News Humor Common PC Linux Mac CUCUG
The next CUCUG meeting will be held on our regular third Thursday of the month: Thursday, April 19th, at 7:00 pm, at the First Baptist Church of Champaign in Savoy. The Linux SIG convenes, of course, 45 minutes earlier, at 6:15 pm. Directions to the FBC-CS are at the end of this newsletter.
The April 19 gathering will be one of our split SIG meetings. Keith Peregrine has installed Vista Home Premium Edition on his MacBook Pro and will be showing the Macintosh SIG his set up and relate some of his trials and tribulations in getting it functioning to his liking. PC SIGs is open for anything anyone wants to bring in.
And just a word about this newsletter. I know it's huge. It has a ton of information in it. Some will interest, some will challenge, some will entertain, some are aimed at known member interests. Hopefully these articles will have a little something for everyone. My apologies for the size, but not really. There was just too much good stuff to pass up. Enjoy.
ToC
We'd like to welcome back renewing members Wayne Hamilton, Russell Gillen, Jim Huls and Tom Purl.
We welcome any kind of input or feedback from members. Run across an interesting item or tidbit on the net? Just send the link to the editor. Have an article or review you'd like to submit? Send it in. Have a comment? Email any officer you like. Involvement is the driving force of any user group. Welcome to the group.
ToC
This Saturday, 4-21-07, 8 am - 3:30 pm,Champaign County is sponsoring a Computer/Electronics Recycling Day in the parking lot of Solo Cup North. The details for this event can be found at:
<http://www.co.champaign.il.us/newsrel/rpc070421.htm#pr>
ToC
By Don Dodson
The News-Gazette.com
Monday April 2, 2007
URL: http://www.news-gazette.com/news/2007/04/02/insight_selling_cable_system
CHAMPAIGN - Insight Communications has agreed to sell its cable system in Champaign-Urbana and surrounding areas to Comcast Corp., the companies announced today.
No details were available immediately on what the sale might mean for local customers in terms of prices and programming. Comcast spokesman Rich Ruggiero said it was "way too early" to discuss products and services.
The agreement also calls for Comcast to acquire Insight Midwest cable systems in Springfield, Rockford/Dixon and Quincy/Macomb and the Indiana communities of Bloomington, Anderson and Lafayette/Kokomo.
The transaction's closing is subject to certain conditions, including regulatory approval. The deal is expected to be completed by the end of the year, the companies said.
"We are pleased to be receiving such well-managed systems from Insight," Comcast Chief Operating Officer Stephen B. Burke stated in a press release.
Currently, Insight and a Comcast subsidiary each holds a 50 percent interest in the Insight Midwest partnership. By dividing the partnership, which Comcast inherited when it acquired AT&T Broadband, Comcast will be able to convert its interest in the joint venture from passive investment to direct ownership.
"This has been a great partnership, and we look forward to adding these new customers to Comcast and to begin introducing them to our suite of products and services," he said.
Comcast's cable properties in Illinois are concentrated in the greater Chicago region, serving about 1.3 million customers in the Chicago suburbs and northwest and north central Indiana, Ruggiero said. Comcast has two small franchises downstate in Olney and DuQuoin, he added.
Under the deal, Comcast will gain seven markets in Illinois and Indiana with 1.2 million customers.
Insight will continue to serve - and will own 100 percent of - the cable systems serving the Kentucky markets of Louisville, Lexington, Bowling Green and Covington, plus the markets in Evansville, Ind., and Columbus, Ohio. Those systems serve about 1.3 million homes.
"We have worked closely with Comcast to arrive at this agreement, which both parties agree is a fair and equitable one," Insight Chief Executive Officer Michael Willner said in the press release. "This is a logical split for both companies," he continued. "Comcast already has significant properties in Indiana and Illinois, so it makes sense for them to assume control over the systems in these states.
"Insight will operate a very efficient cluster in Kentucky, where it will continue to be the largest operator in the state, and in neighboring southern Indiana and in Columbus, Ohio," he added.
Insight said it would have no further comment, and calls placed to Comcast were not immediately returned.
Nationally, Comcast has 24.2 million cable customers, 11.5 million high-speed Internet customers and 2.5 million voice (phone service) customers.
The company's networks and investments include E! Entertainment Television, Style Network, The Golf Channel, PBS KIDS Sprout and four regional Comcast SportsNets.
Insight Communications is the ninth-largest cable operator in the United States, serving about 1.3 million customers in Illinois, Kentucky, Indiana and Ohio. It has served the Champaign-Urbana area since 2001, when AT&T Broadband transferred the local franchise to it.
Insight's Champaign district serves more than 54,000 customers in Champaign, Urbana, Savoy, Bondville, Homer, Ogden, Philo, Sidney, St. Joseph, Danville, Oakwood, Fairmount, Fithian, Muncie, Olivet, Indianola, Chrisman and Ridge Farm, as well as a few communities in western Indiana.
Under the agreement, Comcast will be responsible for $1.335 billion of the partnership's debt, while Insight will be responsible for $1.26 billion of the debt.
Comcast expects the new systems to generate about $290 million in operating cash flow.
ToC
Philadelphia Business Journal - 10:49 AM EDT Monday, April 2, 2007
Comcast Corp. and Insight Communications Co. Inc. said Monday that they would split up a partnership that runs cable systems in the Midwest.
The companies will split the 50-50 partnership geographically, with Comcast taking full ownership of systems in Illinois and Indiana and Insight getting systems in Indiana, Kentucky and Ohio, the companies said.
Through the deal, "Comcast will be able to convert its interest in the joint venture from a passive investment to a direct ownership in cash-flow generating cable systems," the companies said in a joint statement.
Comcast is getting systems that serve 684,000 basic video customers, 296,000 digital video customers and 300,000 high-speed Internet customers and that pass 1.2 million homes.
Insight is getting systems that serve 639,000 basic video customers, 325,000 digital customers and 308,000 high-speed Internet customers and pass 1.3 million homes.
"This is a logical split for both companies," Insight CEO Michael Wilner said. "Comcast already has significant properties in Indiana and Illinois, so it makes sense for them to assume control over the systems in these states. Insight will operate a very efficient cluster in Kentucky, where it will continue to be the largest operator in the state, and in neighboring southern Indiana and in Columbus, Ohio."
The companies said Comcast will be responsible for $1.335 billion and Insight will be responsible for $1.26 billion of the partnership's debt.
The split is subject to government and other approvals. The companies think it will be final by the end of the year.
Comcast, the largest cable company, is based in Philadelphia. Insight, the ninth-largest, is based in New York.
ToC
2007-04-06
URL: http://www.dslreports.com/forum/remark,18126409
Earlier this week, we announced that the Insight Midwest partnership, which is owned 50% by Insight Communications and 50% by Comcast, would be divided. You may be wondering why this is occurring and how that will affect your cable services.
First, some history - Comcast, the nation's largest cable provider, acquired AT&T Broadband in 2002. AT&T owned a 50% interest in Insight Midwest which was included in that acquisition. AT&T Broadband had a number of passive investments in other cable companies and Comcast said publicly that these partnerships were not aligned with their longer-term strategy. As a result, Comcast and their various partners have been discussing how to divide their joint assets and our announcement was simply one of a number of these transactions. Indeed, Comcast and Time Warner split up a similar partnership by dividing the assets in a joint venture which served Houston, Kansas City and southwest Texas.
We have been talking with Comcast for quite some time about how to achieve their goal with as little disruption to customers as possible. Comcast expressed their desire to divide the cable systems. Based on their existing operations, they had a preference to own the systems that were geographically close to theirs - specifically those in northern and central Indiana and in Illinois. It was a logical division so we agreed to proceed on that basis.
We expect that the actual transition will occur no later than the end of this year. Until then we will be working closely with Comcast to ensure a smooth transition from our operations to theirs. Comcast is very experienced at transitioning newly acquired cable customers seamlessly and we expect that the transition will be very smooth and non-disruptive to you.
Before you post a lot of questions, please understand that I am posting this strictly for informational purposes because I want to keep you as informed about what is happening as possible. I cannot answer specific questions nor can I comment on the types of services Comcast will be offering in their systems when this transition is completed. However, they are an excellent cable operator with vast experience and I'm sure you will continue to enjoy your services from them.
As for Insight, I have read a few posts questioning our viability as a stand alone entity with half the customers. We will own a very compact, interconnected group of systems with great operating efficiencies. Indeed, today Insight is the 9th largest cable operator in the United States and after the split it will be the 11th largest operator. There are many, many successful cable companies serving far fewer customers than the number we will retain. We have stated publicly that we are content to continue to operate our half of the company and, in due course, will consider all of our options.
We have enjoyed serving all of our customers and I have especially valued my experience with all of you. The BBR community has been extremely informative even if it is sometimes quite challenging. Most importantly, your feedback has helped us make Insight Broadband a great choice for Internet connectivity. Sure we've had our bumps along the way, but to give credit where credit is due, your suggestions and comments have contributed to our improvements and success.
Finally, allow me to say that we have served all of our customers with the same care and dedication for many years. Between now and the transition of the systems going to Comcast, we will remain equally dedicated to all of you. I look forward to continuing to keep a watchful eye on your posts and making sure we're doing the best we can for you! Thank you for your continued business.
ToC
This is a mass email to All Faculty & All Academic Professionals & All Civil Service Staff & All Undergrad Students & All Grad Students. This was sent *March 31, 2007 at 1:07 AM
As you may have read in the popular press, the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA) among others are increasing their copyright enforcement activities. As part of this increased effort, the RIAA has begun to target college students specifically, which means that students who engage in unlawful peer-to-peer file sharing are more likely than ever to be identified and sued by the RIAA.
We think that these increased enforcement activities warrant taking a moment to discuss the relevant policies and practices at the Urbana- Champaign campus of the University of Illinois.
The University does not condone the use of peer-to-peer software for illegal file sharing. Those who engage in it violate U.S. Copyright laws as well as the campus's own policies, including the Student Code and Policy on the Appropriate Use of the Computer Network. Additionally the University bears significant costs associated with responding to DMCA violation notices and the network capacity absorbed by file sharing reduces its availability for general research, teaching, and administrative purposes. For additional information of University related copyright issues, see http://www.cio.uiuc.edu/policies/copyright/copyright.html.
Often the software used for the purposes of illegal file sharing comes bundled with 'spyware' and other software that maliciously captures personal information that contributes to identity theft. You can learn more about protecting yourself from identity theft by reviewing the information at http://www.cites.uiuc.edu/security/index.html. Further, some file sharing programs, even when used for legitimate purposes, will use your computer to transfer illegally obtained material between other users. I strongly encourage you to remove software used for file sharing as well as to immediately remove any illegally obtained material such as music or movies.
Students who are found to have illegally obtained copyrighted material through the campus network will have their computers immediately removed from the network and will not be allowed access to the network until they have undergone a disciplinary process with the Dean of Students Office.
With the announcement by RIAA, MPAA, and others of the intent to target college students with law suits, it should be noted that many of the students sued have settled out of court for amounts on the order of $4- 5000.
In addition to information on our own security website, both the University of Michigan and Chicago provide excellent information on disabling peer to peer programs, see
http://www.cites.uiuc.edu/security/filesharing/index.html
http://security.uchicago.edu/guidelines/peer-to-peer
http://www.copyright.umich.edu
We are both legally and ethically obligated to respond to every notification of copyright violation we receive. I fully believe members of the UIUC campus community will recognize the seriousness of this situation and respond accordingly.
ToC
URL: http://www.democracynow.org/article.pl?sid=07/04/16/1333255
In privacy news, the Education Department is considering shutting down a national database of student borrowers following the disclosure several lending companies may have improperly used it for marketing information. The database contains more than sixty-million records including social security numbers, e-mail addresses, phone numbers and mailing addresses.
ToC
Posted by David Becker 11:48:09 AM, Monday, April 16, 2007
URL: http://blog.wired.com/gadgets/2007/04/sony_copy_prote.html
Reports are starting to pile up of unhappy encounters with a new copy-protection system that Sony is baking into commercial DVD release and which renders certain discs useless on older DVD players.
Suspect titles include regular (not Blu-ray) releases of "Casino Royale,' "Stranger Than Fiction" and "The Holiday," all of which render nothing more than a brief title screen on certain DVD players (including some Sony models).
DRM snoops say it's the return of ARccOS, a somewhat discredited anti-copying system Sony toyed with a year ago. The technology was quickly subverted by makers of DVD-copying software, but is robust enough to flummox some DVD players made by RCA, Toshiba, Philips and others.
One irked customer was told by Sony that it's up to the manufacturers of the DVD players to update their firmware to accommodate the new DRM.
Sony really sucks at DRM [ZD Net]
- http://blogs.zdnet.com/hardware/?p=357
Sony Pictures DVD's have a new a copy protection that makes the movies
unplayable on some Sony (& other makes) DVD players! [Sony Strikes
Again]
- http://sonystrikesagain.wordpress.com/
[Editor's Note: My thanks to Kevin Hisel for submitting this piece for the newsletter.]
ToC
Tuesday, April 03, 2007
By Bruce Alpert
New Orleans Times Picayune
URL: http://www.nola.com/timespic/stories/index.ssf?/base/news-8/11755818719050.xml&coll=1
WASHINGTON - To those who Google, New Orleans returned Monday to its post-Katrina state but not its up-to-date self.
Six months ago the giant Internet search engine began using maps for dozens of cities worldwide that the company says provided clearer imagery.
The higher resolution content for New Orleans was produced before Hurricane Katrina, leading some, including a key member of Congress, to wonder whether the company either was trying to pretend Katrina never occurred or that the city had magically recovered from the 2005 hurricane.
<http://www.cnn.com/2007/TECH/03/31/katrina.google.maps.ap/index.html>
After the Associated Press reported the pre-Katrina maps on Google's search engine and satellite images on Google Earth, which allow Internet users to focus on individual streets and neighborhoods, the company Monday switched to 2006 maps and images.
An online viewer will see plenty of blue roofs and damaged houses, not necessarily a replica of how the city looks today. One New Orleans resident noticed that a neighbor's house that was demolished several months ago was still standing on Google.
Last week, in response to the pre-Katrina maps and images, Rep. Brad Miller, D-N.C., wrote to Google Chairman Eric Schmidt to ask why the company had switched to pre-Katrina maps and imagery.
"Google's use of old imagery appears to be doing the victims of Hurricane Katrina a great injustice by airbrushing history," said Miller, chairman of the Investigations and Oversight Subcommittee of the House Science and Technology Committee.
Google denies any conspiracy to pretend Katrina never occurred or that the Crescent City is back to normal. Even when it put up its new imagery for pre-Katrina New Orleans as part of an effort to improve the pictures for dozens of cities worldwide, spokeswoman Megan Quinn said, the company kept Katrina imagery available at a special Web site: http:earth.google.com/katrina.html.
"In response to thoughtful user feedback, we have accelerated our New Orleans imagery processing and are today making available submeter high resolution imagery of the region from 2006 in both Google Maps and Earth," Quinn said.
ToC
Posted by Elinor Mills
April 13, 2007 2:32 PM PDT
URL: http://news.com.com/2061-10812_3-6176010.html?tag=nl.e498
Just in. Google says it has agreed to buy online advertising company DoubleClick for $3.1 billion in cash. The acquisition will give Google the ability to sell online ads that appear on Web sites other than those in its network. The deal will mean that Web site publishers will get access to new advertisers, and agencies and advertisers will be able to manage search and display ads in one centralized spot, Google says.
Google is buying DoubleClick from San Francisco-based private equity firm Hellman & Friedman, which acquired DoubleClick in July 2005, and JMI Equity and Management.
"It has been our vision to make Internet advertising better--less intrusive, more effective and more useful," Sergey Brin, Google co-founder and president of technology, said in a statement. "Together with DoubleClick, Google will make the Internet more efficient for end users, advertisers and publishers."
Microsoft had been in discussions to buy DoubleClick, according to reports in The Wall Street Journal. In addition to Microsoft, Yahoo and AOL were reportedly in talks with the company. The deal is expected to close by the end of the year.
More to follow as this story develops.
[Editor's Note: My thanks to Kevin Hisel for submitting this piece for the newsletter.]
ToC
February 5th, 2007
We've all seen the PC vs Mac ads by Apple, there are plenty of them. But now it's time for the PC to counterattack, with the help of director Laurie McGuinness, who created four small hilarious clips, with the same character personalities (the PC being older, "boring", and the Mac being younger and cooler), but this time the Mac doesn't get the spotlight. What I liked about the clips is that they're not made in order to harm the Mac, and they don't deny the qualities portrayed in the Mac ads, but they observe the PC's own qualities, without denying the Mac's. So, without more description, here are the clips:
<http://www.our-picks.com/archives/2007/02/05/the-pc-vs-mac-ads-return-now-from-the-pcs-perspective/>
[Editor's Note: My thanks to Jon Bjerke for submitting this piece for the newsletter.]
ToC
'Countdown with Keith Olbermann' for April 13
from the transcript to the Friday show
Updated: 11:48 a.m. CT April 16, 2007
URL: http://www.msnbc.msn.com/id/18136711/
OLBERMANN: Five million e-mails. Five million e-mails. The White House says it can't rule out that as many as 5 million e-mails, many relevant to the fired U.S. attorneys scandal, are lost. But the Republican National Committee insists it disabled Karl Rove's ability to delete his e-mails in 2005.
You know, give me a good hammer, and I can delete any e-mail.
What to do, what to do? The Senate says subpoena. The House says subpoena. The deputy press secretary says wish real hard.
(BEGIN VIDEO CLIP)
DANA PERINO, WHITE HOUSE DEPUTY PRESS SECRETARY: "Missing" is a word that-maybe misplaced or not necessarily lost forever. I think, you know, there are backup tapes, there are different ways in order to go back and find e-mails.
(END VIDEO CLIP)
OLBERMANN: Ever the pragmatists, we will try to help the White House out. It's the COUNTDOWN IT Help Desk to the rescue.
Good evening from New York.
Some of the president's e-mails are missing, like 5 million of them.
Our fifth story on the COUNTDOWN, imagine deleting every e-mail you had written, possibly as soon as you had written it, over the course of more than four years in your job as, say, the top political adviser to the president of the United States. If your name was Karl Rove, chances are you would not have to imagine all that hard.
It turns out that the man called Turd Blossom by the president has not only been using a Republican Party e-mail account for apparently governmental business, the party had to take away his access to delete files in 2005, raising the possibility, reports "The Washington Post," that Rove himself, quote, "personally deleted more than four years' worth of his own e-mails, all of them now missing."
Some of those messages, of course, relate to the firing of those eight federal prosecutors at the Justice Department. As for the latest e-mails we do have on that, thousands of new pages released today in another document dump. Quite a lot appears to be missing from them as well, portions redacted, redacted so much as to be virtually useless, including, it seems, most e-mail addresses. Hint to the administration, that secret is already out.
As well as most of this memo from the attorney general's former chief of staff, Kyle Sampson, to the president's former White House counsel, Harriet Miers. Or this page that seems to have been painted in its entirely with White-out (ph). I made a family of snowmen today.
Here's an e-mail Mr. Gonzales might wish had been redacted by the time he testifies before the Senate this coming Tuesday. Former Justice Department official Monica Goodling, writing in a memo to Sampson and another colleague, quote, "This is the chart that the AG requested." That's a disclosure that could potentially raise problems for the AG, Mr. Gonzales, regarding what he didn't know and when he didn't know it, the possibility of a chart that ranks U.S. attorneys based on their political compliancy.
Last but not least, there is the administration's attempt to spin, if not suppress, the true reason for the dismissal of those eight attorneys. On the eve of testimony from six of them on Capitol Hill, a Justice Department spokeswoman wrote to Bush counselor Dan Bartlett and Cheney aide Cathy (ph) Martin. Quoting, "Right now the coverage will be dominated by how qualified these folks were and their theories for their dismissals. We are trying to muddy the coverage up a bit by trying to put the focus on the process in which they were told."
Keep in mind, these are only the e-mails the administration wanted us to see, and only portions of them at that.
As for those potentially millions more that the administration has lost if not routinely destroyed, the Democrats on Capitol Hill now trying to subpoena or access to the RNC's e-mail servers directly, White House counsel Fred Fielding trying to block them in turn, his claim, executive privilege, even though White House officials say they were using the addresses for political exchanges, not official government business, at the White House today, spokeswoman Dana Perino saying that her sources tell her nobody did anything wrong.
(BEGIN VIDEO CLIP)
PERINO: I feel pretty confident in the source that I talked to, that we are able to say that there is no basis to say that anyone was improperly or intentionally misusing one of the accounts that they were provided to (INAUDIBLE) to avoid violating the Hatch Act. There's just no-there's no indication of that.
(END VIDEO CLIP)
OLBERMANN: You might call it "COUNTDOWN on Your Side." First, we blew the lid off the claim that President Bush nearly blew himself up with a hybrid car. And now, in our fourth story tonight, we're here to help the White House yet again.
Lost e-mails, not a problem. Look harder. There's just no need for the White House to nearly blow itself up politically over potentially millions of e-mails sent on the accounts of the Republican Party, e-mails that might not be lost after all.
Joining me now, the managing director of Straw Streeberg (ph), which specializes in commuter forensics, Ken Mendelson.
Thank you for your time tonight, Mr. Mendelson.
MENDELSON: Oh, it's good to be here.
OLBERMANN: Senator Leahy, the chairman of the Judiciary Committee, scoffed loudly at the notion that the e-mails are really lost in the permanent sense of the word. He has said things like, "I've got a teenage kid in my neighborhood that can go get them for them." Even if that is an exaggeration, was the senator right yesterday when he said that a deleted e-mail may actually be far from deleted?
MENDELSON: Oh, absolutely, absolutely. People have the misconception that e-mail is like a letter. When you send a letter, after it goes in the mailbox, it reaches the other person, and that other person has it, and it's a one-to-one communication. E-mail is more like a bullhorn in a crowded square. All you have to do, basically, is find all the people who were there to hear it and ask the right questions.
OLBERMANN: What about a system, as the RNC has said it had before 2005, in which deleted e-mails were actually purged from servers? What does that mean in layman's terms, and is that the end of it?
MENDELSON: Well, it isn't the end of it, because they may not be on the servers themselves, but there could be several other places where those e-mails could be. There could be backup tapes that were created for either disaster recovery or business continuity purposes. The e-mails could be on the individual workstations, in files that are maintained by the people who were using those e-mail accounts.
OLBERMANN: If the amount of information is massive-I mean, we're talking-the White House said today potentially-they couldn't, couldn't rule out that it might be 5 million e-mails over a four-year period-does that make it harder to get the older messages, the ones that could have actually been written over on the hard drives?
MENDELSON: Well, intuitively, you would think that the older it is, the harder it is to get it back. That may or may not be the case, depending upon where the e-mails are on the particular computer. In the case of servers, yes, that is probably true, where the older the information, if it had been deleted, you probably won't get it back. But on computer workstations, the data is there until it's overwritten by new data.
So given the size of modern computer hard drives, e-mails from, you know, two, three years ago could still exist on the computer, if you know how to find them.
OLBERMANN: The senator, Senator Leahy, also said, with regard to this the lost quality of the e-mails, that's like saying the dog ate my homework. Is there no small amount of irony in this fiasco about e-mail, in the sense that using additional accounts doesn't hide communication, it actually multiplies the number of places you can eventually find the communication?
MENDELSON: Well, certainly. If you have multiple e-mail accounts, you're going to have multiple places where that e-mail is going to reside. Remember, when you send an e-mail, you keep it, and the person who you sent it to has it as well. And then they may forward it and so on and so on. So the more e-mail accounts you have, in all likelihood, the more places there will be to look for them.
OLBERMANN: So what ultimately are the circumstances under which anybody could lose permanently 5 million e-mails in four years? How is it - how would it be possible?
MENDELSON: To lose 5 million? That's a great question. And whether you can you could actually lose 5 million e-mails altogether is-that's one for the books. I'm not really sure. I can say that if there are 5 million e-mails that were sent and received, there's a very strong likelihood that some substantial portion of them can be located.
OLBERMANN: Do you have any idea, from your experience in dealing with people who don't understand the permanent nature of computers and e-mail in particular, what percentage of the population doesn't realize that an e-mail, you know, a bad haircut is temporary, a photograph is forever, an e-mail is even longer than that, right?
MENDELSON: Oh, I would say the vast, vast majority of people don't understand that. And they may believe they've deleted the e-mail, they may believe that it's gone forever, but I think they're simply misinformed.
OLBERMANN: And, of course, also it can become public at any time, as others of us have found out.
Ken Mendelson, computer forensics expert with Straw Streeberg, great thanks for your time. Have a good weekend.
MENDELSON: It's good to be with you. Thank you.
ToC
Written and produced by John Anderson (mediaminutes@freepress.net)
Audio: http://www.freepress.net/mediaminutes/archive/mm040607.mp3
Text: http://www.freepress.net/mediaminutes/transcripts/mm040607.pdf
As part of broadcast television's transition from analog to digital, TV stations are required to give back the analog spectrum they've been using, which the Federal Communications Commission then plans to re-purpose. Analog TV spectrum is especially useful for wireless broadband technology - signals in the 700 megahertz band especially can travel great distances and penetrate buildings very easily, unlike traditional wi-fi. This is a huge opportunity to create a nationwide "third pipe" for broadband, with the added advantage that mobile connectivity would be effortless.
But whether or not the next generation of wireless broadband will even get off the ground is really up to the FCC, and how it goes about auctioning off this spectrum. The Save Our Spectrum Coalition, comprised of the Consumer Federation of America, Consumers Union, Free Press, Media Access Project, New America Foundation, and Public Knowledge, have petitioned the FCC to carefully consider the rules under which it conducts this auction.
Free Press policy director Ben Scott says the Coalition would like to see at least half of this new wireless broadband spectrum devoted to wholesale broadband provision, whereby companies that win the rights to the spectrum would then sell access to it to any Internet service provider. Such a move would bring some much-needed competition to a marketplace where currently 96% of all broadband connectivity in the United States comes through either DSL or cable modem lines provided by the phone or cable company.
Ben Scott: "That open access condition is one of these key moments where we can put a principle of public interest and competition into fundamental spectrum policy that changes the way the broadband market works for the foreseeable future."
Another important condition the coalition would like to see the FCC impose on those who bid for the new wireless broadband spectrum is that all players in this new market abide by the principle of network neutrality. There's a very good chance the agency may move quickly to lay the ground rules for this auction - possibly within the next month or so - but Mark Cooper, research director at the Consumer Federation of America, says a prudent FCC would seriously consider open access and net neutrality as core principles of the next generation of wireless broadband.
Mark Cooper: "These are decisions that tend to get embedded very deeply in the fabric of communications. And a couple months' delay, in order to get this kind of really elemental and fundamental decision correct, should not be something that responsible public policymakers shy away from."
It'll still be some time before long-distance, mobile wireless broadband becomes a reality, though: TV stations are not required to turn off their analog signals until February 17th, 2009.
ToC
Webcasters may get a reprieve from having to pay exorbitant fees for streaming music online. Last month, the U.S. Copyright Royalty Board adopted a new fee structure for streaming radio stations, which would result in them having to pay stiff charges for every song they stream to every listener.
Now, the CRB has agreed to review appeals to the new rate structure from a wide range of parties, including independent webcasters, National Public Radio, and Clear Channel Communications. But the Board stopped short of completely reopening the rate issue for full reconsideration. When the Recording Industry Association of America first tried to strangle webcasters with high royalty rates in 2002, Congress stepped in and forced the CRB to revamp its rules. Though at least one Capitol Hill hearing has touched on the pending threat to Internet radio, no legislation has been introduced yet to tackle the problem.
ToC
Media Minutes: March 23, 2007
Audio: http://freepress.net/mediaminutes/archive/mm032307.mp3
Text: http://freepress.net/mediaminutes/transcripts/mm032307.pdf
Major telephone and cable companies say that regulation to ensure the principle of network neutrality is a solution in search of a problem. But the actions of phone and cable companies speak louder than their words. While they claim they would never, quote, "block, impair or degrade" their customers' ability to connect to whomever, wherever, they're doing just that.
Example one: Comcast broadband customers who do a lot of downloading have discovered that the company has an unofficial cap on the amount of bandwidth they can use in any given month. When people sign up for a broadband connection, they're not told that they can only use a certain amount of broadband a month - the terms of your use are capped by the speed of the connection you pay for, not the amount of data you upload or download. Yet this has not stopped a growing number of customers from receiving calls from Comcast's mysterious "Network Abuse and Policy Observance" office, threatening disconnection unless they stop using the connection they otherwise legitimately paid for.
Example two: AT&T and Comcast are putting the muscle on Yahoo and Google, respectively, to renegotiate deals involving co-branded services. For example, AT&T and Yahoo have sold co-branded DSL service for years, but now AT&T wants to use its control of network infrastructure to take a bigger slice of the broadband subscription base the two have worked to build.
But example three is the most unnerving of the bunch: this month, AT&T, Qwest, and Sprint began blocking some customers' access to certain providers of free conference call services. Everyone involved in the use of a free conference call service already pays the freight to make the call - over a landline that's a long-distance rate, over wireless phones it's the airtime for the call - yet the companies claim these free services unfairly undercut their own conference-call offerings.
It's a disturbing development because it represents the first attempt by phone companies to discriminate between content outside of the broadband arena. Blocking or degrading web sites is one matter, but the wholesale blocking of phone numbers adds a dangerous new dimension to the threat your freedom to connect.
Related Links:
ToC
Feds Agree to Rethink Internet Radio Royalties
Hot Spectrum Draws Cash, and Ideals
Save Our Spectrum Coalition Asks FCC to Create Wireless Broadband Competition
Who Owns Your Local Media Outlets? It's Private
Rescue Internet Radio
NPR Protests Webcaster Fee Hikes
RIAA Moves to Squash Internet Radio by Charging High Rates
Save Our Internet Radio
Save the Streams
Comcast's Comcastic Invisible Cap: Another Reason to Support Net Neutrality
Broadband Providers Looking for Sweeter Deals?
AT&T Blocks Calls to Competing Conference Call Service
The Cingular-AT&T Blocks: Networks and Their Content
Friday, April 6th, 2007
URL: http://www.democracynow.org/article.pl?sid=07/04/06/142238
[Editor's Note: After the revelations of spying on the Hewlett-Parkard board and AT&T assisting in the vacuuming of Internet traffic, this story is just one more step down the road.
http://www.cucug.org/sr/sr0609.html#NEWS.4
http://www.cucug.org/sr/sr0610.html#NEWS.9
http://www.cucug.org/sr/sr0604.html#NEWS.3
http://www.cucug.org/sr/sr0702.html#NEWS.6
http://www.crooksandliars.com/2007/03/07/nsa-blocked-domestic-spying-whistleblower-and-pressured-la-times-to-kill-story/
http://www.democracynow.org/article.pl?sid=07/03/07/1436219
As citizens, these are issues you need to be aware of. This story originated in the Wall Street Journal.]
AMY GOODMAN: Watching the watchdogs. A former worker at Wal-Mart is claiming the retail giant is running a sophisticated surveillance operation that targets employees, journalists, stockholders and critics. Bruce Gabbard was fired last month for intercepting and recording phone calls to and from a /New York Times/ reporter. Gabbard told the /Wall Street Journal/ he was part of a broader surveillance operation run out of Wal-Mart's Arkansas headquarters. Employees reportedly nicknamed their work area "the Bat Cave."
Gabbard also revealed Wal-Mart infiltrated the group Up Against the Wal last year by sending a long-haired employee wearing a wireless microphone to one of the group's meetings. A Wal-Mart surveillance van was stationed outside the meeting in order to listen in to what was happening. Wal-Mart also reportedly closely monitored the internet and phone usage of employees at work. Managers received a list of email addresses and phone numbers with which their employees have communicated and a list of websites visited. Wal-Mart also developed a system to read the personal emails of workers sent or received from private accounts, such as Hotmail or Gmail.
After the /Wall Street Journal/ story ran, Wal-Mart issued an apology, but only to shareholders that were monitored under the surveillance operation.
In a few minutes, we're going to speak with an activist who was targeted by the surveillance, but first we're joined by one of the two reporters who broke the story. Gary McWilliams is a reporter for the /Wall Street Journal/. He joins us from a studio in Houston. Welcome to /Democracy Now!/, Gary.
GARY McWILLIAMS: Good morning, Amy.
AMY GOODMAN: Well, why don't you lay out the story? First, how did you discover what Wal-Mart was doing?
GARY McWILLIAMS: Well, it was about five weeks ago. The company announced they had fired a technician for recording conversations with a /New York Times/ reporter and recording pager messages sent over its internal network. We started looking into it then, and what we found was a very sophisticated, very extensive operation run by former FBI agents, headed by a former CIA agent in his Bentonville headquarters.
Mr. Gabbard spoke with us, described the operation in quite detail and helped draw a picture, really, of a company that had an executive security program, global security, threat protection, information security. A quite extensive operation.
AMY GOODMAN: Talk about the man who became the whistleblower.
