Random Pictures From IETF 67 in San Diego
I thank my friend and long-time colleague, Peter Lothberg, for these shots.
Start on Nov.6, 2006.
As of Saturday, Nov. 18, 2006, at least 2,863 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,291 died as a result of hostile action, according to the military's numbers.More here.
The AP count is eight more than the Defense Department's tally, last updated Friday at 10 a.m. EST.
Eric Auchard writes for Reuters:
Yahoo Inc. needs a dramatic organizational shake-up and cuts in its work force of up to 20 percent, according to an internal memo written last month by Senior Vice President Brad Garlinghouse.More here.
Garlinghouse, a second-tier Yahoo executive who has taken increasing powerful roles in the company since joining 3 1/2 years ago, argues that Yahoo suffers from a lack of consistent leadership, business focus and a "single cohesive strategy."
Attorney General Alberto Gonzales contended Saturday that some critics of the Bush administration's warrantless surveillance program were defining freedom in a way that poses a "grave threat" to U.S. security.More here.
Gonzales was the second administration official in two days to attack a federal judge's ruling last August that the program was unconstitutional. Vice President Dick Cheney on Friday called the ruling "an indefensible act of judicial overreaching."
Gonzales told about 400 cadets from the Air Force Academy's political science and law classes that some see the program as on the verge of stifling freedom rather that protecting the country.
"But this view is shortsighted," he said. "Its definition of freedom -- one utterly divorced from civic responsibility -- is superficial and is itself a grave threat to the liberty and security of the American people."
Via gapingvoid.com. Enjoy!
Ray Le Maistre writes on Light Reading:
Alcatel and Lucent Technologies Inc. announced late Friday night that they have received final approval for their merger from U.S. President George W Bush and expect to complete their merger on November 30.More here.
The duo say they have "received approval from the Committee on Foreign Investment in the United States (CFIUS), under provisions of the Exon-Florio amendment, to proceed with their proposed merger transaction."
Google has made available a new "Click-to-Call" service that will automatically connect users to business phone listings found via Google search results.More here.
In order for this feature to function, the user must provide their telephone number so that Google can bridge the free call between the business and the user (including long distance calls).
An obvious issue with such a service is that there is no reasonable way to validate the user phone number that is provided. Google says that they have mechanisms in place to try avoid repeated prank calls, but the potential for abuse is obvious.
An Shanghai Daily article, via Hack in the Box, reports that:
Anonymous hackers yesterday planted a backdoor virus program on the Website of China Unionpay (www.Chinaunionpay.com), the country's only national electronic payment network operator, that may result in customer information being leaked, Xinhua has learnt.More here.
The backdoor program, Backdoor.BlackHole.2005.a, is capable of hijacking customer's computers when they visit the Website, said engineers at Rising Corporation, a leading Chinese computer security company.
Researchers have discovered a fundamental flaw in microprocessor technology that could allow hackers to obtain computer users' secret information, French daily Le Monde reported.More here.
A team led by German cryptology expert Jean-Pierre Seifert has discovered that chips are now more vulnerable because of the way they are manufactured to to process data more quickly.
"Security has been sacrificed for the benefit of performance," said Mr Seifert quoted in Le Monde.
The danger of hackers breaking into computer chips, using a technique known as Branch Prediction Analysis (PBA), previously necessitated a very large number of attempts to decipher a cryptology key.
Ken Serrano and Gene Racz write on The Home News Network (Central New Jersey):
Blindsided by news that a longtime gym teacher has been arrested and charged with possession of child pornography, officials at Cardinal McCarrick High School were dealing with the fallout yesterday from a magistrate's controversial decision in the case.More here.
James Kazanjian, 51, former football and baseball coach at the Roman Catholic high school, is accused of downloading a video of an adult raping a child and other child-sex pornography. Yet he drew a ruling from a federal magistrate that allowed him to return to school without officials at McCarrick being notified of the charges.
Alan Sipress writes in The Washington Post:
Never before in its 30-year history has Microsoft faced a more pressing need to turn its innovative prowess inward and remake itself. The company that became synonymous with computing for hundreds of millions of users worldwide is confronting an onslaught by rivals bent on stripping away Microsoft's customers by providing cheaper -- or free -- software over the Web.More here.
Microsoft faces a dilemma common to many major corporations, including telephone companies, newspapers and automakers, as they wrestle with how to break loose from their traditional businesses before it's too late. Many have been unable to cannibalize their core operations, remaining intoxicated by the high profits they still provide. But the burden of maintaining the old businesses that made them titans can starve companies of the investment and initiative they need to innovate.
John Moreno Gonzales writes on Newsday.com:
Federal agents arrested a Roman Catholic priest based in Roosevelt Friday on child pornography charges after authorities said he stored 1,300 sexually explicit images of children on his rectory computer and engaged in sexually laced chats with detectives posing as teenage boys.More here.
Thomas G. Saloy, 45, an administrator at the Queen of the Most Holy Rosary Church in Roosevelt, was arrested Friday morning after a yearlong investigation, authorities said, in which he used America Online screen names to talk to minors about sex and set up exchanges of child pornography with adults and youths.
Jeff Wiehe writes on FortWayne.com:
Detective Everett D. White of the Fort Wayne Police Department’s Neighborhood Response Team was off duty and at home Oct. 19. He spent time browsing through videos on the Web site YouTube .com, and somehow came across one titled “Burglars Caught in Fort Wayne.”More here.
The video, dated Oct. 10, showed a man walking inside an apparently vacant house from the rear and letting another man inside through the front door. One of the men, who police say was Richard K. Klaff, 36, left the home with an 8-foot piece of copper wire worth about $15. Shortly after the two men walked out the door, two Fort Wayne Police officers walked in, called by the homeowner.
Kevin McLaughlin writes on TechWeb News:
Law enforcement and government agencies that investigate computer crimes now have a better way to identify illegal digital images on seized hard drives.More here.
This week, LTU Technologies launched a software plugin that strengthens the image analysis and indexing features of Guidance Software's Encase Forensic platform, which is commonly used by law enforcement and government agencies to sift through digital evidence during the course of investigations.
Ryan Singel writes on Wired News:
Forty-eight lawsuits against the nation's largest telecommunications companies for alleged participation in a warrantless government surveillance program had their first day all together in court Friday, in a courtroom packed with more than two dozen lawyers for the government, the companies and civil liberties groups.More here.
The class-action lawsuits accuse BellSouth, Cingular Wireless, Sprint, MCI, Verizon, AT&T and even cable provider Comcast of violating various privacy and fair business laws for allegedly collaborating with the government's warrantless eavesdropping on Americans' overseas phone calls, domestic phone logs and internet usage. Together, the suits seek millions in damages.
Declan McCullagh writes on C|Net News:
A federal district judge on Friday rejected the Bush administration's request to halt a lawsuit that alleges AT&T unlawfully cooperated with a broad and unconstitutional government surveillance program.More here.
U.S. District Judge Vaughn Walker said the lawsuit could continue while a portion of it was being appealed, despite the U.S. Justice Department's arguments that further hearings and other proceedings would consequently endanger national security.
As of Friday, Nov. 17, 2006, at least 2,863 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,291 died as a result of hostile action, according to the military's numbers.More here.
The AP count is eight more than the Defense Department's tally, last updated Friday at 10 a.m. EST.
Represented by the American Civil Liberties Union of Washington, three library users and a nonprofit organization today brought a lawsuit to ensure that patrons of a library system in Eastern Washington have access to useful and lawful information on the Internet.More here.
The lawsuit challenges the library system's policy of using a restrictive Internet filter to bar access by adults to information on its computers and of refusing to honor requests by adult patrons to temporarily disable the filter for sessions of uncensored reading and research.
Feel like you've lived a wee bit too long? Looking for a spectacular way out -- one that'll keep your family crying in disgust for years on end?More here.
Well, has Popular Mechanics got a gizmo for you: the personal helicopter. This $30,000, assemble-yourself "Gen H-4" mini-chopper relies on "two blades on the same axis and rotating them in opposite directions to counteract each other's torque, eliminating the need for a tail rotor."
The contraption meets "the FAA's rules for ultralight aircraft: a top speed of just over 60 mph and a 5-gallon gas tank, for about an hour of flying. That means you don't need a license to own or fly one."
Universal Music Group, the world's largest music company, on Friday filed a lawsuit against popular social networking site MySpace for copyright infringement of thousands of its artists' works.More here.
Universal, owned by French media giant Vivendi, filed the suit at the U.S District Court in the Central District of California, Western Division.
A coalition of conservation groups filed suit today against the Bush administration for refusing to complete a National Assessment of the impact of global warming on the environment, economy, human health and human safety of the United States. The assessment, due in November of 2004, is required by the Global Change Research Act of 1990.More here.
Today’s action [14 Nov. 2006] comes as U.S. representatives complete their participation in the final days of the United Nation’s world climate negotiations in Nairobi, Kenya. Plaintiffs in the lawsuit are the Center for Biological Diversity, Friends of the Earth, and Greenpeace.
Eliot Van Buskirk writes on the Wired News' Listening Post Blog:
I haven't played Second Life yet, but know my old employer has built virtual headquarters there and that Dell sells real computers inside of this alternate reality.More here.
The next aspect of real life to become part of Second Life could be the all-too-real prospect of an RIAA crackdown on unauthorized music, although labels could face difficulty in proving that Linden Labs has any culpability.
An AP newswire article, via The International Herald Tribune, reports that:
The easing of a ban on the popular online encyclopedia traffic in China was short-lived.More here.
Barely a week after Wikipedia viewers were able to access the Web site — after a yearlong ban — they reported Friday that it was blocked again in several parts of China.
Chinese Web surfers and free speech advocates had earlier welcomed the apparent lifting of a ban on the English and Chinese versions of the site that provides free information written and edited by its users, although skeptics had voiced fears the end of the ban would be temporary.
"It was great news for us," said Yuan Mingli, 33, a software engineer in Shanghai who has contributed articles on computer science and Chinese historical figures to the site. "China's Internet users are not different from other countries' users. Wikipedia is a very important source of information for us."
Alice Lipowicz writes on Washington Technology:
Plans for protecting the nation’s critical information technology networks and systems are focused on developing resiliency and quick recovery rather than on safeguarding against every type of threat, according to a new report [.pdf] from the Government Accountability Office.More here.
The GAO report provides an update on activities of the nation’s 17 critical infrastructure sectors, including IT, energy, food, water, transportation and health care, which are developing plans due in December to protect their sectors from terrorist attack. The goal is to coordinate with the National Infrastructure Protection Plan, which became final in June 2006.
Shaun Waterman writes for UPI:
The U.S. Department of Homeland Security's inspector general will probe a new data-mining program the agency is developing.More here.
The probe into the department's $40 million Analysis, Dissemination, Visualization, Insight and Semantic Enhancement, or ADVISE, program was one of the investigations the inspector general promised in his annual plan this week.
ADVISE, the brain child of the department's science and technology division, is "designed to extract relationships and correlations from large amounts of data to produce actionable intelligence on terrorists," says the inspector general's report. "A prototype is currently available to analysts in (homeland security's) Intelligence and Analysis (division) using departmental and other data, including some on U.S. citizens," it adds.
Distributed denial of service protection solutions provider Prolexic Technologies says it was wrongly accused of hosting gambling Web sites when New York authorities broke up an online betting ring on Thursday, according to reports.More here.
Police issued a 33-count indictment regarding an illegal Internet gambling ring and Prolexic was identified by a traceroute as the Web hosting provider for an Internet sports book. However, Prolexic says it is being wrongly accused, and was not involved in hosting the gambling operation.
The company says its proxy service makes it appear, through a traceroute, as though Prolexic is the host of the site.
Ray Beckerman writes on The Recording Industry vs. The People:
LimeWire has filed amended and expanded counterclaims in its lawsuit with the RIAA, Arista v. Lime Wire:More here.The counterclaims allege that the record companies and their co-conspirators "conspired to delay and disrupt the entry and emergence of [P2P], and to extend their oligopoly in the distribution of recorded music over the new market for the electronic distibution of music via the Internet." (Paragraph 28).
They further allege that the RIAA "sought to preserve the market power they possessed by conspiring to refuse to license their catalogs for competitive digital distribution, and instead acting together to delay and inhibit digital distribution both of the recorded music they controlled and what little recorded music they did not control." (Paragraph 30).
Just kidding, but Om Malik pulls some interesting statistics:
Any VoIP company that is trying to be a voice replacement, is living on borrowed time (and money.) Folks over at My VoIP Provider1 did a historical study from August 2005 through October 2006, and found that 85 VoIP providers were kicked to the curb.More here.
This is global data, but the issues facing these companies are pretty much the same… how to stay in business when all you can do is fight on price, and have no distinguishing features! Even AOL had to shutter its Total Talk. Vonage is no where close to being profitable, and Skype has to give away its money making services (in North America) to get some traction. And the incumbents are flexing their muscle, and taking market share by the month.
Ryan Singel writes on 27B Stroke 6:
AT&T, the U.S. government and the Electronic Frontier Foundation face off again in federal court this morning to argue over how the case against the telecom for allegedly collaborating with the NSA's warrantless wiretapping of Americans' overseas communications will proceed and to figure out how to integrate some 40 other lawsuits against other telecoms.More here.
Currently a ruling by chief district court judge Judge Vaughn Walker that allows the case to proceed despite the government's protestations that the case will reveal state secrets is under appeal to the Ninth Circuit. Despite that, EFF wants its, and the other cases to proceed, by allowing it to force AT&T to answer its complaints and turn over documents.
Today, some three million such passports have been issued, and they don't look so secure. I am sitting with my scary computer man and we have just sucked out all the supposedly secure data and biometric information from three new passports and displayed it all on a laptop computer.More here.
The UK Identity and Passport Service website says the new documents are protected by "an advanced digital encryption technique". So how come we have the information? What could criminals or terrorists do with it? And what could it mean for the passports and the ID cards that are meant to follow?
A man was shot early on Friday morning outside a Wal-Mart store in Connecticut while waiting to buy a new Sony Playstation 3, Connecticut State police said.More here.
He was one of 15 to 20 people lined up outside the store when confronted by two armed men who demanded money at around 3:15 a.m., Lt. J. Paul Vance said in a press release.
Police said the victim had confronted the armed suspects and was shot. He was treated at the scene and transported to the University of Massachusetts Medical Center across the state line.
Police were searching for the two suspects.
A British man convicted of what has been described as the country's first "web-rage" attack, was jailed for 2-1/2 years on Friday for assaulting a man he had exchanged insults with over the Internet.More here.
Paul Gibbons, 47, from south London, admitted he had attacked John Jones in December 2005 after months of exchanging abuse with him via an Internet chatroom dedicated to discussing Islam.
The Old Bailey heard that Gibbons had "taken exception" to Jones, 43, after he had made the claim that Gibbons had been "interfering with children".
After several more verbal and written exchanges -- with Jones threatening to track him down and give him a severe beating -- Gibbons and a friend went to his victim's house in Essex, armed with a pickaxe and machete.
Anne Broache writes on C|Net News:
The U.S. Senate late on Thursday voted unanimously to confirm Republican Kevin Martin for a second five-year term as chairman of the Federal Communications Commission. Martin, 39, has served as a commissioner since 2001 and has held the top leadership spot since 2005.More here.
"I will continue to work to provide a regulatory environment that promotes competition and drives investment and innovation while protecting consumers and promoting public safety," Martin said in a statement Friday. A number of key decisions lie ahead, such as whether to approve and place conditions on an $80 billion merger between AT&T and BellSouth.
A federal appeals court has denied a request for a rehearing from a freelance video journalist and blogger who has been jailed for three months for refusing to cooperate with a grand jury investigation of a violent anticapitalist protest.More here.
