Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Slashdot Log In

Log In

Create Account  |  Retrieve Password

Slashback: Quinn, InfoCards, McKinnon

Posted by ScuttleMonkey on Wed Feb 15, 2006 06:59 PM
from the extradition-not-to-include-unjust-imprisonment dept.
Slashback The Media Government The Courts News Science
Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories, including The Boston Globe's Ombudsman speaks on Peter Quinn story, Microsoft continues to push their password-less approach to web browsing, Gary McKinnon extradition reopened, and more news on the organic car fuel front -- Read on for details.

Globe's Ombudsman silent no longer. Andy Updegrove writes "For two months, the ombudsman of the Boston Globe has been silent on the reporting that helped bring about Massachusetts CIO Peter Quinn's resignation. Last night, in response to an entry pointing out that silence at the Standards Blog, ombudsman Richard Chacon at last responded, admitting to "lingering questions over why the [Quinn travel investigation] story was allowed to run without comment from Eric Kriss," but standing by "the initial reasons for looking into the story." Chacon also promises to report back with further observations after contacting Peter Quinn."

Microsoft continues push for 'InfoCards'. FrankieBoy writes "Bill Gate kicked off the RSA computer conference in San Jose, CA by unveiling a few more details about their new 'InfoCard' system in the upcoming IE7. With InfoCards people could save personal information on virtual cards on their computers which websites would recognize removing the need for many different internet passwords."

Gary McKinnon extradition hearing reopened. earthlingpink writes "BBC News is reporting that the extradition hearing has reopened for Briton Gary McKinnon who is accused by the US of hacking into military computers. The damages he has caused is estimated at £370,000 (about $640,000 today) and he is said to face more than 45 years in prison. The original story and audio interview were both covered by Slashdot in June of last year."

Bugs to help kick oil addiction. Mr. Ghost writes "Bugs such as certain species of termites and fungi such as Trichoderma reesei may be the key to effectively and cheaply generate ethanol from cellulose. Small companies like Iogen and large international energy companies like Royal Dutch Shell are putting more and more money into this research. This type of technology may even be a way for the American automobile industry to gain back market share from its competitors."

+ -
story

Related Stories

[+] Politics: Peter J. Quinn Investigated for Travel Omissions 120 comments
tadelste writes to tell us O'Reilly is reporting that a recent story in the Boston News about Peter J. Quinn is nothing more than a desperate attempt to slant public opinion in the Massachusetts OpenDocument frenzy. While we have documents showing Microsoft's lobbyists paying for big trips for the former House Majority Leader and his family to go to England and Scotland, Mr. Quinn seems to be getting the spotlight for incomplete travel records. From the article in question: "On most of the trips, Quinn said, his travel and other expenses were paid for by the sponsors of the conferences. On two of the trips -- to Tucson and Washington, D.C. -- Quinn paid his own way, according to state records and an interview with Quinn."
[+] Is Ethanol the Answer to the Energy Dilemma? 342 comments
n0xin writes "According to Fortune, "The next five years could see ethanol go from a mere sliver of the fuel pie to a major energy solution in a world where the cost of relying on a finite supply of oil is way too high." In an effort to meet fuel-economy standards, automakers already have 5 million ethanol-ready vehicles on the road. Supporters are optomistic that "we can introduce enough ethanol in the U.S. to replace the majority of our petroleum use in cars and light trucks." Are SUVs included in this category?"
[+] Politics: Alleged British Hacker Fears Guantanamo 661 comments
Magnifico writes "The BBC is reporting that Gary McKinnon, a British man accused of breaking into the U.S. government computer networks, could end up at Guantanamo Bay. His lawyer is fighting his extradition to the United States arguing, 'The US Government wants to extract some kind of species of administrative revenge because he exposed their security systems as weak and helpless as they were.'"
[+] NASA Hacker Gary McKinnon Interviewed 402 comments
An anonymous reader writes "A BBC article reports about an interview between Click and Gary McKinnon who in 2002 hacked into NASA and other US Military networks. In the interview he talks about how he accessed machines by using default passwords and a conversation with a NASA network engineer using Wordpad. He also talks about how he found information about anti-gravity, UFO technology, free energy and how UFOs are regularly airbrushed out from high-resolution satellite images."
[+] Your Rights Online: UK Hacker loses Extradition Case 370 comments
SnakeOil Steve writes to tell us that Gary McKinnon, the alleged hacker who broke into Army, Air Force, Navy, and NASA systems, has just lost his extradition case. From the article: "'My intention was never to disrupt security. The fact that I logged on and there were no passwords means that there was no security,' McKinnon said, outside the hearing at London's Bow Street Magistrates Court. 'I was looking for UFOs.'"
This discussion has been archived. No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Slashback: Quinn, InfoCards, McKinnon 50 Comments More /

 Full
 Abbreviated
 Hidden
More
Loading... please wait.

  • Nice. (Score:5, Insightful)

    by NoMoreNicksLeft (516230) <[ten.tsacmoc] [ta] [relyo.nhoj]> on Wednesday February 15 2006, @07:09PM (#14728716) Journal
    So stealing my laptop will allow anyone to go to websites and impersonate me?
    • So stealing my laptop will allow anyone to go to websites and impersonate me?

      Why, yes, yes it will.

      Aren't you sleeping soundly, Citizen?

      Trust the Computer: The Computer is Your Friend.
    • So stealing my laptop will allow anyone to go to websites and impersonate me?

      They can do that now, depending on what tools you use to store your information. All of the better browsers have some kind of password memory. If you took Bill's bait, you are using passport, the one password to rule them all. Of course, any of the keyloggers that propagate by M$ born worm will remember your passwords without telling you and Microsoft's "fast find" has kept a log of everything you type since 98. The real thin

      • "Someone who knows what they are doing does not have to steal your laptop to get what they want out of it."

        well, besides the laptop that is.

        It is extremely limely that the thief would be stealing the laptop, any information found on the laptop would be icing.

        This same technology could cause a problem with any OS, not just MS. Including B$D, O$X, and the variety of Linuk$ distros.

        The problem is, it identifies the computer only, not the person using it.

      • They can do that now, depending on what tools you use to store your information. All of the better browsers have some kind of password memory.

        I don't know how other browsers/platforms implement this, but Safari on Mac OS X stores all password info in the Keychain. So the info is only available if you can get into that.

        The default Keychain is unlocked when you log in, but you can create any number of other Keychains and keep them locked. Move the password data stored by Safari into a different keychain that

      • IE has password memory. So does Mozilla / Firefox, Opera, Safari, and a host of other browsers. It's a feature to make it easier to access sites, but users with high authentication should know that that ease comes at a cost of security. Admittedly many non-IE browsers have a "master password" structure whereby you type one password for it to remember all of your passwords on demand (as mentioned by a sibling post about Safari), but said poster also recognized that most of these systems ship with the feat
        • These people [fuckmicrosoft.com] have the lowdown on what M$ keeps track of without telling the user. Fast find remembers your passwords and everything else you type. It's one small part of the tools that defeat any serious attempt at security on Microsoft platforms.

    • Re:Nice. (Score:4, Funny)

      by Xeo 024 (755161) on Wednesday February 15 2006, @07:41PM (#14728919)
      Nah, you're just being paranoid. I'm sure no one has the time to "go to websites and impersonate" other people. Have some faith in your fellow man..

      -CmdrTaco
    • So stealing my laptop will allow anyone to go to websites and impersonate me?

      Sorry to deflate your ego, but they are just interested in emptying your bank account and stealing your identity.

      If it involves impersonating you, that's where they would draw the line. Because that would involve too much work and not be worth it.

  • Passport The Standard? (Score:5, Insightful)

    by webmistressrachel (903577) on Wednesday February 15 2006, @07:13PM (#14728743) Journal
    I see how Microsoft would like to position their system (passes, OS, Mail Client, etc.) as the "standard". Even previous versions of Windows allowed users to talk to everybody and anybody. Now it seems they have found another way to cut out 3rd-party companies, or get license fees (thus still dominating the market).

  • Collection of InfoCard Issues (Score:5, Informative)

    by Anonymous Coward on Wednesday February 15 2006, @07:23PM (#14728806)
    At a Harvard workshop last week on user-centric identity, a bunch of us agreed to collect InfoCard issues as we hear about them. While work in progress, and your mileage my vary, I put an initial list of those on my blog.

    http://netmesh.info/jernst/Digital_Identity/micros oft-infocard-issues.html [netmesh.info]

    Kim Cameron, the chief identity architect at Microsoft, agreed to take them back into Microsoft to hopefully get them resolved.

  • Ombudsman didn't really respond at all (Score:4, Informative)

    by Error27 (100234) <error27&gmail,com> on Wednesday February 15 2006, @07:29PM (#14728848) Homepage Journal
    I hate how lazy and irresponsible the mainstream media is these days.

    The original article basically implied that Quinn was taking gifts from vendors to travel to conferences all over the world. This turned out to be false. So basically falsehoods. My feeling is that Quinn deserves an appology at minimum.

