Wednesday, June 20, 2007

Locking Down Laptops Before It's Too Late

Article by Bill Watkins / CNet News
Confidential, invaluable business and personal data are at risk when laptop computers are misplaced or stolen. Companies large and small, public and private, are all at risk.

Within the past year, the Veterans Administration lost a laptop holding information on 26.5 million individuals, the Internal Revenue Service (IRS) lost or misplaced 500 laptops, and Boeing reported the theft of a laptop with files that contained Social Security numbers for more than 300,000 of its past and present employees. Unfortunately these incidents are far from unusual. During 2005, 20 percent of all banks, 18 percent of credit card companies, 13 percent of government organizations and 9 percent of health care companies reported data breaches--and that number is growing.

The real and associated costs of data breaches are staggering: In 2006, corporations that experienced a data breach spent an average of $5 million trying to recover data. Customer relationships suffer, too; among consumers that discovered their data had been lost, 20 percent terminated their relationships with the company, another 40 percent considered terminating their relationships, and 5 percent considered legal action. Clearly, something must be done before one of these breaches bankrupts a company or threatens national security.

The government has begun to address the issue with recently enacted legislation. Federal laws such as the Gramm-Leach-Bliley Act and the Health Insurance Portability and Accountability Act (HIPAA) make the security of critical digital content--including the secure disposal of electronic files to end the data lifecycle--a fundamental requirement. On a state by state basis, 29 states thus far have enacted data protection legislation and 28 of these laws have provisions calling for the encryption of digital content. The flaw with current legislation is that it does not specify how to encrypt data--and that's critical. If agencies and companies encrypt their data using software, it's like locking individual car engine components–-time-consuming, expensive and fraught with failure points.

By contrast, hard drive full disc encryption is similar to a car key: it protects everything from the engine to the dashboard with a single mechanism and point of entry. Hard drive full disc encryption is straightforward; it automatically protects every bit of computer data without any human intervention. It makes any data stored on a stolen or lost notebook unreadable and unusable forever. It can also automatically "repurpose" existing laptops or deny access to data when computers reach the end of their useful life. No need to smash a drive with a hammer or use special software to wipe it clean. By simply changing the encryption key on the disc, all stored data is instantaneously rendered unreadable and unusable forever--saving both time and money.

The advantages of hard drive full disc encryption are clear; the dangers of stolen and misplaced laptops are overwhelming. To thoroughly protect sensitive information, government and business organizations must mandate hard drive full disc encryption--especially for mobile workers--to help keep data from falling into the wrong hands. The time to lock laptops down is now.

Tuesday, June 19, 2007

Technology History: The FCC

The United States Federal Communications Commission was created by an act of Congress on June 19, 1934. A month later, seven commissioners and 233 federal employees began the task of merging rules and procedures from the Federal Radio Commission, the Interstate Commerce Commission and the Postmaster General into one agency. Today, the agency employs approximately 1,900 people and has extensive oversight responsibilities in new communications technologies such as satellite, microwave, and private radio communications.

Saturday, June 16, 2007

Encyclopedia Of DNA: New Findings Challenge Established Views On Human Genome

Article from ScienceDaily.com
An international research consortium just published a set of papers that promise to reshape our understanding of how the human genome functions. The findings challenge the traditional view of our genetic blueprint as a tidy collection of independent genes, pointing instead to a complex network in which genes, along with regulatory elements and other types of DNA sequences that do not code for proteins, interact in overlapping ways not yet fully understood.

DNA double helix. (Credit: National Human Genome Research Institute)

In a group paper published in the June 14 issue of Nature and in 28 companion papers published in the June issue of Genome Research, the ENCyclopedia Of DNA Elements (ENCODE) consortium, which is organized by the National Human Genome Research Institute (NHGRI), part of the National Institutes of Health (NIH), reported results of its exhaustive, four-year effort to build a parts list of all biologically functional elements in 1 percent of the human genome. Carried out by 35 groups from 80 organizations around the world, the research served as a pilot to test the feasibility of a full-scale initiative to produce a comprehensive catalog of all components of the human genome crucial for biological function.

"This impressive effort has uncovered many exciting surprises and blazed the way for future efforts to explore the functional landscape of the entire human genome," said NHGRI Director Francis S. Collins, M.D., Ph.D. "Because of the hard work and keen insights of the ENCODE consortium, the scientific community will need to rethink some long-held views about what genes are and what they do, as well as how the genome's functional elements have evolved. This could have significant implications for efforts to identify the DNA sequences involved in many human diseases."

The completion of the Human Genome Project in April 2003 was a major achievement, but the sequencing of the genome marked just the first step toward the goal of using such information to diagnose, treat and prevent disease. Having the human genome sequence is similar to having all the pages of an instruction manual needed to make the human body. Researchers still must learn how to read the manual's language so they can identify every part and understand how the parts work together to contribute to health and disease.

In recent years, researchers have made major strides in using DNA sequence data to identify genes, which are traditionally defined as the parts of the genome that code for proteins. The protein-coding component of these genes makes up just a small fraction of the human genome -- 1.5 percent to 2 percent. Evidence exists that other parts of the genome also have important functions.

However, until now, most studies have concentrated on functional elements associated with specific genes and have not provided insights about functional elements throughout the genome. The ENCODE project represents the first systematic effort to determine where all types of functional elements are located and how they are organized.

In the pilot phase, ENCODE researchers devised and tested high-throughput approaches for identifying functional elements in the genome. Those elements included genes that code for proteins; genes that do not code for proteins; regulatory elements that control the transcription of genes; and elements that maintain the structure of chromosomes and mediate the dynamics of their replication.

READ MORE...

Thursday, June 14, 2007

Fed's 'Operation Bot Roast' Reveals 1 Million Victims

As the FBI and the DOJ investigated botnet operators, they began amassing a list of the alleged botnet victims -- with most of them here in the U.S.

Article by Sharon Gaudin, InformationWeek
In the Department of Justice and the FBI's attack on 'botherders', the government has identified more than one million botnet victims. The agencies announced Wednesday the results of an ongoing cybercrime initiative to disrupt and dismantle botherders, a term used for the people creating and operating an increasing number of botnets around the world. The FBI reported in an online advisory that its agents are working with the U.S.-CERT Coordination Center at Carnegie Mellon University to notify the owners of the compromised computers.

Government investigators tracked down the million victims while working on five different cybercrime cases, according to Richard Kolko, a special agent with the FBI. Charges already have been handed down in three of those cases. James C. Brewer of Arlington, Texas, is charged with operating a botnet that infected Chicago area hospitals. His botnet allegedly infected tens of thousands of computers worldwide. The government charged Jason Michael Downey of Covington, Kentucky, with using botnets to launch denial-of-service attacks. Robert Alan Soloway of Seattle was also charged this month with using a large botnet network to spam tens of millions of messages to advertise his Web site.

Kolko told InformationWeek that as agents delved into these three cases, along with two others that are under investigation, they uncovered the botnet victims. "There are hundreds of cybercrime cases at any given time but we put the botnet cases together for this initiative," he said. "We're trying to get people to take care of their computers. They're unaware participants in this criminal activity. We need them to take the proper precautions so we can put a dent in this crime." He also said most of the one million victims they found are in the United States. The government, he added, will continue to try to find more victims so they can notify them and get the compromised machines cleaned up.

Hackers and malware writers conspire to infect computers around the world with viruses and Trojans that allow them to remotely control the victim machines. Then, they amass thousands or hundreds of thousands of these zombie computers, creating great armies -- or botnets -- of them. In recent months, botnets have been increasing in number and in size, as they launch massive waves of spam, malware and even denial-of-service attacks. Most of the owners of the zombie machines don't even know they have been infected or that their machine is being controlled by someone else.

According to the FBI's advisory, because of their widely distributed capabilities, the government considers botnets a growing threat to national security, the national information infrastructure, and the economy. "They were a problem and they're emerging as a greater problem as people use them to get around security measures and cause greater damages," said Assistant U.S. Attorney Erez Liebermann, chief of the computer hacking and intellectual property unit in New Jersey. "The fact that they can do so much damage with the press of a button is a huge problem." A large number of the botnets are controlled by hackers and botherders outside of the U.S., with a growing number being set up in China. Dealing with cybercriminals outside the country's borders has been an issue -- but it's one the U.S. government is working on.

"Generally speaking, international aspects of these cases do have extra hurdles, but more and more countries are cooperating," said Liebermann. "There are efforts to get [cooperation] from China, and they're paying off." In recent months, rival online gangs have even begun a virtual turf war for bragging rights to the largest botnets. Two or three online criminal gangs have been waging an all-out battle for control of the largest botnets, sending out waves of malware aimed at stealing zombie computers from rival gangs to build up their own army. Each online gang is trying to build up the biggest botnet because the bigger the army of infected computers they control, the more money spammers and hackers will pay to use them, said Shane Coursen, a senior technical consultant forKaspersky Lab, in a previous interview.

Wednesday, June 13, 2007

Infanticide, Abortion Responsible for 60 Million Girls Missing in Asia

Article by Sherry Karabin
There is a little-known battle for survival going in some parts of the world. Those at risk are baby girls, and the casualties are in the millions each year. The weapons being used against them are prenatal sex selection, abortion and female infanticide — the systematic killing of girls soon after they are born.
According to a recent United Nations Population Fund (UNFPA) State of the World Population Report, these practices, combined with neglect, have resulted in at least 60 million "missing" girls in Asia, creating gender imbalances and other serious problems that experts say will have far reaching consequences for years to come. "Twenty-five million men in China currently can’t find brides because there is a shortage of women," said Steven Mosher, president of the Population Research Institute in Washington, D.C. "The young men emigrate overseas to find brides."
The imbalances are also giving rise to a commercial sex trade; the 2005 report states that up to 800,000 people being trafficked across borders each year, and as many as 80 percent are women and girls, most of whom are exploited. "Women are trafficked from North Korea, Burma and Vietnam and sold into sexual slavery or to the highest bidder," Mosher said.

