Saturday, September 24, 2005

Rita Aftermath: Gridlock feared in rush home

Lynn J. Cook, David Ivanovich and R.G. Ratcliffe write in The Houston Chronicle:

Hoping to avoid a repeat of the highway gridlock and fuel shortages that frustrated and stranded Houston residents fleeing from Hurricane Rita, Texas' governor is calling for evacuees to stay put while authorities come up with a plan to stagger their return.

Because of the need to bring rescue crews and supplies into the region, outbound lanes of the highways will not be opened to returning traffic.

"Stay patient. Stay put," Gov. Rick Perry said this morning. "I can't say in strong enough terms to those who evacuated the coastal region they should not begin to return for the time being. We are not through assessing the damage. We cannot assure you at this time that your community is safe to return to.''

State and city officials -- along with Houston-area schools that must decide when to start classes -- will attempt to coordinate residents' return home. Time is needed to restock fuel supplies along the return route. Oil companies are gearing up to replenish drained gas stations that were sucked dry after the masses motored for higher ground.

Update: Hurricane Rita Update, Now a Cat 1 Storm

Latest advisory [10:00 CDT 24 Sept. 2005] from The National Hurricane Center here.

Latest projected path:

Latest GOES Infra Red (IR) satellite image:

Credit card companies can keep data ID theft secret

Andrew Orlowski writes in The Register:

Credit card companies don't have to notify customers their personal information has been stolen, a California Judge ruled today.

The Rothken law firm in Marin County, Ca had brought a class action suit on behalf of cardholders and merchants against CardSystems Solutions, Visa and MasterCard following a high profile data ID heist in June.

The suit accused the defendents of violating California state law by failing to notify them that personal data had been viewed by hackers, or the data obtained by the intruders.

In June, CardSystems admitted intruders had compromised the confidentiality of 40 million credit card holders, and 200,000 records had left the network. CardSystems had refused to notify the card holders. The Rothken suit also requested that chargeback fees or penalties on hapless card holders who were the victims of ID theft should be waived.

But a San Francisco Superior Court Judge, Richard Kramer, disagreed. "I don't see the emergency," he said. "I don't think there is an immediate threat of irreparable injury" to consumers.

Visa and MasterCard argued that because their relationship is with the issuing banks, not the customers, they don't have to notify the victims.

Friday, September 23, 2005

Yahoo turns Hollywood as media rivals watch

A New York Times article by Saul Hansell, via The International Herald Tribune, reports that:

As the space shuttle Discovery orbited the Earth in early August, millions of people visited Yahoo, which runs the most popular news site on the Internet, to see the nail-biting conclusion to the troubled shuttle mission. Could the U.S. space agency find a way to bring the astronauts home safely?

Despite the drama and the huge number of users, Lloyd Braun, the television impresario hired last year to oversee Yahoo's media operation, was not satisfied. All Yahoo was offering its users, he fumed, was a white page filled with links to other sites on the Web.

He made his frustration clear to Scott Moore, who had defected from Microsoft to run Yahoo's news operation. Within a few hours, Moore orchestrated a quick fix to make the shuttle page comply with Braun's mantras: "more immersive," "more engaging," and most of all, more original programming.

Braun's handiwork is just starting to be seen at Yahoo. And as he increasingly puts his stamp on the company, the rest of the media - both old and new - are watching carefully, if not nervously.

Rita Brings New Wave of Net Profiteering

Brian Krebs writes in The Washington Post:

In a spree mirroring the online gold rush that accompanied Hurricane Katrina's landfall and aftermath, online speculators are scooping up hundreds of Hurricane Rita-related Web domain names, and Rita-themed Internet auctions have begun in earnest.

The quick proliferation of questionable activities has spurred the federal government into partnering with Internet service providers, computer security companies and anti-spam groups to shut down and prosecute owners of fraudulent sites, according to several participants in the ad-hoc task force.

Tom Liston, a security consultant with Washington-based and an incident handler with the SANS Internet Storm Center, worked with ISPs and law enforcement officials to shut down more than 40 Web sites falsely claiming to raise money to benefit relief organizations helping Hurricane Katrina victims.

Liston began tracking new Web site registrations containing the word "Rita" on Monday. So far, he has found more than 1,100 such sites, and he estimates that a fair number of them will be converted for use in Rita-related fundraising schemes in the coming weeks.

On Thursday, someone began auctioning off a burnt piece of toast with the meteorological symbol for a hurricane and the word "Rita" scraped onto it, promising to donate 40 percent of the final auction price to storm victims. EBay shut down the auction later that day.

Rita Pushes Blogs, Rich Maps to Forefront

An AP newswire article by Anick Jesdanun, via Yahoo! News, reports that:

As Hurricane Rita approached, editors at the Houston Chronicle decided to experiment: They hand-picked about a dozen Web diarists and asked them to post regular dispatches on the newspaper's online blog — all without any editorial intervention.

"One of the benefits to blogs is that they tend to be more personal, they tend to provide more the emotional feel of an event," said Dwight Silverman, the Chronicle's interactive journalism editor. "In traditional reporting you put on your poker face and do your writing. ... It's not supposed to be the writer's emotions."

The Chronicle set up a second blog for its own staff writers — this one edited — to post anecdotes and other info before they appeared in any stories, print or online. And science writer Eric Berger devoted his regular blog, SciGuy, to the storm.

Besides the Chronicle's blogs, Web surfers were able to get firsthand accounts Friday through podcasts and photographs. They could track the storm using Google-powered maps. And they could find housing and other emergency information from government and private Web sites.

China steps up Web controls but investors untroubled

A Reuters newswire article by Lindsay Black, via Yahoo! News, reports that:

China's cyber police have intensified controls over the country's 100 million Internet users in the past few months but that hasn't stopped Western Web firms from pushing ever farther into the booming market.

Rather than using their clout to help push the boundaries of free speech and information in the one-party state, critics say companies like Google, Yahoo Inc. and Microsoft Corp. are at best turning a blind eye to the machinations of the cyber police.

"It's too early to say that just by doing business in China and developing the Internet in China they will foster democracy and human rights," said Julien Pain, of media watchdog Reporters Without Borders.

"It doesn't work that way."

Indeed, the group says there is evidence the opposite is happening, with the major Web players accused in the past of pre-empting the government by routinely blocking discussions on sensitive subjects from the 1989 democracy movement to the spiritual group Falun Gong.

Some Texas mobile phones get busy signal in Rita wait

A Reuters newswire article, via Yahoo! News, reports that:

Some Texas cell phone customers were getting busy signals.

Cingular Wireless reported that some customers in the Houston area have been unable to get through because of the high call volume as the city braces for Hurricane Rita. Earlier some Verizon Wireless customers faced the same problems.

