Monday, November 29, 2010

The Threat from Within - US v Fowler, SDFL 2010

The security vendor-phobe at the head of the conference bangs on the podium with his shoe declaring that “The greatest threat comes from within! (buy our product for your network’s salvation).”

Fear as a marketing strategy can never be underestimated. Particular when the fear is of the misunderstood. Media helps stoke the flames of fear-marketing with stories of fired or disgruntled IT staff who reportedly effectuate their revenge on former employers by bricking systems.

When hyperbolized threats-from-within transform into actual damage, the victim can be left helpless, unable to access crucial IT and unable to have continuity of operation. In today’s case, after being fired, Defendant allegedly changed the passwords of her former employer’s employee’s accounts and changed the password of the firewall. The scorned company contacted an external IT contractor who was able to hack in and open up the employee accounts. The firewall, however, had pretty much become a big expensive paperweight that had to be replaced.

The Defendant was convicted under the Computer Fraud and Abuse Act. Count One, the conviction challenged in this case, was pursuant to 18 U.S.C. § 1030(a)(5)(A):

Whoever... knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer... shall be punished...

The Defendant challenges her conviction and raises two questions of law: (1) Is a computer on the Internet a ‘protected computer’ pursuant to the Computer Fraud and Abuse Act; and (2) can the salaries of employees that rebuild the system be counted as a part of ‘damages.’

What is a ‘protected computer’ under the CFAA? Is it a computer with good virus protection or behind a firewall (even if the firewall has been Bricked?). According to 18 USC § 1030(e)(2)(B),

“the term “protected computer” means a computer— which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;

In other words, a computer on the Internet is a “Protected Computer.” Lots of Courts agree on this point: US v Trotter, No 05-4202 (8th Cir. Feb. 23, 2007) (Non-profit's computers are engaged in interstate communications connect to Internet); U.S. v. Walters, 182 Fed. Appx. 944, 945 (11th Cir. 2006) (stating that the internet is an instrumentality of interstate commerce); US v. Fowler, Case No. 8:10-cr-65-T-24 AEP (MDFL Oct. 25, 2010) (computer connected to Internet is 'protected computer'); Multiven, Inc. v. Cisco Systems, Inc., 2010 WL 2889262, at *3 (N.D. Cal. July 20, 2010) (finding that a computer connected to the internet was a protected computer); National City Bank, N.A. v. Prime Lending, Inc., 2010 WL 2854247, at *4 n.2 (E.D. Wash. July 19, 2010) (stating that "any computer connected to the internet is a protected computer"); Expert Janitorial, LLC v. Williams, 2010 WL 908740, at *8 (E.D. Tenn. Mar. 12, 2010); Dedalus Foundation v. Banach, 2009 WL 3398595, at *2 (S.D.N.Y. Oct. 16, 2009) (noting that courts have "found that computers that access the Internet through programs such as email qualify as protected computers"); Continental Group, Inc. v. KW Property Management, LLC, 622 F. Supp.2d 1357, 1370 (S.D. Fla. 2009) (noting that a connection to the internet affects interstate commerce or communication).

Second, in order to be convicted under this provision, a defendant must have inflicted at least $5000 worth of damage (this was a notorious problem for Clifford Stoll’s who detected a $0.75 accounting discrepancy, and thus could not garner federal attention, even thought the hacker’s breadcrumbs indicated international espionage of highly sensitive military information. See Clifford Stoll, The Cuckoo’s Egg (Pocket 1990) (a great beach vacation read)). According to the Court, the Defendant managed to inflict $27K in damages, which included $11K for the salaries of all of the company’s staff and all of the company’s contractors who had to put the network back together again. The Court noted the following accounting:

  • $3,941.27 amount paid to IT Contractor for responding to and correcting the damage to the computers
  • $2,501.20 amount attributed to CEO's time spent responding to and correcting the damage to the computers
  • $2404 amount attributed to [employee A’s] time spent responding to and correcting the damage to the computers
  • $1,590.68 amount attributed to [employee B’s] time spent responding to and correcting the damage to the computers
  • $730.72 amount attributed to CFO's time spent responding to and correcting the damage to the computers
  • $11,167.87 TOTAL

The Court rejected Defendant’s argument that time spent by salaried employees cannot be considered a loss under the statute, noting substantial precedent to the contrary:

NCMIC Finance Corp. v. Artino, 638 F. Supp.2d 1042, 1065 (S.D. Iowa 2009) (finding that the company's chief information officer's time spent investigating the matter was appropriately considered a loss under the statute); U.S. v. Larsen, 190 Fed. Appx. 552, 553 (9th Cir. 2006)(stating that losses "include[] the time that the victim's salaried employees spend responding to the unauthorized intrusion"); U.S. v. Millot, 433 F.3d 1057, 1061 (8th Cir. 2006)(recognizing that hours spent by employees responding to an intrusion constitute losses under the statute, because their time could have been spent on other duties); U.S. v. Middleton, 231 F.3d 1207, 1214 (9th Cir. 2000)(finding that a salaried employee's time spent responding to an intrusion is a loss under the statute, because "[t]here is no basis to believe that Congress intended the element of `damage' to depend on a victim's choice whether to use hourly employees, outside contractors, or salaried employees to repair the . . . harm to a protected computer").”
Engaging in some simple math, the Court notes that $11,000 damages alleged is greater than the $5000 threshhold required, and therefore denied Defendants Motion to Acquittal.

US v. Fowler, Dist. Court, MD Florida 2010

Wheel of Morality Turn, Turn, Turn; Tell us what lesson we should learn: Humpty Dumpty was Pushed!


Monday, November 22, 2010

11.22 :: Bumped :: Mind Boggling :: I Want My MTV :: "Is It Safe??" :: Scanner Protest Wed :: Scott Cleland is Mad ::

CyberTelecom News
Federal Internet Law and Policy
"The country's 24-hour, politico, pundit, perpetual, panic
conflictanator did not cause our problems, but its existence makes
solving them that much harder. The press can hold its magnifying glass
up to our problems, bringing them into focus, illuminating issues
heretofore unseen. Or they can use that magnifying glass to light ants
on fire, and then perhaps host a week of shows on the sudden,
unexpected, dangerous flaming ant epidemic. If we amplify everything,
we hear nothing." - John Stewart

Etc: Verizon has bumped its FiOS speeds to 150Mbps down and 35Mbps
up., Ars Technica
Verizon has bumped its FiOS speeds to 150Mbps down and 35Mbps up.;comments=1
More Info:

Forwarding Defamatory Email Immunized by 47 USC 230--Mitan v. A.
Neumann, Tech & Marketing Law
Mitan v. A. Neumann & Associates, 3:08-cv-06154-GEB -DEA (D. N.J. Nov.
17, 2010) This is another email...
More Info:

Wind Turbine Industries Corp. V. Jacobs Wind Electric Company, Inc.,
Dist. Court, Minnesota 2010, Fed Ct
Motion for Sum Judgment for ACPA claim denied where there is a genuine
issue of material fact concerning badfaith
More Info:

The mind-boggling world of IPv6, and why it matters to the future of
the Internet - The Next Web, The Next Web
This month has seen the launch of a new industry group, 6UK which has
been set-up to promote the use of the new Internet Protocol (IP)
version 6 in the UK.
More Info:

Mandatory Provision of Abuse Contact Information in WHOIS, Circleid
An industry professional at Abusix is the backbone behind a proposal
to improve and create better mitigation of abuse across different
global internet networks. Basically, this introduces a mandatory
"abuse contact" field for objects in global Whois databases. This
provides a more efficient way for abuse reports to reach the correct
network contact. Personally—as a Postmaster for a leading, white-
label ISP, I applaud this
More Info:

Stuxnet 'hit' Iran nuclear plans, BBC
A former UN nuclear inspector says the Stuxnet worm might have
contributed to delays in Iran's nuclear programme.
More Info:

Senator Wyden Says He'll Block COICA Censorship Bill, Techdirt
While all 19 Senators on the Senate Judiciary Committee voted to move
forward with the online censorship bill COICA, it's nice to hear that
at least one Senator, Ron Wyden, is speaking out against the bill and
claiming he'll block it.
More Info:

Netflix offers $8 streaming-only option, CNET
The company now charges a monthly fee of $7.99 for streaming only,
sans DVDs by mail, and at least $9.99 per month for streaming and DVD-
by-mail service.
More Info:

Viacom to Google TV: No MTV for you, WAPO
Viacom said Monday that it has blocked full-length episodes of shows
it runs on the Internet to users of Google TV, becoming the fifth
television programmer to withhold content on the search engine's new
Internet television platform.
More Info:

Are Airport Scanners Safe?, NPR
Some airport body scanning machines use X-rays to generate images. How
much radiation is a traveler exposed to? Should frequent fliers opt
for a pat down instead? Radiation expert David Brenner explains the
possible public health concerns of scanning millions of passengers.
More Info:

Senior Democrats rebuke TSA over screening rules, CNET
Two committee chairmen ask TSA to "reconsider" new screening
procedures, but the agency refuses, saying they're necessary to detect
"hidden and dangerous items."
More Info:

Stand Up Against TSA's Invasive Security Procedures, EFF
The Transportation Security Administration has adopted "enhanced"
security procedures — presenting people with the horrible choice of
either submitting to body scanners that show passengers unclothed or
submit to what are called "groping" pat-down techniques which include
touching both breasts and genitalia. As some have noted these
processes appear to have little likelihood of increasing the safety of
More Info:

We Need an Official To Guard Our Privacy, Future of Privacy
Gordon Crovitz is wrong to equate the idea of a senior U.S. privacy
official (as he provocatively put it, a "privacy czar to regulate the
Internet") with the proposal in the European Union of a "right to
be forgotten." ("Forget Any 'Right to Be Forgotten,'"
Information Age, Nov. 15). It is precisely because of international
proposals that may impact U.S. principles that the U.S. needs a senior
governmental official to participate in
More Info:

FCC Google "Spy-Fi" Investigation To Establish Network Neutrality
Authority? Thanks Scott!, Tales from the Sausage Factory
Scott Cleland is mad at Google. This is not much of a surprise. Scott
Cleland spends much of his time mad at Google and wishing terrible
things would happen to them. This time, Cleland wants the FCC to
More Info:

RSS Feeds : Fed Notices : Blog : Clips :

Twitter & Facebook: Cybertelecom

To [un]subscribe to Cybertelecom-l, visit
Announce only list information available at

AUP ::

Cybertelecom is Off-the-Record. Otherwise play nicely.

Link to us!

Friday, November 19, 2010

11.19 :: Will It Be Worth Much? :: I'm The Mayor of a Chinese Prison! :: SpaceBook :: DROP TABLE ::

CyberTelecom News
Federal Internet Law and Policy
Death is not the biggest fear we have; our biggest fear is taking the
risk to be alive -- the risk to be alive and express what we really
are. -- Don Miguel Ruiz

Telework legislation is good news for budgets and workers, WAPO
At last. After tons of paper, vats of ink and who knows how many
meetings and conferences on a seemingly simple subject, Congress has
given final approval to legislation promoting telework for federal
employees. Some employees already work away from their offices, though
less than 10 percent. The...
More Info:

FCC Still Working On Neutrality Proposal - But will it be worth much?,
According to Politico, the FCC is still putting together a net
neutrality proposal and plans to take action on the controversial
issue as early as next month. As we noted in September, a push for any
real network neutrality rules is all but dead, given the waffling by
key players like Google
More Info:

Sources: FCC chief to move on net neutrality proposal, Politico
Federal Communications Commission Chairman Julius Genachowski is
putting together a net neutrality proposal and plans to take action on
the controversial issue as early as next month, according to several
sources with knowledge of the situation.
More Info:

Net Neutrality Seen Waning Lawmakers Tell Politico Forum, USTelecom
Net neutrality isn't likely to emerge in the 112th Congress, said a
bipartisan panel of lawmakers at a forum sponsored by Politico this
morning. In fact, there's a good chance Republicans and Democrats
could work together on technology legislation, said Sen. John Ensign
(R-Nev.), ranking member on the U.S. Senate's Subcommittee on
Communications, Technology, and the Internet.
More Info:

Free Press Cheers FCC Chairman for Finally Speaking Out Against
Verizon-Google Pact, Free Press
Federal Communications Commission Chairman Julius Genachowski
expressed displeasure with the Internet pact struck between Verizon
and Google last summer, saying he wished they "didn't do exactly what
they did, when they did."
More Info:

Google's wi-fi data to be deleted, BBC
The search giant has agreed to delete all the UK data that it
accidentally captured via Street View cars.
More Info:

Chinese Woman Imprisoned for Twitter Message, NYT
A woman was sentenced to a year in a labor camp for forwarding a
satirical post on Twitter.
More Info:

Worm Was Perfect for Sabotaging Centrifuges, NYT
Experts reached the conclusion by dissecting the program suspected of
being aimed at Iran's nuclear program.
More Info:

Web Censorship Bill Sails Through Senate Committee, Wired
The Senate Judiciary Committee unanimously approves a bill that would
give the attorney general the right to shut down a website with a
court order if copyright infringement is deemed "central to the
activity" of the site -- regardless if the website has actually
committed a crime.
More Info:

The 19 Senators Who Voted To Censor The Internet, Techdirt
This is hardly a surprise but, this morning (as previously announced),
the lame duck Senate Judiciary Committee unanimously voted to move
forward with censoring the internet via the COICA bill -- despite a
bunch of law professors explaining to them how this law is a clear
violation of the First Amendment. What's really amazing is that many
of the same Senators have been speaking out against internet
censorship in other
More Info:

Doctor Sues Patients Over Bad Yelp Reviews, Techdirt
We've seen all sorts of business owners get upset about Yelp, but it
seems to be ratcheting up a notch. For example, take Denver chef,
Scott Parker, who lashed out at Yelp reviewers in a recent interview
(sent in by visual77). After being asked what he'd like to see less
of, he stated:
More Info:

Republican Threat to Defund NPR Fails, Free Press
House Minority Whip Eric Cantor (R-Va.) tried to cut off federal
funding for NPR by bringing a vote to the House floor today. While the
measure failed, this political stunt is part of a larger though
unpopular effort to undermine one of America's most consistently
trusted sources of news and information.
More Info:

An Internet Self-Regulation Tool for Consumer Privacy, Nextgenweb
A good deal of progress is being made to balance the needs for
consumer privacy, behavioral advertising, and internet innovation.
Today, USTelecom hosted a panel event discussing important ways to
balance a consumer's right to online privacy while still enabling
advertisers to gather data to target consumer buying needs and wants.
The discussion began with an overview of online
More Info:

Rep. Ron Paul Introduces Bill to Halt Body Scanner Program, EPIC
Representative Ron Paul introduced a bill that would hold TSA agents
legally accountable for airline screening procedures. Rep. Paul cited
abusive screening procedures as the reason for the legislation, titled
the American Traveler Dignity Act. In a floor speech, Representative
Paul also endorsed National Opt-Out Day, a grassroots movement of
passengers who plan to refuse the devices on November 24th. EPIC is
More Info:

Myspace Cries Uncle, Hands Lunch Money to Facebook, Gigaom
Sometimes it just doesn't pay to fight the inevitable. In the case of
Myspace, that means admitting the unpleasant — but at the same time
undeniable — fact that it has lost the social-networking race to
Facebook. The News Corp. subsidiary has been doing that gradually over
the past few months, and the latest move in that direction came today,
with the launch of a new feature that Myspace CEO Mike Jones called
More Info:

The economic implications of surveillance-enhancing design, Crawford
This term I've been focused on the law of surveillance. The students
are writing excellent papers (go, students - that second draft is due
today!) and there's a lot going on in the world on this topic.
More Info:

50 ISPs Harbor Half Of All Infected Machines - OECD Issues Study On
Botnets And ISP reactions, dslreports
Slashdot directs our attention to a new study by Delft University of
Technology and Michigan State University on botnets and how ISPs deal
with them. The study analyzed 90 billion spam messages from 170
million unique IP addresses captured between 2005 and 2009, and found
that just fifty (out of tens of thousands) of global ISPs are
responsible for about half of all infected machines. If those ISPs did
a better job of
More Info:

Stuxnet attacks could move beyond Iranian nuclear plants, Ars Technica
The Stuxnet worm, a complicated piece of malware apparently engineered
to disrupt Iranian uranium enrichment, could be modified to attack
more industries, according to experts speaking to the Senate Homeland
Security and Governmental Affairs Committee.
More Info:

Hacking Sweden's election with pen and paper, Wired
In Sweden's recent election, a small collection of crafty programmers
appear to have attempted to hack the voting database with a
pen-and-paper attack.
More Info:

RSS Feeds : Fed Notices : Blog : Clips :

Twitter & Facebook: Cybertelecom

To [un]subscribe to Cybertelecom-l, visit
Announce only list information available at

AUP ::

Cybertelecom is Off-the-Record. Otherwise play nicely.

Link to us!

Wednesday, November 17, 2010

11.17 :: 70 Years of Decisions :: Good Spectrum is Hard to Find :: Well Now that We All Agree :: 11 /8s :: Opt Out Invasive Body Scanners Nov. 24 ::

CyberTelecom News
Federal Internet Law and Policy
These capitalists generally act harmoniously and in concert, to fleece
the people. – Abraham Lincoln

Transformative Choices: A Review of 70 Years of FCC Decisions
Sherille Ismail, OSP, October 2010, fcc
The paper presents a historical review of a series of pivotal
FCC decisions that helped shape today's communications landscape. It
finds that there have been a
number of successful efforts by the FCC, before and after the 1970s,
to promote new entrants, especially
in the markets for commercial radio, cable television, telephone
equipment, and direct broadcast satellites
More Info:

my first FCC TAC meeting, CAIDA
I recently attended my first FCC Technological Advisory Council
meeting (video archives). A week before the meeting we received a memo
from the chairman of the committee (Tom Wheeler) notifying the
committee of a "clear and challenging mandate from Chairman
Genachowski: to generate ideas and spur actions that lead to job
creation and economic growth in the ICT [information and communication
More Info:

NTIA Releases New Spectrum Report: Concludes Finding New Spectrum Is Hard., PK
When the Federal Communications Commission (FCC) released its National
Broadband Plan (NBP) back in March, it focused very heavily on making
500 MHz of new spectrum available for broadband ove the next ten
years. The Obama Administration endorsed this goal back in May, and
ordered the relevant federal agency — Department of Commerce National
Telecommunications Information Administration (NTIA) — to do a study
on how to make this happen on the Federal side.
More Info:

New Research Study to Examine Teens' Online Behavior, Pew
Pew Research Center and Family Online Safety Institute will conduct
research focused on teenagers' online activities and digital
More Info:

Federal Register Notice: Reopening of Comment Period, NTIA
The Department of Commerce's Internet Policy Task Force announces that
the closing deadline for submission of comments responsive to the
September 29, 2010 notice of inquiry on the global free flow of
information on the Internet has been reopened and will extend until
December 6, 2010
More Info:

Wireless Firms Count On The Future Of The Internet, NPR
The Internet has been an economic bonanza for innovators and
entrepreneurs. The world wide web allowed start-ups to thrive at the
expense of established companies. But as the Internet age matures,
there are concerns big business is trying to exert more control.
More Info:

Who Should Govern the Internet?, COMCAST
Later today, I'll deliver a speech at an event hosted by the Center
for Technology Innovation at the Brookings Institution. The new Center
is committed to "developing data-driven scholarship to enhance
understanding of technology's legal, economic, social, and governance
ramifications." I'm grateful for their invitation to discuss a timely
and important topic: the right role for government, and for other
institutions, in governing the Internet.
More Info:

The IETF and an Evolving Internet, Cable
Last week, the Internet Engineering Task Force (i.e. the "IETF") held
their meeting in Beijing, China. The IETF's mission is "to make the
Internet work better by producing high quality, relevant technical
documents that influence the way people design, use, and manage the
Internet." As the Internet is global, the IETF meets three times a
More Info:

With Consensus at Hand on Net Neutrality, Time to "Check the Box", COMCAST
At yesterday's Brookings forum on "Internet Governance and Regulation:
What Should Be Government's Role?" Comcast's David Cohen delivered a
keynote calling for a greater reliance on the role of engineers and
the importance of transparent and consensus-based processes for
governing the Internet. He noted that long-standing engineering fora
such as the Internet Engineering Task Force have provided global
More Info:

Our Innovation Infrastructure: Opportunities and Challenges, FCC
Earlier today, Chairman Genachowski spoke at the annaul meeting of the
National Association of Regulatory Utility Commissioners in Atlanta.
In concert with the conference's "Keeping the Focus" theme, the
Chairman spoke to the primary focus of the FCC: the economy and jobs.
We're serving this mission through harnessing the opportunities of
communications technology and putting an emphasis on innovation.
More Info:

IPv6 Task Force Guiding Agencies on Next-Generation IP, Exec Gov
The federal IPv6 Task Force, led by Chairman Peter Tseronis, will
begin meeting with federal agencies today to provide guidance about
the switch to the next-generation IPv6, according to a report on
Government Computer News.
More Info:

105/8 Allocated to AfriNIC - 11 /8s Remain at IANA, ARIN
No description
More Info:

IPv6 Inside Everything and Everybody, Circleid
With the market for connected humans reaching saturation in advanced
economies, mobile operators now see connected devices as the next
growth opportunity. 'Everything that can benefit from being connected
will be connected', according to Ericsson's CTO (source). In the
meantime, Intel dreams of embedding processors into everything that
can gain something from communicating. Intel is quoted as counting on
More Info:

Public hangs up on printed phone books, Globe and Mail
Campaign presses Yellow Pages Group to stop mailing out heavy paper
tomes 'without permission' as contact information migrates online
More Info:

As Netflix bears down, Hulu Plus cuts price, CNET
Hulu Plus is playing catchup with rival Web video service Netflix and
has apparently realized that the best way to compete is to offer a
More Info:

Hulu opens premium service in U.S., Globe and Mail
Hulu Plus, which offers streaming TV content, launches with price cut,
but it's unavailable in Canada
More Info:

Paul Lanois, Caught in the Clouds: The Web 2.0, Cloud Computing, and
Privacy? NW J. Tech and Intel Prop 2010, NW J Tech & IP
ccording to a recent study by The Nielsen Company, the average
American Internet user spends over fifty-five hours per month online.1
However, despite the wide range of possibilities offered by the
Internet, Americans spend about half of their online
More Info:

From AM radio to satellite TV: seven decades of FCC regulation, Ars Technica
It was 1926. Broadcast radio was all the rage. But most stations
barely resembled the kind of outlets we listen to today. The majority
were run by colleges, civic organizations, and in some instances,
labor unions. Only 4.3 percent could be classified as "commercial
More Info:

Report: Obama administration to appoint Web privacy czar, Ars Technica
The US government is preparing to appoint a privacy czar and introduce
legislation to address growing concerns over Internet privacy. The
announcement is expected to come within weeks along with a report from
the US Commerce Department, though at this point, the details are
apparently far from being hammered out.
More Info:

M. Blane Michael, Reading the Fourth Amendment: Guidance from the
Mischief that Gave it Birth, NYLR Vol. 85 Num. 4 Oct. 2010, NYLR Vol.
85 Num. 4
The Supreme Court begins the twenty-first century with increasing use of a
cramped approach to Fourth Amendment interpretation. That approach, championed
by Justice Scalia, gives determinative weight to outdated common law rules
More Info:

Opt-Out Day Called Against Invasive Body Scanners, Wired
In the wake of a pilots' group calling on members to boycott body
scanners, an activist has launched a public movement to designate Nov.
24 as National Opt-Out day to encourage airline passengers to protest
the use of invasive body scanners and "enhanced pat-downs."
More Info:

100 Naked Citizens: 100 Leaked Body Scans, Wired
At the heart of the controversy over "body scanners" is a promise: The
images of our naked bodies will never be public. U.S. Marshals in a
Florida Federal courthouse saved 35,000 images on their scanner. These
are those images.
More Info:

Website Publishes 100 Pictures Of Federal Security Body Scans, NPR
The images were among the 35,000 that U.S. Marshals at an Orlando
courthouse admitted to saving. Their release intensifies the debate
over how private those images remain.
More Info:

TSA Investigating 'Don't Touch My Junk' Passenger, Wired
The TSA has launched an investigation of a passenger in San Diego who
left the airport after opting out of an invasive body scan and
criticizing the proposed alternative pat-down. He also faces an
$11,000 fine.
More Info:

F.B.I. Seeks Wider Wiretap Law for Web, NYT
The agency's director, in meeting with Silicon Valley executives, says
it is necessary for a 1994 law to be freshened to cover Internet
More Info:

Clues suggest Stuxnet Virus was built for subtle nuclear sabotage, Ars Technica
New and important evidence found in the sophisticated "Stuxnet"
malware targeting industrial control systems provides strong hints
that the code was designed to sabotage nuclear plants, and that it
employs a subtle sabotage strategy that involves briefly speeding up
and slowing down physical machinery at a plant over a span of weeks.
More Info:

Thierer Joining Mercatus Center's Technology Policy Program, TLF
I'm very pleased to announce that I am today joining the Mercatus
Center at George Mason University as a Senior Research Fellow. I will
be working in the Mercatus Center's Technology Policy Program and
covering many of the same issues I have been active on for many years
now, including: free speech and child safety issues; privacy and
advertising policy; communications and media law; Internet governance;
online taxation and e-commerce regulation; and much more.
More Info:

RSS Feeds : Fed Notices : Blog : Clips :

Twitter & Facebook: Cybertelecom

To [un]subscribe to Cybertelecom-l, visit
Announce only list information available at

AUP ::

Cybertelecom is Off-the-Record. Otherwise play nicely.

Link to us!

Friday, November 12, 2010

11.12.10 :: Washington Has Its Head Up Its Rear End :: Cybersquatting Bad! :: But Google Maps Said We Could Invade :: Carriage ::

CyberTelecom News
Federal Internet Law and Policy
Most folks are as happy as they make up their minds to be. – Abraham Lincoln

Secure a PC, Website From Firesheep Session Hijacking, CW
A couple of weeks ago, a tricky new Firefox plug-in called Firesheep
made hijacking someone's Web browsing session point-and-click simple.
You should take extra precautions to ensure that nobody hacks into
your online accounts when you surf on public Wi-Fi networks.
More Info:

Ad Networks Can't Get 47 USC 230 Defense on Motion to Dismiss--Swift
v. Zynga, Tech Marketing Law
Swift v. Zynga Game Network, Inc., 2010 U.S. Dist. LEXIS 117355 (N.D.
Cal. Nov. 3, 2010). Wendy...
More Info:

The "Neutrality" of Things, GC
In an article titled, 'Will Netflix Doom Net Neutrality?' a very
interesting argument is being made - along the lines of "to stay
neutral or not". It's not an easy topic to find oneself solidly on
one side or the other as both arguments have merit, At the same time,
it's a highly volitile subject. One that can make peace-loving geeks
turn rabid and start throwing their office chairs.
More Info:

Sorry, Net Neutrality Simply Was Not An Important Issue In This Year's
Election, Techdirt
This one is just amusing. Scott Cleland, who works for the big
broadband companies as a professional propagandist, and has a long
history of making absolutely ridiculous claims in order to support
their positions, apparently got a bit of traction from the
non-thinking press, after he started pushing the message that all of
the Democrats who signed a "pledge" to support
More Info:

Did You Know This Election Turned On Network Neutrality? Why
Washington Has Its Head Up Its Rear End., Tales from the Sausage
Apparently, the election results last Tuesday were a "national
referendum" on network neutrality. I'm not sure how I missed this, but
the constant repetition of this idea in the blogosphere and on Twitter
has now utterly convinced me and everyone…
More Info:

US Broadband Speed Jumps to 16th Worldwide, bandwidth reports
The US has improved its broadband speed rankings from 22nd to 16th
worldwide, according to an Akamai broadband survey. Delaware enjoys
the fastest connections in the US, and California continues to
dominate the top US cities for fast broadband. We also show the
slowest countries and US states.
More Info:

Cowboys fire coach, forget to renew Web domain, CNET
When the Dallas Cowboys fired their coach, Wade Phillips, was full of no news at all. The team had forgotten
to renew the domain name and site showed a picture of two kids playing
More Info:

Cybersquatting Bad!, Cybertelecom
This is the first of a series of posts on the Anti-Cybersquatting
Consumer Protection Act (ACPA). This first post reviews the ACPA's
legislative history.On-line extortion in any form is unacceptable and
outrageous. Whether it's people extorting companies by registering
company names, misdirecting Internet users to inappropriate sites, or
otherwise attempting to damage a trademark that a
More Info:

Surprising Cybersquatting Domain Name Dispute in the Ninth Circuit,
Infl Law Group
A panel of the Ninth Circuit last week released an opinion in DSPT
Int'l, Inc. v. Nahum, 2010 WL 4227883, (CV-06-00308-ODW)(Oct. 27,
2010), opinion here, that's worth a brief review for its various
holdings in a "cybersquatting" trademark and domain name dispute.
What's interesting about this case? For starters the result the Court
reached under the
More Info:

Vint Cerf urges ISPs to deploy IPv6 - Inquirer, Inquirer
INTERNET PIONEER Vinton Cerf raised the spectre of Internet islands in
urging businesses to move towards IP version 6 (IPv6).
More Info:

AfriNIC gets 105/8, IPv4 Depletion
Today AfriNIC got the 105/8 block allocated from IANA. This is
surprisingly early, I was expecting AfriNIC to request more space in
April of next year. This is moving the IANA depletion date much
earlier (February of next year instead of April).
More Info:

FCC looks at Google's Street View data grab, Globe and Mail
Google faces multiple probes over Street View cars while U.S.
government prepares plans to address Internet privacy
More Info:

Troops Move To Latin American Border. Google Maps Cited As The Reason., NPR
Nicaraguan troops have landed on an Island that Costa Rica claims as
its territory. A long disputed area, Nicaraguan forces point to Google
Maps saying it is their land. Google says, oops, our bad.
More Info:

Photographer Sues State Of Texas For Using Image From His Photograph
On Auto Inspection Stickers, Techdirt
Jon Snow points us to the story of a photographer who discovered that
a photograph he took of a cowboy hoisting a saddle is being used as
the background image on approximately 4.5 million inspection stickers
More Info:

Court Blocks Furniture Seller From Sending More DMCA Takedowns To eBay
Over Competitor's Furniture, Techdirt
It's no secret that the DMCA can be used as a form of censorship and
anti-competitive practices. Thankfully, at least some judges are
catching on. Evan Brown has the story of how Zen Path, a company that
sells furniture online, had been sending DMCA takedowns to eBay, after
noticing competitor Design Furnishings selling very similar wicker
furniture on eBay. I
More Info:

Did Jammie Thomas case backfire on file sharers?, CNET
Jammie Thomas-Rasset was supposed to become the Joan of Arc of file
sharing. Instead, copyright owners appear to be the ones benefiting
most from her legal challenge.
More Info:

Internet TV battles come to a head at FCC, WAPO
Changes in the television marketplace have been fast and furious in
recent months, and soon more tumult may come by way of the Federal
Communications Commission.
More Info:

Fox now blocking Google TV, Lost Remote
Fox has joined ABC, CBS and NBC in blocking Google TV viewers from
watching video, reports Google TV allows you to punch up a
web browser on your TV set, but when you visit and click to
watch a clip, a message says, "This content is not compatible with
your device." When we visited a few days ago, it gave a
similar error message (right).
More Info:

Cable Subscribers Flee, But Is Internet To Blame?, NPR
TV subscribers are ditching their cable companies at an ever faster
rate in the past few months. It could be a sign that Internet services
such as Netflix and Hulu are finally starting to entice people to
cancel cable, though company executives cite the weak economy.
More Info:

Carriage, Crawford
As I left a hotel recently, I walked towards the first cab on the cab
stand. The driver had a phone to his ear. "I'm on a call," he said.
"Go to the next cab."
More Info:

F.C.C. Investigates Google Street View, NYT
Google's acquisition of passwords, e-mails and other personal data
from unsuspecting people may have violated the Communications Act.
More Info:

The Role of Internet Services Providers in Botnet Mitigation, OECD
Botnets – networks of computers infected by malware – are critical
security threats. Based on the analysis of 109 billion spam messages,
this report considers whether ISPs can be critical control points for
botnet mitigation, how the number of infected machines varies across
ISPs and why.,3373,en_2649_37441_1_1_1_1_37441,00.html?rssChId=37441#46397080
More Info:

Report: Exploring the Digital Nation: Home Broadband Internet Adoption
in the United States, NTIA
A Report Prepared by the Economics and Statistics Administration and
the National Telecommunications and Information Administration in the
U.S. Department of Commerce. The report analyzes data collected
through an Internet Usage Survey of 54,000 households conducted by the
U.S. Census Bureau in October 2009.
More Info:

News Release. News Media Contact: Mark Wigfield
More Info:

VoIP Providers must now pay USF funds, WISPA
From Phone+ article Nomadic VoIP providers such as Vonage Holdings
Corp. and 8×8 Inc. now must pay into states' Universal Service funds.
Late last week, the FCC ruled that states may require the likes of
Vonage and 8×8 to contribute to their individual USF subsidies from
here on out; the decision was expected. VoIP operators
More Info:

Report: Obama Readying 'Stepped-Up' Internet Policing, NPR
The Commerce Department is working on a plan, for release in the next
several weeks, that would call for "new laws and the creation of a new
position to oversee the effort," The Wall Street Journal reports.
More Info:

RSS Feeds : Fed Notices : Blog : Clips :

Twitter & Facebook: Cybertelecom

To [un]subscribe to Cybertelecom-l, visit
Announce only list information available at

AUP ::

Cybertelecom is Off-the-Record. Otherwise play nicely.

Link to us!

Monday, November 08, 2010

[REPORT] New Commerce Dept Report Shows Broadband Adoption Rises While Cap Persists

Note: This follows a long line of reports during the Clinton/Gore administration on the Digital Divide. Under Clinton/Gore, NTIA set up a website dedicated to this at When the Bush/Cheney administration came in, one of the first things they did was pull down explaining how it was not part of their policy. NTIA under Bush/Cheney did continue to issue these reports, but the message changed to a more positive, everything's fine conclusion.


Data Show Digital Divide Not Simply Due to Socio-Economic Status

Monday, November 8, 2010
News Media Contacts:
Jane Callen, ESA, (202) 482-2235
Moira Vahey, NTIA (202) 482-0147

WASHINGTON – The Department of Commerce's Economics and Statistics Administration (ESA) and National Telecommunications and Information Administration (NTIA) today released a new report, “Digital Nation II,” that analyzes broadband Internet access and adoption across the United States. The study – the most comprehensive of its kind -- finds that socio-economic factors such as income and education levels, although strongly associated with broadband Internet use, are not the sole determinants of use; even after accounting for socioeconomic differences, significant gaps persist along racial, ethnic, and geographic lines. The report analyzes data collected through an Internet Usage Survey of 54,000 households conducted by the U.S. Census Bureau in October 2009. Earlier this year, NTIA released initial findings from the survey, showing that while virtually all demographic groups have experienced rising broadband Internet adoption at home, and 64 percent of households overall have broadband at home, historic disparities among demographic groups have persisted over time.

"In order to narrow the digital divide and help more Americans compete in the 21st century economy, we need to better understand the causes of the broadband gap,” said Under Secretary for Economic Affairs Rebecca Blank. “Today's report identifies various factors that drive and inhibit broadband adoption. It is the most comprehensive, data-driven analysis of broadband adoption that has been conducted. The bedrock of sound policymaking is statistical measurement and analysis of the data and underlying issues.”

"Americans who lack broadband Internet access are cut off from many educational and employment opportunities," said Assistant Secretary for Communications and Information and NTIA Administrator Lawrence E. Strickling. "The learning from today's report is that there is no simple ‘one size fits all’ solution to closing the digital divide. A combination of approaches makes sense, including targeted outreach programs to rural and minority populations emphasizing the benefits of broadband. NTIA's Broadband Technology Opportunities Program is helping to address this challenge, but we are hopeful today's report will be useful to the larger community working to close the gap."

The principal findings of the report are:


  • Seven out of ten American households used the Internet in 2009. The majority of these households used broadband to access the Internet at home. Almost one-fourth of all households, however, did not have an Internet user.

Determinants of Household Broadband Adoption

  • Income and education are strongly associated with broadband Internet use at home but are not the sole determinants.
  • Broadband Internet adoption was higher among White households than among Black and Hispanic households. Differences in socio-economic attributes do not explain the entire gap associated with race and ethnicity.
  • A similar pattern holds for urban and rural locations. Urban residents were more likely than their rural counterparts to adopt broadband Internet, even after accounting for socio-economic differences.
  • In contrast, differences in socio-economic and geographic characteristics do explain a substantial portion of the broadband adoption lag among people with disabilities.
  • Broadband adoption also varies with age, with the elderly population much less likely than their younger counterparts to use home broadband Internet services.
  • Lack of need or interest, lack of affordability, lack of an adequate computer, and lack of availability were all stated as the main reasons for not having home broadband Internet access. The significance of these factors, however, varied across non-users, with affordability and demand generally dominating.
  • Internet non-users reported lack of need or interest as their primary reason for not having broadband at home. This group accounted for two-thirds of those who don't have broadband at home. In contrast, households that did not use the Internet specifically at home but did use the Internet elsewhere ranked affordability as the primary deterrent to home broadband adoption. This group represented almost one-fourth of those who don't have broadband at home.
  • Households that use dial-up service cited affordability as the main reason for not adopting broadband at home. For rural residents using dial-up service, lack of broadband availability was reported as a significant factor.

Long-term trends in broadband Internet use

  • Between 2001 and 2009, broadband Internet use among households rose sevenfold, from 9 percent to 64 percent of American households.
  • Some of the demographic groups that had lower-than-average adoption rates in 2001 have since shown impressive gains, but sizable gaps remain among demographic groups defined by income, education, race, and ethnicity. Similarly, despite gains in adoption rates within geographic areas, significant gaps in adoption still persist among the states, some regions, and between urban and rural locations.

NTIA and the Department of Agriculture’s Rural Utilities Service are administering a nearly $7 billion Recovery Act initiative to expand access to and adoption of broadband services. NTIA is utilizing approximately $4 billion of that funding for the Broadband Technology Opportunities Program (BTOP), which provided grants to support the deployment of broadband infrastructure, enhance and expand public computer centers, and encourage sustainable adoption of broadband service.

The full report is available at

Sunday, November 07, 2010

Cybersquatting Bad!

This is the first of a series of posts on the Anti-Cybersquatting Consumer Protection Act (ACPA). This first post reviews the ACPA's legislative history.

On-line extortion in any form is unacceptable and outrageous. Whether it's people extorting companies by registering company names, misdirecting Internet users to inappropriate sites, or otherwise attempting to damage a trademark that a business has spent decades building into a recognizable brand, anyone engaging in cyber-squatting activity should be held accountable for their actions. --Sen. Abraham, Sponsor of the ACPA
"Cybersquatting is the Internet version of an unlawful land grab. Cybersquatters register well-known brand names as Internet domain names in order to force the rightful owners of the marks to come forward and pay for the right to engage in electronic commerce under their own name." Interstellar Starship Servs., Ltd. v. Epix, Inc., 304 F.3d 936, 946 (9th Cir. 2002) .

In the late 1990s, in the cacophony of disagreement over domain names and Internet governance, there was one issue over which there was rough consensus: cybersquatters bad! Back in the late 1990s, the White House singled out cybersquatting as bad in a DNS White Paper; Federal Courts have had a disdain for Cybersquatters; and the 106th Congress, a Congress which was gridlocked, found rough consensus to pass the AntiCybersquatting Consumer Protection Act (ACPA).

Purpose: "The purpose of the bill is to protect consumers and American businesses, to promote the growth of online commerce, and to provide clarity in the law for trademark owners by prohibiting the bad-faith and abusive registration of distinctive marks as Internet domain names with the intent to profit from the goodwill associated with such marks-a practice commonly referred to as ''cybersquatting.'" [Senate Report Leg His]

Discussion Derived From: The AntiCybersquatting Consumer Protection Act, Report 106-140, 106 th Cong., 1 st Sess. (Aug. 5, 1999) (Legislative History):

Trademark owners are facing a new form of piracy on the Internet caused by acts of ''cybersquatting,'' which refers to the deliberate, bad-faith, and abusive registration of Internet domain names in violation of the rights of trademark owners. For example, when Mobil and Exxon announced their proposed merger in December, 1998, a speculator registered every variation of the possible resulting domain name, i.e.,,,, etc., ad infinitum. In another example of bad-faith abuses of the domain name registration system, Network Solutions- the domain name registry that administers the Internet's ''.com,'' ''.net,'' ''.org,'' and ''.edu'' top level domains-pulled on a London computer club in May, 1999, that had registered over 75,000 domain names using an automated computer program.1 Their aim was to lock up all available four letter domains by systematically reserving every possible combination of letters, starting with, then,, up to, until every available combination had been reserved.

The practice of cybersquatting harms consumers, electronic commerce, and the goodwill equity of valuable U.S. brand names, upon which consumers increasingly rely to locate the true source of genuine goods and services on the Internet. Online consumers have a difficult time distinguishing a genuine site from a pirate site, given that often the only indications of source and authenticity of the site, or the goods and services made available thereon, are the graphical interface on the site itself and the Internet address at which it resides. As a result, consumers have come to rely heavily on familiar brand names when engaging in online commerce. But if someone is operating a web site under another brand owner's trademark, such as a site called '''' or '','' consumers bear a significant risk of being deceived and defrauded, or at a minimum, confused. The costs associated with these risks are increasingly burdensome as more people begin selling pharmaceuticals, financial services, and even groceries over the Internet. Regardless of what is being sold, the result of online brand name abuse, as with other forms of trademark violations, is the erosion of consumer confidence in brand name identifiers and in electronic commerce generally.

Cybersquatters target distinctive marks for a variety of reasons. Some register well-known brand names as Internet domain names in order to extract payment from the rightful owners of the marks, who find their trademarks ''locked up'' and are forced to pay for the right to engage in electronic commerce under their own brand name. For example, several years ago a small Canadian company with a single shareholder and a couple of dozen domain names demanded that Umbro International, Inc., which markets and distributes soccer equipment, pay $50,000 to its sole shareholder, $50,000 to an Internet charity, and provide a free lifetime supply of soccer equipment in order for it to relinquish the '''' name. The Committee also heard testimony that Warner Bros. was reportedly asked to pay $350,000 for the rights to the names ''warnerrecords. com'', '''', '''', ''warner-bros-pictures'', and ''''.

Others register well-known marks as domain names and warehouse those marks with the hope of selling them to the highest bidder, whether it be the trademark owner or someone else. For example, the Committee heard testimony regarding an Australian company operating on the Internet under the name ''The Best Domains,'' which was offering such domain names as '','' at asking prices of up to $60,911, with a caption that reads ''PORSCHE: DO I NEED TO SAY ANYTHING?'' The Committee also heard testimony regarding a similarly enterprising cybersquatter whose partial inventory of domain names-the listing of which was limited by the fact that Network Solutions will only display the first 50 records of a given registrant-includes names such as Coca-Cola, Pepsi, Burger King, KFC, McDonalds, Subway, Taco Bell, Wendy's, BMW, Chrysler, Dodge, General Motors, Honda, Hyundai, Jaguar, Mazda, Mercedes, Nissan, Porsche, Rolls-Royce, Saab, Saturn, Toyota, and Volvo, all of which are available to the highest bidder through an online offer sheet.

In addition, cybersquatters often register well-known marks to prey on consumer confusion by misusing the domain name to divert customers from the mark owner's site to the cybersquatter's own site, many of which are pornography sites that derive advertising revenue based on the number of visits, or ''hits,'' the site receives. For example, the Committee was informed of a parent whose child mistakenly typed in the domain name for '','' expecting to access the family-oriented content of the Walt Disney home page, only to end up staring at a screen of hardcore pornography because a cybersquatter had registered that domain name in anticipation that consumers would make that exact mistake. Other instances of diverting unsuspecting consumers to pornographic web sites involve malicious attempts to tarnish a trademark owner's mark or to extort money from the trademark owner, such as the case where a cybersquatter placed pornographic images of celebrities on a site under the name '''' and announced that it would sell the domain name to the highest bidder. Others attempt to divert unsuspecting consumers to their sites in order to engage in unfair competition. For example, the business operating under the domain name '''' greets online consumers at its site with a picture of Mickey Mouse and offers shuttle services in the Orlando area and reservations at Disney hotels, although the company is in no way affiliated with the Walt Disney Company and such fact is not clearly indicated on the site. Similarly, the domain name address '','' without a period following ''www'', was used by a cybersquatter to offer a competing service to Microsoft's popular Carpoint car buying service.

Finally, and most importantly, cybersquatters target distinctive marks to defraud consumers, including to engage in counterfeiting activities. For example, the Committee heard testimony regarding a cybersquatter who registered the domain names '''' and '''' and used those names to establish sites purporting to sell calling cards and soliciting personally identifying information, including credit card numbers. We also heard the account of a cybersquatter purporting to sell Dell Computer products under the name '''', when in fact Dell does not authorize online resellers to market its products, and a similar account of someone using the name '''' to sell Levis jeans despite the fact that Levis is the only authorized online reseller of its jeans.8 Of even greater concern was the example of an online drug store selling pharmaceuticals under the name '''' without any way for online consumers to tell whether what they are buying is a legitimate product, a placebo, or a dangerous counterfeit.

Congress viewed the legal remedies available for trademark owners before the passage of the ACPA as "expensive and uncertain." The ACPA was designed to thwart cybersquatters "who register numerous domain names containing American trademarks or tradenames only to hold them ransom in exchange for money." [Virtual Works Sec. II.A.1 ("The ACPA was enacted in 1999 in response to concerns over the proliferation of cybersquatting-the Internet version of a land grab.")]

Next Post: The Elements of an ACPA cause of action.

Thursday, November 04, 2010

FTC Names Edward W. Felten as Agency's Chief Technologist; Eileen Harrington as Executive Director

FTC Names Edward W. Felten as Agency's Chief Technologist; Eileen
Harrington as Executive Director

Federal Trade Commission Chairman Jon Leibowitz today announced the
appointment of Edward W. Felten as the agency's first Chief
Technologist. In his new position, Dr. Felten will advise the agency
on evolving technology and policy issues.

Dr. Felten is a professor of computer science and public affairs and
founding director of the Center for Information Technology Policy at
Princeton University. He has served as a consultant to federal
agencies, including the FTC, and departments of Justice and Defense,
and has testified before Congress on a range of technology, computer
security, and privacy issues. He is a fellow of the Association of
Computing Machinery and recipient of the Scientific American 50 Award.
Felten holds a Ph.D. in computer science and engineering from the
University of Washington.

Dr. Felten's research has focused on areas including computer security
and privacy, especially relating to consumer products; technology law
and policy; Internet software; intellectual property policy; and using
technology to improve government.

"Ed is extraordinarily respected in the technology community, and his
background and knowledge make him an outstanding choice to serve as
the agency's first Chief Technologist," Leibowitz said. "He's going to
add unparalleled expertise on high-technology markets and computer
security. And he also will provide invaluable input into the
recommendations we'll be making soon for online privacy, as well as
the enforcement actions we'll soon bring to protect consumer privacy.
We're thrilled to have him on board."

Dr. Felten currently is a part-time consultant for the FTC. He will
start full time as Chief Technologist in January.

Chairman Leibowitz also announced that Eileen Harrington has been
named the agency's Executive Director. Harrington comes to the FTC
from a 15-month stint as Chief Operating Officer at the U.S. Small
Business Administration. Previously, she served for 25 years at the
FTC, starting as a staff attorney and assuming a variety of senior
management positions in the Bureau of Consumer Protection, including
Associate Director for Marketing Practices, Deputy Director, and
Acting Director. Harrington has a long list of accomplishments from
her tenure at the FTC. Perhaps most notably, she received the
prestigious Service to America Medal for leading the team that created
the National Do Not Call Registry.

"This is a very happy homecoming," said Leibowitz. "Eileen has made an
invaluable contribution to the FTC in the past, and her strong
management skills, enthusiasm, and creativity will once again be put
to use for the betterment of the agency and for American consumers. We
are delighted to have her back."

The Federal Trade Commission works for consumers to prevent
fraudulent, deceptive, and unfair business practices and to provide
information to help spot, stop, and avoid them. To file a complaint in
English or Spanish, visit the FTC's online Complaint Assistant or call
1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into
Consumer Sentinel, a secure, online database available to more than
1,800 civil and criminal law enforcement agencies in the U.S. and
abroad. The FTC's website provides free information on a variety of
consumer topics.

Office of Public Affairs