The decision Wednesday by a three-judge panel of the Ninth Circuit Court of Appeals means that the blogger, Josh Wolf, could be kept in jail until July, when the term of the grand jury expires, said his lawyer, Martin Garbus.
If that happens, Mr. Wolf, who has served 88 days, will be the longest-incarcerated journalist in recent American history, according to the Reporters Committee for Freedom of the Press. Vanessa Leggett, a freelance journalist from Houston, served 168 days in 2001 and 2002 for refusing to surrender information about a murder case.
Courtesy of Good Morning, Silicon Valley.
I laughed until beer came out of my nose. Really.
Darren Murph writes on Engadget:
The same folks who brought us fire-proof plastic, air guitar clothing, and wireless air hockey apparently delivered a lot more of the WiFi technology we all utilize daily than was previously recognized.More here.
Australia's Commonwealth Scientific and Industrial Research Organization has won a landmark case against Buffalo Technology, "under which it could receive royalties from every producer of WLAN products worldwide." US patent 5487069 -- which "encompasses elements of the 802.11a/g wireless technology that is now an industry standard" -- was granted to the body back in 1996, and has subsequently been utilized in seemingly every piece of wireless kit ever since.
Considering their recent victory, CSIRO's pending cases against Intel, Dell, Microsoft, HP, and Netgear definitely have roots now, and if judges continue to rule in the Aussies' favor, the big boys could be shelling out "hundreds of millions of dollars" in back pay to cover their wrongs. Ruh roh.
Bellevue's T-Mobile USA Inc. on Wednesday confirmed reports that a laptop computer containing the Social Security number, salary, birth date and home address for as many as 43,000 current and former employees disappeared from an employee's checked luggage.More here.
A company spokesman couldn't say Wednesday when the presumed theft occurred, but he speculated it took place sometime after Aug. 23.
He based his speculation on the fact that the laptop contained data on people employed at T-Mobile between May 25 and that date.
Patricia C. McCarter writes in The Huntsville Times:
The pile of construction debris between Hazel Green's elementary and high schools had more than wallboard and outdated wiring in it.More here.
Two students who went through the heap Tuesday afternoon found boxes of student records, which included photographs, addresses, grades and Social Security numbers of sixth-graders from 2003 through 2005.
The MPAA studios are at it again, snatching away our fair use rights, so they can sell them back to us for an "additional fee."More here.
In a lawsuit filed in federal court in New York, Paramount Pictures v. Load 'N Go Video, the MPAA member companies have sued a small business for loading DVDs onto personal media players (e.g., iPod Video) on behalf of customers.
According to the suit, Load 'N Go sells both DVDs and iPods and loads the former onto the latter for customers who purchase both. The company then sends the iPod and the original DVDs to the customer. So the customer has purchased every DVD, and Load 'N Go just saves them the trouble of ripping the DVD. The movie studios' suit claims that this is illegal, because ripping a DVD (i.e., decrypting it and making a copy) is illegal under the DMCA. The suit also claims that this constitutes copyright infringement.
From the "You Should Be Ashamed of Yourself" Department...
Ryan Singel points out (on 27B Stroke 6) an EPIC Alert snippet which shows just how much the U.S Department of Commerce's Privacy Czar really cares about privacy:
Mr. Cresanti [Robert C. Cresanti, the Commerce Department's new privacy chief] attended more than 25 meetings with business lobbyists and corporate representatives across the country, including business lunches and dinners with DaimlerChrysler, Pitney Bowes and the Council on Competitiveness, whose members include executives from Wal-Mart and IBM. He also attended day-long business meetings in Detroit, Michigan; Elyria, Ohio, and Chicago, Illinois.More here.
However, the top privacy official at the Commerce Department did not attend one pre-scheduled meeting with privacy advocates in Washington, DC.
Cresanti had agreed to speak with the Privacy Coalition on September 8 at 1:15 p.m., after another meeting at the National Institute of Standards and Technology. But his appointment at NIST, scheduled to end at noon, was completed earlier than anticipated and he went back to his office. When Cresanti did not arrive at the privacy meeting, the coalition was informed that he had made an impromptu decision to have lunch instead. Cresanti has not rescheduled.
Anne Broache writes on C|Net News:
An executive from a company that manages a large portion of the Internet's infrastructure on Thursday slammed federal wiretapping rules expected to take effect next spring.More here.
Paul Kouroupas, vice president of regulatory affairs for Global Crossing, strongly criticized the Federal Communications Commission's broadening of a 1994 law--originally intended to cover telephone providers--as disproportionately costly, complex, and riddled with privacy concerns. His company is one of the world's largest Internet backbone providers.
"Our customers are large Fortune 500 companies--not too many of those companies are conducting drug deals or terrorist activities out of Merrill Lynch's offices or using their phones in that way," Kouroupas said at an event here sponsored by the DC Bar Association. "By and large we don't get wiretap requests, yet we're faced with the costs to come into compliance," which he estimated at $1 million.
As of Thursday, Nov. 16, 2006, at least 2,862 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,289 died as a result of hostile action, according to the military's numbers.More here.
The AP count is nine more than the Defense Department's tally, last updated Thursday at 10 a.m. EST.
Mary Kirwan writes on The Globe and Mail:
The latest security surveys show that attackers are indeed getting smarter, and concentrating their efforts on softer, high-yield targets, predominantly home users and financial institutions — namely consumers banking online.More here.
