High Speed, High Cost

The internet is something we all take for granted. Those of us who have it—particularly the high speed variety— can’t imagine life without it. But what if we found ourselves in a remote location where there simply no coverage?

Those area exist, and if every square mile in this country were to have the net, there would be a price—as we read in this report from the WJS…

WASHINGTON — It could cost more than $350 billion to bring universal access to the fastest Internet connection in the U.S., the Federal Communications Commission said Tuesday.

The conclusion is part of the FCC’s initial report after having held dozens of public meetings and collecting thousands of comments on its national broadband plan, which is due in February.

The private sector is the driving force behind Internet investment, said the FCC’s Blair Levin, who is coordinating the commission’s national broadband effort. Mr. Levin sad the $7 billion that the government’s economic-stimulus package put forth for Internet buildout represents a small portion of what is needed to blanket the country with Internet access. It’s still uncertain how much of the cost would be borne by taxpayers.

“Most of that ecosystem is funded by the private sector,” Mr. Levin said at an FCC meeting Tuesday. “We expect that to continue. Where can the government play a role in ensuring and improving the role of that ecosystem?”

The cost to deploy the most basic Internet access to all parts of the country is about $20 billion, but FCC officials questioned whether current basic Web speeds will be enough to foster future economic growth.

The average consumer today uses the Internet for Web browsing, email and instant messaging, and entertainment, said Peter Bowen, the applications director for the FCC’s Omnibus Broadband Initiative. However, the applications expected to drive future markets — streaming video, video teleconferencing and electronic medical monitoring — require considerably higher speeds, Mr. Bowen said.

In drafting the broadband plan, the FCC will need to determine how to measure the quality and speed of consumers’ Internet connections, which could impact such Internet-service providers as Verizon Communications Inc., Comcast Corp. and AT&T Inc.

Internet-service providers generally discuss the speeds they offer in terms of the highest levels available for subscribers, rather than disclose the typical user experience. Actual broadband speeds lag behind providers’ advertised speeds by as much as 50% to 80%, according to the FCC.

“It is critical to focus on actual end-user speeds during busy hours of usage, when typical Americans want to be online,” said Shawn Hoy, a member of the FCC’s broadband team.

Competition is limited among providers who offer the highest speeds, according to Rob Curtis, another FCC broadband-team member. At least half of Americans only have access to one provider that can offer Internet speeds that would support two-way video conferencing and other high-speed applications, Mr. Curtis said.

The picture gets more complicated when mobile Internet is taken into account. Smartphones like Apple Inc.’s iPhone or Palm Inc’s Pre are putting a crunch on the nation’s wireless capacity.

Smartphones will overtake sales of traditional cellphones, users of which eat up far fewer cellular minutes and less bandwidth, by 2011, according to the FCC.

The FCC is considering how to make more airwaves available. Companies and agencies that hold licenses to frequencies tend to want to hang on to them, but the FCC’s Mr. Levin warned earlier this month that licensees should be prepared to justify their ownership.

It isn’t clear where the needed airwaves will surface. The U.S. government, namely the Defense Department, holds a sizable chunk. Industry insiders say the government’s airwaves could be more efficiently used in the private sector.

An industry group, CTIA-The Wireless Association, Tuesday sent a letter to the FCC saying the government needs to identify a significant swath of airwaves for commercial licensees.

CTIA’s members include Verizon Wireless, AT&T, Sprint Nextel Corp., and T-Mobile USA, a unit of Deutsche Telekom AG. Verizon Wireless is a joint venture of Verizon Communications and Vodafone Group PLC.

Fall Foliage Could Be Better Than Ever This Year

We’ve had a rainy summer to be sure. With rain, however comes  autumnal brilliance, as we read in this report from USA Today…

New England expects spectacular fall foliage, hopes visitors will follow By Holly Ramer, Associated Press Writer

CONCORD, N.H. — Northern New England’s fall foliage is expected to be spectacular this year, unlike tourism revenues, which likely will remain muted as the economy slowly recovers. Abundant rain during the summer should boost the vibrancy of the red, orange and gold foliage that attracts millions of visitors to New Hampshire, Maine and Vermont each fall. That has tourism officials optimistic, though no one’s expecting to break any records. They’re offering a variety of packages and deals in hopes of matching or beating last year’s revenues, which were down significantly from previous years as recession gripped the nation. In Vermont, more than 60 lodging properties, tourist attractions and restaurants are offering tourists with midweek bookings “Midweek Peek” deals ranging from “stay two nights, get the third night free” to a free round of golf or half pint of maple syrup. Dozens of properties in Maine are offering similar getaway packages during foliage season. In New Hampshire, the state tourism website lists “Yankee Dollar-Stretching Deals,” and individual properties have their own promotions. Whitney’s Inn in Jackson is offering a third night at half price or a free fourth night. The listed rate for late September until mid-October is $129 per night for a standard room for two people. Innkeeper Susan Pettengill said the inn is in good shape for foliage season — all but six of the 26 rooms are booked for the busy Columbus Day weekend — but acknowledged the toll the economy has taken. “We’ve had to lower our rates, and people are very comfortable asking for discounts,” she said.  New Hampshire had 7.5 million visitors who spent about $1 billion between September and November last year, and officials expect to roughly match that this year. The most recent data from Vermont shows 3.7 million visitors spent $375 million in fall 2007. Revenue figures weren’t available for Maine — which had 9.2 million visitors last fall — but some property managers have been reporting that reservations are about equal to or slightly higher than last fall, said Greg Dugal, executive director of the Maine Innkeepers Association. Though he welcomes such news, he points out that lodging revenues were down more than 10% last September and 3% in October, when the the nation’s financial meltdown kept many potential visitors away. Revenues also were down in June and July, Dugal said, in large part because of the rain. In New Hampshire, more people visited the state this summer but they spent less, said Tai Freligh, spokesman for the state’s travel and tourism division, and more of the same is expected for fall, he said. The state continues to advertise in key markets like Philadelphia, Boston and New York, but since summer has been focusing more on New Hampshire residents, he said. “Folks are taking more trips and making them shorter, and spending less when they do travel. They are staying closer to home,” he said. That’s Chris Cavallari’s plan. Cavallari, 30, owns a video production company in Portland, Maine, but a retail job pays the bills. So instead of taking a week off to visit his brother in Arizona or vacation in Florida, he’s taking more short trips, closer to home. “A three-day weekend here, a four-day backpacking trip there, and I get more bang for my buck,” he said. He is considering backpacking in western Maine or New Hampshire’s White Mountains, a road trip up Maine’s Coastal Route 1, a bike tour in Maine or kayaking along the Maine coast. Whatever he decides, he hopes to keep his expenses under $100 for a four-day trip. “I’m an outdoorsy guy, so it would be camping no matter what mode of transportation I take,” he said. “Though I love staying in hotels, camping is more fun and less expensive.” In Vermont, the state tourism office has been getting more requests for vacation planning packets, up 7% in August compared to a year earlier. New Yorkers made more inquiries than any other state, and requests from Texas jumped 21% to take the number two spot. “The economy has affected our area, but not as much as other areas of the country,” said Linda Patterson, 57, of Boerne, Texas, who will be traveling to Vermont with her husband later this month. “We just decided we needed a vacation, although we have been cutting back in other areas of our budget.” Patterson is a semi-retired school librarian; her husband is a water plant operator. After vacationing in New Hampshire four years ago, they picked a bed and breakfast near Brattleboro, Vt., for this trip. Beth Kennett, owner of Liberty Hill Farm in Rochester, Vt., said all seven rooms at her dairy farm’s inn are booked for the weekends through Oct. 18. She charges $90 per night per adult for a room, dinner and breakfast. Though she agreed that many tourists seem to be sticking closer to home in recent years, Kennett said this summer brought a surprisingly high number of international guests. Mal Pattiarachi, an information technology consultant in Canberra, Australia, is heading to Vermont and New Hampshire next month as part of a trip that also includes visiting friends in Oregon, Colorado and Illinois. With the Australian economy and its dollar quite strong, and air fares to the U.S. cheaper than ever, it’s a perfect time to travel, he said. “I’ve always wanted to see the leaves changing color in New England and I have never been to that part of the U.S.,” he said. “I had heard it’s quite a majestic sight.” Pattiarachi, 28, said he found it impossible to find affordable accommodations in popular spots like Stowe, Vt., so he chose locations farther out. That didn’t bother him — he figures he’ll see more of the scenic countryside — but he was a bit stressed out about trying to time his trip during “peak foliage.” This year, leaf peak is expected across most of New Hampshire and Vermont around Oct. 10-12 and in central Maine Sept. 29- Oct. 5. “Compared to Australia, which is extremely dry and has really only gum trees, even slightly off-peak in New England I think is going to be an amazing experience,” he said.

How Safe is Your Phone?

They’ve been talking about electromagnetic fields—or EMFs—for years. Power lines, cordless phones, GPS, cell phones, you name it— most of the tools in our day-to-day lives emit some degree of radiation. According to a new study, cellphones are rated according to their EMF emission levels according to this story from ABC News…

Cell Phone Radiation: Top 10 Best and Worst

Environmental Working Group Rates 1,200 Cell Phones According to Radiation Emission

By KI MAE HEUSSNER

Sept. 10, 2009—

How much radiation does your cell phone emit?

The Environmental Working Group, a Washington, D.C.-based advocacy group, thinks you should know. To make things easy, this week the group released a list ranking more than 1,000 cell phones according to the radiation levels they emit.

