Slashdot Mirror

coondoggie writes "Ocean City, New Jersey is a nice, family-oriented beach that will apparently soon be the high-tech model for seashore lovers and now perhaps geeks everywhere. The city has on its plate a $3 million plan for myriad public services and Internet access using radio-frequency identification chips (RFID) and Wi-Fi wireless technology. A wireless network will let Ocean City expand economic development and control the cost of local services. Wireless allows the City to save on cell phone usage, T-1 lines, and it adds efficiency. The city is looking to replace its ubiquitous but mostly annoying beach tags — which indicate you paid to get on the beach $5 per day, $10 for a week, or $20 for the whole summer — with wristbands that contain an RFID chip. Yet another cool feature of the high-tech beach will be the ability to track beachgoers — an application that is being touted by parents."

coondoggie writes "Ocean City, New Jersey is a nice, family-oriented beach that will apparently soon be the high-tech model for seashore lovers and now perhaps geeks everywhere. The city has on its plate a $3 million plan for myriad public services and Internet access using radio-frequency identification chips (RFID) and Wi-Fi wireless technology. A wireless network will let Ocean City expand economic development and control the cost of local services. Wireless allows the City to save on cell phone usage, T-1 lines, and it adds efficiency. The city is looking to replace its ubiquitous but mostly annoying beach tags — which indicate you paid to get on the beach $5 per day, $10 for a week, or $20 for the whole summer — with wristbands that contain an RFID chip. Yet another cool feature of the high-tech beach will be the ability to track beachgoers — an application that is being touted by parents."

coondoggie writes with a link to a Network World blog post on the world's first unmanned attack squadron. The US is deploying a full squadron of combat drones to Iraq this week. These armed and remotely controlled robots can be manipulated from on the ground in the field, or via satellite from thousands of miles away. "The MQ-9 Reaper is the Air Force's first hunter-killer unmanned aircraft. It is the big brother to the highly successful and sometimes controversial Predator aircraft, which General Atomics said this week had flown over 300,000 flight hours, with over 80% of that time spent in combat. The company said Predator series aircraft have flown an average of 8,200 hours per month over the past six months while maintaining the highest operational readiness rates in the U.S. military aircraft inventory. The MQ-9 Reaper is twice as fast as the Predator - it has a 900-horsepower turbo-prop engine, compared to the 119-horsepower Predator engine - and can carry far more ordnance - 14 Hellfire missiles as opposed to two."

coondoggie writes with a link to a Network World blog post on the world's first unmanned attack squadron. The US is deploying a full squadron of combat drones to Iraq this week. These armed and remotely controlled robots can be manipulated from on the ground in the field, or via satellite from thousands of miles away. "The MQ-9 Reaper is the Air Force's first hunter-killer unmanned aircraft. It is the big brother to the highly successful and sometimes controversial Predator aircraft, which General Atomics said this week had flown over 300,000 flight hours, with over 80% of that time spent in combat. The company said Predator series aircraft have flown an average of 8,200 hours per month over the past six months while maintaining the highest operational readiness rates in the U.S. military aircraft inventory. The MQ-9 Reaper is twice as fast as the Predator - it has a 900-horsepower turbo-prop engine, compared to the 119-horsepower Predator engine - and can carry far more ordnance - 14 Hellfire missiles as opposed to two."

coondoggie sends us to a Network World story, as is his wont, about network problems at Duke University in Durham, N.C. that seem to be related to the iPhone. "The Wi-Fi connection on Apple's recently released iPhone seems to be the source of a big headache for network administrators at Duke. The built-in 802.11b/g adapters on several iPhones periodically flood sections of the school's wireless LAN with MAC address requests, temporarily knocking out anywhere from a dozen to 30 wireless access points at a time. Campus network staff are talking with Cisco, the main WLAN provider, and have opened a help-desk ticket with Apple. But so far, the precise cause of the problem remains unknown. 'Because of the time of year for us, it's not a severe problem,' says Kevin Miller, assistant director, communications infrastructure, with Duke's Office of Information Technology. 'But from late August through May, our wireless net is critical. My concern is how many students will be coming back in August with iPhones? It's a pretty big annoyance, right now, with 20-30 access points signaling they're down, and then coming back up a few minutes later. But in late August, this would be devastating.'" So far, the communication with Apple has been "one-way."

coondoggie sends us to a Network World story, as is his wont, about network problems at Duke University in Durham, N.C. that seem to be related to the iPhone. "The Wi-Fi connection on Apple's recently released iPhone seems to be the source of a big headache for network administrators at Duke. The built-in 802.11b/g adapters on several iPhones periodically flood sections of the school's wireless LAN with MAC address requests, temporarily knocking out anywhere from a dozen to 30 wireless access points at a time. Campus network staff are talking with Cisco, the main WLAN provider, and have opened a help-desk ticket with Apple. But so far, the precise cause of the problem remains unknown. 'Because of the time of year for us, it's not a severe problem,' says Kevin Miller, assistant director, communications infrastructure, with Duke's Office of Information Technology. 'But from late August through May, our wireless net is critical. My concern is how many students will be coming back in August with iPhones? It's a pretty big annoyance, right now, with 20-30 access points signaling they're down, and then coming back up a few minutes later. But in late August, this would be devastating.'" So far, the communication with Apple has been "one-way."

coondoggie writes with a link to a NetworkWorld article about an ongoing prize offered by the Department of Defense. The DoD is looking for very special battery, and they're willing to pay up to a million dollars for it. The battery in question is a 'wearable battery pack', one that will be powerful enough to fuel the soldier of the future but light enough not to burden him. "The DoD says typical soldier going out for a four-day mission carries as much as 40 pounds of batteries and rechargers in his pack and it wants to fix that. The goal is to reduce the weight for the power system that drives radios, night-vision devices, global positioning systems and other combat gear, including a recharging system, to about 2 pounds per day. The DoD is looking to mimic the Defense Advanced Research Projects Agency which has experienced successes using contests to attract competitors to develop innovative unmanned vehicles and other objects. Now the Defense Research and Engineering Office is hoping to tap into that same competitive spirit to develop longer-duration, lighter-weight power supplies. Three prizes will be awarded in November 2008: $1 million, $500,000 and $250,000."

coondoggie writes with a link to a NetworkWorld article about an ongoing prize offered by the Department of Defense. The DoD is looking for very special battery, and they're willing to pay up to a million dollars for it. The battery in question is a 'wearable battery pack', one that will be powerful enough to fuel the soldier of the future but light enough not to burden him. "The DoD says typical soldier going out for a four-day mission carries as much as 40 pounds of batteries and rechargers in his pack and it wants to fix that. The goal is to reduce the weight for the power system that drives radios, night-vision devices, global positioning systems and other combat gear, including a recharging system, to about 2 pounds per day. The DoD is looking to mimic the Defense Advanced Research Projects Agency which has experienced successes using contests to attract competitors to develop innovative unmanned vehicles and other objects. Now the Defense Research and Engineering Office is hoping to tap into that same competitive spirit to develop longer-duration, lighter-weight power supplies. Three prizes will be awarded in November 2008: $1 million, $500,000 and $250,000."