The companies urged customers in the region to keep phone calls short or send text messages, which take up less space on the phone networks.

Hurricane Katrina damaged some communications networks, particularly in the city of New Orleans.

Verizon Wireless said it had resolved earlier call volume issues in the run-up to Rita by adding mobile broadcast tower equipment and reconfiguring its network to increase the number of calls it could handle in certain areas.

"We've expanded the capacity of our network to support the higher call volumes in areas where people are being evacuated to," said Verizon Wireless spokesperson Sheryl Sellaway.

PayPal glitch sparks customer anger

Andy McCue writes in C|Net News:

Online payments company PayPal is working to fix a glitch that has been causing duplicate debit card withdrawals and deposits on some customer accounts since the beginning of September.

The problem first surfaced on Sept. 6, when some PayPal customers noticed duplicate withdrawals from their debit cards that sent their accounts into the red. Two weeks later, more PayPal customers also reported duplicate withdrawals and deposits into their accounts.

PayPal is blaming the duplicate withdrawals on a third-party processing error with some PIN-based transactions.

A statement from PayPal's parent company, eBay, posted on one of its discussion forums on Sept. 19, apologized for the inconvenience and said: "Although we initially believed this irregularity was corrected last week, it appears that some transactions are still being affected. We are working to resolve this issue as quickly as possible."

FCC: IP Vital For Emergency Communications

Roy Mark writes in

With Hurricane Rita promising a reprise of the communications collapse during Hurricane Katrina earlier this month, Federal Communications Commission (FCC) Chairman Kevin Martin told lawmakers Thursday the Internet must become a vital part of the nation's emergency response system.

According to the FCC, Katrina knocked down more than 3 million customer telephone lines in Louisiana, Mississippi and Alabama. More than 20 million telephone calls did not go through the day after Katrina. Local wireless networks fared no better with more than 1,000 cell sites out of service.

Even if calls had been able to get through, first responders were hamstrung by the fact that thirty-eight 911 call centers went down.

"We should take full advantage of IP-based technologies to enhance the resiliency of a traditional communications network," Martin told a Senate panel. "IP technology provides the dynamic capability to change and reroute telecommunications traffic within the traditional network."

Carriers Brace for Rita

Via Red Herring.

As Hurricane Rita powered its way across the Gulf Coast region of the United States, the telecommunications industry mobilized resources that already have been rendered thin by Hurricane Katrina.

“The question is: Is there enough support equipment freed up from Katrina in the time frame we have? I doubt that,” said Joe Nordgaard, managing director of Spectral Advantage, a strategic consulting firm. “A lot of the inventory of mobile equipment held in reserve could be consumed by Katrina. We don’t usually get hit by two major hurricanes back-to-back like this.”

While SBC and Cingular, the primary landline and wireless service providers in the region, were in the process of mobilizing their personnel in preparation for an expected hit along the Texas coast on Friday, the vendor community was expected to come up with any additional mobile equipment.

Groups Warn of Hurricane Rita Cyber-Scams

David Morgenstern writes in eWeek:

With Hurricane Rita looming offshore and the Gulf Coast populace heading to higher ground, several Internet watchdogs on Thursday prepared a volunteer effort to combat an expected wave of donation scams.

An international "call to arms" notice went out on the MWP (Malicious Websites and Phishing) research and operational mailing list by Gadi Evron, the CERT manager in Israel's ministry of finance.

"Over the next few days, some of us are going to process information about sites that will probably be used for Rita scams," Evron said in his posting. "Through MWP resources and ISP connections, we are going to make sure these sites are taken off-line as soon as we detect them."

Evron said that through coordination with a registrar list, the MWP group looked to terminate the domains at the registrar level.

In addition, the MWP hoped to gain the cooperation of several incident-response mechanisms to build the list of offending sites.

Cisco Inks Deal To Upgrade World's Largest Educational Network

Great -- faster botnets and phishers...

Matthew Friedman writes in Networking Pipeline:

Cisco has signed a deal to supply the China Education and Research Network (CERNET) with CRS-1 Carrier Routing System hardware for its upgrade of the world's largest educational network.

CERNET serves some 20 million users at more that 1000 universities and research facilities in China and is also part of the country's Internet backbone. The network will deploy the Cisco CRS-1 in its core network nodes in Beijing, Shanghai, Guangzhou, Wuhan and Nanjing as part of a general upgrade of the national backbone network. With the upgrade, CERNET expects to improve overall network performance and provide support for resource-hungry advanced applications.

No 'Net Neutrality' Laws Needed, Panel Says

Lawrance Binda writes in Advanced IP Pipeline:

When it comes to Net Neutrality, does the government know best?

Emphatically no, according to a consensus of telecom professionals and lobbyists assembled Wednesday in downtown Washington. Among industry players, concern is mounting over exactly what the FCC meant when, last month, it issued four basic principles that it claims will preserve the open and interconnected nature of the net.

Could such principles -- called by some proponents as a way to guarantee Internet freedom -- actually stifle innovation and result in fewer choices for consumers? Perhaps even more distressing for the large incumbents in telecom and cable industries -- do they indicate growing government assertiveness in the regulation of broadband?

These issues were batted back and forth at “Net Neutrality or Net Neutering in a Post-Brand X World,” an event sponsored by the D.C.-based Progress & Freedom Foundation (PFF). Most of the seven-person panel expressed little faith in the federal government to effectively regulate high-speed Internet access, while encouraging robust competition, maximum innovation and effective investment as an alternative to codified “freedoms.”

Thousands of AOL UK users lose connection

Ken Young writes on

Thousands of UK AOL subscribers lost broadband connectivity earlier this week as a result of a faulty network fix sent out by the firm as part of a broadband upgrade.

AOL sent pop-ups to 50,000 subscribers which when clicked on disabled their connections. AOL admitted that around half of its subscribers lost connection.

The pop-up announced: "We are conducting a network upgrade and need you to adapt your settings." It then offered a series of options.

Those who clicked on the pop-up lost their connections and were unable to reconnect. As a result thousands of subscribers besieged the AOL helpdesk.

Take-Two to resume sales of Grand Theft Auto

Via Reuters.

Take-Two Interactive Software Inc. on Friday said it would resume sales of "Grand Theft Auto: San Andreas" in October, two months after the violent game was pulled from store shelves because of hidden sex scenes.

Take-Two's Rockstar Games publishing house said that starting October 18, it would sell a special-edition of "Grand Theft Auto: San Andreas" for Sony Corp.'s PlayStation 2 console system. It will include a DVD with a backstory to the game and a documentary film called "Sunday Driver."

