Archive for the ‘computers’ Category


Apple and power users: A lopsided love affair – TNW
Apple
Apple hates power users. I’ve heard the refrain many times over the last few weeks, but it’s reached a crescendo with the release of OS X Lion. Apple’s newest OS has a host of user-facing features that are aimed at making it the easiest and most feature-rich OS that Apple has ever made.
Those features, along with the fact that several key new additions to Lion borrow heavily from the iOS mobile platform, have convinced many that Apple is actively discouraging power users from using its platform. Launchpad, Mission Control and the changes to the finder are seen as more nails in the coffin of the Mac as a platform for more advanced users. Some say that soon we’ll be using a version of OS X that makes the Mac just a bigger version of the iPad.
There is some truth in the reactions to the changes that Apple has made, and is continuing to make, to its flagship OS. But there’s also a decided lack of perspective. To figure out what the future holds in store for OS X power users, we have to examine a couple of factors. The first is to determine what exactly a power user is.

What is a power user?

There are a lot of definitions that would work here and power users will likely find different ways to define themselves based on what they do with computers and why they do it. But the basic needs of the power user can be boiled down to two things: Access and control.
Now, a power user’s wants and needs are not diametrically opposed to the needs of a regular user. There is significant overlap here and any given user might want or need a certain amount of control over their machine to do what they need to do. The difference comes with the way that Apple decides how much control and how much access a user needs. In the end, a power user believes that they deserve full access and full control over their computer system, giving them the ability to mold the hardware and software however they see fit to accomplish whatever goal they have in mind. In contrast, a non-power user might want a specific bit of control to accomplish a purpose, but otherwise doesn’t care.
To give you an example, let’s say that a particular Apple computer is not compatible with a brand of electronic drawing tablet and pen that an artist uses to make digital paintings. In the eyes of the artist, this is a barrier to them producing artwork on this machine. So they have two options, either purchase a new tablet or gain access to driver support on the machine to reinstate the compatibility that they had on their previous computer.
The outcome of this situation depends largely on that artist’s desire to delve into the deeper workings of the computer’s functionality. If they decide that it’s worth it, financially or time-wise, to fix that issue then they very well may learn why the problem is occurring and gain the expertise necessary to fix it. On the other hand, they may decide that it’s not worth it and just pay someone else to fix it or buy a new tablet.
A power user would never ask themselves the ‘is it worth it’ question. Instead, they would automatically assume that it was their right to use the machine how they wished and delve into making the tablet’s software work on the machine if possible.
There is a variation on this theme that’s worth mentioning too. Often a power user can be defined as a heavy user of the system for a specific purpose. If, for instance, you’re a professional using a Mac to do video editing, you’re going to want to tweak many software settings to make it the ideal environment for you to do your work in. This is really an extension of control though, and many of the same principles apply here that apply to any power user.
In the end, we all have a bit of a power user in us when the situation presents itself, but the desire for control and the ability to access the system to get that control is the defining characteristic of a power user.

Apple and the power user

Just over three decades ago, Apple’s Steve Jobs and Steve Wozniak were excited to show off what they had created in a bedroom of Woz’s house in Palo Alto. It was a homemade computer kit called the Apple I and they wanted who would appreciate it to see it. So they brought it to the local homebrew computer club and presented it to the members in the weekly meeting. Those people were what we now call power users.
This is a bit of a conceit, because at the time there was really no such thing as a ‘regular’ user of Apple’s computers. Very few members of the general public had much of an idea what computers actually did. And even if they did, these were things that were used by corporations, not in the home.
The members of the club wanted to build their own computers to use at home. They wanted access to the capabilities of a computer and control over their construction and programming. That was a difficult proposition at the time because there were very few computers that were affordable and available enough to make this kind of thing a commodity. The Apple I, and later II, changed all of that by offering these users a complete kit (minus a monitor, a case and a few other things that we take for granted today) that they could build and use without having to source many of the components themselves.
This offering was made to these power users but it didn’t stop there. The Apple computer was effectively the beginnings of the personal computer revolution. It took something that was available only to the power user and brought it to ‘regular people’. By the end of the 1980s, Apple was selling tens of thousands of computers to users who would be classified well outside of the power user spectrum.
In effect, Apple’s genesis was with the power user, but its ongoing success has not been due to appealing to that market, but instead by making the computer more available to the public at large. The vast majority of people who use Apple computers are doing so because they give them an easy and well-designed way to use the functions of a computer, not because the hardware or software gives them more options.

Access and control

Apple knows which side of its bread is buttered. From the very first, Steve Jobs knew that the market for the personal computer reached far outside of hobbyist clubs and enthusiasts. Both he and Wozniak, and many of the early employees of Apple, envisioned a future where every home had a computer. And they have been fortunate enough to see that dream come true in their lifetimes.
If a computer was to be in every home, however, it couldn’t be designed with just the power user in mind. It had to be relatable to the average person and usable by just about everyone, even those with a very meager or very shallow understanding of computers. To this end, the Macintosh was designed with a software interface that felt familiar to the user. There were folders, files and a desktop. Using features was as easy as pointing at them and ‘touching’ them with the mouse.
This, of course, led to the concept of limiting access to the underlying system. When you have this beautiful graphic interface laying on top of the system, offering a relatable way to control the system, it becomes less necessary for people to get access to the underpinnings of the computer.
In this manner, Apple really began moving away from serving the power user with some of the very first computers in its lineup, even before the Mac. Beginning with the Apple II, the company began a general shift towards wanting people to see these computers as a complete product, not a collection of parts. The streamlined case and integrated keyboard made it seem like an appliance. This only became more evident when Apple began offering the Apple IIe with a monitor early in its 11-year lifespan.
This was truly a complete machine. You wouldn’t have to solder or build anything here. Just plug it in, buy some software and away you go.
This ease of use has continued to drive Apple’s innovation when it comes to the Mac and its other products up to this day. At first, it may have seemed like a betrayal to the power user, but in the end, it’s really a sign of Apple growing up.

