Issue 53 November 2001	BYTES IN BRIEF® by Editors: Sharon D. Nelson, Esq. and John W. Simek Associate Editor: Amelia C. Hierholzer Editor Emeritus: G.V. Nelson 9500+ subscribers worldwide © 2001 Sensei Enterprises, Inc./Nelson & Wolfe. All rights reserved. This newsletter may not be reproduced or redistributed in any manner except with consent of the copyright owner. Distributed by Silver Law Inc. under license.

PRESIDENT SIGNS USA PATRIOT ACT OF 2001

On October 26th, President Bush signed the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001, temporarily giving authorities more power to track down and hold suspected terrorists. Congress had acted more slowly in passing this legislation than the administration wanted, but Congress was determined to thoroughly debate the issues and protect American civil liberties while expanding the powers of law enforcement authorities. The Act expanded electronic surveillance of phone and Internet communications. The Act also beefs up patrols along the U.S.-Canadian border, establishes a counter-terrorism fund, implements measures to prevent money laundering and other means of financing terrorism, and strengthens criminal laws against terrorism. Congress placed a four-year expiration date on many of the Act's more controversial allowances. The text of the Act may be found http://www.eff.org/Privacy/Surveillance/ Terrorism_militias/20011025_hr3162_usa_patriot_bill.html

BUSH APPOINTS CYBERSPACE SECURITY DIRECTOR

On October 9th, President Bush appointed Richard Clarke as his special advisor for cyberspace security. Clarke will be responsible for coordinating the federal government's efforts to defend the nation's information systems. Clarke has long said that the U.S. might face the electronic equivalent of Pearl Harbor if its cybersecurity is not strengthened. Clarke will report to National Security Advisor Condoleezza Rice and to newly appointed Director of Homeland Defense, Tom Ridge. Clarke will also act as the chairman of a soon-to-be-formed government-wide board that will coordinate the protection of critical information systems.

GILMORE COMMISSION CALLS FOR CYBER COURT

Governor James Gilmore (R-Virginia) said on October 18th that the so-called "Gilmore Commission" would recommend that Congress create a cyber court to exercise oversight in the investigation of suspected computer criminals. Gilmore said that federal judges are slow to approve search warrants and electronic eavesdropping and that the nation should have a cyber court with extraordinary powers to authorize electronic surveillance and clandestine searches of suspected hackers' homes and offices. The commission is seen as quite powerful in Washington D.C. – it was the Gilmore commission which advised President Bush to create an Office of Homeland Security. Reportedly, the commission will say the court should be modeled on the court established in the Foreign Intelligence Surveillance Act. The so-called FISA court is notorious for being a secret, seven judge court that meets in closed proceedings to authorize surveillance requests in national security cases. Proceedings are sealed and probable cause is not required for approval of the requests. Congress created the FISA court in 1978 to oversee foreign intelligence investigations that were too sensitive to take through the normal process. The FISA judges review the Justice Department's requests and, with the exception of one or two cases, have always approved them. Further information may be found at http://www.house.gov/science/press/107pr/107-103.htm

AGENCIES CENSOR PUBLIC INFORMATION

Reversing the modern trend, federal agencies are reviewing their web sites for content useful to terrorists and removing it. The Nuclear Regulatory Commission shut down its web site recently as it worked to remove coordinates of the nation's 103 commercial nuclear reactors. There is no uniform process for the review and some agencies are being more open than others about the materials removed. The Environmental Protection Agency has taken down a site with information about emergency plans and chemicals at 15,000 sites nationwide. The Center for Disease Control and Prevention removed a report about security at chemical plants from its web site. The U.S. Office of Pipeline Safety is also restricting its mapping software and pipeline data to industry and government officials. Further information may be found at http://www.usatoday.com/life/cyber/tech/2001/10/12/govt-sites.htm

DEVASTATING ATTACKS ON NET IMMINENT

A new report by the CERT Coordination Center says a wave of horrific Internet attacks is probably imminent. The threat identified by the report is a variation of the "denial of service" (DoS) attack, commonly used by hackers to block a web site by subjecting it to a barrage of spurious requests. However, the new threat would target routers, key hubs of the Internet's infrastructure, instead of individual websites. "We believe this to be an imminent and real threat with a potentially high impact," says the new report, Trends in Denial of Service Attack Technology, published by the Computer Emergency Response Team, at Carnegie Mellon University in Pittsburgh. Targeting a sufficient number of routers at the same time would be likely to cause a cascading effect, which could bring the whole Internet down. Routers can produce much more destructive DoS attacks than normal by virtue of the sheer load of Internet traffic they handle. An additional problem is that many people neglect to change the default passwords of routers when configuring them. The CERT report may be found at http://www.cert.org/archive/pdf/DoS_trends.pdf

BUSH ISSUES INFRASTRUCTURE PROTECTION ORDER

On October 16th, President Bush issued an executive order titled "Critical Infrastructure Protection in the Information Age". This order creates the "President's Critical Infrastructure Protection Board", another executive branch board to coordinate federal efforts and programs to protect information systems. The order provides that "the Board shall recommend policies and coordinate programs for protecting information systems for critical infrastructure, including emergency preparedness communications, and the physical assets that support such systems." The board's responsibilities will extend to information systems and emergency preparedness communications. The board will be made up of cabinet members and other executive branch officials. The FCC will have one representative on the board. The order also creates a "National Infrastructure Advisory Council", an advisory body made up of representatives of the private sector, academia, and state and local government. The Council is to "provide the President advice on the security of information systems for critical infrastructure supporting other sectors of the economy: banking and finance, transportation, energy, manufacturing, and emergency government services." Further information may be found at http://www.whitehouse.gov/news/releases/2001/10/20011016-12.html

SUPREME COURT DECLINES TO HEAR MICROSOFT CASE

On October 9, the U.S. Supreme Court declined without comment to hear Microsoft's appeal of the decision of the U.S. Court of Appeals for the D.C. Circuit. This leaves the case in the hands of U.S. District Judge Colleen Kollar-Kotelly. The judge had asked the parties to make every effort to settle the case, but they advised her in an October 12th conference call that they had been unable to reach any agreement. In an order issued on October 12th, Judge Kollar-Kotelly named Professor Erik Green, of Boston University, as the mediator in the case, apparently at the urging of both sides. Meanwhile, the 18 states involved in the lawsuit retained noted litigator Brendan Sullivan of Williams & Connolly. Commentators believe that there is now a rift between the federal government and the states, and that the states are positioning themselves to proceed independently if they feel that the federal government is not going to be tough enough in demanding concessions from Microsoft. If the case is not settled, the remedy hearing is tentatively scheduled for March 11th. The Supreme Court's order denying cert may be found at http://www.supremecourtus.gov/orders/courtorders/100901pzor.pdf

MICROSOFT'S MSN.COM BLOCKS OTHER BROWSERS

On October 25, Microsoft retooled MSN.com to coincide with the release of its Windows XP operating system. But oops, Microsoft did not provide support for some browsers competing with its own Internet Explorer. The latest versions of Opera Software's Opera browser, the Mozilla browser, and the HotJava browser displayed an error message when users went to MSN.com. Some older versions of the Netscape browser also failed to reach the Web site. The error message said: "Attention: Web Browser Upgrade Required to View MSN.com. If you are seeing this page, we have detected that the browser that you are using will not render MSN.com correctly. Additionally, you'll see the most advanced functionality of MSN.com only with the latest version of Microsoft Internet Explorer or MSN Explorer. If you wish to visit MSN.com, please select the appropriate download link below." Microsoft said it would fix the technical problem but acknowledged that some other browsers would continue to have a "degraded experience" if they don't support XHTML (Extensible Hypertext Markup Language). By October 30th, most browsers were finally able to access the site. Further information is available at http://www.infoworld.com/articles/hn/xml/01/10/25/011025hnmsnglitch.xml?1026fram

COURT ORDERS ISP TO REVEAL POSTER'S IDENTITY

On October 23rd, U.S. Magistrate Judge James Kirk ordered an Internet Service Provider to reveal the name of a web site operator who runs a web site critical of the University of Louisiana at Monroe and its administration. Judge Kirk issued an order requiring the California ISP, Homestead Technologies, to divulge the identity of the operator of http://www.truthatulm.homestead.com. Kirk granted the order at the request of ULM Vice President for Advancement and External Affairs Richard Baxter, who is seeking the information in order to pursue a defamation case against the site operator. The university is not involved in that proceeding. Further information may be found at http://www.thenewsstar.com/html/2E793DC0-BC20-46E9-B879-D1E4614D23C5.shtml

NET TAX MORATORIUM NOT EXTENDED

Although the House approved a bill that would extend the moratorium of the three-year-old ban on new Internet taxes, the Senate failed to follow suit on October 19th and did not approve extending the moratorium for two more years. Proponents of the moratorium argued that the bill would prevent Internet commerce from being bogged down in multiple taxes and fees. Opponents argued that state and local governments are losing a fortune in tax revenues as more consumers shop online. While a Supreme Court decision prohibits states from collecting taxes on out-of-state retailers unless they have a physical presence in the state, Congress could pass a law that would allow the collection of taxes. Further information may be found at http://www.washingtonpost.com/wp-dyn/articles/A18777-2001Oct18.html

VIRGINIA STRIKES DOWN NET PORN LAW

U.S. District Judge James Michael, Jr. ruled on October 11th that a law designed to restrict Internet content "harmful to minors" is unconstitutional. The ruling prevents the state from enforcing a 1999 law subjecting web site operators to criminal prosecution if they "knowingly" allow minors access to "harmful" sexually explicit material on their sites. Virginia is the fourth state in which courts have struck down such laws. Judge Michael wrote that, "given the current state of Internet technology, enforcement of the act will restrict the access of both adults and children to material considered 'harmful to minors'."

The judge ruled that the law, most recently amended in 2000, violates both the First Amendment and the Commerce Clause. He issued a similar opinion in August 2000 when he temporarily suspended the law pending trial in the case. The ruling was a victory for the plaintiffs, a coalition of about 18 businesses ranging from Internet giant PSINet Inc. to the publishers of Penthouse to the Charlottesville Sexual Health and Wellness Clinic. The businesses argued that the law violates free speech by limiting what adults can say in Internet chat rooms and e-mails and what they can post on web sites as well as unconstitutionally subjecting out-of-state web site operators to Virginia laws without the operators being aware of their exposure. The state has said it will appeal. Further information may be found at http://www.timesdispatch.com/vametro/MGBD8HI4SSC.html

DOJ EXPANDS NET MUSIC INVESTIGATION

The Department of Justice announced on October 15th that it has expanded its antitrust investigation of the online music business, scattering subpoenas throughout the industry focusing on the alleged use of copyright rules and licensing practices to control music distribution. The subpoenas, also known as civil investigative demands, manifest a wide-ranging investigation into "anticompetitive licensing of intellectual property rights associated with provision of music over the Internet." The subpoenas demand documents on terms and conditions in Internet music licensing and the setting of rates in the emerging online-music market. Investigators appear to be determining whether any illegal coordination took place among record labels. The subpoenas were sent to online music distributors and to the recording industry's legal and lobbying representative, the Recording Industry Association of America, which includes the five major labels among its members. Further information may be found at http://www3.zdnet.com/zdnn/stories/news/0,4586,2817926,00.html?chkpt=zdnnp1tp02

FTC TARGETS MOUSETRAPPER/CYBERSCAMMER

Eventually, without ever meaning to, almost every Internet surfer will misspell a word or follow an innocent sounding link only to find oneself lost in a pornographic onslaught from which there is no escape as browser window after browser window pops up endlessly. On October 1st, the Federal Trade Commission announced it had targeted one notorious "mousetrapper," John Zuccarini, doing business as The Country Walk, JZDesign, RaveClub Berlin, and more than 22 names incorporating the word "Cupcake," including Cupcake Party, Cupcake-Party, Cupcake Parties, Cupcake Patrol, Cupcake Incident, and Cupcake Messenger. The FTC says that Zuccarini has been a defendant in 63 separate court cases. It is alleged that he employs more than 5,500 copycat web addresses, domain names that are misspellings of legitimate domain names or that incorporate inverted words or phrases. Once a consumer stumbles upon them, they are barraged by screen after screen advertising various goods and services, including Internet gambling and pornography. A U.S. District Court enjoined Zuccarini's activities pending further order of the court. The FTC will seek a court order to force the defendant to give up his ill-gotten gains. Special code allegedly used by Zuccarini allows "mousetrapping," obstructing a surfer's ability to "close" windows or "go back." A stealth feature is often hidden under the task bar, invisible to consumers, which acts as a timer, launching new windows automatically. The FTC estimates that Zuccarini makes between $800,000 and $1 million annually, by charging the advertisers whose ads are included on his web site. He has lost 53 lawsuits thus far and had almost 200 of his domain names transferred but he is still in business. The FTC complaint was filed in the U.S. District Court for the Eastern District of Pennsylvania. The complaint may be found at http://www.ftc.gov/opa/2001/10/cupcake.htm

AN ELECTRONIC CONGRESS?

Anthrax-ridden Washington is trying to figure out how to run a government if Congress cannot physically convene. The Democratic Leadership Council (DLC) has suggested the possibility of an "electronic Congress." In an online article called "Legislating by Any Means Necessary," the DLC said that a web site could easily be built that would allow legislators and their staffs to debate, draft legislation and vote, perhaps using bio-metrics to enter the site. The current proposal is for the site to be open to the public on a "read-only" basis. Opponents have suggested that the Constitution would prohibit such a measure. Article 1, Section 5 states that "neither House, during the Session of Congress, shall, without the consent of the other, adjourn for more than three days, nor to any other place than that in which the two Houses shall be sitting." The article may be found at http://www.ndol.org/ndol_ci.cfm?kaid=131&subid=192&contentid=3865

RULING ON DOMAIN NAME "INITIAL CONFUSION"

On October 19th, the 3rd Circuit Court of Appeals made a ruling supporting the existence of "initial interest confusion," a concept which involves one company diverting the customers of another by imitating its trademarks, even if the confused customers do not do business with the imitator. The parties in the case were property protection company Checkpoint Systems and network firewall vendor Check Point Software, the current holder of the domain name checkpoint.com. In spite of the court's recognition that initial interest confusion was a genuine issue, it ruled that the initial confusion in this case was insufficient to warrant taking the domain name away from the registrant. Checkpoint Systems has been making security control systems since 1967, including devices used by retailers to keep shoplifters from walking away with merchandise. Check Point Software had argued that it had never heard of the New Jersey company when it launched in Israel in 1993. The appellate panel ruled that the impact of initial interest confusion had to be weighed against such factors as the similarity of the companies' businesses and the sophistication of their customers. While both companies could be said to be in the "security" business, the court found that there was no evidence that New Jersey's Checkpoint Systems was known to those in the information technology world. Moreover, since both products are relatively expensive with relatively sophisticated purchasers, the court found there was not a strong likelihood of confusion. The opinion in the case may be found at http://caselaw.lp.findlaw.com/scripts/getcase.pl?court=3rd&navby=case&no=002373&exact=1

MOBILE PHONE EVIDENCE HELPS CONVICT MURDERER

It was reported on October 17th that Kenneth Fitzhugh, of Palo Alto, California, had been convicted of murdering his wife, partially because of expert testimony from his cell phone provider. Fitzhugh was sentenced to 15 years to life in prison. A school secretary testified that she called Fitzhugh on his cell phone when his wife, a music teacher, failed to show up for work. Fitzhugh told the secretary that he was driving through San Mateo on his way home to Palo Alto. An engineer with Verizon Communications testified that Fitzhugh couldn't have been driving through San Mateo because company records showed that the antenna his phone used was above the 500 block of University Avenue in Palo Alto. This proved he was much closer to home, where he was ultimately found to have bludgeoned and strangled his wife to death. Fitzhugh had also said that he made a call to check up on his wife, but cell phone records showed no evidence of such a call. Further information may be found at http://www.wired.com/news/business/0,1367,47546,00.html

RECOMPILED VARIANT OF NIMDA ARRIVES

On October 29th, a recompiled version of the NIMDA worm appeared, known as NIMDAe. The fact that it is recompiled suggests that the original author of NIMDA has coded the new variant. Anti-virus firms have already released patches and system administrators as well as individual computer users are urged to patch their systems against NIMDAe. The Nimda worm/virus hybrid first spread across the Internet in mid-September, spreading itself as an e-mail attachment, through web sites, through shared hard disks on networks, and by infecting users who browsed Web pages hosted on infected servers. NIMDA had spawned three variants before NIMDAe, but none were particularly alarming. The new variant is thought to be more dangerous, especially since it is believed that many users defeated the old NIMDA by updating their anti-virus software without patching their browsers and because the new variant was intentionally coded to avoid detection by anti-virus software. Further information may be found at http://www.infoworld.com/articles/hn/xml/01/10/30/011030hnnimda.xml