State-Sanctioned Infanticide?
Mosher, the first American social scientist allowed into China, puts much of the blame on Beijing's one-child policy, which took effect in 1979. The policy encourages late marrying and late childbearing, and it limits the majority of urban couples to having one child and most of those living in rural areas to two. Female infanticide was the result, he said. "Historically infanticide was something that was practiced in poor places in China," Mosher said. "But when the one-child policy came into effect we began to see in the wealthy areas of China, what had never been done before in history — the killing of little girls."

In recent years, female infanticide has taken a back seat to sex-selective abortion or female feticide, due to the advent of amniocentesis and ultrasound technology as well as other prenatal sex selection techniques, many of which are now readily available in clinics and doctors’ offices. "We feel it's a serious problem that everybody should be concerned about and aware of," said Wanda Franz, president of the National Right to Life Committee. "This is a form of abortion that, from our point of view is especially egregious. Abortion is claimed to help women; obviously in these cases, females are the direct victims, because women in these cultures are not valued. In our family we adopted a Chinese baby," she continued. "There have been thousands and thousands of them adopted since China’s one-child policy created this overabundance of baby girls in orphanages."

How bad are the imbalances between males and females in Asia? Generally, the normal sex ratio at birth (SRB) is between 103 and 105 males per 100 females, and in rare cases 106 or a bit more than that. Countries that are known to have or have had higher sex ratio at birth numbers include South Korea, which peaked at 115 in 1994, Singapore where the SRB registered 109 in 1984 and China, which has seen the numbers increase over the past two decades. Published reports in China show the gender ratio for newborns in 2005 was 118 boys for every 100 girls, and in some southern regions like Guangdong and Hainan, the number has reached 130 boys for every 100 girls. The 2000 Chinese census put the average sex ratio at 117, with Tibet having the lowest number at 103 and Hainan registering the highest at 136.

Nicholas Eberstadt
, a researcher at the American Enterprise Institute for Public Policy Research in Washington, D.C., attributes the large sex-ratio imbalances in places like China to a combination of factors: an enormous and enduring preference for boys reinforced by the low socioeconomic status accorded to women; the use of rapidly spreading prenatal sex determination technology for gender-based abortion; and the rapid drop in fertility in different populations, making the outcome of each birth even more important. "The one-child policy intensifies this problem, but if that policy stops and fertility levels stay at one or two, the problem won’t entirely go away," Eberstadt said. "When the average number is down to one or two, there is an incentive for parents to meddle with the outcome. In places where fertility levels are high, there are few signs of sex selection." In his presentation before the World Youth Alliance in New York City last April, Eberstadt warned that "The Global War Against Baby Girls" is expanding. "There are gender imbalances in almost every East Asian country, but Japan," said Eberstadt, who has also noted alarming irregularities in Western Asia in places like Cyprus, Qatar and Pakistan, as well as in some countries on the African continent, including Egypt, Libya and Tunisia.

Indian Girls Bear Dowry Burden
In India, where the child sex ratio is calculated as the number of girls per 1,000 boys in the 0-6 years age group, the problem is severe. The 2001 Census shows there are only 927 girls per 1,000 boys, representing a sharp decline from 1961 when that number was 976. In certain parts of the country there are now fewer than 800 girls for every 1,000 boys. "India is a very mixed bag," Eberstadt said. "In some parts there are no signs of any unnatural imbalances; in other parts the numbers are grotesque." For instance, 2001 census reports show that Punjab and Haryana reported fewer than 900 girls per 1,000 boys. "The problem is more prevalent in the northern and western states, where prosperity, rapid fertility decline and patriarchal (male heads the family) mindsets combine to put girls at risk," said Ena Singh, the assistant representative at UNFPA.

Like China, there is a strong son preference for various socio-economic reasons, such as the son being responsible for carrying on the family name and support in old age. Furthermore, in some sections of India it is believed that only sons can perform the last rites for parents. In addition to sharing a strong son preference, both India and China lack a national social-security system. As it is assumed that a daughter will become a part of her husband’s family, parents must rely on their sons to take care of them. Since the 1970s, India’s government has promoted a two-child family as "ideal." While no formal laws exist, the general fertility decline in the country has led to smaller families, with couples still preferring to have at least one son. But the government has done more than just suggest this number. "In India it has been done state by state, village by village," Mosher said. "There have sterilization campaigns and there is enormous pressure. Villages that won’t comply have been denied fertilizer, access to irrigation water, etc."

Complicating matters even further in India is the dowry system, where families pay large sums in order to marry off their daughters. Although prohibited in 1961, newspaper reports illustrate the continuing phenomenon. This can be very expensive for families, adding to the perception that girls can be a financial burden. Abortion is legal in India under certain conditions, but sex-selective abortions or female feticide is a crime. In 1994, the government enacted the Preconception and Prenatal Diagnostic Techniques Act (PC & PNDT), which prohibited those conducting such tests from telling or otherwise communicating to the woman or her family the sex of the fetus. The law was amended in 2003 to prohibit sex selection before or after conception. "In recent years, prenatal sex selection and female feticide in India has increased," Singh said. "Though it is against the law for ultrasound technologies to be used to detect the sex of the child, it is still done illegally." In 2006 a doctor and his assistant in the northern state of Haryana were sentenced to two years in jail and fined for revealing the sex of a female fetus and agreeing to abort it. It was the first time medical professionals were sentenced to jail time under the (PC & PNDT) Act. Three years earlier, a doctor in Punjab received a fine. Singh estimates that hundreds more cases are being investigated across the country and taken to court.

Experts who have analyzed the National Family Health Survey 2 (NFHS2) estimate that about 300,000 girls go "missing" in India each year. Other studies have put the number between 150,000 and 500,000. While many people see this as a problem of the poor, analysts say it is more prevalent among those in the wealthier and educated segments of society. Men in parts of India are also beginning to have difficulties finding brides, causing some to leave the country to do so. "Hindu girls are being smuggled and purchased from poor countries like Nepal and Bhutan to be brides for Indian men," said Bernard Dickens, professor emeritus of health law and policy at the University of Toronto Law School.

Combating the Problem
In recent years various Indian state governments and media houses have launched initiatives to address the gender imbalances, including "Save the Girl Child" campaigns. Last February, the Indian government announced its "cradle scheme," whereby orphanages would be set up to raise unwanted baby girls. Other incentives include tax rebates on ownership of properties and reserving seats for female candidates in villages, districts and at municipal levels. Community groups, corporations and individuals have also started various efforts to enhance the status of the girl child. In March 2007, politician Sonia Gandhi, chairwoman of the United Progressive Alliance, spoke out against female feticide and the need for gender equality at the at the International Women’s Day celebrations in New Delhi. Lara Dutta, UNFPA’s goodwill ambassador, a popular actress and Miss Universe 2000, has also been working extensively with young people to raise awareness about the issue.

China too has enacted laws in an effort to meet its goal of lowering the sex ratio at birth to normal levels by 2010. In 1994, the Mother and Child Health Law of the Peoples Republic of China outlawed the practice of sex identification of the fetus and sex-selective abortions without medical requirements. This was reaffirmed in the 2002 Population and Family Planning Law. Officials also started the "Care for Girls" campaign to promote equality for men and women and economic support is being offered to girl-only families in the countryside. "Raising awareness is important," said William Ryan, a Asia and Pacific regional information advisor for the United Nations Population Fund. "I think the effort to emphasize equality of the sexes and the value of women in society will help reduce the problem in the long run."

China Holds On to One Child
However, China has pledged to keep its one-child policy in place until the year 2050, a policy which it admits is "related" to the large sex imbalances in the country. "The implications are potentially disastrous," Mosher said. "The answer is economic development, not restricting the number of people." This year, the United States sponsored a resolution at the U.N.’s Commission on the Status of Women that called for eliminating infanticide and gender selection. The resolution was withdrawn due to opposition from several countries, including China and India; however, the issue of prenatal sex selection was included in the final conference document. Interestingly South Korea was one of the countries to support the resolution. Like China and India, it too has had its own problems with sex imbalances; however, progress is being made. If the imbalances continue, Adam Jones, executive director of Gendercide Watch, sees another possible outcome. "Because of the disparity, surviving women have greater market value," he said. "As a result, it may become more economically viable for families to have girl children, thus reducing rates of female infanticide and sex selection."

As China and India work toward solving their problems, Eberstadt points out that three large European countries are also showing disturbing signs. "Greece, Macedonia and Yugoslavia betray some hints of prejudicial death rates for little girls in the post-war period," he said. While the numbers are very small, he notes they are "nonetheless curious and unusual. "In the western hemisphere, Venezuela and El Salvador both have unnatural death rates for little girls and now also display unnatural sex ratios at birth," he continued. Published reports point to problems among some immigrant groups in Canada as well. And even in the United States, Eberstadt said, some Asian-American populations have begun to "exhibit sex ratios at birth that could be considered biologically impossible."
"Since the mid-1990s, the issue of female infanticide and sex selection has been highlighted in several conferences and in several U.N. documents," said Samantha Singson, chief U.N. liaison for the Catholic Family and Human Rights Institute. "Unfortunately the issue isn’t getting as much attention as we feel it deserves."

Friday, June 08, 2007

Poll Says American Car Makers Need More MPG

A poll, sponsored by GasBuddy.com, shows that US car makers need to accomplish two tasks in order for Americans to purchase their vehicles:
First, they need to increase fuel economy. Second, the big three marks need to improve quality and reliability in their vehicles. An overwhelming 78% (13493) chose one of those two answers as the way to get American dollars back into their coffers.

The unscientific poll is ongoing and being sponsored exclusively by GasBuddy.com.

What do you think is the most important thing American car companies need to do to get people to buy more American cars? (Discuss)
Increase their cars' fuel efficiency 40%
Improve their cars' quality/reliability 38%
Lower their cars' prices 16%
Something else 3%
No opinion 1%
Total votes: 17298

Thursday, June 07, 2007

Is MySpace A Piece In The Kelsey Smith Murder Puzzle?

Did Edwin R. Hall actually know Kelsey Smith? Or, did he find her through MySpace? Or, was she a random victim? It seems that Edwin has a MySpace account (corrected link)-- stating he lives in Overland Park (although his address at the time of arrest was officially Olathe, KS.). His profile has been deleted, so we can't learn anything else from it. Other bloggers have said that Hall's wife, Aletha, was linked to his MySpace page. There is also information saying the Halls have a four year old son. I sure hope the link to the MySpace page is bogus.

Kelsey Smith also had a MySpace page -- stating she lived in Overland Park. Could Edwin have been stalking Kelsey via MySpace? It is a possibility. One thing that is kinda creepy is that Hall's MySpace account shows he logged in sometime yesterday -- shortly before he was arrested for aggravated kidnapping and first-degree murder. FWIW, Kelsey did not have Edwin Hall listed as a "friend" on MySpace. I'm not trying to make a connection where one is not present, BUT the question of MySpace is one the needs to be answered.

I'm sure we'll learn more in the coming hours and days, but questions are large and beg to be answered. The biggest question looming in my mind is WHY? Why abduct and murder a vibrant young lady who just graduated high school and was about to set off for college and adult life? Why?!? Weren't your video games enough? Weren't movies like Hostel and Saw and Hannibal enough? Didn't the Internet satisfy your bloodlust?

Now, some defense attorney will set out to go far beyond the mandate of lawyers to make sure their clients get a fair trial. That attorney will try to wiggle and squirm and circumvent his way around the facts in an attempt to get Mr. Hall acquitted. ARGH! It makes me furious just to think about the whole ordeal -- especially for Greg and Missy Smith.

See the video of Edwin Hall's arraignment here, courtesy of scaredmonkeys.com.

My prayers go out to them, along with Stevie, Cody, Zack and Kelsey's boyfriend John Biersmith. They will all live the tragedy of Kelsey kidnapping and murder many times over.

Police Find Missing Kansas Teen's Body, Suspect Arrested

Sources: KCTV, MSN & SalemNews.com
Picture of Ed Hall from his MySpace page (corrected link)
A suspect was arrested [as I predicted] Wednesday evening in the slaying of a teenage Kansas girl believed abducted from the parking lot of an Overland Park Target store. Edwin R. Hall, 26, of Olathe, Kansas, is expected to be charged this morning with premeditated first-degree murder and aggravated kidnapping, Overland Park Police Chief John Douglass said. Johnson County prosecutor Phill Kline said his office would file formal charges early Thursday or, at the latest, Friday morning. "Tomorrow morning [Thursday] the Johnson County district attorney's office will file premeditated first-degree murder and aggravated kidnapping* charges against Edwin Hall, 26 years of age, with the disappearance and death of Kelsey Smith," Kline said Wednesday. "This community has lost a vibrant and promising life and a family has suffered unimaginable tragedy." Kline said it was premeditated murder and is requesting a $5 million bond for Hall.

Kelsey Smith, 18, had been missing since Saturday night, when she went to a Target store to buy a gift for her boyfriend. Surveillance video showed her being forced into her car, and the car drove off. It was found in a nearby mall parking lot about two hours later. Douglass said Hall matched the description of a man seen on surveillance video walking into the store soon after Smith entered. Police also found a vehicle that matched the description of a dark mid-1970s Chevrolet pickup that was seen entering the Target parking lot shortly after Smith's car, he said. The truck was in Edwin Hall's possession.

A man who lives near the area where Smith's body was found told KMBC that he saw a vehicle in the park at about 9 p.m. Saturday, which matches the police time line. The man, who didn't want his name used, said he doesn't know what type of vehicle it was, but he remembers seeing headlights behind a locked gate on the road.

Douglass said Hall was interviewed mid-afternoon Wednesday after police acted on a tip that matched Hall and a vehicle to surveillance video from the Target store parking lot in suburban Kansas City where Smith was abducted Saturday evening. He said he had no information why Smith was targeted, or if Hall was believed to have acted alone. Police said Hall's vehicle matched the description of a dark mid-1970s Chevrolet pickup that was seen entering the Target parking lot shortly after Smith's car. Police found Smith's body in a wooded area near Grandview, Mo., about 20 miles east of the Target store. Authorities did not say how she died.

According to Chief Douglass, "Mr. Hall faces 25 years to life minimum sentence on the premeditated murder charge, 147 months minimum sentence on the aggravated kidnapping charge. There is a distinct possibility of an amendment for more severe charges in the future."

* = Aggravated kidnapping charge is defined as kidnapping with "great bodily harm". As I commented on yesterday, Kelsey was likely rendered unconscious or even dead at the time of her was kidnapping (in the Target parking lot or car as they left the store) -- not later on. If that is the case, it would account for the surprise that Kelsey did not fight back (as her father and sister said she would have done).
The aggravated kidnapping charge likely came from the visible effects of damage to Kelsey's body -- which may have accounted for the delay in identifying her body when she found yesterday around 1:30pm.

Wednesday, June 06, 2007

Search For A Killer!?!

Steph Watts, of On the Record from FNC, has confirmed that the police DO have a suspect in the Kelsey Smith murder case. They are looking for him now. Watts also reports that no information on a motive or cause of death.

BTW, one reason the FBI is active in the investigation is that Kelsey was transported from Kansas into Missouri. Unfortunately, the federal presence didn't make any difference in the outcome of Kelsey's abduction.

SPECULATION: When the guy attacked Kelsey in the Target parking lot, she may have been rendered unconscious. Therefore, her attacker had to leave her in the car and vacate the area. If he killed her when he forced her into the car, he may have panicked and took her straight to the Longview Lake Park to discard the body.
Kelsey's body was dumped under a bridge, in a shallow creek. Her murderer may have intended to go back and bury Kelsey's body... but the police found her before he could act on the remainder of his plan. We don't yet know the condition of Kelsey's body, but I suspect she may have been damaged in the head or face area. The water of the creek or attacker may have caused the damage -- I'm not sure.

Who Killed Kelsey Smith?

Photo from FOX25 in Kansas City
As the story of young Kelsey Smith's abduction and murder unfolds, Overland Park Police Chief John Douglass has told the public that a "person of interest" is now a suspect. This person, who remains unnamed, reportedly lives approx. two miles from where Kelsey Smith's body was found. He also has what police call "an extensive criminal record". So, who is this person / suspect?

Sources in Kansas City tells me that someone with the surname of Beach or Beech is being sought by law enforcement. I have heard the first names of Timothy, Jeremiah and/or John. I must emphasize that the name is speculation, but does come from the local area -- and local area information is normally better than what we are told on the evening news. I learned that in the cases of Immette St. Guillen's murder and the Virginia Tech slayings.

These things seem fairly apparent:
1) The guy seen in the Target store video entered the store shortly after Kelsey entered.
2) The same guy was seen on surveillance cameras within Target. He was near Kelsey on at least three occasions.
3) This same person is thought to be the driver of the 1970s Chevrolet pickup that police are seeking.
4) The Target store guy is seen leaving within seconds of Kelsey exiting the store.
5) The person who ran up to Kelsey in the parking - and apparently pushed her into her car - looks to be the same person (a 20-ish year old white male with a goatie; wearing dark shorts, white t-shirt, low-top Converse sneakers).
6) From video not publicly shown, but referenced by police, the pickup truck was left in the parking lot of Target until around 9:00pm Saturday night.
7) Kelsey's car was seen leaving the parking lot around 7:08pm. It was found across the street in the Macy's parking lot (at Overland Mall) around 9:00pm that night.
8) Police believe the kidnapping and murder was a one-man operation -- which fits with the car being used to drive away; the truck being left at Target; and Kelsey's Buick showing up about the same time as the truck leaves the Target lot.
9) Police have narrowed down their suspect list (although not official publicly) down to either a few select persons of interest or this one suspect.
10) Since no details of the state of Kelsey's body were offered, and no immediate identification was made, AND police told the clergy before they told the family, law enforcement officials have at least inferred that Kelsey's body was somehow damaged in a way that made it at least a bit difficult to ID her. [Pure conjecture on my part, but I've done a lot of research on cases like this.]
11) Kelsey was not likely killed in her car.
12) She was not likely in the pickup truck at any time. Nonetheless, the truck could be a key piece for evidence collection.
13) Kelsey was likely murdered within the first 60-90 minutes after her abduction.
14) Kelsey's boyfriend (John Biersmith) is not now, nor has he been a suspect (as some folks have suggested). He was actually at the Smith home awaiting Kelsey's arrival when she was abducted from the Target store parking lot.
15) IF, and I repeat, IF the guy in the surveillance video is her killer, he is not a very bright individual. Along with the dumb moves he made to stalk, follow and kidnap her, he will likely brag to some friends about his "adventure". If he hasn't committed suicide somewhere in the woods, he will be caught rather quickly -- I can almost guarantee it.
16) Lastly, law enforcement officials are NOT telling us everything they know. That fact is more than obvious. I respect them for keeping certain aspects of the case private -- out of respect for the Smith family and/or for the future court case.

Our prayers go out to Greg, Missy, Stevie, Lindsay, Cody and Zack Smith -- along with John Biersmith (Kelsey's boyfriend) and his family.

BTW, I just googled the name "kelsey smith" and beach or timothy and beech. My blog is the ONLY one reporting this information. That makes me a bit nervous as I don't want anyone to decide someone they know in the Kansas City area is guilty of the heinous crimes against Kelsey. Offering a potential name is merely a way to try and learn more about who the suspect really is -- and hopefully assist with his capture and prosecution.

More Details on Kelsey Smith's Abduction & Murder

INITIAL POST: 5:06pm
LAST UPDATE: 5:42pm

As pastors meet with the Greg Smith family in Overland Park (near Kansas City), we now know the body of their daughter, Kelsey Smith, was found south of Longview Lake Park. The police spokesman, Chief John Douglass, is taking questions at a press conference, as I type.

The suspect has not been arrested. The chief says they are talking to "several people at this point". The police say they do not have the name of the person in the Target store video, but all of the POIs look like the person seen leaving the store just behind Kelsey Smith. Other news sources say the person law enforcement believes is THE suspect is a 20-ish white male who lives within two miles of the spot where Kelsey's body was found. Furthermore, these sources are saying that the suspect has an extensive criminal record. At this time, they have not said the suspect is the owner or driver of the pickup truck shown several times on news broadcasts.

Eleven teams fanned out across the Longview Lake Park area early this morning. One of those teams found Kelsey's body in a shallow creek, near Highgrove and Raytown roads around 2:00pm CT. They were "lead" to the specific area by Kelsey's cell phone "pinging" a local cell tower. Police took her cell account's LUDs and analyzed them. The results came back Tuesday morning -- and police immediately started their search.
The cell phone analysis showed that the phone passed through certain telephone cells located on I-35 to I-435, then east to south 71 highway, and from there to an area in the vicinity of Longview Lake Park.
Photos from WPBF FOX25 and FOX4

Kelsey Smith's Body has Been Found

INITIAL POST: 3:15pm EDT
LAST UPDATE: 4:57pm
(Updating every few minutes, so refresh the page often...)

Kelsey Smith's body has been found.
It's 3:12pm and the body was found south of Longview Lake, in SE Grandview, MO. The body was found in a shallow creek. A tarp covers the area as I type...

Kelsey Smith was apparently kidnapped from the Target store parking lot in Overland Park (suburb of Kansas City) at 7:07pm Saturday night. A 20-ish looking white male is seen running up behind Kelsey and forcing her into her 1987 Buick Regal. The car is seen backing out of the parking space and leaving the lot.
A little over two hours later, Kelsey's car was found in the Macy's parking -- across the street at the Overland Mall. Police have been searching for the 18 year old high school graduate since that time.

Just a few minutes ago, the story broke on FOX4 in KC --
"Police have located the body of a young girl, police and the independent search company on the scene told a FOX News Channel producer for 'On the Record' with Greta that it was the body of Kelsey."

A half-mile radius was being deeply searched after Kelsey's cell phone pinged a local tower in the southeast Jackson County area. Tire tracks were found -- leaving the road and going into the woods. A search team went into the area -- and found Kelsey Smith's body within a few minutes by the Equi-Search team.

Update: 4:07pm -- The search has been called off. The medical examiner has arrived on the scene. Although not officially confirmed, these are definitive inferences that the body is Kelsey Smith. The local enforcement will have a live press conference at 5:00pm EDT.

Also, the person of interest whom police were trying to locate, lives near the area, according to Steph Watts, a FOXNews On The Record producer.

FWIW, and it may be worth NOTHING -- I am hearing the names Timothy Beach (or Beech) or... Jerimiah John Beach (or Beech) as a potential suspect. Someone also says that the suspected perp (the "person of interest") lives within two miles of where Kelsey's body was found. Police are trying to track him down -- with even more interest now. A rather slumy apartment complex is located near 71 highway and 155th St. -- not far from Longview Lake Park. I've heard someone with the last name of Beach / Beech lives near there... and MAY be a suspect.

As for the truck, I am hearing "live" that a mid-1970s Chevy pickup truck has been found -- and police think it is the one seen in the Target parking lot Saturday just before Kelsey was abducted.

Photos from FOX4 and Kelsey's MySpace page

A press conference is scheduled for 3 minutes from now. I'll post more during and after the press conference.

Monday, June 04, 2007

Online Tunes Are More Risky Than Web Porn - When It Comes to Malware

About 9% of adult sites produce spyware, adware or spam, compared with 19% of digital music sites found in a study by McAfee.

By Joseph Menn / Times Staff Writer
Whatever threat online pornography might pose to society's morals, online music might pose a bigger threat to society's computers. A study scheduled to be released today found that about 9% of adult sites that turned up high in search-engine rankings had such PC-damaging problems or annoyances as spyware, adware and spam associated with them. Yet searching for digital music was twice as risky — more than 19% of the sites produced by such queries were risky for computer users, according to the study by McAfee Inc., a Santa Clara, California-based company that makes computer-security software.

Other risky searches included those for electronic gadgets and for background "wallpaper" to decorate computer screens. Researchers have one idea why looking for porn appears to be safer: The business side of that industry works even without the extra hustling. Since it's harder to make a living selling digital music, those hawking such items are far more likely to attach programs that spew unwanted ads or worse. "The tier-one adult sites are doing phenomenally well as businesses, and because of that they very much have their house in order," said McAfee Senior Product Manager Mark Maxwell.

The digital music searches studied include those for such file-sharing programs as BearShare, which often include intrusive advertising programs. BearShare took the honors as the single riskiest search term, returning unsafe sites at a 46% rate. Other findings from McAfee's database were not included in the study, including the news that Britney Spears is slightly more dangerous to search for than Lindsay Lohan. The former couple of Brad Pitt and Jennifer Aniston, meanwhile, are a 36% more hazardous combination than the current pair of Pitt and Angelina Jolie.

The study is the third of its kind from McAfee, which owns a popular free service called SiteAdvisor. It rates millions of websites as red for risky, yellow for somewhat risky and green for safe, warning Web surfers before they click through. The latest paper also found that sponsored search results, which are paid for by advertisers, are twice as likely to be risky as regular search results. It also compared the five most popular search engines, finding that Yahoo Inc. had the safest unpaid results and the riskiest paid results.

For thousands of popular searches, the top 500 unpaid listings were about as safe at one search engine as they were at another. Yahoo came out best with 2.7% that were red or yellow, and IAC/InterActiveCorp's Ask.com was the worst at 3.3%. The range was larger when it came to advertised results: from a low of 4.1% problematic results at Ask to 9% at Yahoo. Google Inc. has toughened its checks on advertisers and made its paid results safer in the last year, McAfee said, while Yahoo has gotten worse.

Yahoo declined an interview request. In a statement Saturday, Vice President of Marketplace Quality Reggie Davis wrote that the unpaid search results "represent the vast majority of clicked links." "We will continue to improve our performance in this area by investing in technology," Davis said. An Ask.com spokeswoman pointed to the company's sharp improvement in paid results, which boosted its overall safety performance from worst to the middle of the pack.

Many of the advertised sites that McAfee flagged are obvious scams pointed out by SiteAdvisor users, including those that make impossible claims about obtaining green cards for immigrants and repairing damaged credit. "We are struck by search engines' failure to block even the most notorious and widespread of scam ads — a decision we suspect arises out of search engines' business objectives," the study's authors wrote.

In better news, the number of the very worst sites — those that use known vulnerabilities in software to automatically install keystroke loggers and other malicious programs — remained quite small. McAfee turned up less than one in a thousand among the top search engine results. Google has begun to warn users before they go to one of those sites, and a spokeswoman said that the effort would remain the priority over fighting such lesser threats as adware and spam. "Google concentrates on Web pages that pose real danger to our users, and we are confident that we are protecting searchers from these threats," company spokeswoman Katie Watson said.

Friday, June 01, 2007

Popular add-ons to Firefox are the latest criminal attack vector

Article posted by Robert Vamosi on News.com.com
Mozilla enjoys a large development community to build add-ons for its Firefox browser. Now it seems all that development might not be a good thing. A security researcher in Indiana has found that the process used to update some of these add-ons automatically appears to be flawed, allowing criminal hackers to intercept the browser's call to the developer to see if there's a new version available. Worse, the most vulnerable add-ons aren't from vendors you've never heard of; they include brand-name sites like Google, Yahoo, Facebook, and LinkedIn.

Extensions for Firefox contain hard coded Internet addresses for updates. Mozilla provides free hosting for update at addons.mozilla.org, however, many developers choose for various reasons to serve the updates themselves from servers under their control. The servers at Mozilla all use the secure https:// protocol, but since encryption requires more resources, many developers opt to use the less secure, less resource intensive http:// instead. That's where the problem lies.
Researcher Christopher Soghoian's blog describes a scenario where a wireless user in an Internet café starts up the Firefox browser. Home users who have not changed the default password on their wireless routers are also affected. Firefox routinely checks with the extension's update servers to see if there are any updates pending and generally notifies the user. Add-ons using the secure https:// protocol are not affected; a criminal could not intercept that encrypted transmission. However, add-ons using the less secure http:// protocol are open to what's called a man-in-the-middle attack where a criminal hacker can intercept the transmission and substitute a maliciously coded update instead.
While Firefox prompts the user to install any updates, not all updates trigger the prompt. For example, Google Toolbar updates will install automatically. Soghoian says "The problem stems from design flaws, false assumptions, and a lack of solid developer documentation instructing extension authors on the best way to secure their code." He urges Firefox users to uninstall extensions not downloaded from Mozilla.
Among these, Google Toolbar, Google Browser Sync, Yahoo Toolbar, Del.icio.us Extension, Facebook Toolbar, AOL Toolbar, Ask.com Toolbar, LinkedIn Browser Toolbar, Netcraft Anti-Phishing Toolbar, and PhishTank SiteChecker.
Add-ons not vulnerable to this type of attack include NoScript, Greasemonkey, and AdBlock Plus.
Secure add-ons can be downloaded from the official Firefox Add-ons website. Soghoian says he contacted Google and other developers and told Mozilla and specific about this vulnerability on April 16, 2007. Many vendors ignored him. Mozilla did work with some vendors, such as eBay, to fix the problem and has updated its developer site to include safe coding practices to guard against this attack. Abiding by the CERT vulnerability disclosure policy, Shogoian went public 45 days after notifying CERT and the vendors affected. Soghoian is no stranger to controversy. In October, Soghoian printed his own airline tickets much to the dismay of the FAA and Department of Homeland Security. No charges were ever filed.