Take-Two also will release a bundle of "Grand Theft Auto 3," "Grand Theft Auto: Vice City" and "Grand Theft Auto: San Andreas" for Microsoft Corp.'s Xbox system.

Take-Two was forced to pull the blockbuster "San Andreas" off retail shelves this summer after people tinkering with the game's code found a hidden segment that let the player's character simulate sex with a female character.

Shanghai bans Chinese Internet slang

An AP newswire article, via The Globe and Mail, reports that:

So long, "MM," "PK," and "konglong."

The language police in Shanghai, China's largest city, plan to ban those and other Chinese Internet slang terms from classrooms, official documents, and publications produced in the city, newspapers reported Friday.

"On the Web, Internet slang is convenient and satisfying, but the mainstream media have a responsibility to guide proper and legal language usage," the Shanghai Morning Post quoted city official Xia Xiurong as saying.

Internet chat and instant messaging are hugely popular with China's increasingly computer-literate youth, who employ an ad-hoc vocabulary of invented, abbreviated and borrowed terms such as "MM," meaning girl, "PK," or player killer, for one's competitor, "konglong" or dinosaur for an unattractive woman.

CyberSource intends to buy CardSystems assets

A Reuters newswire article, via The Washington Post, reports that:

Electronic payments company CyberSource Corp. on Friday said it intends to buy most of the assets of CardSystems Solutions Inc., the credit-card processing company hit by a massive security breach earlier this year.

CyberSource has signed a letter of intent to acquire the assets of privately held CardSystems for an undisclosed amount. The letter gives CyberSource exclusivity in its talks to buy CardSystems, and it sees any deal closing in the fourth quarter.

Visualizing the structure and execution of the W32/Bagle.AG@mm worm

Now this is cool.

Over on the F-Secure "News from the Lab" Blog, Gergo writes:

"Okay, I hear a lot about these computer viruses but what do they actually look like?" - goes one of the most freqently asked questions we get. We have been working on some visualizations projects trying to answer that. We have mentioned our efforts in graphing malware earlier. The latest attempt is a 3D animation that visualizes the structure and execution of the W32/Bagle.AG@mm worm.

The animations can be downloaded in the following formats:

Windows Media 9 (9.7 MiB)
Quicktime (9.3MiB)

GoogleNet Update

John Paczkowski writes in Good Morning, Silicon Valley:

”This is huge. It’s scary. They’re not fooling around.”

-- Hunter Newby, chief strategy officer with carrier connection specialist Telx, on Google's telecom aspirations.

What does Google want with 270,000 square feet of space at the largest carrier hotel in Manhattan? If I were a betting man, I'd say the company's building its own core network and needs that kind of space to house the critical technology infrastructure for it. And according to multiple sources at carriers and equipment vendors, I'd be right. Light Reading reports Google has been leasing hundreds of thousands of square feet of carrier hotel space, buying up dark fiber, and mulling the purchase of DWDM and Ethernet-based telecom equipment that could total in the hundreds of millions of dollars. ”My understanding is they want to do remote peering and transit bypass,” Bill St. Arnaud, senior director of advanced networks at Canarie Inc. told Light Reading. “By building their own distribution network they don’t have to pay peering costs. Remote peering and transit costs are significant for all the big Internet players. So everybody is thinking of doing this.”

Update: Bus with Rita evacuees catches fire near Dallas

Update: Many believed dead in evacuee bus blaze

A bus filled with 45 elderly Hurricane Rita evacuees from the Houston area caught fire early Friday on gridlocked Interstate 45, leaving an undetermined number of deaths and injuries.

"There were 45 souls on the bus ... at this point we believe we have about half accounted for," Dallas County Sheriff's spokesman Sgt. Don Peritz. He said early indications were that a mechanical problem caused the blaze and that passengers' oxygen tanks caught fire.

Separately, the local WFAA TV station reported that 20 evacuees were killed in the tragedy.



A bus filled with Hurricane Rita evacuees caught fire early Friday on gridlocked Interstate 45, killing at least one person and injuring others, a television station reported.

The bus was engulfed with flames, causing a 17-mile backup on a freeway that was already heavily congested with evacuees from the Gulf Coast. Dallas television station WFAA reported one person was killed and 12 were injured.

Sweet Google Maps-Hurricane Rita Mashup

This is really pimped. Check it out.

Via BoingBoing.

This site includes a Google hack that combines Google Maps with hurricane tracking data.

Thursday, September 22, 2005

22:00 CDT: Hurricane Rita Advisory Update

Just released.

Good night, you crazy people.

We'll check in on Rita in the A.M....

Microsoft Turns 30

Via Red Herring.

Microsoft is celebrating its 30th anniversary at the company’s annual meeting on Friday but the festivity is clouded by the software giant’s recent problems, which include a stagnant stock price, accusations that bureaucracy is stifling innovation, and a formidable competitor in Google.

The annual meeting at Safeco Field in Seattle is expected to draw 16,000 Redmond-based employees who will be addressed by top Microsoft executives.

Microsoft Chairman Bill Gates and CEO Steve Ballmer are expected to talk about the company’s future and innovations in the areas of graphics, speech recognition, signal processing, facial-expression mapping, and quantum computing.

Austin hurricane panic insanity

This is in my neighborhood. One picture > 1k words. Insane.

Chech this out:

Caption, from the front page of the Austin American-Statesman:

"Preparing for Hurricane Rita, Maria Chavez of Austin looks for a loaf of bread Thursday in the empty shelves of a Wal-Mart at Interstate 35 and Slaughter Lane. The store was sold out."

Crisis Communications Network Criticized

Arshad Mohammed and Yuki Noguchi write in The Washington Post:

With Hurricane Rita bearing down on the Texas coast, Federal Communications Commission Chairman Kevin J. Martin said yesterday that the nation's emergency first responders need a mobile, wireless system that allows them to talk to one another in times of crisis anywhere in the country.

The lack of such a system slowed recovery efforts after Hurricane Katrina. Police, fire and rescue personnel struggled to work together after electric power failed and the telecommunications network in Mississippi, Louisiana and Alabama was extensively damaged.

Yesterday Martin called for developing more rugged first responder networks and making greater use of satellite technology that does not depend on vulnerable ground infrastructure. "When radio towers are knocked down, satellite communications may be the most effective means of communicating," Martin said at a hearing of the Senate Commerce Committee. "If we learned anything from Hurricane Katrina, it is that we cannot rely solely on terrestrial communications."

Telecommunications companies yesterday positioned mobile equipment to be ready for the new storm.