GARY McWILLIAMS: You know, Mr. Gabbard is a former Marine. He was a reserve deputy sheriff in Benton County, outside of -- that encompasses Bentonville. But, you know, the interesting part, this goes back to post-9/11. What he described to us was, at that time some FBI had set up a program asking US corporations to look for terrorist cells, using their phone systems to record calls from places like Syria, Iran, North Korea. And Mr. Gabbard helped set that system up. And in the wake, several years later, that same system was used to record calls from a reporter.
AMY GOODMAN: Explain the first part. How did he monitor these calls to these other countries?
GARY McWILLIAMS: Well, they set up a system with their PBX internal telephone system that would look for phone numbers coming from rogue countries, essentially, to them, and then record those calls looking for sleeper cells, perhaps, within their workforce or for terrorists calling in.
And now, this sort of security operation took on a second wind about two or three years ago, when embarrassing memos started appearing on Wal-Mart Watch's website. And those sort of triggered a new round of looking for information leakers inside the company, and they used, again, a very sophisticated email snooping system to look for key words in messages going outside the company.
AMY GOODMAN: You write in the piece in the /Wall Street Journal/ that Mr. Gabbard says he was directed by two former FBI agents working for Wal-Mart who set up this system to monitor foreign calls originally?
GARY McWILLIAMS: Right. Like a lot of companies after 9/11, Wal-Mart took a look at its security systems and decided it needed to sort of beef them up. And what we saw from them was a very sophisticated ramp up of people and equipment.
AMY GOODMAN: And where did Pentagon technology fit into this story?
GARY McWILLIAMS: It's very interesting. You know, a lot of corporations have systems that filter emails, that look for keywords that suggest wrongdoing. What Wal-Mart did was acquire a system used primarily in the past by the Defense Department that was much more sophisticated. It could do things such as tell the degree of flesh tone on an image that was viewed. It could look at all content going over its corporate network. And where typical email monitoring systems would look at the corporate email system -- you know, your internal network -- what this system was able to do was look at any content passing, so if you accessed a Gmail system, for instance, it could see what you're seeing.
AMY GOODMAN: And you write the whole issue of flesh tones has to also do with whether people are viewing pornography?
GARY McWILLIAMS: Correct. You know, most companies have a system to prevent harassment and prevent wrongdoing by employees, but this is fairly advanced. We spoke with a head of an information security network that said it was quite above what most companies have.
AMY GOODMAN: You also write that Wal-Mart helped the Pentagon develop technology.
GARY McWILLIAMS: Well, exactly. This system was not helping the Pentagon. What it was was it was helping a software developer perfect the system. We mentioned the system was used primarily by the Defense Department. Wal-Mart was helping develop a commercial version.
AMY GOODMAN: Oakley Networks, what is this company?
GARY McWILLIAMS: It's a Utah software company that provides a software package called CoreView that looks at information going over a network, and it's so sophisticated, it allows you essentially to replay later exactly what an employee would have seen on his screen or done with his computer. They describe it as sort of a TiVo-like a replay.
AMY GOODMAN: Monitoring keystrokes.
GARY McWILLIAMS: At one level, yes. But, again, it's -- think of it as a TiVo player, where you can replay activities, you know, done in the past. This is quite the same way. They can replay your computer screen to show exactly what you were seeing and changes you were making to it.
AMY GOODMAN: The well-known multinational company McKinsey, where does it play in here?
GARY McWILLIAMS: Well, at one point -- now, one of these embarrassing memos that Wal-Mart felt had been leaked from internally, McKinsey had helped work on that memo. It was their Susan Chambers healthcare memo, if you recall it. Subsequent to that --
AMY GOODMAN: Explain what the Susan Chambers memo was.
GARY McWILLIAMS: It was an internal document sent to the board of directors proposing ways to reduce their healthcare costs. Among those, you know, was requiring employees to do more physical chores to essentially weed out those that were sickly, unhealthy, and therefore cut their healthcare costs.
AMY GOODMAN: So go on with your point.
GARY McWILLIAMS: What the -- you know, the company was embarrassed by this, obviously. And there was a stream of other memos that started leaking out after 2005. And Mr. Gabbard tells us, you know, part of -- he was approached by the head of security to help stop those leaks, and he used the Oakley system essentially to monitor internet access by McKinsey consultants doing a later project.
AMY GOODMAN: We're talking to Gary McWilliams, one of the two /Wall Street Journal/ reporters who broke the story on -- well, the headline: "Inside Wal-Mart's 'Threat Research Operation.'" So tell us what happened to Mr. Gabbard, to the whistleblower who worked for some nineteen years, how exactly this whole thing unraveled and came to be known?
GARY McWILLIAMS: Mr. Gabbard was fired a little more than a month ago as a result of another employee, I guess, going forward and saying that he felt there was something wrong here in taping the /New York Times/ reporter's calls into the company.
AMY GOODMAN: That was Michael Barbaro, the /New York Times/ reporter?
GARY McWILLIAMS: Correct. And as a result of that, they did a month-long investigation of the activities, and he was dismissed thereafter. Now, we spoke with Mr. Gabbard, because he felt the company had misportrayed his activities. You know, they portrayed him as a rogue employee, when, in fact, he felt quite a bit of what he was doing was sanctioned by higher-ups and, in fact, he was pressured into looking -- you know, stopping those leaks by higher-ups in the company.
AMY GOODMAN: In a moment, we're going to be speaking with Nu Wexler, who is a spokesperson for Wal-Mart Watch, a group that is critical of Wal-Mart. But tell us his story.
GARY McWILLIAMS: Mr. Wexler, I think, was attempting to visit with reporters attending a Wal-Mart media event a couple years ago, and what Mr. Gabbard tells us was the security group was looking for ways of identifying him if he showed up at that meeting. And so, Mr. Gabbard went out on the web searching for information on Mr. Wexler and found a blog he had written for the South Carolina Democratic Party, rummaged through that South Carolina computer and found a folder containing Mr. Wexler's vacation photos. And he used those to access and to provide them to Wal-Mart corporate security to identify Mr. Wexler when he showed up.
AMY GOODMAN: A Wal-Mart spokesperson declined our request for an interview, but did issue a statement in response to Gabbard's accusations. Wal-Mart says, "This group is no longer operating in the same manner that it did prior to the discovery of the unauthorized recording of telephone conversations. There have been changes in leadership, and we have strengthened our practices and protocols in this area. Mr. Gabbard and another associate were terminated for their actions of unauthorized recordings of telephone conversations and interception of text messages, and the company self-reported the incident after learning of the phone recordings and interception of text messages situation. Like most major corporations, it is our corporate responsibility to have systems in place, including software systems, to monitor threats to our network, intellectual property and our people. These situations are limited to cases which are high risk to the company or our associates, such as criminal, fraud or security issues." Can you respond to this, Gary McWilliams?
GARY McWILLIAMS: Well, no. I mean, Wal-Mart issued that statement, I think, recently after our story appeared, and they issued a statement a month ago when Mr. Gabbard was terminated. But, essentially, you know, their original statement said that he had violated common practice at the company. Mr. Gabbard maintains there was no policy that prevented him from recording those calls and, in fact, he had been urged post-9/11 to record calls and look for keywords. So I'll leave it to Wal-Mart to decide.
AMY GOODMAN: You also talk about Wal-Mart monitoring shareholders. Explain.
GARY McWILLIAMS: Yeah, you know, it was a fairly uncommon practice, from what we've seen, to look at shareholders who submitted resolutions for the annual meeting. And in this year, what we saw was that the company took those list of shareholders who presented petitions and sent it to their security group to do a "threat assessment" of these people for their potential to disrupt the annual meeting if their petitions were refused. And, you know, we spoke with Dr. Sydney Kay, an 85-year-old retired science teacher, you know, who was among those looked at. And Mr. Kay says, "I'm a nobody. Why would they want to look at me?"
AMY GOODMAN: Overall, you did talk to corporate practices people. How common is this behavior on the part of a corporation?
GARY McWILLIAMS: For some things are very common. I think most Americans are told, if you're using your corporate email system, you know, the law has upheld the right of the company to look at that email. And there are just dozens of software packages that do things like filtering, web filtering, to look at what you're looking at over the internet, tracking the URL address, for instance. And companies are allowed to look at your email used on the corporate system. Typically what they don't do, though, is, you know, track your access to, say, Yahoo mail or Hotmail or Gmail.
AMY GOODMAN: And finally, the issue of Wal-Mart infiltrating an anti-Wal-Mart group, Up Against the Wall -- that's W-A-L -- what did you learn about that?
GARY McWILLIAMS: What Mr. Gabbard had told us was, you know, the company had become concerned that that group had protested at one of its managers' meetings, and it had read on internet sites that it was planning on going to its shareholder meeting last year, and potentially going with ACORN. And that concerned them. They wanted to find out about that, and so they ended up sending an employee to a protest group to find out what might be going on, whether ACORN and Up Against the Wal were joining forces. But it was fairly sophisticated. Again, you know, the employee had a wireless microphone. Mr. Gabbard said he rode around in the company's surveillance van to listen to what was going on and make sure the employee was protected. And then they used the information later to alert the local police department about the protesters' plans.
AMY GOODMAN: And so, the infiltrator, the long-haired infiltrator, went into a meeting, and the van was outside monitoring, because the infiltrator was wearing a microphone?
GARY McWILLIAMS: Essentially, yeah. It was outdoors. I mean, I think they actually recorded a protest group in Fayetteville, Arkansas, and the employee ended up joining the protest march down the street.
AMY GOODMAN: You know, it strikes me that years ago Ralph Nader really began his PIRGs with money that he got from General Motors, because it was exposed that they were monitoring and surveiling him.
GARY McWILLIAMS: I'm not familiar with that. But, you know, you have to understand that anytime you're in a public place, anyone can monitor you. They can take your picture. They can follow you, as long as it doesn't cross a line to harassment. And the same thing with -- we talked about the courts have upheld the legality of a company looking at email on a corporate network.
Wal-Mart has quite strict policies. I'll just go on. You know, they tell their employees any use of company computers or phones could be monitored. They also limit what their employees can look at on the internet. They're fairly restrictive in that regard.
AMY GOODMAN: Well, Gary McWilliams, I want to thank you very much for joining us, /Wall Street Journal/ reporter, joining us from Houston, broke the story, "Inside Wal-Mart's 'Threat Research Operation.'"
ToC
Friday, April 6th, 2007
URL: http://www.democracynow.org/article.pl?sid=07/04/06/142242
AMY GOODMAN: As we continue to look at Wal-Mart's newly exposed surveillance operation, my next guest is a Wal-Mart critic who ended up on Wal-Mart's watch list. Nu Wexler is a spokesperson [Communications Director] for the group Wal-Mart Watch <http://walmartwatch.com>. According to the /Wall Street Journal/ expose, Wal-Mart used pictures found on the internet to track Nu's plans to attend Wal-Mart's annual meeting. Nu Wexler joins us now from Washington, D.C. Welcome, Nu.
NU WEXLER: Hi. Thanks for having me on today, Amy.
AMY GOODMAN: So tell us what you learned about, well, yourself, through Wal-Mart's eyes.
