrons, you know that this is a *personal* tech, and that after a pass-along or two, it starts to look like it's been to the wars. Try to imagine what a newspaper looks like after it's been read by a busy library's patrons over the course of 30 days. By month's end, the papers were more sellotape than newsprint, big photocopied sections glued in to replace torn-out or illegible pieces and so on. Whatever the demerits of microfilm as a storage medium (and it is notoriously balky, difficult stuff), at least it had a certain durability that the print article lacked. Now, we did pay a stiff premium for those film editions, but nothing in our deal with the newspaper publishers required us to gently and deliberately age them so that they would fall to bits over 30 days' use. No one tried to argue that the fact that newspapers disintegrated if you looked at them cross-eyed was a feature that had to be preserved as their content moved from medium to medium. And yet, that is just the case made in the ebook deal HarperCollins is offering to libraries. HarperCollins has informed libraries that henceforth, ebooks will be sold on the condition that they can only be circulated 26 times before they self-destruct. HarperCollins argues that this reflects the usage characteristics of the print editions that HarperCollins has sold to libraries for literally centuries. That is, HarperCollins argues that once one of its print books lands on the shelves of a local library, it will only survive for 26 checkouts before it has to be discarded because it is in such an unreadable state. Now, in point of fact, many ordinary trade books circulate far more than 26 times before they're ready for the discard pile. If a group of untrained school kids working as part-time pages can keep a copy of the Toronto Star in readable shape for 30 days' worth of several-times-per-day usage, then it's certainly the case that the skilled gluepot ninjas working behind the counter at your local library can easily keep a book patched up and running around the course for a lot more than 26 circuits. Indeed, the HarperCollins editions of my own books are superb and robust examples of the bookbinder's art (take note!), and judging from the comments of outraged librarians, it's common for HarperCollins printed volumes to stay in circulation for a very long time indeed. But this is the wrong thing to argue about. Whether a HarperCollins book has the circulatory vigour to cope with 26 checkouts or 200, it's bizarre to argue that this finite durability is a feature that we should carefully import into new media. It would be like assuming the contractual obligation to attack the microfilm with nail-scissors every time someone looked up an old article, to simulate the damage that might have been done by our careless patrons to the newsprint that had once borne it. Ebooks have loads of demerits, especially as they are marketed to libraries. They are sold at full price, while print editions generally go at a hefty discount to reflect libraries' volume purchasing. They can only be read with certain, proprietary readers, something analogous to insisting that the libraries require patrons to read their books by the light of one preferred manufacturer's lightbulb. They can't be sold on as a library discard once the library no longer needs them for the collection. But they have virtues, too. For example, they don't wear out. To pretend that this belongs on the "con" side rather than the "pro" side of the ebook chart is indefensible. You might as well argue that a surcharge should be assessed against paperbacks to offset the "losses" experienced by publishers when libraries buy them instead of the hardcover, or that charity shops should be obliged to apply fake rust to stainless steel cutlery to make up for the fact that it lasts longer than the non-stainless kind. Of course ebooks don't wear out. Programming them to self-destruct after 26 checkouts is tantamount to asking librarians to embrace entropy. Anyone who thinks that this is going to happen has never spent any time with a librarian. From rforno at infowarrior.org Tue Mar 8 15:17:03 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 8 Mar 2011 16:17:03 -0500 Subject: [Infowarrior] - Freedom Box gets off the ground Message-ID: <67AB0B7F-54D1-4601-8BC4-CB2DC4B4386E@infowarrior.org> Freedom Box gets off the ground https://lwn.net/Articles/429230/ < -- > While providing "safe social networking" is one of the aims of the Freedom Box, it is only part of the picture. The project wants to protect users' data as well as their communications, including internet traffic, email, and voice. Beyond that, Freedom Box is specifically targeted at routing around ISPs' restrictions on the types of traffic they will carry, as well as attempts by governments to do similar traffic restrictions. In short, the goals of the Freedom Box live up to Moglen's original vision, as spelled out in his February 2010 talk at the New York branch of the Internet Society, as well as those outlined in a more recent talk at FOSDEM 2011: it is geared towards restoring users' freedoms. Those freedoms are best guarded by keeping our data safe within the walls of our homes, because there are typically more legal protections there than there are when storing data on some company's servers. We have already seen that companies will often bow to governmental pressure in ways that would be more difficult to orchestrate when the data is spread out across the net. To that end, Freedom Box also plans to provide ways to securely back up encrypted data on friends' and neighbors' servers. In addition, it will provide ways for those under repressive regimes to anonymously publish information, such that those regimes will find it difficult to stop or track down the publishers. If the FreedomBox is going to handle all of these kinds of things, obviously the security of the device itself is paramount, but it is also targeted at protecting other systems in the home that live "behind" the Freedom Box. < -- > https://lwn.net/Articles/429230/ From rforno at infowarrior.org Wed Mar 9 07:29:07 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 Mar 2011 08:29:07 -0500 Subject: [Infowarrior] - Morgan Stanley Demands Removal of HBGary AnonLeaks Document Message-ID: <9E99899E-485F-44BB-A0BB-5B9AEB6494F0@infowarrior.org> Morgan Stanley Demands Removal of HBGary AnonLeaks Document March 9, 2011 in Threats and Takedown Notices A representative of Morgan Stanley las demanded the removal of a document originally released by the online hacktivist group Anonymous. Morgan Stanley?s Computer Emergency Response Team (CERT) Physical Memory Standard Operating Procedures is a 23-page document that details procedures written by HBGary employee Phil Wallisch for Morgan Stanley?s CERT. The original source of the document is an email from Phil Wallisch to the Morgan Stanley CERT in June 2010. The document is available in other formats from a variety of sites hosting the AnonLeaks HBGary files. The author apparently copied the request from a sample DMCA form letter, an example of which can be seen here. In fact, she sometimes fails to insert her own information into the form letter, which can be seen most notably in section five of the demand. < -- > http://publicintelligence.net/morgan-stanley-demands-removal-of-hbgary-anonleaks-document/ From rforno at infowarrior.org Wed Mar 9 10:28:48 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 Mar 2011 11:28:48 -0500 Subject: [Infowarrior] - Libicki: Stuxnet isn't all it's cracked up to be -- but then neither is cyberwar, really Message-ID: <04694F17-158E-483F-8477-903554A31D43@infowarrior.org> Libicki: Stuxnet isn't all it's cracked up to be -- but then neither is cyberwar, really Posted By Thomas E. Ricks Thursday, March 3, 2011 http://ricks.foreignpolicy.com/posts/2011/03/03/libicki_stuxnet_isnt_all_its_cracked_up_to_be_but_then_neither_is_cyberwar_really "Cyber security has become Washington's new growth industry," two of my CNAS colleagues,Kristin Lord and Travis Sharp, commented the other day. They warn especially against billion dollar solutions to million dollar problems. They're right. Everyone's hyperventilating about cyber-this and cyber-that, so we dispatched one of our cyber-reporters, Zach Keck (real name) across the real river to see what up. By Zach Keck Best Defense cyberwar bureau The Stuxnet virus isn't as big a deal as people think and only worked because the Iranians weren't practicing safe computing, Martin Libicki of the Rand Corporation said at his packed briefing on "Cyber-security and Cyber-deterrence," in Pentagon City the other night. Dr. Libicki began the night by noting that his definition of cyber-warfare only considers conflict between states. More specifically, he defined cyberwar as one state using information to attack another state's information by attacking the other's information system. This definition excludes many of the closely related concepts such as cyber-espionage, electronic warfare, or even attacking prominent public websites. Still, this somewhat limited definition proved robust enough to facilitate some interesting discussion, particularly with regard to Stuxnet and for the purposes cyber-warfare best lent itself too. The presentation challenged the conventional wisdom on the significance of Stuxnet. To begin with, the virus was only effective because the Iranian regime disregarded some commonsense safeguards that would have immediately alerted them that their systems had been corrupted. Moreover, another crucial aspect to Stuxnet's success was Iranian inexperience with spinning centrifuges as any mature nuclear state, even if it too disregarded these simple safeguards, would have been able to quickly recognize that system was not running properly. Libicki used Stuxnet to illustrate an important insight into the nature of cyberwar in general. In direct contrast to senior advisor for cyber-security in the Department of Energy Bill Hunteman, who has predicted that Stuxnet will set off a chain of copycats, Dr. Libicki argued that we were unlikely to see a sequel to Stuxnet. Cyber attacks exploit a hole in the program which, consequentially, brings the glitch to the attention of the victim government and others monitoring the situation, who will then patch it up rendering that particular cyber capability useless. This point had interesting implications when the subject turned to the ends that cyber attacks were best suited towards. Specifically, he argued that cyber attacks were unlikely to be effective for coercive purposes. Libicki noted that attacking a country simultaneously produces feelings of anger, for being attacked in the first place, as well as fear of being attacked again. Since a second cyber- attack will not be nearly as effective as the first one, however, a country's anger will likely overpower the fear making the victim country prone to retaliate. Nonetheless, cyber-war tactics may be useful when integrated with other military capabilities. The example Libicki used to demonstrate this point to the audience if China, while still much weaker militarily than the United States, decided to take Taiwan by force. In such a scenario, China could launch a cyber attack on the U.S. Navy's 7th Fleet, which, if the attack were successful, could render the fleet incapable of responding for up to 48 hours. At this point, however, China may already control the island, and the United States would have to consider acquiescing to this reality. While I tend to doubt the likelihood of the United States doing this, it could be a powerful argument that could be used by the hardliners in China to convince their country to take action against Taiwan. In this sense at least, cyber-warfare capabilities may increase the probability of war by miscalculation. The briefing stood on less solid ground when turning to the topic of cyber-deterrence. After noting the important, if somewhat apparent problems of recognizing the system had been infiltrated, and attributing the source of the attack, the briefing discussed problems related to whether the country would want to respond to the attack, and even whether the government would want to make it publicly known that it had been attacked at all. It wasn't clear to me, however, whether these points were made to convey the sense that deterrence, at least as the concept is commonly used with regard to nuclear weapons, wouldn't work in cyberspace because countries wouldn't fear retaliation; or, alternatively, if the briefing were using deterrence in the sense of responding in ways that will deter future attacks. This point got murkier when the first person during Q&A reasonably asked: "why would the victim of a cyber attack have to respond in kind?" Dr. Libicki at first fumbled around with this question, by discussing the uses of sanctions and that of armed force, before finally acknowledging that the state could respond in whichever manner it chose. "This becomes a strategic question" Libicki noted, before moving on to the new question. To me, this point is worth dwelling on as it potentially has significant strategic importance for U.S. cyber-strategy moving forward. For instance, it suggests that even though the United States will probably develop the capabilities to institute a "Flexible Response" strategy in the mold of JFK, it would be prudent to follow the precedent of President Eisenhower's "New Look" by reserving to itself the right to respond asymmetrically to cyber attacks. Although we may rely more heavily on the internet and related infrastructure than some of our potential adversaries such as Venezuela or Iran, we also maintain a military that can destroy the very things that these regimes hold dear. This would seem to be the best way to establish an effective cyber-deterrent, at least against weak non-nuclear states. On the other hand, because of the inherent plausible deniability of cyber attacks, limited uses of them may come to be an important aspect of conflict between nuclear armed adversaries, much as the use of terrorism and proxies was during the Cold War, and continues to be in the Indo-Pakistani conflict. From rforno at infowarrior.org Wed Mar 9 16:17:02 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 Mar 2011 17:17:02 -0500 Subject: [Infowarrior] - TARP Police! Step Away From the Bailout Money! Message-ID: <2342B00D-E5CE-490E-95C6-F26EF7C11151@infowarrior.org> TARP Police! Step Away From the Bailout Money! Posted By: Eamon Javers | CNBC Washington, DC Correspondent CNBC.com | 09 Mar 2011 | 12:33 PM ET URL: http://www.cnbc.com/id/41975030/ Early this week, a request for proposal for police car upgrades by the Special Inspector General of the TARP bank bailout program began circulating in Washington. That prompted a lot of head scratching around town: Huh? You mean the mild-mannered auditors who mind the taxpayer money in the $700-plus billion TARP program? What do they need police car upgrades for? It may come as a surprise to people in the financial industry ? it certainly did to me ? but TARP's inspector general (SIGTARP) is not just a financial watchdog. Under its outgoing leader, Neil Barofsky, it has quietly built itself into a full-fledged financial law enforcement agency. It has 45 investigators who are empowered to carry guns and badges, and 27 vehicles with sirens and lights spread out in its branch offices across the country. SIGTARP agents are empowered to make arrests, and they?ve done just that 23 times, according to a spokeswoman. The agency says it is engaged in 142 ongoing criminal and civil investigations, and that it has already recovered assets worth $151.8 million. It?s a law enforcement agency with an expiration date, though ? by law, the agency expires as soon as all taxpayer dollars under TARP have been repaid, although that could be years from now. As early as last summer, SIGTARP agents were participating in raids alongside other law enforcement agencies. They worked with FBI agents in a raid on Colonial Bank in Orlando, Florida in an investigation into possible TARP-related fraud. Witnesses saw armed law enforcement officers in the familiar oversized blue ?raid jackets? with yellow lettering on the back. But the jackets didn?t say ?FBI.? Instead, they were stenciled with the words: ?Federal Agent SIGTARP.? The fact that there?s a brand new law enforcement agency in Washington has cause some angst inside rival agencies, where officials grumble that it doesn?t need gun-carrying agents ? and wonder out loud, if off the record, under what possible circumstances financial fraud investigators would ever need to use their cars? brand-new sirens. In fact, there?s been a lot of scrutiny of those cars, with skeptics noting that the agency's recent call for contracting services noted that it would need to upgrade between one and 35 vehicles at each of its five field offices, including in Washington, New York, Atlanta, Long Beach, and San Francisco. The agency says it is outfitting those vehicles with police-style sirens lights and radios, and that the 35 cars per field office is a theoretical maximum, not the actual number of cars the agency has in the field. ?That?s the standard way you outfit a law enforcement vehicle,? said Kris Belisle, Director of Communications at SIGTARP. ?We?re an independent law enforcement agency. We were set up by Congress to do our own investigations.? And that much is clear. Congress laid out in the original TARP bailout legislation that the agency would have all of the powers of a federal inspector general?one of which has traditionally been hiring people who carry guns and badges, known in federal personnel jargon as ?1811s.? Said one Capitol Hill aide Tuesday, ?I just don?t think you can have too much oversight of TARP ? that?s hundreds of billions of taxpayer dollars.? In case that wasn?t clear enough, Congress returned to the subject of just what exactly the agency is authorized to do in new legislation in March of 2009 that explicitly stated it had ?law enforcement authority.? And that means, guns, badges, sirens and radios. Old Washington hands, who asked to remain anonymous for fear of publicly engaging in bureaucratic turf wars, called the agency's cars and sirens ?ridiculous,? and ?ludicrous.? And not everyone has been paying attention to the emergence of the new police powers. One person who was involved with the creation of TARP expressed surprise when told of SIGTARP?s gun-wielding agents. ?Really?? the person asked. ?Holy ----.? ? 2011 CNBC.com URL: http://www.cnbc.com/id/41975030/ From rforno at infowarrior.org Wed Mar 9 19:42:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 9 Mar 2011 20:42:57 -0500 Subject: [Infowarrior] - Hacking of DuPont, J&J, GE Were Google-Type Attacks That Weren't Disclosed Message-ID: <2A247495-A58B-4A84-812C-12EA0632C768@infowarrior.org> http://www.bloomberg.com/news/print/2011-03-08/hacking-of-dupont-j-j-ge-were-google-type-attacks-that-weren-t-disclosed.html Hacking of DuPont, J&J, GE Were Google-Type Attacks That Weren't Disclosed By Michael Riley and Sara Forden - Mar 8, 2011 The FBI broke the news to executives at DuPont Co. late last year that hackers had cracked the company?s computer networks for the second time in 12 months, according to a confidential Dec. 9, 2010, e-mail discussing the investigation. About a year earlier, DuPont had been hit by the same China- based hackers who struck Google Inc. (GOOG) and unlike Google, DuPont kept the intrusion secret, internal e-mails from cyber-security firm HBGary Inc. show. As DuPont probed the incidents, executives concluded they were the target of a campaign of industrial spying, the e-mails show. The attacks on DuPont and on more than a dozen other companies are discussed in about 60,000 confidential e-mails that HBGary, hired by some of the targeted businesses, said were stolen from it on Feb. 6 and posted on the Internet by a group of hacker-activists known as Anonymous. The companies attacked include Walt Disney Co. (DIS), Sony Corp. (6758), Johnson & Johnson, and General Electric Co., the e-mails show. The incidents described in the stolen e-mails portray industrial espionage by hackers based in China, Russia and other countries. U.S. law enforcement agencies say the attacks have intensified in number and scope over the past two years. ?We are on the losing end of the biggest transfer of wealth through theft and piracy in the history of the planet,? said Democratic Senator Sheldon Whitehouse of Rhode Island, who chaired a U.S. Senate Select Committee on Intelligence task force on U.S. cyber security in 2010. Its classified report addressed weaknesses in network security. Dangers ?Unappreciated? FBI Deputy Assistant Director Steven Chabinsky, who works in the agency?s cyber division, said it would be hard to imagine that the scale of the current range of cyber attacks could grow larger. ?It appears that every industry is being victimized by intrusions,? he said. The companies identified by Bloomberg News from the e-mails never disclosed the security breaches to investors or regulators. Secrecy may be a reason why the dangers of the intrusions are ?underappreciated? by investors and regulators, Whitehouse said in an interview. ?The companies don?t want to disclose it,? he said. ?They want to just basically eat the harm that was done to them and pretend that all is well.? HBGary, based in Sacramento, California, is one of a handful of cyber-security firms, including Santa Clara, California-based McAfee Inc. and Alexandria, Virginia-based Mandiant Corp., that are hired by global companies to investigate illegal computer break-ins and advise on how to prevent them. HBGary shares its forensic findings with other security firms and got information on undisclosed break-ins in return, the e-mails show. Hacker Targets The targets of the recent attacks included energy, pharmaceutical and defense companies, as well as the high-tech manufacturers of global satellite imagery and smart bombs, according to the HBGary e-mails, which include correspondence with clients or potential clients such as DuPont. Executives of attacked companies feared the intrusions would spark questions from investors and regulators about what was stolen, according to the e-mails and interviews with cyber- security experts such as Scott Borg, director of the nonprofit U.S. Cyber Consequences Unit and Kevin Mandia, chief executive officer of Mandiant. All said they can?t discuss specific clients because of nondisclosure agreements. Events considered ?material? must be reported to investors under U.S. securities laws. Google Attacks Google said in January 2010 it had lost intellectual property assets to hackers based in China. It also said that about 20 other companies it declined to identify then and again on March 7 were victims of the same kind of intrusions. Adobe Systems Inc. (ADBE) said it had been attacked by hackers based in China. Intel Corp. (INTC) said it was attacked in a ?sophisticated incident? around the same time as Google. Others remained silent. DuPont denied it had been hacked. The attacks on DuPont were disclosed in some of the stolen HBGary e-mails, which Bloomberg News examined. ?DuPont?s concern and comfort factor was puckered when they received external notice of breach by FBI,? Jim Butterworth, HBGary?s vice president for services, wrote colleagues on Dec. 9, 2010, regarding the second attack. ?DuPont likes that we have close ties to them and other three letter agencies.? Earlier, a DuPont internal investigation had discovered that some of its computers were implanted with spyware during a business trip to China where the PC?s were stored in a hotel safe, according to a Feb. 4, 2010, e-mail by HBGary?s Rich Cummings. ?It?s Personal? ?To DuPont it?s personal,? HBGary investigator Bob Slapnik wrote after a meeting with company managers in December 2009. ?They believe their bad guys are the Chinese who want to catch up and leapfrog them in the global marketplace.? The attacks were done by hackers who represented ?people, organizations and countries that strive to do them harm,? in the view of DuPont managers, Slapnik wrote. A spokesman for China?s embassy in Washington, Wang Baodong, said China is a victim of hacking attacks and ?the wrong target of unwarranted blame.? Its government supports international efforts to fight hacking, he said by e-mail. DuPont spokesman Dan Turner said the company doesn?t comment on ?cyber security-related risks.? Johnson & Johnson (JNJ) spokeswoman Carol Goodrich declined to comment. Representatives of Disney and GE didn?t return phone calls and e-mails seeking comment. A Sony spokeswoman declined to comment and asked not to be identified because of company policy. Energy Company Assault Among HBGary?s clients was Houston-based drilling company Baker Hughes Inc. (BHI), which said it was hacked recently as part of a wide assault on energy companies. Baker Hughes provides advanced drilling equipment and proprietary techniques for assessing the quality and accessibility of oil reserves. HBGary Chief Executive Officer Greg Hoglund wrote in a January e-mail that his company had been tracking cyber attacks against oil and gas companies aimed at ?stealing competitive bids, architectural plans, project definition documents, functional operational aspects to use in competitive bid situations from Siberia to China.? Hoglund wrote in the January e-mail that ?when dealing with energy bids the potential loss is billions.? Butterworth, the HBGary vice president, said the company won?t comment on the e-mails, except to say it was the victim of a crime and the e-mails were stolen. A Baker Hughes spokesman, Gary Flaharty, confirmed in an interview last month that his company?s networks were breached. Baker Hughes decided the intrusion was not a material event and so didn?t file a disclosure with U.S. regulators, he said. Proprietary Data A previous review of HBGary e-mails by Bloomberg News showed hackers also stole proprietary data from Exxon Mobil Corp., Royal Dutch Shell Plc, BP Plc, ConocoPhillips (COP), and Marathon Oil Corp, as well as Morgan Stanley. In e-mails mentioning Sony, J&J, GE and other companies, there?s little detail on what was taken or how deeply the hackers penetrated. Much of the e-mail traffic involved the technical work of hunting hackers who have infiltrated computer networks with stealthy tools. HBGary investigator Sam Maccherola said in an e-mail to two company colleagues that Sony had asked for help in dealing with an attack that ?looks relatively nasty.? In the case of GE, disclosure was enough of a concern that the company?s lawyers reviewed whether to approve the release of malware -- malicious software -- found on their network so that HBGary investigators could analyze it, the e-mails show. Hackers also appear to be widening their targets, stealing information from vendors or contractors that may have strategic data about their clients, including public relations and law firms, Chabinsky said. Law Firm Attack Among those attacked, the e-mails show, was Atlanta-based King & Spalding LLP, the 38th biggest law firm in the country in 2010, according to the National Law Journal. The e-mails don?t indicate what information the hackers targeted. Among King & Spalding?s practice specialties is corporate espionage, according to the firm?s website. Les Zuke, spokesman for King & Spalding, didn?t return phone calls seeking comment. HBGary investigators routinely worked 60 to 80 hours a week to plug holes in networks, often exchanging information about the attacks with other cyber-security firms, as companies fretted they were losing secret data, the e-mails show. ?Battling? Attacks ?I?ve been battling with APT for the last 6 months,? Matthew Babcock, an employee of the CareFirst BlueCross BlueShield, a health insurance provider in Maryland and Washington, wrote in an e-mail to HBGary investigators as he sought help with the intrusion. APT refers to an ?advanced persistent threat,? a sophisticated form of hacking that is difficult to identify and remedy. ?I am sure they are watching me just as I am watching them,? Babcock said. Security experts say that the hackers? techniques now surpass the ability of even the most sophisticated companies to catch them easily. The e-mails show that hackers routinely bypassed firewalls with so-called spear-fishing e-mails that target executives, tricking the companies? own employees into downloading malicious software and infecting their own networks. ?You can?t buy enough security to match the threat today,? said Anup Ghosh, chief executive officer of the cyber security firm Invincea Inc. Suspicious Traffic QinetiQ Group Plc (QQ/), a London-based defense company, found out its secure network had been breached after the FBI noticed suspicious traffic between the Pentagon contractor and an unidentified U.S. government agency, an HBGary report attached to an e-mail shows. The company?s investigation, which HBGary aided, found that the hackers may have gone unnoticed within the breached network for more than a year. ?Given that we continue to find malware from early 2009 it may be a matter of them never having left,? one HBGary investigator wrote in September, as the company struggled to contain the intrusion. ?We?ve made changes to ensure we secure everything as well as possible,? said Sophie Barrett, a QinetiQ spokeswoman. ?We?d rather not continue to give the story life,? she said, declining to comment further. The investigators followed the hackers? electronic footprints from QinetiQ to a command-and-control server that appeared to be directing attacks against at least three other Pentagon contractors, including Alliant Techsystems Inc. (ATK), which makes smart weapons. A spokesman for Minneapolis-based Alliant, Bryce Hallowell, declined to comment on cyber security matters. Arms-Related Data ?They only steal ITAR restricted data,? HBGary?s CEO wrote in an October 2010 e-mail to the FBI, alerting the agency to the other possible breaches. ITAR refers to International Traffic in Arms Regulations, which limit exports of critical defense-related technology. The FBI supervisor responded that he would send over an agent from the Sacramento office over immediately for more information. ?I like to avoid unencrypted e-mail if possible,? the agent wrote back. To contact the reporter on this story: Michael Riley in Washington at michaelriley at bloomberg.net. To contact the editor responsible for this story: Fred Strasser at fstrasser at bloomberg.net From rforno at infowarrior.org Thu Mar 10 23:02:21 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 00:02:21 -0500 Subject: [Infowarrior] - DHS: We Have the Authority to Routinely Strip-Search Air Travelers Message-ID: DHS: We Have the Authority to Routinely Strip-Search Air Travelers The Department of Homeland Security told a federal court that the agency believes it has the legal authority to strip search every air traveler. The agency made the claim at oral argument in EPIC's lawsuit to suspend the airport body scanner program. The agency also stated that it believed a mandatory strip search rule could be instituted without any public comment or rulemaking. EPIC President Marc Rotenberg urged the Washington, DC appeals court to suspend the body scanner program, noting that the devices are "uniquely intrusive" and ineffective. EPIC's opening brief in the case states that the Department of Homeland Security "has initiated the most sweeping, the most invasive, and the most unaccountable suspicionless search of American travelers in history," and that such a change in policy demands that the TSA conduct a notice-and-comment rule making process. The case is EPIC v. DHS, No. 10-1157. For more information, see EPIC: EPIC v. DHS and EPIC: Whole Body Imaging Technology. http://epic.org/2011/03/dhs-we-have-the-authority-to-r.html From rforno at infowarrior.org Thu Mar 10 23:04:15 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 00:04:15 -0500 Subject: [Infowarrior] - Rewriting Pension History Message-ID: Rewriting Pension History Some Big Firms Move to Recognize Gains and Losses in the Years They Occur By MICHAEL RAPOPORT http://online.wsj.com/article/SB10001424052748703662804576188843415326976.html#printMode Some big companies are changing how they account for their pension plans in a way that could make their earnings look better in coming years. AT&T Inc., Verizon Communications Inc. and Honeywell International Inc. recently ended a longstanding practice in which they "smooth" large gains and losses generated by pension assets into their financial results over a period of years. From now on, these companies will count all such gains and losses in the same year they are incurred. While the moves might seem like arcane accounting steps, they have important implications for investors. The companies say the changes will make their earnings reporting more transparent, but they also sweep away tens of billions in past pension losses the companies have yet to smooth into?and hurt?their results. By charging them against their earnings from 2008, when the losses were incurred, they are taking lumps for years that many investors may no longer care about. "They'll put the bad news behind them" said David Zion, an accounting analyst with Credit Suisse. Still, the accounting change will make it clearer to investors how pension plans' performance affects the companies' income statements, where it is factored into operating earnings. And the current rock-bottom interest rates make it a good time to make such a change. Any increases in rates could improve pension-plan performance, and clearing away the old losses will heighten the impact that better performance has on the companies' earnings. Under current accounting rules, companies with defined-benefit pension plans, which promise to pay specified amounts to retirees, have the option to take several years to spread the cost of large pension gains and losses into earnings. That means that when a plan's investment results are much better or worse than expected?as with the 2008 market downturn?it can have a significant effect on earnings for years. For that and other reasons, the system of accounting for pension results in earnings long has been widely criticized. The Financial Accounting Standards Board, the U.S. accounting rule maker, has examined the issue before but hasn't made any changes, though they may revisit it soon. AT&T, Verizon and Honeywell changed their accounting methods on their own initiative. While the details differ, all three said they would start recognizing some or all of their deferred losses in the year they occur, through a "mark-to-market" adjustment to fourth-quarter earnings to reflect their pension plan's returns for the year. All three assessed the bulk of the change's impact against 2008 earnings, the height of the market meltdown. AT&T, for example, said its 2008 pension costs would increase by $24.9 billion because of the change, compared to a $3 billion increase for 2010. The company reduced its 2008 earnings by $15.5 billion as a result, from a profit of $12.9 billion to a loss of $2.6 billion. An increase in interest rates could benefit the companies' pension plans if, as expected, they move higher. That is because pension obligations that may be paid out decades into the future are discounted back to their present value. When rates are low, there's less discounting, and the obligations stay relatively high. But when rates rise, the future obligations will be discounted more aggressively, moving their present value lower. That means a lower base on which the company has to pay interest costs, which could translate into lower pension costs, improved pension performance and better earnings. "Clearly the mark-to-market approach is preferable accounting," said Kathleen Winters, Honeywell's controller. But she acknowledged that "the low interest-rate environment made this a good time to do this." Such factors were "not the driving force behind the change," said an AT&T spokeswoman. "It's about more transparency, a simpler accounting method." A Verizon spokesman declined to comment. AT&T is one of the companies redoing the way it accounts for pensions. General Electric Co. and International Business Machines Corp. plan a related though less-sweeping step. They will start providing data on their operating earnings with some pension-related elements removed. "We just wanted to take it out," said an IBM spokesman. A GE spokeswoman declined to comment. For AT&T, Verizon and Honeywell, the change has a potential downside: Without smoothing of pension results, their earnings may show more year-to-year volatility. A market surge could propel that year's earnings drastically higher, but a plunge could hollow out earnings, leaving investors who don't dig beneath the reported numbers vulnerable to surprises. Though logical for the companies, the change "has a lot of risk" for investors, said Alan Glickstein, a senior consultant at Towers Watson, a human-resources consulting firm. Still, others may follow in the footsteps of the three companies. According to The Analyst's Accounting Observer, 74 companies in the Standard & Poor's 500-stock index had both underfunded pension plans and unrecognized losses equal to at least half their pension assets at the end of 2009. A potential candidate is DuPont Co., which has $9 billion in unrecognized losses. The company's 2010 pretax earnings of $3.7 billion were weighed down by $507 million of past losses that were amortized into its results. Eliminating smoothing would get rid of that weight. Goodyear Tire & Rubber Co. has $3.2 billion in unrecognized losses. Spokesmen for DuPont and Goodyear declined to comment. Write to Michael Rapoport at Michael.Rapoport at dowjones.com From rforno at infowarrior.org Fri Mar 11 06:11:14 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 07:11:14 -0500 Subject: [Infowarrior] - 8.9 quake hits Japan Message-ID: <6E5A3CC9-AA79-4CEB-AB17-79ACA16E036E@infowarrior.org> 40 killed in major tsunami after 8.9 Japan quake By MALCOLM FOSTER, Associated Press Malcolm Foster, Associated Press 6 mins ago http://news.yahoo.com/s/ap/20110311/ap_on_re_as/as_japan_earthquake/print TOKYO ? A massive tsunami spawned by the largest earthquake in Japan's recorded history slammed the eastern coast Friday, sweeping away boats, cars, homes and people as widespread fires burned out of control. Tsunami warnings blanketed the entire Pacific, as far away as South America, Canada, Alaska and the entire U.S. West Coast. Authorities said at least 40 people were killed and 39 missing after the magnitude 8.9 offshore quake unleashed a 23-foot (7-meter) tsunami. The quake was followed by at least 19 aftershocks, most of them of more than magnitude 6.0. The death toll was likely to continue climbing given the scale of the disaster. Dozens of cities and villages along a 1,300-mile (2,100-kilometer) stretch of coastline were shaken by violent tremors that reached as far away as Tokyo, hundreds of miles (kilometers) from the epicenter. "The earthquake has caused major damage in broad areas in northern Japan," Prime Minister Naoto Kan said at a news conference. Japan issued a state of emergency at a nuclear power plant after its cooling system had a mechanical failure. Trouble was reported at two other nuclear plants as well but there was no radiation leak at any. Chief Cabinet Secretary Yukio Edano said the measure at the nuclear power plant in Fukushima was a precaution and that the facility was not in immediate danger. Even for a country used to earthquakes, this one was of horrific proportions because of the tsunami that crashed ashore, swallowing everything on its way as it marched several miles (kilometers) inland before retreating. Large fishing boats and other sea vessels rode high waves into the cities, slamming against overpasses or scraping under them, snapping power lines along the way. Upturned and partially submerged vehicles were seen bobbing in the water. Ships anchored in ports crashed against each other. From rforno at infowarrior.org Fri Mar 11 06:16:55 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 07:16:55 -0500 Subject: [Infowarrior] - Japan Issues Emergency at Nuclear Plant Message-ID: <24E8868B-F723-4B1B-AD49-BFD988FB1072@infowarrior.org> Japan Issues Emergency at Nuclear Plant By YUKA HAYASHI http://online.wsj.com/article/SB10001424052748703597804576194123030511478.html TOKYO?The Japanese government issued an official emergency at one of the country's nuclear plants Friday after a massive earthquake automatically shut down its reactors and caused problems with its cooling system, but said there are currently no reports of radiation leakage. "There are no reports of leakage from any nuclear power plants at the moment and no signs of any leakage," Chief Cabinet Secretary Yukio Edano said Friday. As a result of the state of emergency, the government will set up a special emergency task force to deal with the situation. At Tokyo Electric Power's Fukushima Daiichi plant, three reactors shut down automatically as designed after a magnitude 8.9 earthquake struck off the northeast of Japan on Friday afternoon. The quake also caused diesel-powered generators used to cool the reactors to stop operating, leaving the utility company with a shortage of coolant to bring the reactors to a safe temperature. Meanwhile, the three reactors at Tohoku Electric Power Co.'s Onagawa plant in Miyagi, near the epicenter of the quake, also shut down automatically. A few hours later, the company said that it observed smoke coming from the building housing the No. 1 reactor at the plant. The company said it is still checking the safety of the reactor, but said there has been no reported leakage of radioactive substances. French nuclear engineering group Areva said it hasn't been informed of any impact on its installations in the country. The company operates a joint venture with Mitsubishi Heavy Industries Ltd. and Mitsubishi Corp. specialized in nuclear fuel called MNF, as well as a zirconium making plant, Cezus, which is a fully owned unit of Areva. All other Japanese power companies operating nuclear power plants in the country said their facilities are operating normally. Tokyo Electric filed a report after the shutdown with central and local government authorities. Such reports are filed when there are possibilities of radioactive leakage that may force evacuation of residents, or other emergencies, such as a loss of coolant needed to cool reactors. Three reactors, with a combined generation capacities of 2.03 million kilowatts, are part of the Fukushima Daiichi nuclear plant, located on the Pacific coast in Fukushima prefecture north of Tokyo. The plant's three other reactors weren't operating at the time of the earthquake due to a routine checkup. Tokyo Electric is the operator of Japan's largest nuclear power plant, known as Kashiwazaki-Kariwa, which was shut down for an extended period after a 2007 earthquake that devastated Niigata prefecture on the Sea of Japan coast. The loss of its generation capacity sent Tepco scurrying to boost generation at its thermal power plants. High costs of purchasing fuel oil hurt the company's earnings sharply. It also raised questions about building large nuclear power plants in earth-quake prone areas of the country. That plant wasn't affected by the latest quake. Write to Yuka Hayashi at yuka.hayashi at wsj.com From rforno at infowarrior.org Fri Mar 11 06:20:24 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 07:20:24 -0500 Subject: [Infowarrior] - US Trans-Pacific Partnership proposal leaked Message-ID: <74568251-EC01-44E7-960A-8160999DE282@infowarrior.org> US Trans-Pacific Partnership proposal leaked http://www.theregister.co.uk/2011/03/11/us_tpp_proposal_leaked/ NGO publishes Washington wish-list By Richard Chirgwin ? Get more from this author Posted in Law, 11th March 2011 06:49 GMT The group Knowledge Ecology International has scored a leaked copy of the IP protections the United States has proposed for the so-far-secret Trans-Pacific Partnership treaty. The multi-lateral treaty negotiations include Australia, Brunei Darussalam, Chile, Malaysia, New Zealand, Peru, Singapore, the United States and Vietnam. The IP protections proposed by the US are essentially an American wish-list that would, in some interpretations, override consumer protections that already exist in individual nations (parallel importation rights of CDs, for example, seems under threat were the US proposal adopted). Most disturbing for ISPs ? apart, of course, from the secrecy of the negotiations ? the treaty would impose on signatories an obligation to put content industries' wishes into law. If the treaty were adopted, an "effective notification" of a claimed infringement would be sufficient to place ISPs under obligation to the content owner. If the side-letter offered in the document were adopted as a definition of "effective", the bar for effectiveness is set fairly low: the letter would have to identify the claimant, the work, express the claimant's belief that the information is accurate, and carry a signature. The treaty would also require countries to legislate that ISPs "publicly designate" someone to deal with the vast quantity of frequently inaccurate notifications generated by content industry spambots notifications. Further, the proposed US text demands that ISPs adopt termination policies ? and that they implement service monitoring. Privacy also takes a battering, with the proposal demanding that if an ISP has received ?effective notification? of a ?claimed infringement?, it should identify the alleged infringer (you read that right: your privacy would be overridden not by a court order, but merely by an effective notification of a claim). ? From rforno at infowarrior.org Fri Mar 11 06:21:03 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 07:21:03 -0500 Subject: [Infowarrior] - Sony tweets 'secret' key at heart of PS3 jailbreak case Message-ID: <209F959E-16FE-4D4E-ABCC-F695B4479975@infowarrior.org> Sony tweets 'secret' key at heart of PS3 jailbreak case http://www.theregister.co.uk/2011/02/09/playstation_jailbreak_key_tweeted/ By Dan Goodin in San Francisco ? Get more from this author Posted in Law, 9th February 2011 22:13 GMT An official Sony Twitter account has leaked the PlayStation 3 master signing key at the heart of the company's legal offensive against a group of hackers being sued for showing how to jailbreak the popular game console. Kevin Butler, a fictional PS3 vice president, retweeted the metldr key in what can only be assumed was a colossal mistake. ?Lemme guess... you sank my battleship?? he wrote in a post to the micro-blogging website that has been preserved for all the world to see. It goes on to include the key and the ironic words ?Come at me.? The message was later removed from Butler's tweet stream with no explanation why the key was leaked and then removed. In a lawsuit filed in federal court in San Francisco last month, Sony accused well-known jailbreaker George Hotz, aka geohot, and more than 100 other hackers of violating US copyright law by disclosing the key, which is used to sign games and software that run on the PS3. Last week, Sony expanded its legal dragnet when it filed a series of motions seeking the identity of YouTube and Twitter users who did nothing more than discuss the issuance of the key or view videos showing how the latest hack worked. Sony contends that videos and web postings disclosing the key violate provisions of the Digital Millennium Copyright Act that prohibit the circumvention of technology designed to prevent access to copyrighted material. Two weeks ago, the judge presiding over the case tentatively ruled Sony was likely to prevail on those claims and issued a temporary restraining order to prevent what she said would be ?irreparable harm? if Hotz wasn't required to surrender all his computer gear and remove all references to the hack that he posted online. Sony's gaffe shows just how futile Sony's attempts are to prosecute people who discussed the key, said Stewart Kellar, the San Francisco attorney representing Hotz. ?It just demonstrates that the restraining order here will not prevent imminent irreparable harm to Sony because if there is harm it's already occurred,? he told The Register. ?The key is already out there. Restraining George will not stop the key from being distributed.? A court hearing is scheduled for Thursday in the case so the judge can hear arguments that the temporary restraining order is overbroad and should be rescinded. Sony, which says it's sold about 44 million PS3s, has said its suit is necessary to prevent pirated games from running on the console. Hotz and members of the fail0verflow hacking collective, which in December published a PS3 jailbreak technique independent of Hotz, insist the hacks expand the functionality of the console so it can run custom, ?homebrewed? applications that aren't covered by copyright. Last year, the US Copyright Office exempted iPhone jailbreaking from the DMCA so the handsets can run apps not officially sanctioned by Apple. Game consoles are unaffected by that act. A email sent to Butler and a phone call left to Sony's PR department weren't returned. From rforno at infowarrior.org Fri Mar 11 06:36:35 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 07:36:35 -0500 Subject: [Infowarrior] - TSA revises estimates on using private airport security screeners Message-ID: <8C7DF9C4-1D1B-4B63-82DB-C5629692882D@infowarrior.org> TSA revises estimates on using private airport security screeners By Ed O'Keefe Washington Post Staff Writer Thursday, March 10, 2011; 9:58 PM http://www.washingtonpost.com/wp-dyn/content/article/2011/03/10/AR2011031006039_pf.html A long-simmering dispute on the use of private security screeners at U.S. airports boiled over again this week as the top House Republican on transportation issues accused the Transportation Security Administration of inflating the cost of using such screeners in an effort to keep federal screeners on the job. Under a program overseen by the TSA, 16 airports - including ones in Kansas City, Rochester, N.Y., and San Francisco - use private screeners to inspect airline passengers, baggage and cargo; all other airports rely on federal transportation security officers. TSA Administrator John S. Pistole suspended the program in January, saying he did not see the advantage of expanding it at this point. An agency study published in 2007 estimated that using private screeners would cost 17 percent more than federal screeners. But according to a Government Accountability Office report released this week, the agency revised its estimates in January and now says that private screeners would cost just 3 percent more. The updated estimate accounted for the potential cost of overlapping administrative personnel at airports using private screeners and costs associated with passenger and baggage screening at those airports, including workers' compensation, insurance and retirement expenses, the GAO said. The agency is working to further revise the estimates, according to the report. "It's obvious they tried to cook the books to make it look like the private screening under federal supervision was more expensive," House Transportation and Infrastructure Committee Chairman John L. Mica (R-Fla.) said Thursday during an interview with Washington Post editors and reporters. Mica, who helped author legislation establishing the TSA after the Sept. 11, 2001, terrorist attacks, said the agency "was never intended to grow" to employ more than 40,000 federal screeners and thousands of administrative personnel. He strongly opposed Pistole's decision to halt the private security program, noting that GAO studies have concluded that private screeners perform better than federal agents. "I'll spend any amount of money to make sure the country is safe or passengers are safe or the airline industry is safe. But what I want is the best performance," Mica said. Nicholas Kimball, a TSA spokesman, said the private screening program will continue at the 16 airports and will not expand "unless there are clear and substantial advantages to do so." "This decision aligns with [Pistole's] vision of the agency as a federal counterterrorism network that continues to evolve to keep the traveling public safe," Kimball said in an e-mail. The agency has worked to revise its 2007 estimates since the GAO raised concerns in 2009, but Kimball maintained that "private screening contracts on average cost the government more than a federalized workforce." From rforno at infowarrior.org Fri Mar 11 17:54:50 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 18:54:50 -0500 Subject: [Infowarrior] - Judge Rejects RIAA's Attempt To Claim 'Trillions' In Damages From Limewire Message-ID: <3B936624-5B20-4CDB-AA60-D3C84FB7D7CD@infowarrior.org> Judge Rejects RIAA's Attempt To Claim 'Trillions' In Damages From Limewire from the try-again dept http://www.techdirt.com/articles/20110311/06521713462/judge-rejects-riaas-attempt-to-claim-trillions-damages-limewire.shtml The judge in the Limewire case has rejected the record labels' attempt to say that Limewire should pay statutory damages based on each time an unauthorized file was shared, instead pointing out that, at a maximum, each song is only subject to a single statutory damage amount, no matter how often it was shared. The judge pointed out that the labels were being ridiculous: "Plaintiffs are suggesting an award that is more money than the entire music recording industry has made since Edison's invention of the phonograph in 1877," Wood wrote, citing a Lime Group court filing referring to the inventor Thomas Edison. She called this an "absurd result." From rforno at infowarrior.org Fri Mar 11 17:56:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 18:56:06 -0500 Subject: [Infowarrior] - Show full URLs for bit.ly and goo.gl in Chrome and Firefox Message-ID: Show full URL's for bit.ly and goo.gl in Chrome and Firefox Mar 11, '11 07:30:00AM ? Contributed by: ademsemir Often I avoid clicking on shortened URLs because I don't know where they will take me, especially if they are from someone I don't know. These Chrome extensions for bit.ly and goo.gl will reveal the full URLs when you hover over the shortened URLs. Bit.ly also has an official extension for Firefox. http://hints.macworld.com/article.php?story=201103110522076 From rforno at infowarrior.org Fri Mar 11 18:00:14 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 19:00:14 -0500 Subject: [Infowarrior] - Judge denies request to throw out order seeking WikiLeaks Twitter records Message-ID: Judge denies request to throw out order seeking WikiLeaks Twitter records By Kim Zetter, wired.com | Last updated about an hour ago http://arstechnica.com/tech-policy/news/2011/03/judge-denies-request-to-throw-out-order-seeking-wikileaks-twitter-records.ars A judge presiding over the US government?s request for Twitter records relating to associates of Wikileaks has denied a motion to throw out the request, ruling that the associates don?t have standing to challenge it. The judge also denied a request to unseal the government?s application for the Twitter order. Judge Theresa Buchanan, in the Eastern District of Virginia, ruled that because the government was not seeking content of the Twitter accounts in question (PDF), the subjects did not have standing to challenge the government?s request for the records. Content, under the Stored Communications Act, is ?any information concerning the substance, purport, or meaning of that communication.? ?The Twitter Order does not demand the contents of any communication,? Judge Buchanan writes in her opinion, ?and thus constitutes only a request for records under [the law].? Last December, the Justice Department served Twitter with an order seeking information on several people associated with the secret-spilling site WikiLeaks: Birgitta Jonsdottir, a member of Iceland?s parliament; Julian Assange, founder of WikiLeaks; Bradley Manning, suspected of leaking classified information to WikiLeaks; WikiLeaks? US representative Jacob Appelbaum; and Dutch businessman and activist Rop Gonggrijp. Jonsdottir and Gonggrijp helped WikiLeaks prepare a classified US Army video that the site published last April. According to the court order, unsealed by the court at Twitter?s request, the government sought full contact details for the accounts (phone numbers and addresses), IP addresses used to access the accounts, connection records (?records of session times and durations?) and data transfer information, such as the size of data file sent to someone else and the destination IP. The latter suggested the request was likely a boilerplate form that could also have been submitted to ISPs, e-mail providers and social networking sites like Facebook. The department?s demand for the records is part of a grand jury investigation that?s believed to be probing WikiLeaks for its high-profile leaks of classified US material. It is seeking the records under 18 USC 2703(d), a provision of the 1994 Stored Communications Act that governs law enforcement access to non-content Internet records, such as transaction information. More powerful than a subpoena, but less strong than a search warrant, a 2703(d) order is supposed to be issued when prosecutors provide a judge with ?specific and articulable facts? that show the information sought is relevant and material to a criminal investigation. But the people targeted in the records demand don?t have to be suspected of criminal wrongdoing themselves. In January, after Twitter notified Jonsdottir that the government had sought information about her account, the EFF and the ACLU filed a motion challenging the government?s attempt to obtain the records, asking the court to vacate the order. In their motion, the two groups said the government?s demand for the records violated First Amendment speech rights and Fourth Amendment privacy rights of the Twitter account holders, among other things. The groups also filed motions to unseal records in the case, hoping to gain information about the government?s justification for seeking the records, as well as any information that might indicate if the government had sought similar records from Facebook, ISPs or other service providers. The EFF and the ACLU filed the motion to challenge on Jan. 26, as well as a motion to unseal the filing, which was granted in February. A hearing to discuss the motion to vacate the Twitter order was held in mid-February. In her ruling today, Buchanan discussed whether the government provided sufficient justification in its application to obtain the records. She acknowledged that the complainants were facing an uphill battle in arguing against the legitimacy of the government?s request, since the government?s application is still sealed and therefore unavailable to them. Nonetheless, she concluded that the government?s application stated ?specific and articulable? facts that were sufficient for issuing the Twitter order. The disclosures sought are ?relevant and material? to a legitimate law enforcement inquiry. Also, the scope of the Twitter Order is appropriate even if it compels disclosure of some unhelpful information. Indeed, ?2703(d) is routinely used to compel disclosure of records, only some of which are later determined to be essential to the government?s case. Thus, the Twitter Order was properly issued pursuant to ?2703(d). She further ruled that the request did not violate the account holder?s First Amendment rights since the order did not seek to control their speech or their associations. Nor did it violate the Fourth Amendment because the accountholders did not have a reasonable expectation of privacy over subscriber information they freely provided to Twitter. ?Similarly, the Fourth Amendment permits the government to warrantlessly install a pen register to record numbers dialed from a telephone because a person voluntarily conveys the numbers without a legitimate expectation of privacy,? Judge Buchanan writes. An attorney with EFF told Threat Level that her group plans to appeal the decision. From rforno at infowarrior.org Fri Mar 11 18:42:49 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 19:42:49 -0500 Subject: [Infowarrior] - TSA to retest airport body scanners for radiation Message-ID: TSA to retest airport body scanners for radiation By Alison Young and Blake Morrison, USA TODAY Updated 26m ago | http://www.usatoday.com/news/washington/2011-03-11-tsa-scans_N.htm# The Transportation Security Administration announced Friday that it would retest every full-body X-ray scanner that emits ionizing radiation ? 