Had a briefing from Iomega last evening, and the firm is making some inroads, it seems, in the data storage game. I'm impressed with the "Rev" line of cartridge-based storage; the twist here is the motor is inside the cartridge, which means no opportunity for contamination to get in via the spindle opening. Geek types — and those who lost important data — will understand.

Also coming, in about a month or so, is a USB- and eSATA-based (STET) storage device to hang off of your TiVO or similar Digital Video Recorder, allowing you to add about 500 Gigabytes of storage. I'm told that you can't, easiily, take the expansion drive and transfer the data to a computer, but I am sure that some hacker somewhere will post a fix via Slashdot or some similar online forum.

Adding space for all the episodes of The Tudors has its appeals, even if DRM-hacking might give Hollywood fits. When/if/as Iomega provides a unit for review (and not for my reverse engineering!), you'll see a review, I promise.

— Mark Kellner, The Washington Times

Others may be (justly) excited about the opening of a new baseball stadium in D.C., but my "inner nerd" gets as excited as Chris Matthews at a Barack Obama victory speech when I read the following:

The Library of Congress and Terremark Federal Group, Inc., a subsidiary of Terremark Worldwide, Inc., today announced that the company will be hosting the Library's new interactive Web site, myLOC.gov, the companion to the new onsite Library of Congress Experience that launches April 12.

The immersive site, myLOC.gov, has interactive features that mirror the Library of Congress Experience in the Thomas Jefferson Building. The site will leverage Terremark's Highly Managed Hosting. The newly redesigned Web site will provide visitors with a highly interactive and educational experience, while also serving as a central repository for related digital content.

"Technology and interaction with historical artifacts are crucial to engaging the imagination and critical-thinking skills of young people, which is why this partnership with Terremark is so important to our mission of making our unparalleled collections more broadly accessible and creating lifelong learners," said Librarian of Congress James H. Billington.

"The Library of Congress chose Terremark based on its reputation for delivering top-quality services coupled with highly secure facilities — all of which many critical federal agencies depend upon," said Jo Ann Jenkins, the Library's chief operating officer.

The Library is expecting more than three million new user accounts on myLOC.gov within the first year, with millions of physical visitors to the interactive kiosks in the Jefferson Building, making Terremark's services vital to delivering virtual hands-on interaction with the Library of Congress Experience.

"We view the solutions we will provide the Library of Congress as a great service to the nation and an opportunity to help bring the Library's vast collections to the fingertips of Americans everywhere," said Manuel D. Medina, chairman and CEO of Terremark Worldwide.

The new Experience offers a series of immersive exhibits exploring the Early Americas, telling the story of the documents and words that created the American republic, featuring the original library of Thomas Jefferson that founded the Library of Congress, and showcasing the beautiful art and architecture of the Jefferson Building itself. Highlights include Jefferson's original rough draft of the Declaration of Independence with handwritten edits, Martin Waldseemuller's 1507 map that was the first document to use the word "America" and the Gutenberg Bible.

"We are very proud to have the opportunity to work with the Library of Congress," said Jamie Dos Santos, president and chief executive officer of Terremark Federal Group. "Our team is eager to play a key role in hosting myLOC.gov, which we see as an extension to the many priceless collections so important to the history of our country and to scholars the world over."

The Library of Congress Experience opens to the public on Saturday, April 12, with celebratory programming from 11 a.m. to 5 p.m. at the Thomas Jefferson Building, 10 First St., SE, Washington, D.C., 20540. The myLOC.gov site will launch simultaneously. For more information on the Library of Congress Experience, visit www.loc.gov/experience/.

The acceptance of this gift is subject to the approval of the Library of Congress Trust Fund Board.

The Library of Congress, the nation's oldest federal cultural institution, is the world's preeminent reservoir of knowledge, providing unparalleled integrated resources to Congress and the American people. Founded in 1800, the Library seeks to spark the public's imagination and celebrate human achievement through its programs and exhibits. Many of the Library's rich resources and treasures may also be accessed through the Library's Web site www.loc.gov.

I'm happy for the Terremark folks, but the bottom line here is that one week from Saturday, more people will be able to access the treasures of the Library of Congress, a building whose collections inspire awe whenever I'm there. Check it out, and, in my opinion, count it as one of the more worthy expenditures of our tax dollars.

— Mark Kellner, The Washington Times

If you're into scary stories, check out the sad tale of
Simon Bunce, a Britisher who was accused of purchasing child pornography
online, even though he was innocent. It turns out that his credit card
info was stolen from an online shopping site (Mr. Bunce doesn't say
which one), and used from an Internet address in Indonesia at the same
time that he was paying a dining bill in Britain.

He lost a $250,000-a-year job, and contact with his father and
siblings, who at first, apparently, believed the worst. Mr. Bunce's
wife, Kim, stood by him. Once his name was cleared, family relations
were restored (with, I'd like0 imagine, some nice birthday gifts
ensuing) and Mr. Bunce is now selling computer security products.

Care, concern, caution -- all are necessary in the online world, and
this story is a stark reminder. All things considered, I escaped
lightly when I suffered a spot of online bother.

Hat tip to FoxNews.com for the initial link to this tale.

Just when you thought it was safe...

As Americans do their taxes, a majority are unaware that they may be putting personal and financial information required on tax returns in jeopardy. According to a recent survey by Sharp Electronics Corporation, almost half of all Americans are unaware of the danger of using insecure public copiers and printers, leaving themselves at risk for data theft if a copier is not equipped with data security measures. The survey, conducted by Roper on behalf of Sharp in February, polled 1,004 adults regarding their perceptions of digital copier security.

Another survey item of note indicated that 60 percent of Americans don't know about the ability of a digital photocopier to store a document image on the hard drive, which could be later retrieved by a hacker.

"Tax season is here and many Americans appear not to be aware of the risk they take when making copies in public or at their office," said Ed McLaughlin, president, Sharp Imaging and Information Company of America. "Secure copiers can scramble data after every image is copied. We take pride in offering one of the most comprehensive approaches to MFP security across the widest range of products, and the more we educate consumers and businesses to the risks, the more likely they will be to protect themselves against data theft."

Personal and financial information is at risk when highly confidential forms containing Social Security numbers, Employer Identification Numbers, personal finance and even sensitive health information are duplicated on a copier that is not equipped with appropriate data security measures. Images of the documents can remain on the unit's hard drive indefinitely. This practice puts personal financial information at risk of theft by anyone with access to the copier's hard drive, or anyone with basic hacking abilities. When leased copiers are replaced and re-sold, they are an easy target for hackers. Additionally, in many businesses, a security breach can also occur via network connections, since MFPs are often linked to the network.

According to Paul DeMatteis, senior adviser on Corporate Security Programs, Office of Continuing and Professional Studies at John Jay College of Criminal Justice, information can be retrieved after equipment is traded in or discarded. "Companies purchasing secondhand equipment have reported finding considerable amounts of confidential data on their new machines," he says. "The same information can be obtained from your local network or the Internet if the unit sits on a network and is not appropriately protected."

The Sharp survey showed that a large majority of Americans feel their tax professional should secure their personal tax information when it is copied or printed. Nearly all respondents — nine in ten Americans — felt their tax preparer should be required to protect their personal information. And three in four Americans who have their taxes prepared by a professional feel their tax preparer's copier or printer should be secure.

Now, to be sure, there's a lot behind this: Sharp wants to promote its copiers, which presumably have anti-hacker data protections. And, I imagine it would take some dedication and ingenuity to break into a copier's hard drive and get all the images, then sort them and find your tax return. But, still, it's something to think about, and perhaps query your accountant about.

— Mark Kellner, The Washington Times

This just in, from the folks at Symantec Corp., underscores the need for vigilence online, as well as off-line!

The latest Internet Security Threat Report (ISTR), Volume XIII released today by Symantec Corp. (Nasdaq: SYMC) concludes that the Web is now the primary conduit of attack activity, as opposed to network attacks, and that online users can increasingly be infected simply by visiting everyday Web sites. The report is derived from data collected by millions of Internet sensors, first-hand research and active monitoring of hacker communications and provides a global view of the state of Internet security.

In the past, users had to visit intentionally malicious sites or click on malicious email attachments to become a victim of a security threat. Today, hackers are compromising legitimate Web sites and using them as a distribution medium to attack home and enterprise computers.

Symantec noticed that attackers are particularly targeting sites that are likely to be trusted by end users, such as social networking sites.

Attackers are leveraging site-specific vulnerabilities that can then be used as a means for launching other attacks. During the last six months of 2007, there were 11,253 site specific cross-site scripting vulnerabilities reported on the Internet; these represent vulnerabilities in individual Web sites. However, only 473 (about 4 percent) of them had been patched by the administrator of the affected Web site during the same period, representing an enormous window of opportunity for hackers looking to launch attacks.

Phishing also continues to be a problem. In the last six months of 2007, Symantec observed 87,963 phishing hosts — computers that can host one or more phishing Web sites. This is an increase of 167 percent from the first half of 2007. Eighty percent of brands targeted by phishing attacks during the study period were in the financial sector.

The report also found that attackers are seeking confidential end-user information that can be fraudulently used for financial gain and are less focused on the computer or device containing the information. In the last six months of 2007, 68 percent of the most prevalent malicious threats reported to Symantec attempt to compromise confidential information.

Finally, attackers are leveraging a maturing underground economy to buy, sell and trade stolen information. This economy is now characterized by a number of traits common in traditional economies. For example, market forces of supply and demand have a direct impact on pricing. Credit card information, which has become plentiful in this environment, accounted for 13 percent of all advertised goods — down from 22 percent in the previous period and sold for as low as $0.40. The price of a credit card in this underground market is determined by factors such as the location of the issuing bank. Credit cards from the European Union, for example, cost more than those from the United States; this is most likely due to the smaller supply of cards circulating in the E.U which makes the card more valuable to a criminal. Bank account credentials have become the most frequently advertised item making up 22 percent of all goods and selling for as little as $10.

ADDITIONAL KEY FINDINGS
In 2007, Symantec detected 711,912 new threats compared to 125,243 in 2006 — an increase of 468 percent; this brings the total number of malicious code threats detected by Symantec to 1,122,311 as of the end of 2007.
Symantec measured the release of both legitimate and malicious software during a portion of the reporting period and found that 65 percent of the 54,609 unique applications released to the public were categorized as malicious. This is the first time Symantec observed malicious software outpacing legitimate applications.
Theft or loss of a computer or other device made up 57 percent of all data breaches during the last half of 2007 and accounted for 46 percent of all reported breaches in the previous reporting period.
Government was the top industry sector for identities exposed, accounting for 60 percent of the total, an increase from 12 percent in the previous reporting period.
A full identity can be purchased in the underground economy for as little as $1.

The bottom line: You need to be careful on the Internet, today and every day!

— Mark Kellner, The Washington Times

Take a look at the screen below:





You would think this is a legitimate login site for Western Union, and you would have come to this by clicking on an e-mail link promising you $30 for taking a survey, and a chance to win $600. There's even a security verification code for you to type in, to make sure you're a legitimate user!

Now, take a closer look, specifically at the page heading and the Web address:

It doesn't read "www.westernunion.com," but rather "www.westernunionon.com." If you weren't careful, you might not notice the extra "on" in the Web address.

This is what's known as a "spoof" Web site, designed to collect your personal information for identity thieves. It's totally fraudulent, but slick enough to trap the unwary.

President Reagan used the phrase "trust but verify" so many times, I recall hearing, that former Soviet premier Mikhail S. Gorbachev would gag on hearing the words. Well, my apologies to Gorbachev, but Reagan was right then — and he leaves us an important lesson for cybersurfing today, except that I would turn it around: Verify, then trust.

— Mark Kellner, The Washington Times

If you'll pardon my poor grammar about how the attached image "cleans up good," I'd like to make a small point: the Apple Inc. iPhone really does take decent pictures. The image, of a piece of furniture I wanted to show my wife (taken at a certain, Sweden-born home furnishings chain), is only 72-dots-per inch, which is great for the Web but not necessarily great for print.

However, it's more than good enough to show someone something, and when I zoomed in on the descriptive price tag, I could read the product name and some other details quite well. This isn't epochal, I know, but given the overall size of the furniture item, the dynamics of the iPhone camera, and the probability of getting anything useful with a different device of similar size, I have to say hats off to
Apple for yet another nice iPhone bonus.

— Mark Kellner, The Washington Times

I'm sitting in the Qwest Business Center at Denver International Airport. And I'm thinking of a new slogan for United Airlines. Instead of "It's time to fly," the slogan should be "It's time to sit and wait." That's because United had not one, not two, but three cancellations at Denver at the noon hour today, Friday, April 18th. It's pushing back my ultimate arrival by about seven hours, including a three-hour drive from where I am landing instead of the nearer one where I wanted to land. The only good aspect of this is having the use of the business center, with free high-speed Internet, and electricity for my laptop and iPhone. The chair is a bit uncomfortable, but it beats propping up at a gate and hunting for an outlet.

It must have been tough being a United customer service rep today; the triple cancellations brought all sorts of cranky people to the line, including this writer. If it weren't a Friday afternoon, I'd be more sanguine, but hustling around unfamiliar territory on a Friday night isn't my idea of fun. Add to that the option of "luggage roulette" — my suitcase is promised to join me, but who knows at this point! — and you can imagine the excitement.

The positive addition of the business center makes things a tad more bearable. And, for its part, United is trying to make life easier by offering an outgoing voice mail, e-mail and text message service alert you to delays and changes. Too bad they couldn't keep the planes going, at least today.

(Of course, those caught in the American Airlines fiasco last week have every right to sneer at my lesser travails. But I wonder if there isn't going to be a large hue and cry among the flying public, or at least a migration to carriers such as Southwest, which seem much more reliable, at least if recent experience is any guide.)

— Mark Kellner, The Washington Times

Longtime travelers will recognize that Denver International Airport, or DIA, is not the legendary old Stapleton airport, which served Denver for many years. Having another 90 minutes before I can even think of boarding United 1189 to Spokane, I've been playing around with things. Some (possibly inconsequential) observations:

The always-interesting Apple Insider Web site — an independent news outlet for all sorts of Mac-themed speculations — has an interesting article about the possibility that new anti-Phishing measures being contemplated by the PayPal financial transaction network may — and I would emphasize may — block users of Safari, Apple's super-popular Web browser, from accessing the service.

If that were to happen, it's anticipated that the Mozilla Org.'s Firefox could fill the bill.

However, as the Apple Insider report indicates, this may become an issue for Mac users. My guess is that it won't, that Apple, Inc. — the "real" Apple, as it were — will figure out a way to work cooperatively with service providers such as PayPal. Eliminating phishing is, after all, in everyone's interest.

— Mark Kellner, The Washington Times

Just as I was ready to depart the Qwest Business Center at Denver International, a disturbing rumor: the telecom firm may disconnect its business center at the airport, since it isn't making money on high-speed Internet. (The free Wi-Fi mentioned in earlier Tech Blog entries has cut into Qwest's business, it appears.) The firm has reportedly been threatening to pull the plug; now, I'm told by a source, it may be curtains at the end of July.

There's just one bad element of that timing: the Democratic National Convention hits the mile-high city in August, and Net connections will be at a premium, even here at the airport. Perhaps they'll reconsider.

— Mark Kellner, The Washington Times

A tip of the hat goes to veteran tech journalist Dan Farber of C-Net, whose blog entry notes a spoof of Apple's very nice MacBook Air advertisement. Noting some of the technical limitations of the MacBook Air, such as its lack of a built-in optical media drive, Lenovo says their X300 ultra-thin is a better deal — albeit one whose list price is about $1,200 more than the MacBook Air.

What Lenovo won't trumpet is that for the $3,000 you spend with them, you're still getting a notebook running a Microsoft Windows operating system. That's not terrible, but Mac enthusiasts will turn up their nose at such a notion.

Also missing from the Lenovo parody — which is a bit clever — is a song as nice as Yael Naim's "New Soul" which accompanied the MacBook Air ad and which, by clicking on the link embedded in the song title, you can watch for free via YouTube.

— Mark Kellner, The Washington Times