Wants vs. needs

By the time the iMac was rolled out, the days of generic Apple hardware were over. This had removed the physical tinkering aspect from the Apple lexicon almost completely. Apple power users had experienced a shift from hardware geeks to software geeks. This paradigm largely holds true today as power users of the Mac seem largely focused on making the use of the system more efficient through software tweaking, while the hardcore hardware customizers tend to gravitate to PC’s, where generic, interchangeable parts offer more flexibility.
Apple’s design ethos of their computers and portable devices, which de-emphasizes specs in favor of emotional quotients and broad statements about magic and beauty, extends to its software as well. If you’re using a Mac and you’re not interested in tweaking things manually, there is an almost 100% chance that you will never, ever have to do so.
For most of Apple’s customers, this is a godsend. A computer that offers them productivity and a sense of purpose, wrapped up in a beautiful package, is exactly what they need. It’s one of the primary reasons that a lot of creative pros use Apple machines. It allows them to focus on creation, not manipulation of the system.
The continued inclusion of Apple Script and Terminal access in the default accounts of Macs today shows that there is still at least a vestigial awareness of the power user at Apple. Even though those users are a smaller percentage than they once were, they’re still there. And in many cases, the features that those users take advantage of and how they use them informs the design of the OS.
However, many of the changes within OS X Lion have made some question whether Apple cares to cater to power users on an even basic level.

Lion and the power user

Although the reception to OS X Lion has been generally positive across the board, there have still been those among the heaviest users of the Mac that feel slighted with the changes and lack of attention to ‘power’ features.
Foremost among these is scripting support. The lack of improvements in the support for AppleScript language has been a rallying cry for those that feel that Apple hates power users. You can still create scripts that automate tasks and operations within OS X, but additional support in applications or the OS hasn’t been added in Lion.
Instead, the Automator application, which uses an interface that gives scripting a visual component, has gotten a lot of love. The new stuff in Automator is really great and allows people to create automatic actions throughout OS X very easily. If you’re a power user that hasn’t checked out some of the new stuff, I’d suggest you take a look at this excellent site. If you’re a user that hasn’t dabbled in Automator much, you should definitely give it a look.
Automator is the future of AppleScript. There may always be support for people to write custom actions, but in the end, Automator is the way that Apple wants this system to work on OS X. This speaks to what power users feel is some of their access to the system being taken away. Instead of being given the ability to access every application with AppleScript, users of OS X are now having the extent and types of automation that are available to them dictated by Apple.
Another major feature of Lion that has been causing some waves is Mission Control, which combines some of the features of Expose and Spaces into one gesture-launchable app. When you break down the features of Mission Control, you’ll find that Expose has survived this blending with most of its features relatively intact. Spaces, however, has been modified heavily. This has removed much of the ability by users to determine the virtual ‘location’ of their spaces as well as the ability to move applications between spaces with the same speed.
Mission Control is a relatively ugly, but incredibly functional feature that should take the idea of virtual desktops out of the shadows, where it’s been used by power users for years, and put it into the hands of new users of Lion, especially those who are new to Mac.
This is the reason that Apple is making these changes, not to spite the power user, but to open up the Mac to new users at any cost. By acting as an editor and displaying a willingness to be merciless in that editing, Apple is showing maturity that has come along with its growing success in capturing a large part of the personal computer market…again.

Maturity and foresight

By choosing not to do things that it could do and instead looking at what it should do, Apple is trying to be wise, not just intelligent. Could Apple enhance scripting greatly, giving users incredible access to the system by providing extensive support? Yes. Could it offer the option to return to the old way that Spaces used to work? Yes. Will it do those things? No.
Recent years have shown, for better or for worse, that Apple is willing to make hard decisions about the direction of its products. The recent brouhaha over Final Cut Pro X and the changes it made from the previous version, are a prime example of this.
Apple divested itself of the design of its older software and came up with a creative vision of what it thinks the future of video editing is. I won’t go into my thoughts on its success or failure here, there are plenty of great articles about the topic already. Instead, I’ll answer the question why.
Apple doesn’t make these changes because it hates the power user, it does it because it loves the regular user. Or, to be more accurate, it loves the income that the new user brings to the company when Apple computers are purchased.
The history of the company, especially in the modern era, has proven time and again that Apple is interested in creating, at least as far as it perceives them, the best products in the world. Whether those be category defining like the iPad, or category refining, like the MacBook Air. But the interests of the company don’t stop there. It is also interested in making money, and to do this it needs to anticipate the needs of new users in ways that may sometimes seem arbitrary or hostile to current users.
In short, it’s displaying maturity and foresight.
What, to the power user, may seem like hostility, is in fact closer to apathy. Apple is telling these users that if they’re interested in bending the system to their will, then they will have to find their own way of doing that. Apple is too busy building a system that will appeal to billions to cater to the comparatively small thousands that make up the power user base.

If you want it done right

There is honestly a lot more that could be said about the one-sided battle that power users have been fighting with Apple over the years. There are minor features of OS 9 that didn’t make the jump to OS X that are still a major point of contention (WindowShade anyone?). But in the end, what it boils down to is that Apple doesn’t make products for power users, it hasn’t in years. Instead, users of their products find them so useful and pleasant to work with that they gain a desire to make them even more efficient.
What Apple has been saying for years is that it will continue to edit and refine its products according to its own goals and if you’re a power user, you need to find a way to get the access and control that you need within those editorial bounds.
There are still tools available to the power user, even inside Apple’s editorial walls. Automator is better than ever in Lion. AppleScript, while not expanded upon, remains a great way to create custom actions not supported by the OS, and there are a host of preference files still available for tweaking via the Terminal.
Apple doesn’t hate power users, but it also doesn’t love them. As the company matures its making harder decisions about what its customers need versus what they want. As Steve Jobs has famously said, “You can’t just ask customers what they want and then try to give that to them. By the time you get it built, they’ll want something new.”
If you’re a power user, well, you’re probably already looking for a way around that.

Apple and power users: A lopsided love affair – TNW Apple

var addthis_config = { ui_cobrand: “The MasterTech Blog”}

_______________________________________

Check it out on The MasterTech Blog
Advertisements

>

Today it’s Facebook.  

” … Over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties,”

  Symantec had to get them to come out and tell you…


And yet it amazes people continue to put things online that they wouldn’t want the whole world to see…

Story from Reuters below:

Facebook may have leaked your personal information: Symantec

Photo
12:46am EDT
(Reuters) – Facebook users’ personal information could have been accidentally leaked to third parties, in particular advertisers, over the past few years, Symantec Corp said in its official blog.
Third-parties would have had access to personal information such as profiles, photographs and chat, and could have had the ability to post messages, the security software maker said.
“We estimate that as of April 2011, close to 100,000 applications were enabling this leakage,” the blog post said.
” … Over the years, hundreds of thousands of applications may have inadvertently leaked millions of access tokens to third parties,” posing a security threat, the blog post said.
The third-parties may not have realized their ability to access the information, it said.
Facebook, the world’s largest social networking website, was notified of this issue and confirmed the leakage, the blog post said.
It said Facebook has taken steps to resolve the issue.
“Unfortunately, their (Symantec’s) resulting report has a few inaccuracies. Specifically, we have conducted a thorough investigation which revealed no evidence of this issue resulting in a user’s private information being shared with unauthorized third parties,” Facebook spokeswoman Malorie Lucich said in a statement.
Lucich said the report also ignores the contractual obligations of advertisers and developers which prohibit them from obtaining or sharing user information in a way that “violates our policies.”
She also confirmed that the company removed the outdated API (Application Programing Interface) referred to in Symantec’s report.
Facebook has more than 500 million users and is challenging Google Inc and Yahoo Inc for users’ time online and for advertising dollars.
(Reporting by Thyagaraju Adinarayan and Sakthi Prasad in Bangalore; Editing by Bernard Orrand Anshuman Daga)
© Thomson Reuters 2011. All rights reserved.

Facebook may have leaked your personal information: Symantec | Reuters

Sharevar addthis_config = { ui_cobrand: “The MasterFeeds”}

The MasterFeeds


>Facebook Loses Much Face In Secret Smear On Google
Facebook secretly hired a PR firm to plant negative stories about Google, says Dan Lyons in a jaw dropping story at the Daily Beast.

For the past few days, a mystery has been unfolding in Silicon Valley. Somebody, it seems, hired Burson-Marsteller, a top public-relations firm, to pitch anti-Google stories to newspapers, urging them to investigate claims that Google was invading people’s privacy. Burson even offered to help an influential blogger write a Google-bashing op-ed, which it promised it could place in outlets like The Washington Post, Politico, and The Huffington Post.
The plot backfired when the blogger turned down Burson’s offer and posted the emails that Burson had sent him. It got worse when USA Today broke a story accusing Burson of spreading a “whisper campaign” about Google “on behalf of an unnamed client.”

Not good.
The source emails are here.
I’ve been patient with Facebook over the years as they’ve had their privacy stumbles. They’re forging new ground, and it’s not an exaggeration to say they’re changing the world’s notions on what privacy is. Give them time. They’ll figure it out eventually.
But secretly paying a PR firm to pitch bloggers on stories going after Google, even offering to help write those stories and then get them published elsewhere, is not just offensive, dishonest and cowardly. It’s also really, really dumb. I have no idea how the Facebook PR team thought that they’d avoid being caught doing this.
First, it lets the tech world know that Facebook is scared enough of what Google’s up to to pull a stunt like this. Facebook isn’t supposed to be scared, ever, about anything. Supreme confidence in their destiny is the the way they should be acting.
Second, it shows a willingness by Facebook to engage in cowardly behavior in battle. It’s hard to trust them on other things when we know they’ll engage in these types of campaigns.
And third, some of these criticisms of Google are probably valid, but it doesn’t matter any more. The story from now on will only be about how Facebook went about trying to secretly smear Google, and got caught.
The truth is Google is probably engaging in some somewhat borderline behavior by scraping Facebook content, and are almost certainly violating Facebook’s terms and conditions. But many people argue, me included, that the key data, the social graph, really should belong to the users, not Facebook. And regardless, users probably don’t mind that this is happening at all. It’s just Facebook trying to protect something that it considers to be its property.
Next time Facebook should take a page from Google’s playbook when they want to trash a competitor. Catch them in the act and then go toe to toe with them, slugging it out in person. Right or wrong, no one called Google a coward when they duped Bing earlier this year.
You’ve lost much face today, Facebook.
Update: Sleazy PR Firm Throws Scummy Facebook Under The Sordid Bus


Chavez’ Government asked the FARC to kill opposition leaders and carry out bombings




Today’s New York Times has an article by Simon Romero on the book with the internal FARC communications found in Raul Reyes‘ computers. Among the highlights:
“In some of the most revealing descriptions of FARC activity in Venezuela, the book explains how Venezuela’s main intelligence agency, formerly known by the acronym Disip and now called the Bolivarian Intelligence Service, sought to enlist the FARC in training state security forces and conducting terrorist attacks, including bombings, in Caracas in 2002 and 2003. “
and:
“The book also cites requests by Mr. Chávez’s government for the guerrillas to assassinate at least two of his opponents.
The FARC discussed one such request in 2006 from a security adviser for Alí Rodríguez Araque, a top official here. According to the archive, the adviser, Julio Chirino, asked the FARC to kill Henry López Sisco, who led the Disip at the time of a 1986 massacre of unarmed members of a subversive group.”

Let the denials begin…

And

May 10, 2011

Venezuela Asked Colombian Rebels to Kill Opposition Figures, Analysis Shows

CARACAS, Venezuela — Colombia’s main rebel group has an intricate history of collaboration with Venezuelan officials, who have asked it to provide urban guerrilla training to pro-government cells here and to assassinate political opponents of Venezuela’s president, according to a new analysis of the group’s internal communications.
The analysis contends that the Revolutionary Armed Forces of Colombia, or FARC, was asked to serve as a shadow militia for Venezuela’s intelligence apparatus, although there is no evidence that President Hugo Chávez was aware of the assassination requests or that they were ever carried out.
The documents, found in the computer files of a senior FARC commander who was killed in a 2008 raid, also show that the relationship between the leftist rebels and Venezuela’s leftist government, while often cooperative, has been rocky and at times duplicitous.
The documents are part of a 240-page book on the rebel group, “The FARC Files: Venezuela, Ecuador and the Secret Archive of Raúl Reyes,” to be published Tuesday by the International Institute for Strategic Studies in London. While some of the documents have been quoted and cited previously, the release of a CD accompanying the book will be the first time such a large number of the documents have been made public since they were first seized.
The book comes at a delicate stage in the FARC’s ties with Venezuela’s government. Mr. Chávez acknowledged last month for the first time that some of his political allies had collaborated with Colombian rebels, but insisted they “went behind all our backs.”
The book contradicts this assertion, pointing to a long history of collaboration by Mr. Chávez and his top confidants. Venezuela’s government viewed the FARC as “an ally that would keep U.S. and Colombian military strength in the region tied down in counterinsurgency, helping to reduce perceived threats against Venezuela,” the book said.
The archive describes a covert meeting in Venezuela in September 2000 between Mr. Chávez and Mr. Reyes, the FARC commander whose computers, hard drives and memory sticks were the source of the files. At the meeting, Mr. Chávez agreed to lend the FARC hard currency for weapons purchases.
A spokesman for Mr. Chávez did not respond to requests for comment.
Venezuela’s government has contended that the Reyes files were fabrications. In 2008, Interpol dismissed the possibility that the archive, which includes documents going back to the early 1980s, had been doctored.
Moreover, data from the archive has led to the recovery of caches of uranium in Colombia and American dollars in Costa Rica, and has been the basis of actions by governments including Canada, Spain and the United States. Such uses constitute “de facto recognition” that the archive is authentic, the institute said.
“We haven’t begun the dossier with the words ‘J’accuse,’ ” said Nigel Inkster, one of the book’s editors. “Instead we tried to produce a sober analysis of the FARC since the late 1990s, when Venezuela became a central element of their survival strategy.”
Recently, Venezuela seems to have cooled toward the FARC, conforming to a pattern described in the book of ups and downs between Mr. Chávez and the rebels. In April, his government took the unusual step of detaining Joaquín Pérez, a suspected senior operative for the FARC who had been living in Sweden, and deporting him to Colombia.
This move came amid a rapprochement between Mr. Chávez and Colombia’s president, Juan Manuel Santos, as a response by Mr. Chávez to Colombia’s claims that the FARC was operating from Venezuelan soil.
The archive, which opens a window into bouts of tension and even loathing between the FARC and Mr. Chávez’s emissaries, shows that Mr. Chávez has sided with the Colombian government on other occasions, especially when he stood to gain politically.
In November 2002, the book reports, before a meeting between Álvaro Uribe, then Colombia’s president, and Mr. Chávez, the FARC asked the Venezuelan Army for permission to transport uniforms on a mule train through Venezuelan territory. The Venezuelan Army granted permission, then ambushed the convoy, seized eight FARC operatives and delivered them to Colombia, allowing Mr. Chávez to inform Mr. Uribe of the operation in person.
Such betrayals, as well as unfulfilled promises of large sums of money, generated considerable tension among the rebels over their relationship with Mr. Chávez.
A member of the FARC’s secretariat, Víctor Suárez Rojas, who used the nom de guerre Mono Jojoy, once called Mr. Chávez a “deceitful and divisive president who lacked the resolve to organize himself politically and militarily.”
Still, periods of tension tended to be the exception in a relationship that has given the rebel group a broad degree of cross-border sanctuary.
In some of the most revealing descriptions of FARC activity in Venezuela, the book explains how Venezuela’s main intelligence agency, formerly known by the acronym Disip and now called the Bolivarian Intelligence Service, sought to enlist the FARC in training state security forces and conducting terrorist attacks, including bombings, in Caracas in 2002 and 2003.
A meeting described in the book shows that Mr. Chávez was almost certainly unaware of the Disip’s decision to involve the FARC in state terrorism, but that Venezuelan intelligence officials still carried out such contacts with a large amount of autonomy.
Drawing from the FARC’s archive, the book also describes how the group trained various pro-Chávez organizations in Venezuela, including the Bolivarian Liberation Forces, a shadowy paramilitary group operating along the border with Colombia.
FARC communications also discussed providing training in urban terrorism methods for representatives of the Venezuelan Communist Party and several radical cells from 23 de Enero, a Caracas slum that has long been a hive of pro-Chávez activity.
The book also cites requests by Mr. Chávez’s government for the guerrillas to assassinate at least two of his opponents.
The FARC discussed one such request in 2006 from a security adviser for Alí Rodríguez Araque, a top official here. According to the archive, the adviser, Julio Chirino, asked the FARC to kill Henry López Sisco, who led the Disip at the time of a 1986 massacre of unarmed members of a subversive group.
“They ask that if possible we give it to this guy in the head,” said Mr. Reyes, the former FARC commander.
The book says there was no evidence that the FARC acted on the request before Mr. López Sisco left Venezuela in November 2006.
Less is known about another assassination request cited in the book, including whom the target was or whether it took place.
But the book makes it clear that the Colombian rebels sometimes found their Venezuelan hosts unscrupulous and deceitful.
In one example, Mono Jojoy, who was killed in a bombing raid last year, had harsh words for Ramón Rodríguez Chacín, a former Venezuelan naval officer who has served as a top liaison between Mr. Chávez and the FARC, calling him “the worst kind of bandit.”

>

Can You Frisk a Hard Drive?

If you stand with the Customs and Border Protection officers who staff the passport booths at Dulles airport near the nation’s capital, their task seems daunting. As a huge crowd of weary travelers shuffle along in serpentine lines, inspectors make quick decisions by asking a few questions (often across language barriers) and watching computer displays that don’t go much beyond name, date of birth and codes for a previous customs problem or an outstanding arrest warrant.
Illustrations by Jennifer Daniel, Photograph by Imagemore Co., Ltd./Corbis
The officers are supposed to pick out the possible smugglers, terrorists or child pornographers and send them to secondary screening.
The chosen few — 6.1 million of the 293 million who entered the United States in the year ending Sept. 30, 2010 — get a big letter written on their declaration forms: A for an agriculture check on foodstuffs, B for an immigration issue, and C for a luggage inspection. Into the computer the passport officers type the reasons for the selection, a heads-up to their colleagues in the back room, where more thorough databases are accessible.
And there is where concerns have developed about invasions of privacy, for the most complete records on the travelers may be the ones they are carrying: their laptop computers full of professional and personal e-mail messages, photographs, diaries, legal documents, tax returns, browsing histories and other windows into their lives far beyond anything that could be, or would be, stuffed into a suitcase for a trip abroad. Those revealing digital portraits can be immensely useful to inspectors, who now hunt for criminal activity and security threats by searching and copying people’s hard drives, cellphones and other electronic devices, which are sometimes held for weeks of analysis.
Digital inspections raise constitutional questions about how robust the Fourth Amendment’s guarantee “against unreasonable searches and seizures” should be on the border, especially in a time of terrorism. A total of 6,671 travelers, 2,995 of them American citizens, had electronic gear searched from Oct. 1, 2008, through June 2, 2010, just a tiny percentage of arrivals.

“But the government’s obligation is to obey the Constitution all the time,” said Catherine Crump, a lawyer for the American Civil Liberties Union. “Moreover, controversial government programs often start small and then grow,” after which “the government argues that it is merely carrying out the same policies it has been carrying out for years.”
One of the regular targets is Pascal Abidor, a Brooklyn-born student getting his Ph.D. in Islamic studies, who reported being frisked, handcuffed, taken off a train from Montreal and locked for several hours in a cell last May, apparently because his computer contained research material in Arabic and news photographs of Hezbollah and Hamas rallies. He said he was questioned about his political and religious views, and his laptop was held for 11 days.
Another is James Yee, a former Muslim chaplain at the Guantánamo Bay prison, who gets what he wryly calls a “V.I.P. escort” whenever he flies into the United States. In 2003, Mr. Yee was jailed and then exonerated by the Army after he had conveyed prisoners’ complaints about abuse, urged respect for their religious practices and reported obscene anti-Muslim caricatures being e-mailed among security staff.
Years later, he evidently remains on a “lookout” list. A federal agent stands at the door of Mr. Yee’s incoming plane, then escorts him to the front of the passport line and to secondary screening.
Arriving in Los Angeles last May from speaking engagements in Malaysia, he was thoroughly questioned and searched, he said, and his laptop was taken for three or four hours. He was not told why, but after it was returned and he was waiting to rebook a connecting flight he’d missed, a customs officer rushed up to the counter. “We left our disk inside your computer,” he quoted her as saying. “I said, ‘It’s mine now.’ She said no, and sure enough when I took the computer out, there was a disk.”
Customs won’t comment on specific cases. “The privacy rights that citizens have really supersede the government’s ability to go into any depth,” said Kelly Ivahnenko, a spokeswoman.
In general, “we’re looking for anyone who might be violating a U.S. law and is posing a threat to the country,” she explained. “We’re in the business of risk mitigation.”
Yet the mitigation itself has created a sense of risk among certain travelers, including lawyers who need to protect attorney-client privilege, business people with proprietary information, researchers who promise their subjects anonymity and photojournalists who may pledge to blur a face to conceal an identity. Some are now taking precautions to minimize data on computers they take overseas.
“I just had to do this myself when I traveled internationally,” said Ms. Crump, the lead attorney in a lawsuit challenging the policy on behalf of Mr. Abidor, the National Association of Criminal Defense Lawyers and the National Press Photographers Association.
During a week in Paris, where she lectured on communications privacy, she had legal work to do for clients, which she could not risk the government seeing as she returned. “It’s a pain to get a new computer,” she said, “wipe it completely clean, travel through the border, put the new data on, wipe it completely clean again.”
In simpler days, as customs merely looked for drugs, ivory, undeclared diamonds and other contraband that could be held in an inspector’s hand, searches had clear boundaries and unambiguous results.
Either the traveler had banned items, or didn’t. Digital information is different. Some is clearly illegal, some only hints at criminal intent, and under existing law, all is vulnerable to the same inspection as hand-carried material on paper.
Most pirated intellectual property and child pornography, for example, cannot be uncovered without fishing around in hard drives. “We’ve seen a raft of people coming from Southeast Asia with kiddie porn,” said Christopher Downing, a supervisor at Dulles. If a person has been gone only two or three days and pictures of children are spotted in a bag, he explained, the laptop is a logical candidate for inspection. Such searches have been fruitful, judging by the bureau’s spreadsheets, which list numerous child pornography cases.
But terrorism is an amalgam of violence and ideas, so its potential is harder to define as officers scrutinize words and images as indicators of attitudes, affiliations and aspirations. Random searches are not done, Mr. Downing said, although courts so far have upheld computer inspections without any suspicion of wrongdoing. In practice, something needs to spark an officer’s interest. “If you open up a suitcase and see a picture of somebody holding an RPG,” he noted, referring to a rocket-propelled grenade, “you’d want to look into that a little more.”
The search power is preserved by its judicious use, Mr. Downing said. “If you abuse it, you lose it.” he added. The A.C.L.U. doesn’t want customs to lose it, Ms. Crump explained, but just wants the courts to require reasonable suspicion, as the Supreme Court did in 1985 for examinations of a person’s “alimentary canal.” The court distinguished such intrusive inspection from “routine searches” on the border, which “are not subject to any requirement of reasonable suspicion, probable cause, or warrant.” The justices added in a footnote that they were not deciding “what level of suspicion, if any, is required for nonroutine border searches” of other kinds.
Laptop searches should be considered “nonroutine,” Ms. Crump argues, something the United States Court of Appeals for the Ninth Circuit declined to do in 2008, when it reversed a judge’s decision to suppress evidence of child pornography obtained during a suspicionless airport computer search.
With the search powers intact, Mr. Abidor no longer dares take the train home from his studies at McGill University in Montreal. He doesn’t want to be stranded at the border, waiting hours for a bus, as he was in May. So last month his father drove up from New York to get him for vacation. The men were ordered to a room and told to keep their hands on a table while customs officers spent 45 minutes searching the car, and possibly the laptop, Mr. Abidor said. “I was told to expect this every time.”

David K. Shipler, a former reporter at The Times, is the author of “The Rights of the People: How Our Search for Safety Invades Our Liberties,” to be published in April.

‘Digital Inspections’ at U.S. Border Raise Constitutional Questions – NYTimes.com

var addthis_config = { ui_cobrand: “The MasterTech Blog”}

_______________________________________

Check it out on The MasterTech Blog

>

Israeli Test on Worm Called Crucial in Iran Nuclear Delay

This article is by William J. Broad, John Markoff and David E. Sanger.
The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israel’s never-acknowledged nuclear arms program, where neat rows of factories make atomic fuel for the arsenal.
Over the past two years, according to intelligence and military experts familiar with its operations, Dimona has taken on a new, equally secret role — as a critical testing ground in a joint American and Israeli effort to undermine Iran’s efforts to make a bomb of its own.
Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness of the Stuxnet computer worm, a destructive program that appears to have wiped out roughly a fifth of Iran’s nuclear centrifuges and helped delay, though not destroy, Tehran’s ability to make its first nuclear arms.
“To check out the worm, you have to know the machines,” said an American expert on nuclear intelligence. “The reason the worm has been effective is that the Israelis tried it out.”
Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program.

In recent days, the retiring chief of Israel’s Mossad intelligence agency, Meir Dagan, and Secretary of State Hillary Rodham Clinton separately announced that they believed Iran’s efforts had been set back by several years. Mrs. Clinton cited American-led sanctions, which have hurt Iran’s ability to buy components and do business around the world.
The gruff Mr. Dagan, whose organization has been accused by Iran of being behind the deaths of several Iranian scientists, told the Israeli Knesset in recent days that Iran had run into technological difficulties that could delay a bomb until 2015. That represented a sharp reversal from Israel’s long-held argument that Iran was on the cusp of success.
The biggest single factor in putting time on the nuclear clock appears to be Stuxnet, the most sophisticated cyberweapon ever deployed.
In interviews over the past three months in the United States and Europe, experts who have picked apart the computer worm describe it as far more complex — and ingenious — than anything they had imagined when it began circulating around the world, unexplained, in mid-2009.
Many mysteries remain, chief among them, exactly who constructed a computer worm that appears to have several authors on several continents. But the digital trail is littered with intriguing bits of evidence.
In early 2008 the German company Siemens cooperated with one of the United States’ premier national laboratories, in Idaho, to identify the vulnerabilities of computer controllers that the company sells to operate industrial machinery around the world — and that American intelligence agencies have identified as key equipment in Iran’s enrichment facilities.
Siemens says that program was part of routine efforts to secure its products against cyberattacks. Nonetheless, it gave the Idaho National Laboratory — which is part of the Energy Department, responsible for America’s nuclear arms — the chance to identify well-hidden holes in the Siemens systems that were exploited the next year by Stuxnet.
The worm itself now appears to have included two major components. One was designed to send Iran’s nuclear centrifuges spinning wildly out of control. Another seems right out of the movies: The computer program also secretly recorded what normal operations at the nuclear plant looked like, then played those readings back to plant operators, like a pre-recorded security tape in a bank heist, so that it would appear that everything was operating normally while the centrifuges were actually tearing themselves apart.
The attacks were not fully successful: Some parts of Iran’s operations ground to a halt, while others survived, according to the reports of international nuclear inspectors. Nor is it clear the attacks are over: Some experts who have examined the code believe it contains the seeds for yet more versions and assaults.
“It’s like a playbook,” said Ralph Langner, an independent computer security expert in Hamburg, Germany, who was among the first to decode Stuxnet. “Anyone who looks at it carefully can build something like it.” Mr. Langner is among the experts who expressed fear that the attack had legitimized a new form of industrial warfare, one to which the United States is also highly vulnerable.
Officially, neither American nor Israeli officials will even utter the name of the malicious computer program, much less describe any role in designing it.
But Israeli officials grin widely when asked about its effects. Mr. Obama’s chief strategist for combating weapons of mass destruction, Gary Samore, sidestepped a Stuxnet question at a recent conference about Iran, but added with a smile: “I’m glad to hear they are having troubles with their centrifuge machines, and the U.S. and its allies are doing everything we can to make it more complicated.”
In recent days, American officials who spoke on the condition of anonymity have said in interviews that they believe Iran’s setbacks have been underreported. That may explain why Mrs. Clinton provided her public assessment while traveling in the Middle East last week.
By the accounts of a number of computer scientists, nuclear enrichment experts and former officials, the covert race to create Stuxnet was a joint project between the Americans and the Israelis, with some help, knowing or unknowing, from the Germans and the British.
The project’s political origins can be found in the last months of the Bush administration. In January 2009, The New York Times reported that Mr. Bush authorized a covert program to undermine the electrical and computer systems around Natanz, Iran’s major enrichment center. President Obama, first briefed on the program even before taking office, sped it up, according to officials familiar with the administration’s Iran strategy. So did the Israelis, other officials said. Israel has long been seeking a way to cripple Iran’s capability without triggering the opprobrium, or the war, that might follow an overt military strike of the kind they conducted against nuclear facilities in Iraq in 1981 and Syria in 2007.
Two years ago, when Israel still thought its only solution was a military one and approached Mr. Bush for the bunker-busting bombs and other equipment it believed it would need for an air attack, its officials told the White House that such a strike would set back Iran’s programs by roughly three years. Its request was turned down.
Now, Mr. Dagan’s statement suggests that Israel believes it has gained at least that much time, without mounting an attack. So does the Obama administration.
For years, Washington’s approach to Tehran’s program has been one of attempting “to put time on the clock,” a senior administration official said, even while refusing to discuss Stuxnet. “And now, we have a bit more.”
Finding Weaknesses
Paranoia helped, as it turns out.
Years before the worm hit Iran, Washington had become deeply worried about the vulnerability of the millions of computers that run everything in the United States from bank transactions to the power grid.
Computers known as controllers run all kinds of industrial machinery. By early 2008, the Department of Homeland Security had teamed up with the Idaho National Laboratory to study a widely used Siemens controller known as P.C.S.-7, for Process Control System 7. Its complex software, called Step 7, can run whole symphonies of industrial instruments, sensors and machines.
The vulnerability of the controller to cyberattack was an open secret. In July 2008, the Idaho lab and Siemens teamed up on a PowerPoint presentation on the controller’s vulnerabilities that was made to a conference in Chicago at Navy Pier, a top tourist attraction.
“Goal is for attacker to gain control,” the July paper said in describing the many kinds of maneuvers that could exploit system holes. The paper was 62 pages long, including pictures of the controllers as they were examined and tested in Idaho.
In a statement on Friday, the Idaho National Laboratory confirmed that it formed a partnership with Siemens but said it was one of many with manufacturers to identify cybervulnerabilities. It argued that the report did not detail specific flaws that attackers could exploit. But it also said it could not comment on the laboratory’s classified missions, leaving unanswered the question of whether it passed what it learned about the Siemens systems to other parts of the nation’s intelligence apparatus.
