"So you want us to give you all this stuff for free and people will use it on video? No, no, no. Let me tell you want I would like to do. I would like to put my head down on the desk, close my eyes, and when I count to 10 and look up, I want you both out of my office." – Mel Karmazin
"Data's got to continuously move to stay alive; and it's got to be frequently accessed by a lot of people. Open source, publicly documented formats and software will be the long-term survivors." – Kurt Bollacker
"Step by step, the government is logging details of every man, woman and child in 'Big Brother' computers." – Oliver Heald
"Are you saying that you might object to the court giving us decisions that you’ve publicly announced? Are we a little Alice in Wonderland here?" – U.S. Senator Arlen Specter, R-PA
"I'm blacklisted, man, a permanent menace to society, I guess. It's too bad because there are some things I think I could contribute." – Cap’n Crunch
"In some ways it's become like a sporting event. There's baseball season, basketball season, football season and `American Idol' season." – Preston Beckman
"Our shows hang in there OK. The other guys kind of get vaporized." – Kelly Kahl
"I'm effete. I'm not a tough guy. This is all an act." – Bill O'Reilly
"He seems like a nice enough guy." – Stephen Colbert
"Movies sometimes matter, but few revolutions begin in a movie seat." – David Carr
"A bullet was fired at freedom of thought and democratic life in Turkey." – Recep Tayyip Erdogan
January 20th, '07
AT&T to Offer $20 'Naked' DSL Service
Leslie Cauley
Cheaper high-speed Internet service is coming.
Within a few months, AT&T is expected to start charging $19.95 a month for "naked" DSL, meaning you don't have to buy any other AT&T (T) service, including phone, to get that rate. It currently charges $45 for a stand-alone broadband subscription.
AT&T also is developing $10 DSL for new subscribers who also buy AT&T-branded phone service.
AT&T plans to offer both services for at least 30 months. The clock starts as soon as the media giant starts selling them in any of the 22 states where it is the incumbent local phone company, including California, Florida, Illinois and Texas.
Why so cheap? Three words: Federal Communications Commission.
The FCC, which has broad regulatory control over the U.S. telecommunications industry, recently approved AT&T's acquisition of BellSouth. To get needed votes from the FCC's two Democratic members, AT&T agreed, reluctantly, to offer these DSL bargains.
AT&T is required to roll out the $19.95 offer within one year and the $10 rate within six months. Gene Kimmelman, public policy director of Consumers Union, says he expects AT&T to move faster.
Under the terms of the FCC agreement, AT&T is required to offer naked DSL for $19.95 in markets that are at least 80% upgraded for broadband. That describes many of AT&T's biggest markets, says Kimmelman, who helped negotiate the settlement.
Under the deal, AT&T's cheap DSL products will clock in at 768 kilobits per second. While that's slower than the 1.5 to 3 megabits popular with many U.S. consumers, "it's more than good enough" for Internet telephony, Kimmelman says.
As such, he thinks the twin offers could help spur sales of Internet telephony across the USA. "This opens the door for consumers" to pick other local and long-distance providers," Kimmelman says.
For years, Kimmelman notes, consumers had to pay double, essentially, if they wanted to buy a high-speed broadband connection from one carrier and phone service from another. He says that let phone companies such as AT&T push broadband sales while preserving their core phone business, which still accounts for the bulk of profit.
While AT&T, for example, charges $45 for naked DSL, it sells a bundle that includes phone and DSL for just $28 a month.
Cable TV companies do the same thing. If purchased separately, Time Warner charges $45 a month for its high-speed cable modem service and $49.95 for digital phone. A bundle of both — plus TV service — costs $99.
Comcast's service is among the priciest: It charges almost $58 a month for stand-alone broadband.
Kimmelman, for one, thinks AT&T's new DSL pricing will help "discipline" broadband pricing. Once AT&T's $19.95 rate for naked DSL is broadly available, other broadband providers, including cable, "will be hard-pressed to keep hiding behind a higher price."
http://www.usatoday.com/tech/news/20...dsl-usat_x.htm
AT&T Plans ‘Unity’ Strategy for Free Calls
Laurie J. Flynn
Only weeks after closing its deal for BellSouth, AT&T is embarking on an ambitious strategy to show customers the benefit of its owning 100 million phone lines.
In an announcement expected Friday, AT&T will introduce AT&T Unity, a pricing package that allows its cellular customers to call any AT&T landline customer without incurring additional usage fees or using their wireless minutes. While AT&T wireless customers can already call each other free, the new plan will extend the program on a large scale to landline customers, enlarging what AT&T likes to call its “community.”
“I think it’s a very significant development,” said Mark A. Winther, a telecommunications analyst with IDC, a technology consulting firm. “It’s taking the emphasis away from price and putting it on the value of being part of the community.”
Mr. Winther said the package would probably appeal to high-volume customers, both in the consumer market and in small businesses, not to the shopper looking for the lowest monthly rate. The plans apply only to AT&T wireless packages starting at $59.99 for 900 anytime minutes a month.
To subscribe to a AT&T Unity plan, a customer would need to have AT&T wireless service as well as a landline plan that offered unlimited local and long-distance service. AT&T’s unlimited local and long-distance landline service starts at $40 a month if bought online.
The pricing plan comes weeks after AT&T closed its $85.8 billion acquisition of BellSouth, the largest telecommunications merger in history. With the merger, AT&T became the sole owner of Cingular Wireless, and on Monday the company dropped the Cingular brand in favor of the AT&T name. AT&T previously owned 60 percent of Cingular, and BellSouth owned 40 percent. The combined company offers wireless and landline service in 22 states.
“This is the first of many products that are going to come out of the AT&T-BellSouth merger,” said Ralph de la Vega, group president of regional wireline operations for AT&T, of San Antonio.
Mr. Winther said other carriers would probably try to respond with new bundling options, but that AT&T would have an advantage because of its large coverage area.
Other wireless carriers, like T-Mobile with its myFaves option, already allow customers to call landline numbers free, but those are typically restricted to a handful of designated numbers. AT&T’s strategy is a logical step in telecommunications marketing, Mr. Winther said, following on the popularity of bundled packages that combine phone, broadband and cable services on one bill.
http://www.nytimes.com/2007/01/19/business/19phone.html
Verizon to Spin off Some Assets for $2.7 Billion
Marguerite Reardon
Verizon Communications plans to spin off part of its telephone and DSL business in rural parts of the New England and combine it with independent phone company FairPoint Communications in a deal worth $2.7 billion.
Verizon said Tuesday that it will create a separate business unit that will combine its local exchange businesses in Maine, New Hampshire and Vermont with FairPoint's business. FairPoint executives will manage the former Verizon assets and employees. Verizon will own about 60 percent of the new company, and FairPoint will own the remaining 40 percent.
The deal is expected to be finalized within a year, the companies said.
The combined business will be the eighth-largest phone company in the U.S., serving approximately 1.6 million access lines, 234,000 high-speed data subscribers, and 600,000 long-distance customers, FairPoint said in a statement.
The deal is expected to add value to Charlotte, N.C.-based FairPoint, which operates 31 local exchange companies in 18 states. As of September 30, 2006, the company had about 308,858 access lines. In the majority of the rural communities where FairPoint operates, it is the incumbent telephone provider, serving fewer than 2,500 access lines.
Verizon's operations in Maine, New Hampshire and Vermont that will be merged with FairPoint generated about $1.2 billion in revenue in the year that ended December 31, 2005. FairPoint said it also expects to generate $60 million to $75 million in annual cost savings when the operations are combined and fully integrated.
The deal comes as Verizon has been aggressively expanding its fiber-to-the-home network, called Fios, to compete against service packages offered by cable companies. The new Fios network will enable Verizon to offer customers a so-called triple play package that includes high-speed data, telephone and TV services. The company expects to spend about $20 billion over the next few years to build the network.
http://news.com.com/Verizon+to+spin+...3-6150373.html
Once Given Up for Dead, Comcast Defies Its Obits
Geraldine Fabrikant
THREE years ago, with the cable television industry in the doldrums, the Comcast Corporation’s chairman, Brian L. Roberts, approached Mel Karmazin, then the president of Viacom, with a modest proposal: give Comcast the right to show programming from such Viacom properties as CBS and MTV on the cable company’s channels so it could have a leg up on its rivals.
Mr. Roberts was accompanied by one of his senior managers and he vividly recalls Mr. Karmazin’s reaction. “He scrunched up his eyes, looked at us and said, ‘So you want us to give you all this stuff for free and people will use it on video?’ ” Mr. Roberts recalled with a laugh. “And we said, ‘Yes, that’s what we want.’
“No, no, no. Let me tell you want I would like to do,” Mr. Karmazin responded. “I would like to put my head down on the desk, close my eyes, and when I count to 10 and look up, I want you both out of my office.”
Mr. Karmazin, who now runs Sirius Satellite Radio, confirmed the story. “We were a content company with valuable content, and every opportunity we had to charge for my content, I would do it,” he said. “It was not in my DNA to give away valuable content for free.”
Even today, Mr. Roberts recalls Mr. Karmazin’s reaction as typical of those misguided souls who fail to realize that consumers increasingly have the ability to record and watch programs where and when they want. “A person who wants to watch ‘CSI’ or ‘Desperate Housewives’ when the programs are not on, they are going to do it anyway,” he observed. “As a content owner, you should want them to watch your show.”
Brian Roberts has always conducted himself thus — with a straightforward, plain-spoken, that’s-the-way-the-world-works approach to his company, his customers and his competitors. Those qualities have stood Comcast in good stead as it emerges from a gloomy period in which (even though it was making scads of money, thank you) some analysts had written it off as a moribund, wire-bound behemoth doomed to be eclipsed by more nimble telecommunications concerns.
Today, the entire cable business, and Comcast, the country’s largest cable company, are sitting pretty. Amid the scramble that will decide which companies provide consumers with the flood of new media, entertainment and communications services, cable suddenly looks to be the winner. Analysts now say cable operators are better positioned than their rivals. Until quite recently, however, that wasn’t a foregone conclusion because Wall Street — even discounting the myopia that often distorts its vision — had good cause to be pessimistic.
On one side, satellite broadcasters like DirecTV and EchoStar Communications were stealing video customers by offering lower rates and other benefits. On the other, telephone companies, led by AT&T and Verizon Communications, were eager to use cash harvested from their shrinking land-line services to push into growth businesses like high-speed Internet access and video. Cable companies had to fend off these interlopers by investing heavily and continuously in expensive system upgrades to remain competitive. Critics worried that these costs would devour cash and profits, without any certainty of a return on the investments.
“The telephone companies were out there all the time talking about how they were going to kill cable,” recalled Mr. Roberts, whose unsolicited bid for the Walt Disney Company in 2004 led many investors to conclude that even the strongest cable companies were worried about the future. Fortunately for Mr. Roberts and his shareholders, the Disney bid fell apart. Comcast continued to focus on its cable business: expanding revenue and increasing cash flow by offering digital cable, high-speed Internet access and, starting in 2005, digital telephone service.
Money rolled in. Comcast’s cash flow per subscriber, a common industry measurement, has risen at least 10 percent a quarter for 25 consecutive quarters, Mr. Roberts said, and Wall Street has noticed. After falling 22 percent in 2005, Comcast’s stock rose more than 60 percent last year, and it has climbed an additional 5.4 percent so far this year. From an intraday low of $25.35 a little more than a year ago, the shares now trade at $44.61.
Comcast is by far the industry leader, with 24 million cable subscribers, of whom 11 million also pay for high-speed Internet and 2.1 million also have telephone service. Smaller rivals are also getting a new measure of respect from investors. The board of Cablevision Systems, based in Bethpage, N.Y., rejected an $8.9 billion buyout offer from its founding family, the Dolans, just last week, saying the bid undervalued the company.
Institutional investors, meanwhile, have been scooping up Comcast stock: Marsico Capital Management has acquired about 60 million shares, or 5.2 percent of the company, for example. Dodge & Cox funds of San Francisco has accumulated 109.5 million shares, and Geico, a subsidiary of Warren E. Buffett’s Berkshire Hathaway, owns 11 million.
Satellite services and telephone companies are still vigorously competing for cable’s subscribers, but cable companies, led by Comcast, have taken charge by using competitors’ new technology against them. They took advantage of the fact that it is easier to add phone service to cable systems than it is to deliver video over phone lines, and easier and cheaper to add video-on-demand to a cable system than for satellite services to make their signals interactive.
Lo and behold, phone, pay-per-view and high-speed Internet revenue at Comcast have all been rising smartly. To maintain that pace, Comcast has aggressively expanded its video menu and now offers roughly 8,000 movies and television programs on demand. Most of that programming is (don’t read any further, Mr. Karmazin) free.
Free, says Mr. Roberts, works. It persuades subscribers to try new things and encourages them to graduate to paid services. “If the consumer loves what we do, they will use it a lot and eventually they will pay for it,” he said. “We have seen a big increase in our pay-per-view business because people got in the habit of being able to watch programming on demand.”
IN recent months, Comcast’s leaders have gone out of their way to reassure shareholders that they will remain focused on expanding and improving the cable business, and that their dreams of Disneyesque diversification are behind them.
That approach was tested last November, when Comcast agreed to buy Disney’s 39.5 percent share of E Entertainment Television, a cable network, for $1.23 billion. Comcast’s stock fell on news of the deal, which gave the company full control of the network, although it did not rattle big investors like Tom Marsico, of Marsico Capital Management.
“There had been an issue among shareholders about what Comcast would do with its cash flow,” he said in a telephone interview. “I don’t think they will make a significant acquisition. That is our impression.”
Aryeh Bourkoff, a cable analyst at UBS Securities, said that Comcast faces some competitive factors, but that they are not meaningful enough to stop its growth this year.
Not long ago, such confidence was in short supply. From 2002 through 2005, James Chanos, the short-seller who had presciently bet that Enron was in trouble long before Wall Street saw a problem, was quoted as being negative on Comcast’s stock. Mr. Chanos did not return phone calls seeking comment.
Comcast shares did indeed slide, to as low as $18.64 in October 2002. But several big investors — including Chieftain Capital Management, Dodge & Cox and Geico — believed that the market was wrong. They did not see Comcast as seriously threatened by rivals or by its debt levels, and some urged it to buy back as much as 15 percent of its stock.
Comcast has bought back 10 percent of its stock since the end of 2003, but it didn’t buy more because “they were scared,” said one investor, who still has a relationship with the company and spoke only on the condition he not be named. “They were too worried about the press and the stock price,” the investor added.
After the failed $54 billion bid for Disney, some investors also believed that Mr. Roberts wanted “to keep his powder dry because he wanted to make another acquisition,” as the investor put it.
Mr. Roberts shrugged off such backseat driving. “I am happy to be accused of being too conservative,” he said. “I would disagree with the argument that I wasn’t bullish. We bought AT&T Cable and spent $10 billion to buy back our stock.”
Mr. Roberts also helped engineer a deal that gave Comcast access to MGM’s library, and teamed up with Time Warner Cable to buy Adelphia. The companies split up Adelphia’s customers and swapped some of their own systems to give them greater control in certain markets like south Florida and Los Angeles.
Mr. Roberts’s confidence may seem unsurprising from a son of the company’s founder and scion of the family that still owns a controlling stake in it. As the only one of Ralph J. Roberts’s four children with an interest in cable, Brian was a natural successor to his father, who at 86 remains on the board and runs its executive and finance committees.
As he has settled into the roles of chairman and chief executive, Brian Roberts has earned investors’ confidence. Compared with James L. Dolan of Cablevision Systems — whose public squabbles with his father, Charles F. Dolan, the company’s founder, have been extensively chronicled in the tabloids — Brian Roberts and his family appear singularly united.
Ralph Roberts founded Comcast in Tupelo, Miss., in 1963. The elder Mr. Roberts, who began his career as a belt salesman, still comes to work four days a week and has his office next to his son’s. Brian Roberts says he often consults with his father. When the elder Mr. Roberts has advice to give, the son said, he is always discreet. “My father will say, ‘Have you thought about doing it this way?’ ” he said.
That is not to say that Comcast is completely conflict-free. While its overall performance has been good for investors, there are caveats. Glass Lewis & Company, a research firm that advises institutional shareholders on governance issues, argues that Brian Roberts, his father and three other top managers were grossly overpaid in 2005.
Altogether, the group reaped $84.9 million in salary, bonuses, other compensation and the value of restricted stock and stock-option grants, Glass Lewis said. It named Brian Roberts as the sixth-most-overpaid executive among companies in the Standard & Poor’s 500-stock index, with a compensation package valued at $24.9 million.
Several investors said privately that they were particularly annoyed that Ralph Roberts continues to receive a lucrative pay package when he is no longer chairman. Glass Lewis valued his compensation at $18 million.
In rebuttal, a Comcast executive vice president, David L. Cohen, said that more than half of Ralph Roberts’s compensation — $11.7 million — was in the form of a pension, life insurance and tax relief that the board agreed to pay him when he was still chief executive. Nearly $19 million of Brian Roberts’s compensation, he added, was performance-related pay based on growth in operating cash flow.
While some shareholders grumble about executive pay, Brian Roberts has won praise for assembling a respected management team, led by Stephen B. Burke, whom he hired away from Disney in 1998.
Mr. Burke’s skills as the operations chief complement Mr. Roberts’s talent for strategy, and Mr. Burke has shown no signs of chafing as Comcast’s No. 2. He might be following the example of his father, Daniel B. Burke, who served deftly as second-in-command at Capital Cities/ABC under Thomas S. Murphy.
“I watched my dad for 30 years work with Tom,” Mr. Burke said. “I know they had a wonderful time and a wonderful relationship, and Brian is the same way with me.”
The way Mr. Burke sees it, the cable business is like a layer cake: the bottom layer is TV, the next is high-speed data, and then come digital TV, telephone and, finally, commercials. “The bottom layer is growing maybe 4 or 5 percent a year,” he said. “If you want to be a company that grows 13 percent to 15 percent a year, you have to keep adding layers.”
To keep the video layer competitive, Comcast has aggressively pursued video-on-demand, seeking to use free videos to entice customers to pay for more expensive digital video packages. It offers HBO’s older shows on-demand free, for example. Time Warner, which owns HBO, until recently charged $5 a month for HBO on-demand service on its cable systems and now offers it free.
Other media companies are also skeptical of giving away premium programming, whatever the presumed payoff down the road.
Of course, his company does not make its money by producing programs or movies; it earns a living by delivering them. But since that meeting, even some “content” companies have agreed to make their programs more widely available, often without charge. Just last month, CBS, which was spun off by Viacom in 2006, said it would no longer charge 99 cents every time a viewer wanted to watch an old program; now they are free.
COMPETITION has still taken its toll at Comcast. “We had our satellite assault years ago and they took 10 percent of the business,” Mr. Burke said. “Now that has stabilized.”
Today, there are more than 28 million satellite subscribers: 15.6 million for DirecTV and 13 million for EchoStar. Comcast, with its 24 million cable subscribers, is fighting for more. Two months ago, for example, it said it would offer some movies to its cable subscribers on the same day the DVD version arrives in stores, rather than 60 days later, as had been the custom.
“This is the first time the studios have done this,” Mr. Roberts said, “and it is partly because they are worried about the death of DVDs. Our theory has always been that simultaneous release won’t hurt DVDs. You could go to Blockbuster and rent the film the same day.”
Still, Comcast and other cable providers are in for a long fight with phone companies and satellite services. As the cable companies have branched into telephone service and other products, the phone companies and satellite services have cooperated to offer comparable “bundles.” The phone companies offer wireless service in their bundles, too. To counter, Comcast has struck a deal with Sprint to offer cellular service as part of a bigger package.
However the race plays out, Comcast executives say, they think video delivered over high-speed cable will remain central to their business.
“Technologies don’t just disappear,” Mr. Burke said. “Ten years from now, when you watch TV you will have a big screen and you will be watching through a big pipe in your house.” That pipe, or delivery system, “hopefully will be ours,” he added.
Ken Belson contributed reporting.
http://www.nytimes.com/2007/01/21/bu...rtner=homepage
When Being a Verb is Not Enough: Google wants to be YOUR Internet
Robert X. Cringely
I spoke recently with an old friend who is a bandwidth broker. He buys and sells bandwidth on fiber-optic networks around the world. And he told me something that I found not completely surprising, but I certainly hadn't known: Google controls more network fiber than any other organization. This is not to say that Google OWNS all that fiber, just that they control it through agreements with network operators. I find two very interesting aspects to this story: 1) that Google has acquired -- or even needs to acquire -- so much bandwidth, and; 2) that they don't own it, since probably the cheapest way to pick up that volume of fiber would be to simply buy out any number of backbone providers like Level 3 Communications.
Google loves secrecy. That they've been acquiring fiber assets hasn't been a secret, but the sheer volume of these acquisitions HAS been. Why? One thought is that it kept down the price since people didn't really know it was Google snatching up this stuff (they've done it under a number of different corporate names). But if price was the issue, then why hasn't Google just bought the companies that own the fiber? It made no sense until I scratched my head and thought a bit further, at which point it became obvious that Google wants to -- in its own way -- control the Internet. In fact, they probably control it already and we just haven't noticed.
There are two aspects to this control issue, but let's take the legal one first. If Google bought a bunch of Internet backbone providers, such a move would of course get the attention of regulators from the U.S. Department of Justice and the U.S. Federal Trade Commission, the two federal agencies charged with looking at large corporate mergers for signs of anti-competitive activity. But simply acquiring legal control of those same assets through leases and other long-term contracts doesn't trigger such an examination, though perhaps it should. By renting instead of buying, Google was able to acquire its fiber assets primarily in secret. The game was over before most of us even knew there WAS a game.
The second aspect of this is the whole idea that the game is already over for control of the Internet. I touched on this concept back in 1998 when I wrote my first column about PayPal, which at the time had been offering its core service for less than a year and already had eight million members. I wrote then that PayPal had already won the Internet payments race, which time has since showed they had. PayPal's confidence was based on analysis of its own growth. Understanding the potential range of growth, looking at the rate of subscriber acceleration, and using second derivative analysis of these data, PayPal was pretty darned sure, even back in 1998, that its competitors at the time would never be able to catch up.
Topix.net founder Rich Skrenta recently took a similar approach to argue that Google, like PayPal, has already won the game and represents to most users the face of the Internet. Skrenta (in this week's links) argues that Google's dominance of search and advertising is so profound that most competitors -- especially Yahoo -- would probably be better off NOT even attempting to compete and simply let Google handle search and advertising while Yahoo provides content. He's probably correct. Skrenta argues that even if services come along that are superior to Google's, in order to become dominant they'll have to overcome Google's brand recognition with users, which is almost impossible to do. So just being better than Google isn't enough.
All this is prelude for understanding what Google intends to actually DO with all this technology, which I have only lately begun to figure out.
I live in South Carolina, a state that I can argue qualifies as a technology backwater despite being the shrimp and grits capital of the world. Why, then, are the local business pages filled with stories about Google preparing to build massive data centers here? Google is apparently negotiating to build data centers in Goose Creek, a town not far from Charleston, where I live, in Columbia, the state capital, and a third location across the border in Georgia. To read the papers, Google might choose one or another of these locations, but according to people I have spoken with who are fairly close to the action, Google actually seems intent on building in all three locations.
Why?
Why would Google need two data centers in a state with only four million residents? Why would they need to buy 520 acres in a Goose Creek industrial park when that's probably 100 times as much land as any conceivable data center would require?
Google is building a LOT of data centers. The company appears to be as attracted to cheap and reliable electric power as it is to population proximity. In Goose Creek they bought those 520 acres from the local state-owned electric utility, which probably answers the land question posed above. By buying out all the remaining building sites in an industrial park owned by an electric utility, Google guarantees itself a vast and uninterruptible supply of power, much as it has done in Oregon by building a data center next to a hydroelectric dam or back here again in Columbia by building near a nuclear power station.
Of course this doesn't answer the question why Google needs so much capacity in the first place, but I have a theory on that. I think Google is building for a future they see but most of the rest of us don't. I'll go further and guess that Google is planning to build similar data centers in many states and that the two centers they are apparently preparing to build here in South Carolina are probably intended mainly to SERVE South Carolina. That's perhaps 100,000 servers for four million potential users or 40 users per server. What computing service could possibly require such resources?
The answer is pretty simple. Google intends to take over most of the functions of existing fixed networks in our lives, notably telephone and cable television.
The Internet as we know it is a shell game, with ISPs building their profits primarily on how many users they can have practically share the same Internet connection. Based on the idea that most users aren't on the net at the same time and even when they are online they are mainly between keystrokes and doing little or nothing when viewed on a per-millisecond basis, ISPs typically leverage the Internet bandwidth they have purchased by a factor of at least 20X and sometimes as much as 100X, which means that DSL line or cable modem that you think is delivering multi-megabits per second is really only guaranteeing you as much bandwidth as you could get with most dial-up accounts.
This bandwidth leveraging hasn't been a problem to date, but it is about to become a huge problem as we all embrace Internet video. When we are all grabbing one to two hours of high-quality video per day off the net, there is no way the current network infrastructure will support that level of use. At that point we can accept that the Internet can't do what we are asking it to do OR we can find a way to make the Internet do what we are asking it to do. Enter Google and its many, many regional data centers to fill this gap.
Looking at this problem from another angle, right now somewhat more than half of all Internet bandwidth is being used for BitTorrent traffic, which is mainly video. Yet if you surveyed your neighbors you'd find that few of them are BitTorrent users. Less than 5 percent of all Internet users are presently consuming more than 50 percent of all bandwidth. Broadband ISPs hate these super users and would like to find ways to isolate or otherwise reject them. It's BitTorrent -- not Yahoo or Google -- that has been the target of the anti-net neutrality trash talk from telcos and cable companies. But the fact is that rather than being an anomaly, these are simply early adopters and we'll all soon follow in their footsteps. And when that happens, there won't be enough bandwidth to support what we want to do from any centralized perspective. A single data center, no matter how large, won't be enough. Google is just the first large player to recognize this fact as their building program proves.
It is becoming very obvious what will happen over the next two to three years. More and more of us will be downloading movies and television shows over the net and with that our usage patterns will change. Instead of using 1-3 gigabytes per month, as most broadband Internet users have in recent years, we'll go to 1-3 gigabytes per DAY -- a 30X increase that will place a huge backbone burden on ISPs. Those ISPs will be faced with the option of increasing their backbone connections by 30X, which would kill all profits, OR they could accept a peering arrangement with the local Google data center.
Seeing Google as their only alternative to bankruptcy, the ISPs will all sign on, and in doing so will transfer most of their subscriber value to Google, which will act as a huge proxy server for the Internet. We won't know if we're accessing the Internet or Google and for all practical purposes it won't matter. Google will become our phone company, our cable company, our stereo system and our digital video recorder. Soon we won't be able to live without Google, which will have marginalized the ISPs and assumed most of the market capitalization of all the service providers it has undermined -- about $1 trillion in all -- which places today's $500 Google share price about eight times too low.
It's a grand plan, but can Google pull it off? Yes they can.
http://www.pbs.org/cringely/pulpit/2...19_001510.html
Kucinich: Congress To Take On FCC
FMQB
Over the weekend, the National Conference for Media Reform was held in Memphis, TN, with a number of notable speakers on hand for the event. Rep. Dennis Kucinich (D-OH) made an surprise appearance at the convention to announce that he would be heading up a new House subcommittee which will focus on issues surrounding the Federal Communications Commission.
The Presidential candidate said that the committee would be holding "hearings to push media reform right at the center of Washington.” The Domestic Policy Subcommittee of the House Government Reform Committee was to be officially announced this week in Washington, D.C., but Kucinich opted to make the news public early.
In addition to media ownership, the committee is expected to focus its attention on issues such as net neutrality and major telecommunications mergers. Also in consideration is the "Fairness Doctrine," which required broadcasters to present controversial topics in a fair and honest manner. It was enforced until it was eliminated in 1987.
Kucinich said in his speech that "We know the media has become the servant of a very narrow corporate agenda" and added "we are now in a position to move a progressive agenda to where it is visible."
FCC Commissioner Michael Copps was also on hand at the conference and took broadcasters to task for their current content, speaking of "too little news, too much baloney passed off as news. Too little quality entertainment, too many people eating bugs on reality TV. Too little local and regional music, too much brain-numbing national play-lists." Commissioner Jonathan Adelstein also spoke at the event.
http://www.fmqb.com/Article.asp?id=333927
Big Media’s Crush on Social Networking
Richard Siklos
I WAS wandering around recently in Second Life, the much-ballyhooed online virtual world, and had a nice chat with one of its “residents.” But at the end of the talk he (or perhaps she; you never really know in these digital dioramas, where anyone can create an identity and just about anything else) asked if he could add me to his “friends” list and thereby keep tabs of my comings and goings in the online world. “Sure,” I replied, not because I was yearning to keep in touch but because it just struck me as rude to turn down such an invitation.
Last week, a similar episode occurred in my real life, when I prepared to leave a meeting with someone I had never met before but really liked. This time, my host asked me if I was part of LinkedIn, a buzzy Web site intended to link people with similar business interests. The site has gained much attention in the tech industry: Business 2.0 magazine recently hailed it as “MySpace for grownups.” (MySpace, the social networking site owned by Rupert Murdoch’s News Corporation, is, of course, the ne plus ultra of such Web sites, where young and youngish people put all kinds of information about themselves online in search of friends, dates, music and whatever.)
In the case of LinkedIn, I was privately relieved to be able to say that I had not yet joined, although I noticed that people kept asking me if I was a member. And, I must acknowledge that the invitation, like the one in Second Life, irked me on some level — though it was a nice gesture after one meeting. It struck me as far more personal than just exchanging business cards, yet less of a commitment than adding someone to your instant-message “buddy list.” Yet a tad forward nonetheless: like a three-cheek kiss from strangers on a distant shore.
Don’t get me wrong. I like people, and interacting with so many of them is one of the great pleasures of my job. And, heck, all that journalists do all day long is call people who may not want to hear from them. But that said, I have always recoiled at the use of the word “network” as a verb. I wouldn’t want to join any social networking Web site that would want me as a member. You might say that I am into antisocial networking.
I say this in full recognition of the rampaging popularity of social networks and the fact that big media companies — particularly the large club that still envies Mr. Murdoch’s snatching of MySpace in 2005 for what now looks like a knockdown price — have developed a full-bore teenage crush on these businesses.
Social networking is a close cousin of the other obsession of the moment: user-generated content. Of course, there is a difference. User-generated content is basically anything someone puts on the Web that is not created for overtly commercial purposes; it is often in response to something professionally created, or is derivative of it. So, it could be a blog, a message board, a homemade video on YouTube, or a customer’s book review on Amazon.com.
Social networking, on the other hand, is something potentially deeper — it represents a way to live one’s life online. In many ways, it is the two-dimensional version of what sites like Second Life aspire to be in 3-D: the digital you. And that ties to another earnestly overused term of art at the moment: engagement.
Engagement basically refers to the amount of time people spend doing one thing — reading a magazine, watching a TV show — but also to the depth of their participation. Do they vote on “American Idol”? Flock to Disneyland? Go to the NBC Web site after “The Office” to watch deleted scenes? Or, now, do they integrate their favorite media into their digital personas?
Sony, for instance, paid $65 million for a video-sharing site called Grouper.com and started a nifty service through which you can load your favorite clip from one of its movies — say, Jack Nicholson barking, “You can’t handle the truth” at Tom Cruise in “A Few Good Men” — onto your MySpace or Facebook page.
Over the last few weeks, other media companies have accelerated their efforts in social networking. For example, the Hearst Corporation on Jan. 8 bought a small company called eCrush.com. And the Walt Disney Company, the CBS Corporation, Viacom and NBC have all been busy planning new social networking features for their various Web sites.
Many of the ventures sound like logical extensions of existing media brands because, hey, media companies are all about attracting and keeping audiences and then figuring out ways to bring them closer to marketers.
Hearst’s acquisition of eCrush and related Web sites fits nicely with a coming revamp of Cosmogirl.com, Teenmag.com and other online publications for teenagers. One of the sites it acquired, espinthebottle.com, is basically a flirting site for teenagers that vets its participants’ information before matching kids up, to keep the fun clean and safe. So far, the site has attracted more than 3.8 million “hotties” (its term).
Chuck L. Cordray, the vice president for Hearst Magazines Digital, noted that part of the appeal of eCrush is that it is a stand-alone business that can also become a feature of other Hearst online ventures.
“It’s a new way of fulfilling a mission magazines have fulfilled for some time, which is creating communities of interest,” Mr. Cordray said.
What is striking about many of these mainstream media ventures into social networking is that they mirror the big debate over whether Internet surfers will continue to migrate to big portal sites like AOL and Yahoo or will use widely available tools to fashion their own customized Web lives.
According to the online ratings firm ComScore Media Metrix, most of the Top 10 social networking sites as of December 2006 were still big portals like MySpace, Facebook, Yahoo Geocities, Lycos Tripod and AOL. Of course, if social networking soon becomes a popular feature of existing media brands’ Web efforts, its success will be measured by how much it drives traffic and revenue to existing brands, not just by whether it creates winning new ones. For now, NBC, like Disney, is placing most of its bets on integrating features like personalized pages into its existing Web sites rather than trying to build new destinations.
IT can be a tricky business when audiences evolve from being consumers to members. For instance, the need to keep out the wrong element adds a new layer of complexity to the media mix.
MySpace, which according to ComScore Media Metrix attracts more than one-third of the entire social networking audience in the United States, was sued last week by several families who accused it of negligence and recklessness; they said predators were introduced to their underage daughters on the site. MySpace denied any wrongdoing but has been working on ways to make the site safer.
Know this: if you are part of the social networking wave, you will have all the “friends” you can handle. The invite is the new handshake. Get ready for a lot of opportunities to join all kinds of networks — and, one hopes, some appropriately Webby new way to politely say, “No, thank you.”
http://www.nytimes.com/2007/01/21/bu.../21frenzy.html
Apple Profit Surges on iPod Sales
Tech company results beat analyst estimates
Apple Computer Inc. Wednesday beat market expectations by posting earnings that were more than triple its year-earlier results, boosted by sales of its popular iPod digital music players.
For its third quarter ended June 26, Apple said it had net income of $61 million, or 16 cents a share, up from $19 million, or 5 cents a share, in the year-earlier period. Revenue rose 30 percent to $2.01 billion from $1.55 billion.
Excluding 2 cents a share in restructuring charges, Apple said it had a profit of $67 million, or 17 cents a share. That exceeded the average 15 cents forecast by analysts polled by Reuters Estimates. Revenue also beat the average estimate of $1.94 billion.
“It was an outstanding quarter — our highest third-quarter revenue in eight years,” said Apple’s chief executive Steve Jobs. “Our Mac-based revenue grew a healthy 19 percent, and our music-based revenue grew an incredible 162 percent.”
Looking ahead, Apple said it expects to post revenues of $2.1 billion for the current quarter and earnings 16 to 17 cents per share, including a restructuring charge of 1 cent per share.
Apple, based in Cupertino, Calif., said it shipped 876,000 Macintosh computers in the quarter, up 14 percent from a year earlier, and 860,000 iPods, up 183 percent.
Apple shares jumped in extended hours trading, rising to $30.48, up from $29.58 at the Nasdaq close.
Peter Oppenheimer, Apple’s chief financial officer, said sales of Macintosh computers, especially laptops, accounted for 58 percent of revenue growth.
Demand for the new mini version of the popular iPod has been “staggering” in the United States and continues to far outstrip supply, Apple’s worldwide vice president of sales Tim Cook told analysts during a conference call. “Unprecedented” orders for European shipments, set to begin July 24, will mean continued backlogs probably through the end of the year. He said it was hard to predict when supply would catch up with demand.
Earlier this week, Apple announced that 100 million songs had been sold at its iTunes Music Store — a milestone that took three months longer than the company had hoped but still a significant benchmark that proved Apple’s dominance in the online music market.
The online music store eked out a “small profit” during the quarter, Oppenheimer said.
Apple July 2 announced a delay in the release of the next-generation iMac until September, meaning the company will miss the important back-to-school season.
The new iMac faces the same microprocessor supply problem from IBM that has already delayed Apple’s Power Mac G5 product shipments, Oppenheimer said. If the problems aren’t resolved, fourth-quarter results might change, he said.
http://www.msnbc.msn.com/id/5438562/
Intel’s Fight for Market Cuts Margins
Laurie J. Flynn
Intel reported yesterday that fourth-quarter profit fell 39 percent as the company continued to fight for market share and to absorb the high cost of its corporate overhaul.
The company, the world’s largest chip maker and a closely watched indicator of the overall strength of the technology industry, reported slightly higher sales than Wall Street predicted, although they were still down 5 percent from the period last year.
But on the critical measurement of gross profit margin, Intel clearly disappointed, indicating the price war with its smaller rival Advanced Micro Devices continued to take a toll.
Intel projected that its gross profit margin would be about 49 percent during the first quarter of 2007, down from 49.6 percent during the fourth quarter of 2006. Intel estimated that gross profit margin would be only about 50 percent for all of 2007. That compares with a gross profit margin of 61.8 percent in the fourth quarter of 2005.
“These results were clearly mixed,” said Adam Parker, an analyst with Sanford C. Bernstein & Company. “People wanted to see that gross margins had reached the bottom in the fourth quarter, but they didn’t.”
The report was released after the market’s close yesterday, but investors reacted strongly to the forecast of a lower profit margin, sending shares of Intel down 88 cents, or nearly 4 percent, in after-hours trading. Earlier in the day, Intel shares rose 17 cents, to close at $22.30 in regular trading.
Intel’s net income for the fourth quarter was $1.5 billion, or 26 cents a share, including the cost associated with stock option expenses. In last year’s fourth quarter, the last quarter in which it expensed stock options, Intel posted net income of $2.45 billion, or 40 cents a share.
The company’s revenue declined 5 percent, to $9.69 billion, from $10.2 billion last year, at the top of the range of $9.1 billion to $9.7 billion the company had forecast.
Analysts were expecting earnings of 25 cents a share on $9.44 billion in revenue, according to a survey of analysts by Thomson Financial.
For 2006, Intel, which is based in Santa Clara, Calif., posted revenue of $35.4 billion, while its net income was $5 billion, or 86 cents a share.
Closing what he called “a very tough pricing year,” Andy D. Bryant, Intel’s chief financial officer, indicated that Intel would continue to price aggressively this year. “We’re going to have to fight to win orders,” Mr. Bryant said in a conference call with analysts.
The brightest spot for Intel was that it sold record numbers of its highest-priced microprocessors, those used in computer servers. Sales of those chips helped drive up Intel’s average selling price during a period in which Intel was continuing to cut prices on older products.
Paul S. Otellini, Intel’s chief executive, described 2006 as a unique year in which the company introduced 40 new products. “We’ve never had that broad a base of new products all at once,” Mr. Otellini said in the conference call.
Intel’s report of higher selling prices on server chips was in stark contrast to news from A.M.D. last week. That company, which is scheduled to issue its earnings report on Jan. 23, warned last week that its fourth-quarter revenue would miss Wall Street forecasts because of lower unit prices.
A.M.D., based in Sunnyvale, Calif., said that it expected fourth-quarter revenue to be about $1.37 billion, or only about 3 percent above the third-quarter level. The news sent shares of A.M.D down $1.92, to $18.26, on Friday. Yesterday, A.M.D. shares declined 23 cents, or about 1 percent, in after-hours trading, after declining 13 cents, to close at $18.13, during the regular session.
Intel said it was also facing the high cost of its transition to a major new manufacturing process, a transition that occurs roughly every two years. Mr. Bryant said the bulk of the costs of the manufacturing changes would occur in the first half of 2007.
Looking ahead, Intel said first-quarter revenue would be $8.7 billion to $9.3 billion, in line with analysts’ forecast of $8.93 billion. Mr. Bryant declined to provide a full-year forecast.
In September, the company announced a major revamping, including the elimination of 10,500 positions. Intel ended the fourth quarter with 94,100 employees, down more than 6,000 from the second quarter. Costs associated with layoffs decreased earnings by about 1.5 cents a share in the fourth quarter, the company said.
http://www.nytimes.com/2007/01/17/te...gy/17chip.html
HP Beats Moore's Law With New Chip Architecture
Stan Beer
A number type of nano-scale architecture developed in the research labs of Hewlett-Packard could beat Moore's Law and advance the progress of of microprocessor development three generations in one hit. The new architecture uses a design technique that will enable chip makers to pack eight times as many transistors as is currently possible on a standard 45nm field programmable gate array (FPGA) chip.
Currently, conventional FPGA chips use between 80 and 90% of their CMOS silicon for signal routing wires, leaving a relatively small amount for logic processing transistors. However, researchers Greg Snider and Stan Williams of HP Labs have developed a way to remove the signal routing wires from the silicon, leaving more room for logic processing transistors.
The new technique uses an architecture called “field programmable nanowire interconnect (FPNI)” which replaces the current signal routing with a crossbar made up of super thin 15nm wires which sits on a layer above the silicon-based transistors to route the signals.
The researchers, who have constructed tests using 17nm wires, say that using a cross bar with 15nm wires on FPNI architecture would enable eight times as many transistors to be housed on a 45nm chip without needing to shrink the size of the transistors.
“The expense of fabricating chips is increasing dramatically with the demands of increasing manufacturing tolerances,” said Snider, senior architect, Quantum Science Research, HP Labs. “We believe this approach could increase the usable device density of FPGAs by a factor of eight, using tolerances that are no greater than those required of today’s devices.”
What's more, the new architecture would use less power than chips today, say the researchers.
According to the researchers, by 2020 using 4.5nm wires it should be possible to pack in the same amount of transistors in a space of just 4% of what is currently possible on a 45nm chip.
http://www.itwire.com.au/content/view/8631/53/
Despite 100 Million IE 7 Installs, Microsoft's Browser Still Loses Ground
Firefox's share of the U.S. browser market is at 14% and has continued to grow each of the last three months, says one research firm.
Gregg Keizer
Although Microsoft recently touted the 100 millionth installation of Internet Explorer 7, Web measurement firms said that the new browser is simply being swapped out for older editions and hasn't had an impact on Firefox's continued climb.
"[As of] January 8th, we had the 100 millionth IE7 installation," said Tony Chor, an IE group program manager, in an entry on the team's blog. "Even more important than installations is usage. According to WebSideStory (the company we use to measure browser usage), as of this week, over 25% of all visitors to sites in the U.S. were using IE7, making IE7 the second most used browser after IE6.
"We expect these numbers to continue to rise as we complete our final localized versions, scale up AU [Automatic Updates] distribution, and with the consumer availability of Windows Vista on January 30, 2007," Chor added.
While Microsoft had the WebSideStory numbers correct, it didn't tell the whole story, says Geoff Johnston, an analyst with the Web metrics company. "[The growth of IE 7] seems to be exclusively at the expense of IE 6," says Johnston. "It's not eating into the Firefox share at all."
Firefox's share of the U.S. browser market, says Johnston, is at 14%, and has continued to grow each of the last three months. "I thought that IE 7 might flatten Firefox's growth, but it's not taken a hit from IE 7. All the movement there has been internal, from IE 6 users upgrading," he says.
Another Web metrics vendor, Net Applications, confirmed the switch to IE 7 in its most recent data, and also noted the continued slide of IE overall.
According to Net Applications, Internet Explorer accounted for 79.6% of all browsers used in December 2006, a drop from the 80.6% during the previous month. Firefox's use, meanwhile, measured 14% in December, up from 13.5% in November. Also gaining ground in the last month of 2006 was Apple's Safari, which climbed to 4.2% from 4%, and Opera, which saw its share increase from 0.7% to 0.9%.
Net Applications' data put IE 7's market share during December at 18.3%, up dramatically from November's 8.8%. But IE 6 lost more than IE 7 gained, dropping from 70.9% in November to 60.7% the next month.
The gain in IE 7 is largely due to Microsoft pushing the new browser to end users via Windows' Automatic Updates setting, which is usually reserved for downloading and installing security fixes on PCs. Microsoft began issuing IE 7 to Windows XP users through Automatic Updates in early November as part of a controversial scheme to get the new browser in as many hands as possible as quickly as possible.
In July, however, Microsoft posted a toolkit that lets users and enterprises indefinitely postpone IE 7's installation. The toolkit can be downloaded from the Microsoft Web site.
The impact of the automatic upgrade was easy to see when compared with the much slower uptake of Firefox 2.0, the browser Mozilla introduced in October 2006. In the same month that IE 7 more than doubled (from 8.8% to 18.3%), Firefox 2.0's share only climbed from 3.6% to 5.2%, notes Net Applications. Firefox 1.5 still accounts for the majority of Firefox users. Mozilla has considered, and postponed, an automatic update from Firefox 1.5 to 2.0; the auto upgrade is now scheduled for sometime this month.
Johnston wasn't confident that Microsoft would ever be able to make inroads on Firefox's growing share. "Once someone gets used to Firefox, especially its extensions, and unless they think IE 7 or IE 8 or whatever comes in the future is so much better, they're going to stay with Firefox," says Johnston.
"Maybe Microsoft's met its match with Firefox. Maybe it just can't compete against open-source and the whole world [as developers]."
http://www.informationweek.com/news/...leID=196901142
Investigation Follows Fatal Radio Station Contest
Mother Of Three Died After Trying To Win Video Game System
Officials continue to investigate after a Rancho Cordova woman died Friday following a water-drinking contest at a Sacramento radio station.
The family of Jennifer Strange said she died after taking part in a competition at the office of KDND 107.9 The End in an attempt to win a Nintendo Wii video game system for her three children.
Assistant Sacramento County coroner Ed Smith said a preliminary investigation found evidence consistent with water intoxication in the death.
Strange was the runner-up in the contest that required drinking huge amounts of water in a short amount of time.
Contest winner Lucy Davidson recalled how she and Strange both got ill after the contest.
"After it was all over ... we both went into the bathroom and we were both sick," Davidson said. "She's throwing up. I'm throwing up. I mean, we just had too much."
Davidson recovered from her illness. Strange was found dead at her Rancho Cordova home Friday afternoon.
Water intoxication occurs when a person ingests too much water, causing organs and the brain to swell.
On Monday, a DJ at the radio station came on the air, but there was no mention of the incident.
John Geary, vice president for station parent company Entercom Sacramento, said he is "awaiting information that will help explain how this tragic event occurred."
Meanwhile, Davidson expressed sadness about what happened.
"It's so horrible," Davidson added. "You know, you don't think water is going to kill you."
Contestants signed a waiver going into the contest and were allowed to leave at any time.
http://www.kcra.com/news/10751005/de...0408&qs=1;bp=t
10 Fired From Radio Station After Death
UPI
Ten employees of KDND-FM, Sacramento, including five on-air personalities, have been fired after a station contest turned deadly.
The employees, including the five hosts of The End 107.9's "Morning Rave" radio show, were let go Tuesday following the Friday death of Jennifer Lea Strange, a 28-year-old mother of three children, who drank two gallons of water in the station's "Hold Your Wee for a Wii" contest, The Sacramento Bee reported Wednesday.
Strange's death in the contest, which offered a Wii video game system to the contestant who could drink the most water without urinating, was ruled by coroner's officials to be consistent with water intoxication. Strange came in second.
Sacramento County Sheriff John McGinness said there do not appear to be grounds for a criminal investigation.
"It's not as if she was somehow in their custody and they had a role to care for her," he said. "Rather, it was an invitation to a contest that was clearly ill-advised. She was exercising her free will. If there's anything to suggest a criminal act by anyone involved in this, we'd pick it up and run with it."
http://www.upi.com/NewsTrack/view.ph...7-105839-2256r
Cops Looking Into Radio Stunt Death
AP
As participants in KDND-FM's water-drinking contest chugged bottle after bottle, a listener called in to warn the disc jockeys that the stunt could be fatal.
"Yeah, we're aware of that," one of them responded.
Another DJ said with a laugh: "Yeah, they signed releases, so we're not responsible. We're OK."
Those comments, and others made during the Jan. 12 "Morning Rave" radio show, appeared to give little regard to the risk of water intoxication. But just hours after the contest, a woman who guzzled nearly two gallons was dead.
On Wednesday, the Sacramento County Sheriff's Department launched a criminal investigation into the incident, and attorneys for the family of Jennifer Lea Strange said they plan to file a wrongful death lawsuit against the radio station.
The county coroner said preliminary autopsy findings indicate Strange, a 28-year-old mother of three, died of water intoxication.
Authorities decided to pursue the investigation after listening to a tape of the show, obtained by The Sacramento Bee, during which DJs joked about the possible dangers of consuming too much water, sheriff's spokesman Sgt. Tim Curran said. At one point, the DJs even alluded to a college student who died during a similar stunt in 2005.
Strange was one of about 18 contestants who tried to win a Nintendo Wii gaming console by determining how much water they could drink without going to the bathroom.
Several hours into the contest, Strange was interviewed on the air and complained that her head hurt.
"They keep telling me that it's the water. That it will tell my head to hurt and then it will make me puke," she said.
Eventually, Strange gave in and accepted the second-place prize: tickets to a Justin Timberlake concert. She commented that she looked pregnant, and a female DJ
agreed.
"Oh, my gosh, look at that belly. That's full of water. ... Come on over, Jennifer, you OK?" a male DJ asked. "You going to pass out right now? Too much water?"
Several hours later, Strange was found dead in her home.
On Tuesday, KDND's parent company, Entercom/Sacramento, fired 10 employees connected to the contest, including three morning disc jockeys. The company also took the morning show off the air.
Station spokesman Charles Sipkins said Wednesday the company had not yet heard from the sheriff's department but that it would cooperate with the investigation.
http://www.newstimeslive.com/news/story.php?id=1028996
Surveillance
Military Is Expanding Its Intelligence Role in U.S.
Eric Lichtblau and Mark Mazzetti
The Pentagon has been using a little-known power to obtain banking and credit records of hundreds of Americans and others suspected of terrorism or espionage inside the United States, part of an aggressive expansion by the military into domestic intelligence gathering.
The C.I.A. has also been issuing what are known as national security letters to gain access to financial records from American companies, though it has done so only rarely, intelligence officials say.
Banks, credit card companies and other financial institutions receiving the letters usually have turned over documents voluntarily, allowing investigators to examine the financial assets and transactions of American military personnel and civilians, officials say.
The F.B.I., the lead agency on domestic counterterrorism and espionage, has issued thousands of national security letters since the attacks of Sept. 11, 2001, provoking criticism and court challenges from civil liberties advocates who see them as unjustified intrusions into Americans’ private lives.
But it was not previously known, even to some senior counterterrorism officials, that the Pentagon and the Central Intelligence Agency have been using their own “noncompulsory” versions of the letters. Congress has rejected several attempts by the two agencies since 2001 for authority to issue mandatory letters, in part because of concerns about the dangers of expanding their role in domestic spying.
The military and the C.I.A. have long been restricted in their domestic intelligence operations, and both are barred from conducting traditional domestic law enforcement work. The C.I.A.’s role within the United States has been largely limited to recruiting people to spy on foreign countries.
Carl Kropf, a spokesman for the director of national intelligence, said intelligence agencies like the C.I.A. used the letters on only a “limited basis.”
Pentagon officials defended the letters as valuable tools and said they were part of a broader strategy since the Sept. 11 attacks to use more aggressive intelligence-gathering tactics — a priority of former Defense Secretary Donald H. Rumsfeld. The letters “provide tremendous leads to follow and often with which to corroborate other evidence in the context of counterespionage and counterterrorism,” said Maj. Patrick Ryder, a Pentagon spokesman.
Government lawyers say the legal authority for the Pentagon and the C.I.A. to use national security letters in gathering domestic records dates back nearly three decades and, by their reading, was strengthened by the antiterrorism law known as the USA Patriot Act.
Pentagon officials said they used the letters to follow up on a variety of intelligence tips or leads. While they would not provide details about specific cases, military intelligence officials with knowledge of them said the military had issued the letters to collect financial records regarding a government contractor with unexplained wealth, for example, and a chaplain at Guantánamo Bay erroneously suspected of aiding prisoners at the facility.
Usually, the financial documents collected through the letters do not establish any links to espionage or terrorism and have seldom led to criminal charges, military officials say. Instead, the letters often help eliminate suspects.
“We may find out this person has unexplained wealth for reasons that have nothing to do with being a spy, in which case we’re out of it,” said Thomas A. Gandy, a senior Army counterintelligence official.
But even when the initial suspicions are unproven, the documents have intelligence value, military officials say. In the next year, they plan to incorporate the records into a database at the Counterintelligence Field Activity office at the Pentagon to track possible threats against the military, Pentagon officials said. Like others interviewed, they would speak only on the condition of anonymity.
Military intelligence officers have sent letters in up to 500 investigations over the last five years, two officials estimated. The number of letters is likely to be well into the thousands, the officials said, because a single case often generates letters to multiple financial institutions. For its part, the C.I.A. issues a handful of national security letters each year, agency officials said. Congressional officials said members of the House and Senate Intelligence Committees had been briefed on the use of the letters by the military and the C.I.A.
Some national security experts and civil liberties advocates are troubled by the C.I.A. and military taking on domestic intelligence activities, particularly in light of recent disclosures that the Counterintelligence Field Activity office had maintained files on Iraq war protesters in the United States in violation of the military’s own guidelines. Some experts say the Pentagon has adopted an overly expansive view of its domestic role under the guise of “force protection,” or efforts to guard military installations.
“There’s a strong tradition of not using our military for domestic law enforcement,” said Elizabeth Rindskopf Parker, a former general counsel at both the National Security Agency and the C.I.A. who is the dean at the McGeorge School of Law at the University of the Pacific. “They’re moving into territory where historically they have not been authorized or presumed to be operating.”
Similarly, John Radsan, an assistant general counsel at the C.I.A. from 2002 to 2004 and now a law professor at William Mitchell College of Law in St. Paul, said, “The C.I.A. is not supposed to have any law enforcement powers, or internal security functions, so if they’ve been issuing their own national security letters, they better be able to explain how they don’t cross the line.”
The Pentagon’s expanded intelligence-gathering role, in particular, has created occasional conflicts with other federal agencies. Pentagon efforts to post American military officers at embassies overseas to gather intelligence for counterterrorism operations or future war plans has rankled some State Department and C.I.A. officials, who see the military teams as duplicating and potentially interfering with the intelligence agency.
In the United States, the Federal Bureau of Investigation has complained about military officials dealing directly with local police — rather than through the bureau — for assistance in responding to possible terrorist threats against a military base. F.B.I. officials say the threats have often turned out to be uncorroborated and, at times, have stirred needless anxiety.
The military’s frequent use of national security letters has sometimes caused concerns from the businesses receiving them, a counterterrorism official said. Lawyers at financial institutions, which routinely provide records to the F.B.I. in law enforcement investigations, have contacted bureau officials to say they were confused by the scope of the military’s requests and whether they were obligated to turn the records over, the official said.
Companies are not eager to turn over sensitive financial data about customers to the government, the official said, “so the more this is done, and the more poorly it’s done, the more pushback there is for the F.B.I.”
The bureau has frequently relied on the letters in recent years to gather telephone and Internet logs, financial information and other records in terrorism investigations, serving more than 9,000 letters in 2005, according to a Justice Department tally. As an investigative tool, the letters present relatively few hurdles; they can be authorized by supervisors rather than a court. Passage of the Patriot Act in October 2001 lowered the standard for issuing the letters, requiring only that the documents sought be “relevant” to an investigation and allowing records requests for more peripheral figures, not just targets of an inquiry.
Some Democrats have accused the F.B.I. of using the letters for fishing expeditions, and the American Civil Liberties Union won court challenges in two cases, one for library records in Connecticut and the other for Internet records in Manhattan. Concerned about possible abuses, Congress imposed new safeguards in extending the Patriot Act last year, in part by making clear that recipients of national security letters could contact a lawyer and seek court review. Congress also directed the Justice Department inspector general to study the F.B.I.’s use of the letters, a review that is continuing.
Unlike the F.B.I., the military and the C.I.A. do not have wide-ranging authority to seek records on Americans in intelligence investigations. But the expanded use of national security letters has allowed the Pentagon and the intelligence agency to collect records on their own. Sometimes, military or C.I.A. officials work with the F.B.I. to seek records, as occurred with an American translator who had worked for the military in Iraq and was suspected of having ties to insurgents.
After the Sept. 11 attacks, Mr. Rumsfeld directed military lawyers and intelligence officials to examine their legal authorities to collect intelligence both inside the United States and abroad. They concluded that the Pentagon had “way more” legal tools than it had been using, a senior Defense Department official said.
Military officials say the Right to Financial Privacy Act of 1978, which establishes procedures for government access to sensitive banking data, first authorized them to issue national security letters. The military had used the letters sporadically for years, officials say, but the pace accelerated in late 2001, when lawyers and intelligence officials concluded that the Patriot Act strengthened their ability to use the letters to seek financial records on a voluntary basis and to issue mandatory letters to obtain credit ratings, the officials said.
The Patriot Act does not specifically mention military intelligence or C.I.A. officials in connection with the national security letters.
Some F.B.I. officials said they were surprised by the Pentagon’s interpretation of the law when military officials first informed them of it. “It was a very broad reading of the law,” a former counterterrorism official said.
While the letters typically have been used to trace the financial transactions of military personnel, they also have been used to investigate civilian contractors and people with no military ties who may pose a threat to the military, officials said. Military officials say they regard the letters as one of the least intrusive means to gather evidence. When a full investigation is opened, one official said, it has now become “standard practice” to issue such letters.
One prominent case in which letters were used to obtain financial records, according to two military officials, was that of a Muslim chaplain at Guantánamo Bay, Cuba, who was suspected in 2003 of aiding terror suspects imprisoned at the facility. The espionage case against the chaplain, James J. Yee, soon collapsed.
Eugene Fidell, a defense lawyer for the former chaplain and a military law expert, said he was unaware that military investigators may have used national security letters to obtain financial information about Mr. Yee, nor was he aware that the military had ever claimed the authority to issue the letters.
Mr. Fidell said he found the practice “disturbing,” in part because the military does not have the same checks and balances when it comes to Americans’ civil rights as does the F.B.I. “Where is the accountability?” he asked. “That’s the evil of it — it doesn’t leave fingerprints.”
Even when a case is closed, military officials said they generally maintain the records for years because they may be relevant to future intelligence inquiries. Officials at the Pentagon’s counterintelligence unit say they plan to incorporate those records into a database, called Portico, on intelligence leads. The financial documents will not be widely disseminated, but limited to investigators, an intelligence official said.
“You don’t want to destroy something only to find out that the same guy comes up in another report and you don’t know that he was investigated before,” the official said.
The Counterintelligence Field Activity office, created in 2002 to better coordinate the military’s efforts to combat foreign intelligence services, has drawn criticism for some domestic intelligence activities.
The agency houses an antiterrorist database of intelligence tips and threat reports, known as Talon, which had been collecting information on antiwar planning meetings at churches, libraries and other locations. The Defense Department has since tightened its procedures for what kind of information is allowed into the Talon database, and the counterintelligence office also purged more than 250 incident reports from the database that officials determined should never have been included because they centered on lawful political protests by people opposed to the war in Iraq.
http://www.nytimes.com/2007/01/14/wa... ner=homepage
Deletions in Army Manual Raise Wiretapping Concerns
Eric Lichtblau and Mark Mazzetti
Deep into an updated Army manual, the deletion of 10 words has left some national security experts wondering whether government lawyers are again asserting the executive branch’s right to wiretap Americans without a court warrant.
The manual, described by the Army as a “major revision” to intelligence-gathering guidelines, addresses policies and procedures for wiretapping Americans, among other issues.
The original guidelines, from 1984, said the Army could seek to wiretap people inside the United States on an emergency basis by going to the secret court set up by the Foreign Intelligence Surveillance Act, known as FISA, or by obtaining certification from the attorney general “issued under the authority of section 102(a) of the Act.”
That last phrase is missing from the latest manual, which says simply that the Army can seek emergency wiretapping authority pursuant to an order issued by the FISA court “or upon attorney general authorization.” It makes no mention of the attorney general doing so under FISA.
Bush administration officials said that the wording change was insignificant, adding that the Army would follow FISA requirements if it sought to wiretap an American.
But the manual’s language worries some national security experts. “The administration does not get to make up its own rules,” said Steven Aftergood, who runs a project on government secrecy for the Federation of American Scientists.
The Army guidelines were finalized in November 2005, and Mr. Aftergood’s group recently obtained a copy under the Freedom of Information Act. He said he was struck by the omission, particularly because of the recent debate over the National Security Agency’s domestic surveillance program. President Bush has asserted that he can authorize eavesdropping without court warrants on the international communications of Americans suspected of having ties to Al Qaeda.
Like several other national security experts, Mr. Aftergood said the revised guidelines could suggest that Army lawyers had adopted the legal claim that the executive branch had authority outside the courts to conduct wiretaps.
But Thomas A. Gandy, a senior Army counterintelligence official who helped develop the guidelines, said the new wording did not suggest a policy change. The guidelines were intended to give Army intelligence personnel more explicit and, in some cases, more restrictive guidance than the 1984 regulations, partly to help them respond to new threats like computer hackers.
“This is all about doing right and following the rules and protecting the civil liberties of folks,” Mr. Gandy said. “It seeks to keep people out of trouble.”
http://www.nytimes.com/2007/01/14/wa...14spyside.html
Gonzales Testifies on Eavesdropping Changes
David Stout
Attorney General Alberto R. Gonzales was lectured on Capitol Hill today by senators who were only partly mollified by the Bush administration’s concession to allow judicial oversight of its electronic-eavesdropping program.
Senator Patrick J. Leahy, the Vermont Democrat who has just become chairman of the Senate Judiciary Committee, told Mr. Gonzales he welcomed the administration’s decision, announced on Wednesday, to seek approval for eavesdropping from the Foreign Intelligence Surveillance Court, “as many of us, many of us, have been saying should have been done years ago.”
The administration’s decision, Mr. Leahy said, is a tiny bit of good news in an otherwise gloomy period. “In the 32 years since I first came to the Senate -- and that was during the era of Watergate and Vietnam -- I’ve never seen a time when their Constitution and fundamental rights as Americans were more threatened, unfortunately, by our own government,” he told the attorney general.
Nor did Mr. Gonzales get any breaks from Senator Arlen Specter, the Pennsylvania Republican who has just stepped down as the panel chairman. Mr. Specter, too, said he was pleased that the eavesdropping program will now be under review by the intelligence surveillance court.
“And it is a little hard to see why it took so long,” said Mr. Specter, like Mr. Leahy a former prosecutor and, also like Mr. Leahy, a jealous guardian of the prerogatives of Congress.
Mr. Gonzales appeared at an oversight hearing and spoke on a number of issues, including what he called “the urgent need to reform our immigration laws.”
“As the grandson of Mexican immigrants and as a law enforcement official, border security and immigration reform are close to my heart and always on my mind,” the attorney general said. “The president and I believe that we can take pride in being an open country and a nation of immigrants while also protecting our country from those who seek to harm us.”
Another priority for him, “as attorney general and as a father,” is working with Congress to protect children from “pedophiles and sexual predators” who prowl the Internet, Mr. Gonzales said.
But much of the back-and-forth was over the administration’s decision to give the secret intelligence court jurisdiction over the wiretapping program run by the National Security Agency, after many months of insistence that the administration had the power to conduct surveillance without warrants on the international communications of people inside the United States.
Now, Mr. Gonzales said, the administration is satisfied that extensive negotiations with the court have put in place procedures that will allow “the necessary speed and agility the government needs to protect our nation from the terrorist threat.”
Mr. Gonzales said he disagreed with Senator Specter’s “innuendo that this was something that we could have pulled off the shelf and done in a matter of days or weeks.” On the contrary, Mr. Gonzales said, Justice Department lawyers were able to devise satisfactory procedures with the intelligence court because they were willing “to be creative, to push the envelope,” and work very hard at it.
Mr. Gonzales’s statement that he is not sure if he can release details of the Jan. 10 court order, under which the secret intelligence court began overseeing the surveillance program, annoyed Mr. Leahy.
“Are you saying that you might object to the court giving us decisions that you’ve publicly announced?” the senator asked. “Are we a little Alice in Wonderland here?”
The attorney general replied that some operational details will still have to be kept confidential.
The testy exchanges indicated the depths of the controversy the surveillance program has stirred since it was disclosed by The New York Times in late 2005, some four years after the administration authorized it in response to the Sept. 11 attacks.
Mr. Leahy said the Justice Department had been “complicit in advancing these government policies which threaten our basic liberties and overstep the bounds of our Constitution,” and in so doing had undercut America’s position as the world’s leading advocate for human rights.
Mr. Specter did not disagree, declaring that the administration had “paid a heavy price” for not bringing the surveillance program under judicial review sooner.
“We lost a close election,” Mr. Specter said, alluding to Republicans. “I wouldn’t want to get involved in what was cause-and-effect, but the heavy criticism which the president took on the program, I think, was very harmful in the political process and for the reputation of the country.”
Early on, Mr. Specter rebuked Mr. Gonzales on what the senator saw as a matter of courtesy. Mr. Specter recalled that, after he wrote to the attorney general in November, he got back “a pro forma letter” from one of Mr. Gonzales’s assistants.
If the committee chairman or the ranking minority member write to him, “you ought to give it your personal attention,” Mr. Specter said.
A portion of the hearing focused on the brewing controversy over President Bush’s proposal to add about 21,500 troops to the American force in Iraq, at least temporarily. Senator Edward M. Kennedy, Democrat of Massachusetts, pressed the attorney general for his views on the extent of Congress’s authority to block a troop increase.
Mr. Gonzales replied that the Constitution clearly gives Congress and the executive branch roles in time of war. “And at the far end, you’ve got the power of Congress to declare war,” Mr. Gonzales said. “I think at the other end, you got the core, sort of commander-in-chief authority to say take that hill. And then things get kind of murky.”
http://www.nytimes.com/2007/01/18/wa...rtner=homepage
How NSA Access Was Built Into Windows
Careless mistake reveals subversion of Windows by NSA.
James Hetfield
A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.
The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.
Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:\Windows\system directory of your computer.
ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run crypographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.
Dr Nicko van Someren reported at last year's Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery.
A second key
Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY". The other was called "NSAKEY".
Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to "Advances in Cryptology, Crypto'99" conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny that the "NSA" key was built into their software. But they refused to talk about what the key did, or why it had been put there without users' knowledge.
A third key?!
But according to two witnesses attending the conference, even Microsoft's top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was "stunned" to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the "entropy" of programming code.
Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.
Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone's and everyone's Windows computer to intelligence gathering techniques deployed by NSA's burgeoning corps of "information warriors".
According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.
"For non-American IT managers relying on Windows NT to operate highly secure data centres, this find is worrying", he added. "The US government is currently making it as difficult as possible for "strong" crypto to be used outside of the US. That they have also installed a cryptographic back-door in the world's most abundant operating system should send a strong message to foreign IT managers".
"How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has a 'back door' for NSA - making it orders of magnitude easier for the US government to access your computer?" he asked.
Can the loophole be turned round against the snoopers?
Dr van Someren feels that the primary purpose of the NSA key inside Windows may be for legitimate US government use. But he says that there cannot be a legitimate explanation for the third key in Windows 2000 CAPI. "It looks more fishy", he said.
Fernandez believes that NSA's built-in loophole can be turned round against the snoopers. The NSA key inside CAPI can be replaced by your own key, and used to sign cryptographic security modules from overseas or unauthorised third parties, unapproved by Microsoft or the NSA. This is exactly what the US government has been trying to prevent. A demonstration "how to do it" program that replaces the NSA key can be found on Cryptonym's website.
According to one leading US cryptographer, the IT world should be thankful that the subversion of Windows by NSA has come to light before the arrival of CPUs that handles encrypted instruction sets. These would make the type of discoveries made this month impossible. "Had the next-generation CPU's with encrypted instruction sets already been deployed, we would have never found out about NSAKEY."
http://digglicious.blogspot.com/2007...o-windows.html
Whitehall Plan for Huge Database
Mark Easton
A giant database of people's personal details could be created at Whitehall under government plans which ministers say will help improve public services.
Tony Blair is expected to unveil the proposal in Downing Street on Monday.
Strict regulations currently prevent one part of government sharing personal information it holds with another.
Ministers argue the data-sharing rules are "overzealous" but the Conservatives say relaxing them would be "an excuse for bureaucrats to snoop".
So-called citizens' panels will gauge public reaction to relaxing privacy procedures so people do not have to repeat personal information to different public bodies - particularly at times of stress such as a family death.
Officials think current rules are an obstacle to improving public services.
But such data-sharing is controversial. As well as criticism from the Conservatives, the information commissioner - the data watchdog - has warned Britain may be "sleepwalking into a surveillance society".
The idea of allowing different Whitehall departments to access centrally-held data emerged during the government's policy review of public services.
The review team, headed by Work and Pensions Secretary John Hutton, has concluded that it is difficult for services to be as flexible and light-footed as people want because of rules on data.
The department cites an example of a family who had a total of 44 contacts with government over 180 days trying to make the necessary arrangements after a family member died in a road accident.
Too often, says the review team, it may be legally forbidden to use information other than for a single purpose.
At other times services may assume there is a legal barrier when there is none.
Individual privacy
And sometimes, the review found, the traditional culture of separate government departments contributes to delays and barriers.
However, the government wants to involve the public in deciding how to balance individual privacy against possible improvements in customer care in the public sector.
Five citizens' panels of 100 people are being recruited by the polling organisation Ipsos Mori.
In a process known as "deliberative democracy", the panels will be briefed on the pros and cons of different approaches to public services and then invited to make their decision.
Their views, say ministers, will then feed into government policy.
Among the issues the panels will consider are: the role of the citizen and state; rights and responsibilities; and customer care within public services including the idea of data-sharing.
ID fraud
This is not the first time the government has proposed sharing sensitive personal information between Whitehall departments.
Last year the Department of Constitutional Affairs (DCA) claimed relaxing rules on data-sharing would help tackle ID fraud and would also identify those "in need".
But Shadow Constitutional Affairs Secretary Oliver Heald said: "Step by step, the government is logging details of every man, woman and child in 'Big Brother' computers."
Shadow Home Secretary David Davis said: "The chances of it actually solving crimes is pretty small.
"The chances of it costing over £20bn is very high. It will be a white elephant."
Information Commissioner Richard Thomas, who is charged with ensuring the state does not collect too much information about citizens, has also been critical of data-sharing and already expressed concern at the Citizens' Information Project.
That is a plan by the Office for National Statistics to create a population database for use by public services.
"There are reasons why we need to promote better information," Mr Thomas said, "but whether the right answer is to create a database should be questioned."
http://news.bbc.co.uk/go/pr/fr/-/1/h...cs/6260153.stm
Cattle Branding Comes to the 21st Century
High-tech tattoo more than a pretty picture
Bill Ray
Somark Innovations, a small company working out of Saint Louis, has successfully tested an RFID tattoo, on cows, mice and rats: enabling an identifying number embedded under the skin to be read from over a meter away.
Implanting identification numbers into animals is nothing new: in the UK pets travelling abroad, and returning, must have an identification chip inside them, but these are expensive and relatively large (12mm by 2mm in diameter), and the readers have a very restricted range.
The system developed by Somark uses an array of needles to quickly inject a pattern of dots into each animal, with the pattern changing for each injection. This pattern can then be read from over a meter away using a proprietary reader operating at high frequency.
Traditional radio frequency identification (RFID) technologies use tags stapled to the ears of animals, but these are much more expensive and have a habit of tearing out too, which is unpleasant for the animal as well as inconvenient for the farmer. The systems currently used for pets are internal, so can't tear out, but are much more expensive again.
Somark are in the process of raising money to exploit the technology, and point out that what works for animals can, of course, also work for people; identifying Military Personnel as one of their secondary markets, after cattle and other livestock.
http://www.theregister.co.uk/2007/01/16/rfid_tattoo/
Documents Borne by Winds of Free Speech
Tom Zeller Jr.
A showdown is scheduled for a federal courtroom in Brooklyn tomorrow afternoon, where words like “First Amendment” and “freedom of speech” and “prior restraint” are likely to mix seamlessly with references to “BitTorrent” and “Wiki.”
It is a messy plot that pits Eli Lilly, the pharmaceutical giant at the center of several articles in The New York Times suggesting that the company tried to hide or play down the health risks of its leading antipsychotic drug, Zyprexa, and lawyers representing various individuals, organizations and Web sites — all arguing that their online speech has been gagged.
The case has attracted the attention of the Electronic Frontier Foundation, the venerable digital rights group based in San Francisco, and one of its lawyers, Fred von Lohmann, who is now representing an anonymous Internet user caught up in the legal fracas.
“One of the core missions of the foundation’s 16-year history has been to establish that when you go online, you take with you all the same civil rights with you had with you in prior media,” said Mr. von Lohmann. “But of course, you need to fight for that principle.”
•
The quick background:
It all began with Dr. David Egilman of Massachusetts, who was a consulting witness in ongoing litigation against Lilly. Dr. Egilman had in his possession a trove of internal Lilly documents — not all of them flattering to the company — sealed by the court as part of that litigation.
Comes James B. Gottstein, a lawyer from Alaska, who was pursuing unrelated litigation for mentally ill patients in his state. He somehow got wind (and precisely how is the subject of separate legal jujitsu) that Dr. Egilman had some interesting documents.
Mr. Gottstein sends Dr. Egilman a subpoena for copies. Hell begins breaking loose.
In a letter dated Dec. 6, Dr. Egilman informed Lilly’s lawyers, as was required by the order sealing the documents, that he had been subpoenaed. Lilly’s lawyers expressed their deep displeasure in a Dec. 14 letter to Mr. Gottstein, and politely told him to back off. In a response a day later, Mr. Gottstein informed them, among other things, that it was too late, and that some of the material had already been produced.
It seems Mr. Gottstein was also apparently in a sharing mood, which is how hundreds of pages ended up with a Times reporter, Alex Berenson — and about a dozen or so other individuals and organizations.
This is also how copies of the documents ended up on various Web servers — and when that happened, things changed. While surely painful for Lilly, the online proliferation began flirting with some bedrock principles of free speech and press, as well as some practical realities that looked a fair bit like toothpaste out of its tube.
Nonetheless, last month, United States District Judge Jack B. Weinstein ordered Mr. Gottstein to provide a list of recipients to whom he had distributed the contraband pages, and to collect each copy back.
The Times, which politely declined to oblige, has since been left out of the legal wrangling, but on Dec. 29, the court temporarily enjoined an expansive list — 14 named individuals, two health advocacy groups (MindFreedom International and the Alliance for Human Research Protection), their Web sites, and a site devoted to the Zyprexa issue — not just from “further disseminating these documents.” They were specifically ordered to communicate the injunction to anyone else who had copies, and enjoined from “posting information to Web sites to facilitate dissemination of these documents.”
That’s right — it appeared that even writing on their Web sites something like, “Hey, there’s a site in Brazil where you can get those Zyprexa documents,” would run afoul of the injunction.
The order was extended by Judge Weinstein on Jan. 4, and tomorrow the court will revisit the issue at length.
As Mr. von Lohmann and the Electronic Frontier Foundation see it, the injunction is simply untenable. Whatever the legal merits of Lilly’s claims against Mr. Gottstein and Dr. Egilman for violating the seal, the court’s power to stifle the ever-growing chain of unrelated individuals and Web sites who, after one or two degrees of remove, had nothing to do with the Lilly litigation, cannot extend to infinity. Very quickly, Mr. von Lohmann argues, you are dealing with ordinary citizens who are merely trading in and discussing documents of interest to public health.
“Judges have a natural inclination that if documents have been stolen under their watch, they want to get them back,” said Mr. von Lohmann, whose John Doe client was a contributor to the site zyprexa.pbwiki.com — a wiki where a hive of users compiled and contributed links and information relating to the Zyprexa case. “But there are some limits to how many degrees of separation the court can reach.”
There is also a traditionally high bar set for placing prior restraint on the press — which, whether Judge Weinstein recognizes it or not, very much includes a colony of citizen journalists feeding a wiki.
Of course, the other, slightly more absurd side to all this is that attempting to stop the documents from spreading is, by now, a Sisyphean task.
“The court is trying to get the genie back into the bottle until it can sort out what’s going on through the course of litigation, which takes place at non-Internet speed,” said Jonathan Zittrain, a professor of Internet governance and regulation at Oxford and a founder of the Berkman Center for Internet & Society at Harvard Law School.
“Perhaps the court thinks that whoever is adding to the wiki is among the parties to the original case,” Professor Zittrain said. “That’s understandable, but it puts the court in a no-win situation. It’s left issuing an order that sounds like no one in the world is allowed to post the documents.”
For its part, even The Times, which often posts original documents for its readers, tried to put the things online when Mr. Berenson wrote his first article, but the raw pages — more than 350 individual image files weighing in at over 500 megabytes — proved unwieldy.
George H. Freeman, vice president and general counsel for The Times, said, “The Times fulfilled its role by doing a lot of research and then highlighting and including the most important issues and documents in a series of well-placed news articles.”
•
For now, copies of the Lilly documents sit defiantly on servers in Sweden, and under a domain registered at Christmas Island, the Australian dot in the ocean 224 miles off the coast of Java. “Proudly served from outside the United States,” the site declares. There are surely others.
On his TortsProf blog (
snipurl.com/Torts), William G. Childs, an assistant professor at Western New England School of Law in Springfield, Mass., put it this way in a headline: “Judge Tries to Unring Bell Hanging Around Neck of Horse Already Out of Barn Being Carried on Ship That Has Sailed.”
http://www.nytimes.com/2007/01/15/te...gy/15link.html
The Chilling Effect
How the Web Makes Creating Software Vulnerabilities Easier, Disclosing Them More Difficult and Discovering Them Possibly Illegal.
Scott Berinato
Last February at Purdue University, a student taking "cs390s—Secure Computing" told his professor, Dr. Pascal Meunier, that a Web application he used for his physics class seemed to contain a serious vulnerability that made the app highly insecure. Such a discovery didn't surprise Meunier. "It's a secure computing class; naturally students want to discover vulnerabilities."
They probably want to impress their prof, too, who's a fixture in the vulnerability discovery and disclosure world. Dr. Meunier has created software that interfaces with vulnerability databases. He created ReAssure, a kind of vulnerability playground, a safe computing space to test exploits and perform what Meunier calls "logically destructive experiments." He sits on the board of editors for the Common Vulnerabilities and Exposures (CVE) service, the definitive dictionary of all confirmed software bugs. And he has managed the Vulnerabilities Database and Incident Response Database projects at Purdue's Center for Education and Research in Information and Assurance, or Cerias, an acronym pronounced like the adjective that means "no joke."
When the undergraduate approached Meunier, the professor sensed an educational opportunity and didn't hesitate to get involved. "We wanted to be good citizens and help prevent the exploit from being used," he says. In the context of vulnerable software, it would be the last time Meunier decided to be a good citizen. Meunier notified the authors of the physics department application that one of his students—he didn't say which one—had found a suspected flaw, "and their response was beautiful," says Meunier. They found, verified and fixed the bug right away, no questions asked.
But two months later, in April, the same physics department website was hacked. A detective approached Meunier, whose name was mentioned by the staff of the vulnerable website during questioning. The detective asked Meunier for the name of the student who had discovered the February vulnerability. The self-described "stubborn idealist" Meunier refused to name the student. He didn't believe it was in that student's character to hack the site and, furthermore, he didn't believe the vulnerability the student had discovered, which had been fixed, was even connected to the April hack.
The detective pushed him. Meunier recalls in his blog: "I was quickly threatened with the possibility of court orders, and the number of felony counts in the incident was brandished as justification for revealing the name of the student." Meunier's stomach knotted when some of his superiors sided with the detective and asked him to turn over the student. Meunier asked himself: "Was this worth losing my job? Was this worth the hassle of responding to court orders, subpoenas, and possibly having my computers (work and personal) seized?" Later, Meunier recast the downward spiral of emotions: "I was miffed, uneasy, disillusioned."
This is not good news for vulnerability research, the game of discovering and disclosing software flaws. True, discovery and disclosure always have been contentious topics in the information security ranks. For many years, no calculus existed for when and how to ethically disclose software vulnerabilities. Opinions varied on who should disclose them, too. Disclosure was a philosophical problem with no one answer but rather, schools of thought. Public shaming adherents advised security researchers, amateurs and professionals alike to go public with software flaws early and often and shame vendors into fixing their flawed code. Back-channel disciples believed in a strong but limited expert community of researchers working with vendors behind the scenes. Many others' disclosure tenets fell in between.
Still, in recent years, with shrink-wrapped software, the community has managed to develop a workable disclosure process. Standard operating procedures for discovering bugs have been accepted and guidelines for disclosing them to the vendor and the public have fallen into place, and they have seemed to work. Economists have even proved a correlation between what they call "responsible disclosure" and improved software security.
But then, right when security researchers were getting good at the disclosure game, the game changed. The most critical code moved to the Internet, where it was highly customized and constantly interacting with other highly customized code. And all this Web code changed often, too, sometimes daily. Vulnerabilities multiplied quickly. Exploits followed.
But researchers had no counterpart methodology for disclosing Web vulnerabilities that mirrored the system for vulnerability disclosure in off-the-shelf software. It's not even clear what constitutes a vulnerability on the Web. Finally, and most serious, legal experts can't yet say whether it's even legal to discover and disclose vulnerabilities on Web applications like the one that Meunier's student found.
To Meunier's relief, the student volunteered himself to the detective and was quickly cleared. But the effects of the episode are lasting. If it had come to it, Meunier says, he would have named the student to preserve his job, and he hated being put in that position. "Even if there turn out to be zero legal consequences" for disclosing Web vulnerabilities, Meunier says, "the inconvenience, the threat of being harassed is already a disincentive. So essentially now my research is restricted."
He ceased using disclosure as a teaching opportunity as well. Meunier wrote a five-point don't-ask-don't-tell plan he intended to give to cs390s students at the beginning of each semester. If they found a Web vulnerability, no matter how serious or threatening, Meunier wrote, he didn't want to hear about it. Furthermore, he said students should "delete any evidence you knew about this problem...go on with your life," although he later amended this advice to say students should report vulnerabilities to CERT/CC.
A gray pall, a palpable chilling effect has settled over the security research community. Many, like Meunier, have decided that the discovery and disclosure game is not worth the risk. The net effect of this is fewer people with good intentions willing to cast a necessary critical eye on software vulnerabilities. That leaves the malicious ones, unconcerned by the legal or social implications of what they do, as the dominant demographic still looking for Web vulnerabilities.
The Rise of Responsible Disclosure
In the same way that light baffles physicists because it behaves simultaneously like a wave and a particle, software baffles economists because it behaves simultaneously like a manufactured good and a creative expression. It's both product and speech. It carries the properties of a car and a novel at the same time. With cars, manufacturers determine quality largely before they're released and the quality can be proven, quantified. Either it has air bags or it doesn't. With novels (the words, not the paper stock and binding), quality depends on what consumers get versus what they want. It is subjective and determined after the book has been released. Moby-Dick is a high-quality creative venture to some and poor quality to others. At any rate, this creates a paradox. If software is both scientifically engineered and creatively conjured, its quality is determined both before and after it's released and is both provable and unprovable.
In fact, says economist Ashish Arora at Carnegie Mellon University, it is precisely this paradox that leads to a world full of vulnerable software. "I'm an economist so I ask myself, Why don't vendors make higher quality software?" After all, in a free market, all other things being equal, a better engineered product should win over a lesser one with rational consumers. But with software, lesser-quality products, requiring massive amounts of repair post-release, dominate. "The truth is, as a manufactured good, it's extraordinarily expensive [and] time-consuming [to make it high quality]." At the same time, as a creative expression, making "quality" software is as indeterminate as the next best-seller. "People use software in so many ways, it's very difficult to anticipate what they want.
"It's terrible to say," Arora concedes, "but in some ways, from an economic perspective, it's more efficient to let the market tell you the flaws once the software is out in the public." The same consumers who complain about flawed software, Arora argues, would neither wait to buy the better software nor pay the price premium for it if more-flawed, less-expensive software were available sooner or at the same time. True, code can be engineered to be more secure. But as long as publishing vulnerable software remains legal, vulnerable software will rule because it's a significantly more efficient market than the alternative, high-security, low-flaw market.
The price consumers pay for supporting cheaper, buggy software is they become an ad hoc quality control department. They suffer the consequences when software fails. But vendors pay a price, too. By letting the market sort out the bugs, vendors have ceded control over who looks for flaws in their software and how flaws are disclosed to the public. Vendors can't control how, when or why a bug is disclosed by a public full of people with manifold motivations and ethics. Some want notoriety. Some use disclosure for corporate marketing. Some do it for a fee. Some have collegial intentions, hoping to improve software quality through community efforts. Some want to shame the vendor into patching through bad publicity. And still others exploit the vulnerabilities to make money illicitly or cause damage.
"Disclosure is one of the main ethical debates in computer security," says researcher Steve Christey. "There are so many perspectives, so many competing interests, that it can be exhausting to try and get some movement forward."
What this system created was a kind of free-for-all in the disclosure bazaar. Discovery and disclosure took place without any controls. Hackers traded information on flaws without informing the vendors. Security vendors built up entire teams of researchers whose job was to dig up flaws and disclose them via press release. Some told the vendors before going public. Others did not. Freelance consultants looked for major flaws to make a name for themselves and drum up business. Sometimes these flaws were so esoteric that they posed minimal real-world risk, but the researcher might not mention that. Sometimes the flaws were indeed serious, but the vendor would try to downplay them. Still other researchers and amateur hackers tried to do the right thing and quietly inform vendors when they found holes in code. Sometimes the vendors chose to ignore them and hope security by obscurity would protect them. Sometimes, Arora alleges, vendors paid mercenaries and politely asked them to keep it quiet while they worked on a fix.
Vulnerability disclosure came to be thought of as a messy, ugly, necessary evil. The madness crested, famously, at the Black Hat hacker conference in Las Vegas in 2005, when a researcher named Michael Lynn prepared to disclose to a room full of hackers and security researchers serious flaws in Cisco's IOS software, the code that controls many of the routers on the Internet. His employer, ISS (now owned by IBM) warned him not to disclose the vulnerabilities. So he quit his job. Cisco in turn threatened legal action and ordered workers to tear out pages from the conference program and destroy conference CDs that contained Lynn's presentation. Hackers accused Cisco of spin and censorship. Vendors accused hackers of unethical and dangerous speech. In the end, Lynn gave his presentation. Cisco sued. Lynn settled and agreed not to talk about it anymore.
The confounding part of all the grandstanding, though, was how unnecessary it was. In fact, as early as 2000, a hacker known as Rain Forest Puppy had written a draft proposal for how responsible disclosure could work. In 2002, researchers Chris Wysopal and Christey picked up on this work and created a far more detailed proposal. Broadly, it calls for a week to establish contact between the researcher finding a vulnerability and a vendor's predetermined liaison on vulnerabilities. Then it gives the vendor, as a general guideline, 30 days to develop a fix and report it to the world through proper channels. It's a head-start program, full disclosure—delayed. It posits that a vulnerability will inevitably become public, so here's an opportunity to create a fix before that happens, since the moment it does become public the risk of exploit increases. Wysopal and Christey submitted the draft to the IETF (Internet Engineering Task Force), where it was well-received but not adopted because it focused more on social standards, not technical ones.
Still, its effects were lasting, and by 2004, many of its definitions and tenets had been folded into the accepted disclosure practices for shrink-wrapped software. By the time Lynn finally took the stage and disclosed Cisco's vulnerabilities, US-CERT, Mitre's CVE dictionary (Christey is editor), and Department of Homeland Security guidelines all used large swaths of Wysopal's and Christey's work.
Recently, economist Arora conducted several detailed economic and mathematical studies on disclosure, one of which seemed to prove that vendors patch software faster when bugs are reported through this system. For packaged software, responsible disclosure works.
From Buffer Overflows to Cross-Site Scripting
Three vulnerabilities that followed the responsible disclosure process recently are CVE-2006-3873, a buffer overflow in an Internet Explorer DLL file; CVE-2006-3961, a buffer overflow in an Active X control in a McAfee product; and CVE-2006-4565, a buffer overflow in the Firefox browser and Thunderbird e-mail program. It's not surprising that all three are buffer overflows. With shrink-wrapped software, buffer overflows have been for years the predominant vulnerability discovered and exploited.
But shrink-wrapped, distributable software, while still proliferating and still being exploited, is a less desirable target for exploiters than it once was. This isn't because shrink-wrapped software is harder to hack than it used to be—the number of buffer overflows discovered has remained steady for half a decade, according to the CVE (see chart on Page 21). Rather, it's because websites have even more vulnerabilities than packaged software, and Web vulnerabilities are as easy to discover and hack and, more and more, that's where hacking is most profitable. In military parlance, webpages provide a target-rich environment.
The speed with which Web vulnerabilities have risen to dominate the vulnerability discussion is startling. Between 2004 and 2006, buffer overflows dropped from the number-one reported class of vulnerability to number four. Counter to that, Web vulnerabilities shot past buffer overflows to take the top three spots. The number-one reported vulnerability, cross-site scripting (XSS) comprised one in five of all CVE-reported bugs in 2006.
To understand XSS is to understand why, from a technical perspective, it will be so hard to apply responsible disclosure principles to Web vulnerabilities.
Cross-site scripting (which is something of a misnomer) uses vulnerabilities in webpages to insert code, or scripts. The code is injected into the vulnerable site unwittingly by the victim, who usually clicks on a link that has HTML and JavaScript embedded in it. (Another variety, less common and more serious, doesn't require a click). The link might promise a free iPod or simply seem so innocuous, a link to a news story, say, that the user won't deem it dangerous. Once clicked, though, the embedded exploit executes on the targeted website's server. The scripts will usually have a malicious intent—from simply defacing the website to stealing cookies or passwords, or redirecting the user to a fake webpage embedded in a legitimate site, a high-end phishing scheme that affected PayPal last year. A buffer overflow targets an application. But XSS is, as researcher Jeremiah Grossman (founder of WhiteHat Security) puts it, "an attack on the user, not the system." It requires the user to visit the vulnerable site and participate in executing the code.
This is reason number one it's harder to disclose Web vulnerabilities. What exactly is the vulnerability in this XSS scenario? Is it the design of the page? Yes, in part. But often, it's also the social engineering performed on the user and his browser. A hacker who calls himself RSnake and who's regarded in the research community as an expert on XSS goes even further, saying, "[XSS is] a gateway. All it means is I can pull some code in from somewhere." In some sense it is like the door to a house. Is a door a vulnerability? Or is it when it's left unlocked that it becomes a vulnerability? When do you report a door as a weakness—when it's just there, when it's left unlocked, or when someone illegally or unwittingly walks through it? In the same way, it's possible to argue that careless users are as much to blame for XSS as software flaws. For the moment, let's treat XSS, the ability to inject code, as a technical vulnerability.
Problem number two with disclosure of XSS is its prevalence. Grossman, who founded his own research company, WhiteHat, claims XSS vulnerabilities can be found in 70 percent of websites. RSnake goes further. "I know Jeremiah says seven of 10. I'd say there's only one in 30 I come across where the XSS isn't totally obvious. I don't know of a company I couldn't break into [using XSS]."
If you apply Grossman's number to a recent Netcraft survey, which estimated that there are close to 100 million websites, you've got 70 million sites with XSS vulnerabilities. Repairing them one-off, two-off, 200,000-off is spitting in the proverbial ocean. The Week in Review is edited and published by Jack Spratts. Even if you've disclosed, you've done very little to reduce the overall risk of exploit. "Logistically, there's no way to disclose this stuff to all the interested parties," Grossman says. "I used to think it was my moral professional duty to report every vulnerability, but it would take up my whole day."
What's more, new XSS vulnerabilities are created all the time, first because many programming languages have been made so easy to use that amateurs can rapidly build highly insecure webpages. And second because, in those slick, dynamic pages commonly marketed as "Web 2.0," code is both highly customized and constantly changing, says Wysopal, who is now CTO of Veracode. "For example, look at IIS [Microsoft's shrink-wrapped Web server software]," he says. "For about two years people were hammering on that and disclosing all kinds of flaws. But in the last couple of years, there have been almost no new vulnerabilities with IIS. It went from being a dog to one of the highest security products out there. But it was one code base and lots of give-and-take between researchers and the vendor, over and over.
"On the Web, you don't have that give and take," he says. You can't continually improve a webpage's code because "Web code is highly customized. You won't see the same code on two different banking sites, and the code changes all the time."
That means, in the case of Web vulnerabilities, says Christey, "every input and every button you can press is a potential place to attack. And because so much data is moving you can lose complete control. Many of these vulnerabilities work by mixing code where you expect to mix it. It creates flexibility but it also creates an opportunity for hacking."
There are in fact so many variables in a Web session—how the site is configured and updated, how the browser is visiting the site configured to interact with the site—that vulnerabilities to some extent become a function of complexity. They may affect some subset of users—people who use one browser over another, say. When it's difficult to even recreate the set of variables that comprise a vulnerability, it's hard to responsibly disclose that vulnerability.
"In some ways," RSnake says, "there is no hope. I'm not comfortable telling companies that I know how to protect them from this."
A wake-up call for websites
Around breakfast one day late last August, RSnake started a thread on his discussion board, Sla.ckers.org, a site frequented by hackers and researchers looking for interesting new exploits and trends in Web vulnerabilities. RSnake's first post was titled "So it begins." All that followed were two links,
www.alexa.com and
www.altavista.com, and a short note: "These have been out there for a while but are still unfixed." Clicking on the links exploited XSS vulnerabilities with a reasonably harmless, proof-of-concept script. RSnake had disclosed vulnerabilities.
He did this because he felt the research community and, more to the point, the public at large, neither understood nor respected the seriousness and prevalence of XSS. It was time, he says, to do some guerilla vulnerability disclosure. "I want them to understand this isn't Joe Shmoe finding a little hole and building a phishing site," RSnake says. "This is one of the pieces of the puzzle that could be used as a nasty tool."
If that first post didn't serve as a wake-up call, what followed it should. Hundreds of XSS vulnerabilities were disclosed by the regular klatch of hackers at the site. Most exploited well-known, highly trafficked sites. Usually the posts included a link that included a proof-of-concept exploit. An XSS hole in
www.gm.com, for example, simply delivered a pop-up dialog box with an exclamation mark in the box. By early October, anonymous lurkers were contributing long lists of XSS-vulnerable sites. In one set of these, exploit links connected to a defaced page with Sylvester Stallone's picture on it and the message "This page has been hacked! You got Stallown3d!1" The sites this hacker contributed included the websites of USA Today, The New York Times, The Boston Globe, ABC, CBS, Warner Bros., Petco, Nike, and Linens 'n Things. "What can I say?" RSnake wrote. "We have some kick-ass lurkers here."
Some of the XSS holes were closed up shortly after appearing on the site. Others remain vulnerable. At least one person tried to get the discussion board shut down, RSnake says, and a couple of others "didn't react in a way that I thought was responsible." Contacts from a few of the victim sites—Google and Mozilla, among others—called to tell RSnake they'd fixed the problem and "to say thanks through gritted teeth." Most haven't contacted him, and he suspects most know about neither the discussion thread nor their XSS vulnerabilities.
By early November last year, the number of vulnerable sites posted reached 1,000, many discovered by RSnake himself. His signature on his posts reads "RSnake—Gotta love it." It connotes an aloofness that permeates the discussion thread, as if finding XSS vulnerabilities were too easy. It's fun but hardly professionally interesting, like Tom Brady playing flag football.
Clearly, this is not responsible disclosure by the standards shrink-wrapped software has come to be judged, but RSnake doesn't think responsible disclosure, even if it were somehow developed for Web vulnerabilities (and we've already seen how hard that will be, technically), can work. For one, he says, he'd be spending all day filling out vulnerability reports. But more to the point, "If I went out of my way to tell them they're vulnerable, they may or may not fix it, and, most importantly, the public doesn't get that this is a big problem."
Discovery Is (Not?) a Crime
RSnake is not alone in his skepticism over proper channels being used for something like XSS vulnerabilities. Wysopal himself says that responsible disclosure guidelines, ones he helped develop, "don't apply at all with Web vulnerabilities." Implicit in his and Christey's process was the idea that the person disclosing the vulnerabilities was entitled to discover them in the first place, that the software was theirs to inspect. (Even on your own software, the end user license agreement—EULA—and the Digital Millennium Copyright Act—DMCA—limit what you can do with/to it). The seemingly endless string of websites RSnake and the small band of hackers had outed were not theirs to audit.
Disclosing the XSS vulnerabilities on those websites was implicitly confessing to having discovered that vulnerability. Posting the exploit code—no matter how innocuous—was definitive proof of discovery. That, it turns out, might be illegal.
No one knows for sure yet if it is, but how the law develops will determine whether vulnerability research will get back on track or devolve into the unorganized bazaar that it once was and that RSnake's discussion board hints it could be.
The case law in this space is sparse, but one of the few recent cases that address vulnerability discovery is not encouraging. A man named Eric McCarty, after allegedly being denied admission to the University of Southern California, hacked the online admission system, copied seven records from the database and mailed the information under a pseudonym to a security news website. The website notified the university and subsequently published information about the vulnerability. McCarty made little attempt to cover his tracks and even blogged about the hack. Soon enough, he was charged with a crime. The case is somewhat addled, says Jennifer Granick, a prominent lawyer in the vulnerability disclosure field and executive director at Stanford's Center for Internet and Society. "The prosecutor argued that it's because he copied the data and sent it to an unauthorized person that he's being charged," says Granick, "but copying data isn't illegal. So you're prosecuting for unauthorized testing of the system"—what any Web vulnerability discoverer is doing—"but you're motivated by what they did with the information. It's kind of scary."
Two cases in a similar vein preceded McCarty's. One was acquitted in less than half an hour, Granick says; in the other, prosecutors managed to convict the hacker, but, in a strange twist, they dropped the conviction on appeal (Granick represented the defendant on the appeal). In the USC case, though, McCarty pleaded guilty to unauthorized access. Granick calls this "terrible and detrimental."
"Law says you can't access computers without permission," she explains. "Permission on a website is implied. So far, we've relied on that. The Internet couldn't work if you had to get permission every time you wanted to access something. But what if you're using a website in a way that's possible but that the owner didn't intend? The question is whether the law prohibits you from exploring all the ways a website works," including through vulnerabilities.
Granick would like to see a rule established that states it's not illegal to report truthful information about a website vulnerability, when that information is gleaned from taking the steps necessary to find the vulnerability, in other words, benevolently exploiting it. "Reporting how a website works has to be different than attacking a website," she says. "Without it, you encourage bad disclosure, or people won't do it at all because they're afraid of the consequences." Already many researchers, including Meunier at Purdue, have come to view a request for a researchers' proof-of-concept exploit code as a potentially aggressive tactic. Handing it over, Meunier says, is a bad idea because it's proof that you've explored the website in a way the person you're giving the code to did not intend. The victim you're trying to help could submit that as Exhibit A in a criminal trial against you.
RSnake says he thought about these issues before he started his discussion thread. "I went back and forth personally," he says. "Frankly, I don't think it's really illegal. I have no interest in exploiting the Web." As for others on the discussion board "everyone on my board, I believe, is nonmalicious." But he acknowledges that the specter of illegality and the uncertainty surrounding Web vulnerability disclosure are driving some researchers away and driving others, just as Granick predicted, to try to disclose anonymously or through back channels, which he says is unfortunate. "We're like a security lab. Trying to shut us down is the exact wrong response. It doesn't make the problem go away. If anything, it makes it worse. What we're doing is not meant to hurt companies. It's meant to make them protect themselves. I'm a consumer advocate."
A Limited Pool of Bravery
What happens next depends, largely, on those who publish vulnerable software on the Web. Will those with vulnerable websites, instead of attacking the messenger, work with the research community to develop some kind of responsible disclosure process for Web vulnerabilities, as complex and uncertain a prospect as that is? Christey remains optimistic. "Just as with shrink-wrapped software five years ago, there are no security contacts and response teams for Web vulnerabilities. In some ways, it's the same thing over again. If the dynamic Web follows the same pattern, it will get worse before it gets better, but at least we're not at square one." Christey says his hope rests in part on an efficacious public that demands better software and a more secure Internet, something he says hasn't materialized yet.
Or will they start suing, threatening, harassing those who discover and disclose their Web vulnerabilities regardless of the researchers' intention, confidently cutting the current with the winds of McCarty's guilty plea filling their sails? Certainly this prospect concerns legal scholars and researchers, even ones who are pressing forward and discovering and disclosing Web vulnerabilities despite the current uncertainty and risk. Noble as his intentions may be, RSnake is not in the business of martyrdom. He says, "If the FBI came to my door [asking for information on people posting to the discussion board], I'd say 'Here's their IP address.' I do not protect them. They know that."
He sounds much as Meunier did when he conceded that he'd have turned over his student if it had come to that. In the fifth and final point he provides for students telling them that he wants no part of their vulnerability discovery and disclosure, he writes: "I've exhausted my limited pool of bravery. Despite the possible benefits to the university and society at large, I'm intimidated by the possible consequences to my career, bank account and sanity. I agree with [noted security researcher] H.D. Moore, as far as production websites are concerned: 'There is no way to report a vulnerability safely.'"
http://www.csoonline.com/read/010107/fea_vuln.html
Beijing's Censors Unleash a Monster
A farmer's son is using the blog to change Chinese web culture
Geoffrey York
It was just another routine act of censorship in a country where the censors rule. But as they casually killed the articles, the Chinese censors were unaware that they were unleashing a monster.
From that simple act of censorship in 2002, the phenomenon of blogging was born in China. The censors forced their victim to create a new channel for free expression -- a channel now used by tens of millions of Chinese citizens.
The author of the banned articles, a young journalist named Fang Xingdong, was an outspoken critic of the software giant Microsoft. But two hours after his critical essays about the company were published on July 6, 2002, they suddenly disappeared from every website in the country, deemed too controversial.
"I had been one of the pioneers of the Internet in China," he recalls. "Yet after six years of being published on the Internet, suddenly I couldn't get on any websites."
Frustrated and angry, he talked to a friend who mentioned the emergence of blogging in the United States. He glanced at a few blogs. At first they seemed too primitive. But as he thought about it, he began to see the creative possibilities.
"I was very excited," he says. "I couldn't sleep all night."
Four years later, Mr. Fang is chairman and chief executive of China's biggest blogging empire. His company, Bokee, is host to about 14 million bloggers, a quarter of the entire Chinese market, and it gains more than 10,000 new bloggers every day.
Blogging has become the hottest media trend in China. And his company is so popular that it has attracted the interest of media tycoons such as Rupert Murdoch.
He laughs modestly when people call him the father of Chinese blogging. But it was Mr. Fang who coined the Chinese word for blogging and wrote a lengthy Declaration of Chinese Bloggers to popularize the concept. (He decided that blog should be translated as boke, which sounds similar to the English word but can also be translated as "plentiful guests" or "knowledgeable man.")
While blogging is the latest fashion among Chinese celebrities and writers today, it was a difficult struggle for Mr. Fang to promote the concept in its early days. "I spent a lot of time explaining blogs in 2002 and 2003, and now people finally see that I was right," he says.
"Blogs have changed the way information is spread in China. In the past, it was always the editors who chose what was on the Internet. But blogging has allowed people from behind the curtain to stand in front of the curtain. It's had a revolutionary effect, from the bottom up."
Mr. Fang, 37, is a farmer's son who studied electrical engineering and later became a journalist and IT analyst. Until he went to university, he still helped with the annual seeding and harvesting on the family farm. He calls himself a "common man" who was never a top student. His plain office, devoid of luxuries, reveals that he still has the frugality of a peasant. "Because of my life experiences, I feel close to the grassroots," he says.
In the early years of blogging, one of his biggest obstacles was the hostility of China's Communist rulers, who had an instinctive suspicion of anything that might put even a small piece of power in the hands of the masses. It took a long series of meetings from 2002 to 2004, but he eventually won the argument by appealing to officials' patriotism.
"We did a lot of work to persuade them. They thought blogging was too messy -- everyone would have the right to publish on the Net. They took an ideological stand. But we said this was an international trend. If people weren't allowed to blog in China, they would go to foreign sites. We're very proud that today it is domestic companies who are the main blog sites in China, not foreign sites."
Of course, the authorities did not allow a completely wide-open system. Censorship is still practised, even at Mr. Fang's company. Among his 80 employees are 10 people who comb through the blogs every day, deleting anything deemed to be obscene or politically unacceptable.
He hopes that the Chinese blogosphere will become self-regulating. "If it's more orderly, there will be less pressure on us," he says. "I think a blog should have a basic foundation of morality and law. I compare it to a person's home."
He rejects complaints from people who say he has sold out. He points out that he was one of the first to criticize a recent proposed regulation that would force bloggers to register with real names.
"I had to change my role from being a critic to being an administrator, but I haven't lost my independence," he says. "I still criticize some of the most powerful companies."
His company, which attracted a $10-million investment from venture capitalists last year, is not yet profitable. But he expects it to break even within six months. After that, he hopes to become competitive with the biggest websites in China, which would make his one of the most popular in the world.
Even as he gives an interview, Mr. Fang is unable to stop his fingers from straying to his laptop keyboard to tap out the latest entry in one of the three blogs that he still maintains. He estimates that he spends 10 hours a day on the Internet.
One of his blogs is a review of movies that he watches. "My only hobby now is watching DVDs," he says. "In the past, I liked to read books, but I don't have time for that any more."
The Globe is profiling people poised to rise to international prominence
Another Web tycoon
At 31, Tom Anderson is six years younger than Fang Xingdong, but has already built and sold his Internet company.
After graduating from the University of California, Los Angeles, with a master's degree in film studies, Mr. Anderson and a friend, Chris DeWolf, launched the social networking site MySpace.com in early 2003.
The site became so successful that it now hosts 80 per cent of all social-networking traffic and has more than 100 million individual accounts. In July, 2005, the site was sold for $580-million (U.S.) to News Corp.'s Rupert Murdoch, who has also discussed investing in Mr. Fang's Bokee.
http://www.theglobeandmail.com/servl...echnology/home
New Lobbying Bill to Criminalize Political Bloggers?
Nate Anderson
One of the Democratic priorities for the new Congress was passage of a lobbyist reform bill, but the introduction of S.1 into the Senate has caused a veritable firestorm of controversy. That's because section 220 of the bill introduces disclosure requirements for "paid efforts to stimulate grassroots lobbying." The Traditional Values Coalition calls this section the "most expansive intrusion on First Amendment rights ever proposed in the United States Senate," while GrassrootsFreedom.com chairman Richard Viguerie says that if it passes, "We'd be living under totalitarianism, not democracy." But are these accurate statements, or is truth the first casualty of rhetoric?
S.1 would change the rules for lobbyists. It bans all gifts from lobbyists, imposes restrictions on trips and accommodation offered to elected officials, and requires all "earmarks" to be identified in spending bills, according to the Congressional Budget Office. But the bill also wants to bring disclosure requirements to the murky world of astroturf groups (so-called because they mimic real grassroots organizations). This is certainly a noble goal; undisclosed corporate money washes through so many front groups now that it can be difficult to tell when opinions are genuine and when they are bought and sold.
Section 220 of the bill "would require grassroots causes, even bloggers, who communicate to 500 or more members of the public on policy matters, to register and report quarterly to Congress the same as the big K. Street lobbyists," said Viguerie in a statement, but the truth isn't that simple.
First, a couple of facts: though groups like the Family Research Council claim that "the liberal leadership in the US Senate seeks to silence groups like the Family Research Council," the bill was actually cosponsored by Mitch McConnell (R-KY), the top Republican leader in the Senate. What's more, the bill appears to be an exact reintroduction of last year's S.2349, which was introduced by Trent Lott (R-MS) and actually passed the Republican-controlled Senate, complete with section 220.
So much for the liberal plot. In fact, some liberal groups oppose the measure, including the ACLU. The group argues that the reporting requirements are "onerous" and that "people must be able to disseminate information, contact their representatives, and encourage others to do so as well."
So what's in the bill?
Section 220 introduces a series of modifications to the 1995 Lobbying Disclosure Act. The most important is that "paid efforts to stimulate grassroots lobbying" now counts as "lobbying" under certain circumstances. Currently, lobbyists are only considered as such if they have contact with elected officials or staff members. Should the new bill become law, disclosure and reporting requirements for lobbyists would be extended to groups who attempt to influence the general public to contact legislators.
This is what has inspired claims that bloggers and activists of all stripes will suddenly be classed as lobbyists and will be monitored by the government. What the bill says, though, is that the rules only apply to people who are paid by clients to encourage the public to contact Congress about specific legislation. The rules do not apply to any communication directed at less than 500 people, they do not apply to any communication directed at a group's current membership, and they do not impose any speech regulations (all that is required is a quarterly report describing where one's money came from and what bills were worked on).
Would this apply to a political blogger? Not usually. Because section 220 is only a series of changes to the Lobbying Disclosure Act, that legislation's other rules still apply. According to OMB Watch, a government accountability watchdog group, the LDA's registration requirement is only triggered by groups that spend more than $24,500 on lobbying semiannually and employ a least one person who spends 20 percent or more of their work time on lobbying. The bill also concerns only the federal government; groups operating at the state level are exempt.
It might apply to groups like the Family Research Council and the ACLU, however, but that seems to be exactly the intent of the bill. These are major advocacy groups in the same league as the astroturf groups so often funded by industry, not tiny nonprofits operating out a rented storefront in a downtrodden Midwest town—or bloggers operating from a basement.
The measure will hardly "send critics to jail," as Richard Viguerie warns, and it's simply not true that the "Senate will have criminalized the exercise of First Amendment rights." Sending in a form can hardly be counted as draconian government harrassment, much less criminalization of free speech, and it won't apply to most small advocacy groups or bloggers anyway. (Note that Viguerie is referred to as the "direct mail titan of the right" by SourceWatch, and that he would need to disclose his clients and their payments to him in many cases if this law were to pass).
The legislation seems designed instead to give the public more information about who is funding public advocacy campaigns. Much as prescription drug makers have begun advertising their products directly to the general public, other corporations have found it more productive to disguise their interest in an issue, convince the public that it's either good or bad, then let individuals contact Congress directly. This gives their message more credibility, but citizens first need to know that the sources for these messages are credible.
Sen. Robert Bennett (R-UT), though, is concerned that section 220 is overly broad. He has introduced amendment 20, which would kill section 220 but leave the rest of the bill intact. (As a sign of just how much interest the bill has received on Capitol Hill, it currently has 96 proposed amendments).
S.1 has not yet come to a vote, though debate has progressed vigorously and a vote could be called at any time.
Update
S.1 has passed the Senate on a vote of 96-2 with most of its teeth intact. It did lose a molar, though, as the Bennett Amendment passed 55-43. This amendment removed the controversial section 220 from the bill, which means that federally-focused grassroots political campaigns will not be counted as lobbyists and can continue to raise and spend money without disclosing its source.
http://arstechnica.com/news.ars/post/20070119-8651.html
September Porn
Third-Quarter FCC Indecency Complaints Released
Nate Anderson
The FCC has just released its amended numbers for complaints of all kinds that were filed in the third quarter of 2006. Dealing as it does with such a wide range of communications issues, the FCC hears complaints that cover everything from cell phone billing practices to digital television issues to electrical interference. Most interesting of all, though, are the obscenity complaints—and there were a lot of them.
The FCC received 162,170 indecency/obscenity complaints between July and September 2006. The complaints were not evenly distributed within those three months, though, which is a pattern we've seen before. In July, only 179 people complained. In August, 404 people complained. But September is apparently the filthiest month of all, as it generated a whopping 161,587 complaints to the FCC—a one-month increase of 40,000 percent.
http://arstechnica.com/news.ars/post/20070118-8655.html
Furor Over 12-Year-Old Actress’s Rape Scene
David M. Halbfinger
Dakota Fanning will turn 13 next month, and she has a short answer for anyone who questions her decision to play a 1950s girl who gyrates in her underwear, wakes up as her naked father climbs into her bed, demands that a prepubescent boy expose himself to her in exchange for a kiss and, finally, is raped by a teenager who lures her with tickets to an Elvis concert:
She’s growing up. Get used to it.
Ms. Fanning, best known for leading roles in children’s movies like “Dreamer” and “Charlotte’s Web,” thrillers like “Man on Fire” and “War of the Worlds,” and the horror film “Hide and Seek,” now is starring in “Hounddog,” an independent film that is to have its premiere on Monday at the Sundance Film Festival. It has already won attention far out of proportion to its budget of less than $4 million.
When “Hounddog” was still shooting last summer near Wilmington, N.C., rumors about the rape scene kicked up a storm on the socially conservative end of the Web spectrum. Some suggested that Ms. Fanning was being exploited by the filmmakers, her parents and her agent. Hundreds signed a petition to persuade a local district attorney to prosecute the filmmakers under a law banning simulated sex with a minor.
The furor hampered the production, and it continues on Fox News and on Web sites like A Minor Consideration (minorcon.org), run by Paul Petersen, an advocate for child actors. Mr. Petersen, himself a former child actor who played Donna Reed’s son on her 1960s sitcom, said in an interview that Ms. Fanning should never have been allowed to play the victim in a rape scene, no matter how much she wanted to or how sensitively it was filmed, and that her doing so violated the letter of federal child-pornography law.
“Nothing excuses it,” he said. “The plain cold fact is this is illegal, the statutes are what they are, and Hollywood chose to ignore it. If they’d made the character 15, and hired a 19-year-old, they wouldn’t have heard a peep out of me.”
But the Wilmington district attorney, who was shown a cut of the movie, said no crime was committed, and the film’s writer and director, Deborah Kampmeier, said Ms. Fanning was treated more than appropriately: Though her character, Lewellen, disrobes under duress, for example, she is not seen nude, and Ms. Fanning was always clothed during the production.
Ms. Fanning, for her part, says she is mystified by the outcry. Anyone who sees the film, she said on Monday in her first interview on the subject, would understand that the rape scene wasn’t the point of the movie.
“That’s not who Lewellen is,” she said, sitting in her agent’s office in Universal City, braces on her teeth and a small crucifix over her sweater. “Because that has happened to her, that doesn’t define her. Because of this thing that has happened — that she did not ask for — she is labeled that, and it’s her story to overcome that and to be a whole person again.”
“There are so many children that this happens to, every second,” she added. “That’s the sad part. If anyone’s talking about anything, that’s what they should be talking about.”
Her mother, Joy Fanning, waited outside, and her agent, Cindy Osbrink, sat in, but it was Ms. Fanning who fielded the questions, and who made clear that her choices were, well, just that.
“You know, I’m an actress,” she said. “It’s what I want to do, it’s what I’ve been so lucky to have done for almost seven years now. And I am getting older. February 23 is my birthday, I’ll be 13 years old. And I will be playing different kinds of roles. I won’t be able to do the things I did when I was 6 years old when I’m 14. And that’s what I look forward to — getting to play new roles that aren’t too old for me and aren’t too young for me, that are just at the right time.”
She added: “Lewellen is still very innocent, she’s still a child, but she’s also a little bit wise beyond her years because of the things she’s seen and been through. So I think that I should be able to do what I feel is at the right time for me.”
The story of “Hounddog” is about not just rape but also about the cycle of violence: nearly every major character in it is motherless, wounded, repressed and destructive. Lewellen’s grandmother (Piper Laurie) violates her too, if only with her eyes; her father (David Morse) has been abusing her more directly, and it appears likely that, if nothing changes, Lewellen will become an abuser too.
Ms. Kampmeier said in a telephone interview that she had originally written the character as a 9-year-old, and first signed the actors Robin Wright Penn and Mr. Morse for the project in the late 1990s. But a succession of financial backers withdrew four times in four years, and she set the script aside in 2002 to make “Virgin,” her first feature, about a pregnant girl who believes that she is carrying God’s child; Ms. Wright Penn played the girl’s mother in the film, which received mixed reviews.
When Ms. Kampmeier sent Ms. Fanning the script for “Hounddog” in July 2005, Ms. Fanning said: “The bottom line was, I couldn’t not do it. It’s all I could think about. I knew I was at the perfect age.”
She had to wait nine months as Ms. Kampmeier hunted for investors; the subject matter remained objectionable to most, even with a proven star in the central role, the director said. (Making the most of that delay, Ms. Fanning said, the director sent her an e-mail message with a new question about Lewellen each morning: Favorite color? Favorite food? “That’s why I was so comfortable in Lewellen’s skin,” Ms. Fanning said, “because I knew so much about her.”)
Ms. Kampmeier said investors kept balking at the rape scene, demanding that it be shunted off-screen, merely implied or removed from the plot altogether.
About the online petitions to have her arrested, she said that the district attorney’s office in Wilmington was busy prosecuting real sex crimes, like one in which a 10-year-old girl was impregnated by her father. “All these cases are reported in the newspaper, and nobody ever calls them about that,” she said. “But they get 10 to 20 calls a day from people insisting that my movie be prosecuted.”
Ms. Fanning said the most taxing scene for her was one in which her sleeping character is covered by snakes that slither in through the open window of her tumbledown shack.
But it may be an earlier pivotal scene that draws more critical attention, should “Hounddog” find a distributor. In it Lewellen sings and dances her best Elvis impression — horizontally, on her bed — upon learning that the singer is coming to town. While she does, however, a teenage milkman is in the room, looking on a little too hungrily.
Overly sexual behavior in minors is often a telltale sign of prior abuse, and provocation is, unfortunately, in the eye of the provoked. But to Ms. Kampmeier’s mind, and more important, to Ms. Fanning’s, Lewellen’s dancing in this scene is as innocent as her already corrupted life can get.
“She’s 12 years old,” Ms. Fanning said. “She’s doing that because that’s fun. She’s not going so far as to think, ‘Oh, am I doing something wrong?’ or ‘Is this going to look in a weird way?’ He’s just her milkman. He’s coming to pick up the empties.”
http://www.nytimes.com/2007/01/20/movies/20dako.html
Prison Time For Viewing Porn?
A Teenage Boy Faces Decades in Prison For Visiting Sexually Explicit Web Sites -- But Was It Really Someone Else?
Sixteen-year-old Matthew Bandy was about as normal a teenager as you could find. He actually liked hanging out with his family.
"He was a happy-go-lucky kid," said his mother, Jeannie Bandy. "Very personable, and big-hearted. I sound like a boastful mom, but I guess the biggest thing is that he could always make me laugh."
"We went on vacations and had a lot of fun together," Matthew said. "I just enjoyed the life I was living. But after I was accused, everything changed."
What was Matthew Bandy accused of? Jeannie and Greg Bandy were shocked to discover that their son was charged with possession of child pornography.
One December morning two years ago, Matthew's life took a dramatic turn. In an exclusive interview with "20/20," the Bandy family reveals how the world as they knew it came crumbling down, and how Matthew's life has since changed.
A Family Shattered
It has been two years since police officers stood at the doorstep of the Bandy home with a search warrant bearing a devastating charge -- possession of child pornography.
"It was 6 a.m. It was still dark…there was this pounding at the door," Jeannie Bandy said. "I was petrified."
Police officers stormed into the house with guns pointed. "The first thing I thought was, someone's trying to break in our house," Matthew said. "And then there [were] police officers with guns pointed at me, telling me to get downstairs."
Greg Bandy was handed the search warrant and informed that the central suspect was Matthew. According to the warrant, nine images of young girls in suggestive poses were found on the Bandy family computer. Yahoo monitors chat rooms for suspicious content and reported that child porn was uploaded from the computer at the Bandys' home address.
"When they asked me have you ever looked up or uploaded or downloaded erotic images of minors, I was just taken aback and…I said, 'No,'" says Matthew.
Nevertheless, Matthew did have an embarrassing confession. He had been sneaking peaks at adult erotic photos on the family computer. "I got the Web site from a bunch of friends at school. [It was] just adult pornography…Playboy-like images."
Difficult to admit, but not illegal -- or so it seemed. Still, it didn't look good for Matt, as police confiscated the computer and left the house that December day. A family was shattered.
"I still remember when they were cleaning up and leaving and of course I was still in my pajamas and my bathrobe and my fuzzy slippers," Jeannie Bandy said. "I said, 'What do we do now? Should I contact a lawyer?' [The police officer] said, 'Well, they are felonies that the state takes very serious.'"
The Bandys would soon find out just how serious the charges against Matthew were. The family hired Ed Novak, a well-respected attorney from a large law firm in downtown Phoenix.
"20/20" correspondent Jim Avila asked Novak what the family was up against.
"We faced 10 years per count, there were nine counts," said Novak. "If Matt was convicted, those sentences would have to be served consecutively. In other words, he would have been sentenced to 90 years in prison. He would have served time until he died."
Greg and Jeannie Bandy knew their son well. They were shocked at the serious charges against him and frightened by the prospect of such a serious sentence.
"He's never done any drugs," Greg said. "He never drank a drop of alcohol. He's never been a problem, never stayed out late and gotten into trouble or anything like that."
A Sex Offender?
Arizona child pornography laws are among the harshest in the country. As soon as Matthew was charged, he was put on virtual house arrest, and an electronic bracelet was attached to his ankle to monitor his movements 24 hours a day.
"It was just terrifying. I didn't know what was going on. I didn't know why it was happening," Matthew recalled.
Matthew was in an awful predicament, and he tried to keep his house arrest a secret. He wore longer pants to hide the ankle bracelet, but he was scared he would be discovered.
"Yes, I was very scared," he said. "If they found out that I was wearing an ankle bracelet all of a sudden they would be wondering, why are you wearing that? And I had no good answer for them."
The shy young boy could not explain how such pictures appeared on his computer hard drive. The stress of the situation got so bad for Matthew that he told his parents the charges hanging over his head made high school impossible.
"He said 'Mom, I'm hurting,'" said Jeannie. "'I can't sleep. I don't want to disappoint anybody, but I just can't go on anymore.'"
Matt's dreams had been destroyed and his mother was crushed. And even though there was no proof that Matthew personally downloaded those nine pictures, it would be difficult to prove his innocence. Novak said that the pictures alone were practically all the evidence the police needed.
"I thought his chances of winning were probably 20 percent," said Novak. "They didn't care that I denied it," Matthew said. "They just kept on asking me and kept on thinking that I did it. They just had it built into their mind that this kid is guilty."
What is so frightening about Matt's case? It could happen to anyone.
"The computer had accessed a 'Yahoo' account where there was child pornography," Andrew Thomas, Maricopa County district attorney said. "That was the basis for the search warrants issued by a court."
Yet, the evidence submitted by the Phoenix police department did not identify a specific user. Matt's clean reputation, his good grades and protective family could not stand up to the cold fact that child porn was on that computer. The police and the district attorney had the incriminating photos from the Bandys' computer and the prosecutors were determined to send Matt away.
A Family Fights Back
Matthew Bandy found himself outmatched in the national campaign against child pornography -- harsh laws designed to keep track of pedophiles and punish them severely.
"They didn't care that I denied it, they just kept on asking me and kept on thinking that I did it," he said. "They just had it built in their mind that this kid is guilty, and we're going to make sure that he's convicted. No matter what the means are."
The Bandy family contends that Thomas was on a mission and that his desire to convict was so strong that he ignored important evidence -- like the fact that Matthew passed a lie detector test. The fact that the test indicated that Matt was telling the truth wasn't taken into account.
And that's when the Bandy family really began to fight back. They hired two polygraph examiners who confirmed Matthew was telling the truth. Then they ordered two psychiatric evaluations which concluded that Matthew had no perverted tendencies.
ABC's Jim Avila asked Thomas about the results of the lie detectors tests and Matt's psychiatric evaluations.
"Quite frankly, criminal defendants are not famous for being forthcoming with the facts," Thomas explained. "I'm not a big believer in polygraph tests. And certainly, they're not admissible in court. At the end of the day, we certainly felt there was a good faith reason to go forward with the prosecution." (Click here to read excerpts of Jim Avila's interview with Thomas.)
Despite the positive polygraphs and psychiatric exams, the district attorney pressed on. So the Bandys and their attorney tackled the most difficult question on the table. If Matthew didn't put the pictures on the computer, how did they get there?
For that answer, they turned to computer forensic expert Tammi Loehrs.
"If you have an Internet connection, high speed, through, let's say, your cable company, or through the phone company, that computer is always on, and basically you have an open doorway to the outside," Loehrs said. "So the home user has no idea who's coming into their computer."
Loehrs went into the Bandys' computer and what she found could frighten any parent -- more than 200 infected files, so-called backdoors that allowed hackers to access the family computer from remote locations, no where near Matthew's house.
"They could be on your computer and you'd never know it," she said.
Loehrs says she does not believe that Matthew uploaded those images onto his computer "based on everything I know and everything I've seen on that hard drive."
But police still had those pictures, and the harsh child porn laws made going to court risky for Matthew.
"All the jury would know is that there were these images on the computer," Matthew said. "And here's me sitting in the courtroom…let's blame him because he was on the computer, obviously he did it."
'We Had No Faith'
Even if he was only convicted on one count, Matthew would have faced 10 years in jail, and have his "life ruined," said Novak.
"We had no faith," said Jeannie Bandy. "Our lawyers had no faith. We were told he more than likely would end up in jail."
So the Bandys took a deal from the prosecution. In exchange for dropping all counts of child pornography, Matthew pleaded guilty to the strange charge of distributing obscene materials to minors -- a "Playboy" magazine to his classmates.
"To be precise, he was charged with showing [a Playboy magazine to other 16-year-olds] before school, at lunch and after school," Greg Bandy said.
But the Bandy family nightmare was not over. While the prosecution deal offered no jail time for Matthew, he would still be labeled a sex offender. Under Arizona law and in most states around the country, sex crimes carry with them a life of branding. Matthew would be forced to register as a sex offender everywhere he lived, for the rest of his life.
"I have to stay away from children," said Matthew. "I cannot be around any area where there might be minors, including the mall, or the movies, or restaurants or even church. To go to church I have to have written consent from our priest, I have to sit in a different pew, one that doesn't have a child sitting in it."
'Computers Are Not Safe'
The judge couldn't believe the prosecution was insisting on sex offender status and invited Matthew to appeal. "20/20" was there when two years of fear and misery finally ended. A message arrived from the judge, ironically on the computer, informing them that Matthew would not be labeled a sex offender. Matt and his parents had won his life back.
In the den of the Bandy home sits the family computer, now unplugged from the Internet. The Bandys learned that, for them, the Web is simply too dangerous.
"It means that computers are not safe," said Jeannie. "I don't want to have one in my house. Under even under the strictest rules and the strictest security, your computer is vulnerable."
http://abcnews.go.com/2020/LegalCenter/story?id=2785054
MySpace Hit With Online Predator Suits
AP
Four families have sued News Corp. and its MySpace social-networking site after their underage daughters were sexually abused by adults they met on the site, lawyers for the families said Thursday.
The law firms, Barry & Loewy LLP of Austin, Texas, and Arnold & Itkin LLP of Houston, said families from New York, Texas, Pennsylvania and South Carolina filed separate suits Wednesday in Los Angeles Superior Court, alleging negligence, recklessness, fraud and negligent misrepresentation by the companies.
''In our view, MySpace waited entirely too long to attempt to institute meaningful security measures that effectively increase the safety of their underage users,'' said Jason A. Itkin, an Arnold & Itkin lawyer.
MySpace, based in Los Angeles, did not immediately return calls for comment.
Critics including parents, school officials and police have been increasingly warning of online predators at sites like MySpace, where youth-oriented visitors are encouraged to expand their circles of friends using free messaging tools and personal profile pages.
MySpace has responded with added educational efforts and partnerships with law enforcement. The company has also placed restrictions on how adults may contact younger users on MySpace, while developing technologies such as one announced Wednesday to let parents see some aspects of their child's online profile, including the stated age. That tool is expected this summer.
The lawyers who filed the latest lawsuits said the plaintiffs include a 15-year-old girl from Texas who was lured to a meeting, drugged and assaulted in 2006 by an adult MySpace user, who is currently serving a 10-year sentence in Texas after pleading guilty to sexual assault.
The others are a 15-year-old girl from Pennsylvania, a 14-year-old from New York and two South Carolina sisters, ages 14 and 15.
Last June, the mother of a 14-year-old who says she was sexually assaulted by a 19-year-old user sued MySpace and News Corp., seeking $30 million in damages. That lawsuit, filed in a Texas state court, claims the 19-year-old lied about being a senior in high school to gain her trust and phone number.
News Corp. shares hit a new 52-week high of $24.07 in morning trading on the New York Stock Exchange before slipping back to $24.01, up 31 cents.
http://www.businessweek.com/ap/finan.../D8MNPGPO0.htm
Boys and Girls Use Social Sites Differently
Alex Mindlin
Older teenage girls are far more likely than younger girls, or boys of any age, to use social-networking sites like MySpace or Facebook, according to a recent study by the Pew Internet & American Life Project.
The study found that, while older girls use such sites the most, older boys are more likely to meet new people through them. Sixty percent of older boys, for example, say they use the sites to make new friends, while only 46 percent of older girls do. And older boys are more than twice as likely to say they use the sites to flirt.
“Older boys are much more expansive in their use of the sites,” said Amanda Lenhart, one of the study’s two authors. “I believe that it has a lot to do with socialization. A lot of the media messages about safety tend to be aimed more at girls than boys.”
The study was conducted over a month last fall, through telephone interviews with households with minor children, who were identified from random calls over the last three years. The data was weighted to be nationally representative in terms of sex, age, education, race and other factors.
http://www.nytimes.com/2007/01/15/bu...erland&emc=rss
22-Year-Old Killed After Being Drawn Into Internet Deceptions
Carolyn Thompson
He was an 18-year-old Marine headed to war.
She was an attractive young woman sending him off from afar with pictures and lingerie.
Or so each one thought.
In reality, they were two middle-aged people carrying on an Internet fantasy based on seemingly harmless lies.
When a truthful 22-year-old was drawn in, their cyber escape turned deadly.
"When you're on the Internet talking, you haven't got a clue who that is on the other end," Erie County Sheriff's Lt. Ron Kenyon said. "You don't have a clue."
---
When Brian Barrett was shot to death Sept. 15 outside the factory where he worked to help pay for college, investigators and his family were stumped.
Barrett, 22, was an aspiring industrial arts teacher, an accomplished high school athlete who'd coached Little League all summer and helped his father coach soccer. Quiet and unassuming is how those who knew him described the Buffalo State College student.
But he had clearly been targeted. Barrett was shot three times at close range, in the neck and left arm, after climbing into his truck about 10 p.m. at the end of a shift at Dynabrade Corp. in suburban Clarence. His body was found two days later when a co-worker spotted his pickup in a company parking lot.
"He was just a nice kid, a gentleman," said Starpoint High School Athletic Director Tom Sarkovics, who coached Barrett for two years. "I don't think anybody could say a bad thing about him."
On Nov. 27, Barrett's 47-year-old co-worker and friend, Thomas Montgomery, was charged with Barrett's murder. The motive, said investigators, was jealousy over Barrett's budding Internet relationship with the same 18-year-old woman Montgomery had been wooing since the previous year.
What neither man knew was that the woman was really a 40-something West Virginia mother who was using her daughter's identity to attract Internet suitors. Cyberspace, it appears, was enough for her and it was a near certainty she would never have met either man.
"The game would have been over at that point and time for sure," Kenyon said.
When Montgomery began chatting with the woman in 2005, the former Marine portrayed himself as perhaps a previous version of himself - a young Marine preparing for deployment to Iraq, Assistant District Attorney Ken Case said.
For a time, they communicated strictly through chat rooms and e-mail.
Then the woman began sending gifts to Montgomery's home, Case said. Pictures of the woman's daughter, lingerie and a set of custom-made dog tags arrived at the pale yellow house in the suburbs that Montgomery shared with his wife and two teenage children.
Montgomery's wife intercepted one of the packages, Case said. She wrote back to the woman at the return address, and included a family portrait to make her point.
"As you can see, Tom's not 18," Case said she wrote. "He's married and he's a father of two. He's 47 and I'm his wife." And, believing she was writing to an 18-year-old: "You've obviously been fooled."
The West Virginia woman - whom authorities will not publicly identify - remembered a friend named Brian that Montgomery had mentioned. She recalled enough of his computer screen name to contact Barrett to ask him about what Montgomery's wife had told her.
Soon Barrett was in regular contact with the woman - the only one in the triangle to portray himself honestly. Despite knowing the truth about Montgomery, the woman remained in contact with him as well, Case said.
The woman made no secret of the fact she was chatting with Barrett, Case said, and Barrett talked about the relationship at work. Montgomery, authorities say, became jealous.
Sheriff's investigators believe Barrett's killer wore camouflage and a ski mask when he approached with a .30-caliber rifle and fired at close range.
Montgomery, who has not confessed, is being held without bail after pleading not guilty to second-degree murder. At a recent court appearance, he wore glasses and handcuffs and walked with a limp. He stood silently as a judge set a preliminary trial date for June.
His wife has begun divorce proceedings, Case said. Mrs. Montgomery did not respond to a telephone message or answer a reporter's knock at her home in suburban Cheektowaga, where a minivan sat parked in the driveway.
Montgomery's alleged actions "have impacted everyone else's lives around him for the rest of their lives," observed Internet crime expert J.A. Hitchcock, author of "Net Crimes & Misdemeanors."
"I'm hoping that this case will make people think twice about what they do online and what their actions can cause in the long run," she said.
The high school Barrett attended recently had a seminar to teach parents how to avoid Internet predators, Sarkovics said. "When you think about it, you almost have to do it for adults as well," he said. "It could be anybody."
http://hosted.ap.org/dynamic/stories...EAST&TEMPLATE=
The Camera Phone
The gadget that perverts, vigilantes, and celebrity stalkers can all agree on.
Michael Agger
Ten years ago, Philippe Kahn was walking around a hospital with a cell phone and a digital camera. His dadly mission: to share pictures of his newborn baby girl. With an assist from Radio Shack, he linked the two devices together and e-mailed photos to family and friends around the world. The day marked a twin birth of sorts: the cell phone camera and daughter Sophie.
Kahn regards his invention with paternal pride: "I built it to document the birth of my daughter. For us, it has always been a positive thing." So he was taken aback recently when, with the Saddam-hanging video circling the globe, an interviewer compared him to the inventor of the Kalashnikov. First there was Prince Harry's Nazi costume, then the shaming of Kate Moss, then the Michael Richards racist explosion, but, for some, Saddam's hanging marks the low point for Kahn's creation. A camera on a phone has only aided the perverted, the nosy, the violent, and the bored.
That's not exactly fair, but it's not exactly wrong, either. As Kahn told Wired in 2000: "With this kind of device, you're going to see the best and the worst of things." The best would include photo caller-ID, amateur sports highlights, and the quick citizen snaps taken in the wake of the London bombings. Yet, despite the fun and occasional worthiness, the cell phone camera has launched a thousand jackasses. One representative example: Sportscaster Sean Salisbury was suspended by ESPN last month, reportedly for showing female co-workers cell phone photos of his "equipment."
When video technology was added to phones (with little fanfare), the madness went up a notch. English youths devised a pleasant game called "happy slapping," which involves assaulting random strangers while your mates record the whole thing. The happy slapping craze spread throughout Europe last year, leading to outraged op-eds and calls to ban cell phones from schools. While the phenomenon is marked by more than a touch of media hysteria, you can certainly find disturbing videos on YouTube. (The French, naturally, replied with "Streetkissing.") There have also been news reports of graphic videos showing beatings and accidents, such as an unfortunate boy in Birmingham, United Kingdom, who impaled himself on his bicycle. Teenagers have employed cell phone cameras for old-fashioned humiliation, too: The parking lot fight is now captured on video and shared. To be an adult is to be grateful to have escaped the digital hazing of high school.
In glorious retrospect, it seems like a terrifically bad idea to give the world a spy camera that looks and functions like a cell phone. Peeping Toms quickly realized the potential for upskirt pics and shower-room souvenirs. Chicago tried to block cell phones from gyms, and a California legislator has proposed a law requiring the cell phone to make a shutter snapping sound or flash a light when a picture is taken. We have trained ourselves to be wary when a cell phone is pointed at us, but the device's relative inconspicuousness still creates problems. In Saudi Arabia, women have been taking pictures of other women unveiled at weddings and e-mailing them to matchmakers, a practice that has caused uproar in a culture in which any sort of image can be cause for loss of honor.
The cell phone camera, constant companion, has also been championed as an anti-crime device. There have been several Rodney King moments, with bystanders pulling out their cameras to record sketchy police activity. One woman took a shot of a flasher on a New York subway, a photo that ended up on the cover of the New York Post the next day. There is also a mini-boom in sites to catch people who park like idiots, stare too long, and mistreat your kids. Think of this as the positive side of living in 1984.
The more difficult question, the one that lurks outside the media glare, is how the cell phone camera is altering our private lives. In the perceptive book Kodak and the Lens of Nostalgia, Nancy Martha West writes how Kodak, with the introduction of the personal camera, taught Americans to both conceive of their lives in terms of fondly remembered events and to edit out unpleasant memories. In Victorian America, for example, arranging to take a photo of a dead relative was not uncommon—a part of the grieving process. Under the reign of Kodak and its advertising, we became family historians of happiness. Now that digital cameras have taken over, the old photo album is giving way to the personal Flickr page, bringing with it a different set of assumptions of what to present (a whole lot more photos, for starters) and whom to share it with.
The ubiquity of the cell phone camera means that every moment in our lives is photographable. One consequence of this is an altered perception of the gravity of our day-to-day routines. We are now more aware of ourselves as observers of "history." When a van catches fire in front of our house, we and our neighbors are now out on the lawn recording. We e-mail this to our friends, who testify to the enormity of the event, and then we all await the next sensation. This impulse can be positive, but it also fuels the increasingly destructive American habit of oversharing. The snapshot speaks with a small voice: I'm alive and I saw this. The cell phone camera picture or video is a shout from the rooftop: Check out this crazy thing that happened to me.
Picture sharing has also made us more aggressive in situations in which we feel insecure, such as in the presence of celebrities. Susan Sontag described the essentially hostile nature of taking pictures as a form of "soft" murder. In the age of cell phones, this scalp-hunting sensibility is achieving full flower. Let's say you're in Asbury Park and you see Bruce Springsteen with his kids. The old impulse would have been to ask the Boss if you could take your picture with him. The new impulse is to snap the shot with a cell phone camera and sell it to a site like Scoopt. No wonder famous people don't want to hang out with us.
So, before we move on to the next racist comedian or cocaine-snorting supermodel, let's put the Saddam video in context. It is a weird echo of the Zapruder film, another piece of amateur footage that caught the death of a leader. The differences are stark, of course. Zapruder captured Kennedy while standing openly in the Dallas sunlight. The official who videoed Saddam did so furtively, pointing his camera to the ground at times. But they both testify to the power of first-person witnessing, and how a digital copy of that witnessing can upend neat narratives and certainties. We'll see the best of things, we'll see the worst of things, we'll see everything.
http://www.slate.com/id/2157736/
Cool Concept Camera Collects Other's Pictures When You Click
MrBabyMan
This camera will capture a moment in time, but without any optical elements. The camera memorizes the time you push the button, then begins to search the Net for any other pictures taken in that exact same moment. After a few minutes, a photo appears that captures that same moment from someone else's eyes.
http://www.digg.com/gadgets/Cool_con...when_you_click
Finnish waffles
DRM, GPLv3 Just 'Hot Air': Linus Torvalds
Munir Kotadia and Chris Duckett
Digital rights management and the General Public License cause a lot of 'hot air' to be exchanged but they are not a 'big deal', according to the creator of Linux, Linus Torvalds.
DRM is a technology used to control the copying and distribution of content such as music and films while GPLv3 is a software licence drafted by the Free Software Foundation (FSF) and intended to be used to govern how free and open source software can be copied and changed.
According to Torvalds, both DRM technology and GPLv3 will cause "lots of arguments" but in the bigger scheme of things, neither will stop good technology from prevailing.
"I suspect -- and I may not be right -- but when it comes to things like DRM or licensing, people get really very excited about them. People have very strong opinions. I have very strong opinions and they happen to be for different reasons than many other people.
"It ends up in a situation where people really like to argue -- and that very much includes me… I expect this to raise a lot of bad blood but at the same time, at the end of the day, I don't think it really matters that much.
"I think it is going to cause a lot of hot air, it's going to cause a lot of hurt feelings, there is going to be a lot of arguments about it. But in practice will it be a big deal? I suspect it is not going to be that big. But time will tell," Torvalds said during an interview at linux.conf.au in Sydney today.
Torvalds admitted he has a particular dislike for DRM technology because it makes life more difficult for users.
"One reason I really dislike DRM is that it is technologically an inferior solution to not doing DRM. It actually makes it harder for people to do what they want to do. It makes it harder to do things that you really should be able to do," said Torvalds.
Although Torvalds admits he is "very much down on DRM", he is tolerant of other people using the technology.
"At the same time, on a completely different tangent -- forget about technology -- I am a big believer in letting people do what they want to do. If somebody wants to do DRM it is their problem. I don't want anything to do with it.
"It is something that sometimes puts me at odds with people in the technical area who have an agenda that they want to drive,' he said.
GPLv3 just another licence
When asked about GPLv3, which is due for release in the first quarter of this year, Torvalds said it was 'interesting' but also not a big deal.
"It is certainly interesting since the GPLv2 has been a defacto standard in the open source free software group for 16 years -- or something like that. It's a long time and in that sense it is a watershed event.
"At the same time, if you look at the number of licenses that people have been using over the years, it is just another licence. It is not that big a deal. It depends on how you look at it," he added.
The current version of the GPL (v2) was published in 1991 and applies to around two thirds of free and open source software.
The best technology will win, eventually
Torvalds believes that despite all the arguments about which technology or software development methodology is better, 'good technology' will win in the end.
"One of the issues I have is that the most important thing is good technology. It's not about being commercial or non-commercial, open source or closed source. To me, the reason I do open source is, it is fun. That is the most basic thing.
"I also happen to believe that it is the best way to, eventually, get the best end result. Part of that is the 'eventually'. At any particular point in time, it may not always be the best thing right then," he said.
http://www.zdnet.com.au/news/softwar...9273084,00.htm
Historians Appeal ‘Da Vinci Code’ Case
Lawrence Van Gelder
The two historians who lost their plagiarism case against the British publishers of the best seller “The Da Vinci Code” by Dan Brown turned to the Court of Appeal in Britain yesterday in an effort to reverse their loss in a case that also saddles them with a legal bill of more than $2 million, The Associated Press reported.
Lawyers for the historians, Michael Baigent and Richard Leigh, argued that the “vast amount of skill and labor” they expended in writing their book “The Holy Blood and the Holy Grail,” first published in 1982, is “protectable.” They contend that Mr. Brown stole significant parts of it for his novel. Both books are based on the theory that Jesus and Mary Magdalene married and had a child, and that the bloodline continues to this day.
In April, Justice Peter Smith ruled that Random House had not breached the copyright of “The Holy Blood and the Holy Grail,” and Mr. Baigent and Mr. Leigh were ordered to pay 85 percent of Random House’s legal bill, estimated at $2.6 million. In a statement, Random House expressed regret “that more time and money is being spent trying to establish a case that was so comprehensively defeated in the High Court.”
http://www.nytimes.com/2007/01/17/books/17davinci.html
The Twilight Years of Cap'n Crunch
Silicon Valley legend John Draper made his name with brains and pranks, before slipping to the margins
Three jail stints and the 'rave' scene
Chris Rhoads
Underneath a highway bisecting this Silicon Valley town, home to Google Inc. and other tech giants, John Draper crammed his bulky frame through the door of a friend's home: a battered 1978 Chevy diesel bus.
Radio parts, a wrench set, arthritis medication and a book on robotics cluttered the dashboard. A padded bench for sleeping and a greasy stove filled the back.1
Steve LaBadessa
John Draper talks computers with Dave Bengel, an old friend.
"What do you want for lunch?" asked Dave Bengel, a self-taught engineer.
"Salmon," responded Mr. Draper, 63, who has few teeth and wears the same clothes for days. He is better known in Silicon Valley as "Cap'n Crunch," a legendary figure who 25 years ago epitomized the freewheeling, prank-filled culture that gave birth to high tech.
"Salmon, all right!" cried Mr. Bengel. He set about preparing the meal -- obtained free from a Whole Foods worker who leaves outdated products near a dumpster at a prearranged time.
In the decades since Mr. Draper gained fame for his hacking skills as a "phone phreak" -- he once claimed to have gotten then-President Nixon on the phone -- Silicon Valley has aged and matured. Pioneers that Mr. Draper worked with, such as Apple's Steve Jobs, have gone on to become wealthy members of the business establishment.
THEN THERE is "Cap'n Crunch," part of an aging community of high-tech wunderkinds. Once tolerated, even embraced, for his eccentricities, Mr. Draper now lives on the margins of this affluent world, still striving to carve out a role in the business mainstream.
Although his appearance and hand-to-mouth existence belie it, Mr. Draper developed one of the first word-processing programs as well as the technology that made possible voice-activated telephone menus. He receives invitations to speak to foreign governments and international conferences. At a recent celebration of Apple Inc.'s 30th anniversary, Mr. Draper, sporting a straggly beard, stood to contribute a story, causing the room to break into applause.
Mr. Draper spent three stints in jail in the 1970s for tampering with the phone system. A court-appointed psychiatrist once found him to be "psychotic," although another found nothing wrong with him. Until a fall at a conference in Istanbul aggravated a back injury, Mr. Draper was a regular in the rave scene, where people gather in remote locations and dance through the night to electronic music. Mr. Draper once did $10,000 worth of Web-site design and other computer work for a Bay-area therapist in return for physical therapy on his back because he lacks health insurance.
"When I first met him, he was toothless, wearing ripped jeans and looked like a hippie," says Tolga Katas, a music producer and computer programmer in Las Vegas who recently hired Mr. Draper to do technical work for his new Web entertainment company. "Then I learned what he has done and was blown away."VIDEO
Mr. Draper calls aging veterans like himself part of an "off-the-grid" community. Steve Inness, 47, helped develop touch-screen cellphone technology and does programming work for startups. In recent years, he's lived on the floors and couches of employers; he was last seen hitchhiking in the desert outside Las Vegas. Roy Kaylor, 68, built one of the first electric cars in the early 1970s and contributed to a government-supported effort to develop the technology. He lives in a trailer without electricity in the Santa Cruz mountains. Mr. Draper's recent lunch host, Mr. Bengel, 61, designed an electrohydraulic machine tool and says he has worked for several Silicon Valley companies.
Mr. Draper is the best known. "He was the king of the nerds," says Allan Lundell, who runs an independent film company and has chronicled the evolution of Silicon Valley.
Mr. Draper's father was a U.S. Air Force engineer and the family moved frequently. His younger brother, Ron, recalls John rummaging for electronic parts on military bases where the family lived, on one occasion building a radio station in his bedroom.
John was not an easy child, often bucking under the authority of his sometimes-distant father, who is now deceased. John threw tantrums when his parents smoked, says Ron, a piano teacher. Mr. Draper says he hated his parents' smoking and felt aggrieved by their refusal to stop.
"Our father didn't understand what John needed, which was a constant supply of education and resources," says Ron. "He absorbed this stuff like a sponge." Ron Draper says his parents briefly sought psychiatric treatment for his brother when he was a child for what they said was a "chemical imbalance.
"I liked the sessions," says Mr. Draper of the psychiatric counseling. "At least someone was listening to me." He acknowledges he can become obsessive but denies the idea there's anything wrong with him.
In 1964, after taking some college courses, Mr. Draper joined the Air Force, which his parents thought would provide much-needed discipline. He was sent to Alaska and later Maine, where he served as a radar technician. Since the soldiers had only one phone line on which to call home, Mr. Draper began tinkering with the access codes and figured out how to make free calls through the local switchboard.
After an honorable discharge in 1968, he built gear for several companies in the San Francisco Bay area. But his work, much of which was military-related, was out of step with the counterculture blooming around him. Mr. Draper grew his hair and began spending more time on a pirate radio station, which he operated from the back of his green Volkswagen van to make it harder for authorities to track the signal. He also turned his attention to the phone system, an attraction for like-minded techies before the arrival of personal computers.
Mr. Draper learned how to make free calls by imitating the tones used by the phone company. He learned from other "phone phreaks" -- as the hackers called themselves -- including blind teenagers with near-perfect pitch. Mr. Draper learned that a toy whistle found in a cereal box would also imitate the required tones, earning him the nickname Cap'n Crunch.
The point was not just to make free calls but to explore and learn from the phone company's rich and complicated system. On one occasion, Mr. Draper says he learned the code word needed to speak with the president -- "Olympus" -- and got through to someone on a secure line he thought was President Nixon. Mr. Draper says he told the man about a toilet-paper shortage in Los Angeles.
Authorities began to take notice, particularly after a lengthy article on phone phreaking appeared in the October 1971 edition of Esquire magazine. Mr. Draper, the group's ringleader, was arrested for the first time several months later on charges of wire fraud, and received a five-year probation.
The Esquire article also caught the attention of Steve Wozniak, an eventual Apple co-founder, who invited Mr. Draper to his dorm room at the University of California at Berkeley. When Mr. Draper appeared that evening, Mr. Wozniak, then 21, was taken aback by his guest's appearance and odor, Mr. Wozniak wrote in his recent autobiography.
"Are you Cap'n Crunch?" Mr. Wozniak asked in disbelief, according to the book.
"I am he," Mr. Draper responded as he strode into the room.
Mr. Draper showed Mr. Wozniak and a friend, Mr. Jobs, how to build a device that could produce telephone tones. The pair turned the knowledge into a small business on the Berkeley campus, their first collaboration before founding Apple a few years later.
Mr. Wozniak employed Mr. Draper at Apple, where as a contractor in 1977 he designed a device that could immediately identify phone signals and lines -- such as ones that made free calls -- something modems were not able to do for a decade. The technology would later be used for tone-activated calling menus, voice mail and other purposes.
APPLE DROPPED the device, called a phone board, anxious to avoid negative publicity from its association with illegal phoning, according to former Apple employees. "It was a great board and others at Apple didn't recognize that," says Mr. Wozniak. Mr. Draper became closer to Mr. Wozniak than to Mr. Jobs, who sometimes felt uncomfortable around Mr. Draper, former Apple employees recall.
"John was a little strange and Jobs felt better staying away from him," says Mr. Wozniak, who has remained in touch with Mr. Draper over the years. Mr. Jobs in an email declines to comment.
Just as the computer revolution was about to begin, Mr. Draper's legal problems steered him away from the action. He was sentenced to prison for phone fraud in 1976 and again in 1978, and says he was attacked during that second stint by an inmate with a baseball bat, permanently damaging his back.
The next year -- after his third bust for phone fraud -- he was berated for his behavior. "You have to pay for your long-distance phone calls," a San Jose U.S. District Court judge told Mr. Draper at his sentencing, according to an account in the San Francisco Chronicle. "Is that a very difficult moral concept to grasp?"
Mr. Draper's lawyer replied: "His entire reality has to do with the technology of computers and telephones. When he gets involved with the technology aspect, he loses all sense of morality."
TWO COURT-APPOINTED psychiatrists examined Mr. Draper. One concluded he had an "underdeveloped sense of people" and was "psychotic"; the other found nothing wrong with him, according to the Chronicle article.
In 1979, while serving a sentence of a year of nights in the Alameda County jail -- it was later reduced to a few months -- Mr. Draper wrote the EasyWriter word-processing program. At night he wrote code in longhand, diligently preparing for the next day when he could spend time in the offices of a software company he founded with friends.
Mr. Draper received permission from the sheriff's office to attend a computer fair in 1979 in San Francisco, where the program, named after the cult film "Easy Rider," was a hit. It became Apple's first word-processing program. When IBM launched its first PC, it also chose EasyWriter, over competition from other programmers, including a young Bill Gates.
Mr. Draper bought a Mercedes and a home in Hawaii. But the company he founded, Cap'n Software Inc., earned less than $1 million in revenue over a six-year period, according to Mr. Draper and Matthew McIntosh, who ran operations. The real winner was Bill Baker, who handled EasyWriter's distribution and marketing through his own company. Without Mr. Draper's knowledge, Mr. Baker hired his own programmers to create EasyWriter II just as Cap'n Software was publishing EasyWriter 1.1.
Cap'n Software sued and the matter was settled in court with Mr. Baker paying the pair an undisclosed amount. Mr. Baker, now an Internet entrepreneur in Corona del Mar, Calif., says his version of EasyWriter was for the higher-end corporate market and didn't conflict with Mr. Draper's, although he acknowledges the possibility for confusion.
Mr. Baker says he helped Mr. Draper get a start in business. "There are people who see themselves as victims no matter how much money or how many opportunities you give them," says Mr. Baker, who sold his distribution company in 1983 for $10 million.
Mr. Draper worked for several years in the late 1980s for Autodesk Inc., a San Rafael, Calif., company that makes design software. He was laid off along with others when new management arrived. It would be his last corporate job.
Through the 1990s, the story was the same. Mr. Draper was qualified for any number of openings, but some companies didn't want to hire someone with a criminal record while others remained wary of his eccentricities. Promising opportunities with Apple and NASA came and went, he says.
As Silicon Valley was taking flight again, this time with the Internet boom, Mr. Draper turned to the rave scene. He traveled as far as Australia and India, where he got by for months at a time earning money designing Web sites and writing computer code.
Mr. Draper several years ago developed some Internet-security equipment and started a company. Some clients were interested, but the company foundered when one of its executives, a fellow raver, made off with much of the money from investors, say Mr. Draper and another executive, John Johnson.
Mr. Johnson is still trying to make a go of the product, with Mr. Draper's help. Mr. Johnson's dilemma is whether to use Mr. Draper's name -- or hide it. "Some companies say we don't want any contact with that guy," says Mr. Johnson, who says he's in advanced discussions with the U.S. Department of Defense about the product. The Pentagon declines to comment.
Mr. Katas, who recently hired Mr. Draper to work for his online entertainment company, en2go.com, recently arranged to have Mr. Draper meet a software executive in Beverly Hills as a possible source for more work. Before the meeting, Mr. Katas emailed the executive about the "legendary John Draper," listing his achievements.
Mr. Draper, who was included in the email, replied to the executive and Mr. Katas that he had no money for parking and doubted that his car would make the trip across town.
"John just doesn't understand that if he seems unsuccessful, then successful people won't understand how talented he really is," says Christine Marie. Ms. Marie does promotional work for Mr. Katas and helps Mr. Draper organize his business life, handling invitations to speak at conferences and an online TV show he produces that deals with Internet security. She also occasionally cleans up his apartment and washes his clothes.
Mr. Draper's friends from the EasyWriter days worry that time is running out. Work is getting harder to find now that tech companies are outsourcing programming work to inexpensive labor markets overseas.
Contemporaries who've gone on to riches and fame say they've tried to help Mr. Draper over the years. Mr. Wozniak, who now invests in high-tech companies and is involved in computer education in schools, recently gave Mr. Draper a new Apple Powerbook computer. He has also helped out with Mr. Draper's legal bills.
Mr. Wozniak says Mr. Draper's problem is that his skills lie in technology rather in making business deals or starting a company. "He didn't come from a business orientation," says Mr. Wozniak.
Mr. Draper's unusual behavior, such as shouting at anyone smoking anywhere near him, could wear on fellow workers and employers. "He was not a self-starter, or associated with all the companies springing up back then," says Mr. Wozniak. "But, actually, John is one of the happiest guys I know, no matter what his situation seems."
ON A RECENT MORNING at a Bob's Big Boy restaurant in Burbank, Calif., where he goes when he has enough money, Mr. Draper ordered his usual breakfast: eggs and bacon first, to be followed five to seven minutes later by grilled pancakes loaded with butter and syrup.
The first course arrived. "The bacon's too greasy, I can't accept these," he shouted at the waiter. Mr. Draper sends back his bacon about 70% of the time. He says that since he has no opposing teeth, the bacon needs to be crisp enough to break off in his mouth. He lost most of his teeth from infrequent dental care, which he blames on his lack of health insurance.
After breakfast, Mr. Draper returned to his one-room apartment beside a four-lane expressway. The apartment was in squalor, with open cereal boxes, clothes in trash bags, computers and old newspapers strewn about. Mr. Draper left an angry voice message for a client who hadn't paid for some programming work. He fretted that without the money he would have difficulty covering his electricity bill that month.
"I'm blacklisted, man, a permanent menace to society, I guess," he said. "It's too bad because there are some things I think I could contribute."
http://online.wsj.com/public/article...html?mod=blogs
Sundance Dream Most Notable for an Absence
David Carr
MICHAEL ROIFF could be forgiven for seeming a little discombobulated on Tuesday night. A first-time producer with “Waitress,” one of the higher-profile movies at the Sundance Film Festival here, he had just arrived and was knocking around a rented condominium, trying to figure out where everything was and how to get a flat-screen television to behave for another look at the film.
But something more profound had him at loose ends. Adrienne Shelly, the writer, director and one of the stars of the film, was not there, and she was not coming.
Ms. Shelly was murdered on Nov. 1 in her Greenwich Village office. Although it was initially thought that her death was a suicide because she was found hanging from a shower rod, a construction worker has been charged with murder, accused of staging the scene after an altercation with Ms. Shelly.
Mr. Roiff, who worked with Ms. Shelly for two years on “Waitress” and was continuing to work with her on other projects, talked to her the night before her death.
“We talked about what we always talked about, which was the movie, Sundance and whether it would get in,” he said, idly tapping the remote control.
And it did, although Ms. Shelly, 40, did not know that before she was killed — the selections had already been made, but notifications had not been sent out. She leaves behind a husband, Andrew Ostroy, and a 3-year-old daughter, Sophie, along with a film that offers a tender-hearted rumination on a woman who is trying to find her place as she faces impending motherhood and the constant threat of violence from her brutish husband. The movie evinces sunniness amid all sorts of gloom, a prism on life that should come in handy in the next few days, as friends and family members fly in for its premiere on Sunday.
“She likes to juxtapose comedy and tragedy, in part because real life doesn’t get compartmentalized,” Mr. Roiff said, letting the allusion to the present circumstance speak for itself. He apologized for still referring to Ms. Shelly in the present tense, but said it was all still very raw.
“It is unbelievable to me that I am in Park City, and she is not,” he said. “She so much wanted this film to get in here, to be seen, and that’s why all of us knew that there was no way that she committed suicide. This movie is a huge turning point in her career.”
All films arrive at Sundance with a back story, but none have the poignancy of “Waitress.” At a festival where films frantically vie for attention in a crush that lasts 11 days and is dappled with parties and events, “Waitress” hits a very different note.
“It is bizarre coming there under these circumstances,” said Keri Russell, the star of the movie, who is best known for her role as television’s “Felicity” and for playing the love interest of Tom Cruise’s character in “Mission: Impossible III.” “Sundance is a raging, nonstop party, a huge celebration, and you feel so lucky to be there. This will be very different for all of us, but I have huge affection for her family, and I think all of us believe that this movie deserves every bit of attention it can get.”
Even for someone who did not know Ms. Shelly, watching the movie might prove to be a bittersweet experience. What seems like a joke-filled riff on expressing yourself through domestic arts — Ms. Russell’s character, a waitress named Jenna, has a penchant for baking and advances pies as plot points, including “Kick in the Pants Pie” and “Pregnant Self-Pitying Loser Pie” — takes on dramatic weight and portent as the movie proceeds. Written by Ms. Shelly when she was in the end stage of her pregnancy, it is a frank examination of the fears of impending motherhood, particularly when it occurs within the confines of a disastrous marriage.
What could have been another indie confection takes on additional heft by virtue of a strong cast — including Nathan Fillion, Jeremy Sisto, Cheryl Hines and, of course, Ms. Shelly herself, who stepped aside as the lead and cast Ms. Russell instead.
Ms. Shelly plays Dawn, one of three waitresses working at a pie shop. Ms. Shelly recently appeared in “Factotum,” the Charles Bukowski-inspired film starring Matt Dillon, and came to prominence as a muse for Hal Hartley, whose films “Trust” and “The Unbelievable Truth” were Sundance hits.
Mr. Hartley, who will be here Monday for the showing of his latest film, “Fay Grim,” said Ms. Shelly had a rather complicated relationship with the profession of acting.
“She had a funny attitude about her ambitions to be an actress — she was skeptical of her own motives — and I think that came through in her work, to good effect,” he said. Mr. Hartley, who will be attending a Monday pie-eating contest here on behalf of the film, said Ms. Shelly had no such conflicts about her work as a writer and director.
“She had so many different things going, I had trouble keeping track,” he said. “She knew completely what she wanted, and I think her confidence was growing with each film that she made.”
Her work as an actress in her own movie is less affecting than the sensibility that drives the film. A tragicomic mash-up with a high/low music score, it ends in a very significant hug, one that in light of subsequent events could be easily mined for allegorical meaning.
Her friends and collaborators, who were initially trying to diagram how somebody who was in full stride as a mother and filmmaker could commit suicide, at least found a place to put her death, once it was revealed to be a murder. Ms. Shelly was in the midst of writing other projects in her office and argued about construction noise with Diego Pillco, a 19-year-old immigrant from Ecuador. Notes made by investigators who interviewed him say he admitted that he punched her, then pushed her, causing her to hit her head on a table. There were reports that Mr. Pillco was worried that he would be deported and staged the suicide; he was questioned after police found a footprint that did not belong to Ms. Shelly.
“Hearing the news was one of the strangest feelings I have encountered,” Mr. Roiff said of the arrest. “A huge burden was lifted by this horrible news, because it was so much better than the horrible news that came before it.”
Because Ms. Shelly had such a clear idea of what she wanted and was not shy about making it happen — Mr. Roiff, Ms. Russell and Mr. Hartley all spoke of her single-mindedness — her absence here as the film makes the rounds is all the more acute. The other people involved in the film, which had a budget in the low millions, retain significant commercial hopes for it. Mr. Roiff said he believed that “Waitress” had a bright future on its own merits, something that people used to say about its director as well.
Ms. Shelly had strong feelings about the objectification of women on camera and had a belief that she and other women belonged behind the camera as well. With that in mind, her husband has created a foundation in her name that will provide money to women interested in making the transition from acting to directing, a path that currently seems far more open to men.
“Waitress” could be seen as something of a curio here, the movie by that director, a possibility that her friends and colleagues cannot abide.
The premiere, Mr. Hartley said gravely, “is a chance to get on with it.”
“It is gratifying that a friend’s work is being shown and getting attention,” he added. “The movie deserves it.”
Whatever the motivation, a crowd will gather, one that is predisposed to dwell on the film’s message of redemption and hope, as opposed to the calamity of last November. In the production notes, the only place that the director is now able to speak in support of her film, she sounds as if she saw that coming.
“I feel like there are a hundred people around me all the time,” she writes, “all rooting for this thing to go well.”
http://www.nytimes.com/2007/01/19/mo...shel.html?8dpc
A Place Where Hope Dies, and a Boy Who Escapes
Manohla Dargis
A dark fairy tale from Russia, “The Italian” — more on that title in a moment — pulls you into a richly atmospheric, persuasively inhabited world teeming with foundlings and pathos. Directed by Andrei Kravchuk, making his feature debut, from a screenplay by Andrei Romanov, the film pivots on a 6-year-old stray, Vanya (the wonderful Kolya Spiridonov), who lives in an institution easily meriting that well-worn adjective Dickensian. Overcrowded and brutally underfinanced, it is the kind of place in which hope dies slowly but surely, vanishing a little more with each new birthday. It is a holding pen for young bodies with very old souls.
The story opens once upon a time not long ago when two Italians, a giddy, gregarious husband and wife, arrive at the foundling home in the company of a corrupt adoption broker, simply called Madam (Maria Kuznetsova). Bursting confidently out of her snug clothes, her eyes twinkling with malice and greed, Madam arranges for foreigners to adopt Russian children, including the ones here. The husband and wife have come for Vanya, a little Italian to call their own (hence the film’s title). But first there are papers to sign, bureaucratic channels to cross, personalities to meet, a world to discover, perils to note, jokes and toasts and scenes to be made, and the careful creation of an engrossingly dramatic reason for us to keep watching.
That dramatic hook arrives in the person of a weeping woman, a Russian mother who has come to reclaim the son she once abandoned. But the child is long gone, having been adopted by a foreign family or, more terrifyingly, by an organ purveyor. After spilling her tears, she takes a cue from one of the great sacrificial victims of Russian literature and leaps under a train. The news gets back to the institution, where the children start buzzing fearfully, worried that their own mothers may try to come back to fetch them, only to end up dead. Among the most concerned is Vanya, whose anxiety inspires a ferocious, heroic quest, one that takes him far from the home and into a kingdom dangerously alive with ogres and witches.
These are not real ogres and witches, naturally, though they loom just as menacingly as any fairy-tale fiend. Among the scariest is Madam, who keeps a close watch on her future sales while aided and abetted by Sery (Sasha Syrotkin), an all-purpose lackey who drives her S.U.V. and occasionally checks under her hood. Madam more or less runs the home, stingily paying off the old rummy who serves as its headmaster (Yuri Itskov). He seems to drink most of that money away; more careless than cruel, he has neither the head nor the heart really to run the place. That leaves the children to fend for themselves, which they do with all the cunning and invention of Fagin’s little troupe, led by a charismatic teenage boy, Kolyan (Denis Moiseenko).
As a microcosm of contemporary Russia, the institution couldn’t be bleaker or feel more harshly true. Nestled in the warmth from its roaring furnace, Kolyan runs the home like a general or a mob boss, divvying up the work and collecting the earnings. One young teenager, Irka (Olga Shuvalova), turns tricks, climbing in and out of the cabs of passing trucks; the boys, including Vanya, pump gas and wash car windows and headlights at a local gas station. Much of the money goes into a chest, but some of it goes for shoes and supplies. The paradox of these children’s lives is that while some of their futures are dependent on the rapacious capitalism embodied by Madam, they survive as a collective, as a shadow of the Soviet past.
The film’s director, Mr. Kravchuk, throws a beautiful, somewhat gauzy light over this world that gently softens its harder angles. There is something slightly magical about the lighting, almost as if this were a fantasy land from which Vanya might actually make an escape. This sense of unreality, of magical thinking and wishing, carries the story and Vanya through a remarkable journey.
He leaps over hurdles like a stag, this child. He runs and fights and schemes and, during a ferocious eruption of pity and terror near the end of the story, he just about breaks your heart into pieces. There’s a touch of directorial sadism at work here, I think. But the last shot of a child’s face lighted up with hope also seems to me like something out of a film by Roberto Rossellini, which is very high praise indeed.
“The Italian” is rated PG-13 (Parents strongly cautioned.) These children go through it all, including violence and prostitution, though few of their perils are rendered graphically.
THE ITALIAN
Opens today in New York and Los Angeles.
Directed by Andrei Kravchuk; written (in Russian, with English subtitles) by Andrei Romanov; director of photography, Alexander Burov; edited by Tamara Lipartiya; music by Alexander Kneiffel; production designer, Vladimir Svetozarov; produced by Vladimir Husid and Vladimir Bogoyavlensky; released by Sony Pictures Classics. Running time: 99 minutes.
WITH: Kolya Spiridonov (Vanya), Denis Moiseenko (Kolyan), Sasha Syrotkin (Sery), Olga Shuvalova (Irka), Dima Zemlyanko (Anton), Maria Kuznetsova (Madam) and Yuri Itskov (Headmaster).
http://www.nytimes.com/2007/01/19/mo...ital.html?8dpc
Redford Whispers, Time’s Up
David Carr
The Bagger was thrilled to actually see a film at Sundance, in this case, the premiere of “Chicago 10,” the mashup of animation and archival material that serves as a modern tutorial on four days in recent American history when a major city turned into a police state, and a fairly brutal one at that.
He rode to the event in one of those transport buses that reminded him a lot of the bus that he used to ride to school, except the heat was set on stun and he found himself quickly basting inside his parka.
Still, when he got to the Eccles Theater, the whole Sundance tableau was on display. Movie guys like James Schamus of Focus, Ruth Vitale of First Look and John Lesher of Paramount Vantage were in the lobby with the rest of us, queuing up to see a movie that none of us had seen. Amidst all of the ponytails and parkas, it is sometimes easy to forget that this whole thing is supposed to be about the movies. And as “Little Miss Sunshine” and “An Inconvenient Truth” show, Sundance still rolls films out into the culture to profound effect.
Just as the country seems to have become increasingly politicized, in part because politics seems not to be working, so Sundance has a huge slate of movies — look for running motifs that the war is dumb, its advocates are dishonest — that mostly dress left and clobber the right. The movie industry, relentlessly liberal no matter what they say, has generally been sitting on the sidelines and wringing their hands and wondering who actually voted for the current president. The answer is an electoral majority of their customer base, but that does not stop the industry from believing that if they come up with the right movie the country will somehow see the error of its ways.
Robert Redford introduced the evening and teed up what is undoubtedly going to be a 10-day cinematic referendum on the state of the union. He started out just this side of coy, but his feelings, and the gesture of putting “Chicago 10,” with its animating principle of talking back the government, were clear. He invoked 9/11 and said that the attack on America had compelled he and others to hit the mute button.
“We let the leaders lead,” he said. “In the last years, we can now go back and reflect on that. I will leave it to you to how you feel about that.”
But not really.
“I think we are owed a big massive apology,” came the punchline.
Laughter, then cheers. Big long ones.
“Tonight’s film is about another time when young people of this country and others of like mind joined in protest,” Mr. Redford said. “They raised their voices and they risked something. They put themselves out there. They put themselves in harm’s way to have their voices heard.”
Given that Brett Morgan, the director of the film, was born a month after the Democratic convention in 1968, it is less a victory lap of for a storied vanguard of the left and more an incitement to the current age.
“I didn’t want to make a movie that preached to the choir,” Mr. Morgan said at the post-screening party. “I wanted to do things in a way that would resonate with all sort of people who really didn’t know much about what happened back then.”
To that end, Mr. Morgan used animation to fill in when the historical footage was insufficient. So much of the trial of the alleged provocateurs of the demonstrations are rendered in motion-capture animation.
In fact, Mr. Morgen said that his decision to use animation in this way was inspired by one of the leading demonstraters: “I was doing my research and I read something where Jerry Rubin described the trial as a total cartoon, and I said, ‘That’s it, that’s what we are going to do.’ “
The movie’s ambitions are large, but will the director’s approach to history work on audiences besides the predisposed Sundance crowd? The Bagger is not paid to taste-make, but he expects that those who are will give the movie mixed reviews.
Regardless of its artistic objectives or success, “Chicago 10’s” prospects for instigating grassroots political action are low. In fact, the film feels very distant from current political dissent. Much of the today’s political activism, to the extent that there is any, has moved online and it has been a long time since civil disobedience by actual civilians has done anything besides kick up a few headlines. In that sense, the film’s innovative approach to telling a story is arrayed over something that seems more artifact than inspirational blueprint.
The presence of a contemporary soundtrack etches the very different times we live in. Eminem’s “Mosh” arrives as a call to arms, a chant against the current president that was accompanied by a video when it was released in which a youthful army in black hoodies marched against the backbeat of insurrection. But while the song made a big splash when it came out, most of the demo it was aimed at was content to participate in the revolution by nodding their heads to the beats while staying firmly planted on the couch.
Movies sometimes matter, but few revolutions begin in a movie seat. That won’t stop Sundance from trying to make one, though.
http://carpetbagger.blogs.nytimes.co...pers-times-up/
The French Know Where 007 Acquired His Savoir-Faire
Elaine Sciolino
James Bond has never seemed fascinated by the French, but the French certainly are fascinated by James Bond.
The British secret agent has driven British cars, worn Savile Row and Brioni suits, flashed Swiss watches and demanded Russian caviar and Norwegian honey.
But he speaks French — at least in the 1953 novel “Casino Royale.” He detests English tea. He insists that his tournedos béarnaise be served rare and his vodka martinis be splashed with the French aperitif Lillet.
He has sported a French cigarette lighter and French cuff links (S. T. Dupont) and drunk rivers of French Champagne (Bollinger). He has romanced beloved French actresses like Sophie Marceau.
For three days this week, French and foreign researchers came together in a conference sponsored in part by the National Library of France and the University of Versailles to dissect and psychoanalyze, criticize and lionize Ian Fleming’s debonair creation.
Titled “James Bond (2)007: Cultural History and Aesthetic Stakes of a Saga,” the conference — France’s first scholarly colloquium on James Bond — was aimed at developing a “socioanthropology of the Bondian universe.”
“James Bond is a fascinating cultural phenomenon who transcends nationality and politics,” said Vincent Chenille, a historian at the National Library who helped organize the conference, which ended Thursday. “He’s very human. His faults are identifiable.”
Hubert Bonin, an economic historian from Bordeaux, who spoke on “the anguish of capitalist conspiracy and overpowering,” had a different explanation. “In France we have the myth of the savior, the Bonaparte, the de Gaulle,” he said. “Here, we’re always searching for the providential hero. James Bond is a very reassuring figure for France.”
The conference was a breakthrough in French scholarly circles. Umberto Eco, Kingsley Amis and Philip Larkin have all written seriously about Bond, but the French intelligentsia has been slow in embracing global popular culture.
Mr. Fleming, a French speaker whose Bond novels were translated into French decades ago, never has been considered a first-rate novelist. Film studies in France focus on the “artistry” of directors like Truffaut and Hitchcock; Bond films have been treated as haphazard commercial enterprises that, lacking a single director, have no artistic or thematic unity.
“This conference is a revolutionary act,” said Luc Shankland, a lecturer on media and cultural studies at the Sorbonne who is writing his doctoral dissertation on Bond and British cultural identity. “To put this artifact of popular culture in a setting like the highbrow National Library is a kind of provocation. It’s been a taboo in intellectual circles to say you like James Bond.”
But on the political and the popular level, the French appreciate James Bond. Sean Connery, who is married to a French painter and played Bond in seven films, is a chevalier in the French Legion of Honor and commander of Arts and Letters. Roger Moore, a star of seven later Bond films, is a French officer of Arts and Letters.
French television routinely airs Bond films; 7.1 million viewers saw “The World Is Not Enough” last month on the leading French channel, TF1. A Bond fan club publishes a magazine called “Le Bond” and organizes trips to sites in the novels and films.
As far back as 1973, Jean-Paul Belmondo parodied Bond in Philippe de Broca’s film “Le Magnifique.” Last year a Bond spoof called “OSS 117: Cairo Nest of Spies,” with a comic actor playing a French spy made to resemble a young Mr. Connery, was a runaway hit.
The “Casino Royale” remake has been seen by more than three million people in France since it opened in late November. Eva Green, the film’s Bond girl, is half French in real life. French magazines have published lengthy descriptions of her upbringing in France, favorite Parisian restaurants and boutiques, and devotion to her mother, the well-known French actress Marlène Jobert.
The film has had a ripple effect. At one point, Bond rattles off his martini order: three measures of Gordon’s gin, one of vodka, half a measure of Lillet, shaken over ice and topped with a thin slice of lemon peel. The recipe, taken from Mr. Fleming’s novel, has shone the spotlight on Lillet, a little-known aperitif produced near Bordeaux since 1872.
“We’re a small company, and our distributors used to be told: ‘Lillet? That’s old,’ ” Bruno Borie, the chief executive of Lillet, said in a telephone interview. “The film has given a boost to the brand. It’s changed our place on the map.”
Last month the French accessories company S. T. Dupont introduced two James Bond “seduction cases.” The $3,880 “mini-seduction case” includes a bottle of S. T. Dupont’s own label of Champagne, two flutes, a Dupont cigarette lighter and a metal “Do Not Disturb” door sign. The deluxe $25,800 model comes in a yardlong buffalo leather trunk and includes a setting for caviar, an ice bucket, an MP3 player with Sony speakers, a Baccarat bud vase and candles.
At the Paris conference, speakers dazzled the audience with Bond trivia. Some lamented the fact that the “Casino Royale” remake had lost the novel’s French setting and had been transported to Montenegro.
It was noted that the title “Casino Royale” had a grammatical error in French: “casino” is a masculine noun, “royale” a feminine adjective, an effort by Fleming to give the novel a French-sounding title. The first French translation corrected the error.
As for his culinary tastes, Bond was a “pitiful connoisseur of wine,” said Claire Dixsaut, a researcher at the European Center for Audiovisual Writing. He “never ordered a gastronomic menu,” he said. “He loves grilled chops, sole meunière, rare tournedos and fresh vegetables. He was, at the table as in his investigations, in search of the truth.”
Other topics included Switzerland as a financial haven in James Bond, the geopolitics of James Bond, the evolution of female figures in James Bond and the metamorphoses and permanence of the Bondian personality.
The scholarly seriousness has amused some Bondophiles.
“The propensity people have to speak of so many things with so much seriousness — it’s incredible,” Jean-François Halin, a screenwriter of “OSS 117: Cairo Nest of Spies,” said in a telephone interview. “In our film, we mock the French colonial, paternalistic vision of the world. We make fun of the James Bond films. But I guess you can find seriousness in everything.”
Maia de la Baume contributed reporting.
http://www.nytimes.com/2007/01/19/wo...pe/19bond.html
O Brave New World That Has Such Gamers in It
Seth Schiesel
This week it’s likely that thousands of people cut school, called in sick and otherwise turned away from the real world so they could be among the first adventurers to traverse the Dark Portal and battle the demons of the Burning Legion in the broken world of Outland.
Call it the World of Warcraft effect. This is what happens when Blizzard Entertainment, the maker of World of Warcraft, the top online computer game with more than eight million paying subscribers, releases the game’s first retail expansion set.
The Burning Crusade, as the set is titled, went on sale at midnight Tuesday. For people who don’t play online games, it can be a little difficult to describe the freakout many gamers experience as they try to explore and conquer the new content. Imagine the convergence of rabid fans if, say, Luciano Pavarotti were to star in a long-hyped live remake of “Star Trek” at Carnegie Hall, with special appearances by Tom Cruise and Kiefer Sutherland.
It’s a bit like that, except for people who mostly don’t read People, care about Jack Bauer or subscribe to the Met.
I’m one of them, which is why I spent 24 almost consecutive hours at my computer playing and why I will be playing the game for most of the next couple of weeks as I write an online serial review and travelogue through the most successful virtual world in, well, the world.
The reason World of Warcraft has become such a cash factory (the game has attracted more than eight million subscribers, most of whom pay about $15 a month to play) is that it delivers an overall entertainment experience that goes far beyond what one might expect from a mere game.
For example, in the new addition, as soon as you cross through the mystical Dark Portal and into the new continent Outland, you are immediately confronted with an epic battle taking place on the gate’s steps between the grotesque Burning Legion and the heroic defenders of peace and justice.
It is an effect meant to impress that the player is merely part of a much larger, more important story. It is the same device used in the opening scenes of war films like “Saving Private Ryan” to viscerally establish the broader context before narrowing to focus on a much smaller-scale human drama.
Of course in an online role-playing game like World of Warcraft the biggest and most central draw for most players is in exploring that virtual world and making one’s character more powerful.
The two concepts — exploration and growth — go together. In W.O.W., as in most such games, characters begin life as a weakling at what is called Level 1. And since W.O.W.’s debut in late 2004, characters have been capped at Level 60.
After two years of players champing at the bit to advance, Burning Crusade has raised the cap to Level 70 and opened seven new high-level zones for players to explore, complete quests and defeat monsters.
The fun part is that on each server, or copy of the game world, thousands of other players — humans and orcs, wizards and rogues, druids and warlocks — are trying to do the same thing. What naturally emerges, at least among some players, is a race, or land-rush, mentality. There is a whole new continent to explore, all this new power to attain; who will see and experience it first?
And so at midnight Tuesday the starter’s gun went off. Around 5:45 a.m., after completing most of the available quests in the first zone, called Hellfire Peninsula, I became the second player on my server to reach Level 61, around 20 minutes after another gamer in my guild. I moved west to the moody, slightly creepy bogland zone called Zangarmarsh and became my server’s first Level 62er just before noon.
By then I was receiving dozens of private messages in the game every hour from players I had never met who could see that my guildmate and I were out front: “OMG how did you level so fast?,” “Hey you must have a lot of gold, can I have some?” and of course “You guys are huge nerds.” (Yes, and proud ones, I might add.) The chatter only increased after I became the first on my server to reach Level 65 early yesterday morning.
In addition to bragging rights there is a very practical reason for wanting to stay in front of the pack in a situation like this. Only by maintaining a lead does one gets to experience the world in an almost pristine state. As I moved into lush Terokkar Forest Wednesday, there was almost no one else there, creating a blissful sense of exploration akin to hiking into Yosemite well before the tourists arrive. In a week Terokkar will be packed full of the equivalent of tour buses and noisy R.V.’s.
As I continue to explore I will share my impressions and progress. After I reach Level 70 I hope to loop back and explore some of Burning Crusade’s other new features, like the new alternate starting areas for low-level characters.
http://www.nytimes.com/2007/01/19/arts/19warc.html
Digital Archivists Look to Porn, Flash for Tips
Stefanie Olsen
How can society preserve digital art on the Internet the way brick-and-mortar museums can for Picassos and van Goghs?
Oddly enough, at least one preservationist believes the answer might be found in an expression that most curators don't consider art--online pornography.
"I guarantee that a wealth of pornography from the late 20th century will survive in digital distributed form (because) it's a social model that's working extremely well," said Kurt Bollacker, digital research manager at the Long Now Foundation, a nonprofit fostering several digital-works preservation projects. Bollacker spoke Thursday at a symposium called "New Media and Social Memory" at the University of California at Berkeley Art Museum and Pacific Film Archive.
He held up the adult industry--always the digital pioneer--as one example of a self-selected community on the Web that swaps images and videos so regularly and widely that that activity will ultimately help preserve an archive over years. Similarly, he pointed to successful niche archives like the Multi-Arcade Machine Emulator, or MAME, a collective of programmers who preserved video games from the 1980s with CPU and hardware emulators.
"Anyone interested in preserving digital art should evaluate ongoing distributed data efforts," said Bollacker, who has a background in artificial intelligence and previously worked with the Internet Archive, a Web preservation project.
Bollacker was among several technologists, academics and curators considering the question of digital art and how to preserve it in a fast-moving world of technological change.
Challenges to preservation
Traditionally, preserving any art--books, music or paintings--has been highly controlled by skilled professionals, who often deal with tangible, long-lasting and, in the case of museum quality art, highly expensive materials. But in the digital world, that model is turned on its ear--just ask the record labels if controlling distribution of digital music is easy. On the Internet, moving data is cheap and easy, the media is ephemeral, and preservationists are amateurs.
And as Bollacker said, "Millions of people can make digital art, and maybe most of it is crap, so we don't know which to save."
The challenges to cataloging and preserving any work online are common to all fields of art. Those include the limits of human resources to track the body of work online--and those are only getting more finite. Another is the obsolescence of file formats: how can future generations access digital media if the formats and software they're recorded in are eventually replaced?
The digital realm does have its benefits, however. Costs of storage have dropped so low that Hitachi recently unveiled the first terabyte hard drive, opening up the possibility of storing all of the text of the Library of Congress on one server, for example. Low-cost bandwidth also makes it easy for people to move media relatively easily. And the Internet is not short on creativity or motivation from the millions of people it attracts.
Still, preservationists are asking themselves how best to record history.
Alexander Rose, executive director for the Long Now Foundation, which is working on a 10,000-year digital clock, said that the real killer app for archiving is in peer-to-peer applications like BitTorrent and Kazaa, which have long been used for music file-swapping. He believes that these two companies will play a crucial role in archiving new media. "What they don't have is memory. But if they get it, they can store media for archiving," Rose said during the symposium.
The Flash programming community has also been a boon to early Internet artists by preserving archives of animations (.swf archives and Gnash) and providing open-source technology (the Open Source Flash Player) so people can watch animations in older formats. Other open-source digital art projects include Processing.org and Princeton's audio-programming language, Chuck.
The Long Now Foundation has also investigated how other groups around the world approach art preservation. The Vatican, for example, maintains a large room with long, thin drawers containing all of the original 16th-century artist tiles used in mosaics around Rome. "These are like pixels of the 16th century" said Rose, who has visited the room in the Vatican. "The (mosaics) haven't survived 5,000 years on their own."
Similarly, the Long Now Foundation has visited the Mormon Church's genealogical archive kept buried in a vault in Utah's Cottonwood Canyon. The church is building an archive of all the world's genealogical data on microfiche in a vault designed to last at least 1,000 years. Still, the data in the vault doesn't have an internal index, according to those at the Long Now Foundation who visited the site. "The index of where things are is in an Oracle database outside the vault. And without an index for the vault, (the data) is useless," one executive said.
For its part, the Long Now Foundation has developed a prototype of tools that let people search for and use file format converters. The tool is designed to solve the problem of losing works written in obsolete file formats.
Bollacker said he believes such software is key in preserving new media art, along with the collaboration of online communities. Archivists should also look at how they can move files around fluidly and insert them into diverse environments, where they can be copied like the DNA of a flower, he said.
"Data's got to continuously move to stay alive; and it's got to be frequently accessed by a lot of people. Open source, publicly documented formats and software will be the long-term survivors," he said.
http://news.com.com/Digital+archivis...3-6151389.html
Old Dye as New Media Storage
Matt Ford
Prussian blue (PB) is one of the oldest known synthetic chemicals. It is used as a dye in paints and was a key component of blueprints. New research shows that a chemical derivative of PB can be magnetized by hitting it with light, and, more importantly, this magnetization can be turned off with the application of heat. By having two distinct states, a material such as this PB derivative could be used to store data, with the magnetized state equating to a one, and a nonmagnetized state being a zero.
Long-term storage has been one of the most important components throughout the history of modern computing. Modern hard drives have little in common with the earliest versions. The first hard drive was built by IBM in 1956. Used in the IBM 350, it consisted of 50 24-inch diameter plates with 100 recording surfaces, with each surface having 100 tracks. The total amount of memory on these drives was about 5MB; they weighed over a ton and were available for lease from IBM for a meager $3,200 per month. A single modern hard drive can hold on the order of 750GB of data, and is readily available for a few hundred dollars.
Prussian blue, on the other hand is much older, having been developed by the German colormaker Diesbach around 1704 or 1705. When PB was synthesized, Diesbach was actually trying to create a red dye. In the process of trying to create a deep red, he created the deep blue we know today as Prussian blue (fun fact: PB is RGB value [0, 49, 83] and hex triplet #003153), which was the first synthetic dye. It is the structure of PB that makes it interesting to modern science; its chemical formula is Fe7(CN)18(H2O)x, where 14 < x < 16, but it is a chemical derivative of this compound that is piquing the interest of researchers.
A cobalt rubidium Prussian blue derivative compound has been found to be capable of being magnetized by a pulse of light and remaining in this altered state until heated. With this compound having two stable states, it could be perfect for a new form of information storage. It was found that when this material was irradiated with red light, an electron transfer would take place changing the oxidation state of cobalt from +III to +II, and the iron oxidation state from +II to +III. This electron transfer was accompanied by a slight change in the structure of the material. The Co-N-C linkage would change from a bent configuration to a straight configuration; the charge transfer and change in spin on the various molecules allows the material to transition from a nonmagnetic to a magnetic state. The charge transfer—and accompanying structural change—can be undone with the simple addition of heat to the system, returning the material to its starting configuration.
Since one of the two possible states of this material is magnetic, coupled with the fact that this change is easily reversible and stable, it has the potential to be used as a near-perfect analogue to modern binary memory storage devices. While this material holds promise, it is not ready for prime time, or daytime for that matter; the switching process is currently carried out at -150° C. While only a first step, materials of this type could one day be developed to create information storage systems that can store data at the atomic level, allowing far more information to be packed into the same area used in modern components.
http://arstechnica.com/news.ars/post/20070119-8658.html
Ultra-Dense Optical Storage -- on One Photon
Researchers at the University of Rochester have made an optics breakthrough that allows them to encode an entire image's worth of data into a photon, slow the image down for storage, and then retrieve the image intact.
While the initial test image consists of only a few hundred pixels, a tremendous amount of information can be stored with the new technique.
The image, a "UR" for the University of Rochester, was made using a single pulse of light and the team can fit as many as a hundred of these pulses at once into a tiny, four-inch cell. Squeezing that much information into so small a space and retrieving it intact opens the door to optical buffering—storing information as light.
"It sort of sounds impossible, but instead of storing just ones and zeros, we're storing an entire image," says John Howell, associate professor of physics and leader of the team that created the device, which is revealed in today's online issue of the journal Physical Review Letters. "It's analogous to the difference between snapping a picture with a single pixel and doing it with a camera—this is like a 6-megapixel camera."
"You can have a tremendous amount of information in a pulse of light, but normally if you try to buffer it, you can lose much of that information," says Ryan Camacho, Howell's graduate student and lead author on the article. "We're showing it's possible to pull out an enormous amount of information with an extremely high signal-to-noise ratio even with very low light levels."
Optical buffering is a particularly hot field right now because engineers are trying to speed up computer processing and network speeds using light, but their systems bog down when they have to convert light signals to electronic signals to store information, even for a short while.
Howell's group used a completely new approach that preserves all the properties of the pulse. The buffered pulse is essentially a perfect original; there is almost no distortion, no additional diffraction, and the phase and amplitude of the original signal are all preserved. Howell is even working to demonstrate that quantum entanglement remains unscathed.
To produce the UR image, Howell simply shone a beam of light through a stencil with the U and R etched out. Anyone who has made shadow puppets knows how this works, but Howell turned down the light so much that a single photon was all that passed through the stencil.
Quantum mechanics dictates some strange things at that scale, so that bit of light could be thought of as both a particle and a wave. As a wave, it passed through all parts of the stencil at once, carrying the "shadow" of the UR with it. The pulse of light then entered a four-inch cell of cesium gas at a warm 100 degrees Celsius, where it was slowed and compressed, allowing many pulses to fit inside the small tube at the same time.
"The parallel amount of information John has sent all at once in an image is enormous in comparison to what anyone else has done before," says Alan Willner, professor of electrical engineering at the University of Southern California and president of the IEEE Lasers and Optical Society. "To do that and be able to maintain the integrity of the signal—it's a wonderful achievement."
Howell has so far been able to delay light pulses 100 nanoseconds and compress them to 1 percent of their original length. He is now working toward delaying dozens of pulses for as long as several milliseconds, and as many as 10,000 pulses for up to a nanosecond.
"Now I want to see if we can delay something almost permanently, even at the single photon level," says Howell. "If we can do that, we're looking at storing incredible amounts of information in just a few photons."
http://physorg.com/news88439430.html
Solar Power Eliminates Utility Bills in U.S. Home
Jon Hurdle
Michael Strizki heats and cools his house year-round and runs a full range of appliances including such power-guzzlers as a hot tub and a wide-screen TV without paying a penny in utility bills.
His conventional-looking family home in the pinewoods of western New Jersey is the first in the United States to show that a combination of solar and hydrogen power can generate all the electricity needed for a home.
The Hopewell Project, named for a nearby town, comes at a time of increasing concern over U.S. energy security and worries over the effects of burning fossil fuels on the climate.
"People understand that climate change is a big concern but they don't know what they can do about it," said Gian-Paolo Caminiti of Renewable Energy Associates, the commercial arm of the project. "There's a psychological dividend in doing the right thing," he said.
Strizki runs the 3,000-square-foot house with electricity generated by a 1,000-square-foot roof full of photovoltaic cells on a nearby building, an electrolyzer that uses the solar power to generate hydrogen from water, and a number of hydrogen tanks that store the gas until it is needed by the fuel cell.
In the summer, the solar panels generate 60 percent more electricity than the super-insulated house needs. The excess is stored in the form of hydrogen which is used in the winter -- when the solar panels can't meet all the domestic demand -- to make electricity in the fuel cell. Strizki also uses the hydrogen to power his fuel-cell driven car, which, like the domestic power plant, is pollution-free.
Solar power currently contributes only 0.1 percent of U.S. energy needs but the number of photovoltaic installations grew by 20 percent in 2006, and the cost of making solar panels is dropping by about 7 percent annually, according to the Solar Energy Industries Association.
As costs decline and the search accelerates for clean alternatives to expensive and dirty fossil fuels, some analysts predict solar is poised for a significant expansion in the next five to 10 years.
State Support
The New Jersey project, which opened in October 2006 after four years of planning and building, cost around $500,000, some $225,000 of which was provided by the New Jersey Board of Public Utilities. The state, a leading supporter of renewable energy, aims to have 20 percent of its energy coming from renewables by 2020, and currently has the largest number of solar-power installations of any U.S. state except California.
New Jersey's utility regulator supported the project because it helps achieve the state's renewable-energy goals, said Doyal Siddell a spokesman for the agency.
"The solar-hydrogen residence project provides a tremendous opportunity to reduce greenhouse gases that contribute to global warming," he said.
The project also got equipment and expertise from a number of commercial sponsors including Exide, which donated some $50,000 worth of batteries, and Swageloc, an Ohio company that provided stainless steel piping costing around $28,000. Strizki kicked in about $100,000 of his own money.
While the cost may deter all but wealthy environmentalists from converting their homes, Strizki and his associates stress the project is designed to be replicated and that the price tag on the prototype is a lot higher than imitators would pay. Now that first-time costs of research and design have been met, the price would be about $100,000, Strizki said.
But that's still too high for the project to be widely replicated, said Marchant Wentworth of the Union of Concerned Scientists, an environmental group in Washington. To be commonly adopted, such installations would have to be able to sell excess power to the grid, generating a revenue stream that could be used to attract capital, he said.
"You need to make the financing within reach of real people," Wentworth said.
Caminiti argues that the cost of the hydrogen/solar setup works out at about $4,000 a year when its $100,000 cost is spread over the anticipated 25-year lifespan of the equipment. That's still a lot higher than the $1,500 a year the average U.S. homeowner spends on energy, according to the federal government. Even if gasoline costs averaging about $1,000 per car annually are included in the energy mix, the renewables option is still more expensive than the grid/gasoline combination.
But for Strizki and his colleagues, the house is about a lot more than the bottom line. It's about energy security at a time when the federal government is seeking to reduce dependence on fossil fuels from the Middle East, and it's about sustaining a lifestyle without emitting greenhouse gases.
For the 51-year-old Strizki, the project is his life's work. "I have dedicated my life to making the planet a better place," he said.
http://today.reuters.com/news/articl...SOLAR-HOME.xml
Until next week,
-
js.
Current Week In Review
Recent WiRs -
January 13th,
January 6th,
December 30th,
December 23rd,
December 16th
Jack Spratts' Week In Review is published every Friday. Submit letters, articles and press releases in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. Questions or comments? Call 213-814-0165, country code U.S.. Voicemails cannot be returned.
"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public." - Hugo Black