Tech File: Teens need to know online actions have consequences

By Larry Magid
Special to the Mercury News

Article Launched: 07/23/2007 01:34:39 AM PDT

var requestedWidth = 0;

if(requestedWidth > 0){ document.getElementById(‘articleViewerGroup’).style.width = requestedWidth + “px”; document.getElementById(‘articleViewerGroup’).style.margin = “0px 0px 10px 10px”; } News has recently surfaced about an unpublished government study that suggests that 85 percent of offenders imprisoned for trafficking in online child pornography may have also sexually molested minors. Thursday, the New York Times reported that psychologists from Federal Bureau of Prisons based their findings on interviews with 155 male inmates who were undergoing voluntary treatment.

It’s important to point out that this is a small study of imprisoned convicts and not necessarily representative of all people who look at child porn. But even if these numbers turn out to be a bit fuzzy, the implications are astounding.

The National Center for Missing and Exploited Children, whose board I sit on, has long argued that child pornography can be used to “normalize” sexual exploitation of children in a way that makes engaging in sexual relationship with kids somehow seem a bit more OK. Child porn is also used to break down inhibitions in children and, of course, the production of child porn is in itself an act of exploitation both in terms of what the child goes through and the potentially lifelong trauma associated with being displayed in photos and videos.

Nancy Willard, author of “Cyber-Safe Kids, Cyber-Savvy Teens,” says that she has seen reports that “people who engage in this type of abuse are forming online support communities where they justify and rationalize their activities.” Some perpetrators, she says, “are rationalizing their behavior as supporting the rights of children to have sex with adults.”

She also points out that in virtually all cases the children and adults know each other. So, while the Internet plays a major role in the dissemination, distribution and perhaps demand for child pornography, the actual exploitation takes place the old fashioned way – in homes and other physical locations. Sadly, there are many cases where a parent has been arrested for abusing his or her own children.

No matter how you look at it, production, distribution and consumption of child porn harms children. It’s entirely appropriate for law enforcement to crack down on it and it’s equally important for all of us to make sure that it’s not tolerated in our homes, workplaces and communities.

Another source of child pornography is where children and teens are asked to provide sexually explicit photos of themselves. A report in the Journal of Adolescent Health, published July 20, observes that one in 25 youths “reported an online request to send a sexual picture of themselves during the previous year.” The researchers interviewed 1,500 Internet users between the ages of 10 and 17. Sixty-five of the youths (4 percent) received such a request, but the good news is that only one youth in that sample complied – that’s 1 out of a total of 1,500 people interviewed. In other words, kids appear to be more cyber-savvy than some adults give them credit for.

Children who do post, e-mail or simply create sexually explicit photos of themselves are technically in violation of child porn laws. I spoke at a religious school in Los Angeles a few years ago right after the teenage daughter of one of the congregation’s leaders had been arrested for posting sexually explicit pictures of herself and her friends on a Web site. I don’t know how that case was resolved but a recent Florida case has resulted in an appellate court upholding child pornography convictions of two teenage lovers for creating and distributing what is technically considered to be child porn.

By a 2-1 vote, the court in February upheld the child porn convictions of a 16-year-old girl and 17-year-old boy who had reportedly taken pictures of themselves engaged in “sexual behavior.” Although neither teen shared the pictures with others, they did e-mail photos to themselves which, technically constitutes distribution.

The court concluded that neither child “had a reasonable expectation that the other would not show the photos to a third party” and pointed out that they “have no reasonable expectation that their relationship will continue and that the photographs will not be shared with others intentionally or unintentionally.”

Although I abhor the notion that these kids would be arrested, tried and convicted for their indiscretions, I do agree with the court’s cautionary remarks. Regardless of age, people should be careful about digital images or anything else that can be stored, posted or forwarded. Miss New Jersey, Amy Polumbo, found that out earlier this month after photos of her “not acting in a ladylike manner” were anonymously sent to pageant officials. Of course she was over 21 and the pictures, while racy, were not even close to being pornographic. But the matter illustrates how easy it is for “private” digital images to become public.

When it comes to child porn, I think it’s appropriate that the legal system go after adults who knowingly exploit children and put everyone on notice that distributing or even viewing pictures of children having sex is not only illegal but harmful. When it comes to teens, the best medicine is education – they need to understand that even seemingly innocent indiscretions can have long term consequences.

Kids also need to know that they have the power to protect themselves and avoid dangerous or just plain stupid online behaviors. Based on the results of the recent surveys, they appear to be getting that message.

SunRocket leaves void for callers on Internet

By Matt Richtel
The New York Times

Waiting for an important phone call can be stressful. As Marshel Emery can attest, it is doubly so when your phone company has just ceased to exist.

