New DVDs
Dave Kehr
Animation
Is the filmed image a flat canvas to be covered with lines and colors, or is it a window that opens onto a pre-existing world?
That was a central question for many early film theorists, and with the rise of computer-generated imagery (or CGI, to use the film industry acronym), it has become one again.
Brad Bird’s computer-animated “Ratatouille,” one of this year’s CGI triumphs, arrives on DVD today, accompanied by Volume 1 of “The Pixar Short Films Collection,” featuring 13 shorts from the studio that gave us Mr. Bird’s meticulously made film.
Last week Warner Home Video released the fifth volume of its “Looney Tunes Golden Collection,” containing some 60 cartoons from the glory years of the Warner Brothers animation department. You couldn’t ask for a better match of new school and old, of bleeding-edge digital technology and antediluvian pen and ink.
Digital animation has come a long way since “The Adventures of André & Wally B.,” a 1984 experimental short animated by John Lasseter when he was still an employee of Lucasfilm’s computer graphics division, the unit that would eventually become Pixar. “André & Wally B.” runs one minute and 51 seconds and shows off — to what was stunning effect when the film was first released — the new sense of volume, depth, shading and texture that CGI offered.
Twenty-three years later the technology is far more sophisticated and efficient, able to create complex textures and elaborate shading where the first images largely consist of shiny spheres. With each new short in the Pixar collection, something seems to be added: a vivid sense of character in the 1986 “Luxo Jr.” (its timid young desk lamp continues to serve as Pixar’s corporate mascot); multiple characters, depth effects and reflective surfaces in “Tin Toy” (1988) and “Knick Knack” (1989); a first step toward animating human figures in “Geri’s Game” (1997); and with “For the Birds” (2000), animation blended with comedy and musical performance that suggests Walt Disney’s breakthrough “Silly Symphonies” of 1929 to 1939.
Mr. Lasseter, who would become Pixar’s chief animator when Steve Jobs purchased the company (and later, the director of “Toy Story,” “A Bug’s Life” and “Cars”), served his apprenticeship and then some at the Walt Disney Company. Like the Disney studio, Mr. Lasseter has used shorts to push the technological envelope, testing the techniques (in Disney’s case, sound and color) that would later shape features. And Pixar, under Mr. Lasseter’s creative direction, has developed in a Disneyesque direction (as Disney acknowledged when it acquired Pixar in 2006).
Like Disney, Mr. Lasseter has moved his studio’s product toward an ever-greater illusion of realism, achieving the dream of moving animation away from the two dimensions of the single drawing board that Disney began with its depth-producing multiplane camera, invented by William Garity and first used in the Silly Symphony “Old Mill” of 1937. This is not a world that stops at the screen’s surface, but beckons the viewer to enter, with its carefully worked out perspectives, fully rounded volumes and elaborate camera movements.
And with increased realism has come, as it did for Disney, a turn away from the violent, anarchic, anything-goes tradition of the early shorts. Pixar has placed its charm and skill in the service of fables in which characters learn to overcome their shortcomings and insecurities and realize their fondest dreams, just as Remy, the rodent hero of “Ratatouille,” overcomes his dubious origins and becomes the most celebrated chef of Paris.
As delightful as “Ratatouille” is, you can almost hear the Bronx cheers echoing from the ghostly halls of Termite Terrace, as the pioneering Warner Brothers animators not so affectionately called their dilapidated facilities. Here, led by directors like Frank Tashlin, Tex Avery, Bob Clampett, Friz Freleng and Chuck Jones, the cartoonists took a punkish pleasure in shattering the pretensions of the Disney films. One entire disc in the new “Looney Tunes” collection is devoted to Warner parodies of Disney’s fairy tale films, with titles like Mr. Avery’s 1938 “Little Red Walking Hood” (a Hollywood wolf tries to pick up a formidably self-possessed little girl with a Katharine Hepburn voice) and Mr. Freleng’s “Foney Fables” (1942).
Although some of this anti-Disney irreverence lives on in the CGI animations that DreamWorks has produced (its “Shrek the Third” comes out on home video next Tuesday), it’s hard to rock the boat too vigorously when the enormous budgets of computer animation are at stake. The cheaply produced Warner shorts, many of which weren’t in color in the 1930s, suffered from no such constraints, and the new volume contains one of the most defiantly Dada products of Termite Terrace, Avery’s 1941 “Porky’s Preview,” a crudely scrawled desecration of Disney’s most artistically ambitious film, “Fantasia” (1940).
Both Mr. Lasseter and Mr. Bird had the opportunity to work in hand-drawn animation (probably doomed to be known as 2-D animation) and clearly profited from the experience. Alas, none of the giants of the cel animation era were able to work in CGI, and you can only wonder what Warner Brothers’ most visually sophisticated director, Chuck Jones, might have done with the new technology.
Some clues are contained in “The Chuck Jones Collection,” an anthology of six films that he made for television relatively late in his career, from “A Cricket in Times Square” (1973) through “Mowgli’s Brothers” (1977). Jones seemed to be reaching toward a grander, more mythic scale in these films, of which the best is “Rikki-Tikki-Tavi” (1975), an adaptation of a Kipling “Jungle Book” tale. But the budget and the backup (the voice work of Mel Blanc, the music of Carl Stalling, the background designs of Michael Maltese) are not there, and the results fall short of what Jones, a giant in the field, was capable.
Moving completely outside the Hollywood tradition, Facets Video has released “Fantastic Planet,” the 1973 French-Czech co-production, directed by René Laloux from a novel by the writer Stefan Wul. With its trippy production design by Roland Topor, the film enjoyed a long run as a midnight show in the 1970s.
The film is set in a distant galaxy, where a race of self-absorbed giants (read: adults) treat humans as disposable pets, an anti-establishment theme that perhaps resonated more strongly then than now. Although the simple, stark design and minimal but expressive animation continue to catch the eye, here’s one film that CGI would almost certainly improve, giving weight and depth to its airy metaphors.
“Ratatouille,” Disney DVD, $29.99, G.
“Pixar Short Films Collection: Volume 1,” Disney DVD, $29.99, not rated.
“Looney Tunes Golden Collection: Volume 5,” Warner Home Video, $64.98, not rated.
“Chuck Jones Collection,” Lionsgate, $14.98, not rated.
“Fantastic Planet,” Facets Video/Accent Cinema, $24.95, not rated.
http://www.nytimes.com/2007/11/06/mo...eo/06dvds.html
CBC Chided for Pulling Falun Gong Show
AP
A Canadian broadcaster's decision to pull a heavily promoted documentary on the persecution of the Falun Gong spiritual movement after objections from Chinese officials was criticized Friday by members of the group and the filmmaker.
Both questioned whether the move was influenced by the fact that Canadian Broadcasting Corp. will be the main Canadian broadcaster of the Beijing Olympics next summer. The CBC denied there was any connection. criticize
The CBC's 24-hour news channel had scheduled ''Beyond the Red Wall: The Persecution of Falun Gong'' for Tuesday night, but the piece did not appear after the CBC advertised it for several days. It already had been shown on the CBC's French-language channel and an English version was shown late last year with little fanfare.
A CBC spokesman said Tuesday's showing was canceled after phone calls from envoys of China, which banned Falun Gong in 1999 following a mass demonstration staged by the movement's followers outside government headquarters to demand official recognition.
Spokesman Jeff Keay, who said none of the Chinese officials had viewed the documentary, said it would be shown after a review of its content.
''We want to make sure it's an absolutely rigorous piece of work because it's become clear ... that there's a lot of interest in the thing. We want to make sure it's a solid piece of work that will stand up to intense scrutiny,'' Keay said.
The Falun Gong Association of China expressed outrage that the national news broadcaster would give in to pressure.
''The Chinese government has been trying to silence the media about Falun Gong for years in China, so we're not surprised they contacted the CBC, but we are surprised the CBC bent to their demands -- that they gave in to the communist pressure,'' said Joel Chipkar, the association's spokesman.
The show about Falun Gong, which China's leadership is trying to eradicate, deals with Chinese news reports about four Falun Gong followers setting themselves on fire in Beijing.
The documentary's producer, Peter Rowe, argues that the story was a hoax, set up by the Chinese government to make the spiritual movement seem cult-like and unstable.
Rowe said he was surprised the piece wasn't broadcast, saying it had been licensed by the CBC in 2004 and reviewed by senior CBC editors and the broadcaster's lawyers.
''If the American government had tried to put this pressure on the CBC not to run this kind of documentary, you can imagine what kind of reaction they would have had internally,'' he said. ''With China, it's felt like we have to treat them in a very special way.''
Both Rowe and Chipkar suggested the CBC's decision was influenced by its contract to carry the Beijing Olympics. Keay denied that.
Falun Gong has attracted millions of followers with a mix of traditional Chinese calisthenics and doctrines drawn from Buddhism, Taoism and the ideas of its founder, Li Hongzhi. China banned it as a threat to public safety and communist rule, calling it an ''evil cult.''
Human rights organizations have reported executions and torture of Falun Gong members in China. The State Department says practitioners face arrest, detention and possible torture.
http://www.nytimes.com/aponline/worl...alun-Gong.html
Screenwriters on Strike Over Stake in New Media
Michael Cieply, David Carr and Brooks Barnes
This article was reported by Michael Cieply, David Carr and Brooks Barnes, and was written by Mr. Cieply.
Hollywood writers took to the sidewalks, if not quite the streets, on Monday, as last-ditch bargaining failed to avert the first industrywide strike in more than 19 years.
Just after midnight, about 12,000 movie and television writers represented by the Writers Guild of America East and the Writers Guild of America West went on strike against Hollywood producers represented by the Alliance of Motion Picture and Television Producers.
Picket lines went up at more than a dozen studios and other production sites on both coasts. And at least a handful of television shows — including the CBS series “The Big Bang Theory” and “Two and a Half Men” — quickly shut down.
But it was not immediately clear how much damage the writers’ actions would inflict on a sprawling industry that performs its labor in thousands of workplaces in America and abroad.
At the Fox lot in Los Angeles, about three dozen picketing writers were still getting the hang of things at 9:30 Monday morning. “Who’s got the power?” a strike captain bellowed through a bullhorn, as the answer mostly got lost in the traffic sounds on Pico Boulevard.
They laid in bottled water by the case, and came equipped with BlackBerrys and backpacks for what promised to be a long day in the sun once the morning fog burned off.
Yet studio vans, transportation trucks and construction vehicles freely crossed the picket line as Fox shows like “24” and “Prison Break” remained in production, at least for the moment — perhaps quelling the writers’ hope that a strong show of support by Hollywood’s blue-collar workers would heighten the strike’s effect.
In a telephone interview shortly afterward, J. Nicholas Counter III, president of the producers’ alliance, said he expected the strike to be a long one. “We were on strike for five months in 1988,” Mr. Counter said. “The issues this time are more difficult and more complex.”
Mr. Counter said companies were prepared to use alternative programming like reality shows, reruns and movies to fill broadcast and cable networks during a walkout that might last, by his estimation, 9 or 10 months. Late-night talk shows have immediately turned to repeats, but most prime-time comedies and dramas have about half a dozen episodes already filmed.
The final breakdown in talks came on Sunday night, at a session convened by a federal mediator at the Sofitel hotel in Los Angeles. By Mr. Counter’s account, producers made a number of steps toward the writers in the course of an 11-hour session, and writers countered by abandoning their demand that DVD residuals be doubled.
But guild negotiators, Mr. Counter said, refused a request to delay the strike by “stopping the clock” while the bargaining continued. The strike thus began at 12:01 a.m. by prearranged plan in New York, even as negotiators were still talking in Los Angeles. Immediately, Mr. Counter said, the companies ended the talks with no plans to reconvene.
Patric M. Verrone, president of the West Coast guild, said in a telephone interview, “If we had decided not to strike when we said we were, I think we would have sent the wrong signal.”
The guild said the companies had dug in their heels by, among other things, refusing to grant the unions jurisdiction over most writing directly for new media, and insisting on the right to offer promotional showings of movies and television shows in new media and elsewhere without paying an additional fee.
The companies have also insisted on pegging residuals payments for downloaded movies and shows at the same rate historically used for DVDs and videocassettes — a formula writers have regretted almost since the moment they negotiated it two decades ago. In effect, the sides finally got down to what they were really fighting about
: who will get what from the media of the future.
This led to the curious spectacle of a glamour strike.
In Manhattan, about 75 picketers (including Tina Fey, the creator of “30 Rock” on NBC) set up a line in Rockefeller Center and chanted: “No money? No downloads. No downloads? No peace.”
But for a time, the chanting was drowned out by the roar of a crowd that was assembled for the “Today” show.
All of the trappings of a union protest were there — signs, chanting workers, an inflatable rat and a discarded bag of wrappers and cups from Dunkin’ Donuts. The rat commuted from Queens, where it was borrowed from Local 79, an A.F.L.-C.I.O. laborers’ union. But instead of hard hats and work boots, those at the barricades wore arty glasses and fancy scarves.
“A lot of the public probably feels like we are brats,” said Sarah Durken, a writer for children’s programs. “But I think everyone understands the issue of corporate greed versus the needs of workers and their families.”
(At least one presidential candidate saw it that way. In a statement, Barack Obama declared, in part: “I stand with the writers. The guild’s demand is a test of whether media corporations are going to give writers a fair share.”)
Some New York writers tried a gentle approach in talking to passers-by. “Don’t worry, we won’t hurt you,” said Andrew Smith, who writes for “The View.”
“Writers going on strike sounds like shepherds staging a walkout,” Mr. Smith said afterward. “The general public has no understanding of the issues that we are facing, but we are here because the producers will take as much as they can unless writers stand up for themselves.”
Things got feistier a few hours later in Burbank, Calif., where about 60 pickets greeted executives arriving at the Walt Disney studio’s primary gate with a boisterous display of solidarity. “Union!” the strike captain shouted. “Power!” the writers responded.
Walking the line were writer-producers from some of the biggest hits on television. Carlton Cuse and Damon Lindelof, the lead writers and show runners on “Lost” on ABC, marched in front of Greg Berlanti, the writer and producer of the same network’s “Dirty Sexy Money,” “Brothers & Sisters” and the coming “Eli Stone.”
“I hope that the studios see this turnout, which is great,” said Steven Peterman, a guild member who is an executive producer of “Hannah Montana” on the Disney Channel.
First-day enthusiasm notwithstanding, writers will find it no small task in coming weeks to block a production apparatus that in the Los Angeles area alone is spread across more than 100 studio facilities, several hundred post-production houses, and numerous location shoots that move from day to day.
As at Fox, trucks loaded with what appeared to be equipment for location shoots exited gates at Paramount’s Hollywood lot and at Television City, which houses CBS offices and soundstages for the reality shows “Dancing With the Stars” and “American Idol.”
The mood was somber outside Paramount’s stately wrought-iron gates, where striking workers angrily talked about how a driver entering an adjacent production site had struck and injured a picketing writer.
Tom Johnson, head writer for “Talkshow With Spike Feresten,” suffered a broken leg, according to a Writers Guild spokeswoman, adding that the Los Angeles Police Department was investigating the matter. But elsewhere, strikers struggled to find the day’s tone. At NBC’s main campus in Burbank, one writer, who declined to give his name, said it was not easy picketing with people who churn out comedies for a living.
“Stop making me laugh,” the writer told his buddy. “It doesn’t look good to people who drive up. They will think we’re not serious.”
Michael Cieply and Brooks Barnes reported from Los Angeles and David Carr from New York. Edward Wyatt contributed reporting from Los Angeles.
http://www.nytimes.com/2007/11/06/bu.../06strike.html
Glamor Belongs to Only Part of Hollywood
AP
''Jeopardy!'' writer Andrew Price lives in a modest home, makes mortgage and car payments and describes himself and fellow scribes as ''meat and potatoes people.''
Movie art director Sean Duggan, 38, rarely wears a tux and leads a life that's more regular than regal. ''When they roll out the red carpet, they call me to do it,'' he says.
To most of the world, Hollywood is all about glitz and glamor and beautiful people -- some behaving badly. But Price and Duggan belong to what might be called the real Hollywood: its industrial other half, where folks live paycheck to paycheck, drive Toyotas and stay out of trouble.
The current Writers Guild of America strike has cast a rare, international spotlight on this workaday culture of behind-the-camera jobs -- known as ''below the line'' in production parlance.
Most WGA members lead far from glamorous lives, and seldom earn beyond five figures each year. Yet like their colleagues who build sets, apply makeup and lay cable, they're the ones who keep Hollywood cranking the content.
Or not.
Since it began Monday, the writers strike has shuttered nearly a dozen TV shows, including such popular series as ''The Office,'' ''Desperate Housewives'' and ''24.'' The feature-film pipeline could be next.
''The stars are who they are ... as a function of all those people who are unknown and keep the system going,'' said Elizabeth Currid, a professor at University of Southern California who studies art and culture in Los Angeles. ''Stars wouldn't define Hollywood if there weren't these regular people doing their jobs behind the scenes, day in and day out.''
The average salary for entertainment industry employees is $73,000 a year, a handsome income that's 80 percent higher than the national average, according to a 2006 study by the Motion Picture Association of America.
Yet most workers in Hollywood earn far less -- when they even have jobs -- because the MPAA's average includes multimillion dollar salaries paid to executives.
Most of the 6,000 carpenters, welders, set decorators and prop masters represented by the International Alliance of Theatrical Stage Employees Local 44 earn $50,000 to $80,000 a year, said secretary-treasurer Elliot Jennings.
It's ''decent money'' that allows for a middle-class lifestyle, he said. But work is spotty and 10 to 15 percent of the membership are not regularly employed -- a situation worsened by the increasing loss of film and television shoots to foreign locations, and now the writers strike.
''Most of our members work paycheck-to-paycheck. They get eight months of work in a 12-month period,'' he said. ''The amount of money we make doesn't afford most members to keep their wives home from work. We're middle-class people who get up and go to work every day and can't afford not to.''
Having a Screen Actors Guild card isn't necessarily a ticket to Hollywood success, either. Members can spend more time hustling gigs than working them. That's why so many have side jobs tending bar or waiting tables.
''They're not living in mansions,'' said USC business professor S. Mark Young. ''They're probably living in modest apartments.''
Writer Diana Ljungaeus was lured by the glamor of Tinseltown when she moved from her native Sweden. Yet she quickly learned Hollywood is a place where ''everyone is something else.''
''You take a cab and the taxi driver is really a director and the cashier is really an actor, just doing this to get over a poor stretch,'' said Ljungaeus, 48, who works two jobs to support her playwriting pursuits. ''Very few people can live off the arts of TV, theater and film. It's a few that can and they live well. The rest of the hopeful are just struggling.''
Glitz and glamor elude even those industry workers who do draw a reliable salary.
Bruce Grayson has been a Hollywood makeup artist for nearly 20 years. He lives in a condo, not a mansion. He has one car, not a fleet. And he wears some designer duds, ''but the articles are few and far between.''
After two decades in the business, Grayson said he's still ''amazed'' by the level of wealth and luxury the industry provides to the stars who put a face on Hollywood for the rest of the planet.
''It's not my world,'' he said. ''It's their world.''
And they know it.
''The difference between the upper echelon in our business and the lower echelon is so striking,'' actor William H. Macy said as he walked the picket line with writers this week. ''It's tough for me when I'm on set. It makes me feel bad when (the studios) are being so stingy with craft services (catering) people and writers, when they're trying to cut costs on that level.''
Ricky Blitt straddles both sides of Hollywood. A writer of television shows such as ''Family Guy'' and feature-length screenplays, he's successful enough that he doesn't have to look for jobs like many in the industry, but not so successful that he routinely rubs elbows with A-listers.
His lifestyle is ''100 percent opposite from `Entourage,''' he said, referring to the HBO series about the entertainment business.
''This is my Hollywood glamor life: getting up early, writing, petting my two cats and watching NHL sports packages on TV,'' said Blitt, who works from an office at his Hollywood Hills home. ''Nobody quite knows who you are or what you do. You can afford certain privileges, but there's nothing exciting about it.''
------
Associated Press Writer Solvej Schou contributed to this report.
http://www.nytimes.com/aponline/arts...-the-Line.html
Lesson Learned from Finland Cold Shoulder
Mark Halper
For a peek at how the writers strike might end, look away for a minute from the glitz of Los Angeles and New York. Look instead several thousand miles north and east to Helsinki, Finland, where, despite the descending winter dreariness, an ongoing, year-old mobile TV travail shines light on what will happen in the big-time world of late-night talk shows and multimillion-dollar sitcoms.
Late last year, a TV transmission company owned by French media group TDF named Digita launched a commercial mobile-TV broadcasting service in Finland via DVB-H networks. Digita licensed a dozen or so channels and got them to participate in a successful trial. The plan then would be to then sell access to Finnish cellular carriers, which would resell access to consumers outfitted with broadcast-equipped phones.
Sure as saunas and reindeer steaks, mobile TV would fly in Finland, a land that invented the ringtone business and whose economy relies on the world’s largest mobile phone vendor, native son Nokia. After all, trial participants had said they would be willing to pay about $14 per month for the service.
There was only one problem. Someone forgot to check with the folks who sold the rights to the broadcasters in the first place. One by one, the dozen or so broadcasters that had participated in the trial said they could not provide content to Digita because they did not have rights to provide the content for commercial mobile TV.
Digita was left with a total of one video channel, Voice TV, a music video station. Things turned so downbeat that Nokia even decided at the time to withhold its broadcast-equipped handset from Finnish stores.
‘It totally stopped the market,’ recalls Tarja Rautio, Digita’s service manager for mobile TV. That should resonate with anyone looking at kissing goodbye to live Jay Leno, David Letterman and Jon Stewart.
In Finland, it wasn’t necessarily the writers who intervened. Copyright groups representing writers, musicians and actors said that if their stuff was going out on the new platform of mobile TV, they wanted a cut.
But the principles are the same as what the Alliance of Motion Picture & Television Producers now face in Hollywood. Broadcasters worldwide are so busy rebranding themselves as content providers ready to sell programs to the world’s plethora of gadgets, gizmos and PCs, that they’re forgetting about those who supply them.
Any independent TV production that’s churning out product in half the time for half the budget knows the squeeze. I remember going to MIPTV a few years ago, when all things digital were really starting to move center stage. The first conversation I had upon arrival was with an indie TV producer. I gushed about the lively new world of mobile and Internet video. He practically went for my jugular.
‘They want all this stuff from us, but they’re not paying us,’ he growled.
Now writers understandably want their fair cut. And they deserve it.
In Finland, the parties talked. Slowly, broadcasters went back to their suppliers and offered more compensation.
Digita’s still smarting. It doesn’t expect to offer a full-blown commercial service until the spring, a year and a half behind schedule.
If CBS, NBC and others really believe they are content companies, they should heed the lesson that Digita provides, but not take 18 months to do so. They should start honoring their content creators with a bigger slice of the action, rather than taking goods from them as if writers were some off-the-shelf provider of an all-in-one tonic.
I’ve seen what happened in Finland. The American broadcasters will give in. If they don’t, I’ll jump in an arctic lake next time I’m in Lapland.
http://www.hollywoodreporter.com/hr/...c3a8e33803a9a4
Finland Defends Gun Laws
Jari Tanner
A teenage killer's deadly school rampage has put Finns on the defensive about their relationship to guns.
With 1.6 million firearms in private hands, the Nordic nation is an anomaly in Europe, lagging behind only the U.S. and Yemen in civilian gun ownership, studies show.
The government said Friday it would raise the minimum age for buying guns from 15 to 18, but insisted there was no need for sweeping changes to gun laws shaped by deep-rooted traditions of hunting in the sub-Arctic wilderness.
"If you look at the rate of homicides with firearms (in Finland), the figure is very low," Interior Ministry spokesman Ilkka Salmi said. "People using guns are hunters. They live in rural areas. It's part of the life over there."
According to a government study in 2002, 14 percent of homicides in Finland are gun-related.
International gun control activists have urged the Finns to rethink their laws in the wake of Wednesday's tragedy.
Finns are sensitive to their international image, and often complain their country is portrayed as a gloomy northern outpost of Europe, where long dark winters drive people to binge drinking, suicide or random outbursts of violence.
Wednesday's bloodshed did little to help. Pekka-Eric Auvinen, described by police as a bullied 18-year-old outcast, opened fire at his high school in southern Finland. He killed six students, a school nurse and the principal before ending his own life with a gunshot to the head.
"There are all kinds of people living in Finland, like everywhere else," said Tero Aaltonen, a customer in a Helsinki gun shop. "But I rather think it's the influence of the media and all the things people are exposed to that might make someone do a thing like that."
Auvinen, who had no previous criminal record and belonged to a shooting club in central Helsinki, shot the victims with a .22-caliber pistol that he bought from a local gun store days before the attack.
Police revealed Friday that Auvinen had settled for the pistol after being denied a license for a 9 mm semiautomatic handgun.
"The application was rejected because a 9 mm gun is considered too powerful ... for target practice shooting," Detective Superintendent Tero Haapala told The Associated Press. "He was recommended to get a .22-caliber gun."
After Wednesday's shooting drew international attention to Finland's gun culture, the Interior Ministry issued a statement saying firearm sales were "strictly controlled."
Before granting a weapons permit, police "assess the applicant's suitability to posses a firearm, his or her way of life, behavior and possible mental health problems," the statement said. Applicants must prove also they have a legitimate need for a gun, such as hunting or target practice. Self-defense is not a valid reason.
Following the school shooting, police found Internet postings by Auvinen that seemed to predict the massacre.
Gun control activists said the shooting at the Jokela High School in Tuusula, some 30 miles north of Helsinki, proved the need for stricter gun laws in Finland.
"Compared to other European countries, Finland has a serious gun problem," said Rebecca Peters, director of the London-based International Action Network on Small Arms.
Finland has some 650,000 licensed gun owners, about 13 percent of the population of 5.2 million, many of them hunters, the Interior Ministry said.
"Almost every Finnish family has a hunting gun at home," said William Wadstein, a gun shop owner in Helsinki. "We are used to seeing guns."
He added that Finnish children are brought up knowing that guns are not toys: "Guns are very, very dangerous things. They are used for hunting, not murdering."
Studies by the Geneva-based Small Arms Survey rank the country third in the world in civilian gun ownership. In Europe, only Switzerland comes close — and each member of Switzerland's militia army is allowed to keep his gun after completing military service.
Efforts to tighten gun control started some years ago, led by left-wing and pacifist groups. But the anti-gun lobby in Finland is weak, and the country has been known to defend its traditions of widespread gun ownership in the European Union.
Finland had previously insisted on keeping an age limit of 15 years for gun purchases in discussions with other EU nations about common rules on firearms.
But a government committee proposed changing the law Friday to prohibit minors from buying guns, although they would still be allowed to use them under parental supervision, the Interior Ministry said.
"It's obvious that this kind of tragic incident has probably sped up the decision," Salmi said.
He noted, however, that the change could not have prevented Wednesday's massacre: Auvinen was 18.
http://ap.google.com/article/ALeqM5g...c1TGwD8SQDP1G1
Samsung Reveals High-performance 64 GB SATA II SSDs
“The 64GB SATA II SSD is based on Samsung’s cutting-edge NAND technology with dramatically improved performance specs that are taking system performance to a whole new level of efficiency,” stated Jim Elliot, who is the director of marketing for the NAND flash Department of Samsung Semiconductor inc.
Samsung has unveiled a Solid State Drive aimed at high-end PC and server storage markets. Up until now, the SSD options available to the average person were mostly for the mobile market. This is due to the enormous power saving advantages of not having moving parts. SSDs typically use a third as much power as their physical motion counterparts, which saves battery power while performing about the same. These new drives use slightly more power than its predecessors (0.7 W vs 0.4 w), but perform up to five times as fast as normal 1.8" HDDs.
As with each previous incarnation from the NAND flash leaders, the new 64 GB drive has improved greatly in almost all areas. The new technology has some amazing specifications that will give any techie butterflies. With sequential write speeds of 100 MBps and read speeds of 120 MBps, these new drives blow away the fastest consumer grade devices of today. The rest of PATA/SATA market sustains approximately 50-80 MBps read/write rates.
The drive employs a new 3.0 GBps Sata II interface and is available in 1.8" and 2.5" flavors. The storage medium utilizes 50nm Single-Level-Cell (SLC ) flash memory chips, which are 8 GB per chip. All of this fits into a rather sleek metal case. Fastsilicon.com can't wait to get our hands on a couple of these.
Comparison of 1.8" drives:
Product
1.8" HDD
1.8" SDD (PATA)
1.8" SSD (SATA2)
Density
60GB
64GB
64GB
Weight
61 g
40g/ 15g(Slim)
40g/ 15g(Slim)
Performance
Read/Write: 22~48MB/s
R: 64MB/s, W: 45 MB/s
R: 100MB/s, W: 100MB/s
Power (Active)
1.4 W
0.4 W
0.7 W
Vibration (Operating)
1.0G (22~500Hz)
20G (10~2000Hz)
20G (10~2000Hz)
Acoustic Noise
22dB
0dB
0dB
Endurance
MTBF: <300K hours
MTBF: 2M hours
MTBF: 2M hours
http://www.fastsilicon.com/index.php...=333&Itemid=60
GISD Moves Ahead With Threat to Sue Parent
Rhiannon Meyers
The public school district has officially demanded that parent Sandra Tetley remove what it says is libelous material from her Web site or face a lawsuit for defamation.
Tetley received a letter Monday from the district’s law firm demanding she remove what it termed libelous statements and other “legally offensive” statements posted by her or anonymous users, and refrain from allowing such postings in the future. If she refuses, the district plans to sue her, the demand letter states.
Tetley said she’ll review the postings cited by David Feldman of the district’s firm Feldman and Rogers. She’ll consider the context of the postings and consult attorneys before deciding what to delete.
“If it’s not worth keeping in there, I’ll take it out,” she said. “If in fact it is libelous, I have no problem taking it down.”
Libel Or Opinion?
Feldman said Tetley’s Web site —
www.gisdwatch.com — contained the most “personal, libelous invective directed toward a school administrator” he’s seen in his 31-year career.
“It is not the desire of the School District, the Board, or this Firm to stifle free expression or inhibit robust debate regarding matters pertaining to the operation of the public schools,” Feldman wrote in the demand letter. “This is solely about the publication of materials that clearly go beyond that which is legally and constitutionally encouraged and permitted, and into the realm of what is legally offensive and actionable.”
Feldman cited 16 examples of what he says are libelous postings. Half were posted by Tetley; the other half were posted by anonymous users.
The postings accuse Superintendent Lynne Cleveland, trustees and administrators of lying, manipulation, falsifying budget numbers, using their positions for “personal gain,” violating the Open Meetings Act and spying on employees, among other things.
Tetley said the postings were opinions only.
“Everyone deserves to have their opinion,” she said. “I don’t think they have a right to make me, or anyone else, take down criticisms of them off the Web site. They’re not going to force us to take off our opinions because we have no other place to go.”
Tetley said she had not removed any of the postings as of late Tuesday.
Rare Move
One legal expert said the district’s move to sue Tetley is rare and unlawful. Under the 1964 Supreme Court case New York Times v. Sullivan, government entities cannot sue for libel — any court would toss out the “threatening” suit as being inconsistent with U.S. law, said Sandra Baron, executive director of New-York based Media Law Resource Center. She called the district’s potential lawsuit an intimidation tactic and a waste of taxpayer dollars.
Feldman said the district is only asking Tetley to remove a small percentage of postings on her site that he says accuse trustees and administrators of breaking the law. They’re not trying to shut down the blog or eliminate postings, he said.
“How can that be threatening or initmidating?” he said. “There’s a tremendous amount of dialogue, if you will, on that Web log that we’re not touching with a pole ... What we leave is this huge field of free expression and discourse. There’s debate and then there’s libel. Debate all you want, criticize all you want, but don’t accuse people of committing crimes when you have absolutely no evidence to support that.”
More than 130 registered users post on Tetley’s site. Since trustees threatened legal action, more people have been visiting the site and posting, Tetley said. She said she planned to post Feldman’s letter on the site.
“People are very tired of what this type of government is doing,” Tetley said. “They are using our money to silence us.”
The law firm monitored the site for months before trustees took action. Board President David O’Neal said the postings deter potential employees from working at the district.
Tetley and her group, Galveston Alliance for Neighborhood schools, has long criticized the district for reconfiguring its middle schools, closing elementary schools, meeting in executive sessions some claimed were illegal, refusing to divulge the contents of a letter from a civil rights consultant and for issuing a budget forecast that was off by $10 million.
The district’s controversial reconfiguration, to go into effect in 2008-09, prompted Tetley to start the site.
It’s often difficult to prove a public official has been libeled. Aside from proving the libelous statements are damaging, public officials must also prove actual malice. Actual malice means knowing a statement is false or having reckless disregard for the truth.
http://blogs.galvnews.com/story109087.html
ACLU Quotes Anonymous Nat'l Security Letter Plaintiff in NY Court
Larry Neumeister
The U.S. government on Monday appealed a ruling striking down a key provision of the USA Patriot Act that prevents Internet service providers from telling their customers if the government has demanded private information from them.
The government's decision to appeal a September ruling by U.S. District Judge Victor Marrero to the 2nd U.S. Circuit Court of Appeals prompted the American Civil Liberties Union to put out a release quoting the unidentified plaintiff in the lawsuit challenging the law.
The plaintiff in the lawsuit argued by ACLU lawyers has been identified only as John Doe, the president of a small Internet service provider who has faced a gag order for more than three years because of the law regarding so-called national security letters, or NSLs.
The law lets the government acquire telephone, e-mail and financial records about Americans and foreigners without a judge's approval. It also lets the government impose gag orders on the recipients of the letters to prevent them from acknowledging the probes.
In the ACLU release, the plaintiff in the case complained that the statutes "give the government far too much power and that the secrecy surrounding the statutes is excessive."
The plaintiff said the gag provisions of the law "make it difficult or impossible for people like me _ people who have firsthand experience with the NSL statute _ to discuss their specific concerns with the public, the press and Congress."
The plaintiff added: "This seems to be counterintuitive to everything I assumed about this country's commitment to free speech and the value of political discourse."
The judge, in his ruling, said the NSL statute was so improper that to let the law stand might turn an innocent legislative step into "the legislative equivalent of breaking and entering, with an ominous free pass to the hijacking of constitutional values."
The judge had stayed the effect of his ruling so it could be appealed. The government provided notice of its appeal in a one-paragraph letter to the court and later had no comment.
In March, the government released a report showing the FBI issued approximately 8,500 national security letter requests in 2000, the year before the passage of the Patriot Act. The number of requests rose to 39,000 by 2003 and to 56,000 in 2004 before falling to 47,000 in 2005. Most of the requests sought telephone billing records, telephone or e-mail subscriber information or electronic communication transactional records.
The judge wrote that most recipients have little or no incentive to challenge the orders, and only two cases have been filed in federal court.
The judge said the NSLs let the government unmask the identity of Internet users engaged in anonymous speech in online discussions and obtain itemized lists of all e-mails sent and received by people.
newsday.com/news/local/wire/newyork/ny-bc-ny--patriotactlawsuit1105nov05,0,1396048.story
EU Could Collect Air Passenger Data
Part of a new anti-terrorism campaign, a commission proposal would allow member states to collect personal information and keep it for 13 years
Renata Goldirova
As part of a new EU counter-terrorism strategy, Brussels is to propose that member states collect 19 pieces of air passenger data, with the possibility to store it for up to thirteen years.
On Tuesday (6 November), EU home affairs commissioner Franco Frattini will kick off a lengthy legislative process, which at the end should see an EU-wide air passengers name recording scheme (PNR) similar to the controversial US database on European air travellers.
Mr Frattini argues in his paper that "the collection and analysis of PNR data allows the law enforcement authorities to identify high risk passengers and to take appropriate measures" such as secondary screening upon their arrival or a refusal of entry in the destination country.
"Almost all terrorist campaigns are trans-national", he points out.
However, the commission proposal does not foresee a centralised pan-European database, as run the risk of failure due to the vast amount of data received from the 27 individual member states.
Instead, it suggests that each member state sets up a passenger information unit responsible for collecting as well as analysing the PNR data from all carriers operating flights into or from the EU territory.
Member states' law enforcement authorities, entitled to receive and further process the information, should share them if "necessary" for the prevention and fight against terrorist offences and organised crime.
The scope
Under the proposal, European law enforcement authorities will gain access to details on the passenger's reservation and travel itinerary - for example name, address, passport data, telephone numbers, travel agent, credit card number, history of changes in the flight schedule, seat preferences.
Sensitive information such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership as well as health and sexual orientation should not be revealed.
EU capitals will be allowed to store all data for five years, however, with the possibility to extend this period for an additional eight years. Only then must member states' passenger information units delete them.
In order to "offer a higher degree of data protection", Brussels suggests that the so-called push method applies when it comes to collecting the data.
They should be transmitted by the carrier to the national authority instead of giving the national agency the right of direct access to the reservation system.
Criticism
Commissioner Franco Frattini will have to win the unanimous support of all EU capitals if the proposal is to become law.
But the toughest scrutiny is likely to come from the European Parliament, a frequent guardian of civil liberties and data protection, as well as from rights groups.
According to Tony Bunyan from UK liberties group Statewatch "this is yet another measure that places everyone under surveillance and makes everyone a suspect without any meaningful right to know how the data is used, how it is further processed and by whom".
"The underlying rationale for each of the measures is the same - all are needed to tackle terrorism", Mr Bunyan said, referring to the mandatory taking of fingerprints for passports and the mandatory storage of telecommunications data.
"There is little evidence that the gathering of mountain upon mountain of data on the activities of every person in the EU makes a significant contribution. On the other hand, the use of this data for other purposes, now or in the future, will make the EU the most surveilled place in the world", he concluded.
http://www.businessweek.com/globalbi..._top+st ories
No REAL ID, No Problem: DHS Backs Off On Deadline, Requirements
Nate Anderson
After running into significant state opposition, the Department of Homeland Security has tried to rescue the controversial REAL ID program by backing off provisions of the plan in order to lower costs and reduce privacy concerns. Now, the ACLU is claiming that DHS is ditching key standards and will allow Americans to board airplanes even without a REAL ID.
DHS held a conference call with the states last month to address lingering concerns about the program. According to the ACLU, which talked to participants on the call, DHS announced that the national standards were being relaxed, that REAL ID wouldn't be required to board planes, and that the deadline for compliance could be extended to 2015 or later.
"In discussions I participated in with the Department of Homeland Security, they were asked point blank, 'What will happen to states that don't participate?'" said Maine Secretary of State Matthew Dunlap, who was on the call. "The response was, 'Nothing will happen. There will be no penalty. You can still get on a plane.'"
The ACLU, which opposes the plan on civil liberties grounds, says that the many changes made since the Act was passed nearly "negate the original intent of the program." A DHS official told the Washington Post that the changes have been adopted in a spirit of compromise designed to save the states money.
DHS is at pains to point out that REAL ID is not a national identity card program but a set of regulations that direct states how to create their drivers' licenses and state ID cards. The program mandates digital photos, bar-coded information, and more stringent document checks, and it directs all states to link their databases with one another. It passed in 2005 as part of a necessary appropriations bill to fund the Iraq war and prompted our own Jon Stokes to think about faxing a picture of his own backside to REAL ID sponsor Rep. James Sensenbrenner (R-WI). The official word is that this did not, in fact, happen.
REAL ID has spawned outrage in other corners. Groups on both the left and the right of the political spectrum have been up in arms over the privacy implications of the linked databases and the machine-readable information, and many states have been worried by the (unfunded) cost of the upgrade, which could run into the billions of dollars.
States began defying the feds, passing laws saying that they had no intention of complying with the REAL ID requirements. The federal government retorted that this was fine, but citizens from those states could not use drivers' licenses to enter federal buildings or board aircraft (which are screened by federal personnel).
In the face of this sort of opposition, DHS extended the deadline for compliance to 2009, and then again to 2013. Now, it could be extended again, and states could get even more time to issue cards for older drivers (apparently less of a security threat).
Whether the new rules are an expedient compromise or a total backpedalling from the goals of REAL ID depends on who you ask. The ACLU, for instance, holds strong views on the matter.
"DHS is essentially whittling Real ID down to nothing—all in the name of denying Real ID is a failure," said ACLU senior legislative counsel Tim Sparapani. "Real ID is in its death throes, and any signs of life are just last gasps."
http://arstechnica.com/news.ars/post...uirements.html
Congress to Vote on Open Access and NIH Funds
US investigators funded by the National Institutes of Health (NIH) may soon be compelled to publish only in journals that make their research papers freely available within one year of publication.
Congress is this week expected to take final votes on a bill incorporating this directive. The measure is contained in a spending bill that boosts the biomedical agency's effective budget by 3.1%, to $29.8 billion in 2008.
President George W. Bush has vowed to veto the bill, which will fund the Department of Health and Human Services and other agencies, because it includes what he calls “irresponsible and excessive” levels of spending.
But congressional Democrats have attached to the measure an unrelated but politically popular bill funding the Department of Veterans Affairs. They hope that this will generate the two-thirds support needed in both houses of Congress to override a presidential veto.
The open-access requirement in the bill would apply only during fiscal year 2008; it would need to be renewed in yearly spending bills in the future.
http://www.nature.com/news/2007/0711...l/450148a.html
Cancer-Busters Tap Into Grid Computing
Robert Jaques
Canadian researchers have promised to squeeze "decades" of cancer research into just two years by harnessing the power of a global PC grid..
The research team is led by Dr Igor Jurisica at the Ontario Cancer Institute, and scientists at Princess Margaret Hospital and University Health Network.
The scientists are the first from Canada to use IBM's World Community Grid network of PCs and laptops with the power equivalent to one of the globe's top five fastest supercomputers.
The team will use the grid to analyse the results of experiments on proteins using data collected by scientists at the Hauptman-Woodward Medical Research Institute in Buffalo, New York.
The researchers estimate that this analysis would take conventional computer systems 162 years to complete.
Dr Jurisica anticipates that the analysis could be finished in one to two years, and will provide researchers with a better way to study how proteins function, which could lead to the development of more effective cancer-fighting drugs.
"We know that most cancers are caused by defective proteins in our bodies, but we need to better understand the specific function of those proteins and how they interact in the body," he said.
"We also have to find proteins that will enable us to diagnose cancer earlier, before the symptoms appear, to have the best chance of treating the disease or potentially stopping it completely."
The research team now has more than 86 million images of 9,400 unique proteins that could be linked to cancer captured in the course of more than 14.5 million experiments by colleagues at Hauptman-Woodward.
Dr Jurisica said that this resource comprises the most comprehensive database on the chemistry of a large number of proteins, a resource that will help researchers around the world unlock the mystery of how many cancers grow.
http://www.itnews.com.au/News/64560,...computing.aspx
NNSquad - Network Neutrality Squad
NNSQUAD.ORG
A project of PFIR - People For Internet Responsibility
The Network Neutrality Squad (NNSquad) is an open-membership, open-source effort, enlisting the Internet's users to help keep the Internet's operations fair and unhindered from unreasonable restrictions.
The project's focus includes detection, analysis, and incident reporting of any anticompetitive, discriminatory, or other restrictive actions on the part of Internet Service Providers (ISPs) or affiliated entities, such as the blocking or disruptive manipulation of applications, protocols, transmissions, or bandwidth; or other similar behaviors not specifically requested by their customers.
Other key aspects of the project are discussions, technology development and deployment, and associated activities -- fostering cooperation and mutually agreeable methodologies whenever possible -- aimed at keeping the Internet a maximally unhindered, useful, competitive, fair, and open environment for the broadest possible range of applications and services.
We invite individual, commercial, nonprofit, government, and all other Internet users and stakeholders (including ISPs) to participate in the Network Neutrality Squad.
Please join the moderated mailing list (choice of immediate distribution or digest) for project announcements and discussions, by sending a message (any subject or text) to
nnsquad-subscribe@nnsquad.org, or by signing up at the mailing list Web page.
A searchable archive of past messages that have been distributed to the mailing list is available for your use.
For more interactive, real-time communications on related topics, please visit the NNSquad discussion and incident reporting forum.
Questions and comments are welcome at
nnsquad-info@nnsquad.org, or feel free to contact Lauren Weinstein directly as shown below for project-related details.
Working together, we can help to keep the Internet an incredibly useful resource for everyone around the globe, unhampered by any efforts to skew its enormous capabilities in ways that could hinder the many while benefiting the relative few.
We hope that you'll join this cause. Thank you for your consideration.
Lauren Weinstein -
lauren@pfir.org
Co-Founder, PFIR - People For Internet Responsibility
TEL: +1 (818) 225-2800
Peter G. Neumann -
neumann@pfir.org
Co-Founder, PFIR - People For Internet Responsibility
Vinton G. Cerf
Keith Dawson
Slashdot.org
David J. Farber -
dfarber@cs.cmu.edu
Distinguished Career Professor of Computer Science and Public Policy
Carnegie Mellon University
Bob Frankston -
nn-Squad@Bobf.Frankston.com
Phil Karn
Vice President, Technology - Qualcomm, Inc.
David P. Reed
Paul Saffo
Bruce Schneier -
schneier@counterpane.com
CTO - BT Counterpane
http://www.nnsquad.org/
Judge Forces Telcos to Retain Data in NSA Spy Case
Nate Anderson
In a victory for the EFF, Judge Vaughn Walker ruled today that AT&T, Verizon, Cingular (now part of AT&T), Sprint, and BellSouth (also part of AT&T now) must all maintain any data or papers related to the NSA spying case that Walker is overseeing in California. The EFF had requested the ruling out of concern that documents would be destroyed as part of routine data deletion practices before the case could even progress to discovery.
The move was opposed not only by the telcos but also by the federal government, which has repeatedly pursued the claim that the case involves "state secrets" and should not proceed.
A hearing on the matter was to have been held on November 15, but Walker decided after reading the papers submitted by both sides that no hearing was necessary. Instead, he ordered the telcos to retain all "documents, data and tangible things in the possession, custody and control of the parties to this action, and any employees, agents, contractors, carriers, bailees or other non-parties who posses materials reasonably anticipated to be subject to discovery in this action."
Counsel for each company are specifically told to make sure that no routine business practices result in the destruction of useful information. Walker also ordered the lead counsel for each telco to notify him in writing before December 14 that the order had been carried out.
The order comes a day before the AT&T whistleblower who bolstered the EFF's case, a technician named Mark Klein, holds a DC press conference to publicly discuss his claims of "secrets rooms" and optical splitters. He will also call for Congress to grant no retroactive immunity to the telcos for their part in the entire surveillance scheme.
While the order is certainly good news for the EFF, it does not require the telcos to say if they have any such evidence and it does not mean the case will necessarily move on to discovery.
http://arstechnica.com/news.ars/post...-spy-case.html
AT&T Whistleblower: Telecom Immunity Is A Cover-Up
Spencer Ackerman
Earlier today we flagged that Mark Klein, who uncovered a secret surveillance room run by the NSA while employed as a San Francisco-based technician for AT&T, is in Washington to lobby against granting retroactive legal immunity to telecommunications companies. In an interview this afternoon, Klein explained why he traveled all the way from San Francisco to lobby Senators about the issue: if the immunity provision passes, Americans may never know how extensive the surveillance program was -- or how deeply their privacy may have been invaded.
"The president has not presented this truthfully," said Klein, a 62-year old retiree. "He said it was about a few people making calls to the Mideast. But I know this physical equipment. It copies everything. There's no selection of anything, at all -- the splitter copies entire data streams from the internet, phone conversations, e-mail, web-browsing. Everything."
What Klein unearthed -- you can read it here -- points to a nearly unbounded surveillance program. Its very location in San Francisco suggests that the program was "massively domestic" in its focus, he said. "If they really meant what they say about only wanting international stuff, you wouldn't want it in San Francisco or Atlanta. You'd want to be closer to the border where the lines come in from the ocean so you pick up international calls. You only do it in San Francisco if you want domestic stuff. The location of this stuff contradicts their story."
That's what's at stake in the telecom immunity provision, Klein believes. If the surveillance-related lawsuits are invalidated by a provision in the intelligence-committee-passed FISA bill, then the extent of the program -- at least between 2001 and 2006 -- will remain the exclusive purview of the Bush administration, the communications firms and the handful of Senators selected to review legal justifications for the program. "These are not babes in woods. They knew what they were doing," Klein said. "The violation of the Constitution is where they split off -- where the splitter splits off full copies of a datastream, and connects to other companies' internet stuff, like Sprint or GlobalCrossing. They don’t want people to understand that. They want to portray it like the president does, that it's a handful of international phone calls. That's the soundbite, and that’s not true. It affects millions of people domestically."
Klein has been public with his insider account for nearly two years, with precious little publicity to show for it, thanks to the relative paucity of national media in San Francisco. Coming to Washington might have changed that: his day was packed with press calls and face time with at least a half-dozen Congressional staffers, mostly from Democratic Senators Joe Biden, Sheldon Whitehouse and Barbara Boxer. Press attention and one-on-ones in the corridors of power might be nice, he said, but it's not enough. "I'm not impressed by people with speeches pretending to be on your side," he said. "I want to see votes. In our favor."
The Senate Judiciary Committee will vote on the surveillance bill tomorrow.
http://www.tpmmuckraker.com/archives/004662.php
AT&T Gave Feds Access to all Web, Phone Traffic, Ex-Tech Says
Ellen Nakashima
His first inkling that something was amiss came in summer 2002, when he opened the door to admit a visitor from the National Security Agency (NSA) to an AT&T office in San Francisco.
"What the heck is the NSA doing here?" Mark Klein, a former AT&T technician, said he asked himself.
A year or so later, he stumbled upon documents that, he said, show the agency gained access to massive amounts of e-mail, Web search and other Internet records of more than a dozen global and regional telecom providers. AT&T allowed the agency to hook into its network and, according to Klein, many of the other telecom companies probably knew nothing about it.
Klein will be on Capitol Hill today to share his story in the hope it will persuade Congress not to grant legal immunity to telecommunications firms that helped the government in its warrantless anti-terrorism efforts.
Klein, 62, said he may be the only person in a position to discuss firsthand knowledge of an important aspect of the Bush administration's domestic surveillance. He is retired, so he isn't worried about losing his job. He carried no security clearance, and the documents in his possession were not classified, he said. He has no qualms about "turning in," as he put it, the company where he worked for 22 years until he retired in 2004.
"If they've done something massively illegal and unconstitutional — well, they should suffer the consequences," Klein said.
In an interview this week, he alleged that the NSA set up a system that vacuumed up Internet and phone-call data from ordinary Americans with the help of AT&T and without obtaining a court order. Contrary to the government's depiction of its surveillance program as aimed at overseas terrorists, Klein said, much of the data sent through AT&T to the NSA was purely domestic. Klein said he thinks the NSA was analyzing the records for usage patterns and for content.
He said the NSA built a special room in San Francisco to receive data streamed through an AT&T Internet room containing "peering links," or major connections to other telecom providers. Other so-called secret rooms reportedly were constructed at AT&T sites in Seattle, Los Angeles, San Diego and San Jose, Calif.
Klein's documents and his account form the basis of one of the first lawsuits filed against the telecom companies after the government's warrantless-surveillance program was disclosed by The New York Times in December 2005.
Claudia Jones, an AT&T spokeswoman, said she had no comment on Klein's allegations. "AT&T is fully committed to protecting our customers' privacy. We do not comment on matters of national security," she said.
The NSA and the White House also declined to comment.
Klein is urging Congress not to block Hepting v. AT&T, a class-action suit pending in federal court in San Francisco, and 37 other lawsuits charging carriers with illegally collaborating with the NSA program. He and the Electronic Frontier Foundation, which filed Hepting v. AT&T in 2006, are urging key lawmakers to oppose a pending White House-endorsed immunity provision that effectively would wipe out the lawsuits. The Senate Judiciary Committee is expected to take up the measure today.
In summer 2002, Klein was working in an office responsible for Internet equipment when an NSA representative arrived to interview a management-level technician for a special, secret job.
The job entailed building a "secret room" in another AT&T office 10 blocks away, he said. By coincidence, in October 2003, Klein was transferred to that office. He asked a technician about the secret room on the sixth floor, and the technician told him it was connected to the Internet room a floor above. The technician handed him wiring diagrams.
"That was my 'aha' moment," Klein said. "They're sending the entire Internet to the secret room."
The diagram showed splitters glass prisms that split signals from each network into two identical copies. One copy fed into the secret room. The other proceeded to its destination, he said.
"This splitter was sweeping up everything, vacuum-cleaner-style," he said. "The NSA is getting everything. These are major pipes that carry not just AT&T's customers but everybody's."
One of Klein's documents listed links to 16 entities, including Global Crossing, a large provider of voice and data services in the United States and abroad; UUNet, a large Internet provider now owned by Verizon; Level 3 Communications, which provides local, long-distance and data transmission in the United States and overseas; and more familiar names, such as Sprint and Qwest. It also included data exchanges MAE-West and PAIX, or Palo Alto Internet Exchange, facilities where telecom carriers hand off Internet traffic to each other.
"I flipped out," he said. "They're copying the whole Internet. There's no selection going on here. Maybe they select out later, but at the point of handoff to the government, they get everything."
Qwest has not been sued because of media reports last year that said the company declined to participate in an NSA program to build a database of domestic phone-call records out of concern that it may have been illegal. What the documents show, Klein said, is that the NSA apparently was collecting several carriers' communications, probably without their consent.
Another document showed that the NSA installed in the room a Narus semantic traffic analyzer, which Klein said indicated the NSA was doing content analysis.
Steve Bannerman, Narus' marketing vice president, said the NarusInsight system can track a communication's origin and destination, as well as its content. He declined to comment on AT&T's use of the system.
Klein said he went public after President Bush defended the NSA's surveillance program as limited to collecting phone calls between suspected terrorists overseas and people in the United States. Klein said the documents show that the scope was much broader.
http://seattletimes.nwsource.com/htm..._spying08.html
Lawmakers Delay Telco Immunity Vote
Roy Mark
The Senate Judiciary Committee delays a decision on whether telcos broke the law when they cooperated with the fed's warrantless surveillance program.
The U.S. Senate Judiciary Committee delayed Nov. 8 a scheduled vote on whether telecommunications carriers should be granted immunity for cooperating with the White House's domestic spying program of telephone wiretapping and e-mail surveillance. The panel hopes to vote on the provision as soon as next week.
As part of the renewal of FISA (Foreign Intelligence Surveillance Act), the White House wants Congress to grant immunity to the carriers that agreed to turn over customer telephone and e-mail records—often without a warrant or subpoena—to the government. The White House launched the warrantless surveillance in the aftermath of the Sept. 11, 2001, terrorist attacks on the United States.
The House version of the FISA renewal currently includes no immunity for the carriers, but the Senate Intelligence Committee approved legislation Oct. 17 that includes immunity. The Senate Judiciary Committee's working version calls for no immunity.
"A retroactive grant of immunity or pre-emption of state regulators does more than let the carriers off the hook," Patrick Leahy, D-Vt., chairman of the Senate Judiciary Committee, said during an Oct. 31 hearing on the FISA bill. "Immunity is designed to shield this administration from any accountability for conducting surveillance outside the law. It could make it impossible for Americans whose privacy has been violated illegally to seek meaningful redress."
Read more here about the hearing on the FISA bill.
The New York Times first broke the story of the administration's warrantless wiretapping in late 2005, and USA Today later reported that the National Security Agency is using information provided by telephone carriers to mine tens of millions of calling records for data.
The carriers are under a federal court order to neither confirm nor deny their participation in the program. "Our company essentially finds itself caught in the middle of an oversight dispute between the Congress and the executive branch relating to government surveillance activities," AT&T wrote to lawmakers Oct. 12.
Nevertheless, Verizon, AT&T and Qwest all contend they acted legally in reliance on existing federal, state and local laws.
"Current law … provides a complete defense to any provider who in good faith relies on a statutory authorization," AT&T wrote in its Oct. 12 letter. "If the government advises a private company that a disclosure is authorized by statute, a presumption of regularity attaches."
Democratic presidential candidates Barack Obama, Chris Dodd and Joe Biden all oppose granting immunity to the carriers. Other Democratic candidates, including Hillary Clinton, have not stated a position on immunity for telecom carriers. Republican presidential hopefuls have also been mum on the issue.
"It is time to restore oversight and accountability in the FISA program, and this proposal—with an unprecedented grant of retroactive immunity—is not the place to start," Obama said in an Oct. 19 statement.
http://www.eweek.com/article2/0,1895,2214150,00.asp
Did Credit Card Companies Collaborate with the FBI's Grocery Data Mining Program?
Chris Soghoian
The Congressional Quarterly's Jeff Stein recently reported that the FBI went trawling through grocery store records in order to track down Iranian terror cells. In his article, he writes, "like Hansel and Gretel hoping to follow their bread crumbs out of the forest, the FBI sifted through customer data collected by San Francisco-area grocery stores in 2005 and 2006, hoping that sales records of Middle Eastern food would lead to Iranian terrorists." The program, however, was short lived and was quickly "torpedoed by the head of the FBI's criminal investigations division, Michael A. Mason, who argued that putting somebody on a terrorist list for what they ate was ridiculous -- and possibly illegal."
Wired News' always excellent Threat Level blogger Ryan Singel, who highlighted Stein's article yesterday, [url=http://blog.wired.com/27bstroke6/2007/11/fbi-mined-groce.htmlponders the methods through which the FBI got access to the records[/url]. Ryan writes, "It's not clear how the FBI got the records to sift through in the first place - did grocery stores volunteer the data or get served with national security letters or the dread[ed] Section 215 of the Patriot Act."
As I will outline in this blog post, I don't believe that the grocery stores gave up any customer data - the credit card companies did. But first, a disclaimer: I have no sources at all for my argument today. I have nothing to back it up other than a gut feeling. Thus, this blog post should be read as an editorial, and in no way as a solid piece of investigative journalism.
Before we get too deep into this, lets cover a few basic concepts.
First: ethnic shoppers, be they Mexican, Iranian, Indian or Chinese, generally do not buy the foods from their home countries at American grocery stores. They buy them at small, ethnic food stores specializing in foreign foods. The major grocery chains do not cater to these customers, and generally stock inferior (and overpriced) goods. No self-respecting Indian chef buys his spices from Safeway, just as Koreans seeking a kimchi fix do not go to Whole Foods. Most obvious of all, no Iranian, or any other religious Muslim buys their meat at major American grocery stores, for one simple reason: it's not halal.
Second: Small ethnic grocery stores generally do not track their customers' purchases. While the major chains all seem to have adopted evil tracking "store loyalty" cards, your average mom and pop Mexican market is likely to have a single cash register at the front of the store. No fancy computers through which to give consumers a five percent discount in exchange for having their transactions tracked.
While Whole Foods can go through their purchase logs to see which customers purchased specific middle-eastern food items, the small ethnic markets simply don't have this kind of data. All they could provide, if forced to, would be the names associated with every credit card used for any past transactions. The actual food items purchased, be it a candy bar, or a metric ton of terrorist-tahini, would remain a secret.
With that out of the way, lets re-examine the information presented by Jeff Stein. Did the FBI compel or politely ask Safeway and Whole Foods to trawl through their extensive purchase databases, and hand over the names of customers who bought falafel mix? Not likely. Ok, what about a different approach. Did the FBI go to every middle eastern market in the San Francisco bay area and ask the owners to hand over their credit card receipts? This too, is not so likely.
FBI agents are not stupid. What is far more likely, I believe, is that agents contacted the major credit card companies (Visa, Mastercard and American Express), gave them a list of all of the middle eastern markets in the Bay area, and asked for the names and addresses of every person who had purchased anything at any of the stores. This would be a far easier method, and frankly, would be less likely to cause alarm to the general public (as they most likely would never find out).
The FBI already pays three telecom companies, including AT&T and Verizon, about $1.8 million a year to process written "emergency" requests for telephone and internet records. The CIA and US Treasury Department have been getting access to data on every international financial transaction crossing the SWIFT network since 2001. Furthermore, a recent FBI audit found that in at least 14 investigations, counterintelligence FBI agents improperly gathered full credit reports from financial institutions, exercising authority provided by the USA Patriot Act but meant to be applied only in counter-terrorism cases.
Law enforcement and intelligence agencies routinely use financial records, including credit reports as part of their investigations. More than likely, every Visa and Mastercard transaction around the world goes through a US server at some point. This is a valuable source of data, and frankly, if the NSA doesn't already have access to this data, someone there should probably be fired. Given the fact that the telecom companies get paid to respond to FBI requests, it's quite likely that the major credit card networks also have streamlined processes through which they can respond to law enforcement requests (and get paid for their time and effort, of course).
If the credit card companies can already be forced to give up the purchase history of a legitimate suspect in an investigation, it is not too hard to imagine that they could be forced, or paid, to provide data with a more broad request.
The legality of such a program, if it exists, will make for a great debate amongst legal scholars. It would also seem, by my amateur reading of the current Senate proposals for telecom immunity, that the credit card companies would also be let off the hook if they did actually violate any laws in handing over vast amounts of customer data.
Interesting times, indeed
http://www.cnet.com/8301-13739_1-9812473-46.html
German Bundestag Decides to Implement Data Retention
Starting next year, all communication providers in Germany will have to store all connection data for six months. This includes:
Phone calls: Date, time, length and involved numbers of all phone calls (landline, mobile or VoIP)
In case of mobile phones additionally the location of the phone at the time of the call, the IMSI code of the phone and SMS connection data
Internet access: IP address, date, time and length of the connection, and the line which was used
E-mail: e-mail-addresses involved and the header of each e-mail
The content of the communications is not stored.
The bill had been heavily criticized. Privacy advocated had organized demonstrations agains the bill in all major German cities at the beginning of this week. In October there had already been a large domonstration with thousands of participants in Germany’s capital Berlin.
All opposition parties voted against the bill. Several members of the opposition and several hundred private protesters announced a constitutional complaint.
This sucks…
http://www.kreativrauschen.com/blog/...ata-retention/
How Hackers Work
Jonathan Strickland
Thanks to the media, the word "hacker" has gotten a bad reputation. The word summons up thoughts of malicious computer users finding new ways to harass people, defraud corporations, steal information and maybe even destroy the economy or start a war by infiltrating military computer systems. While there's no denying that there are hackers out there with bad intentions, they make up only a small percentage of the hacker community.
The term computer hacker first showed up in the mid-1960s. A hacker was a programmer -- someone who hacked out computer code. Hackers were visionaries who could see new ways to use computers, creating programs that no one else could conceive. They were the pioneers of the computer industry, building everything from small applications to operating systems. In this sense, people like Bill Gates, Steve Jobs and Steve Wozniak were all hackers -- they saw the potential of what computers could do and created ways to achieve that potential.
A unifying trait among these hackers was a strong sense of curiosity, sometimes bordering on obsession. These hackers prided themselves on not only their ability to create new programs, but also to learn how other programs and systems worked. When a program had a bug -- a section of bad code that prevented the program from working properly -- hackers would often create and distribute small sections of code called patches to fix the problem. Some managed to land a job that leveraged their skills, getting paid for what they'd happily do for free.
As computers evolved, computer engineers began to network individual machines together into a system. Soon, the term hacker had a new meaning -- a person using computers to explore a network to which he or she didn't belong. Usually hackers didn't have any malicious intent. They just wanted to know how computer networks worked and saw any barrier between them and that knowledge as a challenge.
German hackers have hacked the European passport system and stolen biometric information. This video from Reuters shows how the network behind these passports works and how hackers have gotten inside it.
In fact, that's still the case today. While there are plenty of stories about malicious hackers sabotaging computer systems, infiltrating networks and spreading computer viruses, most hackers are just curious -- they want to know all the intricacies of the computer world. Some use their knowledge to help corporations and governments construct better security measures. Others might use their skills for more unethical endeavors.
In this article, we'll explore common techniques hackers use to infiltrate systems. We'll examine hacker culture and the various kinds of hackers as well as learn about famous hackers, some of whom have run afoul of the law.
Hackers and Crackers
Many computer programmers insist that the word "hacker" applies only to law-abiding enthusiasts who help create programs and applications or improve computer security. Anyone using his or her skills maliciously isn't a hacker at all, but a cracker.
Crackers infiltrate systems and cause mischief, or worse. Unfortunately, most people outside the hacker community use the word as a negative term because they don't understand the distinction between hackers and crackers.
The Hacker Toolbox
The main resource hackers rely upon, apart from their own ingenuity, is computer code. While there is a large community of hackers on the Internet, only a relatively small number of hackers actually program code. Many hackers seek out and download code written by other people. There are thousands of different programs hackers use to explore computers and networks. These programs give hackers a lot of power over innocent users and organizations -- once a skilled hacker knows how a system works, he can design programs that exploit it.
Malicious hackers use programs to:
• Hack passwords: There are many ways to hack someone's password, from educated guesses to simple algorithms that generate combinations of letters, numbers and symbols. The trial and error method of hacking passwords is called a brute force attack, meaning the hacker tries to generate every possible combination to gain access. Another way to hack passwords is to use a dictionary attack, a program that inserts common words into password fields.
• Infect a computer or system with a virus: Computer viruses are programs designed to duplicate themselves and cause problems ranging from crashing a computer to wiping out everything on a system's hard drive. A hacker might install a virus by infiltrating a system, but it's much more common for hackers to create simple viruses and send them out to potential victims via email, instant messages, Web sites with downloadable content or peer-to-peer networks.
• Log keystrokes: Some programs allow hackers to review every keystroke a computer user makes. Once installed on a victim's computer, the programs record each keystroke, giving the hacker everything he needs to infiltrate a system or even steal someone's identity.
• Gain backdoor access: Similar to hacking passwords, some hackers create programs that search for unprotected pathways into network systems and computers. In the early days of the Internet, many computer systems had limited security, making it possible for a hacker to find a pathway into the system without a username or password. Another way a hacker might gain backdoor access is to infect a computer or system with a Trojan horse.
• Create zombie computers: A zombie computer, or bot, is a computer that a hacker can use to send spam or commit Distributed Denial of Service (DDoS) attacks. After a victim executes seemingly innocent code, a connection opens between his computer and the hacker's system. The hacker can secretly control the victim's computer, using it to commit crimes or spread spam.
• Spy on e-mail: Hackers have created code that lets them intercept and read e-mail messages -- the Internet's equivalent to wiretapping. Today, most e-mail programs use encryption formulas so complex that even if a hacker intercepts the message, he won't be able to read it.
Hacker Hierarchy
Psychologist Marc Rogers says there are several subgroups of hackers -- newbies, cyberpunks, coders and cyber terrorists. Newbies are hackers who have access to hacking tools but aren't really aware of how computers and programs work. Cyberpunks are savvier and are less likely to get caught than a newbie while hacking a system, but they have a tendency to boast about their accomplishments. Coders write the programs other hackers use to infiltrate and navigate computer systems. A cyber terrorist is a professional hacker who infiltrates systems for profit -- he might sabotage a company or raid a corporation's databases for proprietary information [source: Knittel and Soto].
Hacker Culture
Individually, many hackers are antisocial. Their intense interest in computers and programming can become a communication barrier. Left to his or her own devices, a hacker can spend hours working on a computer program while neglecting everything else.
Computer networks gave hackers a way to associate with other people with their same interests. Before the Internet became easily accessible, hackers would set up and visit bulletin board systems (BBS). A hacker could host a bulletin board system on his or her computer and let people dial into the system to send messages, share information, play games and download programs. As hackers found one another, information exchanges increased dramatically.
Super Phreak
Before computer hackers, curious and clever individuals found ways to manipulate the phone system in a phenomenon called phreaking. Through phreaking, these individuals found ways to make long distance calls for free or sometimes just played pranks on other telephone users
Some hackers posted their accomplishments on a BBS, boasting about infiltrating secure systems. Often they would upload a document from their victims' databases to prove their claims. By the early 1990s, law enforcement officials considered hackers an enormous security threat. There seemed to be hundreds of people who could hack into the world's most secure systems at will [source: Sterling].
There are many Web sites dedicated to hacking. The hacker journal "2600: The Hacker Quarterly" has its own site, complete with a live broadcast section dedicated to hacker topics. The print version is still available on newsstands. Web sites like Hacker.org promote learning and include puzzles and competitions for hackers to test their skills.
When caught -- either by law enforcement or corporations -- some hackers admit that they could have caused massive problems. Most hackers don't want to cause trouble; instead, they hack into systems just because they wanted to know how the systems work. To a hacker, a secure system is like Mt. Everest -- he or she infiltrates it for the sheer challenge. In the United States, a hacker can get into trouble for just entering a system. The Computer Fraud and Abuse Act outlaws unauthorized access to computer systems [source: Hacking Laws].
Not all hackers try to explore forbidden computer systems. Some use their talents and knowledge to create better software and security measures. In fact, many hackers who once used their skills to break into systems now put that knowledge and ingenuity to use by creating more comprehensive security measures. In a way, the Internet is a battleground between different kinds of hackers -- the bad guys, or black hats, who try to infiltrate systems or spread viruses, and the good guys, or white hats, who bolster security systems and develop powerful virus protection software.
Hackers on both sides overwhelmingly support open source software, programs in which the source code is available for anyone to study, copy, distribute and modify. With open source software, hackers can learn from other hackers' experiences and help make programs work better than they did before. Programs might range from simple applications to complex operating systems like Linux.
There are several annual hacker events, most of which promote responsible behavior. A yearly convention in Las Vegas called DEFCON sees thousands of attendees gather to exchange programs, compete in contests, participate in panel discussions about hacking and computer development and generally promote the pursuit of satisfying curiosity. A similar event called the Chaos Communication Camp combines low-tech living arrangements -- most attendees stay in tents -- and high-tech conversation and activities.
Hackers and the Law
In general, most governments aren't too crazy about hackers. Hackers' ability to slip in and out of computers undetected, stealing classified information when it amuses them, is enough to give a government official a nightmare. Secret information, or intelligence, is incredibly important. Many government agents won't take the time to differentiate between a curious hacker who wants to test his skills on an advanced security system and a spy.
Laws reflect this attitude. In the United States, there are several laws forbidding the practice of hacking. Some, like 18 U.S.C. § 1029, concentrate on the creation, distribution and use of codes and devices that give hackers unauthorized access to computer systems. The language of the law only specifies using or creating such a device with the intent to defraud, so an accused hacker could argue he just used the devices to learn how security systems worked.
Another important law is 18 U.S.C. § 1030, part of which forbids unauthorized access to government computers. Even if a hacker just wants to get into the system, he or she could be breaking the law and be punished for accessing a nonpublic government computer [Source: U.S. Department of Justice].
Punishments range from hefty fines to jail time. Minor offenses may earn a hacker as little as six months' probation, while other offenses can result in a maximum sentence of 20 years in jail. One formula on the Department of Justice's Web page factors in the financial damage a hacker causes, added to the number of his victims to determine an appropriate punishment [Source: U.S. Department of Justice].
Other countries have similar laws, some much more vague than legislation in the U.S. A recent German law forbids possession of "hacker tools." Critics say that the law is too broad and that many legitimate applications fall under its vague definition of hacker tools. Some point out that under this legislation, companies would be breaking the law if they hired hackers to look for flaws in their security systems [source: IDG News Service].
Hackers can commit crimes in one country while sitting comfortably in front of their computers on the other side of the world. Therefore, prosecuting a hacker is a complicated process. The Week in Review is edited and published by Jack Spratts. Law enforcement officials have to petition countries to extradite suspects in order to hold a trial, and this process can take years. One famous case is the United States' indictment of hacker Gary McKinnon. Since 2002, McKinnon fought extradition charges to the U.S. for hacking into the Department of Defense and NASA computer systems. McKinnon, who hacked from the United Kingdom, defended himself by claiming that he merely pointed out flaws in important security systems. In April 2007, his battle against extradition came to an end when the British courts denied his appeal [Source: BBC News].
Hacking a Living
Hackers who obey the law can make a good living. Several companies hire hackers to test their security systems for flaws. Hackers can also make their fortunes by creating useful programs and applications, like Stanford University students Larry Page and Sergey Brin. Page and Brin worked together to create a search engine they eventually named Google. Today, they are tied for 26th place on Forbes' list of the world's most wealthy billionaires [source: Forbes].
Famous Hackers
Steve Jobs and Steve Wozniak, founders of Apple Computers, are both hackers. Some of their early exploits even resemble the questionable activities of some malicious hackers. However, both Jobs and Wozniak outgrew their malicious behavior and began concentrating on creating computer hardware and software. Their efforts helped usher in the age of the personal computer -- before Apple, computer systems remained the property of large corporations, too expensive and cumbersome for average consumers.
Linus Torvalds, creator of Linux, is another famous honest hacker. His open source operating system is very popular with other hackers. He has helped promote the concept of open source software, showing that when you open information up to everyone, you can reap amazing benefits.
Richard Stallman, also known as "rms," founded the GNU Project, a free operating system. He promotes the concept of free software and computer access. He works with organizations like the Free Software Foundation and opposes policies like Digital Rights Management.
On the other end of the spectrum are the black hats of the hacking world. At the age of 16, Jonathan James became the first juvenile hacker to get sent to prison. He committed computer intrusions on some very high-profile victims, including NASA and a Defense Threat Reduction Agency server. Online, Jonathan used the nickname (called a handle) "c0mrade." Originally sentenced to house arrest, James was sent to prison when he violated parole.
Kevin Mitnick gained notoriety in the 1980s as a hacker who allegedly broke into the North American Aerospace Defense Command (NORAD) when he was 17 years old. Mitnick's reputation seemed to grow with every retelling of his exploits, eventually leading to the rumor that Mitnick had made the FBI's Most Wanted list. In reality, Mitnick was arrested several times for hacking into secure systems, usually to gain access to powerful computer software.
Kevin Poulsen, or Dark Dante, specialized in hacking phone systems. He's famous for hacking the phones of a radio station called KIIS-FM. Poulsen's hack allowed only calls originating from his house to make it through to the station, allowing him to win in various radio contests. Since then, he has turned over a new leaf, and now he's famous for being a senior editor at Wired magazine.
Adrian Lamo hacked into computer systems using computers at libraries and Internet cafes. He would explore high-profile systems for security flaws, exploit the flaws to hack into the system, and then send a message to the corresponding company, letting them know about the security flaw. Unfortunately for Lamo, he was doing this on his own time rather than as a paid consultant -- his activities were illegal. He also snooped around a lot, reading sensitive information and giving himself access to confidential material. He was caught after breaking into the computer system belonging to the New York Times.
It's likely that there are thousands of hackers active online today, but an accurate count is impossible. Many hackers don't really know what they are doing -- they're just using dangerous tools they don't completely understand. Others know what they're doing so well that they can slip in and out of systems without anyone ever knowing.
http://computer.howstuffworks.com/hacker.htm
Three Backdoor Programs Hackers Use to Control Your Computer
There is a common misconception about security today, and it isn’t pretty. Most users would love to believe that their pricey consumer firewalls shield them from anything obscene. The sad part is they couldn’t be more wrong. We seek to prove this with three separate programs that can compromise your computers security before you have a chance to say “What’s a backdoor?” And yes, these programs were created in the 1990's, but still pose as a valid threat today. Namely the first two, which are still being developed.
Back Orifice / Back Orifice 2000
Back Orifice, or BO, is one of the more common backdoor programs- and one of the most lethal. The name may seem like a joke, but rest assured, the threat is real. Back Orifice was created by the Cult of the Dead Cow group. If you haven’t noticed, they seem to have a knack for a sense of off-the-wall humor. Aside from the bizarre name, the program commonly runs on port 31337- a reference to the “Leet” phenomenon popular among hackers.
Pictured above is Back Orifice Version 2000. Back Orifice uses the client-server model, whereas the server is the victim and the client is the attacker. What makes Back Orifice so dangerous is that it can install and operate silently. There is no need for user interaction whatsoever, meaning you could have it on your computer right now and not be aware of it.
Companies such as Symantec have taken steps in guarding computers against the program, as they have deemed it as dangerous. Still yet, more and more attacks are using Back Orifice 2000. This is due partly to the fact that it is still being actively developed as an open source tool. As stated in the BO documentation, the goal is to ultimately make the presence of Black Orifice 2000 unknown- even to those who installed it.
Back Orifice 2000 is being developed for Windows 95, Windows 98, Windows NT, Windows 2000, and Windows XP.
Where Can I Download Back Orifice 2000?
Back Orifice 2000 may be downloaded at the following location:
http://sourceforge.net/projects/bo2k/
I’m Infected! How do I remove it?
Removal of Back Orifice 2000 will require that you edit your registry settings. To remove it in 7 easy steps, refer to the diagram below.
How To Remove Back Orifice 2000
1. Click Start > Run, and then type “Regedit” (without quotes)
2. Follow the below path: “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio n\RunServices”
3. Now in the right window, look for the following: “umgr32 = 'c:\windows\system\umgr32.exe''
4. Right click on this entry, and click delete. Now restart your computer.
5. After the restart, only open Windows Explorer. Make sure you can see all registered extensions. To do so, go to View > Options, and configure the appropriate settings.
6. Go to the WINDOWS\SYSTEM directory, and find the "umgr32.exe" file. Once you've found it, delete it.
7. Exit Windows Explorer and restart your computer once more.
NetBus / Netbus 2.0 Pro
NetBus was created around the same time that Back Orifice was- the late 1990’s. NetBus was originally designed as a program to prank friends and family with- certainly nothing too malicious. However, the program was released in 1998- and was widely used as a backdoor for controlling a computer.
Just like Back Orifice, NetBus allows an attacker to do virtually anything to a victim’s computer. It also works just fine under Windows 9x systems, as well as Windows XP. Unlike Back Orifice, the latest version of NetBus is considered shareware- not freeware. NetBus has also implemented less stealthy operation, as a direct result of criticism and complaints of malicious use.
Where can I Buy and Download NetBus?
NetBus may be bought and downloaded at the following location:
http://www.netbus.org/
Ok- I’m infected. Now What?
Luckily, the latest version of NetBus is a valid program. It can be removed just like any other program. Previous releases of NetBus are a little more difficult, however. If you aren’t lucky enough to have been attacked with the latest version, the removal process is much like Back Orifice’s.
How To Remove NetBus
1. Click Start > Run, and then type “Regedit” (without quotes)
2. Follow the below path: “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio n\RunServices”
3. Now in the right window, look for the following: “[Name_of_Server].exe'' Of course, you will have to find the actual name of the exe file. It is commonly “Patch.exe” or “SysEdit.exe”, but may differ.
4. Restart, and remove any traces of the actual program that may be left. Optionally, you may Install NetBus yourself, and then use its own removal feature.
SubSeven / Sub7
SubSeven, or Sub7, was created for the same purpose NetBus was- for pranks. Sub7 actually has support for more pranks, and also has a better looking user interface. Sub7 is also widely used by script kiddies, although it is caught by many firewalls and antivirus programs before initializing.
Since Sub7 has not been supported for several years, its threat is usually very low. Most security programs will not have any trouble in stopping Sub7 before it has a chance to be run. This goes to show that the importance for upgrades and security programs is vital, since these tools do still exist.
Nonetheless, it is commonly used by those who have physical access to your firewall or security programs. If proper access rights are granted, this tool will work without restriction.
Where can I Buy and Download Sub7?
Sub7 is not supported anymore, and thus, is not available for download on any legit websites. If you were to do a Google search, you would find links to download Sub7. However, these are not official sites, and should be considered shady or dangerous.
Sounds Harmless, How do I Remove It?
How To Remove Sub7
1. End the following processes via task manager: ”editserver.exe, subseven.exe”
2. Remove the following files: “editserver.exe, subseven.exe, tutorial.txt.”
Why These Programs Are Completely Legal
The entire basis behind these programs is that they are designed to help people- not do harm. While some such as NetBus were indeed originally created for pranks, they have switched routes to avoid legal troubles.
These programs claim to be legit remote desktop programs, although they are obviously easily used for malicious use. These programs are actually supposed to be used for helpdesk or customer support departments. Why every pre-teen has a copy of these programs is beyond us, but keeping them off your network and computer is a good idea.
The advent of newer technology has made these programs in some ways less effective. However, programs such as Back Orifice 2000 are still yet evolving, so don’t be surprised to learn that it is running in the background, waiting for instructions. Since the best defense is a good offense, be sure to keep a sharp eye on what is installed on network computers. After all, an ounce of prevention is worth a pound of cure.
http://www.learn-networking.com/netw...-backdoors.php
Computer Scientist Fights Threat of ‘Botnets’
Brian Mattmiller
Computer scientist Paul Barford has watched malicious traffic on the Internet evolve from childish pranks to a billion-dollar “shadow industry” in the last decade, and his profession has largely been one step behind the bad guys. Viruses, phishing scams, worms and spyware are only the beginning, he says.
“Some of the most worrisome threats today are things called ‘botnets’ — computers that are taken over by an outside party and are beyond the user’s control,” says Barford of UW–Madison. “They can do all sorts of nasty things: steal passwords, credit card numbers and personal information, and use the infected machine to forward spam and attack other machines.
“Botnets represent a convergence of all of the other threats that have existed for some time,” he adds.
One of the most menacing aspects of botnets is that they can go largely undetected by the owner of a personal computer. That feature has allowed botnets to grow exponentially online, with millions of infected computers bought and traded on an underground market that one security company estimates has surpassed $1 billion in activity, Barford says.
Motivated by this growing threat, Barford is developing a new technology that may head off hackers at the pass.
In June 2007, Barford and colleagues opened a spinoff company at the MG&E Innovation Center of University Research Park called Nemean Networks, LLC. The company is developing a new approach to detecting network intrusions that offers a significant improvement over the current state of the art. Nemean is based on four distinct patents that are either filed or are in process with the Wisconsin Alumni Research Foundation (WARF).
Most network-intrusion systems today are comparing traffic against a database, collected by hand, of previously recognized attack signatures. The innovation with Nemean is a method to automatically generate intrusion signatures, making the detection process faster and more precise.
The Achilles’ heel of current commercial technology is the number of false positives they generate, Barford says. Hackers have become so adept at disguising malicious traffic to look benign that security systems now generate literally thousands of false positives, which Nemean virtually eliminates.
In a test comparing Nemean against a current technology on the market, both had a high detection rate of malicious signatures — 99.9 percent for Nemean and 99.7 for the comparison technology. However, Nemean had zero false positives, compared to 88,000 generated by the other technology.
“The technology we’re developing here really has the potential to transform the face of network security,” says Barford, whose research is supported by the National Science Foundation, the Army Research Office and the Department of Homeland Security. “Our objective is to build this company into a world leader in network securty solutions.”
Nemean was developed and tested on the Wisconsin Advanced Internet Laboratory (WAIL), a unique test bed for examining complex behavior on the Internet. WAIL provides researchers with a microcosm of the Internet, allowing them to study security, speed, efficiency of transfer and other Internet issues. Funded by Cisco Systems CEO John Morgridge, WAIL is a computer science parallel to the model organism in biology.
While Barford has high hopes for Nemean, he says Internet security is a continuous process and there will never be a single cure-all to the problem.
“This is an arms race and we’re always one step behind,” he says. “We have to cover all the vulnerabilities. The bad guys only have to find one.”
Nemean is funded by an angel investment group composed of UW–Madison alumni who are working to foster technology transfer from the campus. The company also is working in close partnership with the Division of Information Technology (DoIT) at UW–Madison to test and evaluate the research prototype version of its first product.
http://www.news.wisc.edu/14380
Security Consultant Admits to Hijacking PCs to Use in Crimes
Jessica Guynn
A Los Angeles man entrusted with making personal computers safer has admitted to hacking into them to create a rogue network of as many as a quarter-million PCs, which he used to steal money and identities.
Federal prosecutors Friday said that John Kenneth Schiefer, a 26-year-old computer security consultant, used an army of hijacked computers, known as a "botnet," to carry out a variety of schemes to rip off unsuspecting consumers and corporations.
Schiefer agreed to plead guilty to four felony charges in connection with the case and faces up to 60 years in prison and a $1.75-million fine, according to court documents filed Friday in federal court in Los Angeles.
His lawyer, Arthur Barens, could not be reached for comment.
The vast number of computers that Schiefer compromised -- as many as 250,000 -- highlights a stealthy online crime spree on the rise. These botnets, short for "robot networks," remotely harvest personal information, including user names and passwords, to give their operators access to credit card information and online bank accounts.
Federal law enforcement agencies have stepped up their pursuit of botnet operators in recent years as they have drained bank accounts, stolen identities and overwhelmed federal authorities, security experts say.
"We have seen a dramatic uptick in the last few years in the number of botnets being used to give their masters direct financial gain," said Jose Nazario, a senior researcher at online security firm Arbor Networks Inc.
Schiefer, who on the Internet went by the handles "acidstorm," "acid" and "storm," is the first person to be accused under federal wiretapping law of operating a botnet, said Assistant U.S. Atty. Mark Krause in Los Angeles.
By intercepting electronic communications, Schiefer stole user names and passwords for EBay Inc.'s PayPal online payment service to make unauthorized purchases. He also passed the stolen account information on to others.
EBay spokesman Hani Durzy could not be reached for comment.
At one point, according to the plea agreement, a conspirator named "Adam" expressed concern about stealing money. Schiefer responded by reminding Adam that he was not yet 18 and should "quit being a bitch and claim it."
Schiefer's indictment caps a federal investigation that began in 2005 and uncovered a variety of schemes. Prosecutors said Schiefer and his cohorts, who were not named, used illicit software they planted on people's PCs to spirit account information from a storage area in Windows-based computers.
He also was paid by a Dutch Internet advertising company to install its programs on people's computers when they consented, but he installed it on more than 150,000 PCs without permission, earning more than $19,000 in commissions.
In all, the federal indictment includes four counts of accessing protected computers to commit fraud, disclosing illegally intercepted electronic communications, wire fraud and bank fraud. Federal authorities said they were still trying to identify victims and the scope of their losses.
Schiefer carried out the crimes using computers at his home and office, prosecutors said. Henry Park, president of Los Angeles-based 3G Communications, where Schiefer worked, could not be reached for comment.
"John Schiefer was an information security professional who betrayed the trust that both his employer and society placed in him," Assistant U.S. Atty. Krause said.
Krause would not say how federal authorities captured Schiefer or whether they planned to charge others in the case. Schiefer has agreed to make an initial appearance in Los Angeles on Nov. 28 and to be arraigned on Dec. 3.
He could face a long prison stretch. In May 2006, a Downey man, Jeanson James Ancheta, was sentenced to almost five years in federal prison after pleading guilty to four felony charges for using botnets to spread spyware and send spam.
http://www.latimes.com/business/la-f...ck=1&cset=true
Buggy Game DRM Puts Windows Users at Risk
Gregg Keizer
Flawed antipiracy software now being exploited by attackers has been bundled with Windows for the last six years to protect game publishers, Macrovision Corp. said today.
The "secdrv.sys" driver has shipped with all versions of Windows XP, Windows Server 2003 and Windows Vista "to increase compatibility and playability" of games whose publishers license Santa Clara, Calif.-based Macrovision's SafeDisc copy-protection offering, Macrovision spokeswoman Linda Quach said in an e-mail. "Without the driver, games with SafeDisc protection would be unable to play on Windows," said Quach.
"The driver validates the authenticity of games that are protected with SafeDisc and prohibits unauthorized copies of such games to play on Windows," she added.
The privilege elevation bug in the driver first surfaced more than three weeks ago, when Symantec Corp. researcher Elia Florio spotted the vulnerability being actively exploited. The presence of the file -- dubbed Macrovision Security Driver -- is enough to open Windows XP and Server 2003 machines to attack; users do not have to play a SafeDisc-protected game to be vulnerable.
Microsoft is working on an update, but it refused to commit to delivering an update for secdrv.sys by next Tuesday, its next scheduled patch delivery day. "Microsoft will provide a security update through its regularly scheduled monthly release process once that update is ready and has been fully tested," a Microsoft spokesman said in an e-mail.
Users can remove the vulnerable driver -- it's typically found in the "%System%\drivers" folder -- or update it with a more recent, and apparently safe, version by downloading it from the Macrovision site. "[But] if removed, Macrovision SafeDisc games will not run properly," the Microsoft spokesman cautioned.
Secdrv.sys is included with Windows Vista, but Microsoft's newest operating system is safe from attack, said Quach. "Microsoft and Macrovision worked together during the development of Windows Vista RTM [release to manufacturing] to review the security of the Vista version of the driver," she said. " Thanks to this security review, this vulnerability is not present in Windows Vista." Microsoft went a step further and credited its Security Development Lifecycle (SDL) approach for beefing up the driver.
The version Macrovision offers XP and Server 2003 users as an update is identical to the one built for Windows Vista, Quach said.
As for the three-week stretch between first disclosure of the Macrovision bug and Microsoft's advisory, Microsoft's spokesman denied the company had dragged its feet. "Macrovision and Microsoft immediately began investigating the vulnerability when proof-of-concept code was publicly posted Oct. 17," said the spokesman. The investigation wasn't the only thing that was a Microsoft-Macrovision joint effort: many of the responses the two companies gave to similar questions were word-for-word matches.
In a follow-up posting to the Symantec security blog, Elia Florio, the researcher who first disclosed that an exploit was on the loose said that home users are actually less at risk than business users -- an unusual turn-about. "The attacker has to be logged on to the computer with an account [which] mitigates risks for home users who often work with one account on their computers," he said. "The situation is more complicated for corporate networks, where multiple users with different privileges can log on to different computers."
Even so, everyone should apply Microsoft's fix or update the driver, Florio said. "Malware dropped on the system via some other exploit, [such as] a browser vulnerability or the recent PDF exploit, could potentially take advantage of the bug to take further control of the computer and bypass other layers of protection."
http://www.computerworld.com/action/...icleId=9045978
The World's Biggest Botnets
What makes three of today's largest botnets tick, what they're after – and a peek at the 'next' Storm
Kelly Jackson Higgins
You know about the Storm Trojan, which is spread by the world's largest botnet. But what you may not know is there's now a new peer-to-peer based botnet emerging that could blow Storm away.
"We're investigating a new peer-to-peer botnet that may wind up rivaling Storm in size and sophistication," says Tripp Cox, vice president of engineering for startup Damballa, which tracks botnet command and control infrastructures. "We can't say much more about it, but we can tell it's distinct from Storm."
It's hard to imagine anything bigger and more complex than Storm, which despite its nefarious intent as a DDOS and spam tool has awed security researchers with its slick design and its ability to reinvent itself when it's at risk of detection or getting busted. Storm changed the botnet game, security experts say, and its successors may be even more powerful and wily. (See Attackers Hide in Fast Flux and Researchers Fear Reprisals From Storm.)
Botnets are no longer just annoying, spam-pumping factories -- they're big business for criminals. This shift has even awakened enterprises, which historically have either looked the other way or been in denial about bots infiltrating their organizations. (See Bots Rise in the Enterprise.)
"A year ago, the traditional method for bot infections was through malware. But now you're getting compromised servers, with drive-by downloads so prevalent that people are getting infected without realizing it," says Paul Ferguson, network architect for Trend Micro. "No one is immune."
Researchers estimate that there are thousands of botnets in operation today, but only a handful stand out by their sheer size and pervasiveness. Although size gives a botnet muscle and breadth, it can also make it too conspicuous, which is why botnets like Storm fluctuate in size and are constantly finding new ways to cover their tracks to avoid detection. Researchers have different head counts for different botnets, with Storm by far the largest (for now, anyway).
Damballa says its top three botnets are Storm, with 230,000 active members per 24 hour period; Rbot, an IRC-based botnet with 40,000 active members per 24 hour period; and Bobax, an HTTP-based botnet with 24,000 active members per 24 hour period, according to the company.
Here's a look at the world's top three biggest botnets.
1. Storm
Size: 230,000 active members per 24 hour period
Type: peer-to-peer
Purpose: Spam, DDOS
Malware: Trojan.Peacomm (aka Nuwar)
Few researchers can agree on Storm's actual size -- while Damballa says its over 200,000 bots, Trend Micro says its more like 40,000 to 100,000 today. But all researchers say that Storm is a whole new brand of botnet. First, it uses encrypted decentralized, peer-to-peer communication, unlike the traditional centralized IRC model. That makes it tough to kill because you can't necessarily shut down its command and control machines. And intercepting Storm's traffic requires cracking the encrypted data.
But this also makes Storm easier to detect, says Joe Stewart, a senior security researcher with SecureWorks, who closely tracks Storm. "Before, we had difficulty distinguishing Storm traffic from eDonkey and other peer-to-peer traffic on Overnet," Stewart says. "eDonkey/Overnet traffic is very fingerprintable in size and frequency of packets, so now we can rule it out because it's not encrypted." And Storm uses fairly basic encryption, he says, which can be reverse engineered.
Storm also uses fast-flux, a round-robin method where infected bot machines (typically home computers) serve as proxies or hosts for malicious Websites. These are constantly rotated, changing their DNS records to prevent their discovery by researchers, ISPs, or law enforcement. And researchers say it's tough to tell how the command and control communication structure is set up behind the P2P botnet. "Nobody knows how the mother ships are generating their C&C," Trend Micro's Ferguson says.
Storm is a complex combination of malware called Peacomm that includes a worm, rootkit, spam relay, and Trojan. Shane Coursen, senior technical consultant for Kaspersky Lab, says the worm component is the "gelatin" that compromises a machine and sends off STMP-based emails. "The rootkit is only activated when a person who receives the spam email clicks on the attachment and launches it, for example," he says.
It's also spread through malicious Websites, when a user visits an infected site or clicks on a link to one.
"At the risk of giving them accolades, they've got a great business model... It's criminals catering to criminals, and I don’t see any slowdown," Coursen says.
Storm has survived thus far with its supersized spam runs, and the fact that the casual user won't know he's infected with a rootkit. But researchers don't know -- or can't say -- who exactly is behind Storm, except that it's likely a fairly small, tightly knit group with a clear business plan. "All roads lead back to Russia," Trend Micro's Ferguson says.
"Storm is only thing now that keeps me awake at night and busy," he says. "It's professionalized crimeware... They have young, talented programmers apparently. And they write tools to do administrative [tracking], as well as writing cryptographic routines... and another will handle social engineering, and another will write the Trojan downloader, and another is writing the rootkit."
But the big worry is that Storm, which mostly has been used for spam, stealing credit-card information, and trafficking in stolen goods and fraud, will be channeled into more destructive uses. "The possibility exists that it could be used for more nefarious purposes," Ferguson says. "You can use your imagination."
2. Rbot
Size: 40,000 active members per 24 hour period
Type: IRC
Purpose: DDOS, spam, malicious operations
Malware: Windows worm
Rbot is basically an old-school IRC botnet that uses the Rbot malware kit. It isn't likely to ever reach Storm size because IRC botnets just can't scale accordingly. "An IRC server has to be a beefy machine to support anything anywhere close to the size of Peacomm/Storm," Damballa's Cox says.
The botnet mainly sends spam runs and executes DDOS attacks, but it can also be used for other criminal purposes. "It's difficult to predict the intent of it. It's a utility bot," he says. It self-propagates by scanning local networks for exploitable vulnerabilities, for instance, he says, as well as via DDOS attacks and email.
It can disable antivirus software, too. Rbot's underlying malware uses a backdoor to gain control of the infected machine, installing keyloggers, viruses, and even stealing files from the machine, as well as the usual spam and DDOS attacks. "The Rbot [malware] is readily available to anyone who wants try to apply some kind of criminal activity in the bot arena," Cox says.
Who's behind the Rbot botnet? "We've seen a lot [of activity] in the black market... for malware development," for instance, he says, adding that it's mostly in Eastern Europe and the former Soviet Republic.
3. Bobax
Size: 24,000 active members per 24 hour period
Type: HTTP
Purpose: Spam
Malware: Mass-mailing worm
Botnets that communicate via HTTP are as difficult to detect as those like Storm that talk via P2P networks. Bobax ranks as the third biggest botnet, with over 20,000 active bots per day, according to Damballa. "It's been around a long time," Cox says. "And it's still in our top three."
Bobax is specifically for spamming, Cox says, and uses the stealthier HTTP for sending instructions to its bots on who and what to spam. "HTTP bots in general do provide an additional level of security to the bot armies because the Web is the predominant type of traffic on the Net," he says. "We look for locations where the C&C is hosted, and that's how we track" Bobax and other HTTP-driven botnets.
According to Symantec, Bobax bores open a back door and downloads files onto the infected machine, and lowers its security settings. It spreads via a buffer overflow vulnerability in Windows, and inserts the spam code into the IE browser so that each time the browser runs, the virus is activated. And Bobax also does some reconnaissance to ensure that its spam runs are efficient: It can do bandwidth and network analysis to determine just how much spam it can send, according to Damballa. "Thus [they] are able to tailor their spamming so as not to tax the network, which helps them avoid detection," according to company research.
Even more frightening, though, is that some Bobax variants can block access to antivirus and security vendor Websites, a new trend in Website exploitation. (See Honeynet Project: Attackers Know Where You Live.)
Meanwhile, size doesn't always matter with botnets. "Depending on your motivations, you can likely accomplish pretty much whatever you want with less than 50 bots -- 4-Gbit/s DDOS, millions of spam per hour, and entire phishing system, etc.," says Danny McPherson, chief research officer for Arbor Networks. "Of course, lifting things like CD keys, pulling data from keystroke loggers, or lifting addresses from address books is more interesting with larger numbers" of bots, he says.
And the more professional botnet operators are staging more targeted, purposeful attacks. They are less into DDOSing-for-hire and more into gathering personal data for profit, notes André M. Di Mino, a director of The Shadowserver Foundation, which researches botnet activity. "That's a new and disturbing trend," he says.
The key, of course, is getting to the faces behind these bot armies, which is no simple task. "We've been trying to fight botnets from the bottom up by updating AV and network detection methods, which is effective. But to really get to root of it, you need to go after the people pulling the strings," Trend Micro's Ferguson says. "This is a criminal trade and needs to be treated that way."
http://www.darkreading.com/document....WT.svl=news1_1
OMG!!! The End of Online Stupidity?
Finally, software developers are building a filter that blocks unintelligible comments, writes Fortune's Josh Quittner.
Josh Quittner
Internet veterans have long complained about the steady erosion of civility -- and worse, intelligence -- in online discourse. Initially the phenomenon seemed to be a seasonal disorder. It occurred every September when freshmen showed up for college and went online. Tasting for the first time the freedom and power of the Internet, the newbies would behave like a bunch of drunken fraternity pledges, filling electronic bulletin boards with puerile remarks until the upperclassmen could whip them into shape.
Things took a dramatic turn for the worse in 1993, when AOL (Charts, Fortune 500) loosed its tens of thousands -- and then millions -- of users onto the Net. The event came to be known as the Endless September, and true to its name, it continues to this day.
Irony and its sneering cousin, sarcasm, can fool the best filter.
It's a serious problem. Fools and bandwidth hogs have a way of driving traffic away from the most successful online destinations, a phenomenon that could ruin the emerging social networks and user-generated aggregators like Digg.
But there's still hope for intelligent life on the Internet. A team of software developers is hard at work on a "stupid filter" that promises to do to idiotic online comments what a spam filter does to junk and unwanted e-mail: put it in a place where it can't hurt anyone anymore.
Blackberry autism: a pandemic
That's the mission, anyway, of the cadre of techies toiling under the leadership of Gabriel Ortiz, a 27-year-old systems administrator in Albuquerque. Ortiz's team is readying a free, open-source version they hope to release by year's end and make available as a standard plug-in on the popular Firefox browser by early next year.
How does it work? Say a user wants to post a really, really dumb comment on, for example, cnnmoney.com, where some of you might be reading this now.
If cnnmoney had the filter installed on its servers, it would intercept the comment just before it was published and flash a little alert at the author that reads: "This comment is more or less unintelligible. Please try to restate it."
The writer would get another crack at it, and another, until at last he was able to muster a few words of intelligence, or in frustration wandered off to inflict those LOL!!!!!s and OMG!!!!s on some more tolerant site.
From a programming standpoint, not to mention a social one, building a piece of software that can separate intellectual wheat from chaff is tricky; it's far more difficult than building a spam filter, says Ortiz. That's because spam filters tend to do relatively simple pattern matching, searching e-mail for words that pop up frequently in junk mail.
Your spam filter sees V*I*A*G*R*A and without rolling its eyes flicks the offending missive into the junk folder, where it can be deleted along with the rest of its filthy brethren.
But thanks in part to irony and its sneering cousin, sarcasm, stupidity is tougher to spot. "Smart people are often ironic," says Ortiz, noting that irony, to a computer anyway, can sound stupid. Writers who are otherwise intelligent will intentionally misspell words or break the ironclad rules of grammar to make a point.
The stupid-filter team is trying to accommodate this behavior with a variety of rules of thumb. For instance, Ortiz, who studied linguistics as an undergrad, recently noticed a pattern in the way some writers use letter repetition. The clueless tend to repeat consonants: "This video is amazinggggg!!!" By comparison, says Ortiz, "when you repeat a vowel, you're being sarcastic -- 'Yeaaaaaah.' We'll be using several different methods to try to mediate this."
The first line of defense is context -- using well-established markers of standard English to judge a piece of writing. For instance, if the rest of the sentences in a comment are grammatical, and difficult words are spelled properly -- Ortiz mentioned "zucchini," which I had to look up -- the message ought to get by the filter. If the rest of the comment is unintelligible, it will be screened.
Perhaps the most interesting -- and ironic -- aspect of the project is the way Ortiz's team is tapping into the wisdom of crowds to debug its filter. They are encouraging readers to visit their site,
http://stupidfilter.org/main/, where you can help them rate on a scale of one to five a selection of potentially dumb posts culled from -- where else? -- YouTube.
Ortiz has clearly hit a nerve. Offers of help have been rolling in from all over the world ever since the project was unveiled. He thinks there might even be a business in it, since staying current with pop culture and maintaining the corpus of stupidity is more or less a full-time job. To which I'd add, Yeaaaaaah.
http://money.cnn.com/magazines/fortu...ion=2007110712
Until next week,
-
js.
Current Week In Review
Recent WiRs -
November 3rd,
October 27th,
October 20th,
October 13th
Jack Spratts' Week In Review is published every Friday. Submit letters, articles and press releases in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. Questions or comments? Call (617) 939-2340, country code U.S.. The right to publish all remarks is reserved.
"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black