User:AlMac/News

From Cyberlaw

Jump to: navigation, search

Here are news stories where Al sees some story that seems very relevant to the kinds of topics recently discussed by the Harvard Law students, or by the faculty on this Wiki. This is now up to 50 k when 20k is a more friendly page size, so AlMac tentatively plans to move some sections to subsets of this url.

Contents

911 dying of old age

  • Title: 911 dials IP technology
  • Source: CNet

911 statistics

Phoning 911 is using 30 year old technology, extremely vulnerable in a crisis, as we saw during Hurricane Katrina. Out of 3,100 counties in USA, 121 don't even have basic 911, while 225 don't have enhanced 911.

An AlMac pal found interesting in the article: "current 911 networks use 30-year-old technology that recognizes only voice calls."
He remembered that, "the break-up of the old AT&T had considerable press stating it needed to be broken up because its monopolistic hold on telecommunications was prohibiting innovation".

Well yes, AlMac remembers we all had same color rotary dial phone, and phone lines that computers could use at 300 baud (not kilobaud), because AT&T thought that was all we needed. Howver, 911 is constrained by both the marketplace, and government regulation. AlMac suspects the latter has much to do with standardization ad historical levels. AlMac 21:59, 12 February 2006 (EST)

Alerts

Various places on the Internet provide alerts you can subscribe to for free, to warn of serious risk to us all, you in particular.

  • http://www.EmergencyEmail.ORG provides information about serious weather coming your way, changes in National Terror alert color coding & why, links to state and federal resources in case of emergency. You can subscribe for free to warnings about one particular county of choice in the USA. Subscribing to info about a second county costs $
  • http://catless.ncl.ac.uk/Risks/ is a starting point for risks to the general public thanks to brain dead applications of technology.
  • Subscribe to the National Cyber Alert System = news of patches to fix problems that should not have existed in the first place, most of them in popular Microsoft systems
  • Subscribe to e-summaries of Security In the News.
  • Subscribe to updates on the latest Urban Legends from http://www.snopes.com/
  • I subscribe to several lists hosted by Yahoo ... you can drill down Yahoo directories by subject matter to find those that interest you.
    • Not so long ago, with the launching of the new currency in Europe, the Euro, it became important to many companies software to be able to handle that, which is what led me to subscribe to Praxis, also online at http://www.sysmod.com/praxis/prax0602.htm which in more contemporary times has a lot of coverage of stuff that can go wrong with how businesses use Excel. Briefly, it is a way that any person can do like software development, but testing, that the content is correct, is pretty much for the birds, a joke in many companies that run on the data as if it was correct.

Auctioning Nazi memorabilia vs. Hate e-speech

  • Title: Yahoo!'s free speech suit dismissed by US court
  • Source: Silicon.com

French law, US servers

Biotech in the News

AlMac came here because of Cyberlaw invitation, but got interested in the content, and hung around, recognizes the desired content shifts as the main classes move to different subjects.

Abortion Drugs

Controversy in Australia. [1]

Alzheimer

Biotech may be the answer to early detection and cure for this horrible affliction of the elderly, with approx 15 million victims world wide, not counting what it does to families of the victims. [2]

Agriculture

In the US, about 45 percent of maize, 76 percent of cotton, and 85 percent of soybeans are genetically altered. This resists insects and disease, thus increasing productivity, reducing costs, and producing safer food results. China is working on genetically altering rice to increase the vitamin content.

Biotech in Cuba

Due to US history with Fidel Castro, we in US not get to see much news from there, but according to [3], Cuba is one of the leaders of the developing world in Biotech research, with approx 400 patents. Switzerland investing in Cuba, despite Cuba bad record on human rights. Naturally other communist nations, such as China, are also heavily involved in Cuba's biotech industry. [4]

Cloning

  • Cloning is controversial, more so in USA than other nations, like Britain, which have made great advances in it.
    • BRITISH women may donate eggs solely for cloning experiments intended to develop new therapies for diseases such as Parkinson’s and diabetes.

India is hiring

Skills Crunch

Medical Ethics

  • Reform may be needed, according to the LA Times because financial ties between physicians and drug and device vendors are undermining scientific integrity and patient care.
  • There's also an issue with possible conflict between doctor responsibilities, and the medical insurance industry. [5]
  • Forbes report on UN ciriticism of "medical ethics" allegedly lacking in US treatment of prisoners in the War on Terrorism.

Parents pre-select attributes of embryo

Choose sex of the newborn. What will be the impact on population growth in nations that devalue women, when they have no female babies?

