Wednesday, January 10, 2007

Somehow, this doesn't give me that warm fuzzy feeling...

http://www.theinquirer.net/default.aspx?article=36814

Government spooks helped Microsoft build Vista

Helping a Vole out of a hole

By Nick Farrell: Tuesday 09 January 2007, 14:26

THE USA GOVERNMENT'S cryptologic organisation, the National Security Agency, has admitted that it is behind some of the security changes to Microsoft's operating system Vista.

According to the Washington Post, the agency which was once so secret that it was jokingly referred to as 'No such Agency' has admitted making 'unspecified contributions' to Vista.

Tony Sager, the NSA's chief of vulnerability analysis and operations group, told the Post that it was the agency's intention to help everyone these days.

The NSA used a red and a blue team to pull apart the software. The red team posed as "the determined, technically competent adversary" to disrupt, corrupt or steal information. The Blue team helped Defense Department system administrators with Vista's configuration.

Vole said that it has sought help from the NSA over the last four years. Apparently its skills can be seen in the Windows XP consumer version and the Windows Server 2003 for corporate customers.

The assistance is at the US taxpayers' expense, although the NSA says it all makes perfect sense. Not only is the NSA protecting United States business, its own Defense Department uses VoleWare so it is in the government's interest to make sure it is as secure as possible.

Microsoft is not the only one to tap the spooks. Apple, with its Mac OSX operating system, and Novell with its SUSE Linux also asked the NSA what it thought of their products. The NSA is quite good at finding weapons of mass destruction that are not there.



Perhaps this is too technical for Homeland Security?

http://today.reuters.com/news/articlenews.aspx?type=internetNews&storyID=2007-01-09T082356Z_01_L09913020_RTRUKOC_0_US-BRITAIN-SECURITY-EMAILS.xml

Britain's MI5 spy agency to send terror alert emails

Tue Jan 9, 2007 3:24 AM ET

LONDON (Reuters) - Britain's domestic spy agency MI5 launched a new email alert service on Tuesday to warn the public about changes in the security threat level.

Internet users will be able to register on the MI5 Web site to receive automatic electronic updates in their email inboxes.

The email alerts are the latest in a series of moves by MI5 and its partner, the international spy agency MI6, to open up to the public after decades of guarding extreme secrecy.

"It's part of the service's ongoing effort to improve its public communications and contribute to the government's policy of keeping the public informed about the national threat level," a spokeswoman for the home office said.

In recent years both MI5 and MI6 have begun to emerge from the shadows, launching Web sites offering security advice and information about careers in the spy services, and even running recruitment advertisements in newspapers.

The spokeswoman said the email alert service would inform people of threat level ratings which the government has been making public since last August.

The current rating is "severe", the second-highest level -- indicating the government believes an attack is highly likely.

The head of MI5, Eliza Manningham-Buller, said last November that there were at least 30 active Islamist militant plots in Britain and the threats could involve chemical or nuclear devices.

As well as signing up for threat updates, Internet users will also be able to register for email alerts on any other new information posted on the MI5 Web site.



This is a common marketing technique, but at the low end of parental “comfort factor”

http://www.newsday.com/news/printedition/longisland/ny-lisuit105046407jan10,0,2829709.story?coll=ny-linews-print

Pentagon, students settle privacy case

BY GRAHAM RAYMAN Newsday Staff Writer January 10, 2007

The Pentagon has agreed to new limits on the use of student information contained in a massive database used for military recruiting.

The rule changes, reported in the Federal Register yesterday, settle a lawsuit by the New York Civil Liberties Union on behalf of five high school students who said the database violated their privacy rights.

... The database, known as JAMRS for Joint Advertising and Market Research Studies, contains some 40 million names culled from various sources, including lists purchased from marketing firms.

DOD agreed not to disclose student information to law enforcement or credit agencies, to keep personal information for three years instead of five, and to stop collecting student Social Security numbers.

The rules also clarify procedures allowing students to block the military from including their information in the database.

... Yesterday's settlement does not prevent the Pentagon from collecting information on the race and ethnicity of students, which has drawn criticism from the civil liberties organization as well.

"I think it's unfair for the military to use a person's ethnicity as a means to get a person to join the army," said Healey, a volunteer at NYCLU who plans to attend Wesleyan University in the fall.

To keep their names out of the database, students must send a letter to the JAMRS offices, 4040 N. Fairfax Dr., Ste. 200, Arlington, VA 22203.



Who should control (own?) your information?

http://www.pogowasright.org/article.php?story=20070110072923367

Kaine: a Do-Not-Sell List would protect our privacy

Wednesday, January 10 2007 @ 07:29 AM CST - Contributed by: PrivacyNews - State/Local Govt.

Much as the federal "do not call" list is intended to block pesky telemarketers, Gov. Timothy M. Kaine wants a similar registry to help people protect their personal information. Kaine said Tuesday that he is forming a study group to figure out how to create a state Do Not Sell list that would prohibit credit card companies and other financial institutions from selling personal information about people who sign up for the registry.

http://content.hamptonroads.com/story.cfm?story=117332&ran=92080



If they are that dumb, perhaps they should be eliminated from the gene pool?

http://www.pogowasright.org/article.php?story=20070110072809971

Lawyers' association criticizes scrutiny of credit card transactions

Wednesday, January 10 2007 @ 07:28 AM CST - Contributed by: PrivacyNews - Non-U.S. News

The German Bar Association (DAV) has voiced grave doubts about the scrutiny of credit card data that the prosecuting authorities had initiated in the course of an enforcement operation aimed at the Internet-based child pornography scene; an approach that has allowed the authorities to score a spectacular success in their fight against child pornography.

http://www.heise.de/english/newsticker/news/83488

[From the article: In the opinion of data privacy watchdogs this investigative approach by and large provides no grounds for legal objections. Banks are in the opinion of the Data Protection Commissioner of the federal state of Schleswig-Holstein entitled, under certain conditions, to make available to the prosecuting authorities credit card information relating to suspects. The investigators too have been at pains to point out that the measures in question did not amount to a profiling-based data trawling operation. "The means applied here boil down to a classical method of criminal investigation, to which no legal objections can be raised," Thilo Weichert, the Data Protection Commissioner of the federal state of Schleswig-Holstein and head of the Independent State Center for Data Protection of Schleswig-Holstein (ULD) remarked.



Different cultures, different rules. Think it never happens in the US? See the next article...

http://techdirt.com/articles/20070109/191918.shtml

Japanese Defense Agency Finally Decides That Staff Shouldn't Keep Nuclear Secrets On Personal Laptops In Shared Folders

from the took-'em-long-enough dept

You may recall a year and a half ago that some Japanese nuclear secrets were revealed to the world thanks to an IT contractor putting files on a personal computer that happened to have the popular Japanese file sharing app, Winny, installed. You would think that Japan would crack down on these sorts of practices, making sure that staff not be allowed to put sensitive files on personal computers or to install file sharing apps on government computers. However, instead, they just came out and publicly begged people not to use file sharing programs and to simply delete inappropriate info they might have downloaded. However, it appears that hasn't worked very well. The Japanese Defense Agency is admitting they know of at least at least 27 cases of sensitive information being exposed via Winny in the last few years -- starting not with the nuclear secrets in 2005, but fiscal data in 2002. Yes, for over four years they've known about the issue, and just now they've decided that maybe it would be a good idea to buy separate computers for Defense Agency staff, so that they don't feel the need to put confidential Agency data on their home computers. It took them this long to figure this out? Of course, the government was much faster in going after the creator of Winny and finding him guilty of helping copyright violations. Perhaps they would have been better off focusing on not revealing state secrets, rather than charging a software programmer for building a useful tool that has been misused by government employees.


http://www.pogowasright.org/article.php?story=20070110073019446

More Federal Agencies Report Missing Laptops

Wednesday, January 10 2007 @ 07:30 AM CST - Contributed by: PrivacyNews - Fed. Govt.

WASHINGTON - Over the past five years, the United States Department of Defense has reported 60 laptop computers missing or stolen from their inventory.

According to documents obtained by WTOP through a Freedom of Information Act request, the DOD is not alone. Many of other federal agencies have reported similar or even higher numbers:

National Oceanic and Atmospheric Administration: 319

Department of Interior: 240

Environmental Protection Agency: 60

Department of Labor: 57

National Institute of Standards and Technology: 35

International Trade Administration: 30

Department of Housing and Urban Development: 15

U.S. Patent and Trademark: 9

http://www.wtopnews.com/index.php?nid=428&sid=1028375



No doubt the higher the amount required the greater your “bragging rights” Would kidnapping insurance cover this?

http://www.foxnews.com/story/0,2933,242609,00.html

FBI Investigating 'Hit Man' E-Mail Scheme

Tuesday , January 09, 2007

PITTSBURGH — Dentists, doctors, lawyers and other professionals in the Pittsburgh area have been targeted by a "hit man" e-mail scheme, receiving messages that tell them to pay up to keep their lives, the FBI said.

The e-mail, which was sent to most recipients around Christmas, tells the reader that there is a contract out on his life, generally for $50,000. It says that if the recipient sends the "hit man" more money than that — generally ranging from $80,000 to $150,000 — the hit man will leave him alone.

No one has reportedly lost money or been harmed in the scam, but some recipients were unnerved by the messages, said Special Agent Bill Shore, who supervises the computer crime squad in the Pittsburgh FBI office.

"You think, 'What did I get into? What do I gotta do to get out of this?"' Shore said.

The FBI became aware of the scam when people in Atlanta and New Orleans received similar e-mail in early December, Shore said. The scheme seems to have originated in Russia.



Jonathan has gone rather “gloom & doom” hasn't he?

http://www.wired.com/wired/archive/15.01/start.html?pg=15

End-Time for the Internet

Spam, spyware, and viruses can already get in the way of good, clean computing fun. But what happens when malicious code becomes apocalyptic? According to Jonathan Zittrain, professor of Internet governance and regulation at Oxford University, these software saboteurs will drive smart users to dumber appliances like BlackBerrys, iPods, and Xboxes. In his upcoming book, Zittrain writes that the migration to closed systems will end innovation on the Internet. We asked the veteran info-freedom fighter why he’s wearing such gloom-colored glasses.

WIRED: Your scenario is classic – in a backlash against the baddies, we give up our own freedom.

ZITTRAIN: My worry is that users will drift into gated communities defined by their hardware or their network. They’ll switch to information appliances that are great at what they do [email, music, games] because they’re so tightly controlled by their makers.

Things would have to get pretty damn bad to make us abandon our PCs.

It’s plausible they will. It could happen through a watershed moment: A virus infects 50 percent of a corporate network and erases hard drives.

Why hasn’t that happened already?

Great question – analogous to asking why there haven’t been low-level, high-impact acts of terrorism in theaters and shopping malls. The answer is not that security prevents it.

We’re not going to un-network the world.

The problem is, we’re moving to software-as-service, which can be yanked or transformed at any moment. The ability of your PC to run independent code is an important safety valve.

You really think the sky could be falling?

Yes. Though by the time it falls, it may seem perfectly normal. It’s entirely possible that the past 25 years will seem like an extended version of the infatuation we once had with CB radio, when we thought that it was the great new power to the people.



http://www.bespacific.com/mt/archives/013524.html

January 09, 2007

The 2007 Statistical Abstract Available on Web

"The Statistical Abstract of the United States, published since 1878, is the authoritative and comprehensive summary of statistics on the social, political, and economic organization of the United States." [The 2007 Statistical Abstract]



Could this be a useful research tool?

http://www.bespacific.com/mt/archives/013532.html

January 09, 2007

Project for Excellence in Journalism Launches News Coverage Index

"The Project for Excellence in Journalism (PEJ) News Coverage Index, which will be released every Tuesday, is an ongoing study of the news agenda of a wide swath of the American press, measuring the topics covered in 48 different outlets from five sectors of the American media. (See a List of Outlets.) The Index is an attempt to provide an at what the media are and aren't covering, the trajectories of major stories and differences among news platforms. We believe it is the largest continuing study of the mempirical lookedia agenda ever attempted."

  • See also the Tyndall Report, that "monitors the American television network's weekday nightly newscasts."



Perhaps a few useful ideas may bounce off congress...

http://www.bespacific.com/mt/archives/013536.html

January 09, 2007

Senate Judiciary Committee Hearing on Balancing Privacy and Security

Senate Judiciary Committee hearing, January 10, 2007 - "Balancing Privacy and Security: The Privacy Implications of Government Data Mining Programs."



Is the assumption that a great deal of attention now is better than a little attention over the next few months/years? Is the “Striesand Effect” even considered? Who gets consulted before these decisions are made?

http://techdirt.com/articles/20070108/200759.shtml

Eli Lilly Doesn't Want Incriminating Documents Linked From A Wiki

from the you-do-understand-how-the-internet-works,-right? dept

In the latest case involving a big company trying to shut someone up (thereby only drawing that much more attention to it), Eli Lilly apparently was upset that someone had leaked documents suggesting that the pharmaceutical company had downplayed the side effects of its best selling drug, Zyprexa. The company has apparently gone on to pay out over a billion dollars in settlements concerning the drug, but one thing they apparently can't stand is anyone linking to the incriminating documents. Some people got together and put together a wiki that linked to some of the leaked documents, and a court ordered that the links be taken off the wiki. The EFF is defending the still anonymous wiki posters, pointing out that this appears to be a First Amendment violation. The people who put together the wiki were not a part of the lawsuit, and simply were pointing to the documents -- which should leave them outside the jurisdiction of the court. Of course, as has been pointed out over and over again, all this is really doing is getting additional publicity to the fact that these documents existed. So, it seems like any effort to get them completely banned has done the opposite of what Eli Lilly intended.


Ah, Judges can be educated!

http://techdirt.com/articles/20070109/102400.shtml

Brazilian Judge Taught Just A Little About The Internet; Lifts YouTube Ban

from the shouldn't-he-have-done-that-first? dept

It's become quite common for judges who don't quite understand technology to make bad rulings in technology-related cases. Smart judges at least make an effort to actually understand the technology, but you would think they should do so before ordering things to be shut down. Last week, we told you about a Brazilian judge ordering YouTube offline because some people had seen a video on the site of a well-known Brazilian model having sex on the beach. Even though YouTube had removed the video, others had put it back, and so the judge demanded that YouTube be taken down. Barring that, he suggested that ISPs step up and block YouTube, which apparently a few of them have done. However, at some point, the judge apparently got a slightly better understanding of how the internet worked, and has now lifted the original order, while demanding an explanation for why these ISPs can't just block the video, but leave access to the rest of YouTube. So, apparently, it's now clear that banning all of YouTube over one video is inappropriate, but the lessons haven't reached the point where the judge understands that banning anything online, or expecting an ISP to be able to block just a certain video is impossible.



I'll probably add articles like this to my “Intro to Computers” and my “Business Planning” classes...

http://www.netbusinessblog.com/2007/01/09/building-a-niche-minisite/

Building a Niche Minisite (Part 1)

Posted on January 9, 2007 by: Matt | Minisites |

One of the easiest ways to make money online today is by creating “niche minisites.” The internet is huge, and it’s growing bigger everyday. You can always make a site that attempts to compete in large content areas, and you can succeed if you put enough time, effort, and money into it. What if you don’t have a lot of time? What if you don’t have much startup money? What if you’re lazy (even too lazy to start a Myspace turnkey)? Well then maybe you should give niche minisites a shot.

No comments: