<<<
Chronological Index
>>> <<<
Thread Index
>>>
[ga] Interesting ICANN related info - Bytes in brief...
All assembly members,
I thought some of this might be of interest considering the security
related
issues being discussed and the upcoming MDR ICANN meeting.
============== From "Bytes In Brief" Follows ==============
BYTES IN BRIEF
OCTOBER 2001
**************************************************************
BYTES IN BRIEF® is a joint publication of Sensei Enterprises,
Inc., an information technology consulting firm and Nelson &
Wolfe, a business and technology law firm. The "designer"
version of "Bytes" may be found at http://www.senseient.com
Editors: Sharon D. Nelson, Esq. and John W. Simek
Editor Emeritus: G.V. Nelson
9400+ subscribers worldwide
(c) 2001 Sensei Enterprises, Inc./Nelson & Wolfe
**************************************************************
ANTITERRORISM ACT OF 2001 CRAFTED
The Federal Bureau of Investigation has been circulating
drafts of the Antiterrorism Act of 2001 to Congressional
lawmakers, seeking to beef up the right of law enforcement
authorities to engage in electronic surveillance. The Act
would allow officials to obtain wiretap authority for an
individual rather than a phone number, and permit wider
seizure of voice mail messages and the interception of
"computer trespasser" communications. The measure would also
require that an Internet Service Provider be compelled to make
disclosures of its customers' electronic communications "if
the provider reasonably believes that an emergency involving
immediate danger of death or serious physical injury of any
person requires disclosure." As we go to press, multiple
versions of the bill are floating around and negotiators are
meeting to determine what portions of the legislation may be
removed or altered. Some members of Congress are attempting to
draft an alternative to the Act, one which is less extreme,
and which particularly alters the Act's view of "hacking as
terrorism." One version of the Act may be found at
http://www.eff.org/Privacy/Surveillance/20010919_ata_bill_draf
t.html
NEW COALITION URGES CONGRESS TO CONSIDER PRIVACY INTERESTS
A new privacy coalition has formed in the wake of the
terrorist attacks against the U.S. Called In Defense of
Freedom, it consists of about 150 organizations, including the
American Civil Liberties Union, the Leadership Conference on
Civil Rights, the Council on American-Islamic Relations, and
Americans for Tax Reform. This highly disparate group held a
press conference on September 20th, making clear that the first
item on their agenda is to challenge portions of the
Antiterrorism Act of 2001, as proposed by the FBI.
Somewhat humorously, the group asked lawmakers to pledge, at a
minimum, that they would not vote for a bill they had not
actually read. The group is specifically concerned about the
expansion of wiretapping and electronic surveillance powers,
new immigration laws designed to make it easier to detain
suspects, and provisions which make it easier for authorities
to obtain warrants for and information about suspects. The
bill would essentially treat low-level computer trespass as
hacking and would allow the U.S. government to utilize
information illegally collected by foreign authorities. The
group has released a 10-point statement of principles that it
asks Congress to consider before enacting laws in the wake of
the recent terrorist attacks. Specifically, the group would
like the bill de-aggregated, so that its provisions may be
debated and acted upon separately. The Act may be found at
http://www.cdt.org/security/010911response.shtml. In Defense
of Freedom, and its 10-point statement of principles, may be
found at http://www.indefenseoffreedom.org
LEGAL TECHAID FORMED TO AID N.Y. DISPLACED LAWYERS
According to the New York State Bar Association, 14,000
lawyers were displaced by the destruction of the World Trade
Center. In response, Ross Kodner, the President of MicroLaw,
founded Legal TechAid, a group of legal IT professionals
willing to offer pro bono assistance to displaced attorneys in
New York City. MicroLaw's LegalAid site provides a wealth of
listings to help affected attorneys, including a list of all
those legal IT professionals who have volunteered to assist,
with their contact information and their areas of expertise.
The site may be found at
http://www.microlaw.com/nyrelief/index.htm#listserve. Further
assistance may also be found through the New York State Bar at
http://www.nysba2.org/wtc
FEAR OF CYBERATTACKS GROWS
A special Congressional Commission, The Advisory Panel to
Assess Domestic Response Capabilities for Terrorism Involving
Weapons of Mass Destruction, has warned that future terrorist
attacks against the U.S. might occur in conjunction with
cyberattacks meant to maximize the impact of physical
weaponry. Disruption of communications is believed to be a
particular emphasis of Osama bin Laden. The Commission is
planning to speed up the release of its third report,
originally due in December, to include proposals to help
address its concerns in light of the September 11th attack.
Further information may be found at
http://www.rand.org/nsrd/terrpanel/
DISASTER RELATED SCAMS PROLIFERATE ON NET
The Coalition Against Unsolicited Commercial Email (CAUCE) and
the SpamCon Foundation have issued warnings that con artists
are concocting online frauds to profit from the terrorist
attacks on September 11th. Most of the scams arrive through
spam or postings in community forums soliciting donations for
victims and survivors of the attacks. A typical message claims
to be part of an "Express Relief Fund" or "Victims Survivor
Fund." Another widespread e-mail solicited donations for the
Red Cross, but the link leads to a web site unconnected with
the Red Cross. The agencies caution would-be donors to verify
the solicitor's identity through another medium such as the
telephone before donating money through credit cards or
sending checks. Donors should also be wary of official-looking
web sites that may be posturing as genuine charities. Further
information may be found at http://www.cauce.org
DOJ WON'T PURSUE MICROSOFT BREAKUP
On September 6th, the Department of Justice did a complete
"about face" and said it would no longer seek a breakup of
Microsoft, but would instead seek to establish regulations
governing Microsoft's conduct. The DOJ also announced that it
would not pursue its claim that Microsoft had violated
antitrust law by tying its browser to the Windows operating
system. The government is expected to seek restrictions which
would prohibit Microsoft from giving discounts to hardware or
software developers in exchange for promoting or distributing
other Microsoft products. Microsoft would also have to monitor
and report on all alterations to Windows which slow or degrade
the performance of third party applications such as browsers,
e-mail clients, multimedia software, instant messaging
software and voice recognition software. Though some of state
attorneys general involved in case indicated that they would
follow the DOJ's lead, the attorneys general from New York and
California have indicated that they might pursue their own
sanctions if they are dissatisfied with the DOJ's ultimate
outcome. Specifically, they want the DOJ to consider the
implications of the new Windows XP operating system as part of
the current case. Microsoft has been working on a settlement
proposal, which is expected to be combative about the need for
conduct restrictions.
On September 12th, Microsoft filed another brief with the U.S.
Supreme Court, asking it to reverse the decision of the
appellate court, arguing that the entire case had been tainted
by the misconduct of trial judge Thomas Penfield Jackson.
Jackson gave secret interviews to journalists before issuing
his ruling disparaging Microsoft and comparing its executives
to common criminals. Microsoft said that the appeals court's
decision to uphold portions of Jackson's ruling "cannot be
reconciled with the decisions of other (courts) that have
ordered new trials for far less egregious violations . . ."
The Department of Justice, in an August 31st brief, urged the
Supreme Court to reject Microsoft's appeal and said that the
company's argument "rests squarely on a mischaracterization of
the court of appeals' ruling."
On September 20th, the Justice Department, 18 states and
Microsoft filed a joint status report with U.S. District Judge
Colleen Kollar-Kotelly at her request. Though there were some
areas of agreement, there were more areas of disagreement. The
parties could not come to an agreement on a proposed schedule.
The government would like to have the remedy hearing begin on
February 4, 2002 with discovery proceeding until then.
Microsoft argued that it "is premature to attempt to establish
a schedule for discovery and other procedures leading up to a
remedy hearing until the (trial) court has
determined what types of relief can be considered in light of
the Court of Appeals' decision." Legal experts expect that
Microsoft will try to delay proceedings as much as possible in
order to get Windows XP established in the marketplace.
On September 28th, Judge Kollar-Kotelly told the parties in a
status hearing that settlement talks should proceed 24 hours a
day, seven days a week until the November 2nd deadline. If the
parties have not settled by October 12th, the judge said she
would appoint a mediator to expedite settlement. If there is
no settlement by November 2nd, Kollar-Kotelly said she expects
hearings to begin in March to determine what sanctions should
apply to prevent future violations of antitrust law by
Microsoft. Pleadings in the case may be found at
http://www.microsoft.com/presspass/legalnews.asp
JUDGE HALTS USE OF RED LIGHT CAMERAS
On September 4th, San Diego Superior Court Judge Ronald Styn
threw out 300 tickets for running a red light, saying that the
evidence provided by the cameras used was "so untrustworthy
and unreliable, it should not be admitted." Approximately 60
cities and counties in the U.S. utilize similar cameras. Styn
called the San Diego program flawed because it allows the
private company that operates the red light cameras to collect
a part of the $271 fine for each ticket issued. The company
receives about $70 for each ticket. Because the company
decides whether a motorist should be ticketed, the judge found
there was a conflict of interest. Specifically, he held that
the program violates a state law that does not allow such law
enforcement programs to be operated by private companies. He
did, however, rule that using a camera to gather evidence is
not unconstitutional. Further information may be found at
http://www.usatoday.com/life/cyber/tech/2001-09-05-judge-
nixes-red-light-cams.htm
HUSBAND CHARGED WITH COMPUTER TRESPASS
Divorce attorneys have been warning that criminal charges
would begin appearing in divorce cases involving computer
trespass between spouses, and a Michigan husband has in fact
been charged because he installed surveillance software called
eBlaster on his wife's computer to permit him to track her
computer usage and to read all of her e-mail and messages.
Steven Paul Brown was charged with installing an eavesdropping
device, eavesdropping, using a computer to commit a crime and
having unauthorized computer access. He faces possible jail
time of up to five years. Further information may be found at
http://www.latimes.com/technology/wire/sns-ap-hackers-
charged0906sep06.story
EBAY VINDICATED IN COPYRIGHT INFRINGEMENT CASE
On September 6th, U.S. District Court Judge Robert Kelleher
issued a summary judgment in favor of eBay in a case involving
the sale of bootlegged copies of a Charles Manson documentary
called "Manson." Robert Hendrickson, the co-director and co-
producer of the documentary, filed suit against eBay, alleging
that the auction site failed to prevent the sale of illegal
DVD copies of his film. Kelleher ruled that eBay had abided by
its responsibilities under the Digital Millennium Copyright
Act (DMCA) to guard against infringement. The DMCA requires
auction sites to shut down auctions of infringing materials
once they have notice from a copyright or trademark owner of
the infringement. Hendrickson had never provided eBay with
notice of the infringement. Further information may be found
at http://www.usatoday.com/life/cyber/ccarch/2001/09/13/sinrod
.htm
MAFIABOY SENTENCED TO EIGHT MONTHS
'Mafiaboy,' the Canadian teenager who wreaked havoc for a week
in February of 2000, shutting down many major Internet sites,
will spend the next eight months in a juvenile detention
center. Judge Gilled Ouellet, who presided over the trial in
Quebec's Youth Court, sentenced him on September 12th.
Mafiaboy will also serve one year of probation after his
release from the detention center. During his probation, he
will be allowed to attend school and have a part-time job. He
was also ordered by Ouellet to donate $250 to charity. Further
information may be found at http://news.cnet.com/news/0-1005-
200-7141694.html
ICANN PROTECTS COUNTRY DOMAIN NAMES
The Internet Corporation for Assigned Names and Numbers voted
on September 10th to prevent the domain names of countries from
being given to cybersquatters using fraudulent applications to
claim them during the pre-registration period for trademark
holders who want to lock up the .info domain. The .info domain
became available on September 19th, the first time an
unrestricted domain has been added to the Internet since 1985.
Its implementation has been controversial as 10 to 25 percent
of the 53,000 names registered thus far appear to be based on
questionable trademarks. Afilias, the company sponsoring .info
has said it will challenge all questionable registrations in
December. ICANN board members voted 11-7 to prevent any more
country names from being registered by outsiders, and to
require Afilias to hand over recovered domain names to the
countries involved. Country names will be taken from an
official list established by the International Organization
for Standardization. ICANN's ban will expire in March of next
year. The board also voted to approve plans for the dot-aero,
dot-coop and dot-museum domains, allowing managers of those
domains to bring them online when they are ready. Further
information is available at
http://www.icann.org/minutes/prelim-report-10sep01.htm
LUCK WAS A LADY, TOO MUCH SO
Oh, those hackers. CryptoLogic, Inc. a Canadian software
company that develops online casinos, admitted in early
September that a hacker had cracked one of its gaming servers,
altering the craps and video slot games so that players
consistently won. The hack occurred in late August, and
allowed 140 gamblers to win $1.9 million. Every roll of the
dice in craps came up doubles and the slots showed cherries
across the board. The attack affected two of CryptoLogic's 19
casino operating licensees. The winners were permitted to keep
the money since they were believed to be innocent of any
wrongdoing. CryptoLogic believes that the intrusion was
probably someone with inside knowledge of its systems and is
cooperating with investigators. CryptoLogic will absorb
$600,000 of the misappropriated winnings, and a $1.3 million
insurance claim will cover the remainder. CryptoLogic's web
site may be found at http://www.cryptologic.com
EUROPE WARNS AGAINST ECHELON
Times have certainly changed quickly, but on September 5th, the
European Union voted 367-159, with 34 abstentions, to adopt 44
recommendations designed to counter Echelon, the worldwide spy
network led by the United States. Though the U.S. has denied
the existence of Echelon, the EU accepted a 140-page report
confirming Echelon's existence and reporting that it operates
in cooperation with Britain, Canada, Australia and New
Zealand. The purpose of Echelon, according to the report, is
primarily to monitor private and commercial communications,
not military communications. The report calls for closer
European cooperation in setting up a joint encryption and
intelligence-gathering system. It also recommends that
sensitive information sent by e-mail be encrypted. Also
included is a recommendation that the EU and the U.S. draw up
rules strengthening international laws on data and privacy
protection. Further information may be found at
http://www.europarl.eu.int/committees/echelon_home.htm
FEDERAL JUDGES AND EMPLOYEES WILL BE MONITORED
On September 19th, the Judicial Conference approved a
compromise measure that permits some tracking of the Internet
use by judges and court employees, such as the downloading of
pornography and music. A previous provision that would have
permitted the monitoring of e-mail was abandoned. Prior to
this, there had been no policy governing computer use for the
30,000 federal court employees, including about 1,800 judges.
The Administrative Office of the U.S. Court in Washington will
oversee monitoring. Supervisors would be notified of suspicious
activity such as lengthy downloading times. Employees could be
disciplined for downloading pornography or music, gambling
online or using their computers for personal matters during
work. Some sites, including Napster, will simply be blocked.
The Conference also recommended that courts begin placing all
civil cases online, with certain personal identifiers removed.
Within two years, the Conference will revisit the issue of
placing criminal cases online. Further information may be found
at http://www.uscourts.gov/Press_Releases/jc901a.pdf
APPEALS COURT REBUFFS NAPSTER/PARTIAL SETTLEMENT
A three judge panel of the 9th Circuit Court of Appeals refused
to continue its temporary stay of a District Court order
issued on July 11th that demanded 100% compliance with an
earlier copyright infringement prohibition. The panel refused
to examine the various prohibitions defined by the trial court
in a preliminary injunction against the music file swapping
service issued on March 5th. The September 17th ruling also
orders both sides to stop peppering the court with briefs. The
parties were sternly instructed to "refrain from filing any
further papers in the office of the clerk of this court"
related to the appeals, unless those documents relate to
future orders of the court or are citations of relevant cases
that could be kept to a single page. Napster announced on
September 24th that it had partially settled the case and made
a deal with major music publishers. As part of the deal,
Napster has agreed to pay $26 million to settle its ongoing
legal disputes with music publishers and songwriters. Record
labels are continuing with their own litigation, which means
Napster is still faced with possible substantial legal
damages. According to the terms of the deal, the owners of
music-publishing rights will receive one-third of the
royalties that Napster will pay content owners, leaving two-
thirds of those royalties for record labels. It is not clear
exactly how much money that will be, or what proportion of
Napster's revenues that figure might represent. Napster has
said it would pay an advance of $10 million against future
licensing fees. Legal documents in the case may be found at
http://www.napster.com/pressroom/legal.html
CDA HELD TO PROTECT AMAZON.COM
A Washington state appeals court ruled on September 17th that
the Communications Decency Act (CDA) immunizes Amazon.com from
liability for possibly defamatory comments posted on its web
site by customers attacking an author. Author Jerome Schneider
attempted to hold Amazon.com responsible for the posts,
alleging defamation and tortious interference with a business
expectancy. One of the posts suggested that Schneider, whose
books often discuss tax avoidance methods, is a felon. After
Amazon.com raised the CDA defense, the complaint was revised
to drop the defamation claim and allege negligent
misrepresentation and breach of contract, arguing that
Amazon.com had decision making authority over the content. The
CDA says that an "interactive computer service provider" can
escape being judged as the "publisher or speaker of any
information provided by another information content provider."
Schneider's lawyers argued that Amazon.com isn't an ISP like
America Online, whose service actually connects people to the
Internet. The appellate judges said that they saw little
difference between AOL's role as a bulletin board host and
Amazon.com's provision of a free-for-all book review service.
VOYEURDORM WINS COURT BATTLE
VoyeurDorm, the rampagingly successful soft-core porn site,
has won its legal battle against the city of Tampa, Florida,
which was trying to close its Internet doors. Tampa lawyers
argued that the VoyeurDorm home, based in the residential
neighborhood of Wellswood, was an adult business, and
therefore in violation of city zoning regulations. But the 11th
Circuit Court of Appeals disagreed, and overturned the lower
court's decision on September 21st finding that because the
public does not and cannot attend the actual activities of
VoyeurDorm, it does not fall afoul of the city ordinance.
About 80,000 VoyeurDorm members pay $34.95 per month to watch
the "real life" activities of 13 young women observed by 55
continuously operating webcasting cameras. Further information
may be found at
http://www.wired.com/news/politics/0,1283,47104,00.html
NIMDA: A WORM WITH A TWIST
NIMDA, a virulent new worm/virus hybrid (Admin spelled
backwards to tweak system administrators) took the world by
storm. First appearing on September 18th, the worm could be
spread by visiting infected web sites or via e-mail, even when
the attachment was not opened. If Code Red had previously
infected your server, the worm could spread by exploiting the
back door that Code Red left behind. The worm/virus exploits
multiple vulnerabilities of various Microsoft products and can
cause systems to overload and crash with the constant self-
replication activity. Anti-virus companies scrambled to write
a fix and Microsoft hustled to offer patches. Microsoft's
information on NIMDA, preventing it and combating it, may be
found at http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/topics/Nimda.asp
*****************************************************
If you are interested in licensing "Bytes in Brief" for
retransmission to your clients under your firm's name,
please e-mail snelson@senseient.com
...........................................................
Sensei Enterprises, Inc. is an information technology
consulting firm, located in Fairfax, Virginia, with
particular expertise in providing technological solutions for
law firms, courts, and other legal entities.
Phone: 703-359-0700
Fax: 703-359-8434
E-mail: sensei@senseient.com
Web site: http://www.senseient.com
Nelson & Wolfe is a business and technology law firm located
in Fairfax, Virginia.
Phone: 703-359-9889
Fax: 703-359-8434
E-mail: snelson@nelsonwolfe.com
Web site: http://www.nelsonwolfe.com
Regards,
--
Jeffrey A. Williams
Spokesman for INEGroup - (Over 118k members strong!)
CEO/DIR. Internet Network Eng/SR. Java/CORBA Development Eng.
Information Network Eng. Group. INEG. INC.
E-Mail jwkckid1@ix.netcom.com
Contact Number: 972-447-1800 x1894 or 214-244-4827
Address: 5 East Kirkwood Blvd. Grapevine Texas 75208
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|