Despite huge publicity around the issues, U.S. consumers are still taking the bait in droves. According to research firm, Gartner Inc., in 2006, as many as 3.5 million Americans will provide confidential data to phishers, and their naiveté will cost the U.S. economy an estimated $2.8-billion (U.S.). Individual losses are also increasing exponentially. U.S. victims lost five times more in 2006 to individual phishing attacks than in 2005. Clearly attackers want to maximize the return from these more targeted attacks.
An AP newswire article, via FoxNews.com, reports that:
A former Source Media Inc. executive was charged with hacking into the company's computer system three years after he was dismissed, and tipping off employees whose jobs were in jeopardy, prosecutors said Wednesday.More here.
In a press release, the U.S. Attorney's office in Manhattan said Stevan Hoffacker, the company's one-time director of information technology and later vice president of technology, was charged with one count of unauthorized access to a protected computer network.
Source Media is the New York publisher of American Banker, the Bond Buyer and other financial publications. It is a unit of Bahrain's Investcorp.
Hoffacker, 53, faces up to five years in prison on the charge. He was arrested Wednesday in Queens, where he lives.
"The U.S. Department of Agriculture has decided to remove the word 'hunger' from its annual report assessing Americans' access to food. Those among us who sometimes go without food, a group that has grown consistently over the last five years, will now suffer from 'very low food security.'"
German mega-company Siemens may have run a secret global financial network to hide potential bribe payments worth tens of millions of dollars, a newspaper said.More here.
Investigators are probing whether the money, which was channeled across Swiss bank accounts, was used to bribe "high-ranking Russian officials" to get Siemens more business there, Germany's Sueddeutsche Zeitung newspaper said Thursday.
The report comes after some 200 police and justice agents Wednesday raided the offices of Siemens, Europe's largest engineering company, which may be involved in a massive fraud scandal.
Ryan Naraine writes on eWeek:
The recent surge in e-mail spam hawking penny stocks and penis enlargement pills is the handiwork of Russian hackers running a botnet powered by tens of thousands of hijacked computers.More here.
Internet security researchers and law enforcement authorities have traced the operation to a well-organized hacking gang controlling a 70,000-strong peer-to-peer botnet seeded with the SpamThru Trojan.
According to Joe Stewart, senior security researcher at SecureWorks, in Atlanta, the gang functions with a level of sophistication rarely seen in the hacking underworld.
I watched this video when I was alerted to this incident earlier this morning, and I must say -- this appears to be highly questionable behavior by UCLA Police officers.
And personally, I'm not satisfied with the UCLA Chancellor's reply to the situation. I'm getting really sick of the entire "Papers, Please!" attitude by people abuse the power of the position in which they are employed.
Via NBC4.tv (Los Angeles).
An administrative review was under way after a 23-year-old student was administered multiple stun gun shocks by UCLA Police Department officers in the Powell Library computer lab.More here.
Video shot from another student's camera phone shows the man screaming while on the floor of the computer lab as officers used the stun gun on him at 11:30 p.m. Tuesday, according to the Daily Bruin.
He had been working at a computer in the back of the lab and had failed to produce a student ID during a random check performed by community service officers, the newspaper reported.
According to a UCLA police sergeant, the student was identified as Mostafa Tabatabainejad of Los Angeles.
He was given a citation for obstruction/delay of a peace officer in the performance of duty and then released from custody, the sergeant said.
Ben Camm-Jones writes on Web User:
Users of V21's broadband service got a nasty shock when they tried to connect to the internet yesterday.More here.
Several Web User readers reported that they were greeted with a message informing them that due to a legal dispute V21, which has recently been acquired by Biscit, would no longer be supplying their broadband service.
Instead, customers had the option of moving their account to a company called ezeeDSL, or waiting until 24 November to have their service terminated so they could get broadband from a different provider, or move to V21's superfast broadband service.
My freind and colleague, Alex Eckelberry, writes over on The Sunbelt Software Blog:
Image spam, a plague on email right now, continues to get more and more creative.More here.
For the most part, the images are embedded in the email, although sometimes they’re sent as a hyplink (an email client like Outlook can show images in the email when formatted in HTML, either through a hyperlink or as an embedded image, a technique that also works with RTF through OLE embedding).
Some people may wonder why the images are getting all odd looking, with slashes and odd text and the like. That’s largely to bypass OCR filters (for example, SpamAssassin uses an OCR plug-in to detect image spam). It’s also to continually change the checksum on the image.
John Oates writes on The Register:
Several major corporate websites in the UK and parts of Microsoft’s MSN service and Hotmail have been down today.More here.
A spokeswoman for Natwest said: “Yes, we’ve been having DNS (domain name server) problems today which have stopped access to the website. We’re still working on fixing the problem.”
Sky.com, skybroadband.com and Telstra Europe were also affected.
A spokeswoman for Sky blamed the problems on PSINet – the backbone provider bought by Telstra Europe. PSINet was unable to comment when we called them.
The Internet Traffic Report showed an outage at BT's Ilford core router.
A spokesman for BT said he was not aware of any major network problems today.
Via gapingvoid.com. Enjoy!
Anne Broache writes on C|Net News:
A leading seller of software for investigating computer crimes has reached a settlement with federal regulators, after a hacking incident exposed data on thousands of its customers.More here.
Under a settlement with the Federal Trade Commission announced on Thursday, Pasadena, Calif.-headquartered Guidance Software must put into place a "comprehensive information-security program" and undergo audits by independent, third-party security professionals once every two years for the next decade.
