Friday, November 10, 2006

There is no evidence of a voting problem.” (Clever, very clever.) I don't suppose there is any reliable statistic to show that this is normal or abnormal...

http://techdirt.com/articles/20061108/184456.shtml

No Major E-Voting Problems, Huh? Then Where Are Florida's Missing Votes?

from the just-asking dept

In one of the stories we spotted yesterday about e-voting glitches, it was amusing to see (at the very, very bottom) the idea that "no major problems" were reported for e-voting in Florida. Florida and Ohio, of course, are the two places where e-voting stories have raised the most questions, and there had already been a number of reports of e-voting problems in Florida voting last week when their early polls opened. So, it looks like ABC may need to revise that "no major problems" report, as the EFF points us to a report saying that 13% of the electronic responses in Sarasota County included no vote for Congressional Representative. That means that somewhere between 8,000 to 10,000 people [the margin of victory? Bob] who voted for other things, like governor, appear to have not voted for House Representative -- and no one seems to have a good explanation. It's certainly possible that all those people decided to go "none of the above," but it seems unlikely -- especially since similar undervoting was not seen in other counties covered by the same Congressional district. Also, there were complaints all day about the e-voting machines not properly recording votes in that county. So, while people are asking for a recount... there's nothing to recount since the machines did not record the votes. Amusingly, the EFF also notes that the very same county had a referendum on the ballot about the e-voting machines, and the people overwhelmingly voted to scrap the machines and bring back paper ballots. So what was it the press was just saying about no major glitches with e-voting?



So, how do I get a share?

http://techdirt.com/articles/20061109/114427.shtml

Rights Holders Start Lining Up To Get Money From Google/YouTube

from the oh,-look,-free-money dept

While it's still not clear who is suing Google over their video offering, it's clear that plenty of rights holders are looking for some sort of payout similar to what YouTube gave the record labels. However, as we noted with Microsoft's decision to pay out to Universal Music, once you start down this route, everyone is going to want a piece of you from all over the world representing all different groups of all different sizes. So, for example, it should come as no surprise to find out that the German Society for Musical Performing and Mechanical Reproduction Rights has now joined the handout line, demanding royalties from YouTube/Google. Of course, part of the problem is that YouTube made this possible by giving those few labels money in the first place, rather than sticking to the letter of the law which says they're not liable for content uploaded by users. They can still make that claim, and perhaps that's what they'll do if this goes to court, but in the meantime, they're going to be facing a ton of random players (small and large) who are all going to demand a cut.



As “full hard drive” encryption becomes easier, it might be useful to think of the downside. What happens if individuals encrypt the only copy of a “critical document?” Look for centralized control of all encryption keys, and look for hackers going for that file first.

http://slashdot.org/article.pl?sid=06/11/09/226205&from=rss

U.S. Government Prepares For Vista

Posted by Zonk on Thursday November 09, @06:02PM from the battening-down-the-hatches dept. Windows United States

IO ERROR writes "Patrick Svenburg, program manager for Windows Client Solutions in Microsoft Federal, answered questions from government IT managers today about the upcoming Windows Vista release. Many of the questions were about BitLocker, Microsoft's new drive encryption technology, as well as other security questions, upgrading from Windows XP, IPv6 deployment and more. Svenburg is a member of the Windows Vista Launch Team and is leading early adoption efforts for Windows Vista within the Federal community, according to Government Computer News."



Think this is “interesting but not consequential?” Read the next article.

http://hardware.slashdot.org/article.pl?sid=06/11/10/0358204&from=rss

The Information Factories are Here

Posted by CowboyNeal on Thursday November 09, @11:46PM from the brave-new-world dept. The Internet Data Storage

prostoalex writes "Wired magazine has coined a new term for the massive data centers built in Pacific Northwest by Google, Microsoft and Yahoo! Cloudware is, ironically, a return of the centralized data and bandwidth power houses caused by decentralized and distributed nature of the Internet. George Gilder thinks we're witnessing something monumental: 'According to Bell's law, every decade a new class of computer emerges from a hundredfold drop in the price of processing power. As we approach a billionth of a cent per byte of storage, and pennies per gigabit per second of bandwidth, what kind of machine labors to be born? How will we feed it? How will it be tamed? And how soon will it, in its inevitable turn, become a dinosaur?'"