An anonymous reader wrote in with an article that leads: "Microsoft will release six groups of security patches next week, including three critical updates for Windows and Excel users. The critical updates will fix bugs in many different versions of Microsoft's products including the latest versions of Excel, Windows XP, Vista and Windows Server 2003, Microsoft said."

coondoggie passed us a NetworkWorld blog post about the incredible rock-em-sock-em mainframe. Knocked frequently in recent years, the site notes that IBM's workhorse continues to do important work in a number of enterprise environments. "While there are some out there who'd like to see its demise, a true threat to the Big Iron has never really amounted to much. Even today, the proponents of commodity boxes offering less expensive x86/x64 or RISC technologies say the mainframe is doomed. But the facts say otherwise. For example, IBM recently said the mainframe has achieved three consecutive quarters of growth, marked by new customers choosing the platform for the first time and existing customers adding new workloads, such as Linux and Java applications."

coondoggie passed us a NetworkWorld blog post about the incredible rock-em-sock-em mainframe. Knocked frequently in recent years, the site notes that IBM's workhorse continues to do important work in a number of enterprise environments. "While there are some out there who'd like to see its demise, a true threat to the Big Iron has never really amounted to much. Even today, the proponents of commodity boxes offering less expensive x86/x64 or RISC technologies say the mainframe is doomed. But the facts say otherwise. For example, IBM recently said the mainframe has achieved three consecutive quarters of growth, marked by new customers choosing the platform for the first time and existing customers adding new workloads, such as Linux and Java applications."

An anonymous reader writes "The Chinese capital city of Beijing is now a global leader in distributing viruses. According to UK-based managed security services company Network Box, Beijing accounts for 40 percent of all viruses that passed though the company's servers in June, and 5.25 percent of detected spam. This compares with slightly lower percentages for cities in countries noted for having a malware problem. Moscow was second for spam with 5.12 percent, Seoul third with 3.58 percent, Turk in Turkey fourth with 3.4 percent, and London in fifth place at 2.47 percent. 'As more and more users come online in China, there's a good chance those computers are using pirated software without up-to-date security fixes, making them prime targets for hackers who are actually located elsewhere in the world, [Simon] Heron said. Those compromised computers, which are used to send spam and make it more difficult to identify the spammer, are so valuable that hacker gangs have been competing to take over machines. If one gang finds a machine running another gang's Trojan horse program — one that appears harmless to the victim but can be used to control a machine — they'll try to remove the software.'"

coondoggie alerts us to research out of Ohio State University that could help authorities respond to car accidents more quickly and ease traffic back-ups at lower cost, particularly in rural areas. The software improves the efficiency of communications from in-road vehicle detection loops to transportation engineers monitoring conditions in order to improve traffic flow. Faster response to accidents and traffic jams could have huge payoffs: a 2002 study estimated that traffic jams cost the average city almost a billion dollars a year.

netbuzz writes "SAP's CEO Henning Kagermann uses the undoubtedly lawyered term 'inappropriate download' to describe the company's questionable actions. Henning blames a rogue business unit, but there can be no mistaking the fact that Oracle caught SAP with its hand in the IP jar on this one. The legal proceedings that will follow should prove interesting. 'The admission hurts SAP's reputation in the battle with Larry Ellison's Oracle in the $56 billion market for software that manages tasks such as payroll. The rivalry between SAP and Oracle escalated when Oracle filed its March 22 lawsuit claiming SAP workers hacked into a Web site and stole software codes on a grand scale.'"

coondoggie writes "Earlier this year Captain America was slain as the climax to Marvel Comics' Civil War event. The renowned hero will be buried in the next issue of Marvel Comics' 'Fallen Son,' due on July 5. 'Writer Jeph Loeb has been busy working through the stages of grief in his most recent titles, according to an Associated Press story. A book centered on Wolverine dealt with denial; one with the Avengers covered anger; and Spider-Man battled depression. With the story line so relevant to present-day politics, and the timing of the latest issue so precise, it's hard not to think the whole thing is one big slam on the government.'"

coondoggie writes "Earlier this year Captain America was slain as the climax to Marvel Comics' Civil War event. The renowned hero will be buried in the next issue of Marvel Comics' 'Fallen Son,' due on July 5. 'Writer Jeph Loeb has been busy working through the stages of grief in his most recent titles, according to an Associated Press story. A book centered on Wolverine dealt with denial; one with the Avengers covered anger; and Spider-Man battled depression. With the story line so relevant to present-day politics, and the timing of the latest issue so precise, it's hard not to think the whole thing is one big slam on the government.'"

coondoggie writes us with a link to the Network World site, as he tends to do. Today he offers an article discussing the cancellation of a presentation which would have undermined chip-based security on PCs. Scheduled during the Black Hat USA 2007 event, the event's briefing promised to break the Trusted Computing Group's module, as well as Vista's Bitlocker. Live demos were to be included. The presenters pulled the event, and have no interest in discussing the subject any more. "[Presenters Nitin and Vipin Kumar's] promised exploit would be a chink in the armor of hardware-based system integrity that [trusted platform module] (TPM) is designed to ensure. TPM is also a key component of Trusted Computing Group's architecture for network access control (NAC). TPM would create a unique value or hash of all the steps of a computer's boot sequence that would represent the particular state of that machine, according to Steve Hanna, co-chair of TCG's NAC effort."

coondoggie writes us with a link to the Network World site, as he tends to do. Today he offers an article discussing the cancellation of a presentation which would have undermined chip-based security on PCs. Scheduled during the Black Hat USA 2007 event, the event's briefing promised to break the Trusted Computing Group's module, as well as Vista's Bitlocker. Live demos were to be included. The presenters pulled the event, and have no interest in discussing the subject any more. "[Presenters Nitin and Vipin Kumar's] promised exploit would be a chink in the armor of hardware-based system integrity that [trusted platform module] (TPM) is designed to ensure. TPM is also a key component of Trusted Computing Group's architecture for network access control (NAC). TPM would create a unique value or hash of all the steps of a computer's boot sequence that would represent the particular state of that machine, according to Steve Hanna, co-chair of TCG's NAC effort."

teh_commodore writes "Scientific American is reporting that Google is now asking a Federal judge to extend the government's anti-trust oversight of Microsoft, specifically with regard to desktop search software. Microsoft had already agreed to modify Vista to allow rival desktop search engines, but Google says that this remedy will come too late — specifically, after (most of) the anti-trust agreement expires in November. What makes this political maneuver interesting is that Google went over the heads of the Department of Justice and US state regulators, who had found Microsoft's compromise acceptable, to appeal directly to the Federal judge overseeing the anti-trust settlement." Update: 06/26 17:20 GMT by KD : The judge is unwilling to play along with Google; she said she will likely defer to an agreement on desktop search forged between Microsoft and the plaintiffs in the case: i.e. Justice and the states.

coondoggie writes to tell us that top among feature requests for any next-gen communications system among federal network managers is the ability to identify and notify employees in real time. "Federal interest in presence technologies 'may come from the fact that agencies want to know where their workforce is to be able to look at the effectiveness and the efficiency of what they're able to do,' says Aaron Heffron, vice president of Market Connections. 'They want to be in contact with them at all times.'"

coondoggie writes to tell us that top among feature requests for any next-gen communications system among federal network managers is the ability to identify and notify employees in real time. "Federal interest in presence technologies 'may come from the fact that agencies want to know where their workforce is to be able to look at the effectiveness and the efficiency of what they're able to do,' says Aaron Heffron, vice president of Market Connections. 'They want to be in contact with them at all times.'"

Matt writes "Morrisville State College, a New York State school in central New York, is partnering with Meru Networks and IBM to deploy the first 802.11n wireless network. They will be using around 900 access points and are planning to go live this fall."

coondoggie writes "On top of its recently announced plan to reduce flight delays, Federal Aviation Administration officials today launched what they hope will be pan U.S. and European Union joint action plan to cut greenhouse gas emissions from aircraft. Specifically the group announced the Atlantic Interoperability Initiative to Reduce Emissions or AIRE — the first large-scale environmental plan aimed at uniting aviation players from both sides of the Atlantic."

coondoggie writes "On top of its recently announced plan to reduce flight delays, Federal Aviation Administration officials today launched what they hope will be pan U.S. and European Union joint action plan to cut greenhouse gas emissions from aircraft. Specifically the group announced the Atlantic Interoperability Initiative to Reduce Emissions or AIRE — the first large-scale environmental plan aimed at uniting aviation players from both sides of the Atlantic."

coondoggie writes to tell us that several California state legislators are pressuring IBM to release the Costa school district from some $5 million of long-standing debt as a charitable donation. "The back story on this tale is that the school district owes IBM for computers ordered in the late 1980s and early 1990s. For one reason or another the computers were never used and no one now seems to be able to locate either the paperwork or the hardware. The school district experienced hard financial times and ultimately never paid Big Blue for the computers. In 1993 the district and IBM negotiated a long-term settlement that said the school district would pay the first of four $1.25 million installments beginning in 2008. Payments were deferred until then because 2008 was the year the district was scheduled to finish making state loan repayments under its previous loan plan, according to the Contra Costa story."

coondoggie writes to tell us that several California state legislators are pressuring IBM to release the Costa school district from some $5 million of long-standing debt as a charitable donation. "The back story on this tale is that the school district owes IBM for computers ordered in the late 1980s and early 1990s. For one reason or another the computers were never used and no one now seems to be able to locate either the paperwork or the hardware. The school district experienced hard financial times and ultimately never paid Big Blue for the computers. In 1993 the district and IBM negotiated a long-term settlement that said the school district would pay the first of four $1.25 million installments beginning in 2008. Payments were deferred until then because 2008 was the year the district was scheduled to finish making state loan repayments under its previous loan plan, according to the Contra Costa story."

coondoggie writes to tell us that the FBI has released the findings of their recent botnet study and have identified over 1 million botnet crime victims. "The FBI is working with industry partners, including the Computer Emergency Response Team Coordination Center at Carnegie Mellon University, to notify the victim owners of the computers. Microsoft and the Botnet Task Force have also helped out the FBI. Through this process the FBI may uncover additional incidents in which botnets have been used to facilitate other criminal activity, the FBI said in a statement.Bots are widely recognized as one of the top scourges of the industry. Gartner predicts that by year-end 75% of enterprises 'will be infected with undetected, financially motivated, targeted malware that evaded traditional perimeter and host defenses.'"

coondoggie writes to tell us that the FBI has released the findings of their recent botnet study and have identified over 1 million botnet crime victims. "The FBI is working with industry partners, including the Computer Emergency Response Team Coordination Center at Carnegie Mellon University, to notify the victim owners of the computers. Microsoft and the Botnet Task Force have also helped out the FBI. Through this process the FBI may uncover additional incidents in which botnets have been used to facilitate other criminal activity, the FBI said in a statement.Bots are widely recognized as one of the top scourges of the industry. Gartner predicts that by year-end 75% of enterprises 'will be infected with undetected, financially motivated, targeted malware that evaded traditional perimeter and host defenses.'"

coondoggie writes "Looking to address critics, the US Patent and Trademark Office this week is starting a program to speed up and improve the review of computer hardware and software technologies. The agency is set to launch a peer-review pilot project that will give technical experts in computer technology, for the first time, the opportunity to submit technical reports relevant to the claims of a published patent application before an examiner reviews it. The idea is to get as much knowledge about a particular claim in front of an examiner as quickly as possible so they can make a decision faster, the agency said. IBM, Microsoft, General Electric, Hewlett-Packard, CA, and Red Hat have already agreed to review some software patent applications for the one-year community review project. Intel, Sun, Oracle, Yahoo, and others are also part of the project. The pilot is a joint initiative with the Community Patent Review Project, organized by the New York Law School's Institute for Information and Policy.

coondoggie writes "Looking to address critics, the US Patent and Trademark Office this week is starting a program to speed up and improve the review of computer hardware and software technologies. The agency is set to launch a peer-review pilot project that will give technical experts in computer technology, for the first time, the opportunity to submit technical reports relevant to the claims of a published patent application before an examiner reviews it. The idea is to get as much knowledge about a particular claim in front of an examiner as quickly as possible so they can make a decision faster, the agency said. IBM, Microsoft, General Electric, Hewlett-Packard, CA, and Red Hat have already agreed to review some software patent applications for the one-year community review project. Intel, Sun, Oracle, Yahoo, and others are also part of the project. The pilot is a joint initiative with the Community Patent Review Project, organized by the New York Law School's Institute for Information and Policy.