Plastics

Fast food restaurants will now be using the world's first natural biodegradable plastic, thanks to biotech. [6]

Religious Faith vs. Science Ethics

[7]

Romania bans Monsanto gene-spliced soybeans

Europe's biggest soybean producer was bought by Mondanto a decade ago. Now Romania has banned gene-spliced soybeans that Mondanto has been producing. [8] There is a potential problem.

  1. Company makes "natural" food.
  2. Company switches to genetically engineered products.
  3. Government bans the enhancement.
    1. Can technology even undo the biotech additions ... how do they purge the fields of the stuff?

Stem Cell Hwang Schatten cloning controversy

What's going on here?

  • There are severe restrictions in the USA, making it very difficult to do certain types of research, so scientists, seeking to do that kind of work, need to collaborate with scientists in other nations, which might not share USA's strict ethics standards.
  • Other nations have lower standards for drug trials. The National Institutes of Health (NIH) did a study of the AIDS drug nevirapine in Uganda which violated US patient safety rules.
  • South Korean Hwang is suing US collaborator Prof. Gerald Schatten, who is insisting on his right to a stem-cell technology patent, co-authored with Hwang.
  • Seoul National University seeks to get the patent canceled, claiming the results were fabricated.
  • There was also a relevant report in the journal Science.
  • Schatten, a researcher at University of Pittsburgh, allegedly can make cloned monkey blastocysts, which is on the path to creating the first primate clone.

[9], [10], [11], [12]

United Nations

  • UNESCO's General Conference the "Universal Declaration on Bioethics and Human Rights." [13]

Venture Capital available

  • Fund for Biotech agricultural research [14]

WTO food fight in Europe

WTO = World Trade Organization, which is like the Supreme Court for the UN, where nations with trade disputes can settle their differences.

Some European consumers scornfully call the products of genetic engineering in agriculture as "Frankenstein food" and do not want to eat it, demanding that their legislatures insis that such food be labeled so that they can choose the natural kind. Christian Science Monitor

The USA wants no such labeling. Many US exports are banned by foreign nations due to this labeling dispute. Identifying what food is affected and what is not, may not be practical, because plants in one farmer field get the stuff, then the wind blows it to the farm next door. Since the stuff is licensed to only the first farmer to use, the second farmer can be held legally liable for what the wind brought to his crops. [15]

The USA, Canada and Argentina took the European Union to the WTO for suspending approvals for biotech products. The WTO ruled that Europe's ban on genetically modified organisms (GMOs) to be a violation of global trade laws. Several European nations are in defiance of this WTO ruling. [16]

Blackberry Workaround

Research In Motion (RIM) released a software update designed for BlackBerry e-mail as a backup plan in case U.S. courts rule against the Canadian company in the patent dispute.

Blogger sued for Defamation

  • Title: Minnesota political blogger sued for defamation
  • Source: Brainerd Dispatch

ap story

Chip Wars

Intel / AMD competition to deliver more poser from less electricity supporting more concurrent operations with better performance (are we getting close to physics ceilings of Moore's Law?).

  • Source: http://www.mbtmag.com/ Manufacturing Business Technology magazine (registration required for accessing individual articles) article titled Users stand to win as Intel-AMD chip wars enter a new era.

Church Fires

We have another epidemic of Churches in the south getting burned down, probably by arson.

  • Clue: Fingerprint(s) left on door of Morning Star Missionary Baptist Church in Boligee, that the perpetrators had to bust down to get inside to set their fire, says CNN.
  • Court TV reports on the appearance of some suspicious characters that law enforcement is seeking. They were seen near arsoned churches at about the time the events happened.
  • Racism probably not the motive, says Christian Science Monitor, because both white and black churches targeted. But nationwide, there are 15-20 churches burned down each week. The article has Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF) statistics on nabbing some perpetrators, but no apparent consistency in their motives.
  • The nine churches, recently burned in rural Alabama, were all Baptist churches, says The Crimson White of University of Alabama. Most of the arson used the same MO pattern of kicking in a door, then fire started in either the pulpit or the choir area.

Coal Mine safety lacks teeth

USA Today reports that coal companies pay the smallest fines of any industry for safety violations, or any other industry violations such as SEC violations, indecency on TV, consumer product safety, EPA, and even OSHA. This is partly due to the coal companies hiring armies of lawyers to get the fines reduced in size, and the judges going along with this.

Communications Act

A new law just passed and signed by President Bush.