Emery, 33, low on funds and with three children to support, recently applied for jobs at several law enforcement agencies in Tennessee. But his phone service is provided by SunRocket, an Internet telephone company that went out of business without warning last week, leaving its roughly 220,000 customers in the lurch.

Some have no service. Others still do, but like Emery they have been told that it could be cut off at any moment.

Although SunRocket was tiny by the standards of the telecommunications industry, it has ensured itself a place in the history of the digital era by being the first significant Internet telephone provider to go out of business. Its collapse raises questions about what responsibility such companies have to their customers–and about how they should be regulated, given how essential many people consider phone service to be.

“It’s your lifeline. It’s your food line,” said Emery, who lives in Lawrenceburg, Tenn. “If you’re going to pull somebody’s phone line, they should know about it.”

The SunRocket meltdown was further complicated because many customers paid $199 upfront for a year of unlimited service, and it is not clear if any of them will receive a refund.

The sudden disappearance of a phone company would have been unthinkable in the past, when telephone service was treated as a veritable unalienable right, like electricity, and being a phone company usually meant owning a physical network of switches, cables and poles.

Standard telephone companies are required to give customers notice if they plan to stop service. But companies like SunRocket that use the infrastructure of the Internet to transmit calls do not have to give such notice. They fall into a bit of a regulatory no man’s land in which they are required to adhere to some traditional requirements, such as building their systems so customers can get 911 service and law enforcement can get easy access to data, but they are free of many other regulations, particularly at the state level.

Many industry analysts and former policy makers said the absence of broad regulations was, to a large extent, desirable because it would allow the emerging Internet phone industry to develop. While these experts said the SunRocket shutdown was clearly a big problem for customers, they said it might not justify a spate of new regulation. One important difference between the current telecommunications era and years past is that most people now have a cell phone as a backup.

The SunRocket shutdown “does point out that there’s some need for either protection or education–I’m not sure which is the right one,” said John Nakahata, former chief of staff for the Federal Communications Commission and now a Washington lawyer focusing on telecommunications.

Nakahata said the FCC may have its own uncertainty, given that it has not made a clear decision about whether to lump Internet telephone providers in with traditional companies.

Ultimately, the consumer has to learn to factor in, how stable is this entity I’m entrusting with my phone service?” he added, noting that nevertheless, for SunRocket, “there was a much more socially responsible way to handle this.”

Blair Levin, also a former FCC chief of staff and now a Washington-based telecommunications analyst, agreed that the shutdown was unfortunate but said that policies aimed at increasing competition had made company failures more likely.

There are many small telephone companies like SunRocket that are delivering low-cost voice communications over the Internet. Unlike the large regional Bell companies, these start-ups do not control the lines over which communications are sent, which allows them to be smaller and more nimble but also makes them more susceptible to failure.

“Competition has risk, and the risk of a telco going under increases,” Levin said. In terms of highlighting these risks, he added, the SunRocket situation “is a little bit of a shot across the bow.”

The SunRocket collapse comes as small Internet phone companies are struggling but as the broader industry is enjoying explosive growth. At the end of March, there were 10.8 million Internet phone subscribers in the United States, nearly double the 5.7 million a year earlier, according to TeleGeography Research, a market research firm.

But cable companies are enjoying the biggest growth in the market. In the first quarter of this year they added 1.1 million subscribers, compared with 255,000 by start-up companies. The biggest stand-alone provider is Vonage, which has about 2.4 million subscribers, but it has faced its own challenges, and a steadily falling stock price, in the face of marketing pressure by the deep-pocketed cable companies.

SunRocket, which was founded in 2004 and had headquarters in Vienna, Va., announced last Tuesday that it had pulled the plug. Earlier there were rumors circulating among industry analysts and journalists, but no concrete warnings. In April, the company announced that it had attracted 200,000 customers.

SunRocket’s chief executive, Lisa Hook, had not answered e-mail messages or phone calls since the collapse. Mayfield Fund, one of the venture capital firms that backed the company, did not respond to an e-mail message seeking comment about whether customers should have been notified earlier.

Martin Pichinson, a partner with Sherwood Partners, which is managing SunRocket’s liquidation, said the company was closed because it did not reach profitability soon enough. He said that helping SunRocket’s customers was his first priority, and that SunRocket was striking deals to move subscribers to other providers of phone service.

A handful of Internet telephone companies have been pursuing SunRocket subscribers, and SunRocket has begun directing customers to two providers, TeleBlend and 8×8, which markets its service under the Packet8 name.

The TeleBlend offer in particular has raised concerns among some former SunRocket customers since TeleBlend appears to be a new company that offers little background information on its Web site, and has a phone number similar to that of SunRocket. Pichinson did not return a call seeking more information about the company.

