October 23, 2005
Colleges Protest Call to Upgrade Online Systems
By SAM DILLON and STEPHEN LABATON
The federal government, vastly extending the reach of an 11-year-old law, is requiring hundreds of universities, online communications companies and cities to overhaul their Internet computer networks to make it easier for law enforcement authorities to monitor e-mail and other online communications.
The action, which the government says is intended to help catch terrorists and other criminals, has unleashed protests and the threat of lawsuits from universities, which argue that it will cost them at least $7 billion while doing little to apprehend lawbreakers. Because the government would have to win court orders before undertaking surveillance, the universities are not raising civil liberties issues.
The order, issued by the Federal Communications Commission in August and first published in the Federal Register last week, extends the provisions of a 1994 wiretap law not only to universities, but also to libraries, airports providing wireless service and commercial Internet access providers.
It also applies to municipalities that provide Internet access to residents, be they rural towns or cities like Philadelphia and San Francisco, which have plans to build their own Net access networks.
So far, however, universities have been most vocal in their opposition.
The 1994 law, the Communications Assistance for Law Enforcement Act, requires telephone carriers to engineer their switching systems at their own cost so that federal agents can obtain easy surveillance access.
Recognizing the growth of Internet-based telephone and other communications, the order requires that organizations like universities providing Internet access also comply with the law by spring 2007.
The Justice Department requested the order last year, saying that new technologies like telephone service over the Internet were endangering law enforcement's ability to conduct wiretaps "in their fight against criminals, terrorists and spies."
Justice Department officials, who declined to comment for this article, said in their written comments filed with the Federal Communications Commission that the new requirements were necessary to keep the 1994 law "viable in the face of the monumental shift of the telecommunications industry" and to enable law enforcement to "accomplish its mission in the face of rapidly advancing technology."
The F.C.C. says it is considering whether to exempt educational institutions from some of the law's provisions, but it has not granted an extension for compliance.
Lawyers for the American Council on Education, the nation's largest association of universities and colleges, are preparing to appeal the order before the United States Court of Appeals for the District of Columbia Circuit, Terry W. Hartle, a senior vice president of the council, said Friday.
The Center for Democracy and Technology, a nonprofit civil liberties group, has enlisted plaintiffs for a separate legal challenge, focusing on objections to government control over how organizations, including hundreds of private technology companies, design Internet systems, James X. Dempsey, the center's executive director, said Friday.
The universities do not question the government's right to use wiretaps to monitor terrorism or criminal suspects on college campuses, Mr. Hartle said, only the order's rapid timetable for compliance and extraordinary cost.
Technology experts retained by the schools estimated that it could cost universities at least $7 billion just to buy the Internet switches and routers necessary for compliance. That figure does not include installation or the costs of hiring and training staff to oversee the sophisticated circuitry around the clock, as the law requires, the experts said.
"This is the mother of all unfunded mandates," Mr. Hartle said.
Even the lowest estimates of compliance costs would, on average, increase annual tuition at most American universities by some $450, at a time when rising education costs are already a sore point with parents and members of Congress, Mr. Hartle said.
At New York University, for instance, the order would require the installation of thousands of new devices in more than 100 buildings around Manhattan, be they small switches in a wiring closet or large aggregation routers that pull data together from many sites and send it over the Internet, said Doug Carlson, the university's executive director of communications and computing services.
"Back of the envelope, this would cost us many millions of dollars," Mr. Carlson said.
F.C.C. officials declined to comment publicly, citing their continuing review of possible exemptions to the order.
Some government officials said they did not view compliance as overly costly for colleges because the order did not require surveillance of networks that permit students and faculty to communicate only among themselves, like intranet services. They also said the schools would be required to make their networks accessible to law enforcement only at the point where those networks connect to the outside world.
Educause, a nonprofit association of universities and other groups that has hired lawyers to prepare its own legal challenge, informed its members of the order in a Sept. 29 letter signed by Mark A. Luker, an Educause vice president.
Mr. Luker advised universities to begin planning how to comply with the order, which university officials described as an extraordinary technological challenge.
Unlike telephone service, which sends a steady electronic voice stream over a wire, the transmission of e-mail and other information on the Internet sends out data packets that are disassembled on one end of a conversation and reassembled on the other.
Universities provide hundreds of potential Internet access sites, including lounges and other areas that offer wireless service and Internet jacks in libraries, dorms, classrooms and laboratories, often dispersed through scores of buildings.