  • Title: Perspective: The erosion of anonymous Internet speech
  • Source: C-Net News

Communications in a Disaster

  • 9/11 recovry efforts in New York were hampered by the degree to which the World Trade Towers housed communications relay and the city of New York emergency coordination center. Also police and fire fighters unable to inter-communicate.
  • Katrina recovery was severely undermined due to communications dependency on communications support infrastructure that was wiped out by the storm.

First Responders, and their support, are evaluating how to prevent this history from repeating in the next major natural or terrorist disaster.

  • Title: NOPD: Communications Unprepared for More Disasters
  • Source: EWeek.com

Computer Errors leading to Law Suits =

Other relevant stories elsewhere in here.

Computer Security Education

  • March 30-31 seminar in Los Angeles on investigating computer-related cyber crime,electronic fraud, information warfare/operations, cyber-terrorism, and cyber extortion, seminar organized by Computer Security Institute (CSI) details Main areas:
    • Types of cyber conflict that can impact an organization
    • How to prepare to investigate digital incidents, while keeping operational systems on line as much as is practical
    • How to survey types of offensive cyber weapons, as well as investigative tools to discover their effects
    • How to conduct various types of digital investigations

Contact Form on a Web site

If you have a contact form on your web site for people to send e-mail to either the web site owner, or to some of the web site users, such as contributors, you might ask your tech support to check out the problem link below to see if you are vulnerable to this.

Normal Intent: a visitor to a web site can send an e-mail to someone associated with the content of the web site, and everyone's e-mail addresses are protected.

Abuse: As described below, there is a risk that someone will use the contact form, to trick the software into becoming a relay for spam and other badware, with BCC to report a successful breach, and in turn, compromise other hosts.

Details of the Problem

Cookies Cross-site infection

  • Title: Browsers face triple threat
  • Source: .

Techworld

DHS = Department of Homeland Security

DHS Ethics Management problems says GAO

Homeland Security: DHS Needs to Improve Ethics-Related Management Controls for the Science and Technology Directorate. GAO-06-206, December 22. http://www.gao.gov/cgi-bin/getrpt?GAO-06-206

DHS lacks Cyber Security says IG

There have been a number of news stories with comments from Congresspersons about DHS (Department of Homeland Security}'s lack of good computer security expertise or implementation, according to the Inspector General.

Disaster Denial

According to http://www.mbtmag.com/ Manufacturing Business Technology magazine (registration required for accessing individual articles) article titled Companies in denial about disaster recovery

  • 1,200 US Businesses surveyed
  • 30% have no firewalls, intrusion protection, or password authentication
    • The article did not say if perhaps they not have a computer either
  • 40% have no off-site backup, or disaster recovery plans, saying they don't need any
  • 65% reported disaster-related business disruption)s)
    • 16% of those losses were $100,000 to $500,000 per day
  • Note that some Operating Systems, such as AS/400, are so secure that there is less need to buy add-on security.

DoD = Department of Defense

DoD Data no good says IG

  • Title: IG critical of DOD IT
  • Source: Federal Computer Week

consequences

GAO on US Navy Readiness

Military Readiness: Navy's Fleet Response Plan Would Benefit from a Comprehensive Management Approach and Rigorous Testing. GAO-06-84, November 22. http://www.gao.gov/cgi-bin/getrpt?GAO-06-84

Pentagon Wish List

The latest Quadrennial Defense Review has placed a high emphasis on what computer technology does for the Department of Defense, what it can do in the future, and the importance of budgeting more funds for Cyber Defenses. It remains to be seen whether their wishes will end up in the official US budget process.

  • Title: In QDR, Defense focuses on combating cyberthreats
  • Source:

Government Computer News

Remember that the USAF asked for funds for planetary defense for decades before Congress granted any budget for this topic that many administrations had considered to be a Science Fiction Joke.

Education News Topics

Most of the topics selected for this page are based on what seems to be covered in the cyberlaw classes, if I see something that might be very important to students in general, I might add links to that also.

Dartmouth Students e-surveiled

The police are monitoring what students put on Facebook, to identify crime suspects.

  • Title: Police use Facebook to make arrests
  • Source: The Dartmouth

Disabilities Education Act

Education Should Provide Additional Guidance to Help States Smoothly Transition Children to Preschool. GAO-06-26, December 14. http://www.gao.gov/cgi-bin/getrpt?GAO-06-26

Financial Literacy

US Comptroller General joins American Certified Public Accountants (CPAs) in US National Financial Literacy Initiative.

  • The American Institute of Certified Public Accountants (AICPA) announced 360 Degrees of Financial Literacy, a national public education campaign.