NU WEXLER: Well, I mean, it was -- I, as Gary mentioned earlier on the show, I had attended a Wal-Mart media conference in Arkansas. It was last spring. And it was a public event that Wal-Mart held at the Embassy Suites Hotel, not too far from their corporate headquarters in Bentonville. It was -- some events were closed. Some events were closed to the public, open to media only, and we had no intentions of going into those events, certainly didn't intend to disrupt anything. We were just there because a lot of reporters that we work with every day were attending the event, and it was an opportunity to meet with them firsthand. All of the meetings we did were actually in the hotel lobby in plain view of the company, their many PR reps that were at the event. And, honestly, it was pretty harmless. There wasn't anything threatening, and I don't think it placed Wal-Mart in any danger at all.
AMY GOODMAN: And so, what did you learn about their monitoring of you?
NU WEXLER: Well, it was pretty spooky. I wasn't aware that they were monitoring anything, until I had heard from Gary McWilliams from the /Wall Street Journal/, who, you know, calls one day and is looking for a reaction to Wal-Mart's -- to a file that Wal-Mart had been collecting and the fact that Wal-Mart had my personal vacation photos from a couple years ago that I had buried, you know, just deep on a website. They were harmless, nothing -- I think I actually -- you may have a couple of them, yourself. But these pictures, there was nothing incriminating about them, but it is a little eerie to know that Wal-Mart had a copy of them.
AMY GOODMAN: Now, these were on a website online, your photographs of your holiday?
NU WEXLER: They were. I mean, they were buried deep on a website. It was actually a place I had -- I had actually -- I came back from a trip two years ago to Vietnam and the Philippines, and I came back and had a fairly large photo file. It was a slideshow. And actually, the reason they were on this website was because my family wanted to view them, and they were too big to email, so I just had been doing some -- where I had maintained the site for my employer and created just a folder -- we had plenty of space -- created a folder that was not publicly accessible -- there were no public links to it -- but just created a folder and sent a link around to some friends and family, saying, "Here are my vacation photos. Check them out when you can." So they had been there. They were up there for a little while. Again, there was nothing incriminating about them, so I'm not terribly -- I wasn't terribly worried that they were there. But it's pretty spooky to know that Wal-Mart is interested in them and collecting them.
AMY GOODMAN: Nu Wexler, can you talk about what Wal-Mart Watch does?
NU WEXLER: Sure. We're a nonprofit organization based in Washington, D.C. We're a coalition of labor, religious and environmental organizations that are working to try to challenge Wal-Mart to change some of its business practices. You know, ironically, one of the things that we're pushing for is increased transparency for the company. And events like this make it -- you know, sort of underscore the need for more transparency.
You know, we're pushing Wal-Mart to, among other things, provide better healthcare for their employees, making their -- their employee plan just simply isn't affordable, and many of their employees are forced to go on state Medicaid plans to get coverage for themselves and their family. And Wal-Mart's response has always been, you know, "We're operating on small margins. We're retail. We can't afford to do that." But at the same time, you know, they're spending millions of dollars each year on these sophisticated threat research surveillance operations and are spending at least $10 million a year on a PR firm in D.C. to handle damage control for events like this. So it's inconsistent on their part, and we would challenge them. We hope that they would spend the money more on their employee healthcare system, rather than spying and damage control.
AMY GOODMAN: I wanted to read an editorial that was posted by Barbara Ehrenreich on the AlterNet website <http://alternet.org/workplace/50058/>: "Wal-Mart and Target Spy on Their Employees."
It says, "It reads like a cold war thriller: The spy follows the suspects through several countries, ending up in Guatemala City, where he takes a room across the hall from his quarry. Finally, after four days of surveillance, including some patient ear-to-the-keyhole work, he is able to report back to headquarters that he has the goods on them. They're guilty!
"But this isn't a John Le Carre novel, and the powerful institution pulling the strings wasn't the USSR or the CIA. It was Wal-Mart, and the two suspects weren't carrying plans for a shoulder-launched H-bomb. Their crime was 'fraternization.' One of them, James W. Lynn, a Wal-Mart factory inspection manager, was traveling with a female subordinate, with whom he allegedly enjoyed some intimate moments behind closed doors. At least the company spy reported hearing 'moans and sighs' within the woman's room.
"Now you may wonder why a company so famously cheap that it requires its same-sex teams to share hotel rooms while on the road would invest in international espionage to ferret out mixed-sex fraternizers. Unless, as Lynn argues, they were really after him for what is a far worse crime in Wal-Mart's books: Openly criticizing the conditions he found in Central American factories supplying Wal-Mart stores."
What do you know about this, Nu Wexler of Wal-Mart Watch?
NU WEXLER: Well, the Jim Lynn example is particularly scary. I mean, this was a Wal-Mart factory inspector that at the time was writing up a lot of Wal-Mart factories for unsafe working conditions and violations, and at the same time he was doing that or soon after he started doing that, you know, Wal-Mart sent this team down there to monitor him and promptly fired him after he started writing up some of these factories.
There are other examples. There was another employee, Jared Bowen, who worked for an executive that was fired for, among other things, embezzling corporate funds. Wal-Mart wanted to clean house and get rid of all of these folks. They fired Jared Bowen, one of their employees, who then sued them, and Wal-Mart said, "Oh, we didn't fire you for having anything to do with that scandal. We fired you for lying about your college transcripts," and promptly posted his college transcripts on their website.
You know, there are other instances of Wal-Mart monitoring personal emails between employees that aren't on their corporate system. And then this story in the /Wall Street Journal/ sort of blows the lid off of the entire threat research operation, this idea that -- Wal-Mart's program to spy on reporters, shareholders, you know, company critics. They're taking it a little far. I mean, it goes above and beyond reasonable expectations of corporate security.
AMY GOODMAN: And Barbra Ehrenreich goes on to show that link with the /New York Times/, because it says, "In fact, the cold war thriller analogy is not entirely fanciful. /New York Times/ reporter Michael Barbaro, who related the story of Wal-Mart's stalking of Lynn and his colleague, also reports that the company's security department is staffed by former top officials of the CIA and the FBI. Along the same lines, Jeffrey Goldberg provides a chilling account [?] in the [?] /New Yorker/. Although instructed not to write down anything he saw, he found a 'dark, threadbare room,'" when he provides this chilling account of his visit to Wal-Mart's Bentonville "war room." He says, "he found a 'dark, threadbare room... its walls painted battleship gray,' where only two out of five of the occupants will even meet his eyes. In general, he found the Bentonville fortress 'not unlike the headquarters of the National Security Agency.'"
Nu Wexler, who are the FBI and CIA officials who work for Wal-Mart?
NU WEXLER: Well, I mean, the head of Wal-Mart's corporate security operation is a man by the name of Ken Senser, who ran internal investigations at the CIA for over ten years. There are other former FBI and CIA agents that they've hired up. You know, I mean, it's sort of -- at the time the first /New York Times/ eavesdropping scandal broke a couple of months ago, Wal-Mart said, "Oh, this is one rogue employee, operating on his own, using his own personal equipment," and I think that smelled funny to a lot of reporters and certainly to us, as well.
You know, the equipment that was required to do this was very expensive. Some estimates peg the cost at about a half a million dollars, and some security experts said that it just wasn't possible for somebody to be doing this just on their own. Hobbyists don't do that. They don't go out and pull text messages and phone conversations off of cell phones out of the air just for fun. And what the /Journal/ story reveals is that it was part of a much larger operation, that now a US attorney in Arkansas is actually looking into to try to figure out what exactly they were doing and whether it was legal for Wal-Mart to eavesdrop on private citizens.
AMY GOODMAN: Now, Nu Wexler, we weren't able to reach the group Up Against the Wal, another Wal-Mart critic organization. But this issue of infiltrating the group, what do you know about that? Do you have any evidence of that in your group? And what are you demanding right now?
NU WEXLER: Well, I mean, we don't have any specific evidence of Wal-Mart infiltrating Wal-Mart Watch. We certainly look, you know, when we're interviewing potential job applicants or talking to whistleblowers, I mean, are aware of that and certainly trying to be careful, you know, in that respect.
But, you know, one of the things -- we sent Wal-Mart CEO Lee Scott a letter yesterday, asking him whether they had eavesdropped on our organization, whether if we went to Bentonville in subsequent visits, you know, to Arkansas, whether we would be monitored. We'll probably have a presence at the shareholders meeting in June. We are shareholders. We do have proxy slips for admission. Certainly not with the intent --
AMY GOODMAN: Where is that meeting?
NU WEXLER: Wal-Mart holds it every year not too far from their corporate headquarters in Bentonville. They hold it in the basketball arena at the University of Arkansas, down the road, in Fayetteville, Arkansas.
AMY GOODMAN: Are you going to sue?
NU WEXLER: We haven't decided just yet. We've sent a letter to Wal-Mart CEO Lee Scott, asking them what other information they've collected, and we hope they answer. We hope they let us know.
AMY GOODMAN: Nu Wexler, I want to thank you for joining us, communications director for Wal-Mart Watch, that's based in Washington, D.C.
ToC
URL: http://www.democracynow.org/article.pl?sid=07/04/17/1326249
In business news, Wal-Mart has reclaimed its position as the largest corporation in the United States edging out Exxon Mobil. Meanwhile Wal-Mart has succeeded in winning a gag order to stop a fired security operative from speaking out about the company's spy operations. Earlier this month Bruce Gabbard told the Wall Street Journal that Wal-Mart is running a sophisticated surveillance operation that targets employees, journalists, stockholders and critics of the company. Gabbard also revealed that the company had infiltrated an anti-Wal-Mart group. In addition to the gag order, a judge has order Gabbard to name every person whom he has discussed Wal-Mart with over the past three months. Wal-Mart alleges that Gabbard has violated trade secrets law by revealing confidential information about Wal-Mart security systems and operations.
ToC
Ben Ames
URL: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9012743
March 09, 2007 (IDG News Service) The National Aeronautics and Space Administration confirmed Thursday that it built a special chip used in a disputed demonstration of quantum computing in February.
NASA engineers used their experience with submicrometer dimensions and ultralow temperatures to build a quantum processor for Canadian start-up D-Wave Systems Inc., said Alan Kleinsasser, principal investigator in the quantum chip program at NASA's Jet Propulsion Laboratory in Pasadena, Calif.
D-Wave claimed to demonstrate a prototype quantum computer during a news conference Feb. 13 at the Computer History Museum in Mountain View, Calif. But industry experts became skeptical when D-Wave revealed it had left the computer at its Vancouver office, then conducted the demonstration over a Web link.
"You could characterize our announcement as being met with enthusiasm from industry and skepticism from academia," D-Wave CEO Ed Martin said in an interview Feb. 27. But he said the event served as proof of concept of the technology, and that D-Wave's potential customers are businesses that don't care how the technology works as long as it can solve their complex models. He plans to start renting time on the machine to customers in 2008.
"Businesses aren't too fascinated about the details of quantum mechanics, but academics have their own axes to grind. I can assure you that our VCs look at us a lot closer than the government looks at the academics who win research grants," Martin said.
He described D-Wave's computer as a hybrid, running applications on a traditional, digital computer and using a single quantum processor as an accelerator or co-processor. Martin said the back end is a rack-mounted PC with an off-the-shelf processor, but wouldn't cite the specific brand.
