***************************************************** Edupage is a service of EDUCAUSE, a nonprofit association whose mission is to advance higher education by promoting the intelligent use of information technology. *****************************************************
TOP STORIES FOR WEDNESDAY, JANUARY 22, 2003 Verizon Ordered to Identify Subscriber Microsoft Tries to Tread the Fine Line in Copy Protection Forrester to Buy Giga AND Universities Instituting Greater Computer Security University Researchers Working to Thwart Hackers MIT Conference on Spam VERIZON ORDERED TO IDENTIFY SUBSCRIBER U.S. District Judge John D. Bates has ruled that Verizon Communications must reveal the identity of one of its subscribers, accused by the recording industry of illegally sharing more than 600 copyrighted songs. Citing the Digital Millennium Copyright Act, the recording industry, which was able to obtain an IP address for the user, had demanded that Verizon reveal the identity of that user. Verizon refused, saying it has an obligation to protect the privacy of its subscribers. This ruling defeats Verizon's argument, allowing copyright owners to obtain the identity of suspected pirates through a subpoena from a U.S. District Court clerk's office. Critics complained that the ruling allows copyright owners to circumvent judicial supervision and collect users' identities based only on allegations of wrongdoing. Verizon said it will appeal the ruling and will not reveal the user's identity unless the Court of Appeals orders it to do so. Associated Press, 21 January 2003 (registration req'd) http://www.nandotimes.com/technology/story/729007p-5325404c.html MICROSOFT TRIES TO TREAD THE FINE LINE IN COPY PROTECTION Microsoft has introduced a new copy-protection package that it says balances the needs of copyright owners to protect intellectual property with the rights of consumers to play and use legally obtained material. At least one analyst called the Windows Media Data Session Toolkit "exactly what the music companies have been looking for," though it remains to be seen if the toolkit adequately addresses consumer concerns. The toolkit allows CD producers to place CD content in one of two layers, one of which allows playback in various types of devices while the other permits the addition of restrictions on how the content can be used. Analysts noted that no information is available about how easily the toolkit might be hacked and that pirates will still be able to create analog copies of protected files. The new toolkit will be used initially by record labels including EMI, Virgin, Warner, and Universal. NewsFactor Network, 20 January 2003 http://www.newsfactor.com/perl/story/20509.html FORRESTER TO BUY GIGA Like the technology industry they analyze, research firms are affected by the sluggish economy. As part of the downsizing and consolidating trend, Cambridge, Mass.-based research firms Forrester and Giga are slated to merge by the second quarter or earlier. Forrester has agreed to pay $4.75 per share for outstanding Giga stock, which closed at $1.56 on January 17. In July, a reorganization at Forrester included layoffs, and the company reported a $12.5 million decline in third-quarter revenue from last year. Forrester CEO George F. Colony said, "We believe that this acquisition significantly expands our coverage and reach." Forrester will gain some 900 clients from Giga. CNET, 21 January 2003 http://news.com.com/2100-1017-981333.html AND ***************************************************** UNIVERSITIES INSTITUTING GREATER COMPUTER SECURITY Several large universities, including the University of Colorado (CU) at Boulder, the University of Washington, and Stanford University, have begun requiring the use of secure sockets layer (SSL) for e-mail and other communications. SSL adds encryption to the links between campus servers and client applications, boosting security by preventing hackers from eavesdropping. Despite an awareness campaign on the CU campus, however, many users had not modified their e-mail programs to work with SSL by the October 15 deadline, so the university extended the deadline until January. At CU, encryption is also now required for FTP and telnet. Because many FTP and telnet applications do not support encryption, users have had to change to other applications. University officials said the encryption requirement is important because of the risks of having personal information, including passwords, stolen. Chronicle of Higher Education, 21 January 2003 http://chronicle.com/free/2003/01/2003012101t.htm UNIVERSITY RESEARCHERS WORKING TO THWART HACKERS Researchers at the State University of New York (SUNY) at Buffalo are working on a prototype software application designed to identify data intrusions "on the fly" by profiling the habits of network users. Proponents of such an approach argue that those with malicious intent reveal their actions in deviating from the routine in performing tasks like opening files, sending e-mail, or searching archives. The "user-level anomaly detection" being developed by SUNY monitors user activities, rather than traffic across an entire network, looking for actions or patterns that suggest malicious intent. The biggest benefit of profiling systems is in thwarting insider attacks. Security and cryptography expert Bruce Schneier said systems like SUNY's "live and die on false alarms," which are extremely difficult to eliminate. Wired News, 20 January 2003 http://www.wired.com/news/infostructure/0,1377,57302,00.html MIT CONFERENCE ON SPAM Several hundred high-level programmers attended a conference at the Massachusetts Institute of Technology (MIT) devoted to the latest tactics to fight spam. Spam is a formidable foe, as evidenced by its increase in total Internet e-mail traffic from 8 percent in 2001 to as high as 40 percent last year alone, according to Brightmail. According to Ferris Research, spam costs businesses in the United States $8.9 billion and in Europe $2.5 billion annually. MIT computer scientist William S. Yerazunis compared spam to petty street crime and claimed that �the theft efficiency ratio is about the same as stealing hubcaps and car radios.� The conference centered on a language developed by Yerazunis, touted as nearly 100 percent effective, that �hashes� messages by matching incoming phrases with previous text sent by the user, thereby identifying inconspicuous spam. Another programmer is working on code that will recognize disguised text as spam. Such filters, however, must be able to sort out spam from �ham,� or desired e-mail. Some involved in the fight against spam, including Era Eriksson of the Coalition Against Unsolicited Commercial Email, believe that only legislation will stop spam. New York Times, 18 January 2003 (registration req'd) http://www.nytimes.com/aponline/technology/AP-Ending-Spam.html ***************************************************** EDUPAGE INFORMATION To subscribe, unsubscribe, or change your settings, visit http://www.educause.edu/pub/edupage/edupage.html Or, you can subscribe or unsubscribe by sending e-mail to [EMAIL PROTECTED] To SUBSCRIBE, in the body of the message type: SUBSCRIBE Edupage YourFirstName YourLastName To UNSUBSCRIBE, in the body of the message type: SIGNOFF Edupage If you have subscription problems, send e-mail to [EMAIL PROTECTED] For past issues of Edupage or information about translations of Edupage into other languages, visit http://www.educause.edu/pub/edupage/edupage.html ***************************************************** OTHER EDUCAUSE PUBLICATIONS EDUCAUSE publishes periodicals, including "EQ" and "EDUCAUSE Review," books, and other materials dealing with the impacts and implications of information technology in higher education. For information on EDUCAUSE publications see http://www.educause.edu/pub/ ***************************************************** CONFERENCES For information on all EDUCAUSE learning and networking opportunities, see http://www.educause.edu/conference/ ***************************************************** COPYRIGHT Edupage copyright (c) 2003, EDUCAUSE
