Saturday, July 07, 2007

Gapingvoid: I Can Tell That You Love Me

Via gapingvoid.com. Enjoy!

Live Earth Internet Streaming Sets Record: MSN

Via Reuters.

The Live Earth global pop concerts on Saturday broke a record for an online entertainment show by generating more than 9 million Internet streams, Microsoft Corp. Web portal MSN said.

As the last two of the nine Live Earth concerts got underway, MSN product manager Karin Muskopf said the number of streams had surpassed the previous record held by 2005's Live 8 global concerts to fight poverty.

"We have exceeded any other online entertainment event," Muskopf said. "It's really exciting to see the enthusiasm for the concert."

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Saturday, July 7, 2007, at least 3,603 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,952 died as a result of hostile action, according to the military's numbers.

The AP count is 13 higher than the Defense Department's tally, last updated Friday at 10 a.m. EDT.

More here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

New '7 Wonders of the World' Named After Online Poll

Stonehenge -- didn't make the cut?!?

Actually, I'm kind of disappointed.

I'm not sure I can approve of any poll that finds the "Christ Redeemer" in Rio de Janeiro more of a "wonder" than, say, Stonehenge (no offense to Brazilians intended).

But I digress...

A Reuters newswire article, via The Boston Globe, reports that:

The Great Wall of China, Petra in Jordan and Brazil's statue of Christ the Redeemer are among the modern-day seven wonders of the world chosen in a poll of 100 million online voters, organizers said on Saturday.

The other four are Peru's Machu Picchu, the mountain settlement that symbolizes the Incan empire, Mexico's Mayan ruins at Chichen Itza, the Colosseum in Rome and the Taj Mahal in India.

The seven winners were announced at a glitzy show at Portugal's Benfica stadium following what is likely to be the biggest ever online poll at www.new7wonders.com.

More here.

Metal Thieves Hurt Latin American Economies

An AP newswire article Jonathan M. Katz, via The Boston Globe, reports that:

Copper exports have surged in this Caribbean nation [Dominican Republic] with no active copper mines -- thanks to thieves who plunder power and telephone lines.

Scrap metal thieves also thrive in Brazil, where vandals sawed off the arms of a bronze statue of soccer legend Pele last month. In Jamaica, bandits ripped up tracks and cables from an old Kingston railway station.

Even the U.S. has not escaped. In Fort Wayne, Ind., thousands of dollars worth of copper gutters were stripped from a church in the middle of the night last month.

Theft of scrap metal has increased sharply in recent years as prices have risen. Copper is the most tempting target because it brings the most cash per pound. The vandalism can spell disaster for countries with struggling economies, especially when it damages already shaky electrical sectors.

More here.

The World Remembers Second Anniversary of London Suicide Bombings


We Stand With You.


Louisiana Bankers Set to Go Wireless

It always raises an eyebrow when someone claims a particular technology is "hacker-proof"...

Bob Moser writes on The Daily Advertiser:

The first segment of a new wireless network for banking data is being built in Louisiana, and the Louisiana state police is on board for its own benefit.

The company, ERF Wireless out of League City, Texas, says sending data through the air will be faster than land lines, even safer from hackers, and not prone to storm damage like high-wires or buried lines.

"It's bandwidth, lots of bandwidth, and it's more secure than a regular phone line," said John Burns, CEO of ERF Enterprise Network Services. "It's actually quite a bit faster. Much more control, faster speed, faster response, and it's a private communications network the bank creates for itself, whereas with phone lines you're sharing with everyone."

More here.

(Props, Flying Hamster.)

Algerian Hackers Behind eBay Phishing Attack?


Via The Sophos Labs Blog.


In the regular flood of phishing emails coming to our spam traps, this one, using eBay as the target is worth the mention as it was possible to trace the attack to the possible attacker(s).

The email message arrived formatted as a standard eBay message from a fake seller with a request for an answer. Naturally, the link in the message pointed to a compromised web page with a fake eBay logon screen.

A further visit to the link left by the attacker reveals a vaguely graphically interesting site of an Algerian hacking group “Algeria Security Team”.

More here.

Image source: Sophos Labs UK

NASA's Terra Satellite Moved to Avoid Chinese ASAT Debris

Brian Berger writes on Space.com:

Flight controllers at NASA's Goddard Space Flight Center, Greenbelt, Md., had to maneuver the Terra environmental spacecraft in late June to avoid orbital debris created by the Jan. 11 test of a Chinese anti-satellite (A-Sat) weapon.

NASA officials said July 5 that the event marked the first time the agency has had to move one of its spacecraft to avoid a potential collision with debris created by the controversial Chinese A-Sat test.

A defunct Chinese weather satellite, Fengyun 1-C, was orbiting at an altitude of roughly 528 miles (850 kilometers) when it was destroyed Jan. 11 after being struck by a kinetic energy A-Sat weapon, producing a cloud of debris that is being tracked by the U.S. military's Space Surveillance Network.

More here.

Friday, July 06, 2007

Cisco Co-Founder, Len Bosack, Launching Optical Network Start-Up

Jon Brodkin writes on NetworkWorld:

Cisco co-founder Len Bosack is launching a company that claims it will bring “fundamental change to worldwide telecommunications” with an optical transport system allowing IT departments to easily and quickly deploy in-house metropolitan optical networks that make efficient use of space and power.

Bosack, who founded Cisco in 1984 with his wife Sandy Lerner, is not yet talking publicly about his new venture, XKL, LLC. The company doesn’t plan to speak on the record with media until early August but makes plenty of details about its products available on its Website.

More here.

N.J. AG Pushing MySpace For More Data

Nicholas Carlson writes on internetnews.com:

MySpace parent-company Fox Interactive Media (FIM) has until Monday to respond to demands from New Jersey's new chief law enforcement officer to provide more details on convicted sex offenders who have profiles on the social networking site .

Attorney General Anne Milgram, who took office June 29th, recently disclosed that more than half of the 141 convicted New Jersey sex offenders with profiles on the social networking Internet site MySpace were on probation or parole and can be subject to tougher prohibitions against surfing the Internet.

It also said a second subpoena was served on June 29 for information on any sex offenders identified and deleted by MySpace since the state's original request and that it would "use every available means to determine the exact nature of the offenders' activities on the site."

More here.

Appeals Court Rules No Privacy Interest in IP Addresses, Email To/From Fields

Ryan Singel writes on Threat Level:

The Ninth Circuit Court of Appeals ruled Friday in United States vs. Forester that IP addresses and the To/From fields in emails are the legal equivalent of dialed phone numbers and the government can get a court order to obtain them without showing probable cause as would be needed in a search one's house.

The Court extended to the internet a 1979 case known as Smith vs. Maryland, where the Supreme Court found that individuals have no reasonable expectation of privacy in the phone numbers they dial because they transmitted them to the phone company in order to complete the call. However, under Smith, the contents of the calls could not be listened in on without proving probable cause to a judge.

More here.

Data Theft, Breaches: Where Do You Place the Blame?

Brian Fonseca writes on NewsFactor Network:

Gartner analyst Avivah Litan said that banks are not yet taking adequate measures to comply with the Payment Card Industry (PCI) standards. "There has not been a lot of enforcement at the bank level," she said. "All the enforcement scheduled has been on the processing and retailer side, so it has been unfair, frankly."

A panel of financial services and retail executives disagreed on which side bears the brunt of the burden to ensure compliance with the Payment Card Industry (PCI) Data Security Standard.

Executives from JPMorgan Chase & Co. and First Horizon National Corp. told an audience at Symantec Corp.'s Vision user conference here that high-profile data breaches at retailers like The TJX Companies Inc. are not originating from their side of the fence -- yet they must spend significant sums to make sure such incidents don't happen.

More here.

Experts See Danger to Americans' Health Data

J. Scott Orr writes in The Star-Ledger:

The federal government is working to create a massive database of medical records with the aim of improving health care, but privacy experts worry it will be an inviting target for data thieves who want to steal your medical identity.

"The way this thing is being put together is pretty close to terrifying," said Adam Levin, co-founder of an online business (identitytheft911.com) that provides identity-theft education and resolution services to companies.

Identity theft threatens your bank account and credit rating, but medical identity theft -- a crime that is quietly spreading like a virus -- can result in your medical history being changed, putting at risk your insurance, your health and perhaps even your life.

"Any database can be compromised -- and unfortunately, as we have spent the past two years looking on, almost every database has been compromised in one manner or another," said Levin, a former New Jersey director of consumer affairs.

More here.

(Props, Flying Hamster.)

Mark of the Beast Alert: RFID to Gets Under Patients' Skin?


An AFP newswire article, via Australian IT, reports that:

Doctors could soon be storing essential medical information under the skin of their patients, the American Medical Association says.

Devices the size of a grain of rice that are implanted with a needle could give emergency room doctors quick access to the records of chronically ill patients, the US's largest doctors group says in a report.

The association approved their use to improve the "safety and efficiency of patient care" by helping to identify patients and enabling secure access to clinical information.

These radio frequency identification tags are already used by Wal-Mart and other businesses to speed up their shipping systems by sending out small signals that can be scanned more easily than barcodes.

Implanting them in people "can improve the continuity and co-ordination of care with resulting reductions in adverse drug events and other medical errors," the report says.

The devices, however, "also may pose some physical risks, compromise patient privacy, or present other social hazards", the report says.

More here.

Image source: SpyChips.com

Scammers Make Friends With Charities - UPDATE

Yazan Gable writes on the Symantec Security Response Blog:

Symantec has observed an interesting trend in the world of Internet-based credit card fraud: fraudsters are donating money to charity. How could this happen? In the world of carding, where stolen credit card information is bought and sold, carders need to know if the credit cards they are buying or selling can actually be used. It is sometimes difficult for them to verify this without raising any alarm bells and risking that their cards will be identified as stolen and disabled. As a consequence, a new trend is appearing.

Carders attempting to verify that a stolen credit card is legitimate and active have begun donating money to charity. By attempting to pay small amounts of money to various charities, including well known charities such as the Red Cross, carders can determine if a stolen credit card is valid depending on the success or failure of the transaction.

More here.

UPDATE: 11:13 PDT: Brian Krebs writes over on Security Fix that this is not a new trend.

ICANN's OPoC Proposal

Via DomainNews.com.

Recently, ICANN created an Operational Point of Contact Proposal (OPoC) where registrants of top level (.com, .net) domains would be required to list only one contact’s postal, email and phone info. Currently, domains are listed with the registrant’s name, a tech contact and an admin contact. The registrant provides a postal address, while the other contacts provide full postal, email, phone and fax info. In addition, primary and secondary servers are openly listed.

Until now, the WHOIS database or the Internet “white pages” has been the primary way to find information about domain registrants as well as to protect Internet users from such risks as sales fraud, brand theft and counterfeit. Imagine if all of this information suddenly disappeared or was no longer easily available?

More here.

U.S. Appeals Court Throws Out Lawsuit Against Domestic Spying

...and so it begins.

An AP newswire article, via MSNBC, reports that:

A federal appeals court on Friday ordered the dismissal of a lawsuit challenging President Bush’s domestic spying program, saying the plaintiffs had no standing to sue.

In a 2-1 decision, two Republican appointees on the 6th U.S. Circuit Court of Appeals ruled against allowing the lawsuit. A Democratic appointee judge disagreed, saying it was clear to him that the post-9/11 warrantless surveillance program aimed at uncovering terrorist activity violated the Foreign Intelligence Surveillance Act of 1978.

Although the Bush administration said in January the program is now overseen by a special federal intelligence court, opponents said that without a court order, the president could resume the spying outside judicial authority at any time.

The ruling Friday vacates an order by a U.S. District Court in Detroit last August that found the surveillance unconstitutional, violating rights to privacy and free speech and the separation of powers.

More here.