Questions regarding health risks associated with cell phone radiation have persisted for years. The U.S. Food and Drug Administration has stated that scientific evidence does not indicate negative health outcomes from exposure to radio frequency energy from cell phones.

But the Environmental Working Group disagrees.

“We would like to be able to say that cell phones are safe,” Olga Naidenko, EWG senior scientist and lead author of the study, said in a statement. “But we can’t. The most recent science, while not conclusive, raises serious issues about the cancer risk of cell phone use that must be addressed through further research. In the meantime, consumers can take steps to reduce exposure.”

The watchdog group created the list based on technical data provided by the manufacturers. The full list can be viewed here.

But check below to see if your phone made the list of the 10 best phones — or the 10 worst.

EWG’s List of Lowest Radiation Phones:

1. Samsung Impression (SGH-a877) [AT&T]

2. Motorola RAZR V8 [CellularONE]

3. Samsung SGH-t229 [T-Mobile]

4. Samsung Rugby (SGH-a837) [AT&T]

5. Samsung Propel Pro (SGH-i627) [AT&T]

6. Samsung Gravity (SGH-t459) [CellularONE, T-Mobile]

7. T-Mobile Sidekick [T-Mobile]

8. LG Xenon (GR500) [AT&T]

9. Motorola Karma QA1 [AT&T]

10. Sanyo Katana II [Kajeet]

EWG’s List of Highest Radiation Phones:

1. Motorola MOTO VU204 [Verizon Wireless]

2. T-Mobile myTouch 3G [T-Mobile]

3. Kyocera Jax S1300 [Virgin Mobile]

4. Blackberry Curve 8330 [Sprint, U.S. Cellular, Verizon Wireless, MetroPCS]

5. Motorola W385 [U.S. Cellular, Verizon Wireless]

6. T-Mobile Shadow [T-Mobile]

7. Motorola C290 [Sprint, Kajeet]

8. Motorola i335 [Sprint]

9. Motorola MOTO VE240 [Cricket, MetroPCS]

10. Blackberry Bold 9000 [AT&T]

Copyright © 2009 ABC News Internet Ventures

// <![CDATA[//

Radio Frequency Identification—the New Threat?

One never fully knows the reach of technology. Especially in 2009. Particularly at a DefCon Hacker Conference. Such was the case last month, when federal agents in Las Vegas were on hand to catch up on the latest trends in cyber-technology…

The story from Wired’s Kim Zetter …

Feds at DefCon Alarmed After RFIDs Scanned

By Kim Zetter August 4, 2009

LAS VEGAS — It’s one of the most hostile hacker environments in the country –- the DefCon hacker conference held every summer in Las Vegas.

But despite the fact that attendees know they should take precautions to protect their data, federal agents at the conference got a scare on Friday when they were told they might have been caught in the sights of an RFID reader.

The reader, connected to a web camera, sniffed data from RFID-enabled ID cards and other documents carried by attendees in pockets and backpacks as they passed a table where the equipment was stationed in full view.

It was part of a security-awareness project set up by a group of security researchers and consultants to highlight privacy issues around RFID. When the reader caught an RFID chip in its sights — embedded in a company or government agency access card, for example — it grabbed data from the card, and the camera snapped the card holder’s picture.

But the device, which had a read range of 2 to 3 feet, caught only five people carrying RFID cards before Feds attending the conference got wind of the project and were concerned they might have been scanned.

Kevin Manson, a former senior instructor at the Federal Law Enforcement Training Center in Florida, was sitting on the “Meet the Fed” panel when a DefCon staffer known as “Priest,” who prefers not to be identified by his real name, entered the room and told panelists about the reader.

“I saw a few jaws drop when he said that,” Manson told Threat Level.

“There was a lot of surprise,” Priest says. “It really was a ‘holy shit,’ we didn’t think about that [moment].”

Law enforcement and intelligence agents attend DefCon each year to garner intelligence about the latest cyber vulnerabilities and the hackers who exploit them. Some attend under their real name and affiliation, but many attend undercover.

Although corporate- and government-issued ID cards embedded with RFID chips don’t reveal a card holder’s name or company — the chip stores only a site number and unique ID number tied to a company or agency’s database where the card holder’s details are stored — it’s not impossible to deduce the company or agency from the site number. It’s possible the researchers might also have been able to identify a Fed through the photo snapped with the captured card data or through information stored on other RFID-embedded documents in his wallet. For example, badges issued to attendees at the Black Hat conference that preceded DefCon in Las Vegas were embedded with RFID chips that contained the attendee’s name and affiliation. Many of the same people attended both conferences, and some still had their Black Hat cards with them at DefCon.

But an attacker wouldn’t need the name of a card holder to cause harm. In the case of employee access cards, a chip that contained only the employee’s card number could still be cloned to allow someone to impersonate the employee and gain access to his company or government office without knowing the employee’s name.

