September 16, 2007

Microsoft caught doing stealth updates

Microsoft caught doing stealth updates

 

By Jose Vilches, TechSpot.com

Published: September 13, 2007, 6:34 PM EST

 

Software giant Microsoft has been caught updating files on both Windows XP and Windows Vista without displaying the usual notification or permission dialog box – even if the user had previously disabled automatic updates. Microsoft, however, calls it built-in behavior and no cause for alarm.

 

Scott Dunn of “Windows Secrets”, reports nine files in XP and Vista have been altered by Windows Update in what he calls a stealth move by Microsoft. The updates are upgrades to the Windows Update service itself, and are not harmful to the system. However, the tactics used by Microsoft to perform them are comparable to those used by spyware companies, thus raising some concerns among the privacy minded.

 

So what is happening here? Windows Update program manager Nate Clinton explains in a blog post:

 

To ensure on-going service reliability and operation, we must also update and enhance the Windows Update service itself, including its client side software. These upgrades are important if we are to maintain the quality of the service. […]The point best place to buy cialis of this explanation is not to suggest that we were as transparent as we could have been; to the contrary, people have told us that we should have been clearer on how Windows Update behaves when it updates itself.

 

This is not the first time Microsoft has pushed updates out to users who prefer to test and install their updates manually. Back in October it was discovered that the anti-piracy program Windows Genuine Advantage was being downloaded and installed without asking users for their consent.

Go to source>>

Permalink • Print • Comment

September 13, 2007

Running the numbers on Vista

 

Running the numbers on Vista

 

By Ina Fried, News.com

Published on ZDNet News: Sep 11, 2007 12:25:00 PM

 

Sales of boxed copies of Windows Vista continue to significantly trail those of Windows XP during its early days, according to a soon-to-be-released report.

 

Standalone unit sales of Vista at U.S. retail stores were down 59.7 percent compared with Windows XP, during each product's first six months on store shelves, according to NPD Group. In terms of revenue, sales are also down, but the drop has been less steep, at 41.5 percent. The findings largely mirror the sales pattern NPD saw for Vista during its first week on the market in January.

 

"It's just not doing well," NPD analyst Chris Swenson said of Vista's performance at retail stores, though he added that most people get their operating system on new PCs, with only a minority of customers purchasing boxed copies. The report, titled "Windows Vista Still Underperforming in U.S. Retail," will be sent to clients Friday.

 

Microsoft also agreed that an analysis of boxed copy sales is not representative of Vista's momentum, noting the trend of people getting a new operating system with a new PC has further accelerated with Vista.

"While we can't comment on the findings of a report we haven't seen, we continue to be on track in all segments we follow," the company said in a statement to CNET News.com. "As of this summer, more than 60 million licenses have been sold."

 

Microsoft noted in a regulatory filing that more than 80 percent of its Windows revenue comes from computer makers that install the operating system on new machines, with boxed copies accounting for only a fraction of total sales. And the PC market is far larger than it was five years ago. According to research firm Gartner, roughly 239 million PCs were sold worldwide last year, compared with 128 million in 2001.

 

In many ways, sales of Vista are tied closely to the rate of PC sales. One of the big variables is how quickly businesses move to adopt Vista. Most businesses are not moving to the operating system in significant numbers yet, though Microsoft has begun to tout a few large deployments from corporations including Infosys, Citigroup, Charter Communications and Continental Airlines.

 

Ahead of Vista's release, the software maker said that it expected businesses to adopt the new operating system at twice the rate of XP during its first year on the market.

 

However, many businesses have said they are waiting until Microsoft releases the first update to Vista before considering deployments of the operating system. Microsoft is starting beta testing of its first service pack for Windows Vista, though that update won't be released in final form until next year.

 

News on the retail front is brighter for Office, which was released to stores the same day as Vista.

 

Retail sales of Office products from January through June were roughly double those of Office 2003 during its first best cialis six months on the market and up 59.6 percent from Office sales for the first six months of last year. (Sales of Office 2003 at retail continued to grow over the life of the product.)

 

While much of the sales were for the new Office 2007, Swenson said just over 20 percent of all boxed copies of Office were Office for Mac. Swenson credited the large number of people switching to Macs as part of the reason for the spike in Mac Office sales.

 

"If I buy a new PC I can reuse old Windows software," Swenson said. But, if someone is switching from a PC to a Mac and wants Office, he said, "you have to buy new software."

 

NPD's data comes from its monthly sales reports of software sold at major retailers including Best Buy, CompUSA, Target and Apple's retail stores. It also includes e-commerce sites such as Amazon.com, Buy.com and BestBuy.com.

 

As for why Vista sales are down, Swenson said it is probably because of a number of factors. More stringent hardware requirements mean that more buyers who want Vista decide to get a new PC, particularly as computer prices have come down so steeply compared with XP's early days. Also, he said, Microsoft has done less advertising than it did with XP.

 

"The problem is that there are a lot of complex new features in Vista, and you need to educate consumers about them," Swenson said. "Much like Apple educating the masses about the possibilities of the iPhone, or focusing on a single feature or benefit of the Mac OS in the Mac vs. PC commercials, Microsoft should be educating the masses about the various new features in a heavy rotation of Vista in TV, radio and print ads. But the volume of ads has paled in comparison to the ads run for XP."

Just because boxed Vista sales are down doesn't mean they won't pick up, he added. He noted that XP sales peaked a few years after its 2001 launch.

 

"My hypothesis as to why is that there were a lot of people that bought PCs running 2000 or ME before the XP launch, and thus when they decided to upgrade they opted for the XP upgrade awhile after their initial purchase," Swenson said. "There is a possibility that we might see a similar trend with Vista."

 

But given the fact that only relatively new PCs can be upgraded to Vista, and with standalone sales not showing signs of improving, Swenson said, "it's looking less and less likely that this will happen."

 

Go to source>>

 

Permalink • Print • Comment

Judge deals blow to Patriot Act

 

Judge deals blow to Patriot Act

 

best cialis prices Arial”>By Declan McCullagh, News.com

 

Published on ZDNet News: Sep 6, 2007 1:11:00 PM

 

A key portion of the Patriot Act is unconstitutional and violates Americans' free speech rights, a federal judge said Thursday in a case that could represent a bitter setback for the Bush administration's attempts to expand its surveillance powers.

 

U.S. District Judge Victor Marrero said the section of the Patriot Act that permits the FBI to send Internet service providers secret demands, called national security letters, for customer information violates the First Amendment and unreasonably curbs the authority of the judiciary.

 

FBI agents can use NSLs to surreptitiously obtain logs of American citizens' e-mail correspondence, a list of Web sites visited and queries submitted to search engines, without obtaining a judge's approval in advance. NSLs can also be used to obtain bank and telephone records. They are supposed to be used only when an investigation is allegedly relevant to a terrorist investigation.

 

FBI's surveillance push

 

The Patriot Act expanded the FBI's use of national security letters, which are secret and powerful demands for business records. The FBI can use them to obtain an itemized list of all the e-mails sent and received by the target of the NSL, and it can seek information on individuals communicating with that person. It can even discover the Web sites an American citizen has visited and queries submitted to search engines. The use of NSLs increased dramatically after September 11, 2001, as you can see by these partial figures made available by the Justice Department's inspector general (click for PDF). Each row represents the total NSL requests made during that calendar year.

 

2000: About 8,500

2003: 39,346

2004: 56,507

2005: 47,221

 

In a 106-page decision (click for PDF), Marrero said the gag orders that can accompany NSLs are not "sufficiently narrowly tailored" to survive First Amendment review. In addition, he said, the law's attempt to limit judicial review "offends the fundamental constitutional principles of checks and balances and separation of powers" and "reflects an attempt by Congress and the executive to infringe upon the judiciary's designated role under the Constitution."

 

Marrero barred Attorney General Alberto Gonzales and FBI Director Robert Mueller from issuing NSLs, but delayed the effective date of the prohibition for 90 days to give the Bush administration a chance to appeal.

 

Although the U.S. Department of Justice is expected to appeal the ruling to the U.S. Court of Appeals for the 2nd Circuit, it declined to confirm its plans on Thursday. A spokesman said only that "we're reviewing the decision and considering our options at this time."

 

The lawsuit was brought by the American Civil Liberties Union, which applauded Thursday's ruling. "Courts have a constitutionally mandated role to play when national security policies infringe on First Amendment rights," said Jameel Jaffer, director of the ACLU's National Security Project. "A statute that allows the FBI to silence people without meaningful judicial oversight is unconstitutional."

 

A report published in March by the Justice Department's inspector general found "serious misuse" of NSLs on the part of the FBI. But because unlawful use of NSLs is not a crime–unlike conducting an unlawful wiretap, which is a federal felony–no prosecutions were brought. Also in March, The Washington Post published a first-person account by the president of an Internet company who received an NSL. "I resent being conscripted as a secret informer for the government" for the past three years, the writer said.

 

In an odd twist, this is the second time that Marrero, a judge in the Southern District of New York, has struck down NSLs as unconstitutional.

 

The first ruling came in September 2004, when he ruled that the NSL portions of the original version of the Patriot Act enacted three years earlier were unconstitutional.

 

After the Justice Department appealed, the 2nd Circuit Court of Appeals temporarily blocked Marrero's order from taking effect during the course of the appeal. But before the appeal was complete, Congress rewrote portions of the Patriot Act including the NSL section, which led the appeals court to send the case back to Marrero to evaluate whether the revisions passed constitutional muster.

 

Such letters are not new. Before the Patriot Act was enacted a few weeks after the September 11, 2001, terrorist attacks, they could be used in investigations of suspected terrorists and spies. But after the change to the law, the FBI needed only to say that a letter may be "relevant" to a terrorist-related investigation. No court approval is required.

 

NSLs to telecommunications firms originated with a 1986 law called the Electronic Communications Privacy Act, which permitted them only in relation to an investigation of "an agent of a foreign power." That once-strict requirement was broadened in 1993 and again by the Patriot Act eight years later.

 

The most recent changes to NSLs came in mid-2006 with the revisions to the Patriot Act. It said that senior FBI officials could forever prohibit the recipient from disclosing the existence of the NSL "to any person" other than their lawyer with five years in prison as a punishment

 

Pasted from <http://news.zdnet.com/2100-9588_22-6206570.html?tag=nl.e550>

 

Permalink • Print • Comment

Court Rules National Security Letters Unconstitutional

 

* Court Rules National Security Letters Unconstitutional

 

In a big victory for your online privacy and civil liberties, a federal court ruled that "National Security Letters" (NSLs) violate the Constitution.

 

Under the USA PATRIOT Act, NSLs allow the FBI to spy on Americans' telephone, Internet, and other records without any court approval and regardless of whether the target is suspected of a crime. With a single piece of paper, the FBI could average cost of cialis force your ISP to turn over detailed information about your Internet communications, including the Web sites you've visited and the email addresses you've written to.

Worse still, an NSL recipient is barred from notifying anyone else about the demand.

 

Last week, Judge Marrero ruled that this "gag order" is unconstitutional, and, in so doing, struck down the entire NSL statute. The gag not only tramples on the recipient's First Amendment rights but also prevents courts from fulfilling their Constitutional duty to check the other branches of government and scrutinize the restriction.

 

Meanwhile, EFF is continuing to fight hard to expose the truth about the NSL abuse through our Freedom of Information Act litigation. In the wake of the inspector general's report, EFF filed a lawsuit seeking fundamental information about the FBI's power grab. On June 16, 2007, a federal judge ordered the FBI to process 2,500 pages a month responsive to EFF's request. You can find the documents here:

http://www.eff.org/flag/07656JDB/

 

The ACLU has more on the decision here:

http://www.aclu.org/safefree/nationalsecurityletters/31580prs20070906.html

Permalink • Print • Comment

F.B.I. Data Mining Reached Beyond Initial Targets

The New York Times 


September 9, 2007

F.B.I. Data Mining Reached Beyond Initial Targets

WASHINGTON, Sept. 8 — The F.B.I. cast a much wider net in its terrorism investigations than it has previously acknowledged by relying on telecommunications companies to analyze phone-call patterns of the associates of Americans who had come under suspicion, according to newly obtained bureau records.

The documents indicate that the Federal Bureau of Investigation used secret demands for records to obtain data not only on individuals it saw as targets but also details on their “community of interest” — the network of people that the target was in contact with. The bureau stopped the practice early this year in part because of broader questions raised about its aggressive use of the records demands, which are known as national security letters, officials said.

The community of interest data sought by the F.B.I. is central to a data-mining technique intelligence officials call link analysis. Since the attacks of Sept. 11, 2001, American counterterrorism officials have turned more frequently to the technique, using communications patterns and other data to identify suspects who may not have any other known links to extremists.

The concept has strong government proponents who see it as a vital tool in predicting and preventing attacks, and it is also thought to have helped the National Security Agency identify targets for its domestic eavesdropping program. But privacy advocates, civil rights leaders and even some counterterrorism officials warn that link analysis can be misused to establish tenuous links to people who have no real connection to terrorism but may be drawn into an investigation nonetheless.

Typically, community of interest data might include an analysis of which people the targets called most frequently, how long they generally talked and at what times of day, sudden fluctuations in activity, geographic regions that were called, and other data, law enforcement and industry officials said.

The F.B.I. declined to say exactly what data had been turned over. It was limited to people and phone numbers “once removed” from the actual target of the national security letters, said a government official who spoke on condition of anonymity because of a continuing review by the Justice Department.

The bureau had declined to discuss any aspect of the community of interest requests because it said the issue was part of an investigation by the Justice Department inspector general’s office into national security letters. An initial review in March by the inspector general found widespread violations in the F.B.I.’s use of the letters, but did not mention the use of community of interest data.

On Saturday, in response to the posting of the article on the Web site of The New York Times, Mike Kortan, a spokesman for the F.B.I., said “it is important to emphasize” that community of interest data is “no longer being used pending the development of an appropriate oversight and approval policy, was used infrequently, and was never used for e-mail communications.”

The scope of the demands for information could be seen in an August 2005 letter seeking the call records for particular phone numbers under suspicion. The letter closed by saying: “Additionally, please provide a community of interest for the telephone numbers in the attached list.”

The requests for such data showed up a dozen times, using nearly identical language, in records from one six-month period in 2005 obtained by a nonprofit advocacy group, the Electronic Frontier Foundation, through a Freedom of Information Act lawsuit that it brought against the government. The F.B.I. recently turned over 2,500 pages of documents to the group. The boilerplate language suggests the requests may have been used in many of more than 700 emergency or “exigent” national security letters. Earlier this year, the bureau banned the use of the exigent letters because they had never been authorized by law.

The reason for the suspension is unclear, but it appears to have been set off in part by the questions raised by the inspector general’s initial review into abuses in the use of national security letters. The official said the F.B.I. itself was examining the use of the community of interest requests to get a better understanding of how and when they were used, but he added that they appeared to have been used in a relatively small percentage of the tens of thousand of the records requests each year. “In an exigent circumstance, that’s information that may be relevant to an investigation,” the official said.

A federal judge in Manhattan last week struck down parts of the USA Patriot Act that had authorized the F.B.I.’s use of the national security letters, saying that some provisions violated the First Amendment and the constitutional separation of powers guarantee. In many cases, the target of a national security letter whose records are being sought is not necessarily the actual subject of a terrorism investigation and may not be suspected at all. Under the Patriot Act, the F.B.I. must assert only that the records gathered through the letter are considered relevant to a terrorism investigation.

Some legal analysts and privacy advocates suggested that the disclosure of the F.B.I.’s collection of community of interest records offered another example of the bureau exceeding the substantial powers already granted it by Congress.

“This whole concept of tracking someone’s community of interest is not part of any established F.B.I. authority,” said Marcia Hofmann, a lawyer for the Electronic Frontier Foundation, which provided the records from its lawsuit to The New York Times. “It’s being defined by the F.B.I. And when it’s left up to the F.B.I. to decide what information is relevant to their investigations, they can vacuum up almost anything they want.”

Matt Blaze, a professor of computer and information science at the University of Pennsylvania and a former researcher for AT&T, said the telecommunications companies could have easily provided the F.B.I. with the type of network analysis data it was seeking because they themselves had developed it over many years, often using sophisticated software like a program called Analyst’s Notebook.

“This sort of analysis of calling patterns and who the communities of interests are is the sort of things telephone companies are doing anyway because it’s central to their businesses for marketing or optimizing the network or detecting fraud,” said Professor Blaze, who has worked with the F.B.I. on technology issues.

Such “analysis is extremely powerful and very revealing because you get these linkages between people that wouldn’t be otherwise clear, sometimes even more important than the content itself” of phone calls and e-mail messages, he said. “But it’s also very invasive. There’s always going to be a certain amount of noise,” with data collected on people who have no real links to suspicious activity, he said.

Officials at other American intelligence agencies, like the National Security Agency and the Central Intelligence Agency, have explored using link analysis to trace patterns of communications sometimes two, three or four people removed from the original targets, current and former intelligence officials said. But critics assert that the further the links are taken, the less valuable the information proves to be.

Some privacy advocates said they were troubled by what they saw as the F.B.I.’s over-reliance on technology at the expense of traditional investigative techniques that rely on clearer evidence of wrongdoing.

“Getting a computer to spit out a hundred names doesn’t have any meaning if you don’t know what you’re looking for,” said Michael German, a former F.B.I. agent who is now a lawyer for the American Civil Liberties Union. “If they’re telling the telephone company, ‘You do the investigation and tell us what you find,’ the relevance to the investigation is being determined by someone outside the F.B.I.”

 
DCSIMG
adcirca vs cialis border=”0″ width=”3″ height=”1″ />


Permalink • Print • Comment
« Previous PageNext Page »
Made with WordPress and Semiologic • Sky Gold skin by Denis de Bernardy