Mozilla Suite and Firefox Multiple Code Execution Vulnerabilities


FrSIRT Advisory : FrSIRT/ADV-2005-1824
CVE Reference : CAN-2005-2871 - CAN-2005-2968 - CAN-2005-2701 - CAN-2005-2702 - CAN-2005-2703 - CAN-2005-2704 - CAN-2005-2705 - CAN-2005-2706 - CAN-2005-2707
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-09-22

* Technical Description *

Nine vulnerabilities were identified in Mozilla Suite and Mozilla Firefox, which may be exploited by remote attackers to execute arbitrary commands or conduct spoofing and cross site scripting attacks.

The first flaw is due to a buffer overflow error when handling malformed URLs containing "soft hyphen" characters, which could be exploited by remote attackers to take complete control of an affected system via specially crafted Web pages. For additional information, see : FrSIRT/ADV-2005-1690

The second vulnerability is due to a heap overflow error when processing specially crafted XBM images, which could be exploited by malicious websites to compromise a vulnerable system.

The third flaw is due to a stack corruption error when processing Unicode sequences with ZWNJ (zero-width non-joiner) characters, which could be exploited by malicious websites to execute arbitrary commands.

The fourth issue occurs when malformed headers are added to an XMLHttpRequest, which could be exploited by attackers to bypass certain security restrictions.

The fifth flaw is due to an error where unprivileged controls from web content can implement XPCOM interfaces, which could be exploited by attackers to execute arbitrary scripts with elevated privileges.

The sixth vulnerability is due to an integer overflow error in the JavaScript engine, which could be exploited by malicious websites to compromise a vulnerable system.

The seventh flaw is due to an error where high privileged "chrome" pages could be loaded from an unprivileged "about:" page, which may be combined with a same-origin violation and exploited to execute arbitrary commands.

The eighth vulnerability is due to an error when opening and handling a specially crafted window, which could be exploited by attackers to bypass certain security features and conduct spoofing attacks.

The ninth issue is due to an input validation error when processing specially crafted URLs containing malicious shell commands enclosed within backquote characters, which could be exploited by remote attackers to compromise a vulnerable system. For additional information, see : FrSIRT/ADV-2005-1794

* Affected Products *

Mozilla Firefox version 1.0.6 and prior
Mozilla Suite version 1.7.11 and prior

* Solution *

Upgrade to Mozilla Firefox 1.0.7 or Mozilla Suite 1.7.12 :

* References *

Hurricane Rita turning westward towards Houston?

This is certainly a developing story -- Rita appears to be strengthening and turning "left" towards Houston.

Stay tuned for more news on Hurricane Rita and check often the NOAA One-Stop Rita Information website.

The next NHC advisory on Rita is tonight at 22:00 CDT.

Internet Governance: Twelve words you need to hear

Bret Fausett writes in his ICANN Blog:

Ambassador David Gross, U.S. Department of State: "The United Nations will not be in charge of the Internet. Period."

The comment came in response to a question at the
September 12, 2005 meeting of the Congressional Internet Caucus on the subject of WSIS and Internet Governance. Here is a recording of the question and answer: twelvewords.mp3. 55 seconds. You should download this and listen. Yes, I mean you.

Apple Security Update Fixes Multiple Mac OS X Vulnerabilities


FrSIRT Advisory : FrSIRT/ADV-2005-1823
CVE Reference : CAN-2005-1992 - CAN-2005-2524 - CAN-2005-2741 - CAN-2005-2742 - CAN-2005-2743 - CAN-2005-2744 - CAN-2005-2745 - CAN-2005-2746 - CAN-2005-2747 - CAN-2005-2748
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-09-22

* Technical Description *

Apple has released security patches to correct ten vulnerabilities affecting Mac OS X. These flaws could be exploited by remote or local attackers to execute arbitrary commands, cause a denial of service, obtain elevated privileges, or disclose sensitive information.

The first issue is due to a buffer overflow error in ImageIO when processing specially crafted GIF images, which could be exploited by malicious websites to execute arbitrary commands (e.g. via WebCore or Safari).

The second flaw is due to an error in when processing auto-reply rules, which could be exploited by attackers to intercept contents of encrypted messages.

The third vulnerability is due to an unspecified error in when using SMTP authentication with Kerberos5, which could cause the application to append un-initialized memory to a message and disclose sensitive information.

The fourth issue is due to an error where files with diagnostic information are created insecurely when certain environmental variables are set to enable debugging of application memory allocation, which could be exploited by local attackers to obtain elevated privileges.

The fifth flaw is due to a buffer overflow error in QuickDraw Manager when processing specially crafted PICT images, which could be exploited by malicious websites to execute arbitrary commands (e.g. via Safari or Mail).

The sixth vulnerability is due to an error in QuickTime for Java that allows untrusted applets to call arbitrary functions from system libraries, which could cause untrusted applets to gain elevated privileges.

The seventh flaw resides in the Ruby xmlrpc/utils module, which could be exploited by attackers to bypass certain security protections and execute arbitrary commands. For additional information, see : FrSIRT/ADV-2005-0833

The eighth problem is due to an error in Safari that does not properly filter specially crafted web archives, which could be exploited to conduct cross site scripting attacks.

The ninth vulnerability is due to an error where the "Switch User..." button may appear even though the "Enable fast user switching" setting is disabled, which could be exploited by a user (with physical access to the system) to bypass the "Require password to wake this computer from sleep or screen saver" setting and gain access to the currently logged-in user's desktop without authentication.

The last flaw is due to an error where Authorization Services may allow unprivileged users to grant certain rights that should be restricted to administrators, which may lead to privilege escalation.

* Affected Products *

Mac OS X 10.3.9
Mac OS X Server 10.3.9
Mac OS X 10.4.2
Mac OS X Server 10.4.2

* Solution *

Security Update 2005-008 for Mac OS X 10.3.9 :

Security Update 2005-008 for Mac OS X 10.4.2 :

* References *

U.S. deploys warfare unit to jam enemy satellites

Thanks to a post over on Slashdot which pointed out this article.

Bill Gertz writes in The Washington Times:

The U.S. military is bracing for future attacks in space, and the Air Force has deployed an electronic-warfare unit capable of jamming enemy satellites, the general in charge of space defenses says.

"You can't go to war and win without space," said Gen. Lance Lord, the four-star general in charge of the Colorado-based Air Force Space Command.

Gen. Lord said in an interview with The Washington Times that his command plays a key role in monitoring space, protecting satellites from attack or disruption and preparing to carry out strikes on enemy spacecraft.

Gen. Lord said the United States has a major strategic advantage over other nations' militaries because of its satellite communications and intelligence capabilities. "So we've got to protect that advantage," he said.

19:00 CDT Hurricane Rita Update

The National Hurricane Center has released their latest advisory on Hurricane Rita.

Be advised -- sometimes the most interesing dialogue in these advisories can be found in the [discussion] link located at the top of the advisory page...

And as usual, I link the to latest projected path of the storm, as well as the latest GOES satellite infrared (IR) image [below].

Phone Companies Report on Katrina Response

Caron Carlson writes in eWeek:

As the country braces for Hurricane Rita, which is expected to hit land Friday or Saturday, lawmakers in Washington continue their struggle to understand what went wrong in the response to Hurricane Katrina earlier this month.

Senators this morning questioned executives from several telephone companies to find out why the phone networks fared so poorly in the storm's wake.

Approximately 3 million phone lines were knocked down by the storm, more than 300,000 customers remain without phone service today, and more than 1,000 cell phone sites had to be restored, according to Kevin Martin, chairman of the Federal Communications Commission, who testified before the Senate Committee on Commerce, Science and Transportation.

Symantec Buys WholeSecurity

Via Red Herring.

Symantec made its second acquisition in two months Thursday with the buyout of WholeSecurity, a startup that offers an anti-phishing tool and a behavior-based analysis of security threats to block them as they occur.

Terms of the transaction, which is expected to close next month, weren’t disclosed. The companies announced the sale after the stock market closed, but Symantec’s stock fell $0.10 to $21.09 in after-hours trading. Prior to the announcement, Symantec shares fell $0.13 to $21.19.

WholeSecurity was founded in 2000 and has 80 employees. The company said it has over 100 customers for its products but declined to reveal its revenue. WholeSecurity had received $20 million in funding over two rounds from venture capitalists, New Enterprise Associates, Venrock Associates, Trellis Partners, and Parker Price Venture Capital.

Austin, Texas-based WholeSecurity differs from conventional products in the sense that it analyzes the characteristics and actions of a user’s computer and the network to protect it against deviations in the form of attacks.

Credit companies to adopt one data protection standard

James B. Kelleher writes for Reuters:

The top three U.S. credit reporting companies said on Thursday that they would adopt a single, shared encryption standard to better protect the huge amounts of sensitive electronic data they receive every day from banks, retailers and credit-card companies.

Equifax Inc., GUS Plc. subsidiary Experian and privately held TransUnion LLC, which maintain huge databases on hundreds of millions of Americans, said the joint effort would involve the development and adoption of a data-cloaking code built on encrypted algorithm and 128-bit, secret-key technologies.

In a statement, the companies insisted they have "long employed information security tools and programs" to ensure the information they compile from third parties isn't intercepted by thieves.

But they said that by creating and adhering to a single, beefed-up industry standard, they would "further assure the protection of sensitive consumer data when transmitted between data furnishers and credit reporting companies."

A Realistic Anti-Virus Firm?!? Shocking!


Over on, Mike writes:

We've been noting some of the overhyped stories of mobile viruses lately -- all spread by one anti-virus firm or another trying to convince people that there's really a problem where none yet exists. There was another such hyped up story yesterday, but they're getting so common it didn't even register much interest.

However, today, another anti-virus firm, Sophos, is taking a stand and claiming that they're sick of all of their competitors hyping up mobile viruses that aren't a real threat. In fact, they say that yesterday's claim of the first "serious" mobile virus threat is "plain bonkers." Straight talk from an anti-virus firm? Wonders never cease.

Then again, this is the same anti-virus firm that recently said that anti-virus tools, by themselves, weren't enough to stop viruses -- basically admitting that their own offerings weren't perfect, something that many anti-virus companies seem to suggest in their marketing.

New Phish Deceives With Phony Certificates

Gregg Keizer writes in TechWeb News:

A new, advanced form a phishing dubbed "secured phishing" because it relies on self-signed digital certificates, can easily fool all but the most cautious consumers, a security firm warned Thursday.

SurfControl, a Scotts Valley, Calif.-based Internet security vendor, said that it's seen one instance of such an attack, and expects more.

"This can fool the average user for sure," said Susan Larson, SurfControl's vice president of its global threat analysis and research group.

The new phish blends traditional elements with the new twist of a self-signed digital certificate, said Larson. It starts the same as most phishing attacks, with spammed e-mails urging recipients to click on a link to update a financial account. The destination is a spoofed version of a real site which requests the consumer enter his or her username and password to verify the information (supposedly because unauthorized access has been detected from an overseas IP address).

Credit Card Court Battle Tests Laws

An AP newswire article by Michael Liedtke, via Yahoo! News, reports that:

Testing the bounds of consumer protection laws, Visa USA Inc. and MasterCard International Inc. are headed for court to determine whether they are obliged to notify 264,000 customers that a computer hacker stole their account information.

The dispute to be argued Friday in San Francisco County Superior Court revolves around a highly publicized security breakdown at CardSystems Solutions Inc., one of the nation's largest payment processors.

Although a ruling in the class-action consumer lawsuit wouldn't have legal standing outside the state, it would increase the pressure on Visa and MasterCard to notify all affected accountholders in this and any future breaches.

That would compound the headaches that the CardSystems imbroglio already has caused.

Coastal Abuse Continues....

Hurricane Rita Strike Probability

This image mirrors the 3-Day strike probability at
The National Hurricane Center.

TxDOT putting gas tankers along evacuation routes

Via The Austin Business Journal.

Gov. Rick Perry on Thursday ordered the Texas Department of Transportation to begin positioning gasoline tankers along hurricane evacuation routes to assist motorists who might run out of fuel.

Highways out of Houston, Corpus Christi, Galveston and other areas that could be affected by Hurricane Rita are clogged with motorists fleeing to Austin, San Antonio and other areas.

Perry also has directed TxDOT to allow motorists to travel outbound on inbound lanes of I-10 and I-45. Texas state troopers have been placed at critical points along evacuation routes to aid traffic flow.

Google Looking to Move into TV?

Ed Oswald writes in BetaNews:

Google is showing an interest in moving into yet another form of media: television. A job posting that first appeared on Wednesday seeks a product manager for a service dubbed "GoogleTV." According to the listing, the candidate would be expected to study trends in television viewing and see where the search engine's technologies could further enhance that experience.

The posting seems to indicate that while Google is unlikely readying a television channel, GoogleTV could possibly be an extension of Google's prototype search that scours the closed captioning text of television shows. Results are displayed with a still image of the video, along with snippets of text that contain the search terms.

Qwest Cites SBC Blacklist

Via Red Herring.

Qwest Communications, the No. 4 U.S. phone carrier, plans to file a complaint Thursday accusing No. 2 carrier SBC Communications of blocking competition by restricting partners like WilTel Communications and Time Warner Telecom Holdings from being sold to “blacklisted” companies.

Qwest executives already met with the U.S. Federal Communications Commission and presented a draft complaint letter from Qwest Deputy Counsel Robert Donnelly describing his company’s concerns about SBC’s pending $16-billion acquisition of AT&T.

Mr. Donnelly believes the deal could make it even harder for SBC to win business from smaller carriers, according to the Associated Press.

Political Bloggers Demand Speech Freedoms

An AP newswire article by Donna Cassata, via Yahoo! News, reports that:

Political bloggers who offer diverse views on Republicans and Democrats, war and peace argued on Thursday that they should be free of government regulation.

The notion was echoed by some members of the government agency trying to write rules covering the Internet's reach in political campaigns.

Amid the explosion of political activity on the Internet, a federal court has instructed the six-member Federal Election Commission to draw up regulations that would extend the nation's campaign finance and spending limits to the Web.

The FEC, in its initial rules, had exempted the Internet.

Bloggers told the Committee on House Administration that regulations encompassing the Internet, even ones just on advertising, would have a chilling effect on free speech. The FEC vice chairman also questioned the necessity of any rules.

Papers in Rita's Path to Inform Via Web

An AP newswire article, via Yahoo! News, reports that:

Gulf Coast newspapers in the projected path of Hurricane Rita scrambled Thursday to finalize plans to keep employees safe and readers informed, mainly through Web sites.

The Galveston County Daily News evacuated its barrier island offices in Galveston and Texas City but hoped to continue printing after landfall, Publisher Dolph Tillotson said in a recording left at the offices.

"For the duration of the storm we plan to continue publishing a paper each day," he said. "However, it will be small. Our ability to deliver it is very limited."

Tillotson, like other publishers in Rita's path, said readers should go to the newspaper's Web site for the latest news.

"After the storm, we will deliver bundles of papers from throughout the storm period," he said.

Hurricane Rita Weakens to Category 4 Storm

Via The National Hurricane Center.

1 PM CDT THU SEP 22 2005





China 1, Internet Freedom 0

A Christian Science Monitor article by Kathleen E. McLaughlin, via CBS News, reports that:

As China began to go online, observers made brash predictions that the Internet would pry the country open. Cyberspace, the thinking went, would prove too vast and wild for Beijing to keep under its thumb.

Now these early assumptions are being sharply revised. Under an authoritarian government determined to control information, China has grown a new version of the Internet. As former President Clinton noted recently, China's Internet is very unlike the cauldron of dissenting voices that is the hallmark of the Internet familiar to Americans. Instead, it's heavily filtered, monitored, censored, and most of all, focused on making money.

The success of Beijing's strategy — to harness the network's business potential while minimizing it as a conduit for free speech — has some concerned that it has established a medium and new censoring tools that other countries can adopt.

"The biggest danger is that China creates a very large market and testing ground for surveillance and filtering software," says Danny O'Brien with the Electronic Frontier Foundation in San Francisco.

Opera Web Site Slowed by Surge in Free Downloads

Via Netcraft.

Some areas of the web site for Opera have been slowed by a surge in traffic from Internet users downloading software. The activity was prompted by Tuesday's announcement that the Opera web browser would be distributed free. Users previously had the choice of either a paid product or a free version supported by ads displayed within the browser interface.

The ad-free version of Opera 8 was downloaded more than 1 million times in the first two days of availability,according to Opera Software, which said server logs showed a majority of downloads came from Internet Explorer users.

Chinese Internet vs. free speech: Hard choices for U.S. tech giants

Carrie Kirby writes in

U.S. tech giants are helping the Chinese express themselves online -- as long as they don't write about democracy, Tibet, sex, Tiananmen Square, Falun Gong, government corruption or any other taboo subject.

Microsoft bans "democracy" and "Dalai Lama" from the Chinese version of its blog site. Yahoo recently turned over information that helped the Chinese government track down and imprison a journalist for the crime of forwarding an e-mail. Google omits banned publications from its Chinese news service.

Critics say that cooperating with governments to suppress free speech violates human rights, international law and corporate ethics. But what the experts can't agree on is what the companies should do about it. The Internet -- even with limitations -- is generally considered a powerful democratizing force. If international companies withdrew from the Chinese Internet market, the result might mean even fewer chances for free communications there.

"It's morally problematic that they are partnering with the Chinese government on censorship," said Timothy Fort, a professor of business ethics at George Washington University School of Business in Washington, D.C. "(But) their being there spurs the doomsday for the Communist government."

EU Insists It Won't Regulate the Internet

An AP newswire article Aoife White, via Yahoo! News, reports that:

The European Union head office insisted Thursday that it had no plans to regulate the Internet as it launches new broadcasting rules later this year.

"I have no intention to 'regulate the Internet,'" EU Information Society Commissioner Viviane Reding told a broadcasting conference in Liverpool, England. However, she said the European Commission had the duty to protect shared European values.

"Who in this room is in favor of child pornography on the new media? Who stands for the freedom to spread incitement to racial hatred on the new media?"

She said there was a broad consensus that child protection and hate speech rules should also apply to "nonlinear" services, such as pay-TV or Internet broadcasts.

Internet firms and some broadcasters have firmly voiced their opposition to an EU-wide law over content.

British Broadcasting Corporation director general Mark Thompson said Wednesday that regulators needed to be realistic about how practical and desirable it was to enforce content in an on-demand, online world.

IFPI Gets Into Malware Game

Over on, Carlo writes:

The RIAA's international cohort, the IFPI, has released a piece of software that uninstalls P2P software and copyrighted music and video from users' computers. They're calling it a "simple educational tool" to show people how they "can enjoy music and film legally and responsibly without risking legal action by copyright holders."

That sounds like a vaguely veiled threat that unless people delete files which the IFPI deems offensive, they're open to being sued. A quote from the chairman of the IFPI sounds rather ominous as well: "This is a timely initiative: it comes after months of warning and information campaigns making it clear that file-swapping copyrighted music is illegal and could involve fines and prosecutions."

That sounds an awful lot like "run our software, or you're going to get sued." Of course, this really isn't anything new, as the recording industry is no stranger to
intimidation via lawsuit. Now, believing they have the right to determine the legality of certain applications and activities isn't enough -- they want to personally vet all the files on your computer, too.

Census: Austin area's population keeps climbing

Here's something a little offbeat, especially since Austin is somewhat of an "oddball tech mecca".

Via The Austin Business Journal.

The Austin area was one of the country's fastest-growing metropolitan areas from 2000 to 2003, according to new figures from the U.S. Census Bureau.

The five-county area went from 1.25 million residents in 2000 to 1.378 million in 2003, for a gain of 10.2 percent. That growth rate was the 14th largest among U.S. metro areas during that period, the Census Bureau says in a report released Thursday.

Suburbs in the Austin area, particularly in Williamson and Hays counties, have experienced a population boom in recent years.

EV1Servers Hunkers Down for Hurricane Rita

Via Netcraft.

With one of history's most powerful hurricanes bearing down on the Houston/Galveston area, EV1Servers is taking steps to protect the more than 1 million web sites hosted in its Houston data centers. CEO Robert Marsh says the company has more than 10,000 gallons of diesel fuel on site, and has procured an extra generator in case grid power is unavailable for an extended period. "We anticipate that the coming storm will have no impact on our operations," Marsh said in a message to customers. "However, we are prepared to deal with any eventuality."

Hurricane Rita is currently a category 5 storm with sustained winds of 175 miles an hour, making it an even more intense storm than Hurricane Katrina, which laid waste to New Orleans and the surrounding Gulf Coast on Aug 29. Forecasters predict Rita will weaken slightly and make landfall early Saturday as a category 4 storm. "Our buildings are designed to withstand Cat 4 conditions," Marsh said Wednesday night on the EV1 forums. "It is anticipated that we will see high Cat 3 conditions, based upon the current track and our location. This could easily escalate to cat 4 conditions."

EV1Servers is the world's eighth-largest web host, housing 1.1 million hostnames and 642K active sites. Any service outages for the company could ripple far beyond Houston, as many web hosting resellers lease servers housed in its Houston facilities. EV1Servers has more than 150 different customers with at least 1,000 web sites, including hosting providers based in the UK, Brazil, Japan, Italy and the Netherlands as well as the United States. EV1 says its networks "oversee 1.5% of all U.S. Internet traffic."

Marsh said he will remain onsite this weekend with a skeleton staff of 25 of the company's 400 employees. "Disaster planning has been underway for some time," said Marsh, noting that the company has been in touch with its connectivity providers and made arrangements for emergency communications "outside of the pstn (public switched telephone network)."

Hurricane Rita spins toward Texas, Gulf Coast

An AP newswire article, via MSNBC, reports that:

Hurricane Rita grew into a monster storm with 170 mph sustained winds as it swirled toward the Gulf Coast, prompting more than 1.3 million residents in Texas and Louisiana to flee in hopes of avoiding a deadly repeat of Katrina.

“It’s not worth staying here,” said Celia Martinez as she and several relatives finished packing up their homes and pets to head to Houston. “Life is more important than things.”

As Gov. Rick Perry urged residents along the state’s entire coast to begin evacuating well in advance of Rita’s predicted Saturday landfall, New Orleans braced for the possibility that the storm could swamp the misery-stricken city all over again.

Galveston, Corpus Christi and surrounding Nueces County, low-lying parts of Houston, and New Orleans were under mandatory evacuation orders as Category 5 Rita drew energy from balmy gulf waters.

Sony to cut 10,000 jobs

Nathan Layne writes for Reuters:

Struggling electronics and entertainment conglomerate Sony Corp. said on Thursday it would cut about 7 percent of its global work force, sell more than $1 billion in assets and post a loss this year.

With a restructuring plan that failed to excite some analysts, Sony hopes to reverse its fading fortunes and catch up with rivals such as Matsushita Electric Industrial and Sharp Corp. in flat TVs and Apple Computer and its popular iPod player in the portable music industry.

The inventor of the Trinitron TV and Walkman cassette player said it would book 210 billion yen in restructuring charges in the two business years through March 2007 as it closes plants and slashes 10,000 jobs.

Create your own blog, remain anonymous and get around censorship!

Via Reporters sans Frontières.

Blogs get people excited. Or else they disturb and worry them. Some people distrust them. Others see them as the vanguard of a new information revolution. Because they allow and encourage ordinary people to speak up, they’re tremendous tools of freedom of expression.

Bloggers are often the only real journalists in countries where the mainstream media is censored or under pressure. Only they provide independent news, at the risk of displeasing the government and sometimes courting arrest.

Reporters Without Borders has produced this handbook to help them, with handy tips and technical advice on how to remain anonymous and to get round censorship, by choosing the most suitable method for each situation. It also explains how to set up and make the most of a blog, to publicise it (getting it picked up efficiently by search-engines) and to establish its credibility through observing basic ethical and journalistic principles.

Many Internet experts helped produce this manual, including US journalist Dan Gillmor, Canadian specialist in Internet censorship Nart Villeneuve, US blogger Jay Rosen and other bloggers from all over the world.

The Handbook for Bloggers and Cyber-dissidents will be on sale in bookshops from 22 September for €10. It can also be downloaded in five languages (English, French, Chinese, Arabic and Persian) from the Reporters Without Borders website:

Wednesday, September 21, 2005

EarthLink lands a win in phishing suit

Declan McCullagh writes in C|Net News:

EarthLink can't be held liable for incorrectly identifying the Web site of a legitimate bank as a fraudulent attempt to snatch customers' identities, a federal judge has ruled.

U.S. District Judge John Shabaz in Wisconsin has tossed out a case that Associated Bank-Corp. brought against the Internet service provider in April claiming negligence and injury to its business reputation.

EarthLink had warned its customers who installed a free "ScamBlocker" toolbar--and visited the Web site was "potentially fraudulent" and said that they should "not continue to this potentially risky site."

The warning was wrong. Associated Bank, headquartered in Green Bay, Wis., with more than 300 locations in the Midwest, operated a legitimate Web site.

P2P music sites closing doors in legal fallout

A Reuters newswire article by Sue Zeidler and Eric Auchard, via Yahoo! News, reports that:

Popular file-sharing site ceased operating and the New York office of another,, appeared to be closed, in the continuing legal fallout among underworld peer-to-peer music services, industry sources and users said on Wednesday.

The turmoil among file-sharing networks follows the landmark ruling by the U.S. Supreme Court in June that held anyone who distributes a device used to infringe copyright is liable for the resulting acts of infringement by others.

In the wake of the decision, the trade group Recording Industry Association of America (RIAA) last week sent out "cease-and-desist" letters to seven file-sharing groups. A spokeswoman for the RIAA declined to name the targets.

Popular file-sharing sites BearShare, eDonkey and WinMX were reportedly among the targets.

NSA Patents The Ability To Spy On You Via The Internet

Over on, Mike writes:

While the NSA is well known for being quite advanced technically speaking, you don't often associate them with patents. You get the feeling that the NSA prefers to keep its technical know-how as closely-guarded internal secrets. However, perhaps they're branching out a bit. They've patented a geo-location system that tries to pinpoint where you are based on your IP address. Others are already doing the same thing, but it's not clear if they violate this patent. Still, you have to wonder what the NSA is going to do with the patent. If others start figuring out your location, are they going to sue for patent infringement?

Side by side comparison: Katrina & Rita



Hurricane Rita now third most powerful storm in history

Via The National Hurricane Center.

WTNT63 KNHC 212351
650 PM CDT WED SEP 21 2005




US arrests 17 in crackdown on 'rogue' Internet pharmacies

An AFP newswire article, via Yahoo! News, reports that:

US drug agents arrested 17 people in a crackdown on what was described as a multimillion-dollar network of "rogue" Internet pharmacies selling a variety of controlled drugs.
Drug Enforcement Administration Administrator Karen Tandy said Operation CYBERx targeted more than 22 Internet pharmacies and arrested the alleged ringleaders in Texas and Florida.

"This investigative effort is the first to target all levels of e-trafficking located solely within the United States," the DEA said in a statement.

"The alleged drug dealers who operated these rogue Internet pharmacies took orders for controlled substances over the Internet, which were then shipped to the doors of US citizens without a valid prescription."

These services collected an average of more than 50,000 dollars a day in profits from the operation, the DEA said.

Hurricane Rita could send gasoline prices soaring

John W. Schoem writes on MSNBC:

As the Gulf Coast braces for a hit from Hurricane Rita, U.S. motorists could get hit with pump prices well over $3 a gallon, or outright shortages, or both if the storm makes landfall in the heart of one of the biggest concentrations of oil refining in the world.

As of Wednesday, Rita was on track to make landfall to the west of the area south of Houston that is home to some 20 percent of U.S. refining capacity, according to Bill O’Grady, who follows the energy futures markets at A.G. Edwards in St. Louis.

“Of the 11 largest refineries in the U.S., six are in the path of this storm,” he said.

Valero Energy Corp. chief executive Bill Greehey said late Tuesday that the storm’s impact on U.S. crude oil production and refining could be a “national disaster.”

Verizon advocates new role for FCC

Grant Gross writes in InfoWorld:

The U.S. Federal Communications Commission (FCC) should get out of the business of creating broadband regulations and only step into an enforcement role when customers complain about service, a Verizon Communications executive said Wednesday.

Tom Tauke, Verizon's executive vice president for public affairs, policy and communications, called on the FCC and the U.S. Congress to create an "updated role" for government in telecommunications regulation, particularly for rules related to broadband Internet access and services that run over broadband.

Tauke, a former Republican congressman, called for an end to what he called "anticipatory regulation" designed to head off problems before they exist. Instead, government should allow a "market-driven" approach where broadband carriers are free to offer the services they choose.

U.S. Tech Sector Adds 190,000 Jobs

Antone Gonsalves writes in TechWeb News:

The U.S. technology industry added 190,000 jobs between January 2004 and June 2005, upping the total to 5.72 million, an industry trade group said Wednesday.

The 3.4 percent increase confirmed for the American Electronics Association that the high-tech industry has recovered from the bursting of the dot-com bubble four years ago.

"While industry growth is by no means explosive, the rise in high-tech jobs has been steady, and we find it encouraging that even tech manufacturing experienced a small increase," William T. Archey, AEA president and chief executive, said in a statement. "The trend over the last 18 months has impressed us."

The AEA prepared its report with data from the U.S. Bureau of Labor Statistics. The numbers showed a steady increase in tech jobs in the last six-, 12- and 18-month time spans, the group said.

U.S. to Send Teams to Combat Piracy Abroad

An AP newswire article by Matthew Fordahl, via Yahoo! News, reports that:

The Commerce Department is sending teams of experts into countries known for piracy and counterfeit goods in an effort to combat intellectual property theft abroad, U.S. Commerce Secretary Carlos Gutierrez said Wednesday.

The groups, called Intellectual Property Rights Experts, will operate in Brazil, China, India, Russia and elsewhere. They will follow up and monitor cases as well as have daily contact with officials in those countries, Gutierrez said in a speech to Silicon Valley executives.

"It's an escalation of our effort to ensure that we have adequate monitoring — that we have people on the ground following up on cases, advocating for companies and talking to local officials," he said in an interview after the speech.

Intellectual property theft is a top concern in Silicon Valley and other high-tech centers around the nation.

EDS: Banks should shape up on security

Dan Ilett writes in C|Net News:

Banks must improve security practices or risk losing some customers, IT services company EDS said this week.

The remarks follow a survey conducted for the company finding that almost a third of North American consumers would close all accounts and move to another bank if their personal data were compromised.

Another 10 percent of respondents said they would move just some accounts to another bank, and 55 percent said they would stop banking until the crisis were resolved.

"The results of this survey accurately reflect a common theme we are seeing in the industry," Jean-Louis Bravard, global leader of financial services at EDS, said in a statement Monday. The survey results were published that day.

Update: Hurricane Rita Now a Category 5 Storm

Update: According to The National Hurricane Center:

WTNT63 KNHC 211955
255 PM CDT WED SEP 21 2005


An AP newswire update, via MSNBC:

Hospital and nursing home patients were evacuated and as many as 1 million others were ordered to clear out along the Gulf Coast on Wednesday as Hurricane Rita intensified with 150 mph winds that could batter Texas and possibly bring more misery to New Orleans by week’s end.

Rita's increasing wind speed, up from 140 mph earlier in the day, makes it a strong Category 4 storm.

In Galveston, no questions over evacuation

Image source: MSNBC / AFP - Getty Images

Janet Shamlian writes for MSNBC:

With Hurricane Rita threatening to devastate the Texas coast, Galveston is under a mandatory evacuation order.

And with the images of Katrina fresh on the minds of residents — as well as the city's history as the scene of America's deadliest hurricane — no one is questioning it.

The elderly, the disabled and those without transport began leaving first. They were loaded onto yellow school buses on Wednesday morning.

Taking a lesson from Hurricane Katrina, during which many people wouldn't leave because they couldn't take their pets, the buses leaving Galveston will accommodate cats and dogs.

NASA Closes Johnson Space Center as Hurricane Approaches

Tarik Malik writes on

NASA officials at the agency’s Johnson Space Center (JSC) in Houston closed the manned spaceflight facility Wednesday as Hurricane Rita approaches the Texas Gulf Coast.

The closure went into effect at 2:00 p.m. EDT (1800 GMT) and will continue until the hurricane threat has passed, NASA officials said, adding that a small emergency crew will remain onsite. Primary mission operations of the International Space Station (ISS), now orbiting more than 200 miles above the Earth, will be handed over to Russian flight controllers while the JSC site is closed, they added.

“The emergency plan for the ISS mission control is well understood,” NASA spokesperson James Hartsfield told before the closure.

Hartsfield said that, once implemented, the transfer of mission operations from NASA ISS flight controllers to their Russian counterparts in Korolev, Russia near Moscow could continue through the evening.

“We also have an advisory team of flight controllers who will evacuate to a remote location and provide assistance,” he added.