247 machines at 38 airports ? after maintenance records on some of the devices showed radiation levels 10 times higher than expected. The TSA says that the records reflect math mistakes and that all the machines are safe. Indeed, even the highest readings listed on some of the records ? the numbers that the TSA says were mistakes ? appear to be many times less than what the agency says a person absorbs through one day of natural background radiation. Even so, the TSA has ordered the new tests out of "an abundance of caution to reassure the public," spokesman Nicholas Kimball says. The tests will be finished by the end of the month, and the results will be released "as they are completed," the agency said on its website. TSA officials have repeatedly assured the public and lawmakers that the machines have passed all inspections. The agency's review of maintenance reports, launched Dec. 10, came only after USA TODAY and lawmakers called for the release of the records late last year. The agency posted reports Friday from 127 X-ray-emitting devices on its website and said it would continue to release results from maintenance tests for the approximately 4,500 X-ray devices at airports nationwide. Those devices include machines that examine checked luggage. Of the reports posted, about a third showed some sort of error, Kimball said. The TSA announced steps to require its maintenance contractors to "retrain personnel involved in conducting and overseeing the radiation survey process." Some lawmakers remain concerned, however. The TSA "has repeatedly assured me that the machines that emit radiation do not pose a health risk," Sen. Susan Collins, R-Maine, said in a written statement Friday. "Nonetheless, if TSA contractors reporting on the radiation levels have done such a poor job, how can airline passengers and crew have confidence in the data used by the TSA to reassure the public?" She said the records released Friday "included gross errors about radiation emissions. That is completely unacceptable when it comes to monitoring radiation." U.S. Rep. Jason Chaffetz, R-Utah, also was troubled by the information posted by the TSA. Chaffetz, R-Utah, chairs a House oversight subcommittee on national security and has sponsored legislation to limit the use of full-body scans. He has been pushing the TSA to release the maintenance records. At best, Chaffetz said, the radiation reports generated by TSA contractors reveal haphazard oversight and record-keeping in the critical inspection system the agency relies upon to ensure millions of travelers aren't subjected to excessive doses of radiation. "It is totally unacceptable to be bumbling such critical tasks," Chaffetz said. "These people are supposed to be protecting us against terrorists." In the past, the TSA has failed to properly monitor and ensure the safety of X-ray devices used on luggage. A 2008 report by the worker safety arm of the Centers for Disease Control and Prevention found that the TSA and its maintenance contractors had failed to detect when baggage X-ray machines emitted radiation beyond what regulations allowed. They also failed to take action when some machines had missing or disabled safety features, the report shows. Chaffetz said the TSA's characterization of the maintenance mistakes "sounds like an excuse rather than the real facts." "I'm tired of excuses," Chaffetz said. "The public has a right and deserves to know. It begs the question, 'What are they still not sharing with us?' These are things you cannot make mistakes with." Chaffetz said he expects to address some of his concerns during a hearing Wednesday. The full-body scanners, called backscatter devices, are supposed to deliver only a tiny amount of radiation ? about as much as an airplane passenger gets during two minutes of a typical flight. Peter Rez, a physics professor at Arizona State University, said Friday he wanted to scrutinize the 2,000 pages of reports the TSA posted. He has expressed concerns about the potential for the scanners to break and the importance of proper maintenance and monitoring. "Mechanical things break down," Rez told USA TODAY in December. Rez also has voiced fears about the potential for a passenger to get an excessive dose of radiation or even a radiation burn if the X-ray scanning beam were to malfunction and stop on one part of a person's body for an extended period of time. He said Friday that the contractor mistakes TSA identified only heighten his concerns. "What happens in times of failure, when they can give very, very high radiation doses. I'm totally unconvinced they have thought that through," Rez said of the TSA. "I just see a large, bumbling bureaucracy. Of course it's not very reassuring." The TSA's Kimball disputed such characterizations. "Numerous independent tests have confirmed that these technologies are safe, but these record-keeping errors are not acceptable," he said. For instance, "the testing procedure calls for the technician to take 10 separate scans" for radiation levels, "add them up and then divide by 10 to take an average. They didn't divide by 10," Kimball said. "We're taking a number of steps to ensure the mistakes aren't repeated," he said, "and the public will be able to see for themselves by reviewing all future reports online." The TSA is responsible for the safety of its own X-ray devices. The U.S. Food and Drug Administration has said it does not routinely inspect airport X-ray machines because they are not considered medical devices. The TSA's airport scanners are exempt from state radiation inspections because they belong to a federal agency. Some of the records were written by employees of the machines' maker: Rapiscan Systems. In a written statement, the company's executive vice president, Peter Kant, said, "The mistakes were the result of calculating and procedural errors that were identified by Rapiscan management and have been corrected. In actuality, the systems in these airports have always been well below acceptable exposure limits." Rapiscan Systems said in a Dec. 15 letter to the TSA that company engineers who tested the backscatter machines were confused by inspection forms and instructions, leading them to make mistakes on the forms that vastly inflated the radiation emitted by the machines. Rapiscan vowed to redesign its inspection forms and retrain its engineers. The TSA released inspection reports from 40 backscatter machines, and reports for 19 of those machines had errors, including six that were deemed "considerable." In a written statement sent to USA TODAY, TSA Administrator John Pistole said the equipment is safe. "Independent third-party testing has confirmed that all TSA technology is safe," Pistole said. "We are also taking additional steps to build on existing safety measures in an open and transparent way, including commissioning an additional independent entity to evaluate these protocols." Contributing: Thomas Frank and Brad Heath From rforno at infowarrior.org Fri Mar 11 21:55:55 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 11 Mar 2011 22:55:55 -0500 Subject: [Infowarrior] - Emergency oxygen secretly removed from all U.S. airplane bathrooms Message-ID: <4AF80FBF-4C20-408E-830A-C878C4677D05@infowarrior.org> Emergency oxygen secretly removed from all U.S. airplane bathrooms http://www.king5.com/news/national/Oxygen-masks-secretly-removed-from-all-US-airplane-bathrooms-117829748.html Emergency oxygen secretly removed from all U.S. airplane bathrooms by KING 5 News KING5.com Posted on March 11, 2011 at 3:21 PM Updated today at 7:29 PM SEATTLE ? If you're doing your business in an airplane lavatory and the plane suddenly decompresses, you won't have access to oxygen anymore, according to published reports. The FAA secretly ordered every U.S. airline last month to empty or remove emergency oxygen tanks in all their airplane lavatories. Air Worthiness Directive 2011-04-09, as it is called, has reportedly been enacted on 6,000 airplanes across the country. The concern is security. The FAA says oxygen generators in those lavatories could be used by terrorists to take down airplanes by turning the canisters into explosive devices, the FAA told NBC News. The directive was kept secret from the public until now. ?Had the FAA publicized the existence of this security vulnerability prior to airlines fixing it, thousands of planes across the U.S. and the safety of passengers could have been at risk,? the FAA told NBC. This now means that if you are in the lavatory and there is a sudden loss of cabin pressure, you'll have to scramble back to your seat to get your oxygen. Flight attendants have been trained to assist passengers to quickly get access to oxygen, even those in the bathroom, said the FAA. But critics of the move say it turns the lavatory into a potential death trap for passengers. "By eliminating the source of oxygen for the unlucky souls in the bathroom, you?ve just killed those people," aviation safety expert Arthur Alan Wolk told NBC. "I?m panicking just thinking about this," said Kate Hanni, executive director of Flyersrights.org, a nonprofit airline passengers' rights organization. The FAA says it's working with airplane manufacturers to design a new lavatory oxygen system. There have been only 12 incidents in the past ten years of pressure loss at cruising altitudes, the FAA said. From rforno at infowarrior.org Sat Mar 12 08:35:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 12 Mar 2011 09:35:29 -0500 Subject: [Infowarrior] - Anonymous To Release Documents Proving Bank Of America Committed Fraud This Monday Message-ID: (http://www.zerohedge.com) Hacker Collective Anonymous To Release Documents Proving Bank Of America Committed Fraud This Monday By Tyler Durden Created 03/11/2011 - 22:03 After Julian Assange crashed and burned in his threat to release documents that expose fraud at Bank of America, many thought he had been only bluffing, and that BofA is actually clean. Not so fast. A member of the hacker collective Anonymous, which singlehandedly destroyed "hacker defense" firm HB Gary [1], who goes under the handle OperationLeakS [2]"is claiming to be have emails and documents which prove "fraud" was committed by Bank of America employees, and the group says it'll release them on Monday" reports Gawker [3]. As to the contents of the possible disclosure: ""He Just told me he have GMAC emails showing BoA order to mix loan numbers to not match it's Documents. to foreclose on Americans.. Shame." If indeed this makes the case against BofA' foreclosure practices stronger, it certainly explains why the banking consortium is scrambling to arrange a settlement, and also why Bank of America recently split off its $2 trillion in mortgages [4]into "good bank" and "bad bank" entities. As a "teaser", the Anonymous member released a November 1, 2010 email between two Balboa Insurance (a BAC subsidiary) employees, which while not proving any fraud, indicates he/she does indeed have access. The timeline on the email makes sense as it is a few weeks prior to the original disclosure [5]that Wikileaks would expose BofA. Perhaps the Assange team merely handed off its materials to Anonymous, which has previously demonstrated its solidarity with the Australian on various occasions. The full letter is below. [6] Gawker with more on why Brian Moynihan may not sleep too soundly overnight: OperationLeaks, which runs the anti-Bank of America site BankofAmericasuck.com [7], says the employee contacted the group to blow the whistle on Bank of America's shady business practices. "I seen some of the emails? I can tell you Grade A Fraud in its purest form?" read one tweet. "He Just told me he have GMAC emails showing BoA order to mix loan numbers to not match it's Documents.. to foreclose on Americans.. Shame." An Anonymous insider told us he believes the leak is real. "From what I know and have been told, it's legit," he said. "Should be a round of emails, then some files, possible some more emails to follow that." The documents should be released Monday on Anonleaks.ch [8], the same site where Anonymous posted [9] thousands of internal emails from hacked security company HBGary last month. That leak exposed [10] a legally-questionable plot to attack Wikileaks and ultimately led to the resignation [11] of HBGary CEO Aaron Barr. It is unclear whether this will be yet another climax-free build up, but Anonymous has certainly proven their mettle by putting HBGary effectively out of business with one masterful hack. Those I've spoken to in Anonymous are convinced there's something to this. Anonymous has a proven track record with leaks, and Bank of America has been in their crosshairs since they cut off [12] payments to Wikileaks in December. If it's real, it could be big. Keep your eye on anonleaks.ch: It should hit Monday. We urge readers to check into http://hbgary.anonleaks.ch/ [13] first thing Monday - after all this is the portal that released the original damning HBGary evidence, and brought down the firm within weeks. If it can do the same with Bank of America, Monday may just soon be a national holiday. h/t MM BAC Bad Bank Bank of America GMAC Source URL: http://www.zerohedge.com/article/hacker-collective-anonymous-release-documents-proving-bank-america-committed-fraud-monday Links: [1] http://www.businessweek.com/magazine/content/11_12/b4220066790741.htm [2] http://twitter.com/#!/operationleaks [3] http://gawker.com/#!5781158/what-does-anonymous-have-on-bank-of-america [4] http://www.bloomberg.com/news/2011-03-08/bofa-segregates-almost-half-its-mortgages-into-bad-bank-under-laughlin.html [5] http://www.zerohedge.com/article/wikileaks-next-target-big-us-bank [6] http://www.zerohedge.com/sites/default/files/images/user5/imageroot/von havenstein/Balboa.jpg [7] http://bankofamericasuck.com/ [8] http://anonleaks.ch/ [9] http://gawker.com/#!5758753/anonymous-hackers-launch-wikileaks-for-normal-people [10] http://www.nytimes.com/2011/02/12/us/politics/12hackers.html [11] http://blogs.forbes.com/andygreenberg/2011/02/28/hbgary-federals-aaron-barr-resigns-after-anonymous-hack-scandal/ [12] http://www.newser.com/story/107862/bank-of-america-cuts-off-wikileaks.html [13] http://hbgary.anonleaks.ch/ From rforno at infowarrior.org Sat Mar 12 08:36:33 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 12 Mar 2011 09:36:33 -0500 Subject: [Infowarrior] - Explosion Rocks Japan Nuclear Plant After Quake Message-ID: March 12, 2011 Explosion Rocks Japan Nuclear Plant After Quake http://www.nytimes.com/2011/03/13/world/asia/13nuclear.html?_r=1&hp=&pagewanted=print By MARTIN FACKLER AND MATTHEW L. WALD TOKYO ? An explosion at a crippled nuclear power plant in northern Japan on Saturday blew the roof off one building and caused a radiation leak of unspecified proportions, escalating the emergency confronting Japan?s government a day after an earthquake and tsunami devastated parts of the country?s northeastern coast. Japanese television showed a cloud of white-gray smoke from the explosion billowing up from a stricken reactor at the Fukushima Daiichi Nuclear Power Station Saturday afternoon, and officials said leaks of radiation from the plant prompted them to expand the evacuation area around the facility to a 12-mile radius. Government officials said that the explosion, caused by a build-up of pressure in the reactor after the cooling system failed, destroyed the concrete structure surrounding the reactor but did not collapse the critical steel container inside. They said that raised the chances that they could prevent the release of large amounts of radioactive material and could avoid a core meltdown at the plant. "We?ve confirmed that the reactor container was not damaged. The explosion didn?t occur inside the reactor container. As such there was no large amount of radiation leakage outside," Japan?s Chief Cabinet Secretary Yukio Edano said in a news conference Saturday evening. "At this point, there has been no major change to the level of radiation leakage outside, so we?d like everyone to respond calmly." Tokyo Electric Power, which operates the plant, which is located 160 miles north of Tokyo, now plans to fill the reactor with sea water to cool it down and reduce pressure. The process would take five to 10 hours, Mr. Edano said, expressing confidence that the operation could ?prevent criticality.? But the crisis at the aging plant confronted Japan with its worst nuclear accident ? and perhaps the biggest mishap at a nuclear plant since the Chernobyl nuclear disaster in 1986. Japanese nuclear safety officials and international experts said that because of crucial design differences the release of radiation at the Fukushima plant would likely be much smaller than at Chernobyl even if the Fukushima plant has a complete core meltdown, which they said it had not. But the problems at the plant are certain to worsen concerns about the safety record and reliability of Japan?s extensive nuclear power facilities, which have been criticized for major safety violations in the past. The vulnerability of nuclear plants to earthquakes was also underscored by ongoing problems at the cooling system of reactors at a second nearby plant, known as Daini, which prompted a smaller evacuation from surrounding communities. Tokyo Electric Power said the explosion happened ?near? the No. 1 reactor at Daiichi at around 3:40 p.m. Japan time on Saturday. It said four of its workers were injured in the blast. Officials said even before the explosion that they had detected cesium, an indication that some of the nuclear fuel was already damaged. In the form found in reactors, radioactive cesium is a fragment of a uranium atom that has been split. In normal operations, some radioactivity in the cooling water is inevitable, because neutrons, the sub-atomic particles that carry on the chain reaction, hit hydrogen and oxygen atoms in the water and make those radioactive. But cesium, which persists far longer in the environment, comes from the fuel itself. Naoto Sekimura, a professor at Tokyo University, told NHK, Japan?s public broadcaster, that ?only a small portion of the fuel has been melted. But the plant is shut down already, and being cooled down. Most of the fuel is contained in the plant case, so I would like to ask people to be calm.? Both the Daiichi and Daini plants were shut down during Friday?s earthquake. But the loss of power in the area and damage to the plant?s generators from the subsequent tsunami crippled the cooling systems, which need to function after a shut down to cool down nuclear fuel rods. Malfunctioning cooling systems allowed pressure to build up beyond the design capacity of the reactors. Early Saturday officials had said that small amounts of radioactive vapor were expected to be released into the atmosphere to prevent damage to the containment systems and that they were evacuating tens of thousands of people living around the plants as a precaution. Those releases apparently did not prevent the buildup of hydrogen inside the reactor, which ignited and exploded Saturday afternoon, government officials said. They said the explosion itself probably did not result in dramatic increases in the amount of radioactive material being released into the atmosphere, but they expanded the evacuation area around the Daiichi plant from a six-mile radius to a 12-mile radius. Safety officials continued to insist that the levels of radiation were not large enough to threaten the health of people outside the plants, but they also told people living in the vicinity to cover their mouths and stay indoors. Earlier on Saturday, before the explosion, a Japanese nuclear safety panel said the radiation levels were 1,000 times above normal in a reactor control room at the Daiichi plant. Some radioactive material had also seeped outside, with radiation levels near the main gate measured at eight times normal, NHK quoted nuclear safety officials as saying. The emergency at the Daiichi plant began shortly after the earthquake struck on Friday afternoon. Emergency diesel generators, which had kicked in to run the reactor?s cooling system after the electrical power grid failed, shut down about an hour after the earthquake. There was speculation that the tsunami had flooded the generators and knocked them out of service. For some time after the quake, the plant was operating in a battery-controlled cooling mode. Tokyo Electric said that by Saturday morning it had also installed a mobile generator at Daiichi to ensure that the cooling system would continue operating even after reserve battery power was depleted. Even so, the company said it needed to conduct ?controlled containment venting? in order to avoid an ?uncontrolled rupture and damage? to the containment unit. Why the controlled release of pressure on Saturday did not succeed in addressing the problem at the reactor was not immediately explained. Tokyo Electric and government nuclear safety officials also did not explain the precise sequence of failures at the plant. Daiichi and other nuclear facilities are designed with extensive backup systems that are supposed to function in emergencies to ensure the plants can be shut down safely. At Daiichi, a pump run by steam, designed to function in the absence of electricity, was adding water to the reactor vessel, and as that water boiled off, it was being released. Such water is usually only slightly radioactive, according to nuclear experts. As long as the fuel stays covered by water, it will remain intact, and the bulk of the radioactive material will stay inside. But if fresh water cannot be pumped into the containment vessel and the cooling water evaporates, the nuclear fuel is exposed, which can result in a meltdown. Japan relies heavily on nuclear power, which generates just over one-third of the country?s electricity. Its plants are designed to withstand earthquakes, which are common, but experts have long expressed concerns about safety standards, particularly if major quake hit close to a reactor. One major concern is that while plant operators can quickly shut down a nuclear reactor, they cannot allow the cooling systems to stop working. Even after the plant?s chain reaction is stopped, its fuel rods produce about six percent as much heat as they do when the plant is running. The production of heat drops off sharply in the following hours, but continued cooling is needed or the water will boil away and the fuel will melt, releasing the uranium fragments inside. Heat from the nuclear fuel rods must be removed by water in a cooling system, but that requires power to run the pumps, align the valves in the pipes and run the instruments. The plant requires a continuous supply of electricity even after the reactor stops generating power. With the steam-driven pump in operation, pressure valves on the reactor vessel would open automatically as pressure rose too high, or could be opened by operators. ?It?s not like they have a breach; there?s no broken pipe venting steam,? said Margaret E. Harding, a nuclear safety consultant who managed a team at General Electric, the reactors? designer, that analyzed pressure buildup in reactor containments. ?You?re getting pops of release valves for minutes, not hours, that take pressure back down.? Civilian power reactors are designed with emergency diesel generators to assure the ability to continue cooling even during a blackout. Many reactors have two, assuring redundancy; some have three, so that if one must be taken out of service for maintenance, the plant can still keep running. It was not immediately clear how many diesel generators there are at Daiichi, but the operators reported earlier in the day that they were not working, prompting the evacuation. Daiichi, which is formally known as Fukushima Daiichi Nuclear Power Station, was designed by General Electric and entered commercial service in 1971. It was probably equipped to function for some hours without emergency diesel generators, said David Lochbaum, who worked at three American reactor complexes that use G.E. technology. Mr. Lochbaum, who also worked as an instructor for the Nuclear Regulatory Commission on G.E. reactors, said that such reactors were equipped to ride out interruptions in electrical power by using pumps that could be powered by steam, which would still be available in case of electric power failure. Valves can be opened by motors that run off batteries, he said. Plants as old as Fukushima Daiichi 1 generally have batteries that are large enough to operate for four hours, he said. After that, he said, the heat production in the core is still substantial but has been reduced. The heat would boil away the cooling water, raising pressure in the reactor vessel, until automatic relief valves opened to let out some of the steam. Then the valves would close and the pressure would start building again. If the cooling system remains inoperative for many hours, the water will eventually boil away, he said, and the fuel will begin to melt. That is what happened at Three Mile Island. In that case, the causes were mechanical failure, operator error and poor design, according to government investigators. Yasuko Kamiizumi contributed reporting from Tokyo, Alan Cowell from Paris and Ken Belson from New York. From rforno at infowarrior.org Sat Mar 12 21:38:48 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 12 Mar 2011 22:38:48 -0500 Subject: [Infowarrior] - Partial meltdown likely under way at power plant, Japanese official says Message-ID: <572079C0-2DA1-42B6-9C90-E17689B27846@infowarrior.org> Partial meltdown likely under way at power plant, Japanese official says By Steven Mufson Washington Post Staff Writer Saturday, March 12, 2011; 10:33 PM http://www.washingtonpost.com/wp-dyn/content/article/2011/03/12/AR2011031205493_pf.html A partial meltdown is likely under way at one nuclear power plant affected by Friday's earthquake, according to Japan's top government official, the Associated Press reports. Chief Cabinet Secretary Yukio Edano said radiation at the plant in Fukushima was briefly above legal limits but has declined significantly. Tokyo Electric Power Co., owner of two heavily damaged nuclear power complexes near the center of Friday's earthquake, told Japanese regulators earlier Sunday that it faced a new emergency at one of its 10 reactors, even as it struggled to bring several others under control. Earlier, the big electric utility took the unprecedented step of pumping seawater mixed with boric acid into the core of Fukushima Daiichi's Unit 1 reactor to tame ultra-high temperatures from fuel rods that had been partially exposed. In keeping with the natural as well as mechanical challenges of the week, the company had to delay the plan briefly after another, more mild, earthquake rocked the area and led to another tsunami warning. The battle at that reactor was just one of several being waged in the worst nuclear power crisis in a quarter-century. Tokyo Electric said it had also vented or planned to vent steam and gas containing small amounts of radioactivity from seven of its reactor units. The company said that one employee, who had been working inside a reactor building, had been hospitalized for radiation exposure. While Japanese authorities tried to calm citizens, they also began evacuating more than 200,000 residents from a 12.5-mile radius around two nuclear power complexes, made preparations to distribute potassium iodide pills, and warned people in the vicinity to stay inside and cover their mouths if they ventured outdoors. Federal safety agency officials said that as many as 160 people had been exposed to radiation from the plants. "Only the gravest danger would justify an evacuation at such a moment," said Peter Bradford, a former commissioner at the U.S. Nuclear Regulatory Commission. The evacuation, wider than announced the day before, followed an explosion Saturday that destroyed a building that housed both the reactor vessel and its containment building. Four workers were injured, but Japanese authorities said the containment building was intact. The explosion was yet another indicator of dire problems inside Fukushima Daiichi Unit 1, problems that might be plaguing other units as well. The explosion was caused by hydrogen, which nuclear experts said could only have been produced from inside the reactor vessel by the exposure of zirconium cladding that surrounds the fuel rods. Those rods are supposed to be covered by water, but at extremely high temperatures, steam reacts with the zirconium and produces hydrogen. When pressure rose in the reactor vessel, it vented the gas into the containment building that surrounds it for just such an emergency. But experts believe that devices designed to ignite the hydrogen before it reached dangerous levels were not working because of power failures. Those power failures helped start the crisis at the nuclear plants. After grid power was knocked out by the quake, the tsunami flooded and disabled backup diesel generators, and battery power ran out. Margaret Harding, a U.S. nuclear safety consultant in touch with experts in Japan, said that the entire complex was blacked out for a period of time before new backup generators arrived. Another indication that the fuel rods in Fukushima Daiichi Unit 1 were exposed is that Japan's Nuclear and Industrial Safety Agency (NISA) said Saturday that the reactor could be nearing a meltdown and that two radioactive substances, cesium and radioactive iodine, had already been detected nearby. The explosion also rattled public confidence, sparking a run on bottled water in Tokyo. Japan has an ambivalent relationship with nuclear issues. As victim of the only wartime nuclear bombings, it opposes such weapons. But as a resource-scarce country, it has turned to nuclear power to help fuel its economy. Japan's dependence on nuclear energy soared after 1973 in response to skyrocketing oil prices that year. In 2002, the country mapped a future that sought to decrease the country's greenhouse gas emissions by further increasing its reliance on nuclear power. Current plans call for 50 percent of the country's electricity to come from nuclear plants by 2017, up from about 30 percent today. The country has 54 nuclear reactors. Fukushima Daiichi Unit 1 is one of the oldest operating nuclear plants in Japan, turning 40 years old on March 26. NISA, the country's regulatory authority for the sector, licenses reactors to operate for 40 years - meaning that Unit 1 was scheduled to be taken offline this month. It is unclear whether NISA had planned to extend the reactor's license. There are 23 reactors in the United States with the same design as Fukushima Daiichi Unit 1. Experts said that the decision to pump seawater into the unit was a recognition that the elaborate system of valves, pumps and pipes, and the layers of steel and concrete, might not be enough to guarantee that the nuclear facility could avoid a disaster of Chernobyl proportions. The water and boric acid would absorb neutrons, Tokyo Electric said. But experts said it would also make it unlikely that the plant would operate again. "We're past worrying about ruining the reactor," said Victor Gilinsky, another former commissioner at the U.S. Nuclear Regulatory Commission. "It's gone." Already, Tokyo Electric reported that radiation levels next to the Unit 1 building had increased nearly a hundredfold. The Nuclear Energy Institute said that the incident at Fukushima Daiichi had been given a rating of 4 on its 7-point International Nuclear and Radiological Event Scale, lower than the 5 earned by the 1979 Three Mile Island incident in Pennsylvania and the 7 earned by the 1986 Chernobyl disaster. But many experts said it was too early to reach conclusions while new information was emerging. Meanwhile, Tokyo Electric was still trying to get control over reactors at its Fukushima Daini site. A water condensate system used to supplement the cooling system at Fukushima Daini Unit 1 stopped working when temperatures reached 100 degrees Celsius. Tokyo Electric also announced that it would carry out controlled releases to ease pressure in the containments of all four units at Fukushima Daini. Nuclear safety experts were seeking answers to other questions about Japan's nuclear facilities that have been obscured by the focus on the Fukushima reactors. The nuclear plants also have spent fuel pools that some experts say may have spilled during the earthquake and its aftershocks. Tokyo Electric has not commented yet on those pools, which in the case of the GE-designed reactors are located on the roof, possibly making them vulnerable. Similar pools are found at other nuclear power plants around the country. The U.S. government and private companies said they had offered assistance to Japan but had not received any requests. The Energy Department said it was "in close contact" with its Japanese counterparts and would "provide whatever assistance they request to help them bring the reactors under control." Post a Comment From rforno at infowarrior.org Sun Mar 13 12:25:52 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 13 Mar 2011 13:25:52 -0400 Subject: [Infowarrior] - OT: Video - "Tron: The Next Day" Message-ID: Watch "Tron: The Next Day," a short film about what happened between Tron and Tron Legacy Cyriaque Lamar ? Tron: The Next Day (Flynn Lives Revealed) is a 10-minute short that fills in the backstory between the first and second films. It recently appeared on YouTube and contains unused footage from Tron Legacy. The short also bears a passing resemblance to the teaser short that was rumored to be on the Tron Legacy DVD come April, but it doesn't have any overt spoilers for Tron 3 (or TR3N or THRON or TRIN or whatever). I'm guessing Tron: The Next Day will pop up on the home release as well. http://io9.com/#!5781451/watch-tron-the-next-day-a-short-film-about-what-happened-between-tron-and-tron-legacy From rforno at infowarrior.org Sun Mar 13 16:36:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 13 Mar 2011 17:36:59 -0400 Subject: [Infowarrior] - Engineering analysis of Fukushima situation Message-ID: http://morgsatlarge.wordpress.com/2011/03/13/why-i-am-not-worried-about-japans-nuclear-reactors/ I know this is a fairly full on statement from someone posting his very first blog. It will also be far and away the most well written, intelligent post I ever make (I hope!) It also means I am not responsible for its content. This post is by Dr Josef Oehmen, a research scientist at MIT, in Boston. He is a PhD Scientist, whose father has extensive experience in Germany?s nuclear industry. I asked him to write this information to my family in Australia, who were being made sick with worry by the media reports coming from Japan. I am republishing it with his permission. It is a few hours old, so if any information is out of date, blame me for the delay in getting it published. This is his text in full and unedited. It is very long, so get comfy. I am writing this text (Mar 12) to give you some peace of mind regarding some of the troubles in Japan, that is the safety of Japan?s nuclear reactors. Up front, the situation is serious, but under control. And this text is long! But you will know more about nuclear power plants after reading it than all journalists on this planet put together. There was and will *not* be any significant release of radioactivity. By ?significant? I mean a level of radiation of more than what you would receive on ? say ? a long distance flight, or drinking a glass of beer that comes from certain areas with high levels of natural background radiation. I have been reading every news release on the incident since the earthquake. There has not been one single (!) report that was accurate and free of errors (and part of that problem is also a weakness in the Japanese crisis communication). By ?not free of errors? I do not refer to tendentious anti-nuclear journalism ? that is quite normal these days. By ?not free of errors? I mean blatant errors regarding physics and natural law, as well as gross misinterpretation of facts, due to an obvious lack of fundamental and basic understanding of the way nuclear reactors are build and operated. I have read a 3 page report on CNN where every single paragraph contained an error. We will have to cover some fundamentals, before we get into what is going on. Construction of the Fukushima nuclear power plants The plants at Fukushima are so called Boiling Water Reactors, or BWR for short. Boiling Water Reactors are similar to a pressure cooker. The nuclear fuel heats water, the water boils and creates steam, the steam then drives turbines that create the electricity, and the steam is then cooled and condensed back to water, and the water send back to be heated by the nuclear fuel. The pressure cooker operates at about 250 ?C. The nuclear fuel is uranium oxide. Uranium oxide is a ceramic with a very high melting point of about 3000 ?C. The fuel is manufactured in pellets (think little cylinders the size of Lego bricks). Those pieces are then put into a long tube made of Zircaloy with a melting point of 2200 ?C, and sealed tight. The assembly is called a fuel rod. These fuel rods are then put together to form larger packages, and a number of these packages are then put into the reactor. All these packages together are referred to as ?the core?. The Zircaloy casing is the first containment. It separates the radioactive fuel from the rest of the world. The core is then placed in the ?pressure vessels?. That is the pressure cooker we talked about before. The pressure vessels is the second containment. This is one sturdy piece of a pot, designed to safely contain the core for temperatures several hundred ?C. That covers the scenarios where cooling can be restored at some point. The entire ?hardware? of the nuclear reactor ? the pressure vessel and all pipes, pumps, coolant (water) reserves, are then encased in the third containment. The third containment is a hermetically (air tight) sealed, very thick bubble of the strongest steel and concrete. The third containment is designed, built and tested for one single purpose: To contain, indefinitely, a complete core meltdown. For that purpose, a large and thick concrete basin is cast under the pressure vessel (the second containment), all inside the third containment. This is the so-called ?core catcher?. If the core melts and the pressure vessel bursts (and eventually melts), it will catch the molten fuel and everything else. It is typically built in such a way that the nuclear fuel will be spread out, so it can cool down. This third containment is then surrounded by the reactor building. The reactor building is an outer shell that is supposed to keep the weather out, but nothing in. (this is the part that was damaged in the explosion, but more to that later). Fundamentals of nuclear reactions The uranium fuel generates heat by nuclear fission. Big uranium atoms are split into smaller atoms. That generates heat plus neutrons (one of the particles that forms an atom). When the neutron hits another uranium atom, that splits, generating more neutrons and so on. That is called the nuclear chain reaction. Now, just packing a lot of fuel rods next to each other would quickly lead to overheating and after about 45 minutes to a melting of the fuel rods. It is worth mentioning at this point that the nuclear fuel in a reactor can *never* cause a nuclear explosion the type of a nuclear bomb. Building a nuclear bomb is actually quite difficult (ask Iran). In Chernobyl, the explosion was caused by excessive pressure buildup, hydrogen explosion and rupture of all containments, propelling molten core material into the environment (a ?dirty bomb?). Why that did not and will not happen in Japan, further below. In order to control the nuclear chain reaction, the reactor operators use so-called ?control rods?. The control rods absorb the neutrons and kill the chain reaction instantaneously. A nuclear reactor is built in such a way, that when operating normally, you take out all the control rods. The coolant water then takes away the heat (and converts it into steam and electricity) at the same rate as the core produces it. And you have a lot of leeway around the standard operating point of 250?C. The challenge is that after inserting the rods and stopping the chain reaction, the core still keeps producing heat. The uranium ?stopped? the chain reaction. But a number of intermediate radioactive elements are created by the uranium during its fission process, most notably Cesium and Iodine isotopes, i.e. radioactive versions of these elements that will eventually split up into smaller atoms and not be radioactive anymore. Those elements keep decaying and producing heat. Because they are not regenerated any longer from the uranium (the uranium stopped decaying after the control rods were put in), they get less and less, and so the core cools down over a matter of days, until those intermediate radioactive elements are used up. This residual heat is causing the headaches right now. So the first ?type? of radioactive material is the uranium in the fuel rods, plus the intermediate radioactive elements that the uranium splits into, also inside the fuel rod (Cesium and Iodine). There is a second type of radioactive material created, outside the fuel rods. The big main difference up front: Those radioactive materials have a very short half-life, that means that they decay very fast and split into non-radioactive materials. By fast I mean seconds. So if these radioactive materials are released into the environment, yes, radioactivity was released, but no, it is not dangerous, at all. Why? By the time you spelled ?R-A-D-I-O-N-U-C-L-I-D-E?, they will be harmless, because they will have split up into non radioactive elements. Those radioactive elements are N-16, the radioactive isotope (or version) of nitrogen (air). The others are noble gases such as Argon. But where do they come from? When the uranium splits, it generates a neutron (see above). Most of these neutrons will hit other uranium atoms and keep the nuclear chain reaction going. But some will leave the fuel rod and hit the water molecules, or the air that is in the water. Then, a non-radioactive element can ?capture? the neutron. It becomes radioactive. As described above, it will quickly (seconds) get rid again of the neutron to return to its former beautiful self. This second ?type? of radiation is very important when we talk about the radioactivity being released into the environment later on. What happened at Fukushima I will try to summarize the main facts. The earthquake that hit Japan was 5 times more powerful than the worst earthquake the nuclear power plant was built for (the Richter scale works logarithmically; the difference between the 8.2 that the plants were built for and the 8.9 that happened is 5 times, not 0.7). So the first hooray for Japanese engineering, everything held up. When the earthquake hit with 8.9, the nuclear reactors all went into automatic shutdown. Within seconds after the earthquake started, the control rods had been inserted into the core and nuclear chain reaction of the uranium stopped. Now, the cooling system has to carry away the residual heat. The residual heat load is about 3% of the heat load under normal operating conditions. The earthquake destroyed the external power supply of the nuclear reactor. That is one of the most serious accidents for a nuclear power plant, and accordingly, a ?plant black out? receives a lot of attention when designing backup systems. The power is needed to keep the coolant pumps working. Since the power plant had been shut down, it cannot produce any electricity by itself any more. Things were going well for an hour. One set of multiple sets of emergency Diesel power generators kicked in and provided the electricity that was needed. Then the Tsunami came, much bigger than people had expected when building the power plant (see above, factor 7). The tsunami took out all multiple sets of backup Diesel generators. When designing a nuclear power plant, engineers follow a philosophy called ?Defense of Depth?. That means that you first build everything to withstand the worst catastrophe you can imagine, and then design the plant in such a way that it can still handle one system failure (that you thought could never happen) after the other. A tsunami taking out all backup power in one swift strike is such a scenario. The last line of defense is putting everything into the third containment (see above), that will keep everything, whatever the mess, control rods in our out, core molten or not, inside the reactor. When the diesel generators were gone, the reactor operators switched to emergency battery power. The batteries were designed as one of the backups to the backups, to provide power for cooling the core for 8 hours. And they did. Within the 8 hours, another power source had to be found and connected to the power plant. The power grid was down due to the earthquake. The diesel generators were destroyed by the tsunami. So mobile diesel generators were trucked in. This is where things started to go seriously wrong. The external power generators could not be connected to the power plant (the plugs did not fit). So after the batteries ran out, the residual heat could not be carried away any more. At this point the plant operators begin to follow emergency procedures that are in place for a ?loss of cooling event?. It is again a step along the ?Depth of Defense? lines. The power to the cooling systems should never have failed completely, but it did, so they ?retreat? to the next line of defense. All of this, however shocking it seems to us, is part of the day-to-day training you go through as an operator, right through to managing a core meltdown. It was at this stage that people started to talk about core meltdown. Because at the end of the day, if cooling cannot be restored, the core will eventually melt (after hours or days), and the last line of defense, the core catcher and third containment, would come into play. But the goal at this stage was to manage the core while it was heating up, and ensure that the first containment (the Zircaloy tubes that contains the nuclear fuel), as well as the second containment (our pressure cooker) remain intact and operational for as long as possible, to give the engineers time to fix the cooling systems. Because cooling the core is such a big deal, the reactor has a number of cooling systems, each in multiple versions (the reactor water cleanup system, the decay heat removal, the reactor core isolating cooling, the standby liquid cooling system, and the emergency core cooling system). Which one failed when or did not fail is not clear at this point in time. So imagine our pressure cooker on the stove, heat on low, but on. The operators use whatever cooling system capacity they have to get rid of as much heat as possible, but the pressure starts building up. The priority now is to maintain integrity of the first containment (keep temperature of the fuel rods below 2200?C), as well as the second containment, the pressure cooker. In order to maintain integrity of the pressure cooker (the second containment), the pressure has to be released from time to time. Because the ability to do that in an emergency is so important, the reactor has 11 pressure release valves. The operators now started venting steam from time to time to control the pressure. The temperature at this stage was about 550?C. This is when the reports about ?radiation leakage? starting coming in. I believe I explained above why venting the steam is theoretically the same as releasing radiation into the environment, but why it was and is not dangerous. The radioactive nitrogen as well as the noble gases do not pose a threat to human health. At some stage during this venting, the explosion occurred. The explosion took place outside of the third containment (our ?last line of defense?), and the reactor building. Remember that the reactor building has no function in keeping the radioactivity contained. It is not entirely clear yet what has happened, but this is the likely scenario: The operators decided to vent the steam from the pressure vessel not directly into the environment, but into the space between the third containment and the reactor building (to give the radioactivity in the steam more time to subside). The problem is that at the high temperatures that the core had reached at this stage, water molecules can ?disassociate? into oxygen and hydrogen ? an explosive mixture. And it did explode, outside the third containment, damaging the reactor building around. It was that sort of explosion, but inside the pressure vessel (because it was badly designed and not managed properly by the operators) that lead to the explosion of Chernobyl. This was never a risk at Fukushima. The problem of hydrogen-oxygen formation is one of the biggies when you design a power plant (if you are not Soviet, that is), so the reactor is build and operated in a way it cannot happen inside the containment. It happened outside, which was not intended but a possible scenario and OK, because it did not pose a risk for the containment. So the pressure was under control, as steam was vented. Now, if you keep boiling your pot, the problem is that the water level will keep falling and falling. The core is covered by several meters of water in order to allow for some time to pass (hours, days) before it gets exposed. Once the rods start to be exposed at the top, the exposed parts will reach the critical temperature of 2200 ?C after about 45 minutes. This is when the first containment, the Zircaloy tube, would fail. And this started to happen. The cooling could not be restored before there was some (very limited, but still) damage to the casing of some of the fuel. The nuclear material itself was still intact, but the surrounding Zircaloy shell had started melting. What happened now is that some of the byproducts of the uranium decay ? radioactive Cesium and Iodine ? started to mix with the steam. The big problem, uranium, was still under control, because the uranium oxide rods were good until 3000 ?C. It is confirmed that a very small amount of Cesium and Iodine was measured in the steam that was released into the atmosphere. It seems this was the ?go signal? for a major plan B. The small amounts of Cesium that were measured told the operators that the first containment on one of the rods somewhere was about to give. The Plan A had been to restore one of the regular cooling systems to the core. Why that failed is unclear. One plausible explanation is that the tsunami also took away / polluted all the clean water needed for the regular cooling systems. The water used in the cooling system is very clean, demineralized (like distilled) water. The reason to use pure water is the above mentioned activation by the neutrons from the Uranium: Pure water does not get activated much, so stays practically radioactive-free. Dirt or salt in the water will absorb the neutrons quicker, becoming more radioactive. This has no effect whatsoever on the core ? it does not care what it is cooled by. But it makes life more difficult for the operators and mechanics when they have to deal with activated (i.e. slightly radioactive) water. But Plan A had failed ? cooling systems down or additional clean water unavailable ? so Plan B came into effect. This is what it looks like happened: In order to prevent a core meltdown, the operators started to use sea water to cool the core. I am not quite sure if they flooded our pressure cooker with it (the second containment), or if they flooded the third containment, immersing the pressure cooker. But that is not relevant for us. The point is that the nuclear fuel has now been cooled down. Because the chain reaction has been stopped a long time ago, there is only very little residual heat being produced now. The large amount of cooling water that has been used is sufficient to take up that heat. Because it is a lot of water, the core does not produce sufficient heat any more to produce any significant pressure. Also, boric acid has been added to the seawater. Boric acid is ?liquid control rod?. Whatever decay is still going on, the Boron will capture the neutrons and further speed up the cooling down of the core. The plant came close to a core meltdown. Here is the worst-case scenario that was avoided: If the seawater could not have been used for treatment, the operators would have continued to vent the water steam to avoid pressure buildup. The third containment would then have been completely sealed to allow the core meltdown to happen without releasing radioactive material. After the meltdown, there would have been a waiting period for the intermediate radioactive materials to decay inside the reactor, and all radioactive particles to settle on a surface inside the containment. The cooling system would have been restored eventually, and the molten core cooled to a manageable temperature. The containment would have been cleaned up on the inside. Then a messy job of removing the molten core from the containment would have begun, packing the (now solid again) fuel bit by bit into transportation containers to be shipped to processing plants. Depending on the damage, the block of the plant would then either be repaired or dismantled. Now, where does that leave us? ? The plant is safe now and will stay safe. ? Japan is looking at an INES Level 4 Accident: Nuclear accident with local consequences. That is bad for the company that owns the plant, but not for anyone else. ? Some radiation was released when the pressure vessel was vented. All radioactive isotopes from the activated steam have gone (decayed). A very small amount of Cesium was released, as well as Iodine. If you were sitting on top of the plants? chimney when they were venting, you should probably give up smoking to return to your former life expectancy. The Cesium and Iodine isotopes were carried out to the sea and will never be seen again. ? There was some limited damage to the first containment. That means that some amounts of radioactive Cesium and Iodine will also be released into the cooling water, but no Uranium or other nasty stuff (the Uranium oxide does not ?dissolve? in the water). There are facilities for treating the cooling water inside the third containment. The radioactive Cesium and Iodine will be removed there and eventually stored as radioactive waste in terminal storage. ? The seawater used as cooling water will be activated to some degree. Because the control rods are fully inserted, the Uranium chain reaction is not happening. That means the ?main? nuclear reaction is not happening, thus not contributing to the activation. The intermediate radioactive materials (Cesium and Iodine) are also almost gone at this stage, because the Uranium decay was stopped a long time ago. This further reduces the activation. The bottom line is that there will be some low level of activation of the seawater, which will also be removed by the treatment facilities. ? The seawater will then be replaced over time with the ?normal? cooling water ? The reactor core will then be dismantled and transported to a processing facility, just like during a regular fuel change. ? Fuel rods and the entire plant will be checked for potential damage. This will take about 4-5 years. ? The safety systems on all Japanese plants will be upgraded to withstand a 9.0 earthquake and tsunami (or worse) ? I believe the most significant problem will be a prolonged power shortage. About half of Japan?s nuclear reactors will probably have to be inspected, reducing the nation?s power generating capacity by 15%. This will probably be covered by running gas power plants that are usually only used for peak loads to cover some of the base load as well. That will increase your electricity bill, as well as lead to potential power shortages during peak demand, in Japan. If you want to stay informed, please forget the usual media outlets and consult the following websites: ? http://www.world-nuclear-news.org/RS_Battle_to_stabilise_earthquake_reactors_1203111.html ? http://www.world-nuclear-news.org/RS_Venting_at_Fukushima_Daiichi_3_1303111.html ? http://bravenewclimate.com/2011/03/12/japan-nuclear-earthquake/ ? http://ansnuclearcafe.org/2011/03/11/media-updates-on-nuclear-power-stations-in-japan/ From rforno at infowarrior.org Sun Mar 13 16:42:44 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 13 Mar 2011 17:42:44 -0400 Subject: [Infowarrior] - Fear of the unfamiliar, again. Message-ID: <50331E67-6B62-43D7-A08A-4A556A7FBF51@infowarrior.org> Part of me faults the passengers for doing this in the "New Normal" (idiotic as that concept of a "New Normal" is) but the bigger part of me is this representing another case of Americans fearing that which is new or unfamiliar to them. --- rick Pilots lock down cockpit over praying passengers_ http://www.nctimes.com/news/national/article_7a9460e1-bc6d-5c72-9de9-f02e3f44c2c1.html Pilots on an Alaska Airlines flight locked down the cockpit and alerted authorities after three passengers conducted an elaborate orthodox Jewish prayer ritual during their Los Angeles-bound flight. Airline spokeswoman Bobbie Egan says the crew of Flight 241 from Mexico City became alarmed Sunday after the men began the ritual, which involves tying leather straps and small wooden boxes to the body. FBI and customs agents, along with police and fire crews, met the plane at the gate at Los Angeles International Airport. Airport police say two or three men were escorted off the plane, questioned by the FBI, and released. No arrests were made. _Copyright 2011 The Associated Press._ From rforno at infowarrior.org Sun Mar 13 20:06:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 13 Mar 2011 21:06:46 -0400 Subject: [Infowarrior] - Hacker vs. Hacker Message-ID: March 10, 2011, 5:00PM EST Hacker vs. Hacker The hacking and public humiliation of cyber-security firm HBGary isn't just entertaining geek theater. It's a cautionary tale for businesses everywhere By Michael Riley and Brad Stone http://www.businessweek.com/print/magazine/content/11_12/b4220066790741.htm Greg Hoglund's nightmare began on Super Bowl Sunday. On Feb. 6 the high-tech entrepreneur was sitting in his home office, trying to get to the bottom of some unusual traffic he was seeing on the Internet. Two days earlier he'd noticed troubling activity hitting the website of HBGary Federal, the Sacramento startup he helped launch in 2009. He suspected some kind of hacker assault and had spent the weekend helping to shore up the company's systems. A few hours before Green Bay kicked off to Pittsburgh, Hoglund logged into his corporate account on Google (GOOG)?and confirmed his fears. He couldn't get in. Someone had changed the password and locked him out of his own e-mail system. Stolen passwords and hackers are facts of life in the Internet Age. Twitter, Facebook, MasterCard (MA), the Washington Post Co. (WPO), the New York Stock Exchange (NYSE), the U.S. State Dept., and countless other organizations large and small have had to deal with cyber-assaults. More often than not, the security hole is plugged and, if the victims are lucky, the plague abates. Not this time. HBGary Federal is a spinoff of Hoglund's HBGary Inc., a cyber-security firm that offers protection to corporations and governments from cyber-attack. Hoglund built his career on the business of hacker-proofing?getting hacked meant HBGary failed at the very thing it's paid to get right. Hoglund called Google's corporate technical support to shut down the account, but a representative told him that doing so would take time. It didn't matter. Intruders were already helping themselves to tens of thousands of internal documents and e-mails, some of them personal exchanges between Hoglund and his wife, Penny Leavy, president of HBGary. Then the hackers?who turned out to be members of the anarchic cyber-guerrilla organization that calls itself Anonymous?triumphantly posted their electronic booty on an online file-sharing service for all the world to see. That's when Hoglund's real problems began, and the resulting controversy?involving a high-powered Washington (D.C.) law firm, the Justice Dept., and the whistle-blower site WikiLeaks?hasn't just been entertaining geek theater but a rare look into the esoteric realm of cyber-security. It's a world where only a select few understand the workings of the computers and networks we all use, where publicly antagonizing the wrong people can have disastrous consequences, and where some participants tend toward self-aggrandizement and flexible differentiations between right and wrong. The HBGary Federal documents?to Hoglund's surprise, he says?revealed unethical and potentially criminal plans to build a digital-espionage-for-hire business. "They really showed how bad things are getting," says Bruce Schneier, a renowned computer security expert. "Blackmail, espionage, data theft. These are things that were proposed as reasonable things to do. And no one said, 'Are you crazy?' " The plans were conceived in part by HBGary Federal's top executive, a former U.S. Navy cryptologist named Aaron Barr. Barr was working in conjunction with two other security companies. In a bit of cloak-and-dagger grandiosity, the firms dubbed their collaboration Team Themis, after a titan of Greek mythology who embodied natural law. (Forsaking Themis brings on Nemesis.) Team Themis proposed to electronically infiltrate grass-roots organizations opposed to the U.S. Chamber of Commerce, the powerful Washington lobbying organization. In a separate and even more legally dubious proposal intended for Bank of America (BAC), the group laid out a plan to infiltrate WikiLeaks and intimidate its supporters. Team Themis's machinations were exposed before they got past the proposal stage. But the schemes the security firms came up with were Nixonian in scope and Keystone Kops-like in execution. In a 12-page PDF sent to Hunton & Williams, the Washington law firm representing the U.S. Chamber, Team Themis suggested creating dummy documents and online personae, and scouring social networks such as Facebook for intelligence on their prospective client's most vocal critics. In the proposal for Bank of America, the security firms suggested hacking WikiLeaks itself to expose its sources. For Hoglund and his 30-person company, the fallout from the revelations continues to grow. Employees of HBGary and their families have been besieged with hostile phone calls and e-mails, including some death threats, and the company canceled its presentations at the annual RSA cyber-security conference in February. News sites that cover computer security have plumbed the document dump, turning HBGary and Barr into objects of ridicule. Barr resigned on Mar. 1 and declines to speak publicly about the ordeal. All of it makes Greg Hoglund furious. "These individuals are not hacktivists, they are criminals," he tells Bloomberg Businessweek, referring to his Anonymous adversaries. "If you let a gang of cyber-thugs hack into systems with impunity and get away with it, what kind of precedent does that set for cyber-security?" Hoglund, 38, is widely respected in the computer security world for his expertise with "rootkits," software that facilitates privileged access to a computer while evading detection. The HBGary chief executive officer never went to college and learned his trade on the fly, spending time with other hackers and writing his own security software. He co-founded HBGary in 2004, providing corporations with tools to detect, analyze, and combat sophisticated malware attacks from hostile foreign governments. (The firm's name is derived from Hoglund and his two original partners, Shawn Bracken and Jon Gary.) Among the companies HBGary has worked with are Morgan Stanley (MS), Sony (SNE), and Walt Disney (DIS). Fifteen months ago, Hoglund decided to branch out into a new market and spun off HBGary Federal to perform classified work for the U.S. government. Employees of the subsidiary would have military experience and top security clearances. To run the operation, Hoglund tapped Barr, then an engineer in the Intelligence Systems Division of military contractor Northrop Grumman (NOC). "Aaron has a very high IQ. He's a very smart individual," says Hoglund. "He also has an incredibly good reputation, or he did at the time." In the year after he was hired, Barr had little success building HBGary Federal's business. The firm initially attempted to break into the "incident response" market, selling its spycraft to government agencies so they could shut down leaks and identify cyber-attackers. That field is competitive, and paying work sparse for startups. By October 2010, in the e-mails that later became public, Hoglund warned Barr that HBGary Federal was "out of money and none of the work you had planned has come in." In his reply, Barr agreed. Barr did have one possible lifeline. On Oct. 19, Palantir Technologies, a Palo Alto (Calif.) cyber-security company whose terrorism analysis software is used by the Pentagon and the CIA, reached out to HBGary Federal and another security firm, Virginia-based Berico Technologies, with a tempting offer. Palantir said it had been approached by Hunton & Williams, a century-old firm with ties to the Republican Party and the defense industry. The firm needed investigative services on behalf of a high-profile, deep-pocketed client. Barr and representatives from the other companies discussed the project via e-mail and visited Hunton & Williams in November to meet with Richard Wyatt, co-head of the firm's litigation group. A person who was at the meeting says Wyatt wore suspenders, smoked a cigar, and propped up his cowboy boots on his desk?a cartoonish vision of a D.C. power broker. But the security professionals were impressed when they learned the identity of the prospective client: the U.S. Chamber of Commerce, which had just backed a wave of successful conservative candidates for Congress. The Chamber, it seemed, had a public-relations problem: Activist organizations such as U.S. ChamberWatch, Velvet Revolution, and Change to Win were accusing it of financial improprieties and using foreign donations for political purposes. The Chamber believed all these grass-roots organizations were working in concert with the surreptitious backing of major unions. According to the e-mails released by Anonymous, Hunton & Williams was already amassing reams of information, including union rosters, and needed expert help in digesting the data. The security firms' mission, should they choose to accept it: Infiltrate the activist groups and their leadership, compile dossiers, and help the law firm "truly understand and eliminate emerging threats that could cause harm to their clients," according to a Team Themis document. The team's members spent much of November working up their proposal. They highlighted how they would funnel their gleanings through Palantir Technologies' military-grade terrorist-tracking software. "We need to blow these guys away with descriptions of our capabilities," wrote Matthew Steckman, an engineer at Palantir, in one of the e-mails in the published documents. "Make them think that we are Bond, Q, and money penny [sic] all packaged up with a bow." Then there was the matter of price. Such private online espionage was hardly common practice, and there was no industry-standard pay scale. Team Themis landed on $2 million. For that sum, the client would get a "daily intelligence summary," "link diagrams," and "target impact analysis," among other services. Hunton & Williams, on behalf of the Chamber, balked at the price, so the security companies agreed to do a pilot on spec. (The law firm has not commented on the matter.) Hunton & Williams clearly saw potential in Team Themis. On Dec. 2, in a message with the subject line "Urgent: Opportunity," a partner at the firm asked the group to come up with a new plan, this time to combat WikiLeaks on behalf of a different prospective client?Bank of America, which believed WikiLeaks was about to publish a cache of its documents. (The Justice Dept., the e-mails suggested, had recommended that Bank of America hire Hunton & Williams.) Barr took the lead in crafting what would become an infamous 24-slide PowerPoint presentation that called for a cyber-campaign of disinformation against WikiLeaks. The document analyzes WikiLeaks' server infrastructure, talks about planting news stories about the exposure of its confidential informants, and proposes online attacks. Some of the language is comical, like a verbal version of an old Spy Vs. Spy cartoon from Mad magazine: "Speed is crucial!" blares one slide. "The threat demands a comprehensive analysis capability now." A person familiar with the creation of the presentation said it was the result of late-night brainstorming, and that the security firms knew Bank of America would likely reject the most aggressive tactics. As with the Chamber of Commerce scheme, the WikiLeaks proposal never got a final hearing. While HBGary Federal and the other security firms awaited a formal go-ahead from Hunton & Williams and its clients, Barr decided to deploy his new research techniques on Anonymous. Anonymous has had a busy winter. The group, which appears to be less a formal organization than a loose coalition of tech-savvy radicals, attacked government websites in Egypt and Tunisia. It launched denial-of-service attacks on Amazon.com (AMZN), PayPal, MasterCard, and Visa (V) after those companies declined to do business with WikiLeaks. Barrett Brown, an unofficial spokesman for the group, says its goal is "a perpetual revolution across the world that goes on until governments are basically overwhelmed and results in a freer system." Barr had come to believe that companies would have to defend themselves against this anarchic sensibility using the same tactics as the mischief makers. He also believed he had the skills and experience to join the battle. His principal weapon was a method he developed to associate the real identities found in social networks such as Facebook and LinkedIn with the anonymous profiles of hackers. So while Hunton & Williams weighed Team Themis's proposals, and with the ultimate fate of HBGary Federal hanging in the balance, Barr figured the time was right to demonstrate how social networks could yield an intelligence bonanza. Barr began by hanging out in an online forum called Internet Relay Chat (IRC), using a fake identity. At the same time, on social networks, he "friended" people thought to be senior members of the Anonymous collective. Barr then compared the times that suspected hackers logged into IRC chat rooms anonymously and into their own identifiable social networking accounts. The exposed HBGary e-mails would later reveal that Barr's own employees thought he was overreaching and that they feared retribution from the vengeful Anonymous. But Barr plunged ahead. He proposed a talk at the RSA conference in San Francisco titled "Who Needs NSA when we have Social Media?" Then he promoted the talk by suggesting he would expose the identities of the primary members of the group. On Feb. 4, a Friday, Barr bragged to the Financial Times about his upcoming talk and claimed he had obtained the identities of the group's de facto leaders. Bad idea. As Stephen Colbert summed it up, lampooning the HBGary affair on his TV show, "Anonymous is a hornet's nest. And Barr said, 'I'm gonna stick my penis in that thing.' " When hackers taunt, they often use the term "pwned"?as in, "I so pwned you, newbie." No one seems to agree where the word came from. Google it, and you'll find claims that it's a corruption of "owned," or that it's from a computer game, or maybe it's just a shortened form of the chess term "pawned." Whatever its origins, the term connotes humiliating domination by another person or group. That's roughly what happened next to Barr, Hoglund, and HBGary. Responding to Barr's public claims, the Anonymous hackers exploited a vulnerability in the software that ran HBGary Federal's website, obtained an encrypted list of the company's user names and passwords, and decoded them. Barr and some of his colleagues, Anonymous then discovered, had committed computer security's biggest sin: They used the same password on multiple accounts. The hackers commandeered Barr's Twitter and LinkedIn accounts, lacing both with obscenities. One of the passwords also opened the company's corporate Google account. Jackpot. In less than 48 hours after Barr's Financial Times interview appeared, the hackers had the keys to the kingdom. They immediately started downloading HBGary's e-mails. All told, Anonymous got hold of 60,000-plus?about 4.7 gigabytes worth, including attachments?and quickly put them all online in conveniently searchable form. The material details online security holes at HBGary clients and prospects such as Sony, Johnson & Johnson (JNJ), Disney, ConocoPhillips (COP), and dozens of others. The e-mails showed that DuPont (DD) was breached in 2009 (by the same hackers who hit Google) and again in late 2010. DuPont employees on a business trip to China even found that their laptops had been implanted with spyware while the hardware was supposedly locked inside a hotel safe. In the ensuing days, Barr and Leavy, HBGary's president, took to IRC channels to plead with Anonymous for mercy. None was forthcoming. Members of the group and their supporters gleefully defaced and posted photos of Barr, published personal details about his family, tweeted his Social Security number, and generally gloated about pwning a professional adversary. They said the "ninja team" that hacked HBGary included a 16-year-old girl named Kayla. (Rumors online suggest that "Kayla" is actually a 26-year-old man living in New Jersey. Who's right? Not even Anonymous may know.) "We have no choice but to defend ourselves and defend WikiLeaks by these means," says Brown, the unofficial Anonymous spokesman. "This has just begun. We're absolutely at war now." Meanwhile, the other members of Team Themis deny they wanted to push the operations as far as Barr did?despite the volumes of incriminating e-mails. Palantir Technologies CEO Alex Karp blames HBGary for conceiving the plot, decries any attempt to develop "offensive cyber capabilities," and has placed on leave Steckman, the engineer who coordinated with Team Themis. Palantir also issued a public apology to Glenn Greenwald, a Salon.com journalist who was singled out in a Themis proposal as a WikiLeaks defender and thus a possible target. In a statement, Berico Technologies says it "does not condone or support any effort that proactively targets American firms, organizations, or individuals." At the same time, it cut ties with HBGary. The U.S. Chamber of Commerce said in a press release that it's "incredulous that anyone would attempt to associate such activities with the Chamber," adding that it had not seen the incendiary proposals before they were made public. Morgan Stanley dropped HBGary as a security contractor. Barr never delivered his speech and when he tendered his resignation three weeks after the Anonymous attack, he said he was confident HBGary would be able to "weather this storm." As for Hoglund, even his friends in the security industry wonder how long HBGary can survive amid the onslaught of negative publicity. But the CEO claims his company has undergone a rigorous security review and is back on track. He says the hackers "made a hole-in-one from 200 yards away" and that it will never happen again. "They are nowhere near as sophisticated and scary and large as they would like people to think they are," he says. And while the lesson of the HBGary saga may be that it's not always easy to tell the black hats from the white hats in the ambiguous game of computer security, Hoglund has no doubt which is which. "It will get worse," he says. "This whole event has only emboldened them. I hope this isn't the way the Internet has to be. Right now it's a domain of lawlessness. This is bigger than HBGary, than my company. Right now, the pendulum has swung way over to the bad guys' side." Riley is a reporter for Bloomberg News. Stone is a senior writer for Bloomberg Businessweek. From rforno at infowarrior.org Sun Mar 13 21:39:37 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 13 Mar 2011 22:39:37 -0400 Subject: [Infowarrior] - Debit card spending limit? Banks consider a $50 cap Message-ID: <1F2677CA-8CA8-48A0-B1B6-1C1968AF18B7@infowarrior.org> Debit card spending limit? Banks consider a $50 cap Blake Ellis, staff reporter, On Thursday March 10, 2011, 9:34 pm EST http://finance.yahoo.com/news/Debit-card-spending-limit-cnnm-3728211539.html?x=0 Declined! Your debit card may soon be denied for purchases greater than $100 -- or even as little as $50. JPMorgan Chase, one of the nation's largest banks, is considering capping debit card transactions at either $50 or $100, according to a source with knowledge of the proposal. And the cap would apply even if you run your debit card as credit. Why? Because of a tricky thing called interchange fees. Right now, every time you swipe your debit card your bank charges the retailer an average fee of 44 cents, which it shares with its partners. Those little fees, however, add up to about $16 billion per year, according to 2009 data from the Federal Reserve. But as part of the Wall Street reform legislation that was passed last year, these fees are being slashed. The Fed is currently proposing rules that would go into effect in July and would cap interchange fees at 12 cents. That's a big enough cut to cost Chase more than $1 billion a year. And Chase may not be alone. Other major issuers are also projecting huge losses from the interchange fee cap. Joe Price, president of consumer banking for Bank of America, said in an e-mailed statement that the lower fee wouldn't fairly compensate the bank for the infrastructure and services it provides to retailers. And consumers would end up feeling the pain when Bank of America is forced to recoup costs "by increasing the cost of their everyday debit card transactions, limiting their payment choices, and impacting industry innovation," according to the email. Aside from mulling over a limit on transaction amounts, Chase is already testing $3 monthly fees on debit cards and $15 fees on checking accounts in certain states. Additionally, the bank announced in November that it has stopped issuing debit rewards cards. A Chase spokesman declined comment on this story. The revenue banks get from interchange fees helps to offset money lost from fraudulent transactions. So with the Fed's proposed cap in place, banks argue they won't have the money to protect themselves against fraud. And, of course, the bigger the purchase the bigger the risk, so banks are considering limiting consumers' ability to pay by debit card. "If banks cannot recapture their fraud-prevention costs, it is likely that a lower percentage of transactions at the point of sale would be approved," Price said. "If the final rules that are issued in April look like the draft, there's no question that it will impact how we and other issuers price deposit and payment services and what features and benefits are included." But a Bank of America spokesman declined to comment on whether the bank would cap debit card purchases at $50 or $100. Representatives from Wells Fargo and HSBC declined to comment on their plans, while a spokeswoman from Citi said the bank isn't making any changes at this time. If a cap like this does make its way into accounts across the board, consumers would be forced to write checks, withdraw cash from ATMs, or put their spending on credit cards. "The whole model on the debit card side is in flux because of Dodd-Frank," said Brian Riley, senior research director at financial services consulting firm TowerGroup. "The unfortunate thing is that the people who will really get hurt on this are the people who need the most help." Many consumers with bad credit aren't able to qualify for credit cards -- and when they do, it's often with hefty rates and fees. Additionally, ATMs typically only dole out a limited amount of money at a time and checking accounts are being loaded with fees. At the same time, even the customers who do qualify for credit cards are being punished for having tarnished credit. Bank of America, for example, announced a $59 annual fee last month for its riskiest customers -- making up about 5% of consumer credit card accounts. From rforno at infowarrior.org Sun Mar 13 23:10:38 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 00:10:38 -0400 Subject: [Infowarrior] - Anonymous' BAC leaks begin ... Message-ID: <09BB635F-7F22-4BF3-BB63-14E1619E1DA5@infowarrior.org> (site and many mirrors are slow in responding.....) Source: http://bankofamericasuck.com/ specifically -- http://bankofamericasuck.com/03/13/ex-bank-of-ameica-employee-can-prove-mortgage-fraud-part-1 From rforno at infowarrior.org Mon Mar 14 06:56:09 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 07:56:09 -0400 Subject: [Infowarrior] - Little transparency progress Message-ID: <0A083F14-A0C9-4059-B5FC-8091F163F407@infowarrior.org> PROMISES, PROMISES: Little transparency progress ? Mon Mar 14, 3:10 am ET http://news.yahoo.com/s/ap/20110314/ap_on_go_pr_wh/us_sunshine_week_foia WASHINGTON ? Two years into its pledge to improve government transparency, the Obama administration handled fewer requests for federal records from citizens, journalists, companies and others last year even as significantly more people asked for information. The administration disclosed at least some of what people wanted at about the same rate as the previous year. People requested information 544,360 times last year under the U.S. Freedom of Information Act from the 35 largest agencies, up nearly 41,000 more than the previous year, according to an analysis by The Associated Press of new federal data. But the government took action on nearly 12,400 fewer requests. The administration refused to release any sought-after materials in more than 1-in-3 information requests, including cases when it couldn't find records, a person refused to pay for copies or the request was determined to be improper under the law. It refused more often to quickly consider information requests about subjects described as urgent or especially newsworthy. And nearly half the agencies that AP examined took longer ? weeks more, in some cases ? to give out records last year than during the previous year. There were some improvements. The administration less frequently invoked the "deliberative process" exemption under the law to withhold records describing decision-making behind the scenes. President Barack Obama had directed agencies to use it less often, but the number of such cases had surged after his first year in office to more than 71,000. It fell last year to 53,360, still higher than during George W. Bush's final year as president. It was still commonly invoked last year at the Homeland Security Department, which accounted for nearly 80 percent of cases across the whole government. Overall, the decidedly mixed performance shows the federal government struggling to match the promises Obama made early in his term to improve transparency and disclose more information rapidly. "Transparency promotes accountability and provides information for citizens about what their government is doing," Obama said when he took office. The White House said it was voluntarily disclosing more information, forestalling a need to formally make requests under the law, and said that agencies released information in nearly 93 percent of cases, excluding instances when it couldn't find records, a person refused to pay for copies or the request was determined to be improper. [ For complete coverage of politics and policy, go to Yahoo! Politics ] "A lot of the statistics need to be taken with a grain of salt, but they may understate our successes," said Steven Croley, a special assistant to the president for justice and regulatory policy. The Obama administration even censored 194 pages of internal e-mails about its Open Government Directive that the AP requested more than one year ago. The December 2009 directive requires every agency to take immediate, specific steps to open their operations up to the public. But the White House Office of Management and Budget blacked-out entire pages of some e-mails between federal employees discussing how to apply the new openness rules, and it blacked-out one e-mail discussing how to respond to AP's request for information about the transparency directive. The OMB invoked the "deliberative process" exemption ? the one that Obama said to use more sparingly ? at least 192 separate times in turning over the censored e-mails to the AP. Some blacked-out sections involved officials discussing changes the White House wanted and sections of the openness rules that were never made official. This year, after Republicans won control in the House and with the presidential election looming, the fight over transparency could turn political. The new Republican chairman of the House Oversight and Government Reform Committee, Rep. Darrell Issa, R-Calif., is conducting a broad inquiry into Obama's openness promises. The investigation was at least partly prompted by reports from the AP last year that the Homeland Security Department had sidetracked hundreds of requests for federal records to top political advisers, who wanted information about those requesting the materials. Organizations that routinely ask for government records are fighting many of the same battles for information waged during the Bush administration. Federal offices lack enough employees and money to respond to requests quickly and thoroughly, said Anne Weismann, chief counsel at Citizens for Responsibility and Ethics in Washington, a watchdog group. With federal spending expected to tighten, the problem will likely get worse. "They're going to be asked to do more with less," Weismann said. AP's analysis showed that the odds a government agency would search its filing cabinets and turn over copies of documents, e-mails, videos or other requested materials depended mostly on which agency produced them ? and on a person's patience. Willingness to wait ? and then wait some more ? was a virtue. Agencies refused more routinely last year to quickly consider information requests deemed especially urgent or newsworthy, agreeing to conduct a speedy review about 1-in-5 times they were asked. The State Department granted only 1 out of 98 such reviews; the Homeland Security Department granted 27 out of 1,476. The previous year the government overall granted more than 1-in-4 such speedy reviews. The parts of the government that deal with sensitive matters like espionage or stock market swindles, including the CIA or Securities and Exchange Commission, entirely rejected information requests more than half the time during fiscal 2010. And they took their time to decide: The SEC averaged 553 days to reply to each request it considered complicated, and the CIA took more than three months. Less-sensitive agencies, such as the Social Security Administration or Department of Agriculture, turned over at least some records nearly every time someone asked for them, often in just weeks. Some federal agencies showed marked improvements, but sometimes it came at a cost elsewhere in the government. The Homeland Security Department cut its number of backlog information requests by 40 percent last year, thanks mostly to work under a $7.6 million federal contract with TDB Communications of Lenexa, Kan., which was approved during the Bush administration. The company accomplished its work partly by forwarding to the State Department tens of thousands of requests for immigration records from Homeland Security's Citizenship and Immigration Services because the State Department makes visa determinations in immigration cases. At one point, as the Homeland Security Department was reducing its backlog, it was sending as many as 3,800 cases each month to the State Department, said Janice DeGarmo, a State Department spokeswoman. The State Department received and handled three times as many requests in 2010 than the previous year. It ended up with a backlog of more than 20,500 overdue cases, more than twice as many as the previous year. Also, the Veterans Affairs Department said it received 40,000 fewer information requests last year. Spokeswoman Jo Schuda said the department incorrectly labeled some requests in 2009 as being filed under the Freedom of Information Act but actually were made under the U.S. Privacy Act, a different law. The 35 agencies that AP examined were: Agency for International Development, CIA, Consumer Product Safety Commission, Council on Environmental Quality, Agriculture Department, Commerce Department, Defense Department, Education Department, Energy Department, Department of Health and Human Services, Department of Homeland Security, Department of Housing and Urban Development, Interior Department, Justice Department, Labor Department, State Department, Transportation Department, Treasury Department, Department of Veterans Affairs, Environmental Protection Agency, Federal Communications Commission, Federal Deposit Insurance Corporation, Federal Trade Commission, NASA, National Science Foundation, National Transportation Safety Board, Nuclear Regulatory Commission, Office of Management and Budget, Office of National Drug Control Policy, Office of Personnel Management, Office of Science and Technology Policy, Office of the Director of National Intelligence, Securities and Exchange Commission, Small Business Administration and the Social Security Administration. From rforno at infowarrior.org Mon Mar 14 07:03:10 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 08:03:10 -0400 Subject: [Infowarrior] - Mirror: Bank of America Anonymous Email Leak Message-ID: Bank of America Anonymous Email Leak http://publicintelligence.net/bank-of-america-anonymous-email-leak/ From rforno at infowarrior.org Mon Mar 14 07:05:43 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 08:05:43 -0400 Subject: [Infowarrior] - Pew State of the Media Report Message-ID: (Linke to Report: http://stateofthemedia.org/) http://www.cjr.org/the_news_frontier/the_news_industry_is_no_longer.php Behind the News, The News Frontier ? March 14, 2011 01:07 AM ?The News Industry Is No Longer In Control Of Its Destiny? And other findings of the Pew State of the Media Report By Lauren Kirchner Today the Pew Research Center for Excellence in Journalism released its annual ?State of the Media? report, and it?s a mixed bag of good and bad news. According to the report, there are signs that the industry is beginning to recover ?after two dreadful years?: hiring has picked up, as has revenue, and layoffs have slowed down somewhat. At the same time, though, there is a nagging structural problem that only appears to be getting worse. As news organizations increasingly?and inevitably?come to depend on partnerships with third-party companies to stretch their newsrooms? technological capacity, they also, unfortunately, lose control of vital audience data. The report mentions social networks like Facebook and news aggregators like Google, upon which many news outlets depend to expand their readership and grow traffic. But the harshest language seems to be reserved for Apple, which, when hosting a news organization?s app on the iPhone or iPad, both keeps 30 percent of the revenue from the sale and also does not share the data about these sales. An excerpt from the report: That data may be the most important commodity of all. In a media world where consumers decide what news they want to get and how they want to get it, the future will belong to those who understand the public?s changing behavior and can target content and advertising to snugly fit the interests of each user. That knowledge?and the expertise in gathering it?increasingly resides with technology companies outside journalism. In the 20th century, the news media thrived by being the intermediary others needed to reach customers. In the 21st, increasingly there is a new intermediary: Software programmers, content aggregators and device makers control access to the public. The news industry, late to adapt and culturally more tied to content creation than engineering, finds itself more a follower than leader shaping its business. There is evidence, however, that this structure won?t last. Outsourcing the distribution duties and the technical know-how seems unavoidable in this age, but news organizations probably won?t tolerate being in the dark about their own customers: News companies are trying to push back. One new effort involves online publishers starting their own ad exchanges, rather than having middlemen to do it for them. NBC, CBS and Forbes are among those launching their own, tired of sharing revenue and having third parties take their audience data. Pew also highlights some significant ?firsts? across the online news universe, indicating that the move from print to web has reached an important tipping point. They are: 1) ?Original reporting job hires at major online only news sites for the first time matched or exceeded the job losses in newspapers.? 2) ?For the first time, more people said they got news from the web than newspapers.? 3) ?When the final tally is in, online ad revenue in 2010 is projected to surpass print newspaper ad revenue for the first time.? A big caveat to that last point, though: although web audience and revenue both surpassed newspaper audience and revenue for the first time ever, that didn?t necessarily help news websites: ?by far the largest share of that online ad revenue goes to non-news sources, particularly to aggregators.? Pew?s entire report is available on its website, and is chock full of useful statistics about readers? habits, circulation numbers, revenue, and hiring trends. CJR previously wrote about the 2010 State of the Media report here, Pew?s interactive feature about this past year of news here, and its warning about the ?Twitter echo chamber? here?a warning that it probably wouldn?t hurt to revisit every few months or so, knowing us tweet-happy journos. http://www.cjr.org/the_news_frontier/the_news_industry_is_no_longer.php From rforno at infowarrior.org Mon Mar 14 07:11:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 08:11:06 -0400 Subject: [Infowarrior] - Twitter Decides To Kill Its Ecosystem Message-ID: <2A1D9B78-4664-40B8-BC86-1920A44A0CB5@infowarrior.org> Twitter Decides To Kill Its Ecosystem: How Not To Run A Modern Company from the big-mistake dept http://www.techdirt.com/articles/20110313/17021713476/twitter-decides-to-kill-its-ecosystem-how-not-to-run-modern-company.shtml This is really unfortunate news. It really wasn't that long ago that we were praising Twitter for how it dealt with the issue of third parties building on its ecosystem. The company took a very permissive approach, letting other providers do all sorts of things that really helped to make Twitter much more valuable in the long run, including create a whole variety of client apps that really pushed Twitter. I know that my own recognition of why Twitter was valuable didn't really come about until I started using some third party apps, that let me do much, much more and get much more value out of Twitter. However, on Friday, Twitter appeared to want to cut off all that goodwill and value adding by telling third parties (effectively) to stop making Twitter apps. It appears the company will allow a few legacy apps to be grandfathered in, but new apps-makers are forewarned to stay away. This comes a little while after Twitter shut down some third party apps it claimed were "misbehaving." The reasoning behind this new prohibition are, frankly, ridiculous and totally unbelievable. Specifically, it claims that "people are confused" by these third party apps. Of course, in my case, and in the case of almost everyone I know who uses a third party app (and I don't know anyone who actually uses Twitter's official app), we weren't confused, we were enlightened by those third party apps providing much more context and value to Twitter. The new rules basically remove a large amount of the flexibility that the existing third party providers can use to add more value to Twitter. This is Twitter both trying to control the developer market and to take it back over itself. This is a dangerous move that could seriously hurt the developer ecosystem around Twitter, and push people to alternatives. Even if developers think they can live within the rules, these recent changes might get them to think twice about building on Twitter since it could change the rules further. As per usual, Mathew Ingram summarizes nicely why this is a bad business move, even if it's designed to benefit Twitter's business: Without the help of third-party apps like Tweetie and Tweetdeck, the company likely would not have been nearly as successful at building the network (and a ready-made client like Tweetie certainly wouldn?t have been sitting there waiting to be acquired). But the ecosystem didn?t just build demand for the network -- it also helped build and distribute the behavior that now makes Twitter so valuable: the @ mentions, the direct messages, re-Tweets and so on, none of which were Twitter?s idea originally. That created a huge amount of goodwill, and led to the (apparently mistaken) idea of an ecosystem. It?s all very well for Twitter to claim ownership of all those things now, since it is their platform. And obviously there are businesses that can get away with being arbitrary or dictatorial -- Apple is well known for such behavior, after all, and it is one of the most valuable companies on the planet. But this only works over the longer term if your product is so unique and compelling that people will put up with it. Is Twitter in that category? The company may get away with this in the short-term, but this is a hugely risky long term move that seems to have a high likelihood of backfiring. Going against those who helped get you where you are is a very dangerous move. For a company that used to seem so welcoming, it's a pretty rapid about face. From rforno at infowarrior.org Mon Mar 14 07:13:27 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 08:13:27 -0400 Subject: [Infowarrior] - Hollywood tale for replacing DVD a cliffhanger Message-ID: Hollywood tale for replacing DVD a cliffhanger by Greg Sandoval http://news.cnet.com/8301-31001_3-20042731-261.html?part=rss&subj=news&tag=2547-1_3-0-20 In a bid to sweeten the consumer appeal of a new digital format that could succeed the DVD, some at the major film studios want to prevent DVD libraries from being rendered obsolete in a format upgrade. UltraViolet (UV) is the name of new technology standards expected to debut this summer that Hollywood hopes will help reignite the public's interest in collecting movies and cauterize the bleeding in their home-video divisions. The consortium that created UV includes all the big film studios--with the exception of Disney--and numerous movie-sector allies, such as Microsoft, Nokia, Sony, Comcast and Netflix, said in January that the technology will ensure consumers will be able to play their movies and TV shows on a wide range of devices and services. At the core of UV's offer to consumers is the ability to store films on a service provider's servers, or what is commonly referred to as the cloud. One new feature being discussed at UV calls for asking users to load their DVDs into their computers so UV can scan them and verify they possess the movies, according to film industry insiders who spoke with CNET. After verification, UV would place a copy of the film in the person's digital locker. Typically, when media sectors have changed distribution formats, consumers are forced to shell out more money to update existing libraries. VHS tapes couldn't play on DVD players and CD players were incompatible with vinyl albums. But even as progressive as this sounds, some studio execs acknowledge that moving the public to a new format now won't be easy. For one thing, UV's launch is coming up fast and important details still need to be hashed out. Insiders say consortium members still can't agree on several important issues regarding security and whether to offer UV in high-def. Some studios involved are worried some among them will break ranks and offer content to other locker services in addition to UV, which could undermine UV's negotiating power. Meanwhile, UV's toughest challenge may be selling the new format to Internet-empowered consumers, many of whom are unaccustomed to paying for content following years of downloading pirated music and films at file-sharing services. Then there's Netflix. The Web's top video-rental service forces DVD collectors to ask the question: why am I buying when Netflix's monthly streaming-subscription fee costs less than a typical disc? For their money, Netflix subscribers receive access to thousands of catalog TV shows and films. According to film industry sources, Netflix is the kind of consumer proposition that drives the value of the studios' content down and one reason why they hope to nurture alternative outlets. Linking up with cable Here's what we know about how UV works so far: the system is supposed to help prevent owners of films and TV shows from being locked into individual devices or services. UV's technology is similar to an ATM network and authorize accounts on different media players and services. Digital rights management won't get in the way because UV's technology will sit on top of the different DRM schemes and provide the necessary permissions. Once a person sets up their UV locker, they will be able to register up to six people from the same household to a digital locker. One studio source said that those registered from a household will not be required to live at the same address. Nice. This is supposed to be just the start. UV backers have said they will encourage entrepreneurs to build new services and business models on top of UV. They hope that large telcos and Internet service providers will be among them. The studios have already spoken to some of the big cable companies and ISPs about creating UV lockers, said one film-industry source. Hollywood is telling them that by creating their own locker services, they will get the chance to engage with customers' entertainment viewing in a way they never have before. The studios "would love to have them get in the game," said one insider. Unlike the DVD or Blu-ray, there may not be much time for potential locker merchants to wait and see whether lockers are a hit. The studios are hoping that locker owners will behave similar to iTunes users and once they begin loading a 100 songs or more into their locker, will get hooked. Will studios charge for cloud? UV still faces plenty of challenges. Some skeptics are suspicious that UV is an attempt by Hollywood to trap people's content in the cloud and then charge them to access movies they've already purchased. Some doubters say that without Disney and Apple, which are not UV members, it will be hard to generate wide adoption. Others point out that building consensus within a consortium is difficult because it's hard to get competitors to agree on anything. Apparently UV is not immune. A disagreement over UV's security on the scanning of users' PCs and delivery of films has cropped up, according to a film-industry source. The fear is that someone who has a DVD scanned by UV and receives locker access to the movie could then give their discs to someone else to scan. There would be no way to tell whether a DVD had been previously scanned. For that reason, the studio with the security concerns has lobbied for random checks. They want users to be required to reinsert discs subsequent to their initial scan to ensure they sill posses the discs. Those who have argued against the added security measure point out that requiring people to hold on to discs defeats the purpose of cloud video. Eliminating the clutter of DVD libraries is one of the benefits of storing movies on someone else's servers. They also ask what happens to a UV user who is on vacation and asked to insert a disc that haven't brought along. Josh Martin, a video analyst for research group Strategy Analytics, has lauded the studios for making DRM invisible to users and enabling families to create individual profiles. He said in an interview Friday that UV is a good idea "provided it is executed right." Martin cautioned UV's backers from heaping too many confusing, burdensome or expensive requirements onto UV users. He suspects that UV has plans to try and charge users fees to access their cloud content, including movies they bought in the past. He thinks this will be a tough sell. "The service offers some important benefits," Martin said. "I don't know that there is enough value for each of the individual benefits to say that paying for it makes sense." From rforno at infowarrior.org Mon Mar 14 08:58:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 09:58:29 -0400 Subject: [Infowarrior] - The Dow's Plunge: Should You Be Worried? Message-ID: The Dow's Plunge: Should You Be Worried? By BRETT ARENDS http://online.wsj.com/article/SB10001424052748703726904576192953602816200.html Ouch. It was the biggest drop in the Dow Jones Industrial Average since August. Markets tumbled yesterday, while fears surged?about jobs, Spain and Saudi Arabia. But what does this mean for you, the investor? Was this just a one-day wonder, a buying opportunity, a small but passing cloud on an otherwise sunny horizon? Or was it something more ominous? The market's next move is always a mystery. It could go up 500 points next week or down 500 points, or stay in range. You shouldn't let one day's price movement govern your financial decisions. It's never sensible to panic. And sure, this could be just a passing storm. Yet there are reasons to be concerned about what just happened. Maybe I'm being too nervous here. I hope so. When the market sells off, I usually like to find reasons to buy stocks more cheaply. But here are 10 reasons why this 228-point slump in the Dow makes me sit up and take notice. 1. It happened when the price of oil was falling. For weeks, the market has been worried that the rising price of oil was going to knock the economy back into the hole. But the price of light sweet crude fell $2 a barrel on Thursday to $102. That followed a $1 fall earlier this week. It's still above the critical $100-a-barrel figure that may spell economic trouble. Nonetheless, some relief on oil should have been good news. If the market sells off at the same time it suggests investors may be reevaluating the fundamentals of the recovery. 2. It was across the board. It wasn't just isolated to a few exchanges here or in Europe or in the Middle East. Exchanges fell around the world. Wall Street was down 1.9%. Shanghai and Tokyo both fell about 1.5%. Brazil's Bovespa was down 1.8%. London fell 1.5%. Even gold fell. The Standard & Poor's 500-stock index is now down about 4% from the peak seen last month. Since then it's tried three times to get its mojo back, and it's failed each time. Not cheerful. 3. The financial cockroaches are back. The European debt crisis. Our continuing jobs gloom. Oh, and let's not forget the rocketing national debt that is financing the entire stock-market boom. In past months I've been watching with amazement as Wall Street?and a lot of investors?have been trying to sweep these under the carpet. But they won't stay there. On Thursday, markets were spooked when Moody's downgraded Spain's government debt. But why is anyone surprised? Had investors been paying attention, they would have known that the market for default risk was already sending serious warning signals about Spain and Portugal's credit -- not to mention that of Greece. 4. One of the smartest bulls I know has suddenly turned very edgy. He's a European hedge fund manager who turned bullish in January 2009?on high-risk financials, no less?and has stayed upbeat for most of the past two years. He was a raging bull last summer. Even a handful of weeks ago, he thought we'd see more momentum. Today? He's singing a slightly different tune. One of his biggest worries now is China?in particular the strength of its economy and its sudden, surprise trade deficit last month. He's still looking for opportunities, as always, but I thought he'd be buying aggressively in this correction. He isn't. (Another manager I know thinks there is some juice left in the rally, as first-quarter earnings roll in. But she expects to turn more cautious after that.) 5. The bull market has just come so far, so fast. Too far? From the lows of two years ago, the S&P 500 has almost exactly doubled. By any measure, it's been a remarkable boom. The Russell 2000 index of smaller stocks has soared 130%. So has the S&P Mid Cap 400 index of medium-sized companies, taking it to a new record high. But look at the fundamentals. Over that time economic growth has been sluggish. The economy today is no bigger, in real terms, than it was three years ago. The true jobs picture remains a disaster, and far worse than the official data will tell you. Wages have been stagnant. Yes, companies have boosted profits?to near-record levels?by slashing costs. But how far can that take you? (Perhaps in the end there will just be one, very productive guy left with a job. It would be Apple's Steve Jobs, of course. But then, alas, he'd have to buy all those new iPads himself.) 6. There's no "margin of safety" left in stocks. While Wall Street was backing off a cliff Thursday morning, I was interviewing one of the brightest and most original thinkers in the market?James Montier, strategist for tony fund shop GMO and author of "Behavioral Finance." Mr. Montier pointed out that stocks are now so expensive, they leave investors with almost no "margin of safety" in case things go wrong. Anyone investing now, he said, is taking a big bet on sunny skies and plain sailing ahead. It can happen, but life is not always so kind. "We're not completely 'priced for perfection,' but we're not far off," Mr. Montier said. And, he added, the risk curve was wrong as well: Based on GMO's calculations, investors in small-cap stocks at these levels actually face worse returns than investors in large-cap stocks. As small caps are more volatile, they should offer better returns to compensate. (My full interview with Mr. Montier will be published on MarketWatch on Monday.) 7. Wall Street looks unappealing by the numbers. The dividend yield on the S&P 500 is well below 2%. According to data compiled by Yale economics professor Robert Shiller, stocks are a thumping 24 times cyclically-adjusted earnings. That's extremely high. The historical average is about 16. In the past, today's levels have been associated with bubbles and hot markets, and have generally been followed, sooner or later, by a correction. A similar conclusion is reached by comparing equity prices to the cost of replacing company assets, a metric known as "Tobin's q." It also says Wall Street is heavily overvalued. Maybe worst of all: It is just extremely hard to find any cheap stocks out there. If I saw some great bargains, I'd say, "Don't worry about the market, buy this terrific company on six times earnings." But these types of opportunities are so thin on the ground right now. No one measure has all the answers. But plenty of metrics are signaling, at least, caution. 8. The public was just starting to buy stocks again. Oh, brother. The U.S. private investor, who spent most of the 2009-10 rally getting out of stocks, started piling in again earlier this year. According to the Investment Company Institute, investors cashed out a net $31 billion from equity mutual funds between the start of March 2009 and the end of last year. But since Jan. 1, they have shoveled a net $33 billion back in. History has frequently shown that the public gets in?and out?at the wrong times, buying near peaks and selling near troughs. Is it happening again? I wish I felt better about this. 9. The insiders have been getting out. Executives and directors across the market have been cashing out stock at a fast clip. "The pace and volume of insider sales hit a four-year high during Q4 '10," reported InsiderScore, a firm that tracks such data. While many of the top brass may have been locking in capital gains before a possible tax hike in 2011, it said, the pace of insider selling actually speeded up after the December tax deal, which gave a last-minute reprieve on taxes. And that suggests "it was valuations and opportunity?not the Taxman?that were the main catalysts for the record surge in insider selling," said InsiderScore. "Each sector and market cap group experienced heavy selling." So far this year insider selling has remained at a strong pace, too. 10. Sentiment had become giddy. Jim Cramer on his TV show "Mad Money" has on occasion recently decried "all the negativity that's out there." I like Mr. Cramer, with whom I once worked, but he must be hanging out with an unusually gloomy group of people. I can hardly see any bears anywhere. They're in hiding from a two-year-old bull. As reported here not long ago, fund managers had turned downright euphoric about the stock market. Hedge fund managers are now once again betting heavily on rising stocks?and rising oil?with borrowed money. Equity analysts have been hiking their forecasts. Oh, and the hot stocks were back?like Salesforce.com, which recently hit 100 times forecast earnings. That's a hefty multiple for an $18 billion company. Whether Salesforce stock turns out well or ill over the longer term, you can hardly deny that its investors are cheerfully?some might say remarkably?optimistic. None of this is a reason to start panicking. But these are grounds for investors to be cautious. Write to Brett Arends at brett.arends at wsj.com From rforno at infowarrior.org Mon Mar 14 09:04:39 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 10:04:39 -0400 Subject: [Infowarrior] - Glossy 'Jihad Cosmo' combines beauty tips with suicide bombing advice Message-ID: <7C86757F-FFCF-4B66-A121-EA105C7D597E@infowarrior.org> http://www.dailymail.co.uk/news/article-1365806/Glossy-Jihad-Cosmo-combines-beauty-tips-suicide-bombing-advice.html Glossy 'Jihad Cosmo' combines beauty tips with suicide bombing advice By Daily Mail Reporter Last updated at 11:32 AM on 13th March 2011 Al-Qaeda has launched a women's magazine that mixes beauty and fashion tips with advice on suicide bombings. Dubbed 'Jihad Cosmo', the glossy magazine's front cover features the barrel of a sub-machine gun next to a picture a woman in a veil. There are exclusive interviews with martyrs' wives, who praise their husbands' decisions to die in suicide attacks. The slick, 31-page Al-Shamikha magazine - meaning The Majestic Woman - has advice for singletons on 'marrying a mujahideen'. Readers are told it is their duty to raise children to be mujahideen ready for jihad. And the 'beauty column' instructs women to stay indoors with their faces covered to keep a 'clear complexion'. They should 'not go out except when necessary' and wear a niqab for 'rewards by complying with the command of Allah Almighty'. A woman called Umm Muhanad hails her husband for his bravery after his suicide bombing in Afghanistan. And another article urges readers to give their lives for the Islamist cause. It advises: 'From martyrdom, the believer will gain security, safety and happiness.' More traditional content for a women's magazine includes features on the merits of honey facemasks, etiquette, first aid and why readers should avoid 'towelling too forcibly'. A trailer for the next issue promises tips on skin care - and how to wage electronic jihad. The magazine includes exclusive interviews with the wives of martyrs, who praise their husband's suicide missions. A beauty column instructs women to keep their faces covered and stay indoors (file picture) The first issue's editorial explains that the magazine's goal is to educate women and involve them in the war against the enemies of Islam. It says: Because women constitute half of the population - and one might even say that they are the population since they give birth to the next generation - the enemies of Islam are bent on preventing the Muslim woman from knowing the truth about her religion and her role, since they know all too well what would happen if women entered the field of jihad. 'The nation of Islam needs women who know the truth about their religion and about the battle and its dimensions and know what is expected of them.' The publication is being distributed online by the same Al-Qaeda media wing behind Inspire, a similarly slick magazine that encourages young Muslims in the West to commit terrorist atrocities. James Brandon at anti-extremism think tank Quilliam, said: 'Al-Qaeda see how effective magazines are at pushing the ideals of western culture and want to try the same thing. 'As a result they have come up with a jihadist's version of Cosmopolitan magazine.' From rforno at infowarrior.org Mon Mar 14 11:00:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 12:00:29 -0400 Subject: [Infowarrior] - Rush to Fix Quake-Damaged Undersea Cables Message-ID: ? TECHNOLOGY ? MARCH 14, 2011, 9:31 A.M. ET Rush to Fix Quake-Damaged Undersea Cables By OWEN FLETCHER And JURO OSAWA http://online.wsj.com/article/SB10001424052748704893604576199952421569210.html?mod=WSJ_hp_MIDDLTopStories BEIJING?Asia's major telecom operators scrambled Monday to eliminate the impact on their operations from damage to several submarine cables following the massive earthquake and tsunami in Japan. Many operators were reporting some disruptions in Internet access, though the partial restoration of service was accomplished by rerouting traffic over undamaged cables and via satellites. About half of the existing cables running across the Pacific are damaged and "a lot of people are feeling a little bit of slowing down of Internet traffic going to the United States," said Bill Barney, chief executive of Hong Kong-based cable-network operator Pacnet. He declined to name the damaged cables operated by other companies, but said Pacnet's cable system connecting Japan to the U.S. isn't damaged so far. Most international Internet-data and voice phone calls are transmitted as pulses of light via the hundreds of undersea fiber-optic cables. The cables, which can cost hundreds of millions of dollars, are typically owned by consortia of telecom companies, who share costs and capacity. While the clusters of glass fibers are enclosed in protective material, they remain vulnerable to undersea earthquakes, fishing trawlers and ship anchors. There are also many choke points around the globe, where a number of cables converge. While the extent of the damage to undersea cables is unclear and financial losses unknown, operators said they are undergoing an inspection and looking to expedite restoration. Pacnet aims to repair two damaged segments of its East Asia Crossing network connecting Japan to other parts of Asia, like Taiwan and Hong Kong, within five to seven days, Mr. Barney said. He played down concerns about any financial impact on Pacnet or regional telecom operators from the damaged cables. "It's in our business plan that our cables will break, typically you get cuts in cables anywhere from five to 10 times a year," even though the damage on land after Japan's earthquake has drawn extra attention, Mr. Barney said. Japanese telecom operator KDDI Corp. said on Monday that one of its undersea cables between Japan and the U.S. has been damaged by the earthquake and is unable to transmit any signals, but a spokesman said the company didn't know if the cable was cut or having connection problems.. The damaged part is far offshore and it may take a while for KDDI to identify and address the problem, but services are recovering after the quake, as the company can bypass the damaged part and use other cables instead, the spokesman said. Residents are dealing with a lack of rations in Northern Japan, as transportation equipment is hampered in the aftermath of Friday's quake. WSJ's Eric Bellman reports from Sendai. Pacific Crossing, a unit of Japan's NTT Communications Corp. that operates a cable network between Japan and the U.S., said on Monday that the Pacific Crossing PC-1 W and PC-1 N parts of its network remained out of service due to the earthquake. NTT Communications said that some of its services for enterprises were partially unavailable in Japan's Tohoku region, but that for submarine cables between Japan, other parts of Asia and the U.S., the company is using backup cable routes to maintain uninterrupted service. PCCW Ltd., the dominant broadband provider in Hong Kong, said Internet traffic to some international destinations, especially the U.S., is experiencing reduced speeds owing to several damaged cables that land in Japan. PCCW, which also provides broadband Internet in Hong Kong, but it didn't release details. The affected cables will be repaired in "the coming weeks," the company said in a statement. An official from Taiwan operator Chunghwa Telecom Co. said Friday the earthquake caused damage near Kita on the eastern coast of Japan to an undersea cable that belongs to the Asia Pacific Cable Network 2, which is owned by a consortium of 14 telecom operators led by AT&T Inc. AT&T didn't immediately reply to a request for comment. China Telecom Corp., China's largest fixed-line operator by subscribers, was making emergency repairs on Friday to undersea cables damaged by the earthquake, the state-run Xinhua news agency reported. The company said submarine fiber-optic cables connecting Japan and North America and a Pacific Crossing 1 cable near the city of Kitaibaraki, in Japan's northern Ibaraki Prefecture, were malfunctioning. A China Telecom spokeswoman wasn't immediately available to comment on Monday on the status of the repairs. China Mobile Ltd., the world's largest mobile carrier by accounts, said most of the company's services are operating normally despite a surge in calls to Japan, Xinhua reported. Telecom operator China Unicom Ltd. said most of its circuits had been repaired but cited connection problems with the network of Japan's NTT Communications, Xinhua reported. Several companies said they avoided significant service disruptions by rerouting data traffic, including South Korean telecom operator KT Corp., which said a cable that is part of the Japan-U.S. Cable Network was cut; SK Telink Corp., an affiliate of South Korean operator SK Telecom Co.; and Globe Telecom Inc. of the Philippines. Also in the Philippines, Bayan Telecommunications Inc. said the quake disrupted some of its digital-subscriber-line services. "Forty percent of our total capacity was affected?but we expect all to normalize within the day," said Bayan vice president for corporate brand and communications John Rojo. Some operators were unaffected. A spokeswoman for Australian operator Telstra Corp. said none of the company's undersea cable infrastructure was damaged. More than 5,000 people have been confirmed dead or missing because of the quake and ensuing tsunami, according to Kyodo News. Japanese Prime Minister Naoto Kan has called the earthquake and its aftermath the biggest crisis in Japan's post-war history. Write to Juro Osawa at juro.osawa at dowjones.com From rforno at infowarrior.org Mon Mar 14 12:39:59 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 13:39:59 -0400 Subject: [Infowarrior] - In cyberspace, a war over names Message-ID: In cyberspace, a war over names By: Michelle Quinn March 12, 2011 07:44 PM EDT http://dyn.politico.com/printstory.cfm?uuid=1A342EA1-0870-4367-825D-81C9C6408CA4 SAN FRANCISCO ? For those who value the free flow of information on the Internet, there?s only one thing more frightening than having the U.S. government control the Web. That would be having the United Nations in charge instead. The Internet Corporation for Assigned Names and Numbers opens its annual meeting here Monday, and its international board of experts will go about their jobs of mulling whether .love and .gay and .web should be added to existing domains like .com, .net and .biz. But they?ll carry out that work in the midst of a turf fight among the United States, other governments and free-speech advocates over who should have control of the domain process. For now, it?s ICANN, a California nonprofit the Clinton administration helped create in the early days of the Internet. But President Barack Obama?s Commerce Department has suggested that countries around the world retain veto power over new domain names. And countries such as China and Libya have suggested that the United Nations take control of the process. And that has some free-speech proponents alarmed. ?Domain names and numbers are one of the few chokeholds of free speech,? said Susan Crawford, a former special assistant to the Obama administration on science, technology and innovation policy. ?By having a government-led institution, it will immediately insert lowest-common-denominator speech demands into the decision-making process.? Recent events have heightened concerns about government control. Governments in Egypt and Libya blacked out parts of the Internet during recent protests. Meanwhile, the U.S. government?s seizure of more than 100 domain names of websites accused of copyright infringement has sparked cries of First Amendment violations here at home. The reason that control of the Internet?s addressing and numbering system is important is that, in the technical workings of cyberspace, you have to have a name and number to exist. The U.S. government is ?ganging up with other governments,? charged Milton Mueller, a professor at Syracuse University who has been involved in ICANN. ?The thing that?s concerning is that if ICANN makes some kind of deal, who will be cut out of the process? Will ICANN become a remote, bargaining game between this tiny board and a few powerful governments?? The irony is that the Internet was developed as part of a Department of Defense project some 40 years ago. In 1998, after Web browsers popularized the new medium, the Clinton administration helped set up Now, the governance of cyberspace is entering a new age. ?ICANN is embarking on the biggest change in its lifetime,? said Kim Davies, who is responsible for domain names at ICANN. ?Both ICANN and governments are grappling with what role they play.? Some lawmakers want to make sure the decisions don?t fall into the wrong hands. Rep. Mary Bono Mack (R-Calif.) spoke to those fears in January when she proposed a House resolution to fight any effort to push control of the Internet to the U.N. ?It has become increasingly clear that international governmental organizations, such as the United Nations, have aspirations to become the epicenter of Internet governance,? she said in a statement. ?And I?m going to do everything I can to make sure this never happens.? But others argue that ICANN?s model is out of step with the Internet?s growth and importance. With an estimated 2 billion people online, and more joining every day, running the Internet should be in the hands of an international, democratic body, they say. ?Humanity is looking at this small cabal that clearly works with the U.S. government and wields enormous power over the chief communication network, and they are saying this is not a participatory, democratic structure,? said Sascha Meinrath, director of New America Foundation?s Open Technology Initiative. ?And they are right.? In a series of meetings next week, ICANN will grapple with some of these issues as it seeks to create new real estate in the virtual world. Under ICANN?s proposal, new domain names could be almost anything ? companies such as .cannon or subjects such as .movie, .sex or .gay. That move has countries and business groups ruffled. Some governments object to .sex or .gay as morally offensive. Companies worry about diluting their brand and having to do battle with new competitors. The expansion will be the chief topic of ICANN?s weeklong meeting, which includes a public education session, committee meetings and public sound-off forums. Former President Bill Clinton is scheduled to speak Wednesday. The gathering culminates in an open board meeting Friday. The board is expected to address the new domain-name process and the results of its meetings with its government advisory committee. The board will probably decide on the creation of a new domain name, .xxx., which has been off and on the table since 2004. For the most part, the U.S. government, through the Department of Commerce, has not had a heavy hand with ICANN. But ICANN walks a delicate line over the perception that the U.S. has a special relationship with ICANN and an inappropriate control over the Internet. Recently, Commerce officials have sent mixed signals about ICANN?s autonomy, and some observers suggest that the U.S. is pressuring ICANN to be more responsive to government concerns to stop an effort by some governments to break away. Commerce recently proposed to ICANN?s board that a single government should have veto power over any new domain name application ?for any reason.? Members of ICANN?s government advisory committee rejected that proposal. But the question remains: How responsive should ICANN be to governmental concerns? In a February speech in Denver, Larry Strickling, an assistant secretary in Commerce, suggested that if ICANN did not give governments a seat at the table, they will block more, undermining the Internet?s entire workings. That ?will have impacts on Internet security as well as the free flow of information,? he said. This pressure has troubled some. ICANN ?wasn?t meant to be a government entity,? said David Johnson, a visiting professor at New York Law School who was involved in helping create the contracts that led to the creation of ICANN. ?If the government committee is purporting to set the rules directly, that?s a complete destruction of the original goals and may have a lot of problems with accountability and representative democracy.? But others say that the U.S. has to walk a fine line in order to keep the Internet open. To do that, ICANN has to give governments a voice and needs to be transparent about its decision making. ?The big picture is that the interest of the U.S. government and ICANN are aligned,? Crawford said. ?The model is a good one, and the U.S. is acting as a good steward.? ICANN appears to be gearing up for some sort of battle. For the first time, one of ICANN's officers applied to be a registered lobbyist. In his application, ICANN's Jamie Hedlund, vice president of government affairs, stated that among the issues he would work on would be education on "ICANN's private sector-led, bottom-up policy development model" and "preserving and enhancing the security and stability of the Internet's systems of unique identifiers, including the Domain Name System." From rforno at infowarrior.org Mon Mar 14 14:14:49 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 15:14:49 -0400 Subject: [Infowarrior] - Japan: Blofeld's Japanese volcano base erupts Message-ID: (as if the quake, tsunami, and nuclear issues aren't enough, right? ---- rick) Blofeld's Japanese volcano base erupts http://www.theregister.co.uk/2011/03/14/shinmoedake_eruption/ By Lester Haines ? Get more from this author Posted in Science, 14th March 2011 15:49 GMT The Japanese are certainly having a rough time of it, and following last Friday's devastating magitude 9.0 earthquake, Shinmoedake volcano on the southern island of Kyushu erupted yesterday. The volcano had been dormant for 52 years until showing signs of stirring in January. It's currently spewing ash and rock some 6,000ft into the air while a lava dome ominiously grows inside the crater. Shinmoedake is some 950 miles from the epicentre of last week's quake, and experts can't say whether or not its latest outpouring is as a result of that event. The mountain famously appeared in 1967 Bond outing You Only Live Twice, when it was the location of Blofeld's secret rocket base. Fans will recall it met an impressively pyrotechnic end at the hands of 007. ? From rforno at infowarrior.org Mon Mar 14 19:13:39 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 20:13:39 -0400 Subject: [Infowarrior] - Japan earthquake swarm - Google Earth animation Message-ID: <787BC932-709B-4677-8B98-0A3212EC45AA@infowarrior.org> Japan earthquake swarm Google Earth animation Quick video showing earthquakes in Japan between 9 March and 14 March. 1 hour ~ 1 second. Big one is around 1:17. http://bitsandpieces.us/2011/03/14/japan-earthquake-swarm-google-earth-animation/ From rforno at infowarrior.org Mon Mar 14 21:26:14 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 14 Mar 2011 22:26:14 -0400 Subject: [Infowarrior] - Japan Faces Prospect of Nuclear Catastrophe as Workers Leave Plan Message-ID: <6C576189-540C-4FFB-9721-B56A9E3712BD@infowarrior.org> Japan Faces Prospect of Nuclear Catastrophe as Workers Leave Plant By HIROKO TABUCHI, KEITH BRADSHER and MATTHEW L. WALD This article is by Hiroko Tabuchi, Keith Bradsher and Matthew L. Wald. http://www.nytimes.com/2011/03/15/world/asia/15nuclear.html?hp=&pagewanted=print TOKYO ? Japan faced the likelihood of a catastrophic nuclear accident Tuesday morning, as an explosion at the most crippled of three reactors at the Fukushima Daichi Nuclear Power Station damaged its crucial steel containment structure, emergency workers were withdrawn from the plant, and much larger emissions of radioactive materials appeared immiment, according to official statements and industry executives informed about the developments. Japanese Prime Minsiter Naoto Kan made a televised address to the nation at 11 a.m. Tokyo time to discuss the latest developments in the crisis. The sharp deterioration came after government officials said the containment structure of the No. 2 reactor, the most seriously damaged of three reactors at the Daichi plant, had suffered damage during an explosion shortly after 6 a.m. on Tuesday. They initially suggested that the damage was limited and that emergency operations aimed at cooling the nuclear fuel at three stricken reactors with seawater would continue. But industry executives said that in fact the situation had spiraled out of control and that all plant workers needed to leave the plant to avoid excessive exposure to radioactive leaks. If all workers do in fact leave the plant, the nuclear fuel in all three reactors is likely to melt down, which would lead to wholesale releases of radioactive material ? by far the largest accident of its kind since the Chernobyl disaster 25 years ago. Reports of an imminent worsening of the problem came after a frantic day and night of rescue efforts focused largely on the No. 2 reactor. There, a malfunctioning valve prevented workers from manually venting the containment vessel to release pressure and allow fresh seawater to be injected into it. That meant that the extraordinary remedy emergency workers have been using to keep the nuclear fuel from overheating no longer worked. As a result, the nuclear fuel in that reactor was exposed for many hours, increasing the risk of a breach of the container vessel and a more dangerous emissions of radioactive particles. By Tuesday morning, the plant?s operator, Tokyo Electric Power, said it had fixed the valve and resumed seawater injections, but that they had detected possible leaks in the containment vessel that prevented water from fully covering the fuel rods. Then the explosion hit the same reactor. The operator initially reported the the blast may have damaged the bottom part of the container vessel, but later said radiation levels had not risen high enough to suggest a major escalatiion of the problem. While they did not immediately provide a detailed account of what happened at the reactor, government and company officials initially ruled out a serious breach that could lead to massive radioactive leaks or a full meltdown of the nuclear fuel. Even if a full meltdown is averted, Japanese officials have been facing unpalatable options. One was to continue flooding the reactors and venting the resulting steam, while hoping that the prevailing winds, which have headed across the Pacific, did not turn south toward Tokyo or west, across northern Japan to the Korean Peninsula. The other was to hope that the worst of the overheating was over, and that with the passage of a few more days the nuclear cores would cool enough to essentially entomb the radioactivity inside the plants, which clearly will never be used again. Both approaches carried huge risks. While Japanese officials made no comparisons to past accidents, the release of an unknown quantity of radioactive gases and particles ? all signs that the reactor cores were damaged from at least partial melting of fuel ? added considerable tension to the effort to cool the reactors. ?It?s way past Three Mile Island already,? said Frank von Hippel, a physicist and professor at Princeton. ?The biggest risk now is that the core really melts down and you have a steam explosion.? Hiroko Tabuchi reported from Tokyo, Keith Bradsher from Hong Kong and Matthew L. Wald from Washington. From rforno at infowarrior.org Tue Mar 15 06:55:27 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 07:55:27 -0400 Subject: [Infowarrior] - France's ASN: Fukushima is 6 on a 7-point scale of gravity Message-ID: <9BEA67F5-646F-4104-9DE1-7608D321E696@infowarrior.org> Japan's Fukushima six on seven-point scale of gravity - watchdog The accident at Japan's Fukushima Daiichi plant now rates six on seven-point international scale of gravity for nuclear accidents, Andre-Claude Lacoste, head of France's Nuclear Safety Authority (ASN), said on Tuesday. The 1979 accident at Three Mile Island in Pennsylvania rates five on an international scale of zero to seven, while Chernobyl is put at seven, the highest. Japan's nuclear safety agency has estimated the accident at Fukushima at level four. "The incident has taken on a completely different dimension compared to yesterday. It is clear that we are at level six," Lacoste told a press conference. "The order of gravity has changed," he said. Source URL: http://www.deccanchronicle.com/channels/world/japans-fukushima-six-seven-point-scale-gravity-watchdog-335 From rforno at infowarrior.org Tue Mar 15 07:00:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 08:00:46 -0400 Subject: [Infowarrior] - Obama admin calls for more ICANN accountability Message-ID: March 14, 2011 8:50 PM PDT Obama admin calls for more ICANN accountability by Declan McCullagh http://news.cnet.com/8301-31921_3-20043160-281.html?part=rss&subj=news&tag=2547-1_3-0-20 The Obama administration today called for improvements in the mechanisms used to oversee Internet domain names, saying changes are needed to make the process more "accountable" and "transparent." Larry Strickling, a Commerce Department assistant secretary, said that the California nonprofit group created in 1998 to oversee these functions--the Internet Corporation for Assigned Names and Numbers, or ICANN--"needs" to do more to explain the reasoning for its decisions and to heed the advice of national governments. "We still have work to do to make the reality of ICANN meet the vision," said Strickling, who heads the department's National Telecommunications and Information Administration (NTIA). In some areas, he said ICANN's efforts "remain incomplete." Strickling's comments follow a rare and unprecedented public rift between ICANN and national governments over the rules for approving new top-level domain names. Hundreds of applications for these suffixes are expected later this year, once the process has been finalized, including bids for .car, .love, .movie, .web, and .wine. (See CNET's Q&A with the backers of .gay.) During a public meeting of ICANN's board this week in San Francisco, tomorrow and Thursday have been set aside for what's being called a "consultation" with national governments. A statement from earlier this month listed 23 points of disagreement, including how much influence nations will enjoy when objecting to proposed suffixes, and how much power trademark holders will have to monitor new domain names registered under those suffixes. ICANN has rejected both proposals, saying that the former will lead to "ad hoc changes to the evaluation process based on subjective assessments." This process, Strickling said, is not working very well. One question, he said, is "whether governments collectively can operate within the paradigm of (ICANN's) multi-stakeholder environment and be satisfied that their interests are being addressed." He said ICANN had not responded appropriately to an April 2010 accountability review. The question, he said, is "whether the ICANN board and management have the discipline and willpower to embrace and implement these recommendations in a serious and meaningful way now." He added: "ICANN needs to do more to engage governments." Lending the Obama administration additional bargaining power over iCANN is a public notice (PDF) that NTIA recently released. The notice asks for questions about whether the contract to oversee Internet addresses--currently held by ICANN and expiring on September 30, 2011--should be revisited. Comments are due at the end of this month. On the other hand, Strickling pointedly refused to go as far as some of ICANN's more vocal critics and stressed that the organization should be reformed from within rather than be replaced. "The United States is most assuredly opposed to establishing a governance structure for the Internet that would be managed and controlled by nation-states," he said, a point that NTIA echoed via Twitter. That's a reference to a push by some governments to divest ICANN of domain name authority and hand it to a United Nations agency such as the International Telecommunication Union. Last year, China and its allies objected to the fact that "unilateral control of critical Internet resources" had been given to ICANN, suggesting instead that the U.N. would be a better fit. According to a transcript (PDF) of a meeting in Brussels a few weeks ago, Kenya's representative threatened that, without some changes, developing countries "will take another direction--and I can tell you they will just go to the ITU." Representatives of national governments on ICANN's Governmental Advisory Committee, or GAC, rejected a proposal from the United States that would have given them a veto over new top-level domains. But they are nevertheless seeking more influence over the process, saying that "additional scrutiny and conditions should apply" to suffixes such as .bank, and that the possibility of future "market power" should be taken into account. They also want the ability to object to proposed suffixes without paying. The theme of prodding ICANN to be more open and responsive was picked up by two other speakers during today's San Francisco meeting: Ira Magaziner, the Clinton White House aide who was deeply involved in the group's birth, and Vint Cerf, the computer scientist who was once ICANN's board and is now a vice president at Google. ICANN should "strive to increase the transparency of and to explain the rationale for policy decisions arising out of any board deliberations," Cerf said. "I think that process could be refined substantially." Magaziner's recommendations for ICANN included focusing, in a frugal and humble way, on a "technical mission." ICANN's board and staff, he said, "must avoid trying to build an empire." (That could be a reference to ICANN's annual revenues, which topped (PDF) $65 million for the 2010 fiscal year, or to the fact that its president receives approximately $1 million a year in compensation.) For his part, ICANN President Rod Beckstrom said the board is preparing to enter into this week's negotiations with national governments in a "collegial spirit of engagement." "We intend to fulfill and, wherever possible, exceed our obligations under the affirmation of commitments--subject to receiving appropriate resources," Beckstrom said. From rforno at infowarrior.org Tue Mar 15 08:06:19 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 09:06:19 -0400 Subject: [Infowarrior] - Japan earthquake: disaster by numbers Message-ID: Japan earthquake: disaster by numbers The earthquake and tsunami that has struck Japan has left a trial of devastation and sparked fears of a nuclear disaster. Here is a look at the disaster by numbers as of Tuesday lunchtime. By Andrew Hough, and Martin Evans 12:45PM GMT 15 Mar 2011 http://www.telegraph.co.uk/news/worldnews/asia/japan/8383218/Japan-earthquake-disaster-by-numbers.html 2,414 ? Number of people confirmed dead. 10,000 ? Likely final death toll figure is set to reach beyond that mark. 15,000 - Number of people unaccounted for. 50 ? Number of Britons missing, presumed dead. 550,000 ? Evacuated from their homes since the quake struck on Friday. 215,000 ? People sheltering in makeshift rescue centres in the worst hit areas. Two ? Number of people found alive in rubble four days after quake. ?387 billion ? amount wiped off Nikkei 225 stock market in 2 days. 16 per cent - The amount the Japanese market has fallen over two days. Three per cent ? The amount the FTSE100 has fallen in early trading Tuesday. ? 100 billion ? Estimated total repair bill. 400 millisieverts (mSv )? Radiation levels recorded every hour near No. 4 reactor at Fukushima Daiichi. 100 mSv - Exposure in a year which can lead to cancer. 2 mSv ? Natural amount of radiation people exposed to in a year. 20 times - the annual exposure for some nuclear-industry employees and uranium miners. 350 mSv - criterion for relocating people after the Chernobyl accident. Four ? Total number of reactors at Fukushima that have overheated and exploded out of six. Six- Scale of gravity out of total seven, given for Fukushima plant by the French Nuclear Safety Authority, France?s Nuclear watchdog. The 1979 accident at Three Mile Island rates five while Chernobyl is put at seven. 20 km (12 miles) ? The size of the exclusion zone set up around the Fukushima nuclear power station. 200,000 ? Number of people evacuated from the exclusion zone around crippled nuclear plant. 140,000 ? Number of people living six miles beyond exclusion zone warned to stay indoors amid radiation threats. 750 - Number of workers evacuated from the plant since Tuesday. 1,650 ? People tested for radioactive contamination. 19 miles ? Area of no-fly zone imposed around the reactors. 155 miles - Distance from plant that radiation levels have been detected in Tokyo. 10 times - Radiation level in the Japanese capital reported above normal. 22 trillion yen (?166bn) ? Record amount The Bank of Japan made available to banks on Monday. ?3 ? The fall in the price of benchmark Brent crude oil on Tuesday. 100,000 ? Number of Japanese soldiers sent to the affected region to assist with the growing humanitarian crisis. 2,050 ? Number of evacuation centres set up in north east Japan. 5 million ? Homes left without power. 1.5 million ? People without access to water. 76,000 - Number of buildings damaged. 6,300 - Number of buildings completely destroyed. 4,700 ? Calls received by the Foreign and Commonwealth Office from concerned relatives about missing Britons. 9.0 ?Magnitude of Friday?s quake. 8.2 ? The magnitude of earthquake the Fukushima nuclear plant was designed to withstand. 9.8 ? The number of inches the earth was thrown off its axis by the powerful quake. 7.8 ? In feet, the amount Japan was shifted from its normal position. 1,000 ? The number of times more powerful the earthquake was than the recent one that devastated Christchurch in New Zealand. 102 ? Number of countries offering ?assistance?. 63 ? Members of UK search and rescue team dispatched to Japan to assist with relief mission. Sources: Telegraph/Reuters/AFP/AP/Bloomberg From rforno at infowarrior.org Tue Mar 15 08:07:42 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 09:07:42 -0400 Subject: [Infowarrior] - Adobe Flash suffers from 'critical' new zero-day hack Message-ID: <29B9E9B6-EF2F-48D2-A59D-F0A1A7D4524F@infowarrior.org> Adobe Flash suffers from 'critical' new zero-day hack updated 07:25 am EDT, Tue March 15, 2011 Patch inbound for affected platform, eventually http://www.electronista.com/articles/11/03/15/patch.inbound.for.affected.platform.eventually/ Adobe has published another security advisory after the discovery of a ?critical vulnerability? in Adobe Flash Player 10.2.152.33 and earlier versions across all major platforms including Windows, Macintosh, Linux, Solaris and Android mobile devices. According to Adobe, the Zero-Day exploit is being deployed in the wild in ?targeted attacks? through a Flash (.swf) file embedded in a Microsoft Excel file delivered as an email attachment. Adobe reports that it is ?finalizing a fix for the issue,? but does not expect to have the hole patched until the ?week of March 21.? Adobe explains that the exploit can cause a system crash followed by the attacker taking control of compromised systems remotely. In the meantime, users should exercise extreme caution when receiving emails with any type of Flash file embedded within it. Given the popularity of the Flash platform, it would seem that this could be a somewhat difficult situation to manage. Unlike Android devices, Apple?s iOS devices continue to eschew Flash, and are among the few devices immune from this latest security flaw. Apple also recently took the step of removing Flash as a standard install on some of its notebook lines. Steve Jobs has been publicly critical of security vulnerabilities in Flash as well as stability issues with the plug-in. He has also been critical of the length of time that Adobe has taken to issue patches to correct these types of issues. [via Yahoo!] From rforno at infowarrior.org Tue Mar 15 08:13:53 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 09:13:53 -0400 Subject: [Infowarrior] - SXSW 2011: The internet is over Message-ID: http://www.guardian.co.uk/technology/2011/mar/15/sxsw-2011-internet-online/print SXSW 2011: The internet is over Oliver Burkeman went to Texas to the South by Southwest festival of film, music and technology, in search of the next big idea. After three days he found it: the boundary between 'real life' and 'online' has disappeared ? Oliver Burkeman ? The Guardian, Tuesday 15 March 2011 If my grandchildren ever ask me where I was when I realised the internet was over ? they won't, of course, because they'll be too busy playing with the teleportation console ? I'll be able to be quite specific: I was in a Mexican restaurant opposite a cemetery in Austin, Texas, halfway through eating a taco. It was the end of day two of South by Southwest Interactive, the world's highest-profile gathering of geeks and the venture capitalists who love them, and I'd been pursuing a policy of asking those I met, perhaps a little too aggressively, what it was exactly that they did. What is "user experience", really? What the hell is "the gamification of healthcare"? Or "geofencing"? Or "design thinking"? Or "open source government"? What is "content strategy"? No, I mean, like, specifically? The content strategist across the table took a sip of his orange-coloured cocktail. He looked slightly exasperated. "Well, from one perspective, I guess," he said, "it's kind of everything." This, for outsiders, is the fundamental obstacle to understanding where technology culture is heading: increasingly, it's about everything. The vaguely intimidating twentysomethings who prowl the corridors of the Austin Convention Centre, juggling coffee cups, iPad 2s and the festival's 330-page schedule of events, are no longer content with transforming that part of your life you spend at your computer, or even on your smartphone. This is not just grandiosity on their part. Rather ? and this is a technological point, but also a philosophical one ? they herald the final disappearance of the boundary between "life online" and "real life", between the physical and the virtual. It thus requires only a small (and hopefully permissible) amount of journalistic hyperbole to suggest that the days of "the internet" as an identifiably separate thing may be behind us. After a few hours at South by Southwest (SXSW), the 330-page programme in my bag started triggering shoulder aches, but to be honest it was a marvel of brevity: after all, the festival was pretty much about everything. We've been hearing about this moment in digital history since at least 1988, when the Xerox technologist Mark Weiser coined the term "ubiquitous computing", referring to the point at which devices and systems would become so numerous and pervasive that "technology recedes into the background of our lives". (To be fair, Weiser also called this "the age of calm technology", implying a serenity that the caffeinated, Twitter-distracted masses in Austin this week didn't seem yet to have attained.) And it's almost a decade since annoying tech-marketing types started using "mobile" as an abstract noun, referring to the end of computing as a desktop-only affair. But the arrival of the truly ubiquitous internet is something new, with implications both thrilling and sinister ? and it has a way of rendering many of the questions we've been asking about technology in recent years almost meaningless. Did social media cause the recent Arab uprisings? Is the web distracting us from living? Are online friendships as rich as those offline? When the lines between reality and virtuality dissolve, both sides of such debates are left looking oddly anachronistic. Here, then, is a short tour of where we might be headed instead: Web 3.0 "Big ideas are like locomotives," says Tim O'Reilly, a computer book publisher legendary among geeks, embarking on one of the grand metaphors to which the headline speakers at SXSW seem invariably prone. "They pull a train, and the train's gotta be going somewhere lots of people want to go." The big idea O'Reilly is touting is "sensor-driven collective intelligence", but since he coined the term "Web 2.0", he seems resigned to people labelling this new phase "Web 3.0". If Web 2.0 was the moment when the collaborative promise of the internet seemed finally to be realised ? with ordinary users creating instead of just consuming, on sites from Flickr to Facebook to Wikipedia ? Web 3.0 is the moment they forget they're doing it. When the GPS system in your phone or iPad can relay your location to any site or device you like, when Facebook uses facial recognition on photographs posted there, when your financial transactions are tracked, and when the location of your car can influence a constantly changing, sensor-driven congestion-charging scheme, all in real time, something has qualitatively changed. You're still creating the web, but without the conscious need to do so. "Our phones and cameras are being turned into eyes and ears for applications," O'Reilly has written. "Motion and location sensors tell where we are, what we're looking at, and how fast we're moving . . . Increasingly, the web is the world ? everything and everyone in the world casts an 'information shadow', an aura of data, which when captured and processed intelligently, offers extraordinary opportunity and mindbending implications." Alarming ones, too, of course, if you don't know exactly what's being shared with whom. Walking past a bank of plasma screens in Austin that were sputtering out tweets from the festival, I saw the claim from Marissa Mayer, a Google vice-president, that credit card companies can predict with 98% accuracy, two years in advance, when a couple is going to divorce, based on spending patterns alone. She meant this to be reassuring: Google, she explained, didn't engage in such covert data-mining. (Deep inside, I admit, I wasn't reassured. But then Mayer probably already knew that.) The game layer Depending on your degree of immersion in the digital world, it's possible that you've never heard the term "gamification" or that you're already profoundly sick of it. From a linguistic point of view, the word should probably be outlawed ? perhaps we could ban "webinar" at the same time? ? but as a concept it was everywhere in Austin. Videogame designers, the logic goes, have become the modern world's leading experts on how to keep users excited, engaged and committed: the success of the games industry proves that, whatever your personal opinion of Grand Theft Auto or World of Warcraft. So why not apply that expertise to all those areas of life where we could use more engagement, commitment and fun: in education, say, or in civic life, or in hospitals? Three billion person-hours a week are spent gaming. Couldn't some of that energy be productively harnessed? This sounds plausible until you start to demand details, whereupon it becomes extraordinarily hard to grasp what this might actually mean. The current public face of gamification is Jane McGonigal, author of the new book Reality Is Broken: Why Games Make Us Better And How They Can Change The World, but many of her prescriptions are cringe-inducing: they seem to involve redefining aid projects in Africa as "superhero missions", or telling hospital patients to think of their recovery from illness as a "multiplayer game". Hearing how McGonigal speeded her recovery from a serious head injury by inventing a "superhero-themed game" called SuperBetter, based on Buffy the Vampire Slayer, in which her family and friends were players helping her back to health, I'm apparently supposed to feel inspired. Instead I feel embarrassed and a little sad: if I'm ever in that situation, I hope I won't need to invent a game to persuade my family to care. A different reaction results from watching a manic presentation by Seth Priebatsch, the 22-year-old Princeton dropout who is this year's leading victim of what the New York Times has labelled "Next Zuckerberg Syndrome", the quest to identify and invest in tomorrow's equivalent of the billionaire Facebook founder. Priebatsch's declared aim is to "build a game layer on top of the world" ? which at first seems simply to mean that we should all use SCVNGR, his location-based gaming platform that allows users to compete to win rewards at restaurants, bars and cinemas on their smartphones. (You can practically hear the marketers in the room start to salivate when he mentions this.) But Priebatsch's ideas run deeper than that, whatever the impression conveyed by his bright orange polo shirt, his bright orange-framed sunglasses, and his tendency to bounce around the stage like a wind-up children's toy. His take on the education system, for example, is that it is a badly designed game: students compete for good grades, but lose motivation when they fail. A good game, by contrast, never makes you feel like you've failed: you just progress more slowly. Instead of giving bad students an F, why not start all pupils with zero points and have them strive for the high score? This kind of insight isn't unique to the world of videogames: these are basic insights into human psychology and the role of incentives, recently repopularised in books such as Freakonomics and Nudge. But that fact, in itself, may be a symptom of the vanishing distinction between online and off ? and it certainly doesn't make it wrong. The dictator's dilemma Not long ago, according to the new-media guru Clay Shirky, the Sudanese government set up a Facebook page calling for a protest against the Sudanese government, naming a specific time and place ? then simply arrested those who showed up. It was proof, Shirky argues, that social media can't be revolutionary on its own. "The reason that worked is that nobody knew anybody else," he says. "They thought Facebook itself was trustworthy." This is one of many counterintuitive impacts that the internet has wrought on the politics of protest. But perhaps the most powerful is the one that Shirky ? himself a prominent evangelist for the democratic power of services such as Twitter and Facebook ? labels "the dictator's dilemma". Authoritarian leaders and protesters alike can exploit the power of the internet, Shirky concedes. (At least he notes the risks: in another session at the conference, I watch dumbstruck as a consultant on cyber-crimefighting speaks with undisguised joy about how much information the police could glean from Facebook, in order to infiltrate communities where criminals might lurk. Asked about privacy concerns, she replies: "Yeah ? we'll have to keep an eye on that.") But there's a crucial asymmetry, Shirky goes on. The internet is now such a pervasive part of so many people's lives that blocking certain sites, or simply turning the whole thing off ? as leaders in Bahrain, Egypt and elsewhere have recently tried to do ? can backfire completely, angering protesters further and, from a dictator's point of view, making matters worse. "The end state of connectivity," he argues, "is that it provides citizens with increased power." The road to that end state won't be smooth. But the compensatory efforts of the authorities to harness the internet for their own ends will never fully compensate. Either they must allow dissenters to organise online, or ? by cutting off a resource that's crucial to their daily lives ? provoke them to greater fury. Biomimicry comes of age The search engine AskNature describes itself as "the world's first digital library of Nature's solutions", and to visit it is to experience the curious, rather disorienting sensation of Googling the physical universe. Ask it some basic question ? how to keep warm, say, or float in water, or walk on unstable ground ? and it will search its library for solutions to the problem that nature has already found. The idea of "biomimicry" is certainly not new: for much of the past decade, the notion of borrowing engineering solutions from the natural world has inspired architects, industrial designers and others. Austin is abuzz with examples. "Nissan, right now, is developing swarming cars based on the movements of schooling fish," says Chris Allen of the Biomimicry Institute. Fish follow ultra-simple mathematical rules, he explains, to ensure that they never collide with each other when swimming in groups. Borrow that algorithm for navigating cars and a new solution to congestion and road accidents presents itself: what if, in heavy traffic, auto-navigated cars could be programmed to avoid each other while continuing forwards as efficiently as possible? The Bank of England, he adds, is currently consulting biologists to explore ways in which organic immune systems might inspire reforms to the financial system to render it immune to devastating crises. "And what we're looking for now," Allen says cryptically, "is an interactive technology inspired by snakes." 'We are meant to pulse' Until recently, the debate over "digital distraction" has been one of vested interests: authors nostalgic for the days of quiet book-reading have bemoaned it, while technology zealots have dismissed it. But the fusion of the virtual world with the real one exposes both sides of this argument as insufficient, and suggests a simpler answer: the internet is distracting if it stops you from doing what you really want to be doing; if it doesn't, it isn't. Similarly, warnings about "internet addiction" used to sound like grandparental cautions against the evils of rock music; scoffing at the very notion was a point of pride for those who identified themselves with the future. But you can develop a problematic addiction to anything: there's no reason to exclude the internet, and many real geeks in Austin (as opposed to the new-media gurus who claim to speak for them) readily concede they know sufferers. One of the most popular talks at the conference, touching on these subjects, bore the title Why Everything Is Amazing And Nobody Is Happy. A related danger of the merging of online and offline life, says business thinker Tony Schwartz, is that we come to treat ourselves, in subtle ways, like computers. We drive ourselves to cope with ever-increasing workloads by working longer hours, sucking down coffee and spurning recuperation. But "we were not meant to operate as computers do," Schwartz says. "We are meant to pulse." When it comes to managing our own energy, he insists, we must replace a linear perspective with a cyclical one: "We live by the myth that the best way to get more work done is to work longer hours." Schwartz cites research suggesting that we should work in periods of no greater than 90 minutes before seeking rest. Whatever you might have been led to imagine by the seeping of digital culture into every aspect of daily life ? and at times this week in Austin it was easy to forget this ? you are not, ultimately, a computer. From rforno at infowarrior.org Tue Mar 15 08:17:17 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 09:17:17 -0400 Subject: [Infowarrior] - Former NSA, CIA Chief: Declassify Cyber Vulnerabilities Message-ID: (Amen!! --- rick) Former NSA, CIA Chief: Declassify Cyber Vulnerabilities ? By Kevin Poulsen ? March 14, 2011 | ? 6:48 pm | ? Categories: Sunshine and Secrecy http://www.wired.com/threatlevel/2011/03/hayden-cyber/ The former head of America?s most powerful and secretive intelligence agencies thinks the U.S. government classifies too much information on cybersecurity vulnerabilities. ?Let me be clear: This stuff is overprotected,? writes retired four-star Gen. Michael Hayden, in the new issue of the Air Force?s Strategic Studies Quarterly. ?It is far easier to learn about physical threats from U.S. government agencies than to learn about cyberthreats.? Hayden knows something about secrets. The director of the National Security Agency from 1999 to 2005, it was Hayden who implemented President George W. Bush?s secret warrantless wiretapping program. He went on to head the CIA until his retirement in 2008. Now at the Chertoff Group, Hayden emerged to attack WikiLeaks over its publication of U.S. military and diplomatic secrets last year. But for a top spook, Hayden always had a unexpected soft spot for transparency. Until the Sept. 11 attacks turned government secrecy into a fetish, Hayden had been nudging NSA toward a bit of glasnost. And at his confirmation hearings for the CIA role, he admitted: ?I do think we overclassify, and I think it?s because we got bad habits.? Now those habits are keeping the government from educating the public about the sorry state of cyber security, he writes. "In the popular culture, the availability of 10,000 applications for my smart phone is viewed as an unalloyed good. It is not ? since each represents a potential vulnerability. But if we want to shift the popular culture, we need a broader flow of information to corporations and individuals to educate them on the threat. To do that we need to recalibrate what is truly secret. Our most pressing need is clear policy, formed by shared consensus, shaped by informed discussion, and created by a common body of knowledge. With no common knowledge, no meaningful discussion, and no consensus ? the policy vacuum continues. This will not be easy, and in the wake of WikiLeaks it will require courage; but, it is essential and should itself be the subject of intense discussion. Who will step up to lead?" The statement is part of Hayden?s introduction to the spring edition of Strategic Studies Quarterly, which explores the strategic issues of cyberwar. From rforno at infowarrior.org Tue Mar 15 08:24:58 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 09:24:58 -0400 Subject: [Infowarrior] - As Library E-Books Live Long, Publisher Sets Expiration Date Message-ID: March 14, 2011 As Library E-Books Live Long, Publisher Sets Expiration Date By JULIE BOSMAN http://www.nytimes.com/2011/03/15/business/media/15libraries.html?_r=1&hp=&pagewanted=print Imagine the perfect library book. Its pages don?t tear. Its spine is unbreakable. It can be checked out from home. And it can never get lost. The value of this magically convenient library book ? otherwise known as an e-book ? is the subject of a fresh and furious debate in the publishing world. For years, public libraries building their e-book collections have typically done so with the agreement from publishers that once a library buys an e-book, it can lend it out, one reader at a time, an unlimited number of times. Last week, that agreement was upended by HarperCollins Publishers when it began enforcing new restrictions on its e-books, requiring that books be checked out only 26 times before they expire. Assuming a two-week checkout period, that is long enough for a book to last at least one year. What could have been a simple, barely noticed change in policy has galvanized librarians across the country, many of whom called the new rule unfair and vowed to boycott e-books from HarperCollins, the publisher of Doris Lessing, Sarah Palin and Joyce Carol Oates. ?People just felt gobsmacked,? said Anne Silvers Lee, the chief of the materials management division of the Free Library of Philadelphia, which has temporarily stopped buying HarperCollins e-books. ?We want e-books in our collections, our customers are telling us they want e-books, so I want to be able to get e-books from all the publishers. I also need to do it in a way that is not going to be exorbitantly expensive.? But some librarians said the change, however unwelcome, had ignited a public conversation about e-books in libraries that was long overdue. While librarians are pushing for more e-books to satisfy demand from patrons, publishers, with an eye to their bottom lines, are reconsidering how much the access to their e-books should be worth. ?People are agitated for very good reasons,? said Roberta Stevens, the president of the American Library Association. ?Library budgets are, at best, stagnant. E-book usage has been surging. And the other part of it is that there is grave concern that this model would be used by other publishers.? Even in the retail marketplace, the question of how much an e-book can cost is far from settled. Publishers resisted the standard $9.99 price that Amazon once set on many e-books, and last spring, several major publishers moved to a model that allows them set their own prices. This month, Random House, the lone holdout among the six biggest trade publishers, finally joined in switching to the agency model. Now many newly released books are priced from $12.99 to $14.99, while discounted titles are regularly as low as $2.99. HarperCollins, in its defense, pointed out that its policy for libraries was a decade old, made long before e-books were as popular as they are today. The new policy applies to newly acquired books. ?We have serious concerns that our previous e-book policy, selling e-books to libraries in perpetuity, if left unchanged, would undermine the emerging e-book ecosystem, hurt the growing e-book channel, place additional pressure on physical bookstores, and in the end lead to a decrease in book sales and royalties paid to authors,? the company said in a statement. It is still a surprise to many consumers that e-books are available in libraries at all. Particularly in the last several years, libraries have been expanding their e-book collections, often through OverDrive, a large provider of e-books to public libraries and schools. Nationwide, some 66 percent of public libraries offer free e-books to their patrons, according to the American Library Association. For many libraries, interest from patrons who want to check out e-books has been skyrocketing. At the New York Public Library, e-book use is 36 percent higher than it was only one year ago. Demand has been especially strong since December, several librarians said, because e-readers were popular holiday gifts. ?As our readership goes online, our materials dollars are going online,? said Christopher Platt, the director of collections and circulating operations for the New York Public Library. In borrowing terms, e-books have been treated much like print books. They are typically available to one user at a time, often for a seven- or 14-day period. But unlike print books, library users don?t have to show up at the library to pick them up ? e-books can be downloaded from home, onto mobile devices, personal computers and e-readers, including Nooks, Sony Readers, laptops and smartphones. (Library e-books cannot be read on Amazon?s Kindle e-reader.) After the designated checkout period, the e-book automatically expires from the borrower?s account. The ease with which e-books can be borrowed from libraries ? potentially turning e-book buyers into e-book borrowers ? makes some publishers uncomfortable. Simon & Schuster and Macmillan, two of the largest trade publishers in the United States, do not make their e-books available to libraries at all. ?We are working diligently to try to find terms that satisfy the needs of the libraries and protect the value of our intellectual property,? John Sargent, the chief executive of Macmillan, said in an e-mail. ?When we determine those terms, we will sell e-books to libraries. At present we do not.? And those publishers that do make their e-books available in libraries said that the current pricing agreements might need to be updated. Random House, for example, has no immediate plans to change the terms of its agreements with libraries, said Stuart Applebaum, a spokesman for the publisher, but has not ruled it out in the future. ?Anything we institute ahead we?d really want to talk through with the community and together understand what makes sense for us both,? Mr. Applebaum said. ?We?re open to changes in the future which are in reasonable step with the expectations and realities of the overall library communities.? Publishers are nervous that e-book borrowing in libraries will cannibalize e-book retail sales. They also lose out on revenue realized as libraries replace tattered print books or supplement hardcover editions with paperbacks, a common practice. Sales to libraries can account for 7 to 9 percent of a publisher?s overall revenue, two major publishers said. But e-books have downsides for libraries, too. Many libraries dispose of their unread books through used-book sales, a source of revenue that unread e-books can?t provide. The American Library Association has assembled two task forces to study the issue. Even among the librarians who have stopped buying HarperCollins e-books, many said that there might have to be a compromise. ?I can see their side of it,? said Lisa Sampley, the collection services manager in the Springfield-Greene County Library District in Springfield, Mo. ?I?m hoping that if other publishers try to change the model, they think about the libraries and how it will affect us. But I?m sure there is some kind of model that could work for us both.? From rforno at infowarrior.org Tue Mar 15 10:37:19 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 11:37:19 -0400 Subject: [Infowarrior] - Candidates emerge to replace Mueller at FBI Message-ID: Candidates emerge to replace Mueller at FBI By Jerry Markon, Tuesday, March 15, 7:08 AM http://www.washingtonpost.com/politics/candidates-emerge-to-replace-mueller-at-fbi/2011/03/14/ABgHeaW_print.html The jockeying over who will replace FBI Director Robert S. Mueller III has begun, with FBI agents urging that President Obama select the former head of the bureau?s Washington field office for the critical position. Mueller, 66, is facing a mandatory 10-year retirement in September after a tumultuous tenure in which he oversaw the crackdown on terrorism after Sept. 11, 2001, and the bureau?s ongoing transformation into an intelligence agency focused on preventing attacks. In a letter sent Monday to Attorney General Eric H. Holder Jr., the FBI Agents Association recommended Michael A. Mason, a longtime FBI agent and supervisor who is now security chief for Verizon Communications. Mason, a former assistant director in charge of the Washington Field Office, would be the FBI?s first African American director. Law enforcement sources said other possible candidates include Patrick J. Fitzgerald, the U.S. attorney in Chicago who investigated the leak of the identity of former CIA officer Valerie Plame Wilson; New York Police Commissioner Raymond Kelly and John S. Pistole, administrator for the Transportation Security Administration and Mueller?s former deputy. All three declined to comment Monday, as did Mason. The sources, who declined to be identified because the search is not public, said that contenders also include James B. Comey, who was deputy attorney general in the George W. Bush administration, and Frances Fragos Townsend, a top Bush terror adviser who was a confidante of then-Attorney General Janet Reno in the Clinton administration. Townsend declined to comment; Comey did not return e-mails seeking comment. White House officials declined to comment, but law enforcement sources said the search for Mueller?s successor is being led by Vice President Biden, who chaired the Judiciary Committee in the Senate. Among those advising Biden are Holder and Louis J. Freeh, who was FBI director in the Clinton administration, the sources said. President Obama will make the decision. It is unclear if any front-runner has emerged or precisely what qualities the administration is seeking in a nominee, though sources said counterterrorism experience is considered especially important. Experts said that Mueller, a low-profile former Marine and federal prosecutor with a no-nonsense style, will be difficult to replace. Mueller started a week before Sept. 11, and his agency has successfully led the government?s efforts to prevent another terror attack on U.S. soil. It has also been criticized by some civil liberties advocates and Muslim leaders for tough anti-terrorism tactics. ?Mueller was there on the ground when we went through all this, when we had the Sept. 11 attacks, when we had the response and when he had to change the agency,?? said Stephen A. Saltzburg, a law professor at George Washington University and former Justice Department official. The agents association, which represents more than 12,000 active and retired FBI agents, is arguing that Mason fits the profile. A native of Obama?s home town of Chicago, Mason spent nearly 23 years with the FBI, rising to become executive assistant director for the Criminal Investigative Division before leaving in 2007. His nomination would be a symbol of how far the agency has come from the days of longtime director J. Edgar Hoover, when African American agents faced difficulties and Martin Luther King Jr. was hounded by government investigations. In an interview with The Washington Post in 2006, Mason said he was struck as a child by the heroism and intelligence of the bureau?s fabled G-men and that by seventh grade he was faithfully watching the weekly television show ?The F.B.I.? Konrad Motyka, president of the FBI agents association, said there was a ?groundswell? of support for Mason?s candidacy among agents. ?They said that throughout his entire career, he put agents first, had tremendous integrity and was very frank with everyone,?? Motyka said. Mason would be a somewhat unusual pick, however, in that he was an FBI lifer before moving to the private sector. FBI directors in recent decades have tended to come from outside the agency. Of the four directors since 1978, only Freeh worked as an FBI agent, and that was for just six years. A possible outsider choice is Kelly, who has the backing of Sen. Charles E. Schumer (D-N.Y.). Schumer said at a news conference Monday that he would press Kelly?s nomination with the administration. ?He understands terrorism, which obviously is at the forefront of the FBI?s mission these days,?? Schumer said. ?He has great community relations, he?s been known for outreach, and how to deal with all the disparate communities here in New York. ... I think there could be nobody better than Commissioner Kelly.?? markonj at washpost.com Staff reporters Anne E. Kornblut and Spencer S. Hsu contributed to this story. From rforno at infowarrior.org Tue Mar 15 10:45:28 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 11:45:28 -0400 Subject: [Infowarrior] - Almost 15 Million Alzheimer's And Dementia Caregivers Message-ID: <6C020B21-C1BD-4E3C-A703-FFEDC4AD6CCF@infowarrior.org> Almost 15 Million Alzheimer's And Dementia Caregivers In USA Today 15 Mar 2011 http://www.medicalnewstoday.com/articles/219193.php There are nearly 15 million people caring for individuals with Alzheimer's disease and dementia in the USA, the Alzheimer's Association has revealed today. The number of caregivers is 37% higher than estimates published last year, according the 2011 Alzheimer's Disease Facts and Figures. The authors of the report found that American caregivers gave 17 billion hours of unpaid care, estimated at $202.6 billion. A state with a population of 15 million would be the 5th largest in the USA. Most individuals over the age of 65 years survive for about four to eight years after they are diagnosed with Alzheimer's disease, sometimes 20 years. Because of the debilitating effects of the disease and its long duration, family members and friends who care for patients are placed under increasingly intense demands The longer a caregiver has to look after somebody with Alzheimer's, the greater their own health issues become, representing a further financial burden of almost $8 billion in raised healthcare costs. Harry Johns, president and CEO of the Alzheimer's Association, said: "Alzheimer's disease doesn't just affect those with it. It invades families and the lives of everyone around them. It is stressful and heartbreaking to see someone you love trapped in a present where their past is fading and their future too frightening to contemplate. Nearly 15 million dedicated and committed family members and friends are living with this every day." 5.4 million Americans are thought to be living with Alzheimer's disease. Alzheimer's is not a part of normal aging, even though age is its greatest risk factor, the Alzheimer's Association writes. Alzheimer's is the sixth-leading cause of death in America. It is "the only cause of death among the top 10 in the United States that cannot be prevented, cured or even slowed." Deaths from Alzheimer's disease have gone up 66% during the period 2000-2008, compared to minus 3% for major diseases of the heart, minus 29% for HIV/AIDS, minus 20% for stroke, minus 8% for prostate cancer, and minus 3% for breast cancer. Total payments for health care and long-term services for patients with Alzheimer's will rise by $11 billion this year compared to last year to $183 billion, the Alzheimer's Association estimates. Most of this increase will be made up by Medicare and Medicaid costs. Over the next four decades Medicare costs related to Alzheimer's and dementias will rise by almost 600% and Medicaid costs by 400% the Alzheimer's Association believes. Robert Egge, Vice President for Public Policy for the Alzheimer's Association, said: "The projected rise in Alzheimer's incidence will become an enormous balloon payment for the nation a payment that will exceed 1 trillion dollars by 2050. It is clear our government must make a smart commitment in order make these costs unnecessary." Early detection and intervention of Alzheimer's disease has significant benefits for both patients and caregivers. Early interventions and improved treatments are currently our greatest hopes in dealing with or halting brain damage. Beth Kallmyer, senior director of constituent services, said: "For people affected by irreversible cognitive decline or dementia, a formal and documented diagnosis helps the individual and their family explain and expect behaviors, and opens doors to vital care and support services. A diagnosis can help reduce the anxiety and emotional burden experienced by opening access to valuable support services." If patients are diagnosed early they are more likely to have a prompt evaluation and treatment of reversible or treatable causes of cognitive impairment. Families which are affected by the disease also have more time to ponder over available medical and non-medical services, as well as taking part in clinical trials. "2011 Alzheimer's Disease Facts and Figures" (PDF) Source: Alzheimer's Association From rforno at infowarrior.org Tue Mar 15 13:15:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 14:15:57 -0400 Subject: [Infowarrior] - WH wants new copyright law crackdown Message-ID: <4CEA615D-89CB-4249-A185-29470A4B5B96@infowarrior.org> March 15, 2011 10:51 AM PDT White House wants new copyright law crackdown by Declan McCullagh http://news.cnet.com/8301-31921_3-20043421-281.html?part=rss&subj=news&tag=2547-1_3-0-20 The White House today proposed sweeping revisions to U.S. copyright law, including making "illegal streaming" of audio or video a federal felony and allowing FBI agents to wiretap suspected infringers. In a 20-page white paper (PDF), the Obama administration called on the U.S. Congress to fix "deficiencies that could hinder enforcement" of intellectual property laws. The report was prepared by Victoria Espinel, the first Intellectual Property Enforcement Coordinator who received Senate confirmation in December 2009, and represents a broad tightening of many forms of intellectual property law including ones that deal with counterfeit pharmaceuticals and overseas royalties for copyright holders. (See CNET's report last month previewing today's white paper.) Some of the highlights: - The White House is concerned that "illegal streaming of content" may not be covered by criminal law, saying "questions have arisen about whether streaming constitutes the distribution of copyrighted works." To resolve that ambiguity, it wants a new law to "clarify that infringement by streaming, or by means of other similar new technology, is a felony in appropriate circumstances." - Under federal law, wiretaps may only be conducted in investigations of serious crimes, a list that was expanded by the 2001 Patriot Act to include offenses such as material support of terrorism and use of weapons of mass destruction. The administration is proposing to add copyright and trademark infringement, arguing that move "would assist U.S. law enforcement agencies to effectively investigate those offenses." - Under the 1998 Digital Millennium Copyright Act, it's generally illegal to distribute hardware or software -- such as the DVD-decoding software Handbrake available from a server in France -- that can "circumvent" copy protection technology. The administration is proposing that if Homeland Security seizes circumvention devices, it be permitted to "inform rightholders," "provide samples of such devices," and assist "them in bringing civil actions." The term "fair use" does not appear anywhere in the report. But it does mention Web sites like The Pirate Bay, which is hosted in Sweden, when warning that "foreign-based and foreign-controlled Web sites and Web services raise particular concerns for U.S. enforcement efforts." (See previous coverage of a congressional hearing on overseas sites.) The usual copyright hawks, including the U.S. Chamber of Commerce, applauded the paper, which grew out of a so-called joint strategic plan that Vice President Biden and Espinel announced in June 2010. Rob Calia, a senior director at the Chamber's Global Intellectual Property Center, said we "strongly support the white paper's call for Congress to clarify that criminal copyright infringement through unauthorized streaming, is a felony. We know both the House and Senate are looking at this issue and encourage them to work closely with the administration and other stakeholders to combat this growing threat." In October 2008, President Bush signed into law the so-called Pro IP ACT, which created Espinel's position and increased penalties for infringement, after expressing its opposition to an earlier version. Unless legislative proposals -- like one nearly a decade ago implanting strict copy controls in digital devices -- go too far, digital copyright tends not to be a particularly partisan topic. The Digital Millennium Copyright Act, near-universally disliked by programmers and engineers for its anti-circumvention section, was approved unanimously in the U.S. Senate. At the same time, Democratic politicians tend to be a bit more enthusiastic about the topic. Biden was a close Senate ally of copyright holders, and President Obama picked top copyright industry lawyers for Justice Department posts. Last year, Biden warned that "piracy is theft." No less than 78 percent of political contributions from Hollywood went to Democrats in 2008, which is broadly consistent with the trend for the last two decades, according to OpenSecrets.org. From rforno at infowarrior.org Tue Mar 15 14:55:17 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 15:55:17 -0400 Subject: [Infowarrior] - Apple handcuffs 'open' web apps on iPhone home screen Message-ID: <372E74A7-6CAB-444E-A64F-E8A1C452FFEA@infowarrior.org> Original URL: http://www.theregister.co.uk/2011/03/15/apple_ios_throttles_web_apps_on_home_screen/ Apple handcuffs 'open' web apps on iPhone home screen Three bugs? Or three-headed App Store conspiracy? By Cade Metz in San Francisco Posted in Developer, 15th March 2011 01:26 GMT Exclusive Apple's iOS mobile operating system runs web applications at significantly slower speeds when they're launched from the iPhone or iPad home screen in "full-screen mode" as opposed to in the Apple Safari browser, and at the same time, the operating system hampers the performance of these apps in other ways, according to tests from multiple developers and The Register. It's unclear whether these are accidental bugs or issues consciously introduced by Apple. But the end result is that, at least in some ways, the iOS platform makes it harder for web apps to replace native applications distributed through the Apple App Store, where the company takes a 30 per cent cut of all applications sold. Whereas native apps can only run on Apple's operating system, web apps ? built with standard web technologies such as HTML, CSS, and JavaScript ? can potentially run on any device. "Apple is basically using subtle defects to make web apps appear to be low quality ? even when they claim HTML5 is a fully supported platform," says one mobile web app developer, who asked that his name not be used. Apple did not respond to multiple requests for comment. If a web app is run from the iOS 4.3 home screen ? in other words, if it is saved to the screen alongside local apps downloaded from the Apple App Store ? and launched into full-screen mode, it runs roughly two to two and a half times slower than it does in the browser, according to various tests. It appears that whereas Apple has updated the iOS 4.3 Safari browser with its high-speed Nitro JavaScript engine [1], Nitro is not used when web apps are launched from the home screen. "Essentially, there are two different JavaScript engines," says Alex Kessinger, a mobile application developer and blogger [2] who has focused on building web-standards-based apps for the iPhone [3]. "They're not using the new JavaScript engine with applications that launch from the home screen." What's more, such "home screen web apps" can't use various web caching systems, including the HTML5 Application Cache, which means they can't be cached to run offline. And they aren't rendered using Apple's newer "asynchronous mode". They're saddled with the old "synchronous mode", which means means they don't quite look as good. Offline 'home screen web app' on Apple iOS 4.3 Though the company did not respond to our inquiries, Apple is apparently aware of all three issues involving home-screen web apps. According to Apple developers posting to the web [4], the speed issue has been discussed in the company's developer support forums, and one developer ? the same unnamed developer quoted above ? confirms with The Reg that multiple bugs have been filed on the issue. He also says that bugs have been filed on the cache and asynchronous mode issues ? and that he's actually discussed the problems with Apple. "I've talked to people on the Mobile Safari team who said they knew about the [caching] issue," he tells us. The caching issue is discussed on the popular developer site stackoverflow [5]. All three issues also affect native iOS web applications that uses Apple's UIWebView API ? i.e., native applications that tap the web in a big way. "[UIWebView] is a controller that you can include in your app to offer web content," says Alex Kessinger. "Some people write their entire app in HTML and then just bundle it for inclusion in the App Store." Last year, as Apple boss Steve Jobs defended the company's decision to ban Adobe Flash from the iPad and the iPhone, he told the world that Apple believed in "open" web standards. "We strongly believe that all standards pertaining to the web should be open. Rather than use Flash, Apple has adopted HTML5, CSS and JavaScript," Jobs said in his famous "Thoughts on Flash [6]" open letter. "Apple?s mobile devices all ship with high performance, low power implementations of these open standards. HTML5, the new web standard that has been adopted by Apple, Google and many others, lets web developers create advanced graphics, typography, animations and transitions without relying on third party browser plug-ins (like Flash). HTML5 is completely open and controlled by a standards committee, of which Apple is a member." But at the same time, the company has a vested interest in its App Store, where it takes a 30 per cent cut of all applications sold, and pure web applications are ultimately a threat to the store, particularly when they're loaded to the iOS home screen as if they were local apps. "Some people like to think of it as a conspiracy theory, but it could be a bug," Kessinger says, referring to the speed issue. "If it is conspiracy, it makes a lot of sense for Apple. If you 'disallow' home screen web apps, you prevent people, in a way, from bypassing the App Store." Down to the test According to tests from developer Maximiliano Firtman [7], author the O'Reilly tome, Programming with the Mobile Web [8], Apple iOS 4.3 runs web applications in the browser about two times faster than when they're launched from the home screen into full-screen mode. And like the three other developers we spoke to, he's sure this is because home screen apps can't take advantage of Nitro. "I'm not 100% sure, but 99.9999% sure that the timing difference is because of lack of Nitro," Fitman tells us. Nitro was introduced with iOS 4.3. Fitman offers a version of the Sunspider JavaScript benchmark [9] that lets you easily see the speed difference for yourself, embedding Sunspider in an iFrame so that it will run fullscreen on the iPhone and iPad. We confirmed his results with tests of our own. Running in Safari on an iPhone 4 loaded with iOS 4.3, Sunspider took about 4047ms: Running from the home screen, it took about 10747ms: Apple isn't degrading the speed of home screen web apps. It's boosting the speed of web apps in the browser. But in the long run, the effect is the same. And if this is a bug, Apple has yet to fix it. On top of this, apps are hampered by the cache and asynchronous mode issues. According to one anonymous developer, access to certain web caches was cut off in iOS 4.2. And the issue is confirmed by a second developer. You can try it yourself with HTML5 apps such as Pie Guy [10]. With earlier versions of the OS, if you move the game to the home screen and run it once, you can then play it offline. But if you try to do so on the latest version of the operating system, you can't. The first developer also says that WebView native apps and home screen web apps are rendered in synchronous mode, whereas on iOS 4.3, they're rendered in asynchronous mode. "[With synchronous mode], you will sometimes see this weird grid of dark squares," he tells us. "Basically, when repainting the screen, synchronous mode can sometimes show your UI partially repainted." This developer reiterates that if Apple didn't specifically introduce these problems in iOS, it's aware of them now. And he says that the Mobile Safari team has indicated the issues will not be fixed. If Apple won't fix them, he says, Google should. "The Android team needs to pick this up and compete on it." ? Updated: This story has been updated to make it clear that the speed difference occurs when home screen apps are launched into full-screen mode. From rforno at infowarrior.org Tue Mar 15 20:05:23 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 21:05:23 -0400 Subject: [Infowarrior] - 40th anniversary of the computer virus Message-ID: <9724F777-BBB2-4768-A315-01206ABD3025@infowarrior.org> 40th anniversary of the computer virus Posted on 14.03.2011 http://www.net-security.org/malware_news.php?id=1668 This year marks the 40th anniversary of Creeper, the world?s first computer virus. From Creeper to Stuxnet, the last four decades saw the number of malware instances boom from 1,300 in 1990, to 50,000 in 2000, to over 200 million in 2010. Besides sheer quantity, viruses, which were originally used as academic proof of concepts, quickly turned into geek pranks, then evolved into cybercriminal tools. By 2005, the virus scene had been monetized, and virtually all viruses were developed with the sole purpose of making money via more or less complex business models. In the following story, FortiGuard Labs looks at the most significant computer viruses over the last 40 years and explains their historical significance. 1971: Creeper: catch me if you can While theories on self-replicating automatas were developed by genius mathematician Von Neumann in the early 50s, the first real computer virus was released ?in lab? in 1971 by an employee of a company working on building ARPANET, the Internet?s ancestor. Intriguing feature: Creeper looks for a machine on the network, transfers to it, displays the message ?I?m the creeper, catch me if you can!? and starts over, thereby hoping from system to system. It was a pure proof of concept that ties the roots of computer viruses to those of the Internet. 1982: Elk Cloner Written by a 15-year old as a way to booby trap his friends? Apple II computer systems without physical access to them, Elk Cloner spread via floppy disks. Infected machines displayed a harmless poem, dedicated to the virus? glory. Intriguing feature: Elk Cloner was the first virus ever to spread outside of the lab it was created in. Its global impact was negligible and its intent plainly geeky. 1987: Jerusalem First detected in the Hebrew University of Jerusalem, the aptly-named Jerusalem is somewhat deleterious. Each year on Friday the 13th, this virus deleted every single program that?s run on the infected system. Intriguing feature: Jerusalem is the first example of a destructive virus to have a global impact. Of course, the sheer number of computers back then was infinitesimal, compared to today. 1992: Michelangelo: The sleeper must awaken The dormant Michelangelo virus was designed to awaken on March 6th (Michelangelo?s birthday ? as in the Renaissance artist, not the Ninja Turtle) and erase critical parts of infected computers? hard drives. Intriguing feature: The promises of destruction it carried spawned a media frenzy. In the weeks preceding March 6th, media relayed (and some may say amplified) experts? predictions forecasting 5 million computers going definitively down. Yet, on March 6th, only a few thousand data losses were reported ? and public trust in AV companies? ethics was tainted for a while. 1999: Melissa Melissa propagated via infected Microsoft Word documents and mailed itself to Outlook contacts of the contaminated user. It was virulent enough to paralyze some important mailing systems on the Internet. Its author created the bug to honor Melissa, a stripper he?d met in Florida. Whether he conquered her heart this way is somewhat unlikely, but one thing is sure: the malicious code earned him 20 months in jail and a $5,000 fine. Intriguing feature: Someone created a variant of Melissa that encrypted the infected files and demanded a ransom of $100 to be wired to an offshore account for decryption. The author was traced to the said account. While it remained an isolated case, it is worth noting that 6 years before the malware scene became fully monetized, someone had already started figuring out how to make bucks out of viruses. 2000: I LOVE YOU At the dawn of the XXIst century, I LOVE YOU worm infected tens of millions of computers. As a fairly simple worm, I LOVE YOU presented itself as an incoming email with ?I love you? in its subject line and infected the machine of users who opened the attachment. It then mailed itself to all of the contacts found on the infected user?s system. Intriguing feature: While the author?s motivation clearly wasn?t about money, the damages were: When the dust settled, I LOVE YOU had cost companies around the world between $5 and $10 billion. Much of that cost can be attributed to the time spent ?cleaning? infected machines. 2001: Code Red While I LOVE YOU targeted end users, Code Red infected Web servers, where it automatically spread by exploiting a vulnerability in Microsoft IIS servers. In less than one week, nearly 400,000 servers were infected, and the homepage of their hosted Websites was replaced with ?Hacked By Chinese!? Intriguing feature: Code Red had a distinguishing feature designed to flood the White House Website with traffic (from the infected servers), probably making it the first case of documented ?hacktivism? on a large scale. 