The crucial part is the quantum chip, which is a processor built from the superconducting materials aluminum and niobium, then chilled in a tank of liquid helium. It achieves supercomputing speeds because its basic data units -- called qubits -- can hold both the values 0 and 1 simultaneously, and instantly share those values among all the qubits. A standard digital processor assigns a specific value to each data bit, and handles them one at a time.
D-Wave designed the quantum chip and then contracted with NASA to build it. The request was nothing new for engineers at the Microdevices Laboratory (MDL), a unit of the Jet Propulsion Laboratory. Scientists in this group were accustomed to building superconducting circuits for clients, such as Hypres Inc. in Elmsford, N.Y., and for instruments used aboard spacecraft, such as the European Space Agency's Herschel mission.
"There has been activity in MDL in quantum technology, including quantum computing, for around 10 years," Kleinsasser said. "Superconducting quantum computing technology requires devices and ultralow [millikelvin] temperatures that are also required in much of our sensor work. A couple of years ago, D-Wave recognized that JPL is capable of producing the chips it wished to design. There is no [private] industry that can deliver such superconducting devices. So, we worked out a collaboration that produced the chips that D-Wave is currently using."
The computer that D-Wave used for the Feb. 13 demonstration had a chip capable of running at 16 qubits, Martin said. The company plans to scale its machine much larger in the next 18 months, reaching 32 qubits by the end of 2007, then 512 qubits and 1,024 qubits by the end of 2008.
Still, D-Wave will surprise a lot of experts if it can reach its goals. Many analysts said quantum computing is feasible, but that a working system is still a decade or more away.
"Given the kind of upheaval a working quantum system would bring, especially to the financial system where cryptography would become vulnerable, it would be major technology breakthrough," said Martin Kariithi, an analyst at Technology Business Research Inc.
"I don't think a small company like D-Wave would pull it off; they are likely to get absorbed by a tech heavyweight like Intel or IBM as they get within five to eight years of a solution," he said.
ToC
posted by Bhola Meena @ 11:39 PM, Saturday, March 24, 2007
URL: http://desktop-tools.blogspot.com/2007/03/microsoft-windows-vista-os-rated-as.html
Microsoft, the software giant has frequently been criticized for releasing insecure products, with security holes and vulnerabilities galore. However, Symantec, the world's leading security company thinks otherwise, and has said so in a forthright manner in its latest research report.
In Symantec's 11th Internet Security Threat report, the company said that when it comes to widely-used operating systems, Microsoft has being doing better overall when compared to its leading commercial competitors. This report was released this week itself, and covers a vast range of security and vulnerability issues over the last six months of 2006.
The Symantec report found that Microsoft Windows had the fewest number of patches and the shortest average patch development time when compared with the five operating systems that the security giant had monitored in the second half of 2006.
During this period, 39 vulnerabilities, 12 of which were ranked high priority or severe, were found in Microsoft Windows. However, Microsoft took an average of 21 days to fix them all.
The next best performer was Red Hat Linux, which required an average of 58 days to address a total of 208 vulnerabilities. However, this was a significant increase in both problems and fix time over the first half of 2006, when there were 42 vulnerabilities in Red Hat with an average fix time of 13 days.
Next up was Mac OS X, and if you read further you will realize that Apple has absolutely nothing to boast about. Symantec found 43 vulnerabilities in Mac OS X and a 66 day turnaround on fixes. Fortunately, only one was high priority. Like the others, this is also an increase over the first half of the year. For the first half of 2006, 21 vulnerabilities were found in Mac OS X and Apple took on average 37 days to fix them.
In the rear, was HP-UX from Hewlett Packard and Solaris from Sun. HP-UX had 98 vulnerabilities in the second half of 2006 and took 101 days to fix them. Sun, which had 63 vulnerabilities, took an average of 122 days to fix them. The company didn't do any better in the first half of 2006 either, as Sun took 89 days to fix 16 vulnerabilities.
According to Alfred Huger, vice president of engineering for Symantec Security Center, the real problem is with Web applications, where two-thirds of all vulnerabilities are found. Operating systems are fairly minor, and despite the long time periods, the vendors are doing "an ok job, just not stellar."
[Editor's Note: My thanks to Jon Bjerke for submitting this piece for the newsletter.]
ToC
by Adam C. Engst <ace@tidbits.com>
TidBITS#873/02-Apr-07
article link: <http://db.tidbits.com/article/8937>
In a press conference today in London, Apple and EMI Music announced that starting in May 2007, EMI Music's entire digital catalog of music will be available for purchase in DRM-free versions from the iTunes Store worldwide. Removing Apple's FairPlay digital rights management system from the tracks comes with a price, though. DRM-free tracks will cost $1.29 rather than $0.99, although they will also feature higher quality 256 Kbps AAC encoding, which Apple claims makes them indistinguishable from the original recording. 128 Kbps versions with Apple's FairPlay DRM will remain available for $0.99, giving users the choice of which track to purchase.
<http://www.apple.com/pr/library/2007/04/02itunes.html>
All EMI music videos will also be available without DRM, with no change in price. iTunes will provide a one-click option for customers to upgrade previously purchased EMI songs for 30 cents per song.
Commenting on the announcement, Apple CEO Steve Jobs said, "We are going to give iTunes customers a choice - the current versions of our songs for the same 99 cent price, or new DRM-free versions of the same songs with even higher audio quality and the security of interoperability for just 30 cents more." The move comes a mere two months after Jobs posted his widely read open letter about the ills of DRM and Apple's opinions about it (see "Steve Jobs Blasts DRM," 2007-02-12).
<http://www.apple.com/hotnews/thoughtsonmusic/>
<http://db.tidbits.com/article/8856>
The removal of DRM from EMI's content sold through the iTunes Store is a significant event in the short history of online music sales, given the iTunes Store's leading position in the market. Customers purchasing DRM-free songs will be able to play them on any digital music player that supports unprotected AAC (and you can bet that the capability will be added soon to any that currently don't), thus eliminating much of the complaint about how Apple required the use of the iPod to play iTunes Store purchases. Other usage restrictions that disappear for EMI songs include the capability to play purchased songs on more than five computers and to burn playlists containing purchased songs more than seven times. Needless to say, the removal of DRM does not mean that it's legitimate to copy music in ways that violate copyright law, but that's not new.
The increased price presumably helps EMI feel better about the possibility of increased copying, and I wouldn't be at all surprised if Apple and EMI will be tracking the number of songs from the iTunes Store that appear on the peer-to-peer file sharing services. More important, increasing the price to $1.29 while keeping the DRM-protected versions available for $0.99 creates additional revenue, which the music labels had been pushing for, while letting Apple hold fast to $0.99 as the base price.
From the research perspective of determining consumer attitudes to DRM, it's a little unfortunate that Apple increased the encoding rate for the DRM-free versions of EMI's songs. Had DRM removal been the only change, it would have provided a clear-cut answer to the question of how customers value the legally granted rights that DRM restricts. Of course, since quality has never been a significantly limiting factor in working with digital music for most people, the popularity of DRM-free music will still offer worthwhile insight into consumer attitudes. Personally, I plan to pony up the additional 30 cents per track for all the EMI music I've purchased from the iTunes Store.
It's unsurprising that the first chink in the iTunes DRM armor comes from EMI, since EMI has been dabbling with DRM-free music since late 2006, selling a few songs without DRM via Yahoo Music. The question is, will EMI's move to the anti-DRM camp convince other major labels to follow? Jobs said that Apple expects to have more than half of the five million songs on iTunes available in DRM-free versions by the end of 2007, so the implication is that Apple is negotiating with the other major labels as well. Even so, the terms - FairPlay DRM or an additional 30 cents per track - seem quite set now, since I can't see Apple offering music from different labels for different prices.
<http://news.digitaltrends.com/article11874.html>
Despite the removal of DRM from EMI's music videos, Jobs made no comment on whether Apple would be negotiating with the TV and movie studios to remove DRM from other music videos, the 350 TV shows, and the 400 movies currently available through the iTunes Store. (And for anyone following the numbers, Apple says it has sold over 2 billion songs, 50 million TV shows, and 1.3 million movies from the iTunes Store so far.)
[Glenn Fleishman] Adam's research curiosity aside, I'm especially happy Apple and EMI coupled an increase in audio quality with the increase in price and removal of DRM. For me, this makes the decision to upgrade my EMI content even easier. At 256 Kbps, according to several audiophile sites I checked, an AAC should be indistinguishable from the data encoded in a typical audio CD. I suspect the quality will be even higher, though, because preprocessing - optimizing audio or video quality for a particular compression algorithm - from the original digital masters could produce even better results. Apple and EMI haven't said anything on this front.
The other question for me is whether EMI and Apple will digitally watermark the non-DRM audio files. Digital watermarking subtly modifies the media data to overlay encrypted or in-the-clear information that can be retrieved. The idea is that the watermark can't be removed without also affecting the overall quality of the music encoded in the file. One attempt by the record industry at watermarking was definitively defeated by Princeton professor Ed Felten, a notable critic of DRM and other schemes.
<http://www.wired.com/wired/archive/9.07/mustread.html?pg=2>
[Jeff Carlson] Glenn points to the potential for dramatically higher-quality recordings, but so far we don't know whether Apple or EMI are using masters to create the files. It wouldn't surprise me if there are three interns grabbing CDs from the archives and ripping them in iTunes (I doubt that's the case, but it wouldn't surprise me). The first movie I purchased from the iTunes Store when video became available, Grosse Pointe Blank, didn't look like it was encoded from any sort of master print, even taking into account video compression.
<http://www.imdb.com/title/tt0119229/>
Frequent TidBITS contributor Andrew Laurence noted that this shift to non-DRM music makes it possible to play back music purchased from the iTunes Store on hardware devices such as the Slim Devices Squeezebox or the Sonos Digital Music System.
<http://www.slimdevices.com/>
<http://www.sonos.com/>
I also wonder (without any information to back it up) whether other music companies or services are planning to announce DRM-free offerings soon. The Apple/EMI event wasn't announced until the day before it happened, and the new tracks won't be available on the iTunes Store until May. To me, it sounds like Steve Jobs hopped a quick flight to England to make sure Apple and iTunes garnered the first headlines.
ToC
by Geoff Duncan <geoff@tidbits.com>
TidBITS#874/09-Apr-07
article link: <http://db.tidbits.com/article/8938>
[TidBITS Editor's Note: We weren't able to touch base with Editor-at-Large Geoff Duncan in time for last week's "Apple and EMI Offer DRM-Free Music via iTunes" (2007-04-02), but his extensive experience in the recording industry makes his commentary essential reading for anyone following the situation. -Adam]
<http://db.tidbits.com/article/8937>
For folks who aren't regular watchers of the music industry: EMI is the third largest of the "big four" major music labels, and home to popular acts like Robbie Williams, Pink Floyd, The Rolling Stones, Norah Jones, Coldplay, and (of course) The Beatles. (If you're wondering when The Beatles music might be available for download purchase, there's still no timetable, although EMI CEO Eric Nicoli did say, "We're working on it.") EMI has always had a UK bent, but its roster also includes a number of well-known American artists like Bonnie Raitt, Lenny Kravitz, Liz Phair, and Wynton Marsalis.
