District Court Ruling in NSA Wiretapping Case “Hasty and Injudicious”
Written by Judicial Watch Friday, October 27, 2006
Judicial Watch Calls on U.S. Court of Appeals to Vacate Ruling
... Judicial Watch’s principle argument relates to the issue of “standing.” Given that none of the plaintiffs can demonstrate that any of their conversations were actually intercepted by the government, their injuries are merely speculative and cannot be considered by the court.
To read a copy of Judicial Watch’s Amicus Brief, please visit Judicial Watch’s Internet site, www.judicialwatch.org.
Is this the best way to point out security nonsense?
Congressman Calls for Arrest of Security Researcher
Posted by Zonk on Friday October 27, @06:28PM from the that's-a-pretty-cool-project dept. Security Technology Politics
Christopher Soghoian writes "Yesterday, I published a tool that allows you to Create your own boarding pass for Northwest flights. This was an attempt to document the fragile and broken state of identity/security for domestic flights in the US. Today, Congressman Markey (D-Mass) has called for my arrest."
From the ABC article: "'I don't want to help terrorists or help bad guys do bad things on airplanes, but what we have now is what we in the industry call security theater. It's made to make you think you're secure without actually making you secure,' Soghoian said. 'As a member of the academic research community, I consider this to be a public service.' Soghoian admits that he hasn't actually tried to use one of the boarding passes yet."
27B Stroke 6
by Ryan Singel and Kevin Poulsen Friday, 27 October 2006
FBI Says No Arrest of Boarding Pass Hacker
The controversial do-it-yourself boarding pass website run by Christoper Soghoian disappeared from the web late Friday afternoon soon after the Indiana University Ph.D. student mentioned in an instant message chat that the FBI was at his door. However, Special Agent Wendy Osborne of the FBI's Indianapolis bureau said no student had been arrested in Bloomington, Indiana today.
Earlier today, Congressman Edward Markey called on the administration to arrest Soghoian and shut down his site.
Osborne could not confirm or deny if agents visited Soghoian today, as FBI does not comment on ongoing investigations. [...but of course they did. Bob]
While the boarding pass generator, which was intended to point out flaws in airport security, is gone, other portions of Soghoian's website, dubfire.net, are still live. Soghoian's computer still registers as being online according to Google chat, indicating that the feds have not probably not confiscated his computer.
A transcript of the chat provided to Wired News shows that Soghoian said that the FBI was at his door at approximately 3:50 pm PST. He then stopped communicating via chat and is not responding to other instant messages.
Xeni Jardin at BoingBoing has more on the possible raid and background on Soghoian.
Not surprisingly, Northwest Airlines doesn't seem too happy with Christopher Soghoian's Northwest Airlines Boarding Pass Generator, according to a company statement.
Northwest Airlines is cooperating with law enforcement and government agencies on this matter. The airline determines the validity of boarding the aircraft, not the validity of gaining access beyond the TSA security checkpoint. Northwest verifies boarding passes prior to boarding through bar code scans or other methods and persons with unauthorized boarding passes cannot gain access to Northwest aircraft. If it is determined that a fraudulent boarding pass has been presented, Northwest immediately alerts the TSA and law enforcement agencies.
While we're on the topic of airport security...
Screeners at Newark fail to find 'weapons'
Agents got 20 of 22 'devices' past staff
Friday, October 27, 2006 BY RON MARSICO Star-Ledger Staff
Screeners at Newark Liberty International Airport failed 20 of 22 security tests conducted by undercover U.S. agents last week, missing an array of concealed bombs and guns at checkpoints throughout the hub's three terminals, federal security officials familiar with the results said.
The tests, conducted Oct. 19 by U.S. Transportation Security Administration "Red Team" agents, also revealed significant failures by screeners to follow standard operating procedures while checking passengers and their baggage for prohibited items, said the officials, who spoke on condition of anonymity because it is against TSA policy to release covert-test results.
... He said top TSA officials have little aviation security experience and screeners are required to conduct too many tedious and obvious checks.
