I've thought that the US government could make a grab for the source code claiming eminent domain. If another country had a local Microsoft office with copies of the source it seems they could do this to. It may seem unreasonable but it actually happens quite a bit.
On case that comes to mind is the Willy's jeep. The design was originally by Willys-Overland but the military took the design and gave it to Ford for production.
The needs of the many (i.e. government) often come before those of the individual
How is this revolutionary. IBM oporated this way for years up to and following the advent of the PC. This is just a cyclical evolution much like dumb terminals to thin clients.
Attually the DCN is made up of private point to point connections. It's a hub system with each court in a circuit pointing to the circuit hub which connects to at least two other circuits. The only internet conections are in DC, San Fran, Atlanta, and New Orleans.
Most large government agencies already have extensive WANs. The Judiciary (third branch) has a WAN called the DCN (District Court Network) that connects all 92 Districts. To my understanding many agencies falling under the dept of Justice also have their own WAN's.
Looks like a lot of the "GOVNET" is already in place.
Some of you seem to be confused about all the facts surronding this issue. The article about WebSENSE was old. The AO stopped using WebSENSE over a year ago. They dropped the blocking in favor of monitoring. They now use RealSecure IDS.
Mecham's memo in not an all out win, it's simply a recommendation. As of today the 3 national AO gateways are still monitoring. Also Mecham goes on to say that is largely a local court issue. That means each Chief Judge in all 92 districts gets to make the choice to either monitor or not monitor their employees.
It's very likely that the Judicial Confrence will still vote on this issue. It's a little late in the game for Judge Nelson and his commitee to pull their recommendation.
Now the Giant, along with many other companies, jump to Linux bandwagon.
1. As has already been stated IBM has been on the Linux bandwagon for several years now.
2. This makes perfect sense for IBM. They are mainly a service company and secondly a hardware company. Anyone who has done business with IBM knows that they, like most other large computer companies, make their money on installation and support. If they can cut the expense of developing their own OS they can focus on their core business.
As for numbers of attempts. Literally thousands in a week.
What is not clearly stated is that the AO installed IDS equipment both outside and inside the 9th Circuit gateway. The equipment disabled was the inside equipment. So there was never any security risk.
Re: Clarification of AO Correspondence on Intrusion Detection System Shutdown
You have received a memorandum from Director Mecham dated June 15, 2001,
regarding the Administrative Office's use of intrusion detection software on the Data
Communications Network (DCN). This memorandum will provide you with additional
information about why the Judicial Council of the Ninth Circuit directed that this software be
disconnected for a brief period. Before doing so, let me emphasize two points:
1. The security of our computer systems has not been compromised. The firewall that
protects the Internet gateway for the Eighth, Ninth and Tenth Circuits was not breached
during the few days that the intrusion detection software was inactive. Our computer
staff has assiduously investigated every rumored firewall breach both within and
outside the Ninth Circuit. Thus far, every report of an incident has proven to be
groundless.
2. All the Ninth Circuit seeks is a responsible, common sense resolution of the issues
involved in Internet monitoring, after careful deliberation by the Judicial Conference.
Internet Security
The computer and networking equipment that permits courts in the Eighth, Ninth, and
Tenth Circuits to access the Internet is located in San Francisco. These Internet access servers
are controlled remotely from the AO offices in Washington, D.C. The servers are protected
by a security system (hardware and software) that establishes a firewall between the DCN and
the greater Internet. The firewall prevents unauthorized persons (hackers) from gaining access
to the DCN and PACER networks. The servers also are equipped with an intrusion detection
system, consisting of internal and external sensors, which enables the AO to detect hacking
attempts. The intrusion detection system has some limited capacity to stop hackers, but is not
a substitute for the firewall.
The best analogy is to a locked door and a surveillance camera. It is the door that
keeps intruders out. The surveillance camera simply keeps track of who tried to enter and
when. At no time has the firewall protecting the DCN been deactivated. Nor is there any
evidence that the firewall has been penetrated. Our systems staff hosts the Internet websites
for courts in the three circuits. We have contacted all the systems managers in the three
circuits and none of them report any evidence of intrusion or damage to their court web sites.
Furthermore, the current debate has nothing to do with the PACER network on which
the court Pacernet, Electronic Case Filing, and Internet web servers reside, a point that is
confused in Director Mecham's June 15 memorandum. These websites are protected by a
separate arm of the intrusion detection system, which was unaffected by the actions of our
judicial council. The PACER network's intrusion detection sensor was never touched, and thus
continually operational during the period in question.
Internet Monitoring
The intrusion detection system also can be used for purposes unrelated to security, such
as use of Internet bandwidth (capacity). In this case, the AO had configured part of the system
to identify individual computers within the DCN that had been used to access Internet sites
dealing with pornography, music, stock trading, and gambling. Information gleaned from this
surveillance was being used by the AO to seek disciplinary action against court employees.
On May 23-24, 2001, AO monitoring was discussed by both the Executive Committee
of the Ninth Circuit Court of Appeals and the Judicial Council of the Ninth Circuit. Reaction
from both bodies was sharply negative. The Executive Committee adopted a resolution urging
the Judicial Council to direct that the relevant internal intrusion detection system be
disconnected until such time as the AO agreed to use it for security monitoring only. The
resolution was passed unanimously by the Judicial Council. The circuit executive immediately
disconnected the relevant internal intrusion detection system and notified the chief judges of
the Eighth and Tenth Circuits and the AO of this action. As it turned out, the relevant portion
of the intrusion detection system had shut down on its own sometime over the previous five
days. This shutdown apparently went unnoticed by AO systems staff, which is responsible for
DCN monitoring, 24 hours a day, seven days a week.
Our Reasons
The Judicial Council of the Ninth Circuit took these actions for the following reasons:
1. We are concerned about the propriety, and even the legality, of monitoring
Internet usage by court employees. A non-frivolous argument can be made that
such activity violates the Electronic Communications Privacy Act of 1986, 18
U.S.C. 2510-2511, which imposes civil and criminal liability on any person
"who intentionally intercepts . . . any wire, oral or electronic communication."
This is of particular concern in our Circuit because of the construction given
the Act in Konop v. Hawaiian Airlines, 236 F. 3d 1035, 1046 (9th Cir. 2001),
which found liability when an employer accessed an employee website. The
Act defines "electronic communication" quite broadly, including "any transfer
of signs, signals, writing, images, sounds, date or intelligence of any nature."
18 U.S.C. 2510(12).
2. We are particularly concerned that inadequate notice about the practice of
monitoring had been provided to the judges and court staff. Most judges felt
that surveillance of individual Internet activity as a means of enforcing an
Internet policy without notice to the employee was inappropriate. If such an
activity were to be put in place, it ought to be the result of official action of the
Judicial Conference with notification to court staff.
3. We believe that there had been inadequate discussion about this policy and
practice by the Judicial Conference of the United States. Indeed, it appeared to
us that surveillance of employees and possibly even judges had been initiated
without specific authority from the Judicial Conference or the Executive
Committee. Judges were also concerned that the policy had been implemented
without the input and consideration given other similar actions, such as the
protection of privacy in electronic case filing. Many judges were concerned
about the potential scope of the monitoring. The system has the potential to
allow real time observation of individual Internet activity. Indeed, virtually the
only function of the "inside" sensor is to monitor the Internet activities of court
personnel, not to track incoming Internet activity. Much of the monitoring was
not driven by bandwidth concerns, but content detection. Judges believed that a
careful policy needed to be in place defining the scope of any monitoring and
disclosure of monitoring results.
4. We are concerned about chief judges being asked to report to the AO on actions
they may have taken. This is particularly troublesome without Judicial
Conference policy directives. Why should a chief judge respond to the AO?
Moreover, if a chief judge chooses not to respond, what would the AO believe
is the appropriate next step? What is the basis for this? Since there is a "perk"
aspect to some Internet use, how much privacy should be given to courtpersonnel? If an employee engages in phone sex at work or places bets over the
phone to his/her bookie, it would be embarrassing to the Judiciary, but we do
not monitor all Judiciary personnel's phone calls to try to catch such potentially
embarrassing conduct.
5. We are concerned that the definition of "inappropriate use" is too broad or
might otherwise not be accepted by many chief judges. We are not convinced
that downloading music or video files compromised bandwidth to the extent
meriting monitoring. Many judges believe that less intrusive methods of
administering an Internet policy ought to be pursued before actually conducting
surveillance on employee Internet activity. Most court units have only just
begun to educate and inform court staff about Internet concerns, particularly
bandwidth usage. For example, many employees who were simply innocently
unaware of bandwidth consequences would "stream" audio newscasts,
particularly during the recent election and aftermath. In many court units, this
practice was not against any official policy. Some judges believe that we ought
to give court units an opportunity to address this in the first instance before
monitoring.
6. Many judges were concerned that recording and monitoring information kept by
the AO would be an inevitable part of any Senate confirmation process. In
addition, some judges observed that if limiting embarrassment were the goal,
we were creating great potential for embarrassment by intercepting, organizing
and summarizing this material.
The Judicial Council of the Ninth Circuit fully supports legitimate system monitoring to
detect hackers and outside threats to the security of the DCN. It believes that to the extent that
the Committee on Automation and Technology and the Judicial Conference of the United
States authorized any monitoring to date, it was for purposes of detecting hackers. The
council does not believe that the judiciary leadership intended the process to be used to
monitor the activity of judges and court personnel with the concomitant disciplinary action
sought by the AO.
Next Steps
The Executive Committee of the Judicial Conference of the United States has directed
the AO to cease monitoring for non-security purposes and asked the Conference's Automation
and Technology Committee to develop a policy before the full Conference meets. The
Automation and Technology Committee has formed a subcommittee that is looking into the
issue.
Our need as a Judiciary to discuss these important issues and formulate an informed,
legally viable and necessary policy is indeed the original point raised many months ago by our
circuit executive with the Administrative Office. We gain nothing by disparaging each others'
motives or by engaging in threats, but gain everything from a full, accurate, and candid
discussion of the important issues at the heart of this problem. We in the Ninth Circuit
welcome the opportunity to participate in that discussion.
"actually, in the Roman empire, if you 'were someone' you did not speak latin. latin was the language of the 'plebs', the commoners. If you 'was someone', you spoke greek. The romans kept in mind where they found a lot of their culture"
Actually that's not true at all. Although the Romans did inherit a lot from the Greeks a lot of what was inherited was from the Etruscans who had absorbed a lot of Greek culture. To say that Romans spoke Greek and that Latin was a pleb language is totaly false. One of the biggest insults in Latin was to call someone a Greekling! Also if the Romans spoke so much Greek why did they write everything in Latin. ie Pliny, Cicero, Plutarch, Caesar etc All of them wrote in and spoke Latin.
Actually the U.S. does not have an official language. It was a major point of contintion between the founding forefathers. Some of them wanted everyone to switch to Greek to make the break with England total.
Also as so many others have pointed out the Internet was not even almost solely responsible for creation, mass marketing and globalization of the Internet.
http://www.top500.org Lists the top 500 super computers in the world. ASCI Red, ASCI Blue-Pacific SST, ASCI Blue Mountain are the top three. ASCI=Accelerated Strategic Computing Initiative.
Not only does it have good legal support it also supports direct tie-ins to WestLaw and Lexis-Nexis. It also has better macro support than any other word proccessor. Add to that that it runs on Linux or Windows. Who could ask for anything more.
I work For the US Courts and our District has been using Linux for several years now. We have a Squid proxy, two brand new RH boxes running ColdFusion, a samba server, a security monitoring box, all told about 7 machines. We're also getting a new one for Domino. Many of the 92 districts use Linux because it's a stable and inexpensive alternantive to NT. Plus every court has a couple of Solaris boxes so the knowledge base for working with Linux is already there.
Some of the courts are starting to consider Linux for the desktop. Since we use WordPerfect and Netscape it's a perfect solution. I heard rummor that one small court has already moved over.
JonKatz couldn't even get the name right much less do a decent review of the movie. To say that "Kaufman was a mess, even by contemporary celebrity standards" is ridiculous. Lets see he wasn't a drug addict, wasn't hopping in and out of beds, wasn't punching out photographers. I'd say he was pretty sain by todays standards. Also comparing Andy to Larry Flint is a bit of a stretch. Larry Flynn is pornmonger not a performance artist as Kaufman was. I wonder if you even know what a performance artist is because it is certainly different than a comedian. Why the stab about Andy's interest in meditative and holistic groups and practices. If you have Fatal Lung Cancer nothing can help you anyway. So who cares maybe it gave him some peace of mind.
Slashdot Mirror
I've thought that the US government could make a grab for the source code claiming eminent domain. If another country had a local Microsoft office with copies of the source it seems they could do this to. It may seem unreasonable but it actually happens quite a bit.
On case that comes to mind is the Willy's jeep. The design was originally by Willys-Overland but the military took the design and gave it to Ford for production.
The needs of the many (i.e. government) often come before those of the individual
How is this revolutionary. IBM oporated this way for years up to and following the advent of the PC. This is just a cyclical evolution much like dumb terminals to thin clients.
Attually the DCN is made up of private point to point connections. It's a hub system with each court in a circuit pointing to the circuit hub which connects to at least two other circuits. The only internet conections are in DC, San Fran, Atlanta, and New Orleans.
Most large government agencies already have extensive WANs. The Judiciary (third branch) has a WAN called the DCN (District Court Network) that connects all 92 Districts. To my understanding many agencies falling under the dept of Justice also have their own WAN's.
Looks like a lot of the "GOVNET" is already in place.
Some of you seem to be confused about all the facts surronding this issue. The article about WebSENSE was old. The AO stopped using WebSENSE over a year ago. They dropped the blocking in favor of monitoring. They now use RealSecure IDS.
Mecham's memo in not an all out win, it's simply a recommendation. As of today the 3 national AO gateways are still monitoring. Also Mecham goes on to say that is largely a local court issue. That means each Chief Judge in all 92 districts gets to make the choice to either monitor or not monitor their employees.
It's very likely that the Judicial Confrence will still vote on this issue. It's a little late in the game for Judge Nelson and his commitee to pull their recommendation.
The AO stopped using WebSENSE over a year ago. That was a blocking issue. Now they are using RealSecure IDS to monitor but not block traffic.
1. As has already been stated IBM has been on the Linux bandwagon for several years now.
2. This makes perfect sense for IBM. They are mainly a service company and secondly a hardware company. Anyone who has done business with IBM knows that they, like most other large computer companies, make their money on installation and support. If they can cut the expense of developing their own OS they can focus on their core business.
As for numbers of attempts. Literally thousands in a week.
What is not clearly stated is that the AO installed IDS equipment both outside and inside the 9th Circuit gateway. The equipment disabled was the inside equipment. So there was never any security risk.
To: All Chief Judges, United States Courts
From: Chief Judge Mary M. Schroeder
Re: Clarification of AO Correspondence on Intrusion Detection System Shutdown
You have received a memorandum from Director Mecham dated June 15, 2001, regarding the Administrative Office's use of intrusion detection software on the Data Communications Network (DCN). This memorandum will provide you with additional information about why the Judicial Council of the Ninth Circuit directed that this software be disconnected for a brief period. Before doing so, let me emphasize two points:
1. The security of our computer systems has not been compromised. The firewall that protects the Internet gateway for the Eighth, Ninth and Tenth Circuits was not breached during the few days that the intrusion detection software was inactive. Our computer staff has assiduously investigated every rumored firewall breach both within and outside the Ninth Circuit. Thus far, every report of an incident has proven to be groundless.
2. All the Ninth Circuit seeks is a responsible, common sense resolution of the issues involved in Internet monitoring, after careful deliberation by the Judicial Conference. Internet Security The computer and networking equipment that permits courts in the Eighth, Ninth, and Tenth Circuits to access the Internet is located in San Francisco. These Internet access servers are controlled remotely from the AO offices in Washington, D.C. The servers are protected by a security system (hardware and software) that establishes a firewall between the DCN and the greater Internet. The firewall prevents unauthorized persons (hackers) from gaining access to the DCN and PACER networks. The servers also are equipped with an intrusion detection system, consisting of internal and external sensors, which enables the AO to detect hacking attempts. The intrusion detection system has some limited capacity to stop hackers, but is not a substitute for the firewall.
The best analogy is to a locked door and a surveillance camera. It is the door that keeps intruders out. The surveillance camera simply keeps track of who tried to enter and when. At no time has the firewall protecting the DCN been deactivated. Nor is there any evidence that the firewall has been penetrated. Our systems staff hosts the Internet websites for courts in the three circuits. We have contacted all the systems managers in the three circuits and none of them report any evidence of intrusion or damage to their court web sites. Furthermore, the current debate has nothing to do with the PACER network on which the court Pacernet, Electronic Case Filing, and Internet web servers reside, a point that is confused in Director Mecham's June 15 memorandum. These websites are protected by a separate arm of the intrusion detection system, which was unaffected by the actions of our judicial council. The PACER network's intrusion detection sensor was never touched, and thus continually operational during the period in question.
Internet Monitoring
The intrusion detection system also can be used for purposes unrelated to security, such as use of Internet bandwidth (capacity). In this case, the AO had configured part of the system to identify individual computers within the DCN that had been used to access Internet sites dealing with pornography, music, stock trading, and gambling. Information gleaned from this surveillance was being used by the AO to seek disciplinary action against court employees. On May 23-24, 2001, AO monitoring was discussed by both the Executive Committee of the Ninth Circuit Court of Appeals and the Judicial Council of the Ninth Circuit. Reaction from both bodies was sharply negative. The Executive Committee adopted a resolution urging the Judicial Council to direct that the relevant internal intrusion detection system be disconnected until such time as the AO agreed to use it for security monitoring only. The resolution was passed unanimously by the Judicial Council. The circuit executive immediately disconnected the relevant internal intrusion detection system and notified the chief judges of the Eighth and Tenth Circuits and the AO of this action. As it turned out, the relevant portion of the intrusion detection system had shut down on its own sometime over the previous five days. This shutdown apparently went unnoticed by AO systems staff, which is responsible for DCN monitoring, 24 hours a day, seven days a week.
Our Reasons
The Judicial Council of the Ninth Circuit took these actions for the following reasons:
1. We are concerned about the propriety, and even the legality, of monitoring Internet usage by court employees. A non-frivolous argument can be made that such activity violates the Electronic Communications Privacy Act of 1986, 18 U.S.C. 2510-2511, which imposes civil and criminal liability on any person "who intentionally intercepts . . . any wire, oral or electronic communication." This is of particular concern in our Circuit because of the construction given the Act in Konop v. Hawaiian Airlines, 236 F. 3d 1035, 1046 (9th Cir. 2001), which found liability when an employer accessed an employee website. The Act defines "electronic communication" quite broadly, including "any transfer of signs, signals, writing, images, sounds, date or intelligence of any nature." 18 U.S.C. 2510(12).
2. We are particularly concerned that inadequate notice about the practice of monitoring had been provided to the judges and court staff. Most judges felt that surveillance of individual Internet activity as a means of enforcing an Internet policy without notice to the employee was inappropriate. If such an activity were to be put in place, it ought to be the result of official action of the Judicial Conference with notification to court staff.
3. We believe that there had been inadequate discussion about this policy and practice by the Judicial Conference of the United States. Indeed, it appeared to us that surveillance of employees and possibly even judges had been initiated without specific authority from the Judicial Conference or the Executive Committee. Judges were also concerned that the policy had been implemented without the input and consideration given other similar actions, such as the protection of privacy in electronic case filing. Many judges were concerned about the potential scope of the monitoring. The system has the potential to allow real time observation of individual Internet activity. Indeed, virtually the only function of the "inside" sensor is to monitor the Internet activities of court personnel, not to track incoming Internet activity. Much of the monitoring was not driven by bandwidth concerns, but content detection. Judges believed that a careful policy needed to be in place defining the scope of any monitoring and disclosure of monitoring results.
4. We are concerned about chief judges being asked to report to the AO on actions they may have taken. This is particularly troublesome without Judicial Conference policy directives. Why should a chief judge respond to the AO? Moreover, if a chief judge chooses not to respond, what would the AO believe is the appropriate next step? What is the basis for this? Since there is a "perk" aspect to some Internet use, how much privacy should be given to courtpersonnel? If an employee engages in phone sex at work or places bets over the phone to his/her bookie, it would be embarrassing to the Judiciary, but we do not monitor all Judiciary personnel's phone calls to try to catch such potentially embarrassing conduct.
5. We are concerned that the definition of "inappropriate use" is too broad or might otherwise not be accepted by many chief judges. We are not convinced that downloading music or video files compromised bandwidth to the extent meriting monitoring. Many judges believe that less intrusive methods of administering an Internet policy ought to be pursued before actually conducting surveillance on employee Internet activity. Most court units have only just begun to educate and inform court staff about Internet concerns, particularly bandwidth usage. For example, many employees who were simply innocently unaware of bandwidth consequences would "stream" audio newscasts, particularly during the recent election and aftermath. In many court units, this practice was not against any official policy. Some judges believe that we ought to give court units an opportunity to address this in the first instance before monitoring.
6. Many judges were concerned that recording and monitoring information kept by the AO would be an inevitable part of any Senate confirmation process. In addition, some judges observed that if limiting embarrassment were the goal, we were creating great potential for embarrassment by intercepting, organizing and summarizing this material.
The Judicial Council of the Ninth Circuit fully supports legitimate system monitoring to detect hackers and outside threats to the security of the DCN. It believes that to the extent that the Committee on Automation and Technology and the Judicial Conference of the United States authorized any monitoring to date, it was for purposes of detecting hackers. The council does not believe that the judiciary leadership intended the process to be used to monitor the activity of judges and court personnel with the concomitant disciplinary action
sought by the AO.Next Steps
The Executive Committee of the Judicial Conference of the United States has directed the AO to cease monitoring for non-security purposes and asked the Conference's Automation and Technology Committee to develop a policy before the full Conference meets. The Automation and Technology Committee has formed a subcommittee that is looking into the issue.
Our need as a Judiciary to discuss these important issues and formulate an informed, legally viable and necessary policy is indeed the original point raised many months ago by our circuit executive with the Administrative Office. We gain nothing by disparaging each others' motives or by engaging in threats, but gain everything from a full, accurate, and candid discussion of the important issues at the heart of this problem. We in the Ninth Circuit welcome the opportunity to participate in that discussion.
"actually, in the Roman empire, if you 'were someone' you did not speak latin. latin was the language of the 'plebs', the commoners. If you 'was someone', you spoke greek. The romans kept in mind where they found a lot of their culture"
Actually that's not true at all. Although the Romans did inherit a lot from the Greeks a lot of what was inherited was from the Etruscans who had absorbed a lot of Greek culture. To say that Romans spoke Greek and that Latin was a pleb language is totaly false. One of the biggest insults in Latin was to call someone a Greekling! Also if the Romans spoke so much Greek why did they write everything in Latin. ie Pliny, Cicero, Plutarch, Caesar etc All of them wrote in and spoke Latin.
Actually the U.S. does not have an official language. It was a major point of contintion between the founding forefathers. Some of them wanted everyone to switch to Greek to make the break with England total.
Also as so many others have pointed out the Internet was not even almost solely responsible for creation, mass marketing and globalization of the Internet.
http://www.top500.org Lists the top 500 super computers in the world. ASCI Red, ASCI Blue-Pacific SST, ASCI Blue Mountain are the top three. ASCI=Accelerated Strategic Computing Initiative.
Not only does it have good legal support it also supports direct tie-ins to WestLaw and Lexis-Nexis. It also has better macro support than any other word proccessor. Add to that that it runs on Linux or Windows. Who could ask for anything more.
I work For the US Courts and our District has been using Linux for several years now. We have a Squid proxy, two brand new RH boxes running ColdFusion, a samba server, a security monitoring box, all told about 7 machines. We're also getting a new one for Domino. Many of the 92 districts use Linux because it's a stable and inexpensive alternantive to NT. Plus every court has a couple of Solaris boxes so the knowledge base for working with Linux is already there.
Some of the courts are starting to consider Linux for the desktop. Since we use WordPerfect and Netscape it's a perfect solution. I heard rummor that one small court has already moved over.
JonKatz couldn't even get the name right much less do a decent review of the movie. To say that "Kaufman was a mess, even by contemporary celebrity standards" is ridiculous. Lets see he wasn't a drug addict, wasn't hopping in and out of beds, wasn't punching out photographers. I'd say he was pretty sain by todays standards. Also comparing Andy to Larry Flint is a bit of a stretch. Larry Flynn is pornmonger not a performance artist as Kaufman was. I wonder if you even know what a performance artist is because it is certainly different than a comedian. Why the stab about Andy's interest in meditative and holistic groups and practices. If you have Fatal Lung Cancer nothing can help you anyway. So who cares maybe it gave him some peace of mind.