WHO:

  • The Honorable David M. Walker, Comptroller General of the United States and Head of the General Accounting Office
  • S. Scott Voynich, Chairman of the American Institute of CPAs
  • Barry C. Melancon, President and CEO of the American Institute of CPAs

WHY: Americans' need for increased personal financial literacy is illustrated by high bankruptcy rates and credit card debt, a low savings rate, sometimes even negative savings rate, and inadequate planning for retirement, education, health care, and the economic challenges facing our nation.

Several speeches have been given on this ... see if you can get a transcript.

U of Texas Spam vs. Freedom of e-speech

  • Title: U of Texas E-Mail Ban Upheld
  • Source:

Wired News

Electronic Law

Many aspects of the legal profession and people's access to the law, and legal documents, are moving on-line.

e-court filings now in Alabama

[http://www.fcw.com/article92320-02-13-06-Web&RSS=yes Federal Computer Week]

e-Lawsuit by e-mail is not Spam ?

  • Title: High Court (in Britain) approves service of a lawsuit by email
  • Source: The Register (in Britain)

the story

e-notary

  • Title: Pennsylvania adopts e-notarization
    • Notaries administer oaths and witness the signing of documents, and this now will include the on-line world in Pennsylvania. Let's hope with good computer security.
  • Source:

Federal Computer Week

e-testimony and the 6th amendment

  • e-testimony is when the witness is not in the courtroom, but is testifying electronically
  • the 6th amendment has to do with the right of the accused to face one's accuser, and have one's lawyer cross-examine the wintenss
  • The United States Court of Appeals, 11th Circuit, has overturned the conviction of an alleged illegal Internet activity because of witness testimony from another nation electronically. The witnesses were beyond the reach of US courts, so they included what they could get, but perhaps this violated the 6th amendment rights of accused. [17]
    • AlMac learned from news media coverage of the Aruba case that when you can't extradite someone from another nation, such as in a civil case, the accused can thumb their noses at domestic court system, so long as they stay outside the USA, then a court can find them guilty in abstentia.

FBI Computer Crime Survey (for 2005)

  • Title: FBI says attacks succeeding despite security investments
  • Source: SearchSecurity

"Computer related crime is the third-highest priority in the FBI, above public corruption, civil rights, organized crime, white collar crime, major theft and violent crime."

tech story

FCC 2005 Identify Theft statistics

More than 255,000 identity theft complaints reached the FCC in 2005, which is more than 1/3 of all fraud complaints that they go, and the single highest category of complaint.

  • Title: ID theft tops list of fraud complaints
  • Source: C-Net News


Fraud Prevention

Future Lawyers may be interested in trends of what their clients need to be on the look out for.

Small to Medium sized Enterprises

Free 28 page 198K PDF European Federation of Accountants guide (Info source Praxis)

GAO = Government Accountability Office

This government agency investigates the rest of government, and more, on behalf of Congress, issuing reports that are usually open to the general public. Access the GAO web site to search for what they have found, looking into the topics and agencies of interest to you. Subscribe to announcements of linkst to finished investigations. http://www.gao.gov.

GAO highlights of 2005

U.S. Government Accountability Office: Performance and Accountability Highlights, Fiscal Year 2005. GAO-06-2SP, January 2006. http://www.gao.gov/cgi-bin/getrpt?GAO-06-2SP

GAO on Aviation insecurity

The ideal system

  • Catch the bad people
  • Do not unduly delay innocent travelers
  • Have competent ways for false positives to be removed
  • Respect the privacy of innocent travelers
  • Block access to the data base so that hackers working for the terrorists are not able to sabotage it
  • Use biometrics in such a way so that it is not practical for a terrorist to assassinate legitimate passengers, then get on board, masquerading as the good guys.
  • Get info that will help the system work, that does not violate the laws in other nations where US airlines operate, so that they do not have to make a choice between obeying US law, and obeying other nations laws, or violating one to be in compliance with the other.

We are far from an ideal system. Most all of the above bullet points reflect goals, rather than successful implementation.

Aviation Security Testimony: Significant Management Challenges May Adversely Affect Implementation of the Transportation Security Administration's Secure Flight Program, by Cathleen A. Berrick, director, homeland security and justice, before the Senate Committee on Commerce, Science, and Transportation. GAO-06-374T, February 9. http://www.gao.gov/cgi-bin/getrpt?GAO-06-374T Highlights - http://www.gao.gov/highlights/d06374thigh.pdf

News coverage [18]

GAO on Domain Fraud

Many people, including me, have commented extensively on this GAO analysis, that we think is a good start, but horribly flawed, due to a lack of vision into the reasons why many innocent people seek to avoid being harrased on the Internet, and thus habitually do not cooperate with registration schemes.