Thursday, July 05, 2007

User-Generated, 'Private' Sex Videos Flood the Internet

Sunny Freeman writes on The Tyee:

She's naked and posing suggestively, but otherwise she doesn't resemble the average Playboy model. Yet this "ex-girlfriend" has been viewed by 138,629 people on YouPorn, the new, German-based Internet aggregator of amateur-generated porn.

She's not the only one to have a former lover post her most intimate moments for the world to Google. There are over 250 ex-girlfriends currently featured among the tens of thousands of sex videos on YouPorn.

About 15 per cent of women have knowingly made sex videos, according to a recent poll in Cosmopolitan magazine. If true, that's how many are at risk of having an ex post x-rated files of them on a porn-sharing site.

More here.

Awaiting Internet Access, Remote Brazilian Tribes Debate Its Promise, Peril

Monte Reel writes in The Washington Post:

When the sun sinks behind the palm and mango trees, candlelight flickers throughout a tiny village of thatched huts where about 100 Xavante Indians live.

The villagers here lack electricity but not technical ambition. Just beyond the semicircle of huts sits a new one-room school building, and a place inside has already been reserved for an eagerly anticipated local milestone: the village's first computer.

More here.

Quote of the Day: UK Labour MP Martin Salter

"No-one is stopping people doing weird stuff to each other but they would be strongly advised not to put it on the internet."

- UK Labour Party MP Martin Salter, quoted in a BBC article, regarding a proposed new law which bans "violent pornography" websites in the Internet. Details here.

First Arrest Under NYC's New Piracy Law

An AP newswire article by Tom Hayes, via SFGate.com, reports that:

A moviegoer caught secretly recording the sci-fi blockbuster "Transformers" has been charged with unauthorized use of a video camera in a theater in the first arrest under a new New York City law that stiffened penalties for pirating films.

A criminal complaint accuses Kalidou Diallo of slipping a video recorder, video player and remote control into a sneak preview of the film at a Bronx theater Monday night.

"This is the first time someone has been arrested and charged with the new illegal camcording law," City Hall spokesman Jason Post said Thursday.

In May, Mayor Michael Bloomberg signed legislation that upgraded film piracy from a violation with a $250 fine to a misdemeanor that carries up to six months in jail and penalties of up to $5,000.

More here.

Canada: Radioactive Devices Disappearing at Alarming Rate

Via CTV.ca.

Radioactive devices -- some of which have the potential to be used in terrorist attacks -- have gone missing in alarming numbers in Canada over the past five years.

A new database compiled by The Canadian Press shows that the devices, which are used in everything from medical research to measuring oil wells, are becoming a favoured target of thieves.

At least 76 have gone missing in Canada over the past five years -- disappearing from construction sites, specialized tool boxes, and generally growing legs and walking away.

More here.

U.K. Case Shows Link Between Online Fraud and Jihadist Networks - UPDATE

Brian Krebs writes in The Washington Post:

The global jihad landed in Linda Spence's e-mail inbox during the summer of 2003, in the form of a message urging her to verify her eBay account information. The 35-year-old New Jersey resident clicked on the link included in the message, which took her to a counterfeit eBay site where she unwittingly entered in personal financial information.

Ultimately, Spence's information wound up in the hands of a young man in the United Kingdom who investigators said was the brains behind a terrorist cell that sought to facilitate deadly bombing attacks against targets in the United States, Europe and the Middle East.

Investigators say Spence's stolen data made its way via the Internet black market for stolen identities to 21-year-old biochemistry student Tariq al-Daour, one of three U.K. residents who pleaded guilty this week to a terrorism charge of using the Internet to incite murder.

More here.

UPDATE: 14:46 PDT: Bob Sulivan also has some details here over on MSNBC's Red Tape Chronicles.

Telecom: Controlling Lasers with Chaos

Kate Greene writes on MIT's Technology Review:

Researchers believe that they have found a way to speed up traffic over existing telecommunications networks. Usually, random fluctuations, or noise, in an optical or electrical system is a bad thing, and engineers strive to eliminate such unpredictable behavior from electrical current and light. But now researchers have shown that a little bit of noise can actually enhance the output of some of these systems.

A collaboration between researchers from SUPELEC, in Metz, France, Free University of Brussels, Belgium, and the Public University of Navarra, Spain has resulted in controlling previously chaotic laser light, just by adding a small dose of noise to the electrical current that powers it.

More here.

Estonia to Bolster Cyber Defenses After Attacks

Via Reuters.

Estonia unveiled a plan on Thursday to boost its cyber security after an assault on its Internet infrastructure which it blamed on Russians angry at its removal of a Soviet-era statue.

Estonia suffered attacks on public and private Web sites in April and May year after the Red Army monument was moved from a Tallinn square. The removal of the monument led to two nights of riots by ethnic Russians.

The [Economy and Transport] ministry said that, although the cyber attacks did not paralyze daily life, they raised questions as to what other key areas could come under attack and pose a security risk.

The new measures would aim to protect data and increase information security as well as make sure there were adequate legal weapons to fight cyber crime.

At an international level, Estonia said it would like other countries to sign up to a convention against cybercrime.

More here.

MPack Clearance Sale!

Eric Chien writes on the Symantec Security Response Blog:

The MPack toolkit has received a fair amount of media attention causing it to become one of the most desired Web browser exploit toolkits in the underground hacker scene. The original author was selling the MPack toolkit for $1000 USD, including a year of free support, and additional exploit modules for around $100 USD.

However, considering the toolkit is written in a script language, it is easy to redistribute and modify. The toolkit is being sold by others now for as low as $150 USD. That is a whopping 85% off. Talk about clearance sale. The sellers likely didn't even need to buy it themselves, but rather probably found some of the multiple Web sites that did not employ standard Web site protections, allowing them to download the whole kit for free.

More here.

Hackers Attack Russian Oil Company

Via Kommersant, "Russia's Daily Online".

Late on Tuesday night, unknown individuals attacked the server of Surgutneftegaz oil company. They sent emails from a mailbox allegedly located on the company’s website, claiming that its CEOs were arrested. Surgutneftegaz disproved that information.