This could be very useful. It could also be very mis-used.

http://www.infoworld.com/article/06/11/09/HNdatabaseinsky_1.html?source=rss&url=http://www.infoworld.com/article/06/11/09/HNdatabaseinsky_1.html

MySQL wants to build 'database in the sky'

Data repository would make structured data available to application developers and Internet entrepreneurs

By Juan Carlos Perez, IDG News Service November 09, 2006

MySQL AB wants to launch a global project to build a massive, distributed repository containing all of the world's data now stored in structured databases, the company's chief executive officer said Thursday.

While search engines like the one from Google Inc. aim to give people access to unstructured data on the Web, this "database in the sky" would make available structured data to application developers and Internet entrepreneurs, said Marten Mickos at the Web 2.0 Summit in San Francisco.

The data repository would be to database access what eBay Inc.'s Skype is to Internet telephony, and it would create the next-generation OLAP (online analytical processing) engine for data analysis and discovery, Mickos said.

The project seeks to apply the open-source model to data, so that developers worldwide could share and aggregate data, Mickos said. "Then the data would be the platform," Mickos said. He envisions, for example, being able to tap into all of the world's structured databases that have weather information.

It would probably be required to build "a DNS of SQL servers," address likely routing obstacles and make data definitions understandable and accessible to others, Mickos said. It would also be necessary for the data owners to have a willingness to make their database contents available.

But the most important ingredient will be to assemble a community of collaborators and volunteers willing to work on the project. The database wouldn't be monolithic but rather function on a peer-to-peer principle, he said.

Those interested in learning more can go here .



Curious. As I read this, Microsoft has purchased a company that secures its operating system rather than correct the problem internally. Does this mean they don't consider the effort worth their time or that they had no clue there was a problem, so they had no clue how to fix it?

http://www.pcworld.com/article/id,127804-pg,1-RSS,RSS/article.html

Microsoft Releases Sony Rootkit Hunter's Tools

New software will assist Windows users in detecting hidden system hacks and malware.

Robert McMillan, IDG News Service Thursday, November 09, 2006 01:00 PM PST

Nearly four months after hiring Sony rootkit whistleblower Mark Russinovich, Microsoft has moved his company's software to its Web site and has released a new Windows system tool that can help fight hackers.

The freeware products, now known as Windows Sysinternals were made available on Microsoft's Web site earlier this week. They are based on the code that Russinovich and Bryce Cogswell had been distributing on Sysinternals.com before Microsoft bought their company, Winternals Software, in July.

Original Tools Updated

"The tools are the same as what was on the original Sysinternal site with the exception of some updates and the release of Process Monitor," said Russinovich in an e-mail interview. Process Monitor is new software, based on code from two Sysinternals tools, which keeps track of activity on the Windows file system and registry and is designed to help Windows administrators with troubleshooting and malware detection.

Russinovich and Cogswell founded Winternals in 1996, and have since produced a number of widely used system-recovery and performance-tuning products.

Russinovich made international headlines last November after he discovered that copy protection software that Sony had been distributing with millions of CDs was cloaking itself using undetectable "rootkit" software. Sony was ultimately forced to recall the affected CDs after hackers began using the rootkit to hide malicious code.

Russinovich's popular blog, along with his original posting on the Sony rootkit have been moved to Microsoft's Technet Web site.

No Source Code

One aspect of the Sysinternals.com Web site that did not survive the transition to Microsoft is the free source code that Cogswell and Russinovich had made available for some of their tools.

These tools were not often downloaded, however, Russinovich said. That fact, "combined with the Microsoft requirement of having all published source scrubbed for security ... and compatibility issues, drove the decision not to move it forward," he said.