  • Internet Management: Prevalence of False Contact Information for Registered Domain Names. GAO-06-165, November 4.

http://www.gao.gov/cgi-bin/getrpt?GAO-06-165

Hurricane Assistance from our government

FEMA's Weaknesses Exposed Gov to Significant Fraud and Abuse, GAO Feb testimony to Senate Committee on Homeland Security and Governmental Affairs. GAO-06-403T,Highlights

IBM analyses 1 billion 2005 security events

  • Title: IBM Predicts 2006 Security Threat Trends
  • Source: EWeek.com

[http://www.eweek.com/article2/0,1759,1913864,00.asp interesting story] about the IBM Security Threats and Attack Trends report.

An IBM commisioned survey of 700 adults found that most people today are more fearful of cyber crmine than physical crime. Techworld atticle

ID checks are constitutional

If you are just minding your own business, and not suspected of any crime, can you refuse to identify yourself to law enforcement?

According to a CNet article, the 9th US Circuit Court of Appeals ruled that a an airline passenger may refuse to identify self, and in turn, may be refused access to aircraft on those grounds.

Internet Access Equality of Freedoms

When are we better off with regulation vs. deregulation? Currently the telephone industry is regulated, while the Internet is not. Congress is debating combining the two industries from a regulations or deregulations perspective.

  • Deregulating public utilities opened the door to scandals that mushroomed California energy costs.
  • Deregulating the Airline industry helped contribute to 9/11, because they were able to block security measures as being too expensive.
  • Deregulation can mean no more service for small communities and rural areas, because it is not profitable.
  • Regulation can mean innovation is stifled. See the news above about 911 emergency phone service.
  • How easy is it for competitors to have a merger spree and become monopolistic?
  • Is the public well served by having media conglomerates that own all newspapers, radio, TV broadcasters, in some community?
  • When we try to make a phone call, and get "all circuits are busy", whose fault is it that infrastructure has not kept up with demand?
    • Should computer users of a phone line all day, pay more than people who use it intermittently for occasional voice calls?

Compare the Internet to Cable TV.

  • There are content providers who want to be reimbursed financially for their copyrighted creations.
  • There are companies that provide wires, satelite, broadcasting stations, that want to be reimbursed financially for making an infrastructure available, through which people can connect to the content.
    • The Open Source, Public Access concept, of the ability to connect being like a public highway available to everyone to use, has been losing ground.
  • Content providers and infrastructure providers are in a battle, in the arena of government regulation, to gain the upper hand against each other, and in the process, any third interest can get trampled, such as decency, suitable programming for kids, don't target youngsters with advertisements.
  • Now apply that battleground to the Internet. Interests that can make money off the infrastructure, want to limit its use by open source free enxchange by interests that are outside of the profit motive.
    • Is it Ok for your ISP to block your access to Google, Yahoo, Wiki, whatever they choose to block your access to, and charge you fees for the privilege of being able to connect?
      • It is Ok for Cable TV providers to do that. Some can refuse to supply access to C-Span 3 for example. Some Content providers refuse access to some channels to some Cable TV providers, unless they also carry certain other content, or stop carrying some competitor content.
      • Many private corporations and schools now do block their employees and students from access to sites deemed inappropriate.
      • Parents can get systems to block their kids access to inappropriate sites, such as porn. (The systems are not very good ... want to permit access to anatomy education, but block access to sites using similar words?)
      • China and other nations recently in the news because they are getting western computer and internet companies to block access to some sites for all their citizens.

Who owns content that gets placed on the Internet?* Many Internet users dimly understand the law or netiquette.

    • Can anyone do what they wish with content accessible over the Internet? (No)
    • Can people be held accountable for using something they found on the Internet? (Yes)
  • Who does your e-mail belong to?
    • You?
    • Who you send it to?
    • Moderator of forum where you post it.
    • ISP that hosts archives.
    • ISP which acts as a common carrier to transmit e-mail between sender and recipient.
    • Compare to concept of voice communications capable of being stored by ma bell, or some gov agency like NSA, for computers to search audio for some key phrases, intended for Homeland security, but also be a hunting ground for hackers seeking spam victims.
      • Is the data, involved, just too massive for any computer system to store?

Should access to the Internet be constrained, and if so how?