So what about the remaining big record labels? Right now, all indications are that they plan to let EMI set sail alone into the unchartered waters of offering unprotected music, then wait to see what happens. And no one knows what's going to happen: major labels' market research is essentially limited to a handful of tracks (many released by EMI) intended to promote specific artists or album releases. EMI obviously believes the results of those tests were positive enough to warrant making their entire catalog available without DRM, albeit at a premium.
Right now, none of the other major labels feel so confident, but Steve Jobs has boldly predicted as much as half the music sold on iTunes may be DRM-free by the end of the year: that probably indicates he expects at least one other major label to come on board.
EMI will be offering other digital music services the option to sell non-DRM content in AAC, Windows Media, and standard MP3 formats. Although the iTunes Store will be the first to offer EMI music without DRM, there's nothing exclusive about the deal. (A Microsoft spokesperson noted last week that the company is also in talks with other unnamed publishers.)
<http://playlistmag.com/news/2007/04/06/drmfree/>
As a side note, yes, EMI's wholesale price to distributors for unprotected tracks is higher than for DRM-laden tracks, but EMI is offering the same wholesale price for complete albums regardless of whether they carry DRM protection. Music labels are seeing revenue from traditional CD sales declining sharply, and revenues from digital sales are failing to make up the difference. Industry analysis seems to indicate online music stores' a la carte purchasing systems are a contributing factor, encouraging customers to purchase just the handful of tracks they want rather than buying an entire collection. While consumers love being able to purchase individual tracks, the result is that, on an album-by-album basis, labels earn less money from digital sales than traditional CD sales - even from artists' fans. So both online music stores and music labels are looking for ways to encourage consumers to purchase entire albums - Apple's new "Complete My Album" feature is another example (see "iTunes, You Complete Me," 2007-04-02).
<http://db.tidbits.com/article/8933>
But the bottom line here will be the bottom line. EMI believes it can increase digital sales and overall revenue by offering its music catalog without digital rights management - increasing the encoding rate on iTunes offerings from 128 Kbps to 256 Kbps is a value-added feature to sweeten/justify that 30 cents/.30 Euros premium. If the expected revenue fails to materialize, we can probably expect EMI to put a swift end to this experiment.
When unprotected AAC tracks become available via iTunes, I'll be curious to see what turns up as they're inevitably deconstructed and analyzed. I wouldn't be surprised if Apple encodes purchase identifiers or other watermarks to monitor piracy and trace tracks as they promulgate to file sharing services... but my gut tells me they won't bother. Remember, it's all about the bottom line: at this point, it's no surprise that music is being copied and shared widely, and it doesn't matter much whether it comes from traditional audio CDs, unprotected tracks offered for sale, or other sources. The question is whether offering non-DRM tracks encourages more people to tap into legal, revenue-generating sources of music. EMI and Apple apparently believe the answer will be "yes."
Speaking of that encoding rate improvement, Glenn Fleishman suggested in the Staff Roundtable section of last week's article that 256 Kbps AAC files "should be indistinguishable from the data encoded in a typical audio CD." Between "should be" and "will be" are an essentially infinite number of variables, but yes, generally speaking, if you can hear the sort of artifacts and soundstage compression that happens with typical 128 Kbps AAC encoding, in most cases you'll probably be happier with 256 Kbps AAC encoding.
However, if you fall into this category, you've just separated yourself from 99.5 percent of the music listening public, and you've probably put a lot of time and money into your gear. Although there are many variables - not the least of which is the nature of the recorded material - most musicians I know can't tell the difference between a 128 Kbps MP3 and an audio CD until I start pointing things out. That said, once things are pointed out, musicians generally can hear them, which often isn't true of non-musicians.
Glenn also postulated that optimizing the quality from the original digital masters could produce even better results. There are two main variables here: the encoding software and the masters. I haven't compared AAC encoders, but I'm told there are significant differences between them. MP3 encoders are still highly variable. So, yes: let's hope whatever third party does the encoding picks a good one and knows how to use it.
As for the masters... for the time being, most listeners only have the possibility of seeing high-res masters on specialized releases; for instance, some material mastered for surround, DVD-Audio, or SACD. Those generally aren't the masters which will be used by EMI for iTunes or other music vendors. In the future, we may see digital services offering audiophile audio from high resolution masters, but the EMI non-DRM releases won't fall into that category - they're all about mainstream music. Audiophiles won't be happy with anything but high-res lossless formats anyway, and then they'll complain about the mastering gear ("At exactly 4:16.35 I can hear that characteristic 6072A tube ring in the left channel! Argh! The phasing is intolerable!") so I doubt it will happen.
Even if you're able to acquire 256 Kbps AAC files with greater fidelity than 44.1/16-bit audio CDs, again, you won't be able to hear the difference without putting time and money into your gear and having good ears. Most consumers stand little chance of hearing the difference because the DACs - the digital-to-analog converter chips in Macs and other digital music players - just aren't up to the task. Without good ears and years of experience, users will have to get into systems with considerably better specs than what's available in even high-end consumer gear before they can reliably detect a quality difference.
ToC
by Adam C. Engst <ace@tidbits.com>
TidBITS#870/12-Mar-07
article link: <http://db.tidbits.com/article/8900>
Thanks to our EFF buddy Fred von Lohmann for a pointer to SonicLiving, a Web site that offers a service similar to the iConcertCal iTunes plug-in we covered recently (see "iConcertCal: Your Gig-Going Pal," 2007-03-05).
<http://www.eff.org/>
<http://sonicliving.com/>
<http://db.tidbits.com/article/8888>
Like iConcertCal, SonicLiving can generate a calendar of concerts based on artists in your iTunes library, though it does this via a Java applet that reads your artist list and then lets you select which artists to watch for. That's actually a good thing, since options let you select all artists, artists with more than one song, and artists with five or more songs, easily letting you eliminate the one-hit wonders. SonicLiving can also pick up your favorite artists from music services such as Pandora (see "Pandora Beats iTunes for Holiday Music," 2005-12-05) and the similar last.fm. Unlike iConcertCal, SonicLiving shows concerts only in 11 metropolitan areas, so it's most useful for those near certain major cities.
<http://www.pandora.com/>
<http://db.tidbits.com/article/8347>
<http://www.last.fm/>
But what sets SonicLiving apart, and makes it worth a look for anyone interested in music, is the amount of information it integrates about any given artist. Once you've added all your favorites to your wishlist, clicking an artist's name displays an overview page containing the next few upcoming events, an area where video clips from YouTube are listed and can be played, and a summary of other people who like the artist. You can expand any of these sections to list all events, to show all the people who have this artist on their wishlists, to see news items about the artist, or to see what albums the artist has on the iTunes Store.
<http://www.tidbits.com/resources/2007-03/SonicLiving-overview.jpg>
Although others may find the social networking aspects of SonicLiving compelling (you can easily see what shows others are interested in and set up friend connections), I was more struck by the way SonicLiving provides an easy interface for watching music videos on YouTube (many of which are undoubtedly copyright infringements, but which can provide low-quality, full-length song previews) and for playing all 30-second preview clips from the iTunes Store, one after another. I've always found the need to play each preview in iTunes separately annoying; I often want to hear all the clips on an album without fussing with something like the iTunes Music Store Player script. It is of course easy to jump to the iTunes Store to purchase a song or album.
<http://www.dougscripts.com/itunes/scripts/scripts02.php?page=3#itunesmsp>
I was disappointed that SonicLiving lacked links to artist Web sites, and I was also surprised that it doesn't do the "people who liked X also liked Y" kind of recommendations. You can see the wishlists of people whose lists overlap with yours, which is sort of the same thing, but that seems a bit roundabout. Nonetheless, SonicLiving is the kind of site you can easily lose yourself in, so be sure to dive in when you have some time to burn.
ToC
The easiest solution: Change the default password
by Gregg Keizer
URL: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9011588
February 20, 2007 (Computerworld) -- Cisco Systems Inc. is warning users that nearly 80 of its routers are vulnerable to a hack tactic that got play last week.
Dubbed "drive-by pharming" by Symantec Corp. and university researchers who first publicized the danger in a paper, the attack involves luring users to malicious sites where a device's default password is used to redirect them to bogus sites. Once they are at those sites, their identities could be stolen or malware could be force-fed to their computers.
In an advisory posted Thursday, Cisco listed 77 vulnerable routers in the lines sold to small offices, home offices, branch offices and telecommuters. The advisory recommended that users change the default username and password required to access the router's configuration settings, and disable the device's HTTP server feature.
The paper, co-written by a Symantec researcher and two other researchers from Indiana University (download PDF), urged a similar move by router owners.
"Owners of home routers who set a moderately secure password -- one that is non-default and non-trivial to guess -- are immune to router manipulation via JavaScript," the report read.
The researchers also argued that router makers should stop using blank or easy-to-guess passwords, such as "admin," and switch to the device's serial number. "This value, which is unique to each individual router, would comprise a very secure and unpredictable password," the report stated.
[Editor's Note: My thanks to Jon Bjerke for submitting this piece for the newsletter.]
ToC
Researchers say they've found a fast way to break WEP protection on Wi-Fi networks.
Peter Sayer, IDG News Service
Wednesday, April 04, 2007 08:00 AM PDT
URL: http://www.pcworld.com/article/id,130385/article.html
The Wi-Fi security protocol WEP should not be relied on to protect sensitive material, according to three German security researchers who have discovered a faster way to crack it. They plan to demonstrate their findings at a security conference in Hamburg this weekend.
Mathematicians showed as long ago as 2001 that the RC4 key scheduling algorithm underlying the WEP (Wired Equivalent Privacy) protocol was flawed, but attacks on it required the interception of around 4 million packets of data in order to calculate the full WEP security key. Further flaws found in the algorithm have brought the time taken to find the key down to a matter of minutes, but that's not necessarily fast enough to break into systems that change their security keys every five minutes.
Now it takes just 3 seconds to extract a 104-bit WEP key from intercepted data using a 1.7GHz Pentium M processor. The necessary data can be captured in less than a minute, and the attack requires so much less computing power than previous attacks that it could even be performed in real time by someone walking through an office.
Anyone using Wi-Fi to transmit data they want to keep private, whether it's banking details or just e-mail, should consider switching from WEP to a more robust encryption protocol, the researchers said.
"We think this can even be done with some PDAs or mobile phones, if they are equipped with wireless LAN hardware," said Erik Tews, a researcher in the computer science department at Darmstadt University of Technology in Darmstadt, Germany.
Tews, along with colleagues Ralf-Philipp Weinmann and Andrei Pyshkin, published a paper about the attack showing that their method needs far less data to find a key than previous attacks: just 40,000 packets are needed for a 50 percent chance of success, while 85,000 packets give a 95 percent chance of success, they said.
Although stronger encryption methods have come along since the first flaws in WEP were discovered over six years ago, the new attack is still relevant, the researchers said. Many networks still rely on WEP for security: 59 percent of the 15,000 Wi-Fi networks surveyed in a large German city in September 2006 used it, with only 18 percent using the newer WPA (Wi-Fi Protected Access) protocol to encrypt traffic. A survey of 490 networks in a smaller German city last month found 46 percent still using WEP, and 27 percent using WPA. In both surveys, over a fifth of networks used no encryption at all, the researchers said in their paper.