It's not our fault! We asked them not to violate their customers' privacy.”

http://news.yahoo.com/s/pcworld/20061109/tc_pcworld/127810

Intel Drafts Privacy License for Location-Aware Cell Phones

Ben Ames, IDG News Service Thu Nov 9, 6:00 PM ET

Intel has attached a privacy license to its new location-aware software product, intended to protect cell phone users' personal information as mobile devices increasingly rely on tracking technology to provide targeted services.

Installed on a smart phone or ultramobile PC, location-aware software can use GPS technology to produce tailored information like driving directions, nearby restaurants and movie schedules. The downside of that feature is that handsets can double as tracking devices if location data is not kept private. The abuse of such access could range from civil liberties violations to physical threats in the cases of vulnerable people like battered spouses, Intel fears.

So, Intel has added a privacy addendum to the Eclipse Public License it uses for the software application called Privacy Observant Location System (POLS), according to a posting on Intel's Web site by John Miller, the privacy and security policy manager of Intel's corporate technology group.

The addendum says that vendors must inform the end-user what information is recorded and how long it is stored, and it requires developers to include opt-out capability so users can change those settings, Miller said.

Compelling Ethics

POLS is a tool for mobile application developers that determines its location by triangulating between nearby radio beacons such as GSM cells or Wi-Fi access points. Most location-aware devices use different approaches, relying on the wireless provider to track every device, or on GPS chips, which can have poor reception in dense cities.

While Intel's ethics concerns are compelling, the market may be slow to react to this initiative because so few customers actually use location-based technology, analysts say.

Only 10 percent of the PDAs sold today are equipped with internal GPS antennas, and most of those are in Europe, where the more complex roads and diversity of languages have made street mapping a larger market, said Todd Kort, principal analyst for Gartner Dataquest.

In contrast, nearly 90 percent of CDMA phones from Sprint Nextel and Verizon offer assisted-GPS technology, which relies on Intel's type of cell tower navigation technique. But most users don't know it exists or have chosen not to use it, he said.

"It's great that it's there, and someday we'll appreciate it, but it is something that's in the back of Americans' minds and will not be a driving force for sales," Kort said.

Software Developers Have Control

In the meantime, Intel faces a continuing challenge as it must convince developers to abide by its privacy initiative. The new addendum is useless if software developers don't obey it, so the company has begun a campaign to build support in the open-source community.

"We believe that a bottoms-up effort to encourage the development of privacy-sensitive social norms is necessary, and in fact critical, for both privacy and public adoption of the technology," Miller said.


Not a trivial question. If Osama bin Laden owns his location, do we violate copyright by targeting a smart bomb?

http://techdirt.com/articles/20061109/103329.shtml

Who Owns Your Location Information?

from the where's-waldo? dept

Location-based services have long been a hot topic in wireless, even if they've largely failed to live up to the ridiculous level of hype thus far. However, even though relatively few handsets currently have the ability to pinpoint users' locations with the accuracy of GPS, operators do keep less detailed location information, such as the towers from which calls are made or messages sent. This information is used for different reasons, such as billing, and is more commonly being used by law enforcement as forensic evidence. One researcher who was called as an expert witness in a trial recently to help explain such evidence is now wondering just who owns that location information. Obviously in criminal cases, it must be subpoenaed from an operator, but the researcher says his operator won't even provide him with the location info they have regarding his own calls. It's also unclear what operators' policies are with this information. Some operators are already delivering aggregated location information to companies that use it to determine how road traffic is moving. While this is anonymous, general data, what if operators decided they could start a nice new revenue line by selling individual information to anybody who wanted it? As location-based services proliferate, these sorts of questions are bound to pop up more frequently. While the services do have the potential to be very useful, they'll also need to come with safeguards that allow people to control who can see their location data and how it can be used.



http://www.eweek.com/article2/0,1759,2055066,00.asp?kc=EWRSS03119TX1K0000594

Data Governance Rises to Top of Compliance Efforts

By Matt Hines November 9, 2006

News Analysis: Companies should look closely at how they manage their databases to make the compliance auditing process less painful and more cost-effective, analysts contend.

NEW YORK—Analysts in the field of regulatory compliance say enterprises should increasingly build their IT auditing processes around database governance efforts.

... Among the technologies utilized to help forward such efforts are software tools used for tracking the manner in which employees are looking at files, and how they behave while logged into databases.

In addition to increasing companies' security by providing a method of detecting an potential misuse of database information, the technologies provide the type of detailed paper trail that compliance auditors demand when inspecting enterprise operations, said Paul Proctor, analyst with Gartner, in Stamford, Conn.



...documentation of the absolute minimum...

http://www.bespacific.com/mt/archives/012970.html

November 09, 2006

NIST Information Security Handbook: A Guide for Managers

November 7, 2006: "NIST is proud to announce the release of Special Publication 800-100, Information Security Handbook: A Guide for Managers. The purpose of this publication is to inform members of the information security management team [agency heads, chief information officers (CIO), senior agency information security officers (SAISO), and security managers] about various aspects of information security that they will be expected to implement and oversee in their respective organizations. (176 pages, PDF)



I've repeatedly mentioned how easy it is to get at this data. Now you don't have to pretend you've never seen it!

http://www.bespacific.com/mt/archives/012975.html

November 09, 2006

Lawyers Receiving Electronic Documents are Free to Examine 'Hidden' Metadata: ABA Ethics Opinion

Press release: "Lawyers who receive electronic documents are free to look for and use information hidden in metadata – information embedded in electronically produced documents – even if the documents were provided by an opposing lawyer, according to a new ethics opinion from the American Bar Association."



It's all about getting even. “This virus brought to you by ____[enter name of person you dislike here]_____ .”

http://www.f-secure.com/weblog/#00001017

Gromozon vs. Marco Giuliani

Posted by Paolo @ 14:28 GMT Thursday, November 9, 2006

... After being utterly frustrated by the inability to bypass Prevx's dedicated disinfection tool, Gromozon's authors decided to attack on another front. In the latest variants of Gromozon, whenever an analysis tool, such as our F-Secure BlackLight, or more generically a "banned" application is detected, the malware itself will present the user with a lovely message that leads him to believe that the source behind the malware are the guys from Prevx, and especially Marco Giuliani - one of the first security researchers to study Gromozon in depth and to provide a disinfection tool.



http://techdirt.com/articles/20061109/144849.shtml

So Now He Tells Us: Alan Greenspan Doesn't Like Sarbanes-Oxley

from the thanks-for-nothing dept

Despite the major financial scandals from a few years ago, embodied most famously by the collapse of Enron, there's good reason to think that the resulting Sarbanes-Oxley regulation was a poor response to the problem that ultimately had the effect of making the US a worse place to do business. Apparently, ex-Federal Reserve Chairman Alan Greenspan agrees, calling parts of the bill a "nightmare". He also said some interesting things about the nature of financial reporting, noting that it was something of an art form, which makes it hard to believe that we'll ever have real-time financial reporting. Greenspan added that he's optimistic that certain parts of the law will be changed, noting that some of the incoming Democratic leadership are open to the idea. It's good to hear him speaking up, but we wonder why he waited until he was out of office to let his opinions be known. Perhaps at the time he didn't feel it was his place to talk about it, or maybe it's just a matter of now having some hindight. Unfortunately, it's always easier to get things passed than to get them repealed.



Think of them as ring tones for your computer based phone system. When you lawyer calls, use the Jack Nicholson clip, and use Brando is you ever get a call from John Kerry?

http://news.com.com/2100-1026_3-6134027.html

Copyright eased for clips offered by Grouper

By Greg Sandoval Story last modified Thu Nov 09 09:40:58 PST 2006

Film clips featuring stars such as Jack Nicholson, Tom Cruise and Cameron Diaz can now be shared online without violating copyright law.

Grouper.com, acquired last August by Sony Pictures Entertainment, is offering snippets from 100 Sony films and TV shows for users to integrate into blogs and on social networking sites such as MySpace, the company said Thursday.

