January 24, 2008

Microsoft to push IE7 out via WSUS next month

Date: January 21st, 2008
Author: Paul Mah

Microsoft warned that it will push a new version of Internet Explorer 7 via Windows Server Update Services (WSUS) in February. Specifically, administrators who have set WSUS to automatically approve Update Rollups will need to disable the auto-approval rule before Feb. 12 to stop IE7 from being updated into their infrastructure.

As of last year, Microsoft removed the requirement of Windows Genuine Advantage (WGA) validation from an usa cialis Internet Explorer 7 installation, making it available to all Windows XP users. Microsoft explained that the move was prompted by security concerns.

Excerpt from InfoWorld:

“Because Microsoft takes its commitment to help protect the entire Windows ecosystem seriously, we’re updating the IE7 installation experience to make it available as broadly as possible to all Windows users,” said Steve Reynolds, an IE program manager, on a Microsoft company blog in early,” said Steve Reynolds, an IE program manager.

Web metrics gathered by Net Applications during December 2007 shows that IE6 accounted for 35 percent of the browsers that visited some 40,000 monitored sites.

Permalink • Print • Comment

Should AT&T police the Internet?

By Marguerite Reardon, News.com
Published on ZDNet News: Jan 17, 2008 4:00:00 AM

A decade after the government said that AT&T and other service providers don't have to police their networks for pirated content, the telecommunications giant is voluntarily looking for street value of cialis ways to play traffic cop.

For the past several months, AT&T executives have said the company is testing technology to filter traffic on its network to look for copyrighted material that is being illegally distributed. James Cicconi, senior executive vice president for external and legislative affairs for AT&T, reiterated the carrier's plans last week during a panel discussion at the Consumer Electronics Show in Las Vegas.

"We are very interested in a technology-based solution and we think a network-based solution is the optimal way to approach this," Cicconi said in a New York Times article. "We recognize we are not there yet but there are a lot of promising technologies. But we are having an open discussion with a number of content companies, including NBC Universal, to try to explore various technologies that are out there."

"Ultimately, our customers and their online experience come first. This is not about the vast majority of customers who consume content online legally. This is about combating illegal activity."
–Michael Balmoris, spokesman, AT&T

AT&T's plans would turn the nation's largest telephone company into a kind of network cop, a role that some say could turn dangerous for the company. For one, filtering packets to determine whether they contain copyrighted material raises privacy concerns. And AT&T customers who have already been concerned about the company's alleged role in the National Security Agency's domestic spy program, could take their broadband, TV and telephony business to a competitor. Also, AT&T could be opening itself up to a mountain of legal troubles.

"I can't see why filtering traffic would be of interest to AT&T," said Tim Wu, a law professor at Columbia University and an Internet pundit. "AT&T spent six years and millions of dollars lobbying for a law so they wouldn't have to filter for copyrighted material on their network. And now they want to do it."

AT&T hasn't indicated which technology it might use. But it has confirmed that it's been testing software from a number of companies including Vobile, a start-up in which AT&T has also invested. The carrier has also said that it's been working for the past six months with members of the Motion Picture Association of America and Recording Industry Association of America to figure out ways in which it can curb the flow of illegal content on its network.

AT&T argues that it must get involved in stopping the flow of pirated content because much of this content is shared using peer-to-peer protocols, which eats up valuable network bandwidth, slowing network connections for many of its customers.

"Ultimately, our customers and their online experience come first," said Michael Balmoris, a spokesman for AT&T. "This is not about the vast majority of customers who consume content online legally. This is about combating illegal activity."

Content agreements an issue
AT&T is also likely driven by its need to strike deals with content providers for its U-Verse IPTV service. Voluntarily agreeing to filter traffic on its network could help the company get a more favorable deal with content owners, such as NBC Universal or Disney.

Rick Cotton, executive vice president and general counsel for NBC Universal, said he often argues the network management point when trying to persuade Internet service providers to filter traffic. But he admits that content agreements also factor into the discussion.

"I also make the argument that it doesn't make sense to allow people to utilize (the carriers') infrastructure to steal material that (the carriers are) trying to acquire for another part of their business," he said. "Can I say which consideration affects which ISPs? I can't answer that question. But I do think it's something they ought to take into account."

So far, most ISPs have remained tight-lipped about whether they are testing content filtering on their networks. The other two major phone companies in the country, Verizon Communications and Qwest Communications International, declined to comment for this story. Time Warner Cable, the second largest cable operator in the nation, wouldn't confirm whether it is testing filtering technology, but a spokesman said the company is working closely with copyright holders to address the piracy issue.

"Content filtering is like the cops knocking on everyone's door to make sure there are no stolen goods inside. Searching packets on a network throws out the whole idea of innocent until proven guilty."
–Art Brodsky, spokesman, Public Knowledge

Comcast, the largest cable operator in the country, said it is not using or testing content filtering technology. Last year, the company got into hot water when there were reports that it had been slowing down some peer-to-peer traffic when the network was congested. The Federal Communications Commission is currently investigating the situation.

That said, the movement to involve ISPs in monitoring and filtering traffic has been growing internationally. In November, ISPs and content producers in France signed an agreement, backed by French President Nicolas Sarkozy, to begin testing filtering technology on carrier networks. A similar movement is afoot in the United Kingdom. And late last year, officials in Australia said they hoped ISPs would implement filtering technology to remove pornography from Internet connections that connect to schools.

These moves come despite widespread criticism from consumer activists that content filtering violates customers' privacy.

"Content filtering is like the cops knocking on everyone's door to make sure there are no stolen goods inside," said Art Brodsky, a spokesman for Public Knowledge, a digital-rights public interest group. "Searching packets on a network throws out the whole idea of innocent until proven guilty."

Critics also say AT&T's moves could put it and other ISPs in a precarious legal situation by not only admitting that it can filter traffic, but also indicating that it has a responsibility to do so. That is exactly what has happened in Europe. A Belgian court last summer ordered an ISP to use filtering technology to keep pirated content off its network.

"I just think this exposes AT&T to some expensive liability," Wu said. "The fact is that it's not easy to figure out what infringes a copyright and what doesn't. It's difficult to believe that an algorithm could do this when the U.S. Supreme Court is often called upon to answer the same question. And when you're talking about copyright, the liability is huge."

"The fact is that it's not easy to figure out what infringes a copyright and what doesn't. It's difficult to believe that an algorithm could do this when the U.S. Supreme Court is often called upon to answer the same question. And when you're talking about copyright, the liability is huge."
–Tim Wu, law professor, Columbia University

This is exactly why AT&T along with Verizon lobbied Congress more than a decade ago to include a safe harbor in the 1998 Digital Millennium Copyright Act (DMCA) that essentially protects them from liability when their customers use their networks or search engines to illegally distribute copyrighted material.

These network operators won their fight by arguing that illegal content merely passes through their networks, and it is unreasonable to ask network operators to take on the task of filtering packets to see if they have violated copyright laws. As a result, most of the legal challenges since the DMCA was passed have fallen on peer-to-peer sharing sites and user-generated sites like YouTube and MySpace. YouTube–owned by Google–is currently fending off a $1 billion lawsuit from Viacom for copyright infringement.

But NBC's Cotton says that if operators work in good faith with content providers, legal issues could be avoided.

"We have agreed to put aside getting into an argument of legal responsibilities," Cotton said. "I think what everyone has come to realize is that the situation is not tenable. And if we can work out a set of reasonable steps to reduce the amount of pirated traffic, it's a win-win for their customers as well as for the content companies."

Cotton added that major steps have already been made between big media companies and some user-generated video sites. In October, media companies–including CBS, Fox Entertainment Group, NBC Universal, Viacom, and Disney along with Microsoft, News Corp.'s MySpace.com, and video-sharing sites Dailymotion and Veoh Networks–agreed to a set of guidelines for using filtering technology and taking down copyrighted content. He also acknowledged that the content community doesn't expect these measures to be fool-proof.

"No one is looking for perfection," he said. "People are prepared to tolerate and accept that that's a reality. The fact is there is a great deal that can be done in various technology environments."

Still, Cotton and others in the entertainment industry believe that monitoring traffic at the network level is a necessity.

"The YouTubes and MySpaces of the world are obvious places to look for copyright infringement," said Steven Weinstein, president and CEO of MovieLabs, the research and development arm of the film industry. "But if we are talking about peer-to-peer traffic, which is how a lot of content is illegally distributed, there is no single entity where the content originates. So the only way to find it is at the ISP level."

But one lingering question remains. Does the technology exist to offer accurate content filtering at the network level? MovieLabs conducted tests last year of about a dozen "digital fingerprinting" technologies from companies such as Gracenote, Vobile, and Audible Magic. Certain products worked well in some environments, like on user-generated Web sites and on university networks, Weinstein said. But using the technology on a large-scale, high-speed carrier network has still not been proven.

That said, developers of this technology are confident it's ready for prime time. They say the bigger hurdle is allaying consumer fears that the technology invades privacy.

"We have the technology to filter traffic today," said Vance Ikezoye, CEO and co-founder of Audible Magic, whose solution is being used by MySpace. "What will take longer to work out are the larger political and public policy issues."

Permalink • Print • Comment

OPPOSE the Intel-passed S. 2248

The terrible Intelligence Committee-passed version of the FISA Amendments Act — S. 2248 — is back, and it's being debated on the Senate floor RIGHT NOW.

If you care about your civil liberties … your right not to be spied on without a warrant … and accountability for the Bush administration's illegal wiretapping and the telecommunications companies that helped carry it out, the time to act is now.

We're partnering with our allies at the Electronic Frontier Foundation (EFF) to offer you a more creative way to tell your Senators to OPPOSE the Intel-passed S. 2248, which includes retroactive immunity for the telecom companies.

Check it out and please take part at http://www.StopTheSpying.org

Retroactive immunity for the telecom companies is really just a roundabout way of granting retroactive immunity to the Bush administration. It would effectively pull the plug on litigation that site cialis promises to shed light on the extent of the administration's lawbreaking, and it would set a dangerous precedent.

Over the next few days, People For, EFF and our friends will be lobbying intensely to stop any version of FISA reform legislation that grants retroactive telecom immunity. We can't fly you out to Washington to lobby your Senators directly, but we can take them your message, in your words, spoken in your voice or accompanied by your photo — hopefully this is the next best thing.

Got a webcam or a video camera? Got a regular camera or even just a camera on your cell phone? Then add to our efforts to use technology to bring constituent contact to the next level.

http://www.StopTheSpying.org

Permalink • Print • Comment

Control your documents with Office 2003’s Information Rights Management

by Deb Shinder | Sep 08, 2003 7:00:00 AM

Takeaway: Learn how Office 2003's Information Rights Management (IRM) works and how you can use it to control access and editing permissions on the documents produced by your users.

Digital Rights Management (DRM) has become a controversial subject as software companies, the music industry, and other producers of intellectual property have moved to use technology to prevent copyright infringement. With Office 2003, Microsoft has gone beyond the concept of protecting its own interests and built in a way for those who use its software to create intellectual property to protect enterprise copyrights, restrict the distribution of sensitive data, and control what can be done with a document by users who have been granted access.

This feature is called Information Rights Management (IRM), and it's supported by Word 2003, Excel 2003, PowerPoint 2003, and Outlook 2003 in Microsoft Office Professional Edition 2003. When you create a Word document, for example, you can specify exactly who can view it, restrict users from redistributing it, and even set a date on which their access will expire. In this article, we look at how rights management works in Office 2003 and how you can put it to use in your organization.

Add-on for Internet Explorer

Microsoft also plans to provide a free add-on component for Internet Explorer that can be used to view IRM-protected documents (with rights intact) by those who aren't running Office 2003. This means your decision to use rights management protection doesn't depend on whether users have Office 2003 installed.

How IRM works

IRM is the Office 2003 component of a larger technology called Windows Rights Management (RM), which is implemented through the Rights Management Services installed on a Windows Server 2003 server. Thus, IRM doesn't work as a stand-alone feature; you need a server running RMS to use it (however, the RMS server doesn't have to be on your own network; you can use the service provided by Microsoft). This allows home and small office users of Office 2003 to benefit from some of the IRM features, but it doesn't provide the full control and functionality of having your own in-house RMS server.

You might be wondering how rights management improves on the access controls already available in Windows. After all, with modern versions of Windows and Office, you can already restrict access to your documents in a number of ways. You can restrict access:

  • By setting share permissions on documents shared across the network.
  • By setting NTFS permissions to protect documents accessed both locally and remotely.
  • By encrypting documents stored on the disk via the Encrypting File System (EFS).
  • By password-protecting your documents with Office's Security function.

The problem with all these methods is that they are, in essence, all or nothing solutions. Although you can use share and NTFS permissions to prevent someone from modifying the original document, there is nothing to prevent that person from saving it as a new document or copying its contents and redistributing it to others. This can be a major problem when you need to give access but also need to ensure that the material doesn't go any further than those to whom you specifically grant that access.

IRM gives you a way to protect e-mail messages, Word documents, Excel spreadsheets and PowerPoint presentations, making it much more difficult for the recipient to pass them on. (Of course, someone who's determined enough could always use innovative methods such as capturing or even photographing the screen, but this would provide a graphic representation and not an electronic document.)

RMS uses digital certificates to validate the identities of users. The certificates are issued by the RMS server based on either Windows authentication (for in-house RMS servers) or Passport account authentication (for Microsoft's trial RMS service). The Rights Management Service is an ASP.NET Web service that uses the Extensible Rights Markup Language (XrML). Rights management protection works at the file level, so that even when the file goes outside the organization or network, the protection is still built into the file itself.

One of the benefits of having an in-house RMS server is the ability to create templates based on your permissions policies so that you can define a particular permissions configuration to apply to groups of documents.

Using IRM to protect your documents

You can't just begin using IRM immediately. There are several preliminary steps you must take to deploy the technology. First, if you're deploying rights side effects cialis management within the organization, you'll need to set up and activate a Windows Server 2003 RMS server and then install the RM Update on the client machines running Office 2003. Because IRM is certificate-based, users must obtain a certificate from the RMS server.

After the infrastructure is in place, using IRM is easy. We'll use Microsoft Word in our examples, but remember that you can also protect other Office documents (and e-mail messages). In fact, we expect that a common use for IRM will be allowing others to view your PowerPoint presentations without the fear that they will copy or redistribute them.

If you want to restrict certain people from accessing a Word 2003 document using IRM, start by clicking File | Permission or click the Permission button on the toolbar, as shown in Figure A.

Figure A
Click Permission on the File menu to restrict access using IRM.

This will open a Select User dialog box, as shown in Figure B. If you have no RMS server deployed and you have a Passport account, your account name will appear here.

Figure B
Select a user account (validated by the internal RMS server or a Passport account for the Microsoft trial service).

Instead of seeing the Select User dialog box, you might be prompted to install the RMS client software, as shown in Figure C. Clicking Yes will download the client (msDRMClient.msi).

Figure C
Click Yes to install the Rights Management client (msDRMClient.msi).
Client software can be deployed via Group Policy

The client software is an .msi package and thus can be deployed to computers or users in the organization using Windows Group Policy Software Installation.
Double-clicking the file will deploy the Windows Rights Management client Setup Wizard. If you have neither a Passport account nor an internal RMS server, you can sign up for Microsoft's IRM service by clicking Add and completing the Service Sign-Up Wizard, the first page of which is shown in Figure D.

Figure D
You can sign up to use Microsoft's IRM service if you don't have an RMS server.

You'll be asked if you already have a Passport account (and given the opportunity to create one if you don't). You'll have to log on to the Passport server and then specify the e-mail address that was used for the Passport account, as shown in Figure E.

Figure E
To receive an RM certificate from the Microsoft service, you must specify your Passport e-mail address.

Next, you'll be asked to select the certificate type:

  • Standard certificate: allows you to create, view, and use restricted content on the computer and can be renewed.
  • Temporary: allows you to open restricted content on the computer. Only good for a limited time and cannot be renewed.

Select the certificate type, as shown in Figure F.

Figure F
You'll be prompted to select either a Standard or Temporary RM certificate.

When an RM certificate has been created and successfully downloaded to the computer, you'll receive notification that the wizard is complete, as shown in Figure G.

Figure G
When the certificate has been downloaded, click Finish to complete the wizard.

When you have an RM certificate installed on your machine, you can use rights management to protect documents and view protected documents.

Now when you click the Permission option in the File menu and select Restrict Permission As, you can select your account (for which you just downloaded an RM certificate) in the Select User box to create or open content. After you do, the Permission dialog box will be displayed, and you can enter the e-mail addresses of any users to whom you want to give Read or Change permission, as shown in Figure H. Typing the first few letters of the address will provide you with choices from your address book.

Figure H
You can select users to whom you want to give Read or Change permission, or click the More Options button.

Clicking the More Options button will allow you to set additional permissions for the selected users, such as:

  • Permission to print the content.
  • Permission to copy the content.
  • Permission to access the content programmatically.

You can also set an expiration date, after which the user will not be able to access the document. In addition, you can choose to allow users who don't have Office 2003 to use their Web browser (IE with the information rights add-on) to read the document. Figure I shows these choices.

Figure I
You can set additional permissions after selecting More Options.

The permissions you've set on the document will now appear in the Shared Workspace task pane at the right of the document, as shown in Figure J.

Figure J
The permissions information appears in the Shared Workspace task pane, which automatically opens to the right of the document.

Reading IRM-protected documents

If a user tries to open an IRM-protected document in an earlier version of Word, he or she will see a notification that permission is restricted, as shown in Figure K. Note that the user will be able to see the document title.

Figure K
A user will not be able to open the document in an earlier version of Word.

Users will be notified of restrictions

Attempts to open the protected document in any other program (NotePad, IE without the Rights Management add-on installed, etc.) will result in the same notification that permission is restricted.

To open the document in Office 2003, the user might need to install the updated Rights Management client, create a Passport account, and download an RM certificate if these haven't been done previously. The first time the user tries to open the file, a dialog box might appear stating that Office must connect to the RMS server to verify the user's information, as shown in Figure L.

Figure L
Office needs to connect to the RMS server to verify the user's identity.

The user will be able to do with the document whatever you specified when you set permission. For example, if you gave the user Read permission, the user can view the document. But if the user tries to save the document, the Save, Save As, and Save As Web Page options will be grayed out, as shown in Figure M. Likewise, all options in the Send To menu are grayed out so that the user cannot forward the document to a mail or routing recipient, Exchange folder, or other location.

Figure M
A user with Read permission will not be able to save the document.

The IE Rights Management add-on

If a user tries to open an IRM-protected document and does not have Office 2003 installed, the user will be directed to the Internet Explorer Web site for the Rights Management add-on.

Download the add-on

You can download the add-on from Microsoft's IE Web site. This is beta software that expires Nov. 1, 2003. The final version is expected to be released later in 2003.
The same restrictions are enforced when the user opens a protected document with IE as when he or she uses Office 2003 applications. The currently available beta of the Rights Management add-on can only be installed on IE 6.0 running on Windows 2000 or Windows XP. The Rights Management client software must also be installed. Note that IE with the add-on is used only to view IRM-protected documents; it cannot be used to protect documents.

Built-in rights management

Protecting digital content has become increasingly important in today's business environment. Previously, protecting one's intellectual property required special programming skills or the use of specific third-party software. Now, rights management is built into the next version of Microsoft Office and can be used to restrict others from misusing the content without completely denying them access.

The rights management feature in Office promises to solve many of the problems associated with safeguarding the rights of intellectual property owners/creators and providing better security than ever for sensitive information.

Permalink • Print • Comment

Time Warner Puts a Meter on the Internet

Time Warner Cable has confirmed that it will be rolling out metered pricing for Internet access in Beaumont, TX. On balance, we think this is a fair choice among a bunch of bad options. Providing transparent, metered access is certainly preferable to Comcast's arbitrary, undisclosed practice of selectively hobbling particular protocols.

Overall, business models that keep ISPs thinking of themselves as "pipe" rather than "content" are good. Better that your ISP worry about the tolls to pay for the highway, rather than scheming to force you to use their preferred offramps and eat in their preferred diners.

Transparency also encourages innovation and competition.

Already, Verizon is gloating publicly, saying that its more modern FIOS fiber-optic service will not have caps. This also may encourage new broadband technology providers to enter the market, as they will have another way to differentiate their offering from cable broadband.

However, there are some serious potential drawbacks, too.

First, if metered Internet access becomes widespread, it may discourage users from indulging in new, high-bandwidth activities, thereby foreclosing innovative new technologies and markets. For example, we might never have had a YouTube or a Napster if people were fretting about their bandwidth consumption.

Second, much will depend on the pricing of these new metered plans. The new plans could beneficially be used to bring basic broadband in at a lower price, or it could be used badly as a cover for price increases on existing customers. And the pricing for "overages" should bear some relation to costs, rather than being exploited for windfall profits. Broadband industry observer Dave Burstein has pointed out that the wholesale price to Time Warner for 40gb for a month amounts to about $3.

The last word goes to Harold Feld: "The real solution, of course, is policies that build out more capacity so that it becomes too cheap to meter." Now if only we had a real national broadband policy to get us there.

For Howard Feld's blog post about Time Warner and metered pricing:

http://www.wetmachine.com/totsf/item/1006

safe cialis color=”#0000ff”>

For the complete post from EFF Senior Staff Attorney Fred von Lohmann:

http://www.eff.org/deeplinks/2008/01/time-warners-puts-meter-internet

Permalink • Print • Comment
Next Page »
Made with WordPress and Semiologic • Sky Gold skin by Denis de Bernardy