Like other security watchdogs, Elson advocates having the TSA take a page from Israeli aviation security by more broadly instituting behavioral profiling techniques in which travelers are asked probing questions. The TSA has developed a limited version of the program at some airports, including Newark.
Without such expanded initiatives, the TSA is "going to fail, and they do, with constant, stunning regularity," Elson said.
Is spending actually going down or just going “black?”
Government IT spending to drop, new firm predicts
Government Futures relies on the "collective intelligence" of online participation and community to issue its reports
By Grant Gross, IDG News Service October 27, 2006
A new analysis firm using the "collective intelligence" of the government [Oxymoron alert! Bob] contracting community has predicted a 10 percent to 25 percent drop in U.S. government IT spending in the next three years.
Government Futures, using lessons from the open-source software and online wiki communities, launched Friday with its first report, saying that U.S. government IT spending will drop in the coming years because of federal budget constraints, voter skepticism about government effectiveness and new technologies that enable cross-agency collaboration.
... Government Futures' [http://governmentfutures.com/index.html ] first report, "Government 2.0: Are You Ready?" is available at the Government Futures Web site.
[Slide show and audio. http://governmentfutures.com/reports/player.html You have to ask for the PDF... Bob]
Economics 101: To increase demand, decrease prices. Once you have a monopoly, charge whatever you want.
Acer: Vista is an excuse for Microsoft price increases
Posted by Reverend on 27 Oct 2006 - 19:53 GMT
Techzonez Microsoft is raising the price of its software as it prepares to launch Vista, according to one of the leading PC manufacturers, Acer.
According to Jim Wong, senior corporate vice president of the Taiwan-based company, the issue is simply that the basic home edition of Vista, Home Basic, which is available for preorder on Amazon.co.uk for 154.99 pounds ($293), is so basic that users will be forced to move to Vista Home Premium, at 189.99 pounds ($359). A Home Edition of Windows XP is currently available for 165.99 pounds, but has a recommended retail price of 176.99 pounds.
"The new (Vista) experience you hear of, if you get Basic, you won't feel it at all," Wong told PC Pro magazine. "There's no (Aero) graphics, no Media Center, no remote control."
Wong also said that the manufacturer's license for Vista Home Premium is 10 percent more expensive than for XP Home. "We have to pay more but users are not going to pay more," Wong said. This would mean an increase in the cost to PC manufacturers of 1 percent to 2 percent, according to Wong, in a business where the profit margin is around 5 percent or less.
At the top of the Vista lineup is the Ultimate Edition, which can be preordered for 325 pounds ($614) and, again, is significantly more expensive than the XP operating system it replaces. Windows XP Professional with Service Pack 2 has a recommended retail price of 289.99 pounds ($550), but is currently available for 234 pounds ($444).
News source: c|net
Rutkowska: Anti-Virus Software Is Ineffective
By Ryan Naraine October 26, 2006
Q&A: Stealth malware researcher Joanna Rutkowska discusses her interest in computer security, the threat from rootkits and why the world is not ready for virtual machine technology.
Earlier this year, stealth malware researcher Joanna Rutkowska created a stir at the Black Hat Briefings when she demonstrated a way to infect Windows Vista with a rootkit and introduced Blue Pill, a new concept that uses AMD's SVM/Pacifica virtualization technology to create "100 percent undetectable malware."
I ran a project in Calif. a few years ago and on an off day offered to take my crew anywhere they wanted to go. Disneyland, Knotts Berry Farm, Sea World, etc. They chose Fry's... (Can I hire geeks or what?)
October 27, 2006
Fry's Electronics (Finally) Launches Online Store
By Natali T. Del Conte
Fry's Electronics has always been an impressive store in the brick and mortar sense, but somewhat lacking in their online retail presence. Until now.
Last week the company officially launched Frys.com, a domain they did not own until just this year. The site has more product, more Fry's branding, and is for the most part an online electronics store that looks set to compete with other established e-tailers like Newegg.
... Fry's is a private company that was founded in 1985 in the San Francisco Bay Area. They now have 32 electronics stores in California, Atlanta, Illinois, and Nevada. The company does not release financial information, but Forbes estimates that the store does $2.1 billion in sales per year. Valerio would not comment on what percentage of that had been from online sales.
If web mail is not checked, something is seriously wrong with your security design...
Web Mail in the Workplace: Another Security Threat
By John P. Mello Jr. TechNewsWorld 10/28/06 1:30 AM PT
Web mail poses an additional risk because it arrives at a user's desk without being subjected to security measures imposed on e-mail traveling through a company's internal system, [there should be a “separate but equal” review... Bob] Javier Santoyo, a senior manager at security software maker Symantec, explained. "Web mail opens up a backdoor to the organization and relies on users to prevent an exploit or infection happening on its system," he maintained.
This is similar to the device that allows you to broadcast cable TV to the other (unconnected) TVs in your house.
NPR Sick Of Howard Stern Butting In; Wants FCC To Recall FM Modulators
from the interference-problems dept
A few years back, the UK decided to ban certain FM modulators such as the "iTrip" device that would let you broadcast your iPod a short distance at a low frequency on your radio, claiming that it was breaking the law that banned "pirate" radio stations -- even if it could only broadcast a few feet. Earlier this year however, a bunch of radio stations in the US started complaining that these FM modulators from both things like the iTrip and that were popular with satellite radio systems were causing problems on the road. Basically, as someone drove by with one of those modulators, the broadcast would break into other passing cars' radios. In order to make it clear what a problem this was, they talked of things like Howard Stern and gangsta rap breaking into Christian radio stations. This seemed a little silly, but at the same time, the FCC began an investigation into reports that the modulators from XM and Sirius went beyond specifications. Apparently, NPR isn't happy with the FCC's efforts so far. They conducted their own study, which found that 40% of the devices exceed FCC limits and are demanding that the FCC recall the devices. A separate study by the National Association of Broadcasters also found that more than 75% of the device exceed their power limits. It may be true that these devices exceed the set limits, but it still seems to take things a bit far to claim that "these modulators pose a significant threat" to public radio. There's nothing wrong with recalling the devices if they do exceed the set specs, but it's hardly such a threat. In fact, as the article notes, when the modulators are set to the proper levels, it's possible that the reverse happens: and NPR signals will break into people listening to Howard Stern on their satellite radio. Will that pose just as significant a threat?
Underage Finnish BitTorrent admins fined $60,000 each
Four out of eight administrators of the Finnish BitTorrent tracker “Finreactor” have been declared guilty in court and have to pay damages totalling 60,000 dollars each.
The lawsuit against Finreactor has just come to a close (Finnish report). This is believed to be only the first of many filed against the site.
Three of the four administrators found guilty are under the age of 18. It is unclear how they are going to scrape together enough money to pay their fines.
... The Keskusrikospoliisi, after getting the go-ahead from Teosto, raided the administrators’ homes and seized computers and hard drives. The evidence they found was condemning.
Niko adds that at least one admin avoided the lawsuit because his hard drive was encrypted, and that there were more people on trial:
Tech presents legal system with 'tremendous curves'
VOIP, botnets among challenges cyberprotectors face
October 27, 2006 (Network World) -- A legal system rife with outdated laws never designed to cope with such new technologies as VOIP is just one of the worries facing Stephen Treglia, chief of the technology crime unit in the district attorney's office of New York's Nassau County.
Something significant is going on here, we just don't know what... Yet.
Will Red Hat Survive?
Posted by Zonk on Saturday October 28, @05:25AM from the hold-on-to-your-butts dept. Red Hat Software Oracle Linux
An anonymous reader writes "Red Herring has an in-depth analysis interviewing industry experts on what the future of Linux distributor Red Hat will likely be now that Oracle is offering cheaper support and services essentially identical to Red Hat Linux. Will Oracle purchase Red Hat? Or is it not yet too late?"
From the article: "Mr. Dargo countered that Oracle's move indicated a lack of understanding of the value that Red Hat's support and service provide. But he noted that Red Hat could be vulnerable if Oracle manages to provide better service. 'If the strategy at Oracle works out, Red Hat is going to face some serious issues, but I don't think it is going to work out,' he said. 'There are lots of opportunities for Red Hat to do some aggressive and creative things to turn around.'"