Since employee access card numbers are generally sequential, Priest says an attacker could simply change a few digits on his cloned card to find the number of a random employee who might have higher access privileges in a facility.

“I can also make an educated guess as to what the administrator or ‘root’ cards are,” Priest says. “Usually the first card assigned out is the test card; the test card usually has access to all the doors. That’s a big threat, and that’s something [that government agencies] have actually got to address.””

In some organizations, RFID cards aren’t just for entering doors; they’re also used to access computers. And in the case of RFID-enabled credit cards, RFID researcher Chris Paget, who gave a talk at DefCon, says the chips contain all the information someone needs to clone the card and make fraudulent charges on it — the account number, expiration date, CVV2 security code and, in the case of some older cards, the card holder’s name.

The Meet-the-Fed panel, an annual event at DefCon, presented a target-rich environment for anyone who might have wanted to scan government RFID documents for nefarious purposes. The 22 panelists included top cybercops and officials from the FBI, Secret Service, National Security Agency, Department of Homeland Security, Defense Department, Treasury Department and U. S. Postal Inspection. And these were just the Feds who weren’t undercover.

It’s not known if any Feds were caught by the reader. The group that set it up never looked closely at the captured data before it was destroyed. Priest told Threat Level that one person caught by the camera resembled a Fed he knew, but he couldn’t positively identify him.

“But it was enough for me to be concerned,” he said. “There were people here who were not supposed to be identified for what they were doing … I was [concerned] that people who didn’t want to be photographed were photographed.”

Priest asked Adam Laurie, one of the researchers behind the project, to “please do the right thing,” and Laurie removed the SD card that stored the data and smashed it. Laurie, who is known as “Major Malfunction” in the hacker community, then briefed some of the Feds on the capabilities of the RFID reader and what it collected.

The RFID project was a collaboration between Laurie and Zac Franken — co-directors of Aperture Labs in Great Britain and the ones who wrote the software for capturing the RFID data and supplied the hardware — and Aries Security, which conducts security-risk assessments and runs DefCon’s annual Wall of Sheep project with other volunteers.

Each year the Wall of Sheep volunteers sniff DefCon’s wireless network for unencrypted passwords and other data attendees send in the clear and project the IP addresses, login names and truncated versions of the passwords onto a conference wall to raise awareness about information security.

This year they planned to add data collected from the RFID reader and camera (below) — to raise awareness about a privacy threat that’s becoming increasingly prevalent as RFID chips are embedded into credit cards, employee access cards, state driver’s licenses, passports and other documents.

Brian Markus, CEO of Aries Security who is known in the hacker community as “Riverside,” said they planned to blur the camera images and superimpose a sheep’s head over faces to protect identities before putting them on the wall.

“We’re not here to gather the data and do bad things with it,” he said, noting that theirs likely wasn’t the only reader collecting data from chips.

“There are people walking around the entire conference, all over the place, with RFID readers [in backpacks],” he says. “For $30 to $50, the common, average person can put [a portable RFID-reading kit] together…. This is why we’re so adamant about making people aware this is very dangerous. If you don’t protect yourself, you’re potentially exposing your entire [company or agency] to all sorts of risk.”

In this sense, any place can become a hostile hacker environment like DefCon, since an attacker with a portable reader in a backpack can scan cards at hotels, malls, restaurants and subways, too. A more targeted attack could involve someone simply positioned outside a specific company or federal facility, scanning employees as they entered and left and cloning the cards. Or someone could even wire a coil around a door frame to collect data as people pass through the door, which Paget demonstrated at DefCon.

“It takes a few milliseconds to read [a chip] and, depending on what equipment I’ve got, doing the cloning can take a minute,” says Laurie. “I could literally do it on the fly.”

Paget announced during his DefCon talk that his security consulting company, H4rdw4re, will be releasing a $50 kit at the end of August that will make reading 125-kHz RFID chips — the kind embedded in employee access cards — trivial. It will include open source software for reading, storing and re-transmitting card data and will also include a software tool to decode the RFID encryption used in car keys for Toyota, BMW and Lexus models. This would allow an attacker to scan an unsuspecting car-owner’s key, decrypt the data and open the car. He told Threat Level they’re aiming to achieve a reading range of 12 to 18 inches with the kit.

“I often ask people if they have an RFID card and half the people emphatically say no I do not,” says Paget. “And then they pull out the cards to prove it and … there has been an RFID in their wallet. This stuff is being deployed without people knowing it.”

To help prevent surreptitious readers from siphoning RFID data, a company named DIFRWear was doing brisk business at DefCon selling leather Faraday-shielded wallets and passport holders (pictured above right) lined with material that prevents readers from sniffing RFID chips in proximity cards.

(Dave Bullock contributed some reporting to this piece.)