Experts do not understand what the hackers’ real purpose was; the latter either wanted to put psychological pressure on the company, forcing it to disclose some information, or they were simply checking spam’s impact on the stock market. There had been similar attempts to manipulate the market before.

More here.

Humor: The Top Secret Files of Dick Cheney


Click for larger image.


EU: Massive Data and Privacy Issues Surround Google-Doubleclick Acquisition

Jeremy Kirk writes on CIO.com:

A European consumer group has complained that Google Inc.'s proposed acquisition of online ad broker DoubleClick Inc. could hurt privacy rights due to the massive amount of data the companies would hold.

In a letter, the Bureau European des Unions de Consommateurs (BEUC) has asked the European Commission and other authorities to investigate how the deal would affect consumers.

More here.

Ohio Newspaper Under Fire for Outing Gun Owners

Nathan Burchfiel writes on CNSNews.com:

An Ohio newspaper's decision to publish the non-public records of concealed carry permit holders drew a strong response, and one gun rights advocacy group published personal but public information about the newspaper's editor.

The Sandusky Register on June 24 published the names, ages and home counties of the almost 2,700 concealed carry permit holders in its circulation area. Ohio gun laws restrict public access to concealed carry records but allow the media to access them.

More here.

(Props, Pogo Was Right.)

Off Beat: Sprint Cancels Customer Contracts After 'Excessive' Complaints?

Marguerite Reardon writes on the C|Net News Blog:

The squeaky wheel doesn't always get the grease.

At least it doesn't if you're a Sprint Nextel customer. In fact, squeaky Sprint customers are getting their service canceled. On June 29, 2007, Sprint sent letters notifying some customers that their service would be canceled by the end of July due to excessive calls to customer service.

"Our records indicate that over the past year, we have received frequent calls from you regarding your billing or other general account information," the letter reads. "While we have worked to resolve your issues and questions to the best of our ability, the number of inquiries you have made to us during this time has led us to determine that we are unable to meet your current wireless needs."

"Therefore after careful consideration, the decision has been made to terminate your wireless service agreement effective July 30, 2007."

More here.

TSA Catches Water Bottle, Misses Fake Bomb

Brendon J. Lyons writes in The Albany Times Union:

Federal inspectors were able to slip a fake bomb through a checkpoint at Albany International Airport during a test of the facility's Transportation Security Administration screeners, according to individuals familiar with the incident.

The unannounced inspection by TSA officials took place early last week. The airport's security measures failed in five of seven tests, most of the problems occurring at the passenger checkpoint, the sources said.

In one test, TSA inspectors hid the components of a fake bomb in carry-on luggage that also contained a bottle of water. Passengers are prohibited from carrying containers holding more than three ounces of liquids, gels or aerosols through airport checkpoints.

The screeners at Albany International confiscated the water bottle but missed the bomb. In all, the inspectors slipped four banned items through the main checkpoint during the test, sources said.

More here.

Canada: 7,800 Victims, $16M Stolen, Zero Arrests

Janice Tibbetts writes in The Ottawa Citizen:

Despite an explosion in identity theft, the only effort to track the crime in Canada is through a tiny initiative in northern Ontario that has a name that sounds a lot like the movie Ghostbusters.

The phone rings up to 1,200 times a day at the Phonebusters anti-fraud call centre, but the dozen or so call-takers are so swamped that most victims hang up while they're waiting in the queue.

"I don't think we're touching the surface," concedes Det.-Sgt. Debbie Bell, the Ontario Provincial Police officer who runs the centre.

More here.

(Props, Pogo Was Right.)

UK: 'Internet Jihadist' Jailed for 10 Years

Mark Oliver writes in The Guardian:

A man described as the "godfather of cyber-terrorism for al-Qaida" and two of his associates were today given prison sentences totalling 24 years.

The three were sentenced at Woolwich crown court after pleading guilty to inciting people to commit murder through their extremist websites. They had all changed their pleas earlier this week, two months into the trial.

The case is the first successful prosecution based entirely on the distribution of extremist material on the internet.

More here.

Wednesday, July 04, 2007

Quote of the Day: Bob Geiger

"I've always enjoyed the Fourth of July.

"It's summer, it's a festive holiday about celebration -- not mourning or remembrance -- and, as a military Veteran, it has been a time to feel good about whatever miniscule role I've played in maintaining our country's strength and freedom.

"But I'm going to skip the barbeques and just go to work today. I do this because the state of my country under the reign of George W. Bush, Dick Cheney and their entire cabal of crooks and non-patriots, leaves me with a feeling so hollow and barren that I simply cannot use drinking a beer, eating a hot dog or watching fireworks as a soothing balm."

- Bob Geiger, writing that there's "No Joy This Fourth Of July". While I agree with Bob in principle, I'm not going to miss out on the hot dogs and beer (and deviled eggs, and...)

FBI Ad to Uncover Chinese Espionage Draws Anger in Chinatown

Phillip Matier and Andrew Ross write in The San Francisco Chronicle:

An FBI ad aimed at Chinese-speaking citizens, asking for information about Beijing-sponsored espionage in the United States or any other criminal activity, is drawing flak in San Francisco's Chinatown and at the Chinese Consulate.

The ad started running Saturday in three local Chinese-language papers -- the World Journal, Ming Pao Daily and Sing Tao Daily. Translated, it reads, "Chinese living here have often helped the FBI prevent subversive elements from penetrating and harming our country. In order to protect our freedoms and democracy, we continue to seek your assistance."

The ad goes on, "We would like to talk to individuals who have information about any foreign intelligence service that would intend to harm our country. We especially welcome anyone who has information about the Chinese (government) or State Security." It also provides a mailing address and phone number for tips.

Sing Tao Editor Joseph Leung said the ad had prompted calls from several unhappy readers -- including one at the Chinese Consulate, wondering just how long it would run.

More here.