If law enforcement officials obtain a court order to monitor the Internet communications of someone at a university, the current approach is to work quietly with campus officials to single out specific sites and install the equipment needed to carry out the surveillance. This low-tech approach has worked well in the past, officials at several campuses said.
But the federal law would apply a high-tech approach, enabling law enforcement to monitor communications at campuses from remote locations at the turn of a switch.
It would require universities to re-engineer their networks so that every Net access point would send all communications not directly onto the Internet, but first to a network operations center where the data packets could be stitched together into a single package for delivery to law enforcement, university officials said.
Albert Gidari Jr., a Seattle lawyer at the firm Perkins Coie who is representing Educause, said he and other representatives of universities had been negotiating with lawyers and technology officials from the Federal Bureau of Investigation, the Department of Homeland Security and other agencies since the spring about issues including what technical requirements universities would need to meet to comply with the law.
"This is a fight over whether a Buick is good enough, or do you need a Lexus?" Mr. Gidari said. "The F.B.I. is the lead agency, and they are insisting on the Lexus."
Law enforcement has only infrequently requested to monitor Internet communications anywhere, much less on university campuses or libraries, according to the Center for Democracy and Technology. In 2003, only 12 of the 1,442 state and federal wiretap orders were issued for computer communications, and the F.B.I. never argued that it had difficulty executing any of those 12 wiretaps, the center said.
"We keep asking the F.B.I., What is the problem you're trying to solve?" Mr. Dempsey said. "And they have never showed any problem with any university or any for-profit Internet access provider. The F.B.I. must demonstrate precisely why it wants to impose such an enormously disruptive and expensive burden."
Larry D. Conrad, the chief information officer at Florida State University, where more than 140 buildings are equipped for Internet access, said there were easy ways to set up Internet wiretaps.
"But the wild-eyed fear I have," Mr. Conrad said, "is that the government will rule that this all has to be automatic, anytime, which would mean I'd have to re-architect our entire campus network."
He continued, "It seems like overkill to make all these institutions spend this huge amount of money for a just-in-case kind of scenario."
The University of Illinois says it is worried about the order because it is in the second year of a $20 million upgrade of its campus network. Peter Siegel, the university's chief information officer, estimated that the new rules would require the university to buy 2,100 new devices, at a cost of an additional $13 million, to replace equipment that is brand new.
"It's like you buy a new car, and then the E.P.A. says you have to buy a new car again," Mr. Siegel said. "You'd say, 'Gee, could I just buy a new muffler?' "
The colonel sings the blues
By Lakshmi ChaudhryPosted on October 20, 2005, Printed on October 20, 2005 http://www.alternet.org/bloggers/lakshmi/27117/
Lawrence Wilkerson, the former chief of staff to Colin Powell, offered a scathing and surprisingly blunt critique of the Bush foreign policymaking process during a speech at the New America Foundation. Here are some highlights from a partial transcript [Video HERE]:
But the case that I saw for 4 plus years was a case that I have never seen in my studies of aberration, bastardizations, perturbations, changes to the national security decisionmaking process. What I saw was a cabal between the Vice President of the United States, Richard Cheney, and the Secretary of Defense and [inaudible] on critical issues that made decisions that the bureaucracy did not know were being made. ...
Under Secretary of Defense Douglas Feith whom most of you probably know Tommy Frank said was stupidest blankety blank man in the world. He was. Let me testify to that. He was. Seldom in my life have I met a dumber man. ...
So you’ve got this collegiality there between the Secretary of Defense and the Vice President. And then you’ve got a President who is not versed in international relations. And not too much interested in them either. And so it’s not too difficult to make decisions in this, what I call Oval Office cabal, and decisions often that are the opposite of what you thought were made in the formal process.
Wilkerson was no kinder on Condi Rice, whom he accused of not doing her job: "she would side with the president to build her intimacy with the president." But the section in the raw transcript that caught my attention is this:
And I would say that we have courted disaster, in Iraq, in North Korea, in Iran, generally with regard to domestic crises like Katrina, Rita and I could go on back, we haven’t done very well on anything like that in a long time. And if something comes along that is truly serious, truly serious, something like a nuclear weapon going off in a major American city, or something like a major pandemic, you are going to see the ineptitude of this government in a way that will take you back to the Declaration of Independence. Read it some time again.
I just use it for a tutoring class for my students in the District of Columbia. Forced me to read it really closely because we’re doing metaphors and similes and antonyms and synonyms and so we’re…read in there what the founders say in a very different language than we use today. Read in there what they say about the necessity of people to [inaudible - background voice] tyranny or to throw off ineptitude or to throw off that which is not doing what the people want it to do. [Partial transcript here]
Neither the Washington Post or Financial Times articles clarify exactly what Wilkerson is saying with his reference to the Declaration of Independence. Reads to me as though he is implying that the American public ought to overthrow the Bush administration (or will do so when they realize just how terribly incompetent and dangerous it is), but that may just be wishful thinking. [Links courtesy David Addams]
Update: The full transcript is now available here.
Wednesday :: Oct 19, 2005
Wurmser Is Now Cooperating With Fitz As Well
Raw Story is reporting this morning that a second Cheney staffer, David Wurmser, is also cooperating now with Patrick Fitzgerald. Wurmser, who is one of the PNAC true believers that encircle Cheney, Bolton, and Rummy, has according to Raw Story flipped along with Cheney and Bolton staffer John Hannah after they were threatened for their actions in attacking Joe Wilson's credibility. The Raw Story piece makes it clear that both Hannah and Wurmser revealed Valerie Plame's identity and role at the Agency at the direction of senior staffers in Cheney's office (read: Scooter Libby).
Late Monday, several sources familiar with Special Prosecutor Patrick Fitzgerald’s probe said John Hannah, a key aide to Vice President Dick Cheney and one of the architects of the Iraq war, was cooperating with Fitzgerald after being told that he was identified by witnesses as a co-conspirator in the leak. Sources said Hannah was not given immunity, but was likely offered a “deal” in exchange for information that could result in indictments of key White House officials.
Now, those close to the investigation say that a second Cheney aide, David Wurmser, has agreed to provide the prosecution with evidence that the leak was a coordinated effort by Cheney’s office to discredit the agent's husband. Her husband, former ambassador Joseph Wilson, was one of the most vocal critics of the Iraq war.
Wurmser, Cheney’s Middle East advisor and an assistant to then-Under Secretary of State for Arms Control and International Security Affairs John Bolton, likely cooperated because he faced criminal charges for his role in leaking Wilson's name on the orders of higher-ups, the sources said.
According to those familiar with the case, Wurmser was in attendance at several meetings of the White House Iraq Group (WHIG), a little-known cabal of administration hawks that formed in August 2002 to publicize the threat posed by Saddam Hussein. Those who say they have reviewed documents obtained in the probe assert that the Vice President was also present at some of the group’s meetings.
The sources say that Hannah and Wurmser were given orders by senior officials in Cheney’s office in June 2003 to leak Plame’s covert status and identity in an attempt to muzzle Wilson. The former ambassador had been a thorn in administration’s side since May 2003, when he began questioning claims that Iraq was an imminent threat to the U.S. and its neighbors in the Middle East.
We'll have no way of knowing how solid Raw Story's reporting here really is, until we see what Fitzgerald comes out with. On the surface, it sounds like he is using the two staffers to roll onto Libby, in the hope probably that Libby will then come clean about Cheney's role in all of this, something I don't think will ever happen unless Fitzgerald really can threaten Libby with a violation of the Espionage Act for directing the leaking a covert operative's name, among the other perjury and obstruction charges. But if you are to believe the account by Raw Story, it shows that there was knowledge aforethought about Plame's status, and that takes this into a very serious realm far beyond simple perjury and obstruction charges.
Even the Democrats are now asking what did Bush know, and when did he lie about it?
Even Tweety said this morning that this is evolving into a serious problem for Cheney, although Matthews spins this travesty as something Bush is detached from, and as a wholly-owned Cheney operation. Does anyone believe that?
Rice Fails to Persuade Russia to Support U.N. Action on Iran
By JOEL BRINKLEY
Published: October 16, 2005
MOSCOW, Oct. 15 - Russia's leaders told Secretary of State Condoleezza Rice on Saturday that they did not support sending the issue of Iran's nuclear program to the United Nations Security Council, and they reaffirmed their view that Iran had the legal right to enrich uranium.
The statements, by Foreign Minister Sergey Lavrov and others, were a sharp setback for Ms. Rice's efforts to reach a consensus on Iran's nuclear program. The Iranians "have this right" to enrich uranium under the Nuclear Nonproliferation Treaty, Mr. Lavrov said at joint news conference with Ms. Rice, who flew here on short notice for consultations on Iran and other issues before heading to London.