Businesses can still protect their networks from the attack, even if they use old Wi-Fi hardware incapable of handling the newer WPA encryption.
For one thing, the researchers said, their attack is active: in order to gather enough of the right kind of data, they send out ARP (Address Resolution Protocol) requests, prompting computers on the network under attack to reply with unencrypted packets of an easily recognizable length. This should be enough to alert an IDS (intrusion detection system) to the attack, they say.
Another way to defeat attacks like that of the Darmstadt researchers, which use statistical techniques to identify a number of possible keys and then select the one most likely to be correct for further analysis, is to hide the real security key in a cloud of dummy ones. That's the approach taken by AirDefense Inc. in its WEP Cloaking product, which was released Monday. The technique means that businesses can cost-effectively protect networks using old hardware, such as point-of-sale systems, without the need to upgrade every terminal or base station, the company said.
If your network supports WPA encryption, though, you should use that instead of WEP to protect your private data, Tews said.
"Depending on your skills, it will cost you some minutes to some hours to switch your network to WPA. If it would cost you more than some hours of work if such private data becomes public, then you should not use WEP anymore," he said.
[Editor's Note: My thanks to Jon Bjerke for submitting this piece for the newsletter. For more on this topic check out "Step on a WEP Crack, Break Your Network's Back" by Glenn Fleishman at <http://db.tidbits.com/article/8942>.]
ToC
"WIKISKY lets you see what's up in the heavens above. You can locate many deep sky objects, get detailed information on them by simply hovering your mouse, and see high-quality Sloan Digital Sky Survey images for selected parts of the sky. Type in your current location, verify your timezone, and you can use WIKISKY to help plan your next observing session"
ToC
"Hate it when websites take it on themselves to resize your browser window?"
<http://www.downloadsquad.com/2007/03/23/fight-firefox-resizing-with-four-simple-steps/>
ToC
Check out this web interface... remind you of something... a long time ago.... ?
ToC
Paul Thurrott
URL: http://www.wininformant.com/
I'm tired of Microsoft's insane posturing about Windows Vista SP1. I've written about this before, but it bears repeating. Every single time Vista SP1 comes up, some representative from Microsoft--all the way up to CEO Steve Ballmer, by the way, who has done this twice in public--acts as if the company has no idea when it will ship SP1 or what features it will include. That is not true. Microsoft will ship Windows Vista SP1 concurrently with Longhorn Server in Q3 2007 and SP1 will include a major kernel update for Vista that will bring the client OS up to speed with the version of the Windows kernel in Longhorn Server. That has been the plan for quite a while, and they all know it. Why the company can't just say, "We'd rather not discuss SP1 at this time" is beyond me. Instead, they're simply lying, and for no good reason. And that's not right, especially when there are millions of customers waiting on this release to upgrade. You'd think a company that supposedly cares about transparency as much as Microsoft would realize when they're being so, well, transparent.
Microsoft this week admitted that hackers have broken the product activation scheme in Windows Vista in at least two different ways, allowing users to pirate the software and install multiple copies on PCs. Intriguingly, the company says it has no plans, however, to thwart the efforts. "Our goal isn't to stop every 'mad scientist' that's on a mission to hack Windows," Microsoft senior product manager Alex Kochis wrote in his blog this week. "Our first goal is to disrupt the business model of organized counterfeiters and protect users from becoming unknowing victims. This means focusing on responding to hacks that are scalable and can easily be commercialized, thereby making victims out of well-intentioned customers." I guess Microsoft isn't technically sanctioning these hacks, but it sure isn't doing much to discourage people either.
PC maker Acer is coming on strong in the notebook market, thanks to new retail pushes. In the fourth quarter of 2006, Acer pushed aside Toshiba to become the third best selling maker of notebook computers, behind HP and Dell. In the quarter, HP sold 5.05 million notebook computers, compared to Dell, with 3.52 million, and Acer, with 3.37 million. Fourth place Toshiba sold 2.45 million units. Researchers at IDC now believe that Acer has enough momentum to pull into third place overall in the PC industry. To do so, they'll have to displace Lenovo, which is currently in the top three behind HP and Dell.
This week, Web analysts at Janco Associates said that Mozilla Firefox's growth has stalled since Microsoft shipped IE 7.0, suggesting that the software giant has finally found a solution to its previously dropping share of the browser market. Since December 2006--when Microsoft made IE 7.0 a semiautomatic download through Windows Update--Firefox use has increased less than one percentage point, from 12.5 percent to 13.4 percent. In contrast, IE's market share has surged from 67.5 percent in December 2006 to 70.5 percent in March 2007. IE 7.0 now accounts for about 31 percent of the entire Web browser market, according to Web analytics company WebSideStory.
Intel this week promoted its upcoming microprocessor designs, which will ship over the next year and a half. The company is moving all of its mainstream microprocessors to a more efficient 45nm design, which will provide better performance and cooling (a win-win situation in the hardware world). Intel will ship six new microprocessors over the next year and a half and will move to models with more processor cores than today's dual-core models. A new processor family--code-named Penryn--will ship this year, offering the 45nm design, more efficient power management, and quad-core functionality. A future processor family, Nehalem, will ship in 2008 and integrate system interconnects, memory controllers, and a graphics engine right in the CPU. This chip will come in versions with as many as eight processor cores. Intel describes this chip design as the first major architecture shift in its mainstream processors since the Pentium Pro, which shipped more than a decade ago.
ToC
URL: http://apcmag.com/5835/vendors_in_no_rush_to_ditch_xp_for_vista
Computer makers have been told they'll no longer be able to get Windows XP OEM by the end of this year, despite consumer resistance to Vista and its compatibility problems.
By early 2008, Microsoft's contracts with computer makers will require companies to only sell Vista-loaded machines. "The OEM version of XP Professional goes next January," said Frank Luburic, senior ThinkPad product manager for Lenovo. "At that point, they'll have no choice."
Despite Microsoft's relentless promotion of Vista, manufacturers are still seeing plenty of demand from customers for systems preloaded with XP, especially in the finicky SOHO market.
In a recent post on its Direct2Dell blog, Dell reaffirmed to concerned customers that it wasn't about to force small business users -- who typically purchase PCs piecemeal, rather than in large enterprise-style orders -- to shift to Vista, which has experienced a less-than-stellar reaction from many buyers because of driver issues and moderately beefy hardware requirements.
"Dell recognizes the needs of small business customers and understands that more time is needed to transition to a new operating system," the post read in part. "The plan is to continue offering Windows XP on select Dimension and Inspiron systems until later this [northern] summer."
"From a local perspective, the post was a reminder more than an announcement," Dell ANZ corporate communications manager Paul McKeon told APC.
"This was something we'd always planned during the transition phase since businesses will have different time frames to adopt the new OS. If you're a consumer, you're unlikely to be managing more than say 2.4 OS images at home, so it's less of an issue"
There's general agreement amongst PC resellers that Vista has provided a minor boost to PC sales, but hasn't produced blockbuster numbers. A similar story applies in the retail space. Figures from marketing consultancy GfK suggest that after an initial sales surge, around 1500 copies of Vista are now being sold through Australian retailers each week, according to a recent report in the AFR.
While Dell's post suggested it wouldn't be promoting Vista systems to the home market, manufacturers still have the option of selling XP-based systems for consumers this year.
ToC
URL: http://www.digitmag.co.uk/news/index.cfm?RSS&NewsID=7717
Microsoft has begun reminding millions of testers of Windows Vista's beta and release candidate (RC) previews that their trial runs end on June 1. Cori Hartje, director of Microsoft's antipiracy efforts, became the first company executive to note the impending deadline. "As a reminder to those that helped with Windows Vista beta testing, the beta installations are set to expire at the end of May 2007," said Hartje in a Q&A that Microsoft posted March 30 on its public relations Web site. "So customers need to decide if they want to move to Windows Vista or back to Windows XP if they have test versions of Windows Vista on their PCs."
Details on how best to do that, however, are scant. Despite repeated requests to clarify the exact procedure beta and RC users need to take -- and whether Microsoft will provide either guidance or offer a discount to testers -- the company declined to spell out its plans.
What information the company has published is on last year's Customer Preview Program (CPP) site, which points to the June 1 expiration date and explains that once installed, the Vista previews don't allow for operating system rollbacks. "You cannot roll back to the previous operating system installation -- you will either have to acquire and install the final released edition of Windows Vista or reinstall a previous edition of Windows," the site reads.
ToC
Paul Thurrott, WinInfo
URL: http://www.windowsitpro.com/windowspaulthurrott/Article/ArticleID/95736/windowspaulthurrott_95736.html
Lost amid the hoopla last week over EMI's announcement that it will sell digital music without Digital Rights Management (DRM) restrictions was the fact that Apple wasn't the only online music service to sign on for the DRM-free music offerings. This week, Microsoft also admitted that it will offer music without DRM.
"The EMI announcement is not exclusive to Apple," a Microsoft spokesperson said. "Consumers have made it clear that unprotected music is something they want. We plan on offering it to them as soon as our label partners are comfortable with it." Microsoft said that it has been working with EMI and other record labels for quite some time, and will offer DRM-free music as soon as possible via the Zune Marketplace, Microsoft's online service for the Zune.
What's unclear is which file format Microsoft will choose to sell its music in. Apple will sell DRM-free music in the Advanced Audio Coding (AAC) format, which has serious compatibility problems with non-Apple hardware. Microsoft currently sells music on the Zune Marketplace in the Windows Media Audio (WMA) format, which suggests that the company will continue to do so when DRM is no longer required. However, EMI said that online music services can use whatever format they'd like, including the industry-standard MP3 format, which is the most interoperable format.
If Microsoft would like to one-up Apple--and I'm guessing that the software giant would--it should use the MP3 format. Doing so would be a great way to ensure that the more expensive and consortium-owned AAC format doesn't become the de facto standard.
ToC
Still defragmenting disks to speed customers' PCs? Try these techniques instead.
URL: http://www.crn.com/white-box/59201471
Defragmenting, of course, is the process of reorganizing all data on a hard-disk drive so that each file is arranged into a single uninterrupted, or contiguous, location on the disk. Many system builders and technicians have been taught, and still believe, that defragmenting hard disk drives on a regular basis keeps PCs operating at peak performance. But that idea is behind the times.
While it was true that defragmenting helped older PCs, it no longer applies. Today we have 7200-RPM (rotations per minute) hard-disk drives with improved seek and latency times; many also contain an 8-MB cache buffer. Let's not forget Windows XP's ultra-efficient NTFS (NT File System). For PCs, servers, and workstations equipped with these innovations, defragmenting no longer makes much improvement, if any, to system performance.
This is even more of an issue with the new Serial ATA hard disk drives, which are soon to become the new standards utilized in the market. Examples of SATA drives include the Seagate Barracuda line and new 10,000-RPM IDE (Integrated Drive Electronics) hard-disk drives, such as the Western Digital Raptor.
Still, defragmenting remains an important task. Why? For one, power consumption and heat can be directly related to a fragmented hard drive. When the computer