By The Numbers: Fourth Of July


Lacey Rose writes on Forbes.com:

Flag waving must make people hungry. This year Americans will spend over $275 million on hamburgers and hot dogs as they celebrate their nation's Independence. Add in buns, beer and all manner of snacks, and Fourth of July celebrations will set Americans back $2.5 billion.

Sure, the Fourth falls on a Wednesday this year, but don't expect the midweek timing to put a damper on the celebration. According to the National Retail Federation's (NRF) 2007 Independence Day Consumer Intentions and Actions Survey (conducted by BIGresearch, a consumer research firm based in Worthington, Ohio), 88.5% of Americans will partake in the holiday festivities this year, up slightly from the 87% who joined in last year.

More here.

What Happened to The 56 Men Who Signed the Declaration of Independence? - UPDATED


Via Defense Tech.

Have you ever wondered what happened to the 56 men who signed the Declaration of Independence?

Five were captured by the British as traitors, and tortured before they died.

Twelve had their homes ransacked and burned.

Two lost their sons serving in the Revolutionary Army; another had two sons captured.

Nine of the 56 fought and died from wounds or hardships of the Revolutionary War.

What kind of men were they?

Twenty-four were lawyers and jurists. Eleven were merchants, nine were farmers and large plantation owners: men of means, well educated. But they signed the Declaration of Independence knowing full well that the penalty would be death if they were captured.

Carter Braxton of Virginia, a wealthy planter and trader saw his ships swept from the seas by the British Navy. He sold his home and properties to pay his debts and died in rags.

Thomas McKeam was so hounded by the British that he was forced to move his family almost constantly. He served in the Congress without pay, and his family was kept in hiding. His possessions were taken from him, and poverty was his reward.

Happy Birthday, America.

More here.

UPDATED: 14:09 PDT: Some factual errors -- more here.

San Jose Man Sets Hot Dog Eating Record

Joey Chestnut

William Marra writes for ABC News:

It was cheek-to-cheek, jaw-to-jaw and when the final seconds ticked away, a photo finish revealed a new American champion.

Joey Chestnut, a California graduate student, unseated six-time defending champion Takeru Kobayashi of Japan at the 2007 Nathan's Famous International July Fourth Hot Dog Eating Contest.

On his way, he shattered his own record for hot dog consumption, slogging down 66 weiners in 12 minutes.

Kobayashi, whose jaw condition was questionable in the run up to this year's competition, swallowed 63 hot dogs -- keeping pace with Chestnut but never was in the lead.

More here.

Image source: William Jackson / Reuters

U.S. Cable Firms to Raise Set-Top Box Rates

An AP newswire article, via USA Today, reports that:

Cable companies are planning to charge more for set-top boxes to help pay for new, more expensive versions mandated by the Federal Communications Commission.

They say the price increases are a result of the government's push to spur competition for the boxes, which are required to receive digital programming and change channels. It's not yet clear how much the charges will rise.

The FCC has been trying for nearly a decade to open up the set-top market so subscribers actually buy their own and then use a cable-company-provided card to decode their programming. The retail market for the boxes, however, has largely failed to materialize and millions of consumers still rent the boxes from their cable company.

As of July 1, cable companies were required by the FCC to start shipping the new set-top boxes with detachable cable cards.

More here.

UK: 1,800 Fake Passports Seized as Counterfeit Ring Smashed


Chris Greenwood writes in The Independent:

Police uncovered the largest haul of fake passports ever found in the UK as they smashed a massive counterfeiting ring, it was revealed today.

More than 1,800 fake passports with a street value of at least £1 million were discovered in a two-bedroom flat in north London.

Five men were in custody today after fake passports for at least 12 countries were found stuffed into a wardrobe, cupboard and briefcase.

Among the documents were 200 fake UK passports which are often considered by counterfeiters as too difficult to make.

More here.

EC Wants to Suppress Internet Bomb-Making Guides

Lewis Page writes on The Register:

The European Commission (EC) has announced plans to frustrate terrorism by suppressing online guides on bomb-making.

"It should simply not be possible to leave people free to instruct other people on the internet on how to make a bomb – that has nothing to do with freedom of expression," EC vice president Franco Frattini said yesterday.

Mr Frattini is "responsible for Freedom, Security and Justice."

When asked how the EC planned to suppress web bomb manufacture instructions hosted outside EU borders, it appeared that officials planned to act at the level of ISPs in Europe.

More here.

Satire: Bush Commutes Pluto's Sentence


Via Uncertain Principles.

In a move that supporters say shows sensitivity and compassion, President Bush today commuted the sentence of the planet Pluto, which was demoted to a "dwarf planet" by the International Astronomical Union in August of 2006. Under the President's new order, Pluto will once more be regarded as a full-fledged planet, though he left unchanged the part of the decision in which the astronomical object must share its name with a cartoon dog.

"Pluto's crimes have been well-documented," said the President in a short statement from the Oval Office, citing in particular the once and future planet's crossing of Neptune's orbit every couple hundred years. "However, we feel that having to live in an eccentric orbit in the outer regions of the solar system is punishment enough. Also, removing Pluto totally screws up the memory thing we learned: My Very Elegant Mother Just Sat Upon Nine Porcupines. Heh. That's funny."

More here.

(Hat-tip, Gadi.)

Image source: Wombania

Happy Birthday, America: The History Of The Fourth Of July

John Adams

Mark Lewis writes on Forbes.com:

If John Adams had had his way, Independence Day this year would be celebrated on a Monday, providing everyone with a three-day weekend. Instead, this holiday celebrating freedom remains subject to the tyranny of the calendar, which this year dictates that Independence Day falls on Wednesday, July 4.

But July 4 was not, in fact, the date on which the Second Continental Congress voted to dissolve the bonds that connected the 13 colonies to Great Britain. Lots of momentous events have occurred on July 4, but that historic vote wasn't one of them.

If anyone could be considered an expert on American independence, it was Adams. The dyspeptic delegate from Massachusetts was the primary advocate for Richard Henry Lee's historic resolution that "these united colonies are and of a right ought to be free and independent States." The resolution was introduced on June 7, 1776. When Congress finally adopted it on July 2, Adams exulted.

