* Forwarded (from: netmail) by Roy J. Tellason using timEd 1.10.y2k.



Date: Mon, 23 Jun 2003 15:06:00 -0400
From: "Dawn Cohen" 
Subject: Fear of flying?  You just might be a terrorist!

It was reported this morning on Public Radio International's Marketplace
program that a company called QinetiQ is trying to market an
"intelligent" airplane seat that would detect nervousness in
passengers and alert airline staff.  Essentially, it sounded like a motion
detector and profiler.

QinetiQ appears to be a spin-off for Britain's Defense Evaluation Research
Agency (sounded like the British DARPA or some kind of government lab, from
the story.)

I found it interesting that the first half of the story focused on the
terrorism potential for this technology, but the rest of the story went on
to outline how helpful it could be for personalizing your flying
experience.  From the report, it sounded like if you squirmed around a lot
or shook for some reason, you might be brought to the attention of the
crew, as a potential terrorist.   Of course, there would be health
benefits, as well:  if you sat still for too long the crew could warn you
to move around a little to avoid blood clots in your legs.  And by the way,
the intelligent seat would have some kind of card reader that would let the
passenger swipe their personal card to pick a movie to see or to specify
other flight options.

I'm not sure if this is a marketing ploy wrapped as an anti-terrorism
product or an anti-terrorism ploy wrapped as a marketing product. Either
way, it seems like it has good potential for mis-use.

I wonder how many false positives it will take to have the staff turn the
system off altogether.  I imagine it would be kind of irritating to the
crew to have to investigate squirming 2 year olds, people with ADD, people
who have various anxiety conditions, people flying to high stakes business
presentations, oh yeah, and people who look like they might be from the
Middle East, who might just be a little nervous because they've been
profiled before.



Date: Sat, 21 Jun 2003 23:45:18 -0400
From: Monty Solomon 
Subject: New bill injects FBI into P2P battle

David Becker, CNET News.com, 20 Jun 2003

A bill introduced in Congress on Thursday would put federal agents in the
business of investigating and prosecuting copyright violations, including
online swapping of copyrighted works.  HR-2517, the Piracy Deterrence and
Education Act of 2003, instructs the FBI to develop a program to deter
online traffic of copyrighted material. The bureau would also develop a
warning, with the FBI seal, that copyright holders could issue to suspected
violators. And the bureau would encourage sharing of information on
suspected copyright violations among law enforcement, copyright owners and
ISPs (Internet service
providers).

The bill bears the names of two legislators who have been prominent on
intellectual property and copyright issues--Reps. Lamar Smith, R-Texas, and
Howard Berman, D-Calif. Berman gained attention last year with a bill that
would have allowed copyright holders to hack into peer-to-peer networks
believed to be distributing protected materials.

The new bill also calls for the Department of Justice to hire agents
trained to deal with computer hacking and intellectual-property issues, and
it requires the Attorney General, in conjunction with the departments of
Education and Commerce, to develop programs to educate the public on
copyright issues.

A lawyer with the Electronic Frontier Foundation said the bill includes a
number of troubling aspects, particularly the blurring of distinctions
between official prosecution of criminal acts and civil enforcement of
copyright provisions. ...
  http://news.com.com/2100-1028-1019811.html

--

Date: Fri, 27 Jun 2003 17:49:36 -0400
From: "monty solomon" 
Subject: RFID Chips Are Here

RFID chips are being embedded in everything from jeans to paper money, and 
your privacy is at stake.  [Scott Granneman, Security Focus, 26 Jun 2003]
  http://www.securityfocus.com/columnists/169

--

Date: Sun, 22 Jun 2003 12:05:26 -0400 (EDT)
From: David Lesher 
Subject: Cell-phone tracking

IRS Headquarters employee LaToya Taylor vanished after meeting her ex-BF
for lunch. Police searching in Southern MD, an hour+ away from DC recovered
a body that may be hers. Why look there?

http://www.washingtonpost.com/wp-dyn/articles/A14423-2003Jun19.html>

  The search in Southern Maryland came after police reviewed
  the records of Taylor's cell phone. They determined that at least
  one call was made to her cell phone last weekend while it was in the
  Newburg area; the call was unanswered.

This speaks to a level of log retention by cell carriers that has not been
admitted to before. The FCC is requiring [RISKS-22.69] "enhanced
911" but in reality such location-tracking can function whenever the
phone is powered-up. One wonders how long before divorce attorneys start
subpoenaing same, and employers demand access as a condition of employment.

--

Date: Tue, 24 Jun 2003 12:14:39 -0400
From: "John Reinke" 
Subject: Student arrested for allegedly derailing election

Student arrested for allegedly hacking university computers to derail
election 

Shawn Nematbakhsh, a 21-year-old student at the University of California at
Riverside, was arrested for allegedly hacking into a university computer
system during student elections and casting 800 votes for his own
fabricated candidate (American Ninja).  (He told police he was tring to
point out that the UCR network was vulnerable.) The election will be redone
next month.  [Source: Associated Press, 21 Jun 2003; PGN-ed]
  http://famulus.msnbc.com/famulusgen/ap06-21-053420.asp?t=APNEW

Good thing it was a made up candidate. Otherwise they might not even have
known! Computer security is an "art" just like brain surgery.
But, "anybody" can do it.  I just read this and chuckle.  Can
government do any thing "right".  And, some want to run real
elections this way?  John

F. John Reinke, 3 Tyne Court, Kendall Park, NJ 08824
732-821-5850 reinkefj{at}yahoo.com



Date: Fri, 27 Jun 2003 08:36:17 -0700
From: "NewsScan" 
Subject: Wireless gives poorer nations chance to catch up ...

In a speech prepared for a UN conference on the social implications of
wireless communications technologies, UN Secretary-General Kofi Annan
declared that wireless Internet access has "a key role to play
everywhere, but especially in developing countries and countries with
economies in transition... It is precisely in places where no
infrastructure exists that Wi-Fi can be particularly effective, helping
countries to leapfrog generations of telecommunications technology and
infrastructure and empower their people." (Reuters, 26 Jun 2003)
http://asia.reuters.com/newsArticle.jhtml?type=internetNews&storyID=2998152

... But needs to be watched for security breaches

Using a laptop with a wireless card outside the main office of a Palo Alto,
California school district, a reporter was able to gain access to such data
as grades, home phone numbers and addresses, emergency medical information,
student photos, and psychological evaluations.  Unlike the majority of the
district's information, the documents available on this wireless network
were not password-protected.  Superintendent Mary Frances Callan says:
"I don't see this as such a huge news story." The real story,
says Callan, is the great progress represented by the network itself, which
was made possible by new software purchases, employee training sessions,
and technology-use policies. (*Palo Alto Weekly*, 25 Jun 2003)
http://www.paloaltoonline.com/paw/paonline/weekly/
morgue/2003/2003_06_25.wire25.html

NewsScan Daily, 27 Jun 2003



Date: Sun, 22 Jun 2003 11:29:52 -0400 (EDT)
From: David Lesher 
Subject: More erroneous arrests over erroneous ATM clocks (RISKS-22.76)

  http://www.washingtonpost.com/wp-dyn/articles/A19633-2003Jun21.html
  ?nav=hptop_tb>

By Ruben Castaneda, *The Washington Post*, 22 Jun 2003; Page A01

For nearly a year after Denise Mansfield was strangled in her Prince
George's County home last June, police focused their investigation on three
female suspects whose identities were a mystery. A surveillance camera
videotaped them getting cash from an automated teller machine where
Mansfield's missing debit card was used after her slaying. The time of the
withdrawal from the dead woman's account, recorded by a bank computer,
corresponded to the times stamped on the ATM video of the suspects.  ...  A
SunTrust Bank spokesman declined to comment on the time discrepancy. But
Fredrik Nilsson, director of business development for Axis Cameras, which
provides video surveillance systems to business and government agencies,
said most bank cameras are not synchronized with ATM transactions. The
times are set separately and can be off by a few minutes, or even an hour
if someone forgets to reset them for daylight saving time, Nilsson said.

{and ANOTHER group of victims...but low-tech}

The arrests of the three Arizona residents were not the only ones to result
from the wrong ATM pictures. Last winter, police charged a pair of sisters
from the District with murdering Mansfield after a third sister
misidentified them in the surveillance images, which were published in The
Post and shown on local TV newscasts. The two were jailed for several
weeks, until DNA tests exonerated one of them and the other proved that she
had been away on a business trip when the killing occurred.

 - - - - -

This was not the District (RISKS-22.76), rather adjacent Prince Georges
County, but the behaviour of the authorities seems virtually identical. 
[PG is ...noted.. for officer shootings of suspects and unwitnessed
confessions, later found untenable. There were allegedly going to be locked
cameras installed in the interrogation rooms but I see no mention of same.]

In both cases, there was available evidence that the accused had a
legitimate reason to be at the ATM. Yet the bank/police did not even LOOK
at adjacent transactions in the ATM log? (That would have ID'ed the AZ
women immediately.) This after the publicity over the DC
mis-identification???

The RISK here is not just faulty timestamps, but faulty analysis of them,
and lack of critical thinking by supposedly-expert investigators, and the
prosecutors on the case.

When dangled a "high-tech" bone, Officer McGruff grabbed the bone
and ran, without worrying about other details. Given the growing number of
cameras recording our every move, the concept that mere presence near the
time of a crime is sufficient to establish guilt unless proven innocent, is
downright scary.



Date: Sun, 22 Jun 2003 01:49:33 -0400
From: Monty Solomon 
Subject: When spam filters go bad

Trying to block junk mail, my cable modem company installed a system 
that prevented me from getting my REAL mail -- and when I complained, 
insisted it was all for the good of the System.

- - - - - - - - - - - -
By Laura Miller, 19 Jun 2003

"The equivalent of treating dandruff by decapitation": That's
what Frank Zappa, testifying before a Senate committee in 1985, called the
censorship plans of the Parents Music Resource Center. In the annals of
overreaction, draconian measures tend to spring from mind-muddling passions
-- in the case of the PMRC, parental desire to protect the young from
nastiness. But when it comes to passion, even our darkest, most primal
instincts can hardly compare to the raw fury that people have come to feel
toward spam. So e-mail users, beware: It's time to watch your head. I can
testify from personal experience that the cure has finally become worse
than the disease.

In June, the company that provides my cable modem service, Road Runner,
installed a superaggressive new set of spam blockers on its e-mail servers.
Late in the first day of the blockers' activation, I suddenly noticed that
I hadn't gotten any e-mail at all in nearly three hours. No e-mail from
Salon colleagues or from friends and, most puzzling of all, no e-mail from
the editor at the New York Times with whom I'd been corresponding all
morning about a freelance piece I was writing for her. I gave her a call. 
...

http://www.salon.com/tech/feature/2003/06/19/spamblockers/

--

Date: Thu, 19 Jun 2003 10:52:36 -0400
From: "Robert Ellis Smith" 
Subject: New State Laws on Privacy

Privacy Journal has published the latest supplement to its
"Compilation of State and Federal Privacy Laws," showing a huge
increase in state anti-spam laws and do-not-call telemarketing laws. A
total of 34 states have passed new laws limiting bulk electronic-mail
advertising, according to Privacy Journal's new listing, which includes a
description and legal citation for each law. Most states require that
"spam" be labeled as advertising and provide a means to get off
an e-mail ad list. Other laws are more stringent, making some
"spam" a crime or requiring an advertiser to consult a
do-not-e-mail list maintained by the state.

The Compilation of State and Federal Privacy Laws 2003 Supplement lists
shows 26 state laws requiring telemarketers to consult a state-maintained
do-not-call list. Some state lists will be merged with a new federal
database beginning in late summer this year.

The book and 2003 supplement are available for $31 plus $4 handling from
Privacy Journal, PO Box 28577, Providence RI 02908, 401/274-7861, fax
401/274-4747, privacyjournal{at}prodigy.net, www.privacyjournal.net. The 2003
supplement alone costs $21 plus $4.

For three years, only the three states with the most intense Internet
activity - California, Virginia, and Washington - had anti-spam laws, but
now nearly three-quarters of the states have enacted some limits.



---