  • How should Internet backbones be financed?
  • Impose high tax rate on Internet infrastructure because it has grown too much, there is a need to undermine future start-ups, so as to let monopolies get control
  • Some classes of people, such as lawyers have better access, while others, such as Students, be more limited
  • Do it strictly on money, pay more $ get better access
  • Government guarantee equal minimum standards at set prices, like access to telephone and snail mail in rural areas
  • Use the Cable TV model that tries to balance the desires of both the content providers and the local suppliers
  • Place an Internet tax on most popular sites, such as Porn, to pay for Education services, like in the physical world, taxes on gambling help support the schools

The traditional rules, that many of us are accustomed to, are at risk of being changed again along lines shaped by the above debate issues

  • Title: Net neutrality
  • Title: Competition for Connections
  • Title: Vint Cerf condemns two-tier internet
    • Source:

The Register in Britain

  • Title: Politicos divided on need for 'net neutrality' mandate
    • Source:

C-Net News

Internet Privacy NOT

If you think you have privacy on the Internet, then you are living in a fantasy world. Anything you post, as a child, on the Internet, can come back to haunt your career decades later.

Search Engines track their users

This may revolutionize electronic discovery. We know what you searched last summer.

Lost World Found

The Economist of Britain reports that scientists discovered a “lost world” of new and near-extinct plant and animal species in the isolated Foja mountains of (Indonesian) western New Guinea.

Manufacturing Law Suits

Lots of lawsuits out there, and growing in numbers, but beware of statistics that average Mom & Pop companies in with industry giants, and do not distinquish between different kinds of cases, such as labor-management disputes, product liability, patent infringement, etc. This growth in litigation has sparked increased interest in

  • Electronic Discovery
  • How long to store what records
  • How long to store e-mail

New York law firm Fulbright & Jaworski survey of US manufacturers found

  • 20% had no record-retention policies
  • 25% had no litigation-hold policies

Source: http://www.mbtmag.com/ Manufacturing Business Technology magazine (registration required for accessing individual articles) article titled e-mail documentation faces corporate counsel

Manufacturing Money

No, this is not about counterfeiting. Where the money is going is a predictor of where new jobs may follow. Sage Software surveyed thousands of their customers on, among other things budget ... where most of their money going.

  1. Marketing (reach new customers)
  2. Salaries (hire better qualified people
  3. Training (make them better)
  4. Technology

Source: Manufacturing Automation Magazine

Property Taxes in Valparaiso Indiana

This is a complicated story of what happens when software is used by people who can make human errors (which is most people), without good checks and balances to catch and fix errors, such as reasonableness checks on the data.

  • They had theoretically replaced the old software with a new system.
  • A human being, who was not authorized to make changes, made a change to the old system, instead of to the new system, and made a keying error of a single code letter.
  • The result was to make a house valued at $122 thousand dollars become appraised in the property tax rolls at $ 400 million.
  • Tax rates for everyone are computed on the basis of the total value of all city properties, so because this one house was wildly inflated, leading to an $ 8 million tax bill, the tax rate for everyone was much less than it should have been, so the city will not be getting the $ needed, so the local government is now laying off people.

[19], Image:Http://www.cnn.com/2006/US/02/10/overpriced.house.ap/index.html CNN

NIST

Computer Security Acronyms

  • CVE = Common Vulnerability and Exposures (dictionary) focuses on Aviation, Defense, Intelligence, Enterprise
  • DHS = US Department of Homeland Security
  • NIST = National Institute of Standards and Technology, a federal agency under US Dept of Commerce
  • NVD = National Vulnerabilities Database (encyclopaedia) developed for DHS
  • Source: http://www.mbtmag.com/ Manufacturing Business Technology magazine (registration required for accessing individual articles) article titled NIST database focuses on software vulnerabilities.

NSA = National Security Agency

NSA known to some humorists as "No Such Agency."

Data Mining Phone Call Records by NSA

  • Title: NSA spy program hinges on state-of-the-art technology
  • Source: GovExec.com

eye opening clarity

Do it yourself (civilian) domestic espionage

There is a way to track, by computer search, the current location anywhere in the world, of any mobile phone. In theory, the phone user can deny permission, but that can be bypassed.

  • Title: Mobile phone tracking, girlfriend stalking and the law
  • Source:

The Register in Britain

EFF sues AT&T for NSA wiretap aid

  • Title: AT&T Sued Over NSA Eavesdropping
    • The Electronic Frontier Foundation (EFF) filed a class action lawsuit, claiming AT&T violated federal law by cooperating with controversial NSA (National Security Agency) wiretap on American citizens. EFF alleges AT&T provided NSA with two databases, metarecords of phone calls and internet use, also actual content of customers' communications.
  • Source: [http://www.wired.com/news/technology/0,70126-0.html

Wired News]

FISA Judge protests NSA Surveillance

  • Title: Wiretapping, FISA, and the NSA
  • Source: Security Focus

http://www.securityfocus.com/columnists/379

Whistle Blower from NSA & DIA

  • Title: Ex-NSA official seeks avenue for sharing new allegations
  • Source: GovExec.com

explosive info to Congress

RFID Standards for China

Manufacturing Automation article on existing standards and challenges of a technology poorly understood by end consumers.

