RIM Under Pressure

Research in Motion said Monday it will work with Indonesia's carriers to filter out pornography websites as soon as possible for BlackBerry subscribers.

Internet service providers are required by law to block pornographic content, said Heru Sutadi, commissioner of Badan Regulasi Telekomunikasi Indonesia (BRTI), the telecommunications regulator in the country. If RIM does not block pornographic sites, Indonesia may consider blocking the service, Sutadi said.

Tifatul Sembiring, Indonesia's minister of communications and information, had warned of legal action if RIM did not filter pornographic web sites, according to media reports.

RIM said in its statement that it shares Sembiring's sense of urgency on the matter and that it is fully committed to working with Indonesia's carriers to put in place "a prompt, compliant filtering solution for BlackBerry subscribers in Indonesia."

A meeting between RIM and the government is scheduled for Jan. 17. “We hope RIM will be compliant by then,” Sutadi said.

The BRTI is also pressing RIM on an earlier demand that RIM should install a server in Jakarta so that domestic communications traffic does not go out of the country, Sutadi said. It also wants access to some of the communications for security reasons.

RIM is already under pressure in India to allow the country's security agencies access to communications on its services. The company has agreed to provide lawful access under certain conditions to traffic in India on the BlackBerry Messenger service, but said that it does not have the technical ability to provide its customers' encryption keys for its corporate service, the BlackBerry Enterprise Server.

This post contains excerpts from the NetworkWorld article, RIM to block access to pxxx on Blackberry in Indonesia, by John Ribero, January 10th, 2011.

HP Beats Lockheed For $2.5B NASA ACES

HP Enterprise Services won a $2.5 billion NASA contract to manage, secure and maintain its IT infrastructure across all of the agency’s research and flight centers. The program is called Agency Consolidated End-User Services, or ACES, and stretches out over 10 years.

The contract is a firm-fixed-price, task order contract with a four-year base period with two three-year option periods. The contract will be managed at the NASA Shared Services Center (NSSC) in Mississippi.

“The NASA contract is very important for HP and we are honored to have been selected," said Dennis Stolkey, senior vice president, HP Enterprise Services, U.S. Public Sector.

According to a source at NASA, only HP Enterprise Services and Lockheed Martin were in the final stages of the bidding. Lockheed Martin confirmed this to Washington Technology and offered a statement on the bidding.

“Our team is disappointed that NASA selected another solution to perform its consolidated end-user services," a spokesperson for Lockheed Martin said. "We submitted a ‘best-value’ solution based on our knowledge of the program and our understanding of NASA’s mission. We continue to serve NASA on other contracts. "

The ACES contract is NASA’s solution to develop a long-term outsourcing arrangement with the commercial sector to provide and manage most of NASA's personal computing hardware, agency-standard software, mobile IT services, peripherals and accessories, associated end-user services, and supporting infrastructure.

The contract award is part of the final stages of the restructuring of NASA's departmentwide IT infrastructure. ACES is one of five "towers"of the agency's IP3 IT overhaul (the desktop/end user component). With the $2.5 billion award, the project has passed the halfway mark for the reported $4.3 billion dollar project.

Previously, a lot of NASA's managed services had been provided through the Outsourcing Desktop Initiative for NASA (ODIN) contract that was awarded to Lockheed Martin and had been in place for the last 10 years. Most of what was managed through ODIN will now be moved to the ACES project.

"The majority of ODIN will transfer to the ACES project," said Mike Sweigart, director of procurement at NASA's Shared Services Center. "Anything that plugs into a wall, multifunctional devices, mobile, smart phones, virtual seats ... ."

The center opened in 2006 on the grounds of NASA’s Stennis Space Center near Kiln, Miss. It is a public/private initiative between NASA and Computer Sciences Corp. Its purpose is to consolidate NASA activities from all NASA centers in the areas of financial management, human resources, IT and procurement.

This post is excerpted from the Washington Technology article, HP comes up ACES with $2.5B NASA win, January 3rd, 2011.

TIGR: Tactical Ground Reporting System

TIGR is a Web-based information-sharing system that is available on secure laptops and allows soldiers to continuously update and add information about the areas where they are deployed. The system makes it simple to add notes, identify trouble spots, and update information on current maps and satellite imagery using the kind of map-based tools and social messaging media common to the Web.

But its primary advantage has been in enabling troops who head out on new assignments to benefit from the findings of previous patrols. The rapid adoption of TIGR in the battlefield resulted in the system being developed more quickly and effectively than traditional military technology.

The system achieved Army-wide acceptance in just two years and is now in use by more than 50,000 soldiers, developers say. And it is now on track for delivery from DARPA to the Army as an enduring capability. Scheduled for delivery to the Army at the end of a two-year development plan, it will become a program of record, according to sources familiar with the situation authorized to speak on background only.