"The Second Day of July 1776 will be the most memorable Epocha in the history of America," Adams wrote to his wife, Abigail, on July 3. "I am apt to believe that it will be celebrated, by succeeding Generations, as the great anniversary festival. ... It ought to be solemnized with Pomp and Parade, with Shews, Games, Sports, Guns, Bells, Bonfires and Illuminations from one End of this Continent to the other, from this Time forward forever more."

But, due to a technicality, Adams was off by 48 hours.

More here.

Tuesday, July 03, 2007

California Faces Power Grid Concerns Amid Heat Wave


Via CBS5.com.

As California bakes in a summer heat wave, operators of the state's power grid are urging conservation, but they expect to meet electricity demands through the Fourth of July.

Officials are concerned about supplies on Thursday, which is expected to be the hottest day of the week.

"And it's not only in relationship to the hot weather" which prompts the conservation message said Greg Fishman of the Independent System Operator, which oversees the state's power grid. "We had a couple of incidents in Southern California (Tuesday) that impacted the system."

A plane crash into high-voltage transmission lines stressed California's power grid Tuesday as inland areas sizzled in a summer heat wave that raised public health and fire worries.

The crash into the San Diego-area electrical lines and an apparently unrelated loss of 1,900 megawatts of generation from several Southern California power plants led operators of the state's power grid to call for statewide conservation into the evening hours.

More here.

Off Topic: CNN's Horrible New Website

Horrendous.

Really, really bad.

And horribly insecure, since it relies so heavily on JavaScript.

I won't be using it until they fix it -- it's just... horrible.

'Nuff said.

- ferg

Screwed Again: Enron Botches Payments to Ex-Employees

An AP newswire article, via MSNBC, reports that:

More than 20,000 former Enron Corp. employees who finally received the first payment from a portion of millions in retirement funds lost during the company's collapse have been told they were either overpaid or underpaid because of a computer glitch.

Now some ex-workers might have to pay back money if they got too much.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Tuesday, July 3, 2007, at least 3,584 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,947 died as a result of hostile action, according to the military's numbers.

The AP count is one higher than the Defense Department's tally, last updated Tuesday at 10 a.m. EDT.

More here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Beer Drinkers Unite Against Terrorism



Tom Sanders writes on Silicon Valley Sleuth:

Internet users from all over the world have united to buy John Smeaton a 1,000 pints of beer.

The baggage handler was elevated to hero status over the weekend when he assisted in subduing the terrorist who tried to squeeze their oversized SUV into a small door of Glasgow airport.

How could we reward this man that has a clear message to any terrorist who can make sense of his Scottish accent? Internet users from around the world figured 1,000 pints would be a good start. The £3.00 ($6) Paypal donations soon started streaming in, with a little help from Digg.

More here.

Toon of the Day: A Hard Lesson to Learn


Click for larger image.



USAF Contract Lacked Security Clauses

Via UPI.

The U.S. Air Force issued nearly $1.7 billion in computer networking contracts between 2004 and 2006 without clauses to protect classified information.

While some of the omissions were corrected last fall, the contracts still do not require the contractors to disclose whether they are owned or controlled in any part by a foreign government of a "terrorist country," and neither do they require background checks and identity verification for contractor personnel visiting government sites containing classified information.

More here.

Archeology: Ancient 'Salt Cured' Man Found in Iranian Mine


Kelly Hearn writes on National Geographic News:


Another "natural mummy"—the sixth so far— has emerged in Iran's Chehrabad Salt Mine, archaeologists say.

The individual, who was naturally mummified by the preserving properties of salt over the past 1,800 years, was recently exposed when heavy rains pounded the salt mine.

The functioning mine is located in the Hamzehlu region near Zanjan, a northwestern Iranian province.

Scientists believe the man was a Roman Empire-era salt mine worker killed by falling rocks during an earthquake.

More here.

Disturbingly Off Beat: Private Contractors Outnumber U.S. Troops in Iraq

T. Christian Miller writes in The Los Angeles Times:

The number of U.S.-paid private contractors in Iraq now exceeds that of American combat troops, newly released figures show, raising fresh questions about the privatization of the war effort and the government's capacity to carry out military and rebuilding campaigns.

More than 180,000 civilians — including Americans, foreigners and Iraqis — are working in Iraq under U.S. contracts, according to State and Defense Department figures obtained by The Times. Including the recent troop surge, 160,000 soldiers and a few thousand civilian government employees are stationed in Iraq.

The total number of private contractors, far higher than previously reported, shows how heavily the Bush administration has relied on private corporations to carry out the occupation of Iraq — a mission criticized as being undermanned.

More here.

Quote of the Day: Dan Froomkin

"All of this means that Bush's decision yesterday to commute Libby's prison sentence isn't just a matter of unequal justice. It is also a potentially self-serving and corrupt act."

- Dan Froomkin, writing in The Washington Post.


After Attacks, U.S. Government Sending Team to Estonia

Robert McMillan writes on InfoWorld:

Two months after much of Estonia's online infrastructure was targeted by an online attack, the U.S government is sending cyberinvestigators to help the Baltic state better understand what happened.

A representative from the U.S. Department of Homeland Security's US-CERT (U.S. Computer Emergency Response Team) division is heading to Estonia this week to help analyze the large volume of data that was generated by the attacks, said Gregory Garcia, assistant secretary for cyber security and telecommunications with the DHS. "We are sending someone from our organization ... to help them with forensic analysis and to do some additional training on how to secure their infrastructure," he said.

Additionally, a member of the U.S. Secret Service will be there to help with training on incident response and computer crime investigations, according to a DHS spokesman.

More here.

Security Check: California Tries to Hack into Voting Machines

An AP newswire article, via The Sacramento Bee, reports that:

In a room so secure that even Secretary of State Debra Bowen can't enter without an escort, a team of state experts is trying to hack into three electronic voting machine systems that will be used in California's first February presidential primary.

The technology professors, computer security experts and computer hackers are trying to prevent any problems similar to those that drew headlines in Florida in 2000 and Ohio in 2004.

"The voters need to feel confident that their votes are being counted," Bowen said.

More here.

Off Beat: Hero of the Day: ABC News

Via ABC News.

A pregnant woman disappears. Police suspect foul play. Soon, the national media spotlight focuses on the small city of Canton, Ohio, as reporters, lights and camera crews descend on the town.

Some deaths, like the recent murder of 26-year-old Jessie Davis in Canton, seem to hold the nation transfixed.

Police now say Davis, who was nine months pregnant, was murdered June 14. Like that of Laci Peterson, Davis' case has become the stuff of talk show fodder and 24-hour-cable news alerts. About 750 people attended her funeral this weekend.

It's not always like that. Last year, there were more than 16,000 homicides in the United States. That's an average of about 45 people killed every day, nearly one every half hour.

Much more here.

Corporate PC Users Are The Weakest Link

Ian Williams writes on vnunet.com:

Corporate computer users have a cavalier attitude to IT security in the workplace, a new report claims.

The warning comes from security firm Trend Micro in a new study into corporate end-user experiences and perceptions of security threats.

The study tracked responses from 1,200 corporate users across the US, the UK, Germany and Japan and compared them to analysis from Trend Micro's global threat research network and a similar study in 2005.

More here.

MPack Malware Exposes Cheapskate Web Hosts

John Leyden writes on The Register:

Poor configuration of Apache servers allowed multiple websites hosted on the same physical server to become infected in last month's Mpack compromise.

An analysis by security researchers at the SANS Institute's Internet Storm Centre reveals that only one of the websites hosted on a machine needed to contain a vulnerable PHP script to infect all the sites hosted on systems, in cases where Apache permissions were improperly configured. Often the root cause of the problem is when hosting firms skimp on hardware needed to add an extra layer of protective virtualisation.

More here.

EU Sex Scenes Clip Stirs Controversy

Helena Spongenberg writes on EU Observer:

An EU video clip of sex scenes and orgasmic cries in European movies has led to a series of complaints, but Brussels is defending its newest communication tool.

A couple tearing off each others' clothes marks the beginning of the clip which shows 18 different couples making love.

It is the most popular video viewed on the European Commission's recently opened YouTube channel – EUtube – with over 120,000 views so far. That is almost 100,000 more viewings than the second most viewed video about EU humanitarian aid.

More here.

ISPs Spying on Customers' Internet Activities, Inserting Ads in Web Pages

Scott Bradner writes in NetworkWorld:

Once upon a time ISPs just transported packets of information from place to place without looking at them other than to find out where they should go. Of course that could not last. Now a company is selling ISPs a device designed to spy on customer traffic, track preferences and insert specially selected ads during Web surfing.

Start-up NebuAd seems to be trying to put all ISP-related, bad network-behavior into a single box. It is trying to sell a device that, according to its Web page, will “analyze and act on consumer behavior” in order to develop a “keen insight into a consumer’s dynamic, Web-wide behavior.” Basically, the device spies on traffic to try to determine the “demographics, geography, life style and interests” of individual customers.

More here.

Manage Your BT Account Insecurely Online

Via heise Security News.

Two independent sources that wish to remain anonymous have reported to heise Security that BT's online account management service has a serious flaw. Apparently, anyone in possession of basic information available from a printed phone bill can create a profile from which they can inspect and manage your telephone account, even if you already make use of this service yourself.

A profile can be created merely by providing a user name, password and email address. Although the structure of the email address is validated, no check is made (e.g. by an emailed mandatory confirmation code) that the email address is real. However, it gets worse. Having created a profile, it appears that any telephone service account can be added to it merely by entering the phone number and the BT account number, both of which appear on every printed bill. No check is apparently made whether another profile already exists with access to the given account information, or even that the profile user name matches the billing account name.

More here.

Fidelity National: 2.3M Records Containing Credit Card, Bank Account Information Stolen

Via CNN.

Fidelity National Information Services, Inc. , announced today that its subsidiary, Certegy Check Services, Inc., a service provider to U.S. retail merchants, based in St. Petersburg, Florida, was victimized by a former employee who misappropriated and sold consumer information to a data broker who in turn sold a subset of that data to a limited number of direct marketing organizations.

The misappropriated information included names, addresses, and telephone numbers as well as, in many cases, dates of birth and bank account or credit card information. Approximately 2.3 million records are believed to be at issue, with approximately 2.2 million containing bank account information and 99,000 containing credit card information. The company is still investigating the time period over which the misappropriations occurred.

More here.

(Props, Pogo Was Right.)

Monday, July 02, 2007

SunRocket Drops a Fourth of Its Staff

Kim Hart writes in The Washington Post:

SunRocket, an Internet-phone-service provider in Vienna, laid off about a quarter of its workforce -- about 30 employees -- on Friday in an effort to reduce expenses as its subscriber growth shows signs of tapering off.

The three-year-old start-up was one of the pioneers of Internet phone technology and quickly attracted customers with its inexpensive calling plans. With 206,000 customers, SunRocket is the second-largest stand-alone Internet-phone-service provider behind better-known Vonage. But SunRocket's growth has slowed in recent months as it battles giant cable companies.

As I've been saying for several years, if you don't own the infrastructure or the "last-mile", you will lose in the VoIP market end-game...

More here.

Gapingvoid: Company Hierarchy

Via gapingvoid.com. Enjoy!




When Calling 911 Fails: 'Not Our Jurisdiction'

Via NBC11.com.

NBC11 has obtained a series of calls between emergency dispatchers in Oregon that show the collision involving a California priest and an East Bay coroner was immediately reported to 911 dispatchers.

A man who identified himself as Doug Selby called 911 saying that he witnessed a red compact car drive off of Highway 26 apparently minutes after Cheryl Gibbs, from Alameda, and the Rev. David Schwartz, 52, of Orange County, went missing June 8.

Selby said the car was headed east and veered off of the roadway. He said the car was no longer visible. He said he did not stop because he wanted to get to a phone as quickly as possible.

The fire dispatcher then called both Seaside and Astoria County dispatchers who both claimed the accident report was not in their jurisdiction.

More here.

Irony Alert: DHS to Move into Former Insane Asylum


Michael Hampton writes on Homeland Stupidity:

Preservationists are questioning plans by the Department of Homeland Security to move into the west campus of St. Elizabeths Hospital, a former lunatic asylum.

DHS plans to spend $3 billion restoring the 176-acre, 61-building campus, which at its peak held 7,000 mental patients, and completing its move in 2013.

More here.

Image source: Wikimedia

Defense Tech: Irony, Situational Awareness, and Farce

The Robot Economist writes on The Arms Control Otaku:

So I was stuck representing the Army at a Department of Defense-wide meeting hosted by the Office of the Secretary of Defense all day today. We were talking about a currently contentious piece of security cooperation policy.

As one might expect, the meeting quickly degenerated into a bland war of words over bureaucratic turf, but I did notice one thing: Even in a community that is as abstracted from the soldiers in the field as security cooperation policy, the cultural stereotypes about different DoD components still hold true.

More here.

U.S. Toll in Iraq

Via The Boston Globe (AP).

As of Monday, July 2, 2007, at least 3,583 members of the U.S. military have died since the beginning of the Iraq war in March 2003, according to an Associated Press count. The figure includes seven military civilians. At least 2,942 died as a result of hostile action, according to the military's numbers.

The AP count is six higher than the Defense Department's tally, last updated Monday at 10 a.m. EDT.

More here.

And as always, cryptome.org keeps a very, very extensive list here, as does the Iraq Coalition Casualty Count website here.

Reverse Offshoring: A New Trend In Silicon Valley?

Thuy Vu reports on CBS5.com:

Like.com is a search engine company in San Mateo that lets you find pictures of similar products on the web. But like.com is doing something once considered unlikely.

It has shut down its engineering center in Bangalore, India.

"The engineering is what we've moved back here completely now," said CEO Munial Shah. "Another set of positions we've eliminated there and now we're hiring here."

That's right. Jobs once outsourced to India now moving back to Silicon Valley.

Why? Engineering labor costs are skyrocketing in India. Two years ago, an engineer's salary there was about $25,000 a year. Now, it's $75,000. That's about 75 percent of what the average engineer makes in the U.S.

More here.

Hero of the Day: Mika Brzezinski




Via TruthDig.

MSNBC’s Mika Brzezinski strenuously objected to covering Paris Hilton’s legal woes as a lead story, so much so that when her producer (and the teleprompter) refused to budge, she first tried to burn, then tore and shredded the copy.

Here she explains her revolt: “I just don’t believe in covering that story, especially not as the lead story in a newscast when you have a day like today.”

My hat is off to you, Mika.

More here.

'Electronic Jihad' Application Offers Cyberterrorism For The Masses

Larry Greenemeier writes on InformationWeek:

Although cyberterrorism has been around since the Internet reached the mainstream more than a decade ago, a relatively new Web-based application offers Islamic jihadis a way for even the relatively nontechnical to target and attack Web sites perceived to be anti-Islamic.

The "Electronic Jihad Program" is part of the long-term vision jihadi Web site Al-jinan.org has to use the Internet as a weapon, something that affects any organization that relies on the Web.

Electronic Jihad allows users to target specific IP addresses for attack in order to take any servers running at those IP addresses offline. The application even includes a Windows-like interface that lets users choose from a list of target Web sites provided via the Al-jinan site, select an attack speed (weak, medium, or strong), and the click on the "attack" button.

More here.

DHS Looks to Get Its Cyberhouse in Order

Jason Miller writes on GCN.com:

Homeland Security Department officials are counting on system consolidation to help solve some of the cybersecurity shortcomings that got a recent airing on Capitol Hill.

On the heels of a report by the Government Accountability Office that found “systemic and pervasive” problems with DHS systems, members of the House Homeland Security Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology, grilled DHS Chief Information Officer Scott Charbo at a hearing on the state of the agency’s cybersecurity.

“Information provided by DHS suggests that the CIO is failing to engage in defensive best practices that would limit penetrations into DHS networks,” said Rep. Jim Langevin (D-R.I.), subcommittee chairman. “The department’s failure to implement the Einstein program, contracts with Sprint and MCI where the carrier has misconfigured the firewall, and other problems are quite disturbing.”

Charbo said the agency’s cybersecurity posture is getting better but could not answer many of the questions about the problematic configurations of DHS’ systems.

More here.

Judge Dismisses New York Times Lawsuit Against DoD

An AP newswire article by Deepti Hajela, via The Boston Globe, reports that:

A federal judge has dismissed a New York Times lawsuit against the Department of Defense and the Department of Justice, saying classified documents the newspaper was seeking under the Freedom of Information Act were properly withheld.

The Times sued the two departments in federal court in April 2006 over their refusal to hand over documents connected to the government's warrant-free wiretapping program.

In a decision filed Thursday, U.S. District Judge Richard M. Berman said the government was justified in not handing over classified material because it fell under exemptions to the Freedom of Information Act, including attorney-client privilege and presidential communications privilege.

More here.

Apparently Widespread AT&T EDGE Network Failures - UPDATE

Lauren Weinstein:

There have apparently been widespread failures of AT&T's EDGE phone data network today, on the first business day following the iPhone activation blitz.

At least the Central and Western U.S. areas (including here in Los Angeles) reportedly have been (and apparently are still being) affected. Some users have seen sporadic periods of operation, followed by failures. In the case of my own EDGE (not an iPhone) unit, I finally had a brief period of full data operation a few minutes ago (after being down since this morning), but have now lost the network completely again.

In some cases, users' phones are able to "login" to the network but then cannot transfer data. In other cases, the login procedure is also failing.

More here.

I will provide updates here when I run across any. Watch this space. - ferg

UPDATE: 18:20 PDT: Jason Chen over at Gizmodo points to an AT&T user forum that confirms the outage(s). More here.

Update [2]: 18:30: More details surface here and here.