The presentation at the Chicago conference, which recently disappeared from a Siemens Web site, never discussed specific places where the machines were used.
But Washington knew. The controllers were critical to operations at Natanz, a sprawling enrichment site in the desert. “If you look for the weak links in the system,” said one former American official, “this one jumps out.”
Controllers, and the electrical regulators they run, became a focus of sanctions efforts. The trove of State Department cables made public by WikiLeaks describes urgent efforts in April 2009 to stop a shipment of Siemens controllers, contained in 111 boxes at the port of Dubai, in the United Arab Emirates. They were headed for Iran, one cable said, and were meant to control “uranium enrichment cascades” — the term for groups of spinning centrifuges.
Subsequent cables showed that the United Arab Emirates blocked the transfer of the Siemens computers across the Strait of Hormuz to Bandar Abbas, a major Iranian port.
Only months later, in June, Stuxnet began to pop up around the globe. The Symantec Corporation, a maker of computer security software and services based in Silicon Valley, snared it in a global malware collection system. The worm hit primarily inside Iran, Symantec reported, but also in time appeared in India, Indonesia and other countries.
But unlike most malware, it seemed to be doing little harm. It did not slow computer networks or wreak general havoc.
That deepened the mystery.
A ‘Dual Warhead’
No one was more intrigued than Mr. Langner, a former psychologist who runs a small computer security company in a suburb of Hamburg. Eager to design protective software for his clients, he had his five employees focus on picking apart the code and running it on the series of Siemens controllers neatly stacked in racks, their lights blinking.
He quickly discovered that the worm only kicked into gear when it detected the presence of a specific configuration of controllers, running a set of processes that appear to exist only in a centrifuge plant. “The attackers took great care to make sure that only their designated targets were hit,” he said. “It was a marksman’s job.”
For example, one small section of the code appears designed to send commands to 984 machines linked together.
Curiously, when international inspectors visited Natanz in late 2009, they found that the Iranians had taken out of service a total of exactly 984 machines that had been running the previous summer.
But as Mr. Langner kept peeling back the layers, he found more — what he calls the “dual warhead.” One part of the program is designed to lie dormant for long periods, then speed up the machines so that the spinning rotors in the centrifuges wobble and then destroy themselves. Another part, called a “man in the middle” in the computer world, sends out those false sensor signals to make the system believe everything is running smoothly. That prevents a safety system from kicking in, which would shut down the plant before it could self-destruct.
“Code analysis makes it clear that Stuxnet is not about sending a message or proving a concept,” Mr. Langner later wrote. “It is about destroying its targets with utmost determination in military style.”
This was not the work of hackers, he quickly concluded. It had to be the work of someone who knew his way around the specific quirks of the Siemens controllers and had an intimate understanding of exactly how the Iranians had designed their enrichment operations.
In fact, the Americans and the Israelis had a pretty good idea.
Testing the Worm
Perhaps the most secretive part of the Stuxnet story centers on how the theory of cyberdestruction was tested on enrichment machines to make sure the malicious software did its intended job.
The account starts in the Netherlands. In the 1970s, the Dutch designed a tall, thin machine for enriching uranium. As is well known, A. Q. Khan, a Pakistani metallurgist working for the Dutch, stole the design and in 1976 fled to Pakistan.
The resulting machine, known as the P-1, for Pakistan’s first-generation centrifuge, helped the country get the bomb. And when Dr. Khan later founded an atomic black market, he illegally sold P-1’s to Iran, Libya, and North Korea.
The P-1 is more than six feet tall. Inside, a rotor of aluminum spins uranium gas to blinding speeds, slowly concentrating the rare part of the uranium that can fuel reactors and bombs.
How and when Israel obtained this kind of first-generation centrifuge remains unclear, whether from Europe, or the Khan network, or by other means. But nuclear experts agree that Dimona came to hold row upon row of spinning centrifuges.
“They’ve long been an important part of the complex,” said Avner Cohen, author of “The Worst-Kept Secret” (2010), a book about the Israeli bomb program, and a senior fellow at the Monterey Institute of International Studies. He added that Israeli intelligence had asked retired senior Dimona personnel to help on the Iranian issue, and that some apparently came from the enrichment program.
“I have no specific knowledge,” Dr. Cohen said of Israel and the Stuxnet worm. “But I see a strong Israeli signature and think that the centrifuge knowledge was critical.”
Another clue involves the United States. It obtained a cache of P-1’s after Libya gave up its nuclear program in late 2003, and the machines were sent to the Oak Ridge National Laboratory in Tennessee, another arm of the Energy Department.
By early 2004, a variety of federal and private nuclear experts assembled by the Central Intelligence Agency were calling for the United States to build a secret plant where scientists could set up the P-1’s and study their vulnerabilities. “The notion of a test bed was really pushed,” a participant at the C.I.A. meeting recalled.
The resulting plant, nuclear experts said last week, may also have played a role in Stuxnet testing.
But the United States and its allies ran into the same problem the Iranians have grappled with: the P-1 is a balky, badly designed machine. When the Tennessee laboratory shipped some of its P-1’s to England, in hopes of working with the British on a program of general P-1 testing, they stumbled, according to nuclear experts.
“They failed hopelessly,” one recalled, saying that the machines proved too crude and temperamental to spin properly.
Dr. Cohen said his sources told him that Israel succeeded — with great difficulty — in mastering the centrifuge technology. And the American expert in nuclear intelligence, who spoke on the condition of anonymity, said the Israelis used machines of the P-1 style to test the effectiveness of Stuxnet.
The expert added that Israel worked in collaboration with the United States in targeting Iran, but that Washington was eager for “plausible deniability.”
In November, the Iranian president, Mahmoud Ahmadinejad, broke the country’s silence about the worm’s impact on its enrichment program, saying a cyberattack had caused “minor problems with some of our centrifuges.” Fortunately, he added, “our experts discovered it.”
The most detailed portrait of the damage comes from the Institute for Science and International Security, a private group in Washington. Last month, it issued a lengthy Stuxnet report that said Iran’s P-1 machines at Natanz suffered a series of failures in mid- to late 2009 that culminated in technicians taking 984 machines out of action.
The report called the failures “a major problem” and identified Stuxnet as the likely culprit.
Stuxnet is not the only blow to Iran. Sanctions have hurt its effort to build more advanced (and less temperamental) centrifuges. And last January, and again in November, two scientists who were believed to be central to the nuclear program were killed in Tehran.
The man widely believed to be responsible for much of Iran’s program, Mohsen Fakrizadeh, a college professor, has been hidden away by the Iranians, who know he is high on the target list.
Publicly, Israeli officials make no explicit ties between Stuxnet and Iran’s problems. But in recent weeks, they have given revised and surprisingly upbeat assessments of Tehran’s nuclear status.
“A number of technological challenges and difficulties” have beset Iran’s program, Moshe Yaalon, Israel’s minister of strategic affairs, told Israeli public radio late last month.
The troubles, he added, “have postponed the timetable.”

