From rforno at infowarrior.org Mon Oct 1 11:52:29 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 01 Oct 2007 07:52:29 -0400 Subject: [Infowarrior] - AT&T threatens to disconnect subscribers who criticize the company Message-ID: AT&T threatens to disconnect subscribers who criticize the company By Ken Fisher | Published: September 30, 2007 - 11:00PM CT http://arstechnica.com/news.ars/post/20070930-att-threatens-to-disconnect-su bscribers-who-are-critical-of-the-company.html AT&T has rolled out new Terms of Service for its DSL service that leave plenty of room for interpretation. From our reading of it, in concert with several others, what we see is a ToS that attempts to give AT&T the right to disconnect its own customers who criticize the company on blogs or in other online settings. In section 5 of its legal ToS, AT&T stipulates the following: AT&T may immediately terminate or suspend all or a portion of your Service, any Member ID, electronic mail address, IP address, Universal Resource Locator or domain name used by you, without notice, for conduct that AT&T believes (a) violates the Acceptable Use Policy; (b) constitutes a violation of any law, regulation or tariff (including, without limitation, copyright and intellectual property laws) or a violation of these TOS, or any applicable policies or guidelines, or (c) tends to damage the name or reputation of AT&T, or its parents, affiliates and subsidiaries. Translation: "conduct" that AT&T "believes" "tends to damage" its name, or the name of its partners, can get you booted off the service. Note the use of "tends to damage": the language of the contract does not require any proof of any actual damage. The story, which surfaced at the venerable Slashdot, has many people outraged and is being discussed as a prime example of why net neutrality is needed. I think that puts the cart before the horse, however. Here's why. There's nothing which guarantees that what AT&T is doing here is either legal or what the company intends. This wouldn't be the first time that poorly thought-out legal language made it into a contract used by a major corporation. Why are we thinking it's an oversight? Simple: we believe that AT&T isn't misguided enough to expect to be able to squash First Amendment rights with a ToS contract without losing both face and their cozy legal status. As an Internet service provider, AT&T itself is protected from lawsuits relating to the distribution of illegal materials online because they are excused from having to monitor and police their own networks from such activity. They are also protected against what their users say and do online. For instance, if I'm an AT&T customer and I posted damaging comments about Vodafone using AT&T's service, Vodafone can't go after AT&T just because they're my (fictional) ISP. Yet if AT&T begins to monitor and police its own network to protect its own corporate identity, the company will be setting itself up for lawsuits from parties looking for the same protections as AT&T grants itself. In this way, AT&T has to tread reasonably. Even more important, should AT&T ever attempt to exercise this contractual "right," it will do far more harm to its "name" than the user(s) in question could have ever done... if what's shut down is just a regular user expressing typical criticism of a corporation. The backlash would be intense, to say the least. We've requested clarification of the issue, but we'd also like to note that AT&T also reserves the right to disconnect users with "insecure" computers, and we've not heard of this happening, either. It may be nothing more than a toothless scare tactic, or it may be focused on something more insidious than mere criticism of the company. As it is currently worded, however, plenty of AT&T customers are concerned, if my inbox is any estimation. From rforno at infowarrior.org Mon Oct 1 20:50:12 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 01 Oct 2007 16:50:12 -0400 Subject: [Infowarrior] - EU mulls Internet clampdown to combat 'terrorism' Message-ID: EU mulls Internet clampdown to combat 'terrorism' Oct 1 11:48 AM US/Eastern http://www.breitbart.com/print.php?id=071001154843.cjbfw3h8&show_article=1 European Union interior ministers debated Monday proposals to sanction or shut down Internet sites spreading "terrorist propaganda" and bomb-making instructions. EU Justice Commissioner Franco Frattini told reporters that he had urged the ministers, during informal talks in Lisbon, Portugal, "to make punishable activities of misuse of the Internet." "My intention of course is not to limit freedom of expression," he said. "My intention is ... to introduce sanctions against those who disseminate terrorist propaganda or instruct on websites how to make a bomb. This has nothing to do with freedom of expression. "If a given website is found instructing people to make a bomb, the only possible result is to disconnect, or to close such a website," he said. The Nazi-hunting Simon Wiesenthal Center said in a report this month that radical Muslims and other extremists had mastered the use of the Internet as a tool for propaganda, organizing and education. It said websites were being used to stir young Muslims in the West and Middle East to violence and that they amount to a "virtual university of terror," promoting the creation of "terror cells". Frattini said that existing EU legislation could not deal with what is a growing and ever-evolving phenomenon. "We have to modernize the legal framework," he said. "The world, unfortunately, is changing and five years ago ... there wasn't a need to consider incitement, and now there is." Portuguese Interior Minister Rui Pereira, hosting the talks as his country is currently EU president, acknowledged the need for action but said the bloc's 27 member countries had yet to agree on the best approach. "The Internet cannot be an area where no responsibility is taken," he said. "There has to be limits." "But apart from that agreement, we still have a lot to do." The EU's steady crackdown on international crime in the wake of the September 11, 2001 attacks in the United States has raised deep concern about privacy and freedom of expression around the bloc. Copyright AFP 2007, AFP stories and photos shall not be published, broadcast, rewritten for broadcast or publication or redistributed directly or indirectly in any medium From rforno at infowarrior.org Tue Oct 2 11:54:27 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 02 Oct 2007 07:54:27 -0400 Subject: [Infowarrior] - FT.com Still Doesn't Get It Message-ID: FT.com Still Doesn't Get It posted on: October 02, 2007 | about stocks: PSO What on earth are the executives at FT.com thinking? Instead of boldly following the lead of the NYT and making the site free, they've arrived at a weird compromise: articles and data will be free to users up to a total of 30 views a month. They will then be asked to subscribe for access to more material. This is a silly decision, and I'm quite sure that eventually the whole site will go free. Let's count the reasons why this move makes very little sense. < - > As with TimesSelect (gone), the paid Wall Street Journal Online (soon to be gone), and other paid newspaper sites, we think that the FT's half-measure is not long for this world. Meanwhile, the Financial Times proper is likely to be increasingly isolated and threatened in a world dominated by Murdoch/Dow Jones, Thomson/Reuters, and other massive global financial brands. Owner Pearson (PSO) should sell it to someone that can do more with it. The pairing of the WSJ newspaper with the Dow Jones newswire worked out quite well: I'm sure that Thomson/Reuters would be interested in what they could do with the FT. http://seekingalpha.com/article/48698-ft-com-still-doesn-t-get-it?source=fee d From rforno at infowarrior.org Tue Oct 2 16:35:56 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 02 Oct 2007 12:35:56 -0400 Subject: [Infowarrior] - Viacom chief wants more DRM Message-ID: Viacom chief: We're sticking with DRM WASHINGTON--Content creators and their digital distributors must unite against piracy by installing more "safeguards," Viacom's CEO said Tuesday. Through more widespread adoption of copy-protection features and filtering tools like watermarking, "we will usher in an unprecedented period of creative output across the globe," Philippe Dauman told a few hundred attendees at the first day of an antipiracy summit hosted here by the U.S. Chamber of Commerce, a pro-business lobbying group. Dauman lamented that "all manner of intellectual property" can now be reproduced more easily than ever "at the click of the mouse." Interestingly, his comments come as a handful of major media vendors--most recently Amazon.com, in its effort to compete with Apple's iTunes--have taken steps away from use of digital-rights management (DRM) features, which have been known to breed disgruntled consumers. But no one should accuse Viacom of being "media holdouts resisting change," Dauman argued. The conglomerate currently delivers more video programming to mobile devices than any other company, operates hundreds of authorized Web sites, just recently unveiled a social-networking platform called Flux and expects to pull in more than half a billion dollars in digital revenue this year, he said. Dauman said his company supports fair use and would love to see its popular characters on "every nook and cranny of the Internet," but only if the "artists" behind the content are fairly compensated. "It is obviously impossible to check every computer or look over the shoulder of every user to see if they have a license, and we don't want to," Dauman said. Still, content aggregators, Internet service providers, hosting companies and site operators themselves need to help in the fight against piracy, he said, adding that several cable companies have already begun working "cooperatively" with Viacom to send notices to people who post its content without permission. He also applauded AT&T for "realizing the potential of new network tools" designed to detect pirated wares. What Viacom doesn't need is new laws, Dauman said. In fact, evoking an argument made earlier this year by the movie industry, he said any new laws that restrict how ISPs manage their networks could stymie the fight against piracy. Letting the free market operate unfettered would be wiser, he added. (Although Dauman didn't mention it by name, he was obviously referring to Net neutrality, the idea that broadband providers shouldn't be allowed to prioritize content that travels across their pipes.) Government could play a role, however, in rounding up more international allies against piracy through trade negotiations, Dauman suggested. (That's hardly a new idea in the copyright-lobbyist camp, by the way, with various U.S. copyright policies already exported to other countries by way of trade agreements.) Dauman also couldn't resist getting in a few digs at two foes in the copyright sphere. He criticized The Pirate Bay, the BitTorrent file-tracking site based in Sweden, for what he characterized as making movies available online before they're "ever shown on the big screen." He also said his company's high-profile copyright suit against Google's YouTube filed earlier this year "promises to be a landmark case that will clarify the rights and responsibilities of all media and content owners in the digital age." The Viacom suit and other copyright challenges against Google are "ironic given Google's own reliance on its software intellectual property," Dauman added. "Go figure." < - > http://crave.cnet.com/8301-1_105-9789391-1.html?part=rss&tag=feed&subj=Crave From rforno at infowarrior.org Tue Oct 2 23:50:00 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 02 Oct 2007 19:50:00 -0400 Subject: [Infowarrior] - Coming soon to kindergarten class: antipiracy ed Message-ID: Coming soon to kindergarten class: antipiracy ed Posted by Anne Broache http://www.news.com/8301-10784_3-9789821-7.html?part=rss&subj=news&t ag=2547-1_3-0-20 WASHINGTON--Tired of their antipiracy messages being ignored by the teen- and college-age set, the entertainment industry is attempting to indoctrinate far younger disciples. Representatives from the Entertainment Software Association, the video game industry's trade group, and the Canadian Recording Industry Association shed some light on their strategies at an antipiracy summit hosted by the U.S. Chamber of Commerce here. "In the 15- to 24-year-old (range), reaching that demographic with morality-based messages is an impossible proposition...which is why we have really focused our efforts on elementary school children," said Ric Hirsch, the ESA's senior vice president of intellectual property enforcement. "At those ages, children are open to receiving messages, guidelines, rules of the road, if you will, with respect to intellectual property." The ESA has gone so far as to develop a copyright education curriculum geared toward the kindergarten through fifth-grade set. Since 2005, the organization has been trying to find ways to get teachers to incorporate its tenets into their everyday lessons, although Hirsch did not say how successful that effort has been. The components, which include charts, teachers guides, lesson plans and a wall poster imploring students to "Join the ? Team," are also now available online. The reason for targeting youth at that age is that they're at an "inflection point" where they're just learning how to use computers and the Internet, and the classroom seems a perfect opportunity for delivering copyright education, Hirsch said. The ESA devised its own curriculum after finding "very little out there in the form of institutional education addressing this issue," he said. The video game industry isn't alone in trying to infiltrate classrooms with its antipiracy messages, although it appears to be targeting younger kids than some of its counterparts. The Recording Industry Association of America offers a similar set of curriculum ideas, but none of them appears to target students younger than third grade. The Motion Picture Association of America last year released a "Respect Copyrights" curriculum (PDF) tailored to merit-badge-seeking Boy Scouts in the Los Angeles area. Some fair-use advocates have argued the copyright-dependent industries send contradictory messages through such materials. They've criticized, for example, an RIAA video intended for college students that they argue gives mixed messages about when it's legal to copy music for personal listening or to share with friends. The Canadian record industry group, for its part, would like to work with provincial governments to help schools develop their own copyright-minded curriculums "so it's organic...it's not something they're tacking on," said Graham Henderson, the group's president. Youthful voices may be able to help to influence parents who themselves don't set such a great example on the copyright-protection front, much in the same way some kids have been able to pressure adults to stop harmful habits like smoking, he suggested. Parents--and mothers in particular--do represent an important audience to educate, though, Henderson added. That means planting messages in places that may seem less-than-traditional, such as women's interest or general parenting magazines, he said. I don't know about you, but I have to wonder what's next: exposing babies still in the womb to antipiracy audio messages, a la the so-called Mozart effect? From rforno at infowarrior.org Wed Oct 3 23:33:04 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 03 Oct 2007 19:33:04 -0400 Subject: [Infowarrior] - NBC's new piracy statistics Message-ID: http://www.washingtonpost.com/wp-dyn/content/article/2007/10/02/AR2007100202 329_pf.html > With Video, Music Piracy on the Rise, NBC Chief Calls for Tougher Penalties > > By Frank Ahrens > Washington Post Staff Writer > Wednesday, October 3, 2007; D01 > >When Jeff Zucker took over media giant NBC Universal from longtime chief executive Bob Wright in February, he inherited more than the task of lifting the slumping network out of the ratings basement. Zucker also took on Wright's self-appointed role as the industry's torchbearer on fighting piracy. > > So far, he has had more luck with ratings than robbers. > > Pirated copies of Zucker's hit shows continue to pop up on the Internet and be > sold from sidewalk blankets in Times and Red squares, robbing Zucker's network > and others of post-broadcast revenue from DVD sales and downloads. > > So today Zucker visits Washington to address the U.S. Chamber of Commerce and > ask lawmakers for tougher penalties for music and video pirates, to keep > consumers from pirating copies of "Heroes" and the rest of his shows. Zucker > is not asking lawmakers for economic relief to offset industry losses > attributed to piracy. < - > > In his speech, Zucker, 42, will tout a study to be released today on the > estimated economic impact of intellectual property piracy to the U.S. economy, > prepared by the Institute for Policy Innovation, a Texas research group run by > former representative Dick Armey (R-Tex.). > > The study estimates that intellectual property piracy -- theft of music, > movies, video games and software -- costs the U.S. economy $58 billion per > year and s 350,000 lost jobs in the entertainment industry and its supplying > industries. From rforno at infowarrior.org Thu Oct 4 00:51:32 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 03 Oct 2007 20:51:32 -0400 Subject: [Infowarrior] - UK can now demand data decryption on penalty of jail time Message-ID: UK can now demand data decryption on penalty of jail time By Ken Fisher | Published: October 01, 2007 - 10:20PM CT http://arstechnica.com/news.ars/post/20071001-uk-can-now-demand-data-decrypt ion-on-penalty-of-jail-time.html New laws going into effect today in the United Kingdom make it a crime to refuse to decrypt almost any encrypted data requested by authorities as part of a criminal or terror investigation. Individuals who are believed to have the cryptographic keys necessary for such decryption will face up to 5 years in prison for failing to comply with police or military orders to hand over either the cryptographic keys, or the data in a decrypted form. Part 3, Section 49 of the Regulation of Investigatory Powers Act (RIPA) includes provisions for the decryption requirements, which are applied differently based on the kind of investigation underway. As we reported last year, the five-year imprisonment penalty is reserved for cases involving anti-terrorism efforts. All other failures to comply can be met with a maximum two-year sentence. The law can only be applied to data residing in the UK, hosted on UK servers, or stored on devices located within the UK. The law does not authorize the UK government to intercept encrypted materials in transit on the Internet via the UK and to attempt to have them decrypted under the auspices of the jail time penalty. The keys to the (United) Kingdom The law has been criticized for the power its gives investigators, which is seen as dangerously broad. Authorities tracking the movement of terrorist funds could demand the encryption keys used by a financial institution, for instance, thereby laying bare that bank's files on everything from financial transactions to user data. Cambridge University security expert Richard Clayton said in May of 2006 that such laws would only encourage businesses to house their cryptography operations out of the reach of UK investigators, potentially harming the country's economy. "The controversy here [lies in] seizing keys, not in forcing people to decrypt. The power to seize encryption keys is spooking big business," Clayton said. "The notion that international bankers would be wary of bringing master keys into UK if they could be seized as part of legitimate police operations, or by a corrupt chief constable, has quite a lot of traction," he added. "With the appropriate paperwork, keys can be seized. If you're an international banker you'll plonk your headquarters in Zurich." The law also allows authorities to compel individuals targeted in such investigation to keep silent about their role in decrypting data. Though this will be handled on a case-by-case basis, it's another worrisome facet of a law that has been widely criticized for years. While RIPA was originally passed in 2000, the provisions detailing the handover of cryptographic keys and/or the force decryption of protected content has not been tapped by the UK Home Office?the division of the British government which oversees national security, the justice system, immigration, and the police forces of England and Wales. As we reported last year, the Home Office was slowly building its case to activate Part 3, Section 49. The Home Office has steadfastly proclaimed that the law is aimed at catching terrorists, pedophiles, and hardened criminals?all parties which the UK government contends are rather adept at using encryption to cover up their activities. Yet the law, in a strange way, almost gives criminals an "out," in that those caught potentially committing serious crimes may opt to refuse to decrypt incriminating data. A pedophile with a 2GB collection of encrypted kiddie porn may find it easier to do two years in the slammer than expose what he's been up to. From rforno at infowarrior.org Thu Oct 4 11:16:47 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 04 Oct 2007 07:16:47 -0400 Subject: [Infowarrior] - OT: Colbert on Cyberterrorism Message-ID: Colbert Video: http://www.milkandcookies.com/link/69401/detail/ It's based on a real story, actually: Real News Story: http://www.foxnews.com/story/0,2933,276720,00.html From rforno at infowarrior.org Thu Oct 4 11:45:50 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 04 Oct 2007 07:45:50 -0400 Subject: [Infowarrior] - Secret U.S. Endorsement of Severe Interrogations Message-ID: Secret U.S. Endorsement of Severe Interrogations By SCOTT SHANE, DAVID JOHNSTON and JAMES RISEN WASHINGTON, Oct. 3 ? When the Justice Department publicly declared torture ?abhorrent? in a legal opinion in December 2004, the Bush administration appeared to have abandoned its assertion of nearly unlimited presidential authority to order brutal interrogations. But soon after Alberto R. Gonzales?s arrival as attorney general in February 2005, the Justice Department issued another opinion, this one in secret. It was a very different document, according to officials briefed on it, an expansive endorsement of the harshest interrogation techniques ever used by the Central Intelligence Agency. The new opinion, the officials said, for the first time provided explicit authorization to barrage terror suspects with a combination of painful physical and psychological tactics, including head-slapping, simulated drowning and frigid temperatures. Mr. Gonzales approved the legal memorandum on ?combined effects? over the objections of James B. Comey, the deputy attorney general, who was leaving his job after bruising clashes with the White House. Disagreeing with what he viewed as the opinion?s overreaching legal reasoning, Mr. Comey told colleagues at the department that they would all be ?ashamed? when the world eventually learned of it. Later that year, as Congress moved toward outlawing ?cruel, inhuman and degrading? treatment, the Justice Department issued another secret opinion, one most lawmakers did not know existed, current and former officials said. The Justice Department document declared that none of the C.I.A. interrogation methods violated that standard. The classified opinions, never previously disclosed, are a hidden legacy of President Bush?s second term and Mr. Gonzales?s tenure at the Justice Department, where he moved quickly to align it with the White House after a 2004 rebellion by staff lawyers that had thrown policies on surveillance and detention into turmoil. Congress and the Supreme Court have intervened repeatedly in the last two years to impose limits on interrogations, and the administration has responded as a policy matter by dropping the most extreme techniques. But the 2005 Justice Department opinions remain in effect, and their legal conclusions have been confirmed by several more recent memorandums, officials said. They show how the White House has succeeded in preserving the broadest possible legal latitude for harsh tactics. < - > http://www.nytimes.com/2007/10/04/washington/04interrogate.html?ei=5065&en=e 7795da103966f42&ex=1192075200&partner=MYWAY&pagewanted=print From rforno at infowarrior.org Thu Oct 4 22:11:42 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 04 Oct 2007 18:11:42 -0400 Subject: [Infowarrior] - PGP Whole Disk Encryption - Barely Acknowledged Intentional Backdoor Message-ID: (source Jericho) "PGP Corporation's widely adopted Whole Disk Encryption product apparently has an encryption bypass feature that allows an encrypted drive to be accessed without the boot-up passphrase challenge dialog, leaving data in a vulnerable state if the drive is stolen when the bypass feature is enabled. The feature is also apparently not in the documentation that ships with the PGP product, nor the publicly available documentation on their website, but only mentioned briefly in the customer knowledge base. Jon Callas, CTO and CSO of PGP Corp., responded that this feature was required by unnamed customers and that competing products have similar functionality." Links to the articles are here: http://securology.blogspot.com/2007/10/pgp-whole-disk-encryption-barely.html http://securology.blogspot.com/2007/10/pgp-whole-disk-encryption-barely.html #comment-7822943064091432904 From rforno at infowarrior.org Fri Oct 5 01:39:47 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 04 Oct 2007 21:39:47 -0400 Subject: [Infowarrior] - RIAA wins its first piracy trial Message-ID: Woman Faces The Music, Loses Download Case Jury Finds Minn. Woman Violated Copyright Law, Orders Her To Pay Record Companies $220K Comments Comments60 DULUTH, Minn., Oct. 4, 2007 http://www.cbsnews.com/stories/2007/10/04/national/main3330186.shtml (AP) The recording industry won a key fight Thursday against illegal music downloading when a federal jury found a Minnesota woman shared copyrighted music online and levied $222,000 in damages against her. Jurors ordered Jammie Thomas, 30, to pay the six record companies that sued her $9,250 for each of 24 songs they focused on in the case. They had alleged she shared 1,702 songs online in violation of their copyrights. Thomas and her attorney, Brian Toder, declined comment as they left the courthouse. Jurors also left without commenting. "This does send a message, I hope, that downloading and distributing our recordings is not OK," said Richard Gabriel, the lead attorney for the music companies. In the first such lawsuit to go to trial, six record companies accused Thomas of downloading the songs without permission and offering them online through a Kazaa file-sharing account. Thomas denied wrongdoing and testified that she didn't have a Kazaa account. Record companies have filed some 26,000 lawsuits since 2003 over file-sharing, which has hurt sales because it allows people to get music for free instead of paying for recordings in stores. Many other defendants have settled by paying the companies a few thousand dollars. We think we're in for a long haul in terms of establishing that music has value, that music is property, and that property has to be respected. Cathy Sherman, RIAA President The RIAA says the lawsuits have mitigated illegal sharing, even though music file-sharing is rising overall. The group says the number of households that have used file-sharing programs to download music has risen from 6.9 million monthly in April 2003, before the lawsuits began, to 7.8 million in March 2007. During the three-day trial, record companies presented evidence they said showed the copyrighted songs were offered by a Kazaa user under the name "tereastarr." Their witnesses, including officials from an Internet provider and a security firm, testified that the Internet address used by "tereastarr" belonged to Thomas. Toder had argued at closing that record companies never proved that "Jammie Thomas, a human being, got on her keyboard and sent out these things." "We don't know what happened," Toder told jurors. "All we know is that Jammie Thomas didn't do this." Gabriel called that defense "misdirection, red herrings, smoke and mirrors." He told jurors a verdict against Thomas would send a message to other illegal downloaders. "I only ask that you consider that the need for deterrence here is great," he said. Copyright law sets a damage range of $750 to $30,000 per infringement, or up to $150,000 if the violation was "willful." Jurors ruled that Thomas' infringement was willful, but awarded damages in a middle range. Before the verdict, an official with an industry trade group said he was surprised it had taken so long for one of the industry's lawsuits against individual downloaders to come to trial. Illegal downloads have "become business as usual, nobody really thinks about it," said Cary Sherman, president of the Recording Industry Association of America, which coordinates the lawsuits. "This case has put it back in the news. Win or lose, people will understand that we are out there trying to protect our rights." Thomas' testimony was complicated by the fact that she had replaced her computer's hard drive after the sharing was alleged to have taken place - and later than she said in a deposition before trial. The hard drive in question was not presented at trial by either party, though Thomas used her new one to show the jury how fast it copies songs from CDs. That was an effort to counter an industry witness's assertion that the songs on the old drive got their too fast to have come from CDs she owned - and therefore must have been downloaded illegally. Record companies said Thomas was sent an instant message in February 2005, warning her that she was violating copyright law. Her hard drive was replaced the following month, not in 2004, as she said in the deposition. The record companies involved in the lawsuit are Sony BMG, Arista Records LLC, Interscope Records, UMG Recordings Inc., Capitol Records Inc. and Warner Bros. Records Inc. ? MMVII The Associated Press. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. From rforno at infowarrior.org Fri Oct 5 16:24:47 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 05 Oct 2007 12:24:47 -0400 Subject: [Infowarrior] - Forbes & Digital River = Spammers Message-ID: Here's a Public Call-Out (PCO)tm on Forbes and Digital River as corporate spammers who refuse to remove subscribers from their e-mail marketing/spam lists despite repeated requests made according to their own published procedures. http://www.infowarrior.org/articles/forbes-is-a-spammer.html Just thought you'd like to know and be warned. :( -rick From rforno at infowarrior.org Fri Oct 5 19:51:09 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 05 Oct 2007 15:51:09 -0400 Subject: [Infowarrior] - Dems Postpone Rollout Of Controversial Wiretapping Bill Message-ID: Dems Postpone Rollout Of Controversial Wiretapping Bill October 5, 2007 10:43 AM http://www.huffingtonpost.com/2007/10/05/dems-postpone-rollout-of-_n_67293.h tml 2007-10-05-hoyer.jpgRep. Steny Hoyer (D-MD), the House Majority Leader, postponed a press conference announcing new reforms of the Foreign Intelligence Surveillance Act after progressive lawmakers banded together and said they would fight any legislation that did not include a set of eight principles on wiretapping that preserve the "rule of law." "What's most significant is that the Progressive Caucus came together and said to the leadership that all 72 of us require that these provisions be included," said Caroline Fredercikson, Legislative Director for the American Civil Liberties Union. "This changes the dynamic significantly." Rep. Hoyer had planned to roll out the new FISA reform bill at 1:30 PM today. A spokesperson from his office told the Huffington Post that the House Intelligence Committee had decided to postpone completion of the legislation, though it's not clear that the announcement from the Progressive Caucus influenced their decision. Votes in the House were also canceled today. The committee was not available at press time. The ACLU said it has not seen the language of the reforms that the Democratic leadership was preparing to get behind. But while congressional progressives feared that their leaders would make permanent the expansions of wiretapping power that congressional Republicans brokered in August, some House Republicans were less sanguine about the outcome of the legislation. An adviser to Rep. Pete Hoekstra (R-MI), the ranking Republican on the Intelligence Committee, claimed that the Democrats had closed their Republican counterparts out of the process of drafting the legislation. A copy of the principles on FISA reform sent to the Democratic leadership by the 72 members of the Congressional Progressive Caucus can be read after the jump. Progressive Caucus Official Position and Fundamental Principles Governing FISA Reform, as adopted October 3, 2007 We, Members of the Congressional Progressive Caucus, fully recognizing we live in a dangerous world but proud of, and deeply committed to, the values that have made the United States an exemplar for the world, affirm the following principles to guide consideration over the debate regarding surveillance of foreign intelligence. We hold that these principles represent the pillars by which America gives no quarter to terrorists who would do our country harm, while at the same time ensuring fidelity to the distinctively American commitment to the rule of law, the dignity of the individual, and separation of powers. 1. It should be the policy of the United States that the objective of any authorized program of foreign intelligence surveillance must be to ensure that American citizens and persons in America are secure in their persons, papers, and effects, but makes terrorists throughout the world feel insecure. 2. The best way to achieve these twin goals is to follow the rule of law. And the exclusive law to follow with respect to authorizing foreign surveillance gathering on U.S. soil is the Foreign Intelligence Surveillance Act (FISA). As initially enacted by Congress, the exclusivity of FISA was unambiguous. Legislation must reiterate current law that FISA is the exclusive means to authorize foreign surveillance gathering on U.S. soil. 3. The Foreign Intelligence Surveillance Act (FISA) should be modernized to accommodate new technologies and to make clear that foreign to foreign communications are not subject to the FISA, even though modern technology enables that communication to be routed through the United States. 4. The Foreign Intelligence Surveillance Court (FISC) is indispensable and must play a meaningful role in ensuring compliance with the law. This oversight should include, where possible, regular judicial approval and review of surveillance, of whose communications will be collected, of how it will be gathered, and of how content and other data in communications to and from the United States will be handled. 5. Congress must have regular access to information about how many U.S. communications are being collected and the authority to require court orders when it becomes clear that a certain program or surveillance of a target is scooping up communications of U.S. persons. 6. Once the government has reason to believe that a specific account, person or facility will have contact with someone in the United States, the government should be required to return to the FISC to obtain a court order for continued surveillance. Reliance on the FISC will help ensure the privacy of U.S. persons' communications. 7. Congress should not grant amnesty to any telecommunications company or to any other entity or individual for helping the NSA spy illegally on innocent Americans. The availability of amnesty will have the unintended consequence of encouraging telecommunications companies to comply with, rather than contest, illegal requests to spy on Americans. 8. Authorization to conduct foreign surveillance gathering on U.S. soil must never be made permanent. The threats to America's security and the liberties of its people will change over time and require constant vigilance by the people's representatives in Congress. From rforno at infowarrior.org Sat Oct 6 03:29:56 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 05 Oct 2007 23:29:56 -0400 Subject: [Infowarrior] - Report: "Trends in Badware 2007" released Message-ID: "Trends in Badware 2007" released http://blogs.stopbadware.org/articles/2007/10/02/trends-in-badware-2007-rele ased StopBadware is proud to release our 2007 update on the state of badware on the web ? ?Trends in Badware 2007: What internet users need to know.? The short report is a plain-English explanation of badware threats to user privacy and security, based on our research over the past year. It explains online security issues such as compromised websites, social networking scams, and other badware trends that pose significant risk to the average internet user. For many visitors to StopBadware.org, threats such as legitimate websites that have been hacked to distribute badware may not be news. We?re hoping our security-conscious visitors will help us spread the word to those who aren?t yet aware of the dangers. ?Trends in Badware? is written with nontechnical internet users in mind ? folks who love using the internet, but who may not yet have learned about newer badware threats. As StopBadware?s co-director John Palfrey says in our press release, ?Now, users can get infected by simply browsing a reputable website or clicking on links posted to their favorite blogs or social networks. We want to make sure that consumers have up-to-date information on emerging trends so they know what to look for when online.? StopBadware?s mission is to help educate consumers and average internet users about badware, and to help the community fight back. We hope that ?Trends in Badware 2007? can help clear the fog around online dangers and empower ordinary internet users to take charge of their computers? security. You can download ?Trends in Badware 2007? here. http://stopbadware.org/pdfs/trends_in_badware_2007.pdf From rforno at infowarrior.org Sat Oct 6 11:33:29 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 06 Oct 2007 07:33:29 -0400 Subject: [Infowarrior] - More on.... RIAA wins its first piracy trial In-Reply-To: <006c01c807a8$4095fa10$6701a8c0@SonyVaio> Message-ID: ------ Forwarded Message From: Tom Fairlie Date: Fri, 5 Oct 2007 18:34:17 -0500 To: Cc: Subject: Re: [IP] RIAA wins its first piracy trial Wow! The mind boggles. - The recording industry grows fat after 50 solid years of exploiting both fans and artists (e.g., as sales volumes have skyrocketed and the price of manufacturing a CD has fallen from several dollars to several cents, the retail price has still risen; ask an artist what their cut of that retail price is) [Note: and yes, I know that many artists owe their success to the industry's marketing apparatus] - A grassroots community forms (i.e., *had* to form) in order to innovate a better solution - The recording industry punishes Napster instead of innovating (even after the fact) a comparable solution based on what the most obvious research shows that customers want - Additional methods evolve for fans to get what they want, including both free/illegal music and pay/legal services - Artists also start offering free/cheap downloads directly to fans ('They Might Be Giants' may have pioneered this with their 'Dial-A-Song' line back in 1983) - The recording industry reacts to all of these innovations by getting mad: at Apple (for being successful with a fixed price); at artists (for daring to skirt their system); and at fans (by taking thousands to court) ...again, no innovation planned - This week, a downloader of songs (perhaps not even intentional) was ordered to pay $9,250 for each of 24 songs - Cary Sherman, president of the RIAA, says "Win or lose, people will understand that we are out there trying to protect our rights." Well, she won, and we certainly understand what they're trying to do. I guess all we can hope for now is for the next paradigm to appear and finally put them out of business completely. I know many people are working on this right now and I wish them all the luck in the world. Tom Fairlie PS. Did the AP fire their editors? The article contained this choice quote: "That was an effort to counter an industry witness's assertion that the songs on the old drive got __their__ too fast to have come from CDs she owned - and therefore must have been downloaded illegally." From rforno at infowarrior.org Sat Oct 6 11:36:07 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 06 Oct 2007 07:36:07 -0400 Subject: [Infowarrior] - Playing radios too loud = copyright infringement Message-ID: Kwik-Fit sued over staff radios http://news.bbc.co.uk/1/hi/scotland/edinburgh_and_east/7029892.stm A car repair firm has been taken to court accused of infringing musical copyright because its employees listen to radios at work. The action against the Kwik-Fit Group has been brought by the Performing Rights Society which collects royalties for songwriters and performers. At a procedural hearing at the Court of Session in Edinburgh a judge refused to dismiss the ?200,000 damages claim. Kwik-Fit wanted the case brought against it thrown out. Lord Emslie ruled that the action can go ahead with evidence being heard. The PRS claimed that Kwik-Fit mechanics routinely use personal radios while working at service centres across the UK and that music, protected by copyright, could be heard by colleagues and customers. It is maintained that amounts to the "playing" or "performance" of the music in public and renders the firm guilty of infringing copyright. The Edinburgh-based firm, founded by Sir Tom Farmer, is contesting the action and said it has a 10 year policy banning the use of personal radios in the workplace. Playing music The PRS lodged details of countrywide inspection data over the audible playing of music at Kwik-Fit on more than 250 occasions in and after 2005. It claimed that its pleadings in the action were more than enough to allow a hearing of evidence in the case at which they would expect to establish everything allegedly found and recorded at inspection visits. Lord Emslie said: "The key point to note, it was said, was that the findings on each occasion were the same with music audibly 'blaring' from employee's radios in such circumstances that the defenders' [Kwik-Fit] local and central management could not have failed to be aware of what was going on." The judge said: "The allegations are of a widespread and consistent picture emerging over many years whereby routine copyright infringement in the workplace was, or inferentially must have been, known to and 'authorised' or 'permitted' by local and central management." He said that if that was established after evidence it was "at least possible" that liability for copyright infringement would be brought home against Kwik-Fit. But Lord Emslie said he should not be taken as accepting that the PRS would necessarily succeed in their claims. From rforno at infowarrior.org Sat Oct 6 11:39:38 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 06 Oct 2007 07:39:38 -0400 Subject: [Infowarrior] - FCC won't probe disclosure of phone records Message-ID: FCC won't probe disclosure of phone records By Peter Kaplan Reuters Friday, October 5, 2007; 6:00 PM http://www.washingtonpost.com/wp-dyn/content/article/2007/10/05/AR2007100501 685_pf.html WASHINGTON (Reuters) - The head of the U.S. Federal Communications Commission declined to investigate reports that phone companies turned over customer records to the National Security Agency, citing national security concerns, according to documents released on Friday. FCC Chairman Kevin Martin turned down a congressional request for an investigation as a top intelligence official concluded it would "pose an unnecessary risk of damage to the national security," according to a letter National Intelligence Director Michael McConnell sent to Martin on Tuesday. Intelligence officials "support your determination not to initiate an investigation," McConnell wrote to Martin. At issue are reports last year that some big telephone companies allowed the U.S. government access to millions of telephone records for an anti-terrorism program. The reports have prompted scrutiny by the House Energy and Commerce Committee. Democratic Rep. Edward Markey, the chairman of a key Energy and Commerce subcommittee, asked Martin to investigate. In his response, Martin included Tuesday's letter from McConnell. A spokesman for the FCC declined further comment. Markey, of Massachusetts, said McConnell's stance was "unsurprising given that this administration has continually thwarted efforts by Congress to shed more light on the surveillance program." "I believe the agency could conduct its own examination of such reports in a way that safeguards national security," Markey said in a statement. The Energy and Commerce Committee also asked AT&T Inc (T.N), Verizon Communications Inc (VZ.N) and Qwest Communications International Inc (Q.N) on Tuesday to describe how U.S. government agencies sought to obtain information about customer telephone and Internet use. ? 2007 Reuters From rforno at infowarrior.org Sat Oct 6 15:33:52 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 06 Oct 2007 11:33:52 -0400 Subject: [Infowarrior] - More on....Forbes & Digital River = Spammers In-Reply-To: <20071006145812.GA24624@gsp.org> Message-ID: ------ Forwarded Message From: RK FYI, Digital River have been spamming for years -- which is why I've permanently blacklisted any domain that traces back to them. (List followed below.) You and I aren't the only ones who've noticed their activities; I've found their domains on a dozen published (public) lists, and on several private ones. adpools.com ccnow.com cdrom.com digitalriver.com directresponsetech.com emetrix.com filekicker.com findmyorder.com fireclick.com freemerchant.com gamezone.com hotdownloads.com infoconamerica.com internetmall.com m-store.info maagnum.com mstore.info newslettersonline.com qwerks.com reg.net regnow.com regsoft.net safeshopper.com sellshareware.com setsystems.com simtel.net software.net webtycoon.com BTW, here's a partial (and probably outdated) list-of-lists where I've found one or more of their domains over the past several years: http://www.securitysage.com/files/access http://abuse.easynet.nl/spamlist-usage.html http://geocities.com/filterlists/domainnames.txt http://www.spambouncer.org/ http://www.tls.cena.fr/%7Eboubaker/JunkTrap/domains.blacklist http://www.taz.net.au/Mail/SpamDomains http://www.znet.com/blocked-domains.html http://www.spamsites.org/checklist.txt http://cc-www.uia.ac.be/cc/SpamDomains Also, some of their domains have been noted by the snort bleeding-edge threats blackhole DNS maintainers as associated enough with spyware, see: http://www.bleedingsnort.com/blackhole-dns/files/ ------ End of Forwarded Message From rforno at infowarrior.org Sun Oct 7 02:25:17 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 06 Oct 2007 22:25:17 -0400 Subject: [Infowarrior] - More on.... RIAA wins its first piracy trial In-Reply-To: <73D209A8-18B8-4423-A880-0B4371F4F93E@cs.cmu.edu> Message-ID: ------ Forwarded Message From: "K.E." Date: October 6, 2007 9:07:33 PM EDT To: dave at farber.net Cc: rforno at infowarrior.org, tfairlie at frontiernet.net Subject: Re: [IP] Re: RIAA wins its first piracy trial I read this today and thought to send it along. I have a hard time seeing it as stealing. I play in a metal band. We have sold around 200k records across 3 releases. We're not 'huge' by any stretch but do alright and live off (and ON subsequently) the road. Fans and friends ask me all the time how I feel about "stealing music." I just told someone yesterday "I have a hard time seeing it as stealing...when I don't see any money from cd sales to begin with. What are they actually TAKING from me?" If you want to squeeze an opinion on theft out of me, ask me about the dude that grabbed our tshirt off the table tonight in Detroit or better yet.. ask me about record contracts. I encourage our fans to acquire our album however they please. The philosophy I've adopted is that if you're supporting disc sales, you're keeping the old model around longer...the one that forces dudes like me to tour 9 mos/year if they want to make ends meet with a career in music. If you wanna really support a band, "steal" their album....help bury the label....and buy a tshirt when you show up at their show and sing every word. Dave Peters Thowdown -------- Karen Ellis http://www.edu-cyberpg.com From rforno at infowarrior.org Sun Oct 7 02:32:15 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 06 Oct 2007 22:32:15 -0400 Subject: [Infowarrior] - Terror Screening: "Malfeasance Likelihood" score? Message-ID: New screening technology might detect terrorists before they act Posted Oct 6th 2007 7:48PM by Joshua Topolsky http://www.engadget.com/2007/10/06/new-screening-technology-might-detect-ter rorists-before-they-act/ Computer and behavioral scientists at the University of Buffalo are developing a system that will allow authorities to track faces, voices, bodies and various other biometrical data to create a score for how likely an individual is to commit a terrorist act. Sound like the scariest Big Brother plot since China's ID card scheme? Well, rest assured, Winston Smith, the researchers only have your best interests in mind. "The goal is to identify the perpetrator in a security setting before he or she has the chance to carry out the attack," says Venu Govindaraju, professor of computer science and engineering at the university, who was recently awarded $800,000 by the National Science Foundation to create such a system. "We are developing a prototype that examines a video in a number of different security settings, automatically producing a single, integrated score of malfeasance likelihood," adding that the system will incorporate machine "learning" capabilities, which will allow it to adapt over time. "Human screeners have fatigue and bias, but the machine does not blink," the researcher said, just before remarking that he was late for an appointment at the Ministry of Truth. From rforno at infowarrior.org Sun Oct 7 21:07:48 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 07 Oct 2007 17:07:48 -0400 Subject: [Infowarrior] - More on... RIAA wins its first piracy trial In-Reply-To: Message-ID: My comments to Dave Farber on the current RIAA discussion, reposted here as an FYI.......-rf ------ Forwarded Message Frankly from my view, the entertainment industry's dogmatic refusal to accept the changing face of society and realize that emerging technologies have, and continue to, change the paradigm of industry, social control, and information exchange continues to baffle me. I think it's only a matter of time before their refusal to accept reality and redefine their role in the information age will be their undoing. To wit: They try to control the content (watermarking); they try to control the endpoints (hardware and software); they attack any hint of a paradigm shift that endangers their social status in the world (Napster, DeCSS, Kazaa, BitTorrent); they conduct pre-emptive profit strikes on customers in the form of taxing hard drives and media that *could* be used for piracy activities (the iPod tax); and constantly seek out new laws to restrict technological change and innovation under the guise of protecting 'their" material (DMCA, WIPO) when it's all about preserving their failing industry business model in an age where they're becoming more irrelevant with each passing year. I really think these folks would prefer it be 1998 all over again. >From where I sit, I can count the number of movies I see in theaters or have purchased on DVD in recent years, or new music I've bought or even had a desire to buy. Not only is there not enough stuff produced that interests me, but I refuse to support an industry that, when you get right down to it, considers and treats ALL customers as criminals for no other reason than to preserve its rapidly-aging business model. From an anthropological perspective, they just do NOT want to change with the times --- it's too hard to relinquish power when you've had it for so long, and also frightening to know that you're being seriously-challenged by entities far outside your direct ability to constrain. Hence, the industry lashes out in all directions in what clearly is a panicked 'death throes' flailing action to try and control/influence/constrain anything that might present a danger to their existing business models in the hope that they can head off the inevitable -- namely, the global reduction in their marketplace legitimacy and hegemony. It's all about marketplace control. Marketplace control is all about profits. And profits is all about control of your resources offered for sale. Unfortunately, unlike controlling of other resources such as power, water, or oil, efforts to exert control over "their" digital information resources has the consequence of providing them with the ability to influence or control most other digital information resources, including information resources and data they have no right of ownership -- such as unsigned bands, indie movies, and other nonprofit or personal data. It's all about control. -Rick Infowarrior.org ------ End of Forwarded Message From rforno at infowarrior.org Mon Oct 8 12:29:15 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 08 Oct 2007 08:29:15 -0400 Subject: [Infowarrior] - Aberdeen, MD New Camera Ordinance Message-ID: www.baltimoresun.com/news/local/harford/bal-ha.camera07oct07,0,1394895.story baltimoresun.com City passes camera law Aberdeen agencies may now require surveillance devices in developments By Madison Park Sun Reporter October 7, 2007 Hoping to deter crime by expanding the use of surveillance cameras, Aberdeen passed a measure that empowers the city government and police to require cameras in new developments. The Police Department, the Department of Planning and Community Development, and the Department of Public Works will decide whether a new residential, commercial or industrial development must install cameras at "strategic locations" before a development permit is issued. The City Council passed the measure, which becomes effective next week, by a 4-1 vote. Cameras installed at new developments will be connected to a watch room at the police station, Mayor S. Fred Simmons said. Simmons said the police chief will work with the other departments to study the feasibility of installation and check whether a camera is "wanted and necessary" at new developments. But the ordinance does not spell out guidelines for determining whether a new development will be required to have cameras, which concerned the lone dissenter on the council vote, Ruth Elliott. "We have no internal procedures or policies on this," Elliott said. "It is vague, and you can read in between the lines." Though crime is decreasing in Aberdeen, the city is seeking to prevent crime by expanding the camera program, Simmons said. The city installed cameras this year at two troubled intersections: one on Edmund and Washington streets and the other on East Bel Air and Aberdeen avenues. The cameras can zoom in, rotate 360 degrees, and are monitored from the city's police station. Footage from the cameras has been used to prosecute drug cases. "The cameras are going to see what the police officers are going to see," Simmons said. "It's another set of eyes. That's all." Surveillance cameras are a familiar sight in larger cities such as New York and Chicago. In Baltimore, a network of about 400 surveillance cameras is in use. And smaller Maryland towns, including Preston and Ridgely in Caroline County, use surveillance cameras. The Harford County Sheriff's Office has been looking into bringing cameras to Edgewood. Law enforcement officials have credited the cameras with providing information about suspects such as descriptions and license plate numbers. Simmons said he is interested in expanding the camera program in Aberdeen to monitor traffic on U.S. 40, using cameras that can read license plate numbers and run them through a computer database to check whether a car is stolen or the registration is expired. "You can't go to a supermarket, the ATM, or a drugstore without being camera'ed," Simmons said. "They're all camera'ed. ... Look up and there's three or four white cameras capturing everything on the state highway. We live in that age." Elliott voiced discomfort with that notion. "I don't care to have cameras everywhere in the city," the councilwoman said. "I'm supportive of having cameras in areas where there are problems." Elliott said the ordinance doesn't protect average residents. "Whatever that's caught on camera, that may not be of a criminal aspect, just a personal thing could be used depending on who is looking at those tapes," she said. "That info could be released to the wrong people - that's why we need tighter procedures and policies." Elliott expressed concern that the two-sentence ordinance gives broad authority to the city without laying out parameters about how the city will determine whether a development should have cameras. But Simmons said, "The reason why it's left open is that the whole landscape changes all the time." Melissa Ngo, senior counsel of the Electronic Privacy Information Center, also questioned an ordinance that lacked guidelines on determining where cameras would be required. "How are they going to decide?" said Ngo, whose Washington-based organization studies civil liberty and privacy issues. "If this is going to be low-income development, are they going to watch over the poor people? If this is going to be fancy condos, are they going to decide that they don't need to look over those people?" madison.park at baltsun.com Copyright ? 2007, The Baltimore Sun From rforno at infowarrior.org Tue Oct 9 00:34:27 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 08 Oct 2007 20:34:27 -0400 Subject: [Infowarrior] - Democratic Concessions Are Expected on Wiretapping Message-ID: October 8, 2007 Democratic Concessions Are Expected on Wiretapping By ERIC LICHTBLAU and CARL HULSE http://www.nytimes.com/2007/10/08/washington/09cnd-nsa.html?_r=1&hp=&oref=sl ogin&pagewanted=print WASHINGTON, Oct. 8 ? Two months after vowing to roll back broad new wiretapping powers won by the Bush administration, Congressional Democrats appear ready to make concessions that could extend some of the key powers granted to the National Security Agency. Bush administration officials say they are confident they will win approval of the broadened wiretapping authority that they secured temporarily in August as Congress rushed toward recess, and some Democratic officials admit that they may not come up with the votes to rein in the administration. As the debate over the N.S.A.?s wiretapping powers begins anew this week, the emerging legislation reflects the political reality confronting the Democrats. While they are willing to oppose the White House on the conduct of the war in Iraq, they remain nervous that they will be labeled as soft on terrorism if they insist on strict curbs on intelligence gathering. A Democratic bill to be proposed Tuesday in the House would maintain for several years the type of broad, blanket authority for N.S.A. wiretapping that the administration secured in August for just six months. But in an acknowledgment of civil liberties concerns, the measure would also require a more active role by the special foreign intelligence court that oversees the N.S.A.?s interception of foreign-based communications. A competing proposal in the Senate, still being drafted, may be even closer in line with the administration?s demands, with the possibility of including retroactive immunity for telecommunications companies that took part in the N.S.A.?s once-secret program to wiretap without court warrants. No one is willing to predict with certainty how the issue will play out. But some Congressional officials and others monitoring the debate over the legislation said the final result may not be much different than it was two months ago, despite Democrats? insistence that they would not let stand the August extension of the N.S.A.?s powers. ?Many members continue to fear that if they don?t support whatever the president asks for, they?ll be perceived as soft on terrorism,? said William Banks, a professor specializing in terrorism and national security law at Syracuse University who has written extensively on federal wiretapping law. The August bill, known as the Protect America Act, was approved by Congress in the final hours before its summer recess after heated warnings from the Bush administration that legal loopholes in wiretapping coverage had left the country vulnerable to another terrorist attack. The legislation significantly reduced the role of the foreign intelligence court and broadened the N.S.A.?s ability to listen in on foreign-based communications without a court warrant. ?We want the statute made permanent,? Dean Boyd, a spokesman for the Justice Department, said today. ?We view this as a healthy debate. We also view it as an opportunity to inform Congress and the public that we can use these authorities responsibly. We?re going to go forward and look at any proposals that come forth, but we?ll look at them very carefully to make sure they don?t have any consequences that hamper our abilities to protect the country.? House Democrats overwhelmingly opposed the interim legislation in August and believed at the time they had been forced into a corner by the Bush administration. As Congress takes up the new legislation, a senior Democratic aide said House leaders are working hard to make sure the administration does not succeed in pushing through a bill that would make permanent all the powers it secured in August for the N.S.A. ?That?s what we?re trying to avoid,? the aide said. ?We have that concern too.? The bill to be proposed Tuesday by the Democratic leaders of the House Intelligence and Judiciary Committees would impose more controls over the N.S.A.?s powers, including quarterly audits by the Justice Department?s inspector general. It would also give the foreign intelligence court a role in approving, in advance, ?basket? or ?umbrella? warrants for bundles of overseas communications, according to a Congressional official. ?We are giving the N.S.A. what it legitimately needs for national security but with far more limitations and protections than are in the Protect America Act,? said Brendan Daly, a spokesman for Speaker Nancy Pelosi, Democrat of California. Perhaps most important in the eyes of Democratic supporters, the House bill would not give retroactive immunity to the telecommunications companies that took part in the N.S.A.?s domestic eavesdropping program ? a proposal that had been a top priority of the Bush administration. The August legislation granted the companies immunity for future acts, but not past deeds. A number of private groups are trying to prove in federal court that the telecommunications companies violated the law by taking part in the program. A former senior Justice Department lawyer, Jack Goldsmith, seemed to bolster their case last week when he told Congress that the program was a ?legal mess? and strongly suggested it was illegal. In the Senate, the Democratic chairman of the Intelligence Committee, John D. Rockefeller IV of West Virginia, is working with his Republican counterpart, Christopher S. Bond of Missouri, who was one of the main proponents of the August plan, to come up with a compromise wiretapping proposal. Wendy Morigi, a spokeswoman for Mr. Rockefeller, said that retroactive immunity for the telecommunications companies is ?under discussion,? but that no final proposal had been developed. The immunity issue may prove to be the key sticking point between whatever proposals are ultimately passed by the House and the Senate. Representative Jerrold Nadler, a New York Democrat who was among the harshest critics of the legislation passed in August, said he would vigorously oppose any effort to grant retroactive legal protection to telecommunications companies. ?There is heavy pressure on the immunity and we should not cave an inch on that,? he said in an interview. Mr. Nadler said he was worried that the Senate would give too much ground to the administration in its proposal, but he said he was satisfied with the legislation to be proposed Tuesday in the House. ?It is not perfect, but it is a good bill,? he said. ?It makes huge improvements in the current law. In some respects it is better than the old FISA law,? referring to the Foreign Intelligence Surveillance Act. Civil liberties advocates and others who met with House officials today about the proposed bill agreed that it was an improvement over the August plan, but they were not quite as charitable in their overall assessment. ?This still authorizes the interception of Americans? international communications without a warrant in far too many instances and without adequate civil liberties protections,? said Kate Martin, director of the Center for National Security Studies, who was among the group that met with House officials. Caroline Frederickson, director of the Washington legislative office of the American Civil Liberties Union, said she was troubled by the Democrats? acceptance of broad, blanket warrants for the N.S.A., rather than the individualized warrants traditionally required by the intelligence court. ?The Democratic leadership, philosophically, is with us, but we need to help them realize the political case, which is that Democrats will not be in danger if they don?t reauthorize this Protect America Act,? Ms. Frederickson said. ?They?re nervous. There?s a ?keep the majority? mentality, which is understandable. But we think they?re putting themselves in more danger by not standing on principle.? From rforno at infowarrior.org Tue Oct 9 02:21:21 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 08 Oct 2007 22:21:21 -0400 Subject: [Infowarrior] - =?iso-8859-1?q?Top_10_Forecasts_from_=8C_The_Futu?