[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Clips September 13, 2002

Clips September 13, 2002

ARTICLES

E-mail a weapon in file-swap fight
Anti-spam lists bar Yahoo stores
Judge rejects PayPal arbitration
China Ends Google Search Block
Cecom pitches virtual environment
Homeland IT office reaching out
OMB wants to find two replacements for Haycock
Army is nearly ready to unify its network operations
Petitions unite the like-minded online
Security flaw discovered in Microsoft Word
Speak up, I'm out of range of the palm tree
Brazil Arrests Americans for Selling Amazon Land

******************************
News.com
E-mail a weapon in file-swap fight
By John Borland
September 12, 2002

Hoping for a repeat of Napster's legal flameout, the record and movie trade associations are using file-swapping company executives' own words against them in the attempt to close the Kazaa and Morpheus networks.
In court documents filed Monday, and kept under seal until Thursday, the Recording Industry Association of America (RIAA) and Motion Picture Association of America used internal e-mails, message board postings, and interviews with executives in hopes of persuading a federal judge to shut down the file-swapping networks. The trade associations are asking for a summary judgment, or a quick end to the case before going to trial, against Morpheus parent StreamCast Networks, Grokster, and Kazaa parent Sharman Networks.

"The uncontroverted facts all point to the inescapable conclusion: Defendants' systems were designed and intended first to emulate Napster and then to surpass it," the trade associations wrote in their legal brief, which remained under seal until Thursday. They "have succeeded beyond their wildest dreams."


The trade associations' 67-page legal brief provides the first details of exactly what the latest file-swapping legal wars will be fought over. At their core, the legal issues are the same ones that appeared in Napster's case--but the judge in this case will be ruling on a very different set of circumstances, technologies and internal communications.

Indeed, the two sides at this point are struggling to define what the case is about. StreamCast and the other file-swappers want the focus of the case to be about the legality of peer-to-peer software, a technology that certainly has many other uses beyond copyright infringement. The record labels and movie studios are trying to narrow the case, seeking to prove that the companies involved deliberately built their business to take advantage of widespread piracy.

As with Napster, record and movie companies are seeking to prove that the file-swapping companies knew of the widespread copyright infringement going on using their networks and that they had the ability to stop it.

The groups draw from the file-swapping companies' internal communications, along with Web site text, sales pitches and advertisements, as evidence that the companies created their networks with the intention of facilitating piracy. Individual employees for StreamCast Networks (originally called Music City) acknowledged downloading copyrighted works by Billie Holliday and Britney Spears and used screen shots showing copyrighted works to demonstrate their system, the trade associations say.

Picking up where Napster left off?
The brief cites StreamCast Networks' (then called Music City) former CEO telling a board member that their software would be "the logical choice to pick up the bulk of the 74 million users that are about to 'turn Napster off.'"

The record labels and movie studios also cite communications between Music City and Kazaa, the company that created the file-swapping technology, that show both companies were thinking about trying to figure out ways to monitor trades of individual files.

"The activity we want to monitor if possible are the files that users download, so that we can track copyrighted material for royalties," an unnamed Music City representative is quoted as saying in one exchange. Details about whether this exchange was e-mail, chat or another medium are not given.

"OK," responds an unnamed Kazaa representative. "As I've mentioned, we've designed a system for this, but it's not yet implemented. It could be quickly, however."


Attorneys for Streamcast Networks say this exchange, and other bits of evidence like it, mean little. Neither Music City nor any other software company is required to build in specific copyright protection features simply because the capability exists, they say.

"Owning copyrights doesn't give you the right to dictate to people how to build their products," said Fred von Lohmann, an Electronic Frontier Foundation attorney who is representing Streamcast. "If that were the rule, it would make Microsoft, with Internet Explorer and Outlook, an infringer. It would make virtually every software company liable for copyright infringement."

The trade associations' brief goes into specific technological details about the file-swapping software, trying to show that the peer-to-peer companies had a direct role in maintaining the networks, instead of simply distributing software. However, the documents lump all the file-swapping companies together, making it difficult to discern exactly which company had which alleged role in building and maintaining the networks.

The evidence now beginning to filter out into the public eye will reach court Dec. 2, when a federal judge in Los Angeles will hear each side argue that the case should be brought to an immediate close.
******************************
News.com
Anti-spam lists bar Yahoo stores
By Troy Wolverton
September 12, 2002, 5:01 PM PT


Yahoo's storefronts site has made its way onto two more lists of suspected junk e-mailers.
London-based Spamhaus, which runs a spam-blocking service, added Yahoo's stores site to its list of suspected spammers on Wednesday, some two weeks after the Mail Abuse Prevention System (MAPS) took a similar step. Although Spamhaus removed the stores site on Thursday after talking with the company, the site is still included on another blocking list run by Spews.org.

Spamhaus took the Yahoo site off its list after hearing from the Web portal that it plans to have a new team in place next week to respond to spam complaints, said Steve Linford, director of the Spamhaus Project.


"Thousands of people were complaining. They just weren't being acted on," Linford said. "They didn't have sufficient staff to deal with them. These complaints were just piling up."

Yahoo was removed from the Spamhaus list after the company worked with the anti-spam group to resolve the issue, company spokeswoman Linda Pederson said in a statement.

"Yahoo Store's license agreement explicitly forbids spamming. We take this matter very seriously," Pederson said.

Pederson did not return calls seeking comment about the company's listing on the Spews.org site and about what specific steps Yahoo took to have its storefronts site removed from Spamhaus' list.

Inundated by e-mail, many companies and organizations have begun to take drastic steps to stem the flow. Many have turned to block-listing companies, which research spam complaints and list the IP (Internet Protocol) addresses of suspected spammers. Companies who subscribe to the block lists then have the option of restricting access to those IP addresses.

That's what happened last month when MAPS, a popular anti-spam group, added Yahoo's stores to its list of suspected spammers. The action came after Yahoo allegedly didn't respond to repeated notices about a suspected junk e-mail that had been circulating since February and that pointed to a storefront hosted by Yahoo. MAPS later removed Yahoo from its block list after the Web portal contacted it.

Some critics of block lists have charged that these methods are unsophisticated, because they tend to restrict access not only to suspected spammers, but also to innocent sites that happen to share the same or similar IP addresses.

Spamhaus, for instance, added Yahoo's stores site to its block list in response to an alleged spam pointing to a Web site called GoInk4Less.com, which is hosted by Yahoo, said Spamhaus' Linford. But GoInk4Less is just one among thousands of storefronts hosted by Yahoo, many of which presumably never sent spam.

GoInk4Less did not respond to requests for comment.

But many other Yahoo stores were sending spam, Linford said. Because spam complaints seemed to be falling on deaf ears at Yahoo, the company was becoming known as a haven for spammers, he said.

"They were allowing spammers to host their sites on Yahoo stores," Linford said. "It was very significantly attracting other spammers to Yahoo stores. That's something that no other European or North American provider does, and it's something that Yahoo stores shouldn't have allowed either."

A posting on Spews.org cited similar reasons why the Yahoo stores site is still on Spews.org's block list.

"Complaint volume way up, site termination volume way, WAY, down," the post said. "Hosting at Yahoo is a dirty, little secret more spammers are discovering."

Spews.org representatives did not respond to requests for comment.
****************************
News.com
Judge rejects PayPal arbitration
By Troy Wolverton
September 12, 2002, 2:31 PM PT

PayPal customers who sued the online billing company, charging that it illegally froze their accounts, cannot be forced into arbitration to settle the dispute, a federal judge has ruled.

In a ruling dated Aug. 30, the U.S. District Court for the Northern District of California denied PayPal's motion to have the claims asserted in two lawsuits resolved by individual arbitration, the company said in a regulatory filing on Thursday. Although PayPal's user agreement calls for the arbitration of disputes, U.S. District Judge Jeremy Fogel ruled that the arbitration clause in the agreement is unenforceable, PayPal said. Though the online billing company said it could appeal the decision, it did not say whether it would.

"PayPal will continue to defend these lawsuits vigorously, and believes that it has meritorious defenses," the company said in its filing.


PayPal representatives did not return calls seeking comment about the ruling and the lawsuits.

Disgruntled customers filed a class-action suit against PayPal in California Superior Court in February. Plaintiffs' attorneys have filed several other class-action claims against the billing company, including at least two that are pending before the Northern California U.S. District Court.

The claims charge PayPal with, among other things, illegally converting customer funds for its own use and with not responding promptly to error reports from customers, a violation of the Electronic Funds Transfer Act. The suits seek punitive damages and injunctions against PayPal.

The courts decision to deny PayPal's arbitration request is significant, said Steve Sidener, a plaintiffs' attorney with San Francisco law firm Gold, Bennett, Cera and Sidener. With corporations believing that arbitrators will be more favorable to them than juries, companies have been increasingly inserting arbitration clauses into user agreements and contacts, Sidener said. Courts have generally upheld those agreements, but the decision in the PayPal case may mark a turning point, he said.

"There's a question of whether it's fundamentally fair to force people into arbitration," Sidener said. "The problem here is that the pendulum has swung too far. Corporations have taken too much advantage of court rulings and have been trying to insert arbitration clauses in all aspects of corporate life."

PayPal has seen its share of legal disputes in recent months. Last week, First USA Bank filed suit against the online payments company charging that PayPal infringed its patents on "cardless payment" systems. In May, Tumbleweed Communications sued PayPal in separate patent case. And the company settled a third patent suit with online security company CertCo in April.

Meanwhile, at least five lawsuits have been filed on behalf of PayPal shareholders against the company and eBay seeking to derail the companies' proposed merger. The suits charged that the companies' violated fiduciary duty to shareholders and that the price that eBay is paying for PayPal is unfair and inadequate.

PayPal shareholders are scheduled to vote on the merger next month.
******************************
New York Times
A Simple Click Stirs a Lot of Outrage
By RAYMOND HERNANDEZ

WASHINGTON, Sept. 12 For some time, travelers browsing the State Department Web site for helpful tips about Guadalajara, Mexico, found much more than they bargained for when they clicked on a photograph of President Bush.

The click transported them to a partisan playground, where they were told how to get involved with the Republican Party and even how to donate money to it.

The State Department site, it turns out, had been providing a link to a Web site run by the Republican National Committee despite federal laws prohibiting government resources from being used for partisan purposes.

The link was not removed until late this afternoon, after a reporter asked about it. State Department officials said they were not sure how long the link had been operating. But one person who noticed it said it was operating as early as Sept. 5.

The Republican Party Web site made no bones about its aims, recounting President Bush's record and even offering Republican memorabilia, including mugs, ties, scarves and ballpoint pens, for sale.

The site, which had a red, white and blue Republican National Committee logo, also gave visitors an opportunity to register to vote, sign up as a party volunteer and donate money, all with a click of the mouse.

"Help the R.N.C. support the Republican Party and win elections nationwide," the Web site said. "Help us give President Bush a stronger working majority in Congress."

The discovery of the link on the State Department site prompted protests from politicians and good-government advocates, who called it blatantly political and demanded an investigation into who was behind it.

Claire Buchan, a spokeswoman for the White House, referred questions about the Web site and its link to the State Department but added, "I understand that that is being fixed and removed."

Philip Reeker, a State Department spokesman, called the link to the Republican Party's Web site a "mistake" and emphasized that agency officials were unaware of it until a reporter pointed it out.

"We have corrected it," Mr. Reeker said. "We thank you for bringing it to our attention."

A spokesman for the Republican National Committee said party officials had no idea that a government agency's Web site had a link to the party's site.

It is unclear whether other government Web sites provide such links, though critics have long maintained that government sites themselves are often thinly veiled promotional tools for politicians.

"We've been saying for years that the principal purpose of many Congressional Web sites is just to promote members of Congress," said Gary Ruskin, the director of the nonpartisan Congressional Accountability Project.

Election law experts say the link to the Republican site may violate several laws, including the Hatch Act, which prohibits federal employees from engaging in partisan activities "while on duty or in government offices."

The experts also say the Web site and its link may also violate campaign finance laws that impose penalties for soliciting campaign contributions from government property.

"Somebody has made a horrible mistake," said Trevor Potter, a Republican who is a former chairman of the Federal Election Commission. "It just doesn't make any sense. I can only think that this is some kind of terrible mix-up because it is so clearly prohibited by law."

The situation has prompted Representative Robert Menendez, Democrat of New Jersey, to send a letter to the White House urging the administration to remove the link to the site.

Mr. Mendendez, the ranking Democrat on a House committee that oversees the State Department, also called for an investigation by the Federal Elections Commission, the Justice Department and the State Department's inspector general.

In an interview this afternoon, Mr. Menendez scoffed at the State Department's contention that the link was a mistake.

"You cannot create a link like this by accident," he said. "No way. It takes a lot of thought to create such a link. It cannot be inadvertent."

To get to the Republican Web site from the State Department site, www.state.gov, a user had to click on a heading entitled Embassies and Consulates. That led to a page listing the nation's embassies and consulates around the world.

Once there, the Web user could click to the posting for the United States Consulate in Guadalajara. That posting contains, among other things, an official photograph of President Bush. A click of the mouse on the president's name, beneath the image, would linked the user directly to the Republican National Committee's Spanish-language site, "Abriendo Caminos."

That site leads to all sorts of information about the party, in Spanish and English.

In his letter to the White House, Mr. Menendez dismissed the link as "egregious political material that hardly qualifies as official State Department business."

But Mr. Reeker, the State Department spokesman, said the link was probably created by people working in the Guadalajara consulate without the knowledge of officials in Washington. "I'm amazed that somebody caught it," he said. "None of us knew about it."
***************************
Government Computer News
Defense data expert: Follow amazon.com's data sharing lead

By Dawn S. Onley
GCN Staff

Sharing information effectively requires more than interoperable systems; it requires gleaning knowledge from the data.

That's the opinion of Brig. Gen. Mike Ennis, the Marine Corps director of intelligence, who spoke at the Homeland Security and National Defense Symposium in Atlantic City, N.J.

"Interoperability begins at the data level, not the systems level," Ennis said. "Have a common language, common tagging. Data is our most important product."

The Defense Department should take a commercial approach, and follow examples of businesses such as Amazon.com, Travelocity.com and Mapquest.com, Ennis said, and the ways they search for knowledge. Databases for these sites go into several operating systems to tag and pull information for their customers. When data is collected, it needs to be authored in Extensible Markup Language and tagged, Ennis said.

This method is a quick way to get past the interoperability problems that plague DOD. Military systems often are unable talk to one another, and Defense agencies fare poorly in sharing information, Ennis said.

Sept. 11 illustrated both intelligence failures and process failures in interoperability, Ennis said.

"Most of the failures are intelligence failures," Ennis said. "But I think it's a process failure as well. There is an unwillingness on behalf of some agencies to share information. The information was out there, but we just didn't have access to all of the data to identify the trends and do an analysis."

This problem would be magnified in the Office of Homeland Security because each of the agencies that will make up the new office have separate databasesmore than 20,000, Ennis said.

Lt. Gen. Peter Cuviello, the Army's CIO, said DOD officials must change their thinking. DOD focuses too much on which system data belongs to, he said.

"We shouldn't worry about that," Cuviello said. "Knowledge is not about having all the systems talk to each other, because you'll never get there. The only way to get there is for everyone to be using the same product."

Rather than having all Defense agencies use the same products, Ennis and Cuviello said, the key to sharing information is in searching for knowledge, pulling data, and tagging it so others can find, access and use it.
****************************
Associated Press
China Ends Google Search Block
Thu Sep 12, 8:56 AM ET
By MARTIN FACKLER, Associated Press Writer

SHANGHAI, China (AP) - As mysteriously as it began, blocking by Chinese authorities of the Internet search engine Google ( news - external web site) was suddenly lifted Thursday.



Users in Shanghai and Beijing reported that they could once again view Google, widely used by China's 30 million-plus Net users because it has a powerful feature for finding Chinese-language material online.

Starting about Sept. 1, those trying to reach the site began finding themselves rerouted to heavily censored, less effective search engines run by private Chinese Internet companies.

"I'm thrilled that Google is back," said one user in a chat-room on the Web site of the People's Daily, the official Communist Party newspaper. "Google, I love you!" said another posting.

Chat-room users had bitterly criticized the ban. Analysts said popular outcry and pressure from businesses that rely on Web tools like Google for research may have persuaded Beijing to reverse the restrictions quickly.

"The Internet has seemed to prevail," said Duncan Clark, managing director of BDA China Ltd., a Beijing-based Internet consulting firm.

AltaVista, another U.S. search engine that had been similarly rerouted, remained blocked on Thursday, though rerouting had ended.

In its usual secretive way, Beijing made no announcement of the new measures and refused to confirm their existence, or their lifting.

But analysts and users linked the interference to a Communist Party congress in November.

Dissent is usually more tightly muzzled before political events of this size. This congress is particularly sensitive because a new generation of leaders is expected to begin taking over.

Authorities apparently targeted Google and AltaVista because they don't filter material deemed subversive from their search results, as the Chinese sites must.

Still, analysts said the brief period of rerouting had demonstrated authorities' growing technological capabilities.

Another new censorship technology remained in place. Users this week have begun complaining of an increase in selective blocking being able to visit Web sites but not being able to see specific articles or other content of a politically sensitive nature.

Both new technologies appear an effort by authorities to strengthen Internet barriers to subversive and pornographic material China's so-called Great Fire Wall.
**************************
Federal Computer Week
Cecom pitches virtual environment
Sept. 12, 2002

The Army has many technologies and ideas that could help first responders do their jobs better in disaster situations, and the service thinks it has found the perfect place to collaborate with the entire homeland security community: cyberspace.

A "Web-based homeland security integrated virtual environment," could be used to bring together federal agencies, state and local governments, Defense Department commands, academia and industry players to work through obstacles facing the nation's first responder communities, said Michael Albarelli, director of homeland security at the Army Communications-Electronics Command (Cecom), Fort Monmouth, N.J.

Speaking Sept. 11 at the Homeland Security and National Defense Symposium in Atlantic City, N.J., Albarelli said the integrated virtual environment could be used not only to collaborate on ideas, but for system engineering work focused on interoperability, modeling and simulations, and more.

Cecom has kicked off the effort by beginning work with the New Jersey National Guard's battle laboratory in a Web-based collaborative environment, Albarelli said.

"If we could do this right, we could get federal, state and local communities...doing exercises and training together," he said, adding that could eventually eliminate the need to do tabletop examples before launching live exercises, and enable interested parties to participate from anywhere, even at their home computer, depending on the nature of the information.

Albarelli said he realizes that funding is an issue, and will remain one in the future, "but money does not equal success; focused investment does." He added that the integrated Web-based homeland security environment could help drive down costs through the increased collaboration of all the involved parties determining needs and requirements before deciding on acquisitions and actions.

The symposium sponsors are Cecom, the Association of the U.S. Army's Fort Monmouth, N.J., chapter, the Association of Old Crows' Garden State chapter, and the Armed Forces Communications and Electronics Association's Fort Monmouth chapter.
**************************
Federal Computer Week
Homeland IT office reaching out
BY Diane Frank
Sept. 11, 2002

The Office of Homeland Security's information technology office soon will begin a big outreach to public- and private-sector entities not yet directly involved in the homeland security effort, officials said Sept. 10.

Starting Sept. 24, officials from the office will be meeting with chief information officers at the federal agencies not tapped to move into the proposed Homeland Security Department, said Jim Flyzik, former CIO at the Treasury Department and now on detail to the Office of Homeland Security as an IT adviser.

While the IT projects at those agencies have not been affected by the Office of Homeland Security's efforts to integrate systems and processes, many projects and initiatives throughout government will be involved in homeland security in some way, Flyzik said.

Federal homeland officials have been working with the National Association of State CIOs (NASCIO) for some time, but on Sept. 24 that contact will expand to the non-IT groups as officials plan to meet with a gathering of every possible state, local and tribal organization, Flyzik said.

The list includes the National League of Cities, the U.S. Conference of Mayors, the National Governors' Association and the National Association of Counties.

The role of state and local officials has been made clear in the National Strategy for Homeland Security and other documents over the past year. However, the private sector also has an important role to play, if only because of the vast amounts of information held in private systems, Flyzik said.

"A lot of the information we need isn't in government databases, it's in private databases," he said.

Because of this, the Office of Homeland Security will reach out to private-sector entities, meeting with them next month at a Gartner Inc. conference in Orlando, Fla., Flyzik said.
***************************
Government Computer News
OMB wants to find two replacements for Haycock
By Dipka Bhambhani

The Office of Management and Budget will replace chief architect Bob Haycock with two workers.

The agency is seeking a temporary replacement for Haycock, whose detail will end in October, as well as someone to take a permanent position as OMB's chief architect, said Norman Lorentz, OMB's chief technology officer.

OMB's plan is to have one person hold a permanent position as chief architect, and rotate other officials through an equal position on temporary detail to create a balance, Lorentz said.

Haycock, who accepted a temporary detail in May, will remain with OMB through this month, Lorentz said, although "he's accomplished his objectives and more."

Haycock replaced Debra Stouffer, who became the Environmental Protection Agency's chief technology officer at the end of May.

Haycock's permanent and temporary replacements will lead the still-developing Federal Enterprise Architecture Working Group, a 24-member committee that represents the enterprise architecture needs of each of OMB's Quicksilver e-government initiatives.
**************************
Government Computer News
Army is nearly ready to unify its network operations
By Dawn S. Onley

The Army is only weeks away from bringing together all its network operations under a single command, the service's CIO, Lt. Gen. Peter Cuviello, said today at the Homeland Security and National Defense Symposium in Atlantic City, N.J.

The Army's transformation initiative includes the Network Enterprise Technology Command, which will be based in Fort Huachuca, Ariz., beginning Oct. 1. It will be headed by Major Gen. James C. Hylton, the commander of the Army Signal Command.

"We have to run the Army's networks as an enterprise," Cuviello said. "This was the means to bring it together. All the Army networks will now migrate under the watchful eye of NETCOM."

NETCOM will oversee all Army major command networks, as well as Reserve and National Guard systems. The systems will be managed by IT specialists in NETCOM's Enterprise Systems Technology Activity.

The group will oversee the Army Knowledge Online portal, handle spectrum management issues, and secure Army networks, Cuviello said.

There are 1.1 million Army personnel using Army Knowledge Online, including active-duty, Reserve, civilian and National Guard members, Cuviello said. Once the Army signs up another 500,000 employees, everyone will be signed on, he said.
***********************
USA Today
Petitions unite the like-minded online
September 13, 2002

SAN FRANCISCO (Reuters) If you're an activist, have an ax to grind or feel strongly about, well, almost anything, the job of trying to get something done may become a lot easier if you go online.

Take petitions, for example. They're time-intensive, require small armies of supporters to take up posts outside movie theaters, grocery stores and shopping malls, and enough paper to accommodate thousands of signatures advocating that action be taken on any given issue. It's no small task.

But take them to the Internet, spread the word via online petition, e-mail and "viral marketing," and the task suddenly doesn't seem so overwhelming.

Online activism seems to be gaining popularity. A search for "online petitions" via the Google engine yields 9,340 results.

A glance at the online petitions available for people to sign turns up no shortage of issues.

Petition-them.com is focused on petitions in England. Leading their site, with more than 9,000 "signatures," is "Legalise Cannabis in the UK Now."

The most popular petition on another site, PetitionOnline.com, with 2,441 people registering their opinions, don't want marijuana legalized. They wanted a fifth season of the science-fiction television show Farscape.

A letter to Vivendi Universal, USA Networks and the Sci-Fi Channel, which air the show, argues that by canceling it, "the Sci-Fi Channel is showing great disrespect to Farscape's loyal fans."

Ah, the Internet.

Not all online petitions, however, are concerned with legalizing drugs or crying foul when a favorite TV show is axed.

For example, the most popular petition at ThePetitionSite.com urges a halt to what it describes as the "Bush Administration's Radical Assault on the Environment." As of Sept. 8, it listed more than 22,400 signatures.

Whatever their cause, supporters say it's exciting and gratifying to see the number of signatures on their petitions grow throughout the days and weeks they've been in cyberspace.

"There's nothing like seeing those numbers come up," said Fred Santino, who put up a petition free of charge on PetitionOnline.com in the last two weeks. "It's serving its purpose and it's getting the names."

Santino said he lost his wife to colon cancer in May 2001. Although she was not able to get the experimental cancer drug Erbitux, he and others are now asking ImClone Systems and Bristol-Myers Squibb, an ImClone partner, to make the drug, which has not won regulatory approval, available to cancer patients through a compassionate use program.

In the two weeks or so since the petition went up, the list of signatures has grown to more than 750 with no special publicity. Santino said that number was reached solely by word of mouth, e-mail, and asking friends and acquaintances to log on and sign it.

"I've been around the Internet a while and I don't see that we could ever go back to trying to fight things on our own," said Santino, who teaches Information Technology at Babson College in Wellesley, Mass. "Because of the Internet, the world's gotten a lot smaller."

To be sure, Santino said he is aware that an online petition isn't the only thing that needs to be done. After collecting even more signatures he said he doesn't yet know how many he plans to print them all out and deliver them to the U.S. Food and Drug Administration, ImClone, Bristol-Myers and U.S. Congressional representatives to help plead his case.

"I don't think the petition on its own is very viable," Santino said. "It's up to people to go out and publicize it."

So, after thousands of "signatures" are gathered in an online campaign, what happens then? Do they really work? Moreover, there is the question of who is behind an online petition.

"The biggest question with regard to online petitions, however, is who is sponsoring them and why. This is where it gets a little slippery," says the Web site TruthOrFiction.com in a section devoted to online petitions, adding that in some cases it may be a way for individuals or companies to put together marketing mailing lists.

Moreover, there's something to be said about good old-fashioned paper petitions.

"The biggest problem with e-mail petitions is that they do not really carry the weight of a personally signed petition," TruthOrFiction.com writes. Paper petitions carry more weight because real people have signed with real signatures and, presumably, real addresses.

In light of these concerns, there's even been an online petition petitioning the petition Web site to stop posting online petitions. Got that?

"Online petitions have no effect on the real world," reads the petition on PetitionOnline.com, whose authors did not identify themselves. "Any person with access to a computer can easily create a petition full of thousands of fake and/or stolen names."

So far, that petition had garnered 246 "signatures"
*******************************
USA Today
Security flaw discovered in Microsoft Word
September 13, 2002

WASHINGTON (AP) Microsoft's flagship word processor has a security flaw that could allow the theft of computer files by "bugging" a document with a hidden code, the company disclosed Thursday. It was exploring how to fix the problem and whether to extend the repair to an older version of the software still used by millions.


The attack begins when a bugged document goes out, usually with a request to be revised and returned to the sender a common form of daily communication. When the document is changed and sent back, the targeted file accompanies it.

"It has the potential of allowing people to get at data that they are explicitly not allowed to get to," said Woody Leonhard, who has written books on Microsoft's Word and Office software.

The flaw would most likely occur in the workplace, where Word is the most prominent word processing program. Potential targets for theft are sensitive legal contracts, payroll records or e-mails, either from a hard drive or computer network, depending on the victim's access to files.

"The issue appears to affect all versions of Microsoft Word," Microsoft said in a statement in response to questions by the Associated Press. "When the investigation is completed, we will take the action that best serves Microsoft's customers."

Word 97, an earlier version of the program, is most susceptible to the attack. But Word 97 will not be repaired because Microsoft no longer supports it, the company said.

A research firm reported in May that about 32% of offices have copies of Word 97 running, according to a survey of 1,500 high-tech managers worldwide.

Analyst Laura DiDio of the Yankee Group said the companies are taking a risk by using such old software. But she said Microsoft should correct the problem because of its severity. "These are paying customers," DiDio said.

Leonhard said Word 97 users "bought the package with full faith in Microsoft and its ability to protect them from this kind of exploit."

Word 97 users may be able to get some help through Microsoft's telephone tech support, company spokesman Casey McGee said. But, referring to Microsoft engineers, McGee said "there's only so far back they can go."

The flaw involving Word 97 was discovered by Alex Gantman of cellular phone company Qualcomm and was released on the Internet last month.

An attacker only has to place hidden codes in a Word document, which is sent to a would-be victim with a request for a response. If the recipient has Word 97 and revises the Word document, any file sought by the attacker will be hidden inside the Word document and sent back to the attacker.

If the intended target uses Word 2000 or 2002, the most recent versions, the attack will only work if the Word document is printed first before a reply goes out to the attacker.

After seeing Gantman's work on a public security e-mail forum, Leonhard found a similar flaw that affects recent Word versions even when a document is not printed. In this case, the stolen file is visible within the document, although the attacker can make it hard to find.

Microsoft says that in both security flaws, an attacker would have to know the exact file name to be stolen and its location. But many critical files an address book or saved e-mails, for example are usually in obvious or predictable places on every Microsoft Windows computer.

Microsoft suggests users view hidden codes in every document they open. In Word 2002, the latest version, that can be done by selecting tools, options, then checking the "field codes" box. Many companies, however, use such codes for legitimate and harmless purposes.

Leonhard said that if an attacker tries to steal a very large file, the victim might notice it when saving or e-mailing the bugged document. A smaller file might not get that attention.

"It's very much dependent on the greed of the person fishing for a file," Leonhard said.
*************************
USA Today
Speak up, I'm out of range of the palm tree
September 13, 2002

TUCSON (AP) Take a closer look next time you drive past a palm tree, a grain silo or a water tower. That might be a camouflaged cell phone tower you're seeing.

And that penthouse facade atop a downtown city building? Or a saguaro cactus in Arizona? Them, too.

It's just the latest fabricating wizardry from Larson, which pioneered realistically looking artificial rock formations, animal habitats and seascapes a quarter century ago for zoos, museums, parks and aquariums.

Larson produced its first camouflaged and trademarked Tree Pole in 1992 for a wireless carrier.

It has since built about 300 "tree" towers and other structures to conceal cellular antennas.

Competition has pushed carriers to dramatically increase their capacity, yet communities routinely ban ugly cellular towers as visual pollution. That's produced a greater need for the faux towers, which sell for $20,000 to more than $100,000, said Andrew Messing, the company's president and chief executive.

Tower Ventures of Memphis is one customer.

One 130-foot-tall Larson-camouflaged pine tree bristles with antennas for six cellular carriers. Tree branches made of fiberglass disguise the antennas without degrading their signals.

"We're very happy," Tower Ventures owner Billy Orgel said. "They do nice work."
****************************
Reuters Internet Report
Congress, Domain Manager Clash on Kids Web Zone
Thu Sep 12, 6:20 PM ET

WASHINGTON (Reuters) - The manager of the United States' Internet domain asked Congress on Thursday not to interfere with its efforts to set up a kid-friendly zone free of violence, pornography and other adult material.



The Senate should not pass a law requiring NeuStar Inc. to set up a ". kids.us" domain because it would disrupt the company's own efforts to set up the domain in a commercially viable manner, a NeuStar official said.

Lawmakers greeted the request with skepticism, wondering whether NeuStar would ever get around to rolling out the ".kids.us" Internet domain if they are not required by law to do so.

"If we don't put the pressure on, I don't know that it's ever going to happen," said Sen. John Ensign, a Nevada Republican who has co-sponsored legislation that would require NeuStar to have the domain up and running within a year of passage.

The hearing marked the first public disagreement between NeuStar and Congress, which for years has sought unsuccessfully to keep children away from violent and sexually explicit material on the Internet.

NeuStar, based in Washington, promised to set up a kids-only area when it won the right to manage the United States' ".us" Internet domain last fall.

Congress sought to set up parameters for the ".kids.us" subdomain after giving up on efforts to force international Internet regulators to set up a top-level ".kids" domain alongside ".com" and ".org."

The House of Representatives in May voted to bar chat rooms, instant messaging ( news - web sites), or other interactive ( news - external web site) features from the subdomain unless NeuStar could certify that they were free of pedophiles or other online predators.

Such restrictions would likely discourage commercial development, a NeuStar official told the Senate subcommittee on science, technology and space. Jim Casey, NeuStar's director of policy and business development, also said the bill would not give the company enough time and freedom to set up the subdomain properly.

"Legislation at this point would probably do more harm than good," Casey said.

NeuStar had an obligation to work with Congress after it won control of the ".us" domain for free, said Illinois Republican Rep. John Shimkus, who sponsored the House bill.

"I have never seen a sweeter deal than the one NeuStar has received," the Illinois Republican said. "Creating and operating the .kids.us domain is a perfectly appropriate cost of doing business."

NeuStar has registered 300,000 names in the domain at $5.50 each since April, company officials say.
***************************
Reuters Internet Report
Brazil Arrests Americans for Selling Amazon Land
Thu Sep 12, 9:03 PM ET

BELEM, Brazil (Reuters) - A Brazilian ( news - web sites) court on Thursday ordered three U.S. citizens to be held in custody on suspicion of selling land in the Amazon over the Internet under the name of an environmental fund founded by the British rock star Sting.



U.S. couple Donald and Mary Davis and Brazilian-born Joao da Cruz Veloso, a naturalized American, allegedly sold bonds worth $25 to $100 through a Web site called Rainforest Foundation, the name of Sting's nongovernmental organization.

Donors were told their money would buy parcels of protected land in the world's largest rainforest, where huge areas are being cleared by illegal loggers.

Tipped to the suspected scam by a U.S. businessman who said he donated $1 million, police arrested the three on Wednesday in the northern state of Para. Police chief Geraldo Araujo said they are accused of fraud and may be deported.

Araujo said the land being "sold" was public.

Donald Davis, who described himself as a missionary, denied the allegations.

Police also seized a stack of apparently forged land documents, receipts of bank deposits and propaganda for the Rainforest Foundation. The Web site was not registered and had no links with Sting's foundation, police said.
****************************

Lillie Coney
Public Policy Coordinator
U.S. Association for Computing Machinery
Suite 510
2120 L Street, NW
Washington, D.C. 20037
202-478-6124
lillie.coney@xxxxxxx