Search This Blog
Tuesday, June 24, 2008
Yahoo Adds Two E-Mail Domains To Saturated Yahoo.com
Friday, June 20, 2008
Firefox 3 Easily Exceeds Download Record
Once the Guinness Book of World Records authenticates the download activity, the Mozilla Foundation should see a figure in the range of 8.3 million downloads of the Firefox browser in a 24-hour period.
FIREFOX fans kept the servers busy at Mozilla during the organization's Download Day. The day aimed to deliver a world record number of downloads to Firefox's global fans.
Mozilla CEO John Lilly noted a few of the highlights of the day on his blog. Though they recorded over 8.3 million downloads, Lilly expects that number to decrease a little as they review counts over the next few weeks.
Their network witnessed impressive traffic numbers, once some early issues caused by heavy demand were resolved. "At the peak, we were serving 17,000 downloads a minute (283 per second!), and saw sustained download rates in excess of 4,000/minute," Lilly said.
Once the dust cleared, Firefox ended up with a 4 percent global share of the browser market. World leader Internet Explorer, via a cake delivered to Mozilla, congratulated the group on shipping the latest version of Firefox.
Wednesday, June 18, 2008
Firefox aims for download record
Version 3 of the popular Firefox web With the release, Firefox developer Mozilla "It's a global effort to make history," said |
Thursday, June 12, 2008
Click the wrong link and wind up in jail
In the 10 Things blog, Deb Shinder recently pointed out 10 ways you might be breaking the law with your computer and not even know it. There’s yet another way that wasn’t mentioned in that article. Specifically it has to do with recent arrests made by the FBI in suspected child pornography cases.
As has been reported in News.com and elsewhere, the FBI has been recently employing fake Web sites to lure people into child pornography. A suspect doesn’t have to have any child pornography on his computer either. Merely clicking the link is enough to trigger an investigation, search warrants, and the resultant perp walk, whether or not there was any intent to indeed consume child pornography as part of the clicking.
ClickBait
With most normal criminal law, part of the element of the crime is the intent to commit the offense that you’ve been arrested for. Not so in this case. The FBI has been using a small clause in the U.S. Code related to “Certain activities relating to material involving the sexual exploitation of minors.” The relevant fine print is down in Subsection (b):
(1) Whoever violates, or attempts or conspires to violate, paragraphs (1), (2), or (3) of subsection (a) shall be fined under this title and imprisoned not less than 5 years and not more than 20 years…
(2) Whoever violates, or attempts or conspires to violate, paragraph (4) of subsection (a) shall be fined under this title or imprisoned not more than 10 years, or both…
The bold and italics on “or attempts” are mine. It’s to highlight the fact that the mere attempt, which can, and has been construed to, mean merely clicking a link, is enough to enact the statute. Don’t be surprised. Lawyers and law enforcement often fight over the meaning of a single word. As a matter of fact, the Supreme Court ruled that the entire law was constitutional as written.
The only defense that can be made to the charge is that if there are found to be less than 3 images on a computer and the user:
(2) promptly and in good faith, and without retaining or allowing any person, other than a law enforcement agency, to access any visual depiction or copy thereof—
(A) took reasonable steps to destroy each such visual depiction;
or
(B) reported the matter to a law enforcement agency and afforded that agency access to each such visual depiction.
Improbable cause
But what if the user didn’t know the images were on the computer? Or what if the user didn’t know what the Web site was before it was clicked?
Sorry. That doesn’t count. The link got clicked. The images are on the computer. Go to jail. Go directly to jail. Don’t pass Go. Don’t collect $200.
Certainly such a thing wouldn’t happen, right? The only way someone could go to a kiddie porn site was to find the link and intentionally click it. As an IT leader you do, or should, know better.
There are many, many different ways users can be tricked into clicking things or winding up on sites they shouldn’t have. First, there’s the obvious things that can happen when viruses or other malware redirect browsers to go places they’re not supposed to. Someone could program a simple redirect in a Web site, maybe through something as simple as a clear gif, forwarding a browser to the target Web site. Even something as simple as creating a link in TinyURL that points to
the site.
TinyURL is especially dangerous, because there’s no way to know exactly what the destination address is before the user goes there. It could be an easy tool for one user to use against another as a cruel joke or some form of retaliation.
Even some modern browsers can potentially cause problems and automatically visit a site without a user clicking a link. Some browsers like Firefox may precache links to Web sites, loading the images and content for a site without your even having to click through to the site. Theoretically this is to speed load times for a user in case he or she decides to go to a linked site. As you can see, however, if the link goes to the FBI’s site, a click wouldn’t even have to occur. The browser would contact the site and attempt to pull content.
The agent who has pinned your user to the floor and is rummaging through your company’s office space doesn’t know whether the user clicked the content or a browser precached it. Nor does he particularly care. An attempt was made, and that’s all it takes.
Extrapolate the problem
It’s bad enough if the attempt occurred at an employee’s home. The FBI may choose to expand the search warrant to the employee’s place of business, potentially wreaking havoc on your entire business. Just think about the problems that could occur if such a violation occurred from within the workplace itself. In such a case, the entire workplace could be disrupted as law enforcement tries to figure out exactly who the perp is.
This would also be a good place to remind you about the implications of an unsecured wireless access point. Should the access to the faked site come from your organization but from an unsecured access point, you’re still going to be in for a whole lot of headaches.
The bottom line for IT leaders
As if you didn’t have enough to worry about on a day-to-day basis, add to the pile the possibility of a visit by law enforcement because of the accidental, precached, or tricked-into clicking of a fake child pornography site. It’s impossible to defend child pornography, but the way the law is currently written and zealously enforced, you need to be aware of the potential problem. The current broad interpretation can lead to extreme problems for your users, your organization, and you personally.
Have an acceptable use policy in place. Make sure users know where they should and should not go, both at home and especially at work. Warn them about the dangers of clicking through any TinyURL link. Consider banning the usage of TinyURL from work and blocking the domain. Reinforce the information about malware that may redirect them to places they don’t want to go.
Make sure your entire network is secure from unauthorized remote access, especially unsecured wireless access points. Remember, the violation only has to come from somewhere within your organization. A hacker in the parking lot surfing free Internet is just as bad as Mary in Accounting accessing one of these sites.
Make sure your users inform you if they wind up on a site with illicit content. Don’t violate the law yourself by viewing the content, but make sure you thoroughly remove any potentially incriminating files. The best way to do so is from the command line.
Finally, keep the company’s lawyer on speed-dial. Consult your company’s attorney to see what to do from there.
Friday, June 6, 2008
10 ways you might be breaking the law with your computer
Legislation that affects the use of Internet-connected computers is springing up everywhere at the local, state, and federal levels. You might be violating one of them without even knowing it.
In this article, we’ll take a look at some of the existing laws and some of the pending legislation that can affect how we use our computers and the Internet. Nothing in this article should be construed as legal advice; this is merely an overview of some of the legislation that’s out there, how it has been interpreted by the courts (if applicable), and possible implications for computer users.
Note: This information is also available as a PDF download.
#1: Digital Millennium Copyright Act (DMCA)
Most computer users have heard of this law, which was signed in 1998 by President Clinton, implementing two World Intellectual Property Organization (WIPO) treaties. The DMCA makes it a criminal offense to circumvent any kind of technological copy protection — even if you don’t violate anyone’s copyright in doing so. In other words, simply disabling the copy protection is a federal crime.
There are some exemptions, such as circumventing copy protection of programs that are in an obsolete format for the purpose of archiving or preservation. But in most cases, using any sort of anti-DRM program is illegal. This applies to all sorts of copy-protected files, including music, movies, and software. You can read a summary of the DMCA here.
If you’re a techie who likes the challenge of trying to “crack”DRM,” be aware that doing so — even if you don’t make or distribute illegal copies of the copyrighted material — is against the law.
#2: No Electronic Theft (NET) Act
This is another U.S. federal law that was passed during the Clinton administration. Prior to this act, copyright violations were generally treated as civil matters and could not be prosecuted criminally unless it was done for commercial purposes. The NET Act made copyright infringement itself a federal criminal offense, regardless of whether you circumvent copy-protection technology or whether you derive any commercial benefit or monetary gain. Thus, just making a copy of a copyrighted work for a friend now makes you subject to up to five years in prison and/or up to $250,000 in fines. This is the law referred to in the familiar “FBI Warning” that appears at the beginning of most DVD movies. You can read more about the NET Act here.
Many people who consider themselves upstanding citizens and who would never post music and movies to a P2P site think nothing of burning a copy of a song or TV show for a friend. Unfortunately, by the letter of the law, the latter is just as illegal as the former.
#3: Court rulings regarding border searches
Most Americans are aware of the protections afforded by the U.S. Constitution’s fourth amendment against unreasonable searches and seizures. In general, this means that the government cannot search your person, home, vehicle, or computer without probable cause to believe that you’ve engaged in some criminal act.
What many don’t know is that there are quite a few circumstances that the Courts, over the years, have deemed to be exempt from this requirement. One of those occurs when you enter the United States at the border. In April of this year, the Ninth Circuit Court of Appeals upheld the right of Customs officers to search laptops and other digital devices at the border (the definition of which extends to any international airport when you are coming into the country) without probable cause or even the lesser standard of reasonable suspicion. The Electronic Frontier Foundation (EFF) and other groups strongly disagree with the ruling. You can read more on the EFF Web site.
Meanwhile, be aware that even though you’ve done nothing illegal and are not even suspected of such, the entire contents of your portable computer, PDA, or smart phone can be accessed by government agents when you enter the United States. So if you have anything on your hard drive that might be embarrassing, you might want to delete it before crossing the border.
#4: State laws regarding access to networks
Many states have criminal laws that prohibit accessing any computer or network without the owner’s permission. For example, in Texas, the statute is Penal Code section 33.02, Breach of Computer Security. It says, “A person commits an offense if the person knowingly accesses a computer, computer network or computer system without the effective consent of the owner.” The penalty grade ranges from misdemeanor to first degree felony (which is the same grade as murder), depending on whether the person obtains benefit, harms or defrauds someone, or alters, damages, or deletes files.
The wording of most such laws encompasses connecting to a wireless network without explicit permission, even if the wi-fi network is unsecured. The inclusion of the culpable mental state of “knowing” as an element of the offense means that if your computer automatically connects to your neighbor’s wireless network instead of your own and you aren’t aware of it, you haven’t committed a crime — but if you decide to hop onto the nearest unencrypted wi-fi network to surf the Internet, knowing full well that it doesn’t belong to you and no one has given you permission, you could be prosecuted under these laws.
A Michigan man was arrested for using a cafĂ©’s wi-fi network (which was reserved for customers) from his car in 2007. Similar arrests have been made in Florida, Illinois, Washington, and Alaska. See
#5: “Tools of a crime” laws
Some states have laws that make it a crime to possess a “criminal instrument” or the “tool of a crime.” Depending on the wording of the law, this can be construed to mean any device that is designed or adapted for use in the commission of an offense. This means you could be arrested and prosecuted, for example, for constructing a high gain wireless antenna for the purpose of tapping into someone else’s wi-fi network, even if you never did in fact access a network. Several years ago, a California sheriff’s deputy made the news when he declared “Pringles can antennas” illegal under such a statute.
#6: “Cyberstalking” laws
Stalking is a serious crime and certainly all of us are in favor of laws that punish stalkers. As Internet connectivity has become ubiquitous, legislatures have recognized that it’s possible to stalk someone from afar using modern technology. Some of the “cyberstalking” laws enacted by the states, however, contain some pretty broad language.
For example, the Arkansas law contains a section titled “Unlawful computerized communications” that makes it a crime to send a message via e-mail or other computerized communication system (Instant Messenger, Web chat, IRC, etc.) that uses obscene, lewd, or profane language, with the intent to frighten, intimidate, threaten, abuse, or harass another person. Some of the lively discussions on mailing lists and Web boards that deteriorate into flame wars could easily fall under that definition. Or how about the furious e-mail letter you sent to the company that refused to refund your money for the shoddy product you bought?
Closely related are the laws against “cyber bullying” that have recently been passed by some states and local governments.
The best policy is to watch your language when sending any type of electronic communications. Not only can a loss of temper when you’re online come back to embarrass you, it could possibly get you thrown in jail.
#7: Internet Gambling laws
Like to play poker online or bet on the horse races from the comfort of your home? The federal Unlawful Internet Gambling Enforcement Act of 2006 criminalizes acceptance of funds from bettors — but what about the bettors themselves? Are they committing a crime?
Under this federal law, the answer is no, but some state laws do apply to the person placing the bet. For example, a Washington law passed in 2006 makes gambling on the Internet a felony. The King County Superior Court just recently upheld that law, although challengers have vowed to take it to the Supreme Court.
Be sure to check out the state and local laws before you make that friendly online bet.
#8: Security Breach Disclosure laws
A California law passed in 2003 requires that any company that does business in California must notify their California customers if they discover or suspect that nonencrypted data has been accessed without authorization. This applies even if the business is not located in California, as long as you have customers there, and no exception is made for small businesses.
#9: Community Broadband Act of 2007
This is a piece of pending federal legislation that was introduced in July of 2007 as U.S. Senate Bill 1853. In April 2008, it was placed on the Senate Legislative Calendar under General Orders and is still winding its way through the legislative process. This federal law would prohibit state and local governments (municipalities and counties) from passing laws that prohibit public telecommunications providers from offering Internet services.
This is in response to laws passed in a few states, as a result of lobbying from the telecom industry, that prohibit cities from installing and operating public broadband networks, such as public wi-fi networks. The big telecom companies have a vested interest in preventing cities from establishing networks that could compete with their own services by providing free or low cost Internet services because the public services are partially or wholly taxpayer-subsidized.
If this law passes, it could make it easier to find free or low cost ISP services in cities that choose to build public networks. On the other hand, it could (depending on how it’s funded) cause tax increases for those who live in those municipalities, including those who don’t use the public networks.
#10: Pro IP Act
Back on the copyright front, the House of Representative recently approved by an overwhelming majority HR 4279, which imposes stricter penalties for copyright infringement. It creates a new position of “copyright enforcement czar” in the federal bureaucracy and gives law enforcement agents the right to seize property from copyright infringers.
This may all sound fine in theory, but when you look at the way other seizure and forfeiture laws have been applied (for instance, the ability of drug enforcement officers to seize houses, computers, cars, cash, and just about everything else that belongs to someone tagged as a suspected drug dealer — and in some cases not returning the property even when the person is acquitted or not prosecuted), it makes many people wary. Read more about the bill here.
Some local jurisdictions have already established seizure authority for piracy. See this article for more information.
Courtesy Tech Republic , Author: Debra Littlejohn Shinder
Date: May 16th, 2008