Fans can choose, for example, to have Nicholson appear barking "You can't handle the truth!" (in A Few Good Men) or Marlon Brando declaring "I could have been a contender" (in On the Waterfront).

... To avoid court battles, some video sites are trying to strike content-sharing deals with studios and music labels.

That's what Sony said it is after with Grouper's new "ScreenBites" channel. By offering famous scenes from hit films for free, Sony is hoping fans will be prompted to buy the full-length movie, the company said in a statement. [Sony thought of this all by themselves? Wow! Bob]

... Sony and Grouper plan to offer many more clips from Sony's library and eventually offer them for people to include in homemade videos.

"The challenge with that is making sure that we have the right commerce model," Felser said. "We want the copyright holder to feel good about it. Remember, a lot of this works because it's promotional. Sony is promoting the sale of their content in a way that's never been tried before."

Felser predicted that competitors may have trouble offering a similar service. He said that had Grouper not been part of Sony, the deal may not have ever gotten done.

Even as a unit of Sony, Grouper had to wait until it received the proper rights clearances, video from Sony's library was pulled, and contracts with actors and other creators were checked for clauses that may prevent such an offering.



http://digg.com/videos_comedy/NBC_Launches_New_Online_Comedy_Channel

NBC Launches New Online Comedy Channel

toprank submitted by toprank 18 hours 34 minutes ago (via http://www.dotcomedy.com/cs/Satellite?c=DC_P&childpagename=DotComedy%2FDCLayout&cid=1155067928952&channel=Home&channelid=1155067928952&pagename=DCWrapper )

Watch free comedy on-demand ranging from standup with Tenacious D to late night re-runs, sitcoms and viral videos. Users can vote, tag and submit their own videos as well.



One of those headline grabbing (but ultimately worthless?) statistics.

http://www.comscore.com/press/release.asp?press=1057

More than Half of Top 25 U.S. Web Properties Generate More Traffic from Outside the U.S. than from Within

Lion’s Share of Visitors to Top 5 U.S. Web Properties – Yahoo!, Time Warner, Microsoft, Google and eBay – Come from Outside the U.S.

London, UK, November 9, 2006 – comScore Networks, a leader in measuring the digital age, today released the results of a study showing that 14 of the top 25 U.S. Web properties attract more traffic from people outside the U.S. than from within. Among them are the Top 5 Web properties in the U.S. – Yahoo! Sites, Time Warner Network, Microsoft Sites, Google Sites and eBay.

As Internet usage outside the U.S. has grown rapidly from a small base, the U.S. share of the world’s online population has fallen from 65 percent to less than 25 percent in the last 10 years,” [that sort of explains it, doesn't it? Bob] said Bob Ivins, managing director of comScore Europe. “The fact that more than three-quarters of the traffic to Google, Yahoo!, and Microsoft is now coming from outside of the U.S. is indicative of what a truly global medium the Internet has become.”

... Some sites do not attract a substantial percentage of international visitors. Examples include U.S.-based, telecommunications/ cable companies such as Verizon and AT&T, media entities including Fox (owners of MySpace), New York Times Digital, and CBS, and major U.S. retailers, banks and airlines such as Target, Wal-Mart, Bank of America and United.



Is this headline an attempt to attract students to computer science programs?

http://oedb.org/library/financial-aid/hacking-financial-aid

Hacking Financial Aid: 33 Ways to Get Money for College

Published on Wednesday 18th of October, 2006

The cost of college is constantly on the rise. The average cost of attending a four-year public college has increased over 40% since 2000. And according to a report from the Campaign for America's Future (PDF link), just one year at a public university consumes 25% of the annual median household income in the United States, while one year at a private university consumes 57%. Considering how expensive it is becoming to attend college, it's no wonder that approximately $90 billion in financial aid money is awarded to United States college students each year. So you're about to go to college, or perhaps you're already in college. How can you get your hands on this money?

No comments: