President Bush meets with Republican presidential candidate Sen. John McCain (R-Arizona), Democratic presidential candidate Sen. Barack Obama, (D-Illinois) and congressional leaders in the Cabinet Room of the White House on Thursday to discuss the proposed bailout of the financial industry. Left to right: McCain, Minority Leader John A. Boehner (R-Ohio), Speaker of the House Nancy Pelosi (D-California), Bush, Senate Majority Leader Sen. Harry Reid (D-Nevada), Senate Minority Leader Mitch McConnell (R-Kentucky), Obama.
AP Photo/Pablo Martinez Monsivais

The prospect of a gargantuan $700 billion Wall Street bailout agreement presents a prime opportunity for both Congress, and in particular the presidential candidates, to live up to their promises of using the internet to free themselves of undue influence.

When congress rushes through important legislaton such as this upcoming bill, extraneous or items of questionable merit, are usually thrown in during the final stretch of the haggling process between key staff members of the relevant committees behind closed doors.

That's what happened in the process of the re-authorization of the USA PATRIOT Act, for example. After passage of the controversial legislation, lawmakers later discovered that they had approved an obscure provision that allowed the Bush Administration to appoint replacements for US attorneys without senate confirmation. That enabled Alberto Gonzales, then the Attorney General, to install US attorneys that many Democratic members of congress charged were political henchmen. 

"What we know is that lobbyists have flooded the offices of Capitol Hill all of last week, and all last week-end after the Paulson bill was announced, and it's a lobbying frenzy," says Ellen Miller, co-founder of the Sunlight Foundation. "Without full transparency for what's in the legislation, we won't find out who got what until after the bill has been passed, and after it's too late for anybody to react to it."

Miller wants legislators to make any and all of the iterations of the legislation available electronically -- all the way until it is ready to be voted on on the floor of both congressional chambers.   

"It is an outrage that what congress clearly plans to do is to drop this bill, minutes before they call for a vote on it, neither allowing those who get to vote on it, nor the public, to view it," she says.

Miller is one of the 15 of the people on Wired's smart list whom we've recommended that the next president pay a visit to. A long-time Washingtonion, she says that she knows both Barack Obama and John McCain.

Miller's staff were planning to contact legislators Thursday afternoon to ask for copies of any emerging bailout bill. The group maintains a site called PublicMarkup.org that transforms PDFs into a document that the public and examine, comment on and re-write themselves online.

Both Senator Chris Dodd, D-Conn.'s proposal and Treasury proposals are up on the site.

"The ideal situation is to have the legislation published online immediately." Miller says. "Our position is that every piece of legislation should have a minimal online public availability time of 72 hours, which would give citizens and lawmakers a chance to read, digest, think about and comment. There's no better place to start with than with this bill that involves hundreds of billions of dollars, and affects the lives of everyone."

During his comments this morning in New York City at the Clinton Global Initiative, McCain called for any proposed legislation to be published online so that taxpayers could view it.

"There must be complete transparency in the review of this legislation, and in the implementation of any legislation," he said, according to a copy of his prepared remarks. "This cannot be thrown together behind closed doors. The American people have the right to know which businesses will be helped, what that selection will be based on and how much that help will cost. All the details should all be made available online and elsewhere for open public scrutiny."

Obama has been a vocal supporter of government transparency and has made it a part of his technology agenda, but queries to his press staff were not returned at the time of this posting.

Open government advocates worry that banking industry lobbyists may get in a provision that they've been pushing for the past few months for example. A new rule mandating that they make explicit their bad debts on their books went into effect last November. Banks want it repealed.

"There is a feeding frenzy of lobbying involved, and regulated industry is interested in ensuring that the final legislation benefits them to the maximum," says Gary Bass, founder and executive director of the government accountability research and advocacy group OMB Watch. "One has to worry over whether true transparency will occur."

He's quick to add that so far he's re-assured by the noises on the subject made by Dodd and Rep. Barney Frank, (D-Mass.) both respectively chairmen of the Senate and House banking committees.

"Senator Dodd and Congressman Frank have been way on top of this -- they've been arguing for accounability and transparency," he notes. "My biggest concern is the content of the legislation. I want to make darn sure that the content of the legislation -- even if it's not reviewed in some formal manner -- has some transparency and accountability built into it. That's one of the key issues and principles."

He says he doesn't hold out much hope for public review of the legislation because members of congress are keen to adjourn and return to their distruicts to campaign for re-election.

But the process may take longer than anyone might expect. Lawmakers emerged from the White House late Thursday after thinking they had a deal in hand, with no consensus on how to move forward. 

For those keeping tabs on the Recording Industry Association of America's 5-year-old litigation campaign, a federal judge's decision late Wednesday declaring a mistrial in the Jammie Thomas case was a significant event.

The judge's ruling in the nation's first and only file sharing case to go before a jury was substantial for two reasons: It nullified an almost foolproof method for the RIAA to prevail in cases and replaced it with another.

In nullifying the jury's $222,000 judgment, U.S. District Judge Michael Davis said he erred when he  told (.pdf) jurors last year that it was unlawful to have copyrighted music in a share folder open for others to download.

The Duluth, Minnesota judge said (.pdf) "actual" distribution must be shown.

At first glance, the decision appeared to have deflated the RIAA's legal position, (.pdf) which has helped it prevail in almost every one of its 30,000 cases –- most all of which have settled out of court.

But almost in passing, Judge Davis said that the music files the RIAA investigators allegedly downloaded from Thomas' share folder on Kazaa "can form the basis of an infringement claim."

Brian Toder, Thomas' attorney, said the decision "certainly hurts us."

In every case, RIAA investigators make downloads of music from a target's share folder. In the Thomas case, 24 downloads allegedly were made by MediaSentry, the recording industry's investigative arm.

"One can either have an infringement by violating reproduction rights or by distribution. According to that opinion, there is still a violation of a distribution right if your own people, MediaSentry, does the downloading. That doesn't help us," Toder added.

(Toder and digital rights groups say downloads made by RIAA investigators should not count against a defendant because the detectives were authorized by the music industry to make the downloads.)

The RIAA, the industry's lobbying and litigation arm, said it was mulling whether to embrace or appeal the decision.

"We have confidence in our case and the facts assembled against the defendant," said RIAA spokesman Jonathan Lamy. "As with all our illegal downloading cases, we have evidence of actual distribution."

The only other U.S. judge presented with the same issue ruled similarly to Judge Davis. That Arizona judge's April decision (.pdf) paved the way for the RIAA to win $40,000 after it was learned the defendant concealed evidence by manipulating his hard drive.

Toder said there is little likelihood of an out-of-court settlement in the Thomas case -- meaning a retrial is soon likely. During her trial last year, Thomas denied she shared music on Kazaa. The jury dinged her $9,250 per song.

"My client has repeatedly said she wouldn't settle," Toder said.

Still, the practical reality of the Thomas decision might end up nothing more than theoretical.

The RIAA usually offers its targets the ability to settle for a few thousand dollars. Almost every case has settled rather than risk losing at trial and having to pay substantial legal attorney fees as well. The Copyright Act allows penalties of up to $150,000 per music track.

Still, if a defendant went to trial and was bound by the Thomas precedent, a litigant would have to challenge the RIAA's contention that MediaSentry downloaded music from their open share file. The RIAA has the power to subpoena the allegedly offending hard drive.

Fred Cohen, a California computer forensics expert, said he likely could decipher whether music files in a defendant's hard drive were an identical match to the ones of which the RIAA said it made copies.

"There are an enormous number of possible ways to tell," he said.

Among them, he said, he could compare the files bit by bit, search for identical serialization, stenographical marks, digital rights management, time stamps and metadata. "It just varies," he said.

To hire somebody like him to defend an RIAA lawsuit, he said, is costly.

"I'm $500 an hour," he said.

See Also:

• Judge Declares Mistrial in RIAA-Jammie Thomas Trial
• RIAA Decries Attorney-Blogger as 'Vexatious' Litigator
• File Sharing Lawsuits at a Crossroads, After 5 Years of RIAA ...
• RIAA, MPAA Converging on Political Conventions
• Do RIAA Snoops Need PI Licenses?
• Universities Baffled By Massive Surge in RIAA Copyright Notices
• File Sharer Settles with RIAA for a Whopping $756 a Song
• White House Opposes Expanded DOJ Copyright Enforcement
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• Meet the Latest Copyright Scofflaw -- Meet the GOP
• MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits
• Anti-Counterfeiting Trade Agreement: Fact or Fiction?

A just-formed lobbying group of content producers, equipment makers and internet gatekeepers said Thursday that internet service providers should embrace filtering.

Behind the lobby are AT&T, Cisco Systems, Microsoft, NBC Universal, Viacom and the Songwriters Guild of America. Among other things, the lobby, called Arts+Labs, says "network operators must have the flexibility to manage and expand their networks to defend against net pollution and illegal file-trafficking which threatens to congest and delay the network for all consumers."

The creation of the lobbying group came almost two months after the Federal Communications Commission issued an open invitation to ISPs to filter for unauthorized copyright material. The Aug. 1 invite was buried in the text of the FCC's stinging rebuke of Comcast for throttling BitTorrent and other peer-to-peer traffic.

AT&T and NBC have already made it clear they support blocking streams of unauthorized works, for obvious reasons. NBC and the songwriters want to get paid for their works. and AT&T supports filtering because it could reduce high-volume, peer-to-peer traffic.

And Cisco has the means to produce filtering equipment, while Microsoft has recently secured a patent to watermark music and track it through the internet.

Running the new lobby is Mike McCurry, President Clinton's press secretary and departing chairman of Hands off the Internet, a group of telcos and others opposing net neutrality.

Still, network-level filtering technology isn't ready for prime time. And it remains to be seen whether filtering could account for fair use or could decipher whether copyright material along a network was authorized to be there.

That said, the FCC -- as part of the Comcast order (.pdf) -- sees filtering as an attainable goal. Here's what the FCC said:

"We also note that because consumers are entitled to access the lawful internet content of their choice, providers, consistent with federal policy, may block transmissions of illegal content (e.g., child pornography) or transmissions that violate copyright law. To the extent, however, that providers choose to utilize practices that are not application- or content-neutral, the risk to the open nature of the internet is particularly acute and the danger of network-management practices being used to further anti-competitive ends is strong."

See Also:

• Comcast Discloses Throttling Practices -- BitTorrent Targeted
• Comcast Ordered to Allow Free Flow of File Sharing Traffic
• Comcast Appeals FCC Throttling Order
• Fears Swirl Over Whether FCC Will Enforce Comcast Throttling Decision
• Comcast Hijackers Say They Warned the Company First
• Comcast.net Hijacked, Redirected
• Analysis: FCC Comcast Order is Open Invitation to Internet Filtering
• Google Unveils YouTube Copyright Filter to Mixed Reviews
• OpenDNS Launches Free Porn Filter
• U2 Manager Wants ISPs to Filter File Sharers; Threat Level Calls ...
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• White House Opposes Expanded DOJ Copyright Enforcement
• Judge Declares Mistrial in RIAA-Jammie Thomas Trial
• Anti-Counterfeiting Trade Agreement: Fact or Fiction?

Jammie Thomas, left, and her attorney, Brian Toder, leave the courthouse last year after a jury dinged her $222,000 for sharing 24 songs on the Kazaa file-sharing network.
Photo: Associated Press

A federal judge on Wednesday set aside the nation's first and only federal jury verdict against a peer-to-peer file sharer for distributing copyrighted music on a peer-to-peer network without the labels' authorization.

U.S. District Judge Michael Davis of Duluth, Minnesota, declared a mistrial in the case of Jammie Thomas, a Minnesota mother of three, setting aside the $222,000 penalty levied by a federal jury last year for copyright infringement -- $9,250 for each of the 24 infringing music tracks she made publicly available on the Kazaa file sharing network.

Davis' decision means the Recording Industry Association of America's five-year copyright infringement litigation campaign has never been successful at trial.

Most of the 30,000 cases have settled out of court for a few thousand dollars and have never broached the hot-button legal issue that ultimately prompted Davis to declare a mistrial.

Thomas was the nation's only RIAA target to take her case to trial, which last year ended in an RIAA victory. The case emboldened the recording industry's resolve to continue its public relations effort against file sharing through a nationwide litigation campaign.

The legal brouhaha prompting Davis to declare a mistrial focused at the heart of all file sharing cases: What level of proof was necessary for the RIAA to prevail.

Davis had instructed (.pdf) the jury last year that the recording industry did not have to prove anybody downloaded the songs from Thomas' open Kazaa share folder. Davis read Jury Instruction No. 15 to jurors saying they could find unauthorized distribution -- copyright infringement -- if Thomas was "making copyrighted sound recordings available" over a peer-to-peer network "regardless of whether actual distribution has been shown."

But Davis had second thoughts and, without any urging from the litigants in the case, summoned the parties back to his courtroom in August, writing in a brief order that he may have committed a "manifest error of the law."  He heard arguments from both sides and said he would issue a ruling soon.

With Wednesday's opinion, Davis made his revised position official and ordered a retrial -- one with different jury instructions.

"Jury Instruction No. 15 was erroneous, and that error substantially prejudiced Thomas' rights. Based on the court's error in instructing the jury, it grants Thomas a new trial," the judge ruled (.pdf).

The RIAA, which is the music industry's lobbying and litigation arm, fought hard to keep Jury Instruction No. 15 in play. The group told the judge that copyright infringement on peer-to-peer networks is implied, and that it shouldn't have to provide proof of an actual transfer -- because it's impossible.

"Requiring proof of actual transfers would cripple efforts to enforce copyright owners' rights online – and would solely benefit those who seek to freeload off plaintiff's investment," RIAA attorney Timothy Reynolds said in a court filing (.pdf).

It was the third time a federal judge had ruled against the RIAA on the making-available claim. The decisions in the other two cases were in a pretrial stages, one case of which was dismissed in the RIAA's favor because a judge concluded the defendant had tampered with evidence and ordered him to pay $40,000.

Still, Judge Davis' decision does not derail the RIAA's case against Thomas on retrial or any other pending or future case. Davis ruled that the downloads from Thomas' open share folder that RIAA investigators made, 24 in all, "can form the basis of an infringement claim." The RIAA's investigators make downloads in every case.

Still, during the trial, the RIAA went to great lengths to demonstrate to jurors that Thomas had unlawfully downloaded the 1,000 songs from Kazaa -- the same songs she was sharing on Kazaa. The RIAA charged her with 24 song violations.

Violations of the Copyright Act carry fines of up to $150,000 per music track. The act says a rights holder has the exclusive right "to distribute copies or phono-records of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease or lending." One juror told Wired.com after the verdict that some panelists wanted to level $150,000 for each track, but they settled on $9,250 per download.

The RIAA sues after online detectives log onto Kazaa, Limewire and other file sharing services. They look into open share folders, take screenshots of the music listed and download some of the songs. They also obtain IP addresses, which are easily determined on open networks.

With those addresses, the RIAA subpoenas internet service providers to cough up the identity of the account holder. The RIAA then sues the account holder, who usually settles out of court because it is substantially cheaper than hiring a lawyer and fighting.

Only one other federal judge has ruled that the downloads made by RIAA investigators count as evidence of unauthorized distribution.The U.S. Supreme Court has never decided the issue.

Digital rights groups say downloads made by RIAA investigators should not count against a defendant because the detectives were authorized by the music industry to make the downloads.

The judge also took a few pages to decry as exorbitant the award the jury rendered against Thomas and urged Congress to change the law.

"While the court does not discount plaintiffs' claim that, cumulatively, illegal downloading has far-reaching effects on their businesses, the damages awarded in this case are wholly disproportionate to the damages suffered by plaintiffs. Thomas allegedly infringed on the copyrights of 24 songs -‐ the equivalent of approximately three CDs, costing less than $54, and yet the total damages awarded is $222,000 – more than 500 times the cost of buying 24 separate CDs and more than 4,000 times the cost of three CDs."

Still, a looming and unsettled issue has recently surfaced involving RIAA file sharing cases. It involves whether RIAA investigators broke the law when they gathered evidence, as they are not licensed investigators.

See Also:

• RIAA Decries Attorney-Blogger as 'Vexatious' Litigator
• File Sharing Lawsuits at a Crossroads, After 5 Years of RIAA ...
• RIAA, MPAA Converging on Political Conventions
• Judge Hints at Mistrial in RIAA v. Jammie Thomas
• Do RIAA Snoops Need PI Licenses?
• RIAA Critic Beckerman Scores Judiciary's Ear
• Proposed Copyright Law a 'Gift' to Hollywood, Info Groups Say
• Meet the Latest Copyright Scofflaw -- Meet the GOP
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• Hollywood Control of DVD-Copying at Crossroads
• Anti-Counterfeiting Trade Agreement: Fact or Fiction?

Story upcoming.

An e-mail that began as a rallying cry from a lone journalist to an influential circle of friends to protest the U.S. government bailout of Wall Street has ignited a national day of street protests. Some demonstrators plan to dump their rubbish in front of the bronze bull sculpture near Wall Street in downtown Manhattan Thursday.

"People are going to bring their own personal junk that they think is worth as much as the junk financial instruments that the government is proposing to buy from the Wall Street banks," says Andrew Boyd, an activist and freelance online-video artist for nonprofit groups in Manhattan. "We're hoping that people show up with their 8-track cassette collections, their old Spice Girl CDs, their surf boards that got bit by sharks and old Enron stock certificates."

Boyd is just one of thousands of Americans from all over the political spectrum who the Bush Administration has angered with its vague proposal to hand $700 billion over to Treasury Secretary Henry Paulson to restore U.S. financial markets' health. That anger has manifested itself online through e-mail, web sites and other online chatter, with one site, BuyMyShitPile.com, going rapidly viral this week. The site, a parody of the dire financial situation, is what is inspiring the self-organizing group of activists to show up in downtown Manhattan Thursday evening with all their junk. They hope to make their simmering fury palpable to Wall Streeters getting off work.

"Why should people who made financially imprudent decisions be rewarded?" asks Boyd, who is best known for founding the political protest theater group Billionaires For Bush. "It's our hard-earned tax dollars, and we're being asked to bail these guys out at the same time as this locks out all the things that we want for the future."

Boyd's is one of many voices of frustration. Other people's anger spilled out online, which in turn, is fueling the planned protests' momentum.

Arun Gupta, a 43-year-old freelance journalist in Manhattan, is someone else who was so upset by unfolding events that he was moved to action.

"I've been spending a lot of time reading about the intensifying crisis and the bailout plan," he says. "The more I read, the more outraged and flabbergasted I was: It became clear to me that this was the financial equivalent of the Sept. 11 attacks."

He was so upset that he banged out a passionately worded 629-word e-mail on his laptop Sunday afternoon urging his friends -- and anyone else who would listen -- to show up at the southern tip of Manhattan late Thursday afternoon to demonstrate. He says that he's never organized a protest before in his life.

"This week the White House is going to try to push through the biggest robbery in world history with nary a stitch of debate, to bail out the Wall Street bastards who created this economic apocalypse in the first place," he wrote. "This is the financial equivalent of September 11. They think, just like with the Patriot Act, they can use the shock to force through the “therapy,” and we’ll just roll over!"

He added:

Think about it: They said providing health care for 9 million children, perhaps costing $6 billion a year, was too expensive, but there’s evidently no sum of money large enough that will sate the Wall Street pigs. If this passes, forget about any money for environmental protection, to counter global warming, for education, for national healthcare, to rebuild our decaying infrastructure, for alternative energy.

This is a historic moment. We need to act now while we can influence the debate. Let’s demonstrate this Thursday at 4 pm in Wall Street (see below).

The e-mail ricocheted through the electronic ecosystem faster than the implosion of Wall Street itself, tapping into and riding the frisson of resentment among Americans at this monumental financial foul-up.

"I wrote up an e-mail Sunday night, and I sat on it." he says. "I was a bit hesitant because I'm not an organizer, I'm a journalist, but I also think that things have to be done in the world."

He said that he sent it out to best-selling author Naomi Klein, who posted it to her website, and sent it out to her e-mail list. Then TrueMajority, a 700,000 member activist group headed by Ben and Jerry's co-founder Ben Cohen, sent out an action alert the next day.

TrueMajority is making a "protest kit" available on its web site with instructions for groups who are interested on how to organize a rally. One of the instructions is to bring cell phones to the protest, and to have protesters simultaneously call their members of Congress. The site has also put up a web page that enables people to find an event near them by ZIP code.

"This was a convergence of everyone having the same thought at the same time," says Matt Holland, TrueMajority's online director.

He says everybody he knew had received Gupta's e-mail at least three times from different people. It's also been widely circulated on blogs.

Holland says that Gupta's language just taps into "the strength of the emotion" that many Americans are feeling right now. TrueMajority's members themselves have made 20,000 phone calls to Congress, he says. Members report the calls that they made through the group's website.

"Everybody is just incredibly pissed off about this, and if there is a place and time for them to express themselves, they're going to do it," he says. 

Congressional lawmakers have expressed frustration and skepticism over Treasury's proposal, although they won a concession about CEO pay Wednesday afternoon. President Bush is scheduled to address the nation about the bailout plan 9 p.m. Eastern time Wednesday, and John McCain has asked Barack Obama to agree to cancel Friday's presidential debate so that they could both work with the administration to hammer out an agreement.

In the meantime, a proposal to add several restrictions on the package from Sen. Bernie Sanders (I-Vermont) has gained traction online. He's asked Americans to sign onto the petition, and he intends to present it to Paulson. The senator's office reported Wednesday that 8,000 people signed the petition within the first 24 hours. Another sign that the petition gained widespread notice: "Bernie Sanders," was one of the most-searched-for terms on Google Tuesday.

Also on Tuesday, a long list of economists from the nation's top universities sent a letter to congressional leaders voicing their concerns about the too-speedy passage of any bailout package.

They said that they were most concerned about the plan's fundamental fairness and its ambiguity.

Google is not an ISP, but at Thursday’s Senate hearing on privacy and ISPs, expect the search and online advertising giant's name to be the keyword invoked by ISPs wishing to escape the attention of legislators.

ISPs have good reason to want to be forgotten.

Earlier this year, lawmakers all but killed off the idea of letting ISPs watch their customers' web usage in order to serve them targeted ads after Charter Communications retreated from its plan to test such technology and several smaller ISPs admitted to secret tests of such technology from NebuAd.

But ISPs are hungry for new revenue so expect that AT&T, Verizon and Time Warner – three of the nation’s top ISPs – will take the opportunity Thursday in front of the Senate Commerce committee to favorably compare their privacy practices and market reach to Google's.

In fact, don't be surprised if the ISPs suggest that Google is the one that needs some federal rules written for it and that ISPs need to be free to find ways to serve targeted ads to their customers.

AT&T signaled as much in its letter (.pdf) to the House’s matching committee, which asked some 32 ISPs and web companies to disclose any behavioral data mining they engage in.

[I]f anything the largely invisible practices of ad-networks raise even greater privacy concerns than do the behavioral advertising techniques that ISPs could employ, such as deep-packet-inspection, which have primary application beyond mere targeted advertising, including managing network congestion, detecting viruses and combating child pornography.

AT&T says it is not doing anything yet with so-called Deep Packet Inspection technology, which lets routers look beyond basic routing information on internet packets to look more closely at what kind of information is being sent, how, and even the content of the packet.

Such technology can be used to make fast lanes for online video, stop peer-to-peer file sharing, slow competitors’ packets, and perhaps even detect online crime.

It’s also the technology NebuAd used in trials with ISPs to look into users’ web surfing to determine if they were interested in luxury cars or baseball jerseys.

But AT&T says that DPI technology isn’t inherently evil – and could be used to prevent peer-to-peer copyright infringement and child-pornography downloads.

More to the point AT&T says it wouldn’t use DPI to place ads without getting users to choose to join in – setting it apart from Google and other online ad networks where users must find a way to opt-out.

Now pair AT&T's statement that it will "insist on the proper form of affirmative election" before doing behavioral advertising with its statement that online ad networks are a bigger threat to privacy, and you have a good idea how ISPs will fight any privacy regulation.

Namely, have lawmakers push to have opt-in, not opt-out, the standard for both ISPs and ad networks and soon Google and Yahoo and Microsoft and Ebay and Amazon and Facebook will find themselves turning against a privacy bill.

For its part, Google is trying to dodge European regulators who are concerned about the amount of data that the search giant keeps.

To placate them, Google began intentionally forgetting the last quarter of an IP address attached to a search engine query after 18 months – a move it says anonymizes the data without rendering it totally useless to researchers.

Then in the last two weeks, the company further attempted to placate European privacy authorities by saying it would find some way to remove some smaller portion of the last quarter of an IP address after nine months.  A nice gesture perhaps, but one that is largely meaningless technically speaking.

Jeffrey Chester, the executive director of the Center for Digital Democracy, thinks Congress is likely to move next year to create a new, overarching privacy law.  That means that Google wants what AT&T wants – to be forgotten.

"Google wants the focus to be ISPs and DPI--not its own extensive data collection and use practices," Chester said.

Photo: Lisa Larsson/Flickr

See Also:

• Lawmakers Target Second ISP for Web-Tracking Tech
• Under Pressure, ISP Admits Secret Web Snooping in Kansas
• ISP Web Tracking Dead As Net Eavesdropping CEO Resigns
• ISPs Will All Spy on Their Customers, Professor Warns
• EU Tells Search Engines to Stop Creating Tracking Databases
• Google-DoubleClick Privacy Fight Hangs Over Fed's E-Advertising Forum

The Bush administration is opposing sweeping legislation granting it the ability to prosecute civil cases of copyright infringement.

The legislation, backed by Hollywood, labor unions and manufacturers, sailed through the Senate Judiciary Committee, 14-4, on Sept. 11.

In a letter (.pdf) to Sens. Patrick Leahy and Arlen Specter, who were among the sponsors of the legislation, the Justice Department wrote Tuesday it "strongly" opposes expanding its powers. Doing so, the letter said, could undermine the department's prosecution of criminal cases and transform it into an office "serving as pro bono lawyers for private copyright holders."

The Justice Department said the private sector should remain responsible for enforcing its copyrights in federal civil lawsuits.

"Civil copyright enforcement has always been the responsibility and prerogative of private copyright holders, and U.S. law already provides them with effective legal tools to protect their rights," the Justice Department and Commerce Department wrote.

The government agencies wrote that the proposal "could result in Department
of Justice prosecutors serving as pro bono lawyers for private copyright holders regardless of their resources. In effect, taxpayer-supported department lawyers would pursue lawsuits for copyright holders, with monetary recovery going to industry."

In all, the Bush administration agreed with digital rights groups and others who said the measure goes too far and is a gift to copyright holders who normally use the civil courts to sue copyright infringers. The Recording Industry Association of America, for example, has sued more than 30,000 individuals for infringement.

The Enforcement of Intellectual Property Rights Act (.pdf) creates a Cabinet-level copyright-patent czar charged with creating a worldwide plan to combat piracy. The czar would "report directly to the president and Congress regarding domestic and international intellectual property enforcement programs."

The bill, nearly identical to the version the House passed last year, encourages government anti-piracy task forces, the training of other countries about IP enforcement and, among other things, institutes an FBI piracy unit.

The House version does not contain language granting the Justice Department the ability to sue copyright infringers. The department does prosecute criminal acts of infringement, although rarely.

Illustration psd

See Also:

• Proposed Copyright Law a 'Gift' to Hollywood, Info Groups Say
• Senate Committee Expands Justice Department Copyright Enforcement ...
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• Meet the Latest Copyright Scofflaw -- Meet the GOP
• MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits
• Anti-Counterfeiting Trade Agreement: Fact or Fiction?
• Hollywood Control of DVD-Copying at Crossroads

If you're passionate about the issue of net neutrality and think MSM hasn't done a good job of covering it, here's your chance to influence the debate: Tell New York City public radio show producers who they should talk to, what they should read, and how they should frame the discussion.

WNYC's Brian Lehrer has asked New York City residents to report on the price of groceries in the city's five boroughs, as well as on the number of SUVs in their neighborhoods through his radio show's wiki. Now he's asking for their thoughts on the big picture issues at stake in the presidential election.
Photo: Christine Butler

WNYC's influential morning radio show host Brian Lehrer is crowdsourcing his Friday editions through the show's "30 Issues in Thirty Days" wiki.

This Friday's edition will focus on Barack Obama and John McCain's positions on net neutrality.

Lehrer's producers used an online software tool to solicit its listeners' opinions and votes on the issues the show should cover in the run-up to the election. But Lehrer admits that he threw net neutrality into the mix because he takes a personal interest in the subject.

"I work in media: What we do now is very internet-based, as well as radio based," he said in an interview. "And so I'm interested in information technology and media policies that can help democracy flourish, rather than constrain it."

The show can be heard on the web, as well as through a podcast. Lehrer wants listeners to collectively produce the show through its wiki -- just like the professionals do it. He wants suggestions on who he should have on the show; story angles; questions; audio clips; and other pieces of research. Lehrer also plans on focussing part of the show on broadcast regulation.

Though the show doesn't disclose the size of its audience, WNYC's aggregate audience each week is 1.1 unique listeners in the tri-state area.

The use of the wiki to determine what a radio show covers in the run-up to Election Day is the latest in a series of experiments undertaken by several media organization during this election cycle to more directly incorporate voters' voices and concerns into election coverage.

During this election cycle, wikis have also been used by Democratic activists to track superdelegates, to author a citizen-driven party platform, and to organize primary voters. Most recently, comedian and Democratic activist Baratunde Thurston launched a wiki to document cases of voter suppression.   

So far, WNYC listener submissions to the newly-launched wiki have been relatively sparse. One participant suggested that Lehrer contact Jonathan Zittrain, the Oxford Internet Institute's chair in internet governance and regulation, and author of "The Future of the Internet -- And How To Stop It."

"Mark Brown in Westfield," meanwhile, wants Lehrer to discuss whether the 1996 telecom act worked out or not.   

And someone else has suggested that he look at the Information Technology and Innovation Foundation's recent survey of the two candidates' positions on technology and innovation policies.

Lehrer says that those submissions are a good start. But just in case the wiki doesn't accumulate enough information in time for the Friday show, he's having his regular producers work on it too.

"We're not giving up our professional judgement for the wisdom of the crowd," he says. "We're using the wisdom of the crowd to supplement and inform our professional judgement, because ultimately, the way I see the pro-am partnership, we're still ultimately responsible for what we put out on the air."

He already has one sound clip that he knows he's going to use during the Friday show: A bit from an interview he conducted last year with McCain that included a soundbite on net neutrality. 

"He said: 'Honestly, I'm kind of torn about it, because I do think we shouldn't regulate the market until we know there's a problem, but I do understand the value behind keeping equal access to the different sites,' (Those weren't the exact words, but that was the sentiment,)" Lehrer recalls. "I thought he gave a thoughtful answer. He didn't sound like someone who never used a computer."

An aide for Obama's campaign late last year said that Obama would make cable provider Comcast's blocking of the BitTorrent protocol illegal.

Meanwhile, McCain's tech policy includes a version of former Republican FCC Chairman Michael Powell's "Four Freedoms" doctrine.

During his tenure as FCC chairman, Powell defined "internet freedom" as consumers' freedom to access content, and to use applications of their choices online, to attach devices they want to the network (as long as they do not harm the network,) and the freedom to have ready access to detailed internet service agreements.

Threat Level readers might be interested in tuning into tomorrow's show too: That one's going to focus on the "Post Bush Constitution: Executive Power, Surveillance and the Fourth Amendment."

The confirmed guests are: Harvard Law School's constitutional scholar Larry Tribe, an Obama supporter, the New York Times' legal writer Adam Liptak, former Democratic congresswoman Elizabeth Holtzman, and an as-yet-to-be-determined representative of the McCain campaign. (Full disclosure, Lehrer's hosted this reporter on one of his shows earlier this year.)

See Also:

• Campaigns Blow Off Voters During Final Stretch of Debates
• Yahoo, Slate and Huffington Post to Host First Online Presidential ...
• TechPresident Ends Experiment in Online Presidential Debates ...
• Obama Campaign Denies Backpedaling on Net Neutrality
• Net Neutrality Gains Traction In 2008 Senate Races
• Lawmaker Cries Foul Ahead of FCC Net-Neutrality Decision
• Comcast Beginning 'Net Neutrality' Testing
• Comcast Discloses Throttling Practices -- BitTorrent Targeted
• Net Neutrality Advocates Call For Fast, Universal Access To The Net
• The Democratic And Republican National Convention Speeches, As ...
• Pelosi To Face Tough Questions On Leadership From Online Crowd
• Fiorina: McCain Believes in Checks and Balances (and Global Warming)
• Redstate Net Neutrality Flap Jumps To Rush Limbaugh Show
• The New York Times Calls For Network Neutrality Legislation

"The U.S. authorities are so desperate to extradite my son that they have changed the law. Now he faces 60 years in jail," writes Janice Sharp, the mother of U.K. hacker Gary McKinnon, in an op-ed in the Guardian yesterday.

That's a remarkable claim, not least because the British press has long reported that the 42-year-old hacker faces 60 years, 70 years, 80 years and life imprisonment, while McKinnon himself thinks he's headed for Guantanamo Bay. Wouldn't 60 years be a reduced sentence?

"Several weeks ago," Sharp explains, "the goalposts were moved yet again when the U.S. introduced a new law whereby no proof of damage was required where military computers were concerned. For the American law to then have been conveniently changed at such a crucial time does little to give us any faith in such a legal system."

The mystery deepens when one tries to track down this legislation, which has proven as elusive as the UFOs McKinnon claims he was hunting for in Pentagon computers. We've tried searching on all the obvious bill names -- "The Get Gary McKinnon At All Costs Act of 2008," for example -- to no avail.

The closest we could find is Senator Patrick Leahy's recently passed  amendment to the Former Vice President Protection Act, which does, in fact, modify the damage requirements in the Computer Fraud and Abuse Act. Now an intrusion that causes no damage can be prosecuted federally.

As a misdemeanor.

Memo to the Guardian: I don't think McKinnon is in any danger of being charged with a misdemeanor.

In any event, here in the evil, unjust, draconian United States, we have a Constitution that prohibits the ex post facto application of new laws to old offenses. So the Vermont senator's secret conspiracy against your countryman was doomed from the start.

I have all the sympathy in the world for McKinnon's family, who face having their son shipped off to a foreign land with a despotic leader. But it's worth remembering that it's McKinnon who dragged out the extradition process for years, and who turned down the chance to accept responsibility for his actions and win a relatively light sentence and a quick return to his native soil.

And as a reminder, in the real world, McKinnon is still facing six months to six-and-a-half years in prison under federal sentencing guidelines, depending mostly on damage. Since he claims to have caused none, he should have nothing to worry about.

See Also:

• UK Hacker Gary McKinnon Plays the Asperger's Card
• British UFO Hacker Gary McKinnon Is Coming to America
• Video: Solar Sunrise, the Best FBI-Produced Hacker Flick Ever
• Love of Cats Was Six Flags Hacker's Downfall
• From Riches to Prison: Hackers Rig Stock Prices
• British Hacker Gary McKinnon Cries Guantánamo Too Much
• Press Frees McKinnon From Guantonimo, Puts Him in a Virginia Supermax

A Tranax Mini Bank ATM is pictured above.
Photo courtesy The Passive Dad

It took a high-speed chase and some gunplay, but two men in Lincoln, Nebraska, are the first to face felony charges for using default passcodes to reprogram retail cash machines to dispense free money.

Nicholas Foster
Image: Lincoln Police Department

Jordan Eske and Nicolas Foster, both 21, are in Lancaster County Jail pending an October 1st arraignment. They're each charged with four counts of theft by deception, and one count of computer fraud, for allegedly pulling cash from privately owned ATMs at four stores in the area. The pair allegedly reprogrammed the machines to believe they were loaded with one-dollar bills instead of tens and twenties. A withdrawal of $20 would thus net $380.

Cash machine reprogramming scams first became public in 2006 when a cyber thief strolled into a gas station in Virginia Beach, Virginia, and, with no special equipment, persuaded the Tranax ATM that it had $5.00 bills in its dispensing tray, instead of $20.00 bills. Threat Level later confirmed that default administrative passcodes for ATMs manufactured by industry leaders Tranax and Triton were printed in owner's manuals easily found online. Both companies said they were surprised by the scam, but an industry association of which they are members privately spotted the capers and warned members over a year earlier.

Since then, the scam has also surfaced in Derry, Pennsylvania. But the Nebraska case marks the first reported arrests for the keypad capers.

Jordan Eske
Image: Lincoln Police Department

Eske and Foster were busted on their fourth visit to Lobo's City Mex in August. Manager Raul Omar Lobo, the owner's son, was waiting for them -- he'd been tipped off by the company that services the restaurant's Tranax ATM that someone had swiped $1,400 from the machine in three earlier midday visits.

When the two men entered, Lobo recognized them from the surveillance tapes. "So I locked the doors and told them not to move while I had one of the employees call the cops," says Lobo.

According to police, Lobo pulled a gun on the men, who nonetheless managed to wrench the door open and bolt. Lobo grabbed one of them in a headlock, and a wild shot was fired in the scuffle before the men broke free and sped away in their rented Pontiac Grand Prix.

An administrative passcode opens hidden functions on common models of retail ATMs, like this screen on the Tranax Mini Bank that sets the denomination of bills the machine thinks it's dispensing.

Lobo says he jumped in his car and gave chase, eventually getting the attention of the police, who took over the pursuit. The suspects pulled over and "ran into a building and tried going out the other side to lose the police, but we were waiting for them," says Lincoln Police Department spokeswoman Katie Flood.

Police found $10,000 in cash in the car. The defendants are suspected of stealing $13,600 in the Lincoln area, and pulling an unknown amount from ATMs in New Orleans, where they're from. Asked by police how they did it, "They said it's well-known on the internet," says Flood.

In 2006, both Tranax and Triton issued software patches for new ATMs that force operators to change the default passcodes on first use.

 See Also:

• More ATM Trouble
• ATM Reprogramming Caper Hits Pennsylvania
• ATM Cash Capers Spotted Last Year
• ATM Hack Round-Up: Report From the Field
• ATM Crime Spree Imminent?
• ATM Hack Uncovered

Treasury Secretary Henry Paulson made an earnest plea to congressional lawmakers today to give him wide authority to orchestrate Wall Street's bailout.

Treasury Secretary Henry Paulson prepares to testify on Capitol Hill in Washington, Tuesday, Sept. 23, 2008, before the Senate Banking Committee.
(AP Photo/Susan Walsh)

Lawmakers responded skeptically and angrily to his testimony, reports the New York Times.

But Paulson was also rapidly cut down to size online in a widely-circulated e-mail that compared his request to a Nigerian spam scam:

SUBJECT: REQUEST FOR URGENT BUSINESS RELATIONSHIP

DEAR AMERICAN:

I NEED TO ASK YOU TO SUPPORT AN URGENT SECRET BUSINESS RELATIONSHIP
WITH A TRANSFER OF FUNDS OF GREAT MAGNITUDE.

I AM MINISTRY OF THE TREASURY OF THE REPUBLIC OF AMERICA. MY COUNTRY
HAS HAD CRISIS THAT HAS CAUSED THE NEED FOR LARGE TRANSFER OF FUNDS OF
800 BILLION DOLLARS US. IF YOU WOULD ASSIST ME IN THIS TRANSFER, IT
WOULD BE MOST PROFITABLE TO YOU.

I AM WORKING WITH MR. PHIL GRAM, LOBBYIST FOR UBS, WHO WILL BE MY
REPLACEMENT AS MINISTRY OF THE TREASURY IN JANUARY. AS A SENATOR, YOU
MAY KNOW HIM AS THE LEADER OF THE AMERICAN BANKING DEREGULATION
MOVEMENT IN THE 1990S. THIS TRANSACTIN IS 100% SAFE.

Continue reading "Treasury Secretary's Bailout Request Compared To Spam Scam" »

A grand jury ended its session this morning without indicting University of Tennessee student David Kernell, who is suspected of hacking Alaska Gov. Sarah Palin's private e-mail account, an area newspaper is reporting.

The Chattanooga Free Press doesn't offer a lot of details other than to say that Kernell's three roommates appeared before the grand jury this morning and that the session ended without an indictment. The grand jury will likely meet again to hear more evidence in the investigation.

Kernell, 20, has been meeting with a lawyer in Knoxville, Tennessee. Attorney Wade V. Davies released the following statement to the media on Monday:

"I have been asked by the Kernell family to represent their son, David. This is a difficult time for David and his family. The Kernell family wants to do the right thing, and they want what is best for their son. We are confident that the truth will emerge as we go through the process. David is a decent and intelligent young man, and I look forward to assisting him during this difficult period."

David Kernell and his father, Democratic state representative Mike Kernell, met with Davies for dinner on Friday evening in Knoxville, according to a Memphis blogger and friend of the family named Sharon Cobb. The elder Kernell drove from his home in Memphis to Knoxville that day and has been staying with his son in a hotel since FBI agents visited David Kernell's apartment over the weekend to photograph it.

According to a witness who spoke with Wired.com on Monday, ten FBI agents appeared on Friday at The Commons apartment complex where David Kernell lives and served at least one of his three roommates with a subpoena. The following night at least two FBI agents returned to Kernell's apartment, where a small party was in progress, to execute a search warrant and photograph the apartment.

See Also:

• FBI Searches Apartment of Tennessee Student Suspected of Palin Hack
• Little or No Jail Time Likely for Palin Hacker
• Palin E-Mail Hacker Says It Was Easy
• Group Posts E-Mail Hacked from Palin Account

With Ehud "The Analyzer" Tenenbaum back in legal hot water, what better time to revisit the 1998 Pentagon computer intrusions that made Tenenbaum famous? So I descended into the Threat Level media vault and retrieved this aging VHS copy of Solar Sunrise: Dawn of a New Threat, an 18-minute FBI training video that dramatizes the first -- though not the last -- recreational hacker attack to send the U.S. government into a tizzy.

The 1999 movie accurately details how U.S. officials suspected Iraq in a series of breaches of Defense Department computers around the United States, even as it shows the perpetrators  for what they were: a bored Israeli teenager and some California juveniles having fun. One might assume that the "New Threat" part of the title references the danger of jumping to conclusions, but instead it's one of the silly cyber-terror warnings that were so in vogue prior to 9/11.

"Though no hostile government or group was behind these intrusions, the case clearly demonstrates the vulnerability of the nation's complex information systems to terrorist assault," the narrator warns.

Alert viewers will spot current Microsoft VP Scott Charney in his former role as the Justice Department's top cybercrime prosecutor. Also mentioned is AntiOnline, the old hacking gossip site where the Analyzer boasted of his attacks before getting caught.

Before taking the DeLorean back to 2008, I thought I'd check on AntiOnline founder John Vranesevich, a controversial figure who used to annoy people by signing every e-mail "Yours in CyberSpace." After selling his site and spending some time in Florida, he's returned to his hometown of Beaver, Pennsylvania -- outside Pittsburgh -- to open a 3,000-square-foot art gallery this month. 

He hadn't heard about the new allegations against Tenenbaum, now 29, who's accused of hacking a Canadian financial services company and fraudulently withdrawing $1.7 million from ATMs. Solar Sunrise made Tenenbaum something of a national hero in Israel, and he was sentenced to just six months of community service.  Says Vranesevich, "I'm kind of surprised he didn't turn that into something legit."

(Photo: Wired.com/James Merithew)

See Also:

• Israeli Hacker Known as "The Analyzer" Suspected of Hacking Again
• UK Hacker Gary McKinnon Plays the Asperger's Card
• 'Cyberwar' and Estonia's Panic Attack
• Did Hackers Cause the 2003 Northeast Blackout? Umm, No
• Air Force Colonel Wants to Build a Military Botnet

Homeland Security chief Michael Chertoff likes to point to the recent publication of the Border Patrol's policy on examining laptops and documents at the border as an example of the new openness that his department is striving for.

But the new policy itself -- allowing border agents free rein to read and sift through traveler's papers and laptops -- turns out to be a much further departure from past policies than previously known, according to new documents wrested loose from the government by the Electronic Frontier Foundation and the Asian Law Caucus via a Freedom of Information Act lawsuit.

The old policy (.pdf) -- largely established in 1986 -- included a heading in bold reading: Customs Officers Should Not Read Personal Correspondence.

The U.S. Customs Service must guard the rights of individuals being inspected to ensure their personal privacy is protected. Therefore, as a general rule, Customs officers should not read personal correspondence […]

The new policy? It doesn't even mention personal letters as a special category.

Instead in the 2008 policy (.pdf), private letters, text message and emails are treated the same as any other information carried on a traveler's person or in his cell phone or in his laptop.

In the course of a border search, and absent individualized suspicion, officers can review and analyze the information transported by any individual attempting to enter, reenter, depart, pass through, or reside in the United States.

Compare that to how the 1986 policy -- as modified in 2000 -- instructs officers how to deal with printed material brought in by a traveler:

The U.S. Customs Service must guard the rights of individuals being inspected to ensure their personal privacy is protected. Therefore, as a general rule, Customs officers should not read personal correspondence […]

As opposed to reading content, Customs officers may glance at documents and papers to see if they appear to be merchandise. […] If, after glance at the documents or papers, the officer reasonably suspects that they relate to any of the categories in section 6.4.1 of this directive (books for sale, sedition, embargo violations, etc.), the officer may read the documents.

By contrast, the new policy allows agents to copy documents or laptops without having to show any probable cause.

That disturbs Shirin Sinnar, an attorney for the Asian Law Caucus, which was prompted to sue for the documents after what they say were dozens of complaints from Muslims and South Asians about intense questioning and searches at the border.

"For more than 20 years, the government implicitly recognized that reading and copying the letters, diaries, and personal papers of travelers without reason would chill Americans' rights to free speech and free expression," said Sinnar.  "But now customs officials can probe into the thoughts and lives of ordinary travelers without any suspicion at all."

But DHS spokeswoman Amy Kudwa says it should come as no surprise that the policy changed after 9/11 and that the government decided to use every legal means to prevent another attack.

"The decision to change standards reflects the realities of the post 9/11 environment," Kudwa noting that even under the old policy, officers could glance at material without having individualized suspicion.

The courts have generally sided with the government. Most recently the 9th U.S. Circuit Court of Appeals found that the border agents didn't need to be say why it wanted to look into a laptop -- dismissing arguments that laptops are more analogous to a person's mind than to a suitcase.

That ruling expanded the so-called border exception to the Fourth Amendment, which allows the government to search a person entering or leaving the country without having to have any cause to do so.

See Also:

• Border Laptop Searches? No Reason Needed
• Border Agents Can Search Laptops Without Cause, Appeals Court Rules
• Random Laptop Searchs at the Border Unconstitutional
• Chertoff: I'm Listening to the Internet (Not in a Bad Way)
• Chertoff Misleads on Laptop Searches, Feingold Charges

A television ad put together by Barack Obama's campaign that mocks John McCain for his lack of computer skills was "terrible," said Obama's vice presidential pick in a television interview that aired Monday.

During an interview with CBS News Anchor Katie Couric, Sen. Joe Biden of Delaware, a Democrat, said: "if I'd had anything to do with it, we would have never done it."

Below is an excerpt:

Biden didn't provide any further explanation.

The Obama campaign is seeking to portray McCain as out of touch with the economy, and voters' concerns, by framing him as someone who isn't familiar with a fundamental aspect of everyday life for millions of Americans.

This was not a driftnet.  This was not dragnet.

The government doesn't and didn't have a massive computer listening into phone calls and emails inside the United States listening for keywords. That technology you've seen in movies like the Bourne Identity -- we don't use that.

That's what the Attorney General Michal Mukasey reiterated to a federal court Saturday, denying the NSA or its telecom partners engaged in"dragnet collection on the contents of millions of communications [...] for the purpose of analyzing those communication through key word searches to obtain information about possible terrorist attacks." (emphasis in original)

And since that did not happen, the dozens of suits filed against companies such as AT&T alleging such a thing should be dismissed, according to Mukasey, who was invoking the telecom immunity provisions passed by Congress in July.

That same bill legalized most of the spying program that was not a dragnet. It also oddly legalized dragnet surveillance of Americans' international communications.

So if there's no Big Brother ear listening for the perfectly wrong word, what was going on?

Well, one might look to the things Mukasey would not deny or perhaps, look closer at the language of the denial (.pdf).

As for the widely reported allegation that the nation's telecoms turned over Americans' phone records to the government so its computers could sort through them to decide who looked like a terrorist?

Continue reading "If NSA Spying Not A 'Dragnet,' What Were They Doing?" »

A former State Department Bureau of Intelligence and Research analyst pleaded guilty in federal court Monday to unlawfully accessing passport records of celebrities, actors, athletes and politicians.

Lawrence Yontz, 48, of Arlington, Virginia, faces a maximum of a year in prison when sentenced in December, the Justice Department said. Yontz is the only person charged in a scandal that has rocked the State Department's Passport Information Electronic Records System.

The system maintains data on 127 million passports and can be accessed by more than 20,000 employees.

As part of a security breach, the passport files of Barack Obama, John McCain and Hillary Clinton were illegally accessed. The department declined to name the identities of others whose privacy was breached.

A July government audit (.pdf) has found "weaknesses, including a general lack of policies, procedures, guidance and training" within the State Department's passport bureau.

Yontz admitted (.pdf) that between 2005 and 2008, he read the passport applications of "approximately 200 celebrities, athletes, actors, politicians and their immediate families, musicians, game show contestants, members of the media corps, prominent business professionals, colleagues, associates, neighbors and individuals identified in the press," the Justice Department said.

The government said Yontz accessed the applications because of "idle curiosity."

Yontz pleaded guilty to unauthorized access to a State Department computer in violation of Title 18, United States Code, Section 1030(a)(2)(B).

Photo: berbercarpet

See Also:

• E-Passports Signed, Sealed, Delivered -- But Not Like You May Think
• E-Passport Hacker Designs RFID Security Tool
• Farmers See 'Mark of the Beast' in RFID Livestock Tags
• Thief Nabs 3000 Blank British Passports Worth $5 Million
• Authorities Hit Back at e-Passport Critics
• Embassy E-mail Account Vulnerability Exposes Passport Data and ...
• Encryption Still Good; Sleeping Mode Not So Much, PGP Says
• Controversial RFID Report Approved
• Chertoff reiterates support for PASS Card and national ID
• Homeland Security Website Hacked by Phishers? 15 Signs Say Yes ...
• National ID Card Regulations Issued -- UPDATED
• Maine Rejects ID Law, Montana to Follow?

Perhaps feeling burned by Barack Obama's about-turn on the Bush domestic surveillance program, techies appear to be keeping a keen watch over any signs of unwelcome change when it comes to the important issue of network neutrality.

Hence when "method9455" reported on Slashdot Monday morning that the Obama campaign had significantly revised its technology policy pages, it set off an extended debate over the meaning of the changes.

"Strangely, it seems net neutrality is no longer as important as it was a few months ago, and the swaths of detail have been removed and replaced with fairly vague rhetoric," method9455 wrote.

The changes had been recorded by Versionista, an automated online tracking service that allows subscribers to track the changes on a web site over time.

A relatively detailed 297-word explanation of what the concept of net neutrality is, and Obama's position that the internet should retain its open character, was replaced last week with a simple 45-word statement of principle.

"A key reason the Internet has been such a success is because it is the most open network in history," reads the statement. "It needs to stay that way. Barack Obama strongly supports the principle of network neutrality to preserve the benefits of open competition on the Internet."

Similarly, Obama's unusually detailed section on privacy in the digital age was boiled down to the following 48-word summary:

The open information platforms of the 21st century can also tempt institutions to violate the privacy of citizens. As president, Barack Obama will strengthen privacy protections for the digital age and will harness the power of technology to hold government and business accountable for violations of personal privacy.

But the Obama campaign tells Threat Level that netizens are reading too much into a routine website edit.

"We've been updating the entire website to ensure consistency across the pages," says Moira Mack, an Obama campaign spokeswoman.  "The full tech plan is available on the page and there is absolutely no substantive change to our policy."

See Also:

• McCain Campaign Uses Web Spider to Sting Obama
• McCain Uses Versioning Software To Tarnish Obama's Reformer Image ...
• Obama Woos Silicon Valley
• Netroots Activists Mad at Obama for Spy Bill Flip-Flop
• Net Neutrality Gains Traction In 2008 Senate Races
• The New York Times Calls For Network Neutrality Legislation
• Obama Would Make Comcast's Interference with BitTorrent Illegal ...

FBI agents executed a search warrant Sunday at the apartment of University of Tennessee student David Kernell in connection with the hack of Alaska Governor Sarah Palin's private Yahoo account.

According to a witness, two FBI agents arrived at Kernell's Knoxville apartment in The Commons student housing complex shortly after midnight on Sunday morning, interrupting a party.

Kernell and some of his friends reportedly fled when agents arrived, though the local TV station that reported the raid is a bit unclear about this detail. Other reports suggest he may have simply been upstairs with friends when the agents came. FBI agents asked partygoers who did not live in the apartment to wait outside while they photographed the residence.

Kernell's three roommates have been subpoenaed to appear in court in Chattanooga this week, though no charges have been filed against Kernell or anyone else in relation to the Palin incident. A grand jury is reportedly set to convene in Chattanooga on Tuesday.

Ashley Menner, a 19-year-old sophomore at the University of Tennessee and a neighbor of Kernell's at The Commons, told wired.com that 10 FBI agents first arrived to the complex in two SUV's on Friday afternoon around 4:30 or 5 pm and spoke with her and her roommates. Kernell wasn't at home at the time, and the agents asked to see Menner's apartment "to see how it was laid out," she said.

"It was very nonchalant. They didn't make a fuss," Menner said. "They didn't want to stir anything up. It's a very personal issue, being who his father is."

Menner said the agents looked at the computers in her apartment to see how they were set up. During that time, she said, Kernell came home and saw the agents.

"He walked right by them and walked into his apartment," she said. "He looked frazzled and shaken."

She didn't know if the agents spoke with Kernell but said they left after about an hour. At least one of the roommates received a subpoena on Friday, according to Menner.

Then on Saturday night, a small party was being hosted in Kernell's four-bedroom apartment, which Menner said he shares with two females and another male. Between 20 and 25 guests were in the apartment when the FBI returned. Menner saw only two agents posted outside Kernell's apartment and does not know if Kernell was there and fled or if he was ever in the apartment for the party.

Menner said she knew Kernell only in passing and had been acquainted with him only since the school term began August 23.

"He seems real pleasant, like a nice guy," she said. "But based on the blogs I've read on the incident, I don't think he's very smart at all. Especially having a father who is a state representative, doing something of that magnitude, it's not a very good decision. I don't know what he was thinking."

Justice Department spokeswoman Laura Sweeney confirmed to wired.com that there was "investigatory activity" over the weekend in Knoxville regarding the government's inquiry into the hack of Palin's e-mail account. She said the department would only have further comment if and when it filed charges against any individual in relation to the case.

Kernell is the 20-year-old son of Democratic Tennessee state representative Mike Kernell who, when reached by wired.com last week at his home in Memphis, declined to discuss the matter.

Kernell senior told wired.com at the time that he was aware of widespread speculation of his son's involvement but that he had not spoken to him about it out of concern he might have to testify in a criminal proceeding. At the time of that conversation, Kernell said that authorities had not contacted him or his son, although a Tennessee newspaper erroneously reported that authorities had contacted his son.

A Nashville blogger who is friends with the elder Kernell wrote on Friday that Kernell drove to Knoxville to be with his son and that the two met with a lawyer Friday evening for dinner. She also reported on Sunday that father and son were staying at a hotel in Knoxville, following the appearance by law enforcement agents at David Kernell's apartment.

Palin's Yahoo account, gov.palin@yahoo.com, was infiltrated late Tuesday night by someone who used publicly available information about Palin (her birthdate, zip code and information about where she met her husband) to bypass Yahoo security measures and reset her password to "popcorn."

The intruder posted the new password and screenshots of her e-mail inbox to a forum at 4chan, leading other intruders to attempt to access her account as well.

On Thursday, a person claiming responsibility for the intrusion posted information to 4chan purporting to describe how he accessed Palin's account. The post was made under the handle "rubico," which bloggers quickly connected to an e-mail account, rubico10@yahoo.com, which they then connected to David Kernell.

Efforts to reach Kernell last week by phone were unsuccessful, although someone claiming to be Kernell did initially respond to an e-mail sent to the rubico10@yahoo.com address. The person did not respond to follow-up e-mails sent to that address. The IP address from which the communication originated resolved to Comcast and Knoxville, TN.

Portfolio.com (Wired's sister publication) reports that the IP address that was used to access Palin's Yahoo account belongs to Pavlov Media, an ISP based in Illinois. The ISP provides internet service to The Commons housing complex in Knoxville, TN, where Kernell lived. Personnel at The Commons told wired.com Monday morning that Pavlov Media provides internet service to the student housing complex, and Comcast provides its cable service.

Pavlov Media declined to discuss the matter.

A University of Tennessee spokeswoman confirmed that Kernell is a sophomore in the college of arts and sciences with an undeclared major, but would not say anything more about Kernell. Spokeswoman Amy Blakely added that the housing complex where Kernell reportedly lived is not affiliated with the university and provides housing to both students and non-students.

As reported here last week, Gabriel Ramuglia, owner of the internet proxy service Ctunnel.com, which Palin's intruder used to access her account and obscure his IP address, was examining his logs for the FBI to trace the intruder's IP address. Ramuglia told Portfolio that the FBI asked him about only one IP address, which he declined to disclose but said he had matched the address to web activity "consistent with what websites the hacker was expected to have visited through (the Ctunnel) service."

Mark Rasch, a former Justice Department computer crime prosector, told wired.com last week that he believed Palin's hacker, when caught, would likely be charged with a misdemeanor under the Computer Fraud and Abuse Act and face little to no time in prison, rather than be charged with a felony. More serious charges are possible, of course.

(This story has been updated with information from the University of Tennessee, The Commons housing complex, the Justice Department and Ashley Menner.)

See Also:

• Little or No Jail Time Likely for Palin Hacker
• Palin E-Mail Hacker Says It Was Easy
• Group Posts E-Mail Hacked from Palin Account

Saturday Night Live tapped into the "John McCain is clueless-because-he's-a-Luddite," and "McCain is a liar" memes this weeks with the following skit:

The skit popularizes the idea that McCain is out of touch because he's not caught up with current technology, an idea that Barack Obama capitalized on a couple of weeks ago in the following campaign ad: 

Continue reading "Dem's Campaign Ad Sneaks Into SNL Skit" »

U.S. Attorney General Michael Mukasey on Saturday denied that the Bush administration -- in conjunction with the nation's telecommunication companies -- devised a "dragnet" electronic surveillance program that funneled Americans' communications to the National Security Agency without court warrants.

But the attorney general also insisted that defending his claim in court would harm national security.

"Specific information demonstrating that the alleged dragnet has not occurred cannot be disclosed on the public record without causing exceptional harm to national security," Mukasey wrote in a federal court filing in San Francisco. "However, because there was no such alleged content-dragnet, no provider participated in that alleged activity."

It was the first time Mukasey, as the nation's top law enforcement official, provided an emphatic and wholesale written courthouse denial of allegations contained in lawsuits accusing the Bush administration of widescale domestic spying in the years following the 2001 terror attacks. Keith Alexander, the NSA director, issued a similar courthouse denial in a 2007 court document (.pdf).

Despite Mukasey's denial, contained in a court filing (.pdf) made public Saturday, Mukasey asked a federal judge to grant immunity to the nation's telecommunications companies accused of assisting with the alleged surveillance dragnet. It is the first time the government has invoked the immunity legislation (.pdf) Congress approved July 9,  which was signed by President Bush the next day.

Democratic presidential candidate Barack Obama voted for the immunity bill and helped block a filibuster. Republican rival John McCain supported the measure, but did not vote.

The lawsuit was brought in 2006 by the San Francisco-based Electronic Frontier Foundation. The EFF's lawsuit includes documents from a former AT&T technician that the EFF claims describe a secret room in an AT&T building in San Francisco that is wired up to share raw internet traffic with the NSA.

The attorney general's statements were provided to U.S. District Court Judge Vaughn Walker in addition to the government's motion (.pdf) to grant the telcos immunity. Walker, of San Francisco, is overseeing three dozen lawsuits accusing U.S. telecommunication companies of taking part in the government's alleged "dragnet" surveillance program.

According to the immunity bill, Congress authorized Mukasey to inform Judge Walker via classified and non-public documents about why the government is seeking immunity on behalf of the communication companies. According to the legislation, Walker has little power to deny Mukasey's request.

Still, Mukasey's filing did acknowledge the Terrorist Surveillance Program. The so-called TSP authorized the NSA to intercept, without warrants, international communications to or from the United States that the government reasonably believed involved a member or agent of al-Qaeda, or affiliated terrorist organization. Bush acknowledged the program after the New York Times disclosed its existence in 2005.

Mukasey, as part of his court filing, sought immunity for the telecoms that participated in the TSP program. The TSP has now been legalized by Congress.

See Also:

• Rights Group Suing AT&T for Spying Sues NSA and Cheney Too
• ISPs Will All Spy on Their Customers, Professor Warns
• Gonzales Violated Security Rules with Spy Docs, Lied to Cover it Up
• Bush Signs Spy Bill, ACLU Sues
• AT&T Whistleblower: Spy Bill Creates 'Infrastructure for a Police ...
• Only Government Can Argue in Secret Spy Court, Feds Say
• Justice Department Moving to Immunize Snooping Telcos
• NSA Judge: 'I feel like I'm in Alice and Wonderland'
• EFF Moving to Uncover Telco Immunity Lobbying
• Analysis: Spy Ruling Portends Hurdles for AT&T Eavesdropping Case
• Analysis: Spy Ruling Bodes Well for AT&T Eavesdropping Case
• Lawyers Decry New Spy Law as Unconstitutional, Urge Federal Judge ...

A hacker claims to have cracked the web site of Fox News commentator Bill O'Reilly and purloined a list of subscribers to the site, which includes their names, e-mail addresses, city and state, and the password they use for their registration to the site.

The attack was retaliation for comments that O'Reilly made on the air this week about web sites that published e-mails obtained from the Yahoo account of Alaska Governor Sarah Palin, according to a press release distributed by WikiLeaks late Friday.

The hacker sent WikiLeaks a screenshot of O'Reilly's subscriber list as proof of the deed, which WikiLeaks has posted online.

This week on his Fox show, O'Reilly slammed web sites, such as WikiLeaks and Gawker, for posting screenshots of e-mails, family photos and a list of contacts taken from Palin's private e-mail account.

"They're trafficking in stolen merchandise," O'Reilly said during one of his shows, calling for their prosecution. He also referred to a site that published the screenshots as "despicable, slimy, scummy."

In the video above, O'Reilly spoke with Amanda Carpenter, a reporter for Townhall.com who agreed with him and said that a web site that published such information was "complicit" in the hack of Palin's e-mail account.

"They think it's newsworthy, even though the information was absolutely, illegally obtained," she said.

Neither O'Reilly nor Carpenter mentioned the First Amendment protection that media organizations, such as Fox News and Townhall.com, are generally afforded for publishing newsworthy information.

That segment was followed the next day by a segment with Fox News anchor, Megyn Kelly, a lawyer, who explained why the First Amendment would protect the sites. (See video below.)

O'Reilly, disagreed with her, however.

"If your grandma sends you 50 bucks for your birthday and somebody steals the letter and gives it to somebody else and they take the 50 bucks, they're going to get charged as well as this person who stole the letter," he said.

Kelly explained that taking stolen money and publishing news were not the same.

"That's crazy," he said.

"No it's not crazy," Kelly replied. "Because . . . what if somebody obtained a document illegally that proved some massive conspiracy among the presidential candidates and they leaked it to Fox News and we knew it was stolen. You don't think we'd put it on the air? You're darn right we would. And it's not illegal."

WikiLeaks said in its press release that it had confirmed the authenticity of the list, but didn't mention how it did so.

Efforts by Threat Level to contact Fox News and some of the subscribers on the list to independently verify the authenticity of the list were unsuccessful.

See Also:

• Little or No Jail Time Likely for Palin Hacker
• Palin E-Mail Hacker Says It Was Easy
• Group Posts E-Mail Hacked from Palin Account

Comcast came clean with the Federal Communications Commission late Friday, detailing how it throttled and targeted peer-to-peer traffic -- maneuvers it has repeatedly denied.

The cable concern said (.pdf) it indeed hit "particular protocols that were generating disproportionate amounts of traffic." The peer-to-peer protocols, Comcast said, include Ares, BitTorrent, eDonkey, FastTrack and Gnutella -- vehicles used to transport copyrighted material without the owners' permission.

On Aug. 1, when the FCC ordered it to abandon its throttling practices, Comcast denied that it was blocking any services including "peer-to-peer services" like BitTorrent or engaged in any blocking of services.

Comcast spokeswoman Sena Fitzmaurice said at the time, "We are disappointed in the commission's divided conclusion because we believe that our network management choices were reasonable, wholly consistent with industry practices and that we did not block access to websites or online applications, including peer-to-peer services."

By a 3-2 vote, the FCC concluded that Comcast monitored the content of its customers' internet connections and selectively blocked peer-to-peer connections in violation of network neutrality rules. The selective blocking of file sharing traffic interfered with users' rights to access the internet and to use applications of their choice, the commission said.

"Comcast's practices are not minimally intrusive, as the company claims, but rather are invasive and have significant effects," the commission said, demanding an end to the practices by year's end.

Comcast, which filed Friday's report to the FCC to comply with its Aug. 1 order, is appealing the ruling.

In Friday's report, Comcast said the throttling began " widescale deployment" in 2007.

The traffic was throttled using a Sandvine Policy Traffic Switch 8210:

"The Sandvine equipment has been used (1) to determine when the number of simultaneous unidirectional upload sessions for a particular P2P protocol in a particular geographic area reaches its pre-determined threshold, and (2) when a threshold is reached, to temporarily delay the initiation of any new unidirectional upload sessions for that protocol until the number of simultaneous unidirectional upload sessions drops below that threshold," Comcast wrote the FCC on Friday.

Contrary to the FCC, Comcast said it never inspects the contents of a user's files.

"For purposes of managing network congestion, the Sandvine PTS 8210 has been
configured to identify unidirectional P2P uploads for the protocols -- identified below -- that were determined to be the primary causes of upstream congestion. To do this, the Sandvine PTS uses technology that processes the addressing, protocol, and header information of a particular packet to determine the session type. The Sandvine PTSes, as deployed on Comcast's network, do not inspect the content. These devices only examine the relevant header information in the packet that indicates what type of protocol is being used (i.e., P2P, VoIP, e-mail, etc.).The equipment used does not read the contents of the message in order to determine whether the P2P packet is text, music, or video; listen to what is said in a VoIP packet; read the text of an email packet; identify whether any packet contains political speech, commercial speech, or entertainment; or try to discern whether packets are personal or business, legal or illicit, etc."

Comcast said that P2P traffic continues to comprise approximately half of all upstream traffic and in some locations, P2P traffic is as much as two-thirds of total upstream traffic. The data also show that, even for the most heavily used P2P protocols, more than 90 percent of these flows are unaffected by the "congestion management."

Fitzmaurice, in a statement Friday, said:

"We manage our network for one reason: to deliver a superior, reliable, high-quality experience to every high-speed Internet customer, every time they use our service. As we previously announced in March, we are changing the way we manage network congestion by the end of this year. The new technique does not manage congestion based on the protocol or application a consumer uses.  This new technique will ensure that all customers get their fair share of bandwidth every hour of the day. As we roll out these new practices, we'll make sure our customers are fully informed."

Illustration: M3Liff@

See Also:

• Comcast Appeals FCC Throttling Order
• Comcast Ordered to Allow Free Flow of File Sharing Traffic
• Fears Swirl Over Whether FCC Will Enforce Comcast Throttling Decision
• Analysis: FCC Comcast Order is Open Invitation to Internet Filtering
• Lawmaker Cries Foul Ahead of FCC Net-Neutrality Decision
• Comcast Beginning 'Net Neutrality' Testing
• ISPs Will All Spy on Their Customers, Professor Warns

Type in the term "economic crisis" into Google, and one likely ad that will show up on the search engine if you're in Northern California is one bashing John McCain as "out of touch."

With the financial markets swinging wildly, and questions swirling over what role the government should play in stabilizing them, the volume of searches for the term "economic crisis," has soared in the United States.

Political campaigns, and the presidential ones especially, have learned how to capitalize on web surfers' attention online, and have boosted their spending exponentially, says Peter Greenberger, manager of Google's elections and advocacy team in Washington, DC.

"We've seen a dramatic increase in the use of search advertising by the presidential candidates, as well as other political advertisers, in the past year," he says. "So I think it's fair to say that search advertising has come of age in 2008 for political advertisers."

Though total political spending on AdWords is hard to quantify in aggregate, as a point of comparison, Greenberger notes that Barack Obama spent more money on paid search through Google's AdWords program in a week in February than both President Bush and Sen. John Kerry, D-Mass. did for the entire 2004 presidential election cycle. Obama spent a million dollars on AdWords that month.

John McCain's campaign has been especially aggressive with its paid search strategy during this election cycle. The campaign hired the political marketing firm Connell Donatelli in Washington, DC early on, and its chief internet strategist Eric Frenchman is a big proponent of advertising against search results.

In August, the campaign bought the Democratic vice presidential nominee's name "Joe Biden." Some searches for the term on Google yielded a Google ad from the McCain campaign that took people who clicked through to a video of Biden criticizing Obama during the primaries.

For now, the presidential campaigns are buying keywords related to the turmoil in the financial markets through Google's AdWords program in order to capitalize on voters' concerns over the economy, says Greenberger. 

"A number of candidates were running ads on that (term,)" he says.

Indeed, the Obama ad leads surfers to a video of Barack Obama speaking about voters' deteriorating personal finances, the need for more regulation of the financial markets, and of course the need for "change." He also promises middle class families a $1,000 tax break. The landing page provides the interested with a short one-page summary of Obama's economic plans, with four bullet points and a request for the reader's e-mail. The campaign provides a web address within the video for those who want more detail about the plan.

Other Google searches on the term "Lehman Bankruptcy," yielded an Obama ad titled "Is the Economy Strong?"

Unsurprisingly, Republican Alaska Governor Sarah Palin appeared to be the most popular term for advertisers on Friday.

A search on the name "Palin" yielded "Unsure About Sarah Palin?" That page led users to an Obama campaign web page informing readers that McCain's vice presidential pick Sarah Palin "is no maverick," and also to "McCainPalinVictory2008.com," a McCain fund-raising page.

Other advertisers included Cafe Press, and a site selling "McCain-Palin 2008" gear.

It might seem obvious to most people that the hacker who gained unauthorized access to the private e-mail account of Republican vice-presidential candidate Sarah Palin violated the Stored Communications Act.

Under that law, a violation is committed by anyone who “(1) intentionally accesses without authorization a facility through which an electronic communication service is provided;” or “(2) intentionally exceeds an authorization to access that facility; and thereby obtains...[an] electronic communication while it is in electronic storage in such system.”

But Kurt Opsahl, senior staff attorney at the Electronic Frontier Foundation, says not so fast.

Although the law seems clear on such a matter, the Department of Justice has taken a position on the law that could thwart its own prosecution of the hack under the SCA.

(Before anyone jumps to conclusions, the hacker could still be prosecuted under the Computer Fraud and Abuse Act. Keep reading to see discussion below about the CFAA.)

Electronic storage is defined in the Stored Communications Act as "any temporary, intermediate storage of a wire or electronic communication incidental to the electronic transmission thereof." E-mail that has arrived in a recipient's inbox on his ISP's server and that has not yet been opened would fall into this category.

The law also refers to electronic storage as "any storage of such communication by an electronic communication service for purposes of backup protection of such communication." E-mail that has been read, but not deleted would fit this description.

In a U.S. 9th Circuit precedent, the court regarded both read and unread e-mail, or received and unreceived e-mail, as being in "electronic storage" under the SCA (See Theofel v. Farey-Jones, 359 F.3d 1066, 1075 -- 9th Cir. 2003).

"[W]hen the recipient accesses an email but does not delete it, it moves from storage incident to transmission to backup storage under the second part of the SCA's 'electronic storage' definition," Opsahl writes in a post on the EFF's blog.

But Opsahl says the DOJ has taken a different view of the SCA. He points to the DOJ's Prosecuting Computer Crimes Manual, which says that read e-mail is no longer stored communication.

The manual says, "If the recipient chooses to retain a copy of the communication on the service provider's system, the retained copy is no longer in 'electronic storage' because it is no longer in 'temporary, intermediate storage ... incidental to ... electronic transmission,' and neither is it a backup of such a communication."

According to Opsahl:

The DOJ's interpretation of the SCA means that any emails that Gov. Palin had already opened (but left on the Yahoo! Mail servers) would not be protected under this email privacy law. This would mean no SCA privacy protection for the majority, if not the entirety, of the Gov. Palin's email messages at issue. As the DOJ acknowledges, "[i]f Theofel's broad interpretation of 'electronic storage' were correct, prosecutions under section 2701 would be substantially less difficult..." On the flip side, if the DOJ were right and Theofel were wrong, any hacker responsible for obtaining access to those emails - or any other individual's opened messages - could not be prosecuted under the SCA.

Mark Rasch, a former Justice Department computer crime prosecutor, agrees with Opsahl.

"While the DOJ guidelines are not binding on the DOJ, they certainly have persuasive authority," he said. "In this case I think the DOJ would be bound by its own interpretation of the statute and probably could not prosecute [the hacker under that statute] simply because of its own interpretation of the statute."

As mentioned above, the hacker could still be prosecuted under the CFAA, though likely for a misdemeanor, not a felony, since there was no actual loss that resulted from the hack. More specifically, he'd be prosecuted under 18 U.S.C. 1030(a)(2)(C), accessing a protected computer without authorization to obtain information.

Rasch says if the hacker were charged with a misdemeanor, he would likely face a sentence of zero to six months, depending on his history, attitude and contrition. If the hacker were to come forward and apologize to Palin and tell the FBI exactly what he did, prosecutors might take this into consideration.

"If the government treats this for what it really is, which was a kid who was curious to see if he could do this . . . then the kid should be in reasonably good shape" and face "little, if any, jail time," Rasch said.

Although there is also a possibility the government could charge the hacker with a felony under the CFAA depending on the whim of the prosecutor and whether he argued that the invasion of Palin's privacy was a tortious act. Rasch likened the situation to the government's charges against Lori Drew in the MySpace suicide case.

"It would be a stretch to charge a felony [in the Palin case], but if they want to be hard on [the hacker], they could do that," Rasch said. "I wouldn't have predicted that they would use that argument in the MySpace case, but they did. So they could certainly do that to [Palin's hacker]."

See Also:

• O'Reilly Hacked for Comments About Palin Hack
• Palin E-Mail Hacker Says It Was Easy
• Group Posts E-Mail Hacked from Palin Account

Anonymous isn't so anonymous anymore.

At least not after one "member" of Anonymous, the loose confederation of online troublemakers, broke into the personal e-mail account of Republican vice-presidential nominee Sarah Palin and then posted the new password to Anonymous' online message board.

From there, others slipped screenshots and family photos to the leak-releasing website Wikileaks, launching a maelstrom of media coverage and widespread speculation as to the e-mail hacker's real name.

For those unfamiliar, Anonymous is a group you can't join, except by hanging out for a long time in the internet's most juvenile corners -- usually one of the image boards where everyone posts anonymously. 4chan's /b/ board -- or random -- seems to be the main hangout, though other chans and IR channels seem to serve as adjunct clubhouses as well. The hangouts have almost no rules --  though using some variation of the terms fag, nigger and jew seems mandatory in every post.

The self-identified Palin-email burglar who uses the online handle Rubico said he got the idea while hanging out at 4chan -- specifically its random or /b/ board (NSFW). 

After watching others on the board temporarily lock up the e-mail account by trying primitive ways to break in, Rubico decided to call on the power of Google. With a combination of answers found through searches and an educated guess, Rubico was able to reset the account's password.

Though Fox News famously and hilariously called Anonymous "hackers on steriods," in large part they have little skill besides knowing how to use a web proxy to mask their IP addresses.

Instead, Anonymous keyboard miscreants combine online Fight Club-like bravado, inside jokes documented only on the world's stupidest wiki, and harassment tactics that sound funny in theory but in practice are streaked with cruelty. The point? Fun at other people's expense -- otherwise known as Lulz.

The basic repertoire? Prank phone calls, ordering pizzas to someone's house, flooding a message board with obscene ASCII art. Advanced techniques include finding a way into someone's MySpace account in order to send messages to their friends saying they are gay.

What are Anonymous' greatest or worst hits?

The Epilepsy Attack -- In March, a group of internet griefers flooded an epilepsy message board with flashing images that caused migraine headaches and seizures in some users. While it's not certain whether it was properly the work of Anonymous, the assault was rumored to have started on a thread at 7chan.org -- another Anonymous hang out -- and much was blamed on eBaumsworld, an online site often derided by Anonymous.

The FBI is reportedly investigating what may be the first computer attack that physically harmed people.

The Scientology War -- In January, Anonymous decided to take on a real target -- the Church of Scientology -- which its members considered to be an overly litigious cult. Soon, anonymous pranksters were ordering pizzas to Scientology offices, using denial-of-service attacks to scuttle its web servers and posting previously unseen secret Scientology documents.

They also briefly pointed denial-of-service attack tools at the wrong IP address -- which happened to be a Dutch school.

The publicity drew hordes who wanted to participate, and soon many longtime Anonymous users found themselves annoyed with the new converts who thought Anonymous was a crusading organization.

The Habbo Hotel Raid – Anonymous has staged many minor incursions into other people's online playgrounds, but one of the most storied involved a virtual world known as Habbo -- a frequent target for bored Anonymous lurkers interested in ruining other people's fun.

In 2006, hundreds of Anonymous users showed up using identically dressed avatars: a black man with an Afro in a grey suit. They blocked off the pool to other users, claiming it was infected with AIDS. They also formed swastika-like formations and flooded the site with stupid internet sayings. When users were banned, they claimed it was racist.

The Mitchell Henderson Harassment -- The suicide of Mitchell Henderson, a seventh grader, stirred Anonymous, who gleefully decided that Henderson shot himself because he had lost his iPod, a fact he'd noted on his MySpace page. Anonymous grabbed onto a badly written message on an online memorial page for him, and turned the phrase "an hero" into an internet meme.

For more than a year, Anonymous kept up the fun, calling Henderson's parents, pretending to be his ghost.

The Hal Turner Campaign - In late 2006 and early 2007, Anonymous had much fun with Hal Turner, a small-time white supremacist who ran an online radio show. Anonymous flooded one of his shows with prank calls, which then escalated in mutual internet stupidity.

Anonymous eventually flooded his site with too much traffic for his web host to handle. Turner tried suing the image boards -- unsuccessfully -- and finally he closed down his show after a hacker managed to unearth correspondence suggesting Turner was an FBI informant.

Screenshot: Anonymous 'raids' the virtual world Habbo.

See Also:

• Hackers Assault Epilepsy Patients via Computer
• War Breaks Out Between Hackers and Scientology -- There Can Be Only One
• Investigative Report Reveals Hackers Terrorize the Internet for LULZ
• Group Posts E-Mail Hacked From Palin Account -- Update
• Palin E-Mail Hacker Says It Was Easy

Some enterprising finance workers are finding their own solution to the growing banking crisis, judging by a spate of recent federal indictments: using their access to bank computers to plunder accounts.

Missouri Citibank employee Brandon Wyatt was charged last week with identity theft for a scheme that allegedly began in January 2006, and continued until late last month. Wyatt is accused of tapping Citibank's computers for customer information, then using it to set up checking accounts online with competing banks, including Bank of America, Washington Mutual and AmTrust.

Wyatt allegedly wire transferred customer funds from Citibank to the new accounts, then cashed them out with additional transfers, checks, debit card purchases and ATM withdrawals. His take, according to federal prosecutors in St. Louis, was at least $380,000.

Two employees of an investment company in Indianapolis allegedly took a more indirect route to riches. Nyteria Redding and Raquel Vaughn are accused of grabbing customer information like names, addresses, Social Security numbers and dates-of-birth from their employer's computers, and passing it to Redding's boyfriend, one Nathan Green. Green then allegedly paid lackeys to fill out credit card applications using the information -- changing the addresses to abandoned houses with accessible mailboxes.

Green wound up with a cumulative credit line of over $1.4 million from 129 credit cards in the scam, according to federal prosecutors in South Bend. In all, 581 customers of the unnamed investment firm had their information stolen from August 2005 through March 2006. Seven people were indicted last week for identity theft and conspiracy.

Similarly, two Chicago temp workers at the investment management firm Computershare apparently decided the company's customers owned too much Comcast stock. Alleged mastermind Lester Swims and coworker Mark Kramer supposedly used their inside access to dump over $700,000 from 67 trading accounts, routing at least some of the cash-out checks to themselves. Court records don't indicate what Swims had against Comcast -- one suspects he was short selling the cable giant on the side.

The scheme ran from July through September of last year. After complaints started coming into Computershare, agents with the U.S. Postal Inspector found incriminating evidence in Kramer's trash, and both men were indicted Tuesday in federal court in Chicago.

If you're staring to despair that only insiders can make it big in fraud, never fear. Miami man Adolphus Emercheta was indicted last week for allegedly setting up online bank accounts for Washington Mutual customers and transferring a few thousand dollars from their home equity credit accounts; there's no indication that Emercheta worked for the bank.

And Paven Voleti, a Tennessee man, was charged with  reprogramming blank credit cards with stolen Discover card data. He didn't work at a bank, though the Secret Service did find an ATM in his house.

---

Fed Blotter is Threat Level's new weekly roundup of computer crime cases in the federal courts. If you've been indicted, or are about to be, please let us know.

(Photo courtesy Nathan Gibbs)

The General Election Debates: Its Back to the BoobTube.
Image courtesy Bettman/Corbis

The highly anticipated general election debates that kick off between the two presidential candidates next Friday will feature none of the voter-centric innovations pioneered during the primaries. Not one YouTube video, not one instant message.

Instead, the debates will stick to the scripted, one-way broadcast television format of old.

"What they're offering us here is little more than live video streaming, which is like, so, year 2000," says Micah Sifry co-founder of TechPresident.com and executive editor of the Personal Democracy Forum in New York City.

The presidential hopefuls have made a great hullabaloo over "reforming Washington" and making the government more accountable by using the internet. But in the run-up to Election Day, the most important series of debates are ditching all of the technological innovations to include voters -- all pioneered during the primaries.

“These are, by far, the most influential political events that we have," says George Farah, executive director of Open Debates, a group that wants to replace the current organization running the general election debates. "It’s the only time that tens of millions of voters are watching the candidates on the same stage, at the same time.”

Each debate is expected to be watched by more than 60 million people worldwide, according to MySpace, which has partnered with the Commission on Presidential Debates to engage voters online. Just under 40 million people watched each of the two presidential contenders' nomination-acceptance speeches at the conventions.

Last summer, the internet pioneered several important new ways of connecting voters with candidates. CNN partnered with YouTube to host two debates driven by voters' video questions submitted via YouTube. (Even then, CNN's role in picking the questions was controversial. Critics thought the network was still retaining too much editorial control over the process.)

But the most innovative forum came from TechPresident, which created a site called 10Questions.

The site attempted to create an interactive town hall format by allowing voters as a group to surface key concerns using a Digg-like voting mechanism, rather than providing arbitrarily chosen questions that presented the candidates to bloviate, Sifry said at the time.

10Questions.com allowed citizens to submit questions via video, which were voted up or down by the site's users, and the process was audited to prevent gaming. The site was widely supported by mainstream media, activists and bloggers from both ends of the political spectrum.

MTV and MySpace even included one of the site's top questions in one of its town halls with Barack Obama. Participants in the forums appreciated their ability to converse as a group with the candidates.

"MTV and MySpace keep upping the ante with these candidate forums, and in terms of creating a more transparent, participatory interaction between the candidates and a mass audience, they continue to blow CNN and YouTube out of the water," said Mike Connery, a 29-year-old youth activist on his Future Majority blog.

But the upcoming presidential debates are by-and-large reverting back to the tried-and-trusted television format. The Commission on Presidential Debates is hosting a series of four debates between the presidential candidates and their running mates between September 26 and October 15.

MySpace and the Commission on Presidential Debates on Wednesday unveiled a new site called MyDebates.org. In addition to an online quiz, it will stream the debates online, and poll site users about which candidate they support.

MySpace is soliciting questions online, some of which may be posed by NBC's Tom Brokaw during the second town hall-style debate in Nashville, Tennessee on October 7.

"The CPD believes that the internet can be used to personalize the debates in a way that allows for in-depth examination by individual citizens and joint discussion with others," said the commission's executive director in a statement.

However, Open Debate's Farah says the commission's use of the internet in this case is a sham.

A document obtained by the group labeled "Memorandum of Understanding" concerning the debates between John Kerry and President Bush and their vice presidents in 2004 spell out the conditions under which the debates were to be held. It specified everything from the color of the backdrops, to the heights of the podiums, to who will and won't get to speak.

One section of the document outlining the details of how a town hall event that year would unfold stated: "The commission shall take appropriate steps to cut off the microphone of any such audience member that attempts to pose any question or statement different than that previously posed to the moderator for review."

"If you allowed voters in the process and gave them control, they might come up with a particularly challenging and unexpected question that may throw the candidate off their script, and that is something that is unlikely to happen," Farah said.

He wants the Commission on Presidential Debates replaced with a group run by citizens and public interest groups. The CPD is co-chaired by the former chiefs of the Democratic and Republican national committees.

Open Debates issued a statement Thursday with nine other groups, including the Personal Democracy Forum, that asks the commission to make the terms of its contracts with the candidates publicly available. Farah says the contract lays out most of the details of how the debates will be conducted.

Asked about the "secret debate contract negotiated by the Obama and McCain campaigns," that the 10 pro-democracy groups asked to be made public, Scott Warner, a spokesman for the commission, says that it doesn't exist, and never has. He didn't return an e-mail about the 2004 document.

The Electronic Frontier Foundation and Public Knowledge are two public interest groups leaving no stone unturned when it comes to trying to uncover details about the proposed Anti-Counterfeiting Trade Agreement.

Details of the proposed multicountry accord are sketchy at best. Speculation is running rampant that, if ratified, the agreement might criminalize peer-to-peer file sharing, subject iPods to border searches and allow internet service providers to monitor their customers' communications.

It may sound farfetched. That's why Public Knowledge and EFF sued (.pdf) the federal government on Thursday, seeking details of the proposed accord between the European Union, the United States, Japan, South Korea, Canada, Mexico, Australia, Switzerland and New Zealand.

On Monday, the two groups along with dozens of others also sent letters (.pdf) to trade offices of member-treaty nations, politely asking for the goods.

The accord is expected to be finalized by year's end. The accord's scant details have come from a leaked document (.pdf) on the WikiLeaks site and from comments to the U.S. trade office from intellectual property rights holders.

But whether the EFF and Public Knowledge are legally entitled to the documents via the Freedom of Information Act is another story. The groups cite no case law showing that the Office of United States Trade Representative should cough up, for example, its communications with other nations before a treaty is completed.

That said, here is what is being sought:

1) Participant lists, agendas, presentations and documents distributed at, or received at,
meetings of United States Trade Representative staff with agents and representatives of the recorded music, motion picture, software, video games, electronics, fashion and luxury goods and pharmaceutical industries, concerning the ACTA;

2) Participant lists, agendas, presentations and documents distributed at, or received at,
meetings of USTR staff with agents, representatives and officials of international
entities dealing with the enforcement of intellectual property, including but not
limited to the World Intellectual Property Organization, the World Customs
Organization, the World Trade Organization, Interpol, and the World Health
Organization, concerning the ACTA;

3) Participant lists, agendas, presentations and documents distributed at, or received at,
meetings of USTR staff with officials and representatives from governments other
than the United States, concerning the ACTA;

4) Participant lists, agendas, presentations and documents distributed at, or received at,
meetings of USTR staff with other U.S. government agencies, including but not
limited to, meetings with staff, agents and representatives of the Copyright Office of
the Library of Congress, concerning the ACTA;

5) Copies of all other agency memoranda, briefing notes, and analysis concerning the
ACTA.

6) Copies of emails exchanged between staff of the USTR and officials and
representatives of other U.S. government agencies in relation to substance of the
ACTA;

7) Copies of emails exchanged between staff of the USTR and officials and
representatives of governments other than the United States in relation to substance of
the ACTA;

8) Copies of emails exchanged between staff of the USTR and officials and
representatives of international entities engaged in intellectual property enforcement
(including those listed in paragraph 2 above) in relation to substance of the ACTA;
and

9) Copies of emails exchanged between staff of the USTR and representatives and
agents of the industries listed in paragraph 1 above, in relation to substance of the
ACTA.

Photo: Flyinace2000/Flickr

See Also:

• Notorious Crime Forum DarkMarket Goes Dark
• Senate Introduces IP Reform Bill Bolstering Enforcement
• Hacker, Counterfeiter Comes Clean Ahead of Prison Stint
• Judge Doesn't Give Tiffany a Trademark Silver Spoon in eBay Flap
• Inside the Motion Picture Industry's Cuddliest Anti-Piracy ...
• Entertainment Industry Leaned On Los Angeles Politicos to Declare ...
• Hacker in Murdoch Trial Acknowledges Receiving Money from Murdoch ...
• E-Passport Hacker Designs RFID Security Tool

Just a day before the government will try again to get AT&T out of court for allegedly helping with President Bush's warrantless wiretapping of Americans, the scrappy civil liberties group suing the telecom giant filed another suit -- this one against the government and top officials involved in the spying.

By suing the government directly, the EFF is attempting to undermine the government's plan to use a new power handed to it by Congress in July. The so-called telecom immunity provision nearly automatically forces a judge to dismiss lawsuits against companies accused of helping the government spy -- without court approval -- on the phone and internet communications of Americans.

Last week, the government told a federal court judge overseeing some 38 cases against the telecoms that it would file those papers on AT&T's behalf by Friday.

Thursday's potential class action suit (.pdf) against the government -- filed in federal district court in Northern California -- seeks a halt to the program, an accounting of who was spied on and damages for the five named plaintiffs.

It also names high government officials -– in their official and personal capacities -- putting them at risk of fines they would be personally liable for.

Among those listed – former Attorney General John Ashcroft, former Attorney General and White House Counsel Alberto Gonzales, Vice President Dick Cheney, and Cheney's chief of staff David Addington, along with current and former heads of intelligence agencies involved in the spying.

"In addition to suing AT&T, we've now opened a second front in the battle to stop the NSA's illegal surveillance of millions of ordinary Americans and hold personally responsible those who authorized or participated in the spying program," said senior staff attorney Kevin Bankston.

The suit argues the spying violated federal wiretap law, the First Amendment's guarantee of anonymous speech and the Fourth Amendment's guarantee against unreasonable searches.

Others have challenged the government program directly, but no one has succeeded so far. The EFF hopes the whistle-blower evidence it has used to keep the AT&T case alive will also work to prove it has a right to sue the feds as well.
 
The EFF plans to contest the legality of the so-called telecom immunity powers -- but wants to have another avenue to pursue its goal of having the program declared illegal.

Though the full extent of the secret spying is not known, media reports indicate the government collected phone calls and emails – with the help of American telecoms -- where one party was inside the U.S. and one was outside the country.

Until recently, wiretapping law required court orders to collect that information inside the U.S.

The FISA Amendments Act of 2008, which largely legalized did not immunize the government or government officials.

The EFF filed suit against AT&T in January 2006, alleging that the company massively violated federal wiretapping laws by turning over billions of phone records to the NSA and letting them building a room for the NSA to spy on the internet.

The suit relies heavily on company documents provided to it by former AT&T technician Mark Klein, who says the NSA controlled a secret internet spying room in an AT&T facility on Folsom Street in San Francisco.

That suit so annoyed the government that the President threatened to veto a bill expanding his ability to spy without warrants unless Congress also included retroactive legal immunity for telecoms being sued for allegedly helping the government warrantlessly spy on Americans.

After a drawn-out fight over immunity that included a threatened filibuster, the Democratically controlled Congress acceded in July to Bush's demand for immunity.

Justice Department spokesman Charles Miller said it was too early for the government to respond -- given it hasn't even seen the suit yet.

"Once we are served, we will make a determination about how we will respond in court," Miller said.

Thursday's suit is known as Jewel v. NSA, while the AT&T suit is known as Hepting v. AT&T.

UPDATE: The original version of this story incorrectly stated that the suit sought damages for millions of potential class members. The suit seeks an injunction for all, but fines for only the named five plaintiffs.

Credit: AP Photo/Lauren Victoria Burke Brita

See Also:

• Rights Group Suing AT&T for Spying Will Sue Government Too
• Appeals Court Punts on AT&T Spying Case Appeal
• NSA Judge: 'I feel like I'm in Alice and Wonderland'
• Bush Signs Spy Bill, ACLU Sues
• Justice Department Moving to Immunize Snooping Telcos
• McCain: I'd Spy on Americans Secretly, Too

A person claiming to be the hacker who obtained access to Alaska Gov. Sarah Palin's private Yahoo e-mail on Tuesday has posted a supposed first-person account of the hack, revealing the relatively simple steps he says he took to crack the private e-mail of the Republican vice-presidential candidate.

The story was briefly posted Wednesday to the 4chan forum where the hack first surfaced. Bloggers have connected the handle of the poster, "Rubico," to an e-mail address, and tentatively identified the owner as a college student in Tennessee.

Threat Level was unable to reach the student by phone because his number is unlisted. A person who identified himself as the student's father, when reached at home, said he could not talk about the matter and would have no comment. The father is a Democratic state representative in Tennessee. Threat Level is not identifying them by name because authorities have not identified any suspects in the case, and the link to the student so far is tenuous. The father, in a second call with Threat Level late Thursday afternoon, said that neither he nor his son has been contacted by any law enforcement authorities. A local Tennessee paper had erroneously reported that his son had been contacted by authorities, he told Threat Level.

As detailed in the postings, the Palin hack didn't require any real skill. Instead, the hacker simply reset Palin's password using her birthdate, ZIP code and information about where she met her spouse -- the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search.

The simplicity of the attack, of course, makes it no less illegal.

The hacker said that he read all of the e-mails in the Palin account and found "nothing incriminating, nothing that would derail her campaign as I had hoped. All I saw was personal stuff, some clerical stuff from when she was governor…. And pictures of her family."

Once the hacker had read the e-mails in Palin's account, he said he suddenly realized what he'd done and how vulnerable he was to being caught, since he'd used only a single proxy service to hide his IP address.

yes I was behind a proxy, only one, if this shit ever got to the FBI I was fucked, I panicked, i still wanted the stuff out there but I didn’t know how to rapidshit all that stuff, so I posted the pass on /b/, and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state

Once he posted the information to 4chan -- the stronghold of the Anonymous griefer collective -- a good Samaritan tried to step in to protect Palin by resetting her password and sending an e-mail to one of her aides, Ivy Frye. But the white hat posted a screen shot of that e-mail to 4chan, and it included the new password. That triggered a feeding frenzy on the forum, as legions of channers competed to log in and reset Palin's password again.

That flurry of activity triggered a security feature that froze Palin's account for 24 hours, which was long enough for the information to hit the media. Palin, or someone in her camp, closed the account early Wednesday morning.

The postings telling the story have been deleted from 4chan, so I've included them below.

rubico 09/17/08(Wed)12:57:22 No.85782652

Hello, /b/ as many of you might already know, last night sarah palin’s yahoo was “hacked” and caps were posted on /b/, i am the lurker who did it, and i would like to tell the story.

In the past couple days news had come to light about palin using a yahoo mail account, it was in news stories and such, a thread was started full of newfags trying to do something that would not get this off the ground, for the next 2 hours the acct was locked from password recovery presumably from all this bullshit spamming.

after the password recovery was reenabled, it took seriously 45 mins on wikipedia and google to find the info, Birthday? 15 seconds on wikipedia, zip code? well she had always been from wasilla, and it only has 2 zip codes (thanks online postal service!)

the second was somewhat harder, the question was “where did you meet your spouse?” did some research, and apparently she had eloped with mister palin after college, if youll look on some of the screenshits that I took and other fellow anon have so graciously put on photobucket you will see the google search for “palin eloped” or some such in one of the tabs.

I found out later though more research that they met at high school, so I did variations of that, high, high school, eventually hit on “Wasilla high” I promptly changed the password to popcorn and took a cold shower…

>> rubico 09/17/08(Wed)12:58:04 No.85782727

this is all verifiable if some anal /b/tard wants to think Im a troll, and there isn’t any hard proof to the contrary, but anyone who had followed the thread from the beginning to the 404 will know I probably am not, the picture I posted this topic with is the same one as the original thread.

I read though the emails… ALL OF THEM… before I posted, and what I concluded was anticlimactic, there was nothing there, nothing incriminating, nothing that would derail her campaign as I had hoped, all I saw was personal stuff, some clerical stuff from when she was governor…. And pictures of her family

I then started a topic on /b/, peeps asked for pics or gtfo and I obliged, then it started to get big

Earlier it was just some prank to me, I really wanted to get something incriminating which I was sure there would be, just like all of you anon out there that you think there was some missed opportunity of glory, well there WAS NOTHING, I read everything, every little blackberry confirmation… all the pictures, and there was nothing, and it finally set in, THIS internet was serious business, yes I was behind a proxy, only one, if this shit ever got to the FBI I was fucked, I panicked, i still wanted the stuff out there but I didn’t know how to rapidshit all that stuff, so I posted the pass on /b/, and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state

Then the white knight fucker came along, and did it in for everyone, I trusted /b/ with that email password, I had gotten done what I could do well, then passed the torch , all to be let down by the douchebaggery, good job /b/, this is why we cant have nice things.

Gabriel Ramuglia who operates Ctunnel, the internet anonymizing service the hacker used to post the information from Palin's account to the 4chan forum, told Threat Level this morning that the FBI had contacted him yesterday to obtain his traffic logs. Ramuglia said he had about 80 gigabytes of logs to process and hadn't yet looked for the information the FBI was seeking but planned to be in touch with the agents today.

Ramuglia said the screenshots of Palin's e-mail account, which the hacker posted online, will help him narrow his search, since they revealed most of the Ctunnel URL that was at the top of the hacker's browser when he took the screen shot.

(This post was updated with details about a phone call with the father of the college student and information from the owner of the proxy service he used.)

Photo: AP/Charles Dharapak

A wave of bittersweet melancholy has descended on the thousands of phishers, hackers and credit card swindlers inhabiting the computer crime supersite DarkMarket.ws. On Tuesday the site's operator, known as Master Splyntr, announced that he was shuttering the forum, which has hummed along for nearly three years as a premier vehicle of criminal commerce.

"[R]ecent events have proven that even in our best efforts to expel and deactivate the accounts of suspected LE [law enforcement], reporters, and security agents, it is obvious that we haven't been entirely successful," Splyntr wrote in a message on the site.

Chief among those recent events is last week's arrest of Cha0, a Turkish hacker -- and alleged kidnapper -- who served as one of DarkMarket's administrators. Cha0 was known for selling high-quality ATM-skimming hardware that crooks could affix to cash machines to grab debit card swipes and PINs. Turkish police arrested Cha0 on Friday, identifying him as one Cagatay Evyapan.

DarkMarket administrator Cagatay Evyapan, a.k.a. Cha0, was arrested by Turkish police last week.
Image: Courtesy Haber7

"It is apparent that this forum … is attracting too much attention from a lot of the world services (agents of FBI, SS, and Interpol)," wrote Splyntr. "I guess it was only time before this would happen. It is very unfortunate that we have come to this situation, because ... we have established DM as the premier English speaking forum for conducting business. Such is life.  When you are on top, people try to bring you down."

DarkMarket is the only survivor among the handful of crime forums that emerged to fill the hole left by the Secret Service's "Operation Firewall" in October 2004. In that unprecedented law enforcement crackdown, the agency used an informant to target what was then the top crime site, Shadowcrew.com. Twenty-eight fraudsters were arrested in coordinated raids, and Shadowcrew was shuttered.

Like Shadowcrew and earlier sites, DarkMarket lets buyers and sellers of stolen identities and credit card data meet and do business, in an entrepreneurial, peer-reviewed environment. Products for sale run the gamut from specialized hardware, to electronic banking logins collected from phishing attacks, stolen personal data needed to assume a consumer's identity ("full infos") and credit card magstripe swipes ("dumps), which are used to produce counterfeit cards. Vendors are encouraged to submit their goods for review before offering them for sale.

Dejected denizens of the forum absorbed Tuesday's news with disappointment. "I was waiting for this, the worst news of them all," wrote a poster called Ms. Gold. "I don't really know what to say nor am I in your shoes to give a real view. There must be another solution to the problem. Do we just let them win?"

"Now it would be too difficult to conduct business," wrote Iceburg. "Darkmarket was our bridge to business and if that bridge is broken than business is broken ... Long live carding and cashing. Short live all the RATS and FBI and all stupid secret agencies who are not just ruining our lives and families but they are destroying everything we left behind!"

DarkMarket has enjoyed a solid reputation among users for effectively weeding out "rippers" who steal from other crooks.  But the site has not been without controversy in the underground. In 2006,  "Iceman," the owner of a competing site -- who's since been identified as longtime hacker and security expert Max Ray Butler -- managed to crack DarkMarket's server. He later announced that he'd found evidence in the site's logs that DarkMarket was a sting operation, and that Master Splyntr was working for the FBI. The warning was generally dismissed as inter-forum rivalry. Butler was arrested last year on hacking and credit card fraud charges, and DarkMarket is more popular than ever.

The site is scheduled to cease operation on Oct. 4. Lord Cyric, an administrator on the site, resists the suggestion that DarkMarket's sunset marks the end of an era.

"That's what is said about every big board that closes," Cyric wrote in an IM interview. "That is, until the next one."

See Also:

• Turkish Police Arrest Alleged ATM Hacker-Kidnapper
• Hacker Reportedly Kidnaps and Tortures Informant, Posts Picture as Warning to Others
• Indicted Federal Informant Allegedly Strong-Armed Hacker Into Caper That Drew 9-Year Sentence
• Feds Charge 11 in Breaches at TJ Maxx, OfficeMax, DSW, Others

The Recording Industry Association of America is declaring attorney-blogger Ray Beckerman a "vexatious" litigator. The association is seeking unspecified monetary sanctions to punish him in his defense of a New York woman accused of making copyrighted music available on the Kazaa file sharing system.

The RIAA said Beckerman, one of the nation's few attorneys who defends accused file sharers, "has maintained an anti-recording industry blog during the course of this case and has consistently posted virtually every one of his baseless motions on his blog seeking to bolster his public relations campaign and embarrass plaintiffs," the RIAA wrote (.pdf) in court briefs. "Such vexatious conduct demeans the integrity of these judicial proceedings and warrants this imposition of sanctions."

Lory Lybeck, a Washington state defense attorney leading a proposed class-action lawsuit accusing the RIAA of allegedly engaging in "sham" litigation tactics, said the RIAA's motion comes from the same organization that has sued about 30,000 people over the last five years for file sharing, some of them falsely. It's the same organization, he said, that has sued dead people, the elderly and even children -- all while using unlicensed investigators.

"This is like irony and irony and irony," Lybeck said in a telephone interview. "That's what vexatious litigation is."

Beckerman, whose blog is Recording Industry vs The People, said in an interview the allegations were "frivolous and irresponsible."

Attorney Ray Beckerman denies RIAA charges that he's a "vexatious" litigator.

Lybeck represented an Oregon woman, Tanya Andersen, and got the case dismissed last year. The RIAA fought paying his legal fees because it claimed she was still an infringer. He countersued. The case seeks to represent what he says are "thousands of people falsely sued" by the RIAA. The case is pending.

"Irony is too tame of a word to describe the motion against Ray," Lybeck said. "Their whole 30,000-lawsuit scheme is founded on the purpose to run a PR campaign based on a fundamental starting place of an illegal investigation by unlicensed investigators and then a threatening letter," Lybeck said. "Ray is duty bound and ethically bound to zealously defend his client."

In federal court documents filed in the Eastern District of New York, the RIAA accused Beckerman, in defending a 2004 case against a New York woman, "for providing false and misleading information and for unreasonably and vexatiously multiplying and prolonging this litigation."

The RIAA is also seeking sanctions against the defendant, Marie Lindor, because it accuses her of destroying evidence to prevent it from proving the allegations.

"Here, sanctions are appropriate because defendant, her family, and her counsel engaged in a deliberate pattern of misconduct by providing false, misleading, and incomplete information as to the status of defendant’s Internet service in August 2004, who resided in defendant’s home during that time, the identity and location of witnesses with information about the case, and the existence and owner of the computer connected to defendant’s Internet account at the time of infringement. …Defendant’s misrepresentations caused plaintiffs and the court to waste substantial resources chasing empty leads and ultimately led to the destruction of critical evidence in this case. The actions of defendant and her counsel have caused Plaintiffs to engage in additional discovery at great time and expense, prolonged this litigation unnecessarily, and resulted in the destruction of critical computer evidence severely and irreparably prejudicing plaintiffs’ ability to prove their case."

Readers should note the cover sheet (.pdf) of the court filing lists Richard Gabriel as the RIAA's lead counsel. Gabriel was named a Colorado judge in May and no longer works on behalf of the RIAA.

See Also:

• File Sharing Lawsuits at a Crossroads, After 5 Years of RIAA ...
• RIAA, MPAA Converging on Political Conventions
• RIAA's Lawsuit Strategy in the Balance at Jammie Thomas Hearing Monday
• Do RIAA Snoops Need PI Licenses?
• MPAA Waffling on Piracy Costs; RIAA Says Illicit CDs Worth $13.74 Each
• RIAA Critic Beckerman Scores Judiciary's Ear
• Senate Committee Expands Justice Department Copyright Enforcement ...
• Hollywood's Grip on DVDs at Crossroads
• Meet the Latest Copyright Scofflaw -- Meet the GOP
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• International IP Trade Agreement: Fact or Fiction?

Vice-presidential candidate Sarah Palin's private Yahoo e-mail account was hacked, and some of its contents posted on the internet Wednesday.

The internet griefers known as Anonymous took credit for the intrusion, and screenshots of e-mail messages and photos belonging to the Alaska governor have been published by WikiLeaks. Threat Level has confirmed the authenticity of at least one of the e-mails.

"This is a shocking invasion of the Governor's privacy and a violation of law," Rick Davis, McCain-Palin campaign manager said in a statement. "The matter has been turned over to the appropriate authorities and we hope that anyone in possession of these e-mails will destroy them. We will have no further comment."

FBI spokesman Brian Hale said, "The FBI is aware of the alleged hacking incident involving Alaska Governor Sarah Palin and is coordinating with the United States Secret Service on the matter."

Alaska Governor Sarah Palin was tapped by Senator John McCain to be his vice-presidential running mate.

Photo: Associated Press/Al Grillo

The cache of stolen data contains five screenshots from Palin's account, including the text of an e-mail exchange with Alaska Lt. Gov. Sean Parnell about his campaign for Congress.

Another screenshot shows Palin's inbox and a third shows the text of an e-mail from Amy McCorkell, whom Palin appointed to the Governor's Advisory Board on Alcoholism and Drug Abuse in 2007.

The e-mail, a message of support to Palin, tells her not to let negative press get to her and asks Palin to pray for McCorkell, who writes that "I need strength to 1. keep employment, 2. not have to choose."

McCorkell, reached at her office, confirmed that she did send the e-mail to Palin. McCorkell later called and said the FBI has been in touch with her about this investigation.

A fourth screenshot shows an e-mail sent to Ivy Frye, a Palin aide, from someone claiming to belong to the group Anonymous advising that the person has changed the password to Palin's Yahoo account to prevent other members of Anonymous from accessing it again. The e-mail includes the new password.

The data posted by WikiLeaks also includes a list of Palin's e-mail contacts and two photos of her children.

Palin has come under fire for using private e-mail accounts to conduct state business. Critics allege that she uses the account to get around public records laws, as the Bush administration has also been charged with doing.

An index of the e-mails in her inbox, which includes sender, subject line and date sent, indicates that Palin received numerous e-mails from her aides in the governor's office, some of which could be work-related.

An e-mail from her press secretary, Meghan Stapleton, indicates the message is about the "Motor Fuel Tax Suspension".

The subject line of an e-mail from Randall Ruaro, her deputy chief of staff reads, "Draft letter to Governor Schwarzenegger." Another one from Ruaro says, "Please approve" and another one is about "Court of Appeals Nominations."

Other e-mails from Ruaro indicate they're about employee and budget issues for the DPS. DPS is how Alaska refers to its Department of Public Safety.

Palin's chief of staff, Michael Nizich, sent her an e-mail August 22 with the subject line, "Using Royalty Oil to Lower the Cost of Fuel for Alaskans." The subject line of another e-mail from Nizich reads "CONFIDENTIAL Ethics Matter."

E-mails from the governor's scheduler, Janice Mason, indicate that they're about Palin's schedule for the week of August 10.

WikiLeaks said in a press release sent to reporters that Anonymous gained access to Palin's e-mail account around midnight Tuesday.

(Updated with reactions from the McCain campaign and the FBI, as well as new information about e-mails that indicate Palin used the account for official government work.)

See also:

• Despite Rumors, Republican VP Candidate Is No Hacker
• War Breaks Out Between Hackers and Scientology
• Federal Judge in DefCon Case Equates Speech With Hacking ...
• Kevin Mitnick Tells All in Upcoming Book -- Promises No Whining
• Israeli Hacker Known as "The Analyzer" Suspected of Hacking Again
• Hacker Reportedly Kidnaps and Tortures Informant, Posts Picture as ...
• Love of Cats Was Six Flags Hacker's Downfall
• Indicted Federal Informant Allegedly Strong-Armed Hacker Into ...
• Hacker, Counterfeiter Comes Clean Ahead of Prison Stint

RealNetworks caught Hollywood by surprise when it privately informed the studios two weeks ago that it was releasing, by month's end, a $30 application called RealDVD allowing movie fans to easily make copies of their DVDs with their computer.

As expected, heads spun as executives began to wonder whether the studios were losing even more control of the coveted DVD and its $16 billion in annual sales.

Hollywood is already reeling from open source DVD decryption software that is free on the internet. It also says it's losing billions in sales because of BitTorrent tracking services like The Pirate Bay that allow users to upload and download decrypted movies and other content for free.

With RealDVD, Kaleidescape and other mainstream services, Hollywood's already loosening grip on the DVD is at a crossroads.

Continue reading "Hollywood Control of DVD-Copying at Crossroads" »

Santa Claus is upset with Facebook.

Everyone, it seems, wants to be friends with Santa Claus on Facebook. In the month or so since he joined the popular social network, he's approved 5,000 friends. He could have easily gone viral by Thanksgiving -- when everyone wants to be "friends" with Santa regardless of whether they deserve to be. He could become the most popular person in the world on Facebook.

But unfortunately for Santa, 5,000 friends is all anyone gets on Facebook. To add anyone new, the man who says his real legal name is Santa Claus must remove someone on his list.

That upsets the man who runs the Santa Claus Foundation, which he describes as an advocacy group for children.

"It's hard for me to believe that Facebook would want to disappoint that many folks who might enjoy being Santa's friends," Claus said in an e-mail. "I'm not selling anything; so, I don't understand the problem."

He wants Facebook to make an exception for him and he's not above thinking about rough tactics, noting a report that Facebook lost users in the United Kingdom earlier this year.

"[I] can only imagine what could happen, should word will get around that it is now severely limiting the number of friends Santa Claus can have," Claus said. "Would this make Facebook the new Scrooge or Grinch?"

Those are harsh words given that Santa already got personal help from Facebook, since the site blocks people from registering names like Darth Vader or the Easter Bunny. But Santa was able to prove he was legally Santa Claus and a tech overrode the ban, making Santa Claus the Santa Claus on Facebook.

Facebook says the 5,000 friend limit applies to all users -- but anyone can make a page where an unlimited number of  people can sign themselves up as fans.

A Facebook tech already helped Santa create a page, but Santa says that having fans is not nearly the same as having friends.

"We hope this minor inconvenience doesn’t impact the otherwise good little boys and girls at Facebook come Christmas," spokesman Barry Schnitt said, adding that he hopes Santa collects as many fans as he can.

Santa isn't the first to reach or complain about the limit -- prominent tech bloggers Robert Scoble and Jason Calcanis have both hit the limits. The limit is intended to keep Facebook resembling how real world social networks work since no one really has 5,000 friends.

There may also be technical reasons that make the limit necessary.

One wonders if Facebook actually does raise the limit just for Santa, how will they say no come spring when the Easter Bunny gets hopping mad about the limit?

See Also:

• Researchers Use Facebook App to Create Zombie Army - Update
• GOP Site 'Barackbook' Mocks Obama's Facebook Support
• Facebook Beacon Tracking Program Draws Privacy Lawsuit
• Canadian Law Clinic: Facebook Violates Canadian Privacy Law

Holding an early generation mobile cell phone, Republican presidential contender Sen. John McCain, R-Ariz., talks about the rapid progress of American technology as he outlines his energy policy and warns of U.S. reliance on foreign oil in a speech to the Center for Strategic and International Studies at the Ronald Reagan Building in Washington, Monday, April 23, 2007.
AP Photo/J. Scott Applewhite

Al Gore may have invented the internet, but it's Republican presidential candidate John McCain we have to thank for the "miracle" of the BlackBerry, his top economic adviser said Tuesday.

Asked by campaign trail reporters what McCain's experience as chairman of the Senate Commerce Committee does to help him to understand the economy and lead the country through its current turmoil, Douglas Holtz-Eakin waved his BlackBerry in the air, according to The Politico.

"Telecommunications of the United States is a premier innovation in the past 15 years, comes right through the Commerce committe," Holtz-Eakin said.  "So you're looking at the miracle John McCain helped create and that's what he did."

The BlackBerry was developed by Research In Motion, a Canadian company.

The comment met with immediate derision across the internet.

"McCain economic adviser claims McCain invented the Blackberry. I'd vote for him if it was the iPhone," joked "mnoreen," on Twitter.

And someone else has started a running joke with the word "#invent" on the micro-blogging service. Hundreds of sarcastic comments are pouring through the service. 

Another senior aide, Matt McDonald, said that the senator "laughed" when he heard the comment, reports the AP, which quotes McDonald calling the comment a "boneheaded joke."

In the 2000 presidential race, Democrat Al Gore drew derision when he claimed, "During my service in the United States Congress, I took the initiative in creating the Internet."

Research in Motion declined to comment.

  See Also:

• Obama Campaign Mocks McCain's Computer Illiteracy
• McCain Says He's Learning How To Use the Internet
• Poll: Should McCain Learn to Use a Computer?
• McCain Fluent in Science and Technology Issues -- Updated
• McCain at Stanford

There's been speculation for months concerning the Anti-Counterfeiting Trade Agreement. If ratified, many suggest it would criminalize peer-to-peer file sharing, subject iPods to border searches and allow internet service providers to monitor their customers' communications.

Yet all we know for certain is it's a treaty (.pdf) about beefing up intellectual property protections being negotiated in secret by the European Union, the United Sates, Japan, South Korea, Canada, Mexico, Australia, Switzerland and New Zealand.

Dozens of special-interests groups on Monday urged the trade representatives from those nations to disclose the language of the evolving agreement in a bid to end speculation on its contents and to assist in crafting its language.

"Because the text of the treaty and relevant discussion documents remain secret, the public has no way of assessing whether and to what extent these and related concerns are merited," the groups said in a letter (.pdf) to trade representatives from the participating nations.

The groups include Consumers Union, Electronic Frontier Foundation, Essential Action, IP Justice, Knowledge Ecology International, Public Knowledge, Global Trade Watch, U.S. Public Interest Research Group, IP Left (Korea), Australian Digital Alliance, The Canadian Library Association, Consumers Union of Japan, National Consumer Council (UK) and Doctors without Borders' Campaign for Essential Medicines.

Robert Weissman, director of the public interest group, Essential Action of Washington, D.C., said, "Intentionally or not, a treaty to prevent unauthorized copying may easily go too far, and undermine important consumer interests. That's why it is so important that this deal be negotiated in the light of day."

The rampant speculation concerning the treaty's contents is based largely on a leaked document posted on WikiLeaks, and from comments from copyright and patent holders.

Among other things, according to the comments and leaked document, the special interest groups speculate the treaty would:

Require Internet Service Providers to monitor all consumers' Internet communications, terminate their customers' Internet connections based on rights holders' repeat allegation of copyright infringement, and divulge the identity of alleged copyright infringers possibly without judicial process, threatening Internet users' due process and privacy rights; and potentially make ISPs liable for their end users' alleged infringing activity.

Interfere with fair use of copyrighted materials.

Criminalize peer-to-peer file sharing.

Interfere with legitimate parallel trade in goods, including the resale of brand-name pharmaceutical products.

Impose liability on manufacturers of active pharmaceutical ingredients (APIs), if those APIs are used to make counterfeits -- a liability system that may make API manufacturers reluctant to sell to legal generic drug makers, and thereby significantly damage the functioning of the legal generic pharmaceutical industry.

Improperly criminalize acts not done for commercial purpose and with no public health consequences; and Improperly divert public resources into enforcement of private rights.

Photo: Flyinace2000/Flickr

See Also:

• Proposed Copyright Law a 'Gift' to Hollywood, Info Groups Say
• Senate Committee Expands Justice Department Copyright Enforcement ...
• Meet the Latest Copyright Scofflaw -- Meet the GOP
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits
• Universities Baffled By Massive Surge In RIAA Copyright Notices
• Cablevision Scores Copyright Victory Against Hollywood
• Obama VP Pick Joe Biden: Good on Civil Liberties, Friendly to ...
• AG Mukasey Says IP Theft Threatens Public Safety, Fosters Terrorism
• MPAA Waffling on Piracy Costs; RIAA Says Illicit CDs Worth $13.74 Each
• RFID Hackers Are Stupid, Intellectual Property Thieves, Company ...

Google searches for the terms "SNL Palin," "Saturday Night Live," and "Tina Fey as Palin" rocketed off the roof over the week-end, as people around the United States e-mailed each other and blogged about Fey's uncannily-close impersonation of the Republican vice-presidential nominee.

Fey, Saturday Night Live's former head writer and creator of the show 30 Rock, appeared with SNL's Amy Poehler as Hillary Clinton to "battle sexism" in the show's opening skit.

Soon after the episode aired, e-mails with links to the inevitable YouTube uploads flew around listservs. But the take-down notices went out just as quickly, notifying YouTube that the clips had infringed upon NBC Universal's copyright. One of the uploads had already been removed as of Sunday, but several more managed to stay up on YouTube as of Monday. And other web sites such as LiveLeak also hosted clips.

NBC Universal has since posted the skit up on its own web site.  Below is an embed of the clip.

See Also:

• The Many Faces Of Sarah Palin Online

Americans' fear of a terrorism could create a mass outbreak of a psychosomatic illness -- even in the absence of any real attack -- -- creating a fake epidemic that could overwhelm hospitals attempting to treat real victims.

Adding to the confusion, the symptoms of a mass pyschogenic illness look much like symptoms of an anthrax attack, avian flu outbreak or chemical attack.

At least that's what the feds warned hospitals in a nonpublic 2006 communique recently published by the government sunshine site Wikileaks.

Call it a contagious psychosomatic illness -- though the feds preferred to label the phenomenon "psychogenic illness," defining that as:

A phenomenon in which social trauma or anxiety combines with a suspicious event to produce psychosomatic symptoms, such as nausea, difficulty breathing, and paralysis.  If many individuals come to believe that the psychosomatic outbreak is connected to the cause of the trauma or anxiety, these symptoms can spread rapidly throughout a population. 

In fact, the feds suggest (.pdf) that there's already been a totally terrorism-fear-created illness in California where no one was actually sick from an attack.

In that case, a man walked into a California bank in October 2003, sprayed an aerosol can into the air and then left. Employees and customers became ill, though investigators found there were no biological or chemical agents in the air. (Note proof of this incident is attributed to a November 2003 FBI report that is also considered too sensitive for the public's eyes.)

A similar fear-based illness began in Chechnya -- when 13 kids fell ill with headaches, fevers and numbness, according to the report. Many believed that the kids had been poisoned by a Russian chemical attack and the symptoms quickly spread. Some 87 people, mostly kids, were hospitalized, though there was no evidence of any chemical attack. Officials attributed the illness to anxiety over Russian military activities in the area.

And perhaps most seriously, after the deadly sarin gas attacks in Tokyo in 1995, some 5,000 people went the hospital -- claiming to have symptoms, despite the attack's rather small radius. Twelve people were killed by the gas and 54 others sustained serious injuries.

The analysis recommended that the government and health system educate people about chemical and biological attacks so they can recognize real symptoms, as well as quickly isolating both real and psychosomatic victims in the case of an attack or perceived attack.

The July 5, 2006, analysis entitled Fear of Terrorist Attack Could Trigger Mass Psychogenic Illness (.pdf) from the the Homeland Infrastructure Threat and Risk Analysis Center is not classified. Instead it is labeled For Official Use Only (FOUO) -- a designation that allows the data to be shared with people without clearances, but away from the public eye. Such material is usually not available through government sunshine requests.

See Also:

• Judge Backtracks: WikiLeaks Resumes US Operations
• Latest Wikileaks Prize for Sale to the Highest Bidder - Update
• WikiLeaks Posts More Prison Docs -- This One from Iraq Prison

Photo: Eric Ingrum/Flickr

BusinessWeek's web site has been attacked by hackers and infected with code designed to deliver malware to readers, according to anti-virus firm Sophos.

Hackers used a SQL injection attack to infect a section of the BusinessWeek site that offers information to MBA students about finding employment. According to Sophos, hundreds of pages on the web site were affected.

The attack script embedded in BusinessWeek's site would take malware from a Russian web site and deliver it to readers' machines. The Russian site was not online as of this morning when Sophos wrote about it, but since the malware was still on BusinessWeek's site, the attack would work as soon as the hackers revived it.

It's not known how long the malware has been on the site or if any readers were infected by it. Sophos said it informed BusinessWeek of the problem a week ago.

BusinessWeek has released a statement:

"Online security is a top priority and, while we continue to investigate the matter, we are confident that our readers' personal information has not been compromised. The attack affected only one application within a specific section of our website and that application has been removed. We continue to work to ensure the integrity of our site and to protect it from future illegal and malicious hacking activity."

Here's a video from Sophos discussing the attack:

See also:

• Six-Year-Old News Story Causes United Airlines Stock to Plummet

John McCain reaffirmed his support for federal funding of embryonic stem cell research on Monday -- in direct opposition to his party's agreed-upon official policy on the matter.

"While I support federal funding for embryonic stem cell research, I believe clear lines should be drawn that reflect a refusal to sacrifice moral values and ethical principles for the sake of scientific progress," McCain wrote in a response to a questionnaire released Monday by Science Debate 2008, a broad coalition of scientists and engineers.

The Republican party platform, adopted during its convention earlier this month, opposes embryonic stem cell research, preferring scientists to work with stem cells derived from other sources.

"We call for a major expansion of support for the stem cell research that now shows amazing promise and offers the greatest hope for scores of diseases — with adult stem cells, umbilical cord blood and cells reprogrammed into pluripotent stem cells — without the destruction of embryonic human life," reads the policy statement within the published Republican party platform. "We call for a ban on human cloning and a ban on the creation of or experimentation on human embryos for research purposes."

McCain's position also stands in stark contrast to his vice presidential pick Sarah Palin's personal opinion.

Continue reading "McCain Bucks Party Platform, Affirms Support for Embryonic Stem Cell Research" »

A notorious Turkish ATM hacker Cha0, who has been accused of torturing a police informant, was arrested Friday by Turkish officials -- despite the hacker's claim that not even the FBI could catch him, Turkey's Haber 7 reports.

In August, a fellow hacker-turned-informant who used the online nickname Kier accused Cha0 and his associates of abducting and beating him earlier in the year. Cha0 sent a photo of Kier -- pictured in only his underwear and holding a sign saying, "I'm a rat. ... I am fucked by Cha0" -- to Haber 7.

Kier disappeared a second time after telling reporters via an e-mail that Cha0 was protected by Turkish officials. Cha0 denied any role in the second disappearance.

"I always had a question mark on my mind on where Cha0's men got the resources," Kier wrote the reporters in Turkish. "I found out firsthand when I had a weapon pointed at my head."

ChaO's real name is Cagatay Evyapan, according to the report, and the outlet says it will publish a secret interview with the hacker on Monday.

A well-known figure in the credit card fraud underground, Cha0 markets a high-quality ATM skimmer and PIN pad that fraudsters can covertly affix to certain models of cash machines. The skimmer records the magstripe data on a consumer's debit or credit card as they feed it into an ATM, while the PIN pad overlay stores the user's PIN. The stolen magstripe data can later be encoded onto a blank card and used to make withdrawals from victims' accounts.

Cha0's banner ad on DarkMarket shows a cartoon man wading through a house full of cash. "Is that you?" the text asks. "Yes. If you bought [a] skimmer and PIN pad from Cha0."

In April, Miami Beach police busted a ring of Bulgarian nationals who'd allegedly been planting skimmers on area ATMs for two years. The gang installed pinhole cameras in the ceiling of the ATM to record the PIN numbers. They allegedly used the stolen data to pull more than $160,000 from bank customer accounts in the span of just two weeks last February.

UPDATE 9/15: Haber 7 also has video of the raid, including shots of credit card-related equipment one is not very likely to have lying around one's house.

Photo courtesy Haber 7

See Also:

• Hacker Reportedly Kidnaps and Tortures Informant, Posts Picture as ...

Kevin Cogill, the California man criminally charged on allegations of unlawfully uploading pre-released Guns N' Roses songs, is seeking financial assistance to pay his legal fees.

Arrested last month, the FBI said (.pdf) the 27-year-old man confessed to uploading nine songs on June 18 to his music site antiquiet. A day after the uploading, according to the FBI, an investigator with the Recording Industry Association of America alerted the FBI.

Financial assistance can be made here.

"I am trying to take full responsibility for my predicament. I consider the burden of legal fees ultimately mine to bear; I have independently raised the funds required to retain my attorney. However, it has definitely been by far the biggest expense I have ever faced in my entire life, and my resources are very limited while formidable costs shall continue to pile up. It’s beyond daunting, being a single independent citizen facing a full-force prosecution by the most powerful government in the world," Cogill wrote on his web site.

Cogill is charged with one count of violating Title 17, United States Code Section, 506 (a) (1) (C). The copyright infringement charge is related pre-released material, "distribution of a work being prepared for commercial distribution by making it available on a computer network accessible to members of the public."

The charge is a "felony punishable by imprisonment for not more than three years or, if the offense was committed for commercial advantage or private financial gain, for not more than five years."

The Los Angeles man remains free on $10,000 bond following last month's arrest.

See Also:

• FBI: Uploader Confesses to Pre-releasing Guns N' Roses Tracks
• FBI Arrests Alleged California Music Pirate
• Former OiNK Users Arrested in United Kingdom
• New Oink Not Likely Hog Heaven
• Oink Wannabe -- Waffles.fm -- Scrambling to Fill Membership Orders ...
• Pass the Syrup: Waffles Promises to be Next Oink -- Update
• Tagoo Emerging as the Russian Napster?
• Pirate Bay Future Uncertain After Operators Busted
• The Pirate Bay Hit By Another Legal Volley
• Five days of camp Chaos, or hacking from a tent

Two months ago, President Bush won congressional approval to immunize the nation's telecommunications companies from lawsuits accusing them of helping Bush funnel Americans' electronic communications to the National Security Agency without warrants -- all in the name of national security following the Sept. 11 terror attacks.

But the telecoms, facing 36 lawsuits commingled as one in a San Francisco federal court, still haven't been granted immunity in the lawsuits alleging they breached their customers' Fourth Amendment right to privacy. On Friday, however, Justice Department special counsel Anthony Coppolino said the government would comply with the immunity bill's procedural hurdles by Sept. 19 to seek blanket immunity on behalf of the companies.

Whether U.S. District Judge Vaughn Walker would abide by the government's wishes is an open question. Last year, Walker refused to dismiss the cases on other grounds.

"It’s a brand-new statute, hot off the government printing press," Walker said in a hearing Friday.

In response to Coppolino's remarks, Walker set a Dec. 2 hearing, in which he would allow the Electronic Frontier Foundation to challenge the immunity legislation Congress passed July 9 in a bid to keep the lawsuits alive.

It's not the first time the government moved to dismiss the cases. Originally, the government claimed the so-called "state secrets privilege." The privilege generally requires judges to dismiss lawsuits if the government claims they threaten to expose state secrets.

The privilege usually prevails, but Walker ruled against the government and kept the cases alive. The government appealed, but successfully lobbied Congress to adapt legislation as an end-run around Walker's decision.

The EFF said the measure is unconstitutional. In court briefs, they cite five reasons:

They are:

1.    Congress violated the separation of powers by attempting to usurp judicial authority to decide the Fourth Amendment claims of millions of ordinary Americans who have been, and continue to be, subjected to dragnet surveillance for the past seven years.

2.    Congress exceeded its constitutional authority by passing legislation that grants to the Executive the discretion to essentially dictate the outcome of specific, pending litigation.

3.    The statute improperly requires dismissal of claims of illegal surveillance between September 11, 2001 and January 17, 2007 based not on a judicial finding about the facts of the surveillance or the legality or constitutionality of the surveillance, but instead merely based on a 'certification" from the attorney general that some unknown member of the Executive branch told the carriers that some undescribed surveillance is 'lawful.'

4.    The legislation denies due process to the plaintiffs by granting to the Executive, rather than the courts, the essential decision making about their constitutional and statutory rights.

5.    The legislation purports to grant the Executive a unilateral right to require that the court keep secret not only the evidence, but also its own decisions.

Among other things -- if the legislation stands -- the telecoms are off the hook if the Justice Department can prove, in sealed documents to the court, that the telecoms' assistance was, among other things, the result of a court order; or authorized under the Protect America Act of 2007 or was approved by the president and designed "to detect or prevent a terrorist attack, or in activities in preparation for a terrorist attack, against the United States, and the subject of a written request or directive."

"Here is the latest court document (.pdf) on the long-running case. The exhibit at the end of the document contains the legislation at issue.

See Also:

• Senate Approves Telecom Amnesty, Expands Domestic Spying Powers
• Dems Agree to Expand Domestic Spying, Grant Telecoms Amnesty
• Netroots Activists Mad at Obama for Spy Bill Flip-Flop
• Judge: President's 'State Secrets' Privilege Can't Shield Wiretapping
• ISPs Will All Spy on Their Customers, Professor Warns
• Gonzales Violated Security Rules with Spy Docs, Lied to Cover it Up
• Bush Signs Spy Bill, ACLU Sues
• AT&T Whistleblower: Spy Bill Creates 'Infrastructure for a Police ...
• McCain: I'd Spy on Americans Secretly, Too
• Only Government Can Argue in Secret Spy Court, Feds Say
• EFF and Feds Battle Over Dormant Spy Lawsuit as Immunity Battle Awaits

The Pirate Bay, the controversial BitTorrent tracking site in Sweden, has become ensnared in a grisly, high-profile scandal involving the online circulation of autopsy pictures of two murdered children.

The incident is the latest of a string in which The Pirate Bay has hit the headlines because of its founders' unbending stance that changing their policies would impinge upon freedom of speech and access to information.

In this latest dispute, the Swedish media are focusing on The Pirate Bay's refusal to remove the links to the torrents of photos uploaded to the internet by its users of photos of two dead children.

The photos are from a police case file concerning the murder of two toddlers in March in Arboga, a town in the Southeastern part of Sweden. The case is being heavily covered by the media.

The father of the children has asked the operators of the site to remove the links, but they've declined to do so, based on the group's anti-censorship policies.

The Pirate Bay's co-founder Peter Sunde in a post on his personal blog asks why the Swedish media isn't focusing either on the individual who had uploaded the photo, or on the country's laws regarding the way the government classifies information and provides access to government documents. In this case, someone had accessed the police investigation file, uploaded a torrent file of the photo onto the internet, and linked to the torrent on The Pirate Bay.

Under Swedish law, most documents generated by the government are made available to the public unless specifically deemed secret by the courts. In this case, the documents were not sealed by the court.

The operators of the site announced on their blog Friday that they would no longer speak with the media after an incident on a Swedish television station, which Sunde effectively characterized as an ambush.

"Due to last nights failure from the entity of respected traditional media to keep promises we have decided to suspend all of our contacts with the press for the time being," reads the post. "All planned and booked interviews are to be considered suspended. All future interviews are to be considered impossible. We have no longer any interest in participating in traditional media since it's apparant that thet are not trustworthy or willing to adopt (sic.)"

"The mail sent to the press spokes person will not be read. The phone will not be answered."

The Pirate Bay has always been cautious of the mainstream media, but in 2006 let Wired.com's Quinn Norton into its inner circle, where she wrote about the group, the issues and the technologies extensively.

But when he arrived at the studio, he was faced with the father of the children who was participating remotely, and asked what he had to say to him, he recounts in a long and angry blog post. 

"The media does not want to report that there are people who want to share the material," Sunde writes on his blog.

Instead, they want to pick on The Pirate Bay and go after sensational headlines, he writes.

"Nobody cares about contacting the prosecutor in this case, and asking why this is not classified."

"Pirate Bay has been described in Swedish media as 'publisher' of the photos, which is technically not correct," says Mikael Pawlo, an internet entrepreneur based in Stockholm who's been following the case. "But Pirate Bay only provides aggregated tracking information on the torrents, which are in turn distributed peer-to-peer, without ever being relayed through Pirate Bay."

But he adds: "Pirate Bay is also in practice the main distributor of information on how to download the photos."

He says that public opinion might have turned against the founders of The Pirate Bay because of one of its representatives' rude mannerism when he initially responded to the father's request.

Generally, it's been difficult to focus the discussion about The Pirate Bay's role and policy issues because the public is mainly concerned about the integrity of the children, and the actual impact that the internet distribution of the photos might have on the father, he says.

Sunde himself notes that the company has implemented filters on its system against pornography, and has stood up for its principles -- and that he personally is someone who is deeply invested in living an ethical life, citing his vegetarianism and philanthropic activities.

Nevertheless, based on incidents such as these, the media characterizes the operators of The Pirate Bay as "terrorists," and as people "totally without emotion," and as "bloodthirsty devils," he writes.

"Shame on you Sweden. And shame on you in the media," he writes in his blog post entitled "Grow Up Sweden!"   

See Also:

• Pirate Bay Renamed Beijing Bay After Olympics Tracking
• Pirate Bay Future Uncertain After Operators Busted
• Pirate Bay Says It Can't Be Sunk, Servers Scattered Worldwide
• Olympics Journalists' Complaints Crack Open Net Access A Bit in China
• The Pirate Bay Hit By Another Legal Volley
• Pirate Bay Calls Cops on Hollywood Big Shots
• US Funded Health Search Engine Blocks 'Abortion'

Barack Obama's campaign released a new television ad Friday that mocks John McCain for being out of touch with voters' lives and the economy. The ad uses McCain's admission earlier this year that he's computer illiterate as a sign that he's been unable to adapt to the modern world.

"1982. John McCain goes to Washington. Things have changed in the last 26 years, but McCain hasn't," says a voice-over in the ad against shots of a Rubik's Cube, a disco ball, a massive cell phone and an old computer. "He admits he still doesn't know how to use a computer, can't send an e-mail, still doesn't understand the economy, and favors $200 billion in new tax cuts for corporations, but almost nothing for the middle class. After one president who's out of the touch, we just can't afford more of the same."

Responding to the ad, McCain's online outreach manager Patrick Hynes shot back: "The ad is a joke. After they hyped it so heavily in The New York Times I can only assume nervous Democrats are embarrassed for the Obama campaign."

McCain has been on the receiving end of widespread ridicule this year after admitting that he doesn't know how to use a computer, and for not using e-mail -- something that's now a part of everyday life for many Americans. He's subsequently said that he's learning.

"I think he said it because he knows, in fact, he's removed from the day-to-day challenges people have faced in their lives," said Rep. Rahm Emanuel, D--Illinois, co-chairman of Obama's national campaign in a conference call this morning. "And you see it manifest itself in the personal things -- when he says, you know, I don't use a computer. I don't use e-mail. There's a whole economic revolution going on that has fundamentally changed the economy and fundamentally changed people's lives, and he is removed from it."

During his nominaton speech at the Republican National Convention, McCain acknowledged the challenges that Americans face in the networked global economy, as have his advisors. One of McCain's workforce proposals is a worker-retraining program that would provide financial help to laid-off workers. He's also proposed a new unemployment insurance program to retrain laid-off workers.

We should all feel safer now that Google's YouTube has unveiled new guidelines that will not tolerate uploaded videos "intended to incite violence or encourage dangerous, illegal activities that have an inherent risk of serious physical harm or death."

Viewers of the popular video sharing site instead will have to use Google's search engine to find them elsewhere. Or, better yet, just turn on the boob tube and click onto any broadcast or cable network.

Sen. Joe Lieberman, the Independent from Connecticut, asked for the YouTube changeover. YouTube originally balked on First Amendment grounds, but changed course Wednesday.

"YouTube was being used by Islamist terrorist organizations to recruit and train followers via the internet and to incite terrorist attacks around the world, including right here in the United States, and Google should be commended for recognizing that," Lieberman said, coincidentally on the seventh anniversary of the 2001 terror attacks on the United States.

"I expect these stronger community guidelines to decrease the number of videos on YouTube produced by Al Qaeda and affiliated Islamist terrorist organizations," he said.

Here are YouTube's updated "Community Guidelines."

"While it might not seem fair to say you can't show something because of what viewers theoretically might do in response, we draw the line at content that's intended to incite violence or encourage dangerous, illegal activities that have an inherent risk of serious physical harm or death. This means not posting videos on things like instructional bomb making, ninja assassin training, sniper attacks, videos that train terrorists, or tips on illegal street racing. Any depictions like these should be educational or documentary and shouldn't be designed to help or encourage others to imitate them."

As the race for the White House heats up, are political commercials included?

See Also:

• The Many Faces Of Sarah Palin Online
• Unleash Your Inner Political Voice: Create an Online Mashup With ...
• McCain Campaign Yanks 'Obama Love' Web Video
• Judge Orders YouTube to Give All User Histories to Viacom
• Google, EFF Applaud Veoh DMCA Ruling
• Next Week: Conference Reverse-Engineers the YouTube Election
• More on BGP Attacks -- Updated

As she demonstrated with her acceptance speech in St. Paul, Minnesota, last week, Republican vice presidential nominee Sarah Palin is a down-to-earth woman who is adept at humor.

It turns out that the governor of Alaska is even funnier, and even more direct, online.

The conservative superwoman and mother of five manages to blog, tweet and produce YouTube videos all in her spare time. She even raps.

"Everyone is so sexist!" she exclaims in her latest YouTube video, posted just hours before she was scheduled to do her first solo television interview with ABC News anchor Charlie Gibson.

Then she starts singing: "Sarah Palin is the best! Sarah Palin is so pretty, and she is in charge of the world today ..."

Palin doesn't just let off steam on YouTube. She also has a blog, where she posts frequent updates, complete with spelling mistakes.

Luckily, her ginormous online readership quickly alerted her to one of the most egregious. The word "Liberal" isn't spelled "liberel." She's already posted an explanation -- her fourth post of the day.

At the same time, she's posting tweets on subjects that range from the status of an old boyfriend who is now a janitor to Cindy McCain's cold demeanour.

Continue reading "The Many Faces of Sarah Palin Online" »

Sweeping legislation granting the U.S. Justice Department the ability to prosecute civil cases of copyright infringement sailed through the Senate Judiciary Committee 14-4 on Thursday, and is expected to hit the Senate floor for a vote soon.

One lawmaker from the 19-member panel, Sen. Joe Biden, did not vote, although several members voted by proxy. Biden, of Delaware, is the running mate to presidential contender Sen. Barack Obama, the Democrat from Illinois.

Hollywood, labor unions and manufacturers (.pdf) strongly backed the measure, while digital rights groups and others say it goes too far and is a gift to copyright holders who normally use the civil courts to sue copyright infringers. The Recording Industry Association of America, for example, has sued more than 30,000 individuals for infringement.

The Enforcement of Intellectual Property Rights Act, (.pdf) as we reported Tuesday, also creates a Cabinet-level copyright-patent czar charged with creating a worldwide plan to combat piracy. The czar would "report directly to the president and Congress regarding domestic and international intellectual property enforcement programs."

The bill, a nearly identical version the House passed last year, encourages federal-state anti-piracy task forces, the training of other countries about IP enforcement and, among other things, institutes an FBI piracy unit.

The House version does not contain language granting the Justice Department the ability to sue copyright infringers. The department does prosecute criminal acts of infringement, although rarely.

Biden's office did not immediately return inquiries concerning the vice presidential candidate's failure to vote.

Copyright Act violations carry penalties of up to $150,000.

The measure, SB 3325, was floated by Patrick Leahy, D-Vermont; Arlen Specter,  R-Pennsylvania; Dianne Feinstein, D-California and John Cornyn, R-Texas.

Voting For: Cornyn (by proxy); Lindsey Graham, R-South Carolina (by proxy); Charles Grassley, R-Iowa; Orin Hatch, R-Utah; Specter; Sheldon Whitehouse, D-Rhode Island; Benjamin Cardin, D-Maryland; Richard Durbin, D-Ilinois; Charles Schumer, D-New York (by proxy); Russell Feingold, D-Wisconsin; Feinstein; Herb Kohl, D-Wisconsin; Edward Kennedy, D-Massachusetts (by proxy); Leahy (by proxy).

Voting Against:  Jeff Sessions, R-Alabama; Jon Kyl, R-Arizona; Sam Brownback, R-Kansas, and Tom Coburn, R-Oklahoma.

Here is a link to all of the members.

Illustration psd

See Also:

• Proposed Copyright Law is 'Gift' to Hollywood, Groups Say
• Meet the Latest Copyright Scofflaw -- Meet the GOP
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits
• File Sharing Lawsuits at a Crossroads, After 5 Years of RIAA ...
• Google, EFF Applaud Veoh DMCA Ruling
• Universities Baffled By Massive Surge In RIAA Copyright Notices
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...

The government cannot force your cellphone provider to turn over stored records about your location without proving to a judge there is probable cause you have violated the law, a federal district court ruled Wednesday.

The ruling (.pdf) from Judge Terrence McVerry of the Western Pennsylvania U.S. District Court deals a blow to investigators who have been getting cellphone location data on in the past simply by proving to a judge that the information would be relevant to an investigation. That's the same standard used to force a telephone company to reveal the name and address of a subscriber.

McVerry upheld a February decision written by five magistrate judges, who found that the government's request for historic cellphone location data for a person required a stricter standard. Little is known about how often investigators ask for such data, since the hearings are one-sided and the decisions are almost never published so as not to tip off the targets.

However, the ruling does not hold force across the country, and as the government's objection to the ruling noted, other judges have disagreed with the logic of protecting this data as if it were very sensitive.

The orginal decision(.pdf) found that "location information so broadly sought is extraordinarily personal and potentially sensitive; and that the ex parte nature of the proceedings, the comparatively low cost to the Government of the information requested, and the undetectable nature of a [cellular service provider]'s electronic transfer of such information, render these requests particularly vulnerable to abuse."

The government appealed, arguing the records only reveal a phone's location when it is actually used and that there's no constitutional right to have these stored records protected.

"Wireless carriers regularly generate and retain the records at issue, and because these records provide only a very general indication of a user’s whereabouts at certain time in the past, the requested cell-site records do not implicate a Fourth Amendment privacy interest," the government wrote (.pdf).

But the friend-of-the-court brief (.pdf) from the Electronic Frontier Foundation and the Center for Democracy and Technology and others disagree -- arguing that law enforcement wants the data to pinpoint where a person was or is and that the data will only get more precise in the future.

"Law enforcement uses the fact that the suspect’s phone contacted the cell tower nearest his home to infer he is home, nearest the narcotic’s kingpin’s house to infer that they are together, nearest the drop off point  to argue that he was present when the contraband was delivered," the groups wrote. "One can also imagine that the government can ask for all the numbers that made calls through the tower nearest a political rally to infer that those callers attended the rally."

The distinction matters since generally speaking police officers don't need a warrant to plant a tracking device on a car, unless that vehicle goes onto private property. Tracking someone onto private property requires a warrant.

As for what the police need to prove to a judge in order to turn your cellphone into a tracking device -- that's a question that federal judges remain split on, despite the Justice Department's own recommendation that investigators get warrants based on probable cause.

See Also:

• Judges Still Can't Decide Legality of Cellphone Tracking
• Judges Reject Cellphone Tracking
• Cell-Phone Tracking: Laws Needed
• AT&T Invents Programming Language for Mass Surveillance
• ACLU Wants Cellphone Tracking Docs

Photo: Karl Baron/Flickr

By now, we're all familiar with Monday's human-and-machine-made technology blunder that caused United Airline's stock to crash more than 75 percent, a $1 billion free-fall in market capitalization in minutes.

A securities class-action against Bloomberg News is likely the next follow-up story to the debacle, in which traders and automated programs dumped the carrier's stock based on true news that the business wire regurgitated from a six-year-old Chicago Tribune article. The Trib's 2002 article said the carrier was seeking bankruptcy protection.

But because of the Communications Decency Act, those seeking to recoup their losses from Bloomberg might be out of luck, according to David Post, a Temple University legal scholar.

Post quotes Section 230 of the Communications Decency Act, which was part of the Telecommunications Reform Act of 1996. It says that, "No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider."

Post writes:

"It's not the most artfully drafted statutory section around (what exactly does it mean to 'treat' an entity 'as the publisher or speaker' of information?), but it has been interpreted -- somewhat controversially, but plausibly, in my own opinion -- to provide a near-blanket immunity for online information redistributors (like Bloomberg) from all liability arising out of that redistribution. (Important exception: the statute expressly provides that IP claims (e.g., copyright or trademark) are not affected by this provision).

"Bloomberg is clearly a 'provider of an interactive computer service' (defined as 'any information service, system, or access software provider that provides or enables computer access by multiple users to a computer server'), and the information that United had entered bankruptcy was clearly provided by 'another information content provider' (defined as 'any person or entity that is responsible, in whole or in part, for the creation or development of information provided through the Internet or any other interactive computer service'). So Bloomberg cannot be treated as the publisher or speaker of that information. I don't think we know for sure whether that would immunize it from e.g. Securities Act liability, for example -- but I'm pretty sure that it would.

"Among the interesting things about section 230 is that it only applies online. That is, had Bloomberg published the same information via a hardcopy newsletter, they'd have a liability nightmare on their hands. But because it was online, they have sec. 230 to protect them."

On Wednesday, Tribune blamed Google for the mishap. Google, too, is a news regurgitation machine.

Photo pingnews

See Also:

• Communications Decency Act Tipping Under Cuomo Kid-Porn Accord
• Net Censorship Law Struck Down Again
• FCC Free Wireless Spectrum Equals Censorship Technology Bonanza
• Judge Says You Can Sell Your CDs
• Roommates.com Not Immune From Discrimination Lawsuit, Appeals ...
• MySpace Sued Over 2006 Teen Suicide
• Court Strikes Down Internet Censorship Law Intended to Protect Kids
• Building Contractor Sues Google for Indexing Consumer Complaint

Both Barack Obama and John McCain will speak at a forum on public service this evening at Columbia University in New York.

The duo issued a statement Saturday saying that they would "join together" to mark the seventh anniversary of the September 11, 2001 attacks on the World Trade Center.

The forum is part of a two-day summit run by a 118-member coalition of non-profits called Service Nation.

The group wants to get more Americans involved in volunteering for public service initiatives. Last month, it entered a partnership with Facebook to help it to bolster its initiative.

The group has designated September 27th as a national 'day of action.' It's asking citizens to organize and participate in public service events around the country, and its organizers have set up this online map to enable people to find opportunities to volunteer locally, or to set up and publicize their own event.

If you're not near a television Thursday evening, but want to hear what the candidates have to say, you can watch the event online at MTV, where it will be streamed live.

John McCain's campaign on Tuesday launched a 'truth squad' to battle internet-driven rumors and blatant untruths about vice presidential pick Sarah Palin. But it was the McCain campaign that was truth-squaded Wednesday when a public policy group at the University of Pennsylvania called the campaign out for distorting its words to mislead voters.

Factcheck.org, a web site run by the Annenberg Public Policy Center, called the McCain campaign out Wednesday for releasing a television advertisement called "Fact Check" that suggests that Obama is the force behind the attacks that are zipping around the internet against Palin.

"Our article criticized anonymous e-mail falsehoods and bogus claims about Palin posted around the internet," wrote Brooks Jackson, director of Annenberg Political Fact Check, which runs Factcheck.org. "We have no evidence that any of the claims we found to be false came from the Obama campaign."

The center on Monday had posted a piece called "Sliming Palin" that debunked many of the internet chain e-mails and blog posts about Palin. The McCain campaign then released a television ad using the Factcheck.org logo along with a voice-over saying "The attacks on Governor Palin have been called 'completely false' ... 'misleading.'" The logo and voice-over were juxtaposed against a photo of Obama.

Annenberg Political Fact Check's Jackson further noted:

With its latest ad, released Sept. 10, the McCain-Palin campaign has altered our message in a fashion we consider less than honest. The ad strives to convey the message that FactCheck.org said "completely false" attacks on Gov. Sarah Palin had come from Sen. Barack Obama. We said no such thing. We have yet to dispute any claim from the Obama campaign about Palin.

Of course, there's nothing new about misleading political television ads, but the existence of web sites such as Factcheck.org bring a new level of transparency to the process.

Factcheck.org wasn't the only group complaining about the McCain team's integrity Wednesday. Ben Smith at The Politico reports that CBS asked YouTube to take down a McCain web ad that used a clip of evening news anchor Katie Couric saying "One of the great lessons of that campaign is the continued and accepted role of sexism in American life." The clip came from a comment that Couric made in reference to Hillary Clinton, but this ad was about Palin.

A McCain representative could not be reached for comment at the time of this posting.

Image: Chris Devers

See Also:

• McCain Campaign Launches Palin Truth Squad

A dozen special-interest groups urged lawmakers Wednesday to squelch proposed legislation that for the first time would allow the U.S. Justice Department to prosecute civil cases of copyright infringement.

The Enforcement of Intellectual Property Rights Act, (.pdf) scheduled to be heard in the Senate Judiciary Committee on Thursday, also creates a Cabinet-level copyright-patent czar charged with creating a worldwide plan to combat piracy. The czar would "report directly to the president and Congress regarding domestic and international intellectual property enforcement programs."

The bill, a nearly identical version the House passed last year, is strongly backed by the music and movie industries. The House and Senate versions encourage federal-state anti-piracy task forces, the training of other countries about IP enforcement and, among other things, institute an FBI piracy unit.

In a letter to the Judiciary Committee, the groups said granting the Justice Department the power to file civil lawsuits on behalf of Hollywood and others is "an enormous gift" to copyright holders.

"Movie and television producers, software publishers, music publishers, and print publishers all have their own enforcement programs," the letter (.pdf) said. "There is absolutely no reason for the federal government to assume this private enforcement role."

The dozen groups include American Association of Law Libraries, American Library Association, Consumer Federation of America, Consumers Union, Digital Future Coalition, Electronic Frontier Foundation, Essential Action, IP Justice, Knowledge Ecology International, Medical Library Association, Public Knowledge and Special Libraries Association.

The House version does not contain language granting the Justice Department the ability to sue copyright infringers. The department does prosecute criminal acts of infringement, although rarely.

If the Senate version becomes law, it is not immediately clear how the Justice Department's expanded powers would work in practice. For example, would the department assume the role of the Recording Industry Association of America, which has sued more than 30,000 people in the United States for copyright infringement since 2003?

Illustration psd

See Also:

• Meet the Latest Copyright Scofflaw -- Meet the GOP
• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• File Sharing Lawsuits at a Crossroads, After 5 Years of RIAA ...
• MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits
• Google, EFF Applaud Veoh DMCA Ruling
• Universities Baffled By Massive Surge In RIAA Copyright Notices
• Cablevision Scores Copyright Victory Against Hollywood

Wired.com's Threat Level blog won the 2008 Knight-Batten Award for Innovation in Journalism on Wednesday for finding a way to let you readers highlight the worst whitewashing of Wikipedia entries by corporations and governments.

Threat Level accepted the $10,000 award for editor Kevin Poulsen's post that combined a voting widget and internet superstar Virgil Griffith's WikiScanner application that let  readers find and highlight the worst self-interested anonymous edits to Wikipedia entries. The judges found that the tool "finally inserts an air of accountability to those who edit the site to fit their own agendas."

Readers used Griffith's clever WikiScanner to check the anonymous edits made from internet space assigned to a specific company or government agency. They then submitted the damning finds to a Reddit-powered voting widget for others to verify and vote up or down.

Some of the top whitewashes spotted by you citizen journalists?

Dow Chemical removing an entire section that included discussion of the Bhopal disaster, silicon breast implant problems and Agent Orange, for one.

Controversial voting machine maker Diebold deleted criticism of its electronic voting machines, while someone inside the Turkish government removed a reference to the Armenian genocide. Then there was the anonymous Exxon employee decided to make the Valdez oil spill disaster entry less damning -- and the FBI employee who took down an aerial photo of the Guantanamo Bay prison camp.

Of course, you readers should have gotten the award for finding, submitting and rating the spin jobs -- a really fine bit of citizen journalism that we are proud to have a small part in sparking.

But being privacy-respecting folks, we don't know who you are and will just have to accept the award on your behalf.

Knight-Batten also awarded $2,000 special distinction awards to Politifact.com and Ushahidi.

Congressional Quarterly and the St. Petersburg Times collaborated on Politifact.com, which rates campaign statement's accuracy and highlights false statements by candidates.

Kenyan techies launched Ushahidi, a site that mapped incidents of political violence ahead of the country's presidential election using accounts texted to the site by bloggers and citizen journalists.

Jacquelin Dupree won a $2,000 Citizen Media award for her one-woman chronicle of the changes to Washington D.C.'s Southeast/Ballpark district. Her site combines interactive maps and before-and-after photos, which the judges described as "an incredible wealth of information, especially impressive for a one-person effort."

Threat Level is thrilled to have won and is honored by the good company of the other finalists. And of course, deepest thanks to all you anonymous citizen sleuths.

A full list of the finalists and runners-up can be found here.

See Also:

• Vote On the Most Shameful Wikipedia Spin Jobs -- UPDATED
• Wikipedia Employee Edits Article on WikiScanner Creator -- UPDATED
• Japan and Germany Brace for Wikiscanner
• WikiScanner Creator Releases New Tools to Uncover Anonymous Edits

John McCain's campaign launched the Palin Truth Squad Tuesday. In a press release, the campaign stated: "The Palin Truth Squad will set the record straight against Internet and liberal smears of Governor Palin."
Despite this, the McCain web site still has a link to the Daily Kos on its web site, the originator of some of the online scuttlebutt.
Photo: Tom LeGro

John McCain's campaign on Tuesday unveiled a new squadron of politicians whose duty will be to battle perceptions that are quickly forming about the Republican party's vice presidential nominee Sarah Palin, the governor of Alaska.

The Republicans seem to have been fighting the battle since the moment that McCain announced his pick. Like Barack Obama, whose personal background and history were relatively unknown at the beginning of the presidential campaign, Palin has become the victim of multiple online whispering campaigns, and of partisan bloggers who have been ginning up stories about her record.

There's been so much flying around the internet within the past week and a half that the University of Pennsylvania's Annenberg Public Policy Center published a long list of rebuttals Monday against many of the e-mails and blog postings about Palin.

The post was titled "Sliming Palin." The bullet points address Palin's record on funding education in Alaska for special needs children, her record (or lack thereof) on 'censoring' books in Wasilla's library, whether she has an affiliation with the Alaskan Independence party, and several other subjects.   

The McCain campaign linked to the post this morning. So far, that seems to be the extent of its online fact-checking activity.

Unlike other online wars however, the smears against Palin might be a bit more difficult for the McCain campaign to battle.

For example, there are various photoshopped pictures of Palin making the rounds on the internet. One of them is of someone in a bikini holding what looks like a rifle. Palin's face has been superimposed on the picture. 

While the Obama campaign can try to debunk rumors about his religious faith, it's hard to imagine that the McCain campaign is going to put up a web page saying that Palin has never posed for a photograph semi-naked with a rifle.

Maybe they can just point people to the urban legend debunkers at Snopes.com.
 

In January 2003, the federal government proposed taking over the matching of airline passenger names against the government's list of suspected terrorists, since too many innocent people were being caught up in bad matches by the airlines.

In January 2009, the government plans to do just that, the Department of Homeland Security told Congress Tuesday -- saying that Secretary Michael Chertoff had just certified that the program works and protects people's privacy.

The current system has been dogged for years by sloppy name matches that have snared Sen. Ted Kennedy, a high-powered nun, small children and for a time, all men named David Nelson.

The latest version -- dubbed Secure Flight -- is far-removed from the version originally proposed in 2003. That program, known as CAPPS II, proposed to use fancy computer algorithms that would analyze commercial databases about potential travelers, in order to decide if a particular traveler merited a red, yellow or green terrorism score. That program was delayed many times after scandals over secret data-mining, Big Brother-like plans to use commercial data to rate passengers, and general mismanagement that forced Congress to repeatedly rein in the program.

By contrast, Secure Flight -- estimated to cost $1 billion over 10 years -- proposes to have airlines ask for more data -- including date of birth -- from travelers. The airlines would upload passenger lists to the Transportation Security Administration, which would then compare the lists themselves, The TSA says that since it will be more efficient at preventing name mismatches than airlines because the checking will all be centralized.

Homeland Security announced the certification in a hearing before a House Homeland Security subcommittee on Tuesday, where lawmakers again peppered officials from the TSA  and the Terrorist Screening Center with questions about why the watch lists keep snagging innocent Americans.

Terrorist Screening Center deputy director Richard Kopel confirmed Tuesday that the master watch list contains a million names referring to 400,000 different individuals, though only 3 percent -- or roughly 12,000 -- are Americans. TSC officials also said that the problem isn't that people are unfairly listed, but that more than 99 percent of the complaints they handle are misidentifications. The No-Fly and Selectee lists currently sent to the airlines include only a subset of the larger list, according to officials.

Those problems sound oddly familiar -- since it's the same one that government said it would solve when it proposed taking over the watch-list-matching and using a terrorism-scoring algorithm to figure out terrorists not yet on the list.

Then-Department of Transportation spokesman Chet Lunner told WIred.com in 2003, "Presently it's possible to be stuck in the computer system if you have the same or a similar name to someone on the no-fly list. We want to create a prompt, responsive system for citizen complaint resolution."

Currently, citizens who consistently can't get a boarding pass without a lengthy chat at the airline counter can try the DHS Traveler Redress Inquiry Program or contact each airline individually.

Washington, D.C., congressional delegate Eleanor Norton (D) dropped in for only a few minutes of today's hearing, but was clearly frustrated by the long-standing problem of mismatched names.

"You should give this problem to some high school nerds," Norton said. "It really speaks so poorly of this department that they haven't been able to figure it out."

TSA chief Kip Hawley tried to reassure the lawmakers that this go-round the government has a solution.

"We have built a system," Hawley said. "The privacy piece is in place, the tech is in place, the matching is done and the system is in place."

All that is left is getting the airlines to build IT systems to pipe the data back and forth and for the Congress's investigative arm - the GAO -- to certify Chertoff's certification, according to Hawley.

Hawley said six airlines were interested in being early adopters of the new system.

The program has repeatedly failed the GAO's audits over privacy concerns.

DHS officials have been blaming the airlines for the poor name-matching, but the GAO reported Tuesday that the TSA failed to issue clear instructions about how to match names and that in 2005, when it audited the airlines, it only checked if the airlines were good at exact matches against the No-Fly list:

Before undertaking revisions of the relevant security directives in 2008, TSA expected air carriers to conduct similar-name matching but TSA’s security directives did not specify how many and what types of such name variations air carriers should compare. Consequently, in interviews with 14 air carriers, we found ... some carriers compared more name variations than others; in addition, not every air carrier reported conducting similar-name comparisons.... Also, due to inconsistent air carrier processes, a passenger could be identified as a match to the watch list by one carrier and not by another.

The TSA tightened the rules about matching against the No-Fly list during the course of the audit, which the GAO found to be an acceptable interim solution.

See Also:

• No-Fly To Be Cleaned; Secure Flight Delayed
• US Terror Watch List Surpasses 900000 Names, ACLU Estimates - UPDATED
• Vulnerable TSA Website Exposed by Threat Level Leads to Cronyism ...
• Terrorist Watchlist Database Balloons
• 860000 Name Long Terror Watch List Scrutinizes Americans Most
• Terror Lists Long And Flawed
• Homeland Security Website Hacked by Phishers? 15 Signs Say Yes ...
• Airline Screening Update Delayed Three More Years

A group of community farmers, some of them Amish, are challenging rules requiring the tagging of livestock with RFID chips, saying the devices are a "mark of the beast."

Michigan and federal authorities say the radio frequency identification devices (RFID) will help monitor the travels of bovine and other livestock diseases.

"Use of a numbering system for their premises and/or electronic numbering system for their animals constitutes some form of a 'mark of the beast' and/or represents an infringement of their 'dominion over cattle and all living things' in violation of their fundamental religious beliefs," according to the farmers' lawsuit filed Monday in U.S. District Court for the District of Columbia.

As radio frequency identification devices become a daily part of the electronic age, RFID technology is increasingly coming under fire for allegedly being the mark of Satan. The technology is fast becoming a part of passports and payment cards and is widely expected to replace bar-code labels on consumer goods.

The suit (.pdf) mentions various verses from the Book of Revelation. "He causes all, both small and great, rich and poor, free and slave, to receive a mark on their right hand or on their foreheads, and that no one may buy or sell except one who has the mark or the name of the beast, or the number of his name." Revelation 13:16-17

The farmers' lawsuit, brought by the Virginia-based Farm-to-Consumer Legal Defense Fund and some of its 1,400 members, seeks to block enforcement of the National Animal Identification System. Some of the group's members so staunchly oppose the program that "they may have to quit farming," according to the lawsuit.

And if they quit, U.S. citizens could be in jeopardy during a terror attack. According to the lawsuit:

"All plaintiffs preserve and protect Americans' agricultural heritage and traditional farming techniques, they maintain and protect heirloom varieties of plants and animals constituting a valuable genetic resource which may help to protect America's food supply in the event of a disease outbreak, and they also provide a national security benefit founded in a diverse system in the event of a terrorist attack or natural disaster that interrupts the distant transportation of centrally produced food across the country."

They may quit farming and imperil the United States because RFID tagging "forces them to, in part, violate tenets of their Old Order Amish beliefs, i.e., they are forced to use technology they would ordinarily not use," according to the suit.

The lawsuit also claims the program places a financial burden on small farmers and that the U.S Department of Agriculture has failed to show "any rational relationship to or causal link with animal disease control."

See Also:

• E-Passport Hacker Designs RFID Security Tool
• Exclusive Defcon 16 Badge Sneak Peek
• Federal Judge in DefCon Case Equates Speech with Hacking ...
• E-Passports Signed, Sealed, Delivered -- But Not Like You May Think
• Senate Introduces IP Reform Bill Bolstering Enforcement
• French Bulldog at Heart of RFID Tumor Story

Those with a blending of political and prurient interests might be inclined to open a spam e-mail from obamasex@obama.com that blares "Barack Obama sex story with girl" in the subject line.

Researchers, however, cautioned Tuesday that it's not OK to click on the e-mail's short porno purporting to show the Democratic senator from Illinois getting it on with Ukrainian girls, security laboratory Websense reported.

The weak-minded who click the video get a short porn snippet that coincidentally turns out not to be the presidential candidate performing acts deemed illegal in many states. Yet the footage is so good even the viewer gets screwed.

While the video plays for 14 seconds, malicious applications are installed on the victim's computer, researchers reported. Voila, a trojan is installed, an information-stealing application, Websense said, that posts a user's data to a compromised Finnish travel site, hxxp://*snip*-hotel.com/.

In June, we warned you of similar Obama e-mail spam whose subject lines screamed: "Scandal rocks Obama as lurid sex video leaked."

Those spam messages seem a lot sexier, but no less vicious, than the trojan-seeding spam we reported on Monday that accuses readers of copyright piracy. That e-mail installs the mytob worm.

See Also:

• BitTorrent Spam Seeding Trojan Virus
• Spam King and Family Dead in Apparent Murder-Suicide
• Black Hat: DNS Flaw Much Worse Than Previously Reported
• Anti-Robocall Crusader Pushes for a Crackdown on Political Phone ...
• Ameritrade Hack Settlement: $2 Per Victim, $1.8 Million for Lawyers
• Spammers Capitalize on Barack Obama's Celebrity Status
• Judge Scuttles Ameritrade Hacking Settlement
• DDoS Attacker Pleads Guilty, Agrees to Two Years' Prison
• ISPs' Error Page Ads Let Hackers Hijack Entire Web, Researcher ...
• Google, Yahoo, Facebook Extensions Put Millions of Firefox Users ...
• Anti-P2P Company Gets Bit by the Torrent
• Even the Hackers Are Nervous

Fred Graver, executive director of Remix America (left,) and staffer Noel Hidalgo (right) attended both the Democratic and Republican national conventions, where they collected footage of the events that unfolded, and uploaded them for remixers to reinterpret online.
Photo: Steve Peterson

In "Wake Up America -- Techno Mix," an online video mashup, Ohio congressman and Democrat Dennis Kucinich's impassioned speech at the 2008 Democratic National Convention has been integrated into an upbeat (some might say jarring) techno-track that you very well might hear at the gym. The minute-long mashup could be interpreted as a postmodern call to action by a denizen of the online world who seeks to amplify the message.

"Wake Up America" is just one out of several mashups that emerged from both of the political conventions this summer. It was enabled by a nonprofit organization called Remix America, headed by the triple Emmy Award-winning comedic television writer Fred Graver, who co-founded the group with his former boss and colleague Norman Lear earlier this year.

The remixes coming out of the conventions are a result of the first major project undertaken by this ambitious new nonprofit organization. The idea behind the nonpartisan project is to engage a segment of the online population in political ideas and expression, and to provide them an online 21st century, postmodern town hall.

The key differences between Remix America and sites like YouTube: Remix America is a nonprofit, and it provides users with an online video editing tool licensed from New York City startup Kaltura. That obviously widens the number of people who can collaborate on and create video mashups online.

Once registered, users can upload their own video footage and sound clips to the site, search YouTube for footage, or use video clips already uploaded to Remix America.

Graver scored funding for the project from The Lear Foundation after convincing Lear, the legendary television producer, that there was enough political activity online to warrant a centralized site where politically oriented remixers could congregate. Lear might also have been persuaded since he has a personal interest in getting young voters involved in politics. He founded the nonprofit Declare Yourself in 2003 to mobilize and register voters between the ages of 18 and 29.

"I thought to myself: Gee, there's a whole culture out there, but nowhere for them to go except YouTube, it's all a bit amorphous," Graver says.

Wouldn't it be cool too, both he and Lear thought, if the remixers' multimedia opinions could be put in the context of the big ideas that have driven American political trends and history?

To that end, Remix America has uploaded hundreds of hours worth of archival footage of landmark political speeches and moments in American history. That footage is accessible on the site under "The American Playlist," which Graver says contains "200 plus expressions of the "Great American Ideals -- everything from the Declaration of Independence to readings of the Gettysburg Address, speeches from Franklin Delano Roosevelt and video after the 1950s."

A (tongue in cheek?) example of how the remixers are carrying out this idea comes from someone named "geoffgresh," who created "Obama Returns." The video re-casts  Sen. Edward Kennedy's (D-Mass.) Tuesday speech as a heralding of the arrival of a political superhero.

The mashup uses clips from Superman Returns, footage from the convention, and archival footage of John F. Kennedy and Martin Luther King speeches to make its point.

Here's our question for Threat Level readers: Do you have a budding Ken Burns, Michael Moore or Floyd Brown inside of you?

Threat Level challenges you to share your 2008 presidential campaign perspective as expressed through a mashup, using the online editing tool provided by Remix America. The site's managers have uploaded hours and hours of convention footage, but they've also enabled users to upload footage from other sources. Graver has created an online video tutorial that gives you a quickie tour of the site's functionality. And here's the site's Terms of Service (if you were wondering.) All content uploaded to the site is automatically licensed with a Creative Commons Attribution-Share Alike license.

We've created a Reddit widget below that enables you to submit your mashups and to vote on each others' submissions. (Click on the mashup's title to see the video.) We'll give you until the end of the week to submit and vote on videos.

If we receive a critical mass of submissions and votes, we'll create a gallery of the top-rated videos, as rated by you.

Have fun!

Show mash-ups that are: hot | new | top-rated or submit your own mash-up

Submit a Mashup

While you can submit as many mashups as you want, you can only submit one every 30 minutes. No HTML allowed.

Back to top

See Also:

• McCain Campaign's Obama-Britney Video Spurs A Backlash Online
• Opposed to Wiretap Amnesty? Run a TV Ad for Six Bucks
• Democrats Launch MashUp TV Crowdsourcing Effort Aimed at Republicans
• Yahoo's Presidential 'Mashup Debate' Won't Support Mashups
• HuffPost & Slate Unveil Prez Debate Mash-Up Plans
• Yahoo's Mashup -- The Results Are In
• Democrats' FlipperTV Fuels Anti-McCain Mash-ups Online
• Start a Nonprofit and Join Election '08 YouTube Free-For-All
• It's  A Wrap:Romney Campaign's Dorito-Inspired Ad Contest

Continue reading "Unleash Your Inner Political Voice: Create an Online Mashup With Remix America and Kaltura" »

Here's the latest way to score big in the stock market.

First, hack into dozens of online traders' brokerage accounts. Next, buy hundreds of thousands of shares of selected stocks using your hacked accounts, a move that largely moves up the stock price. Then sell your own shares of the same stock that you already owned and profit millions.

It's like stealing candy from a baby. The only problem with the plan -- known as a "hack, pump and dump scheme" -- is that it's illegal in so many obvious ways.

Just ask Thirugnanam Ramanathan, a 35-year-old man from India who was sentenced Monday to two years in prison by a U.S. judge for undertaking such a scheme (.pdf) after pleading guilty (.pdf) and agreeing to pay restitution and cooperate. Two others have also been indicted in the overseas conspiracy to defraud U.S. investors.

The trio is accused of stock manipulation via hacking into individuals' accounts held by TD Ameritrade, Fidelity and, among others, E*Trade.

Stocks traded included Acorda Therapeutics, CTR Investments & Consulting, IGI, Conversion Services International, Pressure BioSciences, Citizens Financial and, among others, American Access Technologies.

At least 60 online traders using nine brokerage firms were victimized from late 2006 through 2007, the authorities said.

See Also:

• Federal Judge in DefCon Case Equates Speech with Hacking ...
• Kevin Mitnick Tells All in Upcoming Book -- Promises No Whining
• Federal Judge Throws Out Gag Order Against Boston Students in ...
• White House Task Force Proposes Criminalizing Harmless Hacks
• Israeli Hacker Known as "The Analyzer" Suspected of Hacking Again
• Despite Rumors, Republican VP Candidate Is No Hacker
• UK Hacker Gary McKinnon Plays the Asperger's Card
• Hacker Reportedly Kidnaps and Tortures Informant, Posts Picture as ...
• Love of Cats Was Six Flags Hacker's Downfall
• Indicted Federal Informant Allegedly Strong-Armed Hacker Into ...
• Hacker, Counterfeiter Comes Clean Ahead of Prison Stint

This isn't a story about security (although it is about securities), but it's so remarkable I thought I'd include it here anyway.

A worker at a Miami investment advisory firm called Income Securities Advisors, which publishes news alerts that get distributed through the Bloomberg News Service, did a Google search on bankruptcies this morning and got back search results that included a six-year-old story published in the South Florida Sun Sentinel about the 2002 bankruptcy filing by United Airlines.

The employee mistook the news for a current story -- despite the date clearly marked on it (see update below) and other information in the article "that would clearly lead a reader to the conclusion that it was related to events in 2002" -- and included it in a subscription newsletter that was distributed through Bloomberg.

Panic ensued, as they say, and United Airlines stock price plummeted 75 percent (down from $12.30 to $3 a share) before someone realized it was an old news story and things righted themselves. The stock rebounded to $10.92 a share by Monday's closing. But not before United Airlines contacted the Sun Sentinel and demanded the newspaper retract its (6-year-old) story.

UPDATE 1: The head of Income Securities Advisors is now saying that the article had a current date on it. Or maybe the article had no date on it. His account to various news outlets is inconsistent.

Either way, what seems to be clear is that the archived article appeared within a frame of current headlines -- which is how many web sites display archived material, to draw readers to current stories. What could have happened, was that the person who read it didn't see a date on it but saw current headlines around it and jumped to the conclusion that the United Airlines piece was current.

UPDATE 2: The story gets more convoluted and more interesting. According to a follow-up investigation, the article in the Sun Sentinel's archive had no date on it. But when Google's spider grabbed it, it assigned a current date to the piece, which then resulted in the article being placed in the top results of Google News. When the employee from Income Securities Advisors ran a Google search on "2008 bankruptcies," the old United Airlines story appeared as the top link in the results, with a September 6, 2008 date on it. (Google has now released a screenshot that shows the UAL story as it appeared on the Sun Sentinel web site. The only date in the screenshot is September 7, 2008, the date Google accessed the page. There is no date under the story's headline to indicate when it was published.)

At 11 am Monday, the employee added the story to a feed that is included in a Bloomberg subscription service and within minutes, 15 million shares of United Airlines stock had been sold before trading on the stock was halted.

As I wrote at the top of this post, it's surprising something like this hasn't happened before.

But, unfortunately, it looks like the wrong lessons are being learned from this. Richard Lehmann, president of Income Securities Advisors, told the Washington Post that the incident "shows (that) the market apparently reacts to a headline as much as anything else."

He acknowledges that it would have been nice if his employee "had been more grounded in what's going on out there in the world." Presumably he means that if his employee had read the article carefully, he or she would have noticed information in the piece that made it obvious it was referring to a 2002 bankruptcy and therefore didn't jibe with the 2008 publication date on the piece. But Lehmann nonetheless attributes the whole problem to how the stock market reacted to his employee's action, not to the action itself.

"The fact that this happened with a major corporation like United based on one headline coming across Bloomberg, that you'd get this kind of knee-jerk reaction, there's something wrong with the trading mechanism," Lehmann said.

Actually, the market reacted exactly the way someone would expect it to react to a headline like this.

The problem wasn't the market, it was the newspaper's archive, which stored the story without a publication date attached to it -- not a completely uncommon occurrence.

The problem was also a by-product of how information is published instantly these days, and passed around the internet, without any independent vetting. The fact that Bloomberg's news service publishes content provided by non-journalist sources -- such as Income Securities Advisors -- without having an editor vet the material first, puts the news service at risk of being caught up in a mistake like this again.

But the problem isn't just Bloomberg. We're all at risk of doing this today when all it takes to publish something is to click "send," and when blogs and mailing lists propagate information that's published elsewhere without independently verifying it. Let's say the information in the United Airlines article wasn't obviously about a 2002 bankruptcy filing. There wouldn't have been any obvious red flags to make someone question the publication date on the piece. Someone would have caught the mistake only if Bloomberg had a regular policy of independently verifying information before sending it to subscribers.

Prior to the internet, if a news outlet like Bloomberg picked up information that another news publication broke, Bloomberg would have made phone calls to vet the information -- as much as that was possible -- before publishing its own story about the subject. That still happens in the case of articles that are published in the print versions of newspapers. But that happens much less with information that's picked up on blogs, and it almost never happens with information that's picked up by online mailing lists and newsletters.

There's some ingenious virus-laden e-mail spam making the rounds right now.

The latest warns that if you use various illicit BitTorrent freebie sites -- your usage is being tracked. BitTorrent porn super users might be more likely than others to be sucked into opening a virus-filled attachment in the e-mail that purports to detail the violations.

The e-mail looks like it comes from Los Angeles-based MediaDefender – Hollywood's hired guns that ferret out online privacy. The e-mail isn't from MediaDefender and is sent out at random, victimizing the unsuspecting.

It has been getting a lot of people's attention because millions of people use BitTorrent trackers that point the way to free music, movies, software, games and more. Systems affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003 and Windows XP.

The e-mail warns:

"We have attached a report about the copyrighted movies, music, software you
downloaded or searched on these web pages. We strongly advise you to stop any
future activities regarding the downloading of illegal content or you can
expect prosecution by 17 U.S.C. §§ 512, 1201?1205, 1301?1332; 28 U.S.C. §
4001 laws."

Regarding that virus, Threat Level's friend, the always clued in Ernesto at TorrentFreak, informs that it's the pesky mytob worm (W32.Mytob@mm) that installs a trojan, and allows outsiders to gain access to your computer.

Photo allspice1

See Also:

• Spam King and Family Dead in Apparent Murder-Suicide
• Black Hat: DNS Flaw Much Worse Than Previously Reported
• Ameritrade Hack Settlement: $2 Per Victim, $1.8 Million for Lawyers
• Spammers Capitalize On Barack Obama's Celebrity Status
• Judge Scuttles Ameritrade Hacking Settlement
• Beset By Smears, Obama Launches His Own Personal Snopes.com
• Online Campaign 2008: A Phishing Bonanza?
• Details of DNS Flaw Leaked; Exploit Expected by End of Today
• Zombie Computer Army Targets Bank Account Passwords
• Citibank Hack Blamed for Alleged ATM Crime Spree
• Homeland Security Website Hacked by Phishers? 15 Signs Say Yes ...
• DDoS Attacker Pleads Guilty, Agrees to Two Years' Prison

It's all over: Years of planning, hours of speech-writing, millions spent on creating the venues to host thousands of Democratic and Republican convention attendees.

What remains are the words that the politicians spoke (or didn't), and the promises they made.

To re-cap those words, we thought we'd create a Wordle gallery of the most notable candidates', spouses', and supporters' speeches.

Wordle is an online application created by IBM's senior software engineer Jonathan Feinberg. Using text entered by its users, it creates visually alluring "word clouds" that show you the frequency at which words occur within that text. The more often a word occurs, the bigger it appears in the cloud.

Michelle Obama

Mark Warner

"America has never been afraid of the future, and we shouldn't start now," said former Virginia Governor Mark Warner during his keynote speech during the second night of the 2008 Democratic National Convention. Warner supports net neutrality, and he's running to be a Virginia senator.
Image: Wordle.net

Hillary Clinton

"Whether you voted for me, or voted for Barack, the time is now to unite as a single party with a single purpose. We are on the same team, and none of us can sit on the sidelines," said Hillary Clinton Tuesday night at the 2008 Democratic National Convention in Denver.
Picture: Wordle.net

Continue reading "The Democratic And Republican National Convention Speeches, As Seen Through Wordle" »

Tenenbaum and three Canadians were arrested for allegedly hacking the computer system of a Calgary-based financial services company and inflating the value on several pre-paid debit card accounts before withdrawing about CDN $1.8 million (about U.S. $1.7 million) from ATMs in Canada and other countries. The arrests followed a months-long investigation by Canadian police and the U.S. Secret Service.

Tenenbaum faces six counts of fraudulent use of credit card data and one count of fraud over $5,000. He remains in custody in Calgary without bail, though the three other suspects -- Priscilla Mastrangelo, 30, Jean Francois Ralph, 28, and Sypros Xenoulis, 33 -- have been released on bond, according to a Canadian media report.

An Israeli media outlet contacted Tenenbaum's mother, but she didn't know if it was her son who had been arrested. She told the reporter that her son spends time in France and Canada and that she tried to contact him after news of the arrest went public, but she was unable to reach him.

Tenenbaum was 19 when he was arrested in 1998 along with several other Israelis and two California teens in one of the first high-profile hacker cases that made international news. Tenenbaum and his fellow Israeli hackers referred to themselves at the time as the Israeli Internet Underground or the "Enforcers." According to Israeli court documents, their activities began when one of the Israelis asked Tenenbaum to help him hack into the computer system of the Sde Boker Seminary -- a college in Israel's Negev Desert -- in order to read the e-mail correspondence of a female.

Tenenbaum then used sniffer and Trojan horse programs to break into computer systems belonging to two Israeli ISPs and obtain user names and passwords of customers. He used the hi-jacked customer accounts to breach other computer systems belonging to all of the universities in Israel, the web sites for the Israeli parliament and Israel's president as well as a system belonging to Hamas, a militant Palestinian organization. An attempt to breach the computer system of the Israel Defense Forces failed.

Tenenbaum, who referred to the California teens as his pupils, taught his accomplices how to hack into U.S. systems and gave them sniffer and Trojan programs to assist them. Although Tenenbaum's attacks were unsophisticated -- they simply exploited a long-known vulnerability in the Solaris operating system that had been left unpatched -- he and his cohorts were nonetheless able to breach systems belonging to the Department of Defense, the Air Force and Navy, NASA, MIT, and several U.S. Ivy League universities.

The attacks on the U.S. military systems came at a time of high alert in the Middle East when Iraqi President Saddam Hussein was defying U.N. weapons inspections. U.S. authorities were so unsettled by the breach of military computers -- which they called "the most organized and systematic attack" that had occurred to date -- that a joint investigation was launched by several government and military agencies, dubbed Operation Solar Sunrise, to track down the source of the threats.

Tenenbaum was caught after the two California teens were arrested.

Israel's then-prime minister Bibi Netanyahu called Tenenbaum "damn good" after learning of his deeds. But added that he was also "very dangerous, too." The hacker was eventually sentenced in 2001 to six months of community service in Israel. By then, he was working as a computer security consultant.

See also:

• Kevin Mitnick Tells All in Upcoming Book -- Promises No Whining
• Feds Charge 11 in Breaches at TJ Maxx
• E-Gold Gets Tough on Crime
• I Was a Cybercrook for the FBI
• Confessions of a Cybermule
• Secret Service Operative Moonlights as Identity Thief

Seattle-based rock band Heart on Friday informed the GOP it was not amused with the John McCain-Sarah Palin ticket.

Late Thursday, the group's hit song "Barracuda" was blaring in the background when the presidential hopefuls kicked off their campaign at the Republican National Convention in St. Paul, Minnesota.

Heart's publishers -- Universal Music and Sony BMG -- sent the Grand Old Party a cease-and-desist notice, marking the third time in as many months the GOP has been accused of hijacking copyrighted works as it jockeys for the White House. All the while, the party was threatening to sue CafePress for hosting an online venue for vendors to hawk trademarked GOP-related regalia like T-shirts, stickers and portrayals of the elephants.

"We have asked the Republican campaign not to use our music," Ann and Nancy Wilson wrote on their web site.

It's not the first time the Republican Party has been accused of misappropriating copyrighted music this election season. Last month, singer Jackson Browne sued the party in federal court alleging copyright infringement when "Running on Empty" played in a McCain campaign commercial.

Browne, who doesn't allow his works to be used in advertisements, is seeking damages in excess of $1 million.

And in July, a McCain fund-raising campaign hit known as the "Obama Love" video, was removed from YouTube because it used Frankie Valli's hit tune "Can't Take My Eyes Off Of You" without permission.

Warner Music asserted its copyright claim against YouTube, which was cause for the takedown. McCain's campaign has re-posted the video, sans Warner's intellectual property.

See Also:

• Judge: Copyright Owners Must Consider 'Fair Use' Before Sending ...
• File Sharing Lawsuits at a Crossroads, After Five Years of RIAA ...
• MPAA Says No Proof Needed in P2P Copyright Infringement Lawsuits
• Google, EFF Applaud Veoh DMCA Ruling
• Universities Baffled By Massive Surge In RIAA Copyright Notices
• Cablevision Scores Copyright Victory Against Hollywood
• McCain Campaign Yanks 'Obama Love' Web Video

John McCain accepts the Republican party's nomination to be its presidential candidate at the Xcel Energy Center in St. Paul, Minnesota. Projected behind him on the 51.6 by 30 foot video wall is the Walter Reed Middle High School in North Hollywood. Was it meant to be the Walter Reed Army Medical Center in Washington, DC, which takes care of injured veterans?
Photo: Associated Press/Ron Edmonds

In the run-up to the 2008 Democratic National Convention, Barack Obama was mocked mercilessly by John McCain's campaign staff for the grandiose stage set-up where he was scheduled to accept his party's presidential nomination.

Now it's the Democratic bloggers' turn.

Some watching McCain's nomination acceptance speech Thursday night wondered whether he was asking to be mocked when the screen turned green behind him as he spoke.

McCain became the butt of jokes online and on the The Colbert Report this June after delivering a speech in Louisiana where the stage backdrop was a nauseating green. That spawned Stephen Colbert's "Green Screen Challenge" to make McCain's presentation more exciting.  Some of the rather entertaining results can be seen below.

This time around, the green that television viewers saw behind McCain was actually the lawn of the Walter Reed Middle High School in North Hollywood, the name of which can be seen faintly in this picture.

While the giant Hibino video screen was probably meant to give all the delegates within the stadium a sense of context for the proceedings, for many it turned out to be a giant distraction for television viewers.

As some posters on this audio visual experts' forum note, the stage designers probably should have thought more about how the background screen would affect television viewers' experience of the speeches during close-up shots since they're the prime audience.

And as for the use of Walter Reed Middle High School's image in the background? Neither the McCain campaign nor the convention organizers could be reached at the time of this posting. Bloggers suspect that the image that was meant to have been projected was the Walter Reed Army Medical Center in Washington, DC, which would have made more sense since McCain spent a good deal of time talking about his injuries in Vietnam.

The high school's principal Donna Tobin declined to comment about the use of the school's image, but  issued this statement, suggesting that she wasn't happy about it, on the school's blog:

“It has been brought to the school’s attention that a picture of the front of our school, Walter Reed Middle School, was used as a backdrop at the Republican National Convention.  Permission to use the front of our school for the Republican National Convention was not given by our school nor is the use of our school’s picture an endorsement of any political party or view.”

Nevertheless, it's probably the McCain campaign that's having the last laugh.

Green screen or no, television audience measurement firm Nielsen says that the final night of the Republican National Convention drew 500,000 more viewers than Obama's spectacularly-staged nomination speech did: More than 38.9 million people watched McCain's speech while 38.4 million viewers watched Obama on the final night of the Democratic National Convention.

Update: Josh Marshall has an update here.

The non-profit law firm Media Access Project fears the Federal Communications Commission's decision last month ordering Comcast to stop throttling peer-to-peer traffic may never be enforced -- especially under a John McCain administration.

That's among the reasons the Washington, D.C.-based group is asking the courts to enforce immediately the FCC's decision of Aug. 1. On that day, by a 3-2 vote along party lines with Republican Chairman Kevin Martin the swing, the commission gave the Philadelphia-based internet service provider until year's end to halt its practices of blocking data moving in BitTorrent files.

"This creates a good deal of risk from our perspective that the order never gets enforced," said Harold Feld, the firm's senior vice president. "Who knows how long before we see Comcast discontinue its practices."

The three legal filings were lodged in three different courts of appeals nationwide. The filings contradict Comcast's view on the matter. Comcast has told (.pdf) a federal appeals court that the FCC went too far and abused its authority.

All the while, Comcast said it would comply with the order pending appeal. Still, Comcast denies it has done any throttling to its 14.4 million customers, despite the FCC concluding (.pdf) net neutrality rules were breached.

"We are compelled to appeal because we strongly believe that, in this particular case, the commission's action was legally inappropriate and its findings were not justified by the record," said David Cohen, a Comcast vice president.

If a new FCC changes course and reverses itself, "then we'd have a different lawsuit," Feld said.

Public Knowledge, one of the digital rights groups who got the FCC to issue the order, noted Friday that Comcast "had reached a settlement with [Florida Attorney General Bill] McCollum's Economic Crimes Bureau to pay $150,000 to the state to resolve 'concerns over disclosure issues related to bandwidth use policies.'"

The settlement, "was the result of a state investigation of Comcast’s Acceptable Use Policy (AUP) in which Comcast 'allegedly did not inform consumers of a specific bandwidth limit' for customers to be notified of excessive use, which could lead to a customer being kicked off the service," said Art Brodsky, Public Knowledge's communications director.

"The actual settlement document shows that instead of cutting off heavy users of the service according to a specific amount of bandwidth used, Comcast instead cut off the top 1,000 users, regardless of how much they used," Brodsky said.

Comcast's Cohen, meanwhile, said the cable concern was moving toward a "protocol-agnostic network congestion" platform by year's end. Beginning Oct. 1, it will begin capping monthly usage at 250 GB for residential users.

Here are Media Access Project's three filings and an analysis that the FCC's decision Aug. 1 was an invitation for internet service providers to practice widespread filtering.

Illustration M3Li55@/Flickr

See Also:

• Comcast Appealing FCC Throttling Order
• Analysis: FCC Comcast Order is Open Invitation to Internet Filtering
• Comcast Ordered to Allow Free Flow of File Sharing Traffic
• ISPs Will All Spy on Their Customers, Professor Warns
• Comcast Hijackers Say They Warned the Company First
• Lawmaker Cries Foul Ahead of FCC Net-Neutrality Decision
• Stop the Blocking, Feds to Tell Comcast
• Comcast Beginning 'Net Neutrality' Testing

Lori Drew is charged with violating the Computer Fraud and Abuse Act

A federal judge has tentatively rejected two motions to dismiss charges against a Missouri woman accused of opening a MySpace account that was used to bully a 13-year-old girl who committed suicide. The judge is still considering a third motion and plans to make a final ruling on all three motions next week.

Lori Drew was indicted last May in Los Angeles County, where MySpace is based, in the wake of public outrage that stemmed from the failure of authorities in Missouri to charge her with a crime. Authorities in that state had said their hands were tied since there were no laws prohibiting cyberbullying.

So federal prosecutors charged her with one count of conspiracy and three violations of the anti-hacking Computer Fraud and Abuse Act, on grounds that she violated MySpace's terms of service by providing false information to open a fake MySpace account with her daughter and another teen in September 2006. In doing so, authorities say, she obtained unauthorized access to MySpace's servers.

The account, created in the name of a non-existent 16-year-old boy named "Josh Evans," was used to flirt with and befriend 13-year-old Megan Meier, in order to determine if Meier was spreading malicious rumors about Drew's daughter. After Meier had been seduced into communicating with the fake "Josh" online, the boy turned on her and told her that the world would be a better place without her. Meier, who already suffered from clinical depression, hanged herself in her bedroom shortly after receiving that message.

MySpace's user agreement requires registrants, among other things, to provide factual information about themselves and to refrain from soliciting personal information from minors or using information obtained from MySpace services to harass or harm other people. By allegedly violating that click-to-agree contract, Drew committed the same crime as any hacker, prosecutors maintain.

The use of the anti-hacking law to charge Drew was criticized by experts who said it set a dangerous precedent that could potentially make a felon out of anyone who violated the terms of service of any website -- a prospect that is particularly troubling, they said, because terms-of-service agreements sometimes contain onerous provisions, are often arbitrarily and unilaterally changed by companies, and are rarely read by users.

Last July, Drew's lawyer, H. Dean Steward, filed three motions to dismiss the charges on grounds that prosecutors were too vague (.pdf) in their charges, overstepped their authority by improperly delegating prosecutorial powers (.pdf), and failed to state  an offense and facts in support of allegations that Drew intended to violate the terms of service (.pdf).

On Thursday, U.S. District Judge George Wu tentatively rejected the first two motions but said he was still mulling the third one.

In its counter arguments to the motions filed in court last month, government prosecutors argued that the Computer Fraud and Abuse Act is an appropriate law under which to charge Drew because the act "was intended to serve as the principal statute to address computer-related crimes and was designed to be flexible enough to address changing circumstances" as new technologies and methods for abusing them arise.

"Cyberbullying is a relatively recent phenomenon, as are social networking web sites," the government states. "Consequently, it is not surprising that no cyberbullying cases were brought when the (CFAA) was enacted in 1984."

In the papers, the government revealed additional information about Drew's alleged conduct. According to one filing, Drew discussed with her two co-conspirators the possibility of taking information that they obtained from their undercover online chats with Meier to humiliate her in the real world. Specifically, the document alleges, Drew proposed luring Meier to a mall to meet with "Josh" so that she and her co-conspirators could confront Meier with the information that Josh Evans didn't exist and taunt her with information they had obtained from their chats with her.

Upon learning that Meier had committed suicide, Drew and her husband allegedly tried to hide evidence of the fraud by instructing her daughter and their fellow teenaged conspirator to delete the MySpace account. According to a neighbor, Drew admitted to her after Meier's death that she had created the MySpace account with her daughter and another teenager and that she had caused the account to be deleted after Meiers killed herself.

Drew has maintained that she didn't create the account and never directed any of the chats that occurred on it, although she has admitted that she knew of its existence.

See Also:

• Lori Drew Files Motions to Dismiss in MySpace Cyberbullying Case
• Experts Say MySpace Suicide Indictment Sets 'Scary' Legal Precedent
• Teen Involved in MySpace Suicide Hoax Says Adult Also Participated
• No Charges Will Be Filed In Cyberbullying Case
• Federal Grand Jury Issues Subpoenas in Teen Cyberbullying Case
• Megan Meier Suicide Stokes the Internet Fury Machine
• Prosecutor Will Review Megan Meier Cyberbullying Case

Computer researchers built a tool that demonstrates how hackers could silently turn Facebook users into a powerful zombie army that can attack other websites or scout for vulnerable sites on the net.

All that is necessary to create the Facebook Botnet is to have users choose install a rogue Facebook application written by an outside developer -- in this case, one called Photo of the Day.

Once the user chooses to install the application, the unsuspecting user is inducted into the hacker's army and unknowingly follows orders any time he or she logs into Facebook.

Facebook downplayed the attack, saying that any developer that could figure out how to make a successful application would make money other ways.

The researchers -- mostly affiliated with the Greece-based Institute of Computer Science -- describe their innovation in a paper (.pdf) as a demonstration of an "anti-social network" -- essentially a hijacked social network that can be used for a number of nefarious purposes.

Their demo attack was very simple and surprisingly effective. They created an application that displayed a new National Geographic photo daily on a user's Facebook page -- though the app was not approved of by National Geographic.

But in the background, the application is also downloading three large photos from a targeted site. But the user's browser never displays the images. Any application with enough users will then act like a denial of service attack flooding the chosen website with requests for data. The user stops being a part of the attack after logging out, but joins again every time he returns.

But Facebook spokesman Barry Schnitt disputes the economics of the attack.

"As a practical matter, it is not that easy to get an application with millions of users," Schnitt said. "Why wouldn't you get venture capital or make money with ad rather than use it to take down a website?"

The researchers chose to point the hidden attack at their own server, of course -- but were surprised that more than 1,000 Facebook users installed the application, even though they only mentioned it to friends.

That led to a peak of 300 requests per hour and on its peak day, the traffic went above 6 Mbits per second.

That's an impressive number for an application with only 1,000 users, using only the most basic attack.

A much more sophisticated attack could be launched using a bit of JavaScript, and if that were married to an application such as Super Wall that has millions of daily users, one would likely have the worlds' most powerful botnet.

Now, coders who control a really popular social networking app aren't likely to jeopardize their oil well for a prank, but it would not be hard for a slightly popular application to become rogue without anyone ever knowing or being able to figure out it was happening.

Facebook does not monitor each application's source code, but does talk with developers of the most popular applications and monitors the site to look for anomalies, according to Schnitt.

This post was updated to include Facebook's respone and to add that National Geographic has no relationship to the research project.

Hat Tip: Dark Reading's Kelly Jackson Higgins via Ryan Naraine.

See Also:

• Facebook Beacon Tracking Program Draws Privacy Lawsuit
• Canadian Law Clinic: Facebook Violates Canadian Privacy Law
• Air Force Colonel Wants to Build a Military Botnet
• Hacker Launches Botnet Attack via P2P Software
• DDoS Attacker Pleads Guilty, Agrees to Two Years' Prison
• FBI Announces Botnet Dragnet
• ISP Seen Breaking Internet Protocol to Fight Zombie Computers ...

This year, as a result of a lot of changes in voting machines around the country, numerous voting districts across many states will be using new voting equipment that has either never been used in an election or has never been used in a national election involving millions of voters.

When new systems are used, problems often arise either with the equipment itself or with election officials and voters who are unfamiliar with it.

To see what equipment you and your state will be using in November and to familiarize yourself with it before the election, VerifiedVoting.org, an election integrity group that led the movement to get voter-verified paper audit trails added to touch-screen voting machines, has produced a comprehensive interactive map identifying the voting systems being used in election districts across the country. As far as I know, this is the most up-to-date list of voting equipment that exists.

The map offers several options for viewing. You can look at systems at a statewide macro level or click on a state to get a micro view of the various systems being used in each county or voting district, including the accessible equipment being offered for disabled voters. At the district level, you'll also find information about the maker of the voting machines and contact information for the election office.

The voting machine landscape has changed a lot since the 2000 presidential election when punch-card voting systems and dangling chads spawned a heated national debate and Supreme Court battle.

As a result of the 2000 debacle, the Help America Vote Act was passed in 2002 allocating federal funds to replace antiquated punch-card and lever machines with newer election technologies. Election officials quickly spent millions of dollars to buy paperless touch-screen voting machines -- also known as Direct Recording Electronic (DRE) machines -- that were touted by their makers as faster, more accurate and easier to use than punch-card machines.

But in 2003, technical reports began surfacing about serious security issues with the machines as well as reports about breakdowns and other problems. Public opinion has forced some voting districts to back away from the equipment since then. In some cases entire states -- such as California and Florida -- have outlawed DRE machines for use by anyone other than disabled voters and have recently replaced their touch-screen systems with new optical-scan machines.

In the last two years, 131 counties across 9 states -- California, Colorado, Florida, Iowa, Kentucky, North Carolina, Ohio, Pennsylvania and Virginia -- have abandoned their DRE machines in favor of paper ballot voting systems, according to statistics collected by VerifiedVoting.

While some states like Nevada and Utah have added paper trails to their DRE machines, the District of Columbia and six states -- Delaware, Georgia, Louisiana, Maryland, New Jersey and South Carolina -- still use DRE's without paper trails statewide. A handful of other states use mixed systems -- paperless DREs in some districts and paper-based voting systems in other districts.

See also:

• 3,400 Ballots Missing in Florida Election: Recount Flips Race
• NY: 50 Percent of Sequoia Voting Machines Flawed
• Phantom Obama Vote Appears on NY Voting Machine
• GOP Figure Contracted to Deliver E-Voting Machines in Maryland
• Sequoia Voting Systems Responsible for 2000 Presidential Debacle?
• How E-Voting Threatens Democracy
• E-Voting Tests Get Failing Grade
• E-Vote Vendors Hand Over Software

John McCain received a remarkably tepid response online Thursday night when he officially accepted the Republican party's nomination to be president of the United States.

"McCain seemed almost to be going through the motions when he talked specifics (sort of) on domestic policy," wrote Paul Mirengoff, a blog at the influential conservative site Powerline. "His recition of specific hardships cases in various swing states struck me as lame, and he didn't really make it clear what he was going to do to "fight for" these individuals."

Mirengoff notes in the post that he's seen McCain stay in touch with the families he discussed Thursday night while on the campiagn trail, but nevertheless, he notes that even on foreign policy, McCain wasn't "as compelling as I expected."

In contrast to Alaska Governor Sarah Palin's dry and humorous, yet fiery and partisan vice presidential nomination speech Wednesday night, McCain's tone was moving, and heartfelt. That tone had more in common with Hillary Clinton's speech at the Democratic National Convention than anything else in that it appealed to Americans' fighting spirit and a spirit of perserverence.

While offering some intriguing ideas, the speech was remarkably devoid of details, something that McCain's Democratic opponent Barack Obama has been accused of while on the campaign trail. It also differed from Obama's address in its lack of acknowledgment that both making changes to the governing process and and coming to some level of compromise between competing interests on specific issues is going to be hard.

Even the Wall Street Journal's conservative editorial page made the observation, which called for more policy specifics from McCain. 

Mr. McCain will have to resist the temptation to fight this election mainly on character and experience. His own campaign manager suggested this week that this election will be about "character" more than issues. But that is a losing strategy in a year when the electorate is also looking for change at home, especially a stronger economy and rising after-tax, after-inflation incomes. Mr. McCain can only win if his character advantage is applied to an agenda of genuine change.

McCain was also on the receiving end from some sarcasm from bloggers at The Economist, who wondered how he could criticize Russia for invading Georgia. 

"Wait. Is he really attacking hegemons that attack other nations in order to gain more control of their oil supply?" one of them wondered.

"Definitely looking to drink Obamas postpartisan milkshake," they later noted.

The bloggers concluded that it was a good speech, but noted that "[the pundits] aren't gushing like they did after Mr Obama's."

Perhaps blogger, army veteran and political scientist James Joyner summarized it best in his blog post on the Thursday evening speech:

He’s not selling himself as an orator, though. He did what he had to do: Delivered a competent speech, contrasting his service and experience with that of his opponent, while emphasizing that he understands the need to deal with the country’s problems.   The speech won’t generate a groundswell of support but will likely both steady the base and appeal to moderates.

While McCain's speech didn't inspire the torrent of online enthusiasm that Palin's did Wednesday night, it's difficult to judge how indicative of anything the online response is in this case, since many of his supporters appear to be older television-watchers and not as active online -- much like the Clinton demographic.

Nevertheless, the online reaction is worth noting since some studies have shown that bloggers can be influence brokers and opinion shapers among their realm of friends and associates who are not as passionate or involved in politics.

See Also:

• Sarah Palin's Campaign Debut Electrifies The Twitterati
• Clinton Speech Impresses Bloggers
• Democratic Convention: Twitterers Gush Over Michelle Obama
• Bring Out Your Inner Semiotician: Analyze Bill Clinton's ...
• Historic Obama Speech Sets Internet on Fire
• Republican National Convention Streams Online
• Republicans Push Online Hurricane Relief At Convention
• Gadgetry at The Democratic National Convention
• Former Virginia Governor's Comment On Science At Convention Lights ...
• Video of Clashes Between St. Paul Police and RNC Protestors Bubble ...
• Will.I.Am: From Online Video To Convention Floor
• Democratic Convention: Live Audio of Denver Police

Image: Wordle.net

If there's a candidate for the worst future violator of your privacy, look no further than the company you pay for broadband.

So says University of Colorado law professor and former federal prosecutor Paul Ohm, who argues in a new article that ISPs have the means, motive and opportunity to kill your online privacy.

Nothing in society poses as grave a threat to privacy as the Internet Service Provider (ISP). ISPs carry their users’ conversations, secrets, relationships, acts, and omissions. Until the very recent past, they had left most of these alone because they had lacked the tools to spy invasively, but with recent advances in eavesdropping  technology, they can now spy on people in unprecedented ways. Meanwhile, advertisers and copyright owners have been tempting them to put their users’ secrets up for sale, and judging from a recent flurry of reports, ISPs are giving in to the temptation and experimenting with new forms of spying. This is only the leading edge of a coming storm of unprecedented and invasive ISP surveillance.

But is that true?

Ohm argues technological and economic forces virtually guarantee that ISPs will begin finding ways to make money by monitoring, categorizing and even storing everything their users do on their networks.

Those are indisputable facts.

But Ohm's argument comes right as powerful lawmakers have all but forced U.S. ISPs to abandon their dalliance with NebuAd, a Silicon Valley startup that wants to pay ISPs to let eavesdrop on their users in order to serve targeted advertisements.

This week NebuAd's CEO and founder took a new job, while a similar venture in England called Phorm is facing scrutiny as well for its secret tests.

Meanwhile, Comcast is being forced to abandon its throttling of peer-to-peer file sharing traffic after a torrent of bad press and a order (now being contested)  from the Federal Communication Commission telling Comcast to cut it out.

Despite these moves by the feds, Ohm's The Rise and Fall of Invasive ISP Surveillance predicts ISPs will continue to rush to profile customers in order to get at a slice of the online advertising pie, unless the government takes strong steps to ban certain kinds of deep packet inspection.

ISPs, faced with changes in technology, extraordinary pressures to innovate, and murky ethical rules, will continue aggressively to expand network monitoring.  The AT&T, Comcast, Charter, NebuAd and Phorm examples will prove to be not outliers but the first steps in a steady expansion of industry practices.  Unless some force—regulatory or non-regulatory—intervenes, the inevitable result will be ISPs conducting full-packet capture of everything their users do, supposedly with their users’ consent.

ISPs will and do use so-called deep-packet inspection equipment to look at many layers of an internet packet -- maybe including the content -- to make their service better by giving priority to time-sensitive packets or stop internet attacks. even to attempt to stop the sharing of copyrighted material as AT&T has proposed.

From there it is an easy step to finding ways to profile customers.

The solution, according to Ohm: Apply the current wiretapping laws to what ISPs want to do on their networks -- including ways to manage traffic flows -- and add some exceptions designated by a neutral government body like NIST.

That's a fine notion -- using privacy as the way to enforce a largely neutral internet, while still allowing ISP engineers to do their jobs.

Unfortunately, neither Congress nor the courts seem particularly interested in wiretapping laws, except to find ways to expand exceptions for the government. or excuse self-issued ones.

Will Congress as a whole prove itself to feel differently about ISPs spying on Americans, than the nation's spooks?

You can also read more from Ohm over at Concurring Opinions, where he's blogging about the topic and responding in the comment section.

Photo: Paul Ohm/Paulohm.com

• Former Prosecutor: ISP Content Filtering Might be a 'Five Year Felony'
• Feds Deny Report Of Widespread Spying
• ISP Web Tracking Dead As Net Eavesdropping CEO Resigns
• Report: NebuAd Forges Packets, Violates Net Standards
• Lawmakers Target Second ISP for Web-Tracking Tech
• Comcast Appealing FCC Throttling Order
• Analysis: FCC Comcast Order is Open Invitation to Internet Filtering

A Montana state judge is ruling that the identities of anonymous commenters posted on news sites are protected by a state's media shield law.

While Wednesday's decision does not carry legal weight with other judges across the United States, media lawyers said Thursday they believed it was the first ruling of its kind.

Only Wyoming does not have a shield law protecting a news outfit from divulging unpublished material in state investigations.

The ruling came in a case in which a Montana man with political aspirations sued another man for libel and slander in Montana state court. The aspiring politico wanted to know whether the person he was suing was the anonymous commenter on the Billings Gazette he claimed was belittling him.

District Court Judge G. Todd Baugh, of Yellowstone County, issued the ruling from the bench Wednesday, according to the Billings Gazette.

There is no federal shield law protecting reporters' unpublished material in federal investigations.

Photo Clearly Ambiguous

See Also:

• Google Privacy Practices Worse Than ISP Snooping, AT&T Charges
• Obama VP Pick Joe Biden: Good on Civil Liberties, Friendly to ...
• Facebook Beacon Tracking Program Draws Privacy Lawsuit
• Lawmakers Target Second ISP for Web-Tracking Tech
• File Sharing Lawsuits at a Crossroads, After Five Years of RIAA ...
• Bush Nominates Three to Empty Privacy Board
• Sarah Palin's Campaign Debut Electrifies The Twitterati

These are some of the most popular search terms online for Alaska Governor and Republican vice presidential pick Sarah Palin since Friday.
Image: Wordle.net

John McCain's campaign team has often used Barack Obama's popularity and the world's interest in him as a tool to belittle his candidacy during the 2008 presidential campaign. The McCain camp has used videos such as "Celeb" and "Obama Love" to mock the Democrats' leading man.

But for now it turns out that Alaska Governor Sarah Palin has more in common with Britney Spears and Paris Hilton in internet-searchers' minds than Obama.

That's according to the audience measurement firm Hitwise, and search pattern statistics from Google.

Of course, since relatively few of the electorate knew who Palin was before last Friday, it makes sense that the top search term for Palin was simply the vice presidential candidate's name. But the second and third top searches, of the 1,323 unique search queries tracked over the past few weeks were "Vogue Magazine," and "Photos," according to Hitwise' general managing Bill Tancer in a recent article in Time and author of "Click: What Millions Do Online And Why It Matters."

Other popular searches among the "American public," he writes, are "hot photos," "Sarah Palin Bikini Photos," "Sarah Palin Nude," and "Sarah Palin Naked."

You might normally associate those terms with those other two women who are famous for being famous. Of course, in the short time that McCain announced his pick, Palin's already become supermarket tabloid fodder too. 

The spike in interest in Palin was also noticed by Chicago writer Nate Silver. Silver noted in a blog post yesterday that searches for Palin blew way past the search terms "Britney Spears," "Paris Hilton," "Michael Phelps," and "Barack Obama," combined.

Could all this online searching, and Palin's good looks and relative youth at 44, translate into more of the online demographic learning about McCain's position on the issues and liking what they see?

Michael D. Hais (a Democrat) and co-author of "Millennial Makeover," with Morley Winograd, doesn't think so.

"The Millennial generation identify themselves as Democrats two to one, and they're the first generation in three or four generations where more people call themselves liberal than conservative," he said.

Moreover, Palin's confrontational style doesn't sit well with this emerging political generation, who were born between 1982 and 2003.

Millennials want to work out issues by working together through compromise, he said. And the demographic research shows that they're more concerned with civic duty than culture war issues such as abortion.

Palin's speech, at least as far as he could tell from last night, Hais said, emphasized partisan differences and a right and wrong, which is not how Millennials like to approach the solving of problems.

"It's: 'We're on one side of the issue, and the other side is wrong,' and that is not the way Millennials approach things," he said.

Rather, Obama's approach of reaching out for compromise, like the way he did in his nomination acceptance speech last week, is more in tune with these young voters, he said. Hais specifically cited Obama's comment on abortion.

Specifically, Obama had said: "We may not agree on abortion, but surely we can agree on reducing the number of unwanted pregnancies in this country."

Hais cites a USA Today/Gallup poll that re-inforces this hunch that Palin's speech isn't likely to have appealed to the Millennials to switch over. The poll, published Thursday, shows a decline in swing voters from 30 percent a week ago to 21 percent. He says that suggests that more voters have dug their heels in.   

Less than a day before it release, video game Spore began making the rounds Thursday on the usual BitTorrent free sites like ThePirateBay, Mininova and others.

Spore, an Electronic Arts game, is Will Wright's long anticipated follow to The Sims.

"Spore starts a player out as a single-cell organism swimming around in a primordial soup," according to Spore's web site.

TechDigest reports that the group RELOADED is "taking credit for busting open Spore's SecuROM protection."

See Also:

• Former OiNK Users Arrested in United Kingdom
• FBI: Uploader Confesses to Pre-releasing Guns N' Roses Tracks
• AG Mukasey Says IP Theft Threatens Public Safety, Fosters Terrorism
• Pirate Bay Says It Can't Be Sunk, Servers Scattered Worldwide
• Anti-Piracy Group Not Amused Pirate Bay Has Its Domain -- Update 1
• Pirate Bay Torrent Feeding Frenzy Growing

RIAA attorney Donald Verrilli Jr. says file sharers are automatically liable for copyright infringement and monetary damages for using peer-to-peer networks. Casey Lentz is trying to settle her RIAA lawsuit. She says the RIAA is "harassing" her.

It was five years ago Monday the Recording Industry Association of America began its massive litigation campaign that now includes more than 30,000 lawsuits targeting alleged copyright scofflaws on peer-to-peer networks.

The targets include the elderly, students, children and even the dead. No one in the U.S. who uses Kazaa, Limewire or other file sharing networks is immune from the RIAA's investigators, and fines under the Copyright Act go up to $150,000 per purloined music track.

But despite the crackdown, billions of copies of copyrighted songs are now changing hands each year on file sharing services. All the while, some of the most fundamental legal questions surrounding the legality of file sharing have gone unanswered. Even the future of the RIAA's only jury trial victory -- against Minnesota mother Jammie Thomas -- is in doubt. Some are wondering if the campaign has shaped up as an utter failure.

"We're just barely scratching the surface of the legal issues," says Ray Beckerman, a New York lawyer and one of the nation's few who have taken an RIAA defendant's case. "They're extorting people -- and for what purpose?"

When the first round of lawsuits were filed on Sept. 8, 2003 -- targeting 261 defendants around the country -- it was a hairpin turn from the RIAA's previous strategy of going after services like Napster, RIAA president Cary Sherman said at the time. "It is simply to get peer-to-peer users to stop offering music that does not belong to them." The goal in targeting music fans instead of businesses was "not to be vindictive or punitive," says Sherman.

Today, the RIAA -- the lobbying group for the world's big four music companies, Sony BMG, Universal Music, EMI and Warner Music -- admits that the lawsuits are largely a public relations effort, aimed at striking fear into the hearts of would-be downloaders. Spokeswoman Cara Duckworth of the RIAA says the lawsuits have spawned a "general sense of awareness" that file sharing copyrighted music without authorization is "illegal."

"Think about what the legal marketplace and industry would look like today had we sat on our hands and done nothing," Duckworth says in a statement. (The RIAA declined to be interviewed for this story.)

Casey Lentz, a 21-year-old former San Francisco State student, is among those caught in the RIAA's PR campaign.

"They're harassing me nonstop," says Lentz, who's been trying to settle her RIAA case, but can't afford a lawyer. "I wasn't the one who downloaded the music. It was a shared computer with my roommates and my friends. They want $7,500 for 10 songs."

"I told them I only had $500 in my bank account. And they said 'no way,'" she says.

Despite a fallow legal landscape, most defendants cannot afford attorneys and settle for a few thousand dollars rather than risk losing even more, Beckerman says. "There are still very few people fighting back as far as the litigation goes and they settle."

"It costs more to hire a lawyer to defend these cases than take the settlement," agrees Lory Lybeck, a Washington State attorney, who is leading a prospective class-action against the RIAA for engaging in what he says is "sham" litigation tactics. "That's an important part of what's going on. The recording industry is setting a price where you know they cannot hire lawyers. It's a pretty well-designed system whereby people are not allowed any effective participation in one of the three prongs in the federal government."

Settlement payments can be made on a website, where the funds are used to sue more defendants. None of the money is paid to artists.

The quick settlements have left largely unexamined some basic legal questions, such as the legality of the RIAA's investigative tactics, and the question of what proof should be required to hold a defendant liable for peer-to-peer copyright infringement

In two cases, judges have ruled that making songs available on a peer-to-peer network does not constitute copyright infringement -- the RIAA has to show that someone actually downloaded the material from a defendant's open share folder. One of those cases is still mired in pretrial litigation. In the other, an Arizona judge issued a $40,000 judgment last week in favor of the recording industry, after learning the defendant tampered with his hard drive to conceal his downloading.

The so-called "making available" issue also emerged, belatedly, in the only RIAA file sharing lawsuit to go to trial: the case against Thomas, a Minnesota mother of three, who was slammed with a $222,000 judgment last year for sharing 24 tracks in her Kazaa folder.

Months after the Duluth, Minnesota jury's October verdict, U.S. District Judge Michael Davis called the lawyers back to his courtroom. He said he likely committed a "manifest error" in the case by instructing (.pdf) the jury that merely offering music was infringement.

Judge Davis is expected any day to declare a mistrial in the case, and rule that the Copyright Act demands a showing of an actual "transfer" of files from Thomas' share folder. If that line of reasoning is followed elsewhere, it endangers a key prong of the RIAA's litigation strategy. The association believes it is technically impossible to prove that files offered on a peer-to-peer user's shared folders were actually downloaded by anyone besides its own investigators. "It's all done behind a veil," RIAA attorney Donald Verrilli Jr. argued in the Thomas case last month.

That doesn't mean the RIAA would be dead in the water. The recording industry could try to prove, through forensic examination, that the shared files were pirated to begin with, i.e., that the defendant infringed copyright law by downloading the music, before sharing it again. It's also possible the courts will find that -- as the RIAA has argued -- downloads by the RIAA's investigators can be considered infringement by the file sharer; digital rights advocates counter the recording industry should not be able to pay investigators to make downloads of its own music, and then declare them unauthorized copies.

The RIAA's investigative tactics have come under attack as well. In a few states -- Michigan, Texas, Florida, New York, Massachusetts, Oregon and Arizona -- state governments and RIAA defendants have challenged the qualifications of the private company that develops the music industry's cases.

MediaSentry -- aka SafeNet -- specializes in logging into peer-to-peer networks, where it downloads some music, takes screenshots of open share folders and documents the offending IP address. The RIAA's position is that the online sleuthing isn't covered by state laws regulating private investigators. But Michigan (.pdf) recently disagreed, and told MediaSentry it needed a private investigator's license to continue practicing in that state.

Against that shifting legal backdrop, a handful of universities, including the University of Oregon, have begun refusing to divulge students' names in file sharing lawsuits, on privacy grounds.

Nobody can credibly dispute that file sharing systems are a superhighway for pirated music. "There is no doubt that the volume of files on P2P is overwhelmingly infringing," says Eric Garland, president of Los Angeles research firm BigChampagne. But critics of the RIAA say it's time for the music industry to stop attacking fans, and start looking for alternatives. Fred von Lohmann, a staff attorney with the Electronic Frontier Foundation, says the lawsuits are simply not reducing the number of people trading music online.

"If the goal is to reduce file sharing," he says, "it's a failure."

See Also:

• RIAA, MPAA Converging on Political Conventions
• Do RIAA Snoops Need PI Licenses?
• FBI: Uploader Confesses to Pre-releasing Guns N' Roses Tracks
• Judge Hints at Mistrial in RIAA v. Jammie Thomas
• Nonprofit Distributes File Sharing Propaganda to 50000 US Students
• File Sharer Settles with RIAA for a Whopping $756 a Song

Comcast on Thursday appealed the Federal Communication Commission's order that it stop its controversial practice of throttling file sharing traffic.

On Aug. 1, FCC commissioners concluded on a 3-2 vote that Comcast monitored the content of its customers' internet connections and selectively blocked peer-to-peer connections using the BitTorrent protocol. The commission found that Comcast violated so-called rules of net neutrality.

David Cohen, a Comcast vice president, said Comcast would comply with the order, even though Comcast maintains it never throttled traffic. Still, Cohen said the Philadelphia-based internet service provider was appealing (.pdf) to the U.S. Court of Appeals for the District of Columbia Circuit because the commission went too far.

"We filed this appeal in order to protect our legal rights and to challenge the basis on which the commission found that Comcast violated federal policy in the absence of pre-existing legally enforceable standards or rules," he said in a statement. "We continue to recognize that the Commission has jurisdiction over Internet service providers and may regulate them in appropriate circumstances and in accordance with appropriate procedures. However, we are compelled to appeal because we strongly believe that, in this particular case, the Commission's action was legally inappropriate and its findings were not justified by the record."

The commission's ruling was the first time the FCC waded into the net neutrality waters.

"Let's suppose they win. The commission would not have the authority to deal with them," said Art Brodsky, a spokesman for Public Knowledge, one of the groups whose complaints about Comcast stirred the FCC to action. "This is about setting ground rules for enforcement."

Cohen said Comcast was moving toward a "protocol-agnostic network congestion" platform by year's end. It also has capped monthly usage at 250 GB for residential users.

Illustration M3Li55@/Flickr

See Also:

• Analysis: FCC Comcast Order is Open Invitation to Internet Filtering
• FBI Arrests Alleged California Music Pirate
• Google Privacy Practices Worse Than ISP Snooping, AT&T Charges
• Net Neutrality Gains Traction In 2008 Senate Races
• Lawmaker Cries Foul Ahead of FCC Net-Neutrality Decision
• Comcast Beginning 'Net Neutrality' Testing
• Net Neutrality Advocates Call For Fast, Universal Access To The Net
• Net Neutrality Debate Is Secretly All About Internet Television ...
• Comcast Ordered to Allow Free Flow of File Sharing Traffic

Sarah "Barracuda" Palin, a tough political charmer with a smile: "We tend to prefer candidates who don't talk about us one way in Scranton and another way in San Francisco," she said Wednesday night during her acceptance speech for the position of vice presidential candidate at the 2008 Republican National Convention.
Photo: Tom LeGro

"Palin ROCKED!"

That succinct, two-word assessment that appeared on the micro-blogging service Twitter Wednesday night just about summarized many conservatives' relieved reactions after an inauspicious week for Republican vice presidential candidate Sarah Palin.

That tweet came from "jonahandjude." It was just one of thousands of reactions coursing through the online service from both the left and the right as they shared their first impressions of Alaska's controversial 44-year-old governor.

Palin accepted the Republican party's formal nomination at its national convention at the Xcel Energy Center in St. Paul, Minn.  Wednesday night. It was a highly-anticipated appearance, built up after days of chatter about her relatively thin political resume, and about her teen daughter's out-of-wedlock pregnancy.

Even members of Palin's own party were trashing John McCain's choice of a running mate just hours before Palin's speech: Wall Street Journal columnist Peggy Noonan and Republican strategist Mike Murphy were accidentally recorded on MSNBC Wednesday calling McCain's choice "cynical," and "political bullshit." The gaffe immediately made its way onto YouTube.

Continue reading "Sarah Palin's Campaign Debut Electrifies the GOP, Galvanizes The Twitterati" »

Pay no attention to rumors that the internet is getting full: the internet can eat 50 eggs.

In fact, over the last 12 months, international net bandwidth in backbone grew 62 percent, while internet traffic grew only 53 percent and filled only 43 percent of the tubes' capacity at peak times, according to a new report released by bandwidth-monitoring firm TeleGeography.

In short, the internet's tubes are growing faster than even YouTube videos can fill them, and they're in no danger of filling up anytime soon.

That's despite the occasional Chicken Little proclamation from ISPs, pending caps on 'unlimited' internet usage and hand-wringing over peer-to-peer file sharing of movies such as Cool Hand Luke.

In the same time period -- mid-2007 to mid-2008, Latin America and South Asia both doubled the capacity of their backbones -- the net's fiber-optic equivalent of a highway system.

Wholesale prices for sending and receiving data continue to fall, and with the cheapest prices in North America and Europe, where there's still more abundant capacity, the Global Internet Geography report found.

Though the report does not mention it, the expansion of global capacity -- especially fiber-optic lines that don't hit U.S. shores -- makes it harder for the U.S. government to wiretap the net, since increasingly net traffic stays local or takes a short route that doesn't go through the U.S.

But take all of the above with a pinch of salt, since the report isn't science.

Data on the net's size, capacity and even links are difficult to come by, since almost all of the infrastructure is privately owned, and there's little incentive and few requirements to share data with governments or scientists.

Without open internet data or even data about the data, there is no science.

Telegeography says it gathers its data at internet exchange points around the globe and from surveys. As for the future, the company says to expect much of the same: "strong growth and falling prices."

The full report will run you $5,000, but Telegeography offers the executive summary (.pdf) for free.

Image: Telegeography

See Also:

• NSA's Lucky Break: How the U.S. Became Switchboard to the World
• Cable Cut Fever Grips the Web
• UN Official Feeds Cable Cut Sabotage Speculation
• Internet Mysteries: How Much File Sharing Traffic Travels the Net

Well, of course it's an online joke. The pranksters at 23/6 are mocking the Republican vice presidential nominee's relative obscurity and background -- the subject du jour on the campaign trail.

In a posted recording, someone sounding like John McCain offers "Sandra Palin" the honor of being his running mate.

"Senator Palin ... Governor Palin, it was great to meet you, that time that we met" says the distracted-sounding voice of Michael Weingartner, the impersonator, who's quick to anger in the recording. "I was wondering if you're not too busy these days, if you'd like to be my vice presidential running mate. I was told that you'd shore up the evangelical vote and help with the female vote. I personally don't think that Americans are dumb enough to fall for straight-up pandering, but my advisers tell me otherwise."

The recording, which was posted online at the political humor site 23/6 (jointly run by IAC and The Huffington Post) yesterday, has received almost 3,000 Diggs. 

Alaska Governor Sarah Palin is scheduled to make her vice presidential acceptance speech at the Republican National Convention in St. Paul, Minnesota Wednesday somewhere around 10 pm Eastern after Rudy Giuliani and Hawaii Governor Linda Lingle speak.

Pundits are expecting more people to tune in than they did for Barack Obama's Democratic presidential nomination acceptance speech last week.

Image: Wigwam Jones

Online privacy scored a small victory this week as the CEO for controversial net eavesdropping firm NebuAD resigned just months after Congress successfully scared the country's ISPs into abandoning dreams of windfall profits from tracking their customers around the web.

Dykes's resignation can best be understood as the death -- if only temporary one -- of a scheme to track online users' every click and search in order to serve just the right ad at the right time - a service that companies will pay a premium for.

NebuAd's business model was to pay ISPs to let it install equipment to monitor where people surfed and what they searched on, in order to deliver targeted ads based on the user's profile. ISPs hungry to be more than just a railroad company warmed to the idea of new revenue.

But after one of the nation's largest ISPs, Charter Communication, announced plans to test NebuAd technology, the House Energy and Commerce committee became very interested whether tracking people's every move on the net violated federal law. The inquiry dealt a critical blow to the company, since it quickly became apparent that no ISP was going to take on a powerful House telecom committee to defend untested and clearly creepy technology.

Now NebuAd CEO and founder Bob Dykes resigned to take a job at VeriFone, a retail payment system company, just a day after the AP ran a slightly premature obituary for NebuAd, which sought to pay ISPs to let it spy on surfers' online habits in order to serve them targeted ads.

The company claimed to be all about the good words: transparency. notice, choice and consent. But inquiries by Congress revealed ISPs secretly tested the technology without telling customers and the company proved unable to explain how its 'miraculous opt-out' technology worked. It did claim to have a patent pending on the technology, but none was found in an online search. An report by watchdog groups revealed the company also violated key internet protocols and injected rogue code into packets coming from sites like Google.com.

With Dyke's departure, it's clear that in the United States at least, this sort of ISP tracking is not going to be condoned for at least a few years, and venture capital is likely to stay far away from similar ventures for a long time. (England has its own battle with a similar company called Phorm.)

Government spying, however, follows the "Do as I say, not as I do" rule of politics.

In fact, in July, Congress decided that the government should have the power to install NSA surveillance equipment in any American internet service or infrastructure -- whether that be a secret room in AT&T's internet switching facility or an automatic forwarder in Microsoft's Hotmail service.

• Report: NebuAd Forges Packets, Violates Net Standards
• NebuAd Defends Murky System to 'Opt-Out' From Charter Snooping
• Charter Freezes Web Eavesdropping Plan - Update
• Lawmakers Target Second ISP for Web-Tracking Tech
• Can Charter Broadband Customers Really Opt-Out of Spying? Maybe Not
• Under Pressure, ISP Admits Secret Web Snooping in Kansas
• ISP Justifies, But Doesn't Explain Secret Customer Eavesdropping
• Leaked Report: ISP Secretly Added Spy Code To Web Sessions ...

As most of the on-air cable television personalities focus on the national politics of the Republicans' nomination of Alaska Gov. Sarah Palin for vice president, stories and footage of clashes between the St. Paul police and protesters at the Republican National Convention are turning up on the internet.

The Uptake, an online citizen-journalism training outfit in Minneapolis, has been at the forefront of documenting much of the unfriendly interaction between the police and the protesters.

In many of the live-streams, which can be seen on the organization's website, it's difficult to tell what's going on because much of the footage seems to have been recorded on an impromptu basis from the citizen-reporters' cellphone cameras.

Nevertheless, some of the video is dramatic.

In the clip above, police are in a stand-off with RNC protesters holding a black-and-red sign with the words "Against Capitalism," on it. One of the protesters provokes the black-clad, helmeted cops by shouting "Sieg Heil!"

The police, who look as if they've just stepped off the set of Brazil, didn't appear to find that funny. Shortly after the taunt, a group of people advance toward the police line, and the cops respond by firing off "flash bangs," which Tom Walsh, the St. Paul police department's public information officer, describes as a "percussive instrument" that's meant to disperse crowds.   

In an interview, Walsh declined to comment on any specifics, but he pointed out the local media's favorable reports on the restraint that police are exercising against the "excesses of the rioters."

He pointed to the Poor People's March on Sunday (which was still going on yesterday), where he said the rioters co-opted the peaceful demonstrators' events and started hurling feces, urine, rocks and bottles.

"The peaceful protesters lost control of their march because of these rioters, and that continues to be the pattern," he said.

When asked about the arrest of Amy Goodman, the lefty Democracy Now journalist and the show's producers, Walsh declined to comment.

In both an online broadcast and during a press conference with St. Paul Police Chief John Harrington on Tuesday, Goodman says that she had approached the police to ask them about the arrest of the show's producers, and the police had simply arrested her despite seeing her press badge. Goodman's been charged with a misdemeanor.

"I would submit to you that there are thousands of journalists on the ground, and they're not being impeded on their ability to report," Walsh said.

In addition to footage from The Uptake and Democracy Now, The Minnesota Independent, a local blog run by the Center for Independent Media in Washington, D.C., has graphic photos and an account of a 17-year-old peaceful protestor being beaten up by police.

More documentation of some of the chaos is in the Kentucky Kernal, a student newspaper at the University of Kentucky, whose photo staff and an adviser got swept up in the arrests.

All-in-all, if you lived in a world without television and used social media applications exclusively to keep up with what's going on in St. Paul, your view of the convention would differ significantly from everyone else's.

For example, searches using the phrase "Republican National Convention" for the most recently uploaded photos on Flickr Tuesday night yielded hundreds of photos of authoritarian-looking police in their riot gear.

Similarly, searches for #RNC08 on Twitter on Tuesday night brought up a lot of messaging between protest organizers and by protesters themselves of the police's movements on the streets.

Free Press, a media reform group, is gathering online names and signatures to sign a letter protesting what the group says are intimidation tactics by the St. Paul police. As of Wednesday, the group had gathered more than 35,000 signatures. Free Press intends to deliver the letter to St. Paul Mayor Chris Coleman and the Republican National Convention host committee.

Palm Beach County, Florida, is in the news again for another election mishap. This time the culprit isn't the county's infamous butterfly ballot that made headlines in the 2000 presidential race. Instead, the problem is ballots used with the county's new $5.5 million optical-scan machines made by Sequoia Voting Systems.

More than 3,000 optical-scan ballots have mysteriously disappeared since the county held an election last Tuesday.

According to tallies a week ago, a total of 102,523 ballots were cast in the election. But according to a recount of one of the races, which was completed this last Sunday, the total number of cast ballots was only 99,045 -- a difference of 3,478. Election officials say they can't explain the discrepancy, though critics are concerned that this is a precursor to problems that could arise in the November presidential election.

The problem was discovered only because the county was conducting a recount of a close judicial race between an incumbent, 15th Circuit Judge Richard Wennet, and his challenger William Abramson. Prior to the recount, Abramson had won the election by 17 votes; but the recount flipped the race and resulted in him losing the election to Wennet by 60 votes. The total number of votes cast in that specific race dropped by 2,900 between the time ballots were counted last Tuesday and the recount.

Palm Beach County Election Supervisor Arthur Anderson said the discrepancy in the number of votes cast in the judicial race was likely due to the extra sensitivity of optical-scan machines used in the recount, which are different from optical-scan machines that counted the ballots on Election Day. The seven high-speed tabulating machines used in the recount are much more "unforgiving" than those that processed the votes on election day, he told the Palm Beach Post.

Although none of the articles about this issue explain what Anderson meant by this, presumably the machines used to count the votes on Election Day were precinct-based scanners, which are used on site at polling locations, while the recount was done on central-count scanners, which are used to count ballots at a county headquarters.

If optical-scan machines are calibrated poorly or inconsistently, they will sometimes read some votes on ballots while ignoring others. This could explain the issue if the problem were simply that some votes cast in the race were read by machines on Tuesday and not read by different machines during the recount. But this can't explain why the total number of ballots cast in the election changed by more than 3,000.

Nonetheless, the county plans to certify the recount results this week, despite the discrepancy in the ballot numbers. County officials say it isn't their place to question the results, although they say they are trying to determine what happened to those missing ballots.

Abramson, the losing candidate in the judicial race, told reporters that he is exploring the possibility of a lawsuit.

This isn't the first time the Sequoia machines and Anderson have been criticized over uncounted votes. About 700 votes went uncounted in a special commissioners election in West Palm Beach last June. In that election, Sequoia optical-scan machines had failed to count votes on memory cartridges from three precincts. Sequoia maintained that the problem was Anderson's staff and not its machines. The staff had mistakenly fed the three cartridges into the tabulating equipment twice, causing the machine to "suspend" the votes and not include them in the tally. Election staff caught the problem days after the election, but before the official election results had been certified.

Arthur Anderson has only been the county election supervisor a short time but has been beset by criticism for most of it. He became election supervisor in 2005 when he replaced Theresa LePore, who created the infamous "butterfly ballot," and who is apparently writing a book about the 2000 election.

Anderson was elected election supervisor even though he apparently had no prior experience in election administration.

Ironically, he lost his own bid for re-election in last Tuesday's race, although he will still oversee this November's election, since his replacement will not assume office until January. A runoff race in November will decide the winner of his job, since neither of the two candidates vying for his position obtained enough votes last week to forestall a runoff. Like Anderson, neither of the two candidates hoping to replace him has experience running elections.

See also:

• NY: 50 Percent of Sequoia Voting Machines Flawed
• Phantom Obama Vote Appears on NY Voting Machine
• Sequoia Voting Systems Responsible for 2000 Presidential Debacle?

The 2008 Republican National Convention is streaming its evening events online.

The convention, which has resumed its Tuesday schedule after pared down first-day activities, is using UStream.tv to provide the public with unfiltered access to its line-up of speakers.

Convention organizers, it seems, chose widespread distribution online over crystal-clear clarity.

The live video stream of the Republican National Convention at the Xcel Energy Center in St. Paul, Minn. can be embedded in blogs, and in viewers' social networks such as Facebook and micro-blogging service Twitter. Convention organizers are also doing impromptu video interviews with Republican party officials on "Backstage Live."

Last week, organizers for the Democratic National Convention in Denver, Colorado relied upon Microsoft's high-definition Silverlight media platform to stream convention events online. That prompted some grumbling from potential viewers who didn't like having to download and install two separate components to view the convention online.

Nevertheless, that platform choice provided viewers an immersive, intimate experience.

DNCC officials estimated last week that more than one million people visited its site during the first two days of their convention. And about 345,000 people watched the high-definition streaming video of the speeches online.

Those numbers are still dwarfed by the numbers of people who watched the Democratic National Convention on television. More than 22 million people watched the events of the first night at the DNCC when Michelle Obama spoke. That topped the 18.5 million people who watched the first night of the DNCC in 2004, according to Nielsen Media research, which tallied the audiences of ABC, CBS, CNN, Fox News and MSNBC.

Almost 26 milion people watched the second night of the DNCC on television when Hillary Clinton spoke. That's more than four times the number of people who watched the second day of the 2004 convention, according to Nielsen.

Among the speakers tonight are President Bush, senator Joe Lieberman of Connecticut and former Tennessee senator and Fred Thompson. Also of interest to Wired.com readers: Bill Gross, Idealab's Chairman of the Board and CEO will speak within the next hour.   

Free video streaming by Ustream

Update: Sorry, wrong Bill Gross. It was Bill Gross, founder of Farm Rescue who was speaking. Nevertheless, the Republican National Convention's web site had listed both Farm Rescue and IdeaLab's Bill Gross as a speaker.

Image: Wordle.net

Former Attorney General Alberto Gonzales repeatedly violated federal secrecy rules by mishandling documents containing "zealously protected" secrets about government's warrantless wiretapping program, then lied to investigators to cover up his actions,  Justice Department investigators reported Tuesday.

Before his ouster in August, 2007, Gonzales was prone to storing an ultra-secret document about the so-called Terrorist Surveillance Program in his briefcase at his home -- near, but not inside, a personal safe. And at his office,  he stored at least 18 top secret documents about the NSA's wiretapping in a safe used by at least five employees not cleared to know about the program, according to a 29-page report (.pdf) from the department's Inspector General.

At issue are notes Gonzales wrote in March 2004 following a high-stakes rebellion at the Justice Department by conservative Republican appointees questioning the legality of the government's warrantless wiretapping program.  Gonzales, then White House counsel, wrote 21 paragraphs of notes "memorializing" what top Congress officials were told about the the program, and how they reacted. Though he did not officially classify the notes, he wrapped them in several envelopes and at one point, wrote "AG - Eyes Only Top Secret" on the outermost envelope.

In fact the notes and other documents were so sensitive, they were classified as Top Secret/Sensitive Compartmented Information or TS/SCI. That means that the documents can only be properly stored and viewed in specially constructed rooms immune to eavesdropping of all kinds.

But Gonzales told IG investigators he did not think the documents were classified -- though they were the only documents he took with him when he moved from being White House Counsel to Attorney General, according to the report.

Gonzales claimed he "regarded the notes as 'sensitive' because the President asked him to draft them, and thus he 'treated [the notes] as classified.'"

"However, it is clear that the notes contained classified information," the report concludes. "Further, Gonzales's own actions indicated that he viewed the notes as classified. ... We believe that writing "Top Secret" on the envelope suggests that he knew the notes were in fact classified."

When the New York Times revealed the existence of the warantless spying program in December 2005, Gonzales described the leak as a dire threat to the country, and suggested that the journalists who reported on the story could be prosecuted under the Espionage Act.

Interestingly, that same law makes it a federal crime to treat classified information with "gross negligence" resulting in improper storage.  But Gonzales is in no danger of feeling its wrath. The Inspector General referred the matter to the National Security Division, where officials declined to prosecute their former boss.

Photo: Alberto Gonzales being sworn in as Attorney General in February 2005. Susan Walsh/AP

See Also:

• In Spy Debate, Top Spy Lobbies, Attorney General Misleads
• Gonzales Knew About FBI Lawbreaking
• NSA Warrantless Spying Now Special Warrant Spying
• Gonzales Reveals Just A Little in Senate Grilling
• Sen. Rockefeller Lets Slip the Spying Truth: Drift Nets To Be ...
• Former Official's Account of Intensive Care Showdown Over Gov ...
• FBI Director Contradicts Gonzales' Legal Dodges
• Embattled Attorney General Alberto Gonzales Resigns
• Cheney Blocked Promotion of Lawyer Who Questioned Wiretapping Program
• Former DOJ Lawyer Couldn't Find Way to Legalize Bush Spying Program
• Former Justice Insider, an Unlikely Civil Lib Hero, Details ...

When announcing her 17-year-old daughter's pregnancy on Monday in response to rumors circulating on the internet, Alaska Governor and Republican vice presidential nominee Sarah Palin appealed for the media to respect her daughter's privacy.

So far, the mainstream press hasn't responded to Palin's entreaties. But at a time when anyone can set up a blog and be considered "media," would it make the slightest difference if they did?  It's clear that some bloggers will continue to push the story to the ends of the Earth.

"You can't get away from the fact that there are incredibly sensationalist elements to this story," says Kelly McBride, The Poynter Institute's ethics group leader. But she says the story about Bristol Palin's pregnancy would have become news with or without bloggers.

"Keeping that one a secret would have been a long-shot," she says.

That means it's not a question of whether the media should continue to cover the story, but how they do it, she says. The media has an opportunity to provide context and to responsibly shape the tone of the debate.

"There's a sense of schadenfreude to the coverage, in the sense of, 'Oh, look at this beautiful conservative family, what a shame. I think the tone of that might actually backfire, since I don't think this situation of a teen pregnancy [is that unusual]"

Liberal bloggers spread a rumor online this weekend that Palin's four-month-old son Trig is actually her daughter Bristol's. That prompted Palin to break the news about her daughter's pregnancy.

But reporters on the campaign trail don't need to continue to push the issue, McBride says. Instead, they could refocus the bloggers' partisan rhetoric and translate it into a substantive policy story.

"The story is not what the Republican stance on teen pregnancy is -- that's such a dumb, shallow political question," she says. "The question is what is the reality of teen pregnancy in the United States, and how is it affected by public policy?"

McBride says that journalists have a responsibility to check out the rumors floated on the blogs in order to get at the facts for readers, and she cites the media's late response to John Edwards extra-marital affair, uncovered by the National Enquirer, as journalistic malfeasance. But reporting the story  doesn't have to come at the expense of Palin's daughter Bristol.

"You have to find a way to minimize the harm to minors, meaning that you don't stick the paparazzi on them, or stake out their schools, and you wouldn't engage in the full-frontal assault as you might on other personalities in the news," she says. "But ultimately, your loyalty to your audience is greater."

Even if mainstream news organizations exercised restraint in their reporting on Sarah Palin's daughter, that might not necessarily dampen down the public's attention on the subject, notes Jay Rosen, a journalism professor at New York University, and author of the popular journalism blog PressThink. Nevertheless, he agrees there are ways to navigate around the story responsibly.

"I agree that her 17-year-old daughter's life should be kept out of public life," he says. "I think there is something to asking the press to lay off, because within the campaign security perimeters, the only people who can ask questions are the political reporters."

Ultimately, reporters should ask themselves how their stories serve their readers, says McBride.

"One of the ways is that you acknowledge the complexity of teen pregnancy, and you don't reduce stories to political platitudes," she says.

A San Francisco hacker faces up to 10 years imprisonment for intruding into the computers of theme park giant Six Flags, posting a message of love for his girlfriend and inundating the company with bot-produced job applications reading "THIS SITE WAS HACKED."

Over a five-day period in 2004, Mark Kahn, 27, left messages in the amusement park company's network to his girlfriend: "I Love you, Laura," the authorities said.

The IP address from where the hacking originated were traced to web sites used by Kahn, including his personal web site where he posted blogs, pictures of his girlfriend Laura and pictures of cats, according to South Carolina U.S. Attorney W. Walter Wilkins, South Carolina's U.S. attorney.

One picture of a cat helped the authorities nab Kahn, who pleaded (.pdf) guilty last week to one count of hacking (.pdf). Authorities enlarged one picture with a cat on a keyboard and saw a web address to a site in which the hacker described the intrusion.

Agents then tracked down Kahn, posing as potential IT employers, according to Wilkins. Wilkins said the defendant discussed the Six Flags attack and Kahn later confessed to the FBI.

Kahn could not be immediately located for comment. His attorney, Jessica Salvini of South Carolina, did not return messages seeking comment.

The authorities did not provide a motive. Kahn is expected to be sentenced later this year

Photo Missty

See Also:

• Despite Rumors, Republican VP Candidate Is No Hacker
• UK Hacker Gary McKinnon Plays the Asperger's Card
• Hacker Reportedly Kidnaps and Tortures Informant, Posts Picture as ...
• Indicted Federal Informant Allegedly Strong-Armed Hacker Into ...
• British UFO Hacker Gary McKinnon Is Coming to America
• Hacker, Counterfeiter Comes Clean Ahead of Prison Stint
• Hacker Launches Botnet Attack via P2P Software

The Department of Homeland Security should not use the user-generated Wikipedia to decide whether an asylum seeker can enter the United States, a federal appeals court ruled Friday.

That judicial statement of the obvious (.pdf) from the 8th U.S. Circuit Court of Appeals overturned a ruling by the Board of Immigration Appeals, which said DHS committed no big foul in using a site editable by anyone with a computer to decide the fate of a woman named Lamilem Badasa.

DHS decided to deport Badasa after consulting Wikipedia to decide whether a Ethiopian travel document known as a laissez-passer was adequate to prove her identity.

Using the Wikipedia page as evidence, the government convinced an immigration judge that the document did not prove her identity, calling it a one-way travel document based on information provided by the applicant.

While the Board of Immigration Appeals subsequently said it didn't "encourage the use of resources such as Wikipedia.com in reaching pivotal decisions in immigration proceedings," it allowed the decision to stand since it couldn't find any clear error.

The three-judge panel of the appeals court found that split decision disturbing. The court reiterated that anyone can edit Wikipedia and there's no guarantee that the information on the page at the time the government officials looked at it had any correct information at all. The site may have misled and tainted government officials' decisions in the case, the judges ruled:

The [Board of Immigration Appeals] presumably was concerned that Wikipedia is not a sufficiently reliable source on which to rest the determination that an alien alleging a risk of future persecution is not entitled to asylum. [...]

We do not know whether the [Immigration Judge] would have reached the same conclusion without Wikipedia, or whether (and, if so, why) the [Board of Immigration Appeals] believes that the IJ’s consideration of Wikipedia was harmless error, in the sense that it did not influence the IJ’s decision.

The appeals court sent the case back down to the Board of Immigration Appeals to have it explain why it believes Wikipedia didn't taint the entire decision-making process.

Future U.S. asylum seekers are well advised to make sure the Wikipedia page about, say, Burma's repressive government are adequately dire before submitting their application.

Photo: Flickr/Kevin Wong

See Also:

• WikiScanner Creator Releases New Tools to Uncover Anonymous Edits
• Vote On the Most Shameful Wikipedia Spin Jobs -- UPDATED
• Democrats Launch McCainpedia, an Attack Site Masquerading as a Wiki
• DHS Ready to Test Interpol Database for Stolen Passports; Other ...

When John McCain's vice presidential pick Sarah Palin issued a statement Monday regarding her five-month-pregnant 17-year-old daughter Bristol, she assured the world that her daughter is keeping the baby and getting married.

"Bristol and the young man she will marry are going to realize very quickly the difficulties of raising a child, which is why they will have the love and support of our entire family," according to a statement issued by the Alaska governor and her husband Todd. "We ask the media to respect our daughter and Levi's privacy as has always been the tradition of children of candidates."

Even if the so-called mainstream media respected the Palins' request, progressive/liberal bloggers continue to pound away at Palin and her family. (It was rumors spread by the liberal bloggers that prompted Palin to break the news about her daughter. Rivaling the ethics of the smear campaign against McCain in the 2000 presidential race, liberal bloggers asserted that Palin's four-month-old son Trig is actually her daughter Bristol's son. The Palins cleared up the game of Chinese whispers by stating the facts.) 

So the media haven't listened to the Palins and have begun digging into the story.

The New York Post, for example, dug up Bristol Palin's boyfriends MySpace page. Palin's boyfriend is 18-year-old Levi Johnston, a self-described "redneck" who was on the high-school hockey team, and who confesses, on his MySpace page, that he doesn't want kids.

The page has since been set to "private."

But the few revelations about Johnston are enough for someone to have set up a spoof web page.

The latest entry reads: "ABORT ABORT ABORT."

"I've talked it over with Bristol, and I think we're going to have an abortion. I hope her mom doesn't find out about this ... does anybody know where the nearest abortion clinic is from Wasilla, AK??"

Palin is an outspoken opponent of abortion under most circumstances.

Cindy McCain and First Lady Laura Bush Speaking At The 2008 Republican National Convention at the Xcel Energy Center, Minneapolis-St.Paul.

Officials canceled most of the day's events apart from essential business on Monday, the first day of the convention because of Hurricane Gustav, which made landfall in Louisiana. This year's convention is the latest that the Republican National Convention has ever been held.
Photo: Republican National Convention Committee

John McCain and the Republican National Convention Committee trained the electorate's attention toward the Gulf Coast on the opening day of their party convention as Hurricane Gustav made landfall in Louisiana.

Not only did McCain's landing page on his web site point visitors to aid efforts aimed at helping hurricane victims, but during their brief appearances at the convention, both the Republican presidential nominee's wife Cindy McCain and First Lady Laura Bush appealed to Americans to pull together, and to organize relief efforts via the web 

"I would ask that each one of us commit to join together to aid those in need as quickly as possible," said Cindy McCain at the convention Monday. "As John has been saying for the past several days, this is a time when we take off our Republican hats and put on our American hats. In that spirit, we'd like to ask that you go to a web site called A Cause Greater, or www.causegreater.com that will allows all of us to aide those affected by Hurricane Gustav."

"Although the task of helping the region to recover from this disaster is too large for any one individual or organization, together we can accomplish so much in helping those affected," McCain added.