= =?iso-8859-1?q?rist_=B9_Magazine?= Message-ID: Top 10 Forecasts from ?The Futurist? Magazine http://www.wfs.org/Nov-Dec%20Files/TOPTEN.htm Each year since 1985, the editors of THE FUTURIST have selected the most thought-provoking ideas and forecasts appearing in the magazine. Over the years, Outlook has spotlighted the emergence of such epochal developments as the Internet, virtual reality, and the end of the Cold War. Here are the editors' top 10 forecasts from Outlook 2008: 1. The world will have a billion millionaires by 2025. Globalization and technological innovation are driving this increased prosperity. But challenges to prosperity will also become more acute, such as water shortages that will affect two-thirds of world population by 2025. --James Canton, author of "The Extreme Future," reviewed in THE FUTURIST May-June 2007, p. 54 2. Fashion will go wired as technologies and tastes converge to revolutionize the textile industry. Researchers in smart fabrics and intelligent textiles (SFIT) are working with the fashion industry to bring us color-changing or perfume-emitting jeans, wristwatches that work as digital wallets, and running shoes like the Nike +iPod that watch where you're going (possibly allowing others to do the same). Powering these gizmos remains a key obstacle. But industry watchers estimate that a $400 million market for SFIT is already in place and predict that smart fabrics could revitalize the U.S. and European textile industry. --Patrick Tucker, "Smart Fashion," Sep-Oct 2007, p. 68 3. The threat of another cold war with China, Russia, or both could replace terrorism as the chief foreign-policy concern of the United States. Scenarios for what a war with China or Russia would look like make the clashes and wars in which the United States is now involved seem insignificant. The power of radical jihadists is trivial compared with Soviet missile capabilities, for instance. The focus of U.S. foreign policy should thus be on preventing an engagement among Great Powers. --Edward N. Luttwak, "Preserving Balance among the Great Powers," Nov-Dec 2006, p. 26 4. Counterfeiting of currency will proliferate, driving the move toward a cashless society. Sophisticated new optical scanning technologies could, in the next five years, be a boon for currency counterfeiters, so societies are increasingly putting aside their privacy fears about going cashless. Meanwhile, cashless technologies are improving, making them far easier and safer to use. --Allen H. Kupetz, "Our Cashless Future," May-June 2007, p. 37 5. The earth is on the verge of a significant extinction event. The twenty-first century could witness a biodiversity collapse 100 to 1,000 times greater than any previous extinction since the dawn of humanity, according to the World Resources Institute. Protecting biodiversity in a time of increased resource consumption, overpopulation, and environmental degradation will require continued sacrifice on the part of local, often impoverished communities. Experts contend that incorporating local communities' economic interests into conservation plans will be essential to species protection in the next century. --World Trends & Forecasts, Nov-Dec 2006, p. 6 6. Water will be in the twenty-first century what oil was in the twentieth century. Global fresh water shortages and drought conditions are spreading in both the developed and developing world. In response, the dry state of California is building 13 desalination plants that could provide 10%-20% of the state's water in the next two decades. Desalination will become more mainstream by 2020. --William E. Halal, "Technology's Promise: Highlights from the TechCast Project," Nov-Dec, p. 44 7. World population by 2050 may grow larger than previously expected, due in part to healthier, longer-living people. Slower than expected declines of fertility in developing countries and increasing longevity in richer countries are contributing to a higher rate of population growth. As a result, the UN has increased its forecast for global population from 9.1 billion people by 2050 to 9.2 billion. --World Trends & Forecasts, Sep-Oct 2007, p. 10 8. The number of Africans imperiled by floods will grow 70-fold by 2080. The rapid urbanization taking place throughout much of Africa makes flooding particularly dangerous, altering the natural flow of water and cutting off escape routes. If global sea levels rise by the predicted 38 cm by 2080, the number of Africans affected by floods will grow from 1 million to 70 million. --World Trends & Forecasts, July-Aug 2007, p. 7 9. Rising prices for natural resources could lead to a full-scale rush to develop the Arctic. Not just oil and natural gas, but also the Arctic's supplies of nickel, copper, zinc, coal, freshwater, forests, and of course fish are highly coveted by the global economy. Whether the Arctic states tighten control over these commodities or find equitable and sustainable ways to share them will be a major political challenge in the decades ahead. --Lawson W. Brigham, "Thinking about the Arctic's Future: Scenarios for 2040," Sep-Oct 2007, p. 27 10. More decisions will be made by nonhuman entities. Electronically enabled teams in networks, robots with artificial intelligence, and other noncarbon life-forms will make financial, health, educational, and even political decisions for us. Reason: Technologies are increasing the complexity of our lives and human workers' competency is not keeping pace well enough to avoid disasters due to human error. --Arnold Brown, "'Not with a Bang': Civilization's Accelerating Challenge," Sep-Oct 2007, p. 38 All of these forecasts plus dozens more were included in the report that scanned the best writing and research from THE FUTURIST magazine over the course of the previous year. The Society hopes this report, covering developments in business and economics, demography, energy, the environment, health and medicine, resources, society and values, and technology, will assist its readers in preparing for the challenges and opportunities in 2008 and beyond. The Outlook 2008 report was released as part of the November-December 2007 issue of THE FUTURIST magazine. An individual report can be obtained from the World Future Society for $5 in both print and online PDF format. From rforno at infowarrior.org Tue Oct 9 12:12:15 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 09 Oct 2007 08:12:15 -0400 Subject: [Infowarrior] - Leak Severed a Link to Al-Qaeda's Secrets In-Reply-To: Message-ID: I can relate to the SITE issue here --- I've seen similar situations firsthand (also at the White House) where valuable resources got burned which in turn botched up otherwise-reliable USG operations simply because the USG thought they had all the answers and were the best at what they did....with such institutional hubris, everybody loses and after a while you get tired of playing......rf ------ Forwarded Message Leak Severed a Link to Al-Qaeda's Secrets Firm Says Administration's Handling of Video Ruined Its Spying Efforts http://www.washingtonpost.com/wp-dyn/content/article/2007/10/08/AR2007100801 817_pf.html By Joby Warrick Washington Post Staff Writer Tuesday, October 9, 2007; A01 A small private intelligence company that monitors Islamic terrorist groups obtained a new Osama bin Laden video ahead of its official release last month, and around 10 a.m. on Sept. 7, it notified the Bush administration of its secret acquisition. It gave two senior officials access on the condition that the officials not reveal they had it until the al-Qaeda release. Within 20 minutes, a range of intelligence agencies had begun downloading it from the company's Web site. By midafternoon that day, the video and a transcript of its audio track had been leaked from within the Bush administration to cable television news and broadcast worldwide. The founder of the company, the SITE Intelligence Group, says this premature disclosure tipped al-Qaeda to a security breach and destroyed a years-long surveillance operation that the company has used to intercept and pass along secret messages, videos and advance warnings of suicide bombings from the terrorist group's communications network. "Techniques that took years to develop are now ineffective and worthless," said Rita Katz, the firm's 44-year-old founder, who has garnered wide attention by publicizing statements and videos from extremist chat rooms and Web sites, while attracting controversy over the secrecy of SITE's methodology. Her firm provides intelligence about terrorist groups to a wide range of paying clients, including private firms and military and intelligence agencies from the United States and several other countries. The precise source of the leak remains unknown. Government officials declined to be interviewed about the circumstances on the record, but they did not challenge Katz's version of events. They also said the incident had no effect on U.S. intelligence-gathering efforts and did not diminish the government's ability to anticipate attacks. While acknowledging that SITE had achieved success, the officials said U.S. agencies have their own sophisticated means of watching al-Qaeda on the Web. "We have individuals in the right places dealing with all these issues, across all 16 intelligence agencies," said Ross Feinstein, spokesman for the Office of the Director of National Intelligence. But privately, some intelligence officials called the incident regrettable, and one official said SITE had been "tremendously helpful" in ferreting out al-Qaeda secrets over time. The al-Qaeda video aired on Sept. 7 attracted international attention as the first new video message from the group's leader in three years. In it, a dark-bearded bin Laden urges Americans to convert to Islam and predicts failure for the Bush administration in Iraq and Afghanistan. The video was aired on hundreds of Western news Web sites nearly a full day before its release by a distribution company linked to al-Qaeda. Computer logs and records reviewed by The Washington Post support SITE's claim that it snatched the video from al-Qaeda days beforehand. Katz requested that the precise date and details of the acquisition not be made public, saying such disclosures could reveal sensitive details about the company's methods. SITE -- an acronym for the Search for International Terrorist Entities -- was established in 2002 with the stated goal of tracking and exposing terrorist groups, according to the company's Web site. Katz, an Iraqi-born Israeli citizen whose father was executed by Saddam Hussein in the 1960s, has made the investigation of terrorist groups a passionate quest. "We were able to establish sources that provided us with unique and important information into al-Qaeda's hidden world," Katz said. Her company's income is drawn from subscriber fees and contracts. Katz said she decided to offer an advance copy of the bin Laden video to the White House without charge so officials there could prepare for its eventual release. She spoke first with White House counsel Fred F. Fielding, whom she had previously met, and then with Joel Bagnal, deputy assistant to the president for homeland security. Both expressed interest in obtaining a copy, and Bagnal suggested that she send a copy to Michael Leiter, who holds the No. 2 job at the National Counterterrorism Center. Administration and intelligence officials would not comment on whether they had obtained the video separately. Katz said Fielding and Bagnal made it clear to her that the White House did not possess a copy at the time she offered hers. Around 10 a.m. on Sept. 7, Katz sent both Leiter and Fielding an e-mail with a link to a private SITE Web page containing the video and an English transcript. "Please understand the necessity for secrecy," Katz wrote in her e-mail. "We ask you not to distribute . . . [as] it could harm our investigations." Fielding replied with an e-mail expressing gratitude to Katz. "It is you who deserves the thanks," he wrote, according to a copy of the message. There was no record of a response from Leiter or the national intelligence director's office. Exactly what happened next is unclear. But within minutes of Katz's e-mail to the White House, government-registered computers began downloading the video from SITE's server, according to a log of file transfers. The records show dozens of downloads over the next three hours from computers with addresses registered to defense and intelligence agencies. By midafternoon, several television news networks reported obtaining copies of the transcript. A copy posted around 3 p.m. on Fox News's Web site referred to SITE and included page markers identical to those used by the group. "This confirms that the U.S. government was responsible for the leak of this document," Katz wrote in an e-mail to Leiter at 5 p.m. Al-Qaeda supporters, now alerted to the intrusion into their secret network, put up new obstacles that prevented SITE from gaining the kind of access it had obtained in the past, according to Katz. A small number of private intelligence companies compete with SITE in scouring terrorists' networks for information and messages, and some have questioned the company's motives and methods, including the claim that its access to al-Qaeda's network was unique. One competitor, Ben Venzke, founder of IntelCenter, said he questions SITE's decision -- as described by Katz -- to offer the video to White House policymakers rather than quietly share it with intelligence analysts. "It is not just about getting the video first," Venzke said. "It is about having the proper methods and procedures in place to make sure that the appropriate intelligence gets to where it needs to go in the intelligence community and elsewhere in order to support ongoing counterterrorism operations." From rforno at infowarrior.org Tue Oct 9 12:19:16 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 09 Oct 2007 08:19:16 -0400 Subject: [Infowarrior] - Amazon's unlocked music still might get you sued Message-ID: Brier Dudley | Amazon's unlocked music still might get you sued By Brier Dudley Seattle Times staff columnist http://seattletimes.nwsource.com/html/businesstechnology/2003932604_brier08. html When Amazon.com launched its MP3 store last week, I thought the Seattle company had found the perfect formula for selling digital music. Prices are lower than Apple's iTunes, audio quality is generally higher and none of the songs is embedded with obnoxious copy-protection software. I wouldn't be surprised if Amazon leapfrogs into first place in the downloadable-music business that Microsoft, Sony and others have struggled with for years. Does that mean it's time to say goodbye to the neighborhood record store? I'd say no, after reading the fine print in Amazon's user agreement. That's when I decided to keep buying CDs, maybe forever. People should pay attention to the legalese, because it looks like the recording industry has found a new way to go after anyone who doesn't follow its rules. Amazon's MP3 songs lack digital locks, the software that provides digital-rights management, or DRM. But you're still limited in how you can use the music. The difference is that instead of using software for protection, the restrictions are in the user agreement, a contract you automatically agree to when you buy the songs. More troubling, the terms of the contract could also erode the principle known as "fair use," which gives consumers the right to make personal copies of media they purchase, sell used copies and even loan the media to friends and family. You can do all that legally, unless you enter a contract forbidding such malicious behavior. Amazon's contract says you "may copy, store, transfer and burn the Digital Content" for personal use. But then it goes further and specifies restrictions, saying you "agree that you will not redistribute, transmit, assign, sell, broadcast, rent, share, lend, modify, adapt, edit, sub-license or otherwise transfer or use the Digital Content." Concerned that I was being paranoid, I floated this past Fred von Lohmann, senior staff attorney with the Electronic Frontier Foundation in San Francisco, a public-interest advocacy group. He was surprised by the language and said it appears to enable record companies to pursue a breach of contract if, for instance, you loaned your mother an iPod containing MP3s bought from Amazon. "It's sort of like they're adding another layer of restrictions potentially above and beyond what copyright law would restrict," von Lohmann said. Software companies have protected content with contract language forever, but with Amazon's MP3 store "it's new in the sense that it's now coming home to roost for everyday Americans," he said. advertising Record companies may never bother to enforce the Amazon contract, but it's important to know the territory the industry is staking out as it moves toward DRM-free music (especially after seeing what happened to Jammie Thomas, the Minnesota woman fined $222,000 last Thursday for distributing 24 songs online). Apple, which began selling some DRM-free music in April, is less specific. Its "terms of service" agreement says buyers are agreeing to abide by copyright protections but "you may copy, store and burn" DRM-free songs "as reasonably necessary for personal, noncommercial use." These contracts are carefully negotiated with record companies. As the big gorilla in digital music, Apple probably has more sway, and its chief executive has crusaded against DRM. Amazon is just breaking into the business. It's still building relationships with record labels while trying to persuade them to release high-quality MP3s without DRM. When I asked Pete Baltaxe, Amazon's director of digital music, about the fair-use implications of the contract, he said Amazon's responding to labels' concerns about piracy. "We understand that concern," he said. "We believe that the best defense against piracy is a good offense. By a good offense, I mean sell people a great product, a product that is interoperable, that is high quality, that has great album art at a great value. That's the best way to compete." He's right, and I wish Amazon luck as it pulls the music industry toward a more reasonable future. Most consumers won't give a second thought to the user terms as long as the music is good, cheap and easy to get. Enjoy. Just remember that DRM-free doesn't mean unrestricted. Brier Dudley's column appears Mondays. Reach him at 206-515-5687 or bdudley at seattletimes.com. From rforno at infowarrior.org Tue Oct 9 19:37:04 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 09 Oct 2007 15:37:04 -0400 Subject: [Infowarrior] - National Strategy for Homeland Security (Oct 07) Message-ID: decoration Home > News & Policies > Policies in Focus > Homeland Security National Strategy for Homeland Security October 2007 President's Letter 1. Overview of America's National Strategy for Homeland Security 2. Today's Realities in Homeland Security 3. Today's Threat Environment 4. Our Vision and Strategy for Homeland Security 5. Prevent and Disrupt Terrorist Attacks 6. Protect the American People, Critical Infrastructure, and Key Resources 7. Respond to and Recover from Incidents 8. Ensuring Long-Term Success 9. Conclusion http://www.whitehouse.gov/infocus/homeland/nshs/2007/index.html From rforno at infowarrior.org Wed Oct 10 02:15:55 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 09 Oct 2007 22:15:55 -0400 Subject: [Infowarrior] - Air Force to Establish New Cyberspace Operations Command Message-ID: Air Force to Establish New Cyberspace Operations Command John T. Bennett | 04 Oct 2006 Inside the Air Force http://www.worldpoliticsreview.com/article.aspx?id=233 Senior Air Force leaders plan to establish a new command for directing the service's numerous activities in cyberspace, a move intended to combat the ever-growing Internet prowess of terrorist groups like al Qaeda, according to sources and documents. Air Force Secretary Michael Wynne and Chief of Staff Gen. T. Michael Moseley have tapped the service's Air Education and Training, Air Combat and Air Force Space commands to formulate a range of options for the notional "Operational Command for Cyberspace," according to a Sept. 6 letter signed by the two leaders. Inside the Air Force obtained the letter this week. "All options are on the table at this point," one service official involved in Air Force cyberspace operations told ITAF on Sept. 27. The United States is "already at war in cyberspace, so we need to get everything under one umbrella," the official added. "We're going to do more than just move around deck chairs on the Titanic" in molding the new outfit, Lani Kass, director of of the service's Cyberspace Task Force, told ITAF this week. "This will be a 24/7/365 kind of operation," she added during a brief interview at an Air Force Association-sponsored conference in Washington. Moseley established the task force in January to examine the service's cyberspace capabilities and identify deficiencies, according to a service fact sheet. Wynne and Moseley appear to be moving quickly to establish the new cyberspace command, giving the three existing commands that are studying its creation 30 days to deliver options, according to the letter. The leaders, in the missive and in comments made this week during this week's conference, have described their vision for the new command in broad terms. "Our enemies are already operating [in cyberspace], exploiting the low entry costs and minimal technological investment needed to inflict serious harm," Moseley said during a Sept. 27 address. "We cannot allow them to expand a foothold in this critical strategic domain, much less find sanctuary." The service secretary, speaking Sept. 25 at the event, warned that because the military is increasingly dependent on network- and computer-based systems, all other aspects of warfighting could be hindered without an increased focus on cyberspace. "This domain offers many unique opportunities and highlights a new inviolate principle: Without cyber-dominance, operations in all of the other domains are in fact placed at risk," Wynne said. Last December, when they were both relatively new to their posts, the two service leaders published a new Air Force mission statement, which reads: "The mission of the U.S. Air Force is to deliver sovereign options for the defense of the United States of America and its global interests -- to fly and fight in the air, space and cyberspace." The revised strategic statement added two key facets: "sovereign options" and "cyberspace." In a Dec. 9, 2005, statement, Wynne noted that "we have quite a few of our airmen dedicated to cyberspace . . . from security awareness, making sure the networks can't be penetrated, as well as figuring out countermeasures." The 2005 Quadrennial Defense Review also states that cyberspace is playing an increasingly important role in U.S. military operations. The new command "should enable the employment of global cyber power across the full spectrum of conflict, both as a supported and/or supporting component of a joint force," the service leaders' Sept. 6 letter states. "Inherent in this requirement is the need to integrate the full range of global effects across the entire electromagnetic spectrum and networked systems and must include scalability of force packages, ease of implementation and enhanced componency and force presentation through" U.S. Strategic Command, it adds. Wynne and Moseley want the cyberspace command eventually to become the service entity that trains and equips all forces branded with the "cyber" moniker, according to officials and documents. The manpower and personnel shop, or A1 office, at the service's Pentagon headquarters and "other functional experts" have been tasked with identifying which Air Force specialties will be classified in the cyberspace realm, the letter states. Plans call for the new organization to be on an equal footing with the service's numbered air forces, several officials said this week. "You don't want to stand up a new thing like this and have it be a major command right off the bat," the service official involved in Air Force cyberspace operations said. "Maybe it will be a major command one day, but not right now." The fiscal year 2009 budget cycle will be key for the new command, offering service officials the first opportunity to implement a research, development and acquisition strategy for cyberspace. The two service leaders have tasked Air Force Materiel Command with formulating that plan, according to the missive. The service's move to bolster its efforts to conduct cyberspace missions comes as Islamic extremist groups like al Qaeda and other U.S. enemies have demonstrated expanded capabilities in using the Internet to spread their messages, transfer funds and communicate. Groups like al Qaeda and other extremist organizations can be effective using cyberspace because "as a warfighting domain, it's different than the land, air and space domains," according to Kass, the task force director. As opposed to expensive weapon systems like fighters, bombers, advanced ground vehicles or aircraft carriers, in cyberspace everything one needs to "cause chaos from afar very cheaply . . . is available off the shelf," she said at the conference. Air Force leaders want to beef up the service's ability to guard against Internet-based attacks because the United States "is uniquely vulnerable because of our reliance on cyberspace," both militarily and "in our everyday lives," she said. Cyberspace offers advantages to those who do not want to deal with U.S. forces in a symmetric fight, Kass added. The effort to create the new command comes as senior Pentagon leaders continue reviewing the classified "2006 National Military Strategy for Cyberspace Operations." Chairman of the Joint Chiefs of Staff Gen. Peter Pace already has approved the plan, which is now on the desk of the defense secretary awaiting final approval, Kass said. That strategic document, "for the first time," calls cyberspace a warfighting domain, she told ITAF. The plan, she added, is "very operationally focused," but she declined to describe it in detailed because it is classified. The Pentagon's newest operational realm, according to briefing slides presented by Kass, is composed of the entire electromagnetic spectrum. The task force director made clear the service plans to exploit the entire spectrum during its cyberspace missions: "I was asked by a general officer how much of the cyber-domain the Air Force claims, and I said, 'All of it.'" Mosely this week echoed that sentiment. "We understand the physics, the technology, the synergies required to operate in and through cyberspace," he said during a Sept. 27 address to conference attendees. "We intend to operate across the entire electromagnetic spectrum: radio waves, microwaves, infrared, X-ray, directed energy, and applications we have not even begun to think about." Following the release of the Wynne- and Moseley-crafted mission statement late last year, some current and former military officers questioned whether the sudden inclusion of cyber-operations as a core Air Force mission was merely the leaders posturing to become the military's lead service for the mission. In an example of that questioning, a retired military officer told sister publication Inside the Pentagon last December that he gives the Air Force "credit for including cyberspace," but wonders "what exactly do they mean to do there? Is this just another budget-justifying buzzword to them?" Some officials and analysts contacted earlier this year speculated that the Air Force might be angling to become the Pentagon's executive agent for cyber-missions, much like it already is the military's "EA" for space. In an interview in February, however, Lt. Gen. Michael Peterson, the Air Force's warfighting integration director and chief information officer, dismissed that notion. When asked by ITAF this week whether creation of the Operational Command for Cyberspace is a move in the executive agent direction, Kass said it is just Air Force officials "tending our own garden. "We're not trying to poach any other service's domain," she continued. "There's plenty of work for everyone." That work likely will not be easy, a former Air Force official who was once involved in cyberspace efforts while in uniform told ITAF during the conference. "We tried this once before and it got all fouled up because . . . tribal warfare" within the service doomed a number of initiatives aimed at bolstering such missions, the former official said. "All I'll say is: 'Good luck to them,'" he added. For her part, Kass agreed that securing funding for essential cyberspace programs will be a hurdle the new command must tackle. "It's true," she said, "one challenge will be making sure programs don't just fall off like they did in the past." From rforno at infowarrior.org Wed Oct 10 02:23:16 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 09 Oct 2007 22:23:16 -0400 Subject: [Infowarrior] - Record label defections by major acts a troubling sign Message-ID: Record label defections by major acts a troubling sign for recording industry http://arstechnica.com/news.ars/post/20071009-record-label-defections-by-maj or-acts-a-troubling-sign-for-recording-industry.html By Anders Bylund | Published: October 09, 2007 - 02:02PM CT When Brit-rock veterans Radiohead decided to self-publish their next album online, it was a bucket of ice-cold water over the heads of EMI, Sony BMG, Warner Music, and all the rest of the old-school industry elephants. It was also the starting shot for other artists to do the same, inspired by a respected band's first leap of faith into a brave new world. It's already a trans-Atlantic phenomenon. Trent Reznor of Cleveland-based Nine Inch Nails is calling his band a "free agent, free of any recording contract with any label," and envisions a more intimate relationship with his audience as a result. And it doesn't stop there. Now with two top-notch acts in the game, others are sure to follow as their contracts expire or come up for renegotiation. Jamiroquai and Oasis don't have contracts at the moment, and rumor has it that these acts might be the next to follow Radiohead and NIN out of the established record industry traditions. The new era likely won't have the plethora of the restrictions that give both consumers and bands migraine headaches today. The other side of the coin Those headaches were touched up by Yahoo Music's general manager Ian Rogers, who just told a room full of label execs to do away with DRM and artificial restrictions on the music their customers want to hear, for the good of consumers and businesses alike. He thinks Amazon is doing the right thing with its unencumbered MP3 sales, and said that he will refuse to sign any new distribution deals that make it hard for his users to get and use the content they want. There's simply no way to improve on Ian's explanation of why tight controls aren't worth the hassle: "Want radio? No problem. Click play, get radio. Want video? Awesome. Click play, get video. Want a track on-demand? Oh have we got a deal for you! If you're on Windows XP or Vista, and you're in North America, just download this 20MB application, go through these seven install screens, reboot your computer, go through these five setup screens, these six credit card screens, give us $160 dollars and POW! Now you can hear that song you wanted to hear?if you're still with us," writes Rogers. According to Rogers, Yahoo! didn't want all those steps, but the record labels demanded it. "It's a slippery slope from 'a little control' to consumer unfriendliness and non-Web-scale products and services," he said, and Yahoo Music won't put up with it anymore. And neither should anyone else, he believes. He's not alone: most UK music fans believe that DRM-free music is the only music worth buying. So far, EMI is on board the DRM-free music train, with UMG on for a trial ride. Radiohead's management says that the free-download experiment is working out very well so far, driving an 11-fold traffic boost to the band's Web site and converting plenty of those hits into sales of premium boxed sets for ?40 a pop. That wasn't even the goal here. Musicians who give away their music for free generally just want to inspire some merchandise sales and improve their concert attendance. But Radiohead's success proves that the new medium can make new things happen and that you can cut out the record label middleman without losing touch with the audience or much in the way of revenues. It works for big, established acts at least, and direct distribution gives the little guy a fighting chance too. Wasn't that how MC Hammer got started, after all? From rforno at infowarrior.org Wed Oct 10 12:46:11 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2007 08:46:11 -0400 Subject: [Infowarrior] - Fear of Flying? No. It's a fear of airports Message-ID: Fear of Flying? No. It's a fear of airports. by Reuben F. Johnson - Weekly Standard 10/10/2007 12:00:00 AM http://tinyurl.com/ysj2b4 LAST MONTH IT was reported that a 54-year-old veteran FBI official, Carl L. Spicocchi, had been jailed in Arlington County several weeks earlier for abducting, holding and physically assaulting his girlfriend. Specifically he is accused of dragging her around by the hair inside of her apartment, physically striking her, and threatening to kill her alternatively with both a knife and his handgun--all over a period of six hours. It appeared that as a result of this incident he was probably looking at some jail time (as of a hearing last week when he was denied bond for a second time he had been behind bars over a month) and his FBI career could well be finished. The incident took place on 23 August, but was kept under wraps by local and federal law enforcement for three weeks until it was reported in the Washington Post on 13 September--having only been made public knowledge because of his first court hearing. If the descriptions sworn to in court are accurate, Spicocchi's actions are egregious no matter who might have committed them. But they deserve particular condemnation when they are the actions of a federal agent who is supposed to be using his training and right to carry firearms to decrease the level of violent crime rather than contributing to it. My cynical comment to the Post blog at that time was that if Spicocchi had committed all of these abusive acts against an ordinary citizen while inside of an airport he could have gotten away with it all and more--even murder--and would not have suffered the slightest punishment or judicial process. He might have even received a commendation, I thought acidly at the time. These observations may seem slightly exaggerated and, yes, they are indeed the product of the frustration that comes with the increasingly agonizing experience of being a regular air traveler. I do a tremendous amount of flying commercially, most of it internationally, and there is almost nothing about air travel that promises the convenience and relaxation it had many years ago. But, beyond all of this unpleasantness it is today painfully obvious that an air passenger--once inside the confines of an airport in any part of the world--has no rights whatsoever. This includes not even the right to be protected from security and law enforcement personnel who do not seem to understand any force other than deadly force. Security, police, and passenger screening personnel in any airport have near-dictatorial powers and almost limitless discretion to decide who needs to be put into a chokehold and thrown into a windowless room until someone can decided what set of ridiculously overblown charges need to be leveled against them. A case in point being the 42-year-old female Secret Service agent, Monica Emmerson, who this past June was threatened with arrest and surrounded by a phalanx of Transportation Security Agency (TSA) officers for the heinous crime of having spilled on the floor at Reagan National Airport ordinary drinking water from her 19-month-old toddler's sippy cup. One website commenting on the incident stated that "I guess because they didn't beat her to a pulp, the Transportation Security Administration (TSA) claims that its 'Officers' did not 'Hassle Female Passenger with Toddler at Reagan National Airport over Sippy Cup.' Perhaps the agency needs a dictionary with 'hassle' defined in one-syllable words that even its cretins can understand." Now, I thought this was all a bit harsh, but little did I realize how spot-on some of these comments by myself and others would turn out to be. Specifically, I refer to the incident at Phoenix airport that led to the death of Carol Gotbaum on 30 September. The 45-year-old mother of three was late for a flight to Tuscon and when she demanded to be let on board the airplane, which had not yet pulled away from the gate, she was manhandled to the ground and handcuffed--all the while screaming "I am not a terrorist. I am not a criminal. I am a sick mother. I need help." What she got was the kind of help that I used to receive as a freshman during college fraternity hell week. Law enforcement officials contend that she was out of control and had to be restrained but witnesses interviewed by the family's attorney, Michael C. Manning, tell a different story that seems like a script from a T.J. Hooker episode. According to accounts in the New York Times "the police approached her, according to witnesses, made no effort to speak to her, calm her or assess the situation Two of them immediately took her to the ground." Gotbaum was taken off to a holding cell and left alone with her hands cuffed behind her back while she screamed to be released. After a period of 5-10 minutes (curiously, no one seems to be able to pin down the exact time in this case despite the fact that there was a death involved), and after she had stopped shouting, police looked into the holding cell and found Ms. Gotbaum with the metal chain used to attach the handcuffs to the cell bench stretched across her neck. She was unconscious and all attempts to revive her at this point failed. Her cause of death is still being investigated, but a private investigator who also attended the exam performed on Gotbaum by a private pathologist hired by the family stated that her body exhibited signs of "very serious trauma," including bruises and a mark on her neck from the metal chain. In other words, these are injuries not consistent with the description of events given by the Phoenix authorities. It is easy to just chalk this up as an isolated incident, but mounting evidence suggests that airport personnel have their reaction modes locked in the "overkill" position and the ferocity of their response seems to increase disproportionately as the perceived threatening or aggressive behaviour of a passengers decreases. Back in August a 41-year-old Australian citizen, Sophie Reynolds, disembarked from a commuter flight in Pittsburgh only to be immediately pulled aside by no less than three uniformed police officers. The fully-armed police were spring-loaded with threats of filing federal charges against her. Given the size of the police full-court press one would think she had threatened the crew and passengers on board with a 14-inch, razor-sharp Crocodile Dundee bush knife during the flight. But, nothing quite so dramatic was at hand. Reynolds's dreadful offence was that when she was told during the beverage service pretzels were not available her response was "fair dinkum," an Australian slang expression that means--in the vernacular of most US city dwellers--"for real?" US television watchers have only been exposed to this phrase for about 20 years--it having been one of the lines from Paul Hogan's adverts promoting Australian tourism in the 1980s. More recently it was used in 2003 by US President George Bush on a trip to Australia as a compliment to Australian PM John Howard. "I called him a 'man of steel,'" Bush said as he addressed the Parliament in Canberra. "That's Texan for 'fair dinkum.'" But the two concepts of "shoot first and ask questions later" and "you are guilty for no other reason than the fact you are a passenger" are too far engrained in the minds of those who work the airlines and police the airports for them to bothered with trying to comprehend cultural differences. The Delta flight attendant was so certain she had been cursed at with profane language that she radioed ahead to have the paddy wagon waiting at the gate. Reynolds was allowed to go free only after authorities had consulted with a "linguist expert" who confirmed her language was in no way offensive. What makes the plight of the average passenger even more frightening is the by-now famous "war on shampoo" liquids ban, which means passengers have no right to safeguard their health and administer life-saving medications. Last October the Australian carrier QANTAS apologised to a diabetic who fell into a coma after staff refused to let him take his insulin on board a flight from Auckland to Christchurch. Tui Russell, a 43-year-old Auckland-based chef, was told by check-in staff that he could not take the clearly-labeled medication on board because it was "dangerous." Without his insulin he suffered a severe attack on the flight and was hospitalised for two weeks after falling into a coma shortly before landing at Christchurch Airport. Auckland to Christchurch is a short--compared with international destinations--domestic flight within New Zealand. Were it a lengthier flight, it is doubtful he would have survived. The following month a Swedish woman, Lidia Holsten, went into allergic shock and lost consciousness for half an hour on a flight from Paris to Stockholm. The reason was that her medication had been taken away during a security check at boarding. Holsten's medicines were clearly labeled as prescriptions with her name printed on them, but were taken from her by personnel who only spoke French. The protestations she made to airport personnel that she suffered from severe asthma and that she needed her medication in-flight were ignored. "We don't speak the language and the airport staff refused to speak anything other than French. They only pointed at a sign, threw our things away in a bin," she recounted. You do not have to be an alarmist to come to the conclusion that the risks to the life and general well-being of passengers seem to increase every time the list of items that cannot be carried on, what cannot be said/done, etc., gets longer. Each new restriction seems to give the security services a renewed sense that all of the passenger's constitutional protections were suspended as soon as he or she walked into the terminal, so the usual rules do not apply. But this is only half of the story. While the rent-a-cops are confiscating your asthma meds, your child's baby formula, and that homecoming present of grandma's homemade preserves, just look at what they are missing: * March 5, 2007: A passenger packed 13 handguns, an automatic weapon, and eight pounds of marijuana in a suitcase and was able to board Delta flight 933 at Orlando International Airport bound for Puerto Rico. Puerto Rican police arrested Thomas Anthony Munoz, 22, as he was collecting his baggage at the Luis Munoz Marin International Airport in San Juan. A number of questions are raised by this incident--namely was Munoz's baggage X-ray scanned before it was loaded? Munoz, it turns out, was a customer service agent at the Delta subsidiary of Comair, a job that allowed him to work both the check-in counter and the area where aircraft are loaded and unloaded. Munoz, knowing the holes in the system, used his Comair Airlines identification card to sneak the weapons on board. The weapons had been paid for by an accomplice in Puerto Rico who had wire transferred the money to him in order to purchase the weapons. * October 25, 2006: Passengers waiting for the Naples-Milan early flight were told that the flight was delayed and then would be cancelled. Hysteria and anger ensued among the passengers, who were then told that the reason for the delay was that the airline crew, in their minibus on the way to the airport, had been held up and robbed. The passengers, who in any country are used to being lied to by airport personnel, thought this was another bogus excuse being put up by their failing national airline, Alitalia, and came fairly close to rioting. However, in this case the story was true. The entire crew had been robbed just before dawn by a gang of eight criminals, who made off with their watches and other valuables. Needless to say, if you can target, spot, and rob an airline crew on their way to the airport you can--in a classic terrorist scenario--also tie them up and leave them in a hotel room, take their uniforms and ID badges and cruise into the airport to do whatever damage you want. * October 27, 2006: Screeners at Newark Liberty International Airport failed 20 of 22 security tests conducted by undercover U.S. agents the week before, missing an array of concealed bombs and guns at checkpoints throughout the hub's three terminals, said federal security officials familiar with the results. "We can do better, and training is the path to improved performance," said Mark Hatfield Jr., Newark Airport's federal security director, declining to address specifics. (What a surprise.) "Test results are not a grade or a scorecard; they are a road map to perpetual improvement; any other characterisation is simply misleading. We have to challenge ourselves to do better every day and be relentless in that pursuit." (That makes me feel so much better.) No liquids, no gels, no creams, no toothpaste and no shampoo, but "bombs and guns, come on through," seems to be the message. But, my favourite detail of them all is that the famous liquid bomb plot that started in the UK and has made London/Heathrow (LHR) and other UK airports the most miserable on the planet turns out to have been a terrific farce. In December of last year a Pakistani judge ruled there is not enough evidence to try the key suspect in the alleged airline bomb plot on terrorism charges. The case of Rashid Rauf, a Briton, was moved from an anti-terrorism court to a regular court, where he faces lesser charges such as forgery. The BBC's Barbara Plett in Islamabad reported at the time that the judge's decision has reinforced the already widespread scepticism there about the airliner 'liquid explosive' plot. Several commentators stated that this threat was deliberately exaggerated to bolster the anti-terror credentials of Pakistani President Pervez Musharraf. Given that the threshold of what constitutes credible evidence in a place like Pakistan is much lower than it is in most western democracies "lack of evidence" means no evidence at all in this case. Also, in another tell-tale sign that the entire "plot" was a send-up designed to scare the public, British authorities have shown little interest in extraditing Rauf to the UK to actually question him themselves and act as though they hope everyone will forget who was the supposed "mastermind" of this plot in the first place. This theory is bolstered by what was discovered--or rather by what was not discovered--back home in jolly old England. After the liquid bomb plot scare broke at LHR, the Thames Valley police spent five months combing the woods near High Wycombe--where the liquid bomb-making materials were supposed to have been hidden--and never found anything. The exercise was so fruitless and the basis for that search apparently so unfounded that the Thames Valley department told the UK Home Office on December 12, 2006, that they would discontinue their activity unless the central government was prepared to pick up the costs for all of their extra manpower overtime and resources expended. Apparently, they see no benefit in continuing to try and locate any evidence of these liquid explosives. Which says that the view of local UK law enforcement is that this liquid bomb plot was a myth to begin with. Police departments tend to not take real threats to public safety lightly and have been known to deploy countless personnel for weeks to find one, single murderer. When the terror plot originally was "unmasked" it was billed as a plan for carnage several times worse than the 9/11 attacks. Thus, it strains credibility to believe that the Thames Valley authorities would think of abandoning their search for even a second if they thought this liquid bomb plan had turned out to be anything other than a complete red herring. Simply put, the War on Shampoo seems to have had little effect other than to make the life of the post-9/11air traveller even more miserable than it already was. One wonders why the no liquids ban remains in place. But, I am not the only one asking that question. Some EU officials feel the same way. The European Parliament has called the security measures for carry-on luggage at European airports "arbitrary." London airports are the worst offenders here, having instituted a one carry-on only rule that no one in UK officialdom will now own up to having ordered in the first place. EU officials have also criticised how the rules were implemented and question their necessity. The issue of transit passengers having duty free goods confiscated at connecting airports in the EU has also come under scrutiny. European Parliament Deputies (MEPs) warned that "Brussels" is responsible for "lakes of perfume and whisky" and piles of shaving foam, toothpaste, and lipstick building up at European airports. Some reports indicate as much as 20 tonnes of duty free goods are confiscated weekly at Frankfurt, 1,500 liters of alcohol and perfume at Amsterdam and 10,000 items a week at Madrid. MEPs also challenged the democratic legitimacy and accountability of the Commission regulation, some of which is kept secret. I keep looking for a silver lining in this story, but I cannot find one. The air travel industry is one of the most strategically important businesses worldwide and yet our government institutions seem to be doing their best to sabotage it. Airlines last month in the United States had some of their worst on-time performance yet, personnel are quitting in droves, and the well-heeled businessmen (who generate most of the revenues for the airlines) keep finding ways to escape airline hell. One of the biggest selling products now is a new line of mini business jets, the Phenom models, made by Brazil's Embraer. Business travelers can now fly from one municipal airport to another on one of these small minijets and bypass the whole sippy-cup Gestapo. This is fine for them, but it spells doom for the airlines. You cannot make enough money to keep an airline running if you are never on time and your only passengers are the people flying on bargain fares. Some of the big European carriers have their own problems. Internationally, people have already begun to shun the UK airports and other major hubs that have become impossible to transit through and are clogged with passengers forced to undergo increased security checks and scrutiny, but with no increase in personnel or equipment to process them. "We are no longer the hub of Europe, a blind man could see it," said a British Airways ground services agent on one my last flights through LHR. "People are fed up with the way they are being treated here." I have a lot of friends who ask me--as an almost constant international air traveller--how I feel about flying in the post-9/11 world. My answer is, "no, I am not any more afraid of flying than before, but I am a lot more afraid of what can happen to me on the ground in an airport than I could ever have previously imagined." One hopes that some of this will change before the air travel system worldwide becomes completely broken, but at present I see little cause for optimism. Reuben F. Johnson, a defense and aerospace correspondent for THE WEEKLY STANDARD, was a 13-year Gold Card holder with British Airways until he decided he could not tolerate another flight through London/Heathrow. ? Copyright 2007, News Corporation, Weekly Standard, All Rights Reserved. From rforno at infowarrior.org Wed Oct 10 13:16:00 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2007 09:16:00 -0400 Subject: [Infowarrior] - Dragonfly or Insect Spy? Scientists at Work on Robobugs. Message-ID: The mesh/net/matrix of surveillance expands even further.....but no, we're not creating a nation of paranoid citizens, are we? -rf Dragonfly or Insect Spy? Scientists at Work on Robobugs. By Rick Weiss Washington Post Staff Writer Tuesday, October 9, 2007; A03 http://www.washingtonpost.com/wp-dyn/content/article/2007/10/08/AR2007100801 434_pf.html Vanessa Alarcon saw them while working at an antiwar rally in Lafayette Square last month. "I heard someone say, 'Oh my god, look at those,' " the college senior from New York recalled. "I look up and I'm like, 'What the hell is that?' They looked kind of like dragonflies or little helicopters. But I mean, those are not insects." Out in the crowd, Bernard Crane saw them, too. "I'd never seen anything like it in my life," the Washington lawyer said. "They were large for dragonflies. I thought, 'Is that mechanical, or is that alive?' " That is just one of the questions hovering over a handful of similar sightings at political events in Washington and New York. Some suspect the insectlike drones are high-tech surveillance tools, perhaps deployed by the Department of Homeland Security. Others think they are, well, dragonflies -- an ancient order of insects that even biologists concede look about as robotic as a living creature can look. No agency admits to having deployed insect-size spy drones. But a number of U.S. government and private entities acknowledge they are trying. Some federally funded teams are even growing live insects with computer chips in them, with the goal of mounting spyware on their bodies and controlling their flight muscles remotely. The robobugs could follow suspects, guide missiles to targets or navigate the crannies of collapsed buildings to find survivors. The technical challenges of creating robotic insects are daunting, and most experts doubt that fully working models exist yet. "If you find something, let me know," said Gary Anderson of the Defense Department's Rapid Reaction Technology Office. But the CIA secretly developed a simple dragonfly snooper as long ago as the 1970s. And given recent advances, even skeptics say there is always a chance that some agency has quietly managed to make something operational. "America can be pretty sneaky," said Tom Ehrhard, a retired Air Force colonel and expert in unmanned aerial vehicles who is now at the Center for Strategic and Budgetary Assessments, a nonprofit Washington-based research institute. Robotic fliers have been used by the military since World War II, but in the past decade their numbers and level of sophistication have increased enormously. Defense Department documents describe nearly 100 different models in use today, some as tiny as birds, and some the size of small planes. All told, the nation's fleet of flying robots logged more than 160,000 flight hours last year -- a more than fourfold increase since 2003. A recent report by the U.S. Army Command and General Staff College warned that if traffic rules are not clarified soon, the glut of unmanned vehicles "could render military airspace chaotic and potentially dangerous." But getting from bird size to bug size is not a simple matter of making everything smaller. "You can't make a conventional robot of metal and ball bearings and just shrink the design down," said Ronald Fearing, a roboticist at the University of California at Berkeley. For one thing, the rules of aerodynamics change at very tiny scales and require wings that flap in precise ways -- a huge engineering challenge. Only recently have scientists come to understand how insects fly -- a biomechanical feat that, despite the evidence before scientists' eyes, was for decades deemed "theoretically impossible." Just last month, researchers at Cornell University published a physics paper clarifying how dragonflies adjust the relative motions of their front and rear wings to save energy while hovering. That kind of finding is important to roboticists because flapping fliers tend to be energy hogs, and batteries are heavy. The CIA was among the earliest to tackle the problem. The "insectothopter," developed by the agency's Office of Research and Development 30 years ago, looked just like a dragonfly and contained a tiny gasoline engine to make the four wings flap. It flew but was ultimately declared a failure because it could not handle crosswinds. Agency spokesman George Little said he could not talk about what the CIA may have done since then. The Office of the Director of National Intelligence, the Department of Homeland Security and the Secret Service also declined to discuss the topic. Only the FBI offered a declarative denial. "We don't have anything like that," a spokesman said. The Defense Department is trying, though. In one approach, researchers funded by the Defense Advanced Research Projects Agency (DARPA) are inserting computer chips into moth pupae -- the intermediate stage between a caterpillar and a flying adult -- and hatching them into healthy "cyborg moths." The Hybrid Insect Micro-Electro-Mechanical Systems project aims to create literal shutterbugs -- camera-toting insects whose nerves have grown into their internal silicon chip so that wranglers can control their activities. DARPA researchers are also raising cyborg beetles with power for various instruments to be generated by their muscles. "You might recall that Gandalf the friendly wizard in the recent classic 'Lord of the Rings' used a moth to call in air support," DARPA program manager Amit Lal said at a symposium in August. Today, he said, "this science fiction vision is within the realm of reality." A DARPA spokeswoman denied a reporter's request to interview Lal or others on the project. The cyborg insect project has its share of doubters. "I'll be seriously dead before that program deploys," said vice admiral Joe Dyer, former commander of the Naval Air Systems Command, now at iRobot in Burlington, Mass., which makes household and military robots. By contrast, fully mechanical micro-fliers are advancing quickly. Researchers at the California Institute of Technology have made a "microbat ornithopter" that flies freely and fits in the palm of one's hand. A Vanderbilt University team has made a similar device. With their sail-like wings, neither of those would be mistaken for insects. In July, however, a Harvard University team got a truly fly-like robot airborne, its synthetic wings buzzing at 120 beats per second. "It showed that we can manufacture the articulated, high-speed structures that you need to re-create the complex wing motions that insects produce," said team leader Robert Wood. The fly's vanishingly thin materials were machined with lasers, then folded into three-dimensional form "like a micro-origami," he said. Alternating electric fields make the wings flap. The whole thing weighs just 65 milligrams, or a little more than the plastic head of a push pin. Still, it can fly only while attached to a threadlike tether that supplies power, evidence that significant hurdles remain. In August, at the International Symposium on Flying Insects and Robots, held in Switzerland, Japanese researchers introduced radio-controlled fliers with four-inch wingspans that resemble hawk moths. Those who watch them fly, its creator wrote in the program, "feel something of 'living souls.' " Others, taking a tip from the CIA, are making fliers that run on chemical fuels instead of batteries. The "entomopter," in early stages of development at the Georgia Institute of Technology and resembling a toy plane more than a bug, converts liquid fuel into a hot gas, which powers four flapping wings and ancillary equipment. "You can get more energy out of a drop of gasoline than out of a battery the size of a drop of gasoline," said team leader Robert Michelson. Even if the technical hurdles are overcome, insect-size fliers will always be risky investments. "They can get eaten by a bird, they can get caught in a spider web," said Fearing of Berkeley. "No matter how smart you are -- you can put a Pentium in there -- if a bird comes at you at 30 miles per hour there's nothing you can do about it." Protesters might even nab one with a net -- one of many reasons why Ehrhard, the former Air Force colonel, and other experts said they doubted that the hovering bugs spotted in Washington were spies. So what was seen by Crane, Alarcon and a handful of others at the D.C. march -- and as far back as 2004, during the Republican National Convention in New York, when one observant but perhaps paranoid peace-march participant described on the Web "a jet-black dragonfly hovering about 10 feet off the ground, precisely in the middle of 7th avenue . . . watching us"? They probably saw dragonflies, said Jerry Louton, an entomologist at the National Museum of Natural History. Washington is home to some large, spectacularly adorned dragonflies that "can knock your socks off," he said. At the same time, he added, some details do not make sense. Three people at the D.C. event independently described a row of spheres, the size of small berries, attached along the tails of the big dragonflies -- an accoutrement that Louton could not explain. And all reported seeing at least three maneuvering in unison. "Dragonflies never fly in a pack," he said. Mara Verheyden-Hilliard of the Partnership for Civil Justice said her group is investigating witness reports and has filed Freedom of Information Act requests with several federal agencies. If such devices are being used to spy on political activists, she said, "it would be a significant violation of people's civil rights." For many roboticists still struggling to get off the ground, however, that concern -- and their technology's potential role -- seems superfluous. "I don't want people to get paranoid, but what can I say?" Fearing said. "Cellphone cameras are already everywhere. It's not that much different." From rforno at infowarrior.org Thu Oct 11 00:57:09 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 10 Oct 2007 20:57:09 -0400 Subject: [Infowarrior] - NSA's Lucky Break: How the U.S. Became Switchboard to the World Message-ID: NSA's Lucky Break: How the U.S. Became Switchboard to the World By Ryan Singel Email 10.10.07 | 2:00 PM http://www.wired.com/politics/security/news/2007/10/domestic_taps A lucky coincidence of economics is responsible for routing much of the world's internet and telephone traffic through switching points in the United States, where, under legislation introduced this week, the U.S. National Security Agency will be free to continue tapping it. Leading House Democrats introduced the so-called RESTORE Act (.pdf) Tuesday that allows the nation's spies to maintain permanent eavesdropping stations inside United States switching centers. Telecom and internet experts interviewed by Wired News say the bill will give the NSA legal access to a torrent of foreign phone calls and internet traffic that travels through American soil on its way someplace else. But contrary to recent assertions by Bush administration officials, the amount of international traffic entering the United States is dropping, not increasing, experts say. International phone and internet traffic flows through the United States largely because of pricing models established more than 100 years ago in the International Telecommunication Union to handle international phone calls. Under those ITU tariffs, smaller and developing countries charge higher fees to accept calls than the U.S.-based carriers do, which can make it cheaper to route phone calls through the United States than directly to a neighboring country. "Carriers shop around for the best price for termination," says Stephan Beckert, the research director at Telegeography, a communications-traffic research firm. The United States, where the internet was invented, was also home to the first internet backbone. Combine that architectural advantage with the pricing disparity inherited from the phone networks, and the United States quickly became the center of cyberspace as the internet gained international penetration in the 1990s. In those early days, internet traffic from one Asian country often bounced through the first West Coast internet-exchange point, the San Jose-based MAE West, says Bill Woodcock, the research director for Packet Clearing House, which helps create packet-exchange points around the world. While nobody outside the intelligence community knows the exact volume of international telephone and internet traffic that crosses U.S. borders, experts agree that it bounces off a handful of key telephone switches and perhaps a dozen IXPs in coastal cities near undersea fiber-optic cable landings, particularly Miami, Los Angeles, New York and the San Francisco Bay Area. Miami sees most of the internet traffic between South America and the rest of the world, including traffic passing from one South American country to another, says Bill Manning, the managing partner of ep.net. "Basically they backhaul to the United States, do the switch and haul it back down since (it's) cheaper than crossing their international borders." And some internet traffic traveling from Asia to Europe still crosses the entire breadth of the United States, entering in Los Angeles and exiting in New York, says Woodcock. For voice traffic, the NSA could scoop up an astounding amount of telephone calls by simply choosing the right facilities, according to Beckert, though he says NSA officials "make a big deal out of naming them." "There are about three or four buildings you need to tap," Beckert says. "In L.A. there is 1 Wilshire; in New York, 60 Hudson, and in Miami, the NAP of the Americas." The United States' role as an international communications hub came at a convenient time for the National Security Agency, which in the 1990s began confronting a world moving away from easily-intercepted microwave and satellite communications, and toward fiber optics, which are difficult and expensive to tap. Press leaks in recent months have revealed that the NSA began tapping the U.S. communications hubs for purely international traffic shortly after 9/11, at the same time that it began monitoring communications between U.S. citizens and foreigners as part of the Terrorist Surveillance Program. After the Democrats took over Congress in 2007, the administration put the NSA surveillance programs under the supervision of a secretive spying court, which ruled shortly thereafter that wiretapping U.S.-based facilities without a warrant was illegal, even for the purpose of harvesting foreign communications. In August, Congress granted the NSA "emergency" temporary powers to continue the surveillance, which are set to expire in February. The RESTORE Act (the Responsible Electronic Surveillance That is Overseen Reviewed and Effective Act of 2007) is the Democrat's effort to extend that power indefinitely, while including some safeguards against abuse. It would legalize both the foreign-to-foreign intercepts, and the domestic-to-foreign surveillance associated with the Terrorist Surveillance Program. The bill enjoys wide support in the House, but on Wednesday President Bush vowed to veto any surveillance legislation that doesn't extend retroactive legal immunity to telephone companies who cooperated in the NSA's domestic surveillance before it was legalized -- a provision absent from the RESTORE Act. AT&T, which is facing a class-action lawsuit for allegedly wiretapping the internet on behalf of the NSA, is reportedly among the companies lobbying hard for immunity. Experts say that, even with a stamp of approval from Congress, the growth of international communications networks will eventually rob the NSA of its home-field advantage in inspecting foreign communications. "The creation of alternative paths are starting to challenge the dominant position the U.S. has," Manning says, adding that the changes will not be welcomed by U.S. intelligence services. Exchanges in Hong Kong and London are emerging as local hubs for Asian and European traffic, while new fiber cables running north and south from Japan around to Europe will divert traffic from the trans-America route. Meanwhile, more countries are building their own internal internet exchanges. "Because the decisions are made by the private sector, you're always going to go the direction where you have the cheapest fiber," Woodcock says. "That's likely to be through the U.S. for a while yet, (but) that's changing as more and more fiber gets installed around South Asia." Manning points to South Africa as an example of how countries are creating their own internet exchanges. "In South Africa for a long time, ISPs didn't talk to each other and would backhaul traffic to the U.S. or Europe," Manning said. "What they have done in last 10 years, they have built local exchange points and fixed regulatory conditions to allow cross exchange of traffic." The trend may leave U.S. spooks longing for a simpler time; like 1992, when the first -- and at the time, only -- internet exchange point, called MAE-East, was erected in Washington D.C. "All the traffic in the world went through Washington," Woodcock says. "But it was coincidence that it was Washington, more or less, and it was private-sector. And it probably wasn't tapped for at least a couple of years." From rforno at infowarrior.org Thu Oct 11 12:15:28 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2007 08:15:28 -0400 Subject: [Infowarrior] - DHS offers baseline for U.S. IT security skills In-Reply-To: Message-ID: DHS offers baseline for U.S. IT security skills http://www.fcw.com/online/news/150457-1.html By Brian Robinson October 10, 2007 The Homeland Security Department recently published a draft of a framework of knowledge and skills it believes the United States needs to prevent cyberattacks. Development of the IT Security Essential Body of Knowledge (EBK) began in 2003, when the DHS National Cyber Security Division (NCSD) began working with the Defense Department, academia and private industry to examine workforce IT certifications and what would be needed to advance security skills. Starting with the DODs Information Assurance Skill Standards document, which had goals considered close to those for the national workforce, the NCSD development team isolated what it considered the core IT security competencies. It then compared those with other domain-based IT security models to come up with a list of 14 key competencies to cover all public and private security roles and functions. The EBK contains the key terms and concepts from all of those competencies that NCSD officials feel individuals in at least some IT security roles should know. The EBK is not an additional set of guidelines that DHS believes organizations should follow, said Greg Garcia, DHS assistant secretary for cybersecurity and communications, in comments included with the recent Federal Register announcement of the EBK draft. It is also not intended to represent a directive from DHS, he said. The intent is for the document it to help advance the IT security training and certification landscape as we strive to ensure that we have the most qualified and appropriately trained IT security workforce possible, he said. The public can comment on EBK through the Federal Register notice. Those comments will build on initial reviews by working groups and role-based focus groups prior to the documents final publication. The deadline for those comments is Dec. 7. From rforno at infowarrior.org Thu Oct 11 17:38:43 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2007 13:38:43 -0400 Subject: [Infowarrior] - AT&T backpedals, updates internet TOS Message-ID: T&T backpedals, updates internet TOS http://www.electronista.com/print/48029 AT&T on Thursday clarified its disconcerting internet terms-of-service, completely reversing its stance with a much more progressive policy that it says underscores "the company's commitment to freedom of speech and open dialogue...whether that be via the Internet or elsewhere on the AT&T network." The world's largest telecom company -- and US largest wireless carrier -- apologized for the confusion and reiterated it would not terminate or suspend a customers' Internet access service based upon their political views or criticism of AT&T. Previously, the company TOS said the company could terminate service for any behavior it deemed detrimental to the company or subsidiaries, as noted earlier this month by weblog Gizmodo: 5.1 Suspension/Termination...AT&T may immediately terminate or suspend all or a portion of your Service, any Member ID, electronic mail address, IP address, Universal Resource Locator or domain name used by you, without notice, for conduct that AT&T believes...(c) tends to damage the name or reputation of AT&T, or its parents, affiliates and subsidiaries. AT&T said that its Terms of Service and Acceptable Use Policy is designed to protect its customers, the public, and our network, reserving the right to suspend service for violations of the law, network integrity or security concerns, falsification of billing or service info, or abusive or safety-threatening actions. The new, updated language is designed to step-around the First Amendment's freedom of speech: 5.1 Suspension/Termination. AT&T respects freedom of expression and believes it is a foundation of our free society to express differing points of view. AT&T will not terminate, disconnect or suspend service because of the views you or we express on public policy matters, political issues or political campaigns. However, AT&T may immediately terminate or suspend all or a portion of your Service, any Member ID, electronic mail address, IP address, Universal Resource Locator or domain name used by you, without notice, for conduct that AT&T believes (a) violates the Acceptable Use Policy; or (b) constitutes a violation of any law, regulation or tariff (including, without limitation, copyright and intellectual property laws) or a violation of these TOS, or any applicable policies or guidelines. Your Service may be suspended or terminated if your payment is past due and such condition continues un-remedied for thirty (30) days. Termination or suspension by AT&T of Service also constitutes termination or suspension (as applicable) of your license to use any Software. AT&T may also terminate or suspend your Service if you provide false or inaccurate information that is required for the provision of Service or is necessary to allow AT&T to bill you for Service. The revision was a product of bad publicity that circulated on the internet following the reports of the egregious internet TOS. "We feel that the clarifying language better reflects our actual long-held policy, which respects AT&T's customers' rights to freely voice their opinions and concerns," the company said in a statement. "In addition, we are in the process of reviewing our entire Terms of Service to ensure it reflects AT&T's ongoing and unblemished commitment to freedom of expression as outlined in the language above." From rforno at infowarrior.org Fri Oct 12 02:34:14 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2007 22:34:14 -0400 Subject: [Infowarrior] - Documents: Qwest was targeted by NSA Message-ID: Documents: Qwest was targeted 'Classified info' was not allowed at ex-CEO's trial By Sara Burnett And Jeff Smith, Rocky Mountain News October 11, 2007 http://www.rockymountainnews.com/drmn/tech/article/0,2777,DRMN_23910_5719566 ,00.html The National Security Agency and other government agencies retaliated against Qwest because the Denver telco refused to go along with a phone spying program, documents released Wednesday suggest. The documents indicate that likely would have been at the heart of former CEO Joe Nacchio's so-called "classified information" defense at his insider trading trial, had he been allowed to present it. The secret contracts - worth hundreds of millions of dollars - made Nacchio optimistic about Qwest's future, even as his staff was warning him the company might not make its numbers, Nacchio's defense attorneys have maintained. But Nacchio didn't present that argument at trial. The documents suggest U.S. District Judge Edward Nottingham refused to allow Nacchio to present the argument about retaliation. Nottingham also said Nacchio would have to take the stand to raise the classified defense. Prosecutors have said they were prepared to poke holes in Nacchio's classified defense. Nacchio was convicted last spring on 19 counts of insider trading for $52 million of stock sales in April and May 2001, and sentenced to six years in prison. He's free pending appeal. The partially redacted documents were filed under seal before, during and after Nacchio's trial. They were released Wednesday. Nacchio planned to demonstrate at trial that he had a meeting on Feb. 27, 2001, at NSA headquarters at Fort Meade, Md., to discuss a $100 million project. According to the documents, another topic also was discussed at that meeting, one with which Nacchio refused to comply. The topic itself is redacted each time it appears in the hundreds of pages of documents, but there is mention of Nacchio believing the request was both inappropriate and illegal, and repeatedly refusing to go along with it. The NSA contract was awarded in July 2001 to companies other than Qwest. USA Today reported in May 2006 that Qwest, unlike AT&T and Verizon, balked at helping the NSA track phone calling patterns that may have indicated terrorist organizational activities. Nacchio's attorney, Herbert Stern, confirmed that Nacchio refused to turn over customer telephone records because he didn't think the NSA program had legal standing. In the documents, Nacchio also asserts Qwest was in line to build a $2 billion private government network called GovNet and do other government business, including a network between the U.S. and South America. The documents maintain that Nacchio met with top government officials, including President Bush, Vice President Dick Cheney and then-National Security Adviser Condoleeza Rice in 2000 and early 2001 to discuss how to protect the government's communications network. They portray U.S. government officials, even before the Sept. 11 terrorist attacks, worried about a "Pearl Harbor" type of attack on the Internet. As early as 1997, a three-star general talked to Nacchio about using Qwest's new fiber-optic network for government purposes, according to the defense. One key meeting with a government official was held at Qwest founder Phil Anschutz's ranch near Greeley, with former Chief Financial Officer Robin Szeliga prevented from attending presumably because she lacked security clearance. Nacchio was on a Bush-appointed national security telecommunications advisory panel. In March 2001, then-counter-terrorism adviser Richard Clarke asked the panel if it would be possible to build a private network for the government to protect it from cyberwarfare. Nacchio piped up: "I already built this network twice" for other government agencies. The defense asserts Nacchio believed Qwest would be asked to build the network and that it could do so in six months. But the contract didn't materialize. Looking ahead DATES SET Government's response to Nacchio's appeal brief is due Nov. 9. Nacchio could choose to file a reply to the government's brief by Nov. 20. Oral arguments at the 10th Circuit Court of Appeals are scheduled for Dec. 18 in Denver. In the meantime, Nacchio is free pending appeal. APPELLATE COURT OPTIONS ? Uphold conviction (Nacchio could appeal to Supreme Court) ? Uphold conviction, reduce six-year sentence. (Nacchio could appeal to Supreme Court). ? Overturn conviction because evidence was insufficient to convict ? Order new trial based on errors made by U.S. District Judge Edward Nottingham. EXCERPTS FROM NACCHIO'S APPELLATE BRIEF ? "The indictment, trial and conviction of Joseph P. Nacchio took place in an atmosphere of prejudgment and vitriol." ? "Many shareholders lost paper fortunes, employees lost jobs as the company downsized, and all demanded someone to blame." ? "After years of investigation, prosecutors apparently concluded that they could not prove any crime based on the accounting restatement, and settled on insider trading." ? "This is an unprecedented prosecution. The extraordinary charges here are based on the claim that Nacchio knew, eight months or more in advance, that Qwest might not make its year-end 2001 financial projections." ? "The prosecution yoked an unprecedented theory to plainly insufficient facts, and hoped, in a bitter and vindictive atmosphere, that it would be enough to win a conviction from a Denver jury. It was." From rforno at infowarrior.org Fri Oct 12 02:36:18 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 11 Oct 2007 22:36:18 -0400 Subject: [Infowarrior] - FCC weighs decision on Net access charges Message-ID: FCC weighs decision on Net access charges By Reuters http://www.news.com/FCC-weighs-decision-on-Net-access-charges/2100-1034_3-62 12892.html Story last modified Thu Oct 11 06:09:00 PDT 2007 U.S. regulators are expected to decide Thursday whether to grant a request by AT&T to lift some regulations that govern what it can charge rivals for access to its high-speed Internet lines. The Federal Communications Commission is facing a deadline of midnight on Thursday to rule on a petition by AT&T to scale back the regulations. Analysts have said the commission could rule at the same time on a similar petition by Qwest Communications International, whose request was put on hold by the agency last month. The FCC eased the same regulations on Verizon Communications last year. Verizon's petition was not approved by the agency, but went into effect when one of the commissioners was recused and the remaining four deadlocked. All the requests have been strongly opposed by smaller rivals such as Sprint Nextel, Time Warner Telecommunications and XO Communications. These competitors argue that they have few alternatives to get access to the high-speed lines they need, and are being charged more and more by the dominant carriers. Some commissioners and lawmakers on Capitol Hill have also expressed concerns about easing the regulations on AT&T at a time when the FCC is studying a whether to reimpose similar restrictions on the business services offered by the major U.S. phone carriers. But Verizon and AT&T counter that the market for high-speed access has been growing more competitive and that prices have been declining. Analysts say the five-member FCC is split over the issue between Republicans and Democrats. One of the three Republicans, Robert McDowell, holds the swing vote. "He has played his cards very close to the vest," one source close to the matter said. Story Copyright ? 2007 Reuters Limited. All rights reserved. From rforno at infowarrior.org Fri Oct 12 11:52:23 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2007 07:52:23 -0400 Subject: [Infowarrior] - DHS Noting Union Affiliation Of Air Travelers Is Protested Message-ID: DHS Noting Union Affiliation Of Air Travelers Is Protested By Ellen Nakashima Washington Post Staff Writer Friday, October 12, 2007; Page D03 http://www.washingtonpost.com/wp-dyn/content/article/2007/10/11/AR2007101102 403.html?nav=hcmodule U.S. labor leaders have written a biting letter to Homeland Security Secretary Michael Chertoff, voicing concerns that the government is collecting labor union data on airline passengers flying to the United States from Europe to determine whether they pose a terrorism risk. As part of an agreement reached in July between the United States and European Union, airlines are required to provide personal data on millions of U.S.-bound passengers, such as names and credit card information. European negotiators won restrictions on the use of such sensitive information as religion, sexual orientation and union membership. Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post. But the Passenger Name Record Agreement states that that data can be used in exceptional cases, "where the life of a data subject or of others could be imperiled or seriously impaired," such as in a counterterrorism investigation. "We agree with the department's objective to identify those representing a genuine threat, but we categorically reject the notion that union membership has any bearing on this determination," AFL-CIO President John J. Sweeney and Edward Wytkind, president of the AFL-CIO's Transportation Trades Department, wrote in a letter dated yesterday. "Even the suggestion that union membership is somehow indicative of a threat to security is offensive to the millions of workers we are proud to represent." Sweeney and Wytkind said they were "extremely troubled" by an agreement that anticipates the transfer of such data. They asked Chertoff to state that the Department of Homeland Security will not collect such data. Department spokesman Russ Knocke said information on union membership is not collected. "It's an egregious assertion without any merit," he said. "This information simply does not go into data fields. That information is shielded out." In a letter to European Union Council President Luis Amado in July, Chertoff said that the use of any sensitive data in exceptional cases would be logged and that after the purpose for its use is accomplished, the data would be destroyed within 30 days. He said that if such information is not used, the department "promptly" deletes it. In an interview, Wytkind said the unions' concerns extend beyond the possibility that union membership data will be collected to the fact that Homeland Security has said the European agreement would be a template for agreements with other nations. "We're going to try to nip this before it becomes embedded in all future bilateral agreements," he said. Civil libertarians said sharing information gathered under the July agreement without appropriate safeguards poses privacy risks. From rforno at infowarrior.org Fri Oct 12 12:14:01 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2007 08:14:01 -0400 Subject: [Infowarrior] - NSA Domestic Surveillance Began 7 Months Before 9/11, Convicted Qwest CEO Claims Message-ID: NSA Domestic Surveillance Began 7 Months Before 9/11, Convicted Qwest CEO Claims By Ryan Singel EmailOctober 11, 2007 | 6:20:59 PMCategories: NSA follow qwest down the rabbit holeDid the NSA's massive call records database program pre-date the terrorist attacks of 9/11? That startling allegation is in court documents released this week which show that former Qwest CEO Joseph Nacchio -- the head of the only company known to have turned down the NSA's requests for Americans' phone records -- tried, unsuccessfully, to argue just that in his defense against insider trading charges. Nacchio was sentenced to 6 years in prison in 2007 after being found guilty of illegally selling shares based on insider information that the company's fortunes were declining. Nacchio unsuccessfully attempted to defend himself by arguing that he actually expected Qwest's 2001 earnings to be higher because of secret NSA contracts, which, he contends, were denied by the NSA after he declined in a February 27, 2001 meeting to give the NSA customer calling records, court documents released this week show. < - > http://blog.wired.com/27bstroke6/2007/10/nsa-asked-for-p.html From rforno at infowarrior.org Fri Oct 12 12:16:10 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2007 08:16:10 -0400 Subject: [Infowarrior] - Reporters Without Borders report on China Internet Censorship Message-ID: A ?Journey to the Heart of Internet censorship? on eve of party congress http://www.rsf.org/article.php3?id_article=23924 In partnership with Reporters Without Borders and Chinese Human Rights Defenders, a Chinese Internet expert working in IT industry has produced an exclusive study on the key mechanism of the Chinese official system of online censorship, surveillance and propaganda. The author prefers to remain anonymous. On the eve of the 17th National Congress of the Chinese Communist Party (CCP), which opens this week in Beijing, Reporters Without Borders and the Chinese Human Rights Defenders call on the government to allow the Chinese to exercise their rights to freedom of press, expression and information. ?This system of censorship is unparalleled anywhere in the world and is an insult to the spirit of online freedom,? the two organisations said. ?With less than a year to go before the Beijing Olympics, there is an urgent need for the government to stop blocking thousands of websites, censoring online news and imprisoning Internet activists.? This report shows how the CCP and the government have deployed colossal human and financial resources to obstruct online free expression. Chinese news websites and blogs have been brought under the editorial control of the propaganda apparatus at both the national and local levels. The use of the Internet keeps growing in China. The country now has more than 160 million Internet users and at least 1.3 million websites. But the Internet?s promise of free expression and information has been nipped in the bud by the Chinese government?s online censorship and surveillance system. ?Journey to the Heart of Internet Censorship? explains how this control system functions and identifies its leading actors such the Internet Propaganda Administrative Bureau (an offshoot of the Information Office of the State Council, the executive office of the government), the Bureau of Information and Public Opinion (an offshoot of the party?s Publicity Department, the former Propaganda Department) and the Internet Bureau (another Publicity Department offshoot). The report also documents how the Beijing Internet Information Administrative Bureau has in practice asserted its daily editorial control over the leading news websites based in the nation?s Capital. It gives many examples of the actual instructions issued by officials in charge of this bureau. The last part of the report gives the results of a series of tests conducted with the mechanism of control through filtering keywords. These tests clearly show that, though there are still many disparities in the levels of censorship, the authorities have successfully coerced the online media into submission to censor themselves heavily on sensitive subjects. This report recommends using proxy servers, exploiting the different levels of censorship between provinces or between levels in the administration and using new Internet technologies (blogs, discussion forums, Internet telephony etc.) Download the full report http://www.rsf.org/article.php3?id_article=23924 From rforno at infowarrior.org Fri Oct 12 12:18:05 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2007 08:18:05 -0400 Subject: [Infowarrior] - Latest U.S. Strategy adds cybersecurity focus Message-ID: Latest U.S. Strategy adds cybersecurity focus Published: 2007-10-11 http://www.securityfocus.com/brief/605 The Bush Administration highlighted the importance of securing the government's and private sector's use of the Internet in the fight against terrorism with its latest National Strategy for Homeland Security published on Wednesday. The 53-page document, unveiled at a White House ceremony, builds on the first National Strategy for Homeland Security published in 2002, calling out the overarching and varied nature of threats to cyberspace. The document, which sets out the Administration's approach to combatting terrorism in the United States, emphasized that most of the services that Americans rely on are in some way affected by the Internet. "Terrorists increasingly exploit the Internet to communicate, proselytize, recruit, raise funds, and conduct training and operational planning," the Strategy states. "Hostile foreign governments have the technical and financial resources to support advanced network exploitation and launch attacks on the informational and physical elements of our cyber infrastructure. Criminal hackers threaten our Nation?s economy and the personal information of our citizens, and they also could pose a threat if wittingly or unwittingly recruited by foreign intelligence or terrorist groups." Two weeks ago, a video reportedly leaked by officials at the Department of Homeland Security showed a staged test that demonstrated the potential impact of a cyberattack on an electrical generator. While the DHS has been criticized in the past for giving short shrift to cybersecurity, the latest Strategy appears to recognize the importance of the Internet on the health of critical infrastructure. However, the document also made the case for the Bush Administration's assertions that more widespread surveillance powers are necessary in the age of the Internet. Facing criticism over its warrantless surveillance program, President Bush argued that new legislation must be passed to grant intelligence agents the ability to secretively monitor conversations between foreign citizens and Americans. "The final bill must meet certain criteria: It must give our intelligence professionals the tools and flexibility they need to protect our country," President Bush said in a prepared statement. "It must keep the intelligence gap firmly closed, and ensure that protections intended for the American people are not extended to terrorists overseas who are plotting to harm us. And it must grant liability protection to companies who are facing multi-billion-dollar lawsuits only because they are believed to have assisted in the efforts to defend our nation following the 9/11 attacks." From rforno at infowarrior.org Fri Oct 12 16:10:09 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2007 12:10:09 -0400 Subject: [Infowarrior] - Air Force to get "cyber sidearms" In-Reply-To: Message-ID: "Cyber sidearms?" Dear gods, I can't believe this was actually used in an official statement by someone charged with information protection. Are we reduced to coining new pithy phrases to describe traditional information security tools? As if by doing so they'll become any more effective, or effectively-used? (don't answer that) I wonder....if a screen-capture program = a cyber sidearm, does that mean that an antivirus program is a cyber nightstick? The possibilities for pithy-but-meaningless nomenclature is endless, no? Excuse me while I grumble in private for a bit. :( -rf ------ Forwarded Message Air Force to get "cyber sidearms" http://www.fcw.com/online/news/150483-1.html By Sebastian Sprenger October 11, 2007 The Air Force will soon give service members working on networks a new tool to help detect cyberattacks, service officials said. The cyber sidearm is intended to be a simple way for service members to quickly alert others to potential security breaches, said Lt. Gen. Robert Elder, commander of the 8th Air Force. The tool could be a small piece of software installed on Air Force computers or it could be a simple mechanism for taking a screenshot and relaying it to security experts, said Maj. Gen. William Lord, who will soon take command of the Air Forces provisional Cyber Command. In an interview this week, Lord said service officials have not made a final decision about which technology they will use for the program. Elder said service leaders will stage fake threats to practice using the cyber sidearm. Service members will receive points when they use the tool appropriately and lose points when they fail to act on a simulated threat, he said during a panel discussion in Washington last week sponsored by the Air Force Association. The cyber sidearm program is part of a broader effort to defend Air Force networks against intruders. Service officials have also begun auditing crucial software to identify security risks, Elder said. From rforno at infowarrior.org Fri Oct 12 20:54:29 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2007 16:54:29 -0400 Subject: [Infowarrior] - AFA Report: " Victory in Cyberspace" Message-ID: Victory in Cyberspace Eaker Institute Study Focuses on Securing Cyberspace Domain & Airmen?s Role http://afa.org/media/press/victorycyberspace.asp Arlington, VA ? The Eaker Institute, the policy and research arm of the Air Force Association, today released a report titled ?Victory in Cyberspace? that focuses on the growth of cyberspace into a top arena for competition, widespread attacks on America in cyberspace and the U.S. need to take steps now to secure the domain. Authored by Dr. Rebecca Grant, ?Victory in Cyberspace? was the topic of a National Press Club panel today with Lt. Gen. Robert Elder, who commands the Air Force headquarters for cyberspace, global strike and network operations, including establishing a new Cyber Command; Gen. John Jumper (ret.), former Chief of Staff of the United States Air Force; and Lt. Gen. John Baker (ret.), former Vice Commander, Air Mobility Command. ?Progressing through continued technological development will probably change the form of cyberspace many times ? with large consequences for the airmen and others who are defending it and fighting in it,? states Grant in the study released today (Page 29). In 2005 the Air Force declared a new mission ?to fly and fight in air, space and cyberspace.? The Air Force stood up a provisional Cyber Command on Oct. 1. It?s not just the Internet ? most aspects of joint warfighting now depend on exploiting the electromagnetic spectrum. The Air Force has been a leader in developing secure, battlespace networks that take precision air warfare to a new level. At the same time, a national debate has unfolded about the military?s role in protecting national infrastructure from cyberspace threats. The Eaker Institute Panel discussion centered on making cyberspace equal with air and space in the Air Force?s mission set and how that affects the airman?s profession and the nation?s security priorities. ?The Air Force?s willingness to step up early to the cyberspace mission bodes well. The Air Force is uniquely placed to speed the technology and capitalize on the skills of its airmen to master the domain of cyberspace and all its challenges, and use it for American gain,? the study states (Page 29). Link to the complete text of the report: http://www.afa.org/media/reports/victorycyberspace.pdf From rforno at infowarrior.org Sat Oct 13 02:05:02 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 12 Oct 2007 22:05:02 -0400 Subject: [Infowarrior] - US demands air passengers ask its permission to fly Message-ID: Original URL: http://www.theregister.co.uk/2007/10/12/flying_into_data_hell/ US demands air passengers ask its permission to fly By Wendy M. Grossman Published Friday 12th October 2007 13:18 GMT Under new rules proposed by the Transport Security Administration (TSA) (http://www.regulations.gov/fdmspublic/ContentViewer?objectId=09000064802ad5 b0&disposition=attachment&contentType=pdf) (pdf), all airline passengers would need advance permission before flying into, through, or over the United States regardless of citizenship or the airline's national origin. Currently, the Advanced Passenger Information System, operated by the Customs and Border Patrol, requires airlines to forward a list of passenger information no later than 15 minutes before flights from the US take off (international flights bound for the US have until 15 minutes after take-off). Planes are diverted if a passenger on board is on the no-fly list. The new rules mean this information must be submitted 72 hours before departure. Only those given clearance will get a boarding pass. The TSA estimates that 90 to 93 per cent of all travel reservations are final by then. The proposed rules require the following information for each passenger: full name, sex, date of birth, and redress number (assigned to passengers who use the Travel Redress Inquiry Program because they have been mistakenly placed on the no-fly list), and known traveller number (once there is a programme in place for registering known travellers whose backgrounds have been checked). Non-travellers entering secure areas, such as parents escorting children, will also need clearance. The TSA held a public hearing in Washington DC on 20 September, which heard comments from both privacy advocates and airline industry representatives from Qantas, the Regional Airline Association (http://www.raa.org), IATA (http://www.iata.org), and the American Society of Travel Agents (http://www.asta.org). The privacy advocates came from the American Civil Liberties Union (http://www.aclu.org) and the Identity Project (http://www.papersplease.org). All were negative. The proposals should be withdrawn entirely, argued Edward Hasbrouck (http://www.hasbrouck.org), author of The Practical Nomad and the leading expert on travel data privacy. "Obscured by the euphemistic language of 'screening' is the fact that travellers would be required to get permission before they can travel." Hasbrouck submitted that requiring clearance in order to travel violates the US First Amendment right of assembly, the central claim in John Gilmore's (http://www.toad.com/gnu/) case against the US government over the requirement to show photo ID for domestic travel. In addition, the TSA is required to study the impact of the proposals on small economic entities (such as sole traders). Finally, the TSA provides no way for individuals to tell whether their government-issued ID is actually required by law, opening the way for rampant identity theft. ACLU's Barry Steinhardt quoted press reports of 500,000 to 750,000 people on the watch list (of which the no-fly list is a subset). "If there are that many terrorists in the US, we'd all be dead." TSA representative Kip Hawley noted that the list has been carefully investigated and halved over the last year. "Half of grossly bloated is still bloated," Steinhardt replied. The airline industry representatives' objections were largely logistical. They argued that the 60-day timeframe the TSA proposes to allow for implementation from the publication date of the final rules is much too short. They want a year to revamp many IT systems, especially, as the Qantas representative said, as no one will start until they're sure there will be no further changes. In addition, many were concerned about the impact on new, convenient and cash-saving technologies, such as checking in at home, or storing a boarding pass in a PDA. One additional point, also raised by Hasbrouck: the data the TSA requires will be collected by the airlines who presumably will keep it for their own purposes ? a "government-coerced informational windfall", he called it. The third parties who actually do much of the airline industry's data processing, the Global Distribution Systems and Computer Reservations Systems, were missing from the hearing. ? From rforno at infowarrior.org Sat Oct 13 13:41:57 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Oct 2007 09:41:57 -0400 Subject: [Infowarrior] - Allegation: NSA 'Groundbreaker' began before 9/11 Message-ID: (if so, it might explain the infatuation with ensuring telco immunity by the Administration........rf) Qwest CEO Not Alone in Alleging NSA Started Domestic Phone Record Program 7 Months Before 9/11 http://feeds.feedburner.com/~r/wired27b/~3/169115506/qwest-ceo-not-a.html Startling statements from former Qwest CEO Joseph Nacchio's defense documents alleging the National Security Agency began building a massive call records database seven months before 9/11 aren't the only accusations that the controversial program predated the attacks of 9/11. According to court documents unveiled this week, former Qwest CEO Joseph Nacchio clearly wanted to argue in court that the NSA retaliated against his company after he turned down a NSA request on February 27, 2001 that he thought was illegal. Nacchio's attorney issued a carefully worded statement in 2006, saying that Nacchio had turned down the NSA's repeated requests for customer call records. The statement says that Nacchio was asked for the records in the fall of 2001, but doesn't say he was "first asked" then. And in May 2006, a lawsuit filed against Verizon for allegedly turning over call records to the NSA alleged that AT&T began building a spying facility for the NSA just days after President Bush was inaugurated. That lawsuit is one of 50 that were consolidated and moved to a San Francisco federal district court, where the suits sit in limbo waiting for the 9th Circuit Appeals court to decide whether the suits can proceed without endangering national security. According the allegations in the suit (.pdf): The project was described in the ATT sales division documents as calling for the construction of a facility to store and retain data gathered by the NSA from its domestic and foreign intelligence operations but was to be in actuality a duplicate ATT Network Operations Center for the use and possession of the NSA that would give the NSA direct, unlimited, unrestricted and unfettered access to all call information and internet and digital traffic on ATT?s long distance network. [...] The NSA program was initially conceived at least one year prior to 2001 but had been called off; it was reinstated within 11 days of the entry into office of defendant George W. Bush. An ATT Solutions logbook reviewed by counsel confirms the Pioneer-Groundbreaker project start date of February 1, 2001. The allegations in that case come from unnamed AT&T insiders, who have never stepped forward or provided any documentation to the courts. But Carl Mayer, one of the attorneys in the case, stands by the allegations in the lawsuit. "All we can say is, we told you so," Mayer told THREAT LEVEL. Mayer says the issue of when the call records program started - a program that unlike the admitted warrantless wiretapping, the administration has never confirmed nor denied - should play a role in the upcoming confirmation hearings of Attorney General nominee Michael Mukasey. Mukasey will have to "come clean on when this program started," Mayer said. "The entire rationale was that it was necessitated by 9/11." All of the cases pending against the nation's telecoms for allegedly violating the nation's surveillance and privacy laws could be mooted if Congress gives immunity to the companies, as the Administration and the telcos powerful lobbyists are arguing for. Immunity isn't what Mayer wants. "The real obligation is upon the Democrats to demand turnover of these documents," Security vuln auction site pulls in research Alternative market attracts 150 listings By John Leyden ? More by this author Published Friday 12th October 2007 20:32 GMT http://www.theregister.co.uk/2007/10/12/wslabi_update/ A controversial marketplace for security exploits and vulnerabilities said it has exceeded expectations with the submission of more than 150 vulnerabilities in its first two months of operations. WabiSabiLabi encourages security researchers to sell their findings to vetted buyers. Herman Zampariolo, chief exec of WSLabi which runs the WabiSabiLabi marketplace, said that the quality of the submitted vulnerabilities is as important as their quantity. Vulnerabilities on the marketplace have had selling prices ranging between 100 to 15,000 euros each. So far 1,000 sellers (researchers) have registered on the site. The types of vulnerabilities that have made it on to the marketplace include 51 bugs in Windows, 19 flaws in Linux, 29 web application vulnerabilities and two Mac-related flaws. Bugs in enterprise apps have also made an appearance with 10 flaws in enterprise software from SAP and one IBM-related vulnerability. Not all vulnerabilities submitted make it onto the marketplace. So far, WabiSabiLabi has rejected 40 for reasons including the use of "illegal methodology", such as reverse engineering on protected software. Only previously unpublished vulnerabilities are eligible for auction by WabiSabiLabi. In addition the Swiss firm does not accept vulnerabilities that apply to bespoke software. WSLabi verifies the vulnerability research submitted to it before offering it for sale online. The firm advises researchers how best to auction their research on its site. Only two-thirds of submitted vulnerabilities have successfully passed through its vetting process, WSLabi reports. "The number of vulnerabilities on the marketplace proves that WSLabi is providing an alternative legal outlet for vulnerabilities, it is diverting research from being used for illegal purposes and generating regular and legitimate revenue for researchers," said security researcher and defacement archive Zone-h co-founder Roberto Preatoni. The launch of WSLabi marketplace marks a further evolution in the increasing complex market for security research and vulnerability information. Some security firms try to get an edge over their rivals by paying independent security researchers for bugs they find, defences against which are added to their security products and notification services, thereby boosting their appeal. The approach was first widely applied by iDefense, but has since been taken up by other firms including Immunity and 3Com's TippingPoint division. Payments vary but tend to max out at around $10,000. ? From rforno at infowarrior.org Sat Oct 13 13:59:38 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Oct 2007 09:59:38 -0400 Subject: [Infowarrior] - New apps put the hate in online networking Message-ID: New apps put the hate in online networking Enemybook, Snubster allow Facebook users to link up with their nemeses By Jenn Abelson, Globe Staff | October 10, 2007 http://tinyurl.com/32t5zo Now that Internet users have forged online relationships with the people they like, they can turn their attention to shaming the folks they hate. With Enemybook, a new program that runs on the social networking site Facebook, you can connect to people you loathe, display their photos and evil deeds, and give them the virtual finger. Enemybook is one of several new online applications developed by computer-savvy twentysomethings who say they are tired of bogus online friendships. In a dig at the notion of virtual networking, they hope to encourage people to undermine, or at least mock, the online social communities sites such as Facebook were designed to create. Over the summer, Kevin Matulef, who is doing a doctoral thesis on algorithms at MIT, designed Enemybook, a software application that lets people list enemies below friends on their personal Facebook page. He describes the program as "an antisocial utility that disconnects you to the so-called friends around you." Matulef, 28, got the idea from undergraduates at the dorm where he tutors, after hearing one student talk about how someone was a "Facebook friend," but not a "real friend." (Facebook users sign up for a profile and can request friends through different networks -- high school, college, or at random. Some users have even created fake profiles for celebrities). At the time, Matulef joked that maybe the two students should be Facebook enemies instead. And Enemybook was born. "People are yearning to express the ridiculousness of some of the features of Facebook -- having all these friends that aren't genuine," Matulef said. "For some people, Enemybook is about expressing their distaste for political figures or celebrities. And for other people, it actually is about spreading hatred for their despised co-workers and exes." Since May, Facebook has opened its platform and allowed developers to build applications to run on its site. According to Facebook's website, more than 3,000 applications have been built on the platform and 100 new ones are added each day. The most popular, a utility to highlight a user's best friends called Top Friends, has 3.1 million daily active users. Enemybook is not in that stratosphere. It currently has 1,200 users, who cumulatively have recorded nearly 2,300 acrimonious relationships. Many people are "enemying" fake Facebook profiles for public figures and celebrities. So far, Matulef has the most foes, followed by President Bush, British rock band Coldplay, Republican gadfly Ann Coulter, and Mark Zuckerberg, the founder and chief executive of Facebook (and a Harvard dropout). "It seems worth pointing out that Facebook was initially developed at Harvard; MIT had to counter with something," Matulef quipped. Others have taken Enemybook more seriously, using it to publicly express their distaste for exes, bad bosses, and former friends. "How many times have you been friend requested by someone you don't even like, know isn't really your friend, battle on a day to day basis, and is really your sworn enemy who is just friending you to discover your weakness," read a petition circulated by David Newkirk, who started a group on Facebook last year called "Official Petition to Facebook for an 'Enemies List."' Now armed with Enemybook, Newkirk, 19, a sophomore at the University of North Carolina in Wilmington, has listed six nemeses, including a former roommate, whose enemy details include hooking up with Newkirk's best friend, insulting Newkirk's dignity, and living with Newkirk and not getting along. "Any person who rubbed me the wrong way, or showed disrespect will not be able to escape the electronic acknowledgement of their wrongdoings through Enemybook," Newkirk said. A Facebook spokeswoman would not comment on Enemybook. Zuckerberg did not return messages posted to his Facebook account. Enemybook is not the only asocial utility available on Facebook. Snubster, which has allowed users to alienate each other since 2006 on its own website, Snubster.com, recently launched an application on Facebook. With Snubster, you can put people "On Notice," give them an opportunity to redeem themselves, set a deadline, and if they fail to clean up their act, list them as "Dead to Me." Bryant Choung, 26, a software engineer in Washington, D.C., who created the program, said he was bothered that Facebook had become little more than an online popularity contest and designed Snubster to provide "a backlash against the ridiculous phenomenon that was social networking." "It's nice because Snubster was supposed to be a parody of Facebook, and by being able to work directly in and around Facebook makes it work so much better," Choung said. The act of online snubbing can have its perils. Last month, Choung received a request from a man to remove a snub made by someone he was suing. At first, Choung told him to contact the person directly so they could resolve it on their own. But after a few rounds of e-mails, Choung decided removing the snub was the easiest way not to be involved. "People have always been mean and petty and now, with the culture of putting everything online and the reality shows that thrive on voting people off the island or telling people you're fired, it's not surprising that people want to blast their enemies to the world," said Patrice Oppliger, assistant professor of mass communications at Boston University. "The entertainment of being mean is almost elevated to a new level." Still, there are the tactical drawbacks of enemying. Enemybook allows Facebook users to add enemies who are not their friends. But only people who are already friends receive notification when they are added to the enemy list. Enemies you have never liked never find out about your wrath. Despite the potential pitfalls, some Facebook users think Enemybook and Snubster are long overdue. Helen Parker, of London, said she used Enemybook to go after school bullies, bad bosses, and friends of friends she dislikes, listing secrets about their behavior. But then, the 24-year-old student at Aberystwyth University, had a change of heart and deleted her enemies. "It just seemed a bit petty," Parker said. "Plus, not enough people I hate are on Facebook." Jenn Abelson can be reached at abelson at globe.com. From rforno at infowarrior.org Sat Oct 13 14:01:32 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Oct 2007 10:01:32 -0400 Subject: [Infowarrior] - How's this for IP Irony? Message-ID: Anti-Piracy Organization Domain IFPI.com Now Owned by The Pirate Bay Written by Ernesto on October 12, 2007 http://torrentfreak.com/ifpi-now-owned-by-the-piratebay-071012/ IFPI.com, the domain that used to belong to The International Federation of the Phonographic Industry or (IFPI) - an infamous anti-piracy organization - is mysteriously transferred to The Pirate Bay. The Pirate Bay team says it will use the domain to host the newly founded International Federation of Pirate Interests. It?s beginning to look like the IFPI will be the next MediaDefender. Earlier this week we already posted about leaked email correspondence between a lawyer and the IFPI, in which they discussed requesting confidential information from the Swedish police on an ongoing police investigation involving The Pirate Bay. Apparently they had plans to use this information to take on the popular BitTorrent site, but it seems that plans like that always backfire. The main domain of the IFPI - ifpi.org - is still working, but when people try to access ifpi.com they are redirected to a Pirate Bay server, showing the text: ?International Federation of Pirate Interests.? We contacted Brokep, one of the administrators of The Pirate Bay, and he told TorrentFreak: ?International Federation of Pirate Interests (IFPI) is the new international federation we?re starting in order to get the word of piracy spread.? The WHOIS info clearly shows that ifpi.com - the domain that used to be registered to the IFPI - is now registered to Brokep. We asked him if The Pirate Bay is responsible for the domain hack, and he told us: ?It?s not a hack, someone just gave us the domain name. We have no idea how they got it, but it?s ours and we?re keeping it.? I?m sure most people will agree that the domain will be in better hands with the The Pirate Bay team. Stay tuned for more IFPI news! < - > http://torrentfreak.com/ifpi-now-owned-by-the-piratebay-071012/ From rforno at infowarrior.org Sun Oct 14 03:11:49 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 13 Oct 2007 23:11:49 -0400 Subject: [Infowarrior] - OpEd: Spies, Lies and FISA Message-ID: Spies, Lies and FISA Published: October 14, 2007 http://www.nytimes.com/2007/10/14/opinion/14sun1.html As Democratic lawmakers try to repair a deeply flawed bill on electronic eavesdropping, the White House is pumping out the same fog of fear and disinformation it used to push the bill through Congress this summer. President Bush has been telling Americans that any change would deny the government critical information, make it easier for terrorists to infiltrate, expose state secrets, and make it harder ?to save American lives.? There is no truth to any of those claims. No matter how often Mr. Bush says otherwise, there is also no disagreement from the Democrats about the need to provide adequate tools to fight terrorists. The debate is over whether this should be done constitutionally, or at the whim of the president. The 1978 Foreign Intelligence Surveillance Act, or FISA, requires a warrant to intercept international communications involving anyone in the United States. A secret court has granted these warrants quickly nearly every time it has been asked. After 9/11, the Patriot Act made it even easier to conduct surveillance, especially in hot pursuit of terrorists. But that was not good enough for the Bush team, which was determined to use the nation?s tragedy to grab ever more power for its vision of an imperial presidency. Mr. Bush ignored the FISA law and ordered the National Security Agency to intercept phone calls and e-mail between people abroad and people in the United States without a warrant, as long as ?the target? was not in this country. The president did not announce his decision. He allowed a few lawmakers to be briefed but withheld key documents. The special intelligence court was in the dark until The Times disclosed the spying in December 2005. Mr. Bush still refused to stop. He claimed that FISA was too limiting for the Internet-speed war against terror. But he never explained those limits and rebuffed lawmakers? offers to legally accommodate his concerns. This year, the administration found an actual problem with FISA: It requires a warrant to eavesdrop on communications between foreigners that go through computers in the United States. It was a problem that did not exist in 1978, and it had an easy fix. But Mr. Bush?s lawyers tacked dangerous additions onto a bill being rushed through Congress before the recess. When the smoke cleared, Congress had fixed the real loophole, but also endorsed the idea of spying without court approval. It gave legal cover to more than five years of illegal spying. Fortunately, the law is to expire in February, and some Democratic legislators are trying to fix it. House members have drafted a bill, which is a big improvement but still needs work. The Senate is working on its bill, and we hope it will show the courage this time to restore the rule of law to American surveillance programs. There are some red lines, starting with the absolute need for court supervision of any surveillance that can involve American citizens or others in the United States. The bill passed in August allowed the administration to inform the FISA court about its methods and then issue blanket demands for data to communications companies without any further court approval or review. The House bill would permit the government to conduct surveillance for 45 days before submitting it to court review and approval. (Mr. Bush is wrong when he says the bill would slow down intelligence gathering.) After that, ideally, the law would require a real warrant. If Congress will not do that, at a minimum it must require spying programs to undergo periodic audits by the court and Congress. The administration wants no reviews. Mr. Bush and his team say they have safeguards to protect civil liberties, meaning surveillance will be reviewed by the attorney general, the director of national intelligence and the inspectors general of the Justice Department and the Central Intelligence Agency. There are two enormous flaws in that. The Constitution is based on the rule of law, not individuals; giving such power to any president would be un-American. And this one long ago showed he cannot be trusted. Last week, The Times reported that the C.I.A. director, Gen. Michael V. Hayden, is investigating the office of his agency?s inspector general after it inquired into policies on detention and interrogation. This improper, perhaps illegal investigation sends a clear message of intimidation. We also know that the F.B.I. has abused expanded powers it was granted after 9/11 and that the former attorney general, Alberto Gonzales, systematically covered up the president?s actions with deliberately misleading testimony. Mr. Bush says the law should give immunity to communications companies that gave data to the government over the last five years without a court order. He says they should not be punished for helping to protect America, but what Mr. Bush really wants is to avoid lawsuits that could uncover the extent of the illegal spying he authorized after 9/11. It may be possible to shield these companies from liability, since the government lied to them about the legality of its requests. But the law should allow suits aimed at forcing disclosure of Mr. Bush?s actions. It should also require a full accounting to Congress of all surveillance conducted since 9/11. And it should have an expiration date, which the White House does not want. Ever since 9/11, we have watched Republican lawmakers help Mr. Bush shred the Constitution in the name of fighting terrorism. We have seen Democrats acquiesce or retreat in fear. It is time for that to stop. From rforno at infowarrior.org Sun Oct 14 18:10:20 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Oct 2007 14:10:20 -0400 Subject: [Infowarrior] - VZ selling Customer Network Proprietary Information Message-ID: (originally heard of this via IP, but this is a more useful article including info on how to opt-out) Two of us just received a notice from Verizon Wireless about CPNI. CPNI stands for Customer Proprietary Network Information: our call records, essentially. What numbers we called, how often, how long we spent on the phone, and how much it cost us. (It does not include our own names, numbers, or addresses.) Verizon wants to share this data with third parties, and of course they need our permission: ?you have a right, and we have a duty, under federal and state law, to protect the confidentiality of your CPNI.? But that duty only goes so far: ?Unless you provide us [Verizon Wireless] with notice that you wish to opt out within 30 days of receiving this letter, we will assume that you give the Verizon Companies the right to share your CPNI with the authorized companies as described above.? Who are the authorized companies? ?Our affiliates, agents and parent companies (including Vodafone) and their subsidiaries.? That?s a pretty broad list. Agents could include anyone that Verizon hires, which becomes clear when you reach the bottom of page 8: ?we may include our own or third-party advertising in the services you?ve purchased from us, and we may share information about you [information here includes CPNI] with affiliates, vendors and third parties to ? deliver relevant advertising to you while using the services. We may collect and transmit information regarding your us of the services through applications or other software present on your device. If you do not want us to collect, transmit or use such information about you for the above purposes, you should not use the services; by using the services, you expressly authorize us to use your information for these purposes.? I called 1-800-333-9956 and opted out of sharing CPNI. That last paragraph seems to imply that I have to stop using my phone as well. It?s not clear. < - > http://skydeck.com/blog/mobilemarket/get-ready-for-more-advertising-on-your- cell-phone/ From rforno at infowarrior.org Sun Oct 14 18:19:14 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 14 Oct 2007 14:19:14 -0400 Subject: [Infowarrior] - OpEd: Just Asking Message-ID: This brief op-ed, part of the Atlantic's 150th Anniversary edition this month, has strong sentiment both for politics and security risk management, and in my curmudgeonly opinion, speaks volumes on how America tends to handle both. The author asks some of the same questions that I and other security analysts have been raising for at least the past 7 years, if not longer.......rf Just Asking David Foster Wallace Are some things still worth dying for? Is the American idea* one such thing? Are you up for a thought experiment? What if we chose to regard the 2,973 innocents killed in the atrocities of 9/11 not as victims but as democratic martyrs, ?sacrifices on the altar of freedom??