The intrusion into Guidance's servers, discovered last December, unmasked the names, addresses and credit card details of about 3,800 customers, the company said at the time. Guidance executives said they had notified all of its approximately 9,500 customers about the attack and called on the U.S. Secret Service to conduct an investigation. The company, one of the world's top providers of forensic software, counts government and law enforcement personnel and security researchers among its clientele. A handful of these reported suspicious credit card charges after the breach.
Frank Ahrens writes in The Washington Post:
Clear Channel Communications Inc., the nation's largest radio chain with more than 1,200 stations, said today it has agreed to sell the company to a consortium of private-equity firms for nearly $27 billion.More here.
The buyers, led by Bain Capital Partners and Thomas H. Lee Partners, also are bidding for Tribune Co., which owns several newspapers and television stations. That process is ongoing.
According to Spanish newspaper reports, two seventeen year-olds were arrested yesterday in Alicante, charged with creating a Trojan horse which allowed them to remotely take control of webcams within local educational institutions. This enabled the duo to spy on students and record compromising images, which they then used to blackmail the victims into giving them money.More here.
Later in the same day, two adults were arrested in Madrid, in connection with the original inquiry. It is claimed that the adults used the teenage malware authors to obtain confidential data in order to commit credit card fraud. Using fake credit card details, the two adults allegedly made purchases amounting to more than 60,000 EUR.
I'm still trying to figure out why this hasn't been carried by American mainstream media outlets...
An AP newswire article, via CNews (Canada), reports that:
Security checkpoint managers at San Francisco International Airport were warned when undercover inspectors came to test how well screeners detected fake bombs and weapons, a government report said Tuesday.More here.
The report, obtained by The Associated Press, confirms allegations brought in February 2005 by a whistleblower who formerly worked for Covenant Aviation Security.
Covenant provides security at the San Francisco airport, one of a handful of airports that uses private companies under a program established by Congress.
The Defense Department's computerized travel reservation system has turned into a half-billion-dollar fiasco, so flawed that only 17 percent of the travelers are using it as intended, Senate investigators say.More here.
The system was designed as the Pentagon's version of an Internet travel site, where flights, hotels and rental cars can be booked without the need for fee-based travel agents.
Anne Broache writes on C|Net News:
The outgoing Republican chairman of a key U.S. Senate committee has made a last-minute attempt at giving the Bush administration what he calls the necessary "resources" for carrying out its phone call and Internet surveillance within the law, but critics remain unconvinced.More here.
In remarks on the Senate floor on Tuesday afternoon, Judiciary Committee Chairman Arlen Specter marketed his new 11-page proposal as "a significant advance in protecting civil liberties." Once one of the few Republicans to question openly the legality of the National Security Agency's warrantless terrorist surveillance program, the veteran Pennsylvanian politician drew criticism this summer for endorsing a bill that would allow--but not require--the Bush administration to submit the operations for court review.
The Senate Judiciary Committee chairman's latest effort drew near-immediate skepticism from the American Civil Liberties Union and from California Democratic Sen. Dianne Feinstein, who co-sponsored what civil liberties groups viewed as a more stringent bill with Specter earlier this year. That bill narrowly cleared a committee vote in July but has since stalled.
Michael Hampton writes on Homeland Stupidity:
In the United States, you can be sentenced to prison for crimes you didn’t commit.More here.
Under current federal sentencing guidelines, the government can demand that the court sentence a defendant found guilty of some charges but innocent of other charges as if he had been found guilty of all of the charges.
This, of course, is why they throw any charge they can think of at everyone who crosses paths with the injustice system. Invariably, they’ll manage to convict even the most innocent person of something, even if it’s a jaywalking charge, and get a sentence far in excess of what would be reasonable for such a charge.
A federal district court recently condemned the practice, which it said occurs “routinely.”
An AP newswire article, via PhysOrg.com, reports that:
Two Chileans accused of hacking into thousands of government Web sites were freed from jail Wednesday but ordered to stay away from computers while the case is investigated, their lawyer said.More here.
Police accuse Carlos Amigo, 37, known online as SSH-2, and Leonardo Hernandez, 23, nicknamed Nettoxic, of belonging to a team of hackers responsible for breaking into more than 8,000 Web sites around the world, including that of the U.S. space agency.
They were arrested Nov. 7 along with two underage friends. The twin brothers, who were not identified or jailed due to their age, acted under the names Codiux and Phnx, police said.
The arrests resulted from eight months of investigation with the help of authorities in the United States, Israel and several South American countries, police said.
A New York Times article by Eamon Quinn, via The International Herald Tribune, reports that:
Google, the leading Internet search company, said Wednesday that it would hire 500 more employees in Dublin as it makes its Irish facility the largest outside the United States.More here.
The central Dublin offices, which first opened with five employees in 2003, could have more than 1,400 people by the end of next year if Google can attract technical personnel and graduates in language studies from around the world, said John Herlihy, director of online sales and operations in Europe.
Google has 10,000 employees worldwide, including 3,000 at its headquarters in Mountain View, California.
Well, it's about time someone did...
Bob Sullivan writes on The Red Tape Chronicles:
The Florida state attorney general's office has opened an investigation into potentially misleading advertising by FreeCreditReport.com.More here.
The Web site, owned by credit bureau Experian Group Ltd, offers consumers a chance to obtain their credit reports and credit score by signing up for a paid subscription service.
In response to a public record inquiry by MSNBC.com, the office of Florida Attorney General Charlie Crist issued a statement indicating it had opened an investigation to determine whether Experian has violated Florida's Deceptive and Unfair Trade Practices Act.
The investigation will cover several entities owned by Experian, including Consumerinfo.com, Inc., Experian Consumer Direct; Qspace, Inc.; Iplace, Inc.; and the Web sites Consumerinfo.com; Creditexpert.com; and Creditmatters.com.
Joris Evers writes on the C|Net Security Blog:
A criminal gang in the U.K. was able to steal confidential banking data by bugging ATMs with an MP3 player, The Times of London reported in its online edition Thursday.More here.
The gang targeted freestanding cash dispensers and would tap the phone line between the ATM and a wall socket by placing a two-way adaptor on it and connecting an MP3 player, according to the newspaper.
The digital music device would record the data traffic, which sounds like the noise a traditional computer modem makes when connecting. The noise would be interpreted using a modem line tap or passed through a special computer software program.
The gang was then able to create copies of credit cards and make purchases worth 200,000 pounds, nearly $380,000, according to The Times.
R. Scott Raynovich writes on Light Reading:
This morning 3Com Corp. filed a statement with the SEC saying it is bidding for 100 percent ownership of Huawei-3Com (H3C), the joint venture it formed with Huawei Technologies Co. Ltd.More here.
According to the filing, 3Com, which currently owns 51 percent of H3C, intends to bid for the 49 percent stake it doesn't own, essentially buying out the unit from Huawei.
Christian Beckner writes on Homeland Security Watch:
The kooky website Cryptogon had a post a few days ago where they linked to an Immigration and Customs Enforcement strategic plan for detention and removal from 2004 codenamed Endgame. That report had previously been available online at ice.gov, but shortly after the Cryptogon post revealed its existence, it was removed from the website. The proprietors of this Cryptogon site therefore put it up on their own server, and you can download it here:More here.
ENDGAME: Detention and Removal Strategic Plan, 2003 - 2012
The document is unclassified and fairly banal, so I have a hard time believing that this was removed for security reasons. A likelier explanation is that it was removed because it was outdated, a lot of the content in it having been superceded by strategic work under the auspices of the Secure Border Initiative over the last 1+ years.
On Sunday, a human being registered to use our website [www.DownsizeDC.org], sent a message to Congress, and then "ran a script" on our system to generate nearly 50,000 pieces of spam through our server.More here.
As a result, America Online has temporarily blacklisted us. AOL users probably won't get this message.
We discovered the problem this morning. The offending registration has been deleted and the problem has been patched so the script will not work again. Our database was never compromised or at risk of being compromised.
Ed Oswald writes on BetaNews:
Those early adopters who bought a Microsoft Zune on Tuesday were greeted with an embarrassing incompatibility when they tried to install it on to their computers running Windows Vista: it doesn't work with Redmond's latest operating system.More here.
[Unsurprisingly] Apple enthusiast sites immediately latched onto the peculiar issue as yet another reason why the Zune was not ready for prime time.
Today, President Bush visits Vietnam for the Asia-Pacific Economic Cooperation summit, “looking to burnish his foreign-policy credentials.” He’s off to a miserable start.More here.
Yesterday, the White House website featured a graphic with the flags of the three countries he’s visiting on his trip — Singapore, Vietnam, and Indonesia. One problem: instead of displaying the Vietnamese flag, the White House graphic featured the old flag of South Vietnam. That flag hasn’t been the official flag of Vietnam since South Vietnam surrendered to North Vietnam in 1975.
Michael Arrington writes on TechCrunch:
The offense we committed was creating a small tool that lets people download YouTube videos to their hard drives. We referenced the tool in a recent post that walked people through the process of moving YouTube Videos to their iPod.
Alice Lipowicz writes on GCN.com:
The Homeland Security Department’s Science & Technology Directorate’s data mining prototype is receiving in-depth scrutiny from the department’s inspector general.More here.
The DHS IG plans to review the Analysis, Dissemination, Visualization, Insight and Semantic Enhancement, or Advise, program, over the next several months to determine how well it is meeting its goals in identifying potential threats, according to the IG’s just-released fiscal 2007 Annual Performance Plan.
The $40 million program is designed to extract terrorist threat information from large amounts of data. It and other data mining programs are criticized by privacy advocates because they sift through large amounts of personal information.
An AP newswire article, via The Globe and Mail, reports that:
Criminal charges have been brought against more than two dozen individuals and corporations in four states in connection with a billion-dollar-a-year gambling Web site, authorities said Wednesday.More here.
Authorities declined to name any of those charged. One of the corporations is an offshore Internet company with an American counterpart, said Kevin Ryan, a spokesman for Queens District Attorney Richard Brown.
Ryan said the case is “one of the first times that a Web designer corporation and the companies that maintain the Web sites have been charged.”
Police said the arrests were made in New York, New Jersey, Florida and Nevada. The scheme involved placing sports bets through bookies via a secure Internet site.
Tricia Duryee writes in The Seattle Times:
At Seattle's 1962 World's Fair, the Space Needle stood as a symbol for what the future would bring.More here.
Today, the landmark is signifying something no one would have ever imagined 44 years ago.
Clearwire, wireless pioneer Craig McCaw's latest venture, is officially launching a new service in Seattle that provides Internet service to the home wirelessly. The service, a form of an emerging technology called WiMax, operates through a system of towers that transmit and receive signals allowing users to be online.
An AP newswire article, via MSNBC, reports that:
EU regulators said Wednesday that Microsoft Corp. has still not supplied "complete and accurate interface documentation" to comply with a March 2004 antitrust order and risks further fines unless it takes action by Nov. 23.More here.
The European Commission fined Microsoft $357 million in July for not supplying technical information that aims to help rivals make server software that works smoothly with Microsoft's desktop operating system Windows.
Johannes Ullrich writes on the SANS Internet Storm Center Daily Handlers Diary:
Today, the SANS Institute released an updated Top 20 Internet Security Attack Targets list.See the entire SANS 2006 Update to the Top 20 List here.
This update reorganizes the list recognizing the new reality of operating system independent issues. Sections for cross-platform applications, network devices, policy and the overall issue of 0-day attacks where added.
The list has been released for the last 7 years. From the start, organizations like the FBI assisted in putting the list together. It is in particular useful if you have to set and defend priorities.
Mark Segraves writes for WTOP Radio:
The Internal Revenue Service is the latest federal agency to acknowledge a security breach involving missing laptop computers. The breach once again puts Americans at risk of identity theft.More here.
According to documents obtained by WTOP through the Freedom of Information Act, between 2002 and 2006 year-to-date, the agency charged with collecting taxes and protecting taxpayers' personal information had 478 laptops either lost or stolen.
Of those missing computers, 112 contained sensitive data including the Personal Identifiable Information, such as Social Security numbers, for some U.S. taxpayers.
The IRS was unable to disclose how many people could be at risk of identity theft, but said they are working to make that determination.
An AP newswire article, via The International Herald Tribune, reports that:
Terrorists have long embraced the Internet as a tool for propaganda and planning, and some even post comedy and Top 10 lists to draw in young recruits, experts said Tuesday.More here.
But while the militant organizers and recruiters are staying plugged-in, Western governments have been slow to recognize the Internet's role in fostering terrorism, analysts said at a Digital Terrorism conference.
Jonathan Fildes writes for The BBC:
The tangle of cables and plugs needed to recharge today's electronic gadgets could soon be a thing of the past.More here.
US researchers have outlined a relatively simple system that could deliver power to devices such as laptop computers or MP3 players wirelessly.
The concept exploits century-old physics and could work over distances of many metres, the researchers said.
Although the team had not built and tested a system, computer models and mathematics suggest it would work.
David Leigh writes on The Guardian.co.uk:
The information commissioner signalled a crackdown last night on companies that steal and sell sensitive details of people's private lives after a prosecution exposed the growth in data theft.More here.
Richard Thomas, the official privacy watchdog, said he was investigating a number of organisations that have bought personal data such as details of bank accounts, tax returns and mortgage payments. He warned of raids and prosecutions after the conviction yesterday of a husband and wife who made £140,000 a year selling private financial information obtained by deception.
Bob Brewin writes on Government Health IT:
The Military Health System (MHS) lost records of almost 5,000 patient encounters because of hardware and software problems with portions of the Defense Department’s Armed Forces Health Longitudinal Technology Application (AHLTA) electronic health record system, a top MHS official told Federal Computer Week.More here.
The system is also experiencing backup problems with data stored locally at military treatment facilities (MTFs), which a Defense Information Systems Agency official described as anomalies but not systemic. DISA maintains the MHS network and provides mainframe storage at one of its data centers and local storage at MTFs.
As of Tuesday, Nov. 14, 2006, at least 2,852 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,285 died as a result of hostile action, according to the military's numbers.More here.
The AP count is three more than the Defense Department's tally, last updated Tuesday at 10 a.m. EST.
Craig Matsumoto writes on Light Reading:
At long last, Alcatel gets to announce it's included in the Cable & Wireless plc next-generation network (NGN) buildout.More here.
Alcatel announced today that it's deploying 200 to 250 nodes for C&W during the next two to three years. C&W's NGN is comparable to the BT Group plc 21CN rollout, not just for the preponderance of capital letters, but because they both involve building a new, unified network for handling traffic.
K.C. Jones writes on InformationWeek:
Former Hewlett-Packard Board Chairwoman Patricia Dunn is scheduled for arraignment Wednesday in Santa Clara County Superior Court on felony charges related to the HP boardroom spy scandal.More here.
California Attorney General Bill Lockyer's office announced the arraignment Tuesday. Dunn's case was originally scheduled for Friday. California prosecutors and the defendants' attorneys still plan to discuss case management and scheduling during an appearance in court Friday, the same day HP's quarterly results are due.
All defendants are also expected to file a waiver of appearance by Friday, Lockyer's spokesperson Tom Dresslar said in a prepared statement. That means the defendants will not have to appear in court until trial, preliminary hearings, or sentencing.
John Leyden writes on The Register:
Spamhaus has published a revised list of the world's 10 worst spammers. According to the anti-spam organisation, 200 professional spam gangs are responsible for 80 per of the high volume of junk mail pumped onto the internet every day.More here.
Public enemy number one is a Ukrainian known variously as Alex or Alexey, a prolific user of botnets, networks of PCs compromised with malware, to send out junk mail in association with a Russian spam gang called Pavka/Artofit. Alexey is involved in distributing child porn spam, among the many types of unsolicited junk he spew onto the net every day.