From: Chris Chiu
To: Gilc-Announce (E-mail)
Sent: 03/06/2004 21:58
Subject: [Gilc-announce] GILC Alert
GILC Alert
Volume 8, Issue 5
3 June 2004
Welcome to the Global Internet Liberty Campaign Newsletter.
Welcome to GILC Alert, the newsletter of the Global Internet Liberty
Campaign. We are an international organization of groups working for
cyber-liberties, who are determined to preserve civil liberties and
human rights on the Internet.
We hope you find this newsletter interesting, and we very much hope that
you will avail yourselves of the action items in future issues.
If you are a part of an organization that would be interested in joining
GILC, please contact us at <[log in to unmask]>.
If you are aware of threats to cyber-liberties that we may not know
about, please contact the GILC members in your country, or contact GILC
as a whole.
Please feel free to redistribute this newsletter to appropriate forums.
===============================================
Free expression
[1] Chinese Net protestors arrested
[2] Jailed Vietnamese Net dissident ends hunger strike
[3] Two Ukrainian online journalists detained
[4] Japanese shareware author arrested
[5] French digital economy proposal faces constitutional review
[6] Pro-Net fair use bill gains support
[7] Dutch court upholds legality of weblinks
[8] Korean Net radio station pressured over political content
[9] Hollywood sues nearly 500 more Internet users
[10] Consumer backlash over Japanese TV crippleware measures
[11] Upcoming Euro copyright conference
Privacy
[12] Weakened email spying restrictions proposal moves forward
[13] More details emerge about secret USA Patriot Act case
[14] Study: datamining proliferates among U.S. gov't agencies
[15] Spyware threat to privacy grows larger
[16] Macintosh computer security flaw uncovered
[17] Lovgate computer bug spreads through unread email messages
===================================================================
[1] Chinese Net protestors arrested
===================================================================
Chinese authorities have detained a number of Internet dissidents as the
15-year anniversary of a massacre of pro-democracy activists looms.
The latest such arrestee, Liu Xiabo, had written a number of articles,
including an essay that condemned the Chinese government for using
subversion laws to prosecute and silence its online critics. He had also
launched a campaign to free cyberdissident Du Daobin, who himself had
been forced to plead guilty to subversion charges in a trial that was
savaged by various groups, including Reporters Sans Frontieres (RSF-a
GILC member). Liu has since been placed under house arrest. Liu's
detention comes just after two other Internet activists, Yang Jianli and
Liu Shui, were convicted and sentenced by Chinese criminal courts on
charges that are being widely perceived as politically motivated. Many
of these individuals had participated in the pro-democracy protests at
Beijing's Tienanmen Square that the government brutally suppressed on 4
June 1989.
In addition to this wave of arrests, Chinese censors are also stepping
up restrictions on various forms of Internet activity. For example,
government agents have closed down over 8600 cybercafes over the past
three months, claiming that they provide "unhealthy information
online"-a term that apparently covers political commentary and material
critical of the country's rulers. Additionally, according to the
state-run Xinhua news agency, a government committee will be formed to
stop the flow of imported computer games that contain messages that are
deemed taboo by Chinese authorities, such as discussion of Taiwanese and
Tibetan sovereignty or the Falun Gong spiritual movement. The Chinese
government has already banned Hearts of Iron, a computer game made in
Sweden that, among other things, portrayed Tibet as an independent
nation.
For more on the Liu Xiabo case, visit the RSF website under
http://rsf.fr/article.php3?id_article=10466
Further details regarding the Du Daobin case are posted at
http://rsf.fr/article.php3?id_article=10432
See "China silences Tiananmen critics," BBC News Online, 3 June 2004 at
http://news.bbc.co.uk/1/hi/world/asia-pacific/3772629.stm
Read "Net activist's trial unfair: watchdog," South China Morning Post,
24 May 2004 at
http://www.asiamedia.ucla.edu/article.asp?parentid=11470
For more about the Yang Jianli and Liu Shui cases, click
http://www.rsf.org/article.php3?id_article=10388
See "China jails journalist for posting articles on Net," South China
Morning Post, 12 May 2004 at
http://www.asiamedia.ucla.edu/article.asp?parentid=11098
Read "China censors online video games," BBC News Online, 1 June 2004 at
http://news.bbc.co.uk/1/hi/technology/3766023.stm
See "China bans game for 'distorting history,'" Agence France Presse, 31
May 2004 at
http://smh.com.au/articles/2004/05/31/1085855471013.html
Read Chow Chung-yan, "Special censors to root out 'unhealthy' internet
games," South China Morning Post, 25 May 2004 at
http://www.asiamedia.ucla.edu/article.asp?parentid=11474
See also Jonathan Watts, "Nanny knows best," Guardian Unlimited (UK), 14
May 2004 at
http://www.guardian.co.uk/elsewhere/journalist/story/0,7792,1216808,00.h
tml
===================================================================
[2] Jailed Vietnamese Net dissident ends hunger strike
===================================================================
A Vietnamese journalist has ended a hunger strike after the nation's
highest court agreed to hear his case.
Nguyen Vu Binh had, among other things, written a number of articles
regarding political and economic reforms in the Southeast Asian nation,
including "Thoughts on the Sino-Vietnamese border agreements"-an essay
that savaged a treaty between China and Vietnam. He subsequently was
arrested, convicted of espionage and sentenced to seven years in jail,
plus three years of house arrest. An appeals panel later held a hearing
that lasted less than two hours and confirmed the earlier sentence. Upon
hearing the appeals verdict, Vu Binh roared: "To me, either freedom or
death. If the authorities won't release me, I will start my hunger
strike now." He began his hunger strike shortly after the judicial
proceedings ended. After three weeks of going without food, the Supreme
Court of Vietnam granted him a hearing. Vu Binh then ended his hunger
strike, which had left him looking "weak and pale," according to his
wife, who finally has been allowed to visit him in prison.
Several free speech groups have criticized the Vietnamese government in
connection with these developments, including the GILC members the
Committee to Protect Journalists (CPJ) and Reporters Sans Frontieres
(RSF). RSF's Julien Pain noted that of all the countries in the world,
Vietnam "is the second-largest jail for cyber-dissidents." Some experts
have also expressed fears that more people will be soon be detained in
connection with their Internet activities, after Vietnamese authorities
ordered a crackdown on what it called "bad and poisonous information"
online.
For further information regarding the Vu Binh case, visit the CPJ
website under
http://www.cpj.org/news/2004/Vietnam27may04na.html
Read Julia Scheeres, "Net Dissident Ends Hunger Strike," Wired News, 26
May 2004 at
http://wired.com/news/politics/0,1283,63599,00.html
See "Vietnam orders crackdown on Net dissent," South China Morning Post,
20 May 2004 at
http://www.asiamedia.ucla.edu/article.asp?parentid=11378
See also Sarah Colombo, "Vietnam govn't places new restrictions on Web,"
OnlineJournalism.com, 13 May 2004 at
http://www.onlinejournalism.com/topics/brief.php?briefID=71501
===================================================================
[3] Two Ukrainian online journalists detained
===================================================================
The recent arrest of two reporters has led to concern over the future of
online free press rights in the Ukraine.
In separate incidents, Ukrainian authorities detained Kostyantyn
Sydorenko and Olexandre Pomytkin. Sydorenko is an online journalist who
had been reporting on a mayoral election in the western part of the
country. When he went to a local police station to retrieve a lost
camera, he was arrested, then ordered to spend five days in detention
for "resisting the security forces"; he remains in solitary confinement.
Pomytkin, who works for the online newspaper "Ukrayina kryminalna"
("Criminal Ukraine"), was arrested not longer after the publication of
"The Ukrainian Mafia," in which he exposes ties between criminal
syndicates and Ukrainian police officers.
Questions remain as to whether Pomytkin and Sydorenko were actually
detained in order to intimidate and dissuade them from investigating
government corruption. Reporters Sans Frontieres (RSF-a GILC member) has
objected to the treatment of the two men and called for a closer
examination of the circumstances behind their arrests: "It is all the
more important to look into these cases because both journalists were
investigating issues that are sensitive for the authorities."
The Criminal Ukraine website is located at
http://www.cripo.com.ua
For further information, visit the RSF website under
http://www.rsf.fr/article.php3?id_article=10454
===================================================================
[4] Japanese shareware author arrested
===================================================================
In what is believed to be the first case of its kind, police in Japan
have arrested a university professor for creating a popular Internet
file-sharing program.
Kyoto Prefectural police detained Isamu Kaneko several weeks ago. Kaneko
is an assistant professor at the University of Tokyo who developed
Winny, a computer program that allows users to swap files through the
Information Superhighway. Prosecutors claim that by inventing Winny,
Kaneko has violated Japanese copyright laws. If convicted, he could face
3 years in prison as well as a fine of 3 million yen (~USD 27 000).
Cyberliberties activists are worried about the arrest of Kaneko for a
number of reasons. Among other things, they question whether Kaneko
should be held liable (much less thrown in jail) for the actions of
Winny users whom he has never met. They also fear that jailing Kaneko
could deter the development of new Internet technologies as well as
online free speech. Some observers believe that the prosecution of
Kaneko is politically motivated, after sensitive government files were
leaked to the public earlier this year through the use of Winny.
See "Winny developer to go on trial over illegal copying," Mainichi
Shimbun, 31 May 2004 at
http://mdn.mainichi.co.jp/news/archive/200405/31/20040531p2a00m0dm008000
c.html
Read "Copyright Arrest in Japan," Associated Press, 10 May 2004 at
http://wired.com/news/print/0,1294,63408,00.html
See "Shareware developer busted," Mainichi Shimbun, 10 May 2004 at
http://mdn.mainichi.co.jp/news/archive/200405/10/20040510p2a00m0dm003000
c.html
Read "Secret GSDF data circulating on file-sharing network," Mainichi
Shimbun, 30 April 2004 at
http://mdn.mainichi.co.jp/news/archive/200404/30/20040430p2a00m0dm001001
c.html
===================================================================
[5] French digital economy proposal faces constitutional review
===================================================================
Human rights groups are pushing for a wide-ranging review of a digital
economy proposal that they say violates the French constitution.
The French digital economy bill (called le projet de loi sur la
confiance dans l'iconomie numirique or LEN), which is supposed to help
France comply with a June 2000 European Union (EU) directive, includes
language that would make Internet service providers (ISPs) liable for
content on websites that they host. Among other things, ISPs would have
to "act promptly" to take down material "after becoming aware of their
unlawful nature" or face legal retribution-a process that previously
required judicial approval. The bill also essentially abolishes the
doctrine that email should be treated as "private correspondence,"
creating the possibility that such messages could be intercepted more
easily by third parties. Both houses of the French Parliament have
approved a revised draft of the proposal several weeks ago.
After complaints from many groups, including GILC members Reporters Sans
Frontieres (RSF) and Imaginons un Reseau Internet Solidaire (IRIS),
opposition parliament members submitted the bill to the French
Constitutional Council for review. However, in doing so, the petitioners
failed to mention a number of key problems with the bill that previously
had been pointed out by various experts. Subsequently, IRIS and the
French Human Rights League (LDH) sent a follow-up brief to the Council
that included a more in-depth critique of LEN. For example, the two
groups criticized the proposal's broadly worded provisions that would
limit the "freedom of online communication" on vague grounds of
"national defense, public service necessities, technical constraints" as
well as "protecting young audience," suggesting that these and other
sections of the bill could be abused to chill Internet speech.
The IRIS and LDH brief is available (in PDF format) under
http://www.iris.sgdg.org/actions/len/LEN-memoireCC-IRIS-LDH.pdf
See Lionel Thoumyre, " Hyperdossier sur la responsabilite des acteurs de
l'Internet en France - reactualise," Juriscom.net, 13 May 2004 at
http://www.juriscom.net/pro/visu.php?ID=485
===================================================================
[6] Pro-Net fair use bill gains support
===================================================================
Several key politicians in the United States are expressing support for
a bill that may protect traditional free expression rights in the
Information Age.
Bill H.R. 107, which is sponsored by U.S. Representative Rick Boucher,
would amend the much-criticized U.S. Digital Millennium Copyright Act
(DMCA). Among other things, the plan would allow users to bypass copy
protection schemes "if such circumvention does not result in an
infringement of the copyright" in a given work, which would ostensibly
include fair use, that is, making use of the work for research, public
commentary, and educational or other salutary purposes. In addition, the
bill would permit the manufacture, distribution and "noninfringing use"
of software or hardware "capable of enabling significant noninfringing
use of a copyright work"-a provision that might apply to such items as
music sharing software and optical disc burners. The proposal would also
require special labeling for copy-protected CDs.
During a recent hearing held by a subcommittee of the U.S. House of
Representatives, a number of prominent lawmakers backed the bill and
called for its approval. One of those lawmakers, Joe Barton, the
chairman of the House Committee on Energy and Commerce, pointed out: "We
have a long history of copyright law that permits 'fair use' of
copyrighted material, which allows me to make a copy of music to play in
my car or make compilation CDs of my favorite songs. ... It remains
illegal - as it should be - to buy a CD, and eventually a DVD, and make
multiple copies to sell for profit. But if I purchase the 'Lonesome
Dove' DVDs and want to make another copy to watch when I'm traveling,
where is the harm in that?" Further proceedings regarding H.R. 107 are
expected to take place in the coming months.
The text of H.R. 107 is available via
http://thomas.loc.gov/cgi-bin/query/z?c108:h.r.107:
For more information on the hearing, including an archived webcast and
prepared statements from the witnesses, click
http://energycommerce.house.gov/108/Hearings/05122004hearing1265/hearing
.htm
A press release from Chairman Barton is posted at
http://energycommerce.house.gov/108/News/05122004_1277.htm
===================================================================
[7] Dutch court upholds legality of weblinks
===================================================================
A court in the Netherlands has held that providing weblinks in itself is
not a violation of copyright law.
The case centers on Zoekmp3.nl, an Internet portal that contained 30 000
links to various music-related materials, including MP3 music files.
BREIN, a Dutch entertainment industry group, sued the proprietors of
Zoekmp3, Techno Design, claiming that the site's provision of links
constituted copyright infringement. However, the trial court ruled
against BREIN. Among other things, the tribunal held that merely
providing assistance that arguably might lead to illegal activity by
third parties was not, in itself, illegal. More specifically, the court
held that creating weblinks to a music file was not a disclosure or
publication of contents that would thereby violate Dutch copyright law.
Legal experts had expressed concern about the dispute, fearing that it
could have led to additional pressure on online search engines to engage
in self-censorship for fear of liability. Alberdingk Thijm, the lawyer
for Techno Design, suggested: "If BREIN wants to do something against
unlawful music on the internet, it should go after the music providers
and not the search engine." BREIN is planning to appeal the decision.
Read Joe Figueiredo, "Court clears Dutch music search engine of
copyright violation," DMeurope.com, 13 May 2004 at
http://www.dmeurope.com/default.asp?ArticleID=1789
===================================================================
[8] Korean Net radio station pressured over political content
===================================================================
An online radio service that agitates for democracy in North Korea is
facing heavy political pressure.
Free North Korea Broadcasting (Free NK) was started nearly a month ago
by 20 North Korean exiles. Its daily broadcasts are available via the
Information Superhighway and include a variety of programs, such as open
discussions of human rights issues in the East Asian nation, political
dialogues and stories about refugees' experiences. However, shortly
after it began operations, a number of groups and individuals have
lashed out at the network, apparently hoping to disrupt its activities.
In addition to highly negative rhetoric from the North Korean
government, various forms of hate mail, including bomb threats, were
sent to the Institute of North Korea Studies, which had provided office
space to Free NK. The group's president and chief writer, Kim Sung-min,
explained: "The Institute of North Korea Studies was willing to allow us
to use its building for free when we started, but it has recently asked
me to vacate the office, citing opposition from its board members."
Free speech groups have deplored these developments. In a statement,
Reporters Sans Frontieres (RSF-a GILC member) urged South Korean
Unification Minister Jeong Se-hyun "to intervene with the relevant
authorities to ensure free expression for the radio station and the
staff's safety." In the meantime, Free NK officials have resolved to
continue broadcasting, in spite of the pressure. Kim explained that his
organization still had tremendous support: "North Korean defectors and
South Korean sponsors donated money so that we could buy expensive
facilities for broadcasting in their hopes of informing North Koreans of
the outside world and thus contributing to democratization of the North.
No matter what difficulties we face, we will never stop this."
The Free North Korea Broadcasting website is located at
http://www.freenk.net
For further information, visit the Reporters Sans Frontieres (RSF-a GILC
member) website under
http://rsf.fr/article.php3?id_article=10464
See Seo Hyun-jin, "North Korean defectors pressured to shut down online
broadcasts," Korea Herald, 13 May 2004 at
http://www.asiamedia.ucla.edu/article.asp?parentid=11097
===================================================================
[9] Hollywood sues nearly 500 more Internet users
===================================================================
493 more Internet users have become the latest targets of a major
recording industry trade group's legal campaign against file-sharing.
The Recording Industry Association of America (RIAA) has fired off
another wave of lawsuits against Internet users who it argues have
engaged in copyright infringement by sharing music files online. As with
previous waves, the RIAA listed its targets by their supposed IP
addresses, and is trying to discover the true identities of the people
it sued. In total, the Association has sued nearly 3000 alleged
file-sharers in the U.S. over the past year. The RIAA's efforts have
encountered staunch opposition from various groups, including GILC
members the American Civil Liberties Union and EFF as well as Public
Citizen.
See "RIAA sues 493 more music swappers," Reuters, 24 May 2004 at
http://wired.com/news/print/0,1294,63579,00.html
===================================================================
[10] Consumer backlash over Japanese TV crippleware measures
===================================================================
Consumers have reacted harshly to a new system that restricts their
right to enjoy digital television broadcasts and the Information
Superhighway.
Nearly a month ago, the Japanese National Association of Commercial
Broadcasters (NACB) as well as Japanese state television (NHK) began
implementing measures to prevent people from making copies of digitally
televised programs. Under this scheme, special copy-protection signals
are mixed into digital television transmissions. Consumers must get
special B-CAS decoder cards and insert them into their respective
television sets in order to watch digital TV programs. After using these
cards, users can only make a single copy of a given program, and cannot
make further duplications or edits. The system has been applied to
programs broadcast via terrestrial channels as well as satellite
signals.
These moves have already generated a flood of consumer protests. In the
first week that the system was in operation, NHK and NACB received over
15 000 complaints. In addition, many individuals and organizations
(including electronics stores) have found the entire scheme to be
difficult to understand, much less operate. Moreover, questions remain
as to what impact the B-CAS system will have on digital free speech.
Read "Viewers upset over digital TV taping restrictions," Japan Times,
25 May 2004 at
http://www.japantimes.com/cgi-bin/getarticle.pl5?nb20040525a2.htm
===================================================================
[11] Upcoming Euro copyright conference
===================================================================
The Foundation for Information Policy Research (FIPR-a GILC member) is
organizing an event to discuss where copyright laws "should be going to
ensure that authors, musicians, film-makers and the public will all
benefit." Entitled "Where next for copyright in Europe," the event will
feature a wide array of speakers, including representatives from many
GILC member organizations. Attendance is free of charge and open to all.
The conference, which is sponsored by the Open Society Institute (OSI-a
GILC member), will take place on 13 June 2004 in Berlin.
For more information, click
http://wizards-of-os.org/index.php?id=921&L=3
===================================================================
[12] Weakened email spying restrictions proposal moves forward
===================================================================
A proposal designed to protect the privacy of webmail users has overcome
an important legislative hurdle, but not without significant changes.
The bill came in response to unveiling of Gmail-a webmail service that
is provided by Internet search engine giant Google. Among other things,
as described in the official Gmail privacy policy, Google computers
automatically scan through emails sent or received by Gmail customers,
then use the collected information to serve text ads or other "related
information in Google's extensive database. ... Advertisers receive a
record of the total number of impressions and clicks for each ad."
Moreover, under the terms of this policy, Google may send information
regarding "other Google services" to Gmail users, and those customers
"will not be given the opportunity to opt-out of receiving" such
messages. The policy also mentions that "residual copies of email may
remain on our systems, even after you have deleted them from your
mailbox or after the termination of your account." The rollout of Gmail
prompted a firestorm of criticism from a number of organizations,
including GILC memb!
ers the Electronic Privacy Information Center (EPIC) and Privacy
International.
Subsequently, a local legislator in the United States introduced a bill
designed to protect the privacy of webmail users. Sponsored by
California state senator Liz Figueroa, the proposal originally contained
language that generally barred providers of "e-mail or instant messaging
services to California customers" from reviewing, examining, or
otherwise evaluating "the content of a customer's outgoing or incoming
e-mail or instant messages." However, the bill was later altered so as
to explicitly allow such providers to review, examine or otherwise
evaluate the content of messages under certain conditions. Notably,
providers cannot retain "personally identifiable information or user
characteristics" derived from the scanning, and will have to delete such
messages some time "after the customer has indicated that he or she
desires that the communication be deleted in such a way that the
communication is no longer available obtainable in any retrievable
format." The California s!
tate senate approved this revised version, which now will go to the
state Assembly for possible further action.
To read the text of the bill as passed by the California state senate
(in PDF format), click
http://www.leginfo.ca.gov/pub/bill/sen/sb_1801-1850/sb_1822_bill_2004052
5_amended_sen.pdf
To read the text of the original bill, go to
http://www.leginfo.ca.gov/pub/bill/sen/sb_1801-1850/sb_1822_bill_2004042
0_amended_sen.html
See "Google faces Gmail advert limits," BBC News Online, 28 May 2004 at
http://news.bbc.co.uk/1/hi/technology/3756603.stm
Read "Tightening the Reins on Gmail," Reuters, 27 May 2004 at
http://wired.com/news/print/0,1294,63642,00.html
===================================================================
[13] More details emerge about secret USA Patriot Act case
===================================================================
More information is finally coming to light regarding a legal challenge
to a controversial United States government power to demand sensitive
personal information.
The case centers on a provision of the much-maligned USA Patriot Act,
which was signed into law nearly three years ago. One section of the Act
allows U.S. government agents to send National Security Letters (NSLs)
and thereby get customer records from businesses without court
oversight. Under this provision, recipients of NSLs are gagged or
otherwise barred from revealing any information about such
letters-including whether they have even received an NSL. The American
Civil Liberties Union (ACLU-a GILC member), along with its New York
affiliate and an anonymous Internet Service Provider (ISP) known simply
as John Doe, filed a legal challenge against this law. In papers filed
with the court, John Doe expressed fears that "the government may be
abusing its power by targeting people with unpopular views. I am
challenging the constitutionality of the NSL provision in an effort to
protect all of my clients' interests. I have no doubt that ... ISPs,
such as America Online, must ha!
ve received at least one of these NSLs. Because of the gag order,
however, I am not able to contact them ... ."
The mere existence of this lawsuit had been kept secret for months. U.S.
government prosecutors tried to prevent the release of information
regarding this case (including basic court documents), claiming that the
publication of such details would violate the NSL gag order provision.
Eventually, a U.S. Federal judge set down a procedure to allow redacted
versions of documents available to the public; some of these papers have
now been posted online.
An ACLU archive of documents about this case is posted at
http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=15543&c=262
===================================================================
[14] Study: datamining proliferates among U.S. gov't agencies
===================================================================
A new report has revealed numerous United States government programs
that may severely undermine personal privacy.
The study was done by the U.S. General Accounting Office. The report
identified 199 U.S. government projects that involved the statistical
analysis of personal information known as data mining. The survey showed
that a number of these projects scan through personal information that
is contained in non-government databases, such as Internet activity
logs, credit reports or credit card transactions, for a variety of
purposes. The study noted that these programs raised significant privacy
issues, and that "more work is needed to shed light on the privacy
implications of these [datamining] efforts."
The report's findings caused considerable unease in various quarters,
including privacy advocates and several prominent politicians. U.S.
Senator Daniel Akaka, who requested the survey, said he was "disturbed
by the high number of data mining activities in the federal government
involving personal information. The federal government collects and uses
Americans' personal information and shares it with other agencies to an
astonishing degree, raising serious privacy concerns." Similarly, in a
joint letter to Senator Akaka, several GILC member organizations,
notably the Center for Democracy and Technology, American Civil
Liberties Union, and the Electronic Privacy Information Center, warned
that the report showed "just how widespread the embrace of such powerful
techniques is becoming within government, and how little has been done
to update our oversight mechanisms to compensate."
The GAO report is available (in PDF format) under
http://www.epic.org/privacy/profiling/gao_dm_rpt.pdf
The joint letter is posted at
http://www.aclu.org/Privacy/Privacy.cfm?ID=15858&c=130
See Kim Zetter, "GAO: Fed Data Mining Extensive," Wired News, 27 May
2004 at
http://wired.com/news/print/0,1294,63623,00.html
===================================================================
[15] Spyware threat to privacy grows larger
===================================================================
Recently published research indicates that the use of software that
secretly spies on its users is even more widespread than previously
thought.
The research focused advertising utilities that are often
surreptitiously bundled with other downloaded computer programs and can
be installed with little notice to the user, particularly if the given
machine's web browser uses low security settings. Once installed, these
programs track users' Internet surfing habits and display advertisements
based on this information. For example, one of these programs, Gator,
watches the terms people enter into the Google search engine and serves
up ads pursuant to those terms. Gator also targets specific host names
and even federal government websites for advertising opportunities.
Newly published studies suggest that spyware is now very common. One
such survey by the National Cyber Security Alliance estimates that
spyware can be found on about 90 percent of all personal computers.
Meanwhile, a separate study by EarthLink (a major Internet service
provider) suggests that the average machine is infected with about 28
different spyware programs. Experts have also noted that even when such
programs provide notice to customers, the notices are often confusing.
Roger Thompson of Pest Patrol, a company that makes anti-spyware
products, notes that many spyware pseudo-agreements "are too hard to
read and understand. I don't think any of my kids would read the
agreement and would just click 'OK' to install the software." These and
other concerns have led some lawmakers in the United States to push for
legislation to protect the privacy rights of computer users.
See Janis Mara, "California Anti-Spyware Bills Progress," ClickZ News,
20 May 2004 at
http://www.clickz.com/news/article.php/3356541
Read Amit Asaravala, "Sick of Spam? Prepare for Adware," Wired News, 7
May 2004 at
http://wired.com/news/print/0,1294,63345,00.html
===================================================================
[16] Macintosh computer security flaw uncovered
===================================================================
A major computer and software manufacturer has come under fire for
various security holes in its products.
These problems affect users of Macintosh personal computers. Apple,
which manufactures Macintosh, has admitted to the existence of at least
one flaw in its Safari web browser, which could allow an attacker to
take remote control of a user's machine. The company called the problem
a mere "theoretical vulnerability" while urging users to download a
program that would patch the hole. However, Secunia, a computer security
firm, warned that Apple's supposed cure was imperfect and that there
were two other similarly-styled security flaws that might be exploited
through such methods as doctored websites. Apple has yet to respond to
these latest bulletins.
The controversy has left some critics wondering whether Apple is doing
enough to protect its customers' personal information. Secunia chief
executive officer Niels Henrik Rasmussen charged: "From the beginning,
Apple has downplayed this issue. Users are still as vulnerable as Apple
left them last week."
Read "Apple tackles Mac security flaw," BBC News Online, 24 May 2004 at
http://news.bbc.co.uk/1/hi/technology/3741871.stm
===================================================================
[17] Lovgate computer bug spreads through unread email messages
===================================================================
Internet security experts are warning of an email worm that is more
easily propagated than other computer bugs.
Like many of its counterparts, the Lovgate worm hijacks email programs
and spreads by sending itself to people listed in the victim's address
book. However, unlike other computer bugs, Lovgate also looks through
unread email messages in the victim's inbox and forwards itself to the
authors of those messages. This new bug also deactivates anti-virus
programs found on the victim's machine and can hide within compressed
computer files. Certain email programs, notably Microsoft's Outlook and
Outlook Express, are particularly susceptible.
Observers have cited the emergence of Lovgate as a troubling
development; one expert explained that Lovgate's "clever" transmission
methods made it extraordinarily "vicious." The appearance Lovgate has
also fueled long-standing concerns over whether various companies
(especially Microsoft) are doing enough to protect their users' personal
data.
See "New Worm Spreads By Replying To All Mall," TechWeb News, 19 May
2004 at
http://www.informationweek.com/story/showArticle.jhtml?articleID=2080015
9
Read "Lovgate worm variant has A-V vendors worried," Sydney Morning
Herald Online, 19 May 2004 at
http://www.smh.com.au/articles/2004/05/19/1084917636451.html
For information in Spanish (Espanol), see "Nuevo virus responde a los
mensajes no leidos," DelitosInformaticos.com, 21 May 2004 at
http://www.delitosinformaticos.com/seguridad/noticias/108513217295158.sh
tml
=========================================================
ABOUT THE GILC NEWS ALERT:
=========================================================
The GILC News Alert is the newsletter of the Global Internet Liberty
Campaign, an international coalition of organizations working to protect
and enhance online civil liberties and human rights. Organizations are
invited to join GILC by contacting us at
[log in to unmask]
To alert members about threats to cyber liberties, please contact
members from your country or send a message to the general GILC address.
To submit information about upcoming events, new activist tools and news
stories, contact:
Christopher Chiu
GILC Coordinator
American Civil Liberties Union
125 Broad Street, 17th Floor
New York, New York 10004
USA
Or email:
[log in to unmask]
More information about GILC members and news is available at
http://www.gilc.org
You may re-print or redistribute the GILC NEWS ALERT freely.
This edition of the GILC Alert may be found on the World Wide Web under
http://www.gilc.org/alert/alert85.html
and on the Human Rights Education Associates (HREA-a GILC member)
website via
http://www.hrea.org/lists/huridocs-tech/markup/maillist.php
To subscribe to the Alert, or to change your subscription options
(including unsubscribing), please visit
http://mail.2rad.net/mailman/listinfo/gilc-announce
========================================================
PUBLICATION OF THIS NEWSLETTER IS MADE POSSIBLE BY A
GRANT FROM THE OPEN SOCIETY INSTITUTE (OSI)
========================================================
_______________________________________________
Gilc-announce mailing list
[log in to unmask]
http://mail.2rad.net/mailman/listinfo/gilc-announce
--
This message has been scanned for viruses and dangerous
content by the NorMAN MailScanner Service and is believed
to be clean.
The NorMAN MailScanner Service is operated by Information,
Systems and Services, University of Newcastle upon Tyne.
************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************
|