Road e-Spy in Australia

  • Title: Government attacks anti-road safety SMS service
  • Source: ZDNet Australia

link to story

Security and Operating Systems

http://www.mbtmag.com/ Manufacturing Business Technology magazine (registration required for accessing individual articles) article titled How UNIX, Linux, and Windows stack up has some illuminating comparisons

  • Unix and Linux are 3 times more difficult to hack than Windows or Novell, based on a test where hackers were invited to hack 6,000 web sites.
  • The average Windows security flaw is much more severe than the average Linux flaw, based on a study of hundreds of patches and vulnerabilities
  • Security by Obscurity on Microsoft
  • Security by Transparency on Linux
  • Least Priviledge Security on Linux, UNIX, and AS/400 where people get keys to specific doors, not a master key that opens everything
  • Windows intertwines architecture with OS kernel so that a flaw in Explorer can place all other applications at risk. Other OS secure applications so that if any one has a flaw, it cannot contaminate any others.

Conclusions from this article: Today's open source is much more secure than today's proprietory code. I happen to disagree because their article did not consider the AS/400.

I have some additional experience and comparisons of possible relevance. Many companies have flawed security because they want to use software on some Operating System, for which the problem is that for the software to work right, we have to disable many security features of the operating system. The buyers do not demand that the software providers adhere to good security practices.

IBM and Microsoft had a challenge. They both setup their best computer systems with security the way they say it ought to be done. The IBM site had a file with the credit card number of the CEO of IBM. The Microsoft site had a file with the home phone # of Bill Gates. A humongous sum of money was offered to anyone who could get at either number. No one succeeded getting either. Computer engineers watched the hacking attempts and got an education in what was doable, from which they learned stuff to make more secure computer systems in the future.

Security Breaches

2005 has a flood of stories in the news. The coverage was misleading. It is not that this problem suddently happened out of nowhwere, but rather because of California laws mandating disclosure, that were then copied in other states, that a problem, that had been happening all along, came to the attention of the general public. The problem is continuing in 2006. See User:AlMac/News/Security for details, to help this NEWS page avoid being excessively large.

Self Replication

[http://www.managingautomation.com/maonline/magazine/read/6324234 Manufacturing Automation Magazine] column on where we are headed with genetic engineering, nanotechnology, and robotics. Consider

  • Cornell University's self-replicating robot
  • Artificial Life in various books, used by others to implement what is described

Spam and Scams / tips for your protection

  • White List, Black List, and Grey List concepts. See: PureMagic (source

[http://www.sysmod.com/praxis/prax0602.htm Praxis])

  • You need not register your cell phone with the "do not call list". That is an urban legend. [20]
  • You get a phone call from someone claiming to be working in the judicial system, claiming that you are about to be arrested for failure to appear for jury duty. If you give out personal and financial information in an effort to prove the call is to the wrong person, you've just been tricked into giving up this information to an identity thief. [21]
  • You get an e-mail saying you won in some lottery that you never entered. That is a scam whose intention is to steal a few hundred to a few thousand dollars from you. [22]
    • This is not as bad as the Nigerian scam, where you get an e-mail from some crook in some foreign nation (used to be Nigeria, but is now world wide), who needs your bank routing number so they can launder a few million $ and give you a piece of their action. Real intent is to rob you blind. Although honest people are unsympathetic to people with larceny in their hearts who fall for this, the big risk today is some high manager of some corporation falling for it, someone with access to the company's bank accounts, leading to the corporation's assets being drained. [23]

Spreadsheet Auditing

Spreadsheets are well known, in the computer industry, to be major sources of human error, both in the data, and in the cell formulae. Here is a free tool (1.56 Mb PDF) for auditing spreadsheets to locate errors. (Info source Praxis)

Patrick O'Beirne, with Praxis, clarification
  • The PDF is a tutorial on how to use the built-in auditing tools in Excel.
  • He thinks of "tool" as being software. There *is* a free software tool at http://www.xlanalyst.net/

Spyware

In 2005, Spyware became one of the newest big problems facing PC users. The problem continues to escalate.

  • Title: Malware triples in 2005
    • Source: Techworld

[24]

  • Title: Advertisers may face public humiliation (from FTC) over adware
    • Source: C-Net News[25]
  • Microsoft's AntiSpyware Beta 1 is flawed. It thinks some Norton Anti-Virus is spyware, so if people take the Beta 1 defaults, the result is that they no longer have functioning anti virus.

Details.

Sugar Daddy for Legal Expenses

Will this invite more law suits, or taking more risks? After all, when it comes to deep pockets, Microsoft's are the deepest. Plus consider if one company, that has Microsoft as a sugar daddy, sues another company, that has Microsoft as a sugar daddy. Where is the incentive to settle?

According to Information Week, Microsoft Tells Device Makers, "We'll Foot Your Legal Bills" in lawsuits for intellectual property violation, provided you include Windows on your devices. Alleged intellectual property violations included: patent infringement, copyright, trademark.

Supply Chain

Vast numbers of manufacturers are dependent on other speciality places, and delivery times that can be disrupted by hurricanes and other natural disasters, time to cross international borders post 9-11. Aberdeen Group surveyed Supply Chain Risk Management and found most companies are experiencing disruption, but not learning from this to make allowances to protect selves against the next time.

  • Source: http://www.mbtmag.com/ Manufacturing Business Technology magazine (registration required for accessing individual articles) article titled Hurricanes place protective focus on supply chain risk management


US Justice Dept subpoena's the Internet

  • Title: Google's data minefield
  • Source:

Security Focus

US Patent Bottleneck technologically solved

  • Title: Open-source software revolutionises patent system
  • Source: Techworld

article on patent dispute reforms

US Government Financial Report 2005

US Treasury Department posted Consolidated Financial Statements of USA for fiscal year 2005, including Comptroller General David M. Walker, disclaiming opinion on the statements and commenting on the fiscal condition of the nation and financial management issues. http://www.gao.gov/financial/fy2005financialreport.html

VEIL

The Sensenbrenner/Conyers analog hole bill would, among other things, require all analog devices to implement VEIL technology. A lot of people have no idea what this is, so they been contacting the company that makes it, for a copy of the specifications. The company would be happy to oblige, but first you have to buy a $ 10,000.00 license and sign a contract not to divulge the contents to anyone. There's a lot of questions about the bill that cannot be answered without access to the specifications. One wonders if Congress has to have closed hearings to discuss this among themselves, and what this is going to do to the cost of television in the future, More info from:


VOIP

VOIP = Voice over Internet, a way to use Internet connections for regular phone calls, more cheaply than through telcos. This has implications for competition between traditionally regulated and non-regulated industries, availability of 911 emergency phone calls, and loss of privacy, with respect to what types of communications have what protections.

VOIP Port Blocking

The Federal Communications Commission (FCC) ruled last year that Madison River Communications could not resort to port blocking to prevent customers from using VOIP applications. The issue is interoperability where telephone customers want to be able to reach any other telephone # in the world, not be blocked out of some range of phone #s or some community, merely because the phone company there does not like the kind of phone service you now using.

  • Title: VOIP Port Blocking Draws Congressional Interest
  • Source: e-week

VP shoots Lawyer, claims accident

Did you see in the news how US Vice-President Dick Cheney's weekend quail-hunting trip in Texas bagged his lawyer friend?

White Collar Crime and Big Business

White Collar Crime is often associated with upper class people who ought to know that crime does not pay, the risks of getting caught are enormous.

  • Title: Millionaire on hacking charge
    • A billionaire and a team of confederates hacked into medical records for the purpose of gathering information to blackmail the patients.
  • Source:

Times Online

Wiki in the news

Wiki advised for Government Info

  • Title: Researchers recommend Wikis for government information
  • Source: Government Computer News

gcn link

Wikipedia Editors from Congress

Volunteers, contributing to Wikipedia, are from everywhere, including the US Congress.

  • Title: Rewriting history under the dome
  • Source: Lowell Sun

Wikipedia Germany sued by Hacker's Parents

Wikipedia was sued, according to the Wikipedia Signpost story on a law suit brought by the parents of a now deceased Chaos Computer Club hacker known as Tron, whose real name is given in the Wikipedia article, which is an alleged violation of that hacker's privacy. It is somewhat confusing that the German court caused a shutdown of one site, but not a mirror url.

  • Title: German court orders shutdown of Wikipedia
  • Source:

The Register in Britain

Retrieved from "http://cyber.law.harvard.edu/cyberlaw2005/User:AlMac/News"