Efforts for further implementation are ramping up as the military looks to create a nonclassified version of the Secure IP Router Network-based system and fold in new capabilities.

For more, visit the Defense Systems article, TIGR keeps troops in the field safer, by Amber Corrin.

A Fraud By Any Other Name...

Microsoft Corp. has filed two lawsuits this week in the U.S. District Court for the Western District of Washington detailing evidence of an emerging form of click fraud in online advertising the company has dubbed “click laundering.” One lawsuit is a John Doe suit alleging that unidentified defendants engaged in this activity; the other lawsuit names Web publisher RedOrbit Inc. and its president, Eric Ralls, as defendants.

Click laundering, a previously unknown form of pay-per-click (PPC) advertising fraud, was uncovered by Microsoft investigators following dramatic and irregular growth in click traffic on two sites within its Microsoft adCenter network. Investigators believe that had the click laundering scheme gone undetected, the perpetrators could have defrauded advertisers of hundreds of thousands of dollars.

“Online ad fraud is evolving in sophistication all the time. Fighting it demands vigilance and dedication to an honest and secure online marketplace. We believe that a trusted marketplace is critical to Internet commerce, and Microsoft will continue to take aggressive action working with industry and law enforcement to protect our platforms, customers and advertisers,” said Brad Smith, senior vice president and general counsel for Microsoft.

PPC fraud, also known as click fraud, is a type of Internet fraud in online advertising that occurs when a person, automated script or computer program imitates a legitimate website visitor by clicking on an ad to generate a charge-per-click without having actual interest in the target of the ad’s link. Microsoft adCenter monitors click traffic carefully to prevent advertisers from being charged for non-valid clicks, and Microsoft has been active in investigating and taking action against click fraud when found, including taking legal action where necessary.

Click laundering is a newly uncovered form of click fraud in which technical measures are used to make invalid ad clicks appear to originate from legitimate sources. It is analogous to money laundering in which the origin of illegal profits is disguised as legitimate. Click laundering attempts to avoid fraud detection systems that have been put in place by the ad platform — in this case, Microsoft adCenter — to protect online advertisers. Through various means, including malware programs, fraudsters are able to trick innocent Internet users into visiting websites where they unknowingly click on advertisements. Click launderers also can further disguise the origin of those invalid clicks by using scripts and other methods to alter information that is sent to the ad platform.

Microsoft is filing these lawsuits to help protect its ad platform and promote the integrity of online advertising for the benefit of all legitimate advertisers, to stop the fraudulent behavior, and to recover the damages caused by the click laundering. These actions are part of an ongoing effort by Microsoft Advertising and the Microsoft Digital Crimes Unit to work with others across the industry to identify and address emerging threats to the integrity of the online advertising ecosystem through technical and legal means. This week, Microsoft closed another lawsuit the company filed in 2009 regarding click fraud in auto insurance verticals and World of Warcraft, following a successful settlement with defendant Eric Lam. Terms of the settlement are confidential, but the lawsuit successfully brought the click fraud activities described in the complaint to an end and helped Microsoft further refine and evolve its approach to combating click fraud. Such cases demonstrate the evolving nature of fraud in online advertising and the need for ongoing investments across the industry to maintain a healthy Internet marketplace.

This post contains excerpts from the Microsoft News Center article, Microsoft Investigators Uncover Emerging Form of Click Fraud, May 19th, 2010.

X-37B and Prompt Global Strike Launch

At 7:52 p.m., April 23rd, an Air Force Atlas 501 rocket shot the capsule enclosed X-37B Orbital Test Vehicle into space from Cape Canaveral. Resembling a small space shuttle, the OTV was built in Boeing’s famed Phantom Works.

The OTV will serve as an “on-orbit” laboratory for new sensors and other high-tech devices that will later be built into satellites. Its payload is highly classified, but the Air Force says test flights aboard the retrievable OTV will prove out new technologies before they are shot into space to stay.

The 29-foot OTV is powered by a combination of lithium ion batteries and solar panels. Air Force deputy undersecretary for space programs, Gary Payton, told reporters: “Probably the most important demonstration is on the ground, see what it really takes to turn this bird around and get it ready to go fly again.”

The turnaround goal is 15 days.

As for how long it will stay up there: “In all honesty, we don’t know when it’s coming back for sure,” said Payton. “I don’t think we’ve set any specific goal, but I would think handling this bird more like an SR-71 and less like a routine space launch vehicle would be a good objective,”

With all the focus on the launch of the X-37B, the launch of a Minotaur IV rocket from Vandenberg Air Force base in California received less attention.

The Minotaur IV reportedly carried the prototype of the new Prompt Global Strike weapon that can hit any target around the world in less than an hour.

The PGS is designed as the conventional weapon of the future. Reportedly, it could hit Osama bin Laden’s cave, an Iranian nuclear site or a North Korean missile with a huge conventional warhead.

This post contains excerpts from the DefenseTech article, Air Force Launches Reusable X37-B Spaceship, April 24th, 2010, and The Times article, Launch of secret US space ship masks even more secret launch of new weapon, by Michael Evans, April 24th, 2010.

For more, visit DefenseTech.

Ambassador To Cyberspace

Legislation introduced in the Senate Monday would, figuratively speaking, create a United States ambassador to cyberspace.

The International Cyberspace and Cybersecurity Coordination Act of 2010 would authorize the creation of a senior coordinator at the State Department with the rank of ambassador at large, according to a statement issued by its sponsors, Senate Foreign Relations Committee Chairman John Kerry, D.-Mass., and Sen. Kirsten Gillibrand, D.-N.Y.

"This bill is the first step to better organize U.S. efforts to develop a coordinated strategic approach to international cyberspace and cybersecurity issues by designating a single diplomat responsible for U.S. cyber policy overseas," Kerry said in the statement.

The senior coordinator would be the principal adviser to the secretary of state on international cyberspace and cybersecurity issues and provide strategic direction for federal government policy and programs aimed at addressing cyberspace and cybersecurity issues abroad.

The sponsors said the legislation would ensure the development of a clear and coordinated strategy for international cyber engagement, including the potential negotiation of a multilateral framework to provide internationally acceptable principles to prevent cyberwarfare.

Gillibrand said this measure meshes with another bill she introduced last month., the International Cybercrime Reporting and Cooperation Act, which would use financial incentives to get foreign nations to combat cybercriminals. "Our legislation will make America safer by making our cyber diplomacy more robust, and coordinating with our partners in the international community," she said in a statement.

One of President Obama's cybersecurity priorities in his Cyberspace Policy Initiative outlined last May is to develop a coordinated, international response to global cyber threats.

The Kerry-Gillibrand bill is the latest of a growing number of cybersecurity bills before Congress.

This post is excerpted from the GovInfoSecurity article, Cybersecurity Ambassador, by Eric Chabrow, April 12th, 2010.

The Census

The 2010 Census is underway and you may be wondering about whom you can trust. The Census is easy, important, and safe — just fill out your form and mail it back.

The IC3 and the Better Business Bureau (BBB), a 2010 Census partner, are encouraging participation in the 2010 Census while cautioning consumers to get the facts:

2010 Census takers will never contact you by e-mail or solicit for donations. Do not respond to unsolicited (spam) e-mail or text messages; including clicking on links and/or opening attachments contained within. Criminals often capitalize on legitimate campaigns to spread computer viruses through e-mails, text messages, "pop-ups," fraudulent Web sites, or infected legitimate Web sites. The viruses are embedded in an attachment (including pictures), link, and/or computer application. This also applies to tactics used in social networking sites. Remember, not all anti-virus software detects every virus, especially if the virus is newly created.

Visit 2010.census.gov for official information on the 2010 Census. Beware of groups using a similar name to a reputable agency, especially through Web sites. Rather than following a purported link to the Web site, log on directly to the official Web site for the business identified in the e-mail and/or text. Web sites can be verified by utilizing various Internet-based resources to confirm their status and to obtain feedback.

2010 Census takers will not ask you for your Personally Identifiable Information (PII) such as your social security account number (SSAN), driver's license number, bank account number, or credit card number. Do not provide this type of information to anyone claiming to be a 2010 Census taker. Please be aware, the Census Bureau asks for the last four digits of the respondent's SSAN for one survey: the National Health Interview Survey. This survey touches approx 65,000 housing units per year.

For the 2010 Census, the Census Bureau will hire approximately 1.4 million people. Do not respond to work-at-home opportunities to be a Census taker, especially if the offer is unsolicited and it occurs through e-mail, text, or other indirect means. However, the Census Bureau may contact, in person, trusted third-party stakeholders, such as schools, media, businesses, community-based organizations, faith-based organizations, state, local, and tribal governments to spread the recruiting message. Criminals often use work-at-home scams to commit identity theft by collecting individuals' PII such as their bank account information, SSAN, and driver’s license number. Be wary if someone claiming to be a Census Bureau representative attempts to sign you up as a new employee on the spot. The Census Bureau has a hiring process, which includes taking a test in person, not on-line. To learn more information on what is required to become a census taker, visit http://www.bbb.org/us/article/out-of-work-the-us-census-bureau-is-hiring- nationwide-14365.

If you have information pertaining to a 2010 Census scheme, please file a complaint with the www.IC3.gov and contact your local BBB along with your local law enforcement agency.

The 2010 Census helps ensure your community receives its fair share of political representation and government funding. Fill out and mail back your census form today!

This post is excerpted from the Intelligence Note, 2010 Census, by the Internet Crime Complaint Center [IC3], April 12th, 2010.