* In other words, what if we decided that a certain baseline vulnerability to terrorism is part of the price of the American idea? And, thus, that ours is a generation of Americans called to make great sacrifices in order to preserve our democratic way of life?sacrifices not just of our soldiers and money but of our personal safety and comfort? In still other words, what if we chose to accept the fact that every few years, despite all reasonable precautions, some hundreds or thousands of us may die in the sort of ghastly terrorist attack that a democratic republic cannot 100-percent protect itself from without subverting the very principles that make it worth protecting? Is this thought experiment monstrous? Would it be monstrous to refer to the 40,000-plus domestic highway deaths we accept each year because the mobility and autonomy of the car are evidently worth that high price? Is monstrousness why no serious public figure now will speak of the delusory trade-off of liberty for safety that Ben Franklin warned about more than 200 years ago? What exactly has changed between Franklin?s time and ours? Why now can we not have a serious national conversation about sacrifice, the inevitability of sacrifice?either of (a) some portion of safety or (b) some portion of the rights and protections that make the American idea so incalculably precious? In the absence of such a conversation, can we trust our elected leaders to value and protect the American idea as they act to secure the homeland? What are the effects on the American idea of Guant?namo, Abu Ghraib, Patriot Acts I and II, warrantless surveillance, Executive Order 13233, corporate contractors performing military functions, the Military Commissions Act, NSPD 51, etc., etc.? Assume for a moment that some of these measures really have helped make our persons and property safer?are they worth it? Where and when was the public debate on whether they?re worth it? Was there no such debate because we?re not capable of having or demanding one? Why not? Have we actually become so selfish and scared that we don?t even want to consider whether some things trump safety? What kind of future does that augur? FOOTNOTES: 1. Given the strict Gramm-Rudmanewque space limit here, let's just please all agree that we generally know what this term connotes?an open society, consent of the governed, enumerated powers, Federalist 10, pluralism, due process, transparency ... the whole democratic roil. 2. (This phrase is Lincoln's, more or less) The URL for this page is http://www.theatlantic.com/doc/200711/wallace-safety David Foster Wallace is the author of several books, including Infinite Jest (1996), A Supposedly Fun Thing I?ll Never Do Again (1997), and Consider the Lobster (2005). From rforno at infowarrior.org Mon Oct 15 13:15:34 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2007 09:15:34 -0400 Subject: [Infowarrior] - Group Plans to Provide Investigative Journalism Message-ID: Group Plans to Provide Investigative Journalism By RICHARD P?REZ-PE?A http://www.nytimes.com/2007/10/15/business/media/15publica.html?ei=5065&en=a 979b82d4af36b74&ex=1193112000&partner=MYWAY&pagewanted=print As struggling newspapers across the country cut back on investigative reporting, a new kind of journalism venture is hoping to fill the gap. Paul E. Steiger, who was the top editor of The Wall Street Journal for 16 years, and a pair of wealthy Californians are assembling a group of investigative journalists who will give away their work to media outlets. The nonprofit group, called Pro Publica, will pitch each project to a newspaper or magazine (and occasionally to other media) where the group hopes the work will make the strongest impression. The plan is to do long-term projects, uncovering misdeeds in government, business and organizations. Nothing quite like it has been attempted, and despite having a lot going for it, Pro Publica will be something of an experiment, inventing its practices by trial and error. It remains to be seen how well it can attract talent and win the cooperation of the mainstream media. ?It is the deep-dive stuff and the aggressive follow-up that is most challenged in the budget process,? said Mr. Steiger, who will be Pro Publica?s president and editor in chief. He gave up the title of managing editor of The Journal in May, but is staying on through the end of the year as editor at large; during his tenure, the newsroom won 16 Pulitzer Prizes. Pro Publica is the creation of Herbert M. and Marion O. Sandler, the former chief executives of the Golden West Financial Corporation, based in California, which was one of the nation?s largest mortgage lenders and savings and loans. They have committed $10 million a year to the project, while various foundations have provided smaller amounts. Mr. Sandler will serve as chairman of the group, which will begin operations early next year. The Sandlers are also major Democratic political donors and critics of President Bush. Last year, they sold Golden West to the Wachovia Corporation for about $26 billion, a deal which valued their personal shares at about $2.4 billion. Pro Publica plans to establish a newsroom in New York City and have 24 journalists, one of the biggest investigative staffs in any medium, along with about a dozen other employees. Mr. Steiger said he envisions a mix of accomplished reporters and editors, including some hired from major publications, and talented people with only a few years? experience, so that the group will become a training ground for investigative reporters. He would not say specifically where he is shopping for talent, but did not rule out The Journal. Richard J. Tofel, a former assistant publisher and assistant managing editor of The Journal, has been hired as general manager. Board members will include Henry Louis Gates Jr., the Harvard scholar of African and African-American studies; Alberto Ibarguen, a former publisher of The Miami Herald, who is currently president and chief executive of the John S. and James L. Knight Foundation; James A. Leach, a former congressman from Iowa who directs Harvard?s Institute of Politics; and Rebecca Rimel, president and chief executive of the Pew Charitable Trusts. The nearest parallels to Pro Publica may be the Center for Investigative Reporting in San Francisco, and the Pulitzer Center on Crisis Reporting in Washington, groups that support in-depth work and have had considerable success getting it published or broadcast in mainstream media. But their budgets are a fraction of Pro Publica?s, and they do not actually employ most of the journalists whose work they help finance. Pro Publica will provide salaries and benefits comparable to the biggest newspapers, Mr. Steiger said. ?I won?t be offering somebody 50 grand or 100 grand more than they?re making to jump ship, nor will I ask them to take a pay cut,? he said. Newspapers routinely publish articles from wire services, and many of them also subscribe to the major papers? news services and reprint their articles. But except for fairly routine news wire service articles, the largest newspapers have generally been reluctant to use reporting from other organizations. But experts say that resistance is breaking down as the business is squeezed financially, and newspapers make greater use of freelance journalists. ?They?re looking for alternative means of paying for ambitious journalism,? said Stephen B. Shepard, dean of the City University of New York?s Graduate School of Journalism and a former editor of BusinessWeek. ?Steiger has the credibility and judgment to bring this off, and if they do good work, it will get picked up.? Bill Keller, executive editor of The New York Times, said The Times would be open to using work from an outside source, ?assuming we were confident of its quality,? but that ?we?ll always have a preference for work we can vouch for ourselves.? Mr. Steiger said that relationships with publications could be tricky, requiring the flexibility to make each comfortable. In most cases, he said, Pro Publica will appeal to a newspaper or magazine while a project is under way, to gauge interest and how much oversight the publication wants. In others, he said, his group might present more or less finished products to other outlets. If Pro Publica and a publication cannot agree on how to approach a topic, or what can be written about it, he said, his group will look for another outlet, or publish its reporting on its own Web site. Mr. Sandler said his interest in investigative journalism has been abetted by friendships with reporters in the field. ?Both my father and my older brother always focused on the underdog, justice, ethics, what?s right,? Mr. Sandler said. ?All of my life I?ve been driven crazy whenever I encounter corruption, malfeasance, mendacity, but particularly where those in power take advantage of those who have few resources.? From rforno at infowarrior.org Mon Oct 15 13:17:14 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2007 09:17:14 -0400 Subject: [Infowarrior] - Secure Data Warehouses Rise Again in N. Virginia Message-ID: Secure Data Warehouses Rise Again in N. Virginia Hit by Dot-Com Bust, Industry Is Reviving By Kendra Marr Washington Post Staff Writer Monday, October 15, 2007; D01 http://www.washingtonpost.com/wp-dyn/content/article/2007/10/14/AR2007101401 047_pf.html They are among the most fortified institutions in greater Washington. Personnel pass through "man traps," secure one-person entrances equipped with biometric scanners that read fingerprints, palms or retinas. What are they guarding? Data. Several projects are underway in Northern Virginia to build highly secure data centers to protect the thousands of computer servers managing Internet traffic and storing digital files, ranging from e-mail to sensitive financial and medical information. A growing appetite for Internet applications and a better understanding of the vulnerabilities in such systems after Hurricane Katrina and the terrorist attacks of Sept. 11, 2001, has helped revive an industry that had been hit hard by the dot-com bust. "We've seen more activity in companies coming in and buying existing sites and quite a bit of new construction than we've seen in a long time," said Rich Miller, editor of Data Center Knowledge, an online trade publication. Data-center construction accelerated this year, said John Kraft, chief executive of ServerVault, a Dulles-based data-center manager. Analysts estimate that there are now 15,000 to 20,000 data centers across the country. One industry survey found that 80 percent of companies have plans to expand their facilities. It's unclear how long the boom will last. A slowing economy could temper demand, as could rising power costs. Data centers use an immense amount of electricity to run and cool rows of servers. In 2006, U.S. data centers consumed 61 billion kilowatt hours of electricity, at a cost of $4.5 billion, according to a recent Environmental Protection Agency report. That's enough electricity to power 5.8 million average American households in a year. The recent construction activity is a turnaround of sorts. During the dot-com boom, developers jumped into speculative data-center development. They counted on dozens of Internet start-ups looking for a place to park their data. But many start-ups didn't last and the dot-com boom ended. So in Northern Virginia, as well as around the country, data centers were shut down, consolidated and used for office space, warehouses and industrial complexes. "The demand for Internet services that drove the initial boom wasn't incorrect, it was just a few years too early," Miller said. Data centers do not come cheap. Last week, Savvis opened a $20 million facility in Sterling, its third in the region. A typical center costs $1,000 per square foot to develop -- double the price in the dot-com era due to better, but costlier technology and security, according to Miller. Security measures account for much of the bill. The machines are locked in cages and sealed behind firewalls. Banks of backup batteries and diesel generators stand by to keep them humming in case of emergency. The data centers are kept purposefully nondescript and outfitted with security cameras, fake entrances, bulletproof glass and Kevlar-lined walls. They include strategically placed hills and concrete posts designed to stop charging vehicles filled with explosives. "One freak attack on a data center would amount to critical data lost," said Ted Chamberlin, principal analyst with research firm Gartner Inc. "It could easily shut down a company." Few jobs accompany these gigantic facilities. Data centers typically employ only 10 to 30 people, depending on the size and services of the center. And it can sometimes be difficult for economic development officials to get the word out about new development, given security concerns. "Some of these data centers have billions of dollars of transactions going through them," said Dorri O'Brien Morin, a spokeswoman for the Loudoun County Department of Economic Development. "They don't want people to know where they are." From rforno at infowarrior.org Mon Oct 15 14:18:42 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2007 10:18:42 -0400 Subject: [Infowarrior] - Apple Declares iPhone Martial Law Message-ID: Apple Declares iPhone Martial Law By Brett Arends Mutual Funds Columnist 10/12/2007 12:16 PM EDT URL: http://www.thestreet.com/newsanalysis/techstockupdate/10384062.html This just in -- General Motors has told customers that in the future they must only buy gasoline from Exxon stations. GM will get a share of Exxon's revenues as part of the deal. The car and truck giant has fitted sensors in its new vehicles to make sure customers don't cheat. Where it finds "unapproved" gasoline, GM is invalidating the vehicle's warranty and sending out agents to cripple the cars' engines, rendering them useless. The agents also let themselves into GM vehicles to remove unapproved accessories. "We are protecting the integrity of the user experience," said a spokesman. "Customers are only allowed to have a radar detector, or a new seat cover, when we say so." Pure fiction? Obviously. GM would never behave in such a totalitarian or bone-headed way. There would be an outcry if it did. But the scenario above isn't far-fetched. Just ask anyone who bought an iPhone. This is exactly what Apple (AAPL) has just done. In case you missed it, the company used its latest software upgrade to cripple every iPhone that had been opened up to unapproved networks, and stripped out "unauthorized" third-party applications. Apple's message to its customers: You will use the network we tell you to use. You will use the applications we tell you to use. Memo to Apple: You guys are kidding, right? Twenty-three years ago, in 1984, Apple ran a famous commercial portraying itself as a rebel taking on the "Big Brother" of IBM (IBM) . Today, Apple has become Big Brother. So the big news this week is that genuine rebels are fighting back: Owners of crippled iPhones have just filed a class action suit against the company. In the free republic of the Internet, hackers are already reported to be launching software fixes that undo the damage of the company's software upgrade. Meanwhile, Apple may face a legal challenge if it tries to launch the iPhone in France. Under a 1998 French law, you're not allowed to keep a mobile phone locked to a single network. Vive la France! Here, the law does nothing. Apple declined to comment. But it has already offered a variety of lame public relations explanations for its behavior. It says it has crippled hacked phones to protect a long exclusivity deal with AT&T (T) . Response: No one made you sign such a deal. And Jobs says "unauthorized" third-party applications could threaten the "integrity" of the operating system and the "security" of the network. Response: Just how dumb do you think we are? Millions of people already use smartphones like the Palm (PALM) Treo, Motorola (MOT) Q, Research In Motion (RIMM ) BlackBerry or Nokia (NOK) e61. They are all loaded with third-party apps and new ones are being written every day. The world hasn't ended. Funny, that. For that matter, I have a variety of third-party applications loaded on my Apple Mac at home. It seems to work fine too. Hey, Steve -- do you want to sneak into my den to wipe my hard drive? If the iPhone sucked, none of this would matter. But it doesn't. It has so many great aspects to it. The hardware and the interface are terrific. And the Mac OS should be head-and-shoulders above anything else in the industry. You look at the iPhone and wonder what on earth the honchos at Palm, Hewlett-Packard (HPQ) and Nokia were doing all these years. But without choice and freedom, all this is worthless. I won't consider buying a handheld that won't let me load the programs I want to load. I have no idea what games Steve Jobs wants to play on his handheld, and he has no idea what games I want. That's why we have choice. Instead, the man is behaving like an old-fashioned Soviet commissar. Nor will I buy a locked phone so that I have to spend 45 cents a minute in "roaming" charges to make a phone call when I am in Europe. Consumers want choice. They want freedom. The crazy thing is that this strategy is doomed to failure anyway -- and it's going to be terrible for business. A decade ago, it was all the third-party applications that sold me -- and millions like me -- on my first Palm Pilot. At the time another company, Psion, made a better personal digital assistant. The hardware and operating system were excellent. The problem? Psion refused to allow third-party software. You could only use theirs. Seen any Psion PDAs around lately? You won't. The company's PDA business collapsed in ignominy. And Steve Jobs is now pursuing... Psions' strategy. The latest news this week shows how doomed this is. Every time he tries to handcuff his customers, someone on the Internet will show them how to pick the lock. All he is going to get, ultimately, is frustration and a truckload of bad PR. Meanwhile rival handheld makers are going to respond to the iPhone by drastically rethinking and improving their own product lines. And theirs will be unlocked and open to third-party software. Apple is doing itself no favors at all. From rforno at infowarrior.org Mon Oct 15 14:25:26 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2007 10:25:26 -0400 Subject: [Infowarrior] - NY Post: You're on Camera, New York! Message-ID: New York Post THERE'S NO HIDING FROM THE TRUTH - YOU'RE ON CAMERA! By SAMUEL GOLDSMITH http://www.nypost.com/php/pfriendly/print.php?url=http://www.nypost.com/seve n/10152007/news/regionalnews/theres__no_hiding_from_the_tru.htm October 15, 2007 -- Mayor Bloomberg has said New Yorkers must face the fact that they're being watched by security cameras all the time. He isn't kidding. It's not just the Police Department and MTA watching them. Countless private security cameras eye the city at all times - and some are broadcast to the masses. A Post reporter walking in Times Square was captured by at least 54 outdoor surveillance cameras in just eight blocks. From 42nd Street to 49th Street, there are cameras on top of buildings, embedded into walls, on top of street poles and tucked under awnings - and that's just the cameras visible to the naked eye. Four of the cameras are operated by the Web-cam network EarthCam.com, which streams live camera feeds on its Web site for the whole world to see. At any moment, people can tune in to those cameras and dozens of others around the city and get immediate imagery. "Hidden cameras enhance people's safety," said Brian Cury, founder of EarthCam. "It's a way to share information and make people's lives better." EarthCam has dozens of cameras in New York for both public use via the Web site and private use for companies. The site boasts the biggest network of Web cams in the world. During Bloomberg's recent trip to London, where the mayor scoped out the city's massive surveillance-camera system known as the "Ring of Steel," Hizzoner said, "In this day and age, if you think that cameras aren't watching you all the time, you are very naive." VIDEO: Watch Bloomberg's London statement Bloomberg wants to follow the model in London and dramatically increase the number of cameras in New York City. The city is already beefing up its surveillance in various places. The MTA is in the process of expanding its security system by installing cameras in 400 city buses, as well as what they call "passenger identification systems" in one-third of the city's subway stations. These systems record images of everyone who passes through a turnstile or entrance gate. To date, 69 stations have passenger-identification systems, using more than 1,600 cameras, according the MTA, and they already share that footage with the NYPD. "The reality is, it's a valid way to monitor people," Cury said. "Cameras can't stop somebody from doing something horrible, but they can go back and find out what happened for evidence." Not everyone agrees, however. When shown live pictures of themselves on EarthCam Mobile, a Web site that gives access to Web cams on cellphones, some people in Times Square felt that Big Brother was breathing down their necks. "I never stopped to think that this technology is so accessible," said Tonya Heupal. "Now I feel like I can't take a step without someone looking over my shoulder." Her husband, Robert Heupal, was flat-out mad. "This is outrageous," he said. "I'm not an enemy combatant, so why am I under surveillance?" But Cury said New York City has far fewer surveillance cameras than comparable-sized cities. London has an estimated 10 times more cameras than New York - upward of 2 million. "New York is the biggest city in the world with so few cameras," he said. "The reality is they were able to catch terrorists in London because of the security cameras," Cury said. "I don't think anyone can argue that it's a negative use of camera technology." Cury's Web cams in Times Square weren't capturing any suspicious activity over the weekend, but they did find Alberto Torres, 26, who is visiting from Barcelona, Spain. Torres was waving at an EarthCam camera on 46th Street and talking on his cellphone to his girlfriend back home. "She could see me here in New York City," said Torres. "I don't think it's a bad thing. I think it's great." samuel.goldsmith at nypost.com From rforno at infowarrior.org Mon Oct 15 19:42:37 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 15 Oct 2007 15:42:37 -0400 Subject: [Infowarrior] - Fox launches 'anti-Wall St.' biz channel Message-ID: Fox launches 'anti-Wall St.' biz channel Published: 15, 2007 at 8:29 AM http://www.upi.com/NewsTrack/Business/2007/10/15/fox_launches_antiwall_st_bi z_channel/8560/ NEW YORK, Oct. 15 (UPI) -- Rupert Murdoch's News Corp. on Monday launched Fox Business Network in New York as a "Main Street" alternative to General Electric Co.'s CNBC business network. "I throw $2 in every time I say something like 'basis point,'" correspondent and former hedge fund trader Cody Willard told viewers, explaining the channel's anti-jargon, anti-Wall Street position. The cable channel, which expected to reach at least 30 million U.S. homes, took out a full-page color ad on the back page of the main section of Monday's The Wall Street Journal saying "Your Second Opinion Arrives Today." For its part, CNBC took out a full-page black-and-white ad in the Journal's "Marketplace" section headlined "First in Business News" that called CNBC "America's Business Channel" and said the channel was "fast, accurate, actionable, unbiased." NewsCorp. bought Dow Jones & Co.'s Journal for $5 billion in a deal announced Aug. 1 that is expected to be completed by December. But the channel, based at News Corp.'s New York headquarters, cannot air any Wall Street Journal business reporters. A 15-year agreement between Dow Jones and CNBC keeps Journal business reporters from appearing on Fox Business until the contract ends in 2012. From rforno at infowarrior.org Tue Oct 16 12:02:04 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 08:02:04 -0400 Subject: [Infowarrior] - Comcast's law enforcement handbook leaked Message-ID: Comcast's law enforcement handbook leaked, could teach telecoms a thing or two By Nate Anderson | Published: October 15, 2007 - 11:29PM CT http://arstechnica.com/news.ars/post/20071015-comcasts-law-enforcement-handb ook-leaked-could-teach-telecoms-a-thing-or-two.html Imagine for a moment that you are a cop. The fuzz. After a busy day spent forcing punk libertarians to bow before the awesome power of the state (as represented by your taser), you stumble onto a dastardly computer crime, the sort of crime that one can solve only with the help of the perp's ISP, which in this case happens to be Comcast. Will Comcast give you the information you need? And what will it cost your department, which was hoping to save enough cash to have that outdoor barbecue next week? Thanks to the leak of a recent version of Comcast's Handbook for Law Enforcement (PDF), quickly spotted by readers of Broadband Reports, the Federation of American Scientists has made it simple to find out. The group is hosting the handbook for one and all to peruse. It's not quite the bastion of secrets one might expect; though marked "Confidential," the document appears to be something intended for external use by law enforcement offices across the country, not for internal Comcast usage. Still, it lets us learn interesting factoids, such as the fact that Comcast charges a thousand bucks to set up a court-ordered intercept device (thrifty departments, take note: the bill includes a free month of surveillance!). Future months are $750 apiece. If the case involves child exploitation, Comcast waives all fees. As for retention periods, Comcast says that it can access call detail records for two years. IP log files for DHCP leases are kept for 180 days. Should requests come in for information that exceeds those limits, the company makes clear that it has nothing to provide. Those looking for shocking revelations won't find them here; as FAS notes in its own coverage of the material, "With respect to surveillance policy, the Comcast manual hews closely to the letter of the law, as one would hope and expect." Indeed, reading through it, one is struck by the many references to statues that need to be followed or court orders that need to be obtained. National Security Letters must be hand-delivered, and the company notes that "attention must be paid to the various court proceedings in which the legal status of the requests is at issue." Assuming that these actually represent the limits of Comcast policy, there's little or nothing to object to here, especially when compared with AT&T, BellSouth, and Verizon?all rumored to have aided the NSA by turning over customer records without legal authority or providing full access to incoming optical connections in secret rooms. From rforno at infowarrior.org Tue Oct 16 12:06:22 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 08:06:22 -0400 Subject: [Infowarrior] - Verizon Says It Turned Over Data Without Court Orders Message-ID: Verizon Says It Turned Over Data Without Court Orders Firm's Letter to Lawmakers Details Government Requests By Ellen Nakashima Washington Post Staff Writer Tuesday, October 16, 2007; A01 Verizon Communications, the nation's second-largest telecom company, told congressional investigators that it has provided customers' telephone records to federal authorities in emergency cases without court orders hundreds of times since 2005. The company said it does not determine the requests' legality or necessity because to do so would slow efforts to save lives in criminal investigations. In an Oct. 12 letter replying to Democratic lawmakers, Verizon offered a rare glimpse into the way telecommunications companies cooperate with government requests for information on U.S. citizens. Verizon also disclosed that the FBI, using administrative subpoenas, sought information identifying not just a person making a call, but all the people that customer called, as well as the people those people called. Verizon does not keep data on this "two-generation community of interest" for customers, but the request highlights the broad reach of the government's quest for data. The disclosures, in a letter from Verizon to three Democrats on the House Energy and Commerce Committee investigating the carriers' participation in government surveillance programs, demonstrated the willingness of telecom companies to comply with government requests for data, even, at times, without traditional legal supporting documents. The committee members also got letters from AT&T and Qwest Communications International, but those letters did not provide details on customer data given to the government. None of the three carriers gave details on any classified government surveillance program. < - > http://www.washingtonpost.com/wp-dyn/content/article/2007/10/15/AR2007101501 857_pf.html From rforno at infowarrior.org Tue Oct 16 13:15:53 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 09:15:53 -0400 Subject: [Infowarrior] - Defense Asks RIAA Judge to Overrule 'Offensive' $222, 000 Award Message-ID: Defense Asks RIAA Judge to Overrule 'Offensive' $222,000 Award By David Kravets Email 10.15.07 | 5:30 PM http://www.wired.com/politics/law/news/2007/10/copyright The Minnesota woman a federal jury dinged $220,000 for pirating 24 copyrighted songs asked the trial judge on Monday to set aside the verdict on the grounds the judgment is unconstitutionally excessive. It's a novel theory that, if successful, could undermine the Recording Industry Association of America's litigation machine that has sued thousands of alleged pirates. The petition (.pdf) to U.S. District Judge Michael Davis, among other things, challenges the constitutionality of the 1976 Copyright Act, the law under which the RIAA sued Jammie Thomas of Minnesota, as well as over 20,000 other defendants. The $750 to $150,000 fines the act authorizes for each download is unconstitutionally excessive and against U.S. Supreme Court precedent, wrote Brian Toder, Thomas' attorney. The RIAA said the argument is "baseless." In pretrial court documents in a New York federal copyright case against a Brooklyn woman, the RIAA acknowledged that such an argument might kill its zero-tolerance suing machine by making "it economically unsound for any copyright owner to seek to protect its copyright interests." That case is pending trial in U.S. District Court for the Eastern District of New York. Thomas, 30 and a single mother of two, was the first RIAA defendant to go to trial. The bulk of the cases have settled for a few thousand dollars each, while others are pending or have been dismissed since the industry's lobbying arm began suing individuals four years ago this September. The minimum penalty under the Copyright Act equals a ratio of over 750 times the actual injury, assuming the value of a single music track is iTunes' 99-cent rate. Rulings by the U.S. Supreme Court and other courts say financial punishments exceeding a 9-to-1 ratio are unconstitutional. Toder speculated that each digital download that is pirated costs the industry only 70 cents -- meaning Thomas' conduct was punished at a ratio of more than 1,000 times actual damages. "Whether the court recognizes actual damages of zero dollars, $20 or whatever figure plaintiffs suggest ... the ratio of actual damages to the award is not only astronomical, it is offensive to our Constitution and offensive generally," Toder wrote. Toder wants the judge to reduce the award or order a trial on the amount of damages the industry suffered by Thomas' conduct. The industry has refused to divulge how much it loses per download, but says it loses billions of dollars to piracy. But whether Toder's legal position has any legal legs is uncertain. The RIAA doesn't think so. In the New York case, which is raising the same argument, the group's attorney, Richard Gabriel, called the assertion a mischaracterization of the law. Gabriel said in court documents that the 2003 Supreme Court precedent at issue concerns constraining juries and judges from awarding unlimited damages, while Congress has authorized a range of damages in the Copyright Act serving "to constrain and limit the potential damages that any particular defendant can be assessed, thereby eliminating the concerns address by the Supreme Court." Attorney J. Cam Barker took a position that supports Toder's claim, in a 2004 article in the Texas Law Review, noting that extreme monetary damages-to-costs ratios were likely in the RIAA's digital downloading cases. "At this point, a 'suspicious judicial eyebrow' might be raised," he wrote. No hearing date in the Thomas case, tried two weeks ago in Duluth, Minnesota, has been set. From rforno at infowarrior.org Tue Oct 16 17:38:50 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 13:38:50 -0400 Subject: [Infowarrior] - Phone Companies Refuse to Provide Data on Spy Program Message-ID: Phone Companies Refuse to Provide Data on Spy Program (Update1) By Neil Roland http://www.bloomberg.com/apps/news?pid=20601070&sid=aayJQwEy8Xw4&refer=polit ics Oct. 15 (Bloomberg) -- Three of the largest U.S. telephone companies declined to answer lawmakers' questions about Bush administration efforts to spy on Americans' phone calls and e- mails, saying the government forbade them from doing so. ``Our company essentially finds itself caught in the middle of an oversight dispute between the Congress and the executive relating to government surveillance activities,'' AT&T Inc. General Counsel Wayne Watts said in a letter to the House Energy and Commerce Committee that was released today by the panel. Verizon Communications Inc., the second largest U.S. phone company after AT&T, and Qwest Communications International Inc., the fourth largest, also declined to answer many of the committee's questions. Among the questions, posed by the committee on Oct. 2, were what information the carriers gave the administration without a court warrant, whether they were paid for any of it and whether the administration asked them to install equipment to intercept e-mails. John Dingell, a Michigan Democrat who heads the Energy and Commerce Committee, and other Democrats called on the administration to answer questions about the spying. ``The water is as murky as ever on this issue, and it's past time for the administration to come clean,'' Representative Ed Markey, a Massachusetts Democrat who leads the panel's telecommunications subcommittee, said in a statement. State Secrets Verizon and Qwest said the Justice Department prohibited them from offering any substantive comment on their roles in the spy program. AT&T said Director of National Intelligence Michael McConnell invoked the state-secrets privilege to prevent the carrier from commenting. McConnell's spokesman, Ross Feinstein, said in an interview today that the House and Senate Intelligence committees have the authority to oversee intelligence activities under the 1947 National Security Act. White House spokesman Scott Stanzel declined immediate comment. Justice Department spokesman Dean Boyd declined to comment. Verizon did answer a question from lawmakers about whether the administration asked it to provide ``communities of interest,'' the network of people with whom particular phone customers were in contact. The New York Times reported last month that the FBI had sought details on these networks. `Calling Circle' Verizon said the administration asked it to identify a `calling circle' for some telephone numbers. The carrier told the committee: ``Because Verizon does not maintain such `calling circle' records, we have not provided this information in response to these requests.'' Congress approved a temporary measure in July allowing spy agencies to continue intercepting, without a court warrant, phone calls and e-mails of foreign-based terrorists that are routed through the U.S. Lawmakers currently are working on new surveillance legislation. McConnell acknowledged the existence of the program in August and said telecommunications companies should be given immunity from lawsuits claiming privacy violations. AT&T, Verizon and other carriers are being sued for providing customer information to the government. Senator Dick Durbin of Illinois, the Democrats' No. 2 Senate leader, said last week he will resist the administration's demand for immunity for the carriers. To contact the reporter on this story: Neil Roland in Washington at nroland at bloomberg.net . From rforno at infowarrior.org Tue Oct 16 17:41:40 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 13:41:40 -0400 Subject: [Infowarrior] - Apple's iPhone customer service still baffles Message-ID: One Man's iPhone Warranty Woes POSTED: 8:15 am PDT October 15, 2007 UPDATED: 8:24 am PDT October 15, 2007 http://www.kptv.com/news/14341481/detail.html Jake Durgard said he loved his 30-day-old iPhone, but he was not happy with the phone service and deactivated the necessary contract with AT&T. Shortly afterward, Durgard said the bottom row buttons for phone, Internet, e-mail and iTunes stopped working. He said he called several Apple stores and they told him to just bring the phone into them. However, when he brought the phone in without the SIM card, they would not help him, according to Durgard. Durgard said that there is nothing written on the box or the warranty that stated the SIM card must be with the phone to have it fixed. When he contacted Apple, they said they would not honor the warranty without the required two-year activated contract with AT&T. ?Every single time I called, they said they would not service my phone. I told them that I had an AT&T service account, but it?s no longer valid because I had bad service with it and all I want is my phone fixed,? said Durgard. ?They tell me, ?Sorry, you have to have a two-year active agreement in order to get any hardware replaced or fixed with the phone.?? Durgard said the problem is in the hardware, not the software, and Apple shouldn?t need the SIM card to fix the phone. When he took his phone into a local Apple store and refused to leave until it was fixed, he was escorted out by police. Apple store staff acknowledged that they have had a problem with hacked phones and the company has issued a warning that unauthorized unlocking of the phone may cause permanent damage to the software that is not covered by the warranty. He has printed several pages from Apple?s support and discussion Web page of people complaining about the same issue. FOX 12 called and e-mail Apple, but the newsroom is still waiting for a response. Durgard is not certain what his next move will be but he is considering joining a class action lawsuit against Apple. From rforno at infowarrior.org Wed Oct 17 02:19:21 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 22:19:21 -0400 Subject: [Infowarrior] - The RIAA Attacks Usenet Message-ID: The RIAA Attacks Usenet Written by enigmax on October 16, 2007 http://torrentfreak.com/the-riaa-attacks-usenet-071016/ Basking in glory after orchestrating a record punishment for a petty file-sharer in the US, the RIAA takes its legal campaign to the next level. Many may want newsgroups to stay under the radar but it?s too late - major labels have filed a copyright infringement lawsuit against Usenet.com and it won?t be going away. In an ideal world, people would not talk about Usenet. In an ideal world there would be no such things as copyright infringement lawsuits. Sadly, we do not live in an ideal world. Today we simply have to talk about Usenet and we have to talk about lawsuits. Major record labels - Arista, Atlantic, BMG, Capitol, Caroline, Elektra, Interscope, LaFace, Maverick, Sony BMG, UMG, Virgin, Warner Bros. and Zomba have filed a copyright infringement lawsuit against Usenet.com. According to Billboard, the complaint filed in the District Court in New York states that Usenet.com provides access to millions of copyright infringing files and, with a nod towards the Grokster Decision, apparently ?touts its service as a haven for those seeking pirated content.? During the Grokster court case, it was ruled that even if a service or tool has substantial non-infringing uses, its owners would be liable for the infringing activities of its customers, should it be deemed that they encouraged their customers to commit copyright infringement. The complaint says that Usenet.com encourages its customers to commit copyright infringement and furthermore, facilitates such actions with its infrastructure. Therefore it?s no surprise that the lawsuit seems to hang on statements allegedly made by Usenet.com to their customers, claiming that they told them their service is ?the best way to get ?free? music now that ?file sharing websites are getting shut down.? Usenet.com does state that it?s possible to get increased levels of privacy by using their extra ?anonymous? service: ?Shh? Quiet! We believe it?s no one?s business but your own what you do on the Internet or in Usenet! We don?t log your activity. We don?t track your downloads, and neither can your ISP when you use Secure-Tunnel.com privacy package.? However, helping to ensure the privacy of your customers does not equal encouragement to commit copyright infringement and right at this moment, there doesn?t appear to be any other text on the site that would make Usenet.com fall foul of the Grokster Decision. More details should follow in due course. The lawsuit states that despite repeated requests by the labels for Usenet.com to remove infringing content, Usenet.com continued to fill its servers with infringing material from the Usenet network and then charges its users for access. It?s claimed that many of the groups offered by Usenet.com have no other use other than to disseminate copyright works and are ?explicitly dedicated to copyright infringement.? The labels want Usenet.com to admit they are committing copyright infringement with a view to obtaining an injunction and damages. To date, Usenet.com has refused to remove content or discontinue offering certain newsgroups. It will be interesting to see if other Usenet providers come out in support of Usenet.com. Further updates to follow. From rforno at infowarrior.org Wed Oct 17 02:22:53 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 22:22:53 -0400 Subject: [Infowarrior] - Again: Court Tells MLB It Does Not Own Facts Message-ID: Fantasy Sports Win Right to Player Names, Statistics (Update5) By Bob Van Voris and Jeff St.Onge http://www.bloomberg.com/apps/news?pid=20601079&sid=aLb3v875Ux.o&refer=home Oct. 16 (Bloomberg) -- Companies that operate fantasy sports leagues have a First Amendment right to use players' names and statistics for free, a court ruled in a case filed against Major League Baseball. The federal appeals court in St. Louis ruled today in favor of C.B.C. Distribution and Marketing Inc., a closely held operator of fantasy sports leagues. The ruling is a victory for the fantasy sports business, which started with statistics-rich baseball in 1980 and spread to other sports. Today it is a $1.5 billion industry, according to the Fantasy Sports Trade Association. ``It's vindication,'' said Greg Ambrosius, a former president of the association who is now editor of Fantasy Sports Magazine. ``We were a bunch of Mom-and-Pop shops who grew the industry from nothing to where it is today, and then when we got big, people started saying, `Hey, we own this.''' At issue in the litigation was the right to names and statistics of pro athletes when the information is used by a business rather than a news organization. ``It would be strange law that a person would not have a First Amendment right to use information that is available to everyone,'' a three-judge panel said, ruling the Constitution trumps the players' ability to control their publicity. Major League Baseball's position in the case was supported in legal briefs by NFL Ventures LP, National Football League Players Association, NBA Properties Inc., NHL Enterprises LP, NASCAR Inc., PGA Tour Inc. and WNBA Enterprises LLC. Fantasy Leagues Fantasy sports league participants simulate owning professional franchises, complete with scouting, drafting and trading of players. Teams compete based on players' real-life performance in numerous statistical categories. Participants pay fees to companies like C.B.C. to track the performance of real players in their imaginary leagues. Matthew Gould, a spokesman for Major League Baseball Advanced Media, a unit of MLB, declined comment on the ruling. Greg Bouris, a spokesman for the Major League Baseball Players Association, which was also named as a defendant in the suit, didn't immediately return a voicemail message seeking comment. Baseball fans are passionate about statistics, poring over daily box scores and making data-backed arguments about history's top batters and pitchers. A survey released in August by the 150- member Fantasy Sports Trade Association said 19.4 million people in the U.S. and Canada engage in fantasy sports. 2005 Contract Major League Baseball bought the rights to use player names, photographs and statistics from its players' union in 2005 for $50 million over five years. MLB sold the annual licensing rights for about $2 million each to companies including CBS Corp.'s SportsLine.com and Walt Disney Co.'s ESPN. St. Louis-based C.B.C. sued in 2005 for the right to use players' names and statistics, arguing the use is protected by the First Amendment. Last year the company won a decision by U.S. District Judge Mary Ann Medler, who held that Missouri state law on players' publicity rights was trumped by a general national policy favoring the full and free exchange of ideas. The appeals court agreed, in an opinion by Judge Morris Arnold, saying the First Amendment right to free speech supersedes state law protecting celebrities' right to control their likenesses -- the ``right of publicity.'' In a dissent, Judge Steven Colloton, who agreed with the majority's First Amendment reasoning, said C.B.C. agreed as part of an earlier licensing agreement that Major League Baseball was the legal owner of the rights to use the players' names and statistics. ``C.B.C. can surely `agree,' as a matter of good business judgment, to bargain away any uncertain First Amendment rights that it may have,'' Colloton wrote. The case is C.B.C. Distribution and Marketing Inc. v. Major League Baseball Advanced Media, 06-3357 and 06-3358, U.S. Court of Appeals for the Eighth Circuit. The lower-court case is 05cv252, U.S. District Court, Eastern District of Missouri (St. Louis). To contact the reporters on this story: Bob Van Voris in New York at rvanvoris at bloomberg.net ; Jeff St.Onge in Washington at jstonge at bloomberg.net . From rforno at infowarrior.org Wed Oct 17 02:24:17 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 16 Oct 2007 22:24:17 -0400 Subject: [Infowarrior] - Hollywood Blames Halo 3 For Bad Box Office Weekend Message-ID: Now The Movie Industry Wants To Blame Halo 3 For Bad Box Office Weekend The movie industry always wants to blame someone else when something goes wrong with ticket sales -- and it almost always seems technology focused. There is, of course, the ever popular technique of blaming bittorrent, despite the fact that the most popular movies for download do quite well at the box office. A few years ago, we heard that the industry was blaming text messaging, as apparently kids would SMS their friends to let them know that a movie sucked. Again, there was no proof of this -- but the industry insiders insisted it must be true. Over the summer, the industry had little to blame (though, they tried to pin some blame on camcording) since it actually had a record setting summer at the box office. Yet, now that we're into October, there's been a dip and the blame pointing fingers come out quick. What's the problem? Apparently it's Microsoft. You see, Halo 3 recently came out, bringing in more money on opening day than any movie ever. That news seems to have gotten the attention of some movie studio folks who are now grousing that Halo 3 is to blame for poor box office performance this past weekend (found via The Raw Feed). While there appear to be at least a few sane insiders who point out that a much bigger culprit could be the fact that the movies that came out last weekend just weren't very good, others are sticking by their story that movie watchers were staying home to play Halo 3. It's a good thing felony interference of a business model isn't a crime, or the studios would probably be suing Microsoft. Actually, I probably shouldn't give them any ideas... http://techdirt.com/articles/20071016/021315.shtml From rforno at infowarrior.org Wed Oct 17 12:11:16 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Oct 2007 08:11:16 -0400 Subject: [Infowarrior] - Metasploit Creator Distributes Exploits for iPhone Message-ID: Metasploit Creator Distributes Exploits for iPhone By Kim Zetter EmailOctober 17, 2007 | 4:00:00 AM http://blog.wired.com/27bstroke6/2007/10/metasploit-crea.html HD Moore, one of the developers of the Metasploit pen-testing (and hacking) tool, has posted exploits and detailed instructions on how to attack an iPhone. The information takes hackers -- and the FBI and NSA -- one step closer to being able to remotely and surreptitiously take control of an iPhone and turn it into a surveillance device. The exploits take advantage of a vulnerability in the TIFF image-rendering library that's used by the phone's browser, mail and iTunes software. It's the same vulnerability that allows Apple customers to unlock and customize their iPhones. But Moore's exploits will allow hackers to do much more. Last month he added capability to the Metasploit tool that would give a hacker remote shell access to an iPhone in order to deliver any arbitrary malicious code to it. All attackers needed to do was write malicious payload code. This week Moore posted some payload exploits and provided detailed instructions for writing more of them. Attackers could conceivably write code to hi-jack the contacts in an iPhone address book, access the list of received and sent calls and messages, turn the phone into a listening device, track the user's location or instruct the phone to snap photos of the user's surroundings -- including any companions who may be in sight of the camera lens. Moore says the iPhone is more vulnerable than other phones because, as he noted on his blog, it's designed so that every application on the phone, if hacked, gives an intruder root access to the entire phone. MobileSafari, MobileMail, even the Calculator, all run with full root privileges. Any security flaw in any iPhone application can lead to a complete system compromise. A rootkit takes on a whole new meaning when the attacker has access to the camera, microphone, contact list, and phone hardware. Couple this with "always-on" internet access over EDGE and you have a perfect spying device. Moore told ComputerWorld that iPhones won't be any safer if Apple plugs the security hole, which it's expected to do in the next version of its iPhone firmware. Attackers will still be able to hack the phone. "All they'll need to do is back port the firmware to an earlier version that's vulnerable," said Moore. "Apple has to leave a way to restore an iPhone back [to previous versions of the firmware]." The same technique was used to hack the Sony PSP after Sony issued an update that patched the TIFF vulnerability on that video game player. Moore and fellow researcher Kevin Finisterre go into detail about writing exploits for the iPhone here, here and here. http://blog.wired.com/27bstroke6/2007/10/metasploit-crea.html From rforno at infowarrior.org Wed Oct 17 12:19:30 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Oct 2007 08:19:30 -0400 Subject: [Infowarrior] - White House to Give Senate Panel Surveillance Program Documents Message-ID: White House to Give Senate Panel Surveillance Program Documents By Ellen Nakashima and Paul Kane Washington Post Staff Writer and washingtonpost.com Staff Writer Wednesday, October 17, 2007; A04 The White House agreed yesterday to give Senate intelligence committee members and staff access to internal documents related to its domestic surveillance program in a bid to win Democratic lawmakers' support for the administration's version of an intelligence measure. The move was meant in part to defuse a months-long clash between Congress and the Bush administration over access to legal memoranda and presidential decisions underpinning the Terrorist Surveillance Program, which allowed the government to eavesdrop without court warrants on communications between people in the United States and abroad when one of the parties is a terrorism-related suspect. < - > Besides trying to quiet congressional accusations of a coverup, the administration wants in particular to win support for a legal provision providing immunity for telecommunications companies that have been sued for violating privacy rights when they assisted the government's domestic surveillance effort. White House spokesman Tony Fratto said that administration officials "routinely meet with members of Congress and their staffs to provide them with information they need when they are considering and drafting legislation." In this case, he said, members of the Senate intelligence panel "requested access to certain materials to assist their consideration" of relief for the companies. From rforno at infowarrior.org Wed Oct 17 13:51:45 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Oct 2007 09:51:45 -0400 Subject: [Infowarrior] - Law firm prohibits "view source" on their page Message-ID: Original reference: http://www.boingboing.net/2007/10/17/lawfirm-copyright-pr.html Citing this clause: " We also own all of the code, including the HTML code, and all content. As you may know, you can view the HTML code with a standard browser. We do not permit you to view such code since we consider it to be our intellectual property protected by the copyright laws. You are therefore not authorized to do so." Full story: http://pubcit.typepad.com/clpblog/2007/10/you-hereby-agre.html Talk about a law firm TOTALLY without a clue!! *snicker*giggle*guffaw* -rf From rforno at infowarrior.org Wed Oct 17 13:53:17 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Oct 2007 09:53:17 -0400 Subject: [Infowarrior] - Amazon One-Click patent rejected by USPTO Message-ID: http://igdmlgd.blogspot.com/2007/10/amazon-one-click-patent-rejected-by-us.h tml In a recent office action, the USPTO has rejected the claims of the Amazon.com one-click patent following the re-examination request that I filed on 16 February 2006. My review resulted in the broadest claims of the patent being ruled invalid. In its Office Action released 9 October 2007, the Patent Office found that the prior art I found and submitted completely anticipated the broadest claims of the patent, U.S. Patent No. 5,960,411. I had only requested the USPTO look at claims 11, 14, 15, 16, 17, 21 and 22 but the Office Action rejects claims 11-26 and claims 1-5 as well! Amazon has the opportunity to respond to the Patent Office's rejection, but third party requests for reexamination, like the one I filed, result in having the subject patent either modified or completely revoked about 2/3 of the time. To read the original document, go to USPTO PAIR access site, choose the "Control Number" radio button, enter 90/007,946 and press the "Submit" button. Huge thanks to everyone who helped out with the re-examination fee. You know who you are. From rforno at infowarrior.org Thu Oct 18 02:27:13 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 17 Oct 2007 22:27:13 -0400 Subject: [Infowarrior] - House Dems pull wiretap bill out of political fear Message-ID: House surveillance bill pulled http://news.yahoo.com/s/ap/20071017/ap_on_go_co/terrorist_surveillance_7&pri nter=1;_ylt=AvVntOY38H5_GMyBHcZgpbeMwfIE By PAMELA HESS, Associated Press Writer2 hours, 42 minutes ago Republicans successfully maneuvered to derail a Democratic government eavesdropping bill Wednesday, delaying a House vote until next week at the earliest. The bill, which seeks to expand court oversight of government surveillance in the United States, fell victim to a gambit by the chamber's Republican minority. Democrats were forced to pull the bill from the House floor with no certainty about how it might be revived. A Democratic staff member said the bill will not be rewritten but substantive amendments may be allowed when it finally does come up for a vote, which is the Democrats' intention. The earliest that could happen is next week, as Thursday the House will be busy with an attempt to override a presidential veto of a children's health care bill. The Democratic eavesdropping bill would have allowed unfettered telephone and e-mail surveillance of foreign intelligence targets but would require special authorization if the foreign targets were likely to be in contact with people inside the United States, a provision designed to safeguard Americans' privacy. Those so-called "blanket warrants" would let the government obtain a single order authorizing the surveillance of multiple targets. Republican critics, however, said the blanket warrants would tie up intelligence agents in legal red tape, impeding them from conducting urgent surveillance of terrorist suspects. "Congress needs to move forward, not backward," President Bush said at a White House news conference as the debate in Congress began. Bush had vowed to veto the bill if it reached his desk. The House's Democratic leaders pulled the bill after discovering that Republicans planned to offer a motion that politically vulnerable Democrats would have a hard time voting against. The amendment would have said that nothing in the bill could limit surveillance of Osama bin Laden and terrorist organizations. While Democrats say their bill already provides that authority, voting against the amendment could make it seem as though a member of Congress were against spying on al-Qaida. Republicans sought to play down the amendment's role in causing the bill to be pulled. Michigan Rep. Pete Hoekstra, the top Republican on the House Intelligence Committee, said the bill was losing moderate Democratic votes because it was fundamentally flawed. Passage of the Republican amendment would have sent the bill immediately back to committee, effectively killing it. Key Democrats believed they were short of the votes needed to defeat the move. "Our proposal gives Democrats a very simple choice: They can allow our intelligence officials to conduct surveillance on likes of Osama bin Laden and al-Qaida or prohibit them from doing so and jeopardize our national security," said Republican leader Rep. John Boehner of Ohio in a statement. The Democratic bill had faced opposition from the left, as well. The American Civil Liberties Union has been waging a campaign against it, arguing it should require individual court orders every time an American's communications are intercepted. Some liberal Democrats shared those concerns, and "Republicans took advantage of a tenuous situation," said Caroline Fredrickson, ACLU's Washington Legislative director. House Intelligence Committee Chairman Silvestre Reyes, D-Texas, argued that the bill carefully balances civil liberties with the need for speed and flexibility in spying on terrorists. The current surveillance law gave the government so many authorities "that people are not safe and secure in their own homes. The government can go in there and search computers and residences," Reyes said. "This legislation corrects the deficiencies." Bush's veto threat came in part because the bill lacks retroactive immunity from lawsuits for telecommunications companies. They have been accused in about 40 civil suits of violating wiretapping and intelligence laws by secretly providing the government access to Americans' e-mails and phone records without court orders. House Democrats have pledged that no immunity will be granted until the White House tells Congress exactly what the telecommunications companies did that requires legal protection. The administration contends that without immunity the companies could be bankrupted by legal penalties. The Senate's version of the bill, expected to be released Thursday, is likely to include at least a limited immunity provision, according to sources close to the process who demanded anonymity because the measure was not final. The measures would amend the 1978 Foreign Intelligence Surveillance Act, which dictates when the government must obtain eavesdropping warrants from a secret intelligence court. That law was last changed in August after the administration argued technological advances had made it too cumbersome and created a dire gap in its intelligence collection. The updated law allowed the government to eavesdrop without a court order on communications conducted by a person reasonably believed to be outside the U.S., even if an American is on one end of the conversation ? so long as that American is not the intended focus or target of the surveillance. From rforno at infowarrior.org Thu Oct 18 12:17:05 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2007 08:17:05 -0400 Subject: [Infowarrior] - Senate and Bush Agree On Terms of Spying Bill Message-ID: Senate and Bush Agree On Terms of Spying Bill Some Telecom Companies Would Receive Immunity By Jonathan Weisman and Ellen Nakashima Washington Post Staff Writers Thursday, October 18, 2007; A01 http://www.washingtonpost.com/wp-dyn/content/article/2007/10/17/AR2007101702 438_pf.html Senate Democrats and Republicans reached agreement with the Bush administration yesterday on the terms of new legislation to control the federal government's domestic surveillance program, which includes a highly controversial grant of legal immunity to telecommunications companies that have assisted the program, according to congressional sources. Disclosure of the deal followed a decision by House Democratic leaders to pull a competing version of the measure from the floor because they lacked the votes to prevail over Republican opponents and GOP parliamentary maneuvers. The collapse marked the first time since Democrats took control of the chamber that a major bill was withdrawn from consideration before a scheduled vote. It was a victory for President Bush, whose aides lobbied heavily against the Democrats' bill, and an embarrassment for House Speaker Nancy Pelosi (D-Calif.), who had pushed for the measure's passage. The draft Senate bill has the support of the intelligence committee's chairman, John D. Rockefeller IV (D-W.Va.), and Bush's director of national intelligence, Mike McConnell. It will include full immunity for those companies that can demonstrate to a court that they acted pursuant to a legal directive in helping the government with surveillance in the United States. Such a demonstration, which the bill says could be made in secret, would wipe out a series of pending lawsuits alleging violations of privacy rights by telecommunications companies that provided telephone records, summaries of e-mail traffic and other information to the government after Sept. 11, 2001, without receiving court warrants. Bush had repeatedly threatened to veto any legislation that lacked this provision. Senate Democrats successfully pressed for a requirement that the Foreign Intelligence Surveillance Court review the government's procedures for deciding who is to be the subject of warrantless surveillance. They also insisted that the legislation be renewed in six years, Democratic congressional officials said. The Bush administration had sought less stringent oversight by the court and wanted the law to be permanent. The domestic surveillance issue has been awkward for Democrats since the administration's secret program of warrantless counterterrorism surveillance became public in late 2005. In August, a coalition of Republicans and dissident Democrats passed a measure backed by the White House that put that program on firm legal ground by expressly permitting the government to wiretap foreign targets without a court order, including, under certain circumstances, when those targets are communicating with people in the United States. But Democratic leaders insisted that the law expire in February, so they could try again to impose more restrictions on the administration's ability to spy domestically. Most Democratic lawmakers and party members -- backed by civil libertarians and even some conservatives -- wanted the new legislation to ensure for example that future domestic surveillance in foreign-intelligence-related investigations would be overseen by the foreign surveillance court. The court was created in response to CIA and FBI domestic spying abuses unmasked in the mid-1970s. But conservative Democrats worried about Republicans' charges that the Democratic bill extended too many rights to suspected terrorists. "There is absolutely no reason our intelligence officials should have to consult government lawyers before listening in to terrorist communications with the likes of Osama bin Laden, al-Qaeda and other foreign terror groups," said House Minority Leader John A. Boehner (R-Ohio). The measure "extends our Constitution beyond American soil to our enemies who want to cut the heads off Americans," said Rep. Louie Gohmert (R-Tex.). An adroit Republican parliamentary maneuver ultimately sank the bill. GOP leaders offered a motion that would have sent it back to the House intelligence and Judiciary committees with a requirement that they add language specifying that nothing in the measure would apply to surveilling the communications of bin Laden, al-Qaeda or other foreign terrorist organizations. Approval of the motion would have restarted the legislative process, effectively killing the measure by delay. Democratic leaders scrambled to persuade their members to oppose it, but with Republicans accusing Democrats of being weak on terrorism, a "no" vote proved too hard to sell, and so the bill was pulled from the floor. Stacey Bernards, a spokeswoman for House Majority Leader Steny H. Hoyer (D-Md.), called the Republican maneuver "a cheap shot, totally political." Caroline Fredrickson, director of the Washington legislative office of the American Civil Liberties Union, called it a "perfect storm" of progressive Democrats who did not think the bill protected basic constitutional rights and of Republicans who took advantage of the lack of unity. "It was too precipitous a process, and it ended up in a train wreck," she said. "It was total meltdown." The House bill contained safeguards against spying on U.S. citizens that the Bush administration said would have interfered with its national security investigations. Some liberals, on the other hand, complained that it still allowed the surveillance of Americans to occur without individual warrants. It would have empowered the special surveillance court to issue warrants allowing the government to intercept for up to one year the phone calls and e-mails of groups of foreign targets, such as al-Qaeda or Hamas, without requiring that the surveillance of each person be approved. If the foreign target of the surveillance was calling a person in the United States significant enough also to be deemed an intelligence target, then an individual warrant would be required, as provided under past law. The bill would have required the court to review the government's surveillance procedures to ensure that they were designed to target only people outside the country. Such reviews could be delayed up to 45 days after surveillance began in emergencies. It also would have barred warrantless physical searches in the United States, including of homes, offices, computers and medical records, and made clear that the National Security Agency and the CIA could not eavesdrop on targeted Americans, even those abroad, without a traditional court warrant. It was unclear late yesterday whether similar provisions are included in the Senate version of the bill that attracted bipartisan support from lawmakers and key intelligence officials. The Senate deal was reached after the White House made available to the intelligence committee some of the documents underlying the administration's post-Sept. 11 warrantless surveillance program, to encourage the panel to include the telecommunications immunity provision. Democrats warned yesterday that the Senate intelligence panel's consensus bill must gain the approval of the Senate Judiciary Committee, whose chairman and ranking Republican have said, like their House counterparts, that they are wary of granting immunity to telecommunications companies. In June, the Judiciary Committee subpoenaed the documents underlying the warrantless surveillance program, and Chairman Patrick J. Leahy (D-Vt.) and ranking Republican Arlen Specter (Pa.) said they wanted to see those documents before endorsing any immunity clause. "I'm not going to buy a pig in a poke and commit to retroactive immunity when I don't know what went on" in the past, Specter said Tuesday on CNN's "Situation Room." "I agree with Arlen," Leahy said on the program. From rforno at infowarrior.org Thu Oct 18 12:23:21 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2007 08:23:21 -0400 Subject: [Infowarrior] - Finally, someone gets through to Comcast! Message-ID: >From today's WaPo: I give this woman high marks for courage and competency! ---rf Taking a Whack Against Comcast Mona Shaw Reached Her Breaking Point, Then for Her Hammer http://tinyurl.com/2pf3em From rforno at infowarrior.org Thu Oct 18 12:31:36 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2007 08:31:36 -0400 Subject: [Infowarrior] - Google unveils plans for online personal health records Message-ID: Google unveils plans for online personal health records Well, plans to make plans, at least Heather Havenstein http://www.computerworld.com/action/article.do?command=viewArticleBasic&arti cleId=9043038&intsrc=hm_list October 17, 2007 (Computerworld) -- Less than two weeks after Microsoft Corp. announced plans to support online personal health information records, Google unveiled plans to follow suit. Marissa Mayer, Google's vice president of search products and user experience, said Wednesday here at the Web 2.0 Summit that Google plans to support the "storage and movement" of people's health records. Although she provided only scant details on the effort, she noted that Google became interested in the personal health record market as it watched Hurricane Katrina take aim at the Gulf Coast and all the paper-based records stored in various medical offices and hospitals in the region. "In that moment it was too late for us to mobilize," Mayer said. "It doesn't make sense to generate this volume of information on paper. It should be something that is digital. People should have control over their own records." For example, she noted, when people change physicians they should have access to their own x-rays, which they can take to their own doctor instead of having new ones made. "This is obviously a really big vision. It is a huge endeavor. It will take a lot of breakthroughs in digitization. This is something we are committed to. You'll be seeing a lot more activity here in the... months to come, so stay tuned." Microsoft launched its Healthvault measure two weeks ago at an event in Washington D.C. From rforno at infowarrior.org Thu Oct 18 12:33:43 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2007 08:33:43 -0400 Subject: [Infowarrior] - How politicians weakened a legal shield for bloggers Message-ID: October 17, 2007 12:13 PM PDT How politicians weakened a legal shield for bloggers Posted by Declan McCullagh http://www.news.com/8301-13578_3-9799178-38.html?part=rss&subj=news&tag=2547 -1_3-0-20 The House of Representatives' vote on Tuesday for a journalist shield bill is a timely example of how legislation can be watered down surprisingly quickly. Originally the proposed shield law gave a broad immunization to journalists, including bloggers who acted as journalists. But eventually it morphed into a far less protective form. Here's the progression: #1 Original version: The term "covered person" means a person engaged in journalism and includes a supervisor, employer, parent, subsidiary, or affiliate of such covered person. #2 Second version approved by a House committee: The term "covered person" means a person who, for financial gain or livelihood, is engaged in journalism and includes a supervisor, employer, parent, subsidiary, or affiliate of such covered person. #3 Third version as approved by the full House: The term "covered person" means a person who regularly gathers, prepares, collects, photographs, records, writes, edits, reports, or publishes news or information that concerns local, national, or international events or other matters of public interest for dissemination to the public for a substantial portion of the person's livelihood or for substantial financial gain and includes a supervisor, employer, parent, subsidiary, or affiliate of such covered person. The original version was reasonably protective, and the term "engaged in journalism" was reasonably well-defined. But by the time our esteemed elected representatives got finished with it, a serious blogger who breaks news (but doesn't have Google Ads on his site) would not benefit from the shield. It requires "substantial" income, even though not all good journalism is done for significant financial gain. By the way, all versions of the shield legislation are pretty milquetoast when it comes to actually protecting journalists. They say that journalists can be ordered to the witness stand as long as a judge thinks their testimony may be "essential to the investigation or prosecution or to the defense against the prosecution," which is not that significant a hurdle in practice. I know this firsthand. The U.S. Department of Justice served me with a subpoena to testify in a criminal case in Tacoma, Wash., and then demanded that the judge declare me a hostile witness when I refused to answer certain questions. Even the weakened, final version of the House bill is better than nothing, but I fear it'll prove to be a very thin and easily circumvented shield in practice. From rforno at infowarrior.org Thu Oct 18 12:37:11 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2007 08:37:11 -0400 Subject: [Infowarrior] - New Anti-Piracy Consortium Message-ID: Group of Net, Media Companies To Announce Copyright Guidelines By KEVIN J. DELANEY October 18, 2007 5:04 a.m. http://online.wsj.com/article/SB119269788721663302.html?mod=googlenews_wsj SAN FRANCISCO -- A group of Internet, media and technology companies plans to announce today a set of guidelines they have agreed on aimed at protecting copyrights online, according to a person familiar with the matter. The companies supporting the principles include CBS Corp., Dailymotion, Microsoft Corp., NBC Universal, News Corp.'s Fox and MySpace units, Viacom Inc. and Walt Disney Co., the familiar person says. Notably absent is Google Inc., which had been in discussions about possibly joining the group, people familiar with the matter say. The guidelines are meant to address copyright-related issues that have flared up as user posting of content -- particularly video -- to the Web has boomed. The agreed-upon principles include using technology to eliminate copyright-infringing content uploaded by users to Web sites, and blocking any infringing material before it is publicly accessible, says the person familiar with the matter. Google on Monday unveiled technology it has been testing to automate the identification of copyrighted material on its YouTube video-sharing service. It said the technology cannot yet prevent infringing content from being posted initially, though it can pull flagged content off the site "in a matter of a few minutes." Viacom in March sued Google, alleging willful copyright infringement by YouTube and claiming over $1 billion in damages. Google has said that it complies with U.S. law by removing any infringing video clips when requested by the content owners. Write to Kevin J. Delaney at kevin.delaney at wsj.com From rforno at infowarrior.org Thu Oct 18 13:54:47 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2007 09:54:47 -0400 Subject: [Infowarrior] - Plan Would Ease Limits on Media Owners Message-ID: Plan Would Ease Limits on Media Owners By STEPHEN LABATON http://www.nytimes.com/2007/10/18/business/media/18broadcast.html?ei=5065&en =3587dbb202bd2dcc&ex=1193371200&partner=MYWAY&pagewanted=print WASHINGTON, Oct. 17 ? The head of the Federal Communications Commission has circulated an ambitious plan to relax the decades-old media ownership rules, including repealing a rule that forbids a company to own both a newspaper and a television or radio station in the same city. Kevin J. Martin, chairman of the commission, wants to repeal the rule in the next two months ? a plan that, if successful, would be a big victory for some executives of media conglomerates. Among them are Samuel Zell, the Chicago investor who is seeking to complete a buyout of the Tribune Company, and Rupert Murdoch, who has lobbied against the rule for years so that he can continue controlling both The New York Post and a Fox television station in New York. The proposal appears to have the support of a majority of the five commission members, agency officials said, although it is not clear that Mr. Martin would proceed with a sweeping deregulatory approach on a vote of 3 to 2 ? something his predecessor tried without success. In interviews on Wednesday, the agency?s two Democratic members raised questions about Mr. Martin?s approach. Mr. Martin said he was striving to reach a consensus with his fellow commissioners, both on the schedule and on the underlying rule changes, although he would not say whether he would move the measures forward if he were able to muster only three votes. ?We?ve had six hearings around the country already; we?ve done numerous studies; we?ve been collecting data for the last 18 months; and the issues have been pending for years,? Mr. Martin said in an interview. ?I think it is an appropriate time to begin a discussion to complete this rule-making and complete these media ownership issues.? Officials said the commission would consider loosening the restrictions on the number of radio and television stations a company could own in the same city. Currently, a company can own two television stations in the larger markets only if at least one is not among the four largest stations and if there are at least eight local stations. The rules also limit the number of radio stations that a company can own to no more than eight in each of the largest markets. The deregulatory proposal is likely to put the agency once again at the center of a debate between the media companies, which view the restrictions as anachronistic, and civil rights, labor, religious and other groups that maintain the government has let media conglomerates grow too large. As advertising increasingly migrates from newspapers to the Internet, the newspaper industry has undergone a wave of upheaval and consolidation. That has put new pressure on regulators to loosen ownership rules. But deregulation in the media is difficult politically, because many Republican and Democratic lawmakers are concerned about news outlets in their districts being too tightly controlled by too few companies. In recent months, industry executives had all but abandoned the hope that regulators would try to modify the ownership rules in the waning days of the Bush administration. ?This is a big deal because we have way too much concentration of media ownership in the United States,? Senator Byron L. Dorgan, Democrat of North Dakota, said at a hearing on Wednesday called to examine the digital transition of the television industry. ?If the chairman intends to do something by the end of the year,? Mr. Dorgan added, his voice rising, ?then there will be a firestorm of protest and I?m going to be carrying the wood.? Supporters of the changes say that the rules are outdated and that there is ample empirical evidence to support their repeal. A small number of media companies, including The New York Times Company, are able to own both a newspaper and a radio station in the same city because the cross-ownership restrictions, which went into effect in 1974, were not applied retroactively. Mr. Martin faces obstacles within the agency to overhauling the rules. One Democrat on the commission, Michael J. Copps, is adamantly opposed to loosening the rules. The other, Jonathan S. Adelstein, has said that the agency first needs to address other media issues, including encouraging improved coverage of local events and greater ownership of stations by companies controlled by women and minorities. Advisers to Mr. Martin said he hoped to gain the support of at least one of the Democrats, probably Mr. Adelstein, but Mr. Adelstein said in an interview on Wednesday that Mr. Martin?s proposed timetable was ?awfully aggressive.? Three years ago, the commission lost a major court challenge to its last effort, led by Michael K. Powell, its chairman at the time, to relax the media ownership rules. The United States Court of Appeals for the Third Circuit, in Philadelphia, concluded that the commission had failed to adequately justify the new rules. Mr. Martin?s proposal would presumably include new evidence aimed at fending off similar legal challenges. Mr. Powell?s effort, which had been supported by lobbyists for broadcasters, newspapers and major media conglomerates, provoked a wave of criticism from a broad coalition of opponents. Among them were the National Organization for Women, the National Rifle Association, the Parents Television Council and the United States Conference of Catholic Bishops. The agency was flooded with nearly three million comments against changing the rules, the most it has ever received in a rule-making process. Since the appeals court struck down the deregulatory changes, the commission has continued to study the issues at a leisurely pace, and it held a series of hearings around the nation. It had not made any new proposals, and industry executives had not expected the agency to move again so soon. But in recent days, Mr. Martin has proposed to expedite the rule-making and hold a final vote in December. In part, he has told commission officials, he was reacting to criticism by Mr. Copps about temporary waivers that have allowed companies to own newspapers and stations in the same market. Mr. Zell has said he wants to complete his $8.2 billion buyout of Tribune Company by the end of the year. Tribune had been granted what were supposed to be temporary waivers to the rule to allow it to control newspapers and television stations in five cities: New York, Chicago, Los Angeles, Hartford and the Miami-Fort Lauderdale area. Mr. Copps, who for years has waged a campaign against media consolidation, said that it would be hard for the commission to proceed during an election year because media consolidation has provoked deep public skepticism in the past. He said Mr. Martin?s proposal to complete a relaxation of the rules in December would require procedural shortcuts, giving the public too little time to comment on the proposals and industry experts too little time to weigh their impact on news operations. ?We shouldn?t be doing anything without having a credible process and nothing should be done to get in the way of Congressional oversight and more importantly, public oversight,? Mr. Copps said in a telephone interview from London. ?We?ve got to have that public scrutiny. That was one of the big mistakes that Mr. Powell made, and he was taken to the woodshed by the Third Circuit. I fear it is d?j? vu all over again.? From rforno at infowarrior.org Fri Oct 19 01:51:40 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 18 Oct 2007 21:51:40 -0400 Subject: [Infowarrior] - Senator Dodd Announces He Will Stop Telecom Immunity Bill Message-ID: Senator Dodd Announces He Will Stop Telecom Immunity Bill By Ryan Singel EmailOctober 18, 2007 | http://blog.wired.com/27bstroke6/2007/10/senator-dodd-an.html Connecticut Democratic Senator Christopher Dodd has vowed to put a hold on a Senate bill that reportedly would grant retroactive legal protection to any phone or internet company that helped with the president's secret, warrantless wiretapping program, Dodd announced via email and on his presidential campaign website Thursday. Dodd's surprise, pre-emptive strike is extraordinary, since the proposed bill has not yet even been formally introduced. The Senate Intelligence Committee is marking up the bill in a closed hearing. Under Senate rules, any Senator can block legislation from reaching the floor for a vote, but it's a move that is usually done secretly and it can easily anger colleagues and is generally sparingly used. >From Dodd's site: The Military Commissions Act. Warrantless wiretapping. Shredding of Habeas Corpus. Torture. Extraordinary Rendition. Secret Prisons. No more. I have decided to place a "hold" on the latest FISA bill that would have included amnesty for telecommunications companies that enabled the President's assault on the Constitution by illegally providing personal information on their customers without judicial authorization. Update: Dodd's move is fairly stunning and gutsy. As I wrote elsewhere, Dodd is going all in with his political capital on this. Even if he wins, he'll pay a price in the Senate for this stand. From rforno at infowarrior.org Fri Oct 19 13:22:03 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2007 09:22:03 -0400 Subject: [Infowarrior] - Comcast Blocks Some Internet Traffic Message-ID: Comcast Blocks Some Internet Traffic Friday October 19, 9:15 am ET By Peter Svensson, AP Technology Writer Comcast Actively Hinders Subscribers' File-Sharing Traffic, AP Testing Shows http://biz.yahoo.com/ap/071019/comcast_data_discrimination.html?.v=2 NEW YORK (AP) -- Comcast Corp. actively interferes with attempts by some of its high-speed Internet subscribers to share files online, a move that runs counter to the tradition of treating all types of Net traffic equally. ADVERTISEMENT The interference, which The Associated Press confirmed through nationwide tests, is the most drastic example yet of data discrimination by a U.S. Internet service provider. It involves company computers masquerading as those of its users. If widely applied by other ISPs, the technology Comcast is using would be a crippling blow to the BitTorrent, eDonkey and Gnutella file-sharing networks. While these are mainly known as sources of copyright music, software and movies, BitTorrent in particular is emerging as a legitimate tool for quickly disseminating legal content. The principle of equal treatment of traffic, called "Net Neutrality" by proponents, is not enshrined in law but supported by some regulations. Most of the debate around the issue has centered on tentative plans, now postponed, by large Internet carriers to offer preferential treatment of traffic from certain content providers for a fee. Comcast's interference, on the other hand, appears to be an aggressive way of managing its network to keep file-sharing traffic from swallowing too much bandwidth and affecting the Internet speeds of other subscribers. Comcast, the nation's largest cable TV operator and No. 2 Internet provider, would not specifically address the practice, but spokesman Charlie Douglas confirmed that it uses sophisticated methods to keep Net connections running smoothly. "Comcast does not block access to any applications, including BitTorrent," he said. Douglas would not specify what the company means by "access" -- Comcast subscribers can download BitTorrent files without hindrance. Only uploads of complete files are blocked or delayed by the company, as indicated by AP tests. But with "peer-to-peer" technology, users exchange files with each other, and one person's upload is another's download. That means Comcast's blocking of certain uploads has repercussions in the global network of file sharers. Comcast's technology kicks in, though not consistently, when one BitTorrent user attempts to share a complete file with another user. Each PC gets a message invisible to the user that looks like it comes from the other computer, telling it to stop communicating. But neither message originated from the other computer -- it comes from Comcast. If it were a telephone conversation, it would be like the operator breaking into the conversation, telling each talker in the voice of the other: "Sorry, I have to hang up. Good bye." Matthew Elvey, a Comcast subscriber in the San Francisco area who has noticed BitTorrent uploads being stifled, acknowledged that the company has the right to manage its network, but disapproves of the method, saying it appears to be deceptive. "There's the wrong way of going about that and the right way," said Elvey, who is a computer consultant. Comcast's interference affects all types of content, meaning that, for instance, an independent movie producer who wanted to distribute his work using BitTorrent and his Comcast connection could find that difficult or impossible -- as would someone pirating music. Internet service providers have long complained about the vast amounts of traffic generated by a small number of subscribers who are avid users of file-sharing programs. Peer-to-peer applications account for between 50 percent and 90 percent of overall Internet traffic, according to a survey this year by ipoque GmbH, a German vendor of traffic-management equipment. "We have a responsibility to manage our network to ensure all our customers have the best broadband experience possible," Douglas said. "This means we use the latest technologies to manage our network to provide a quality experience for all Comcast subscribers." The practice of managing the flow of Internet data is known as "traffic shaping," and is already widespread among Internet service providers. It usually involves slowing down some forms of traffic, like file-sharing, while giving others priority. Other ISPs have attempted to block some file-sharing application by so-called "port filtering," but that method is easily circumvented and now largely ineffective. Comcast's approach to traffic shaping is different because of the drastic effect it has on one type of traffic -- in some cases blocking it rather than slowing it down -- and the method used, which is difficult to circumvent and involves the company falsifying network traffic. The "Net Neutrality" debate erupted in 2005, when AT&T Inc. suggested it would like to charge some Web companies more for preferential treatment of their traffic. Consumer advocates and Web heavyweights like Google Inc. and Amazon Inc. cried foul, saying it's a bedrock principle of the Internet that all traffic be treated equally. To get its acquisition of BellSouth Corp. approved by the Federal Communications Commission, AT&T agreed in late 2006 not to implement such plans or prioritize traffic based on its origin for two and a half years. However, it did not make any commitments not to prioritize traffic based on its type, which is what Comcast is doing. The FCC's stance on traffic shaping is not clear. A 2005 policy statement says that "consumers are entitled to run applications and services of their choice," but that principle is "subject to reasonable network management." Spokeswoman Mary Diamond would not elaborate. Free Press, a Washington-based public interest group that advocates Net Neutrality, opposes the kind of filtering applied by Comcast. "We don't believe that any Internet provider should be able to discriminate, block or impair their consumers ability to send or receive legal content over the Internet," said Free Press spokeswoman Jen Howard. Paul "Tony" Watson, a network security engineer at Google Inc. who has previously studied ways hackers could disrupt Internet traffic in manner similar to the method Comcast is using, said the cable company was probably acting within its legal rights. "It's their network and they can do what they want," said Watson. "My concern is the precedent. In the past, when people got an ISP connection, they were getting a connection to the Internet. The only determination was price and bandwidth. Now they're going to have to make much more complicated decisions such as price, bandwidth, and what services I can get over the Internet." Several companies have sprung up that rely on peer-to-peer technology, including BitTorrent Inc., founded by the creator of the BitTorrent software (which exists in several versions freely distributed by different groups and companies). Ashwin Navin, the company's president and co-founder, confirmed that it has noticed interference from Comcast, in addition to some Canadian Internet service providers. "They're using sophisticated technology to degrade service, which probably costs them a lot of money. It would be better to see them use that money to improve service," Navin said, noting that BitTorrent and other peer-to-peer applications are a major reason consumers sign up for broadband. BitTorrent Inc. announced Oct. 9 that it was teaming up with online video companies to use its technology to distribute legal content. Other companies that rely on peer-to-peer technology, and could be affected if Comcast decides to expand the range of applications it filters, include Internet TV service Joost, eBay Inc.'s Skype video-conferencing program and movie download appliance Vudu. There is no sign that Comcast is hampering those services. Comcast subscriber Robb Topolski, a former software quality engineer at Intel Corp., started noticing the interference when trying to upload with file-sharing programs Gnutella and eDonkey early this year. In August, Topolski began to see reports on Internet forum DSLreports.com from other Comcast users with the same problem. He now believes that his home town of Hillsboro, Ore., was a test market for the technology that was later widely applied in other Comcast service areas. Topolski agrees that Comcast has a right to manage its network and slow down traffic that affects other subscribers, but disapproves of their method. "By Comcast not acknowledging that they do this at all, there's no way to report any problems with it," Topolski said. Associated Press Writers Ron Harris, Brian Bergstein, Deborah Yao and Kathy Matheson contributed to this story. http://www.comcast.com http://www.bittorrent.com http://www.sandvine.com From rforno at infowarrior.org Sat Oct 20 01:21:48 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2007 21:21:48 -0400 Subject: [Infowarrior] - How Comcast blocks your Internet traffic Message-ID: How Comcast blocks your Internet traffic http://machinist.salon.com/ Bless the Associated Press for unearthing, through careful and diligent investigation, Comcast's shameful, hidden Internet traffic-management scheme. Comcast, the AP determined, actively manages data on its network by using software to essentially masquerade as its subscribers' machines. When non-Comcast Internet subscribers request files from your Comcast-connected machine -- as happens in peer-to-peer file-sharing applications -- Comcast's technology steps in and tells the non-Comcast subscriber you're not available. This is a difficult story to explain, but it's quite important. For years, consumer advocates have been demanding that Congress and/or the Federal Communications Commission impose "network neutrality" regulations that would force broadband providers (like Comcast) to treat all data on a network equally. Lawmakers have so far failed to do so. Broadband providers, meanwhile, insist that they do treat all traffic equally, but they reserve the right to use certain technologies to "manage" data on their network. The Comcast plan suggests that broadband providers mean something very broad by "traffic management" -- including, it appears, purposefully stepping into your network sessions to shut them down. To understand why this whole process is so egregious, let's look at it in FAQ format. What is Comcast doing, and why? The Internet is awash in peer-to-peer applications. In such programs, you get (and send) pieces of a file from (and to) computers all over, rather than communicating with a single big server (as you do, say, when you download a YouTube video). The technology first gained prominence with music- and movie-sharing apps -- Napster, Kazaa, etc. -- but today P2P tech is deployed in all kinds of software, including for Internet phone services (Skype) and TV (Joost). BitTorrent, one of the most popular peer-to-peer protocols, is used to download all kinds of stuff, both legal and illegal. Broadband providers have a love-hate relationship with peer-to-peer apps. On the one hand, peer-to-peer programs increase the demand for high-speed access -- many people decide to subscribe to broadband service only because of amazing apps like Kazaa, BitTorrent, Skype and others. But peer-to-peer programs also eat up space on a network, because every user is downloading and uploading data for long periods of time. And for providers, a clogged network costs money and hurts their reputation. (If peer-to-peer users use up all the space, other users complain that their Web surfing is too slow.) Providers thus have an incentive to reduce peer-to-peer traffic on their networks. But they can't do so openly because, remember, a lot of people only pay for services like Comcast in order to use peer-to-peer programs. Moreover, in their marketing copy, Comcast and other broadband companies play up the "unlimited" nature of their plans. They don't really want to tell people that, actually, they're managing their networks so that you can't do all you want with it (though in the fine print that subscribers never read, they all reserve the right to do so). The upshot, then: Comcast wants to manage its traffic. It just doesn't want people to know that it does. So how does Comcast silently manage traffic? The effort that the AP reports on was first discovered by Robb Topolski, a software engineer who hangs out at the forums on DSLReports.com. In May, he posted a detailed note on the forum describing Comcast's traffic management operation. The system works, Topolski guessed, by limiting communication at the "boundary" of Comcast's network -- that is, the point where Comcast's network connects with the larger Internet. To detect peer-to-peer communication, Comcast inspects packets -- the smallest meaningful bit of information on the Internet -- as they cross the network boundary. If Comcast determines that there are too many peer-to-peer users within its network sending files to people outside the network, it begins to interrupt the connections between Comcast users and those beyond Comcast. To interrupt these communications, Comcast appears to be using technology made by a network management company called Sandvine. What's remarkable is how Sandvine manages to disrupt peer-to-peer traffic. As Topolski describes it, Sandvine's system sends a "forged" packet to each of the two computers engaged in a peer-to-peer transfer -- the forged packet looks like it came from the other person's computer, and it basically tells each machine that the other is unavailable, ending the transfer. The AP describes this marvelously: "Each PC gets a message invisible to the user that looks like it comes from the other computer, telling it to stop communicating. But neither message originated from the other computer -- it comes from Comcast. If it were a telephone conversation, it would be like the operator breaking into the conversation, telling each talker in the voice of the other: 'Sorry, I have to hang up. Goodbye.'" So what? Isn't Comcast only stopping illegal file sharing? No! Comcast's system doesn't look at the copyright status of the materials you're trading -- it only looks at the technical protocols you're using to conduct the trade, and blocks access based on those protocols alone. And just because people use these technical protocols to trade illegal materials doesn't mean that every use is illegal. Case in point: To test how Comcast is managing traffic, AP reporters tried to download a version of the King James Bible using BitTorrent. The Bible, of course, is perfectly legal to trade; indeed, some people might say that putting the good book up for others to download is a blessed thing. But when AP reporters tried to download the Bible from Comcast subscribers in Philadelphia and San Francisco, they found that the connections were either blocked outright or delayed. (Downloads from other providers worked fine.) In his post, Rob Topolski points to another way Comcast's system can disrupt legitimate traffic. Say you have a band and you want to put up your CD on a file-sharing network for others to download. If you're a Comcast subscriber, you would find this very hard to do -- since Comcast limits peer-to-peer connections at the network boundary, "the time it would take to get a complete copy of a music file to a point outside of the Comcast network is dramatically increased," Topolski wrote. OK, but so what? Even if Comcast is blocking peer-to-peer traffic, that doesn't affect me -- all I'm doing is browsing the Web! Sure, this only affects peer-to-peer transfers -- at least, as far as we know. The most alarming thing about this scheme is that Comcast is conducting it on the sly. It didn't alert anyone to its filtering mechanism -- not its customers, not other ISPs, nobody. Indeed, Comcast is still not coming clean. A company rep tells the AP: "We rarely disclose our vendors or our processes for operating our network for competitive reasons and to protect against network abuse," he said. And then there's the sheer dishonesty of the practice. Comcast's system is silently listening in to your Internet traffic and inserting itself into the communication in order to shut it down. If the company feels justified doing this on peer-to-peer connections, what's to say it wouldn't feel similarly justified shutting down or slowing down your communication with Amazon.com, or NYTimes.com, or YouTube or any other online service (whether because it doesn't like the content, or because it's got an economic incentive, or because it's just mean) -- and all without telling us? OK, so what can we do about this? It'd be wonderful if the solution was to simply stop subscribing to Comcast. If that would make you feel better, by all means, cancel your subscription. But know this: Other broadband vendors have not distinguished themselves on the issue of network neutrality. In general, major broadband companies say they should be free to manage traffic on their networks, and it's impossible to tell how expansively they understand that "management" role. If Comcast is saving money by adopting such methods, you can bet others are already doing so, or soon will. It would be shocking if Comcast were the only one. But there is an obvious solution. It has been obvious for some time. We need a law! Providers should be proscribed from interrupting customers' connections or, at the very least, from doing so secretly -- if they're going to disrupt your traffic in any way, they should be forced to tell you how. Broadband companies have long argued that network neutrality regulations are unnecessary. The Comcast scheme pretty definitively proves otherwise. [Flickr picture by dmuth. From rforno at infowarrior.org Sat Oct 20 01:26:06 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 19 Oct 2007 21:26:06 -0400 Subject: [Infowarrior] - Walmart pre-emptively threatens lawsuits over Black Friday info Message-ID: Wal-Mart: Stop leaking Black Friday deals Retailer is threatening legal action if Web sites leak its highly-popular Black Friday circular before Nov. 19. By Parija B. Kavilanz, CNNMoney.com senior writer October 18 2007: 3:07 PM EDT http://money.cnn.com/2007/10/18/news/companies/walmart_blackfridaylegal/inde x.htm NEW YORK (CNNMoney.com) -- Wal-Mart, clearly annoyed that some Web sites are leaking its much-anticipated Black Friday circular weeks in advance, is threatening legal action if those sites do it again this year. Brad Olson, the founder of Gottadeal.com, a Web site that markets itself as one of many "official Black Friday deals sites," told CNNMoney.com that he received an e-mail Wednesday from lawyers representing Wal-Mart (Charts, Fortune 500) warning him against "improper release" of the No. 1 retailer's Black Friday sales circular. And he isn't the only one. Neal Rapoport, founder of Dealtaker.com which also leaks Black Friday ads, received the same legal notice from Wal-Mart on Wednesday. "It has recently come to our attention that you and/or your company may potentially obtain possession of and untimely release Wal-Mart's sales circulars, advertisements or other information prior to their authorized release dates," the law firm Baker Hostetler, which represents Wal-Mart, wrote in a legal notice e-mailed to Brad Olson and obtained by CNNMoney.com. Wal-Mart chops prices again The notice said Wal-Mart's circulars are protected by copyright laws, and any unauthorized reproduction, publication or distribution of that information prior to Wal-Mart's release date of Nov. 19 for its Black Friday ads "violates Wal-Mart's right." "To the extent that the methods of acquisition or use include criminal activity, criminal penalties may also apply," the notice said. "This is very unusual. I've never been threatened this way by Wal-Mart before," Olson said. Last year, Olson provided CNNMoney.com with Wal-Mart's Black Friday ad as early as Oct. 30. Wal-Mart didn't officially release its Black Friday deals until closer to the day-after-Thanksgiving salesfest. Olson has successfully leaked Wal-Mart's Black Friday circular for the past 2 years. "While I have heard in the past from 2 or 3 retailers about leaking their Black Friday ads, it always has happened after the ad has been posted," Olson said. "It appears to me that Wal-Mart knows their ad is going to get leaked and is doing whatever they can to intimidate me to prevent the information from being leaked and posted on my site," he said. Black Friday traditionally is the kick-off to the holiday shopping season. On that day, retailers try to outdo each other with the deepest discounts, or "doorbuster deals," that they offer only for the first few hours that day. So it's not unusual for people to line up in front of stores as early as 4 a.m. to bag these special low prices on the season's must-have items. Typically, retailers release their highly-awaited Black Friday circulars listing doorbuster deals only a few days in advance. But lately, more and more Web sites, such as Gottadeal.com and Dealtaker.com, have leaked circulars from Wal-Mart, Target (Charts, Fortune 500), Best Buy (Charts, Fortune 500), Lowe's and other chains weeks in advance. Although consumers love the early information, it also means that retailers lose the element of surprise as well as much of the sales hype that they would've liked to generate closer to Thanksgiving. Olson said he hasn't yet decided what he's going to do. "I think it's unfair. I don't understand why they would do it," he said. He said he has gotten Wal-Mart's circulars sent to him from people who design the ads, print it, sometimes even from Wal-Mart employees. John Simley, spokesman for Wal-Mart, said the retailer is focused on stopping the leakage at all levels. "We have tried other methods with inadequate results," Simley said. "We believe that the unauthorized distribution of [Wal-Mart ads and circulars] is a violation of our legal rights. This needs to be respected." "Every year Wal-Mart's ad is the most anticipated one on our site. We get 2 million clicks on the ad between October and November," Olson said. "This is great publicity for Wal-Mart." "Not being able to post Wal-Mart's ad will be a big blow to us," he said, adding that he hasn't received it yet. The other fear for Olson is that he also has an affiliate relationship with Wal-Mart in which Gottadeal.com gets a commission from walmart.com links on its Web site. "We get a small percentage for any product bought on walmart.com through the our links," Olson said. Olson said he was relieved that the legal notice didn't address Gottadeal.com's business relationship with Wal-Mart. "I'm nervous that could be next," he said. Dealtaker.com also has the same affiliate relationship with Wal-Mart and other retailers. "I haven't asked anyone to do anything criminal in order for us to get the ads. We certainly didn't ask anyone to steal it and we're not trying to get into any fights," Dealtaker's Rapoport said. Rapoport said last year Best Buy threatened to end its business relationship with his company if he leaked the retailer's Black Friday deals. "The only reason we agreed to not post their deals was because our business contract with Best Buy explicitly said we can't leak their ads," Rapoport said. "I don't think we have this condition with Wal-Mart." "I think we will do due diligence with Wal-Mart's ads this year," Rapoport said. "If we get it anonymously, I won't guarantee that we won't post it. But if it's an e-mail marked walmart.com, then I probably won't." Edward Naughton, an intellectual property attorney with the law firm Holland & Knight, said Wal-Mart doesn't have much of a copyright claim if all that these Web sites are doing is printing a list of Wal-Mart's deals. "It can be argued that factually a list is not copyrightable," Naughton said. "But if these sites scan Wal-Mart's circular and post it to the Web sites, that gets into copyright infringement issues." What's more, Naughton believes that Wal-Mart is threatening legal action based more on misuse, or theft of confidential information and trade secrets. Naughton said any Wal-Mart employee, design firm or distribution firm that is associated with its Black Friday ads is probably under contract with Wal-Mart not to leak the information. "As a general proposition, someone can be liable for misuse of trade secrets if they know that the information they received was obtained in violation of a confidentiality agreement," Naughton said. In other words, even if Olson or Rapoport got Wal-Mart's Black Friday ad anonymously, Naughton said Wal-Mart can argue that Olson or Rapoport would've been aware that someone breached their contract with Wal-Mart. "Still, I am not convinced that these leaks are damaging to Wal-Mart. If anything, they only create more buzz and business for Wal-Mart," he said. Top of page From rforno at infowarrior.org Sat Oct 20 18:02:50 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Oct 2007 14:02:50 -0400 Subject: [Infowarrior] - School uniforms with RFID tracking chips Message-ID: >From The Times October 20, 2007 Microchip gives staff the lowdown on pupils Nicola Woolcock Children are being tracked by micro-chips embedded in their uniforms in a trial at a secondary school. The devices are used to monitor pupils? movements and register their arrival in class on the teacher?s computer. Supply teachers can also be alerted if a student is likely to misbehave. The chip connects with teachers? computers to show a photograph of the pupil, data about academic performance and whether he or she is in the correct classroom. It can also restrict access to areas of the school. The radio frequency identification system is being tested at Hungerhill School in Doncaster, South Yorkshire. Ten pupils began wearing a chip sewn into their uniforms eight months ago. < - > http://www.timesonline.co.uk/tol/news/uk/education/article2698062.ece From rforno at infowarrior.org Sat Oct 20 18:21:46 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Oct 2007 14:21:46 -0400 Subject: [Infowarrior] - How Google maps the world Message-ID: November/December 2007 Google Earth How Google maps the world. By Simson Garfinkel http://www.technologyreview.com/printer_friendly_article.aspx?id=19524 Type "77 Massachusetts Avenue 02139" into Google Earth, and you'll see MIT's Great Dome in all its glory. Click a button to zoom out, and soon you'll see the state capitol, the celebrated Zakim Bridge, and maybe some other college up the river. (Watch a video demonstration.) These images, which are shared by Google Maps, are actually a combination of aerial photos and satellite ?imagery--and a lot of post?processing. Technology Review interviewed engineers at Google and at ?DigitalGlobe, the company that supplies Google's satellite photos, and did a little bit of reverse-engineering to figure out how it works. 1. High-Resolution Imagery As it passes overhead at an altitude of 450 kilometers, DigitalGlobe's QuickBird satellite photographs the planet's surface. The satellite can take "snapshots" roughly 16.5 kilometers square or record "strips," which measure 16.5 by 330 kilometers. The average resolution is roughly 60 square centimeters per pixel if the satellite is looking straight down, or less if it is looking at an angle. But because the satellite makes only 15 orbits per day, and because there is huge competition for its camera, most regions of the planet have not been photographed at high resolution. (Just try looking at Hazelton, WV, in Google Earth.) Lower-resolution data is provided by other satellites, like the Landsat-7, which has imaged the entire planet at a resolution of 15 meters. Information about an image's absolute position is captured with the help of GPS. 2. Ground Station and Postprocessing The satellite stores the image, then sends it down to DigitalGlobe's ground station in either Norway or Alaska when it passes overhead. The data then travels to a data center in Colorado, where differences in photographic angle are corrected, and the images are mapped onto a 3-D digital elevation model. This process, called orthorectification, prevents features on the tops of hills and mountains from being smeared out or placed in the wrong locations. Finally, the image is resampled so that its pixels will be aligned with the latitude-?longitude grid. (The digital elevation model is what lets Google Earth "tilt" the ground for realistic views of the Grand Canyon [video] and Mount Everest [video].) 3. Aerial Photography Many areas of high interest, like Boston and San Francisco, are also photographed by aircraft; clearly visible in the resulting photos are car sunroofs, lampposts, and even people. As it does during satellite photography, GPS provides absolute-position information; aerial photographs may be further aligned using landmarks. Some towns, such as Bergen, Norway, have taken their own photographs and given them to Google so that vacationers and real-estate investors can get a better view. 4. Digital Pyramids Google stores data from DigitalGlobe and other sources in a massive geographical database arranged by latitude and longitude. Multiple images of each part of the world are then generated, at varying resolutions, and these images are arranged into "pyramids" of data. Google's servers can thus send an image of a particular location, at a particular magnification, to a Google Maps or Google Earth user, with very little delay. 5. www.google.com/maps Running inside a Web browser, the Google Maps client application contains more than 200 kilobytes of compact and obfuscated JavaScript that is downloaded when the browser first displays the map. The application determines which piece of which pyramid should be displayed next and requests it using a standard HTTP "get" command--the same command that's used to download Web pages and images from any Web server. The images are stored in the browser's cache and displayed when the user scrolls to the requested area, zooms in, or zooms out. The browser automatically throws away images from the cache when they are no longer needed. Annotation Respected information providers like National Geographic and Google community members like your Aunt Betty can supply additional "layers" of data that are tied to particular geographical locations. That information is also stored on servers at Google and elsewhere on the Internet. The list of all available layers appears at the lower left of the Google Earth application window; checking a box makes the application ask the servers for all the layer data for the geographical area that's on the screen and superimpose the data on the landscape. Mashup An annotated Google Maps satellite view can be embedded in any Web page. A developer just has to get a certain small piece of ?JavaScript and enter the co?rdinates of the location to be displayed, along with any annotations. When a browser visits the page, it downloads this information. The ?JavaScript directs the browser to contact Google's server, send the co?rdinates, and download sections of the map. Copyright Technology Review 2007. From rforno at infowarrior.org Sat Oct 20 23:23:46 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 20 Oct 2007 19:23:46 -0400 Subject: [Infowarrior] - More on...Comcast Blocks Some Internet Traffic In-Reply-To: <20071020201141.GA18819@gsp.org> Message-ID: Agree --- it does make you wonder! My sense is that this is because there's no loudmouthed, deep-pocketed industry cartel in the antispam industry that also owns a fair number of Congresscritters who give them whatever goofy protections/rules/support they ask for in the furtherance of their agendas no matter how far-fetched or loony it might be. To these folks, Torrents = piracy = bad = Congressional help SMTP = email = stuff we use daily for good = confusing geekspeak =! Congressional help -rf ------ Forwarded Message From: Rich > Comcast Blocks Some Internet Traffic One of the things that this tells us is that Comcast has the technical means at its disposal to monitor and block traffic when they wish to...which leads to the interesting question "Why haven't they used this at any point during the past half-decade to block (or at least throttle) outbound SMTP connections from the millions of spam-spewing zombies on their network?" ------ End of Forwarded Message From rforno at infowarrior.org Sun Oct 21 13:11:23 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Oct 2007 09:11:23 -0400 Subject: [Infowarrior] - Federal judge dismisses SWIFT data protection lawsuit Message-ID: Federal judge dismisses SWIFT data protection lawsuit Patrick Porter at 2:39 PM ET http://jurist.law.pitt.edu/paperchase/2007/10/federal-judge-dismisses-swift- data.php [JURIST] A federal district judge Friday dismissed a breach of privacy lawsuit against the Society for Worldwide Interbank Financial Telecommunication (SWIFT) [organization website]. The Belgium-based international banking cooperative disclosed personal information [JURIST report] about its customers to third parties, including the CIA and US Treasury Department. Ian Walker and Stephen Kruse said their privacy rights were violated because each had engaged in wire transactions that might have been processed by SWIFT, although neither disclosed his bank name. Judge T. S. Ellis III of the US District Court for the Eastern District of Virginia [official website] wrote: There is no allegation that plaintiffs' bank or banks are members of SWIFT, nor is there any information indicating that plaintiffs' financial information was disclosed by SWIFT...Plaintiffs rely on their own belief that their financial information has been disclosed, but such a belief, without more, cannot support standing. The ruling leaves open the possibility that Walker and Kruse could file an amended suit, naming their banks. AP has more. The case began in federal district court in Chicago, but SWIFT moved to transfer the case to Virginia. The Department of Justice had considered invoking the state secrets privilege [JURIST report] to halt the lawsuit out of concern that it might reveal to much about SWIFT programs designed to prevent the financing of terrorism. From rforno at infowarrior.org Sun Oct 21 13:13:55 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Oct 2007 09:13:55 -0400 Subject: [Infowarrior] - Verizon's Crocodile Tears Mask a Threat to Democracy Message-ID: Verizon's Crocodile Tears Mask a Threat to Democracy Posted October 21, 2007 | 08:46 AM (EST) http://tinyurl.com/ywjaul You may have missed it in the fine print of your agreement. Phone companies like Verizon and AT&T reserve the right to block your free speech and terminate your cell phone services "without prior notice and for any reason or no reason." That's chilling enough, but here's the shocker. There are no laws that prevent these giant companies from censoring your speech on their networks. That's right -- free speech ends at your cell phone. Verizon's Gag Rules Verizon's Gag Rule This is why Verizon recently got away with blocking text messages that NARAL Pro-Choice America wanted to send to its members. This begs the question: "If the phone company can't tell you what to say on a phone call, then why should they be able to tell you what not to say in a text message, an e-mail or anywhere else?" They shouldn't. But don't tell that to Verizon. Verizon Is So Very Sorry On Wednesday, New York State Assemblyman Richard Brodsky called two senior Verizon lawyers to testify at a hearing on their company's recent censorship of NARAL. The lawyers groveled before the Assemblyman and his colleagues. Verizon was so very, very sorry about the incident that they changed some "dusty policies" so that this particular mistake would never, ever happen again. But when pressed they refused to relinquish their company's authority to censor other speech over their networks. Verizon apologies should provide little comfort. Free Press has sifted through the agreements of several Internet and cell phone providers -- including Verizon and AT&T -- and found explicit language that reserves their right to cut off, block or permanently cease to provide services to anyone -- and for no reason. Imagine that. Free speech over networks used by more than 230 million Americans can be denied at the whim of a Verizon and AT&T -- the same companies, by the way, which are now seeking retroactive immunity for illegally wiretapping Americans and handing over the results to the government. A Wild West View of the Internet Verizon's two lawyers went one further. They told Assemblyman Brodsky that their company should be free from any and all regulatory restraints. Above the law. Americans should simply trust that Verizon will do what's best for everyone -- as the Internet's sheriff, gatekeeper and undertaker all rolled into one. So, do you trust Verizon to serve your interests? Internet, email and text messaging are a final refuge for free speech -- at a time when other "mass media" have become the domain of a handful of powerful companies. We can't let the Internet slip into the hands of the same types of gatekeepers that now control most of what we see and hear over television and radio. Policies not Apologies Sen.Dorgan Takes a Stand It's clear that the fundamental democratic principles of free speech and open communications are too important to entrust to corporate gatekeepers like these. Lawmakers need to take decisive action to protect the free flow of information over 21st Century communications. The most important free-speech principle in communications law is nondiscrimination; and its most important application is Net Neutrality. There are a few bright lights in all this telco darkness. One is Sen. Byron Dorgan who on Wednesday called for a congressional investigation into censorship on cell phones and the Internet. Earlier this year Dorgan joined with Sen. Olympia Snowe of Maine to introduce the "Internet Freedom Preservation Act," which protects Net Neutrality under law. At the moment he needs your support and support from his colleagues on Capitol Hill. Another bright light is New York Assemblyman Richard Brodsky. At the end of his hearing this week, he pledged to re-draft and re-introduce state level legislation that would prevent phone and cable companies from smothering the free flow of information over Internet and cell phone networks in New York Free Speech for the 21st Century The other bright lights are the more than 1.5 million Americans who have called for baseline protections to our freedom to chose where we go, what we say and whom we say it to every time we boot up our computers or pick up our cell phones. We are facing down one of the most powerful corporate lobbies Washington has ever seen. We need to match the hundreds of millions of dollars they spend to strong arm legislators, rewrite the law and distort democracy with the voices of millions more who believe the Internet must remain free, open and available to everyone. We must fight for freedom of speech, right now in a digital world, as stubbornly as we fought for at our nation's founding. From rforno at infowarrior.org Sun Oct 21 17:28:45 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 21 Oct 2007 13:28:45 -0400 Subject: [Infowarrior] - More TSA lunacy Message-ID: Bruce Schneier notes that the TSA is apparently using "plainclothes bomb-testers" who approach regular fliers and hand them fake bombs and ask them to sneak them through security to test the screening process. This is a bad idea: Someone please tell me this doesn't actually happen. "Hi Mr. Passenger. I'm a TSA manager. You know I'm not lying to you because of this official-looking laminated badge I have. We need you to help us test airport security. Here's a 'fake' bomb that we'd like you to carry through security in your luggage. Another TSA manager will, um, meet you at your destination. Give the fake bomb to him when you land. And, by the way, what's your mother's maiden name?" How in the world is this a good idea? And how hard is it to dress real TSA managers up like vacationers? http://www.boingboing.net/2007/10/21/tsas-crazy-screenert.html From rforno at infowarrior.org Mon Oct 22 12:03:29 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2007 08:03:29 -0400 Subject: [Infowarrior] - From Casinos to Counterterrorism Message-ID: >From Casinos to Counterterrorism Las Vegas Surveillance, U.S. Security Efforts Involve Similar Tactics http://www.washingtonpost.com/wp-dyn/content/article/2007/10/21/AR2007102101 522_pf.html By Ellen Nakashima Washington Post Staff Writer Monday, October 22, 2007; A01 LAS VEGAS -- This city, famous for being America's playground, has also become its security lab. Like nowhere else in the United States, Las Vegas has embraced the twin trends of data mining and high-tech surveillance, with arguably more cameras per square foot than any airport or sports arena in the country. Even the city's cabs and monorail have cameras. As the U.S. government ramps up its efforts to forestall terrorist attacks, some privacy advocates view the city as a harbinger of things to come. In secret rooms in casinos across Las Vegas, surveillance specialists are busy analyzing information about players and employees. Relying on thousands of cameras in nearly every cranny of the casinos, they evaluate suspicious behavior. They ping names against databases that share information with other casinos, sometimes using facial-recognition software to validate a match. And in the marketing suites, casino staffers track players' every wager, every win or loss, the better to target high-rollers for special treatment and low- and middle-rollers for promotions. "You could almost look at Vegas as the incubator of a whole host of surveillance technologies," said James X. Dempsey, policy director for the Center for Democracy and Technology. Those technologies, he said, have spread to other commercial venues: malls, stadiums, amusement parks. And although that is "problematic," he said, "the spread of the techniques to counterterrorism is doubly worrisome. Finding a terrorist is much harder than finding a card counter, and the consequences of being wrongly labeled a terrorist are much more severe than being excluded from a casino." Eyes in the Sky The casino industry, like the national security industry, is seeking information to answer a fundamental question: Who are you? "It's, are you a good guy or a bad guy? A threat or a non-threat?" explained Derk Boss, the vice president for surveillance for the Stratosphere hotel and casino, whose crew operates under what he calls the IOU system: Identify, Observe and Understand. "There are going to be people that just want to come and gamble and enjoy your services," he said. "And there are going to be people that are going to come to take your money. Our job is to distinguish between those two groups." In the surveillance room, 50 monitors are linked to 2,000 cameras, from the casino entrance to the tower observation deck. Two employees keep an eye on the monitors. Guests are on camera from the moment they enter -- except in their rooms and in bathrooms. An investigator tracking a suspect could go back and review old tape, assembling a mosaic of a visitor's moves for the past two weeks. What happens in Vegas does indeed stay in Vegas -- for a lot longer than most patrons realize. On a recent Friday night, the surveillance team at the Stratosphere is watching a casino host they suspect of handing out unwarranted "comps," or vouchers for free rooms and meals to guests. Might he be taking kickbacks? Down on the floor, the pit boss is observing players, looking for "tells" -- behavioral signs of cheaters or other undesirables. The night before, investigators identified a blackjack player as a card counter. Casinos dislike card counters because they can determine when the cards are to their advantage and raise their bets accordingly. When the pit boss told the card counter he could bet only the minimum amount, he cashed in his chips and left. While casinos have been monitoring suspicious behavior for years, the Department of Homeland Security is just now deploying specially trained officers to look for behavioral clues and facial expressions. Casinos have tried to use facial-recognition software to identify known cheats in real time, but with little success. Casino lighting is often dim, and a player who wants to conceal his identity can hide behind a hat, sunglasses or a false beard. But in a few years, some say, iris-scan technology will be mature enough to use in gaming. Casinos might ask people to sit for a scan of the iris, which, like a fingerprint, has a unique pattern. That pattern would be transformed into a template to be matched against a database. After Sept. 11, 2001, several airports tested facial-recognition software, with little success. But the government is continuing to invest in biometric technologies, and the military already uses iris scans on suspects captured in Iraq and Afghanistan. Following the Links On occasion, national security and casino security interests directly intersect. Jeff Jonas discovered that after he developed a computer program for the casino industry that helps detect cheats using aliases. A 43-year-old technology visionary and high-school dropout, Jonas soon realized that his system could also identify employees colluding with gamblers, say, by discovering that they share a home address. He calls his program NORA -- for Non-Obvious Relationship Awareness. Every time a player registers for a loyalty card or a hotel room, Jonas explained from his lab near the Strip, the player's name, address and other data are sent to NORA. Also in the casinos' NORA database is information about employees and vendors. NORA can spot links that a casino employee probably would never discover, such as a phone number shared by two different names, Jonas said. It once identified a casino promotions director who picked a winning ticket that belonged to her sister, he said. The idea was so powerful that the CIA's private investment arm, In-Q-Tel, poured more than $1 million into NORA to help root out corruption in federal agencies. Then, after the Sept. 11 attacks, it became clear that link analysis could be useful in tracking terrorist networks. In 2002, Jonas shared his technology with Pentagon officials, who were researching a more controversial technique called pattern-based data mining. Their aim was to identify terror networks from patterns of behavior, by plowing through vast beds of data such as hotel, flight and rental-car reservations. Jonas, now an IBM chief scientist, said narrowly focused link analysis is less invasive because it starts with a known suspect rather than casting about in the general population. At the U.S. Treasury's Financial Crimes Enforcement Network, for example, investigators have used link analysis to track money laundering. From one Suspicious Activity Report -- which financial institutions are required to send to the government -- they have identified a money launderer's partners in crime. FinCEN has a decade's worth of data on 170 million report forms. "We find a tremendous amount of connectivity," said Steve Hudak, FinCEN spokesman. "We find suspects linked by addresses, suspects linked by phone numbers. So we definitely know that these people are operating together." But privacy advocates warn that the farther it moves from the suspect, the more likely link analysis is to snare innocent people. Chips Tracking Chips Rolland Steil moves a stack of 34 casino chips across the felt of a baccarat table. On a monitor linked to the table in this desert laboratory, 34 numbers pop up. Each chip is embedded with a radio frequency identification (RFID) chip that enables the casino to track how much money is being wagered on this roulette number or that baccarat spot. Steil, a product manager for Progressive Gaming International, which developed the chips, expects all casinos to use RFID-enabled chips soon -- to detect counterfeiters, to keep track of chip flow at tables, to know instantly how much a player has bet, won or lost. "We're providing so much data to the casinos, they're drooling for it," he said. In the outside world, counterterrorism and Homeland Security officials are looking for ways RFID technology can help them, too. RFID chips are in new passports, EZPasses, credit cards and building passes. Soon they might be in clothing. All this electronic data is trackable, as are text messages sent from cellphones or instant messages from laptops. Following the trail could uncover a terrorist network. Or an innocent group of, say, bird-watchers. "We often hear of the surveillance technology du jour, but what we're seeing now in America is a collection of surveillance technologies that work together," said Barry Steinhardt, the American Civil Liberties Union's technology and liberty project director. "It isn't just video surveillance or face recognition or license plate readers or RFID chips. It's that all these technologies are converging to create a surveillance society." 'We Know Who You Are' Under the elegant chandeliers at Caesars Palace, 10,000 people a day willingly give up personal information -- name, address, birthday -- and allow their gambling habits to be tracked so they can win free hotel rooms and show tickets. In nearly a decade, 40 million have signed up for Harrah's Total Rewards loyalty card. Harrah's Entertainment, owner of Ceasars Palace and the industry leader in data mining for marketing, can then customize the gambler's experience. A guest celebrating her birthday might insert her card in a slot machine and be surprised by a promotions manager bearing a birthday card and a cookie. "It's really about, how do we convince these people to be more loyal and give them a sense of 'We know who you are,' " said David W. Norton, senior vice president at Harrah's. Guests may or may not see that as a good thing. In December 2003, faced with a warning that terrorists were about to attack Las Vegas, the FBI asked hotels, rental-car agencies and airlines for customer data. Some balked, but others produced the data, sometimes voluntarily, sometimes when presented with a subpoena. The data sweep turned up no leads. One gambler who was there at the time said he approved of the tactic. "The only people who have anything to worry about are the people who have something to hide," said Dale Weinstein, a Los Angeles media market consultant sitting at a Caesar's Palace slot machine where he had just won a $2,000 jackpot. But for David Richardson, a real estate inspector from in Upstate New York, the data gathering crossed a line. "They have no right to get in your shorts," he said, strolling between casinos. "It's all about gathering personal information, which I'm not so crazy about the government knowing. It's none of their business." Below the Radar Despite all the high-tech gizmos, some casino targets still slip through. On a Sunday afternoon, Mike Aponte slides onto a stool at a blackjack table in a medium-size casino on the Strip and lays $300 on the felt. Aponte draws little notice in a town filled with droves of other Asian gamblers. Both the dealer and floor manager urge him to sign up for a player's card. He demurs. Within 15 minutes, he's up by $700. At one point, Aponte has a 12, with the dealer showing a 3. Basic strategy dictates that Aponte should take another card. But he has been counting and knows mostly high cards are left, so he has a good chance of busting. He stands, the dealer busts and he wins the hand. An hour and 15 minutes later, Aponte cashes in, $500 richer. No one realizes it at this casino, but Aponte is a veteran of the card-counting team of math whizzes from the Massachusetts Institute of Technology. The team reportedly took more than $10 million from casinos in its heyday from 1994 to 2000. Aponte has been barred from more than 100 casinos in the United States and a few overseas. In St. Kitts, he said, he was recognized by a Biometrica database, and now he avoids the biggest, most modern casinos. The team's No. 1 downfall, he said, was information sharing. Once the members' faces began showing up in databases, their days were numbered. From rforno at infowarrior.org Mon Oct 22 16:34:59 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2007 12:34:59 -0400 Subject: [Infowarrior] - Comcast blocking more types of traffic than previously thought Message-ID: Comcast traffic blocking: even more apps, groupware clients affected By Eric Bangeman | Published: October 21, 2007 - 11:15PM CT http://arstechnica.com/news.ars/post/20071021-comcast-traffic-blocking-even- more-apps-groupware-clients-affected.html Last week, we reported on mounting evidence that Comcast is targeting and disrupting BitTorrent traffic on its network. Further digging by interested parties has turned up more indication that BitTorrent isn't the only popular P2P protocol being tampered with by the United States' largest ISP. The Electronic Frontier Foundation noticed the same sort of packet forging that the AP did (and that Broadband Reports readers did some time ago), and continued its testing to see if other applications are affected. The answer is a disturbing "yes." The results of additional testing done by the EFF indicate Comcast is sending forged reset packets with some Gnutella traffic. When the EFF ran a Gnutella node on a Comcast connection, the forged reset packets disrupted communication between the nodes. What's particularly insidious about Comcast's packet forging is that it's transparent to both its customers and those on the opposite ends of the connection. Applications such as BitTorrent and Gnutella retain some of their functionality, but they'll also appear to malfunction for no apparent reason. Even if you accept the argument that all P2P traffic is inherently evil, and that Comcast has the right to disrupt it in order to put a stop to copyright infringement, Comcast's traffic-shaping efforts have apparently extended beyond the realm of P2P and into good old enterprise groupware. Kevin Kanarski, who works as a Lotus Notes messaging engineer, noticed some strange behavior with Lotus Notes when hooked up to a Comcast connection last month. When Lotus Notes users attempt to send e-mail with larger attachments over Comcast's network, Notes will drop its connection. Instead of a successfully sent e-mail, they're greeted with the error message, "Remote system no longer responding." Kanarski did some digging and has managed to verify that Comcast's reset packets are the culprit. Instead of passing the legitimate e-mail through its network, Comcast's traffic monitoring tool (likely Sandvine) is sitting in the middle, imitating both ends of the connection, and sending reset packets to both client and server. So far, Comcast has been extremely tight-lipped about what's going on here. The only thing Comcast will admit to is using "the latest technologies to manage our network to provide a quality experience for all Comcast subscribers." From the look of things, that quality experience doesn't extend to BitTorrent, Gnutella, and Lotus Notes?and we wouldn't be surprised to see more applications added to that list. Whatever its methods and motivations are, Comcast's actions are giving advocates of network neutrality legislation new ammunition. Gigi B. Sohn, president of Public Knowledge, said that Comcast's actions demonstrate the need for legislation. "Add this incident to the Verizon behavior on text messaging and AT&T's censoring of the Pearl Jam concert and it's clear that the policymakers who kept saying, 'Wait until there's a problem' before acting on legislation to keep the Internet free and non-discriminatory have to wait no longer," said Sohn in a statement. "We have a problem, and it's time to act on it." We've requested comment from Comcast on these latest developments and will update this post as they become available. From rforno at infowarrior.org Mon Oct 22 16:39:44 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2007 12:39:44 -0400 Subject: [Infowarrior] - Italy proposes a Ministry of Blogging with mandatory blog-licensing Message-ID: Italy proposes a Ministry of Blogging with mandatory blog-licensing Posted by Cory Doctorow, October 22, 2007 3:36 AM | permalink Nick sez, "Famous Italian anti-government campaigner and blogger Beppe Grillo describes a proposed new Italian law which would force all bloggers to register, pay tax and be regulated by a government body." Ricardo Franco Levi, Prodi?s right hand man , undersecretary to the President of the Council, has written the text to put a stopper in the mouth of the Internet. The draft law was approved by the Council of Ministers on 12 October. No Minister dissociated themselves from it. On gagging information, very quietly, these are all in agreement. The Levi-Prodi law lays out that anyone with a blog or a website has to register it with the ROC, a register of the Communications Authority, produce certificates, pay a tax, even if they provide information without any intention to make money. http://www.boingboing.net/2007/10/22/italy-proposes-a-min.html From rforno at infowarrior.org Mon Oct 22 20:14:16 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2007 16:14:16 -0400 Subject: [Infowarrior] - Declan McCullagh on the Politicization of Security Message-ID: (c/o Schneier) McCullagh's Law: When politicians invoke the do-this-or-Americans-will-die argument Posted by Declan McCullagh http://www.news.com/8301-13578_3-9795316-38.html Republicans are so eager to sink a wiretapping bill that includes some privacy safeguards that they're invoking what amounts to a do-this-or-Americans-will-die argument. Rep. Pete Hoekstra, R-Mich., said after an Intelligence Committee vote on the Restore Act on Wednesday that the bill "puts our nation and troops at risk." A few minutes earlier, responding to a Judiciary Committee vote, Lamar Smith, R-Texas, said the bill protects "terrorists, spies and other enemies." Politicians of both major parties wield this as the ultimate political threat. Its invocation typically predicts that if a certain piece of legislation is passed (or not passed) Americans will die. Variations may warn that children will die or troops will die. Any version is difficult for the target to combat. This leads me to propose McCullagh's Law of Politics: As the certainty that legislation violates the U.S. Constitution increases, so does the probability of predictions that severe harm or death will come to Americans if the proposal is not swiftly enacted. McCullagh's Law describes a promise of political violence. It goes like this: "If you, my esteemed political adversary, are insufficiently wise as to heed my advice, I will direct my staff and members of my political apparatus to unearth examples of dead {Americans|women|children|troops} so I can later accuse you of responsibility for their deaths." This threat is perpetual, meaning it may last the duration of the targeted politicians' career. Adversarial television advertisements may appear during the targeted politician's next campaign for re-election. They may display images of corpses if available, or stock photography if they're not, and blame the target for their deaths. It's a more serious example of the soft-on-terror accusation, which is behind the Democrats' unseemly haste in August to approve a wiretapping bill that even House Speaker Nancy Pelosi believed "does violence to the Constitution of the United States." A variant of McCullagh's Law was demonstrated, as I wrote about in August, by National Intelligence Director Mike McConnell. He agreed that "Americans are going to die" because of disclosure of President Bush's secret and probably unconstitutional surveillance program and the ensuing congressional debate. While Republicans are more likely to invoke the threat, Democrats are not immune from the temptation. When he was justifying an attempt to expand the War On Some Politically Incorrect Drugs, President Clinton claimed that over "100,000 Americans will die." One of the better examples of McCullagh's Law in action was former FBI Director Louis Freeh during the encryption wars of the Clinton administration a decade ago. He told Congress that unless backdoors are mandated in encryption products, "the effect will be so profound that I believe law enforcement will be unable to recover." In 1995, Freeh warned that drug cartels, terrorists and kidnappers would run amok unless programs like PGP were banned. Two years later, the categories of child pornographers, spies and violent gangs had supplanted kidnappers in the FBI's list of horrors: "Uncrackable encryption will allow drug lords, spies, terrorists and even violent gangs to communicate about their crimes and their conspiracies with impunity...A subject in a child pornography case used encryption in transmitting obscene and pornographic images of children over the Internet." I should point out that McCullagh's Law is not, of course, triggered by all "Americans will die" warnings. This is a logical fallacy known as affirming the consequent (if A then B does not mean that B implies A). The U.S. Department of Veterans Affairs' warning, which as far as I know is accurate, that "more than 10,000 Americans will die of skin cancer" in one year falls into that category. There are probably many examples of McCullagh's Law, but I'll leave you with one more, this time from the Bush administration. It came from Deputy U.S. Defense Secretary Paul Wolfowitz in October 2002, about half a year before the United States' invasion of Iraq. Wolfowitz claimed--he was was entirely wrong, we know now--that Saddam Hussein had weapons of mass destruction that could be used to kill Americans. An attack by Saddam Hussein, Wolfowitz predicted, would mean that "tens of thousands, or even hundreds of thousands, of Americans will die in some catastrophic attack with a biological weapon, or if we wait long enough, a nuclear weapon." Of course, no such weapons were found in Iraq and at least 3,816 Americans actually have died as a result. From rforno at infowarrior.org Mon Oct 22 23:45:58 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 22 Oct 2007 19:45:58 -0400 Subject: [Infowarrior] - The FBI, coercion, confessions, and the withdrawn CA2 opinion Message-ID: The case of the redacted opinions regarding Higazy v. Templeton..... http://www.psychsound.com/2007/10/a_tale_of_two_decisions_or_how.html More info, and link to a copy of the now-withdrawn opinion: http://appellate.typepad.com/appellate/2007/10/ca2-what-the-he.html From rforno at infowarrior.org Tue Oct 23 11:46:46 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Oct 2007 07:46:46 -0400 Subject: [Infowarrior] - NSA cooperation: OK for e-mail, IM companies? Message-ID: NSA cooperation: OK for e-mail, IM companies? By Declan McCullagh http://www.news.com/NSA-cooperation-OK-for-e-mail%2C-IM-companies/2100-7348_ 3-6214609.html Story last modified Mon Oct 22 10:56:50 PDT 2007 A new Senate bill would protect not only telephone companies from lawsuits claiming illegal cooperation with the National Security Agency. It would retroactively immunize e-mail providers, search engines, Internet service providers and instant-messaging services too. The broad language appears in new legislation that a Senate committee approved by a 13-to-2 vote on Thursday during a meeting closed to the press and public. It enjoys the support of the panel's Democrats and Republicans. It goes further in crafting an impenetrable legal shield than similar proposals in the House of Representatives, such as the so-called Restore Act (PDF), which immunizes only "communications service providers." Bowing to pressure from President Bush, House Democrats postponed a vote on the Restore Act last week. The broader Senate bill (PDF) would sweep in Web sites, e-mail providers and more. "My suspicion is the scope of the immunity provision is the most revealing way to assess the scope of the underlying authority," said Marc Rotenberg, director of the Electronic Privacy Information Center. The disparity is striking because telecommunications companies--not major providers of Web-based services like Google, Yahoo, AOL and Microsoft--have been frequently named as complicit in illegal NSA surveillance. Yet under the Senate proposal, those companies would become immune from any lawsuits. "Private companies who received legal assurances from the highest levels of government should not be dragged through the courts for their help with national security," Sen. John Rockefeller (D-W.V.), the Intelligence Committee chairman and the bill's primary Democratic sponsor, said in a statement. "The onus is on the administration, not the companies, to ensure that the request is on strong legal footing, and if it is not, it is the administration that should be held accountable." A demand for retroactive immunity After news reports said AT&T and other major telecommunications carriers opened their networks to the NSA after September 11, 2001, dozens of civil lawsuits were filed. A decision on whether the lawsuits will be permitted to proceed is expected from the 9th Circuit Court of Appeals in San Francisco at any time. President Bush has insisted on retroactive legal immunity, and the Justice Department on Friday gave the Senate bill a preliminary thumbs-up, though it said further changes will likely be necessary before it's satisfied. "The bill has many good components, and we appreciate the serious work done on this bill in the Senate Intelligence Committee," spokesman Dean Boyd said. "We appreciate that the bill has strong liability provisions." The Senate bill overrides every other law, including state laws, criminal laws and privacy laws, when saying that lawsuits against companies must be "promptly" dismissed, as long as the attorney general certifies that the cooperation was authorized. The definition covers any company that has "access" to "electronic communications" that are stored or in transit. It would almost certainly pull the plug on the 9th Circuit lawsuits, including the one brought by the Electronic Frontier Foundation last year. While some information has dribbled out regarding how companies like AT&T allegedly worked hand in hand with the NSA, less is known about how much cooperation might take place with e-mail and instant-messaging providers. Some companies, including Yahoo and Google, refused to comment in a survey conducted by CNET News.com last year that asked: "Have you turned over information or opened up your networks to the NSA without being compelled by law?" Others, like Comcast and BellSouth, did reply in the negative. During an appearance before a congressional committee last year about Chinese Internet censorship, Yahoo was pressed by Rep. Brad Sherman, a California Democrat, about whether it would cooperate with the NSA in the absence of legal authorization. Yahoo's general counsel, Michael Callahan, said the company would not provide law enforcement with e-mail without "proper legal process." But when asked whether Yahoo's requirements would be lowered if the NSA requested e-mail, Callahan refused to comment. Still, there's no evidence that any extralegal cooperation has ever taken place, and some of the same companies have taken very public steps to protect their customers' privacy in the past. Google fought the Justice Department's subpoena for excerpts from its database, and an EarthLink attorney was the first person to publicly disclose the existence of the FBI's Carnivore surveillance system. The Senate bill's immunization would extend to companies involved with surveillance beyond that requested by the NSA. It says Internet companies cannot be held liable for secretly cooperating with the CIA, the Defense Department, the Office of the Director of National Intelligence, the Defense Intelligence Agency, the State Department, the Treasury Department, Homeland Security and other intelligence-related organizations that may be even more shadowy. Now on News.com Apple earnings soar; Mac, iPhone roar NSA cooperation: OK for e-mail, IM companies? Photos: Maker Faire fares well Extra: World of workcraft One type of immunization would extend from September 11, 2001, to January 17, 2007, the day the Justice Department announced that the secret NSA program would be revamped and brought under the scrutiny of the Foreign Intelligence Surveillance Court. The other immunization grant would continue into the future. The next stop for the Senate bill is the Judiciary Committee. It's unclear exactly when that panel will take up the bill, but it's not going to be this week, a Democratic committee aide said Monday. That uncertainty exists largely because members of that panel have requested--but still have not received--sufficient information about how the Bush administration's spying programs worked and what involvement telephone companies had, the aide added. In addition, Sen. Christopher Dodd (D-Conn.), a 2008 presidential hopeful, has vowed to take a procedural step that would prevent the bill from going to a vote, as long as it cloaks corporations with legal protections. "I will do everything in my power to stop Congress from shielding this president's agenda of secrecy, deception and blatant unlawfulness," he said in a statement last week. Democratic Sen. Patrick Leahy and Republican Sen. Arlen Specter, the top senators on the Judiciary Committee, both have expressed skepticism about retroactive immunity. Under existing law, electronic communications providers already are exempted from all liability--as long as the attorney general has delivered a "certification in writing that no warrant or court order is required by law." Other sections of the Senate bill permit the attorney general and the national-intelligence director to sign off on wiretaps without court approval. They could authorize such snooping for up to a year, provided that the target is "reasonably believed to be outside the United States" and a U.S. person isn't being "intentionally" targeted in the process. Copyright ?1995-2007 CNET Networks, Inc. All rights reserved. From rforno at infowarrior.org Tue Oct 23 12:03:14 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Oct 2007 08:03:14 -0400 Subject: [Infowarrior] - IBM Trying To Get Patent On Patent Extortion? Message-ID: IBM Trying To Get Patent On Patent Extortion? Have fun with this one. As seen on Slashdot and sent in by a few different readers, it appears that IBM is trying to patent the process of using a large patent portfolio for patent extortion. Technically, the patent is for "A system and method for extracting value from a portfolio of assets." Of course, if any company can claim credit for such a thing, it's IBM. After all, there's the famous story of IBM demanding patent licensing dollars from Sun. They accused Sun of patent infringement, but when Sun engineers and lawyers pointed out how they didn't infringe on the patents in question, IBM's lawyers responded: "OK, maybe you don't infringe these seven patents. But we have 10,000 U.S. patents. Do you really want us to go back to Armonk [IBM headquarters in New York] and find seven patents you do infringe? Or do you want to make this easy and just pay us $20 million?" Nice to see they're now patenting that process. One could hope that IBM is hoping to get this patent either to prevent others from doing the same thing or (maybe?) to show just how ridiculous the patent system has become. Either way, it's still only an application, so perhaps a patent examiner will realize that there's a bit of prior art around this particular concept. Contextual links at: http://techdirt.com/articles/20071021/141623.shtml From rforno at infowarrior.org Tue Oct 23 12:04:26 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Oct 2007 08:04:26 -0400 Subject: [Infowarrior] - Privacy Lost: These Phones Can Find You Message-ID: October 23, 2007 Privacy Lost: These Phones Can Find You By LAURA M. HOLSON http://www.nytimes.com/2007/10/23/technology/23mobile.html?_r=1&ei=5088&en=d 3be854432e9eb1e&ex=1350878400&oref=slogin&partner=rssnyt&emc=rss&pagewanted= print Two new questions arise, courtesy of the latest advancement in cellphone technology: Do you want your friends, family, or colleagues to know where you are at any given time? And do you want to know where they are? Obvious benefits come to mind. Parents can take advantage of the Global Positioning System chips embedded in many cellphones to track the whereabouts of their phone-toting children. And for teenagers and 20-somethings, who are fond of sharing their comings and goings on the Internet, youth-oriented services like Loopt and Buddy Beacon are a natural next step. Sam Altman, the 22-year-old co-founder of Loopt, said he came up with the idea in early 2005 when he walked out of a lecture hall at Stanford. ?Two hundred students all pulled out their cellphones, called someone and said, ?Where are you?? ? he said. ?People want to connect.? But such services point to a new truth of modern life: If G.P.S. made it harder to get lost, new cellphone services are now making it harder to hide. ?There are massive changes going on in society, particularly among young people who feel comfortable sharing information in a digital society,? said Kevin Bankston, a staff lawyer at the Electronic Frontier Foundation based in San Francisco. ?We seem to be getting into a period where people are closely watching each other,? he said. ?There are privacy risks we haven?t begun to grapple with.? But the practical applications outweigh the worries for some converts. Kyna Fong, a 24-year-old Stanford graduate student, uses Loopt, offered by Sprint Nextel. For $2.99 a month, she can see the location of friends who also have the service, represented by dots on a map on her phone, with labels identifying their names. They can also see where she is. One night last summer she noticed on Loopt that friends she was meeting for dinner were 40 miles away, and would be late. Instead of waiting, Ms. Fong arranged her schedule to arrive when they did. ?People don?t have to ask ?Where are you??? she said. Ms. Fong can control whom she shares the service with, and if at any point she wants privacy, Ms. Fong can block access. Some people are not invited to join ? like her mother. ?I don?t know if I?d want my mom knowing where I was all the time,? she said. Some situations are not so clear-cut. What if a spouse wants some time alone and turns off the service? Why on earth, their better half may ask, are they doing that? What if a boss asks an employee to use the service? So far, the market for social-mapping is nascent ? users number in the hundreds of thousands, industry experts estimate. But almost 55 percent of all mobile phones sold today in the United States have the technology that makes such friend-and- family-tracking services possible, according to Current Analysis, which follows trends in technology. So far, it is most popular, industry executives say, among the college set. But others have found different uses. Mr. Altman said one customer bought it to keep track of a parent with Alzheimer?s. Helio, a mobile phone service provider that offers Buddy Beacon, said some small-business owners use it to track employees. Consumers can turn off their service, making them invisible to people in their social-mapping network. Still, the G.P.S. service embedded in the phone means that your whereabouts are not a complete mystery. ?There is a Big Brother component,? said Charles S. Golvin, a wireless analyst at Forrester Research. ?The thinking goes that if my friends can find me, the telephone company knows my location all the time, too.? Phone companies say they are aware of the potential problems such services could cause. If a friend-finding service is viewed as too intrusive, said Mark Collins, vice president for consumer data at AT&T?s wireless unit, ?that is a negative for us.? Loopt and similar services say they do not keep electronic records of people?s whereabouts. Mr. Altman of Loopt said that to protect better against unwelcome prying by, say, a former friend, Loopt users are sent text messages at random times, asking if they recognize a certain friend. If not, that person?s viewing ability is disabled. Clay Harris, a 25-year-old freelance marketing executive in Memphis, says he uses Helio?s Buddy Beacon mostly to keep in touch with his friend Gregory Lotz. One night when Mr. Lotz was returning from a trip, Mr. Harris was happy to see his friend show up unannounced at a bar where he and some other friends had gathered. ?He had tried to reach me, but I didn?t hear my phone ring,? Mr. Harris said. ?He just showed up and I thought, ?Wow, this is great.?? He would never think to block Mr. Lotz. But he would think twice before inviting a girlfriend into his social-mapping network. ?Most definitely a girl would ask and wonder why I was blocking her,? he said. From rforno at infowarrior.org Tue Oct 23 14:36:10 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Oct 2007 10:36:10 -0400 Subject: [Infowarrior] - Raw Deal: The fee for 411 Message-ID: Raw Deal: The fee for 411 Tuesday October 23, 10:25 am ET By Jessica Dickler, CNNMoney.com staff writer http://biz.yahoo.com/cnnm/071023/102207_raw_deal_411.html?.v=4 Can't remember the number of the restaurant you wanted to go to for dinner, or the name of that movie theater around the corner? Before you dial directory assistance from your cell phone, think for a minute about what it will cost you. Wireless carriers such as Verizon Wireless, Sprint and AT&T charge $1.49 to $1.79 a pop, plus air time, roaming, long distance charges and state and local taxes. All that adds up to a hefty sum at the end of the month, and a steep annual expense. Indeed, Americans paid about $7.9 billion in 411 charges in 2006, according to industry analyst Kathleen Pierz -- a lot of money for just a little information. And fees for directory assistance calls are actually on the rise. Earlier this year, Sprint raised its 411 fee to $1.79 from $1.49. Last year, AT&T upped its fee to $1.79 and in 2005, Verizon Wireless boosted its charge to $1.49 from $1.25. Wireless carriers often justify these steep charges by pointing to the additional information their directory assistance may provide, like a reverse number look-up, movie show times and driving directions. But who really uses those? Chances are you are just looking for the stuff that's found in the yellow pages. In fact, many consumers still expect a simple number look-up to be free. "You would be surprised by how many people don't realize that they are getting charged [for wireless directory assistance]," said Lynn Chitow Oakes, senior vice president of marketing of Jingle Networks. Her company operates 1-800-FREE-411, which looks up over 20 million numbers a month for callers willing to listen to advertisements. So how can you scale down your surcharges? In the competitive world of wireless carriers, some outfits offer less expensive options for 411. "If 411 is important to you, there may be a carrier out there with a competitive package," offered Joseph Farren, a spokesman for CTIA-The Wireless Association, a trade group representing the wireless telecommunications industry. For example, T-Mobile and Verizon Wireless currently offer the least expensive options of all the major carriers. But nothing is as cheap as free. There are a number of competitors, like 1-800-FREE-411, that have popped up in recent years hoping to take a bite out of the directory assistance market. There are trade-offs however. To use 1-800-FREE-411, information seekers must listen to an advertisement before and after submitting their request to find a phone number -- and they have to speak to an automated system instead of live operators. And FREE-411 won't automatically connect callers to the number they're trying to reach - so have a pen handy. Google also launched a free 411 service, 1-800-GOOG-411, earlier this year. Again, it can take a while for the automated assistant to understand your inquiry. But on the plus side, you can get connected automatically or have the information texted directly to your cell - no No. 2 pencil necessary. And don't forget pay phones. Sure, they may be antiquated, but they're still the best 411 deal around -- dialing 1, plus the area code, plus 555-1212 gets you free directory assistance. Just pack some Purell. Ticketmaster, ATM fees, cable charges...consumers get ripped off everyday. Do you think you've been the victim of another raw deal? Email your stories and suggestions to rawdeal at cnnmoney.com. From rforno at infowarrior.org Tue Oct 23 16:22:00 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 23 Oct 2007 12:22:00 -0400 Subject: [Infowarrior] - Device driver updates causing Vista to deactivate Message-ID: WARNING: device driver updates causing Vista to deactivate * 23rd October 2007 * James Bannan * Microsoft, Vista, Windows http://apcmag.com/vista_activation After weeks of gruelling troubleshooting, I've finally had it confirmed by Microsoft Australia and USA -- something as small as swapping the video card or updating a device driver can trigger a total Vista deactivation. Put simply, your copy of Windows will stop working with very little notice (three days) and your PC will go into "reduced functionality" mode, where you can't do anything but use the web browser for half an hour. You'll then need to reapply to Microsoft to get a new activation code. How can this crazy situation occur? Read on for the sorry tale. The Problem James BannanJames BannanJust over a month ago I swapped over the graphics card on my Vista Ultimate box. There were some new DirectX 10-based titles out and I couldn?t get the benefit on my old DirectX 9 card. The swap-over went well and I went on my merry gaming way. Then a few days ago I got a Windows Activation prompt ? I had three days to activate Windows or I?d be bumped back to RFM (Reduced Functionality Mode). What the? My copy of Vista was activated, and a graphics card change shouldn?t have triggered deactivation... surely! I was able to reactivate easily enough, although as the product key was already in use (by me!) I couldn?t reactivate automatically, but had to speak to a Microsoft customer service representative. I got the code easily enough, but it didn?t explain why Vista had deactivated, so I got in touch with Microsoft about the problem. They sent me some special utilities to run which gathered the history of hardware changes on that machine since activation, and it turns out that my disk controller had changed, so the graphics card change was the final change which tripped deactivation. The only problem? I had never changed my disk controller at any point. Apparently because I had upgraded the Intel Matrix Storage Manager application, this was reported as a major hardware change event. On their own, neither event was enough to trigger deactivation, but cumulatively they were. The Activation Process The documentation is still being updated by Microsoft, but the activation process for Windows Vista and Volume Activation 2.0 is essentially unchanged from Windows XP, except that with Vista it?s supposed to be more tolerant. When the machine is first activated, Windows establishes a baseline based on the installed hardware, but interestingly the information is not gathered from hardware IDs (which are not necessarily unique), but from hardware information as reported by device drivers. Any changes away from this baseline are weighted depending on the change (for example, a new CPU counts much higher than new RAM) and once the baseline threshold is passed, Windows deactivates and a new activation request is generated. The problem with using device drivers as the basis for activation information is that a change in the driver model which has the result of changing the way that the hardware information is reported back to Windows can be enough to register as a physical hardware change. For example, if you install and activate Vista using some Microsoft drivers downloaded from Windows Update (which is a very common practice) but then discover that a manufacturer driver gives better functionality (as is often the case for audio, video, storage and network drivers) you are running the risk that the drivers use different reporting models and will register as a physical change. So what this essentially means is that keeping your drivers up-to-date is a potentially very risky process, with all changes monitored and changes weighted cumulatively. The Problem with Activation As most tech enthusiasts would be aware, activation (and particularly Volume Activation 2.0 which is applied to every version of Vista available), is designed for one thing ? to curb piracy. The idea is that Windows monitors the hardware it?s installed on, and if you create an image of an activated machine and drop it onto another system, it will re-register the hardware serial number changes (via the drivers) and realise that it?s been installed on a different system. Of course, Microsoft needs to be able to protect its software. Piracy of Microsoft products is rampant and while many people find that amusing, no-one denies the company?s right to do something about it. However, it hasn?t worked. At least, it would have worked for Vista had not Microsoft bowed to pressure from OEMs to allow an activation loophole, which was quickly exploited. Volume Activation 2.0 has not yet been cracked, but now it doesn?t need to be. There?s an official workaround for OEMs and the result is that anyone with a few minutes to spare can download a fully-functional pirated copy of Vista Ultimate (32-bit and 64-bit versions) which needs neither product key nor activation. So pirates haven?t been slowed down at all, and the rest of us -- the legitimate purchasers -- are left to live with Windows Activation. You really need to ask the question ? who?s benefiting here? Certainly not users, and given the amount of discontent this is likely to cause, arguably not Microsoft either. In its attempts to combat piracy, Microsoft has created a system which doesn?t focus on the problem correctly. After all, how do you define piracy? At its most basic level, piracy occurs when you install software on a machine when you aren?t licensed to do so. But the Windows Activation model isn?t designed to address this particular problem ? as far as Windows Activation is concerned, there?s no difference between someone who tries to image two machines with the same activated version of Windows, and a legitimate user who wants to upgrade their system. If you buy a retail version of Vista, as long as you?re not breaking the terms of the license, then surely it?s none of Microsoft's business what you do with that software. Legitimate users shouldn?t be monitored and inconvenienced to this extent. The Solution? There?s no denying that Windows Activation has a serious image problem. Not only is it inconvenient and cumbersome, but it creates a very strong impression in the user's mind that Microsoft doesn't really want to give you the software you paid for. There are things going on under the hood which have nothing to do with you and which you?re not privy to, and, as I found out, it will affect you if you make an innocent wrong move such as updating too many device drivers. Additionally, it has been completely bypassed by pirates, so the one group it?s aimed at is sailing blissfully past in a wonderful world where activation doesn?t exist. At the very least, Microsoft needs to empower users in relation to activation, by involving them a bit more. Perhaps users could have a way of monitoring their cumulative changes, or maybe there could be some method where you could be informed when installing a device driver that it is contributing to your activation totals. Ultimately, what annoys users more than anything is having something forced on them, and Windows Activation is absolutely one of those areas which causes a great deal of frustration and outrage. APC has passed all this feedback back to Microsoft, which, to its credit, is taking the situation very seriously and has Vista developers working on a solution. Apparently there are changes underway to make the whole experience more user-friendly. We certainly hope so. It?s absolutely in Microsoft?s interest to make those changes as widely known as possible. We?ll post information about that once it?s available. From rforno at infowarrior.org Wed Oct 24 12:21:57 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 08:21:57 -0400 Subject: [Infowarrior] - Court throws out 2257 proof-of-age rule Message-ID: Court Throws Out Rule Requiring Adult Sites To Keep Records And Proof Of Age For All Performers from the that-first-amendment-thing dept Just last week, Wired had an article looking at how a particular section of law regulating adult content could potentially hurt the growth of "user generated" porn sites. The law in question required any "publisher" of adult content to obtain and permanently keep records proving that the "performers" in question were of legal age. Obviously, the goal here is to prevent child porn -- but many felt that such a rule was incredibly burdensome on those who were producing legitimate adult content, and it was even worse for "user generated" sites that would now require such information from every participant. Now, Slashdot points out that the Sixth Circuit Court of Appeals has found the law to be unconstitutional, as it violates the First Amendment. The Slashdot post is a little misleading, implying that the case was about age verification for viewers. It's actually about the performers. The full ruling (pdf) is an interesting read, but the crux of the argument is that while preventing child porn is a noble goal, if it ends up putting a burden on plenty of legitimate expression, then it's a clear First Amendment violation. Many people may not think this is a big deal, as they don't care for adult content or don't have any problem with having it heavily regulated -- but as the court notes, the right for people to remain anonymous is an important part of the First Amendment. Weakening that right -- even if for a reasonable end goal -- starts you down a slippery slope. http://techdirt.com/articles/20071023/230307.shtml From rforno at infowarrior.org Wed Oct 24 12:23:35 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 08:23:35 -0400 Subject: [Infowarrior] - USG 'permission' required for all passengers to fly Message-ID: Prior Permission From Government to be Required for Each Flight By RU Sirius October 22nd, 2007 http://www.10zenmonkeys.com/2007/10/22/prior-permission-from-government-to-b e-required-for-each-flight/ The Transportation Security Administration and the Department of Homeland Security are quietly pushing for a set of crazy new rules. All travellers in the U.S. will be required to get government-issued credentials and official clearance before every flight, both within the United States as well as internationally. And Monday we received a new political action alert from Edward Hasbrouk, The Practical Nomad blogger who's been fighting the plan (and who testified about it at a TSA hearing). "The international Advance Passenger Information System rules were published, as 'final' effective February 19,2008, with no further opportunity for public comment even on the changes from the original proposal." Hasbrouck sees this as a very ominous development. "The Department of Homeland Security can now evade debate on the similar elements of their Secure Flight proposal by claiming that it's needed to 'harmonize' the domestic and international travel restrictions ? as though travel within America was tantamount to and subject to the same government restrictions and controls as crossing international borders." The stakes are high ? and air travel may never be the same. "The Secure Flight proposal also includes new and odious requirements that travelers display their government-issued credentials ? not to government agents, but to airline personnel (staff or contractors), whenever the Department of Homeland Security orders the airline to demand them? " That alone will create a huge potential for abuse. "The proposed Secure Flight rules would leave travelers hopelessly at the mercy of any identity thief who claims to be an airline contractor (subcontractor, sub-subcontractor, etc.) demanding 'Your papers, please!' anywhere in an airport." But your personal information faces an even bigger risk. "In addition, the proposed rules would leave the airlines free to keep all the information obtained from travelers under government coercion, even after they've passed it on to the government. Your personal data would continue to be considered, at least in America, solely their property. Not yours..." According to Hasbrouk, the Identity Project ? an organization defending our right to travel freely in our own country ? has made requests under the Privacy Act and they "have uncovered many more details (and many more problems) with the U.S. government's dossiers of travel records, which include everything from what books travelers were carrying to phone numbers of friends and associates to whether they asked for one bed or two in their hotel room." Unfortunately, Monday, October 22 was the deadline for posting public comments on the proposed rules. But it's never too late to express your outrage... against another act in the continuing project to turn the United States into North Korea. From rforno at infowarrior.org Wed Oct 24 12:24:44 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 08:24:44 -0400 Subject: [Infowarrior] - Verizon settles deceptive marketing investigation Message-ID: http://www.oag.state.ny.us/press/2007/oct/oct23a_07.html October 23, 2007 VERIZON WIRELESS AGREES TO SETTLE DECEPTIVE MARKETING INVESTIGATION ?UNLIMITED? INTERNET PLANS WERE ACTUALLY LIMITED COMPANY AGREES TO CHANGE PRACTICES AND REIMBURSE CUSTOMERS New York, NY (Oct 23, 2007) ? Attorney General Andrew M. Cuomo today announced that Verizon Wireless has agreed to halt the deceptive marketing of its internet usage plans and reimburse $1 million to customers for wrongful account termination nationwide. The settlement follows a nine-month investigation into the marketing of NationalAccess and BroadbandAccess plans for wireless access to the internet for laptop computer users. Attorney General?s investigation found that Verizon Wireless prominently marketed these plans as ??Unlimited,? without disclosing that common usages such as downloading movies or playing games online were prohibited. The company also cut off heavy internet users for exceeding an undisclosed cap of usage per month. As a result, customers misled by the company?s claims, enrolled in its Unlimited plans, only to have their accounts abruptly terminated for excessive use, leaving them without internet services and unable to obtain refunds. ?This settlement sends a message to companies large and small answering the growing consumer demand for wireless services. When consumers are promised an ?unlimited? service, they do not expect the promise to be broken by hidden limitations,? said Attorney General Andrew Cuomo. ?Consumers must be treated fairly and honestly. Delivering a product is simply not enough ? the promises must be delivered as well.? The Attorney General?s investigation uncovered that while Verizon Wireless prominently placed print, television and online advertisements promising ?UNLIMITED? NationalAccess and BroadbandAccess for $59.99 per month: * ?Unlimited? plans had hidden restrictions. Verizon marketed its NationalAccess and BroadbandAccess service plans to consumers nationwide as ?Unlimited? despite the plans? limitations. In fact, the plans only permitted limited activities such as web browsing, email and intranet access. Customers who used their plans for common activities such as downloading movies and video or even playing video games online, were unwittingly in violation of the terms and conditions of their service agreements. * ?Excessive use? of Unlimited Plans resulted in abrupt terminations. Verizon Wireless terminated heavy internet users claiming that the high levels of usage could only have been attained by activities, such as ?streaming or downloading movies and video? prohibited by the terms and conditions. These usage restrictions were not clearly and conspicuously disclosed to consumers and directly contradicted the promise of ?unlimited? service. Customers found their accounts abruptly terminated for excessive use, leaving them without internet services and unable to obtain refunds for their wireless access cards and cell phones. >From 2004 until April of this year, Verizon Wireless terminated over 13,000 consumers nationwide for ?excessive? use of its ?unlimited? internet access plans. These customers were subsequently unable to use their Verizon Wireless cell phones and modems to connect to the internet. Verizon Wireless has agreed to reimburse all terminated consumers for the cost of wireless access cards or cell phones purchased by the consumer in order to utilize Verizon Wireless?s wireless internet service. Verizon Wireless estimates the total amount of restitution to be approximately $1 million nationwide. Verizon Wireless has also agreed to pay penalties and costs of $150,000 to New York State and revise the company?s marketing of its wireless internet access plans. Verizon Wireless fully and voluntarily cooperated with the Office of the Attorney General throughout this inquiry. Since April of 2007, Verizon Wireless has voluntarily ceased cutting off customers based on their data usage and no longer prohibits common internet uses. The case was handled by Justin Brookman, Chief of the Attorney General?s Internet Bureau, with assistance from Investigator Vanessa Ip. From rforno at infowarrior.org Wed Oct 24 12:25:33 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 08:25:33 -0400 Subject: [Infowarrior] - Is ACTA the New WIPO? Message-ID: Is ACTA the New WIPO? Wednesday October 24, 2007 http://www.michaelgeist.ca/content/view/2318/125/ It has been readily apparent for a number of months now that "counterfeiting and piracy" is the new focal point for intellectual property policy reform. With global conferences, legislative hearings in national capitals, and new anti-counterfeiting coalitions, copyright lobby groups have jumped on the anti-counterfeiting bandwagon. While the claims regularly focus on health and safety risks or suggestions that organized crime or terrorist groups benefit from counterfeiting, the reality is that the policy prescription typically includes a range of issues that have little to do with those issues. These include anti-circumvention legislation, higher damages, and an increased use of public tax dollars to provide protection for private commercial interests. The strategy has proven remarkably effective. Despite the absence of any independent data (indeed, there is evidence that some numbers have been fabricated), politicians are easily convinced that action is needed since the lobbyists often come armed with compelling props (exploded batteries, unsafe toys) and no one actually supports counterfeiting. Of course, the issue is not whether you are for or against counterfeiting, but rather whether the proposed reforms have anything to do with health and safety or significant economic concerns. Having placed counterfeiting on both domestic (see the recent government response and attempts to create an IP caucus) and bi-lateral agendas (including the SPP and the G8), yesterday the U.S. unveiled an even more ambitious goal - a new international Anti-Counterfeiting Trade Agreement. Given the recent backlash at WIPO, the U.S. is avoiding the U.N. system. Instead, it has created a new counterfeiting coalition of the willing that includes the European Union, Japan, South Korea, Mexico, New Zealand, and Canada. Those countries yesterday simultaneously announced enthusiastic support for a new trade agreement with negotiations to begin next year. Indeed, International Trade Minister David Emerson's announcement to the House of Commons brought the MPs to their feet. This treaty could ultimately prove bigger than WIPO - without the constraints of consensus building, developing countries, and civil society groups, the ACTA could further reshape the IP landscape with tougher enforcement, stronger penalties, and a gradual eradication of the copyright and trademark balance. From rforno at infowarrior.org Wed Oct 24 13:03:15 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 09:03:15 -0400 Subject: [Infowarrior] - Broadband Marketing Wars Message-ID: First Comcrap? pitched its cable internet as "100 percent pure broadband." ...perhaps "100% pure broadband" is the result of whatever "impurities" they presently claim to be filtering out from their Internet traffic? Now Verizon is pitching its FIOS service as "pure and unfiltered." WTFO? This isn't water going into my coffee maker!!! May such Madison Avenue marketing execs be lined up against a wall and fed a constant barrage of their own tripe for at least one, if not two, eternities. -rf From rforno at infowarrior.org Wed Oct 24 17:46:22 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 13:46:22 -0400 Subject: [Infowarrior] - House panel demands details of WH cybersecurity plan In-Reply-To: Message-ID: www.baltimoresun.com/news/nation/bal-te.cyber24oct24,0,2833040.story House panel chief demands details of cybersecurity plan By Siobhan Gorman Sun reporter October 24, 2007 WASHINGTON The chairman of the House Homeland Security Committee called on the Bush administration yesterday to delay the planned launch of a multi- billion-dollar cybersecurity initiative so that Congress could have time to evaluate it. Rep. Bennie Thompson said he wants to make sure the new program is legal before it is launched. In an interview, the Mississippi Democrat said he had been told that President Bush might unveil the initiative as early as next week. Known internally as the "Cyber Initiative," the program is designed to use the spying capabilities of the National Security Agency and other agencies to protect government and private communications networks from infiltration by terrorists and hackers. The Sun reported the existence of the program last month, but Thompson said the administration has refused to discuss the initiative with members of his committee, despite repeated requests. In a letter this week to Homeland Security Secretary Michael Chertoff, Thompson demanded that his committee receive a briefing on details of the plan. He also warned that the "centralization of power" envisioned under the initiative raised "significant questions" that should be answered before the program is launched. Thompson - whose panel oversees the Homeland Security Department, which would run the initiative - said he was unaware of the program's existence until it was revealed by The Sun in a Sept. 20 article. A Homeland Security spokeswoman said Chertoff had received Thompson's letter, which was dated Monday, and would respond "in a timely fashion." "We do agree that cybersecurity is a very important issue, and that is why since the beginning of this congressional session DHS has provided more than a half a dozen briefings to the House Homeland Security Committee on cyberthreats and related issues," said the spokeswoman, Laura Keehner. Thompson said that if the administration continues to give his panel the silent treatment, he will consider issuing a congressional subpoena. "You have to put sunshine on a program so sensitive as this," he said. The administration is saying that "'you have to believe us.' Obviously, as a nation of laws, we can't accept that." Thompson said that because the program involves the NSA and similar agencies, questions about privacy and domestic surveillance would be of particular concern. "What's the legal framework about which civil rights and civil liberties, as well as constitutional issues, will be protected?" he asked. The Cyber Initiative is the second administration program in recent weeks to draw criticism from Congress after it was revealed in a news report. Last month, after a report in The Wall Street Journal, the administration was forced to put a new domestic satellite surveillance program on hold in response to congressional protests. Few details about the Cyber Initiative are known because the administration has been extremely secretive about the program, much of which is highly classified. Current and former security officials have spoken about the initiative on condition of anonymity because it has not been announced. The multiagency effort is being coordinated by Director of National Intelligence Mike McConnell, a former NSA director. Since last year, there have been a series of meetings among representatives from McConnell's office, the NSA, Homeland Security and the White House, said a senior intelligence official. And at the NSA, several dozen people, including members of the general counsel's office, have been working on the initiative for the past year, the official said. Plans call for a seven-year, multi-billion-dollar effort with as many as 1,000 or more employees from Homeland Security, the NSA and other agencies, according to current and former government officials familiar with the initiative. The first phase would be a system to protect government networks from cyberattacks, with a later phase designed to protect private networks that control such systems as communications, nuclear power plants and electric-power grids, said a former government official familiar with the proposal. The NSA's new domestic role would require a revision of the agency's charter, according to the senior intelligence official. In the past, the NSA's cyberdefense efforts have been focused on the government's classified networks. Officials have debated internally whether to locate these employees in one facility in the Washington area or in multiple posts around the country, the senior intelligence official said. They have also discussed different ways to structure the program, said a former Pentagon official familiar with the initiative. Options include: creating a special office similar to the government response to the Soviet Union's launch of Sputnik; a White House coordination group modeled on the drug czar's office; and a "virtual" organization that coordinates activities among various agencies. Seeking details, Thompson has made four separate pleas for briefings from Homeland Security, he said, including a direct request at a hearing last week to the department's top cybersecurity official, Greg Garcia. Thompson said the House Intelligence Committee also had not received a briefing it requested from McConnell's office, but an Intelligence Committee aide said yesterday that the panel expects a "detailed briefing" this week. Intelligence Chairman Silvestre Reyes, a Texas Democrat, has requested information, the aide said, on exactly what the initiative would do "and what the legal authorities are." Thompson rattled off about a dozen questions he has about the program, including what authority the NSA has to participate in domestic monitoring and whether Fourth Amendment limitations on search and seizure would prevent the government from using the evidence it gathered to prosecute cybercrimes. Questions about what each agency will be authorized to do have come under considerable discussion inside the administration, said current and former officials. Approval of the initiative was delayed because of continued difficulty with such issues. The federal government's role in monitoring private-sector networks is "clearly the issue," the former government official said, adding, "If you want to work with them and put things on people's lines to monitor stuff, the general counsels of private-sector entities would say, 'You want to do what?'" Policymakers have become increasingly alarmed at the vulnerability of trains, nuclear power plants, electrical grids and other key infrastructure systems, which rely on Internet-based controls that could be hijacked remotely to produce a catastrophic attack. Recent attempted attacks on Pentagon and other government computer systems have heightened concerns about holes in government networks, as well. Thompson noted that he has held several hearings on the emerging cyberthreat, as well as on Homeland Security's challenges in managing its own cybersecurity. "We have tried to work with the department," Thompson said. siobhan.gorman at baltsun.com From rforno at infowarrior.org Wed Oct 24 18:11:14 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 14:11:14 -0400 Subject: [Infowarrior] - IPhone's Security Rivals Windows 95 (No, That's Not Good) Message-ID: IPhone's Security Rivals Windows 95 (No, That's Not Good) By Kim Zetter Email 10.23.07 | 8:20 AM http://www.wired.com/politics/security/news/2007/10/iphone_windows With Apple's announcement Monday that it shipped 1.12 million iPhones in the three months after its launch, the gadget's apparent popularity rivals some PCs. That has security experts warning of trouble, following revelations that Apple built the iPhone's firmware on the same flawed security model that took rival Microsoft a decade to eliminate from Windows. "It really is an example of 'those who don't learn from history are condemned to repeat it'," says Dan Geer, vice president and chief scientist at security firm Verdasys. It wasn't long after Apple released the iPhone in June that researchers discovered that every application on the device -- from the calculator on up -- runs as "root," i.e., with full system privileges. As a result, a serious vulnerability in any of these applications would allow hackers to gain complete control of the device. The same problem in Windows played a big role in stoking a plague of internet malware-production that began with the Melissa virus in 1999, and continues with the malicious Storm worm today. With the limited bandwidth of the iPhone, malicious code would be unlikely to slow portions of the internet. But malware could wreak creative havoc of a different kind. It might, for example, cause a phone to call numbers without the user's knowledge, seize text messages and a list of received and sent calls, turn the phone into a listening device, track the user's location through nearby WiFi access points, or instruct the phone to snap photos of the user's surroundings -- including any companions who may be in view of the camera lens. Apple announced last week that it plans to release a software-development kit in February, to open the way for third-party developers to create applications for the iPhone. More applications, though, invariably means more attack routes for hackers. Apple CEO Steve Jobs said in his announcement that the company was taking time to release the SDK to deal with security issues, suggesting that a future operating system update to the phone might only run applications approved and digitally signed by Apple. But this wouldn't solve all of the security problems. "As long as everything runs as root, there are going to be bugs and people are going to find them (to take over the device)," says Charlie Miller, principal security analyst for Independent Security Evaluators, who, with colleagues, discovered the first reported bug with the iPhone earlier this year. The bug, found in its Safari browser, would have allowed hackers to take control of a phone. The researchers criticized Apple in their paper (.pdf) for designing iPhone applications to run as root. Although Apple issued a fix for the Safari vulnerability in July, the company never responded to criticism about the root problem with its phones. Apple also didn't respond to calls from Wired News for this story. Last week, H.D. Moore, a security researcher who developed the Metasploit Framework security and hacking tool, posted information on his blog about a vulnerability in the iPhone's tiff library that is used by the phone's e-mail , browser and music software. He also supplied detailed instructions on how to write code to exploit the bug and provided an exploit to gain remote control of an iPhone. Computer security professionals call the iPhone design flaw a fundamental mistake, and say that Apple should have known better. "The principle of 'least privilege' is a fundamental security principle," says Geer. "Best practices say that if you need minimal authority to do (something on a system), then you don't need to have more authority than that to get it done." Microsoft has been roundly criticized for years for releasing early versions of its Windows operating system with administrative privileges automatically enabled. This gave hackers who gained access to Windows machines complete privileges to modify the operating system and take control of the machine. It took a while for the company to get the message, but Redmond finally closed the hole with its Vista operating system this year, which included a User Account Control feature to control the level of privileges required for various functions on a Vista machine. " I guess Apple hadn't learned those lessons and is now going to learn them the hard way," says Geer. Miller says that Apple will need to redesign the entire firmware to fix the problem -- which would require owners to install a pretty hefty update. "If you start from the beginning with security in mind and you design your product thinking about security as you go, it's not really any harder to design a secure product than an insecure product," he says. "Once you've already got it out in everyone's hands, it's a little harder to go back and add security. And that's really what they need to do at this point." From rforno at infowarrior.org Wed Oct 24 21:18:58 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 17:18:58 -0400 Subject: [Infowarrior] - Microsoft clinches Facebook deal Message-ID: Microsoft clinches Facebook deal Wednesday October 24, 5:07 pm ET SEATTLE (Reuters) - Microsoft Corp (NasdaqGS:MSFT - News) said on Wednesday it would pay $240 million for a 1.6 percent minority equity stake in Facebook in a deal that values the popular social networking Web site at $15 billion. The world's largest software maker was bidding against Web search leader Google Inc. (NasdaqGS:GOOG - News) for a stake in Facebook and the right to sell advertising for Facebook outside of the United States. Microsoft said it would be the exclusive third-party advertising platform for Facebook which has more than 49 million Internet users. Google and Microsoft, now rivals for Internet-based audiences and applications, each expressed interest in a minority stake in Facebook for its growing user base and advertising potential. The rivals have butted heads before for Internet properties. Google beat Microsoft with a $1.65 billion acquisition of online video sharing site YouTube last year. (Reporting by Daisuke Wakabayashi in Seattle, Eric Auchard in San Francisco) http://biz.yahoo.com/rb/071024/facebook.html?.v=3 From rforno at infowarrior.org Wed Oct 24 21:25:35 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 17:25:35 -0400 Subject: [Infowarrior] - Hackers can divert Vonage calls: security firm Message-ID: http://www.reuters.com/article/marketsNews/idUKN2416024920071024?rpc=44 Hackers can divert Vonage calls: security firm Wed Oct 24, 2007 2:30pm EDT BOSTON (Reuters) - Internet phone service from Vonage Holdings Corp (VG.N: Quote, Profile, Research) is vulnerable to attacks by hackers, who are able to intercept calls to the company's subscribers, a security firm said on Wednesday. Sipera Systems of Richardson, Texas, said it had informed Vonage of the problem more than a month ago, but the company had not responded to the warning. Vonage spokesman Charles Sahner declined comment. From rforno at infowarrior.org Thu Oct 25 00:32:40 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 20:32:40 -0400 Subject: [Infowarrior] - Terror watch list swells to more than 755,000 Message-ID: Terror watch list swells to more than 755,000 Updated 6h 4m ago | Comments165 | Recommend23 E-mail | Save | Print | Reprints & Permissions | Subscribe to stories like this http://www.usatoday.com/news/nation/2007-10-23-Watchlist_N.htm By Mimi Hall, USA TODAY WASHINGTON ? The government's terrorist watch list has swelled to more than 755,000 names, according to a new government report that has raised worries about the list's effectiveness. The size of the list, typically used to check people entering the country through land border crossings, airports and sea ports, has been growing by 200,000 names a year since 2004. Some lawmakers, security experts and civil rights advocates warn that it will become useless if it includes too many people. "It undermines the authority of the list," says Lisa Graves of the Center for National Security Studies. "There's just no rational, reasonable estimate that there's anywhere close to that many suspected terrorists." The exact number of people on the list, compiled after 9/11 to help government agents keep terrorists out of the country, is unclear, according to the report by the Government Accountability Office (GAO). Some people may be on the list more than once because they are listed under multiple spellings. Senate Homeland Security Committee Chairman Joe Lieberman, D-Conn., who plans a hearing on the report today, says "serious hurdles remain if (the list) is to be as effective as we need it to be. Some of the concerns stem from its rapid growth, which could call into question the quality of the list itself." FIND MORE STORIES IN: Senate | Government | Government Accounting Office | Joe Lieberman | Senate Homeland Security About 53,000 people on the list were questioned since 2004, according to the GAO, which says the Homeland Security Department doesn't keep records on how many were denied entry or allowed into the country after questioning. Most were apparently released and allowed to enter, the GAO says. Leonard Boyle, director of the FBI's Terrorist Screening Center, which maintains the list, says in testimony to be given today that 269 foreigners were denied entry in fiscal 2006. The GAO report also says: ?The Transportation Security Administration (TSA) could not specify how many people on its no-fly list, which is a small subset of the watch list, might have slipped through screening and been allowed on domestic flights. ?TSA data show "a number of individuals" on the no-fly list passed undetected through screening and boarded international flights bound for the United States. Several planes have been diverted once officials realized that people named on the watch lists were on board. ?Homeland Security has not done enough to use the list more broadly in the private sector, where workers applying for jobs in sensitive places such as chemical factories could do harm. Boyle also urges that the list be used by for screening at businesses where workers could "carry out attacks on our critical infrastructure that could harm large numbers of persons or cause immense economic damage." But the sheer size of the watch list raised the most alarms. "They are quickly galloping towards the million mark ? a mark of real distinction because the list is already cumbersome and is approaching absolutely useless," said Tim Sparapani of the American Civil Liberties Union. Sen. Susan Collins, R-Maine, says "creating and maintaining a comprehensive terrorist watch list is an enormous endeavor fraught with technical and tactical challenges." The report, she says, "underscores the need to make the watch lists more accurate, to improve screening procedures at airports and the ports of entry, and to provide individuals with the ability to seek redress if they believe they have been wrongfully targeted." From rforno at infowarrior.org Thu Oct 25 00:35:11 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 20:35:11 -0400 Subject: [Infowarrior] - WH severely redacts CDC director's testimony on climate change Message-ID: White House cut warming impact testimony By H. JOSEF HEBERT, Associated Press WriterTue Oct 23, 7:07 PM ET http://news.yahoo.com/s/ap/20071023/ap_on_re_us/global_warming_health&printe r=1;_ylt=AlkSIpOU8wcVD2bcPJENRitH2ocA The White House severely edited congressional testimony given Tuesday by the director of the Centers for Disease Control and Prevention on the impact of climate change on health, removing specific scientific references to potential health risks, according to two sources familiar with the documents. Dr. Julie Gerberding, director of the Atlanta-based CDC, the government's premier disease monitoring agency, told a Senate hearing that climate change "is anticipated to have a broad range of impacts on the health of Americans." But her prepared testimony was devoted entirely to the CDC's preparation, with few details on what effects climate change could have on the spread of disease. Only during questioning did she describe some specific diseases that likely would be affected, again without elaboration. Her testimony before the Senate Environment and Public Works Committee had much less information on health risks than a much longer draft version Gerberding submitted to the White House Office of Management and Budget for review in advance of her appearance. "It was eviscerated," said a CDC official, familiar with both versions, who spoke on condition of anonymity because of the sensitive nature of the review process. The official said that while it is customary for testimony to be changed in a White House review, these changes were particularly "heavy-handed," with the document cut from its original 14 pages to four. It was six pages as presented to the Senate committee. The OMB had no comment on Gerberding's testimony. "We generally don't speculate and comment on anything until it is the final product," said OMB spokesman Sean Kevelighan. He added that OMB reviews take into consideration "whether they ... line up well with the national priorities of the administration." The CDC is part of the Department of Health and Human Services and its congressional testimony, as is normal with all agencies, is routinely reviewed by OMB. But Gerberding, who could not be reached late Tuesday for comment, was said to have been surprised by the extensive changes. Copies of the original testimony already had been sent to a number of associated health groups representing states, county and city health agencies that the CDC routinely coordinates with, a CDC official said. CDC spokesman Tom Skinner sought to play down the White House changes. He called Gerberding's appearance before the Senate panel "very productive" and said she addressed the issues she wanted during her remarks and when questioned by the senators. "What needed to be said as far we're concerned was said," said Skinner in a telephone interview from Atlanta. "She certainly communicated with the committee everything she felt was critical to help them appreciate and understand all the issues surrounding climate change and its potential impact on public health." The deletions directed by the White House included details on how many people might be adversely affected because of increased warming and the scientific basis for some of the CDC's analysis on what kinds of diseases might be spread in a warmer climate and rising sea levels, according to one official who has seen the original version. Gerberding seems to have tried to address some of those issues during questioning from senators. Sen. Barbara Boxer, D-Calif., the committee's chairman, produced a CDC chart listing the broad range of health problems that could emerge from a significant temperature increase and sea level rise They include fatalities from heat stress and heart failure, increased injuries and deaths from severe weather such as hurricanes; more respiratory problems from drought-driven air pollution; an increase in waterborne diseases including cholera, and increases vector-borne diseases including malaria and hantavirus; and mental health problems such as depression and post-traumatic stress. "These are the potential things you can expect," replied Gerberding when asked about the items listed. "... In some of these areas its not a question of if, it's a question of who, what, how and when." Peter Rafle, a spokesman for Boxer, said the senator knew nothing about changes that might have been made to Gerberding's testimony by the White House. From rforno at infowarrior.org Thu Oct 25 00:48:27 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 24 Oct 2007 20:48:27 -0400 Subject: [Infowarrior] - Storm worm strikes back at security pros Message-ID: This story appeared on Network World at http://www.networkworld.com/news/2007/102407-storm-worm-security.html Storm worm strikes back at security pros Researcher says those discovered trying to defeat worm suffer DDoS attacks By Tim Greene, Network World, 10/24/07 The Storm worm is fighting back against security researchers that seek to destroy it and has them running scared, Interop New York show attendees heard Tuesday. The worm can figure out which users are trying to probe its command-and-control servers, and it retaliates by launching DDoS attacks against them, shutting down their Internet access for days, says Josh Korman, host-protection architect for IBM/ISS, who led a session on network threats. ?As you try to investigate [Storm], it knows, and it punishes,? he says. ?It fights back.? As a result, researchers who have managed to glean facts about the worm are reluctant to publish their findings. ?They?re afraid. I?ve never seen this before,? Korman says. ?They find these things but never say anything about them.? And not without good reason, he says. Some who have managed to reverse engineer Storm in an effort to figure out how to thwart it have suffered DDoS attacks that have knocked them off the Internet for days, he says. As researchers test their versions of Storm by connecting to Storm command-and-control servers, the servers seem to recognize these attempts as threatening. Then either the worm itself or the people behind it seem to knock them off the Internet by flooding them with traffic from Storm?s botnet, Korman says. A recently discovered capability of Storm is its ability to interrupt applications as they boot up and either shut them down or allow them to appear to boot, but disable them. Users will see that, say, antivirus is turned on, but it isn?t scan for viruses, or as Korman puts it, it is brain-dead. "It?s running, but it?s not doing anything. You can brain-dead anything," he says. The worm has created a botnet of slave machines whose latent size and power is unknown. The number of infected machines available to launch spam and DoS attacks is estimated from hundreds of thousands to 50 million. Korman says he believes it?s between 6 million and 15 million. One intimidating aspect of the botnet the worm commands is that it is used infrequently, indicating that it is for sale or lease to what he terms ?profit nation? -- computer hackers who do their work for money not fame. The potential exists for the botnet to be used by political entities for cyberterror attacks, he says. ?It?s getting more serious the more I look at it,? Korman says. ?I?m more concerned not so much about where Storm is today, but where it?s going.? Still, the power of Storm, also known as Peacomm, is still hotly debated. Earlier this week another expert said the worm had pretty much run its course and was subsiding. All contents copyright 1995-2007 Network World, Inc. http://www.networkworld.com From rforno at infowarrior.org Thu Oct 25 12:04:07 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2007 08:04:07 -0400 Subject: [Infowarrior] - FW: [attrition] Commentary: Data Loss "Unplugged" In-Reply-To: Message-ID: Wed Oct 24 23:33:36 EDT 2007 Lyger Since July 1, 2005, attrition.org has "officially" been tracking incidents regarding the theft, loss, or exposure of personally identifiable information (PII). In the months since the creation of the Data Loss web page, Data Loss Mail List, and Data Loss Database (Open Source) (aka "DLDOS"), we have been asked many questions about not only why we maintain these resources but also about what criteria we use to determine the inclusion of events into the mail list, web page, and database. For anyone interested, we feel that we should try to clarify our "requirements" and answer any questions that may arise. First, we can't "report" what we don't know. In most cases, we will only include events that are reported by a legitimate media source. While we could include blog rumors and tips via email from unverified sources, we feel that it's best to have a verifiable and reputable source of information in case there are any questions or concerns regarding the validity of the information contained in our resources. If an event isn't covered by a reputable media source, there's a good chance we may not include it in our resources. We do understand that work by others such as Chris Walsh, who finds additional breaches through Freedom Of Information Act (FOIA) requests, will uncover breaches not normally reported by media outlets, but attrition.org simply doesn't have the resources to actively pursue such additional information. We applaud Chris for his efforts and hope that he continues to keep up with his endeavors. [...] http://attrition.org/dataloss/dlunplugged.html From rforno at infowarrior.org Thu Oct 25 12:24:49 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2007 08:24:49 -0400 Subject: [Infowarrior] - Fox News: al Qaeda link to California fires Message-ID: Geez. ---rf Ill-informed Fox anchors spread fears of al Qaeda link to California fires David Edwards and Nick Juliano Published: Wednesday October 24, 2007 http://rawstory.com/news/2007/Fox_advances_theory_that_CA_fires_1024.html Questionable 4-year-old FBI memo presented as new to stoke terror fears Did al Qaeda start the California wildfires? As more than a million people escaped the flames, Fox News anchors couldn't help speculating about a terrorism link to the blazes ravaging southern California. "I've heard some people talk about this a little bit to me, but have you heard anybody suggest that this could be some form of terrorism," Fox & Friends co-host Steve Doocy asked Wednesday morning. Correspondent Adam Housley said he's received "hundreds of comments" from readers of his Fox News blog speculating about a link to terrorism. Investigators have determined that one 15,000 acre fire in Orange County was deliberately set, and Housley reported that authorities arrested one man who set a hillside on fire. Causes of most other fires are still being investigated, and there has been little speculation beyond Fox News about a terror plot. A review of Housley's blog posts about the fire reveals that his characterization of the terror fears perhaps was inflated. Of his 15 posts on the fires, just two included speculation from commenters about a terrorism link. "Is anyone asking how these fires started? I see no comments or speculations," observed "clyde teeter" in response to a post Tuesday. "Could it be linked to illegal alien misadventure on the border [...] Terrorism? ... If you are a journalist, then these questions need to be asked and investigated. Your coverage is admirable but the emotional journalism about the loss of peoples homes is not helping to find the causes." Fox & Friends co-host Judge Andrew Napolitano tried to serve as the voice of reason. "That's a fear, Adam, but is there any evidence of it?" the judge asked. Such skepticism could not last, though. Later Wednesday, Fox anchors returned to fanning the terror fears, digging up a four-year-old FBI memo and presenting it as new information relating to an al Qaeda link to the fires. In June of 2003, FBI agents in Denver detailed an al Qaeda detainee's discussion of a plot to set forest fires around the western United States, although investigators couldn't determine whether the detainee was telling the truth, and his plot did not include setting fires in California. Such small discrepancies in dates and details proved to be no obstacles for Fox anchors, who reported that the memo was from "late June of this year" and "is just popping up this morning." The memo was first reported by the Arizona Republic in July 2003, although a Fox anchor said it was reported "five days ago." That confusion seems to stem from an inability to read the date on an Associated Press account of the memo from the time it was first reported. A July 11, 2003, AP story, still available online via USA Today, reported, "The contents of the June 25 memo from the FBI's Denver office were reported Friday by The Arizona Republic." On Fox, that information became, "The June 25 memo from the FBI's Denver offices was reported three days ago, excuse me five days ago, by the Arizona Republic." Further distorting the report, Fox failed to mention a key caveat from the 2003 AP story they appear to have ripped from. "Rose Davis, a spokeswoman for the National Interagency Fire Center in Boise, told The Associated Press that officials there took note of the warning but didn't see a need to act further on it." Partial Transcript (via ThinkProgress): # DOOCY: You?re looking live at pictures from San Diego ? Santiago, CA, where the wildfires continue. We were talking earlier in today?s telecast with Adam Housley and apparently police officers in a hovering helicopter saw a guy starting one of these fires. And Allison Allison Camerota, an FBI memo from late in June of this year is popping up this morning and it is ominous. CAMEROTA: This actually has happened for many years in the past as well. An FBI sent out to local law-enforcement said that an al Qaeda detainee had given them some information that the next wave of terrorism could be in the form of setting wild fires. Adam Housley said lots of people on his block were asking him about it. Obviously this is something the FBI has looked into. They will continue to investigate it. CARLSON: If they have this person in custody it probably won?t take long to be able to develop a link if there is one. KILMEADE: A June 25 memo from the FBI?s Denver offices reported three days ago, excuse me, five days ago, by the Arizona Republic, that is a newspaper, they have been carrying the story and they continue to expand upon it. DOOCY: Brian, the plot they say, according to this detainee, and they don?t know if the detainee is telling the truth. The plot was to set three or four wildfires. But they don?t mention California. They mention Colorado, Montana, Utah, and Wyoming. We do know for a fact that a number of the fires in southern California are of a suspicious nature and they are investigating arson. # From rforno at infowarrior.org Thu Oct 25 15:52:45 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2007 11:52:45 -0400 Subject: [Infowarrior] - =?iso-8859-1?q?What_=B9_s_Wrong_with_the_War_on_T?= =?iso-8859-1?q?errorism=3F?= In-Reply-To: Message-ID: (from Blake) What?s Wrong with the War on Terrorism? September 2007 By Joseph Straw Brian Michael Jenkins began a lifelong study of terrorism in 1972 after the attacks at the Munich Olympic Games, and he has become one of the world?s leading authorities on the topic, currently serving as senior advisor to the president of the think tank RAND Corp. He recently published Unconquerable Nation: Knowing our Enemy, Strengthening Ourselves, and Security Management Assistant Editor Joseph Straw talked with him about the book, terrorism generally, and private security?s role. (His remarks have been edited.) < - > http://www.securitymanagement.com/article/what-s-wrong-war-terrorism?page=0% 2C0 -------------- next part -------------- An HTML attachment was scrubbed... URL: https://attrition.org/mailman/private/infowarrior/attachments/20071025/5e323126/attachment.html From rforno at infowarrior.org Thu Oct 25 17:38:40 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2007 13:38:40 -0400 Subject: [Infowarrior] - Few FBI employees will be able to read this Message-ID: Few FBI employees will be able to read this posting http://blogs.usatoday.com/ondeadline/2007/10/few-fbi-employe.html If you're reading this posting via the Internet, chances are you don't work as a special agent or intelligence analyst at the Federal Bureau of Investigation. Willie Hulon, the executive assistant director in charge of the bureau's national security branch, just told members of the Senate Intelligence Committee that the vast majority of FBI employees still don't have a computer on their desk that can be used to access the Internet. That means no Google searches, no personal e-mail and no blogs like On Deadline. So far, Hulon says they've put Internet-ready computers on about a third of the agency's desks. Another third of the FBI's workforce is due to receive them within the next year, he says. "All agents and analysts do not have access at their desktop," Hulon tells the committee. "They do have access to the Internet. We have stations within field offices that people can go to to work at but we don't have access at everyone's desk," he adds. Sen. Ron Wyden, D-Ore., later elicited an acknowledgement from Hulon that the FBI has hired only two of the 24 senior intelligence analysts that it was first authorized to hire in 2004. From rforno at infowarrior.org Thu Oct 25 19:45:49 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2007 15:45:49 -0400 Subject: [Infowarrior] - Routing Economics Threaten the Internet Message-ID: Routing Economics Threaten the Internet Written by Lawrence G. Roberts 10/25/2007 http://tinyurl.com/2q2xbx The Internet has some major problems. The big one involves the cost of supporting the amount of content and services being supplied over the Internet infrastructure. And if it's not fixed soon, the expansion of Internet traffic could outrun our ability to pay for it. Here's why: Since it started, traffic on the Internet has about doubled every year. Remarkably, the router technology that we started with (best-effort packet routing) has supported this huge growth without any basic change except speed improvements resulting from the improvement in semiconductors. Due to the improvements in fiber technology, the cost of increasing raw bandwidth capacity has been decreasing about as fast as the traffic grows. Fiber, therefore, is no longer the problem. But now that fiber technology has advanced, we have a different problem: routing technology. Internet traffic is now growing much more quickly than the rate at which router cost is decreasing per bit. Traffic is doubling each year, while routers follow the semiconductor trend, dropping in cost per bit by one half every 18 months. The cost of Internet capacity would therefore double every three years without some key new innovation. The economy could not support this for very long. Traditional routed IP networks provide reasonable quality by operating with huge overcapacity so the peak usage hardly ever overloads the routers. If a packet router becomes overloaded it seriously damages all the traffic, data, voice, and video. If we don't find a way to keep up with these increasing capacity costs, we'll start to see this damage. I believe that the solution is flow routing. [Ed. note: Dr. Lawrence Roberts is the founder and CEO of Anagran Inc., a flow-based routing company.] Flow routing has introduced an important innovation that can help alleviate the capacity crunch: Routers do not need to route every packet, only the first packet in a flow. Thus, the inherent cost of these new routers is one third that of packet routers, and they provide an immediate 3:1 capacity increase when they are inserted into the network, eliminating the need to add capacity and cost for a year or two. Flow router technology can be included at the access point where the overload may occur so that congestion and overload does not damage the traffic; lower priority, large file transfers are throttled back; and interactive voice and video stays protected. This allows the entire network to operate at much higher efficiency, often around 90 percent utilization day and night. As the technology is further employed, the step function saving is on the order of 9:1 (cost and efficiency). This could extend the time that Internet traffic can continue to double at the current network cost by nine years. At that point, some additional innovation will be needed to keep cost under control or traffic growth will have to slow down. The Internet's problems are not limited to cost, however. The aging IP technology in the installed base has other challenges. Quality: Today, video can be easily downloaded just like data, but streaming video only works well if the network has enough overcapacity, with data users kept on a separate network. In many cases (like WiFi, for example), the same is true for voice. We can?t even start to consider many other applications like ?telesurgery? -- robotic surgery performed remotely via the Internet -- due to poor video quality as a result of packet loss and delay variance. There are really two problems to solve here: controlling the huge network load caused by video downloading, and the inherent inability of the current packet router design to support low delay variance, with low-loss streaming media mixed with lots of data traffic. Flow routing could solve both these problems. Based on observing and remembering the state of each ongoing data stream (flow), the router can protect video, voice, and any real-time stream from delay variance and loss. Security: Security is becoming a serious problem. Although it is partly a computer issue, in large part it is also a network issue, since current networking technologies do not verify who is sending the data. Most known security problems (denial of service, spam, viruses) would be much easier to cope with if the network included three additional functions: authorizing users as they connect to the network; checking the addresses a user claims to be sending from, to insure it is not faked; and detecting traffic anomalies such as denial-of-service attacks. Authorization is a known technology, but not very useful without source address verification. Source address verification is expensive if required for every packet, but with the advent of flow routing, it can be done once per flow, making it extremely inexpensive. Similarly, detecting traffic anomalies is virtually impossible at the packet level, but quite reasonable with flow routing technology, by simply looking at the flow information. Thus, with the changes happening in routing technology, we should be able to pinpoint and identify anyone who sends spam or attacks a remote computer, and at least recognize and stop denial-of-service attacks, if not identify the originator. Once security attacks are traceable, law enforcement becomes possible. Currently, we are expecting the same 40-year-old technology to support not only information exchange like Web browsing and email, but all our real-time traffic such as voice and video. Three basic problems must be overcome to accomplish this: quality, security, and economics. We need to improve packet forwarding design if we are going to fix these problems. ? Dr. Lawrence G. Roberts, CEO, Anagran Inc. From rforno at infowarrior.org Thu Oct 25 19:47:07 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2007 15:47:07 -0400 Subject: [Infowarrior] - Congressman to Comcast: Stop interfering with BitTorrent Message-ID: Congressman to Comcast: Stop interfering with BitTorrent Posted by Chris Soghoian October 25, 2007 11:06 AM PDT While a class action lawsuit is definitely one way to get Comcast to behave, another perhaps more productive way to do so is to have politicians step in and regulate. On Tuesday, I discussed the issue of Comcast's anti-BitTorrent "network management" with Rep. Rick Boucher, D-Va., who is a strong supporter of consumer rights and has led the battle to undo the damage caused by the Digital Millennium Copyright Act, or DMCA. He was named Politician of the Year for 2006 by Library Journal, largely due to his efforts to protect the fair-use doctrine and expand Internet technologies to rural areas. "Comcast has made a major mistake in attempting to hinder peer-to-peer file sharing as an aspect of its network management," Boucher said. "The inability of customers to (share files) significantly diminishes their ability to utilize the Internet for one of its most important applications, which is user-to-user content." He also noted that "file sharing is already being used for a wide variety of perfectly lawful and appropriate applications." < - much more - > http://www.cnet.com/8301-13739_1-9804158-46.html?tag=blg.orig From rforno at infowarrior.org Thu Oct 25 20:07:18 2007 From: rforno at infowarrior.org (Richard Forno) Date: Thu, 25 Oct 2007 16:07:18 -0400 Subject: [Infowarrior] - The Politics of Paranoia Message-ID: Jane Harman's War on the First Amendment The Politics of Paranoia By Col. DAN SMITH http://www.counterpunch.org/smith10252007.html Congresswoman Jane Harman has introduced legislation--H.R. 1955: "Violent Radicalization and Homegrown Terrorism"--that is expected to be referred to the House Rules Committee for assignment of floor time for debate by the House. This is a bill that is unneeded, unwise, and unfortunately will pass and be signed into law as it purports to be part of the response to 9/11 and the global war on terror. At base, Harman's proposal seems to be a direct attack on First Amendment rights. No where is this more clear than in the third introductory paragraph (the "where as" section) that provides the context for the action desired. Specifically, this legislation aims at the unregulated nature of the Internet: "The Internet has aided in facilitating violent radicalization, ideologically based violence, and the homegrown terrorism process in the United States by providing access to broad and constant streams of terrorist-related propaganda to United States citizens." Moreover, Harman is telling the American public, citizens and permanent residents, that they are too dumb to recognize hate speech, demonizing rhetoric, and propaganda, and are so morally immature that they are not capable of knowing when to "blow off" terrorists and their messages designed to incite large scale insurrection One also gets the impression that Harman believes that terrorist criminality has become so wide and the number of people who mentally entertain thoughts of non-compliance with authority so numerous that the country is about to teeter into chaos But looking at the FBI's major violent crime trend lines over the past 20 years reveals, if not the opposite situation, at least a wash on violent crime frequency. I've chosen three reference points: 1987, before "terrorism" became an issue; 2001 (with September 11th fatalities not included in the murder rate); and 2006. - In 1987, the U.S. population was 242.3 million; in 2001 285.3 million; and in 2006 299.4 million. - In 1987, an estimated 1.484 million violent crimes were committed in the U.S.; in 2001, the total was 1.438 million; and in 2006, 1.418 million. - In 1987, the violent crime rate per 100,000 was 612.5; in 2001 504.5; and in 2006 473.5. The 2006 rate was the000 third lowest in this 20 year comparison. violent crime in the U.S. rose 1.9% between 2005 and 2006, the second consecutive year the rate went up. About the only statistic that has really gone wild is the number of people sent to jail in the U.S. As of June 30, 2006, U.S. prisons held 776,010 inmates, an increase of 2.5% over the previous June 30, 2005. I am a bit surprised that more defenders of the constitution have not started a groundswell to ensure the legislation never gets to the floor of the House for discussion. I have already pointed out the First Amendment. There is more. To get to this "more," it's necessary to reproduce three definitions contained in the bill. VIOLENT RADICALIZATION- the process of adopting or promoting an extremist belief system for the purpose of facilitating ideologically based violence to advance political, religious, or social change. HOMEGROWN TERRORISM- the use, planned use, or threatened use, of force or violence by a group or individual born, raised, or based and operating primarily within the United States or any possession of the United States to intimidate or coerce the United States government, the civilian population of the United States, or any segment thereof, in furtherance of political or social objectives. IDEOLOGICALLY BASED VIOLENCE- the use, planned use, or threatened use of force or violence by a group or individual to promote the group or individual's political, religious, or social beliefs. The key is in the last definition. The history of democracy is that over time, government encroaches so much into the lives of its people that government itself becomes the problem. Consider that in the 1770s, had the U.S. been a country with a law that criminalized the "threatened use of violence," every one of the Founding Fathers who participated in the Boston Tea Party organized into the Minute Men detachments or refused to accede to the British soldiers foraging on private property would have been guilty of "violent radicalization" and of promoting "ideologically based violence." What has become an "extremist belief" in some circles within the government is democracy. Look again at the three definitions. Do they not directly challenge one of the most fundamental rights that many in the U.S. trace back to time immemorial: the right of citizens to "keep and bear arms"? Again, a people who have access to firearms inherently pose a "threat" to any government, even one with a standing army at its beck and call. And the more centralized the power of the ruler (e.g., the unitary presidency), the greater the temptation to seize the weapons--and the rights--of its citizens. In fact, as she was drafting the legislation, Congresswoman Harman must have realized that she was, at best, on a slippery slope and at worst, in quicksand up to her neck and no solid footing play. In the eighth "where as" section, the proposed legislation reads: "Any measure taken to prevent violent radicalization, homegrown terrorism, and ideologically based violence and homegrown terrorism in the United States should not violate the constitutional rights, civil rights and civil liberties of United States citizens and lawful permanent residents" (emphasis added). When it comes to safeguarding rights and liberties, I much prefer "will" to "should"--and so ought every member of Congress. Terrorism is terrorism, whether foreign-inspired or homegrown, and is not acceptable. Congresswomen Harman has not made the case for distinguishing between "homegrown" and "foreign" ideologically-based terror, and there is no logical, moral, or legal reason to divide them; both are violations of morality and of law. But just as important is the point that to try to criminalize "radical thinking" is to deny the opportunity to citizens to re-invigorate democracy so that it does not descend into tyranny. In this legislation as drafted, the underlying unacknowledged assumption is that "radicalized thought" can lead to only one outcome: an attempt to overthrow government by violence. One need only recall that it is through the airing of opinion that the falsehoods and lies become exposed and defused--which is what makes the British institution of "Speakers' Corner" in London's Hyde Park a model for democratic practice the world over. To which can be added Edward R. Murrow's most succinct observation: "We must not confuse dissent with disloyalty." Col. Dan Smith is a military affairs analyst for Foreign Policy In Focus , a retired U.S. Army colonel, and a senior fellow on military affairs at the Friends Committee on National Legislation. Email at dan at fcnl.org. From rforno at infowarrior.org Fri Oct 26 12:58:49 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 08:58:49 -0400 Subject: [Infowarrior] - More on...MS update and PC crashes Message-ID: [ Y'know, if anyone else launched this kind of DoS attack on such a widespread basis, they might be prosecuted. (Prediction: the sheeple will grumble, but continue to use M$ products just like they did the last N times they were abused by their own OS vendor.) ---************* ] More gnashing of teeth after Microsoft update brings PCs to a standstill Resource-hogging search app sprung on reluctant admins By Dan Goodin ? More by this author Published Thursday 25th October 2007 01:04 GMT Updated This story was updated on Thursday 25th October 2007 23:21 to add comment from Microsoft. Something seems to have gone horribly wrong in an untold number of IT departments on Wednesday after Microsoft installed a resource-hogging search application on machines company-wide, even though administrators had configured systems not to use the program. "The admins at my place were in a flap this morning because Windows Desktop Search 3.01 had suddenly started installing itself on desktops throughout the company," a Reg reader by the name of Rob informs us. "The trouble is that once installed, the indexer kicks in and slows the machines down." The blogosphere is buzzing with similar reports, as evidenced by postings here, here and here. "I'm slighly pissed of [sic] at M$ right now," an admin in charge of 3,000 PCs wrote in a comment to the first aforementioned link. "All the clients have slowed to a crawl, and the file servers are having problems with the load." < - > http://www.theregister.com/2007/10/25/windows_update_snafu/ From rforno at infowarrior.org Fri Oct 26 13:00:39 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 09:00:39 -0400 Subject: [Infowarrior] - "Legitimate Visitors" to U.S. Get the Disney Treatment Message-ID: "Legitimate Visitors" to U.S. Get the Disney Treatment Topics: international | media | propaganda | public diplomacy | U.S. government Source: The Independent (UK), October 24, 2007 >From the movie "Welcome: Portraits of America"From the movie "Welcome: Portraits of America"Travelers flying into the United States via airports in Washington DC and Houston are being shown "a sappy seven-minute film made by the folks at Walt Disney showcasing all that is wonderful, scenic and nice about the land of the free." Eventually, the film will be shown "in the international arrivals halls of all major U.S. airports as well as in visa-processing offices around the world. Major airlines will also be encouraged to show it on aircraft shortly before landing in the U.S." The movie was made by Disney's Frederico Tio, himself a Cuban immigrant, and donated to the U.S. government. U.S. public diplomacy czar Karen Hughes praised the film for "creating a warm first impression, and first impressions are important." A joint U.S. government / Disney press release says the film is part of "a joint vision" by the State and Homeland Security Departments "to enhance border security while streamlining security processes and facilitating travel for legitimate visitors." http://www.prwatch.org/node/6618 From rforno at infowarrior.org Fri Oct 26 13:02:21 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 09:02:21 -0400 Subject: [Infowarrior] - Pentagon vs. Hobby Shops Message-ID: Pentagon vs. Hobby Shops By Noah Shachtman EmailOctober 25, 2007 | http://blog.wired.com/defense/2007/10/pentagon-vs-hob.html Should mom-and-pop hobby shops have to pay Lockheed and Boeing to license model planes? Inside the Pentagon reports that "your local hobby shop has recently had to charge little Timmy 40 cents extra to purchase an $8 toy model kit with the likeness of a U.S. military vehicle, according to the Hobby Manufacturers Association (HMA)." Timmy has had pay up since defense contractors began pressuring scale-model manufacturers and distributors to pay licensing fees in order to use the designation or likeness of the life-sized military vehicles, HMA says. The contractors have sought 2 to 8 percent of the costs of each unit from toy manufacturers, according to the association. This expense, which amounts to an increased cost of $6,000 for 15,000 units, is passed on to the consumer, driving down demand and putting small hobby shops in jeopardy, the association argues on its Web site. So Rep. Rob Andrews (D-NJ) included a provision in the House version of the fiscal year 2008 defense authorization bill requiring the Pentagon to license trademarks, service marks, certification marks, and collective marks relating to military designations and likenesses of U.S. weapon systems to any qualifying company upon request. ?The fee charged for a license would be no more than required to cover the cost to the government, and the license would be non-exclusive,? the bill states. The Pentagon, however, ?strongly opposes? Andrews? provision, devoting an entire page to the issue in its latest authorization appeals package. Such appeals are typically reserved for last-ditch efforts to save big DOD programs from funding cuts. DOD ?can envision no valid reason why a trademark owner should ever be compelled to allow another entity to use that intellectual property, even for reasonable license fees,? the appeal says. The HMA, however, can envision several reasons. One is that model kits can serve as a recruitment tool and free advertising for DOD. Another is that military designations are determined by a Pentagon system and the vehicles? designs are funded by taxpayers. From rforno at infowarrior.org Fri Oct 26 13:17:01 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 09:17:01 -0400 Subject: [Infowarrior] - Password-cracking chip causes security concerns] In-Reply-To: <72E05F00-588B-4C48-94BB-41A777D6F93D@farber.net> Message-ID: Password-cracking chip causes security concerns http://technology.newscientist.com/article.ns?id=dn12825 By Andrew Brandt NewScientist.com news service 24 October 2007 A technique for cracking computer passwords using inexpensive off-the-shelf computer graphics hardware is causing a stir in the computer security community. Elcomsoft, a software company based in Moscow, Russia, has filed a US patent for the technique. It takes advantage of the "massively parallel processing" capabilities of a graphics processing unit (GPU) - the processor normally used to produce realistic graphics for video games. Using an $800 graphics card from nVidia called the GeForce 8800 Ultra, Elcomsoft increased the speed of its password cracking by a factor of 25, according to the company's CEO, Vladimir Katalov. The toughest passwords, including those used to log in to a Windows Vista computer, would normally take months of continuous computer processing time to crack using a computer's central processing unit (CPU). By harnessing a $150 GPU - less powerful than the nVidia 8800 card - Elcomsoft says they can cracked in just three to five days. Less complex passwords can be retrieved in minutes, rather than hours or days. It is the way a GPU processes data that provides the speed increase. NVidia spokesman Andrew Humber describes the process using the analogy of searching for words in a book. "A [normal computer processor] would read the book, starting at page 1 and finishing at page 500," he says. "A GPU would take the book, tear it into a 100,000 pieces, and read all of those pieces at the same time." Benjamin Jun, of Cryptography Research based in San Francisco, US, says massively parallel processing is ideally suited to the task of breaking passwords. And, while concerned about the development, Jun also pays tribute to the achievement: "A number of us have been following advances in those platforms, and there's a lot of elegant, intelligent design." Password cracking can be used to unlock data on a computer, but will not usually work on a banking or commercial website. This is because is takes too long to run through multiple passwords, and because a site will normally block a user after several failed attempts. Jun adds that the trend towards encrypting whole hard drives with increasingly long cryptographic keys still means it is becoming more difficult to access sensitive data. "Should I throw away my web server and run for the hills?" he says. "I don't think so." NVidia released a software development kit for its graphics hardware in February 2007. Known as CUDA, the kit lets programmers access the computing power of the GPU directly. It has gained a following among those with a need for high-performance computing, particularly in fields such as science and engineering. "[CUDA] is a huge thing for the oil and gas industry, for the financial sector, and for scientists," Humber says. He adds that CUDA is also be being used by a company called Evolved Machines to simulate the way the human brain wires itself. Elcomsoft says it took three months to develop code to take advantage of a GPU, and the company plans to introduce the feature into some of its password cracking products over time. From rforno at infowarrior.org Fri Oct 26 15:52:23 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 11:52:23 -0400 Subject: [Infowarrior] - Senate OKs 7 more years of tax-free Net access, e-mail Message-ID: Senate OKs 7 more years of tax-free Net access, e-mail Posted by Anne Broache http://www.news.com/8301-10784_3-9805069-7.html?part=rss&subj=news&t ag=2547-1_3-0-20 Scarcely a week before an existing ban on Internet access taxes is set to expire, the U.S. Senate late Thursday voted to let the prohibition live on for seven more years. The compromise bill, which was approved by a voice vote, would prohibit state and local governments from taxing any service that enables users to connect to the Internet and some related services through 2014. That's three years longer than the version passed by the House of Representatives last week. The bill won't go to the president's desk just yet. First, the House must approves the Senate's changes. Congressional aides said they were hopeful the whole process would conclude before current law's November 1 expiration date. States that already had Internet access taxes in place before the ban took effect would still be allowed to keep them. They could also tax Internet services, albeit more indirectly, if they had already enacted broad-based laws that tax a business' gross income or receipts. The approved version also addresses at least some of the concerns raised earlier Thursday by Sen. Ron Wyden (D-Ore.). Citing a Congressional Research Service memo, he said proposed changes to the scope of the ban under current law--and contained in the House bill approved last week--could unwittingly lead to taxes on e-mail, instant messaging and other Web services. The Senate's bill was modified before the vote to include a section that says states can't tax "home page electronic mail and instant messaging (including voice--and video--capable electronic mail and instant messaging), video clips, and personal electronic storage capacity, that are provided independently or not packaged with Internet access." Wyden, who first proposed the Internet tax ban in 1998, said the additional language resolves his "immediate concerns" but that he remains "concerned about the vast range of current and future services that are still exposed to the potential for taxation under this legislation." To be sure, the bill is far from a blanket ban on all Internet-related taxation. Both the House and Senate versions explicitly say the prohibition does not include "voice, audio or video programming" that charges consumers a fee--such as IPTV and subscription-based Internet phone services--and basically any other "products and services" delivered over the Internet and not specifically exempted by the bill. (The bill also does not deal with the separate question of sales tax on goods purchased online.) "I will continue to work to protect all Internet services from the web of taxation that has resulted in many telecommunications services paying tax rates as high as alcohol and tobacco," Wyden said in a statement. A number of Senate Republicans had been agitating for a permanent tax ban, but state and local officials had balked at the idea because they argue they need the freedom to revisit the need for new revenue sources as technologies develop down the line. Sens. Tom Carper (D-Del.) and Lamar Alexander (R-Tenn.), who preferred another temporary extension all along, said Thursday's compromise "is a common sense victory both for internet users and for state and local governments" and would avoid "unfunded federal mandates on states and cities." Sen. John Sununu (R-N.H.), one of the most vocal proponents of a permanent ban, and Senate Minority Leader Mitch McConnell (R-Ky.) said they would continue to push for a permanent prohibition. "In the meantime, the Senate has made real progress in the name of Internet tax freedom, passing improved legislation that offers more certainty for this national and global communication network," Sununu said in a statement after the vote. From rforno at infowarrior.org Fri Oct 26 19:01:01 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 15:01:01 -0400 Subject: [Infowarrior] - NAS Report on Open Research Message-ID: (c/o SecrecyNews) Poorly considered security restrictions on unclassified research and limits on foreign scientists' access to U.S. laboratories could erode U.S. scientific and engineering prowess, a recent report from the National Academy of Sciences concluded. "The success of U.S. science and engineering has been built on a system of information sharing and open communication, not only among U.S. institutions, but also with the international science and technology communities." "Given the current diminishing rates of new scientific and engineering talent in the United States ... the size of the U.S. research and development effort cannot be sustained without a significant and steady infusion of foreign nationals," the report said. See "To Maintain National Security, U.S. Policies Should Continue to Promote Open Exchange of Research," NAS news release, October 18: http://www8.nationalacademies.org/onpinews/newsitem.aspx?RecordID=12013 From rforno at infowarrior.org Fri Oct 26 19:03:20 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 15:03:20 -0400 Subject: [Infowarrior] - US tops "dirty dozen" of spam-relaying countries Message-ID: US tops "dirty dozen" of spam-relaying countries by a landslide By David Chartier | Published: October 26, 2007 - 11:55AM CT http://arstechnica.com/news.ars/post/20071026-us-tops-dirty-dozen-of-spam-re laying-countries-by-a-landslide.html Critics of the inadequacy of antispam legislation like the 2003 CAN-SPAM Act have more tinder for the fire this week, thanks to a new report from security firm Sophos. The report, which ranks the top twelve countries by the sheer amount of spam they relay, places the US in the number one spot for the third quarter of 2007, sending more than 28 percent of the world's spam. In other words, that's 500 percent more than its nearest competitor, South Korea, which came in at 5.2 percent. It appears that, despite claims from the FTC and Microsoft and a slew of high-profile spam convictions, the US still has a ways to go in the war on spam. While arrests of key spammers are good, a more significant aspect of the spam equation has become the compromised zombie botnets that many smaller spammers use to send the bulk of spam. "The only way we're going to reduce the problem," said Carole Theriault, senior security consultant at Sophos, "is if US authorities invest a lot more in educating computer users of the dangers, while ensuring ISPs step up their monitoring efforts to identify these compromised machines as early as possible." Therlault also praised Canada's success in cracking down on spam, recommending that the US take a few hints from its northerly neighbor's playbook. Canada's Anti-Spam Action Plan of 2004 so far seems to be successful by urging businesses and ISPs to crack down on spam (after all, the country is nowhere to be seen on Sophos' list). One effective measure for ISPs is to simply cut off infected machines from the Internet, or at least block port 25 to prevent e-mail clients from doing their damage. Comcast has had success blocking port 25, as it knocked out 35 percent of its spam relaying in just a month. For the position of the United States to improve on Sophos's dirty dozen list, the country will have to do more than hide behind a highly-publicized law to get the job done. Requiring the segregation of harvested machines and educating careless owners are likely the best (and proven) ways to start cornering spammers into a realm of irrelevance. Passing new laws certainly could, in theory, plug some of the holes left open by CAN-SPAM, but we're going to need more actions than words given that we're already very late to Bill Gates' "spam will be gone by 2006" party. From rforno at infowarrior.org Fri Oct 26 22:29:35 2007 From: rforno at infowarrior.org (Richard Forno) Date: Fri, 26 Oct 2007 18:29:35 -0400 Subject: [Infowarrior] - FEMA Meets the Press, Which Happens to Be . . . FEMA Message-ID: FEMA Meets the Press, Which Happens to Be . . . FEMA By Al Kamen Friday, October 26, 2007; A19 http://tinyurl.com/2up6wa FEMA has truly learned the lessons of Katrina. Even its handling of the media has improved dramatically. For example, as the California wildfires raged Tuesday, Vice Adm. Harvey E. Johnson, the deputy administrator, had a 1 p.m. news briefing. Reporters were given only 15 minutes' notice of the briefing, making it unlikely many could show up at FEMA's Southwest D.C. offices. They were given an 800 number to call in, though it was a "listen only" line, the notice said -- no questions. Parts of the briefing were carried live on Fox News (see the Fox News video of the news conference carried on the Think Progress Web site), MSNBC and other outlets. Johnson stood behind a lectern and began with an overview before saying he would take a few questions. The first questions were about the "commodities" being shipped to Southern California and how officials are dealing with people who refuse to evacuate. He responded eloquently. He was apparently quite familiar with the reporters -- in one case, he appears to say "Mike" and points to a reporter -- and was asked an oddly in-house question about "what it means to have an emergency declaration as opposed to a major disaster declaration" signed by the president. He once again explained smoothly. FEMA press secretary Aaron Walker interrupted at one point to caution he'd allow just "two more questions." Later, he called for a "last question." "Are you happy with FEMA's response so far?" a reporter asked. Another asked about "lessons learned from Katrina." "I'm very happy with FEMA's response so far," Johnson said, hailing "a very smoothly, very efficiently performing team." "And so I think what you're really seeing here is the benefit of experience, the benefit of good leadership and the benefit of good partnership," Johnson said, "none of which were present in Katrina." (Wasn't Michael Chertoff DHS chief then?) Very smooth, very professional. But something didn't seem right. The reporters were lobbing too many softballs. No one asked about trailers with formaldehyde for those made homeless by the fires. And the media seemed to be giving Johnson all day to wax on and on about FEMA's greatness. Of course, that could be because the questions were asked by FEMA staffers playing reporters. We're told the questions were asked by Cindy Taylor, FEMA's deputy director of external affairs, and by "Mike" Widomski, the deputy director of public affairs. Director of External Affairs John "Pat" Philbin asked a question, and another came, we understand, from someone who sounds like press aide Ali Kirin. Asked about this, Widomski said: "We had been getting mobbed with phone calls from reporters, and this was thrown together at the last minute." But the staff did not make up the questions, he said, and Johnson did not know what was going to be asked. "We pulled questions from those we had been getting from reporters earlier in the day." Despite the very short notice, "we were expecting the press to come," he said, but they didn't. So the staff played reporters for what on TV looked just like the real thing. "If the worst thing that happens to me in this disaster is that we had staff in the chairs to ask questions that reporters had been asking all day, Widomski said, "trust me, I'll be happy." Heck of a job, Harvey From rforno at infowarrior.org Sat Oct 27 13:57:01 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Oct 2007 09:57:01 -0400 Subject: [Infowarrior] - Shoe-bombers, redux Message-ID: Terrorists Could Fill Flask Sandals with Bombs not Booze, Cops and ABC News Warn By Ryan Singel EmailOctober 26, 2007 | 4:47:52 PMCategories: Threats An unnamed, regional anti-terrorism agency is warning that a sandal with a hidden alcohol compartment in its heel isn't just for Jimmy Buffett-types wanting to get bombed -- in fact, the specialized beach footwear would be a bomb on the shoes of terrorists, according to a rather breathless report from the ABC News' generally excellent The Blotter. < - > http://blog.wired.com/27bstroke6/2007/10/terrorists-coul.html From rforno at infowarrior.org Sat Oct 27 14:17:03 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Oct 2007 10:17:03 -0400 Subject: [Infowarrior] - Apple Imposes New Limits on iPhone Sales Message-ID: Apple Imposes New Limits on iPhone Sales Friday October 26, 8:48 pm ET Apple Imposes New Limits on iPhone Sales to Crack Down on Unauthorized Resellers http://biz.yahoo.com/ap/071026/apple_iphone.html?.v=2 SAN JOSE, Calif. (AP) -- Apple Inc. no longer accepts cash for iPhone purchases and now limits sales of the cell phone to two per person in a move to stop people from reselling them. The new policy started Thursday, said Apple spokeswoman Natalie Kerris. Before then, there was no cash restriction and the purchase limit was five per person. "Customer response to the iPhone has been off the charts, and limiting iPhone sales to two per customer helps us ensure that there are enough iPhones for people who are shopping for themselves or buying a gift," Kerris said. "We're requiring a credit or debit card for payment to discourage unauthorized resellers." More than 1.4 million units of the hybrid cell phone-iPod have been sold since it debuted on June 29, according to Apple. It is expected to be a hot gift for the holidays. Apple thinks some people already have purchased multiple iPhones to resell, including those looking to modify, or "unlock," the phones so they work on networks other than Apple's carrier partner in the United States, AT&T Inc. Apple estimates that buyers of 250,000 of the iPhones sold so far intended to unlock them, Apple's chief operating officer Tim Cook said in a conference call with analysts this week. Apple's attempts to prevent that "unlocking" activity, which included a software update that blocked the workarounds hackers had developed, have frustrated users -- and sparked two lawsuits. From rforno at infowarrior.org Sat Oct 27 14:24:39 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Oct 2007 10:24:39 -0400 Subject: [Infowarrior] - House Panel Reveals Whistleblower Email Addresses Message-ID: D'Oh: House Panel Screw-Up Reveals Whistleblower Email Addresses By Paul Kiel - October 26, 2007, 10:07PM Here's a whoops with a capital W. This summer the House Judiciary Committee launched an effort to collect tips from would-be whistleblowers in the Justice Department. The U.S. attorney firings scandal had shown that much was amiss in the Department, and with the danger of retaliation very real, the committee had set up a form on the committee's website for people to blow the whistle privately about abuses there. Although the panel said it would not accept anonymous tips, it assured those who came forward that their identity would be held in the "strictest confidence." But in an email sent out today, the committee inadvertently sent the email addresses of all the would-be whistleblowers to everyone who had written in to the tipline. The committee email was sent to tipsters who had used the website form, including presumably whistleblowers themselves, and all of the recipients of the email were accidentally included in the "to:" field -- instead of concealing those addresses with a so-called blind carbon copy or "bcc:". Only the email addresses were exposed; none of the names or other identifying information of the whistleblowers was revealed. The blunder, however, was noticed by a number of people who had used the website form and received today's email. One disgruntled recipient replied to the entire list of whistleblowers angrily complaining about the snafu; two others forwarded the committee email to TPMmuckraker with similar complaints. Compounding the mistake, the committee later sent out a second email attempting to recall the original email; it, too, included all recipients in the "to:" field, according to a recipient of the emails. A committee spokesperson emailed the following statement in response to TPMmuckraker's questions: < - > http://www.tpmmuckraker.com/archives/004576.php From rforno at infowarrior.org Sat Oct 27 14:27:32 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Oct 2007 10:27:32 -0400 Subject: [Infowarrior] - The Home Video Prince Doesn't Want You to See Message-ID: ABC News The Home Video Prince Doesn't Want You to See Pa. Mom Fights Back With Lawsuit Against Music Company By JIM AVILA, CHRIS FRANCESCANI and MARY HARRIS ABC News Law & Justice Unit Oct. 26, 2007 ? A bouncing YouTube baby has be-bopped his way right into the legal cross-hairs of the pop star Prince, sparking a lawsuit that could test the boundaries of U.S. copyright law. Holden Lenz, 18 months old, is the pajama-clad star of a 29-second home movie shot by his mother in the family's rural Pennsylvania kitchen and posted last February on the popular video site YouTube. In the video, the child is seen bouncing and swaying for the camera, as, faintly, the Prince hit "Let's Go Crazy" plays on a CD player in the background. Twenty eight people, mostly friends and family, had viewed the YouTube video by June, when mom Stephanie Lenz said she received an e-mail from YouTube informing her that her video had been removed from the site at the request of Universal Music Publishing Group, the recording industry's largest label, and warning her that future copyright infringements on her part could force the Web site to cancel her account. 'Frightened, Then Angry' "All of my [YouTube] videos are home videos, so I thought it was some kind of scam,'' Lenz told ABC News' Law & Justice Unit. When she realized YouTube had actually taken her video down, she said she was shocked. "At first it frightened me, because I saw who had filed'' the takedown notice, she said. "It was Universal Music Publishing Group, and I was afraid that ... they might come after me. ... And the more afraid I got, the angrier I got. ... I was afraid that the recording industry might come after me the way they've come after other people for downloading music or file sharing. "I thought even though I didn't do anything wrong that they might want to file some kind of suit against me, take my house, come after me. "And I didn't like feeling afraid,'' she continued. "I didn't like feeling that I could get in trouble for something as simple as posting a home video for my friends and family to see." Lenz filed a "counter-notice" with YouTube, and the Web site put her video back up about six weeks later. < - big snip - > http://abcnews.go.com/print?id=3777651 From rforno at infowarrior.org Sat Oct 27 18:10:23 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Oct 2007 14:10:23 -0400 Subject: [Infowarrior] - FEMA PR director quits; heads to ODNI Message-ID: EXCLUSIVE: FEMA Director of External Affairs Exits Amidst PR Scandal; Lands at ONDI October 27th, 2007 http://tinyurl.com/2gyavd Just three days after FEMA is outed for a staging a fake press conference, its Director of External Affairs John ?Pat? Philbin lands an ?amazing opportunity to head the communications shop at ONDI,? according to FEMA?s press secretary Aaron Walker (via email to PRNewser). Philbin and Walker were among the staffers asking questions at the press conference which was carried live by the cable networks. The the agency quickly apologized. More details as they come in. From rforno at infowarrior.org Sat Oct 27 23:59:49 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sat, 27 Oct 2007 19:59:49 -0400 Subject: [Infowarrior] - DHS strikes deal with New York on driver's licenses Message-ID: newsday.com/news/local/wire/newyork/ny-bc-ny--immigrantdrivers1027oct27,0,77 62224.story Newsday.com Homeland Security strikes deal with New York on driver's licenses By DEVLIN BARRETT Associated Press Writer 3:17 PM EDT, October 27, 2007 WASHINGTON The Bush administration and New York cut a deal Saturday to create a new generation of super-secure driver's licenses for U.S. citizens, but also allow illegal immigrants to get a version. New York is the fourth state to reach such an agreement on federally approved secure licenses, after Arizona, Vermont and Washington. The issue is pressing for border states, where new and tighter rules are soon to go into effect for crossings. The deal comes about one month after New York Gov. Eliot Spitzer announced a plan whereby illegal immigrants with a valid foreign passport could obtain a license. Saturday's agreement with the Homeland Security Department will create a three-tier license system in New York. It is the largest state to sign on so far to the government's post-Sept. 11 effort to make identification cards more secure. Spitzer, who has faced much criticism on the issue, said the deal means New York "will usher in the most secure licensing system in the nation." Homeland Security Secretary Michael Chertoff said he was not happy that New York intended to issue IDs to illegal immigrants. But he said there was nothing he could do to stop it. "I don't endorse giving licenses to people who are not here legally, but federal law does allow states to make that choice," Chertoff said. "It's going to be a big deal up in Buffalo, it's going to be a big deal on the Canadian side of the border," Chertoff said. The governor made clear he is going forward with his plan allowing licenses for illegal immigrants. But advocates on both sides of the debate said Spitzer had caved to pressure by adopting the administration's stance on tighter security standards for most driver's licenses. GOP Rep. Thomas Reynolds, who represents the Buffalo suburbs, said he was glad Washington had heeded his concerns about border identification. But he said he feared that Spitzer "is taking this state down a risky path" by giving any kind of license to illegal immigrants. Under the compromise, New York will produce an "enhanced driver's license" that will be as secure as a passport. It is intended for people who soon will need to meet such ID requirements, even for a short drive to Canada. A second version of the license will meet new federal standards of the Real ID Act. That law is designed to make it much harder for illegal immigrants or would-be terrorists to obtain licenses. A third type of license will be available to undocumented immigrants. Spitzer has said this ID will make the state more secure by bringing those people "out of the shadows" and into American society, and will lower auto insurance rates. Those licenses will be clearly marked to show they are not valid federal ID. Officials, however, would not say whether that meant local law enforcement could use such a license as probable cause to detain someone they suspected of being in the U.S. illegally. "Besides being a massive defeat for the governor, I can't imagine many _ if any _ illegal immigrants coming forward to get the driver's licenses, because they'd basically be labeled as illegal," said New York Rep. Peter King, the top Republican on the House Homeland Security Committee. New York has between 500,000 and 1 million undocumented immigrants, many of whom are driving without a license and car insurance or with fake driver's licenses, Spitzer said in September when he announced his executive order. The administration has not finalized standards for Real ID-compliant driver's licenses. Spitzer said he believed the new licenses would meet those standards or come very close. Many states say it is too expensive to comply with the law; seven of them have passed legislation opposing Real ID. Neither the governor nor Chertoff would say how much it would cost to put the system in place or who would pay for it. Donna Lieberman, executive director of the New York Civil Liberties, said Spitzer's move effectively revives a faltering ID program. "The governor's stunning lack of courage is aiding the Bush administration in clamping down on civil liberties," Lieberman said. ___P> On the Net: Homeland Security Department background on Real ID: http://tinyurl.com/yoeo9w N.Y. Governor's Office: http://www.ny.gov/governor/ Copyright ? 2007, The Associated Press From rforno at infowarrior.org Sun Oct 28 15:02:25 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Oct 2007 11:02:25 -0400 Subject: [Infowarrior] - Telecom amnesty update In-Reply-To: Message-ID: (c/o IP) SATURDAY OCTOBER 27, 2007 08:32 EST Telecom amnesty update http://www.salon.com/opinion/greenwald/2007/10/27/amnesty/index.html Several developments over the past few days demonstrate real progress in the effort to stop telecom amnesty. This Newsweek article by Michael Isikoff and Mark Hosenball details the efforts triggered by bloggers, along with MoveOn, to stop the bill, led by Chris Dodd: A White House campaign to win quick passage of a major surveillance bill has hit a new snag in recent days: four Democratic presidential candidates have signaled their intention to oppose the measure as it is currently written. Sen. Chris Dodd of Connecticut took the lead last week when he vowed to filibuster a version of the bill overwhelmingly approved by the Senate Intelligence Committee. . . . In a statement blasting the program as "unconscionable," Dodd said he would "do everything in my power to stop Congress from shielding this president's agenda of secrecy, deception, and blatant unlawfulness." No sooner had Dodd issued his statement than MoveOn.org -- along with leading liberal bloggers such as DailyKos -- launched their own campaign to pressure other Democratic presidential candidates to commit to the same position. In mass e-mails, MoveOn urged its supporters to call other Democratic senators running for president and encourage them to back a filibuster of the bill. Dodd's campaign reported $200,000 in new donations in the first 36 hours after he issued his filibuster threat. By Wednesday, at least two other candidates -- Sens. Barack Obama and Joe Biden -- had joined with Dodd in pledging to oppose any surveillance bill that includes immunity for the telecoms. Sen. Hillary Clinton, the Democratic front runner, released a more equivocal statement, saying she was "troubled by the concerns" raised about the bill and pledging to "study it very hard." The statement continued: "As matters stand now, I could not support it and I would support a filibuster absent additional information coming forward that would convince me differently." That all demonstrates emerging and increasingly effective anti- amnesty positions from everyone in the Democratic field -- except one. As Matt Stoller noted, even the New York Daily News, in the course of criticizing efforts to derail telecom amnesty, mocked Clinton for her nonsensical statement about whether she would filibuster. Demonstrating the increasing significance of these efforts, Chris Dodd has now been invited to appear this Sunday on Meet the Press, where he will be the only guest for the entire hour. His stance in defending the Constitution generally, and his specific efforts to stop telecom amnesty and warrantless eavesdropping, will undoubtedly be a major topic (see Dodd's superb Senate floor speech this week on these issues here). The letter-petition to Harry Reid and the Senate Judiciary Committee -- co-written and co-signed by several bloggers along with groups such as the ACLU, EFF, MoveOn, Color of Change, Center for National Security Studies and Working Assets -- is here, and I'd encourage you to sign it (here) as but the very first step in the campaign to stop telecom amnesty. Reid is going to be the key target -- and the key problem -- here, as is evident from the quote he gave to Newsweek: But the maneuvering by the contenders -- and the role played by MoveOn -- also raised concerns among senior Democrats on Capitol Hill that presidential politics might impede efforts to reach a compromise on such a sensitive and important national-security measure. "We need to get things done on this bill," Senate Majority Leader Harry Reid told reporters Tuesday. That's brilliant. George Bush continuously decrees: "Give me everything I want on this bill or I will veto it." In response, Harry Reid says: "I'm very upset by people trying to delay or stop this because the only thing that matters is that we get a deal." To Reid, apparently, it doesn't matter what the terms are of the deal they reach or how much they give in to the White House. All that matters is that he deliver something to the White House -- like a good boy -- that makes George Bush sufficiently happy to sign. It is possible that Reid means something else -- i.e., that he only wants to ensure that the Senate pass something to send to Bush, regardless of whether it meets all of Bush's demands (including amnesty) -- but only time will tell. As things stand, the FISA bill is currently in the Senate Judiciary Committee where Chairman Pat Leahy, at least thus far, is reportedly committed to stripping the amnesty provision out of the bill. Having this bill come to the floor without amnesty in it would force the Republicans to offer it as an amendment and would mean they would need 60 votes specifically in favor of amnesty in order to put it back in (because Dodd would filibuster any such amendment). That is much harder to accomplish than having the bill reach the floor with amnesty already in it and then have to drum up 60 votes for the bill generally. Thus, the key right now is the Senate Judiciary Committee, and Dodd's website is the place to go to find out how to keep up the pressure there, completely with a current whip count of Committee members who are for or against amnesty. Finally, there seems to be this notion even among members of Congress in their more enlightened moments that amnesty ought to be considered if the White House finally agrees to show them documents -- regarding the "legal justifications" for warrantless eavesdropping and the "rationale" for the telecoms' actions -- which they have been concealing thus far. But this claim makes no sense on multiple levels. First, as Marty Lederman notes, the White House's willingness to disclose these documents in exchange for promises to vote for amnesty -- i.e., their use of these documents as political leverage -- demonstrates that there is no valid rationale, and never has been, for refusing to turn them over to Congress. Why would Congressional Democrats agree to give up something so extraordinary (telecom immunity) in exchange for the White House's "agreeing" to do what it is required in any event to do -- namely, comply with Congressional oversight demands for these documents? Secondly, as any litigator will tell you, when you allow one party in possession of all documents voluntarily to show you the ones they want -- while concealing others -- the only picture you get is a distorted, biased and one-sided picture. The only mechanism for actually getting the truth is to compel the White House to turn over all documents, not to have Senators make a pilgrimage to the White House to look at the ones the White House has specially selected for them. Finally, and most importantly, if it is really true that these magic documents show how innocent and reasonable were the telecoms' actions, then they will win in court. FISA and other statutes already provide immunity for them if they acted in good faith. There is no reason for Congress to put itself in the position of judge in this matter -- there already is a real judge in a real court presiding over these cases. If the secret documents which Dick Cheney is magnanimously agreeing to share are really as exculpatory as Cheney's good friend Jay Rockefeller claims, then the telecoms will win in court and all will be good in the Republic once again. The better the secret magic documents are for the telecoms, the less is the need for amnesty. Granting amnesty to telecoms all because Dick Cheney showed Congress a handful of carefully selected documents which he is required to show them anyway is nothing more than an exercise in deceit -- enabling Congressional Democrats to claim that they went along with amnesty only because they "forced" the administration into this meaningless "concession." If Congressional Democrats end up voting for amnesty, nobody should be the slightest bit fooled by what will be their claim that they did so only because they stood firm and "forced" the White House to show them these documents. From rforno at infowarrior.org Mon Oct 29 00:41:21 2007 From: rforno at infowarrior.org (Richard Forno) Date: Sun, 28 Oct 2007 20:41:21 -0400 Subject: [Infowarrior] - Vint Cerf leaving ICANN Message-ID: Internet Pioneer Leaves Oversight Group http://www.washingtonpost.com/wp-dyn/content/article/2007/10/28/AR2007102800 871_pf.html By ANICK JESDANUN The Associated Press Sunday, October 28, 2007; 3:38 PM NEW YORK -- In the 1970s, Vint Cerf played a leading role in developing the Internet's technical foundation. For the past seven years, he's faced the more daunting task of leading a key agency that oversees his creation. After fending off an international rebellion and planting the seeds for streamlining operations, Cerf is stepping down this week as chairman of the Internet Corporation of Assigned Names and Numbers. "My sentence is up," Cerf said with his characteristic sense of humor, which he and others credit for helping him steer the organization through several high-profile battles from which it emerged more stable and stronger. Cerf, 64, who's also a senior executive at Internet search leader Google Inc., joined ICANN in 1999, a year after its formation to oversee domain names and other Internet addressing policies. Cerf was elected chairman in 2000 and leaves the unpaid position after Friday's board meeting in Los Angeles because of term limits. When he joined the board, many questioned whether ICANN would survive. Now _ though some people still complain that ICANN is arbitrary, secretive and slow _ the focus is more on improving it than replacing it. Under Cerf, the organization withstood power struggles and ballooned in size. It also has shown signs of movement on key issues: After years of debate, for instance, it is now beginning to create mechanisms for more easily adding Internet addresses, including domain names in languages besides English. "In some respects it has gained credibility," Cerf said. "It is now part of the Internet universe as opposed to a thing that was open to some serious debate." That has been particularly so since ICANN, teaming with the U.S. diplomats, resisted efforts by China, Brazil and other developing countries to replace the group with a more U.N.-like organization over which world governments would have greater control. Among other things, ICANN critics wanted quicker action on addresses in other languages, saying the current restrictions are akin to requiring all English speakers to type in Chinese. Many foreign governments also resented the U.S. government's veto power over the Marina del Rey, Calif.-based nonprofit agency. Calls to strip ICANN _ and the United States _ of its oversight of domain names, which are key for computers to find Web sites and route e-mails, grew as world leaders gathered in Geneva for the 2003 U.N. World Summit on the Information Society. The European Union even joined by the time the summit convened again in 2005, in Tunis, Tunisia. But ICANN ultimately emerged intact. Credit goes to many people besides Cerf, yet many say he had the gravitas to meet with heads of states and senior ministers _ and tell them, "no." "He has a certain star quality," said Paul Twomey, ICANN's chief executive since 2003. "He can open a door. He can talk to anybody. He can say, `Me and my colleagues actually invented the Internet and here's how it works.' There was a lot of ignorance, and he was able to say, `It just doesn't work the way you think it works.'" Cerf tested the first Internet hookups in 1969 when he was a graduate student at UCLA. As a professor at Stanford University in the 1970s, Cerf led a team that invented the protocols, known as TCP/IP, that now serve as the Internet's basic communications tools. Known since as one of the Internet's founding fathers, Cerf continued working on Internet technology at the U.S. Defense Advanced Research Projects Agency and later developed MCI Mail, the Internet's first commercial e-mail service. Google lured him in 2005 to be its "chief Internet evangelist" and gave him an office a few doors from CEO Eric Schmidt. In 1997, then-President Clinton presented Cerf and TCP/IP co-inventor Robert Kahn the National Medal of Technology, and in 2005 President Bush gave the pair the Presidential Medal of Freedom. As ICANN chairman, Cerf has played a hands-on role, attending many committee meetings and workshops in his trademark three-piece suit, often asking questions and contributing his know-how. Jeffrey Eckhaus, a business development director at domain registration company Register.com Inc., found him "very knowledgeable about every single topic that would go on. He would really know all the ins and outs." Besides his sense of humor and his technical knowledge, Cerf brought business and administrative acumen, many ICANN participants say. He has a slew of anecdotes ready and has displayed a willingness to listen to concerns and "engage with people from heads of states down to university students," Twomey said. Now that Cerf has guided ICANN from nearly its inception through a tumultuous adolescence and into early adulthood, many believe it's time for an ICANN driven more by procedures than personality. "It doesn't demean Cerf's towering legacy to say people are ready for a change," said Milton Mueller, a Syracuse University professor and frequent ICANN critic. The short list of potential successors includes telecommunications expert Roberto Gaetano and lawyer Peter Dengate Thrush. Both have been active with ICANN, but neither has Cerf's name recognition or long-standing ties to the Internet. "The bad news is we're not going to find another Vint," said Steve Crocker, a high school classmate of Cerf's and fellow Internet pioneer. "It's equally a form of good news. We're now going to go through a period where ordinary mortals are managing things." Even with Cerf's clout, ICANN has had its share of battles. For one, a decision to reverse preliminary support for a proposed ".xxx" domain name for porn sites was criticized as arbitrary and politically influenced. During Cerf's tenure, ICANN's staff and budget have grown, permitting faster response. Its roughly 100 staff members are paid out of a $41.6 million budget for fiscal 2008, compared with about a dozen employed during fiscal 2001, when ICANN budgeted $3.78 million for operating expenses. The board and its constituency committees have reorganized numerous times in an effort to better reflect the Internet community, and minutes to private board meetings have been posted more quickly to improve transparency. Nonetheless, many critics still complain that ICANN has neither opened the decision-making process enough nor acted as quickly as it should on issues like adding domain names _ after several years, it is just now streamlining the approval process. Few of those complaints, however, are directed at Cerf. "It would have been a lot more without Vint," said David Farber, former chief technologist for the Federal Communications Commission. "I don't have warm, fuzzy feelings about ICANN, but Vint is not a person you want to get into battles with. He's a nice guy. He's smart. He's reasonable to talk to." Cerf plans to disengage entirely from ICANN for at least a year, freeing him to write books and devote more time to his Google duties. "This is a very important test ICANN both must pass and will pass, that it can withstand a change of its senior management," Cerf said. "I have no hesitation at all turning this over to a new team." ? 2007 The Associated Press From rforno at infowarrior.org Mon Oct 29 12:36:39 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2007 08:36:39 -0400 Subject: [Infowarrior] - UK Minister detained at Dulles airport Message-ID: Minister detained at US airport Britain's first Muslim minister, Shahid Malik, says he is "deeply disappointed" that he was detained by airport security officials in America. The international development minister was stopped and searched at Washington DC's Dulles airport after a series of meetings on tackling terrorism. Mr Malik, MP for Dewsbury, West Yorks, had his hand luggage checked for explosives when returning to Heathrow. He said the same thing happened to him at JFK airport in New York last year. On that occasion he had been a keynote speaker at an event organised by the Department of Homeland Security (DHS), alongside the FBI and Muslim organisations, to talk about tackling extremism and defeating terrorism. 'Respect needed' Mr Malik said he had received numerous apologies and assurances from the US authorities after that incident. But he was again searched and detained by DHS officials on Sunday. Mr Malik said two other Muslims were also detained. "I am deeply disappointed," he said. "The abusive attitude I endured last November I forgot about and I forgave, but I really do believe that British ministers and parliamentarians should be afforded the same respect and dignity at USA airports that we would bestow upon our colleagues in the Senate and Congress. "Obviously, there was no malice involved but it has to be said that the USA system does not inspire confidence." Are you a Muslim who has been detained in an American airport? Did you think it was justified? Send us your comments using the form below Story from BBC NEWS: http://news.bbc.co.uk/go/pr/fr/-/1/hi/england/west_yorkshire/7066944.stm Published: 2007/10/29 08:52:11 GMT ? BBC MMVII From rforno at infowarrior.org Mon Oct 29 13:24:13 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2007 09:24:13 -0400 Subject: [Infowarrior] - F.C.C. Set to End Sole Cable Deals for Apartments Message-ID: (from the NYT) F.C.C. Set to End Sole Cable Deals for Apartments By STEPHEN LABATON WASHINGTON, Oct. 28 ?The Federal Communications Commission, hoping to reduce the rising costs of cable television, is preparing to strike down thousands of contracts this week that gave individual cable companies exclusive rights to provide service to an apartment building, the agency?s chairman says. The new rule could open markets across the country to far-ranging competition. It would also be a huge victory for Verizon Communications and AT&T, which have challenged the cable industry by offering their own video services. The two companies have lobbied aggressively for the provision. They have been supported in their fight by consumer groups, satellite television companies and small rivals to the big cable providers. Commission officials and consumer groups said the new rule could significantly lower cable prices for millions of subscribers who live in apartment buildings and have had no choice in selecting a company for paid television. Government and private studies show that when a second cable company enters a market, prices can drop as much as 30 percent. The change, which is set to be approved Wednesday, is expected to have a particular effect on prices for low-income and minority families. They have seen cable prices rise about three times the rate of inflation over the last decade. A quarter of American households live in apartment buildings housing 50 or more residents, but 40 percent of households headed by Hispanics and African-Americans live in such buildings. ?Exclusive contracts have been one of the most significant barriers to competition,? Kevin J. Martin, chairman of the commission, said in an interview. Cable prices have risen ?about 93 percent in the last 10 years,? he said. ?This is a way to introduce additional competition, which will result in lower prices and greater innovation.? The decision is the latest in a series of actions by the commission under Mr. Martin to put pressure on cable companies to lower their rates and make their markets more competitive. In December, in a 3-to-2 decision, the commission approved a proposal by Mr. Martin to force municipalities to accelerate the local approval process for the telephone companies to enter new markets. The phone companies had asserted that many municipalities had been delaying approvals, often in the face of cable industry lobbying. < - > http://tinyurl.com/26qp2c From rforno at infowarrior.org Mon Oct 29 13:26:29 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2007 09:26:29 -0400 Subject: [Infowarrior] - OpEd: The Wiretap This Time Message-ID: Op-Ed Contributor The Wiretap This Time By STUDS TERKEL Published: October 29, 2007 http://www.nytimes.com/2007/10/29/opinion/29terkel.html EARLIER this month, the Senate Intelligence Committee and the White House agreed to allow the executive branch to conduct dragnet interceptions of the electronic communications of people in the United States. They also agreed to ?immunize? American telephone companies from lawsuits charging that after 9/11 some companies collaborated with the government to violate the Constitution and existing federal law. I am a plaintiff in one of those lawsuits, and I hope Congress thinks carefully before denying me, and millions of other Americans, our day in court. During my lifetime, there has been a sea change in the way that politically active Americans view their relationship with government. In 1920, during my youth, I recall the Palmer raids in which more than 10,000 people were rounded up, most because they were members of particular labor unions or belonged to groups that advocated change in American domestic or foreign policy. Unrestrained surveillance was used to further the investigations leading to these detentions, and the Bureau of Investigation ? the forerunner to the F.B.I. ? eventually created a database on the activities of individuals. This activity continued through the Red Scare of the period. In the 1950s, during the sad period known as the McCarthy era, one?s political beliefs again served as a rationale for government monitoring. Individual corporations and entire industries were coerced by government leaders into informing on individuals and barring their ability to earn a living. I was among those blacklisted for my political beliefs. My crime? I had signed petitions. Lots of them. I had signed on in opposition to Jim Crow laws and poll taxes and in favor of rent control and pacifism. Because the petitions were thought to be Communist-inspired, I lost my ability to work in television and radio after refusing to say that I had been ?duped? into signing my name to these causes. By the 1960s, the inequities in civil rights and the debate over the Vietnam war spurred social justice movements. The government?s response? More surveillance. In the name of national security, the F.B.I. conducted warrantless wiretaps of political activists, journalists, former White House staff members and even a member of Congress. Then things changed. In 1975, the hearings led by Senator Frank Church of Idaho revealed the scope of government surveillance of private citizens and lawful organizations. As Americans saw the damage, they reached a consensus that this unrestrained surveillance had a corrosive impact on us all. In 1978, with broad public support, Congress passed the Foreign Intelligence Surveillance Act, which placed national security investigations, including wiretapping, under a system of warrants approved by a special court. The law was not perfect, but as a result of its enactment and a series of subsequent federal laws, a generation of Americans has come to adulthood protected by a legal structure and a social compact making clear that government will not engage in unbridled, dragnet seizure of electronic communications. The Bush administration, however, tore apart that carefully devised legal structure and social compact. To make matters worse, after its intrusive programs were exposed, the White House and the Senate Intelligence Committee proposed a bill that legitimized blanket wiretapping without individual warrants. The legislation directly conflicts with the Fourth Amendment of the Constitution, requiring the government to obtain a warrant before reading the e-mail messages or listening to the telephone calls of its citizens, and to state with particularity where it intends to search and what it expects to find. Compounding these wrongs, Congress is moving in a haphazard fashion to provide a ?get out of jail free card? to the telephone companies that violated the rights of their subscribers. Some in Congress argue that this law-breaking is forgivable because it was done to help the government in a time of crisis. But it?s impossible for Congress to know the motivations of these companies or to know how the government will use the private information it received from them. And it is not as though the telecommunications companies did not know that their actions were illegal. Judge Vaughn Walker of federal district court in San Francisco, appointed by President George H. W. Bush, noted that in an opinion in one of the immunity provision lawsuits the ?very action in question has previously been held unlawful.? I have observed and written about American life for some time. In truth, nothing much surprises me anymore. But I always feel uplifted by this: Given the facts and an opportunity to act, the body politic generally does the right thing. By revealing the truth in a public forum, the American people will have the facts to play their historic, heroic role in putting our nation back on the path toward freedom. That is why we deserve our day in court. Studs Terkel is the author of the forthcoming ?Touch and Go: A Memoir.? From rforno at infowarrior.org Mon Oct 29 16:03:01 2007 From: rforno at infowarrior.org (Richard Forno) Date: Mon, 29 Oct 2007 12:03:01 -0400 Subject: [Infowarrior] - Comcast's "We Don't Throttle BitTorrent" Internal Talking Points Message-ID: Comcast's "We Don't Throttle BitTorrent" Internal Talking Points Memo http://tinyurl.com/2ylbnf From rforno at infowarrior.org Tue Oct 30 12:02:20 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2007 08:02:20 -0400 Subject: [Infowarrior] - Cyber Warriors In-Reply-To: Message-ID: http://www.govexec.com/dailyfed/1007/102907ol.htm Cyber Warriors By Neil Munro National Journal October 29, 2007 SAN ANTONIO -- Deep in the heart of cyberspace, something new called a Network Warfare and Ops Squadron fights battles 24/7 from a building in a nondescript office park here at Lackland Air Force Base. At one end of the room, a crew monitors the cyberspace highways for the first signs of a hacker infiltration, spreading virus, or network-jamming wave of spam. A second crew rapidly investigates every problem and scrambles other crews to counter each incursion with an armory of specialized software. And all of it is under the watchful eyes of a pyramid of officers and officials that ascends through the departments of Defense, Homeland Security, and Justice and eventually into the Oval Office. Every day, every hour, the squadron reacts to myriad trivial or significant attacks on some of the 650,000 computers that allow the Air Force to pay its personnel, manage day care centers, buy fuel, direct fighter-bombers in Iraq and Afghanistan, and launch nuclear-tipped missiles should the order ever come. But this squadron is very different from the traditional units of leather-jacketed, death-defying pilots soaring through the wild blue yonder. These warriors are mostly office-dwelling private contractors whose skills and actions are bound by a complicated tangle of software and U.S. law rather than the laws of aerodynamics and the limits of physical courage. Yet, these "airmen" play an increasingly important role in the Air Force and the Defense Department, because warfare has spread into cyberspace, just as it long ago spread into air and space. That's why the Air Force has tapped Maj. Gen. William Lord to assemble the Air Force Cyberspace Command by next October, whose job will be to recruit, equip, and train a new corps of cyber-warriors perpetually ready to protect military networks from whatever threats emerge. The new command, Lord said, must also prepare for an offensive role -- to infiltrate or wreck enemy networks and to manipulate enemy leaders, should that action ever be ordered by the president. One goal, he said, is to give future presidents the ability to deter cyber-attacks. The ability to say, "We're not going to blow up your cities, we're going to melt your cities," or at least their electronic infrastructures, can help counter cyber-attacks, Lord said. "It doesn't have to be a weapon that ever gets used," he added. The Air Force already has individual air and space commands, and "this makes sense for them in a lot of ways," said James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies. "Instead of blowing up power plants, they could get them to stop working" using cyber-warfare, he said. The command will also help the Air Force compete with the other armed services for funding and leadership slots in future cyber-warfare commands, said Mark Rasch, a managing director at FTI, a D.C.-based cyber-security firm. These days, the Air Force isn't playing a prominent combat role in Afghanistan or Iraq, partly because few bombers are needed but also because the Army and Marines have developed their own smart missiles and unmanned surveillance aircraft. And the Navy has established the Naval Network Warfare Command in Norfolk, Va., which focuses on naval "information warfare." The Air Force's cyber-command, Rasch said, "is an attempt to establish a pre-eminent, if not dominant, role in a new arena for war." The command will be a natural development for the Air Force, he said, much like the service's earlier electronic-warfare capabilities and space satellites. In recent months, U.S. officials said they have seen a sharp increase in efforts by hackers, backed by foreign governments, to infiltrate or damage U.S. and other allied information networks. A particular concern is that a government might plant damaging software -- "malware" -- inside a network, or even in new mass-produced computer components. The malware would then surreptitiously send data back to its creators, or even damage the host network during a war or other crisis. In 2006, hackers -- likely backed by the Russian government -- launched a wave of Internet-jamming attacks that crippled the government of Estonia. Also, Beijing is believed to have helped Chinese hackers infiltrate computer networks at the Pentagon and in government offices in Berlin, London, and Paris, according to computer-security experts. Many of these cyber-attacks are monitored, and some are countered, at Lackland, where lunch-table conversations are "a lot of geekspeak" as the contractors, many of them former military members, cooperate and compete to identify new security threats, said Maj. Carl Grant, the commander of Lackland's 33rd Network Warfare Squadron. In 2006, the crews identified and dissected 29 "validated incidents" from among the hundreds of thousands of suspicious events visible on the networks, he said. "We're not arrogant enough to believe that we caught everything," Grant added. The contractors don't live the regimented lives of military personnel, and they don't wear uniforms. But they all have to pass security and background checks. "We have to entrust them with the keys to all of the information on the networks," said Col. Mark Kross, who commands the 26th Network Operations Group, which includes Grant's squadron. Lord's emerging Cyberspace Command is expected to include the Lackland operation and other classified programs as well as exotic aircraft, such as the U2 spy plane, EC-135 electronic-eavesdropping aircraft, EC-130E Commando Solo radio-broadcasting plane, and the EC-130H Compass Call radio-jamming aircraft. Its headquarters will likely consist of several hundred staff overseeing perhaps 20,000 Air Force personnel. They will include software experts, lawyers, electronic-warfare and satellite specialists, and behavioral scientists, Lord said. "You have to reach out to a different kind of recruit," he noted. The command will not direct combat operations, Lord said, but will supply capabilities to the Pentagon's combat commands, such as U.S. Strategic Command and U.S. Central Command, which operate under the direction of the White House. Technically, the armed services do not initiate warfare; they assemble and train forces for use by the combat commanders and the president. Over time, who does what in cyberspace warfare will be decided after debate among government officials, the services, private contractors, and advocates, Lord said. "It's a dialogue we'll end up having." But that debate is already quite advanced. In 2002, for example, President Bush and Congress gave the new Homeland Security Department -- not the Pentagon -- the task of defending the government's civilian computer networks. Industry, meanwhile, greets these developments with a great deal of caution and skepticism. Generally, industry officials are reluctant to see government playing a role in the management of the Internet, which is now so vital for their business operations. For more than a decade, they have lobbied hard against online wiretaps, government-mandated hacker defenses, and making companies legally liable for cyber-security failures. The latest dispute emerged after a Chinese company announced it wanted to buy a minority share in 3Com, a Marlborough, Mass.-based company that supplies anti-hacker software to American companies, and some Air Force contractors. The federal government's Committee on Foreign Investments in the United States is now reviewing the proposed purchase. Industry executives are winning most of these policy battles, in part because much of the public, along with civil libertarians, don't want government officials -- especially the military -- to regulate their use of the Internet. That's why a future U.S. Internet Command is unlikely, and why the White House has instead helped to establish cooperative government-industry centers to counter security threats to banks, electric power companies, railroads, and other vital industrial sectors. "We're continuously reaching out to the private sector because the private sector owns and operates [90 percent] of the critical infrastructure," said Gregory Garcia, the assistant secretary for cyber-security and telecommunications at the Homeland Security Department. "DHS has the authority and credibility, and the trust of the private sector and other [civilian] agencies to help coordinate a national strategy for the protection of cyberspace." The Defense Department, in contrast, and its subordinate services will mainly be tasked with protecting military networks, even if they do sometimes share resources with DHS, Garcia said. "We do recognize we are certainly facing a lot of the same threats and vulnerabilities, so it behooves us to work together," he added. For example, the Estonian government, as a member of the North Atlantic Treaty Organization, asked the Pentagon for aid when the hackers jammed its networks in 2006. In turn, the Pentagon alerted its subordinate units and also coordinated with DHS and U.S. industry to respond, Garcia pointed out. "Together, we did a high-speed, real-time analysis of what was going on in the Estonian networks.... We were all on our monitors, on the phone, communicating through a variety of channels, in real time, day after day, as the attacks were happening." And Gen. Lord noted: "As the world has changed, we have changed." From rforno at infowarrior.org Tue Oct 30 12:44:51 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2007 08:44:51 -0400 Subject: [Infowarrior] - The lunacy of NBC's chief Message-ID: NBC's head Jeff Zucker continues his digital lunacy, showing that he's learned from the RIAA and MPAA efforts in this area...... http://techdirt.com/articles/20071029/195257.shtml From rforno at infowarrior.org Tue Oct 30 22:53:02 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2007 18:53:02 -0400 Subject: [Infowarrior] - Stupid Terrorism Overreaction Message-ID: Stupid Terrorism Overreaction http://www.schneier.com/blog/archives/2007/10/stupid_terroris.html Oh, the stupid: State officials have decided not to publicize their list of polling places in Pennsylvania, citing concerns that terrorists could disrupt elections in the commonwealth. [...] "The agencies agreed it was appropriate not to release the statewide list to protect the public and the integrity of the voting process," Amoros said. Information on individual polling places remains available on the state voter services Web site or by calling the state or county elections bureaus. A few days later the governor rescinded the order. From rforno at infowarrior.org Wed Oct 31 00:44:02 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2007 20:44:02 -0400 Subject: [Infowarrior] - Leopard security concerns Message-ID: Leopard with chinks in its armour A second look at the Mac OS X Leopard firewall http://www.heise-security.co.uk/articles/98120 Apple is using security in general and the new firewall in particular to promote Leopard, the latest version of Mac OS X. However, initial functional testing has already uncovered cause for concern. The most important task for any firewall is to keep out uninvited guests. In particular, this means sealing off local services to prevent access from potentially hostile networks, such as the internet or wireless networks. But a quick look at the firewall configuration in the Mac OS X Leopard shows that it is unable to do this. By default it is set to "Allow all incoming connections," i.e. it is deactivated. Worse still, a user who, for security purposes, has previously activated the firewall on his or her Mac will find that, after upgrading to Leopard, the system restarts with the firewall deactivated. In contrast to, for example, Windows Vista, the Leopard firewall settings fail to distinguish between trusted networks, such as a protected company network, and potentially dangerous wireless networks in airports or even direct internet connections. Leopard initially takes the magnanimous position of trusting all networks equally. < - much more - > Conclusion: The Mac OS X Leopard firewall failed every test. It is not activated by default and, even when activated, it does not behave as expected. Network connections to non-authorised services can still be established and even under the most restrictive setting, "Block all incoming connections," it allows access to system services from the internet. Although the problems and peculiarities described here are not security vulnerabilities in the sense that they can be exploited to break into a Mac, Apple would be well advised to sort them out pronto. Apple is showing here a casual attitude with regard to security questions which strongly recalls that of Microsoft four years ago. Back then Microsoft was supplying Windows XP with a firewall, which was, however, deactivated by default and was sometimes again deactivated when updates were installed. It was also the case that system services representing potential access points for malware were accessible via the internet interface by default. Despite years of warnings from security experts, the predominant attitude was that security must not get in the way of the great new networking functions. Then along came worms such as Lovsan/Blaster and Sasser, which rapidly infected millions of Windows computers via security vulnerabilities in system services, causing millions worth of damage. Even today, an unpatched Windows system with no active firewall will be infected within a matter of minutes. However, Microsoft has since learnt its lesson -- a serviceable firewall, activated by default, has been included since Service Pack 2. With the standard configuration, no services are accessible from the internet on a Windows system. http://www.heise-security.co.uk/articles/98120 From rforno at infowarrior.org Wed Oct 31 02:23:40 2007 From: rforno at infowarrior.org (Richard Forno) Date: Tue, 30 Oct 2007 22:23:40 -0400 Subject: [Infowarrior] - DSB Report on Software Security (PDF) In-Reply-To: Message-ID: Finally -- after years of industry experts saying this was a concern! ---rf Mission Impact of Foreign Influence on DoD Software http://www.acq.osd.mil/dsb/reports/2007-09-Mission_Impact_of_Foreign_Influen ce_on_DoD_Software.pdf From rforno at infowarrior.org Wed Oct 31 14:05:24 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2007 10:05:24 -0400 Subject: [Infowarrior] - DARPA 'PRESAGE' crystal ball Message-ID: The military wants to know before it goes Posted by Mark Rutherford http://www.news.com/8301-10784_3-9807451-7.html?part=rss&subj=news&t ag=2547-1_3-0-20 When it comes to international quagmires, it would be nice to know if the natives are restless before you send in the cavalry. Apparently, the U.S. military is not happy with the briefings it gets before being dispatched to police deadly fiascos around the world. So it is underwriting a program that will allow commanders not only to predict events and gauge stability in the countries in which they operate, but also to anticipate and respond to political crises worldwide. The Defense Advanced Research Projects Agency (DARPA) has awarded Lockheed Martin a contract to develop PRESAGE (Predicting Stability through Analyzing Germane Events), a system that will use diplomatic, military, and economic intelligence to predict, for instance, if and when a population will turn from basket-weaving to IED production. PRESAGE will forecast rebellions, insurgencies, ethnic/religious violence, civil war, and major economic crises," according to Lockheed Martin's Advanced Technology Laboratories. Then, once a crisis has been identified, the program generates a strategy or tactic to deal with it--sort of like a virtual State Department, but without the Cadillacs. The program is but one element in DARPA's Integrated Crises Early Warning System (ICEWS). The vision is to produce a computational social science model that can forecast instability and conflict in an area before it becomes a major problem for the United States. Then, on the off-chance a crisis should develop, the program will help commanders to efficiently allocate resources in "mitigating" the "stability challenge." Universities in Pennsylvania, Kansas, Washington, and Georgia are also involved, as are Innovative Decisions, Evidence Based Research, Interactive Data Visualization, and Argonne National Laboratory. "PRESAGE will combine a portfolio of state-of-the-art and operationally deployed social science models and technologies to predict events of interest and general stability indicators," Lockheed's Mark Hoffman said in a press release. "Being able to predict events with reasonable accuracy is the first step in constructing a decision-support system to aid in region stabilization." What is "reasonable accuracy"? More than 80 percent, according to the world's largest defense company. We need one of these in the Oval Office. From rforno at infowarrior.org Wed Oct 31 17:33:16 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2007 13:33:16 -0400 Subject: [Infowarrior] - Google's shares pass $700 mark Message-ID: (Disclosure: I own GOOG shares....---rf) Google's shares pass $700 mark Posted by Dawn Kawamoto http://www.news.com/8301-10784_3-9808284-7.html?part=rss&subj=news&t ag=2547-1_3-0-20 Google's shares kissed the $700 mark in early morning trading Wednesday, marking a new first for the Internet giant and its soaring stock price. Google's stock rose to more than $701 a share, following reports that it is pitching its "Gphone" to Verizon Wireless. The stock was up $4.95, or less than 1 percent, in morning trading, from its close of $694.77 on Tuesday. Just a little more than three weeks ago, Google shares passed the $600 mark and analysts were speculating its shares could climb as high as $700 within the next year. Apparently, it's been a quick year. For Google, its ride on Wall Street has been a blast since it debuted in 2004 at $85 a share. The share price has risen alongside its market share in search, as it has leaped ahead of archrival Yahoo on a number of fronts. With Google hitting the $700 mark within weeks of its previous milestone, Wall Street soothsayers may soon be setting the bar at $800 a share. And who knows--Google may have something extra to be thankful for by T-Day. From rforno at infowarrior.org Wed Oct 31 17:34:43 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2007 13:34:43 -0400 Subject: [Infowarrior] - Can bloggers be journalists? Federal court says yes Message-ID: Can bloggers be journalists? Federal court says yes By Nate Anderson | Published: October 31, 2007 - 10:32AM CT http://arstechnica.com/news.ars/post/20071031-can-bloggers-be-journalists-fe deral-court-says-yes.html When Philip Smith took to his blog to describe his (negative) experience of working with an eBay listing company, he did not expect that he would end up representing himself in a federal defamation and trademark dilution lawsuit or that he would have difficulty selling his condo after a lawyer for the plaintiffs clouded his title to the property. Now, after winning the case in spectacular fashion, Smith has emerged as an unlikely hero for bloggers everywhere who hope to be regarded as journalists. No US court has yet weighed in with authority on the debate about whether bloggers count as journalists, but the recent federal decision from South Carolina does indicate that at least some bloggers are journalists. It's not about the title, it's about the content, said Judge Henry Hurlong, Jr.; a journalist turns out to be anyone who does journalism, and bloggers who do so have the same rights and privileges under federal law as the "real" journalists. The case began when Smith blogged about his experience working with an eBay listing company called BidZirk. He had a less than satisfactory experience working with the company, and he used his article as a chance to talk about eBay listing services in general, then closed with a checklist that potential users of such services should consider. In the course of the article, he did three things that galled BidZirk's owner, Daniel Schmidt: he 1) used the BidZirk logo, 2) described Schmidt as a "yes man," and 3) linked to a picture of Schmidt and his wife. Those actions prompted claims for 1) trademark dilution under the Lanham Act, 2) defamation, and 3) invasion of privacy. Despite the federal charges, Smith elected to defend himself in court against a lawyer hired by Schmidt. The case was filed in January 2006 and went through the usual round of complaints and responses and motions. Then, in October 2006, plantiffs' attorney Kevin Elwell filed a "lis pendens" against Smith's condo, making it difficult for him to sell it. On September 17, 2007, Smith moved for summary judgment in the case and argued that the plaintiffs had no real claim against him. The BidZirk logo was protected by his status as a journalist, he argued, while the "yes man" comment was not a statement of fact. As for the picture, he had only linked to a community site. The judge agreed, and last week issued summary judgment for Smith. The most important section of the ruling is the one dealing with Smith's status as a journalist. The court admitted that it was impossible to determine in advance whether a blogger was a journalist and so used a "functional analysis" that "examines the content of the material, not the format, to determine whether it is journalism." The judge noted that Smith wrote the article in order to convey information, that he had done research in preparing it, that he addressed both positive and negative aspects of his experience, and that he provided a checklist for others to use. "The fact that Smith reports negatively about his experience with BidZirk does not dictate that the article's function or intent was not news reporting or news commentary," wrote the judge. Furthermore, he noted explicitly that "some bloggers are without question journalists." Elwell, the attorney for the plaintiffs, was sanctioned for his actions. As a "competent attorney," the court found that he should have known that what he had done was totally improper, since the case in question was not about the title to any real estate, and lawyers can't simply go clouding up the title to people's homes to ensure they get paid at the end of a case. Elwell was forced to pay $1,000 in fines directly to Smith. From rforno at infowarrior.org Wed Oct 31 17:47:22 2007 From: rforno at infowarrior.org (Richard Forno) Date: Wed, 31 Oct 2007 13:47:22 -0400 Subject: [Infowarrior] - FCC OKs cable competition for apartments Message-ID: FCC OKs cable competition for apartments By DIBYA SARKAR, AP Business Writer1 hour, 30 minutes ago http://news.yahoo.com/s/ap/20071031/ap_on_hi_te/cable_competition_fcc&printe r=1;_ylt=AqsRg19j2Md9NUwshGgcT65k24cA Federal regulators on Wednesday approved a rule that would ban exclusive agreements that cable television operators have with apartment buildings, opening up competition for other video providers that could eventually lead to lower prices. The Federal Communications Commission unanimously approved the change, which Chairman Kevin Martin said would help lower cable rates for millions of subscribers who live in apartment buildings and other multi-unit dwellings, or about 25 million households. He said the move would particularly help minorities who disproportionately live in multi-unit dwellings. "There is no reason that consumers living in apartment buildings should be locked into one service provider," he said in a statement Wednesday. The rule would prohibit cable companies, such as Comcast Corp. and Time Warner Cable Inc., from enforcing existing exclusive cable TV contracts with apartment managers and allow telecommunications companies, such as Verizon Communications Inc. and AT&T Inc., to offer video services along with high-speed Internet access and phone service. "The FCC decision will provide access to new competitive options for residents of these properties and encourages further deployment of broadband networks," Susanne Guyer, Verizon's senior vice president of federal regulatory affairs, said in a statement. But Comcast said the change is a "blow" to consumers in apartment buildings and condos and could spur litigation for years to come. "The net result is that many consumers are likely to wind up paying more for services if the FCC's interference in the competitive marketplace stands," Comcast spokeswoman Sena Fitzmaurice said in an e-mailed statement. The National Cable and Telecommunications Association did not immediately comment on the matter. The cable industry, which had previously said it is unlawful for the government to invalidate existing contracts, said the deals provide apartment residents with better pricing and service. The new FCC ruling is a reversal of its stance four years ago when it found little evidence that the contracts stifled competition. FCC commissioner Robert McDowell, who agreed with the "thrust" of the order, said the agency needs to better explain why it reversed course and indicated the order may not hold up in court. "I only wish we were giving our attorneys more legal ammunition to use to defend the agency," he said.