Saturday, October 28, 2006

We were discussing this yesterday at the Privacy Foundation seminar...

http://chronwatch.com/content/contentDisplay.asp?aid=24617&catcode=13

District Court Ruling in NSA Wiretapping Case “Hasty and Injudicious”

Written by Judicial Watch Friday, October 27, 2006

Judicial Watch Calls on U.S. Court of Appeals to Vacate Ruling

... Judicial Watch’s principle argument relates to the issue of “standing.” Given that none of the plaintiffs can demonstrate that any of their conversations were actually intercepted by the government, their injuries are merely speculative and cannot be considered by the court.

To read a copy of Judicial Watch’s Amicus Brief, please visit Judicial Watch’s Internet site, www.judicialwatch.org.



Is this the best way to point out security nonsense?

http://it.slashdot.org/article.pl?sid=06/10/27/2124231&from=rss

Congressman Calls for Arrest of Security Researcher

Posted by Zonk on Friday October 27, @06:28PM from the that's-a-pretty-cool-project dept. Security Technology Politics

Christopher Soghoian writes "Yesterday, I published a tool that allows you to Create your own boarding pass for Northwest flights. This was an attempt to document the fragile and broken state of identity/security for domestic flights in the US. Today, Congressman Markey (D-Mass) has called for my arrest."

From the ABC article: "'I don't want to help terrorists or help bad guys do bad things on airplanes, but what we have now is what we in the industry call security theater. It's made to make you think you're secure without actually making you secure,' Soghoian said. 'As a member of the academic research community, I consider this to be a public service.' Soghoian admits that he hasn't actually tried to use one of the boarding passes yet."


http://blog.wired.com/27bstroke6/

27B Stroke 6

by Ryan Singel and Kevin Poulsen Friday, 27 October 2006

FBI Says No Arrest of Boarding Pass Hacker

The controversial do-it-yourself boarding pass website run by Christoper Soghoian disappeared from the web late Friday afternoon soon after the Indiana University Ph.D. student mentioned in an instant message chat that the FBI was at his door. However, Special Agent Wendy Osborne of the FBI's Indianapolis bureau said no student had been arrested in Bloomington, Indiana today.

Earlier today, Congressman Edward Markey called on the administration to arrest Soghoian and shut down his site.

Osborne could not confirm or deny if agents visited Soghoian today, as FBI does not comment on ongoing investigations. [...but of course they did. Bob]

While the boarding pass generator, which was intended to point out flaws in airport security, is gone, other portions of Soghoian's website, dubfire.net, are still live. Soghoian's computer still registers as being online according to Google chat, indicating that the feds have not probably not confiscated his computer.

A transcript of the chat provided to Wired News shows that Soghoian said that the FBI was at his door at approximately 3:50 pm PST. He then stopped communicating via chat and is not responding to other instant messages.

Xeni Jardin at BoingBoing has more on the possible raid and background on Soghoian.

Not surprisingly, Northwest Airlines doesn't seem too happy with Christopher Soghoian's Northwest Airlines Boarding Pass Generator, according to a company statement.

Northwest Airlines is cooperating with law enforcement and government agencies on this matter. The airline determines the validity of boarding the aircraft, not the validity of gaining access beyond the TSA security checkpoint. Northwest verifies boarding passes prior to boarding through bar code scans or other methods and persons with unauthorized boarding passes cannot gain access to Northwest aircraft. If it is determined that a fraudulent boarding pass has been presented, Northwest immediately alerts the TSA and law enforcement agencies.

Previous Entries:



While we're on the topic of airport security...

http://www.nj.com/news/ledger/index.ssf?/base/news-9/1161928940141470.xml&coll=1

Screeners at Newark fail to find 'weapons'

Agents got 20 of 22 'devices' past staff

Friday, October 27, 2006 BY RON MARSICO Star-Ledger Staff

Screeners at Newark Liberty International Airport failed 20 of 22 security tests conducted by undercover U.S. agents last week, missing an array of concealed bombs and guns at checkpoints throughout the hub's three terminals, federal security officials familiar with the results said.

The tests, conducted Oct. 19 by U.S. Transportation Security Administration "Red Team" agents, also revealed significant failures by screeners to follow standard operating procedures while checking passengers and their baggage for prohibited items, said the officials, who spoke on condition of anonymity because it is against TSA policy to release covert-test results.

... He said top TSA officials have little aviation security experience and screeners are required to conduct too many tedious and obvious checks.

Like other security watchdogs, Elson advocates having the TSA take a page from Israeli aviation security by more broadly instituting behavioral profiling techniques in which travelers are asked probing questions. The TSA has developed a limited version of the program at some airports, including Newark.

Without such expanded initiatives, the TSA is "going to fail, and they do, with constant, stunning regularity," Elson said.



Is spending actually going down or just going “black?”

http://www.infoworld.com/article/06/10/27/HNitspend_1.html?source=rss&url=http://www.infoworld.com/article/06/10/27/HNitspend_1.html

Government IT spending to drop, new firm predicts

Government Futures relies on the "collective intelligence" of online participation and community to issue its reports

By Grant Gross, IDG News Service October 27, 2006

A new analysis firm using the "collective intelligence" of the government [Oxymoron alert! Bob] contracting community has predicted a 10 percent to 25 percent drop in U.S. government IT spending in the next three years.

Government Futures, using lessons from the open-source software and online wiki communities, launched Friday with its first report, saying that U.S. government IT spending will drop in the coming years because of federal budget constraints, voter skepticism about government effectiveness and new technologies that enable cross-agency collaboration.

... Government Futures' [http://governmentfutures.com/index.html ] first report, "Government 2.0: Are You Ready?" is available at the Government Futures Web site.

[Slide show and audio. http://governmentfutures.com/reports/player.html You have to ask for the PDF... Bob]



Economics 101: To increase demand, decrease prices. Once you have a monopoly, charge whatever you want.

http://www.techzonez.com/comments.php?shownews=19628

Acer: Vista is an excuse for Microsoft price increases

Posted by Reverend on 27 Oct 2006 - 19:53 GMT

Techzonez Microsoft is raising the price of its software as it prepares to launch Vista, according to one of the leading PC manufacturers, Acer.

According to Jim Wong, senior corporate vice president of the Taiwan-based company, the issue is simply that the basic home edition of Vista, Home Basic, which is available for preorder on Amazon.co.uk for 154.99 pounds ($293), is so basic that users will be forced to move to Vista Home Premium, at 189.99 pounds ($359). A Home Edition of Windows XP is currently available for 165.99 pounds, but has a recommended retail price of 176.99 pounds.

"The new (Vista) experience you hear of, if you get Basic, you won't feel it at all," Wong told PC Pro magazine. "There's no (Aero) graphics, no Media Center, no remote control."

Wong also said that the manufacturer's license for Vista Home Premium is 10 percent more expensive than for XP Home. "We have to pay more but users are not going to pay more," Wong said. This would mean an increase in the cost to PC manufacturers of 1 percent to 2 percent, according to Wong, in a business where the profit margin is around 5 percent or less.

At the top of the Vista lineup is the Ultimate Edition, which can be preordered for 325 pounds ($614) and, again, is significantly more expensive than the XP operating system it replaces. Windows XP Professional with Service Pack 2 has a recommended retail price of 289.99 pounds ($550), but is currently available for 234 pounds ($444).

News source: c|net



http://www.eweek.com/article2/0,1895,2040760,00.asp

Rutkowska: Anti-Virus Software Is Ineffective

By Ryan Naraine October 26, 2006

Q&A: Stealth malware researcher Joanna Rutkowska discusses her interest in computer security, the threat from rootkits and why the world is not ready for virtual machine technology.

Earlier this year, stealth malware researcher Joanna Rutkowska created a stir at the Black Hat Briefings when she demonstrated a way to infect Windows Vista with a rootkit and introduced Blue Pill, a new concept that uses AMD's SVM/Pacifica virtualization technology to create "100 percent undetectable malware."



I ran a project in Calif. a few years ago and on an off day offered to take my crew anywhere they wanted to go. Disneyland, Knotts Berry Farm, Sea World, etc. They chose Fry's... (Can I hire geeks or what?)

http://www.extremetech.com/article2/0,1558,2042816,00.asp?kc=ETRSS02129TX1K0000532

October 27, 2006

Fry's Electronics (Finally) Launches Online Store

By Natali T. Del Conte

Fry's Electronics has always been an impressive store in the brick and mortar sense, but somewhat lacking in their online retail presence. Until now.

Last week the company officially launched Frys.com, a domain they did not own until just this year. The site has more product, more Fry's branding, and is for the most part an online electronics store that looks set to compete with other established e-tailers like Newegg.

... Fry's is a private company that was founded in 1985 in the San Francisco Bay Area. They now have 32 electronics stores in California, Atlanta, Illinois, and Nevada. The company does not release financial information, but Forbes estimates that the store does $2.1 billion in sales per year. Valerio would not comment on what percentage of that had been from online sales.



If web mail is not checked, something is seriously wrong with your security design...

http://www.technewsworld.com/rsstory/53926.html

Web Mail in the Workplace: Another Security Threat

By John P. Mello Jr. TechNewsWorld 10/28/06 1:30 AM PT

Web mail poses an additional risk because it arrives at a user's desk without being subjected to security measures imposed on e-mail traveling through a company's internal system, [there should be a “separate but equal” review... Bob] Javier Santoyo, a senior manager at security software maker Symantec, explained. "Web mail opens up a backdoor to the organization and relies on users to prevent an exploit or infection happening on its system," he maintained.



This is similar to the device that allows you to broadcast cable TV to the other (unconnected) TVs in your house.

http://techdirt.com/articles/20061027/190610.shtml

NPR Sick Of Howard Stern Butting In; Wants FCC To Recall FM Modulators

from the interference-problems dept

A few years back, the UK decided to ban certain FM modulators such as the "iTrip" device that would let you broadcast your iPod a short distance at a low frequency on your radio, claiming that it was breaking the law that banned "pirate" radio stations -- even if it could only broadcast a few feet. Earlier this year however, a bunch of radio stations in the US started complaining that these FM modulators from both things like the iTrip and that were popular with satellite radio systems were causing problems on the road. Basically, as someone drove by with one of those modulators, the broadcast would break into other passing cars' radios. In order to make it clear what a problem this was, they talked of things like Howard Stern and gangsta rap breaking into Christian radio stations. This seemed a little silly, but at the same time, the FCC began an investigation into reports that the modulators from XM and Sirius went beyond specifications. Apparently, NPR isn't happy with the FCC's efforts so far. They conducted their own study, which found that 40% of the devices exceed FCC limits and are demanding that the FCC recall the devices. A separate study by the National Association of Broadcasters also found that more than 75% of the device exceed their power limits. It may be true that these devices exceed the set limits, but it still seems to take things a bit far to claim that "these modulators pose a significant threat" to public radio. There's nothing wrong with recalling the devices if they do exceed the set specs, but it's hardly such a threat. In fact, as the article notes, when the modulators are set to the proper levels, it's possible that the reverse happens: and NPR signals will break into people listening to Howard Stern on their satellite radio. Will that pose just as significant a threat?



http://torrentfreak.com/underage-finnish-bittorrent-admins-fined-60000-each/

Underage Finnish BitTorrent admins fined $60,000 each

Four out of eight administrators of the Finnish BitTorrent tracker “Finreactor” have been declared guilty in court and have to pay damages totalling 60,000 dollars each.

The lawsuit against Finreactor has just come to a close (Finnish report). This is believed to be only the first of many filed against the site.

Three of the four administrators found guilty are under the age of 18. It is unclear how they are going to scrape together enough money to pay their fines.

... The Keskusrikospoliisi, after getting the go-ahead from Teosto, raided the administrators’ homes and seized computers and hard drives. The evidence they found was condemning.

Niko adds that at least one admin avoided the lawsuit because his hard drive was encrypted, and that there were more people on trial:



http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9004500&source=rss_news50

Tech presents legal system with 'tremendous curves'

VOIP, botnets among challenges cyberprotectors face

Ellen Messmer

October 27, 2006 (Network World) -- A legal system rife with outdated laws never designed to cope with such new technologies as VOIP is just one of the worries facing Stephen Treglia, chief of the technology crime unit in the district attorney's office of New York's Nassau County.



Something significant is going on here, we just don't know what... Yet.

http://developers.slashdot.org/article.pl?sid=06/10/28/070256&from=rss

Will Red Hat Survive?

Posted by Zonk on Saturday October 28, @05:25AM from the hold-on-to-your-butts dept. Red Hat Software Oracle Linux

An anonymous reader writes "Red Herring has an in-depth analysis interviewing industry experts on what the future of Linux distributor Red Hat will likely be now that Oracle is offering cheaper support and services essentially identical to Red Hat Linux. Will Oracle purchase Red Hat? Or is it not yet too late?"

From the article: "Mr. Dargo countered that Oracle's move indicated a lack of understanding of the value that Red Hat's support and service provide. But he noted that Red Hat could be vulnerable if Oracle manages to provide better service. 'If the strategy at Oracle works out, Red Hat is going to face some serious issues, but I don't think it is going to work out,' he said. 'There are lots of opportunities for Red Hat to do some aggressive and creative things to turn around.'"

Friday, October 27, 2006

Now here's a business model I should have predicted...

http://www.infoworld.com/article/06/10/26/HNfixelections_1.html?source=rss&url=http://www.infoworld.com/article/06/10/26/HNfixelections_1.html

Web site offers to fix elections -- for a price

Thirty political campaigns reps have already inquired about the services [That's depressing... Bob] from the seemingly satirical site

By Robert McMillan, IDG News Service October 26, 2006

"Winning is everything."

That's the mantra of Election Partners Ltd., whose slick Fixavote.com Web site offers such services as "real-time voter correction," and "enhanced retrospective tallying." The site features attractive stock-photography models and inspirational New Age music.

"Using state of the art technology, we overcome the challenges of competition and ensure election results for our clients," the Web site states.

But according to electronic-voting experts the site is most likely satire. [...but we're not sure? Bob]

... Ed Felten, a professor of computer science and one of the authors of the Princeton study said that fixavote.com "looks like satire to me. These services couldn't be provided lawfully."

However, what fixavote.com claims to offer may be technically feasible, he added. "If somebody were willing to break the law, it's within the realm of possibility."

... "Election Consultants is so confident in our ability to secure a desirable outcome for your next election, that we guarantee complete satisfaction," the Web site says. "If any individual precinct covered by our services fails to deliver promised results, then all fees will be waived."

Then the fine print: "Guarantee does not include precincts that use non-electronic voting equipment."



“Just because Gore is spelled Bush...”

http://www.washingtonpost.com/wp-dyn/content/article/2006/10/25/AR2006102501918.html

Lawmakers Pushing for Paper Trail As Backup

By Leef Smith Washington Post Staff Writer Thursday, October 26, 2006; B02

A computer glitch that alters the names of some candidates on electronic ballots in three Virginia cities helps prove the need to create a paper record of each vote cast, two state lawmakers said yesterday.

... State election officials say the glitch will not affect the outcome of races and have pledged to correct the problem by the 2007 statewide elections.



http://www.eweek.com/article2/0,1759,2041377,00.asp?kc=EWRSS03119TX1K0000594

NIST to Certify Voting Machine Security, Standards

October 26, 2006 By Wayne Rash

WASHINGTON—The U.S. Election Assistance Commission, the little-known agency that controls how national elections are held in the United States, is enlisting the help of the National Institute of Standards and Technology in making sure electronic voting machines meet federal standards.

According to EAC Voting Systems Certification Director Brian Hancock, all voting machines to be used in federal elections must meet certification requirements for the specific election in which they're being used.

For this reason, the EAC requires vendors of electronic voting machines to show that they meet the required standards by having their products tested by private labs, and having the results verified by NIST.

The EAC and NIST are working together to create the standards against which voting products are judged.

"NIST will address security and wireless access," Hancock noted. He said that focus will be in addition to the standards already in place on usability, performance, accessibility, etc.

... "There has never been an attempt to hack into a voting machine on Election Day," [How could they know? Bob] Hancock said.



New York giveth...

http://www.bespacific.com/mt/archives/012844.html

October 26, 2006

Public May Now Request and Obtain New York Records Via Email

Effective October 25, 2006 the public may request records from state and local agencies ["any New York State or municipal department, board, bureau, division, commission, committee, public authority, public corporation, council, office or other governmental entity performing a governmental or proprietary function is subject to the Law"], via email in New York.



...and New York taketh away.

http://yro.slashdot.org/article.pl?sid=06/10/26/2032257&from=rss

New York Bar May Crack Down on Blogging Lawyers

Posted by Zonk on Thursday October 26, @04:46PM from the barred-from-blogging dept. Censorship The Courts The Internet

An anonymous reader writes "While you might not guess it from watching late night TV, advertisements by lawyers are regulated by a web of regulations intended to protect potential clients from deceptive claims in such ads. Generally, these rules require lawyers to submit their ads to a review board, often with a filing fee paid with each new advertisement. The New York bar has proposed new rules which would define blogging as advertising. Should these rules be enacted, any New York lawyer who blogs on any legal topic in New York would be required to submit any new blog post to the New York Bar for review. For New York lawyers who write frequently updated blogs, this could force them to make multiple (and potentially expensive) reports to the New York Bar every single day."



Three months to conclude the obvious?

http://www.counterthink.org/020847.html

Originally published October 23 2006

Consumer Reports Investigation Warns Your Privacy Is for Sale (press release)

The practices of commercial data brokers can rob consumers of their privacy, threaten them with identity theft and profile them as dead beats or security risks, according to an investigative report in Consumer Reports October Issue.

Choice Point, LexisNexis and Acxiom are among the largest of the horde of data brokers that generate billions of dollars in revenue by selling sensitive and personal information about millions of Americans to paying customers, sometimes including crooks looking to cash in.

CR's three-month investigation concluded that current federal laws do not adequately safeguard American's sensitive information, which is often collected and sold by data brokers. This information can include Social Security Numbers, phone numbers, credit card numbers, information about an individual's prescription medication, shopping habits, political affiliations and sexual orientations.

Among the most troublesome findings of CR's investigation: There is no way an individual can find out exactly what data collectors are telling others; and the accuracy of that data is rarely verified. When CR staffers asked to see their own files, they received scant information. One report contained more than 31 errors.

CR's investigation reveals the growth of the Internet has spawned data brokers that use deceptive practices to obtain sensitive and personal information about people and sells it to virtually anyone, sometimes with fatal consequences.

For more information, the complete report on the practices of data brokers is available in the October issue of Consumer Reports or by visiting htgtp://www.ConsumerReports.org .

Personal, sensitive information can be obtained from several sources, most commonly are public records. Some data collectors hire researchers to visit courthouses and county clerks' offices to retrieve information from paper records. However, a growing number of state and local governments are posting personal records online, making information gathering easier and increasing the potential for abuse. In addition, consumers themselves supply tons of data, often unwittingly, because information about purchases, donations, and memberships is now widely shared. In fact, most list creation comes from the activities of consumers like buying from catalogues, ordering magazines, joining associations or filling out warranty cards.

A steady customer, the federal government often enlists the services of data brokers, but there is no way to know exactly what it collects or exactly how much it pays. Since 2002, the U.S. Department of Justice has allowed unrelated bits of personal data to be pieced together to target American citizens as potential threats who merit surveillance or investigation. In fiscal 2005, the departments of Justice, Homeland Security, and State, and the Social Security Administration spent $30 million on data-broker contracts, according to the U.S Government Accountability Office (GAO). Finding out what the government is buying has proven impossible.

While consumers have little or no control over much of the data collection and sharing that occurs, they can limit the amount of information circulating about them. Checking the accuracy of this information will also help spot signs of ID theft and fraud. To do so, consumers can take the following precautions:

- Opt out of telemarketing, unwanted solicitations and the sale of your information to others. Enroll in the Federal Trade Commission's Do Not Call registry by going to http://www.donotcall.gov or by calling 888-382-1222. Ask financial institutions, retailers and Web sites not to share your information with other nonaffiliated companies. Contact the Direct Marketing Association at http://www.dmaconsumers.org/consumerassistance.html ; for unsolicited email, http://www.dmaconsumers.org/consumers/optoutform_emps.shtml. Also, The Privacy Rights Clearinghouse lists data brokers that offer limited opt-out policies at http://www.privacyrights.org/ar/infobrokers.htm .

- Don't fill out surveys on warranty cards. Just provide your name, address, and necessary product information, and your warranty will be honored. Be careful with direct-mail surveys that don't come from companies with which you already do business.

- Don't provide sensitive information on the phone, through the mail, or over the Internet unless you've initiated the contact or you're sure that it is from an organization you trust. If in doubt, contact the organization.

- Order your free annual report from each of the major nationwide credit-reporting companies once every 12 months at http://www.annualcreditreport.com .

- Request your files from the major databrokers: ChoicePoint at http://www.choicetrust.com , LexisNexis at http://www.lexisnexis.com/terms/privacy/data/obtain.asp . You can call Acxiom at 877-774-2094 or send email to referencereport@acxiom.com.

- Get medical information. If you've applied for individual health- or life insurance policies within the past seven years, the MIB Group keeps data that insurers use to help determine your rates. Get a report by calling MIB toll-free at 866-692-6901.

Contact: Lauren Hackett, Consumers Union Media Relations, 914-378-2561, lhackett@consumer.org



Bypass bureaucracy!

http://news.com.com/2100-7351_3-6130059.html?part=rss&tag=6130059&subj=news

FON brings Wi-Fi to the people of San Francisco

Spanish start-up will give away Wi-Fi routers to spur the creation of its grass-roots Wi-Fi network in San Francisco.

By Marguerite Reardon Staff Writer, CNET News.com Published: October 27, 2006, 4:00 AM PDT

The Spanish start-up FON wants you to help it unwire San Francisco and other cities around the globe by providing ubiquitous Wi-Fi access.

On Friday, the company will give away its Wi-Fi routers that allow broadband subscribers to share their Internet connections with Wi-Fi users throughout their communities. "Freedom Friday", as the company is calling the event, will kick-off at noon in San Francisco's Union Square.



This was a good idea, until I looked at it.”

http://www.siliconvalley.com/mld/siliconvalley/15854723.htm

Posted on Thu, Oct. 26, 2006

Candidate disavows 'friends' on his MySpace page

By Deborah Lohse Mercury News

Halloween isn't here yet, but a mystery is brewing in San Jose's City Council District 3.

It started Wednesday, when rumors began circulating that council candidate Sam Liccardo's MySpace Web page featured some risque ``friends,'' including young men and women posting pictures of themselves or friends in provocative poses; real or wannabe gang members; and a slew of teens or young adults whose own MySpace pages feature explicit nudity, drug references, or homophobic or racist rants.

A startled Liccardo, whose legal career has included prosecuting sex offenders, did some quick research and ordered the Web site -- established with his approval by the mother of a young campaign volunteer -- shut down.

But Liccardo said none of the people affiliated with his MySpace page had approved the posting of photos or links of such racy friends there. He suspects a hacker is involved, possibly a criminal prosecuted by Liccardo in the past, or a political foe.

I prosecute Internet crimes against children,'' Liccardo said. “This fits the pattern of defendants I know who are computer savvy.''



Better than Haiku?

http://blog.wired.com/sixwords/

Very Short Stories

33 writers. 5 designers. 6-word science fiction.

From the November issue of Wired Magazine

We'll be brief: Hemingway once wrote a story in just six words ("For sale: baby shoes, never worn.") and is said to have called it his best work. So we asked sci-fi, fantasy, and horror writers from the realms of books, TV, movies, and games to take a shot themselves.

Dozens of our favorite auteurs put their words to paper, and five master graphic designers took them to the drawing board. Sure, Arthur C. Clarke refused to trim his ("God said, 'Cancel Program GENESIS.' The universe ceased to exist."), but the rest are concise masterpieces.

For the complete text, including stories that didn't appear in the print magazine, go here.

To learn more about these writers, click here



http://www.bespacific.com/mt/archives/012846.html

October 26, 2006

SearchSystems.net Public Records Directory Now Has Category on Legislation

SearchSystems.net Public Records Directory added a category for Legislation in July, allowing users to browse and/or search state legislation and legislators [mix of free and fee-based access].



http://www.bespacific.com/mt/archives/012836.html

October 26, 2006

2006 State and Metropolitan Area Data Book

"The 2006 State and Metropolitan Area Data Book features more than 1,500 data items for the United States and individual states, counties and metropolitan areas from a variety of sources...topics include age, agriculture, births, business establishments, communications, construction, cost of living, crime, deaths, education, elections, employment, energy, finance, government, health and households. Also, housing, immigration, income, manufacturing, marriages and divorces, media, natural resources, population, poverty, race and Hispanic origin, residence, retail sales, science and engineering, social services, tourism, transportation and veterans."



http://www.bespacific.com/mt/archives/012847.html

October 26, 2006

Public Interest Group Relaunches Free Media Tracker Database

Press release: "A cornerstone of the Center for Public Integrity's "Well Connected" project, the Media Tracker is a free, searchable online database...it gives anyone the ability to search out details about the U.S. media and telecommunications companies that control the flow of information in our digital age. By typing in a ZIP code or a city and state, users can retrieve a dossier of information about the television stations, radio stations, cable systems and newspapers serving that area. The Media Tracker database scans more than 5 million pieces of information from governmental sources, corporate disclosure documents and original research."



http://techdirt.com/articles/20061026/083003.shtml

Is MLB.com The Next YouTube?

from the did-someone-say-.com? dept

With online video being so hot this year, one company that's getting attention is MLB Advanced Media, better known as MLB.com, the official site of Major League Baseball. The league's done far more to use the internet than have the other major sports, and it boasts an impressive number of users who pay for live streaming of games and stats packages. It claims to have revenue of $195 million in the last year, and its success can be attributed to a combination of an early start and a good job identifying what consumers want. A few years ago, there was some discussion of taking the company public, and with the big money showered on YouTube, there seems to be renewed interest in it. The league believes the property could be worth close to $5 billion. But this number seems based on the same kind of relative thinking that prompted one analyst to value MySpace between $10-$20 billion. Other than the fact that they both stream video, MLB.com is nothing like YouTube. YouTube offers a fresh way of consuming and sharing video, whereas MLB.com simply tries to replicate the TV experience over the computer. That may work fine for now, but it's going to keep having battles like the one against Sling as people seek to consume the content in different ways. For the site to thrive, it can't get comfortable with its early success; it needs to keep experimenting and trying new things, just as it did when it first launched.



http://techdirt.com/articles/20061026/021059.shtml

Can You Sue For Defamation If Someone Points Out Publicly That You Are Wrong?

from the thanks-for-nothing dept

Remember the publication that put legal statements on its site claiming that fair use did not apply and you could not reproduce anything on the site? Yes, the same one that then threatened to take legal action against the guy who (correctly) pointed out to them that you can't take away someone's right to fair use like that? Well, it appears that they changed part of their legal language to get rid of the bit about fair use not applying, though they kept up the part saying that you can't reproduce anything. The former lawyer, David Giacalone, who had pointed this out to the editor in the first place, sent her a nice followup email thanking her for making the change. In response, however, the woman claims she will be suing him for defamation and has already alerted law enforcement and her attorney. It's hard to see how it's defamation to point out that the legal language on a site appears to be mistaken. The editor claims that the posts about the legal language encouraged "threats, intimidation and profanity" though, if you read the original posts on the topic it's a pretty big stretch to seeing them as encouraging any such activity (not to mention that it was all brought on by the problematic language on her publication's site). In the meantime, Eugene Volokh also has posted a followup on this issue, asking why anyone should trust the accuracy of the content on her site when her claims about copyright are inaccurate? Update: Giacalone lets us know that, after just one day, the site has gone back to claiming fair use is not applicable.



...and I say pounding a campaign sign into your poor defenseless lawn is violent. If you're a democrat.

http://techdirt.com/articles/20061027/004715.shtml

Forget Detecting Gunshots, This Camera Detects If You Just Act Violently

from the you-have-no-privacy-anywhere dept

Following the story from yesterday about sensors that can spot gunfire (which was actually old news), Search Engines WEB writes in to let us know about a new camera system being developed by researchers to automatically spot violent behavior. They claim this is different than cameras being developed and tested to simply spot suspicious behavior by looking for basic patterns. They note that such a system can often have trouble separating out certain situations. For example, they suggest that their system can tell the difference between someone offering another person a stick of gum vs. someone threatening a person with a knife -- which they claim a traditional system would view as looking pretty much the same. Currently, the system is only 80% accurate and the researchers admit it has certain limitations -- but they expect it to improve pretty rapidly over the next few years, especially as the technology gets commercialized. Of course, it will be interesting to see how people respond to such things. While you pretty much can't go anywhere these days without having surveillance cameras watching you, an awful lot of what those cameras catch is never watched or used. However, systems that can capture and analyze specific activities begin to raise many more questions. Instead of just mining consumer databases, will we be hearing stories about politicians targeting pitches to voters based on what a collection of surveillance cameras says about them?



Don't allow your children to escape their formative years without trauma! Read them these bedtime stories.

http://googleblog.blogspot.com/2006/10/scary-stories.html

Scary stories

10/26/2006 07:42:00 AM Posted by Arielle Reinstein, Associate Product Marketing Manager

“I was never kinder to the old man than during the whole week before I killed him.” -- Edgar Allen Poe, The Tell-Tale Heart.

Some people dress up in wacky costumes (like us), others carve pumpkins or stay home to pass out treats (my personal favorite is the fun-sized Hershey’s Special Dark Chocolate bars – yum). To help get you in the Halloween spirit, we’ve gathered some of the best classic spine-tingling tales you can find in Google Book Search. At google.com/scarystories, you can rediscover spooky classics like Bram Stoker’s Dracula, Mary Shelley’s Frankenstein, and Robert Louis Stevenson’s Strange Case of Dr. Jekyll and Mr. Hyde, as well as explore less well-known tales like Thomas Hardy’s Victorian ghost story, "The Withered Arm".

Whenever you see a "Download" button, you're free to download, save, and print a PDF version to read at your own pace. If you decide you want a bound copy, the "All editions" link will show you multiple editions, many of which are available to buy.

We hope exploring these classics helps make your Halloween special -- maybe even keeps you up for a night or two. Please note that some of these books may not be in the public domain everywhere in the world. Where copyright status is in question, we do not enable Full View access or downloading.



We don't have enough live reporters to translate everything to video, so we computerized it!”

http://www.newscientisttech.com/article/dn10371

Software generates video news bulletins

17:53 24 October 2006 NewScientist.com news service Tom Simonite

Software that automatically generates timely video news bulletins, presented by computer-animated characters, could revolutionise current affairs broadcasting, researchers say.

The system, called News at Seven, can produce reports tailored to a person's particular interests, from world affairs to celebrity gossip.

For example, one video shows a bulletin about attempts to corroborate North Korea's controversial nuclear test while another shows a more opinionated celebrity-focused report (both wmv files).

Thursday, October 26, 2006

These announcements are normally held until Friday. Someone screwed up!

http://www.thedenverchannel.com/news/10162004/detail.html?rss=den&psp=news

Computer With Info On Colo. Human Services Dept. Clients Stolen

POSTED: 4:27 am MDT October 26, 2006

DENVER -- A computer containing personal information of some clients of the Colorado Department of Human Services was stolen from a Dallas-based firm that operates the Family Registry.

The desktop computer, which was stolen during the weekend of Oct. 13, had data on clients who were involved with child support payments. It was stored in a secure area monitored by surveillance cameras accessible only by password, said Dallas-based Affiliated Computer Services Inc. [Gee, that doesn't sound like a “secure area” to me... Bob]

Company spokesman Kevin Lightfoot said letters were sent to the clients about the theft and advised on how to protect their information.

There was no evidence of identity theft or an intent to do so, he said.

Department spokeswoman Liz McDonough did not say how many clients could be affected and where the theft occurred, citing the cases involves child support.

Detectives were investigating the theft and were trying to recover video from the surveillance cameras, [Shouldn't that be simple? Bob] said Denver police spokesman Sonny Jackson. Colorado Bureau of Investigation and officials from the human services department were assisting detectives.

"We are monitoring the actions of the contractor to make sure they meet the expectations of the state," [Haven't they failed already? Bob] McDonough said.


http://www.rockymountainnews.com/drmn/local/article/0,1299,DRMN_15_5092102,00.html

Personal info in stolen computer

Data from clients in child-support cases, state officials report

By Hector Gutierrez, Rocky Mountain News October 25, 2006

A desktop computer [Not something that could be confused with a visitor's laptop. Should be a red-flag to whoever is monitoring security. Bob] containing personal information of Colorado human services department clients involved in child support payments was stolen this month, officials said Tuesday.



Failures in quality have costs. (The old “Quality if free” argument)

http://www.infoworld.com/article/06/10/26/HNsonyq2loss_1.html?source=rss&url=http://www.infoworld.com/article/06/10/26/HNsonyq2loss_1.html

Batteries push Sony to Q2 operating loss

Sony's operations for the quarter go into the red despite a jump in sales

By Martyn Williams, IDG News Service October 26, 2006

The global recall and replacement of millions of laptop batteries, and start-up costs for the PlayStation 3 console, pushed Sony's operations into the red for the July to September quarter, despite a jump in sales.

The company reported an operating loss of ¥20.8 billion ($174.5 million) against an operating profit of ¥74.6 billion in the same period last year. The loss includes the estimated ¥51.2 billion that Sony will lose as a result of the laptop battery recall currently under way.

Sony's net income, which includes profit and loss from its core operations and subsidiaries, and other extraordinary items, dropped 94.1 percent to ¥1.7 billion.

However, sales and operating revenue rose 8.3 percent to ¥1.85 trillion.

... Sony's core electronics business saw a 12.1 percent increase in sales but operating profit dropped more than 70 percent, largely due to the battery replacement costs and a one-time pension fund gain the year earlier.



One of my prediction areas: Expect charges of voting fraud this year!

http://techdirt.com/articles/20061025/101539.shtml

Quebec Report Slams E-Voting Failure; Company Responsible Says To Cut It Some Slack

from the you-don't-get-a-few-tries-to-get-it-right dept

While American elections officials continue to ignore the long, long, long list of evidence that e-voting machines are not secure and cannot be relied upon to work properly, it appears that elections officials in Quebec recognize the importance of holding a fair election that people are confident accurately reflected the voting will of the people. Following a report by Quebec's electoral chief that runs through all of the problems Quebec had with e-voting machines last year, the government has extended an injunction against e-voting machines that had been put in place after the problems in the election became clear. The elections official admits that there's no way to tell if last year's election results were accurate or fair -- but that there's nothing that can be done now. Some opposition politicians, however, are thinking of trying to force the election to be wiped out and held again, claiming that the results clearly were incorrect. To make it even more fun, the firm that supplied the e-voting machines, PG Elections, is apparently upset that Quebec hasn't paid their bill in full for the machines that didn't work properly. Even worse, they seem to shrug off the problems: "We have to admit that we did have a few problems," but he then suggests you have to give them some leeway because "It was the first time all Quebec municipal elections were held on the same day and that so many used electronic voting." I'm sorry, but if the one thing your machines are supposed to do is handle the election and count people's votes, it really needs to do that -- and trying to brush it aside because it was the first time so many of your machines were being used isn't just a bad excuse, it's a reason no one should use your machines again.



http://www.forbes.com/2006/10/25/leadership-hewlett-packard-spying-lead-manage-cx_hc_1025fiveways_print.html

Five Ways

How To (Legally) Spy On Employees

Hannah Clark, 10.25.06, 6:00 PM ET

Hewlett-Packard has given spying a bad name. But when former Chairwoman Patricia Dunn spearheaded an investigation against board members, staff and journalists, she was, in a way, simply following a nationwide trend. As technology has improved, risks have increased. As a result, most corporations are now monitoring their employees closely.

Press leaks, theft of trade secrets and time wasting are big concerns. But the main reason is fear of lawsuits, says Nancy Flynn, executive director of the ePolicy Institute, a consulting firm that helps companies develop monitoring policies. Almost 25% of companies have had employee e-mails subpoenaed because of a workplace lawsuit, usually involving harassment or discrimination. "Employers need to view e-mail as the electronic equivalent of DNA evidence," says Flynn.

While employees may have been slow to get the message, corporations are catching on. More than 75% of employers monitor their workers' Web site connections, according to a survey by the ePolicy Institute, a consulting group. About half of all companies store and review computer files, and 55% read e-mail messages. About 26% of firms have fired workers for misusing the Internet.

In Pictures: Are You Being Watched?

But what if companies misuse their spying programs? That's what happened at HP. The computer giant hired private investigators who used a tactic called pretexting, or posing as someone else to gain access to their phone records. Investigators tailed reporters, dug through trash and sent a reporter a fake e-mail that contained tracking software. Most of these tactics are slimy, but legal. Pretexting, however, is not. Without permission, there are only two ways to get phone records legally: Obtaining a warrant or digging through the trash.

Dunn has been charged with four felonies; so has Kevin Hunsaker, the company's senior counsel and chief ethics officer. (See: "Chief Ethics Officers: Who Needs Them?") But breaking the law wasn't HP's only mistake. Here are five ways corporations can run a legal, ethical spying program and stay out of the headlines.

Try Google first. There are a lot of ways to obtain information without breaking the law, says Efrem Grail, a partner at law firm Reed Smith. The Internet is an obvious place to start. And instead of targeting personal phone records, look at company-owned records first. Who have your employees been calling on their office phones?

Check out personnel files for context, says Grail. Is someone living in Beverly Hills, Calif., on a salary that should relegate him to a less desirable district? That might help you learn who could be stealing and selling company secrets. Don't forget public documents like property records, credit reports and criminal histories. Grail once discovered that someone had applied for a fishing license in Alaska on a day when he was supposed to be somewhere else, working for his employer.

Be honest. When Dunn became concerned about boardroom leaks, she should have tried openness first. "HP might have avoided a lot of headlines if they had simply gone to their board members and said, 'Can we have your telephone records?'" says Jim Moorhead, a partner with law firm Steptoe and Johnson.

If that didn't work, one-on-one interviews with board members might have been a good next step. That would have given directors an opportunity to air their grievances and possibly even confess. "You'd be surprised what people say. All you have to do is ask," says Ted Frank, CEO of Axentis, which makes software that helps companies manage regulatory compliance issues.

Create a policy--and make it public. The honesty policy also applies to ordinary workers. Employers should establish a written policy about computer use, says Flynn. And don't just put it in a vault. Make sure workers know what's appropriate, and what's not. Then, establish consequences for those who violate email and Internet policies. Some companies fine their employees as much as $1,000 for a first violation, Flynn says.

Be nice to journalists. Reporters jumped on the HP scandal for the obvious reason that it's a very juicy story. But they really dug in when reporters learned that they were actually targeted by HP's spies. One of the targeted journalists, Pui-Wing Tam, wrote a front-page story in the Wall Street Journal on Oct. 19, detailing what she knew about the surveillance. That spawned even more stories, when the Associated Press picked it up.

Brush up on all those pesky legal issues. Privacy laws vary widely across state and national borders. Americans have fewer privacy protections than Europeans, but even within the U.S. laws vary widely. Delaware and Connecticut, for example, require companies to inform employees if they're being monitored. Californians have a right to privacy enshrined in the state Constitution. All of a company's investigators should have an understanding of these laws--or know who to call for advice.



If there is a need for “do it yourself” surveillance, it's probably much cheaper and easier to visit Radio Shack...

http://hosted.ap.org/dynamic/stories/A/ATT_REMOTE_SURVEILLANCE?SITE=VALYD&SECTION=HOME&TEMPLATE=DEFAULT

AT&T Launches Video Monitoring Service

By BRUCE MEYERSON AP Technology Writer Oct 26, 1:02 AM EDT

NEW YORK (AP) -- AT&T Inc. is introducing a home monitoring service that includes live video surveillance on a computer or cell phone, as well as lighting controls and detection sensors for motion, temperature changes and flooding.



...and to answer those “What's he doing now?” questions...

http://mobilecrunch.com/2006/10/25/veeker-launches-today-mobile-video-will-be-changed-forever-a-mobilecrunch-exclusive/

October 25, 2006

Veeker Launches Today- Mobile Video Will Be Changed Forever: a MobileCrunch Exclusive

Posted by Oliver

ScreenHunter_881.jpgVeeker, the San Francisco based company that has been in high profile stealth mode for some time finally launches today and promises to change the way we use the video capability in our camera phones. I had the good fortune to get an early preview yesterday with Roger Raderman, Co-Founder and Chief Marketing & Product Officer of Veeker and I have to say the Veeker platform (it’s too substantial an offering to simply call it an application) has the potential to radically alter both the way we use the video functionality of our camera phones and along with that change the way in which we communicate in general.

In a nutshell, Veeker is instant video messaging. The most basic use case is to shoot 60 seconds of video from your mobile phone and upload this video to Veeker in the form of an MMS. Within about 60 seconds your video is on the Veeker portal where, depending upon whether you sent it to one of three addresses is visible only by you (me@veeker.com) visible to you and your contacts (v@veeker.com) or made available for viewing by anyone who visits Veeker and is inclined to check you out (world@veeker.com).

... Veeker’s next tricks are where things start to get exciting. Each time you upload video to Veeker you are creating what they call a “Veek” which is short for Video Peek - which is of course, what these short videos really are. Your collection of Veeks is a “VeekFeed” and like RSS Feeds you can subscribe to other’s feeds and see in near real-time what they’re up to when they choose to upload video to their feeds.



Another issue for my Business Continuity class. Some pithy comments too...

http://hardware.slashdot.org/article.pl?sid=06/10/25/1554213&from=rss

Generator Delays May Slow Data Center Projects

Posted by ScuttleMonkey on Wednesday October 25, @01:00PM

from the so-that's-why-mmos-can't-expand-to-meet-needs dept. Hardware Technology

miller60 writes "The data center building boom is causing backlogs for new generator orders, with some companies reporting delivery delays of up to a year for new 2,000kw units, which are the current standard for mission-critical facilities. Generator availability is 'the No. 1 thing that will drive your construction schedules,' according to Equinix, which is building centers in three major markets. 'This will be a big issue for the next wave of data center builds,' says another industry executive. Used generators and smaller units tend to be more available than the 2 megawatt units, but companies targeting the enterprise sector may be wary of relaying on used units or smaller generators than those powering competing facilities."



Do you suppose this flatters the Execs or intimidates them? How would you feel?

http://it.slashdot.org/it/06/10/24/1654234.shtml

Unisys Targets Just 20 Execs With Ad Campaign

Posted by kdawson on Tuesday October 24, @02:10PM from the atomic-force-advertising dept. It's funny. Laugh. IT

Carl Bialik from WSJ writes, "Security company Unisys is taking niche marketing to a new level, aiming ads at about 20 top executives, delivering custom-covered issues of their Fortune magazine subscriptions, and even placing billboards where these individuals will be likely to see them, the Wall Street Journal reports."

From the article: "If an executive flips over the mock Fortune cover, he or she will discover a letter — also individually tailored — from a senior Unisys manager describing challenges in the target's specific industry. The Fortune 'cover wraps' also offer personalized Web addresses, where the executives can find mock news videos that mention their names and tell how they achieved business success. To reinforce the message, Unisys is placing billboards and outdoor signs — albeit without information-chief portraits — close to the executives' offices. Some ads will even appear on video screens in the elevators of their office buildings."



Who thought this was a good idea?

http://www.platinax.co.uk/news/26-10-2006/firefox-2-releases-privacy-storm/

October 26, 2006

Firefox 2 releases privacy storm

The most-awaited Firefox 2.0 was launched by the Mozilla Foundation yesterday - and immediately generated a storm of protests over privacy issues.

Key to privacy concerns is that Mozilla have set up their long-awaited phishing protection feature on Firefox 2.0 - but to use it properly, you have to send Google a record of every single website you visit.

A cookie will record all your behaviour data when using Firefox and provide the information free to Google, who can then use that information for their own commercial purposes.

Although, the feature does require an explicit opt-in, it’s an unwelcome trade-off for many Firefox users, who believe that there is no reason to tie-in phishing protection with providing free data to a billion-dollar multinational.

The concerns may be damaging to the Mozilla Foundation - who have long had a close relationship with Google - and who became a “for-profit” business last year.

The provision of free tools and services simply for the purposes of collecting user data has become a habit with Google in recent years, and especially raised privacy concerns - not simply on the data collection, or how it may be used - but also how it may be collected by government agencies.



What ethics? These are politicians!

http://techdirt.com/articles/20061025/185634.shtml

Politicians Mine Commercial Databases In Get Out The Vote Effort

from the what-they-know-about-you dept

It used to be that people were worried about all the data that the government collected on them, and would refer to things like "Big Brother." However, more recently, with the rise of huge database companies and serious data collection and data mining efforts in the private sector, people have begun to realize that it's really the corporations that are keeping the closest tabs on you. However, that doesn't mean politicians can't use that data themselves. The Associated Press is running an article about the level of sophistication being used behind the scenes by Gov. Arnold Schwarzenegger's campaign. Rather than more general statistics, they've taken a page out of just about any large company's marketing textbook and have purchased access to all sorts of demographic data from things like what you drink to what you drive to what you read -- on the assumption that they can then use this data to better target people more likely to vote for the governor's re-election in their "get out the vote" effort. The opposing campaign claims that this "microtargeting" is simply being used to "manipulate people" while giving different messages to different people. However, it's not clear why that's so bad, if the targeted messages are actually relevant. It does seem a little creepy to find out the level to which they can segment voters, but it's really no different than what companies do these days. Of course, for those who are still uncomfortable about all of this, perhaps it'll make you feel more comfortable to know that much of the data these firms have is often wrong.



Just think of it as a tool for practicing discovery techniques. See if you can find the smoking gun...

http://www.boingboing.net/2006/10/24/enron_explorer_mines.html

Tuesday, October 24, 2006

Enron Explorer mines Enron's emails

Charles sez,

To celebrate Mr Skilling's sentencing, the "Enron Explorer" offers access access to the whole corpus of 200,000 enron emails released during the fraud investigation.

The system generates a visualisation of each executive's social network and analyses the thematic signature of their communications. you can access each person's mailbox, read individual messages, or take a thematic slice through the archive. clicking on someone in the visualiser zooms them to the centre and loads their information.

[Enron Explorer: http://enron.trampolinesystems.com/ ]



How to save big money on Christmas gifts! (I blame all of this on Dan Aykroyd and his “Ronco Price-o-matic” skit on Saturday Night Live.)

http://www.nwfdailynews.com/articleArchive/oct2006/hightechshoplifters.php

Thursday 26th October 2006

Retail losses rise as shoplifters go high tech

By ANN ZIMMERMAN The Wall Street Journal Via AP 2006-10-25

AP) - William Swanberg had a thing for Legos, but it was hardly child's play.

After he was arrested last November near Portland, Ore., police investigators determined he had stolen more than $600,000 of the Danish building toys over three years from dozens of stores in at least five Western states.

He pilfered the toys by creating counterfeit bar codes that allowed $100 Lego sets, for example, to be rung up for just $19. Then he resold them on a Web site for toy collectors.

... Law-enforcement officers say many of the high-tech thieves belong to organized-crime rings that have turned retail theft into big business. And the Internet has made it easier for them to find buyers for the loot.

... Last December, a Target security guard nabbed a Colorado college student after he purchased a $150 iPod that carried a bar code for $4.99 headphones, according to Mr. Brekke. The thief had fashioned the fake label with a $25 software program called Barcode Magic, which he'd downloaded from the Internet, Mr. Brekke says.

... Another vexing new problem, retail executives say, is gift-card fraud. Many retailers now issue gift cards in place of paper gift certificates and receipts from returned merchandise. The cards, which resemble credit cards, have been a boon to the retail industry, accounting for $60 billion in sales last year, almost one-third of it during the holiday season.

But they've also been a boon to thieves. In one scam, crooks copy numbers from gift cards hanging on store racks. After the cards are purchased and activated, buyers use them to shop online by entering the card numbers.

So do the thieves. To figure out which cards have been activated, they phone an 800 number to check on balances for card numbers they've copied. When they discover activated cards, they use the card numbers to buy merchandise on a store's Web site, explains Dan Doyle, vice president of loss prevention at Beall's Inc., a Southeastern department-store chain.

Another swindle involves stealing merchandise, then returning it for store credit in the form of gift cards. In 2003, Herion Karbunara, a Massachusetts man in his mid-20s, paid women $50 to $200 a day to shoplift merchandise from stores ranging from Pottery Barn to Victoria's Secret and then return it for gift cards, according to the Massachusetts attorney general's office. Some stores required receipts for returns, so the women first would buy one of each product they intended to steal, prosecutors say. Mr. Karbunara would scan the receipts into a computer and print counterfeits, they say.

... The Internet has become so popular for moving stolen goods that a term has been coined for the practice, "efencing." Thieves or fences who sell loot out of a truck or at a flea market typically get 20 to 30 cents per dollar of retail value, according to a 2005 report on organized retail crime commissioned by the National Retail Federation. On the Internet, where their wares are exposed to many more potential buyers, they bring in, on average, 70 cents on the dollar, the report says.

Law-enforcement officials say the Web allows thieves to unload merchandise quicker than in the past, and in greater volume. [Technology improves every human endeavor... Bob] More thieves are taking orders for items to steal, a felonious twist on just-in-time inventory, these officials say.