2004: Sasser Like Code Red, Sasser spread without anyone?s help; but this time, the virus exploited a vulnerability in Microsoft Windows to propagate, which made it particularly virulent. What?s more, due to a bug in the worm?s code, infected systems turned off every couple of minutes. Intriguing feature: For the first time, systems whose function isn?t normally related to the Internet (and that mostly existed before the Internet) were severely impacted. More than one million systems were infected, AFP?s communications satellites were interrupted for hours, Delta Airlines was forced to cancel flights, the British coast guard had to go back to print maps, and a hospital had to redirect its emergency room because its radiology department was completely paralyzed by the virus. The damage amount was estimated to be more than $18 billion. Microsoft placed a $250,000 bounty on the author?s head, who turned out to be an 18-year old German student. When caught, the student admitted that he created the malicious code as a creative way to help his mother to find a job in the computer security industry. 2005: MyTob, the turning point MyTob appeared in 2005 and was one of first worms to combine the features of a Bot (the infamous ?Zombies,? controlled by a remote Botmaster) and a mass-mailer. Intriguing feature: MyTob marks the entry in the era of Botnets and of cybercrime. Business models designed to ?monetize? the many botnets appeared (some of which will count more than 20 million machines): installation of spyware, diffusion of spam, illegal content hosting, interception of banking credentials, blackmail, etc. The revenue generated from these new botnets quickly reached several billion dollars per year; a figure that is growing today. 2007: Storm botnet By 2007, cybercriminals already had lucrative business models in place. They?re thinking about protecting their money spinners (infected computers). Before 2007, botnets showed a cruel lack of robustness: in neutralizing its unique Control Center, a botnet could be completely neutralized, because Zombies didn?t have anyone to report to (and take commands from) anymore. Intriguing feature: By implementing a peer-to-peer architecture, Storm became the first Botnet with decentralized command? It is much more robust. At the peak of the epidemic, Storm had infected between 1 and 50 million systems and accounted for 8% of all malware running in the world. 2008: Koobface Koobface (an anagram for Facebook) spreads by pretending to be the infected user on social networks, prompting friends to download an update to their Flash player in order to view a video. The update is a copy of the virus. Intriguing feature: Koobface is the first botnet to recruit its Zombie computers across multiple social networks (Facebook, MySpace, hi5, Bebo, Friendster, etc). Today, it is estimated that at any time, over 500,000 Koobface zombies are online at the same time. 2009: Conficker Conficker is a particularly sophisticated virus, as it?s both a worm, much like Sasser, and an ultra-resilient botnet, which implements bleeding-edge defensive techniques. Curiously, it seems that its propagation algorithm is poorly calibrated, causing it to be discovered more frequently. Some networks were so saturated by Conficker, that it caused planes to be grounded, including a number of French Fighter planes. In addition, hospitals and military bases were impacted. In total approximately 7 million systems were infected worldwide. Intriguing feature: Conficker did not infect Ukrainian IPs, nor machines configured with a Ukrainian keyboard. This suggests the authors were playing by the cybercriminal gold rule, which implicitly states, ?Don?t target anything in your own country, and the arm of justice won?t be long enough to reach you.? 2010: Stuxnet, welcome to the cyber war According to most threat researchers today, only governments have the necessary resources to design and implement a virus of such complexity. To spread, Stuxnet exploited several critical vulnerabilities in Windows, which, until then, were unknown, including one guaranteeing its execution when inserting an infected USB key into the target system, even if a systems autorun capabilities were disabled. From the infected system, Stuxnet was then able to spread into an internal network, until it reached its target: a management system of an industrial process edited by Siemens. In this particular instance, Stuxnet knew the weak point with a specific controller ? perhaps a cooling system ? and most likely intended to destroy or neutralize the industrial system. Intriguing feature: For the first time, the target of a virus is the destruction of an industrial system (very probably a nuclear power plant in Iran). What?s next? According to the trends we?re seeing, the next target for cybercriminals could be smart phones. Their widespread use and the fact that they incorporate a payment system (premium rate phone numbers) make them easy money-generating targets. Furthermore, they have a localization system, a microphone, embedded GPS and one (or several) cameras, which potentially allow a particularly invasive spying of their owners. From rforno at infowarrior.org Tue Mar 15 20:07:56 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 15 Mar 2011 21:07:56 -0400 Subject: [Infowarrior] - TSA Admits Bungling of Airport Body-Scanner Radiation Tests Message-ID: <39F61899-0D05-4B36-8CC7-9DA28774A9CF@infowarrior.org> TSA Admits Bungling of Airport Body-Scanner Radiation Tests ? By David Kravets ? March 15, 2011 | ? 6:10 pm | ? Categories: 'nude' airport body scanners, Surveillance http://www.wired.com/threatlevel/2011/03/tsa-radiation-test-bungling/ The Transportation Security Administration is re-analyzing the radiation levels of X-ray body scanners installed in airports nationwide, after testing produced dramatically higher-than-expected results. The TSA, which has deployed at least 500 body scanners to at least 78 airports, said Tuesday the machines meet all safety standards and would remain in operation despite a ?calculation error? in safety studies. The flawed results showed radiation levels 10 times higher than expected. At least one flier group, the Association for Airline Passenger Rights, is urging the government to stop using the $180,000 machines that produce a virtual-nude image of the body until new tests are concluded in May. ?Airline passengers have enough concerns about flying ? including numerous ones about how TSA conducts its haphazard security screenings ? so it is TSA?s responsibility to ensure passengers are not being exposed to unhealthy amounts of radiation,? Brandon Macsata, executive director of the group, said in a statement. The Electronic Privacy Information Center has been a loud voice opposing the machines. Last week, it urged a federal appeals court to stop using them until further health studies were conducted. Marc Rotenberg, EPIC?s executive director, is expected to tell the same thing to a congressional panel Wednesday. ?The agency should have conducted a public rule-making so that these risks could have been more carefully assessed,? (.pdf) according to a transcript of his expected testimony before the House Committee on Oversight and Government Reform. Still, the government said the results proved the safety of the devices. ?It would appear that the emissions are 10 times higher. We understand it as a calculation error,? TSA spokesman Sarah Horowitz said in a telephone interview. The snafu involves tests conducted on the roughly 250 backscatter X-ray machines produced by Rapiscan of Los Angeles, which has a contract to deliver another 250 machines at a cost of about $180,000 each. About 250 millimeter-wave technology machines produced by L-3 Communications of New York were not part of the bungled results. Rapiscan technicians in the field are required to test radiation levels 10 times in a row, and divide by 10 to produce an average radiation measurement. Often, the testers failed to divide results by 10, Horowitz said. ?Certainly, the errors are not acceptable. It?s not every report. We believe the technology is safe,? she said. ?We?ve done extensive, independent testing. It doesn?t raise alarms in terms of safety.? Rapiscan, in a letter to the TSA, admitted the mistake and is ?redesigning the form? used by its ?field service engineers? when surveying the Rapiscan Secure 1000 that is deployed to 38 airports. ?Oftentimes, the FSE will bypass the step of dividing by 10. While the resulting entry, at a pragmatic level, is understandable on its face and usable for monitoring purposes, the value, if read literally by persons unfamiliar with our system and the survey process, would imply energy outputs that are unachievable by the Secure 1000 Single Pose,? (.pdf) Rapiscan wrote. A recent Wired.com three-part series examined the constitutionality, effectiveness and health concerns of the scanners, which the TSA mandated as the preferred airport screening method in February 2009. Among other things, the Wired.com series concluded that there was discord among the scientific community about the scanners? health risks to humans, and that they were not tested with mice or other biological samples before being deployed. The government, however, maintains a thousand screenings equal the amount of radiation of one standard medical chest X-ray. A federal appeals court hearing EPIC?s lawsuit suggested last week it was not likely to halt the scanners? use. From rforno at infowarrior.org Wed Mar 16 06:45:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 16 Mar 2011 07:45:13 -0400 Subject: [Infowarrior] - U.S. military blocks websites to help Japan recovery efforts Message-ID: <6DCDF068-E0AB-4348-8411-E655F45A2987@infowarrior.org> U.S. military blocks websites to help Japan recovery efforts By Mark Preston and Adam Levine, CNN March 16, 2011 6:09 a.m. EDT http://www.cnn.com/2011/US/03/15/us.military.websites/index.html Several websites, including YouTube, have been blocked from U.S. military computers in Japan to free bandwidth for recovery efforts. Washington (CNN) -- The U.S. military has blocked access to a range of popular commercial websites in order to free up bandwidth for use in Japan recovery efforts, according to an e-mail obtained by CNN and confirmed by a spokesman for U.S. Strategic Command. The sites -- including YouTube, ESPN, Amazon, eBay and MTV -- were chosen not because of the content but because their popularity among users of military computers account for significant bandwidth, according to Strategic Command spokesman Rodney Ellison. The block, instituted Monday, is intended "to make sure bandwidth was available in Japan for military operations" as the United States helps in the aftermath of last week's deadly earthquake and tsunami, Ellison explained. U.S. Pacific Command made the request to free up the bandwidth. The sites, 13 in all, are blocked across the Department of Defense's .mil computer system. "This is a response to a time of extreme demand for networks," Ellison said. Ellison emphasized that it was a temporary measure. "This blockage will be of a temporary nature and may increase or decrease in the size and scope as necessary," according to the message distributed to military announcing the move. "We are doing this to facilitate the recovery efforts under way in Japan," Ellison explained. "We are trying to make sure we are giving them as many avenues and as much support as we can." The blocked websites are: * Youtube.com * Googlevideo.com * Amazon.com * ESPN.go.com * eBay.com * Doubleclick.com * Eyewonder.com * Pandora.com * streamtheworld.com * Mtv.com * Ifilm.com * Myspace.com * Metacafe.com From rforno at infowarrior.org Wed Mar 16 08:26:05 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 16 Mar 2011 09:26:05 -0400 Subject: [Infowarrior] - With hacking, music can take control of your car Message-ID: home ? security ? news With hacking, music can take control of your car Remote-controlled car hacking is a real possibility, researchers say by Robert McMillan 13 comments | 46I like it! Tags: security http://www.itworld.com/security/139794/with-hacking-music-can-take-control-your-car March 14, 2011, 08:30 AM ? IDG News Service ? About 300 years ago, the English playwright William Congreve wrote, "music has charms to soothe a savage breast, to soften rocks, or bend a knotted oak." This week we learned that it can also help hackers break into your car. Researchers at the University of California, San Diego, and the University of Washington have spent the past two years combing through the myriad computer systems in late-model cars, looking for security flaws and developing ways to misuse them. In a new paper, they say they've identified a handful of ways a hacker could break into a car, including attacks over the car's Bluetooth and cellular network systems, or through malicious software in the diagnostic tools used in automotive repair shops. But their most interesting attack focused on the car stereo. By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse. When played on the car's stereo, this song could alter the firmware of the car's stereo system, giving attackers an entry point to change other components on the car. This type of attack could be spread on file-sharing networks without arousing suspicion, they believe. "It's hard to think of something more innocuous than a song," said Stefan Savage, a professor at the University of California. Last year Savage and his fellow researchers described the inner workings of the networks of components found in today's cars, and they described a 2009 experiment in which they were able to kill the engine, lock the doors, turn off the brakes and falsify speedometer readings on a late-model car. In that experiment, they had to plug a laptop into the car's internal diagnostic system in order to install their malicious code. In this latest paper, the objective was to find a way to break into the car remotely. "This paper is really about how challenging is it to gain that access from the outside," Savage said. They found lots of ways to break in. In fact, attacks over Bluetooth, the cellular network, malicious music files and via the diagnostic tools used in dealerships were all possible, if difficult to pull off, Savage said. "The easiest way remains what we did in our first paper: Plug into the car and do it," he said. From rforno at infowarrior.org Thu Mar 17 06:05:30 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 Mar 2011 07:05:30 -0400 Subject: [Infowarrior] - Japan gov blacks out Fukushima radiation readings Message-ID: U.S. radiation experts try to decipher reports from Japan By Steve Sternberg, USA TODAY Updated 6h 14m ago | http://www.usatoday.com/news/world/2011-03-17-japanradiate17_ST_N.htm# The Japanese government's radiation report for the country's 47 prefectures Wednesday had a notable omission: Fukushima, ground zero in Japan's nuclear crisis. Measurements from Ibaraki, just south of Fukushima, were also blanked out. Radiation experts in the USA say that the lack of information about radioactivity released from the smoldering reactors makes it impossible to gauge the current danger, project how bad a potential meltdown might be or calculate how much fallout might reach the USA. Japanese nuclear experts are hard at work gathering information, said Fred Mettler, the U.S. representative for the United Nation's committee on the health effects of radiation. "They're monitoring and evaluating and watching the meteorology," he said. "They need to know what the dose rates are in various places, what direction the (radiation is) moving in and what's causing it." Conflicting accounts of the radiation levels emerged in Tokyo and on Capitol Hill. Japan's Nuclear and Industrial Safety Agency said Wednesday that the radiation detected at the Fukushima plant had fallen steadily over the past 12 hours. But U.S. Nuclear Regulatory Commission (NRC) chief Gregory Jaczko told a House energy subcommittee earlier in the day that radiation levels at the Fukushima plant were "extremely high." The chief of the U.N. International Atomic Energy Agency, Yukiya Amano, told reporters he will visit Japan to obtain "firsthand information" about the crisis and prod the Japanese government to provide more. Experts from the NRC, led by Charles Casto, were to arrive in the country on Wednesday. Given accurate readings, U.S. experts can develop computer models of radiation released from the crippled reactors, factoring in prevailing winds, altitude and rainfall, said Owen Hoffman, a radiation expert from SENES Oak Ridge Inc., a consulting firm that calculated risks from Cold War nuclear tests. One agency equipped to predict where the fallout may travel is the Department of Energy's National Atmospheric Release Advisory Center at Lawrence Livermore National Laboratory. The center has tracked radiation emitted by the meltdowns at Three Mile Island in 1979 and Ukraine's Chernobyl in 1986. History may offer hints of what's to come. At Three Mile Island, near Harrisburg, Pa., only a small amount of radiation was released before the meltdown was controlled. Chernobyl spewed radiation for days, which rode wind currents worldwide. Radioactive iodine falls from the plume in rainfall and settles on the grass, where it's eaten by cows and builds up in their milk. Decades after Three Mile Island, no cancers or deaths have been conclusively linked to the U.S. disaster. Researchers have logged 6,000 thyroid cancers in survivors of Chernobyl, all in people who were younger than 18 when they were exposed. That's about one-third of the 14,000 projected to occur. Thyroid cancer is a major risk because the thyroid needs iodine to make thyroid hormone, which regulates metabolism. For those downwind of Chernobyl, the highest dose exceeded 1 gray, a measure of the radioactivity absorbed in the thyroid. Children who drank commercial milk during the Cold War nuclear tests received about one-tenth of that, on average, Hoffman said. That was enough to boost their thyroid cancer risk to one in 100, more than twice the usual risk. The Chernobyl meltdown also contaminated vast tracts of Ukraine, Belarus, Russia and northern Europe with radioactive cesium. "There are still limitations on the export of sheep from Cumbria, in the U.K., and reindeer from Scandinavia," Hoffman said. Cesium also contaminated fish from Scandinavia's northern lakes. Cesium is absorbed by plants and works its way through the food chain, getting into meat and milk. Unlike radioactive iodine, which has a short half life, cesium lingers in the environment. "Radioactive iodine will be gone in a month," Hoffman said. "Cesium's going to be around for decades." Contributing: The Associated Press From rforno at infowarrior.org Thu Mar 17 07:23:05 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 Mar 2011 08:23:05 -0400 Subject: [Infowarrior] - Fed instructs teachers to Facebook creep students Message-ID: <0FB0E9F1-02AC-4E42-8501-20CEA1E4C381@infowarrior.org> Fed instructs teachers to Facebook creep students By Neil Munro - The Daily Caller 1:58 AM 03/16/2011 http://dailycaller.com/2011/03/16/fed-instructs-teachers-to-facebook-creep-students/print/ Education Department officials are threatening school principals with lawsuits if they fail to monitor and curb students? lunchtime chat and evening Facebook time for expressing ideas and words that are deemed by Washington special-interest groups to be harassment of some students. There has only been muted opposition to this far-reaching policy among the professionals and advocates in the education sector, most of whom are heavily reliant on funding and support from top-level education officials. The normally government-averse tech-sector is also playing along, and on Mar. 11, Facebook declared that it was ?thrilled? to work with White House officials to foster government oversight of teens? online activities. The only formal opposition has come from the National School Board Association, which declined to be interviewed by The DC. The agency?s threats, which are delivered in a so-called ?Dear Colleague? letter,? have the support of White House officials, including President Barack Obama, who held a Mar. 10 White House meeting to promote the initiative as a federal ?anti-bullying? policy. The letter says federal officials have reinterpreted the civil-rights laws that require school principals to curb physical bullying, as well as racist and sexist speech, that take place within school boundaries. Under the new interpretation, principals and their schools are legally liable if they fail to curb ?harassment? of students, even if it takes place outside the school, on Facebook or in private conversation among a few youths. ?Harassing conduct may take many forms, including verbal acts and name-calling; graphic and written statements, which may include use of cell phones or the Internet? it does not have to include intent to harm, be directed at a specific target, or involve repeated incidents [but] creates a hostile environment ? [which can] limit a student?s ability to participate in or benefit from the services, activities, or opportunities offered by a school,? according to the far-reaching letter, which was completed Oct. 26 by Russlynn Ali, who heads the agency?s civil rights office. School officials will face lawsuits even when they are ignorant about students? statements, if a court later decides they ?reasonably should have known? about their students? conduct, said the statement. Following the discovery of ?harassment,? officials may have to require mandatory training of students and their families, according to the Ali letter. ?The school may need to provide training or other interventions not only for the perpetrators, but also for the larger school community, to ensure that all students, their families, and school staff can recognize harassment if it recurs and know how to respond? [and] provide additional services to the student who was harassed in order to address the effects of the harassment,? said the letter. Facebook is developing new features that will make it harder for principals to miss episodes of online ?harassment,? and so will increase the likelihood of government action against the teenage users of Facebook and other social-media. ?We?re adding a unique feature, developed with safety experts, that lets people also report content to someone in their support system (like a parent or teacher) who may be able to address the issue more directly,? Facebook declared Mar. 11. ?It is our hope that features like this will help not only remove the offensive content but also help people get to the root of the problem,? the company statement declared. The department?s re-interpretation expands legal risks for schools beyond those set by the Supreme Court in a 1999 decision, said a Dec. 7 NSBA statement. The court decision, which interprets several federal laws, says schools are liable for harassment that school officials know about and that ?effectively bars? a student?s access to an educational benefit. The remedies being pushed by administration officials will also violate students? and families? privacy rights, disregard student?s constitutional free-speech rights, spur expensive lawsuits against cash-strapped schools, and constrict school official? ability to flexibly use their own anti-bullying policies to manage routine and unique issues, said the NSBA letter. The government has not responded to the NSBA letter. The leading advocate for the expanded rules is Kevin Jennings, who heads the Education Department?s Office of Safe and Drug-Free Schools. Jennings founded the Gay Lesbian Straight Education Network advocacy group, and raised at least $100,000 for the Obama campaign in 2008, according to Public Citizen, a left-of-center advocacy group. In an September 2010 interview on the government?s StopBullying.gov website, Jennings said that ?in a truly safe school ? students feel like they belong, they are valued, they feel physically and emotionally safe.? Ken Trump, a Cleveland-based school-safety consultant, says the administration is so determined to focus on gay and lesbian teens that it is asking Congress for $365 million to conduct bullying-related school surveys in 2012. In 2011, the administration ended a program that gave roughly $300 million per year to states to counter physical violence and drug-abuse in schools. The primary purpose behind the administration?s initiative is to ?create a social and political climate where it is impossible to express conservative moral beliefs? about sexuality, even when research data shows those beliefs help many people live prosperous and happy lives, said Laurie Higgins, the school-advocacy chief of three-person Illinois Family Institute, in Carol Stream, Ill. Everyday experience and careful research show that children are most likely to prosper when they?re raised by their parents, not by school officials and D.C.-based special-interests, she said. Children do not have any right to bully other kids, gay or straight, to hurt them, taunt or tease them, but they do have a right to speak their minds, and champion their beliefs, said Higgins. Kids learn to treat each other with respect, especially when they and their peers have the ability to hold each other responsible for good, bad or trivial actions, she said. One of the better things about Facebook, said Higgins, is that it promotes responsible behavior by requiring teens to identify themselves with their real names and pictures. But the kids? ability to mature into adults will be stymied if the federal government, special-interests and school officials intervene in kids? conversations about girls and boys, sports and fashion, studies and music, whenever they offer judgements or facts that are disliked by influential political advocates, such as Jennings? GLSEN, Higgins said. ?Kids will be inhibited if they fear their moral reasoning will be seen by others as criminal,? she said. GLSEN?s advocates strongly support the federal initiative. The Department?s October ?guidelines are thorough, comprehensive and list examples in current law to support each provision?. When it comes to bias-based bullying in particular, we have to be willing to name the problem if we want to protect all of our students,? said a Dec. 21 GLSEN statement. Almost 90 percent of lesbian, gay, bisexual and transgender students ?experienced harassment in the past year because of their sexual orientation,? according to a 2009 GLSEN survey of more than 7,000 students, said the statement. Advocates for gays and lesbians say teens who identify as gay or lesbian are four times as likely as normal kids to kill themselves, and they cite multiple examples of teen-suicides following anti-gay statements or physical violence. The anti-harassment legislation is frequently supported by the ACLU and its state affiliates, partly because ACLU officials also support the goal of government-supported diversity. In contrast, the libertarian Foundation for Individual Rights In Education, or FIRE, opposes anti-harassment bills as threats to free-speech. On Feb. 15, its website presented arguments against a pending bullying-related bill in Congress, dubbed the Tyler Clementi Higher Education Anti-Harassment Act. The draft act ?is redundant, it replaces the clear definition of harassment with a vague, speech-restrictive definition that conflicts with Supreme Court precedent, and it treats adult college students like children who need special laws,? said FIRE?s statement. This month, Higgins? side won an expensive free-speech victory when a federal appeals court in Chicago upheld a token award of $25 dollars each to two students who were punished by school officials in Naperville, Ill., for wearing unapproved t-shirts following a school event that was intended to promote acceptance of homosexuality. The ?Day of Silence? event at the school was organized by GLSEN. The two students? shirts carried the message ?Be Happy, Not Gay,? and were worn on a day declared to be a ?Day of Truth,? which was organized by a national conservative group that opposes GLSEN?s goals. ?[A] school that permits advocacy of the rights of homosexual students cannot be allowed to stifle criticism of homosexuality,? said the appeal court?s decision, authored by Judge Richard Posner. ?The school argued (and still argues) that banning ?Be Happy, Not Gay? was just a matter of protecting the ?rights? of the students against whom derogatory comments are directed. But people in our society do not have a legal right to prevent criticism of their beliefs or even their way of life,? said the ruling. From rforno at infowarrior.org Thu Mar 17 16:04:04 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 Mar 2011 17:04:04 -0400 Subject: [Infowarrior] - Fox Series on Infosec Firm (yes, it's a comedy....) Message-ID: <44FE579C-5D21-4DAE-AC39-B25CFB2CF992@infowarrior.org> (But then again, knowing what passes as high-tech security these days, might this really be considered reality television? ---- rick) http://www.fox.com/breakingin/ BREAKING IN is an offbeat half-hour workplace comedy about a high-tech security firm that takes extreme - and often questionable - measures to sell their protection services. Created by Adam F. Goldberg and Seth Gordon, the series centers on a team of uniquely skilled oddball geniuses hand-picked to work for a manipulative mastermind. Contra Security, corporate America's answer to "The A-Team," gives clients a sense of security by first ripping it away. The firm is led by OZ (Christian Slater), a larger-than-life head honcho who is a man of mystery and master of manipulation. The members of the odd squad include alluring bad girl MELANIE (Odette Yustman), who is in charge of lock-picking, safe-cracking and heart-breaking; and CASH (Alphonso McAuley), a fanboy who specializes in strategy, logistics and office pranks only a mad genius could think up. Oz's newest recruit, plucked right out of college, is lovable and charming computer hacker CAMERON PRICE (Bret Harrison). Unfortunately for Cameron, cracking into state-of-the-art security systems is a lot easier than dealing with his co-workers. Between Melanie's sex appeal and Cash's hazing, Cameron has more than a few obstacles to overcome if he wants to cement his status as part of the team and become Oz's go-to guy. BREAKING IN is produced by Happy Madison Productions, Adam F. Goldberg Productions and Sethsquatch, Inc. in association with Sony Pictures Television. Goldberg, Gordon and Doug Robinson ("Rules of Engagement") serve as executive producers, while Goldberg serves as writer. The pilot was directed by Gordon. From rforno at infowarrior.org Thu Mar 17 16:38:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 Mar 2011 17:38:06 -0400 Subject: [Infowarrior] - Congress asks to review DoD and NSA contracts with HBGary Message-ID: Congress asks to review DoD and NSA contracts with HBGary By Kim Zetter, wired.com | Last updated about an hour ago http://arstechnica.com/tech-policy/news/2011/03/congress-asks-to-review-dod-and-nsa-contracts-with-hbgary.ars Anonymous?s recent exposure of a federal contractor?s plan to take down WikiLeaks has led to a congressional probe seeking data on contracts the company and its partners hold with the US military and intelligence agencies. The House Armed Services Subcommittee on Emerging Threats and Capabilities on Wednesday asked the Defense Department and its intelligence arm?the National Security Agency?to hand over copies of any contracts they may have signed with HBGary Federal, Palantir Technologies and Berico Technologies. Rep. Hank Johnson (D-GA) grilled Gen. Keith Alexander, director of the NSA and commander of the US Cyber Command, and Dr. James Miller, Jr., deputy under secretary of defense for policy, on the services the firms provided their agencies. Miller replied that he would have to check with the Defense Department?s general counsel to ?make sure that the provision of that type of information is allowed contractually.? When Johnson asked whether this meant the contracts might have provisions barring them from being shared with Congress, Miller backtracked and said no, that it would take time to determine all the agencies in the department that have contracts with the companies and decide in what form to provide the information. Subcommittee Chairman Mac Thornberry (R- Texas) interjected that the information should be provided to the entire committee. Johnson didn?t immediately respond to a call for comment. All three companies were recently in the crosshairs after e-mails stolen from HBGary Federal revealed that the company had been working on a proposal for the law firm Hunton and Williams to investigate and discredit WikiLeaks. The proposal included such maneuvers as launching cyber attacks against WikiLeaks? servers in order to obtain data on the sources who submit documents to the organization; submitting fake documents to the secret-spilling site and then later calling public attention to the fake documents to raise questions about WikiLeaks? reliability; and using intimidation tactics against a Salon reporter who avidly supports the group. The plan was exposed after members of the online vigilante group Anonymous breached the company?s network and stole more than 60,000 internal e-mails. HBGary Federal claimed in a news story that it had been working with the FBI to unmask hackers behind recent denial-of-service attacks against PayPal, Visa, MasterCard and Amazon. Members of Anonymous?a loosely structured group of vigilantes?had organized the mass attacks after the companies suspended accounts used by WikiLeaks to receive donations and host documents. In an attempt to uncover HBGary Federal?s investigation of its members, Anonymous hacked the company. After HBGary?s WikiLeaks plan was exposed, Palantir denied knowledge of details of the proposal. Both it and Berico distanced themselves from HBGary Federal, and HBGary Federal CEO Aaron Barr subsequently resigned. Last month, Rep. Johnson and more than a dozen other lawmakers urged Republican leaders to investigate the three firms after it was revealed that in addition to the anti-WikiLeaks plan, HBGary Federal may also have been involved in a similar plan to target critics of the US Chamber of Commerce. HBGary Federal does classified work for the US federal government among other security work; Palantir is believed to have government contracts as well. Gen. Alexander told the congressional subcommittee that he wasn?t sure how many contracts the government had with the companies or the nature of them but noted that Palantir offers tools to visualize traffic on the internet and computer networks. ?My recollection with working with Palantir was, here is an idea that we could use for how to look at networks and how to secure,? he said. From rforno at infowarrior.org Thu Mar 17 16:42:12 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 Mar 2011 17:42:12 -0400 Subject: [Infowarrior] - Blackberry Users Advised to Disable JavaScript Message-ID: Blackberry Users Advised to Disable JavaScript RIM's Blackberry OS was exploited at Pwn2own, leaving users potentially at risk. http://www.internetnews.com/mobility/article.php/3928416 March 16, 2011 By Michelle Megna A team of security researchers successfully exploited the Blackberry mobile platform last week. Now RIM is responding by providing users of Blackberry OS 6 with some direction on what they should be doing. "Successful exploitation of the vulnerability requires the user to browse to a website that the attacker has maliciously designed. A successful exploit could allow the attacker to use the BlackBerry Browser to access user data stored on the media card and in the built-in media storage on the BlackBerry smartphone, but not to access user data that the email, calendar and contact applications store in the application storage (the internal file system that stores application data and user data) of the BlackBerry smartphone," according to a RIM security advisory issued in response to the hack demo. In contrast to simply providing advice, Google, which uses the same underlying WebKit technology in its Chrome browser as Blackberry uses, has already issued an update for the same flaw. From rforno at infowarrior.org Thu Mar 17 18:56:00 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 Mar 2011 19:56:00 -0400 Subject: [Infowarrior] - Hacker Spies Hit Security Firm RSA Message-ID: Hacker Spies Hit Security Firm RSA ? By Kim Zetter ? March 17, 2011 | ? 6:40 pm | ? Categories: Breaches, Hacks and Cracks, RSA Conference http://www.wired.com/threatlevel/2011/03/rsa-hacked/ Top security firm RSA Security revealed on Thursday that it?s been the victim of an ?extremely sophisticated? hack. The company said in a note posted on its website that the intruders succeeded in stealing information related to the company?s SecurID two-factor authentication products. SecurID adds an extra layer of protection to a login process by requiring users to enter a secret code number displayed on a keyfob, or in software, in addition to their password. The number is cryptographically generated and changes every 30 seconds. ?While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers,? RSA wrote on its blog, ?this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack. We are very actively communicating this situation to RSA customers and providing immediate steps for them to take to strengthen their SecurID implementations.? As of 2009, RSA counted 40 million customers carrying SecurID hardware tokens, and another 250 million using software. It?s customers include government agencies. RSA CEO Art Coviello wrote in the blog post that the company was ?confident that no other ? products were impacted by this attack. It is important to note that we do not believe that either customer or employee personally identifiable information was compromised as a result of this incident.? RSA categorized the attack as an advanced persistent threat, or APT. APT attacks are distinctive in the kinds of data the attackers target. Unlike most intrusions that go after financial and identity data, APT attacks tend to go after source code and other intellectual property and often involve extensive work to map a company?s infrastructure. APT attacks often use zero-day vulnerabilities to breach a company and are therefore rarely detected by antivirus and intrusion programs. The intrusions are known for grabbing a foothold into a company?s network, sometimes for years, even after a company has discovered them and taken corrective measures. Last year?s hack into Google was considered an APT attack, and, like many intrusions in this category, was linked to China. RSA, which is owned by EMC, is a leading firm and is most known for the RSA encryption algorithm used to secure e-commerce and other transactions. The company hosts the top-ranked RSA security conference every year. From rforno at infowarrior.org Thu Mar 17 21:43:26 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 17 Mar 2011 22:43:26 -0400 Subject: [Infowarrior] - =?windows-1252?q?The_New_York_Times_Paywall_Is_?= =?windows-1252?q?=85_Weird?= Message-ID: <2E4372B8-D031-4764-955D-91CFF0837A22@infowarrior.org> Commentary: The New York Times Paywall Is ? Weird ? By Felix Salmon ? March 17, 2011 | ? 7:34 pm | ? Categories: Commerce, Mobile Internet http://www.wired.com/epicenter/2011/03/nyt-paywall-is-weird/all/1 The NYT paywall has arrived: it?s going up in Canada today, and then worldwide on March 28. The most comprehensive source for the gritty details is this FAQ, which does things like explain the difference between an item and a pageview. (A slideshow or a multi-page article is one ?item,? no matter how many slides it contains.) The NYT has decided not to make the paywall very cheap and porous in the first instance as people get used to it. $15 for four weeks might be cheap compared to the cost of a print subscription, but $195 per year is still enough money to give readers pause and to drive them elsewhere. And similarly, 20 articles per month is lower than I would have expected at launch. Rather than take full advantage of their ability to change the numbers over time, the NYT seems to have decided they?re going to launch at the kind of levels they want to see over the long term. Which is a bit weird. Instead, the NYT has sent out an email to its ?loyal readers? that they?ll get ?a special offer to save on our new digital subscriptions? come March 28. This seems upside-down to me: it?s the loyal readers who are most likely to pay premium rates for digital subscriptions, while everybody else is going to need a special offer to chivvy them along. This paywall is anything but simple, with dozens of different variables for consumers to try to understand. Start with the price: the website is free, so long as you read fewer than 20 items per month, and so are the apps, so long as you confine yourself to the ?Top News? section. You can also read articles for free by going in through a side door. Following links from Twitter or Facebook or Reuters.com should never be a problem, unless and until you try to navigate away from the item that was linked to. Beyond that, $15 per four-week period gives you access to the website and also its smartphone app, while $20 gives you access to the website also its iPad app. But if you want to read the NYT on both your smartphone and your iPad, you?ll need to buy both digital subscriptions separately, and pay an eye-popping $35 every four weeks. That?s $455 a year. The message being sent here is weird: that access to the website is worth nothing. Mathematically, if A+B=$15, A+C=$20, and A+B+C=$35, then A=$0. Meanwhile, at least where I live in New York, a print subscription which gets you the newspaper only on Sundays costs $19.60 every four weeks ? and it comes with free access to the web and tablet versions of the newspaper. Which creates the slightly odd proposition that if you want to use the NYT?s iPad app, you?re marginally better off subscribing to the print newspaper on Sundays and throwing it away unread than you are just subscribing to the app on its own. The pricing structure is also a strong disincentive to use the iPad app at all, of course. If you?re already paying $15 every four weeks to have full access to the website, why on earth would you pay extra just to be able to read the paper on its own dedicated app rather than in Safari? I, for one, prefer the experience of reading nytimes.com on the web on my iPad, rather than reading an iPad app which has no search, no links, no archives, no social recommendations, etc etc. If the NYT wanted to kill any incentive to read and develop its iPad app, it?s going about it the right way. What does all this mean for the New York Times Company? I can?t see how it?s good. By my back-of-the-envelope math, the paywall won?t even cover its own development costs for a good two years, and will never generate enough money to really make a difference to NYTCo revenues The paywall is certainly being set high enough that a lot of regular readers will not subscribe. These are readers who would normally link to the NYT from their blogs, who would tweet NYT articles, who would post those articles on Facebook, and so on. As a result, not only will traffic from these readers decline, but so will all their referral traffic, too. The NYT makes more than $300 million a year in digital ad revenue, so even a modest decline in pageviews, relative to what the site could have generated sans paywall, can mean many millions of dollars foregone. On top of that, the paywall itself cost somewhere over $40 million to develop. Against all that, how much revenue will the paywall bring in? A very large number of the paper?s most loyal readers are already print subscribers, and get access to the website at no extra cost. So the new revenues from the paywall will only come from people who read the website a lot but who don?t subscribe in print. How many of those people are there? Emily Bell reckons that the number of people who?ll even hit the paywall in the first place is only about 5% of the NYT?s 33 million or so unique visitors. That?s 1.6 million people ? compare the 1.3 million people who already subscribe to the paper on Sundays. The former is not a perfect superset of the latter, of course, but there?s a big overlap; let?s say that realistically the NYT is going after a universe of no more than 800,000 people that it?s going to ask to subscribe. And let?s be generous and say that 15% of them do so, paying an average of $200 per year apiece. That?s extra revenues of $24 million per year. $24 million is a minuscule amount for the New York Times company as a whole; it?s dwarfed not only by total revenues but even by those total digital advertising revenues of more than $300 million a year. This is what counts as a major strategic move within the NYT? As Ken Doctor notes, the Times Select fiasco, which was unceremoniously killed in 2007 to no one?s regret, was bringing in a good $10 million per year. This new paywall is much more elaborate and expensive, and it?s being introduced into a website which is currently something of a cash cow as regards ad revenues. So by my back-of-the-envelope math, the paywall won?t even cover its own development costs for a good two years, and beyond that will never generate enough money to really make a difference to NYTCo revenues. Maybe that might change if the NYT breaks its promise to offer full website access for free to all print subscribers. But that decision would be fraught in all manner of other ways. For the time being, though, I just can?t see how this move makes any kind of financial sense for the NYT. The upside is limited; the downside is that it ceases to be the paper of record for the world. Who would take that bet? Update: Turning upside-down the conventional wisdom that consumers will only pay for financial information and porn, the NYT has decided that Dealbook will remain completely free, outside the paywall, at least for the time being. Which I guess explains why the Business and Dealbook sections are so clearly separated from each other online. From rforno at infowarrior.org Fri Mar 18 14:21:34 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 18 Mar 2011 15:21:34 -0400 Subject: [Infowarrior] - CCIA: copyright wiretaps are Hollywood's "PATRIOT Act" Message-ID: CCIA: copyright wiretaps are Hollywood's "PATRIOT Act" By Nate Anderson | Last updated a day ago http://arstechnica.com/tech-policy/news/2011/03/ccia-copyright-wiretaps-are-hollywoods-patriot-act.ars Yesterday's White House wish list of new intellectual property laws focused on things like counterfeit medicines, but it also included proposals to extend wiretaps into copyright cases and to ensure that illegal streaming video is a felony. A DC trade group representing companies like AMD, Facebook, Oracle, Yahoo, Google, and Microsoft today objected loudly to the plan, saying that legitimate concerns about counterfeiting have been "hijacked to create draconian proposals to alleviate the content industry of the burden of protecting its own interest using its own extensive resources." And that was just the beginning. Computer & Communications Industry Association chief Ed Black tapped his inner prophet to roll out a barnburner of a response to the White House. Over the top? Decide for yourself: Some in Congress and the White House have apparently decided that no price is too high to pay to kowtow to Big Content's every desire, including curtailing civil liberties by expanding wiretapping of electronic communications. Even the controversial USA PATRIOT Act exists because of extraordinary national security circumstances involving an attack on our country. Does Hollywood deserve its own PATRIOT Act? This new punitive IP agenda follows just weeks after dictators spying on citizens online was the lead story in every major newspaper. Perhaps the obvious hypocrisy caused someone to decide to wait to announce the US goal of expanding our government?s powers to spy online. A screenwriter could almost market this plot as a comedy?if it weren?t so serious. Maybe we should be grateful our government only wants to make streaming a song or movie a felony with potential prison time as punishment. What's next, corporal punishment? This is the latest indication of the extent to which the content industry has infiltrated this administration and managed to turn the Administration's IP agenda into a policy which protects old business models at the expense of consumers, citizens' rights, and our most innovative job creating industries. That sound you hear is Obama "IP czar" Victoria Espinel scratching Black's name off her Christmas card list. From rforno at infowarrior.org Fri Mar 18 17:30:24 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 18 Mar 2011 18:30:24 -0400 Subject: [Infowarrior] - Dot-XXX Domain for Adult-Content Websites Wins Approval Message-ID: Dot-XXX Domain for Adult-Content Websites Wins Approval By Kristen Schweizer and Joseph Galante - Mar 18, 2011 http://www.bloomberg.com/news/print/2011-03-18/dot-xxx-domain-for-adult-content-websites-wins-approval.html The .xxx domain for adult-content websites was approved for use today, overcoming opposition from porn stars and publisher Hustler, which said the move would make them susceptible to censorship. The Internet Corporation for Assigned Names and Numbers, the group that manages Web addresses worldwide, gave the green light to the .xxx domain at a meeting in San Francisco. While the address isn?t mandated for adult content, a flurry of sites are expected to register their brands to prevent them from being stolen. ICM Registry proposed the .xxx change and will sell addresses to website owners for $60 annually, said Chief Executive Officer Stuart Lawley. He said tens of thousands have already applied to reserve more than 200,000 domain names, and London-based advertising firm M&C Saatchi will begin a campaign to promote it. ?For the first time, there will be a clearly defined Web address for adult entertainment, out of the reach of minors and as free as possible from fraud or malicious computer viruses,? Lawley said in a statement. Porn stars and businesses including Vivid Entertainment LLC -- the company behind sex tapes of Paris Hilton and reality TV stars Kendra Wilkinson and Kim Kardashian -- have said .xxx would create an online ghetto, opening the industry to future regulation. Lawley said the domain would give parents more control and allow Internet users to filter unwanted material. Independence Threatened The Free Speech Coalition, an adult-industry trade association with more than 1,000 members, held a news conference this week to argue against .xxx?s approval, saying ICM is only looking to make money and the domain threatens the industry?s independence. Lawley had said Jupiter, Florida-based ICM could earn $200 million a year from .xxx and he?s planning a ?PayPal for porn? online system that could handle $1 billion a year in transactions. The .xxx domain will likely be live by September, Lawley said. To contact the reporter on this story: Kristen Schweizer in London at kschweizer1 at bloomberg.net; Joseph Galante in San Francisco at jgalante3 at bloomberg.net To contact the editor responsible for this story: Vidya Root at vroot at bloomberg.net. ?2011 BLOOMBERG L.P. ALL RIGHTS RESERVED. From rforno at infowarrior.org Sat Mar 19 20:31:00 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 19 Mar 2011 21:31:00 -0400 Subject: [Infowarrior] - Crowd Sourcing the New Errata Section, 'Prediction Fail' Message-ID: <4A3C91FA-F3C7-42A4-9B36-84686A933EE3@infowarrior.org> http://attrition.org/news/content/11-03-19.001.html Crowd Sourcing the New Errata Section, 'Prediction Fail' Sat Mar 19 20:05:35 CDT 2011 errata[at]attrition.org One of the 'to-do' list items for Errata is the creation of a 'Prediction Fail' page. The idea is to catalog the amusing (sad?) instances of security experts or companies predicting how things will change down the road, after time has passed. Grand claims, absurd predictions or pipe dreams tend to creep in with the more reasonable and down-to-earth predictions. For example, did you know that Microsoft and Brightmail Inc. (now owned by Symantec) predicted there would be an "end to computer spam" back in 2004? Or that Websense Security Labs claimed "the end of e-mail viruses is nigh"? Companies can make these absurd predictions safely, because the speed of news drowns them in a matter of weeks. Rarely do we look back months or years to see what was said about our ever-changing industry. It is time to start keeping these companies honest. With the upcoming 'Prediction Fail' Errata section, we will give you the cluebat you need to virtually smack these companies and demand for less hype, less FUD and more sanity. We're looking for YOUR help! Send in your favorite predictions! All we need is a link to the news article or press release, and we'll take it from there. Send them to errata[at]attrition.org please. http://attrition.org/news/content/11-03-19.001.html From rforno at infowarrior.org Sat Mar 19 22:22:28 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 19 Mar 2011 23:22:28 -0400 Subject: [Infowarrior] - Japan reluctant to disclose footage of power plant taken by U.S. drone Message-ID: Japan reluctant to disclose footage of power plant taken by U.S. drone 19 March 2011 By Gary Mortimer http://www.suasnews.com/2011/03/4703/japan-reluctant-to-disclose-footage-of-power-plant-taken-by-u-s-drone/ The Manichai Daily news reports that the Japanese government has in its possession video footage of the Fukushima No. 1 Nuclear Power Plant taken by a U.S. military reconnaissance drone, but has yet to release the footage to the public, sources have revealed. The footage taken from an RQ-4 Global Hawk drone was passed on to the Japanese government with permission for public release from the U.S. Air Force. U.S. military sources said that the decision to release the footage ? or not ? was up to the Japanese government. The unmanned aerial vehicle (UAV) is equipped with a high-performance camera that, according to the U.S. Air Force, takes ?footage so clear that even automobile license plates are visible.? Nearly real-time footage of the internal state of the power station is said to be captured, which is likely to assist experts in analyzing the situation. The U.S. Air Force has been flying the state-of-the-art UAV based in Andersen Air Force Base, Guam, over quake- and tsunami-ravaged areas since March 12 ? a day after a massive quake and tsunami struck eastern Japan ? in response to a request from the Japanese government. Because Japanese Self-Defense Force aircraft have trouble flying over the stricken Fukushima power plant due to large amounts of radioactive materials detected in the air, the Global Hawk has been filming the area around the clock. Footage is transmitted via satellite to a U.S. Air Force base in California, and is also supplied to the Japanese government. The Japanese government, however, has yet to disclose the footage, which is being analyzed by nuclear power experts and others at the California base. From rforno at infowarrior.org Sun Mar 20 07:58:23 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 20 Mar 2011 08:58:23 -0400 Subject: [Infowarrior] - DHS Partners with NCAA to Promote Suspicious Activity Reporting Message-ID: DHS Partners with NCAA to Promote Suspicious Activity Reporting March 20, 2011 in Featured http://publicintelligence.net/dhs-partners-with-ncaa-to-promote-suspicious-activity-reporting/ Secretary Napolitano Announces ?If You See Something, Say Something?? Campaign Partnership with NCAA (dhs.gov): Secretary of Homeland Security Janet Napolitano today joined National Collegiate Athletic Association (NCAA) President Mark Emmert to announce a new partnership between the Department of Homeland Security?s (DHS) ?If You See Something, Say Something?? public awareness campaign and the NCAA ? an effort that will help ensure safety and security during the NCAA March Madness college basketball tournament and all 88 NCAA championship games and tournaments. ?Every citizen plays a critical role in identifying and reporting suspicious activities and threats,? said Secretary Napolitano. ?Bringing the ?If You See Something, Say Something?? campaign to the NCAA?s championship games and tournaments will play a critical role in ensuring the safety of players, employees, students and fans.? The ?If You See Something, Say Something?? campaign ? originally implemented by New York City?s Metropolitan Transportation Authority and now licensed to DHS for a nationwide campaign ? is a simple and effective program to engage the public and key frontline employees to identify and report indicators of terrorism, crime and other threats to the proper transportation and law enforcement authorities. The ?If You See Something, Say Something?? campaign partnership with the NCAA launched today during the NCAA March Madness men?s and women?s basketball tournaments, and will feature both print and video materials ? including an ?If You See Something, Say Something?? public service announcement featuring Secretary Napolitano and NCAA President Mark Emmert that will play at all tournament games and future NCAA events, which can be viewed here. Over the past nine months, DHS has worked with its federal, state, local and private sector partners, as well as the Department of Justice, to expand the ?If You See Something, Say Something?? campaign and the Nationwide Suspicious Activity Reporting (SAR) Initiative ? an administration effort to train state and local law enforcement to recognize behaviors and indicators related to terrorism, crime and other threats; standardize how those observations are documented and analyzed; and expand and enhance the sharing of those reports with the Federal Bureau of Investigation and DHS ? to communities throughout the country. Partnerships with the ?If You See Something, Say Something?? campaign have recently been launched by the Massachusetts Bay Transportation Authority, the National Basketball Association (NBA) and the National Football League (NFL), as well as in Colorado, Minnesota and New Jersey, more than 9,000 federal buildings nationwide, Walmart, Mall of America, the American Hotel & Lodging Association, Amtrak, the Washington Metropolitan Area Transit Authority, the general aviation industry, and state and local fusion centers across the country. Earlier this week, Secretary Napolitano unveiled the ?If You See Something, Say Something?? public awareness video, available here. In the coming months, DHS will continue to expand the ?If You See Something, Say Something?? campaign nationally to help America?s business, communities and citizens remain vigilant and play an active role in keeping the country safe. From rforno at infowarrior.org Sun Mar 20 08:02:23 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 20 Mar 2011 09:02:23 -0400 Subject: [Infowarrior] - Google patches Flash bug before Adobe Message-ID: <4B86642B-4285-4360-B068-C692B4774478@infowarrior.org> Google patches Flash bug before Adobe By Dan Goodin in San Francisco ? Get more from this author Posted in Enterprise Security, 18th March 2011 23:33 GMT http://www.theregister.co.uk/2011/03/18/google_chrome_update/ Google has already released an update for its Chrome browser that fixes a critical vulnerability in Adobe's Flash Player that's under attack. Users of the animation software on other browsers and operating systems will have to wait until next week for the same patch. Chrome was able to beat the rest of the pack thanks to ongoing collaboration with Adobe that allows Google advanced access to updated builds of Flash, Adobe spokeswoman Wiebke Lips said. Google is then able to push the update to Chrome users through the browser's automatic update mechanism. Adobe, by contrast, has to test updates on more than 60 platforms or configurations, a requirement that takes more time to get patched software to the world at large. The update fixes a critical Flash vulnerability that attackers are using in the wild to install malware on end user machines. The exploits embed a malicious Flash file in a Microsoft Excel document that is emailed to highly targeted individuals, Adobe said. If the document is opened, it compromises some computers. The unspecified Flash vulnerability affects all versions of Flash, but the exploits target only Flash for Windows. Microsoft said on Thursday that machines running Office 2010 aren't susceptible to attacks because of a security protection known as data execution prevention that's built into the the application suite. Installing the updated Chrome browser will thwart attacks on older versions of Windows only if it doesn't have a version of Adobe's Flash for Internet Explorer installed and views Flash content only through Chrome's integrated version, Lips said. Google over the past few months has been pushing the boundaries in promptly patching vulnerabilities identified in Chrome. Last Friday, it issued a new browser version that fixed a vulnerability identified by researchers Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers in its underlying Webkit engine identified during the previous day's Pwn2Own hacker competition. If only the same could be said about Google's Android smartphone OS. ? From rforno at infowarrior.org Sun Mar 20 13:38:02 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 20 Mar 2011 14:38:02 -0400 Subject: [Infowarrior] - AT&T buying T-Mobile for $39B Message-ID: http://www.bloomberg.com/news/2011-03-20/at-t-agrees-to-buy-deutsche-telekom-s-t-mobile-usa-unit-for-39-billion.html AT&T Agrees to Buy Deutsche Telekom?s T-Mobile USA Unit for $39 Billion By Mike Harrison - Mar 20, 2011 2:19 PM ET Sun Mar 20 18:19:32 GMT 2011 AT&T Inc. (T) said it entered a definitive agreement with Deutsche Telekom AG (DTE) to acquire T- Mobile USA in a cash-and-stock transaction currently valued at approximately $39 billion. The agreement has been approved by the Boards of Directors of both companies, Deutsche Telekom said in a statement. To contact the editor responsible for this story: Mike Harrison at mharrison5 at bloomberg.net From rforno at infowarrior.org Sun Mar 20 16:03:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 20 Mar 2011 17:03:13 -0400 Subject: [Infowarrior] - Pentagon to Help Internet Providers Get Military Cyber Tools Message-ID: <89EFE1DE-5B27-4FE3-9DDE-1CB3826C74C6@infowarrior.org> Pentagon to Help Internet Providers Get Military Cyber Tools March 16, 2011, 6:45 PM EDT By Gopal Ratnam http://www.businessweek.com/news/2011-03-16/pentagon-to-help-internet-providers-get-military-cyber-tools.html March 16 (Bloomberg) -- The U.S. Defense Department plans to start a pilot program offering the military?s cyber security tools to Internet service providers for use in detecting and stopping attacks on their networks. The Pentagon is drafting a proposal to provide the country?s top Internet service providers with tools and techniques already available to a group of defense contractors for detecting and fixing cyber attacks, defense officials told lawmakers today. The plan seeks to use Defense Department technology ?with tier-one Internet service providers and see if we can do what we do with defense contractors,? General Keith Alexander, head of the U.S. Cyber Command, told the House Armed Services Committee?s panel on emerging threats and capabilities. The program may be expanded to more Internet providers if it proves successful, he said. The Pentagon has assembled a group of 40 defense contractors that voluntarily share with the Defense Department information on attacks on their networks, malware and suspected data thefts, under a program called the Defense Industrial Base Information Sharing Environment. In exchange, the companies get help fixing weaknesses in their computer systems. The same approach may be applied to Internet providers during a 90-day pilot program, James Miller, the principal deputy undersecretary of defense for policy, told lawmakers. He didn?t specify any companies that may participate in the project. The program is in a ?formative, pre-liftoff stage,? Miller said in an interview after his testimony. ?We are working very closely with the Department of Homeland Security on details of how to proceed.? The Defense Department also is looking to expand the defense contractors? group to include more suppliers and is seeking $113 million for the project over the next five years, Miller said in his prepared testimony. From rforno at infowarrior.org Mon Mar 21 07:23:40 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 08:23:40 -0400 Subject: [Infowarrior] - Court Orders Unclassified Docs Sealed Message-ID: <1ABA755C-3FAD-424F-9114-4471A1C5BDB7@infowarrior.org> (once again, the idiocy that is US classification policy comes into focus. --- rick) Court Orders Unclassified Docs Sealed http://www.fas.org/blog/secrecy/2011/03/docs_sealed.html Prosecutors in the case of the former National Security Agency official Thomas A. Drake, who is suspected of leaking classified information to a reporter, last week asked the court to block public access to two letters that were introduced as exhibits by the defense earlier this month. Late Friday, the court agreed to seal the two exhibits. But they remain publicly accessible anyway. The exhibits (pdf) describe the classification status of several NSA records that were found in the home of Mr. Drake, explaining why in each case the prosecution considers the records classified. The defense disputes their classification and denies that Mr. Drake ever retained any classified records at his home. Mr. Drake?s defense said (pdf) that it intends to introduce testimony at trial ?which will include a discussion of the appropriate assignment of classification controls under the Executive Order and the consequences and pervasiveness of inappropriately assigning classification controls.? To document the classification judgments that it disputes, the defense also filed the two letters from the Justice Department as exhibits on March 11. On March 16, prosecutors asked the court (pdf) to seal those two records. ?As grounds [for sealing the records], the information contained within the exhibits derives from NSA. As the holder of the privilege for this information, NSA has classified the documents as ?FOUO?, which means ?For Official Use Only.? This means that the information is not for public dissemination. Until such time as NSA downgrades the information to ?Unclassified,? the exhibits should not be publicly filed,? prosecutors wrote. Ironically, this prosecution argument illustrates the confusion about classification policy that prevails at NSA, in the Justice Department and in much of the government. The NSA could not ?classify? the records as FOUO and cannot ?downgrade? them to ?unclassified? because they are already unclassified. ?Information cannot be classified and FOUO at the same time,? according to the governing DoD regulation 5200.1-R. ?By definition, information must be unclassified in order to be designated FOUO.? Without waiting for a response from the defense or from other interested parties, Judge Richard D. Bennett of the Maryland District Court granted the prosecution motion and sealed the records. His March 18 decision on the matter, which was first reported by Politico, was also sealed. The newly-sealed records remain available, however, on the Federation of American Scientists web site here. Besides being unclassified, these records do not prejudice either the prosecution or the defense, to whom they were originally written. From rforno at infowarrior.org Mon Mar 21 07:35:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 08:35:29 -0400 Subject: [Infowarrior] - BBC World Service to sign funding deal with US state department Message-ID: <9AD3F0B1-785D-4ADE-9EAA-CA0E9B9C4612@infowarrior.org> BBC World Service to sign funding deal with US state department Low six-figure investment will aim to help combat censorship of TV and internet services in countries including Iran and China ? Ben Dowell ? guardian.co.uk, Sunday 20 March 2011 19.17 GMT ? Article history http://www.guardian.co.uk/media/2011/mar/20/bbc-world-service-us-funding?CMP=twt_fd The BBC World Service is to receive a "significant" sum of money from the US government to help combat the blocking of TV and internet services in countries including Iran and China. In what the BBC said is the first deal of its kind, an agreement is expected to be signed later this month that will see US state department money ? understood to be a low six-figure sum ? given to the World Service to invest in developing anti-jamming technology and software. The funding is also expected to be used to educate people in countries with state censorship in how to circumnavigate the blocking of internet and TV services. It is understood the US government has decided the reach of the World Service is such that it makes investment worthwhile. The US government money comes as the World Service faces a 16% cut in its annual grant from the Foreign Office ? a ?46m reduction in its ?236.7m budget over three years that will lead to about 650 job cuts. The money will be channelled through the World Service's charitable arm, the World Service Trust. The deal, which is expected to be formally announced on International Press Freedom Day, 3 May, follows an increase in incidents of interference with World Service output across the globe, according to its controller of strategy and business, Jim Egan. BBC Persian television, which launched in early 2009 and airs in Iran and its neighbouring countries, has experienced numerous instances of jamming. The BBC Arabic TV news service has also been jammed in recent weeks across various parts of north Africa during the recent uprisings in Egypt and Libya. "Governments who have an interest in denying people information particularly at times of tension and upheaval are keen to do this and it is a particular problem now," said Egan. Another area in which the BBC World Service is expected to use the US money is continuing its development of early warning software. This will allow it to detect jamming sooner than it does currently where it relies on reports from users on the ground. "Software like this helps monitor dips in traffic which act as an early warning of jamming, and it can be more effective than relying on people contacting us and telling us they cannot access the services," said Egan. The BBC also expects to use state department money to help combat internet censorship by establishing proxy servers that give the impression a computer located in one country is in fact operating in another, thereby circumnavigating attempts by repressive governments to block websites. "China has become quite expert at blocking websites and one could say it has become something of an export industry for them ? a lot of countries are keen to follow suit," said Egan. "We have evidence of Libya and Egypt blocking the internet and satellite signals in recent weeks." Egan added that the battle against jamming is likely to be an ongoing one because repressive countries are likely to develop methods to counter any anti-censorship technology that is developed. "It is a bit of a game of cat and mouse," said a BBC source. From rforno at infowarrior.org Mon Mar 21 07:39:22 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 08:39:22 -0400 Subject: [Infowarrior] - Google accuses China of interfering with Gmail email system Message-ID: Google accuses China of interfering with Gmail email system Chinese government's crackdown on activists thought to be behind what Google calls 'politically motivated attacks' ? Dominic Rushe in New York ? guardian.co.uk, Sunday 20 March 2011 20.50 GMT ? Article history http://www.guardian.co.uk/technology/2011/mar/20/google-gmail Google has accused the Chinese government of interfering with its popular Gmail email system. The move follows extensive attempts by the Chinese authorities to crack down on the "jasmine revolution" ? an online dissident movement inspired by events in the Middle East. According to the search giant, Chinese customers and advertisers have increasingly been complaining about their Gmail service in the past month. Attempts by users to send messages, mark messages as unread and use other services have generated problems for Gmail customers. In the wake of the catastrophic earthquake in Japan, Google set up an application to help people find relatives and friends lost in the disaster. This service too seems to have been compromised. "Relating to Google there is no issue on our side. We have checked extensively. This is a government blockage carefully designed to look like the problem is with Gmail," said a Google spokesman. China's embassy in Washington was not immediately available for comment. The announcement follows a blog posting from Google on 11 March in which the firm said it had "noticed some highly targeted and apparently politically motivated attacks against our users. We believe activists may have been a specific target." The posting said the attacks were targeting a vulnerability in Microsoft's Internet Explorer web browser. The two firms have been working to address the issue. At the time, Google declined to elaborate on which activists had been targeted or where the attacks had been coming from. Last January Google said it had been the victim of highly sophisticated attacks originating from China. At first the firm thought its intellectual property was the target. The company's investigations found at least 20 other internet , financial, technology, media and chemical companies had been similarly targeted. Google said it had uncovered evidence that the primary goal of the attacks was the Gmail accounts of Chinese human rights activists. The search firm is not commenting further on this latest attack, but technology experts said it seemed to show an increasingly high degree of sophistication. "In the wake of what is happening in the Middle East I don't think China wants to be seen making heavy-handed attacks on the internet, that would draw too much attention," said one internet executive who wished to remain anonymous. He said making it look like a fault in Google's system was extremely difficult to do and the fact that these attacks appear to come and go makes the attack look "semi-industrial and very, very sophisticated." In February dozens of political activists were arrested in China after an anonymous call online for people to start a jasmine revolution. The crackdown came as China's president Hu Jintao called for tighter internet controls to help prevent social unrest. Much of the unrest in the Middle East has gone unreported in China, where the internet is already heavily censored. Facebook, LinkedIn and YouTube are all blocked in China. Google first opened for business in China in 2005. But after announcing that it had been hacked in January last year the company said it was no longer prepared to censor its search results and moved its operations to Hong Kong. "We want as many people in the world as possible to have access to our services, including users in mainland China, yet the Chinese government has been crystal clear throughout our discussions that self-censorship is a non-negotiable legal requirement," David Drummond, Google's chief legal officer, said at the time. According to WikiLeaks cables, China's political elite have a love hate relationship with the internet. On the one hand the authorities want the information they can obtain via the web and on the other they are extremely concerned by the threat they perceive it presents to their authority. The cables suggest China has successfully hacked the US and other governments as well as private enterprises. The leaked cables also chronicle the pressure put on Google to comply with Chinese censorship. As well as removing references to the Dalai Lama and to 1989's Tiananmen Square massacre, Google was asked to censor images of government facilities displayed on the Google Earth mapping service. Last month the Chinese authorities launched Panguso, a search engine joint venture between Xinhua news agency and the state-owned telecoms giant China Mobile. The site appears to be even more heavily censored than Baidu, the largest search firm in China. Searches on Panguso reportedly produced no results for Nobel peace prize laureate Liu Xiaobo. From rforno at infowarrior.org Mon Mar 21 07:43:20 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 08:43:20 -0400 Subject: [Infowarrior] - Sprint teams up with Google Voice Message-ID: Sprint teams up with Google Voice Posted by Seth Weintraub March 21, 2011 7:55 AM While it isn't quite the AT&T-T-Mobile blockbuster, the move has broad implications on the mobile communications industry. Google (GOOG) and Sprint (S) just announced that the two companies would soon be integrating their voice services. The deal is two fold: First, Sprint customers will be able to use their existing Sprint mobile number as their Google Voice number and have it ring multiple other phones simultaneously. So now, calls to your Sprint mobile number can easily be answered from your office or your home phone, or even your computer through Gmail. Calls from Gmail and text messages sent from google.com/voice will also display your Sprint number. This basically gives Sprint customers all the benefits of Google Voice without the need to change or port their number. Alternatively, Google Voice users can choose to replace their Sprint number with their Google Voice number when placing calls or sending text messages from their Sprint handset. This feature works on all Sprint phones and gives Sprint users all the benefits of Google Voice without the need for an app. In both cases, Google Voice replaces Sprint voicemail, giving Sprint customers transcribed voicemail messages available online and sent via email and/or text message. International calls made from Google Voice users' Sprint phones will be connected by Google Voice at our very low rates, and Sprint customers will also have access to the rest of Google Voice's features, like creating personalized voicemail greetings based on who's calling, call recordin http://tech.fortune.cnn.com/2011/03/21/sprint-teams-up-with-google-voice/?section=magazines_fortune From rforno at infowarrior.org Mon Mar 21 09:24:03 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 10:24:03 -0400 Subject: [Infowarrior] - NY Fed to release bank loan info from '08 crisis Message-ID: <3EE3EBC7-0456-4C54-9A22-A49F9DDDC6A6@infowarrior.org> (Transparency, 3 years after the fact. But still, helpful. ---- rick) http://www.businessinsider.com/the-fed-banks-the-discount-window-2011-3 For The First Time Ever The Fed Must Reveal Which Big Banks Took Emergency Loans From The Discount Window Courtney Comstock | Mar. 21, 2011, 10:17 AM | 77 | 1 The Fed ruled today that they're going to reveal which banks got federal funds from the discount window. The discount window allowed banks to borrow money from the Central Bank on an emergency basis to meet liquidity shortages during the crisis. Remember when the Fed released all of that Stress Test stuff and everyone said, "but they didn't reveal anything interesting!" Well, this is the interesting stuff - who took emergency loans during the crisis. Bloomberg sued the Fed demanding that they reveal the data. Now, they have agreed to, we just don't know when they'll do it. Bloomberg reporter Lizzie O'Really tweeted that she predicts it will be released within 5 days. The Fed will have to release its data on emergency loans. We sued them for it and the Supreme Court rejected the appeal. A group of big banks did not want the data released. The court rejected their appeal. This is the first time a court has forced the Fed to name the banks that borrowed from the discount window. This is a huge victory for transparency, and a great legacy for the late Mark Pittman, who originally FOIA'd the data. From rforno at infowarrior.org Mon Mar 21 09:25:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 10:25:06 -0400 Subject: [Infowarrior] - Fed Must Release Bank Loan Data as High Court Rejects Appeal Message-ID: Fed Must Release Bank Loan Data as High Court Rejects Appeal By Greg Stohr and Bob Ivry - Mar 21, 2011 http://www.bloomberg.com/news/print/2011-03-21/fed-must-release-bank-loan-data-as-high-court-rejects-appeal.html The Federal Reserve must disclose details of emergency loans it made to banks in 2008, after the U.S. Supreme Court rejected an industry appeal that aimed to shield the records from public view. The justices today left intact a court order that gives the Fed five days to release the records, sought by Bloomberg News?s parent company, Bloomberg LP. The Clearing House Association LLC, a group of the nation?s largest commercial banks, had asked the Supreme Court to intervene. The order marks the first time a court has forced the Fed to reveal the names of banks that borrowed from its oldest lending program, the 98-year-old discount window. The disclosures, together with details of six bailout programs released by the central bank in December under a congressional mandate, would give taxpayers insight into the Fed?s unprecedented $3.5 trillion effort to stem the 2008 financial panic. ?I can?t recall that the Fed was ever sued and forced to release information? in its 98-year history, said Allan H. Meltzer, the author of three books on the U.S central bank and a professor at Carnegie Mellon University in Pittsburgh. Under the trial judge?s order, the Fed must reveal 231 pages of documents related to borrowers in April and May 2008, along with loan amounts. News Corp. (NWSA)?s Fox News is pressing a bid for 6,186 pages of similar information on loans made from August 2007 to November 2008. Unprecedented Disclosure The records were originally requested under FOIA, which allows citizens access to government papers, by the late Bloomberg News reporter Mark Pittman. As a financial crisis developed in 2007, ?The Federal Reserve forgot that it is the central bank for the people of the United States and not a private academy where decisions of great importance may be withheld from public scrutiny,? said Matthew Winkler, editor in chief of Bloomberg News. ?The Fed must be accountable to Congress, especially in disclosing what it does with the people?s money.? The Clearing House Association contended that Bloomberg was seeking an unprecedented disclosure that might dissuade banks from accepting emergency loans in the future. ?Disclosure of this information threatens to harm the borrowing banks by allowing the public to observe their borrowing patterns during the recent financial crisis and draw inferences -- whether justified or not -- about their current financial conditions,? the group said in its appeal. Obama Administration A federal trial judge ruled in 2009 that the Fed had to disclose the records in the Bloomberg case, and a New York-based appeals court upheld that ruling. The Clearing House Association?s chances at getting a Supreme Court hearing suffered a setback when the Obama administration urged the justices not to hear the appeal. The government said the underlying issues had limited practical significance because Congress last year laid out new rules for disclosing Fed loans in the Dodd-Frank law. ?Congress has resolved the question of whether and when the type of information at issue in this case must be disclosed? in the future, the administration said in a brief filed by acting Solicitor General Neal Katyal, President Barack Obama?s top Supreme Court lawyer. The Fed had previously fought alongside the banks in opposing disclosure. It also sought to join the industry group in seeking high court review, only to be overruled by Katyal, according to court documents. Discount Window Bloomberg initially requested similar information for aid recipients under three other Fed emergency programs. The central bank released details for those facilities and others in December, after Congress required disclosure through the Dodd- Frank law. The legislation didn?t apply retroactively to the discount window lending program, which provides short-term funding to financial institutions. Discount window loans made after July 21, 2010, must be released following a two-year lag. The New York-based Clearing House Association, which has processed payments among banks since 1853, includes Bank of America NA, Bank of New York Mellon, Citibank NA, Deutsche Bank Trust Co. Americas, HSBC Bank USA NA, JPMorgan Chase Bank NA, U.S. Bank NA and Wells Fargo Bank NA. In trying to shield the documents from disclosure, the Clearing House invoked a FOIA exemption that covers trade secrets and commercial or financial information obtained from a person and privileged or confidential.? The cases are Clearing House Association v. Bloomberg, 10- 543, and Clearing House Association v. Fox News Network, 10-660. To contact the reporters on this story: Greg Stohr in Washington at gstohr at bloomberg.net; Bob Ivry in New York at bivry at bloomberg.net. To contact the editor responsible for this story: Mark Silva at msilva34 at bloomberg.net; Gary Putka at gputka at bloomberg.net. From rforno at infowarrior.org Mon Mar 21 09:27:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 10:27:06 -0400 Subject: [Infowarrior] - Pirate Bay User Database Compromised and Exploited, Again Message-ID: <4F5D6EFC-4927-4E81-90D2-1842C66BC6DD@infowarrior.org> Pirate Bay User Database Compromised and Exploited, Again ? Ernesto ? 20/03/2011 http://torrentfreak.com/pirate-bay-user-database-compromised-and-exploited-again-110320/ In recent weeks many Pirate Bay users have received an email, allegedly sent by The Pirate Bay team, encouraging them to download a course on how to make money from the site. The email is clearly sent by spammers, but since this is not the first time the Pirate Bay user database has been exploited, users are starting to worry how it?s possible that their personal info is leaking out again. Last summer a group of Argentinian hackers gained access to The Pirate Bay?s admin panel through a security breach. At the time, the hackers stated that they didn?t want to exploit the vulnerability, and merely wanted to show that the system was vulnerable. The Pirate Bay team informed TorrentFreak that they were doing all they could to patch the vulnerability, and later said that the site was fully secure again. Two month later, however, it became apparent that The Pirate Bay backend had been exploited, this time by spammers. At the time a large number of The Pirate Bay users received an email, allegedly from the site?s operators, inviting them to join the private BitTorrent tracker DemUnoid. The emails were sent out using a unique combination of real Pirate Bay user names and the email addresses those people signed up with, indicating that the sender had exploited the user database. How this happened, and whether there was a connection to the earlier hack attempt remained a mystery, but it has now become apparent that this spam attempt was not an isolated incident. Starting mid-February TorrentFreak started receiving reports of another spam attempt. This time Pirate Bay users are being encouraged to visit a website where they can allegedly download instructions on how to make money from torrent sites like The Pirate Bay. Below is a copy of one of the original emails. A slightly edited version was sent out as recently as yesterday. ? Subject: Attention to all PirateBay Users Dear *Username* A course has been put together to show you how to use The PirateBay to make some serious money. This seriously works. Please visit http://www.sams101.com/ccount/click.php?XXX and download the course instructions. Because you are a torrent user and you use TPB you can do this. Pirate Team ? The staff at The Pirate Bay are definitely not sending out these emails, so from where do they originate? As far as we can see it appears to be another exploit of a vulnerability in The Pirate Bay user database, one that is used for malicious purposes. Another possibility is that the same people are reusing the previously obtained data. The emails that TorrentFreak has seen all follow the same structure and link to the same page. They are sent from various addresses such as super.affilates002 at gmail.com, the.pirates.teams at gmail.com and the.pirate.teams at thepiratesteam.com and all use the unique combination of a Pirate Bay username and email address of the user in question. One Pirate Bay user who received the spam email told TorrentFreak that he only used the email the spam was sent to once, to sign up at The Pirate Bay, which is a clear sign that the spam results from a compromised user database. How this info was collected is unclear at this point, and from the information we have it appears that only a subset of users is affected. During recent weeks users have mentioned the spam mails at the Pirate Bay forums, but no official explanation has been given thus far. With nearly 5 million users The Pirate Bay database is a lucrative target for spammers so new users should be weary of this and if possible use a throwaway email address when signing up. A Pirate Bay moderator told TorrentFreak that users who want to change their email address can ask for it on IRC or at the forums. An option to let users change their email addresses on the site is being considered. From rforno at infowarrior.org Mon Mar 21 14:15:48 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 15:15:48 -0400 Subject: [Infowarrior] - "An Internal Brain Drain" Message-ID: March 18, 2011 "An Internal Brain Drain" http://blogs.sciencemag.org/sciencecareers/2011/03/an-internal-bra.html The United States is suffering from a serious scientific and technological workforce problem that harms innovation, according to Norman Matloff of the University of California-Davis computer science department. But it is not the supposed shortage of American scientists and engineers widely bemoaned by politicians and industry representatives. Rather, because of "an internal brain drain" of able Americans out of scientific and technical fields, "we are wasting our talent," he told he told an audience of legal and immigration experts, IT workers, and scientists at a March 18 policy briefing held at the Georgetown University Law School. This loss of talent largely results from the nation's policy of admitting large number of scientists, IT workers, and computer engineers, he said. Entitled "Are they they best and brightest? Analysis of employer-sponsored tech immigrants," the talk was arranged by the Institute for the Study of International Migration of Georgetown's school of foreign service. Matloff's answer to that question is a resounding No. Despite widely publicized claims that foreign tech workers and scientists represent exceptional ability and are thus vital to American innovation, Matloff called that argument merely "a good sound byte for lobbyists" supporting industry proposals for higher visa caps. The data, on the other hand, indicate that those admitted are no more able, productive, or innovative than America's homegrown talent, he said. In fact, Matloff went on, the nation is "wasting the innovation" that Americans could create because they are being driven from technical and scientific fields by the influx of foreigners. "There are a lot of good people who are displaced," he said. In the tech field, this does not occur because of talent, education, productivity or ability but with age, and ultimately with pay, he stated. Employers prefer to bring in young foreign workers who are cheaper in preference to employing experienced Americans who are more expensive. In a number of tech companies, a majority of workers are foreign-born while many Americans being displaced "are of good quality." Over 20 years ago, he noted, experts predicted that encouraging immigration would discourage citizens from entering these fields. "It's an issue of money....It's all due to an oversupply of people" created by immigration policies, he said. The issues applies to both the IT industry and scientific research, he added. One result is that young American "would have to be crazy to go into lab science today," he said. "No study except for industry studies has ever shown a shortage" of scientific or technical workers, he said. One indication of non-shortage is that "salaries are flat," whereas in a shortage situation they should rise. Proponents of more visas and green cards for foreign engineers and scientists, however, regularly cite the supposedly higher rates of entrepreneurship and patent applications by foreigners. The data show that immigrants patent at rates similar to or lower than that of Americans. Immigrants do, however, have more research publications and higher rates of entrepreneurship. Further analysis reveals, however, that this does not necessarily indicate greater innovation. "Many people in academe game the system and are very good at becoming machines to make many publications," he said. And "founding a company is not the same thing as innovation," he continued, citing a study showing that a third of the tech companies founded by Chinese immigrants are simply wholesaling or assembling PCs. Many Indian immigrant firms, meanwhile, are involved in outsourcing. Matloff emphasizes that he does not oppose immigration. He himself is the son of an immigrant and is married to a Chinese immigrant, he notes. He is fluent in Chinese and travels to China, both on professional matters and to visit family members. He has been instrumental in his department's hiring immigrant faculty members, he adds. What he opposes, he says, is permitting the labor market to be flooded with foreign workers, which he sees as contrary to the national interest. Policies such as a blanket provision of a green card to all foreign science and tech graduates as "unwarranted." "There is no labor shortage in tech" and no "best & brightest" trend found among foreign students or workers here. From rforno at infowarrior.org Mon Mar 21 14:28:56 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 15:28:56 -0400 Subject: [Infowarrior] - =?windows-1252?q?South_Park=92s_Matt_Stone_On_MPA?= =?windows-1252?q?A=92s_Power_Abuse_and_Censorship?= Message-ID: <3A2E6522-670E-4FC4-A8CB-EA0E2D2A0918@infowarrior.org> South Park?s Matt Stone On MPAA?s Power Abuse and Censorship ? Ernesto ? 21/03/2011 Aside from their anti-piracy efforts, the MPAA is famous for their film ratings system in the United States. Through their ratings the MPAA can hurt the potential profitability of a film, and the ratings process itself is often a frustrating endeavor for filmmakers. In the video below, South Park?s Matt Stone shares his thoughts on MPAA?s unfairness towards independent filmmakers, who are treated different than the major movie studios who pay their bills. A related and recommended film on the flawed and biased MPAA ratings board is ?This Film Is Not Yet Rated.? http://torrentfreak.com/south-parks-matt-stone-on-mpaas-power-abuse-and-censorship-110321/ From rforno at infowarrior.org Mon Mar 21 20:35:18 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 21:35:18 -0400 Subject: [Infowarrior] - Appeals Court Revives Lawsuit Challenging NSA Surveillance of Americans Message-ID: Appeals Court Revives Lawsuit Challenging NSA Surveillance of Americans ? By David Kravets ? March 21, 2011 | ? 3:25 pm | ? Categories: Surveillance, privacy http://www.wired.com/threatlevel/2011/03/warrantless-eavesdropping/ It?s easy to forget these days, but former President George W. Bush?s illegal warrantless surveillance program was never halted by Congress, nor by the Obama administration. It was merely legalized in a 2008 law called the FISA Amendments Act. That means the surveillance of Americans? international phone calls and internet use ? complete with secret rooms in AT&T data centers around the country ? is likely still ongoing. On Monday, a federal appeals court reinstated a key legal challenge to that surveillance: a lawsuit filed by the ACLU and others within hours of the FISA Amendments Act (.pdf) being signed into law. The lawsuit attacks the constitutionality of the legislation, which allows the government to electronically eavesdrop on Americans without a probable-cause warrant, so long as one of the parties to the communication resides outside the United States, and is suspected of a link to terrorism. The decision by the 2nd U.S. Circuit Court of Appeals means the ACLU, and other rights groups involved in the suit, might get their day in court. ?This is a really big victory,? said ACLU spokeswoman Rachel Myers. ?The ruling is that you don?t have to prove you?ve been spied on to challenge an unlawful spy act.? A lower court had ruled the ACLU, Amnesty International, Global Fund for Women, Global Rights, Human Rights Watch, International Criminal Defence Attorneys Association, The Nation magazine, PEN American Center, Service Employees International Union and other plaintiffs did not have standing to bring the case, because they could not demonstrate that they were subject to the eavesdropping. The groups appealed, arguing that they often work with overseas dissidents who might be targets of the National Security Agency program. Instead of speaking with those people on the phone or through e-mails, the groups asserted that they have had to make expensive overseas trips in a bid to maintain attorney-client confidentiality. The plaintiffs, some of them journalists, also claim the 2008 legislation chills their speech, and violates their Fourth Amendment privacy rights. Without ruling on the merits of the case, the appeals court on Monday agreed with the plaintiffs that they have ample reason to fear the surveillance program, and thus have legal standing to pursue their claim. From the ruling: [T] plaintiffs have good reason to believe that their communications in particular, will fall within the scope of the broad surveillance that they can assume the government will conduct. The plaintiffs testify that in order to carry out their jobs they must regularly communicate by telephone and e-mail with precisely the sorts of individuals that the government will most likely seek to monitor ? i.e., individuals ?the U.S. government believes or believed to be associated with terrorist organizations,? ?political and human rights activists who oppose governments that are supported economically or militarily by the U.S. government,? and ?people located in geographical areas that are a special focus of the U.S. government?s counterterrorism or diplomatic efforts.? The plaintiffs? assessment that these individuals are likely targets of [FISA Amendments Act] surveillance is reasonable, and the government has not disputed that assertion. The case will now return to the courtroom of U.S. District Court Judge John G. Koeltl in New York, where, if past is prologue, the Obama administration will play its trump card: an assertion of the powerful State Secrets Privilege that lets the executive branch effectively kill lawsuits by claiming they threaten to expose national security secrets. ?State secrets could definitely come into it,? Myers said. The courts tend to defer to such claims. But in a rare exception in 2008, a San Francisco federal judge refused to throw out a wiretapping lawsuit against AT&T under the State Secrets Privilege. The AT&T lawsuit was later killed anyway, because the same FISA Amendments Act also granted the phone companies retroactive legal immunity for their participation in the NSA program. That immunity does not apply to the government. The FISA Amendments Act ? which passed with the support of then-senator Obama ? generally requires the Foreign Intelligence Surveillance Act Court to rubber-stamp terror-related electronic surveillance requests. The government does not have to identify the target or facility to be monitored. It can begin surveillance a week before making the request, and the surveillance can continue during the appellate process in a rare instance of rejection by the secret FISA court. Top photo: National Security Agency building in Fort Meade, Maryland From rforno at infowarrior.org Mon Mar 21 21:12:48 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 21 Mar 2011 22:12:48 -0400 Subject: [Infowarrior] - The Art of Naming Operations Message-ID: <98452FF2-5764-4480-9DAB-F0DE789323B3@infowarrior.org> The Art of Naming Operations GREGORY C. SIEMINSKI From Parameters, Autumn 1995, pp. 81-98. Shortly after word spread among key military leaders that President Bush had ordered the invasion of Panama, Lieutenant General Thomas Kelly, Operations Officer on the Joint Staff, received a call from General James Lindsay, Commander-in-Chief (CINC), Special Operations Command. His call did not concern some last-minute change in the invasion plan; rather, it concerned a seemingly insignificant detail of the operation: its name. "Do you want your grandchildren to say you were in Blue Spoon?" he asked.[1] Lieutenant General Kelly agreed that the name should be changed. After hanging up the phone, General Kelly discussed alternatives with his deputy for current operations, Brigadier General Joe Lopez. "How about Just Action?" Kelly offered. "How about Just Cause?" Lopez shot back.[2] So was born the recent trend in nicknaming operations. Since 1989, major US military operations have been nicknamed with an eye toward shaping domestic and international perceptions about the activities they describe.[3] Operation Just Cause is only the most obvious example of this phenomenon. From names that stress an operation's humanitarian focus, like Operation Provide Comfort in Turkey, to ones that stress an operation's restoration of democratic authority, like Operation Uphold Democracy in Haiti, it is evident that the military has begun to recognize the power of names in waging a public relations campaign, and the significance of winning that campaign to the overall effort. As Major General Charles McClain, Chief of Public Affairs for the Army, has recently written, "the perception of an operation can be as important to success as the execution of that operation."[4] Professor Ray Eldon Hiebert, in a piece titled, "Public Relations as a Weapon of Modern War," elaborates on that view: "The effective use of words and media today . . . is just as important as the effective use of bullets and bombs. In the end, it is no longer enough just to be strong. Now it is necessary to communicate. To win a war today government not only has to win on the battlefield, it must also win the minds of its public."[5] < -- > http://www.carlisle.army.mil/usawc/parameters/Articles/1995/sieminsk.htm From rforno at infowarrior.org Tue Mar 22 07:23:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 08:23:57 -0400 Subject: [Infowarrior] - =?windows-1252?q?RSA_hack_=96_a_lesson_in_how_not?= =?windows-1252?q?_to_handle_a_PR_disaster!?= Message-ID: <95D02A2F-9FC7-47C1-85B9-955CA45FF80F@infowarrior.org> (c/o JH) RSA hack ? a lesson in how not to handle a PR disaster! Eskenzi?s Blog Eskenzi?s view on IT Security and PR By yvonneeskenzi I?ve been doing PR for the IT security industry for 16 years and there has never been such a major breach to an IT security vendor, as the one to hit RSA on Friday. And rarely has a PR disaster been dealt with so badly. From where I?m sitting, resellers, distributors, customers as well as bloggers, tweeters and journalists are running around speculating about what?s happened and panicking about what to do ? with no clear advice or guidance from RSA?s internal or external experts. It?s almost like they?ve battened down the hatches, stuck their heads under their duvets and hoped this whole nasty incident would shut-up and go away, so that they could start the week afresh as though nothing had happened. If you visit their website there?s nothing there apart from an open letter from Art Coviello their Executive Chairman http://www.rsa.com/node.aspx?id=3872 stating they?ve suffered a major hack! But what I want to know is where are the press releases with more statements and calming advice, where is the hotline general number for more information, how do you contact anyone with sane help as to what to do with your SecureID tokens ? should you still use them or are they now defunct? When I spoke to the FT last week they said that RSA did not have anyone available for comment and another journalist said they were put through to an answerphone, as there were no official RSA personnel to talk to. So of course speculation as to the severity of the situation is now running riot with every security pundit coming up with their disaster theory. Take NSSlabs.com http://www.nsslabs.com/research/analytical-brief-rsa-breach.html who are recommending that ?RSA clients who use SecureID to protect sensitive information should consider eliminating remote access until this is resolved ; perform an impact assessment of systems using this technology and identify critical assets and potential risks. Furthermore, RSA clients should consider alternative 2-factor authentication solutions?. This is a huge PR disaster rolling out of control, especially now that other security professionals are advising customers to shut the systems down until the situation is resolved. Come on RSA tell us all when you?re going to resolve the situation! The longer RSA keep their mouths shut the more speculation there will be about the magnitude of this disaster. All companies should look and learn from this RSA?s situation, as, in time, this will surely be the sort of example that marketing and PR students are shown as a ?text book? case in how not to ?handle crisis management?. I?d recommend that RSA apologise and explain how this situation came about ? immediately issue their users and partners with advice and a temporary security solution. It?s all about communication ? come on guys there are enough channels to communicate through ? just do it! Job sorted! http://eskenzi.wordpress.com/ From rforno at infowarrior.org Tue Mar 22 07:29:34 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 08:29:34 -0400 Subject: [Infowarrior] - FBI center takes on $1 billion ID project Message-ID: <935813B3-EFBA-41FA-A854-662D4B59BA7F@infowarrior.org> March 21, 2011 FBI center takes on $1 billion ID project By Eric Eyre http://wvgazette.com/News/Business/201103211014 CHARLESTON, W.Va. -- The Clarksburg FBI complex is taking part in a $1 billion project that will enable law enforcement agencies to identify criminals and terrorists by physical characteristics more quickly and accurately, an FBI official said Monday in Charleston. Earlier this month, the FBI center unveiled its "Next Generation Identification System," which will slowly replace an older system that can no longer handle the volume of fingerprints sent to Clarksburg. "It's bigger, better, faster," said Stephen Morris, a deputy assistant director at the FBI Center. "It increases capacity and accuracy." Morris spoke Monday at a Charleston Rotary Club luncheon at the Civic Center. The NGI system, built by Lockheed Martin, allows FBI employees to conduct automated fingerprint searches and exchange information with more than 18,000 law enforcement agencies. The FBI's fingerprint examining staff also received new "advanced technology workstations" that will help increase accuracy, Morris said. Under the system, state and local police officers also will eventually use hand-held devices to scan suspects' fingerprints and send the images electronically to the FBI center. "It's a quick scan to let police officers know if they should let the person go, or take him into custody," Morris said. In later stages, NGI system also will be expanded to include the analysis of palm prints, handwriting, faces, human irises and voices. "Our job is to study those and see how reliable they are for law enforcement," Morris said. The FBI plans to increase the size of the Clarksburg complex significantly with the opening of a new 350,000-square-foot Biometric Technology Center in 2014, Morris said. The FBI plans to share the facility with the U.S. Department of Defense. The FBI center, which opened in 1995, now has about 2,500 full-time workers and another 500 contract employees. The center analyzes and identifies nearly 168,000 fingerprints a day on average. The fingerprints are used to solve investigations, prevent crime and identify criminals and terrorists. Reach Eric Eyre at erice... at wvgazette.com or 304-348-4869. From rforno at infowarrior.org Tue Mar 22 08:38:44 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 09:38:44 -0400 Subject: [Infowarrior] - In Ishinomaki, news comes old-fashioned way: Via paper Message-ID: (just goes to show you that you don't always need "social media" or digital networks to be connected, contrary to popular opinion.....people were connecting and exchanging information LOOONG before the Internet and electronic media came into being. -- rick) In Ishinomaki, news comes old-fashioned way: Via paper By Andrew Higgins, Monday, March 21, 9:20 PM http://www.washingtonpost.com/world/in-ishinomaki-news-comes-old-fashioned-way-via-paper/2011/03/21/ABPp8X9_print.html ISHINOMAKI, Japan ? Nobody tweeted or blogged or e-mailed. They didn?t telephone either. Bereft of electricity, gasoline and gas, this tsunami-traumatized town did things the really old-fashioned way ? with pen and paper. Unable to operate its 20th-century printing press ? never mind its computers, Web site or 3G mobile phones ? the town?s only newspaper, the Ishinomaki Hibi Shimbun, wrote its articles by hand with black felt-tip pens on big sheets of white paper. But unlike modern media, the method worked. ?People who suffer a tragedy like this need food, water and, also, information,? said Hiroyuki Takeuchi, chief reporter at the Hibi Shimbun, an afternoon daily. ?People used to get their news from television and the Internet. But when there is no light and no electricity, the only thing they have is our newspaper.? While recent political ferment across the Arab world has trumpeted the power of new media, the misery in Japan, one of the world?s most wired nations, has rolled back the clock. For a few days at least, the printed and handwritten word were in the ascendant. After writing and editing articles, Takeuchi and others on staff copied their work onto sheets by hand for distribution to emergency relief centers housing survivors of Japan?s worst-ever earthquake and deadly tsunami that followed. ?They were desperate for information,? said Takeuchi, who has slept in the office for the 10 days since the tsunami flooded the ground floor of his house. With electricity now restored to about a third of the northeast town?s 160,000 residents, Takeuchi?s newspaper has put away its pens and started printing. Internet access is still not available. Monday?s printed front page cheered a ?miraculous rescue drama? ? the story of an 80-year-old woman and her 16-year-old grandson plucked from their ruined Ishinomaki home Sunday. Down the coast in Sendai, a once-thriving city of more than 1 million, the digital juggernaut has also come to a halt. ?In conditions like these, nothing has power like paper,? said Masahiko Ichiriki, president and owner of Kahoku Shimpo, the city?s main newspaper. With most shops shut, people can?t buy batteries to power radios. The collapse of the region?s electrical system has shut down Sendai?s computers and television sets, but Ichiriki?s Sendai newspaper has published throughout. It even put out a single-page flash edition on the evening of the tsunami. Information-starved residents, said the proprietor, ?depend on our newspaper for a lifeline.? It not only provides news about a catastrophe but also mundane, vital information: which shops have food, which roads have been cleared of rubble, which banks have cash and which branches of a popular liquor store have reopened. In Ishinomaki, which is smaller than Sendai and suffered more damage, the Hibi Shimbun didn?t publish for two days after the tsunami. One of its six reporters was swept away in his car while returning from an assignment. He survived and, after several days in a hospital, is back at work. Takeuchi, the chief reporter, was in the office when the earthquake struck at 2:46 p.m. on March 11. He had just finished work on that day?s edition, which featured a front-page article about Ishinomaki?s ?hidden charms? and officials? promises to improve hospital and other facilities. The quake shook the newspaper?s two-story building so hard that fluorescent lights fell from the ceiling and filing cabinets skidded across the floor. The first handwritten edition, prepared March 13, featured a pledge to ?try and get information as accurate as possible.? It reported on the arrival of rescue teams from across Japan and on the extent of the ruin. Houses and businesses along Ishinomaki?s waterfront were destroyed. More than 30,000 people took refuge in shelters. ?We now know the full extent of the damage,? read a headline. The next day, the paper wrote the names and ages of 34 area residents whose bodies had been identified. It also reported on a robbery in a supermarket, a sign of the town?s desperation. But the paper has tried to lift rather than dampen people?s battered spirits, Takeuchi said. ?We look for things related to hope. This is our philosophy,? he said. The paper stopped publishing the names of the dead because ?the number just kept growing.? More than 1,300 corpses have been identified. All of these efforts have helped fill that void left by the absence of electronic media. ?Living with no electricity or water and not much food is hard enough,? said Yutaka Iwasawa, 25, of Ishinomaki.?But the worst thing was that there was no information.? He said he missed e-mail and surfing the Web. higginsandrew at washpost.com From rforno at infowarrior.org Tue Mar 22 13:49:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 14:49:29 -0400 Subject: [Infowarrior] - Dozens of exploits released for popular SCADA programs Message-ID: <2399A692-2AD1-4A60-83AF-4CA5C4CB0933@infowarrior.org> http://www.theregister.co.uk/2011/03/22/scada_exploits_released/ By Dan Goodin in San Francisco The Register 22nd March 2011 The security of software used to control hardware at nuclear plants, gas refineries and other industrial settings is coming under renewed scrutiny as researchers released attack code exploiting dozens of serious vulnerabilities in widely used programs. The flaws, which reside in programs sold by Siemens, Iconics, 7-Technologies, Datac, and Control Microsystems, in many cases make it possible for attackers to remotely execute code when the so-called supervisory control and data acquisition software is installed on machines connected to the internet. Attack code was released by researchers from two separate security camps over the past week. ?SCADA is a critical field but nobody really cares about it,? Luigi Auriemma, one of the researchers, wrote in an email sent to The Register. ?That's also the reason why I have preferred to release these vulnerabilities under the full-disclosure philosophy.? The vulnerability dump includes proof-of-concept code for at least 34 vulnerabilities in widely used SCADA programs sold by four different vendors. Auriemma said the majority of the bugs allow code execution, while others allow attackers to access sensitive data stored in configuration files and one makes it possible to disrupt equipment that uses the software. He included a complete rundown of the vulnerabilities and their corresponding PoC code in a post published on Monday to the Bugtraq mail list. It came six days after a Moscow-based security firm called Gleg announced the availability of Agora SCADA+, which attempts to collect virtually all known SCADA vulnerabilities into a single exploit pack. The 22 modules include exploits for 11 zero-day vulnerabilities, said the company's Yuriy Gurkin in an email. It's not clear how much the package costs. Gurkin said Gleg's website has come under sustained web attacks shortly after releasing the SCADA exploit pack. ?We have tried to switch to ddoshostingsolutions.com provider but in just 3 days were out of 500 GB traffic limit,? he said. ?Currently trying to solve this.? The vulnerability of SCADA systems had long been theorized, but it wasn't until last year that the world got an object lesson on just how susceptible they could be to attack. In July, researchers reported the discovery of a computer worm that attacked SCADA software sold by Siemens. Research later showed that the underlying Stuxnet exploit amounted to a ?search-and-destroy weapon? built to take out Iran's Bushehr nuclear reactor. SCADA software often runs on extremely old systems that are difficult to replace without causing disruptions to critical equipment. As a result, installing patches and upgrades is frequently avoided despite the obvious security benefits. ? From rforno at infowarrior.org Tue Mar 22 16:00:31 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 17:00:31 -0400 Subject: [Infowarrior] - =?windows-1252?q?Google=92s_=24125_Million_Digita?= =?windows-1252?q?l_Library_Settlement_Rejected?= Message-ID: Google?s $125 Million Digital Library Settlement Rejected By Bob Van Voris and Susan Decker - Mar 22, 2011 http://www.bloomberg.com/news/print/2011-03-22/google-s-125-million-digital-library-settlement-is-rejected-by-u-s-judge.html Google Inc. (GOOG)?s $125 million settlement with publishers and authors was rejected today by a U.S. judge who said the deal to create the world?s biggest digital book library would be unfair to authors. The expansive nature of the settlement, calling for copyright owners to opt out or be automatically included, ?would simply go too far,? said U.S. Circuit Judge Denny Chin in Manhattan, who was a district-court judge when the case first came before him. He suggested the settlement would have a better chance at approval were it revised to cover only those who opt into the agreement. As written now, the settlement ?would grant Google significant rights to exploit entire books, without permission of copyright owners,? Chin wrote. It ?would give Google a significant advantage over competitors, rewarding it for engaging in wholesale copying of copyrighted works without permission, while releasing claims well beyond those presented in the case.? Google, based in Mountain View, California, was sued in 2005 by authors and publishers who said the company was infringing their copyrights on a massive scale by digitizing books. The agreement includes a Book Rights Registry to compensate copyright holders. Amazon.com Inc. (AMZN), Microsoft Corp. (MSFT), Yahoo! Inc. and the nations of Germany and France said the agreement would give Google unfair control over digitized works and expand its power in the search engine market. Some author groups who weren?t part of the settlement said they would lose control of their copyrights. Copyright Protection The agreement focuses on out-of-print books still protected by U.S. copyright law. Google struck agreements with publishers to allow limited access to books that are still commercially available, and the site has links to let consumers buy the books from various sources, including Amazon.com and Barnes & Noble. Google said it was considering its options and was disappointed in the decision. ?Like many others, we believe this agreement has the potential to open-up access to millions of books that are currently hard to find in the U.S. today,? said Hilary Ware, managing counsel at Google. ?Regardless of the outcome, we?ll continue to work to make more of the world?s books discoverable online through Google Books and Google eBooks.? The settlement gave Google?s book project immunity from copyright laws, allowing the company to distribute millions of books on the Internet in exchange for sharing revenue. Digital Future The settlement became part of a larger fight over the future of digital books. Sales of electronic titles almost tripled last year to $441.3 million, according to estimates by the Association of American Publishers in New York. Google and the publishers amended the settlement to address earlier complaints, altering the handling of so-called orphan works whose owners aren?t immediately known. They also scaled back the international reach of the agreement to the U.S., U.K., Australia and Canada. Objectors claimed Google was using the settlement as a vehicle to profit from the orphan works and boost the capabilities of its search engine. They contended Congress, not the courts, should address digital copyright issues. Privacy concerns also were raised by objectors who said it would give Google information about what people read and how they read it, data the company could use to improve search results and sell advertising, and runs afoul of international trade treaties protecting copyrighted works. Under Siege ?He shoots down the settlement on three important grounds, which are the same three grounds that Google is under siege from around the world,? said Gary Reback, co-founder of the Open Book Alliance, the group formed with Amazon.com, Microsoft, and authors groups to oppose the deal. ?It would give Google dominance in the search area. There are intrusions into the privacy of people. And Google is taking the copyrighted work of other people without permission.? About 6,800 people opted out of the settlement, and about 500 objections were filed with the court. Google estimated the agreement would affect fewer than 10 million works, about half of which aren?t commercially available in the U.S. Google argued that the agreement would breathe new life into works that gather dust on library shelves because they aren?t on the best-seller lists. Google reached agreements with top universities to scan their books and said the database would provide public access to the world?s greatest university libraries, including ones at Harvard and Oxford. Sony Corp. (6758), which makes an e-book reader competing with Amazon.com?s Kindle and is a Google partner, said the agreement would promote competition in the electronic book market. Google promised to make the books usable with any device. The settlement was reached with the Author?s Guild, Pearson Plc (PSON)?s Penguin and Education units, McGraw-Hill Cos., John Wiley & Sons Inc. and CBS Corp. (CBS)?s Simon & Schuster subsidiary. The case is Authors Guild v. Google Inc., 05-cv-08136, U.S. District Court, Southern District of New York (Manhattan). To contact the reporter on this story: Bob Van Voris in New York at rvanvoris at bloomberg.net; Susan Decker in Washington at sdecker1 at bloomberg.net. To contact the editor responsible for this story: David E. Rovella at drovella at bloomberg.net. Allan Holmes at aholmes25 at bloomberg.net From rforno at infowarrior.org Tue Mar 22 16:42:32 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 17:42:32 -0400 Subject: [Infowarrior] - Copyright troll Righthaven achieves spectacular "fair use" loss Message-ID: <840208E0-CAD2-454C-9CE4-252D25E54D6E@infowarrior.org> Copyright troll Righthaven achieves spectacular "fair use" loss By Nate Anderson | Last updated March 22, 2011 3:05 PM http://arstechnica.com/tech-policy/news/2011/03/copyright-troll-righthaven-achieves-spectacular-fair-use-loss.ars Whoops?in its bid to sue hundreds of bloggers, commentors, and website operators from posting even a few sentences from newspaper stories, the copyright zealots at Righthaven have just scored an own goal. Last Friday, a federal judge ruled in one of the company's many lawsuits, saying that even the complete republication of copyrighted newspaper content can be "fair use." Righthaven has achieved national notoriety for its business model, which involves scouring the Web?including tiny blogs and nonprofits?for Las Vegas Review Journal and other newspaper stories. When it finds a match, Righthaven licenses the copyright from the cooperating newspaper and sues the article poster without warning for statutory damages of up to $150,000. In addition, it routinely demands that the poster's domain name be transferred to Righthaven. The company's most controversial cases have involved posters who only used a small percentage of the original article, or instances where Righthaven sued the very sources who had provided the basic information for an article, then posted the result to their own website. But Righthaven has also gone after many sites that posted the complete text of a newspaper article, something far less likely to be seen as fair use. That was the case with the Oregon-based Center for Intercultural Organizing (CIO), which Righthaven sued in August 2010 after the group posted a Review-Journal newspaper article on the deportation of illegal immigrants on its own website. The case must have seemed like a good fit for Righthaven; it had found someone taking the entire article! Defense lawyers contented themselves with arguing that the case should be heard in Nevada, and it didn't even bother to contest the issue on fair use grounds. But federal judges have tremendous power over their cases, and on November 15, 2010, federal judge James Mahan on his own initiative issued a terse order. "The court hereby orders the plaintiff to show cause why this case should not be dismissed under the 17 U.S.C. ? 107 Fair Use exception," he wrote. At a hearing last week, the judge decided that CIO's use of the full article text was, in fact, a fair use under the "four-factor test" enshrined in law. Steve Green, a reporter at the competing Las Vegas Sun newspaper, attended the hearing. Judge Mahan told both sides that the purpose of copyright law was to encourage creativity and to disseminate public access to information, so long as that did not unfairly hinder the market for the original story. In this case, Mahan said that the tiny Oregon nonprofit had essentially zero overlap between the readers of its website and the readers of the Review-Journal. In addition, the effect on the "market" for the work is unclear, since Righthaven is solely using the copyright to prosecute a lawsuit, not to defend its news operations (it has none). The reposted article also fit within CIO's nonprofit educational mission, and the judge said that it was largely informational in nature, rather than creative. The judge also blasted Righthaven for not notifying groups like CIO before filing a federal lawsuit; most would no doubt remove or limit the offending material if notified by the copyright holder. As Green noted in a follow-up piece, the result here is almost comical: Righthaven goes to war in the name of tough copyright enforcement and winds up with a ruling that complete republication by some nonprofits falls under the scope of fair use. "Some 250 Righthaven lawsuits later, Righthaven's startling achievement is that newspapers now have less?not more?protection from copyright infringers," Green concluded. The ruling isn't as "out there" as it might initially sound; courts have long recognized various complete reuses as "fair." As lawyer Jason Schultz pointed out in an amicus brief to the court, this was true even of the famous Sony decision that legalized the VCR in America; complete shows could be copied and it was "fair." The Electronic Frontier Foundation rejoiced at the "persuasive precedent" the case will set, though Righthaven told the judge it would appeal. This isn't the first time that a judge has found a fair use in a Righthaven lawsuit, though the previous decision involved only a section of an article rather than the entire piece. From rforno at infowarrior.org Tue Mar 22 17:39:20 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 18:39:20 -0400 Subject: [Infowarrior] - Senators to Apple: Pull iPhone DUI checkpoint alert apps Message-ID: <374DB39F-0CA7-4B99-8F18-A1CD9950FCF2@infowarrior.org> Senators to Apple: Pull iPhone DUI checkpoint alert apps By Gregg Keizer March 22, 2011 03:56 PM ET http://www.computerworld.com/s/article/9214928/Senators_to_Apple_Pull_iPhone_DUI_checkpoint_alert_apps?taxonomyId=13&pageNumber=2 PhantomALERT offers apps for the iPhone, Android and BlackBerry; FuzzAlert, however, is available only on the iPhone. Unlike Google, Apple only allows iPhone and iPad users to download sanctioned software from its App Store, giving the senators a single choke point in their demand for the apps' removal. Reid, who is the Senate majority leader, joined with Schumer, Lautenberg and Udall to ask Apple, Google and RIM to remove the software from their app stores. Apple, Google and RIM did not immediately reply to requests for comment on the senators' letter. Lt. Gregg Hastings of the Oregon State Police said that in some instances such apps may be helpful. "We don't feel one way or the other," said Hastings, the agency's public information officer. "If things like these apps increase awareness on the part of drivers to slow down and drive to the signs posted and the conditions, that helps people stay alert and drive safely." Hastings, however, said that the Oregon State Police had no opinion on the DUI/DWI aspects of such apps because Oregon law enforcement is not allowed to conduct sobriety checkpoints, having abandoned them more than a decade ago after a state Supreme Court decision ruled them unconstitutional. According to the Governors Highway Safety Association, Oregon is in the minority; 38 states as well as the District of Columbia allow police to run DUI/DWI checkpoints. Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. From rforno at infowarrior.org Tue Mar 22 17:42:41 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 18:42:41 -0400 Subject: [Infowarrior] - NYT expands limits on free search traffic Message-ID: <0EAE9FF9-9655-4000-8ED4-BC4D4DCB4B36@infowarrior.org> MARCH 22, 2011, 5:31 P.M. ET NY Times expands limits on free search traffic http://online.wsj.com/article/AP70af0898c1a1443696b1fd5ecbb3b8cb.html Associated Press NEW YORK ? The New York Times will try to make it more difficult to use Internet search engines to avoid paying for frequent visits to the newspaper's website. The Times will limit Web surfers arriving through major search engines to five free articles per day, spokeswoman Kristin Mason confirmed Tuesday. That restriction was only supposed to apply to traffic sent by Google Inc.'s search engine, which processes about two out of every three online queries. Now, other search engines including Yahoo Inc. and Microsoft Corp.'s Bing will be limited to five free stories apiece as well. The Times' online fees take effect in the U.S. March 28. The Times didn't explain why it decided to expand the restrictions to other search engines. The Times' digital fees, announced late last week, will be charged to frequent readers on its website and applications for smartphones and Apple Inc.'s iPad tablet computer. The fees range from $15 to $35 every four weeks, or $195 to $455 annually. There will still be ways to get around the fees that The New York Times Co. is introducing in an attempt to offset a steep drop in revenue from print advertising during the past four years. For instance, there are no limits on the amount of traffic coming from two of the Web's most popular tools for sharing information, Facebook and Twitter. Ford Motor Co.'s Lincoln brand also is offering free unlimited access to the Times' website and mobile device applications for the remainder of this year as part of an advertising deal with the newspaper. The offers are being made to tens of thousands of Times readers in e-mails and in targeted Internet ads. ?Copyright 2011 Associated Press From rforno at infowarrior.org Tue Mar 22 22:38:01 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 22 Mar 2011 23:38:01 -0400 Subject: [Infowarrior] - Paper: A Dysfunctional Role of High Frequency Trading in Electronic Markets Message-ID: <7F31C608-D71E-44AD-96B0-FA0BE6F4B454@infowarrior.org> A Dysfunctional Role of High Frequency Trading in Electronic Markets Robert A. Jarrow Cornell University - Samuel Curtis Johnson Graduate School of Management Philip Protter March 8, 2011 Johnson School Research Paper Series No. 08-2011 Abstract: This paper shows that high frequency trading may play a dysfunctional role in financial markets. Contrary to arbitrageurs who make financial markets more efficient by taking advantage of and thereby eliminating mispricings, high frequency traders can create a mispricing that they unknowingly exploit to the disadvantage of ordinary investors. This mispricing is generated by the collective and independent actions of high frequency traders, coordinated via the observation of a common signal. Number of Pages in PDF File: 14 Working Paper Series Date posted: March 09, 2011 http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1781124 From rforno at infowarrior.org Wed Mar 23 09:50:35 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 Mar 2011 10:50:35 -0400 Subject: [Infowarrior] - =?windows-1252?q?DNI_Orders_=93Integrated_Defense?= =?windows-1252?q?=94_of_Intelligence_Information?= Message-ID: DNI Orders ?Integrated Defense? of Intelligence Information March 23rd, 2011 by Steven Aftergood http://www.fas.org/blog/secrecy/2011/03/integrated_defense.html The Director of National Intelligence is calling for the ?integrated defense? of intelligence community (IC) information and systems to protect against unauthorized disclosures of intelligence sources and methods. While every intelligence agency already has its own security procedures, a new Intelligence Community Directive (pdf) issued by the DNI would require a more coordinated and consistent approach, involving ?unified courses of action to defend the IC information environment.? ?The IC information environment is an interconnected shared risk environment where the risk accepted by one IC element is effectively accepted by all,? the new Directive said. Therefore, ?integrated defense of the IC information environment is essential to maintaining the confidentiality, integrity, and availability of all information held by each IC element.? The Directive does not specify the defensive measures that are to be taken, but states that they should address ?the detection, isolation, mitigation and response to incidents, which include spills, outages, exploits, attacks and other vulnerabilities.? An IC Incident Response Center will maintain ?situational awareness of network topology, including connection points among IC element networks; threats, vectors, and actions that could adversely affect the IC information environment; and the overall health and status of IC information environment defenses.? See ?Integrated Defense of the Intelligence Community Information Environment,? Intelligence Community Directive (ICD) 502, March 11, 2011. Although intelligence agencies are not waiting for security policy guidance from Congress, the intelligence oversight committees seem determined to provide it anyway. In its initial markup of the FY2011 intelligence authorization bill, the House Intelligence Committee has prescribed the establishment of an Insider Threat Detection Program ?in order to detect unauthorized access to, or use or transmission of, classified intelligence.? The Senate Intelligence Committee reportedly wants to require a revised or supplemental non-disclosure agreement for intelligence employees, by which they would consent in advance to surrender their pension benefits if they were found to have committed an unauthorized disclosure. As far as is known, neither Committee has advanced any new proposals for reducing unnecessary classification or strengthening protections for national security whistleblowers. From rforno at infowarrior.org Wed Mar 23 17:28:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 Mar 2011 18:28:46 -0400 Subject: [Infowarrior] - Tower at Reagan National goes silent as planes attempt to land Message-ID: <5FDA8831-B194-4431-9F2A-66E054384F32@infowarrior.org> Tower at Reagan National goes silent as planes attempt to land By Ashley Halsey III, Wednesday, March 23, 6:09 PM http://www.washingtonpost.com/local/tower-at-reagan-national-goes-silent-as-planes-attempt-to-land/2011/03/23/AB9aslKB_print.html The control tower at Reagan National Airport went silent early Wednesday, forcing two airliners carrying a total of 165 passengers and crew to land on their own. The tower did not respond to pilot requests for landing assistance or to phone calls from controllers elsewhere in the region, who also used a ?shout line? which pipes into a loudspeaker in the tower, internal records show. An American Airlines Boeing 737 flying in from Miami with 97 on board aborted its landing and circled the airport after getting no response from the tower at midnight. Minutes later a United Airlines Airbus 320 flying in from Chicago with 68 passengers and crew also received no answer from the tower. Both planes landed safely after their pilots took matters into their own hands, broadcasting their progress as they approached and landed. They were also communicating with controllers at a separate facility in the region that does not handle landings. The Federal Aviation Administration is investigating the incident, agency spokeswoman Laura J. Brown said in a statement. ?The pilots were in contact with air traffic controllers at the Potomac TRACON, which hands off flights to the tower shortly before they land, and both aircraft landed safely,? she said. ?The FAA is looking into staffing issues and whether existing procedures were followed appropriately. ? The incident, which is under review by the National Transportation Safety Board, is the second time in as many years that the tower at National has gone silent for a period of time, said a source familiar with tower operations who asked not to be named because he is not authorized to speak for the FAA. The previous time, the lone controller on duty left his swipe-card pass key behind when he stepped outside the tower?s secure door and wasn?t able to get back in, the source said. A controller at another facility even talked about that incident as the pilots were trying to land Wednesday morning. A missed handoff Controlling the nation?s air traffic is a multilayered system, with a network of enroute controllers directing planes when they are at or near cruising altitude. The airspace beneath that is controlled by Terminal Radar Approach Control facilities known as TRACONs. Actual takeoffs and the final miles of runway approach are handled by controllers in airport towers. After midnight, when traffic slows, a single person is on duty at the Reagan National tower, a shift reserved for a controller supervisor rather than a regular controller. The two planes that landed without tower help were the last three inbound commercial flights until 5 a.m., the source said. A few minutes after midnight on Wednesday, radio recordings show, the TRACON controller handling the flight from Miami made a routine verbal handoff, telling the pilot to contact the tower. Unable to reach anyone at Reagan National, the pilot aborts the approach, circles the airport and radios the Potomac TRACON controller for help in aligning the plane for landing. A few minutes later, when the United plane approaches for landing the TRACON controller cautions him that the tower is unmanned. The TRACON controller has a similar conversation with a second American plane. ?So, you?re aware,? the TRACON controller says, ?the tower is apparently not manned. We?ve made a few phone calls. Two airplanes went in in the past 10-15 minutes, so you can expect to go in to an uncontrolled airport.? ?Is there a reason it?s not manned?? the American pilot asks. ?Well, I?m going to take a guess,? the TRACON controller replies, ?and say that the controller got locked out. I?ve heard of it happening before.? ?That?s the first time I?ve heard of it,? the pilot replies. ?Fortunately, it?s not very often,? the controller said. ?It happened about a year ago. I?m not sure that?s what happened now, but there?s nobody in the tower.? Finding their way The first two planes landed and used information from their airlines to find the correct gates. By the time the third plane touched down, after about a half-hour of silence, communication from the tower had been restored. The greatest risk posed by silence from the tower was on the ground rather than in the air. Planes routinely land in smaller airports without guidance from a tower. In a circumstance like that which occurred at National, pilots get on the control tower radio frequency and relay their position, speed and distance to other pilots as they approach and land. ?So, other airplanes would know ?okay, he?s clear of the runway? so I?m good to go,? said the source familiar with tower operations. On the ground, however, the slow nighttime hours are when maintenance crews crisscross the tarmac ? sometimes towing airplanes ? as they make ready for the next morning. ?There are people in the control tower for a reason,? the source said. ?There?s a whole lot of activity going on during the night.? Those maintenance workers contact the tower on a special frequency to get clearance before crossing a runway. Inbound pilots contact the tower on a different frequency. At airports where the tower shuts down for the night, both ground crews and incoming pilots are required to use the same radio frequency to coordinate their actions until the tower reopens. Air traffic controllers who direct more than 1.5 million flights annually in the Washington region made a record number of mistakes last year. Dozens of the errors triggered cockpit collision warning systems. Nationwide, errors by air traffic controllers increased by 51 percent last year. The record number of errors ? locally and nationally ? reflects a majority of instances in which planes came too close but without risk of collision and some in which fatal consequences were narrowly averted. In January an American Airlines plane carrying 259 people almost collided with a pair of 200-ton military cargo jets after taking off from New York?s John F. Kennedy International Airport. Official records showed that a distracted controller did not respond to a warning from a colleague that the planes were on a converging course. halseya at washpost.com ? 2011 The Washington Post Company From rforno at infowarrior.org Wed Mar 23 18:22:46 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 Mar 2011 19:22:46 -0400 Subject: [Infowarrior] - Phony SSL Certificates issued for Google, Yahoo, Skype, Others Message-ID: (A colleague and I wrote about this situation nearly 10 years ago as we questioned the trustworthiness of digital certificates and PKI ecosystems in general. -- rick) http://threatpost.com/en_us/blogs/phony-web-certificates-issued-google-yahoo-skype-others-032311 March 23, 2011, 3:23PM by Paul Roberts UPDATED: A major issuer of secure socket layer (SSL) certificates acknowledged on Wednesday that it had issued 9 fraudulent SSL certificates to seven Web domains, including those for Google.com, Yahoo.com and Skype.com following a security compromise at an affiliate firm. The attack originated from an IP address in Iran, according to a statement from Comodo Inc. Comodo, of Jersey City, New Jersey, said, in a statement on its Web page, that an attacker was able to obtain the user name and password of a Comodo Registration Authority (RA) based in Southern Europe and issue the fraudulent certificates. The company said the hack did not extend to its root keys or intermediate certificate authorities, but did constitute a serious security incident that warranted attention. SSL Certificates are the Internet equivalent of drivers' licenses, said Paul Turner, the vice president of products and customer solutions at Venafi, an Enterprise Key and Certificate Management firm. The bogus certificates could be used in phishing or man in the middle attacks against organizations that haven't updated their certificate revocation lists, he said. They could also be used to sign applications and plug ins, he said. Registration Authorities are subordinate to Certificate Authorities, which issue SSL certificates. RAs are entrusted with the responsibility of authenticating the identities of parties who are being issued a certificate by the CA. In the latest Comodo incident, the attacker were able to falsely attest to the authenticity of the parties requesting the cert using the stolen RA login information. The Mozilla Foundation, Microsoft, Google and other firms rushed out patches to their Web browsers on Tuesday to block the fraudulent SSL certificates. In an incident report filed on March 15, Comodo said the nine certificates were issued to seven domains, but that no attacks using the certificates had been seen in the wild. Public attention to the breach started with researcher Jacob Appelbaum of The Tor Project, which noticed revisions to Google's Chrome and Mozilla's Firefox Web browsers on March 17 followed by an announcement of updates to the certificate blacklists. A key Mozilla Website, addons.mozilla.org, was one of the nine forged certificates issued. In a statement published on its Web site, The Mozilla Foundation said that that it had updated Firefox 4.0, 3.6 and 3.5 to recognized the forged certificates and block them autuomatically. Mozilla said that users on a compromised network could be directed to phishing Web sites that used the forged SSL certificates and fooled into revealing personal information or downloading malicious programs. Google issued a patch for its Chrome Web browser on March 17th. The compromise was detected last week and was believed to have lasted only hours before being detected. Attackers were still using the account at the time it was discovered and the certificates in question were revoked immediately, Comodo said. The IP address used in the attack was traced bay to an Internet Service Provider in Iran. In its statement Comodo didn't rule out political motives for the hack. "It does not escape notice that the domains targeted would be of greatest use to a government attempting surveillance of Internet use by dissident groups. The attack comes at a time when many countries in North Africa and the Gulf region are facing popular protests and many commentators have identified the Internet and in particular social networking sites as a major organizing tool for the protests." The breach raises serious questions about the system of checks and balances used to issue and monitor SSL certificates, which are the most common tool for attesting to the validity of a Web site and secure traffic to and from it. While media attention in the last year has focused on tools like FireSheep, which extol the security benefits of using SSL to harden insecure Web sessions, security researchers have long called attention to inherent weaknesses in the infrastructure that supports SSL. The Electronic Frontier Foundation has a project, the SSL Observator, to investigate the authenticity of SSL certificates used to secure Web sites. In particular, EFF says that Certificate Authorities, or CAs, are a weak link in the chain of trust - most browsers support a long list of CAs, but not all do a thorough job of ensuring the integrity of those requesting certificates. Turner of Venafi said that the compromise poses huge challenges for organizations that rely on Comodo certificates. Most large organizations might store hundreds- or thousands of unique certificates on Web servers, application servers, mainframe systems and end user workstations. However, organizations typically do a poor job of keeping track of which certificates they use and where they are stored. The Comodo breach will force organizations that might replace one or two certificates in a year to swap out nine certificates in a matter of hours - a painstaking and multi-step process that is often handled manually. Comodo may be the poster child for the vulnerability of the certificate infrastructure, but the company is hardly alone. "Just as RSA showed they can be compromised, Comodo shows that this is something that can happen with any Certificate Authority. In fact we have no idea that it hasn't happened to others," he said. From rforno at infowarrior.org Wed Mar 23 21:02:55 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 Mar 2011 22:02:55 -0400 Subject: [Infowarrior] - More NYT Paywall lunacy... Message-ID: <89B856C7-E4E4-47BA-BA60-277F4EA4081F@infowarrior.org> The NYT spent $40M for a paywall they've already said is intentionally porous? (the porosity of the new paywall is described @ http://news.smh.com.au/breaking-news-business/nyt-says-paywall-purposely-porous-20110324-1c76x.html) --- rick New York Times Asks Twitter to Shut Down Paywall-Evading Account ARTICLE DATE: 03.23.11 By Leslie Horn http://www.pcmag.com/print_article2/0,1217,a=262224,00.asp?hidPrint=true As PCMag pointed out, there are many ways to breach the forthcoming New York Times subscription service. However, the Times is taking action to plug at least one paywall's many holes by asking Twitter to shut down @freenyt, the account created with the intention of posting all Times articles. The paywall, which will be fully rolled out March 28, allows readers to access up to 20 articles a month for free before they're asked to cough up some cash. Premium access costs between $15 and $35 a month, depending on the level of service. The "walled garden" approach has many caveats; access via articles posted on Facebook and Twitter is unrestricted. So as many have noted, it was only a matter of time before a twitter feed like the one the Times is trying to squash was created. In fact, @freenyt was born less than 12 hours after the paywall plans were announced last week. "We have asked Twitter to disable this feed as it is in violation of our trademark," a Times spokesperson said. @freenyt fired back: "Dear NYT: if you don't want people following your stories on Twitter then you probably shouldn't, you know, post 'em on Twitter," said a tweet posted on its feed. The holes in the Times' paywall are similar to the story of a man trying to cover cracks in a leaky dam using his arms and legs. He might cover one leak with his hand, but eventually water will seep through another hole, and he'll find himself balancing on one foot to keep the dam's contents contained. The Times says it's already run interference on other violators. NYTClean is a bookmark published by a Canadian coder that defeats the paywall with four simple lines of code. But is it only a matter of time before the paper will try to block this loophole, too? "As we have said previously, as with any paid product, we expect that there will be some percentage of people who will find ways around our digital subscriptions. We will continue to monitor the situation but plan no changes to the programming or paywall structure in advance of our global launch on March 28." Even without tools, readers could always skirt around the free story cap by clearing the cache on their browser, thus resetting the limit. The preponderance of loopholes has critics asking if the paywall, which the Times spent $40 million creating, will even work. From rforno at infowarrior.org Wed Mar 23 21:06:22 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 23 Mar 2011 22:06:22 -0400 Subject: [Infowarrior] - Did file-sharing cause recording industry collapse? Economists say no Message-ID: Did file-sharing cause recording industry collapse? Economists say no By Matthew Lasar | Last updated about 11 hours ago http://arstechnica.com/tech-policy/news/2011/03/is-file-sharing-the-global-future.ars For the last decade, the movie and music industries have engaged in a relentless struggle against Internet file sharing. One prominent theater of this global conflict has been the UK, which last year saw the passage of the Digital Economy Act. The law, if fully implemented, could allow Internet Service Providers to disconnect "persistent infringers" of the UK's copyright rules from the 'Net. The zeal with which Hollywood and the recording industry have pursued this ISP-as-cop approach around the world has prompted some ISPs to cry foul. "The notion of disconnection without judicial oversight violates the presumption of innocence," warned the Australian DSL service iiNet in a recent position piece . "As the penalty for possibly minor economic loss (at the individual infringer level) removal of Internet access is, therefore, both inappropriate and disproportionate." But even though the DEA is up for judicial review at the behest of the UK's top telcos, the impetus for similar laws continues unabated. That's because the content industry may lose a particular battle (eg, trying to force iiNet to punish file swappers), but it has won a key aspect of the war: the argument that file sharing has hobbled the music and movie business, hurt artists, and cost jobs is the master narrative of file sharing?the center of most government debates about the practice. Now comes a paper from the London School of Economics that tries to do more than just challenge the DEA. It argues that everything Big Content says about file sharing is wrong. In fact, it suggests that file sharing is the future, and that revenue downturns can largely be explained by other forces. "The music industry is performing better than is being claimed and declining sales can be explained by other factors in addition to illegal filesharing," say Bart Cammaerts and Bingchun Meng of LSE's Department of Media Studies. "The negative framing of the debate about file-sharing and copyright protection threatens to stifle the very same creative industry the Act aims to stimulate." Downward economic pressure There's no question that recorded music sales have declined over the last decade?down from over $26 billion in 2000 to under $16 billion last year. But the relentless focus on P2P sharing ignores other factors, these scholars contend. The most important of these is the gradual weakening of the consumer economy over the last decade, particularly over the last two years of global recession. And it's going to get worse. "Downward pressure on leisure expenditure is likely to continue to increase due to rising costs of living and unemployment and drastic rises in the costs of (public) services," says the report. Having less money for entertainment has played a huge role in the decline of items like CDs. A 2004 US Consumer Expenditure Survey showed that even spending on CDs by people who had no computer (and were therefore unlikely to download and use BitTorrent) dropped by over 40 percent from 1999 through 2004. "Household budgets for entertainment are relatively inelastic as competition for spending on culture and entertainment increases and there are shifts in household expenditure as well," the LSE study notes. And if file-sharing wasn't the major cause of the revenue downturn, stepping up copyright enforcement is unlikely to return the industry to those heady days. And while it is true that many consumers have turned to illegal file sharing in bad economic times, a 2007 Journal of Political Economy study found that most downloaders would not buy that content, even if they couldn't share it. "Downloads have an effect on sales that is statistically indistinguishable from zero," the authors flatly concluded then. "Our estimates are inconsistent with claims that file sharing is the primary reason for the decline in music sales during our study period." But a later 2010 meta-study by the same authors concluded that piracy did, in fact, account for a bit of the decline in music sales?around 20 percent. The other 80 percent could be chalked up to the sale of digital singles rather than whole albums and the rise of other media options like video games. The new business model Content industry analyses of the file sharing phenomenon tend to downplay key sources of income for musicians, the LSE report charges, most notably revenue from live concert performances. In 2009, for the first time, earnings from live music events outstripped music sales in the UK. The music recording industry was worth ?1.36 billion (about $2.21 billion); the live music scene was estimated around around ?1.54 billion. Ticket sales rose by 5.8 percent, "secondary ticketing revenues" shot up 15 percent, and receipts for related services at concerts came to ?1.54 million. (This didn't help the music labels much because few profited from better live music sales; that is starting to change.) Legal file sharing also grew by nine percent globally in 2009, along with an eight percent increase in performance rights revenue. "Growing from a small base, the value of the global market for digital music increased by 1,000% in the period 2004 to 2010, and by 2010 represented US$4.6 billion," the LSE paper observes. So what is emerging is an increasingly "ephemeral" global music culture based not upon the purchasing of discrete physical packages of music, but on the discovery and subsequent promotion of musicians through file sharing. The big winner in this model is not the digital music file seller, but the touring band, whose music is easily discoverable on the 'Net. As with so much of the rest of the emerging world economy, the shift is away from buying things and towards purchasing services?in this case tickets to concerts and related activities. "Some artists and music labels are making full use of filesharing and the participatory culture it sustains rather than rejecting it," Cammaerts and Meng note. "In the process, these artists and music labels are developing useful alternative models for revenue generation." Not-so-marginal activities The authors of the study acknowledge that these alternative models are not going to impress SONY and EMI. "Compared to the value of the mainstream music market, dominated by the 'big four', these are relatively marginal activities," they observe. But they may become less marginal very soon. With world mobile data traffic set to explode by a factor of 26 by 2015, and with most people in the Middle East, Sub-Saharan Africa, and South/Southeast Asia expected to link to the mobile 'Net before they get electricity, file sharing could be poised for a second great leap forward, whether Big Content approves of it or not. These millions of new Netizens are not going to have the money to buy digital music files. They're going to use BitTorrent. That will put more and more pressure on governments to decide whether they want to criminalize a huge portion of humanity, or encourage the market to adapt to the new "ephemeral" models described by this study and others. Among other proposals these scholars want societies to consider is a "levy on blank media use and consumer recording equipment." The tithe could be part of the price of an ISP connection?"a kind of 'license to download'. Debate should then re-focus on the alternative means of redistribution of the proceeds from such levies." From rforno at infowarrior.org Thu Mar 24 07:03:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 Mar 2011 08:03:57 -0400 Subject: [Infowarrior] - Some In The Press Realizing That Copyright Industry Claims Of 'Losses' From 'Piracy' Are Bunk Message-ID: <2B50FE36-33D4-4BAA-A687-9CEA91C76E99@infowarrior.org> Some In The Press Realizing That Copyright Industry Claims Of 'Losses' From 'Piracy' Are Bunk from the moving-on dept http://www.techdirt.com/articles/20110322/02484913581/some-press-realizing-that-copyright-industry-claims-losses-piracy-are-bunk.shtml We've pointed to a couple of laughable new reports that were released by copyright industry interests in the past couple months, pushing claims of ridiculously high "losses" due to copyright infringement. The reports have been debunked, but part of the concern was that mainstream press, such as The Australian, were spreading these reports as fact. Thankfully, not everyone in the press falls for such questionable studies. The Sydney Morning Herald recently published a rather comprehensive look at all of these reports and studies, entitled: Piracy: are we being conned? It does a really nice job pushing back on all this industry-backed research, to point out that the story is more complex and nuanced that those fear-mongering claims make it out to be: < -- > Piracy figures derived by the entertainment industry have also been heavily criticised in the US and Europe. In some instances, the industry has admitted to grossly inflating its numbers. The article includes a lot more debunking of industry FUD. Nice to see that the press is finally realizing that claims that come from an industry looking for government protectionist laws to be adjusted in their favor can't necessarily be trusted. From rforno at infowarrior.org Thu Mar 24 13:35:08 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 24 Mar 2011 14:35:08 -0400 Subject: [Infowarrior] - White House: Libya fight is not war, it's 'kinetic military action' Message-ID: <110E84AA-FA92-4995-B352-EA4D5BD08361@infowarrior.org> I wonder if this ties into other high-level semantal musings I've seen in recent days. --- rick White House: Libya fight is not war, it's 'kinetic military action' By: Byron York 03/23/11 10:07 PM http://washingtonexaminer.com/blogs/beltway-confidential/2011/03/white-house-libya-fight-not-war-its-kinetic-military-action In the last few days, Obama administration officials have frequently faced the question: Is the fighting in Libya a war? From military officers to White House spokesmen up to the president himself, the answer is no. But that leaves the question: What is it? In a briefing on board Air Force One Wednesday, deputy national security adviser Ben Rhodes took a crack at an answer. "I think what we are doing is enforcing a resolution that has a very clear set of goals, which is protecting the Libyan people, averting a humanitarian crisis, and setting up a no-fly zone," Rhodes said. "Obviously that involves kinetic military action, particularly on the front end." Rhodes' words echoed a description by national security adviser Tom Donilon in a briefing with reporters two weeks ago as the administration contemplated action in Libya. "Military steps -- and they can be kinetic and non-kinetic, obviously the full range -- are not the only method by which we and the international community are pressuring Gadhafi," Donilon said. Rhodes and Donilon are by no means alone. "Kinetic" is heard in a lot of descriptions of what's going on in Libya. "As we are successful in suppressing the [Libyan] air defenses, the level of kinetic activity should decline," Defense Secretary Robert Gates said in a meeting with reporters in Moscow Tuesday. In a briefing with reporters the same day from on board the USS Mount Whitney, Admiral Samuel Locklear, commander of Joint Task Force Odyssey Dawn, said, "The coalition brings together a wide array of capabilities that allow us to minimize the collateral damage when we have to take kinetic operations." On Monday, General Carter Ham, head of U.S. Africa Command, said of the coalition forces, "We possess certainly a very significant kinetic capability." And unnamed sources use it too. "In terms of the heavy kinetic portion of this military action, the president envisions it as lasting days, not weeks," an unnamed senior official told CNN Saturday. "Kinetic" is a word that's been used around the Pentagon for many years to distinguish between actions like dropping bombs, launching cruise missiles or shooting people and newer forms of non-violent fighting like cyber-warfare. At times, it also appears to mean just taking action. In a 2002 article in Slate, Timothy Noah noted a passage from Bob Woodward's book, Bush at War: For many days the war cabinet had been dancing around the basic question: how long could they wait after September 11 before the U.S. started going "kinetic," as they often termed it, against al Qaeda in a visible way? Now, White House officials are referring to the war in Libya not as a war but as a "kinetic military action." As common as "kinetic" might be among those in government, it still seems likely to strike members of the public as a euphemism that allows the Obama administration to describe a war as something other than a war. From rforno at infowarrior.org Fri Mar 25 06:22:23 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 Mar 2011 07:22:23 -0400 Subject: [Infowarrior] - Vodafone Spreading False Copyright Propaganda? Message-ID: <893C3BD0-7BFE-4D94-9993-F9675EB05728@infowarrior.org> (based on 'educational' materials provided by the entertainment cartels, I bet..... --- rick) Why Is Vodafone Spreading False Copyright Propaganda? from the the-lies-we-tell-children dept http://www.techdirt.com/articles/20110323/13350713602/why-is-vodafone-spreading-false-copyright-propaganda.shtml We've gotten used to various copyright industries spreading propaganda about copyright to school children. Nearly all the big copyright trade groups have "educational" curricula that are often not even close to accurate. They leave out things like "fair use" and they include blatantly false statements like "if you didn't pay for it, you stole it." Well, we didn't pay for your propaganda, so... Still, it's a bit surprising to see others get into the copyright propaganda campaign as well. The latest, apparently, is telco giant Vodafone. Glyn Moody points us to the news that Vodafone Italy has started a typically inaccurate copyright propaganda campaign that makes false and misleading blanket statements like: "[Parents and teachers should] explain to students that downloading and sharing a file protected by copyright is a crime" Later on it repeats claims that all downloads without purchase or any download via P2P is illegal. But, of course, that's not true. It may be true in some, even many, cases. But that's not the same thing. If we're going to teach people copyright law, shouldn't it at least be accurate? From rforno at infowarrior.org Fri Mar 25 06:25:28 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 Mar 2011 07:25:28 -0400 Subject: [Infowarrior] - FOX to Be Fined by FCC for Fake News VNR Message-ID: FOX to Be Fined by FCC for Fake News; CMD's Complaint on "Video News Releases" Nets New Proposed Fines Submitted by Lisa Graves on March 24, 2011 - 10:41pm http://www.prwatch.org/spin/2011/03/10471/fox-be-fined-fcc-fake-news-cmds-complaint-video-news-releases-nets-new-fines A FOX News station has been sent a notice of a proposed fine for airing fake news in the form of "Video News Releases" (VNR) without disclosing that the "news" segment promoting General Motors that was produced to promote GM's cars. As Jonathan Make reports in today's Communications Daily, the Federal Communications Commission has issued a notice of a proposed fine to FOX's Minneapolis affiliate for what amounted to a commercial for GM's convertibles masquerading as news. The VNR had been provided to the station by "FOX News Edge," which is described as "a news service for broadcast stations affiliated with the FOX Network." In response to the FCC's investigation, which was initiated as a result of a complaint by the Center for Media and Democracy and Free Press, FOX claimed it should not be subject to any fine because regulating this activity would "encroach" on its "editorial discretion." By editorial discretion, FOX seems to be indicating that it has a right to use its newscasts to promote products via "news" segments without any disclosure to viewers. FOX also tried to defend its actions by arguing that its affiliate did not receive any payment for airing the VNR and that the VNR was not of any public importance. It also argued that using the VNR was no different than relying on a "press release" without further disclosure. The FCC defended its sponsorship identification rules, which it determined were violated by FOX, as "grounded in the principle that listeners and viewers are entitled to know who seeks to persuade them." The FCC also noted that the VNR itself is a thing of value when given to a news station because of its production costs and savings. Accordingly, the FCC today announced an intent to fine the FOX affiliate that aired the VNR $4000. The FCC also issued a similar notice to Access 1, a licensee of WMGM-TV in New Jersey, for airing a VNR promoting the use of the cold medicine Zicam, which had been produced for the product's maker, Matrixx Initiatives. The FCC noted that this VNR was specifically named in the joint complaint filed by CMD and Free Press. The stations have 15 days to pay the fines or respond to the notices issued by the FCC. This is the first action on the complaint since 2007, when Comcast was fined $20,000 for airing VNRs. CMD told Communications Daily it is pleased the FCC is continuing to look into these matters, since the practice of using VNRs had not gone away. From rforno at infowarrior.org Fri Mar 25 06:52:03 2011 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 25 Mar 2011 07:52:03 -0400 Subject: [Infowarrior] - Cornell Library Rejects NDAs on Academic Journal Pricing Message-ID: Cornell Library Rejects Non-Disclosures On Journal Pricing; Will Reveal All Prices from the go-big-red dept http://www.techdirt.com/articles/20110323/02473713592/cornell-library-rejects-non-disclosures-journal-pricing-will-reveal-all-prices.shtml One of the more pernicious areas of locking up knowledge that we've seen and discussed involves academic journals. These tend to involve private publishers who get a tremendous amount of completely free labor in terms of content submissions and even reviewers/editors... and then demand the copyrights of the research, while charging universities ridiculously high fees. Those publishers have also gone to great lengths to try to block the US government from trying to make federally funded research available to the public at no cost after a limited amount of time. And, of course, the journals often rely on secrecy to get the most money -- including requiring universities to sign non-disclosure agreements (NDAs) that forbid them from revealing how much they're paying for a journal. It's nice to see some universities really starting to push back, and it's even nicer when it's a university that I attended and from which I received two degrees. My sister informs me that Cornell University has decided to take a stand and is refusing to sign any NDAs from various journals, and will make the prices they're being charged for such journals public. As the University made clear in a statement about this policy, it feels these agreements go against the basic nature of openness and fairness: "It has become apparent to the library community that the anticompetitive conduct engaged in by some publishing firms is in part a result of the inclusion of nondisclosure agreements in contracts. As Robert Darnton recently noted, by "keeping the terms secret, ... one library cannot negotiate for cheaper rates by citing an advantage obtained by another library." For this reason, the International Coalition of Library Consortia's "Statement of Current Perspective and Preferred Practices for the Selection and Purchase of Electronic Information" states that "Non-disclosure language should not be required for any licensing agreement, particularly language that would preclude library consortia from sharing pricing and other significant terms and conditions with other consortia." The more that libraries are able to communicate with one another about vendor offers, the better they are able to weigh the costs and benefits of any individual offer. An open market will result in better licensing terms. Additionally, nondisclosure agreements conflict with the needs of CUL librarians and staff to work openly, collaboratively, and transparently. This conflict increases the likelihood that the terms of a nondisclosure agreement would be inadvertently violated, posing a threat to the university" The next step is focusing more and more on truly open journals and increasing their acceptance in academia. From rforno at infowarrior.org Fri Mar 25 23:40:54 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 26 Mar 2011 00:40:54 -0400 Subject: [Infowarrior] - =?windows-1252?q?It=92s_Tracking_Your_Every_Move_?= =?windows-1252?q?and_You_May_Not_Even_Know?= Message-ID: <595F9649-B2C4-4F8F-8E8E-C072E50D4E63@infowarrior.org> It?s Tracking Your Every Move and You May Not Even Know By NOAM COHEN Published: March 26, 2011 http://www.nytimes.com/2011/03/26/business/media/26privacy.html?hp A favorite pastime of Internet users is to share their location: services like Google Latitude can inform friends when you are nearby; another, Foursquare, has turned reporting these updates into a game. But as a German Green party politician, Malte Spitz, recently learned, we are already continually being tracked whether we volunteer to be or not. Cellphone companies do not typically divulge how much information they collect, so Mr. Spitz went to court to find out exactly what his cellphone company, Deutsche Telekom, knew about his whereabouts. The results were astounding. In a six-month period ? from Aug 31, 2009, to Feb. 28, 2010, Deutsche Telekom had recorded and saved his longitude and latitude coordinates more than 35,000 times. It traced him from a train on the way to Erlangen at the start through to that last night, when he was home in Berlin. Mr. Spitz has provided a rare glimpse ? an unprecedented one, privacy experts say ? of what is being collected as we walk around with our phones. Unlike many online services and Web sites that must send ?cookies? to a user?s computer to try to link its traffic to a specific person, cellphone companies simply have to sit back and hit ?record.? ?We are all walking around with little tags, and our tag has a phone number associated with it, who we called and what we do with the phone,? said Sarah E. Williams, an expert on graphic information at Columbia University?s architecture school. ?We don?t even know we are giving up that data.? Tracking a customer?s whereabouts is part and parcel of what phone companies do for a living. Every seven seconds or so, the phone company of someone with a working cellphone is determining the nearest tower, so as to most efficiently route calls. And for billing reasons, they track where the call is coming from and how long it has lasted. ?At any given instant, a cell company has to know where you are; it is constantly registering with the tower with the strongest signal,? said Matthew Blaze, a professor of computer and information science at the University of Pennsylvania who has testified before Congress on the issue. Mr. Spitz?s information, Mr. Blaze pointed out, was not based on those frequent updates, but on how often Mr. Spitz checked his e-mail. Mr. Spitz, a privacy advocate, decided to be extremely open with his personal information. Late last month, he released all the location information in a publicly accessible Google Document, and worked with a prominent German newspaper, Die Zeit, to map those coordinates over time. ?This is really the most compelling visualization in a public forum I have ever seen,? said Mr. Blaze, adding that it ?shows how strong a picture even a fairly low-resolution location can give.? In an interview from Berlin, Mr. Spitz explained his reasons: ?It was an important point to show this is not some kind of a game. I thought about it, if it is a good idea to publish all the data ? I also could say, O.K., I will only publish it for five, 10 days maybe. But then I said no, I really want to publish the whole six months.? In the United States, telecommunication companies do not have to report precisely what material they collect, said Kevin Bankston, a lawyer at the Electronic Frontier Foundation, who specializes in privacy. He added that based on court cases he could say that ?they store more of it and it is becoming more precise.? ?Phones have become a necessary part of modern life,? he said, objecting to the idea that ?you have to hand over your personal privacy to be part of the 21st century.? In the United States, there are law enforcement and safety reasons for cellphone companies being encouraged to keep track of its customers. Both the F.B.I. and the Drug Enforcement Administration have used cellphone records to identify suspects and make arrests. If the information is valuable to law enforcement, it could be lucrative for marketers. The major American cellphone providers declined to explain what exactly they collect and what they use it for. Verizon, for example, declined to elaborate other than to point to its privacy policy, which includes: ?Information such as call records, service usage, traffic data,? the statement in part reads, may be used for ?marketing to you based on your use of the products and services you already have, subject to any restrictions required by law.? AT&T, for example, works with a company, Sense Networks, that uses anonymous location information ?to better understand aggregate human activity.? One product, CitySense, makes recommendations about local nightlife to customers who choose to participate based on their cellphone usage. (Many smartphone apps already on the market are based on location but that?s with the consent of the user and through GPS, not the cellphone company?s records.) Because of Germany?s history, courts place a greater emphasis on personal privacy. Mr. Spitz first went to court to get his entire file in 2009 but Deutsche Telekom objected. For six months, he said, there was a ?Ping Pong game? of lawyers? letters back and forth until, separately, the Constitutional Court there decided that the existing rules governing data retention, beyond those required for billing and logistics, were illegal. Soon thereafter, the two sides reached a settlement: ?I only get the information that is related to me, and I don?t get all the information like who am I calling, who sent me a SMS and so on,? Mr. Spitz said, referring to text messages. Even so, 35,831 pieces of information were sent to him by Deutsche Telekom as an encrypted file, to protect his privacy during its transmission. Deutsche Telekom, which owns T-Mobile, Mr. Spitz?s carrier, wrote in an e-mail that it stored six months? of data, as required by the law, and that after the court ruling it ?immediately ceased? storing data. And a year after the court ruling outlawing this kind of data retention, there is a movement to try to get a new, more limited law passed. Mr. Spitz, at 26 a member of the Green Party?s executive board, says he released that material to influence that debate. ?I want to show the political message that this kind of data retention is really, really big and you can really look into the life of people for six months and see what they are doing where they are.? While the potential for abuse is easy to imagine, in Mr. Spitz?s case, there was not much revealed. ?I really spend most of the time in my own neighborhood, which was quite funny for me,? he said. ?I am not really walking that much around.? Any embarrassing details? ?The data shows that I am flying sometimes,? he said, rather than taking a more fuel-efficient train. ?Something not that popular for a Green politician.? From rforno at infowarrior.org Fri Mar 25 23:46:04 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 26 Mar 2011 00:46:04 -0400 Subject: [Infowarrior] - Microsoft Shuts off HTTPS in Hotmail for Over a Dozen Countries Message-ID: <8E3C60AC-6ED7-400B-AE3A-9FC72269D497@infowarrior.org> Microsoft Shuts off HTTPS in Hotmail for Over a Dozen Countries News Update by Eva Galperin https://www.eff.org/deeplinks/2011/03/microsoft-shuts-https-hotmail-over-dozen-countries Microsoft appears to have turned off the always-use-HTTPS option in Hotmail for users in more than a dozen countries, including Bahrain, Morocco, Algeria, Syria, Sudan, Iran, Lebanon, Jordan, Congo, Myanmar, Nigeria, Kazakhstan, Uzbekistan, Turkmenistan, Tajikistan, and Kyrgyzstan. Hotmail users who have set their location to any of these countries receive the following error message when they attempt to turn on the always-use-HTTPS feature in order to read their mail securely: Your Windows Live ID can't use HTTPS automatically because this feature is not available for your account type. Microsoft debuted the always-use-HTTPS feature for Hotmail in December of 2010, in order to give users the option of always encrypting their webmail traffic and protecting their sensitive communications from malicious hackers using tools such as Firesheep, and hostile governments eavesdropping on journalists and activists. For Microsoft to take such an enormous step backwards? undermining the security of Hotmail users in countries where freedom of expression is under attack and secure communication is especially important?is deeply disturbing. We hope that this counterproductive and potentially dangerous move is merely an error that Microsoft will swiftly correct. The good news is that the fix is very easy. Hotmail users in the affected countries can turn the always-use-HTTPS feature back on by changing the country in their profile to any of the countries in which this feature has not been disabled, such as the United States, Germany, France, Israel, or Turkey. Hotmail users who browse the web with Firefox may force the use of HTTPS by default?while using any Hotmail location setting?by installing the HTTPS Everywhere Firefox plug-in. From rforno at infowarrior.org Sat Mar 26 16:33:53 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 26 Mar 2011 17:33:53 -0400 Subject: [Infowarrior] - Judge Green Lights BitTorrent User Mass-Harassment Scheme Message-ID: <951B6ABF-D576-479D-8CDB-B125BC61B82B@infowarrior.org> Judge Green Lights BitTorrent User Mass-Harassment Scheme ? Ernesto ? 26/03/2011 http://torrentfreak.com/judge-green-lights-bittorrent-user-mass-harassment-scheme-110326/ The mass lawsuits against alleged BitTorrent users in the United States that have been keeping the courts busy over the past several months are turning into a roller-coaster ride. Last week thousands of defendants celebrated a victory when they had their cases dropped, but just a few days later a judge ignored all procedural issues and gave the green light for the mass-lawsuits to continue. Several movie studios represented by the U.S. Copyright Group (USCG) scored a big win in their mass BitTorrent lawsuits this week. Contrary to earlier decisions in similar cases, U.S. District Court Judge Beryl Howell, waived away the concerns that had been raised by ISPs, consumer rights groups and the defendants? lawyers. Among other things, they had argued that many of the defendants fall outside the Washington DC Court?s jurisdiction as they live in other states. In addition, they argued that joining thousands of defendants in one lawsuit is improper procedure, and that the lawsuits violate the defendants? right to anonymity as protected by the First Amendment. However, the District Court judge disagreed and allowed Call of the Wild Movie LLC, Maverick Entertainment Group, and Donkeyball Movie LLC to continue their cases. Texas lawyer Robert Cashman, who represents several defendants, is blown away by the decision of Judge Beryl Howell, who has basically turned the U.S. legal system into a tool which allows the copyright holders to acquire all the info they need to send out ?extortionist? settlement claims. ?In layman terms, the decision means that the plaintiff attorneys can continue harassing defendants and trying to elicit multi-thousand dollar settlements from defendants. This, while the plaintiff attorneys continue to tell the judge they are conducting ?discovery,? that is, trying to figure out which of the thousands they have sued live in DC,? Cashman told TorrentFreak. ?It is my opinion that the judge is completely siding with the plaintiff attorneys on all accounts, for whatever his personal or political motivations. On almost every argument, he states that he is siding with the plaintiff attorneys because it is ?too early? to decide any of the issues brought to the court until defendants are named,? he added. This is a big concern because the copyright holders are not planning to bring a full-trial against the defendants, they simply want their names so they can send out their demands for cash. And since Judge Beryl Howell has now ruled that potential issues of jurisdiction and joinder are not relevant until the defendants are named, the copyright holders now have carte blanche. ?In short, he is giving the plaintiff attorneys a very loose leash to run around and do whatever they want to do to whomever they please, and he is completely ignoring the fact that the plaintiffs are not running a lawsuit, but instead are running a settlement scheme disguised as ?discovery?,? Cashman said. ?I believe the judge is giving the plaintiff attorneys the benefit of the doubt on all accounts, which is unfortunate because he is turning a blind eye to the abuses defendants are suffering with threats and harassment while plaintiff attorneys attempt to scare them into a settlement,? Cashman added. Interestingly, just last week thousands of defendants were dropped from these same cases by the copyright holders, at least for the time being. For these people nothing will change. However, the most recent decision is certainly a step in the wrong direction, which may lead to even more U.S.-based cases than the 100,000+ that have been filed against BitTorrent users since last year. From rforno at infowarrior.org Sun Mar 27 18:48:50 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 27 Mar 2011 19:48:50 -0400 Subject: [Infowarrior] - Paul Baran passed away... Message-ID: <38361F55-607A-41D8-A169-075AC663A888@infowarrior.org> (via Dave Farber) > Paul passed away last night due to complications from lung cancer. There will be an obituary in the New York Times tomorrow written by Katie Hafner > > Paul was an long time friend and mentor. I will miss him. From rforno at infowarrior.org Sun Mar 27 22:08:41 2011 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 27 Mar 2011 23:08:41 -0400 Subject: [Infowarrior] - NYT Obit: Paul Baran, Internet Pioneer, Dies at 84 Message-ID: <14E6BFD6-CD91-4CC1-9335-E19290E044B9@infowarrior.org> March 27, 2011 Paul Baran, Internet Pioneer, Dies at 84 By KATIE HAFNER https://www.nytimes.com/2011/03/28/technology/28baran.html Paul Baran, an engineer who helped create the technical underpinnings for the Arpanet, the government-sponsored precursor to today?s Internet, died Saturday night at his home in Palo Alto, Calif. He was 84. The cause was complications from lung cancer, said his son, David. In the early 1960s, while working at the RAND Corporation in Santa Monica, Calif., Mr. Baran outlined the fundamentals for packaging data into discrete bundles, which he called ?message blocks.? The bundles are then sent on various paths around a network and reassembled at their destination. Such a plan is known as ?packet switching.? Mr. Baran?s idea was to build a distributed communications network, less vulnerable to attack or disruption than conventional networks. In a series of technical papers published in the 1960s he suggested that networks be designed with redundant routes so that if a particular path failed or was destroyed, messages could still be delivered through another. Mr. Baran?s invention was so far ahead of its time that in the mid-1960s, when he approached AT&T with the idea to build his proposed network, the company insisted it would not work and refused. ?Paul wasn?t afraid to go in directions counter to what everyone else thought was the right or only thing to do,? said Vinton Cerf, a vice president at Google who was a colleague and longtime friend of Mr. Baran?s. ?AT&T repeatedly said his idea wouldn?t work, and wouldn?t participate in the Arpanet project,? he said. In 1969, the Defense Department?s Advanced Research Projects Agency built the Arpanet, a network that used Mr. Baran?s ideas, and those of others. The Arpanet was eventually replaced by the Internet, and packet switching still lies at the heart of the network?s internal workings. Paul Baran was born on April 29, 1926, in Grodno, Poland. His parents moved to the United States in 1928, and Mr. Baran grew up in Philadelphia. His father was a grocer, and as a boy, Paul delivered orders to customers in a small red wagon. He attended the Drexel Institute of Technology, which later became Drexel University, where he earned a bachelor?s degree in electrical engineering in 1949. He took his first job at the Eckert-Mauchly Computer Corporation in Philadelphia, testing parts of radio tubes for an early commercial computer, the Univac. In 1955, he married Evelyn Murphy, and they moved to Los Angeles, where Mr. Baran took a job at Hughes Aircraft working on radar data processing systems. He enrolled in night classes at the University of California, Los Angeles. Mr. Baran received a master?s degree in engineering from U.C.L.A. in 1959. Gerald Estrin, who was Mr. Baran?s adviser, said Mr. Baran was the first student he ever had who actually went to the Patent Office in Washington to investigate whether his master?s work, on character recognition, was patentable. ?From that day on, my expectations of him changed,? Dr. Estrin said. ?He wasn?t just a serious student, but a young man who was looking to have an effect on the world.? In 1959, Mr. Baran left Hughes to join RAND?s computer science department. He quickly developed an interest in the survivability of communications systems in the event of a nuclear attack, and spent the next several years at RAND working on a series of 13 papers ? two of them classified ? under contract to the Air Force, titled, ?On Distributed Communications.? About the same time that Mr. Baran had his idea, similar plans for creating such networks were percolating in the computing community. Donald Davies of the British National Physical Laboratory, working a continent away, had a similar idea for dividing digital messages into chunks he called packets. ?In the golden era of the early 1960s, these ideas were in the air,? said Leonard Kleinrock, a computer scientist at U.C.L.A. who was working on similar networking systems in the 1960s. Mr. Baran left RAND in 1968 to co-found the Institute for the Future, a nonprofit research group specializing in long-range forecasting. Mr. Baran was also an entrepreneur. He started seven companies, five of which eventually went public. In recent years, the origins of the Internet have been subject to claims and counterclaims of precedence, and Mr. Baran was an outspoken proponent of distributing credit widely. ?The Internet is really the work of a thousand people,? he said in an interview in 2001. ?The process of technological developments is like building a cathedral,? he said in an interview in 1990. ?Over the course of several hundred years, new people come along and each lays down a block on top of the old foundations, each saying, ?I built a cathedral.? ?Next month another block is placed atop the previous one. Then comes along an historian who asks, ?Well, who built the cathedral?? Peter added some stones here, and Paul added a few more. If you are not careful you can con yourself into believing that you did the most important part. But the reality is that each contribution has to follow onto previous work. Everything is tied to everything else.? Mr. Baran?s wife, Evelyn, died in 2007. In addition to his son, David, of Atherton, Calif., he is survived by three grandchildren; and his companion of recent years, Ruth Rothman. From rforno at infowarrior.org Mon Mar 28 06:55:41 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 28 Mar 2011 07:55:41 -0400 Subject: [Infowarrior] - The new cyber military-industrial complex Message-ID: <32D64355-3489-4325-AD46-8C3D71E7C1E7@infowarrior.org> The new cyber military-industrial complex RON DEIBERT AND RAFAL ROHOZINSKI Special to Globe and Mail Update Published Monday, Mar. 28, 2011 2:00AM EDT Ron Deibert is director of the Citizen Lab at the University of Toronto?s Munk School of Global Affairs. Rafal Rohozinski is CEO of the Ottawa-based SecDev Group. http://www.theglobeandmail.com/news/opinions/opinion/the-new-cyber-military-industrial-complex/article1957159/ In the aftermath of the revolution that brought down Egypt?s Hosni Mubarak, protesters burst into the building that housed the state security services and combed through thousands of documents left by the departing regime. Among the files listing paid informants, tortured confessions and acts of secret manipulation was one rather exceptional document: a contract from an obscure German firm selling cyberwar software to the Egyptian regime. The document, quickly posted on the Internet, provided a detailed glimpse inside the black arts of today?s world of electronic warfare. For those who study the geopolitics of cyberspace, the revelation was hardly surprising. There?s an arms race in cyberspace, and a massively exploding new cyber-industrial complex that serves it. The German firm is but one small manifestation. It has become a truism to say that the offence has the advantage over the defence in cyber conflicts. Attack tools are cheap and widely available. Attackers can mount their assaults with lightning speed from anywhere on the planet to anywhere else, disguising their origins and masking responsibility. Scholars of war and human nature have long understood that, in an offence-dominant environment such as this, the pressure is on to keep up or be left behind. Fear and insecurity increase, threats lurk everywhere, and rash decisions can lead to unexpected outcomes and chaos. While this may sound ominous for most, for those in the defence industry, it presents an irresistible market opportunity. A new cyber military-industrial complex has exploded, estimated to be between $80-billion and $150-billion (U.S.) annually. Like Dwight Eisenhower?s military-industrial complex before it, this massive cyber-industrial complex is intimately connected to militarization processes in the West and, in particular, the United States. Major corporate giants that arose in the Cold War, such as Boeing and Northrop Grumman, are now repositioning themselves to service the cyber security market. But as the Egyptian security service files show, the market knows no boundaries. Advanced deep pack inspection, content filtering, social network mining, cellphone tracking and computer network attack and exploitation capabilities, developed primarily by U.S., Canadian and European firms, are sold to hungry buyers worldwide ? many of them authoritarian regimes. Like all arms races before it, the growing tensions in cyberspace and the proliferation of tools and services that feed it create a climate of fear and insecurity. And as Samuel Coleridge once said, ?What begins in fear usually ends in folly.? A dangerous, lawless atmosphere is spreading in cyberspace. Both Indian and Iranian officials have gone on public record condoning hackers who work in the state?s interest. As if on queue, a group of hackers using the name Iranian Cyber Army defaces U.S.-supported websites, including those of the Voice of America and Radio Farda. Not long afterward, Sudan?s ruling party warns activists that the state?s ?cyber jihadists? will crush their opposition movement. A Jacobin-like collective of vigilante hackers, called Anonymous, targets websites, services, and companies that cross their conception of the ?general will.? One week Visa is targeted, the next it?s Tunisia, and then an obscure racist religious congregation in the southern U.S. feels their wrath. One cyber security firm, HBGary, that had developed infowar plans to identify Anonymous members and target WikiLeaks supporters, had their computers hacked by Anonymous, which then published 70,000 of the firm?s confidential e-mails. Want to mount a distributed denial of service attack of your own to bring down a group you don?t like? It?s easy. Websites in China and Ukraine will sell you daily, weekly, monthly or even ?lifetime? rentals of botnets with 24/7 technical support. U.S. legislators, meanwhile, propose giving the President powers to shut off the Internet in an emergency, while Egyptian and Libyan authorities demonstrate just how easily it?s done. Nothing, it seems, is sacred in cyberspace any longer. This was not the way it was supposed to be. Cyberspace?s early architects foresaw a kind of digital agora that would fulfill long-standing democratic aspirations. In 1937, the futurist H.G. Wells wrote an essay called the World Brain in which he predicted a time when technology would make information available to all citizens of the planet in real time: ?The whole human memory can be, and probably in a short time will be, made accessible to every individual. ? It need not be concentrated in any one single place. It need not be vulnerable as a human head or a human heart is vulnerable. It can be reproduced exactly and fully, in Peru, China, Iceland, Central Africa, or wherever else seems to afford an insurance against danger and interruption.? Imagine if Wells were alive today to see how close we?ve come to achieving that dream, only to allow it to slip into chaos. We have indeed created a kind of ?world brain?; the problem is, it?s a typically aggressive and insecure human one. Ron Deibert is director of the Citizen Lab at the University of Toronto?s Munk School of Global Affairs. Rafal Rohozinski is CEO of the Ottawa-based SecDev Group. From rforno at infowarrior.org Mon Mar 28 09:06:12 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 28 Mar 2011 10:06:12 -0400 Subject: [Infowarrior] - BitTorrent Case Judge Is a Former RIAA Lobbyist and Pirate Chaser Message-ID: <6877CF01-AABB-47BF-B8AF-2CFB84F0007E@infowarrior.org> BitTorrent Case Judge Is a Former RIAA Lobbyist and Pirate Chaser ? Ernesto ? 28/03/2011 ? 2 ? Beryl Howell, http://torrentfreak.com/bittorrent-case-judge-is-a-former-riaa-lobbyist-and-pirate-chaser-110328/ Less than a week after her investiture ceremony, U.S. District Court Judge Beryl Howell laid down a landmark verdict that will make it easy for copyright holders to send cash demands to people they suspect of copyright infringement. Many people called the decision into doubt, and the revelation that Judge Howell previously worked as an RIAA lobbyist and as the Managing Director of a pirate-chasing outfit hints at a conflict of interest. Last week, the freshly appointed U.S. District Court Judge Beryl Howell gave copyright holders carte blanche to continue their profitable settlement schemes. This verdict weakens the position of thousands of alleged BitTorrent users, some of whom may be completely innocent. Despite opposition from ISPs and consumer rights groups who described the tactics as ?extortion,? Howell decided in favor of the copyright holders. An extremely unfortunate precedent to say the least, and this is confirmed by lawyer Robert Cashman who represents several defendants in similar cases. ?I believe the judge is giving the plaintiff attorneys the benefit of the doubt on all accounts, which is unfortunate because she is turning a blind eye to the abuses defendants are suffering with threats and harassment while plaintiff attorneys attempt to scare them into a settlement,? Cashman told TorrentFreak. The big question is why Judge Howell came to this conclusion. Although we can?t see inside her mind, looking at her career before she was appointed as a judge a few months ago may give us some insight. Howell?s resume immediately reveals that she is no stranger to copyright law. As General Counsel of the Senate Committee on the Judiciary she helped with the drafting of several prominent intellectual property protection laws, including the Digital Millennium Copyright Act (DMCA), Digital Theft Deterrence and Copyright Damages Deterrence Act and the No Electronic Theft Act. The above clearly indicates that Howell is familiar with protecting the interests of copyright holders, but there is more. Until 2009 she also held the position of Executive Managing Director and General Counsel at Stroz Friedberg, a consulting firm that specializes in the management of digital crimes. Among other areas of expertise, Stroz Friedberg is very familiar with the technology required to hunt down file sharers. Next month the firm is hosting a lecture titled ?The Power of Digital Forensics in Intellectual Property Cases? in which they explain how ?specialized forensic processes? can help to find ?infringing copies of protected music.? It doesn?t take a genius to realize that Judge Howell?s former employee may directly benefit from her decision to allow the mass-infringement lawsuits to continue. And that?s not all. In recent years Stroz Friedberg has lobbied extensively in Washington on behalf of the RIAA. This consulting job earned the company more than half a million dollars. And yes, one of the leading lobbyists on record was Beryl Howell, who was paid $415,000 between 2004 and 2008. Although judges are deemed to be objective, the above is troubling information which at the least hints at a slight bias in judgement. This is fueled by the fact that less than a week after her investiture ceremony as a judge, Howell opened the door for copyright holders to send out settlements to tens of thousands of alleged file-sharers without first having evidence against them tested in court. As a lobbyist there was only so much Howell could do, but as a U.S. District Court Judge she can really make a difference it seems. In layman?s terms her ruling means that copyright holders can easily request the personal details of people who have allegedly downloaded copyrighted works on BitTorrent. With this decision in hand the copyright holders have all they need. After all, the intention of these lawsuits was never to take the defendants to court, but to send them settlement letters to resolve the issue for a few thousand dollars. Whether this represents fair practice is not for us but a judge to decide ? U.S. District Court Judge Beryl Howell in this case. We?re no lawyers at TorrentFreak, but if we see the information as presented above we can?t help but feel that there might be a conflict of interest here. At the least, some might consider that spending years defending the rights of major copyright holders has the potential to slightly blur one?s objectivity. From rforno at infowarrior.org Mon Mar 28 12:52:29 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 28 Mar 2011 13:52:29 -0400 Subject: [Infowarrior] - Another Court Rejects Idea That DMCA Requires Proactive Approach From Service Providers Message-ID: <1A15A6E9-F196-49D5-8264-B23A5573A280@infowarrior.org> Another Court Rejects Idea That DMCA Requires Proactive Approach From Service Providers from the sorry-viacom dept The very crux of the ongoing Viacom/YouTube lawsuit is whether or not the DMCA requires that a service provider, such as YouTube, proactively police the content on the site, perhaps via a filter tool. The lower court rejected that claim, saying that the DMCA is pretty clear that the service provider needs specific notice of infringing works (via takedown notices, for example). The entertainment industry and its supporters continue to argue that there is a mythological obligation of service providers to police their own site once they have general knowledge that there's some infringing works. Now we have yet another court ruling (and it's not the first) to completely reject this claim. The lawsuit involves an artist who discovered some allegedly infringing copies of her work were available via the photo hosting site Photobucket. She sent some takedown notices, and then decided that she'd sent enough takedown notices, so Photobucket should be "on notice" about her works being infringed, and she expected the company to proactively police her works and keep them off the site. As Eric Goldman notes, the court made quick work of this argument, in explaining how it's simply wrong... < - > http://www.techdirt.com/articles/20110325/04173913626/another-court-rejects-idea-that-dmca-requires-proactive-approach-service-providers.shtml From rforno at infowarrior.org Mon Mar 28 12:53:12 2011 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 28 Mar 2011 13:53:12 -0400 Subject: [Infowarrior] - USTR Refuses To Release CRS Report on ACTA Legality Message-ID: USTR Refuses To Release Congressional Research Service Study On Legality Of ACTA from the why-is-this-kept-secret? dept http://www.techdirt.com/articles/20110325/04480513628/ustr-refuses-to-release-congressional-research-service-study-legality-acta.shtml We've talked about how ridiculous it is that the government keeps Congressional Research Service (CRS) reports secret. The organization, which is widely respected and tends to do thorough, objective and useful research, technically produces reports that are in the public domain. However, the recipients of those reports (usually members of Congress or other government employees) often don't want to let those documents out for that very reason. If you're pushing for a certain law, and CRS research proves that there are problems with it, you don't want that info to get out. Of course, if we had intellectually honest politicians (stop laughing!), they would not just publish the research, but would actually use it to guide some of their policy making decisions. Back in October, you may recall that Senator Ron Wyden, one of the very few elected officials to actually understand and to worry about the implications of ACTA, asked the CRS to study ACTA to see how it would impact US law. That report has been delivered to the USTR, and KEI filed a FOIA request to see the document. However, the USTR has refused to provide the document. The USTR really seems to take a "secrecy first, transparency never" view on all things ACTA, doesn't it? It certainly makes you wonder what's in that report, doesn't it? KEI is now appealing the rejection, claiming that the USTR's explanation for denying the request is simply not supported by the law. The USTR claims that it can't hand out the document, because it belongs to CRS. This is simply incorrect, as KEI noted in its reply. Of course, it's also unclear why Senator Wyden's office doesn't release the document itself, but the feeling there is that he doesn't want to upset the USTR either. From rforno at infowarrior.org Tue Mar 29 07:16:44 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 Mar 2011 08:16:44 -0400 Subject: [Infowarrior] - Food Inflation Kept Hidden in Tinier Bags Message-ID: March 28, 2011 Food Inflation Kept Hidden in Tinier Bags https://www.nytimes.com/2011/03/29/business/29shrink.html?_r=2&hp=&pagewanted=print By STEPHANIE CLIFFORD and CATHERINE RAMPELL Chips are disappearing from bags, candy from boxes and vegetables from cans. As an expected increase in the cost of raw materials looms for late summer, consumers are beginning to encounter shrinking food packages. With unemployment still high, companies in recent months have tried to camouflage price increases by selling their products in tiny and tinier packages. So far, the changes are most visible at the grocery store, where shoppers are paying the same amount, but getting less. For Lisa Stauber, stretching her budget to feed her nine children in Houston often requires careful monitoring at the store. Recently, when she cooked her usual three boxes of pasta for a big family dinner, she was surprised by a smaller yield, and she began to suspect something was up. ?Whole wheat pasta had gone from 16 ounces to 13.25 ounces,? she said. ?I bought three boxes and it wasn?t enough ? that was a little embarrassing. I bought the same amount I always buy, I just didn?t realize it, because who reads the sizes all the time?? Ms. Stauber, 33, said she began inspecting her other purchases, aisle by aisle. Many canned vegetables dropped to 13 or 14 ounces from 16; boxes of baby wipes went to 72 from 80; and sugar was stacked in 4-pound, not 5-pound, bags, she said. Five or so years ago, Ms. Stauber bought 16-ounce cans of corn. Then they were 15.5 ounces, then 14.5 ounces, and the size is still dropping. ?The first time I?ve ever seen an 11-ounce can of corn at the store was about three weeks ago, and I was just floored,? she said. ?It?s sneaky, because they figure people won?t know.? In every economic downturn in the last few decades, companies have reduced the size of some products, disguising price increases and avoiding comparisons on same-size packages, before and after an increase. Each time, the marketing campaigns are coy; this time, the smaller versions are ?greener? (packages good for the environment) or more ?portable? (little carry bags for the takeout lifestyle) or ?healthier? (fewer calories). Where companies cannot change sizes ? as in clothing or appliances ? they have warned that prices will be going up, as the costs of cotton, energy, grain and other raw materials are rising. ?Consumers are generally more sensitive to changes in prices than to changes in quantity,? John T. Gourville, a marketing professor at Harvard Business School, said. ?And companies try to do it in such a way that you don?t notice, maybe keeping the height and width the same, but changing the depth so the silhouette of the package on the shelf looks the same. Or sometimes they add more air to the chips bag or a scoop in the bottom of the peanut butter jar so it looks the same size.? Thomas J. Alexander, a finance professor at Northwood University, said that businesses had little choice these days when faced with increases in the costs of their raw goods. ?Companies only have pricing power when wages are also increasing, and we?re not seeing that right now because of the high unemployment,? he said. Most companies reduce products quietly, hoping consumers are not reading labels too closely. But the downsizing keeps occurring. A can of Chicken of the Sea albacore tuna is now packed at 5 ounces, instead of the 6-ounce version still on some shelves, and in some cases, the 5-ounce can costs more than the larger one. Bags of Doritos, Tostitos and Fritos now hold 20 percent fewer chips than in 2009, though a spokesman said those extra chips were just a ?limited time? offer. Trying to keep customers from feeling cheated, some companies are introducing new containers that, they say, have terrific advantages ? and just happen to contain less product. Kraft is introducing ?Fresh Stacks? packages for its Nabisco Premium saltines and Honey Maid graham crackers. Each has about 15 percent fewer crackers than the standard boxes, but the price has not changed. Kraft says that because the Fresh Stacks include more sleeves of crackers, they are more portable and ?the packaging format offers the benefit of added freshness,? said Basil T. Maglaris, a Kraft spokesman, in an e-mail. And Procter & Gamble is expanding its ?Future Friendly? products, which it promotes as using at least 15 percent less energy, water or packaging than the standard ones. ?They are more environmentally friendly, that?s true ? but they?re also smaller,? said Paula Rosenblum, managing partner for retail systems research at Focus.com, an online specialist network. ?They announce it as great new packaging, and in fact what it is is smaller packaging, smaller amounts of the product,? she said. Or marketers design a new shape and size altogether, complicating any effort to comparison shop. The unwrapped Reese?s Minis, which were introduced in February, are smaller than the foil-wrapped Miniatures. They are also more expensive ? $0.57 an ounce at FreshDirect, versus $0.37 an ounce for the individually wrapped. At H. J. Heinz, prices on ketchup, condiments, sauces and Ore-Ida products have already gone up, and the company is selling smaller-than-usual versions of condiments, like 5-ounce bottles of items like Heinz 57 Sauce sold at places like Dollar General. ?I have never regretted raising prices in the face of significant cost pressures, since we can always course-correct if the outcome is not as we expected,? Heinz?s chairman and chief executive, William R. Johnson, said last month. While companies have long adjusted package sizes to appeal to changing tastes, from supersizes to 100-calorie packs, the recession drove a lot of corporations to think small. The standard size for Edy?s ice cream went from 2 liters to 1.5 in 2008. And Tropicana shifted to a 59-ounce carton rather than a 64-ounce one last year, after the cost of oranges rose. With prices for energy and for raw materials like corn, cotton and sugar creeping up and expected to surge later this year, companies are barely bothering to cover up the shrinking packs. ?Typically, the product manufacturers are doing this slightly ahead of the perceived inflationary issues,? Ms. Rosenblum said. ?Lately, it hasn?t been subtle ? I mean, they?ve been shrinking by noticeable amounts.? That can work to a company?s benefit. In the culture of thinness, smaller may be a selling point. It lets retailers honestly claim, for example, that a snack package contains fewer calories ? without having to change the ingredients a smidge. ?For indulgences like ice cream, chocolate and potato chips, consumers may say ?I don?t mind getting a little bit less because I shouldn?t be consuming so much anyway,? ? said Professor Gourville. ?That?s a harder argument to make with something like diapers or orange juice.? But even while companies blame the recession for smaller packages, they rarely increase sizes in good times, he said. He traced the shrinking package trends to the late 1980s, when companies like Chock full o? Nuts downsized the one-pound tin of ground coffee to 13 ounces. That shocked consumers, for whom a pound of coffee had been as standard a purchase unit as a dozen eggs or a six-pack of beer, he said. Once the economy rebounds, he said, a new ?jumbo? size product typically emerges, at an even higher cost per ounce. Then the gradual shrinking process of all package sizes begins anew, he said. ?It?s a continuous cycle, where at some point the smallest package offered becomes so small that perhaps they?re phased out and replaced by the medium-size package, which has been shrunk down,? he said. From rforno at infowarrior.org Tue Mar 29 08:26:16 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 Mar 2011 09:26:16 -0400 Subject: [Infowarrior] - The Madness of the Clouds Message-ID: <7E1C7422-DC51-4DD8-906A-8D64C8CF19CA@infowarrior.org> Viewpoint March 28, 2011, 3:21PM EST The Madness of the Clouds http://www.businessweek.com/print/innovate/content/mar2011/id20110325_345095.htm As cloud computing services become more popular with consumers and corporations, it's time to sort hype from reality By Mickey McManus A December survey by Cisco (CSCO) of more than 2,000 tech managers across 13 countries found that 52 percent are using?or plan to use?cloud computer services in the near future. (The percentages are even higher in emerging markets Brazil, India, and China.) Another report released in August by market researcher Gartner (IT) noted that nearly 40 percent of IT professionals worldwide are putting more money toward cloud computing than ever before. When so many people are talking about "The Cloud" with such passion, and backing that interest with investments, I begin to ask questions. This is what I discovered. The gap between the hype and the reality, particularly on the technical side, is immense. It may be better to think of these "clouds" as a collection of giant, sometimes flammable, gas-filled Hindenburg-like airships with fluffy pictures painted on their sides by clever marketing folks. Lest you think I'm an enemy of progress, I did discover there are some amazing and powerful new business models coming out of the clouds. If you're just starting a business or looking to focus on what you really do well, "pay-per-service" is a prudent and cost-effective way to manage your affairs. Further, it levels the playing field, democratizing the tools of business. Potential for Catastrophe But over the last few months, I've spoken with many security analysts across a number of industries and they've expressed both excitement and a deep-seated dread. They are excited because agile security will need to be "built into the cloud," and worried because in private conversation, they don't talk about if a "Deepwater Horizon-like event" will happen in the cloud, but when. Why is there such certainty that a catastrophic event will occur? For starters, we're on a path to remove all resiliencies from our global business engine. Five years ago, if you took a random sampling you would have discovered that most companies had physical control over their mission-critical data and processes. It was usually in the form of "Bob in IT" with a team of computer geeks tending closets filled with servers. It wasn't perfect, but if one, ten, a hundred, or even a thousand companies lost their data, or installed a bad software patch, or fell prey to a malicious attack, the lifeblood of business everywhere would still flow. It would be an isolated incident, with little or no damage done to the greater economy. Today, many companies have put?or are beginning to put?their business-critical information into the hands of four or five companies that specialize in cloud services. These companies have placed all of their customer-specific data into a cloud run by one company, and other critical systems into another cloud run by a different company. The logic is simple: If one cloud fails, just move the information to another cloud. At most it will cause a few days of discomfort. The problem is that different clouds are far from compatible; the information that went into building one cannot easily flow to another?well, not without a considerable investment in rebuilding much of your system from scratch over weeks, months, or in some cases years. Centralized Market Let's look at the big picture and be clear about the risks: We are migrating from a diverse way of dealing with business information to a centralized market with a few single points of potential catastrophic failure. If there is a hostile takeover of one of the handful of big cloud vendors, if a malicious attack succeeds in taking one or two of them down for any amount of time, if someone just makes one too many mistakes, if the shareholders of one of these firms decide it is not in their business interest to keep that service running, business information will not just magically flow from one cloud to another. Rather, the whole business world will face the storm of the century and commerce could literally grind to a halt. This isn't just a business problem. I hear family members say, "Oh, my stuff is in the cloud." I watch kids uploading pictures, stories, thoughts, and dreams, not into diaries and photo albums but directly "to the cloud." They've never stored their memories in some old shoebox in the basement. Now imagine waking up and losing every precious piece of information in your own life. If this sounds like a nightmare scenario and you're sure it could never happen, ask "Alice," an AOL (AOL) user who was informed (after the fact) that one of AOL's popular sites for creating personal Web pages, Hometown, had been turned off. This was her plea: "It is so sad that I have lost all my saved pages from my daughter. That's all I had left [of] all her memories. Now I have nothing at all. I lost my daughter 2 years ago, and I needed those pages. I beg you is there anyway I can get them back pleaseee." She never received a reply, and if you look now you'll find her message deleted as well. (AOL declined to comment.) Or ask the 40,000 Google (GOOG) Gmail users who recently found their mail missing and mailboxes gone thanks to a software update gone wrong. It was only a tiny percentage of users affected, but who would want to be in that minority? These anecdotes could easily be written off as the last rumblings of a passing storm before the sun shines on a brighter day. Those few sad little people caught in the transition are just anomalies. Feel bad for them for a moment to show your humanity, then look away. Resilient Design Needed What I'm concerned about is the technical approach we've taken to implement cloud services, the issues nobody seems to be talking about or questioning. Most of the clouds that businesses use today are built not on the kinds of patterns found in nature (our greatest laboratory for scalability and resilience), but rather on a model called "client/server architecture" (hint, the clouds are the servers) designed in the 1950s, '60s, and '70s, when computers were expensive and memory was at a premium. Nature is the grand laboratory of resilient, ultra-large complex systems. While the Internet has just hit 2 billion users, our own body has many trillions of cells. However, unlike a PC, we don't lock up monthly, we keep working for upwards of 70 to 80 years. Nature has been here before. In nature, computing is cheap, memory is even cheaper, and something called "peer-to-peer," rather than "client/server," plays a much more significant role. If we learned from nature's design patterns, we could grow a much more resilient future?where information is massively replicated (think gene pool rather than hydrogen clouds) and mission-critical or personally precious information just can't be lost. This isn't a pipe dream. I've experienced such systems in action. They use a sort of "Digital DNA" approach to information and are built as flexible evolving ecosystems. It's "biomimicry" for computing. Just as chromosomes are standard, unique containers for all the DNA that makes us human, digital DNA uses standard, unique containers to hold all the "genes" of a new kind of collaboration system. And just as nature copies and replicates those genes in vast numbers throughout our world to gain resiliency, these systems do the same. The U.S. government's "Department of Mad Scientists" has fostered these new, radically distributed and resilient systems; the same group?called DARPA?whose last world-changing success was a little thing called the Internet. The potential is world-changing and promises innovations like we've never seen before. If only we can get past the noise and the madness of the clouds. Mickey McManus is chief executive officer of MAYA Design. MAYA, which stands for Most Advanced, Yet Acceptable, is a technology design and innovation lab whose mission is to tame the complexity of technology so that it serves humankind. From rforno at infowarrior.org Tue Mar 29 13:58:32 2011 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 29 Mar 2011 14:58:32 -0400 Subject: [Infowarrior] - WH Libya Speech vs 'Dancing With the Stars' Message-ID: <0A10882A-2EBE-4B37-8891-BD4959F504DA@infowarrior.org> I figured something like this was the case --- how depressing. --- rick March 28, 2011, 6:29 pm http://mediadecoder.blogs.nytimes.com/2011/03/28/before-libya-white-house-must-negotiate-with-abc Before Libya, White House Must Negotiate With ABC By BILL CARTER President Obama had a message for the American people Monday night, an explanation of the government?s intentions in Libya, one that he believed was important enough to request air time from the broadcast networks as well as the cable news networks. But the administration also recognized that some networks, like ABC, had important priorities of their own: the programs they had scheduled for prime time Monday ? like ?Dancing with the Stars,? the second most-watched show on television. After some friendly negotiations, all parties agreed to a mutually acceptable time: 7:30 Eastern, which meant the speech on the military situation in Libya could be delivered ? and analyzed ? in time for the fans of ?Dancing,? as well as other scheduled network shows, to see the shows they expected to see at their regularly scheduled times. One of these other shows was a special on volunteerism on NBC, which featured appearances from the four living ex-presidents, as well as a taped message from Mr. Obama himself. ABC had a particular reason why it preferred not to have ?Dancing with the Stars? interrupted or delayed: the show is broadcast live. A White House spokesman, Joshua Earnest, sent a statement by e-mail: ?The White House routinely works with the networks, as a group, in circumstances like these to find a time that?s respectful of both the networks and their audience ? while ensuring that the president has the platform he needs to deliver an important message to the American people.? From rforno at infowarrior.org Wed Mar 30 11:34:13 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 Mar 2011 12:34:13 -0400 Subject: [Infowarrior] - U.S. Spy Agency Is Said to Probe Hacker Attack on Nasdaq Message-ID: <11127C5A-5D62-452E-979D-0E6CC5A9D6FF@infowarrior.org> U.S. Spy Agency Is Said to Probe Hacker Attack on Nasdaq By Michael Riley - Mar 30, 2011 http://www.bloomberg.com/news/print/2011-03-30/u-s-spy-agency-said-to-focus-its-decrypting-skills-on-nasdaq-cyber-attack.html The National Security Agency, the top U.S. electronic intelligence service, has joined a probe of the October cyber attack on Nasdaq OMX Group Inc. (NDAQ) amid evidence the intrusion by hackers was more severe than first disclosed, according to people familiar with the investigation. The involvement of the NSA, which uses some of the world?s most powerful computers for electronic surveillance and decryption, may help the initial investigators -- Nasdaq and the FBI -- determine more easily who attacked and what was taken. It may also show the attack endangered the security of the nation?s financial infrastructure. ?By bringing in the NSA, that means they think they?re either dealing with a state-sponsored attack or it?s an extraordinarily capable criminal organization,? said Joel Brenner, former head of U.S. counterintelligence in the Bush and Obama administrations, now at the Washington offices of the law firm Cooley LLP. The NSA?s most important contribution to the probe may be its ability to unscramble encrypted messages that hackers use to extract data, said Ira Winkler, a former NSA analyst and chief security strategist at Technodyne LLC, a Wayne, New Jersey-based information technology consulting firm. The probe of the attack on the second biggest U.S. stock exchange operator, disclosed last month, is also being assisted by foreign intelligence agencies, said one of the people, who declined like the others to be identified because the investigation is confidential and in some cases classified. One of the people said the attack was more extensive than Nasdaq previously disclosed. Motive Undetermined Investigators have yet to determine which Nasdaq systems were breached and why, and it may take months for them to finish their work, two of the people familiar with the matter said. Disclosure of the attack prompted the House Financial Services Committee in February to begin a review of the safety of the country?s financial infrastructure, according to the committee?s chairman, Spencer Bachus, an Alabama Republican. The widening investigation may also complicate Nasdaq?s ability to strike deals to buy or merge with other exchanges at a time when several competitors have announced such moves, according to Alexander Tabb, a partner at Tabb Group LLC, a financial-markets research firm based in Westborough, Massachusetts. ?For an organization like Nasdaq, it does have an impact on the overall perception of their security, their resiliency and their value,? Tabb said. ?For potential partners of the company, that has to be a concern.? Exchange Acquisitions More than $20 billion of exchange acquisitions have been announced in the past five months, including Singapore Exchange Ltd.?s $8.3 billion offer for ASX Ltd., London Stock Exchange Group Plc?s agreement to acquire TMX Group Inc. for $3.1 billion, and Deutsche Boerse AG (DB1)?s $9.5 billion deal for NYSE Euronext. (NYX) Nasdaq operators will be hard pressed to assure potential partners that they have resolved the matter, Tabb said. ?Uncertainty in the functioning of the market is the biggest blow-back to this event,? Tabb said. Nasdaq reported in February that the breach of its computers was limited to a single system known as Directors Desk, a product used by board members of companies to exchange confidential information. The company said that as far as investigators could determine, no data or documents on that system were taken. Other Systems The NSA-assisted probe is now focused on how far the attack may have reached, including the breach of other systems, said one of the people familiar with the probe. Frank De Maria, a Nasdaq spokesman, declined to comment on the effect the security breach might have on the company?s future strategic moves. He said Nasdaq is pursuing its probe and has no new information about the scope of the attack. ?With every company now, searching the networks for break- ins and insuring they?re secure has got to be a full-time job,? De Maria said in an interview. NSA spokeswoman Vanee Vines declined to comment and referred all questions to the Federal Bureau of Investigation, the lead agency in the investigation. Jenny Shearer, a spokeswoman for the FBI, declined to comment. Directors Desk, where the break-in was discovered, is designed to allow directors and executives of Nasdaq client companies to share private files, nonpublic information that cyber criminals could trade on. Nasdaq bought Directors Desk in 2007 as part of its effort to diversify into corporate services. Sophisticated hackers often enter computer networks through a single system, like Directors Desk, then hop to other secure parts of a computer network, the people familiar with the investigation said. Network Vulnerabilities Tabb said investigators are likely trying to chart which parts of Nasdaq?s network might have been accessible through Directors Desk and to ensure those vulnerabilities weren?t exploited -- a time-consuming process, he said. Brenner, the former counter-intelligence chief, said he couldn?t independently confirm the NSA?s role in the probe. He said the agency rarely gets involved in investigating cyber attacks against companies. Brenner said that the NSA played a part in probing the 2009 attack against Google Inc. (GOOG), saying that represented ?a major change? for the agency, which monitors the electronic communications of foreign entities and helps secure the networks of U.S. government agencies. ?It?s part of an increasing awareness that the distinction between economic and national security is rapidly breaking down,? he said. Unique Tools The NSA, based at Fort Meade, Maryland, has the government?s most detailed knowledge of cyber attackers and their methods, Brenner said. A 2008 executive order signed by President George W. Bush expanded the NSA?s responsibilities to include monitoring U.S. government computer networks to detect cyber attacks. The NSA could help identify and analyze electronic clues left behind by the hackers, including communication between the malicious software used in the attack and the outside computers that controlled it, Winkler said. One challenge in analyzing the scope of cyber attacks is that the information captured by intruders is often sent out in an encrypted form, making it difficult to tell what was taken, according to the FBI. Stealthy Software Another obstacle, Brenner said, is that the most sophisticated cyber attacks employ stealthy software that?s programmed to go dormant for months and can be altered by hackers in response to changing security measures. That makes it difficult for investigators to be sure they?ve found all the malicious software and removed it from the network. ?In theory, the NSA should have the ability to reconstruct the data that is being obfuscated,? said Winkler, the former NSA analyst. One line of inquiry pursued by investigators is whether the attack is linked to state-based cyber espionage or sabotage, which would raise national security concerns, one of the people familiar with the probe said. De Maria, the Nasdaq spokesman, said in February in response to an article in the Wall Street Journal that the exchange had been hacked, that there was no evidence the trading platform the company runs was breached. Security dangers include the potential for intruders to alter trading algorithms and cause a market crash, according to Larry Dignan, who writes for ZDNet, a technology publication that?s a unit of CBS Interactive. Doubts on Trades Brenner said intruders might do just as much damage by manipulating trading to create doubt about the validity of trades. More than 93 billion shares were traded on the Nasdaq exchange in the fourth quarter of 2010, equal to almost 20 percent of the U.S. equities market, according to the company?s final quarterly report to the Securities and Exchange Commission last year. Initial reports that the computers used in the attack were based in Russia weren?t correct, the people familiar with the probe said. The investigation has yet to determine the origin of the attack, they said. The attack?s sophistication doesn?t rule out that an organized crime group was responsible, Brenner said. Criminal enterprises have narrowed the skills gap with state-sponsored hackers, launching attacks that can penetrate even the best- guarded computer networks, he said. To contact the reporter on this story: Michael Riley in Washington at michaelriley at bloomberg.net. To contact the editor responsible for this story: David E. Rovella at drovella at bloomberg.net. From rforno at infowarrior.org Wed Mar 30 17:24:20 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 Mar 2011 18:24:20 -0400 Subject: [Infowarrior] - Why are there keyloggers on Samsung laptops? Message-ID: <9BD115D1-D152-4941-9B11-9B551D92038E@infowarrior.org> March 30, 2011 1:52 PM PDT Why are there keyloggers on Samsung laptops? by Elinor Mills http://news.cnet.com/8301-27080_3-20048896-245.html A security researcher says he discovered keylogging software installed on two brand-new Samsung laptops that could be used to monitor all activities on the computer remotely. Mohamed Hassan, founder of NetSec Consulting, discovered StarLogger software on Samsung laptops with model numbers R525 and 540 after running security scanning software on the systems after he bought them last month, he writes in a guest column in Network World posted today. Windows-based StarLogger starts up when the computer is turned on, records all keystrokes made on the computer, can be difficult to detect, and can be set to periodically send surreptitious e-mails with information gleaned from the computer to a predetermined e-mail address, with screen capture images attached. When Hassan called and logged an incident report with Samsung on March 1, support personnel initially denied that keylogging software was on Samsung laptops and then referred him to Microsoft, saying "all Samsung did was manufacture the hardware," he writes. Eventually, a supervisor got on the phone and confirmed that Samsung put the software on the laptop to monitor machine performance "and to find out how it is being used." "In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners," Hassan wrote. He said he contacted three public relations representatives at Samsung for comment and went public with the matter after they failed to reply after one week. Samsung representatives did not immediately respond to a phone call and e-mail from CNET seeking comment this morning. The incident could incur the wrath of customers similar to the backlash that occurred after Sony BMG Music Entertainment sold copy-protected compact discs that installed so-called rootkit software hidden inside computers in 2005. Sony was forced to recall 4.7 million of the discs. Updated 2:44 p.m. PT CNET Reviews could not find the keylogger on a Samsung Series 9 laptop. From rforno at infowarrior.org Wed Mar 30 18:32:19 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 Mar 2011 19:32:19 -0400 Subject: [Infowarrior] - Google Will Face Privacy Audits For The Next 20 Years Message-ID: <6161862F-5148-4858-A86E-CB7008819C25@infowarrior.org> Google Will Face Privacy Audits For The Next 20 Long Years (GOOG) Matt Rosoff Wednesday, March 30, 2011 http://www.sfgate.com/cgi-bin/article.cgi?f=/g/a/2011/03/30/businessinsider-google-were-sorry-for-privacy-problems-with-buzz-2011-3.DTL Google has reached a settlement with the Federal Trade Commission over Buzz, a social blogging service that the company introduced through Gmail last year. As part of the deal, Google will be subjected to regular, independent privacy audits for the next 20 years. By then, soon-to-be CEO Larry Page will be 58 years old. Buzz drew heavy criticism at launch in February 2010 for a glaring privacy flaw. When users turned it on, it suggested people to follow based on their Gmail contacts list and their most frequent email partners. The problem: anybody following a user could automatically see all of his other Buzz contacts. So, for instance, your wife could see that you're still exchanging lots of emails with your ex-girlfriend. As the FTC put it, "Although Google led Gmail users to believe that they could choose whether or not they wanted to join the network, the options for declining or leaving the social network were ineffective." Yikes. The FTC also notes that users who opted out of Buzz were still enrolled in some features of the service. Along with the 20 year oversight, the settlement also says that: ? Google is barred from misrepresenting privacy or confidentiality of the user information it collects. ? Google must obtain user consent before sharing their information with third parties if it changes its privacy policy. ? Google must establish and maintain a comprehensive privacy program. The FTC notes this is the first time it has alleged violations of the U.S.-EU Safe Harbor Framework, which basically requires U. companies to meet the much stricter privacy requirements of the EU. That framework was established to let US companies collect information collected from EU citizens. Google has formally apologized for the whole mess, saying "The launch of Google Buzz. fell short of our usual standards for transparency and user control?letting our users and Google down." Microsoft faced a similar FTC investigation over its Passport service back in 2002. There, too, the FTC imposed a 20-year oversight period, including regular audits to make sure that Microsoft was explaining exactly what information Passport collected and how the company used it and shared it with partners. From rforno at infowarrior.org Wed Mar 30 19:34:22 2011 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 30 Mar 2011 20:34:22 -0400 Subject: [Infowarrior] - DHS insiders worried over political 'meddling' Message-ID: <6E639F77-B2F0-4CBA-A477-13BE0D2B045A@infowarrior.org> Emails: Insiders worried over political 'meddling' By TED BRIDIS, Associated Press Mon Mar 28, 1:14 pm ET http://news.yahoo.com/s/ap/20110328/ap_on_re_us/us_freedom_of_information/print WASHINGTON ? The Homeland Security Department official in charge of submitting sensitive government files to political advisers for secretive reviews before they could be released to citizens, journalists and watchdog groups complained in emails that the unusual scrutiny was "crazy" and hoped someone outside the Obama administration would discover the practice, The Associated Press has learned. Chief Privacy Officer Mary Ellen Callahan, who was appointed by Homeland Security Secretary Janet Napolitano, complained in late 2009 that the vetting process was burdensome and said she wanted to change it, according to uncensored emails newly obtained by the AP. In the emails, she warned that the Homeland Security Department might be sued over delays the political reviews were causing, and she hinted that a reporter might find out about the vetting. The reviews are the subject of a congressional hearing later this week and an ongoing inquiry by the department's inspector general. "This level of attention is CRAZY," Callahan wrote in December 2009 to her then-deputy, Catherine Papoi. Callahan said she hoped someone outside the Obama administration would discover details of the political reviews, possibly by asking for evidence of them under the Freedom of Information Act itself: "I really really want someone to FOIA this whole damn process," Callahan wrote. Callahan is expected to be a central witness during an oversight hearing Thursday by the House Government Reform and Oversight Committee. Anticipating the hearing, the department announced internally Monday that any further political vetting of information requests will be completed within 24 hours. The congressional investigation into government transparency under President Barack Obama is among the earliest by Republicans since they won control of the House and targets one of the first pledges Obama made after he moved into the White House. Less than one week after Callahan's email, on Dec. 21, the AP formally requested the records about the controversial political vetting. The agency ultimately turned over more than 995 pages of emails last summer, after a seven-month fight, and the AP wrote about the program. But the emails were heavily censored under a provision in the Freedom of Information Act allowing the government to withhold passages that describe internal policy-making deliberations. The newly obtained versions of the same internal emails are not censored. They show that insiders described the unusual political vetting as "meddling," "nuts" and "bananas!" Together with other confidential emails obtained by the AP for the first time, the files reflect deep unease about the reviews and included allegations that Napolitano's senior political advisers might have hidden embarrassing or sensitive emails that journalists and watchdog groups had requested. The government said this didn't happen. After an admitted al-Qaida operative tried to blow up a commercial airliner flying to Detroit on Christmas 2009, the AP asked for emails sent among Napolitano; her chief of staff, Noah Kroloff; deputy chief of staff Amy Shlossman; and four others. But the number of printed pages that Kroloff and Shlossman turned over to the FOIA unit was much less than what a computer search indicated should have existed, according to emails. The department said Monday that the disparity was an idiosyncrasy of how the computer searches were conducted and that no emails were hidden. "I think we have an obligation to compare the hard copy emails to those pulled by the (chief information office) from the individuals' email accounts to determine why the discrepancy," Papoi wrote in May to Callahan. Department spokeswoman Amy Kudwa said Monday that no emails were withheld by Napolitano's office, and no one complained that emails weren't turned over that should have been. The department said its electronically conducted searches distinguish each email within a conversation thread as a separate message, so the number of printed pages from such searches appears higher than when an employee manually prints emails from an inbox but the output is the same. "At no point did anyone alert the office of the secretary or the office of the general counsel of concerns that responsive documents had not been submitted for review," Kudwa said in a statement. "Had any concerns been raised, appropriate steps would have been taken." The Freedom of Information Act, the main tool forcing the government to be more transparent, is designed to be insulated from political considerations. Anyone who seeks information through the law is supposed to get it unless disclosure would hurt national security, violate personal privacy or expose confidential decision-making in certain areas. People can request government records without specifying why they want them and are not obligated to provide personal information about themselves other than their name and an address where the records should be sent. But at the Homeland Security Department, since July 2009, career employees were ordered to provide political staffers with information about the people who asked for records ? such as where they lived and whether they were private citizens or reporters ? and about the organizations where they worked. If a member of Congress sought such documents, employees were told to specify Democrat or Republican. No one in government was allowed to discuss the political reviews with anyone whose information request was affected by them. Papoi was replaced as deputy chief FOIA officer earlier this month by her new boss, Delores J. Barber, who took over Papoi's title and moved into Papoi's office. The Republican chairman of the House oversight committee, Rep. Darrell Issa of California, said that "appeared to be an act of retaliation." Issa identified Papoi as the employee who confidentially complained in March 2010 to the DHS inspector general about the political vetting of requests for government files. The department said Papoi, who is on leave, applied unsuccessfully for a new supervisory position ultimately awarded to Barber and that Papoi's salary was unaffected. The emails also raise doubts about whether the emails previously released to the AP were properly censored. "The government should not keep information confidential merely because public officials might be embarrassed by disclosure, because errors and failures might be revealed or because of speculative or abstract fears," Obama said shortly after he took office. In a statement, Kudwa said, "Redaction decisions have always been made by FOIA professionals and career legal staff." The government censored Callahan's email that described the "crazy" scrutiny by political advisers. It also censored another email by associate FOIA director William Holzerland, who told Callahan in September 2009 that the political reviews were "bananas!" Also censored were complaints by Papoi, the former deputy, that the political reviews were "meddling" and, together with "constant stonewalling" by the department's top lawyers, causing delays in the agency's open records department. "I currently have 98 requests that are tagged by the front office for tracking and forwarding to the front office," Papoi wrote in one previously censored passage. "I simply don't have the time or staff to review all of those requests before we send them on. Quite honestly, we shouldn't have to." The AP protested last year that the emails it received had been improperly censored, but the Homeland Security Department never responded to its formal appeal. ___ Online: Censored copies of government emails: http://www.dhs.gov/xfoia/gc_1283193904791.shtm From rforno at infowarrior.org Thu Mar 31 06:27:06 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 Mar 2011 07:27:06 -0400 Subject: [Infowarrior] - DNI Drags Heels on GAO Access to Intelligence Message-ID: DNI Drags Heels on GAO Access to Intelligence March 30th, 2011 by Steven Aftergood http://www.fas.org/blog/secrecy/2011/03/dni_gao_access.html The Director of National Intelligence has prepared a draft intelligence directive on access by the Government Accountability Office (GAO) to intelligence information, but it is ?shockingly bad,? a congressional official said. The GAO is an investigative arm of Congress that performs audits and reviews in support of congressional oversight and the legislative process. But GAO access to intelligence information has often been frustrated by resistance from the executive branch, which has sought to strictly limit the conduct of intelligence oversight to the congressional intelligence committees. In an attempt to clarify the role of the GAO in intelligence oversight, the 2010 intelligence authorization act directed the DNI to prepare a new intelligence community directive to govern GAO access to intelligence information. The first draft of the new directive is said to reserve maximum discretion to the DNI, and to offer little practical assurance that GAO will get access to the information it needs. So, for example, the definition of intelligence information that may be withheld from GAO extends broadly to law enforcement, military and intelligence information related to national security. GAO access is to be denied whenever it concerns information regarding ?intelligence budgets or funding, or personnel information that? may reveal intelligence strategy, capabilities, or operations.? ?In other words, GAO cannot look at anything that involves money or people,? the congressional official told Secrecy News. ?Combine that with the sweeping, open-ended definition of intelligence and large chunks of the federal government suddenly vanish from [GAO] oversight? DOD, FBI, DHS, State Department, etc.? In fact, because the pending Directive would extend to the entire intelligence community, it could actually make things worse than they already are by undermining current GAO oversight of military intelligence agencies, which by all accounts has been fruitful and effective. Intelligence officials appeared to be taken aback by the criticism of the draft directive, which has not yet been released. They said the draft is still in preparation and that it is not intended to undermine GAO?s oversight function. But the Obama Administration has strongly opposed an enhanced role for GAO oversight of intelligence. The Obama White House even threatened to veto the 2010 intelligence authorization act over the issue. Meanwhile, intelligence agencies are operating in an oversight vacuum without effective supervision of their spending practices. Most of the agencies cannot and do not produce auditable financial statements, the Senate Intelligence Committee reported this month. ?The CIA has submitted its financial reports to an independent auditor but has received a disclaimer of opinion due to the inability of the auditor to gather certain relevant facts. The NSA, DIA, and NGA are still not even prepared to submit their financial reports to independent audit,? the Senate Committee report (pdf) said. From rforno at infowarrior.org Thu Mar 31 06:39:12 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 Mar 2011 07:39:12 -0400 Subject: [Infowarrior] - Oh the Irony: MS files antitrust suit against Google Message-ID: <6419B375-5B40-4E39-AEB1-B9B76B0B09CC@infowarrior.org> Microsoft Files Complaint With EU Against Google on Search By Dina Bass - Mar 31, 2011 http://www.bloomberg.com/news/print/2011-03-31/microsoft-says-it-s-filing-complaint-against-google-s-market-share-with-eu.html Microsoft Corp. (MSFT) filed a formal complaint with European antitrust regulators about Google Inc. (GOOG)?s dominance of the Internet search market in the region. Google bars competitors from accessing its YouTube video site for search results and has kept phones running Microsoft?s operating system from working properly with YouTube, Redmond, Washington-based Microsoft said in a blog posting by General Counsel Brad Smith. A Microsoft unit and two other rivals last year lodged a complaint with the European Union, which is investigating whether Google has violated the region?s antitrust laws. Google is under growing pressure from global regulators that are probing whether the company uses its dominance of Web search to thwart competition. ?Our filing today focuses on a pattern of actions that Google has taken to entrench its dominance in the markets for online search and search advertising to the detriment of European consumers,? Smith wrote in the blog posting. While Microsoft and partner Yahoo! Inc. have about a quarter of the U.S. search market and Google the rest, Google has almost 95 percent of the market in Europe, Smith said, citing data from regulators. Google ?is not surprised? that Microsoft has complained because its advertising unit, Ciao from Bing, filed a complaint last year, said Al Verney, a spokesman for Google in Brussels. ?Happy to Explain? ?We continue to discuss the case with the European Commission and we?re happy to explain to anyone how our business works,? he said in an e-mailed statement today. Amelia Torres, a spokeswoman for the European Commission in Brussels, declined to comment. Google shares fell 0.7 percent to 411 euros and Microsoft fell 0.03 percent to 18.15 euros at 9:18 a.m. in Frankfurt trading. Besides cordoning off YouTube, Google is also seeking to block access to content owned by book publishers and restricting its own advertisers from accessing the data they put in Google servers as part of ad campaigns, Microsoft said. ?Unfortunately, Google has engaged in a broadening pattern of walling off access to content and data that competitors need to provide search results to consumers and to attract advertisers,? Smith said in the blog. Microsoft is the world?s largest software maker. Search Boxes Google also has signed contracts that block top European websites from distributing rival search boxes, Microsoft said. For example, Microsoft can?t distribute some e-mail and document services through certain European telecommunications companies that have contracts with Google because these services make use of Bing search boxes, Smith said. The EU said in November that it?s investigating whether Google?s AdSense contracts prevent publishers from striking deals to place ads from other services on their sites. It?s also looking at claims Google limits advertisers? ability to move data such as key search terms from AdWords to another service. Google said in a statement in November that it ?worked hard to do the right thing by our users and our industry? by marking ads clearly and enabling users and advertisers to move data to other services. ?There?s always going to be room for improvement and so we?ll be working with the commission to address any concerns,? Mountain View, California-based Google said in the November statement. To contact the reporter on this story: Dina Bass in Seattle at dbass2 at bloomberg.net To contact the editor responsible for this story: Tom Giles at tgiles5 at bloomberg.net ?2011 BLOOMBERG L.P. ALL RIGHTS RESERVED. From rforno at infowarrior.org Thu Mar 31 06:56:57 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 Mar 2011 07:56:57 -0400 Subject: [Infowarrior] - Google tightening control of Android, insisting licensees abide by 'non-fragmentation clauses'? Message-ID: <3A83BE0E-A405-4B96-9E0E-2B79A56D467B@infowarrior.org> Google tightening control of Android, insisting licensees abide by 'non-fragmentation clauses'? By Vlad Savov posted Mar 31st 2011 5:12AM http://www.engadget.com/2011/03/31/google-tightening-control-of-android-insisting-licensees-abide/ A storm seems to be brewing over the realm of Android development. Bloomberg's Businessweek spies have received word from "a dozen executives working at key companies in the Android ecosystem" that Google is actively working to gain control and final say over customizations of its popular mobile OS. That might not sound unreasonable, and indeed Google's public position on the matter is that it's seeking to stabilize the platform and ensure quality control, but it does mark a major shift from where Android started -- an open source OS that was also open to manufacturers and carriers to customize as they wish. Not so anymore, we're told, as apparently Mountain View is now demanding that content partnerships and OS tweaks get the blessing of Andy Rubin before proceeding. The alternative, of course, is to not be inside Google's warm and fuzzy early access program, but then, as evidenced by the company recently withholding the Honeycomb source code, you end up far behind those among your competitors who do dance to Google's pipe. Things have gotten so heated, in fact, that complaints have apparently been made to the US Department of Justice. They may have something to do with allegations of Google holding back Verizon handsets with Microsoft's Bing on board, ostensibly in an effort to trip up its biggest search competitor. Another major dissatisfaction expressed by those working with Android code is that Google needs an advance preview of what is being done in order to give it the green light -- which, as noted by a pair of sources familiar with Facebook's Android customization efforts, isn't sitting well with people at all. Google and Facebook are direct competitors in the online space and it's easily apparent how much one stands to gain from knowing the other's plans early. As to the non-fragmentation clauses in licenses, Andy Rubin has pointed out those have been there from the start, but it's only now that Google is really seeking to use them to establish control. The future of Android, therefore, looks to be a little less open and a little more Googlish -- for better or worse. As Nokia's Stephen Elop puts it: "The premise of a true open software platform may be where Android st From rforno at infowarrior.org Thu Mar 31 16:04:42 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 Mar 2011 17:04:42 -0400 Subject: [Infowarrior] - DOD Eyes Various Agencies To Take Over DARPA National Cyber Range Message-ID: <2553660B-B38A-47F9-9176-01F5F1C54CE4@infowarrior.org> Inside the Pentagon - 03/31/2011 CYBERCOM unlikely to be tapped DOD Eyes Various Agencies To Take Over DARPA National Cyber Range A draft Defense Department report introduces new options for DOD agencies that might take ownership of the Defense Advanced Research Projects Agency's National Cyber Range, a congressional source told Inside the Pentagon. U.S. Cyber Command was previously thought to be the primary candidate for assuming responsibility for the range, but those plans were "wishful thinking," the source said. Players in the conversation now include agencies within the Pentagon's test and evaluation community, the National Institute of Standards and Technology (NIST) and the Department of Homeland Security. It could also enter into government-owned, contractor-operated arrangement or a contractor-owned, contractor-operated arrangement, the source said. The Defense Department has not yet finalized the report, which has been prepared by the Pentagon's procurement shop and briefed on Capitol Hill. The Fiscal Year 2011 National Defense Authorization Act required the Pentagon's acquisition shop to write the report to lay out a way to transition the National Cyber Range away from being a strictly DARPA program. The congressional source told ITP earlier this month that DARPA was aware it could not carry on full responsibility for the range on its own since the agency is "supposed to be nimble and move onto the next issue and if they get saddled with maintaining [the range] indefinitely, that would be a terrible waste of capability." According to the law, Congress will withhold appropriating funding for the range until the report is delivered. FY-12 budget justification documents released last month include a $10 million request to continue development of the National Cyber Range. "The draft report made it seem like [CYBERCOM] was going to be a transition pathway," the source said. "But then when you actually talk with the folks at Cyber Command they say 'No, that's not the case.'" Rather, CYBERCOM would be a "beneficiary," the source said. The National Cyber Range would be "something that [CYBERCOM] would use as a part of their mission," the source added. "But that doesn't mean they are a transition partner." The White House and the Pentagon tasked DARPA with developing the National Cyber Range in May 2008. DARPA sought research proposals for the range that would "investigate innovative approaches that enable revolutionary advances in science, devices or systems." Officials from the Pentagon's acquisition directorate and DARPA made clear that no final decisions regarding the range have been made. "There is data that has to be generated before they can decide who ultimately will own it," the source said. "What we talked about with AT&L is . . . we were looking for them to sort of walk us through the process: who are the potential owners and operators of the range? And there are a number of potential organizations that could do it. "If they don't have enough data to pick a winner, they have to tell us how they are going to evaluate [agencies] to pick a winner and when we should expect enough information to pick a winner," the source said. Although the acquisition directorate has completed a draft of the memo, DOD has not always been receptive to preparing the report. In a December 3, 2010 appeal to Congress, obtained by ITP last year, DOD argued that the report would be "extremely disruptive" and could "lead to a costly expense, modifying the contracts of the existing performers." However, Congress wrote the law to give the Pentagon the "incentive to do [the report] quickly," the source noted. -- Amanda Palleschi From rforno at infowarrior.org Thu Mar 31 16:30:43 2011 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 31 Mar 2011 17:30:43 -0400 Subject: [Infowarrior] - GOP learning about the Streissand Effect (again) Message-ID: <74228173-09BB-4649-8798-8EBADB607B2E@infowarrior.org> GOP works to cover up video they previously published on internet http://www.examiner.com/political-buzz-in-national/gop-trying-desperately-to-cover-up-video-they-previously-published-on-internet ? By Ryan Witt, Political Buzz Examiner ? March 30th, 2011 5:14 pm ET Ever since the internet became popular many individuals have regretted posting pictures, writings, or otherwise embarrassing material which comes back to haunt them at a later date. Usually these cases involve an immature teenager who posts something improper on Facebook or YouTube, however, now it seems the GOP finds itself in the same kind of predicament. The Polk County Republicans in Wisconsin are now trying to cover up a video of one of their own elected representatives that they released via YouTube. The video in question shows United States Representative Sean Duffy (R-WI) complaining about how he is "struggling" to get by on his $174,000 salary. Various political websites, including this one, reported on Duffy's comment since he also advocated for making all public employees in the state take a pay cut under Governor Scott Walker's (R-WI) Budget Repair Bill. The Polk County Republicans tried to pull the video from YouTube, but not before it was captured by other websites. According to Talking Points Memo, the GOP is now trying to take legal action to stop anyone else from republishing the video. The Polk County Republicans claim that no one else can republish the video without their permission, even though they originally released the video on YouTube for the whole world to see. The GOP has succeeded in getting some to pull the video from their sites, but Talking Points Memo believes they have no case and has decided to keep the video up on their web page. The video clearly contains content that the GOP does not want anyone else to see. Duffy's congressional salary is over three times that of the average public employee in Wisconsin, and over five times that of an average worker in Wisconsin, yet he groups himself with them in arguing every public employee needs to take a cut. Duffy also complains about how much he now as to pay for health care ($600 a month) and contribute toward his pension plan. Duffy claimed he is struggling because he has six children, a mortgage, and student loans, but other progressive websites noted that Duffy actually owns a second home which, if he sold, would help relieve his debt burden.