    Then the "investigation" is just the Ombudsman phoning the reporter up, the reporter says there isn't any issue so it's fine. Plus some excuses about how busy the Ombudsman is and how his assistant is only part time. Mix in a few ad hominem attacks.

    Nice. Way to go. It's goot that we have moronic lazy turd to keep everyone honest.

  • InfoCard and Passport (Score:4, Insightful)

    by truthsearch (249536) on Wednesday February 15 2006, @07:42PM (#14728925) Homepage Journal
    Microsoft already had a universal password system fail: Passport [msversus.org]. The majority of web site owners simply didn't trust Microsoft enough to integrate their security in any way.
  • Microsoft continues push for 'InfoCards'. FrankieBoy writes "Bill Gate kicked off the RSA computer conference in San Jose, CA by unveiling a few more details about their new 'InfoCard' system in the upcoming IE7. With InfoCards people could save personal information on virtual cards on their computers which websites would recognize removing the need for many different internet passwords."

    Wow! What a novel idea! It's like I'll have my own personal Passport for the internet letting all companies know who I

  • How much land? (Score:3, Interesting)

    by TheEvilOverlord (684773) on Wednesday February 15 2006, @08:14PM (#14729097) Journal
    effectively and cheaply generate ethanol from cellulose

    I wonder does anyone know how much land this would take up?

    A. What's the richest source of cellulose
    B. Based on the energy value of the ethanol produced from say 1 tonne of the crop, how much land is going to be needed to replace the oil consumtion in private cars in the USA?

    I bet it's not a small amount...
    • "A. What's the richest source of cellulose"

      A Midwesterns thighs!

      Question:
      At about 60 dollars a barrel it starts to become more profitable to sell crops for bio-fuel then it does to sell it to the food market.
      What do you think farmers are going to do?

    • Re:How much land? (Score:4, Informative)

      by gone.fishing (213219) on Wednesday February 15 2006, @09:10PM (#14729387) Journal
      You have some good questions and I don't have the answers however, I can share some insight that I do have.

      Any woody or grassy plant is an excellent source of cellulose. This means that much land that is currently thought of as unprofitable would be well suited to grow the crop. For instance swamps could be harvested (without harming the wetlands in the winter) and could provide a huge amount of the raw matterials. "Slash and trash" from forests being harvested for lumber and pulp could also supply a lot of cellulose from the branches, leaves, and roots that are currently unused.

      From what I have read the conversion of cellulose to ethanol is pretty efficient; the bugs eat the woody stuff and crap out suggary stuff that is made into ethanol using pretty normal, efficient processes. Think of these bugs like yeast, they eat and reproduce quite well given the proper circumstances so their added cost is minimal.

      While the amount of land required to produce the feedstock for an ethanol production facility is something to consider, along with the costs of producing ethanol, this is only one part of the formula. The other side is the fact that oil that the United States imports puts us at the mercy of some people who we don't want controlling us. If we can put ourselves on a diet and reduce the amount of energy we import, we have a safer country and a more stable economy while we put Americans to work making something that we currently pay someone else for. When we reduce the demand for oil it is even likely that the oil that we do import will be less expensive (we are a major consumer of oil and the law of supply and demand will slide in our favor).

      Ethanol is not a new, unique, or unusual fuel. Brazil is already up and running on an alcohol based economy, the lion's share of their fuel is produced in Brazil from sugar cane. In the MidWest of the United States, many states require all of the fuel sold in their state contain ten percent ethanol. In Minnesota (where I live) we recently increased the minimum amount of ethanol to twenty percent. We have a number of ethanol plants here that are distilling ethanol from corn. E85 us also making inroads. I have not noticed any difference in the way my cars run (2000 Dodge pickup, 2000 Chevy Venture, and a 1993 Ford Explorer) since the switch. Regular gas here today was $2.04/gal. Some people say their gas mileage is about the same but I'd say that I have seen a slight decrease in the MPG from "real" gas, I would guess the number to be about 5% reduction in MPG. Still even assuming a slight reduction in MPG, how does $2.04 stack up against the price you are paying for gas?

      • "Slash and trash" from forests

        That just gave me a horrible vision of poor people slashing any vegetation they can find just to have it processed as fuel to make a quick buck. Going to have to be careful who can supply the fuel chain or this could just cause more environmental harm.

        $2.04

        LOL I wish I could get petrol [wikipedia.org] so cheap. I'm assuming that $2.04 is per US gallon. That's 31.0 pence per litre. Here petrol is 94.9, which is $6.25 per US gallon.

        *sigh*
        • "Slash and trash" is the stuff loggers leave behind after they have harvested the timber - it is mostly small branches, leaves, and root stock. In a way, commercial timber harvesting is horrible, clear cutting leaves the land pretty baren. Still, timber is like any other crop, it is able to be replanted and grow back. It just takes a bit longer.

        • We have had ten percent ethanol in our fuel here in Minnesota for many years. I personally have never had to replace any part that has been damaged by ethanol and I don't expect the old Explorer to suffer any worse with twenty percent. Frankly, I think ethanol helps keep the fuel system cleaner.

          Alcohol is less volatile than gasoline in cold weather but the lion's share of every-day cars on the road are now fuel injected and that more than makes up for some alcohol in the gas (injectors vaporize fuel much
    • Would it be possible to do something similar to what they talk about in all the sci-fi novels where they grow various plants including alges in hydroponic tanks (or something similar) and then use the energy stored in the results as a fuel?

  • For instance, if a user clicks on an e-mail that takes the Internet browser to a suspicious site, the address location of the Web site will show up highlighted in the color yellow. On top of that, a certificate badge on the browser will turn yellow. If the user clicks on the badge icon, they can immediately report the suspicious site to Microsoft.

    So how exactly do they determine that a site is suspicious? Further escalation in the eternal arms race ...

    Similarly, if a user clicks on a suspicious file tha

  • Because its a crime stupid. (Score:3, Insightful)

    by Chiminea (696521) on Wednesday February 15 2006, @08:53PM (#14729311)
    McKinnon did not accidently wander into those systems, he did it intentionally knowing he was breaking the laws in both the UK and the USA. I took over as SA on a machine he had previously compromised. When it was determined that it had been "hacked" (yeah it takes mad skillz to exploit the old default MS SQL password) I had to report it and deal with the ensuing fun. After the forensic analysis (which was very fruitful) the box had to be reinstalled from scratch:NT,SQL and a particularly ugly document management application. Now those of you reading this who are actual professional system administrators know that we probably had other things to do. So if Gary is worried about spending time in a Virginia prison, tough. Thats where we keep criminals. (Sorry, didn't mean to rant).
    • I'm not sure I would even characterise someone who entered a system that still had the default password as a criminal. It's like leaving a door open and then complaining someone came in. At best you could call it trespass (which isn't criminal).

      Personally I'd get mad with the fuckwit who didn't change the password first.

      Justin.
        • I can see both sides, really, but I don't think a default password even implies you aren't meant to go in. It means the owner has made exactly zero effort to secure it. Zero. Now consider the real world equivalent of no security effort whatsoever: a closed, unlocked door at best.

          One thing I hate is the current perception that, in law, the digital world should have more protection than the physical one. The presumption of freedom should triumph in both realms.

          Justin.
  • From the Seattle Post Intelligencer http://seattlepi.nwsource.com/business/259391_inf o card14.html/ [nwsource.com]

    At the same time, the company [Microsoft] says it doesn't want InfoCard to be the only program of its kind. The program uses non-proprietary communications standards, and Microsoft says it would like to see the people and companies behind other operating systems, such as Linux and Apple's Mac OS X, create their own programs similar to InfoCard, to make the approach more common.

    The approach "essentially adds an

    • Troll on, but you miss the mark, my uninformed friend.

      This is nothing to do with data aggregation, targeted advertising or behavior tracking. It is not invasive software, surreptitiously installed while a user beleives they are performing another action.

      This is more akin to "soft token" technologies:
      http://www.rsasecurity.com/rsalabs/node.asp?id=214 1 [rsasecurity.com]
      http://www.actividentity.com/en/products/4_2_6_sof tware_token.php [actividentity.com]
      http://www.securehq.com/group.wml&deptid=80&groupi d=566 [securehq.com]

      The catcher is that this is
      • All thjat does is identify the machine, not the user.
        • Make no mistake, no security scheme (at least that is feasible for average use) will ever be perfectly secure. But when saying "all that does is identify the machine, not the user" you must consider "what does the current system (passwords) identify?".

          The answer is nothing. Passwords are probably just about the worst security method you could imagine (besides no security at all)! They just happen to be the easiest method, so they became default.

          If you spend some times actually researching InfoCard, y
          • So I still need a password? but now only one password is needs to access everything? Why not just use Password Safe?

            The point is, people don't know how to make good passwords. Very often, so called 'expert' give bad advise about creating passwords.

            Bear in mind, a lot of people still have to be walked through the steps to get to explorer on windows.

      • Why do banks and others continue to insist on support for such old browsers anyway?
        Does anyone have any actual evidence to support the theory of "We need to support version 4 browsers because our customers use them"?
        Is it not true that MORE people are using current-version alternatives (i.e. Mozilla, Firefox, Opera, Konquer, Safari, Netsacpe 8, Camino etc) than are stuck with dinosaurs like Netscape Communicator and Internet Explorer 4?
      • Troll on, but you miss the mark, my uninformed friend.

        Whether he is uninformed or not is not really the point; many large corporations/industries already take a dim view of Microsoft's wheelings and dealings, and that alone will make this hard to implement. Add to that the mere fact that it *is* X.509 PKI we're talking about, and the scenario completely falls apart. It's here where the OSS world starts to shine, with its OpenPGP PKI and its lack of reliance on central CA.


    • Once I have your laptop I will just connect the drive to my computer and mount it myself, thus bypassing your random bazillion charater password if you like.

      Personally I store my passwords using secstore and authorize using factoum, so my keys never need to be stored locally. I boot my laptop from a CDrom and mount my drives over the network, wherever I am. It doesn't even have local storage unless attach some via USB.

      Relying on SSH is soooo 1999

    • No. You are talking about PIN/Password caching, in an encrypted store. Think Mac keychain.

      This is an identity system, that supports federation, incorporates policy negotiation and can establish reputation with third-parties.

      It is Passport, without the central identity repository - similar to Liberty Alliances' SAML work, but in the WS-Security framework, and with extended user functionality.
    • Huh? I'm pretty sure IE has a password-storing thing like most alternative browsers do. It has some sort of form-remembering option, anyways. That said, it's not too difficult to remember passwords. What's difficult is the websites that force you to use some retarded thing because they think you having 9skmdl10d1337os for your password is going to make it harder to steal after you input it into some phishing site because you're a freakin' idiot, and as a result remembering what password goes with what s
    • Unfortunately the majority of farms these days are corporate farms. Sure, there's still a lot of family-owned farms, but they are slowly getting Borged by the CorpFarms. Also lots of sneaky bullshit where CorpFarms set up deals with companies so they get better deals when they sell their products than the family farms can get.

    • At 60 dollars a barrel it begins to become more profitable to use foods for bio-fuels. So farms will sell their products to bio-fuel companies and not to the store.

      And why would the energy companies invest in this? They could dominate this market, as well as other alternative markets, which will be less costly to protect and set up.
      Of course, at it's current rate of growth, in 2030 Cina alone will need 94million barrels of oil per day. Currently 84 million barrels per day is pulled out of the ground for the
    • "The only problem is, this will put the oil companies out of business."

      If you think about it why would they let themselves go out of business? Who is to say they wont buy out bio firms and farms working on alt fuels? Trust me, one day driving by exxon and shell farms producing the raw material for ethanol and bio diesel.

    • The only problem is, this will put the oil companies out of business


      Actually, no they won't. They will stay in business, providing petroleum based products for military, commercial, and business uses. This would include jet fuel, diesel, solvents, plastics, etc. I can even see them continuing to make gasoline for a long time for old car buffs.

      It won't put them out of business, but may keep them in business for a much longer time.
    • The bad things are:

      1, 2, 3. It's a virtual card.

      4. The card is part of IE7 and Vista.
      In the consumer market, OEM Windows is cheap and prices are stable.

        • Yes because passwords are so much more secure we should never ever consider another method.
           
          At least someone might notice a lost pda quickly, how long will it take them to realize someone just copied their post-it note.
            • Combine both a security card and a password.

              Basicly, in order to use the computer, you need both a security card and a password. Anytime you remove the card, the computer locks. Then, when you come back, you put the card back in and type in the password.

              Would be a good solution for increasing security at big corporations (because its much harder to get both the card and the password) and it would reduce the problem of people with post-it note passwords. Hopefully such a system would reduce the need to have
      • Absolutely correct, especially the non-zero-sum bit.

        Here's another point to ponder, on the "rising tide lifts all boats" theory:

        If fuel were agriculturally produced rather than mined/drilled, the US could remove some of the incredibly market-distorting Farm Parity payouts - essentially, we could stop using taxpayer money to bribe farmers not to grow crops.

        We pay off the farming [downstreet.net] mafias [usdoj.gov] to keep food prices artifically high [nationalaglawcenter.org], so that there is an economic incentive to continue to produce food. If our ever-incre

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.