The way that SunRocket handled its shutdown enraged many customers, some of whom vented online. Some customers said they were having trouble moving their phone numbers to another service, raising fears that they might lose numbers they had been using for years.

“To think that a company like SunRocket, without any notice or warning, can leave 200,000 customers high and dry is just unacceptable,” Art Tedeschi of DeSoto, Texas, said in an e-mail message last week. “Let’s face it: the demise of SunRocket didn’t just happen between last Friday and today. And the people who knew this was coming should be called in to account for their despicable behavior.”

More broadly, some customers said the biggest lesson of SunRocket was not to pay for service in advance.

“I never again want to give upfront money to corporate America,” said Larry Egan, 68, a retiree who lives outside Orlando, Fla. Already a SunRocket customer for a year, he was charged about $220 (the annual fee plus taxes) last month for a second year of service.

Now, Egan said, he plans to move his service to AT&T or some other traditional company. “I want to avoid anything that has to do with growth technology companies,” he said.

IPhone vulnerable to hackers

By John Schwartz, New York Times News Service  |  July 23, 2007

A team of computer security consultants say they have found a flaw in Apple’s popular new iPhone that allows them to take control of the device.

The researchers, working for Independent Security Evaluators, a company that tests its clients’ computer security by hacking it, said that they could take control of iPhones through a WiFi connection or by tricking users into going to a website that contains malicious code.

The hack, the first reported, allowed them to tap the wealth of personal information the phones contain.

Although Apple built considerable security measures into its device, said Charles A. Miller, the principal security analyst for the firm, “Once you did manage to find a hole, you were in complete control.” The firm, based in Baltimore, alerted Apple about the vulnerability and recommended a software patch that could solve the problem.

A spokeswoman for Apple, Lynn Fox, said, “Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users.”

“We’re looking into the report submitted by ISE and always welcome feedback on how to improve our security,” she said.

The company said there was no evidence that this flaw had been exploited or that users had been affected, and it knew of no other exploits of this nature.

Miller, a former employee of the National Security Agency who has a doctorate in computer science, demonstrated the hack to a reporter by using his iPhone’s Web browser to visit a website of his own design.

Once he was there, the site injected a bit of code into the iPhone that then took over the phone. The phone promptly followed instructions to transmit a set of files to the attacking computer that included recent text messages — including one that had been sent to the reporter’s cellphone moments before — as well as telephone contacts and e-mail addresses.

“We can get any file we want,” he said. Potentially, he added, the attack could be used to program the phone to make calls, running up large bills or even turning it into a portable bugging device.

Steven M. Bellovin, professor of computer science at Columbia University, said, “This looks like a very genuine hack.” Bellovin, who was for years a computer security expert at AT&T Labs Research, said the vulnerability of the iPhone was an inevitable result of the long-anticipated convergence of computing and telephony.

“It’s not the end of the world; it’s not the end of the iPhone,” he said, any more than the regular revelations of vulnerabilities in computer browser software have killed off computing. “It is a sign that you cannot let down your guard. It is a sign that we need to build software and systems better.”

Details on the vulnerability, but not a step-by-step guide to hacking the phone, could be found at .exploitingiphone.com, which the researchers said would be unveiled today.

Hackers around the world have been trying to unveil the secrets of the iPhone since its release last month; most have focused their efforts on unlocking the phone from its sole wireless provider, AT&T, and getting unauthorized programs to run on it. The iPhone is a closed system that cannot accept outside programs and can be used only on the AT&T network.

The Independent Security Evaluators researchers cracked the phone’s software in a week, said Aviel D. Rubin, the firm’s founder.

Rubin said the research was not intended to show the iPhone was necessarily more vulnerable to hacking than other phones.

“Anything as complex as a computer — which is what this phone is — is going to have vulnerabilities,” he said.

© Copyright 2007 Globe Newspaper Company.

Microsoft lays down privacy challenge to Google

Tom Young, Computing 23 Jul 2007

Microsoft is giving users greater control over what the company does with information it gathers about their online behaviour.

According to an updated privacy policy unveiled today, the software giant will let its customers decline advertisements tailored to their web surfing habits. The company will also anonymise cookies – which contain information about internet use – after 18 months.

‘What’s really different with our offering is what we mean by anonymisation. Anonymous should mean anonymous,’ said Brendon Lynch, director of privacy strategy at Microsoft.

The move comes as internet rival Google faces increasing pressure from Brussels to cut the time it holds users’ search information. The EU working party on Data Protection wants the firm to go further than its current offer of a two-year lifespan for its cookies – a measure that would only be effective if the user never visited Google again.

The Federal Trade Commission in the US is currently investigating claims that Google’s planned $3.1bn (£1.5bn) purchase of DoubleClick gives it access to too much information about internet users’ searching and browsing habits.