alphadogg writes "Answers to wireless network questions such as: What impact will 802.11n have? Which wireless security threats are scariest? What of wireless VoIP? Will your organization need to change to support enterprise mobility? How do you control costs in an expanding mobile and wireless environment? What can you do to stop wireless denial-of-service attacks?"

alphadogg writes "Neil Schubert is only partly kidding when he calls Marriott International's move toward a converged network a horror story. 'I'm here to tell you a terrifying tale of network design, support and administration,' he said at an IT conference in Boston, referring to a major bandwidth crunch caused by guests wielding Slingboxes and other network devices that overran the hotel chain's outdated network. 'One of the things we've learned about our guest networks is we have one of the most foreign, hostile environments known to man in the network administration world ... I can take 100,000 customers a night on that infrastructure and we actually have less incidents of harm than we do on our corporate back-office infrastructure.'"

whitehartstag writes with a link to a Network World article about statements from Xandros in the wake of their Microsoft deal. Xandros CEO Andreas Typaldos made a point of stating that they don't believe their product violates any of Microsoft's patents. Nor, he said, did the software giant share with them exactly which patents they believe Linux violates. Just the same, he's disappointed with the reaction they've received from the open source community. "Feedback from the Linux community has been on the order of 'you shouldn't really be talking to the devil.' Linux and open-source advocates believe it is a big issue and say the Xandros deal, and another signed by Novell with Microsoft last year, erodes open source licensing provisions especially around intellectual property issues. Indeed, the Free Software Foundation is rewriting its GNU General Public License (GPL) 3.0 to prohibit such patent deals in the future."

netbuzz writes in to note that some early adopters of Microsoft Vista are reporting problems with Vista's implementation of IPv6. An example:"'We are seeing a number of applications that are IP-based that do not like the addressing scheme of IPv6,' says one user. 'We will send a print job to an IP-based printer, and the print job becomes corrupted. We're seeing this with Window's Vista machines. When IPv6 is installed, this happens without fail. As soon as we remove IPv6, all of our printer functions return to normal.'"

netbuzz writes in to note that some early adopters of Microsoft Vista are reporting problems with Vista's implementation of IPv6. An example:"'We are seeing a number of applications that are IP-based that do not like the addressing scheme of IPv6,' says one user. 'We will send a print job to an IP-based printer, and the print job becomes corrupted. We're seeing this with Window's Vista machines. When IPv6 is installed, this happens without fail. As soon as we remove IPv6, all of our printer functions return to normal.'"

coondoggie writes with a link to a NetworkWorld article about the dangers of IT department snoops. A study released today is likely to exacerbate the trend of failing trust in employees; it shows that one in three IT employees poke through systems and prod at confidential information while on the job. The survey was done by a firm specializing in password security, so some salt might be required for this particular article. "The survey found that more than one-third of IT professionals admit they could still access their company's network once they'd left their current job, with no one to stop them. More than 200 IT professionals participated in the survey with many revealing that although it wasn't corporate policy to allow IT workers to access systems after termination, still almost 25% of respondents knew of another IT staff member who still had access to sensitive networks even though they'd left the company long ago."

coondoggie writes with a link to a NetworkWorld article about the dangers of IT department snoops. A study released today is likely to exacerbate the trend of failing trust in employees; it shows that one in three IT employees poke through systems and prod at confidential information while on the job. The survey was done by a firm specializing in password security, so some salt might be required for this particular article. "The survey found that more than one-third of IT professionals admit they could still access their company's network once they'd left their current job, with no one to stop them. More than 200 IT professionals participated in the survey with many revealing that although it wasn't corporate policy to allow IT workers to access systems after termination, still almost 25% of respondents knew of another IT staff member who still had access to sensitive networks even though they'd left the company long ago."

Bennett Haselton is back with another piece on e-mail privacy. He starts "On April 14, 2007, I signed up for an AmeriTrade account using an e-mail address consisting of 16 random alphanumeric characters, which I never gave to anyone else. On May 15, I started receiving pump-and-dump stock spams sent to that e-mail address. I was hardly the first person to discover that this happens. Almost all of the top hits in a Google search for "ameritrade spam" are from people with the same story: they used a unique address for each service that they sign up with, so they could tell if any company ever leaked their address to a spammer, and the address they gave to AmeriTrade started getting stock spam. (I don't actually do that with most companies where I create accounts. But after hearing all the AmeriTrade stories, I created an account with them in April just for the purpose of entering a unique e-mail address and seeing if it would get leaked.)" Bennett continues on if you're willing to click the link.

What's surprising is that as far as I can tell, AmeriTrade has taken almost no heat in the media for letting this happen. Despite the abundant testimonials from bloggers who had their addresses leaked, the story never crossed over into the "mainstream" Internet press. In a recent Bloomberg News story, the FBI warned that E*Trade and AmeriTrade users were vulnerable to spyware installed by criminals in hotels and cybercafes to capture accounts and run pump-and-dump stock spams; no mention of the fact that all AmeriTrade e-mail addresses were apparently already in the hands of spammers anyway (although no one knows if usernames and passwords were leaked to the spammers as well).

This doesn't bode well for anyone who uses any type of online service and wants that service to keep their personal information secure. If AmeriTrade got skewered in the media for leaking customers' personal information to spammers, other companies would see that and learn the lesson. On the other hand, if AmeriTrade gets away with it with barely a whisper in the mainstream news, other companies are going to take note of that, too. Besides, spam and identity theft hurt everyone, not just the victims, because the costs are passed on to all of us in terms of higher ISP charges, higher payment processing fees, and more mail lost due to stringent spam filters.

AmeriTrade disclosed in April 2005 that a tape containing some customer information might have been stolen in February of that year, and many spam victims who blogged about their AmeriTrade addresses being stolen, referenced that incident as the likely cause. But after Bill Katz's blog post became a clearinghouse of sorts for complaints about stolen AmeriTrade addresses (probably as a result of being the first match on Google for "ameritrade spam"), several users posted that they had received spam at accounts that were only created with AmeriTrade in summer 2006. And then my e-mail address got leaked between April 14 and May 15, 2007. So it's pretty clear that some attacker has access to the AmeriTrade customer database on an ongoing basis, and the February 2005 tape theft probably had nothing to do with it.

AmeriTrade says that California law required them to notify their California customers of a potential security breach after the tapes were stolen, and that they went further and notified all of their customers anyway. Since there is now proof that their database is more or less perpetually open to some outside attacker, will they send out another notification letter to customers?

An accidental security breach can happen to any responsible company, especially if they are compromised from the inside. But the trail of blogosphere and UseNet posts indicates that several times AmeriTrade has concealed the full extent of the problem from customers who asked them about it, or has given out information that they already knew was wrong. In one thread in October 2005, a user reported that they wrote to AmeriTrade asking why their AmeriTrade-only e-mail address was getting spammed, and AmeriTrade replied that the spammer might have guessed the address using a dictionary attack, adding:

We have no reason to believe that any of our systems have been compromised. Ameritrade deploys state of the art firewalls, intrusion detection, anti-virus software as well as employs a full time staff of employee's dedicated strictly to Information Security and protecting Ameritrade's systems from unauthorized access.

But that was long after February 2005, when AmeriTrade said that tapes containing customer data were stolen. (Even if that turned out not to be the cause of the spam after all, by that point AmeriTrade knew that their customers' addresses had been leaked somehow.)

Then when my friend Art Medlar complained to AmeriTrade this year about the same thing happening, he got a response saying that even if he was getting spammed by an address that he only gave to AmeriTrade, that could be the result of hackers "implanting 'bots' that have the ability to extract e-mail addresses from your computer, even when you have protective spy software engaged". But of course this makes no sense -- if this were the source of the problem, it would affect everyone's e-mail addresses equally, and would not explain why a disproportionate number of complaints were coming from people who created addresses that they gave to AmeriTrade specifically.

When I sent AmeriTrade my own inquiry, I got a response that was identical to a forwarded message that someone else posted to news.admin.net-abuse.email in April. (To their credit, in this version of the message, AmeriTrade is acknowledging responsibility for the problem instead of attributing it to dictionary attacks or botnets. But the e-mail contains the curious piece of advice: "Please be sure to delete any spam you might receive, then empty your e-mail's trash so that it's no longer kept there, either." Huh? As one reader replied to the UseNet thread: "Cynical Translation: Please don't retain any independent evidence.") At first I didn't realize this was a boilerplate response, so I sent back some more questions, asking, for example, whether they would notify their California customers of the data security breach as required by that state's laws. The second response I got was a copy of the old boilerplate that they were sending out two years ago, blaming "dictionary attacks".

Now, compared to the 1,000 spams I already get every day (pre-filtering), the AmeriTrade spams were just a drop in the bucket, and many of their customers are probably in the same boat. And unlike most AmeriTrade customers, at least I can stop all AmeriTrade spam just by de-activating those addresses, since they aren't used for anything else. (Right now I'm keeping them open just to see what else comes in.) But AmeriTrade's database also contains much more valuable information such as names, PIN numbers (do you use the same PIN number everywhere that you sign up?), and Social Security Numbers. When I signed up for my account, informed by dire warnings that federal law required accurate information "to help the government fight the funding of terrorism and money laundering activities", I gave AmeriTrade my real SSN, address, and other personal data, figuring that if I gave them false information, I might get in more trouble than the experiment was worth. But now that the attacker has my e-mail, they might have all of my other information as well. In the coming months I'll probably start checking my credit report more often than I used to.

Probably someone inside AmeriTrade is selling customer data to an outside spammer. (It seems less likely that an attacker would keep breaking into AmeriTrade repeatedly to get updated copies of the customer list. Once you've broken in and gotten the customer database from 2006, why bother breaking in a year later, taking the risk all over again of getting caught and going to jail, just to get the updated 2007 database? Surely the 2006 list would be enough to run any pump-and-dump stock scam that you want!) Two suggestions to AmeriTrade to tighten their security: First, the number of people within the company who can access the customer database, is probably a lot larger than the number who actually need to access the customer database. Limit access to the e-mail database to people who actually need it. Second, in any cases where different employees really need to have access to the list, try giving them different versions of it, where each version is "seeded" with spamtrap addresses at Hotmail and Yahoo Mail. If the spamtrap addresses that start receiving spam are all ones that were used to seed one particular employee's copy of the list, then you've found the source of the leak. That won't stop the spam being sent to addresses that have already been stolen, but it could prevent further leaks from happening.

The SEC recently announced that they would suspend trading of companies whose stocks had been the target of spam campaigns to manipulate the price. Perhaps AmeriTrade could do something similar -- once a stock is identified as being promoted in spams sent to AmeriTrade customers, any customer attempting to buy that stock would be presented with a message saying that AmeriTrade was blocking the transaction for security reasons. (If this runs afoul of some SEC regulation that a brokerage has to let you buy any stock you want any time you want, then at least display a big warning when AmeriTrade users try to buy it through their system, saying that the stock has been the subject of a fraudulent promotion scheme and is an extremely high-risk buy.) However, while this would remove the incentive for stock spammers to target AmeriTrade customers, it's also really just covering up a symptom of the problem, rather than addressing the problem itself, which is that a spammer was able to steal the customer information from AmeriTrade's database in the first place.

But whatever they do, AmeriTrade should stop blowing off the people who complain about the spam, with messages about "dictionary attacks" and "botnets". When customers create specialized spamtrap addresses to detect if their e-mails ever get leaked, those are the tech-savvy customers who (a) know what they're doing, and (b) hate spam more than most people, and giving them misleading information is just poking a stick in their eye. Not a smart move when AmeriTrade has been leaking private customer information and is based, as their name indicates, in the most litigious country in the history of the world.

Bennett Haselton is back with another piece on e-mail privacy. He starts "On April 14, 2007, I signed up for an AmeriTrade account using an e-mail address consisting of 16 random alphanumeric characters, which I never gave to anyone else. On May 15, I started receiving pump-and-dump stock spams sent to that e-mail address. I was hardly the first person to discover that this happens. Almost all of the top hits in a Google search for "ameritrade spam" are from people with the same story: they used a unique address for each service that they sign up with, so they could tell if any company ever leaked their address to a spammer, and the address they gave to AmeriTrade started getting stock spam. (I don't actually do that with most companies where I create accounts. But after hearing all the AmeriTrade stories, I created an account with them in April just for the purpose of entering a unique e-mail address and seeing if it would get leaked.)" Bennett continues on if you're willing to click the link.

What's surprising is that as far as I can tell, AmeriTrade has taken almost no heat in the media for letting this happen. Despite the abundant testimonials from bloggers who had their addresses leaked, the story never crossed over into the "mainstream" Internet press. In a recent Bloomberg News story, the FBI warned that E*Trade and AmeriTrade users were vulnerable to spyware installed by criminals in hotels and cybercafes to capture accounts and run pump-and-dump stock spams; no mention of the fact that all AmeriTrade e-mail addresses were apparently already in the hands of spammers anyway (although no one knows if usernames and passwords were leaked to the spammers as well).

This doesn't bode well for anyone who uses any type of online service and wants that service to keep their personal information secure. If AmeriTrade got skewered in the media for leaking customers' personal information to spammers, other companies would see that and learn the lesson. On the other hand, if AmeriTrade gets away with it with barely a whisper in the mainstream news, other companies are going to take note of that, too. Besides, spam and identity theft hurt everyone, not just the victims, because the costs are passed on to all of us in terms of higher ISP charges, higher payment processing fees, and more mail lost due to stringent spam filters.

AmeriTrade disclosed in April 2005 that a tape containing some customer information might have been stolen in February of that year, and many spam victims who blogged about their AmeriTrade addresses being stolen, referenced that incident as the likely cause. But after Bill Katz's blog post became a clearinghouse of sorts for complaints about stolen AmeriTrade addresses (probably as a result of being the first match on Google for "ameritrade spam"), several users posted that they had received spam at accounts that were only created with AmeriTrade in summer 2006. And then my e-mail address got leaked between April 14 and May 15, 2007. So it's pretty clear that some attacker has access to the AmeriTrade customer database on an ongoing basis, and the February 2005 tape theft probably had nothing to do with it.

AmeriTrade says that California law required them to notify their California customers of a potential security breach after the tapes were stolen, and that they went further and notified all of their customers anyway. Since there is now proof that their database is more or less perpetually open to some outside attacker, will they send out another notification letter to customers?

An accidental security breach can happen to any responsible company, especially if they are compromised from the inside. But the trail of blogosphere and UseNet posts indicates that several times AmeriTrade has concealed the full extent of the problem from customers who asked them about it, or has given out information that they already knew was wrong. In one thread in October 2005, a user reported that they wrote to AmeriTrade asking why their AmeriTrade-only e-mail address was getting spammed, and AmeriTrade replied that the spammer might have guessed the address using a dictionary attack, adding:

We have no reason to believe that any of our systems have been compromised. Ameritrade deploys state of the art firewalls, intrusion detection, anti-virus software as well as employs a full time staff of employee's dedicated strictly to Information Security and protecting Ameritrade's systems from unauthorized access.

But that was long after February 2005, when AmeriTrade said that tapes containing customer data were stolen. (Even if that turned out not to be the cause of the spam after all, by that point AmeriTrade knew that their customers' addresses had been leaked somehow.)

Then when my friend Art Medlar complained to AmeriTrade this year about the same thing happening, he got a response saying that even if he was getting spammed by an address that he only gave to AmeriTrade, that could be the result of hackers "implanting 'bots' that have the ability to extract e-mail addresses from your computer, even when you have protective spy software engaged". But of course this makes no sense -- if this were the source of the problem, it would affect everyone's e-mail addresses equally, and would not explain why a disproportionate number of complaints were coming from people who created addresses that they gave to AmeriTrade specifically.

When I sent AmeriTrade my own inquiry, I got a response that was identical to a forwarded message that someone else posted to news.admin.net-abuse.email in April. (To their credit, in this version of the message, AmeriTrade is acknowledging responsibility for the problem instead of attributing it to dictionary attacks or botnets. But the e-mail contains the curious piece of advice: "Please be sure to delete any spam you might receive, then empty your e-mail's trash so that it's no longer kept there, either." Huh? As one reader replied to the UseNet thread: "Cynical Translation: Please don't retain any independent evidence.") At first I didn't realize this was a boilerplate response, so I sent back some more questions, asking, for example, whether they would notify their California customers of the data security breach as required by that state's laws. The second response I got was a copy of the old boilerplate that they were sending out two years ago, blaming "dictionary attacks".

Now, compared to the 1,000 spams I already get every day (pre-filtering), the AmeriTrade spams were just a drop in the bucket, and many of their customers are probably in the same boat. And unlike most AmeriTrade customers, at least I can stop all AmeriTrade spam just by de-activating those addresses, since they aren't used for anything else. (Right now I'm keeping them open just to see what else comes in.) But AmeriTrade's database also contains much more valuable information such as names, PIN numbers (do you use the same PIN number everywhere that you sign up?), and Social Security Numbers. When I signed up for my account, informed by dire warnings that federal law required accurate information "to help the government fight the funding of terrorism and money laundering activities", I gave AmeriTrade my real SSN, address, and other personal data, figuring that if I gave them false information, I might get in more trouble than the experiment was worth. But now that the attacker has my e-mail, they might have all of my other information as well. In the coming months I'll probably start checking my credit report more often than I used to.

Probably someone inside AmeriTrade is selling customer data to an outside spammer. (It seems less likely that an attacker would keep breaking into AmeriTrade repeatedly to get updated copies of the customer list. Once you've broken in and gotten the customer database from 2006, why bother breaking in a year later, taking the risk all over again of getting caught and going to jail, just to get the updated 2007 database? Surely the 2006 list would be enough to run any pump-and-dump stock scam that you want!) Two suggestions to AmeriTrade to tighten their security: First, the number of people within the company who can access the customer database, is probably a lot larger than the number who actually need to access the customer database. Limit access to the e-mail database to people who actually need it. Second, in any cases where different employees really need to have access to the list, try giving them different versions of it, where each version is "seeded" with spamtrap addresses at Hotmail and Yahoo Mail. If the spamtrap addresses that start receiving spam are all ones that were used to seed one particular employee's copy of the list, then you've found the source of the leak. That won't stop the spam being sent to addresses that have already been stolen, but it could prevent further leaks from happening.

The SEC recently announced that they would suspend trading of companies whose stocks had been the target of spam campaigns to manipulate the price. Perhaps AmeriTrade could do something similar -- once a stock is identified as being promoted in spams sent to AmeriTrade customers, any customer attempting to buy that stock would be presented with a message saying that AmeriTrade was blocking the transaction for security reasons. (If this runs afoul of some SEC regulation that a brokerage has to let you buy any stock you want any time you want, then at least display a big warning when AmeriTrade users try to buy it through their system, saying that the stock has been the subject of a fraudulent promotion scheme and is an extremely high-risk buy.) However, while this would remove the incentive for stock spammers to target AmeriTrade customers, it's also really just covering up a symptom of the problem, rather than addressing the problem itself, which is that a spammer was able to steal the customer information from AmeriTrade's database in the first place.

But whatever they do, AmeriTrade should stop blowing off the people who complain about the spam, with messages about "dictionary attacks" and "botnets". When customers create specialized spamtrap addresses to detect if their e-mails ever get leaked, those are the tech-savvy customers who (a) know what they're doing, and (b) hate spam more than most people, and giving them misleading information is just poking a stick in their eye. Not a smart move when AmeriTrade has been leaking private customer information and is based, as their name indicates, in the most litigious country in the history of the world.

Bennett Haselton is back with another piece on e-mail privacy. He starts "On April 14, 2007, I signed up for an AmeriTrade account using an e-mail address consisting of 16 random alphanumeric characters, which I never gave to anyone else. On May 15, I started receiving pump-and-dump stock spams sent to that e-mail address. I was hardly the first person to discover that this happens. Almost all of the top hits in a Google search for "ameritrade spam" are from people with the same story: they used a unique address for each service that they sign up with, so they could tell if any company ever leaked their address to a spammer, and the address they gave to AmeriTrade started getting stock spam. (I don't actually do that with most companies where I create accounts. But after hearing all the AmeriTrade stories, I created an account with them in April just for the purpose of entering a unique e-mail address and seeing if it would get leaked.)" Bennett continues on if you're willing to click the link.

What's surprising is that as far as I can tell, AmeriTrade has taken almost no heat in the media for letting this happen. Despite the abundant testimonials from bloggers who had their addresses leaked, the story never crossed over into the "mainstream" Internet press. In a recent Bloomberg News story, the FBI warned that E*Trade and AmeriTrade users were vulnerable to spyware installed by criminals in hotels and cybercafes to capture accounts and run pump-and-dump stock spams; no mention of the fact that all AmeriTrade e-mail addresses were apparently already in the hands of spammers anyway (although no one knows if usernames and passwords were leaked to the spammers as well).

This doesn't bode well for anyone who uses any type of online service and wants that service to keep their personal information secure. If AmeriTrade got skewered in the media for leaking customers' personal information to spammers, other companies would see that and learn the lesson. On the other hand, if AmeriTrade gets away with it with barely a whisper in the mainstream news, other companies are going to take note of that, too. Besides, spam and identity theft hurt everyone, not just the victims, because the costs are passed on to all of us in terms of higher ISP charges, higher payment processing fees, and more mail lost due to stringent spam filters.

AmeriTrade disclosed in April 2005 that a tape containing some customer information might have been stolen in February of that year, and many spam victims who blogged about their AmeriTrade addresses being stolen, referenced that incident as the likely cause. But after Bill Katz's blog post became a clearinghouse of sorts for complaints about stolen AmeriTrade addresses (probably as a result of being the first match on Google for "ameritrade spam"), several users posted that they had received spam at accounts that were only created with AmeriTrade in summer 2006. And then my e-mail address got leaked between April 14 and May 15, 2007. So it's pretty clear that some attacker has access to the AmeriTrade customer database on an ongoing basis, and the February 2005 tape theft probably had nothing to do with it.

AmeriTrade says that California law required them to notify their California customers of a potential security breach after the tapes were stolen, and that they went further and notified all of their customers anyway. Since there is now proof that their database is more or less perpetually open to some outside attacker, will they send out another notification letter to customers?

An accidental security breach can happen to any responsible company, especially if they are compromised from the inside. But the trail of blogosphere and UseNet posts indicates that several times AmeriTrade has concealed the full extent of the problem from customers who asked them about it, or has given out information that they already knew was wrong. In one thread in October 2005, a user reported that they wrote to AmeriTrade asking why their AmeriTrade-only e-mail address was getting spammed, and AmeriTrade replied that the spammer might have guessed the address using a dictionary attack, adding:

We have no reason to believe that any of our systems have been compromised. Ameritrade deploys state of the art firewalls, intrusion detection, anti-virus software as well as employs a full time staff of employee's dedicated strictly to Information Security and protecting Ameritrade's systems from unauthorized access.

But that was long after February 2005, when AmeriTrade said that tapes containing customer data were stolen. (Even if that turned out not to be the cause of the spam after all, by that point AmeriTrade knew that their customers' addresses had been leaked somehow.)

Then when my friend Art Medlar complained to AmeriTrade this year about the same thing happening, he got a response saying that even if he was getting spammed by an address that he only gave to AmeriTrade, that could be the result of hackers "implanting 'bots' that have the ability to extract e-mail addresses from your computer, even when you have protective spy software engaged". But of course this makes no sense -- if this were the source of the problem, it would affect everyone's e-mail addresses equally, and would not explain why a disproportionate number of complaints were coming from people who created addresses that they gave to AmeriTrade specifically.

When I sent AmeriTrade my own inquiry, I got a response that was identical to a forwarded message that someone else posted to news.admin.net-abuse.email in April. (To their credit, in this version of the message, AmeriTrade is acknowledging responsibility for the problem instead of attributing it to dictionary attacks or botnets. But the e-mail contains the curious piece of advice: "Please be sure to delete any spam you might receive, then empty your e-mail's trash so that it's no longer kept there, either." Huh? As one reader replied to the UseNet thread: "Cynical Translation: Please don't retain any independent evidence.") At first I didn't realize this was a boilerplate response, so I sent back some more questions, asking, for example, whether they would notify their California customers of the data security breach as required by that state's laws. The second response I got was a copy of the old boilerplate that they were sending out two years ago, blaming "dictionary attacks".

Now, compared to the 1,000 spams I already get every day (pre-filtering), the AmeriTrade spams were just a drop in the bucket, and many of their customers are probably in the same boat. And unlike most AmeriTrade customers, at least I can stop all AmeriTrade spam just by de-activating those addresses, since they aren't used for anything else. (Right now I'm keeping them open just to see what else comes in.) But AmeriTrade's database also contains much more valuable information such as names, PIN numbers (do you use the same PIN number everywhere that you sign up?), and Social Security Numbers. When I signed up for my account, informed by dire warnings that federal law required accurate information "to help the government fight the funding of terrorism and money laundering activities", I gave AmeriTrade my real SSN, address, and other personal data, figuring that if I gave them false information, I might get in more trouble than the experiment was worth. But now that the attacker has my e-mail, they might have all of my other information as well. In the coming months I'll probably start checking my credit report more often than I used to.

Probably someone inside AmeriTrade is selling customer data to an outside spammer. (It seems less likely that an attacker would keep breaking into AmeriTrade repeatedly to get updated copies of the customer list. Once you've broken in and gotten the customer database from 2006, why bother breaking in a year later, taking the risk all over again of getting caught and going to jail, just to get the updated 2007 database? Surely the 2006 list would be enough to run any pump-and-dump stock scam that you want!) Two suggestions to AmeriTrade to tighten their security: First, the number of people within the company who can access the customer database, is probably a lot larger than the number who actually need to access the customer database. Limit access to the e-mail database to people who actually need it. Second, in any cases where different employees really need to have access to the list, try giving them different versions of it, where each version is "seeded" with spamtrap addresses at Hotmail and Yahoo Mail. If the spamtrap addresses that start receiving spam are all ones that were used to seed one particular employee's copy of the list, then you've found the source of the leak. That won't stop the spam being sent to addresses that have already been stolen, but it could prevent further leaks from happening.

The SEC recently announced that they would suspend trading of companies whose stocks had been the target of spam campaigns to manipulate the price. Perhaps AmeriTrade could do something similar -- once a stock is identified as being promoted in spams sent to AmeriTrade customers, any customer attempting to buy that stock would be presented with a message saying that AmeriTrade was blocking the transaction for security reasons. (If this runs afoul of some SEC regulation that a brokerage has to let you buy any stock you want any time you want, then at least display a big warning when AmeriTrade users try to buy it through their system, saying that the stock has been the subject of a fraudulent promotion scheme and is an extremely high-risk buy.) However, while this would remove the incentive for stock spammers to target AmeriTrade customers, it's also really just covering up a symptom of the problem, rather than addressing the problem itself, which is that a spammer was able to steal the customer information from AmeriTrade's database in the first place.

But whatever they do, AmeriTrade should stop blowing off the people who complain about the spam, with messages about "dictionary attacks" and "botnets". When customers create specialized spamtrap addresses to detect if their e-mails ever get leaked, those are the tech-savvy customers who (a) know what they're doing, and (b) hate spam more than most people, and giving them misleading information is just poking a stick in their eye. Not a smart move when AmeriTrade has been leaking private customer information and is based, as their name indicates, in the most litigious country in the history of the world.

An anonymous reader writes "The Government Accountability Office, the federal government's watchdog agency, Thursday released a report critical of the FBI's internal network, asserting it lacks security controls adequate to thwart an insider attack. Among its other findings, the GAO said the FBI did not adequately "identify and authenticate users to prevent unauthorized access." The GAO report also criticized FBI network security in other regards, saying that there was a lack of encryption to protect sensitive data and patch management wasn't being done in a timely manner."

alphadogg wrote with a link to a Networld article about a noble endeavor: putting CAPTCHAs to work for the good of humanity. A scientist at Carnegie Mellon is looking to create a new type of security check that will assist in a project meant to digitize and make searchable text from books and printed materials. Above and beyond that, the offering would probably be more secure than most current systems. "Instead of requiring visitors to retype random numbers and letters, they would retype text that otherwise is difficult for the optical character recognition systems to decipher when being used to digitize books and other printed materials. The translated text would then go toward the digitization of the printed material on behalf of the Internet Archive project."

coondoggie writes "The Federal Aviation Administration (FAA) this week expanded a program that it says will reduce flight delays during the peak summer season. The Airspace Flow Program gives airlines the option of either accepting delays for flights scheduled to fly through storms or flying longer routes to maneuver around them. The agency said that it rolled out a new software program that ensures airports impacted by bad weather receive the maximum number of flights that can safely fly to them."

coondoggie writes "The Federal Aviation Administration (FAA) this week expanded a program that it says will reduce flight delays during the peak summer season. The Airspace Flow Program gives airlines the option of either accepting delays for flights scheduled to fly through storms or flying longer routes to maneuver around them. The agency said that it rolled out a new software program that ensures airports impacted by bad weather receive the maximum number of flights that can safely fly to them."

AlexGr writes to tell us that Howard Anderson chaired an interesting meeting the other day with senior executives from Cisco, Agilent Technologies and Novell. The discussion took a look at whether or not enterprise users really want open source. "Naturally, I disagreed -- partially because I am a naturally disagreeable person. Any idiot can make friends -- but can you make some really serious enemies? I disagreed, however, because allegiance to open source depends on who you are. Let me give you an example. If you are No. 1 or No. 2 in your industry, you hate open source. You make your money by selling proprietary solutions: Microsoft and Cisco. If you are No. 3 to No. 10, you look at open source as a way to get back to those serious RSEUs, because they are where you make money."

coondoggie writes "The price of gasoline may finally be changing the way many people commute and communicate. Anecdotal evidence says teleworkers are growing rapidly as a direct result of the cost of driving. The article links a survey indicating that in Q1 2007 the 19 largest US cable and telephone providers (representing about 94% of the market) acquired over 2.9 million net additional high-speed Internet subscribers, to a total of about 56.2 million. That can be attributed in part to more employees taking advantage of telework programs, experts say. Just this week the House Judiciary Committee's antitrust task force opened the first of a series of hearings on the oil industry. Its chairman noted that gasoline prices have soared well above $3 a gallon and asked, 'How did we get into this mess?'"

coondoggie writes "The price of gasoline may finally be changing the way many people commute and communicate. Anecdotal evidence says teleworkers are growing rapidly as a direct result of the cost of driving. The article links a survey indicating that in Q1 2007 the 19 largest US cable and telephone providers (representing about 94% of the market) acquired over 2.9 million net additional high-speed Internet subscribers, to a total of about 56.2 million. That can be attributed in part to more employees taking advantage of telework programs, experts say. Just this week the House Judiciary Committee's antitrust task force opened the first of a series of hearings on the oil industry. Its chairman noted that gasoline prices have soared well above $3 a gallon and asked, 'How did we get into this mess?'"

An anonymous reader passed us a link to a Network World article filling in the details behind the massive internet outage Japanese web users experienced earlier this week. According to the site faulty Cisco routers were to blame for the lapse, which left millions of customers without service from late evening Tuesday until early in the morning on Wednesday. "NTT East and NTT West, both group companies of Japanese telecom giant Nippon Telegraph and Telephone (NTT), are in the process of finalizing their decisions on a core router upgrade, according to the report. The routing table rewrite overflowed the routing tables and caused the routers' forwarding process to fail, the CIBC report states."

An anonymous reader passed us a link to a Network World article filling in the details behind the massive internet outage Japanese web users experienced earlier this week. According to the site faulty Cisco routers were to blame for the lapse, which left millions of customers without service from late evening Tuesday until early in the morning on Wednesday. "NTT East and NTT West, both group companies of Japanese telecom giant Nippon Telegraph and Telephone (NTT), are in the process of finalizing their decisions on a core router upgrade, according to the report. The routing table rewrite overflowed the routing tables and caused the routers' forwarding process to fail, the CIBC report states."

An anonymous reader alerted us that the iPhone is one step closer to hitting shelves. "The Federal Communications Commission approved Apple Inc.'s iPhone, clearing the way for the combined phone and music player to hit the shelves. Apple expects to begin selling the phones in late June. Some of the FCC documents confirm a few features of the phone, including it will have Bluetooth and Wi-Fi and will operate in the 1900MHz and 850MHz frequency bands. The phone uses GSM (Global System for Mobile Communications) technology and the low-speed GPRS (General Packet Radio Service) wireless data standard."