Ms. Rice spent two hours with Mr. Lavrov and another hour with President Vladimir V. Putin on Saturday morning but failed to budge them from their view, which is at odds with Washington's position.
Still, Ms. Rice, speaking to reporters later, made it clear that the United States and its European allies would still refer Iran to the Security Council, for admonishment or sanctions, if it did not shut down its nuclear fuel reprocessing program. But with Russia opposed, the prospects in the Council look bleak, as Russia holds a veto. "We do not agree that this matter should be sent to the Security Council," said Sergei Kislyak, the deputy foreign minister.
Iran says it needs to process nuclear fuel for civilian nuclear-power stations. But Washington and its European allies argue that Iran wants the fuel for nuclear weapons.
The board of the International Atomic Energy Agency, an arm of the United Nations, voted last month to refer the issue of Iran's nuclear program to the Security Council. Russia and 11 other nations abstained. But the board must vote again during a meeting that begins Nov. 24 to make the actual referral. Both Mr. Lavrov and Ms. Rice said they were hoping Iran would make concessions before then, making a referral unnecessary.
Ms. Rice said for the first time on Saturday that Washington might not push for a vote on a referral during the November meeting, suggesting that the United States may not have the votes it needs to win a second vote on the agency's board. Some members of the board who voted in favor of last month's resolution are rotating off the board. Among those rotating on in their place are Belarus, Cuba and Syria, three nations that are unlikely to support the American position.
Officials said the vote could also be postponed if Iran appeared to be moving toward compliance with the board's demands.
"There will be a referral," Ms. Rice said, but "we're going to keep the referral option alive at a time of our choosing."
Ms. Rice contended that the Russians had not rebuffed her because "they did say that the Iranians do not currently have the confidence of the international community." She also noted that the Russians had previously proposed to provide Iran with fuel for a civilian nuclear reactor and then to take back the spent materials. That, she said, demonstrates that Russia, too, has concerns about the Iranian program.
When asked about Mr. Lavrov's unambiguous statements of opposition to the United States and European position, she repeatedly referred back to those two points and would not acknowledge the disagreement. As she explained it, "the Russians prefer to have negotiations proceed in this period of time."
Mr. Kislyak agreed, to a point, saying "one has to work with Iran to find a solution." But he and Mr. Lavrov strongly suggested that negotiating with Iran within the atomic energy agency was about as far as Russia was willing to go.
Responding to a question about referring Iran to the Council, Mr. Lavrov said, "We think that the current situation commits us to develop this issue and to do everything possible within the means of" the atomic energy agency "without referring this issue to other organizations."
U.S. House of Representatives
N E W S R E L E A S E
For Immediate Release: October 21, 2005Davis, Waxman, Sensenbrenner, Conyers, Boehlert, and Gordon ReactTo GAO Report on Security Problems With Electronic Voting SystemsWashington, D.C. - Government Reform Committee Chairman Tom Davis (R-VA) and Ranking Member Henry A. Waxman (D-CA), Judiciary Committee Chair F. James Sensenbrenner (R-WI) and Ranking Member John Conyers (D-MI), and Science Committee Chair Sherwood Boehlert (R-NY) and Ranking Member Bart Gordon (D-TN), issued the following statements upon today's release of the Government Accountability Office's report, "Federal Efforts to Improve Security and Reliability of Electronic Voting Systems Are Under Way, but Key Activities Need to Be Completed" (GAO-05-956):"It is certainly disappointing that, despite the recommendations from federal organizations and non-governmental groups, many states still have not made progress to make sure their electronic voting systems are safe from fraud and can be relied on to accurately count votes," Chairman Davis said. "However, I am pleased that the EAC is continuing to push states to improve their voting systems and comply with the requirements of the Help Americans Vote Act (HAVA). American's voting system must be made to be world class, everywhere in the country, as soon as possible.""The GAO report indicates that we need to get serious and act quickly to improve the security of electronic voting machines," said Rep. Waxman. "The report makes clear that there is a lack of transparency and accountability in electronic voting systems - from the day that contracts are signed with manufacturers to the counting of electronic votes on Election Day. State and local officials are spending a great deal of money on machines without concrete proof that they are secure and reliable. American voters deserve better." Chairman Sensenbrenner said, "The Founders established the states as the entity primarily responsible for the administration of both federal and state elections. While Congress has provided direction through HAVA and federal grants to modernize state election systems, some states continue to drag their feet in preventing voting compilation errors and eliminating questionable voter registration and poll day procedures. In my home state of Wisconsin, the current Governor has done his best to block the legislature's efforts to implement voting reforms conforming with HAVA guidelines, despite evidence of widespread voter fraud in Milwaukee in recent elections. The EAC will have to push hard to overcome the resistance of those who rely on outmoded and unreliable voting practices to keep themselves in power.""I am shocked at the extent and nature of problems GAO has identified in our electronic voting systems, and I fear that this may just be the tip of the iceberg," said Rep. Conyers. "It is totally unacceptable that in 21st century American we would allow faulty machines and systems to rob citizens of their voting rights. While GAO offers some modest recommendations for improvement, it is incumbent upon Congress to respond to this problem and to enact much-needed reforms such as a voter verified paper audit trail that protects all Americans' right to vote."Chairman Boehlert said, "I wholeheartedly endorse the GAO recommendations, which underscore the need for the Election Assistance Commission and the National Institute of Standards and Technology to continue their work to establish standards and testing procedures for voting equipment. This work must move ahead on an ambitious schedule, and the Science Committee will continue to monitor its progress.""The foundation of democracy rests upon the accuracy, integrity and security of our voting system," Rep. Gordon said. "The Science Committee gave the National Institute of Standards and Technology a pivotal role to ensure that our voting systems are trustworthy. However - as the GAO report highlights - much remains to be done before the next election cycle. Their report is a wake-up call for adequate funding for NIST's activities and makes clear that closer oversight by Congress is warranted."Background / GAO Results SummaryAll levels of government share responsibility in the U.S. election process. At the federal level, Congress has authority under the Constitution to regulate presidential and congressional elections. The Help America Vote Act of 2002 increased the federal role in state and local elections, in part by giving states the resources to improve the accessibility, security, and reliability of their voting systems. Under HAVA, nearly $39 billion has been allocated to states to purchase electronic voting systems and improve the voting process. Voting System Vulnerabilities Identified by GAO:· Cast ballots, ballot definition files, memory cards, and audit logs could be modified.· Supervisor functions were protected with weak or easily guessed passwords, and memory cards that allowed individuals access to voting machines were inadequately protected.· Systems had easily picked locks and power switches that were exposed and unprotected.· Voting machine vendors had weak security practices, including the failure to conduct background checks on programmers and system developers, and the failure to establish clear chain of custody procedures for handling software.Voting System Failures Have Already Occurred During ElectionsIn addition to identifying potential vulnerabilities, GAO identified a number of cases of operational failures in real elections. These examples included:· In California, a county presented voters with an incorrect electronic ballot, meaning they could not vote in certain races.· In Pennsylvania, a county made a ballot error on an electronic voting system that resulted in the county's undervote percentage reaching 80% in some precincts.· In North Carolina, electronic voting machines continued to accept votes after their memories were full, causing over 4,000 votes to be lost.· In Florida, a county reported that touch screens took up to an hour to activate and had to be activated sequentially, resulting in long delays.Problems With Implementation of Voluntary Standards, Testing, and Federal Efforts to Improve Voting System SecurityGAO reported that voluntary standards for electronic voting adopted in 2002 by the Federal Election Commission contain vague and incomplete security provisions, inadequate provisions for commercial products and networks, and inadequate documentation requirements. GAO also found that tests currently performed by independent testing authorities and state and local election officials do not adequately assess electronic voting system security and reliabilityThe GAO report indicated that national initiatives to improve voting system security and reliability of electronic voting systems either lack specific plans for implementation or are not expected to be completed until after the 2006 election. According to GAO, "Until these efforts are completed, there is a risk that many state and local jurisdictions will rely on voting systems that were not developed, acquired, testing, operated, or managed in accordance with rigorous security and reliability standards - potentially affecting the reliability of future elections and voter confidence in the accuracy of the vote count" The Election Assistance Commission, which was created as part of the "Help American Vote Act" began operations in January 2004. To improve the security and reliability of electronic voting systems, GAO recommends that EAC establish tasks, processes, and time frames for improving the federal voluntary voting system standards, testing capabilities, and management support available to state and local election officials. EAC commissioners agreed with GAO recommendations and stated that actions on each are either under way or intended. The National Institute of Standards' (NIST) director also agreed with the report's conclusions.
No comments:
Post a Comment