This article has been revised to reflect the following correction:
Correction: January 17, 2011
An earlier version of this story misspelled, at one point, the name of the German company whose computer controller systems were exploited by the Stuxnet computer worm. It is Siemens, not Seimens.

Stuxnet Worm Used Against Iran Was Tested in Israel – NYTimes.com

var addthis_config = { ui_cobrand: “The MasterTech Blog”}

_______________________________________

Check it out on The MasterTech Blog

Tehran confirms its industrial computers under Stuxnet virus attack
DEBKAfile Exclusive Report September 25, 2010, 6:07 PM (GMT+02:00)

Iran is first nation to admit to being victim of cyber-terror


Mahmoud Alyaee, secretary-general of Iran’s industrial computer servers, including its nuclear facilities control systems, confirmed Saturday, Sept. 25, that30,000 computers belonging to classified industrial units had been infected and disabled bythemalicious Stuxnet virus.
This followed debkafile‘s exclusive report Thursday, Sept. 23, from its Washington and defense sources that a clandestine cyber war is being fought against Iran by the United States with elite cyber war units established by Israel. Stuxnet is believed to be the most destructive virus ever devised for attacking major industrial complexes, reactors and infrastructure. The experts say it is beyond the capabilities of private or individual hackers and could have been produced by a high-tech state like America or Israel, or its military cyber specialists.
The Iranian official said Stuxnet had been designed to strike the industrial control systems in Iran manufactured by the German Siemens and transfer classified data abroad.

The head of the Pentagon’s cyber war department, Vice Adm. Bernard McCullough said Thursday, Sept. 22, that Stuxnet had capabilities never seen before. In a briefing to the Armed Forces Committee of US Congress, he testified that it was regarded as the most advanced and sophisticated piece of Malware to date.
According to Alyaee, the virus began attacking Iranian industrial systems two months ago. He had no doubt that Iran was the victim of a cyber attack which its anti-terror computer experts had so far failed to fight. Stuxnet is powerful enough to change an entire environment, he said without elaborating. Not only has it taken control of automatic industrial systems, but has raided them for classified information and transferred the date abroad.

This was the first time an Iranian official has explained how the United States and Israel intelligence agencies have been able to keep pace step by step of progress made in Iran’s nuclear program. Until now, Tehran attributed the leaks to Western spies using Iranian double agents.
Last Thursday, debkafile first reported from its Washington sources that US president Barack Obama had resolved to deal with the nuclear impasse with Iran by going after the Islamic republic on two tracks: UN and unilateral sanctions for biting deep into the financial resources Iran has earmarked for its nuclear program, and a secret cyber war with Israel to cripple its nuclear facilities.
In New York, the US offer to go back to the negotiating table was made against this background.
Leaks by American security sources to US media referred to the recruitment by Israel military and security agencies of cyber raiders with the technical knowhow and mental toughness for operating in difficult and hazardous circumstances, such as assignments for stealing or destroying enemy technology, according to one report.
debkafile‘s sources disclose that Israel has had special elite units carrying out such assignments for some time. Three years ago, for instance, cyber raiders played a role in the destruction of the plutonium reactor North Korea was building at A-Zur in northern Syria.
Some computer security specialists reported speculated that the virus was devised specifically to target part of the Iranian nuclear infrastructure, either the Bushehr nuclear plant activated last month – which has not been confirmed – or the centrifuge facility in Natanz.
debkafile‘s sources add: Since August, American and UN nuclear watchdog sources have been reporting a slowdown in Iran’s enrichment processing due to technical problems which have knocked out a large number of centrifuges and which its nuclear technicians have been unable to repair. It is estimated that at Natanz alone, 3,000 centrifuges have been idled.

DEBKAfile, Political Analysis, Espionage, Terrorism, Security
Also see Stratfor’s analysis here

Share this|var addthis_config = { ui_cobrand: “The MasterBlog”}

________________________
The MasterBlog





%d bloggers like this: