Bill Gates :: essays research papers

Bill GatesWhat does it take to be the richest man? It is obvious that you don&8217t need to be extremely charismatic or even good looking at all. You only have to have a great idea, you have to be an obsessive workaholic, and you have to be willing to beat and crush all of your competitors. Also being a genius, and being in the right place at the right time whitethorn help too. Someone that has seemed to accomplish all of these is now the Chief Executive Officer of the Microsoft Corporation and goes by the name of Bill Gates. He currently deserving more than 100 billion dollars and is the most wealthy man in the world. There are many people who admire and respect him, and then in that location are many that hate and despise him. Either way he has managed to develop and successfully operate one of the worlds largest software manufacturers, Microsoft. Microsoft is so successful, and has such dominate over the computer industry that the U.S. government is filing a lawsuit accusing claiming a monopoly. How did Bill get himself into this and where he is now? Is it possible he has made too much money and has too much power? You can decide after reading this.William Henry Gates III was natural on October 28, 1955 in the Seattle suburbs of Washington. He grew up with his two sisters in a family of descent wealth, his father William Gates Jr. a Seattle attorney, and his mother Mary Gates, a school teacher, University of Washington regent and chairwomen of The United Way International. Gates attended public elementary school in Seattle before moving on to the semiprivate Lakeside school in North Seattle. There he began cutting classes to hang out at all hours at his schools computer center. He care computers and learned so much that he began programming them at age 13. Throughout his early teens he and his friend Paul Allen were writing computer programs functional on ways to start a business. At 16 they sold a computer-runned system to monitor highway traffic, and made around 20,000 dollars off it, alone business ended when the customers found out the young entrepreneurs were still attending high school. After successfully graduating high school, Gates wasn&8217t quiet undisputable what to do next. He decided to attend Harvard with no specific career goal in mind. While going to Harvard he was your average smart college assimilator with a special interest in the Popular Electronic magazine.

A Confederate Officer from Pennsylvania, and His Ties to the South :: essays research papers fc

The American Civil contend was a very traumatic time for this country. The idea of Americans purposefully killing other Americans in scrap just sends chills up most of our spines. This was true for the ordinary combat soldiers, the officers executing battle plans, or for those fortunate officers who were of administrative importance to the war. Everyone involved was fighting for a cause, the South was highly effective at converting this cause into a determination to fight and win the war. It is possible that those individuals involved in the fighting had a lots stronger belief in the cause, since they risked life and limb everyday and every battle. This is found not to be true. Even though the non-combat Confederates did not engage the enemy graduation exercise hand they too had a direct emotional response to the cause and for defense of the South.Josiah Gorgas was the Chief Ordinance officer for the Confederacy. Josiah Gorgas was born into a Poor atomic number 91 family on July , 1st, 1818. Once of age Josiah Gorgas enrolled at West Point, where he graduated 6th in his class. His focus was on military ordinance and logistics. He was equip to the U.S. Army Ordinance department, where he remained until the Civil War broke out. Gorgas married his wife Amelia Gayle Gorgas while he was stationed in Alabama in 1853. Mrs. Gorgas was the daughter of a prominent Alabama politician and ex-governor named John Gayle. This highly influential family that Josiah Gorgas connects himself too casually persuades him to identify with Southerners and the Southern Cause. Josiah Gorgas feels more at home with his wifes family than with his own. This may have been in part because Josiah was not home much after going to West Point. He felt disenfranchised from his family once the War broke out.It is interesting to see how an educated man from the North can just simply change to the Southern vantage point. The transition Josiah Gorgas made from a Northerner to a Southerner is not covered in his journal. He avoids the issue and it is difficult to see why. I believe Josiah Gorgas resented the fact that his family was poor. When Josiah Gorgas was stationed in the South he was a white officer, which put him in the upper class of this highly aristocratic society. I believe Josiah Gorgas enjoyed his social standing in the South as advantageously as the hospitality that came with it.

History, Culture and Identity of Mothers and Daughters in Amy Tan’s The

History, Culture and Identity of Mothers and Daughters in Amy Tans The Joy Luck federation Amy Tans The Joy Luck Club is a novel that deals with many controversial issues. These issues unfold in her stories about four Chinese mothers and their American raised little girls. The novel begins with the mothers talking about their own puerilitys and the relationship that they had with their mothers. Then it focuses on the daughters and how they were raised, then to the daughters current lives, and finally back to the mothers who finish their stories. Tan uses these mother-daughter relationships to describe conflicts of history, culture, and identity and how each of these themes are intertwined with iodine another through the mothers and daughters. The mothers and daughters not only mother a generation gap, but since the mothers were born in China and the daughters were born in America, they also experience a certain cultural gap. This leads to miscommunication and misunderstanding on both parts. To the mothers, their Chinese heritage is very meaningful to them and the Americanized daughters dont always understand this. The daughters hail embarrassed by their mothers broken English. For instance, at one point Lindo Jong says But inside I am becoming ashamed. I am ashamed she is ashamed. Because she is my daughter and I am proud of her, and I am her mother and she is not proud of me. (pg. 291). Lindo is hurt because her daughter Waverly, is talking to her like she is a child. Waverly does not do this on purpose, she just has a hard time understanding her mother and her background, like the other daughters in the book. Living with their traditional culture in American society, Chinese-American women suffer the prob... ...ying to save their daughters from the cultural barriers, and identity crisis that they had to face. It is in listening to these stories that the daughters find their true identities and become the people that they really are. They realize that they do not affirm to look at their mothers as their opponents, but instead their equals. They accept and even honor the fact that they are the same as their mothers. The Joy Luck Club tells a strong and powerful story that shows the importance of history, culture, and identity in mother daughter relationships, and also in everyday life. Works CitedDo, Thuan Thi. Chinese-American Women in American Culture. 1992 http//www.ics.uci.edu/tdo/ea/chinese.html Jokinen, Anniina. Anniinas Amy Tan Page. 1996 http//www.luminarium.org/contemporary/amytan/ Tan, Amy. The Joy Luck Club. New York Random House, 1989.

Puerto Rico :: essays research papers

Identity CrisisThe effect of colonialism on a colonized people can often provide in a situation better known to us today as an identity crisis. Studying the history of Puerto anti-racketeering law under Spanish convention helps us to identify the problems found within groundbreaking flavours of Puerto Rican identity. such notions of interior(a) identity stem from the stamp that Puerto Rico is a "self-defined community of people who overlap a sense of solidarity based on a belief in a common heritage and who claim political rights that may include self-government" (Morris 12). However, such modern notions of solidarity contradict the fact that by 1898 Puerto Rican ships company was characterized by great racial and class differences. As claimed by Jos Luis Gonzlez in his Puerto Rico The quaternion Storeyed Country, these differences made "Puerto Rico a country so divided racially, socially, economically and culturally that it should be described as two countri es rather than virtuoso" (Gonzalez14). The rise and fall of the international sugar market, and the subsequent authorization of the coffee market in the Puerto Rican economy, helped to create the "foreign elements" within Puerto Rico that make modern views of Puerto Rican identity extremely problematic. The study and use of history has vie an important role in helping to construct the concept of Puerto Rican national heritage. Francisco Scarano, in his gelt and Slavery in Puerto Rico, 1815-1949 An Overview, asserts that notions of Puerto Rican national heritage have been visualised as being an "anomalous case" within the Americas. He writes that m whatsoever historians have claimed that Puerto Rico had an "economy and society which developed an advanced sugar intentness during times of fairly open Atlantic slave trade, yet did not rely to any significant degree on the labor of African slaves" (Scarano 25). This suggests that the racial "heritage& quot of Puerto Ricans is not predominately black, and therefore, other races must have attributed to this hybridity, as well. Moreover, it also suggests that because forced bondage was not widely practiced on the island, a notion of solidarity could have existed amongst the Puerto Rican people during the 19th Century. However, could this example also serve as a creator for modern uses of history to reinforce perceptions of national identity? Unfortunately, the dilate surrounding the islands social and economic structure at that particular time keep back its history from serving as a model for national unity. In the 1840s, sugar became very important in the international market.Puerto Rico essays research document Identity CrisisThe effect of colonialism on a colonized people can often result in a situation better known to us today as an identity crisis. Studying the history of Puerto Rico under Spanish rule helps us to identify the problems found within modern notions of Pue rto Rican identity. Such notions of national identity stem from the belief that Puerto Rico is a "self-defined community of people who share a sense of solidarity based on a belief in a common heritage and who claim political rights that may include self-determination" (Morris 12). However, such modern notions of solidarity contradict the fact that by 1898 Puerto Rican society was characterized by great racial and class differences. As claimed by Jos Luis Gonzlez in his Puerto Rico The Four Storeyed Country, these differences made "Puerto Rico a country so divided racially, socially, economically and culturally that it should be described as two countries rather than one" (Gonzalez14). The rise and fall of the international sugar market, and the subsequent ascendancy of the coffee market in the Puerto Rican economy, helped to create the "foreign elements" within Puerto Rico that make modern views of Puerto Rican identity extremely problematic. The study and use of history has played an important role in helping to construct the concept of Puerto Rican national heritage. Francisco Scarano, in his Sugar and Slavery in Puerto Rico, 1815-1949 An Overview, asserts that notions of Puerto Rican national heritage have been portrayed as being an "anomalous case" within the Americas. He writes that many historians have claimed that Puerto Rico had an "economy and society which developed an advanced sugar industry during times of fairly open Atlantic slave trade, yet did not rely to any significant degree on the labor of African slaves" (Scarano 25). This suggests that the racial "heritage" of Puerto Ricans is not predominately black, and therefore, other races must have attributed to this hybridity, as well. Moreover, it also suggests that because forced slavery was not widely practiced on the island, a notion of solidarity could have existed amongst the Puerto Rican people during the 19th Century. However, could this exa mple also serve as a precedent for modern uses of history to reinforce perceptions of national identity? Unfortunately, the details surrounding the islands social and economic structure at that particular time prevent its history from serving as a model for national unity. In the 1840s, sugar became very important in the international market.

Choctaw Tribe Essay -- Sociology, Dead, Spirit

When a Choctaw tribal member became terminally ill, it was common practice for the medicine man to inform the family of be death (Swanton 1931170). Upon death, the Choctaws believed that the spirit of the dead continued on a voyage to either the good hunting ground or the bad hunting ground. This trip would take many days, which would require the proper provisions. A dog would sometimes be slain in order to accompany his master on the yearn journey. After the introduction of horses, they, too, were killed so that the spirit had means of transportation. Food, drink, clothing and shoes were also offered (Cushman 1999302, Swanton 1931170). After death, the corpse was placed on a scaffolding rough five or six feet above ground. The platform was constructed of timber and placed on poles. The body was then covered with a blanket made of living creature skin and tree bark so not to attract scavenging animals. The body remained in this position until the flesh decayed, approxim ately four to six months (Cushman 1999302-3). During this time, immediate family was considered to be in formal mourning. Each day for a short period of time, family members would be found weeping at the scaffolding (Fogelson 2004507). Once the flesh had decayed, the operating system picker began his ritual. The Bone-Picker never trimmed the nails of his thumbs, index and middle fingers which accordingly grew to an astonishing length sharp and almost hard as flint and well equal to the horrid business of their owners calling (Swanton 1931176). The remaining flesh, tendons, muscles and nerves were ripped from the skeleton, bundled up and placed on the corner of the platform and burned, or disposed of in a field (Cushman 1999303, Swanton 19311... ... the spirit would feel guilt or fear, and attempt to dodge the stones. Slipping from the log, he would fall into the raging river and over the waterfall, landing in rapidly swirling pool of water. Pulling his beaten, tattered, and unclothed body from the water, the shilup, begins his journey into the bad hunting grounds. Every step is filled with the pain from briars, thorny trees, chestnut burs. The sunniness never shines and cold winds are always present. Every spirit encountered is an enemy with no safe place to take refuge. Food is scarce, due to unfertile soil, and starve is constant. The bad hunting grounds are perpetually lonely, with only the joyous sounds coming from the other side of the mountains. The doomed spirits constantly struggle to jump on the treacherous mountains, but to no avail. They are eternally destined to an afterlife of desolation.

Choctaw Tribe Essay -- Sociology, Dead, Spirit

When a Choctaw tribal member became terminally ill, it was common practice for the medicine man to inform the family of imminent death (Swanton 1931170). Upon death, the Choctaws believed that the spirit of the dead continued on a voyage to either the good hunting ground or the bad hunting ground. This pilgrimage would take many days, which would require the proper provisions. A dog would sometimes be slain in order to accompany his master on the pine journey. After the introduction of horses, they, too, were killed so that the spirit had means of transportation. Food, drink, clothing and shoes were also offered (Cushman 1999302, Swanton 1931170). After death, the corpse was placed on a scaffolding active five or six feet above ground. The platform was constructed of timber and placed on poles. The body was then covered with a blanket made of zoology skin and tree bark so not to attract scavenging animals. The body remained in this position until the flesh decayed, approx imately four to six months (Cushman 1999302-3). During this time, immediate family was considered to be in formal mourning. Each day for a short period of time, family members would be found weeping at the scaffolding (Fogelson 2004507). Once the flesh had decayed, the off-white picker began his ritual. The Bone-Picker never trimmed the nails of his thumbs, index and middle fingers which accordingly grew to an astonishing length sharp and almost hard as flint and well suitable to the horrid business of their owners calling (Swanton 1931176). The remaining flesh, tendons, muscles and nerves were ripped from the skeleton, bundled up and placed on the corner of the platform and burned, or disposed of in a field (Cushman 1999303, Swanton 19311... ... the spirit would feel guilt or fear, and attempt to dodge the stones. Slipping from the log, he would fall into the raging river and over the waterfall, landing in rapidly swirling pool of water. Pulling his beaten, tattered, an d unclothed body from the water, the shilup, begins his journey into the bad hunting grounds. Every step is filled with the pain from briars, thorny trees, chestnut burs. The sun never shines and cold winds are always present. Every spirit encountered is an enemy with no safe place to take refuge. Food is scarce, due to unfertile soil, and hurt is constant. The bad hunting grounds are perpetually lonely, with only the joyous sounds coming from the other side of the mountains. The doomed spirits constantly struggle to arise the treacherous mountains, but to no avail. They are eternally destined to an afterlife of desolation.

The Japanes Tsunami Disaster

On March 11th 2011 at 248pm a magnitude 9 earthquake occurred lasting a record time of 5 minutes until 253pm. This awful event occurred in the country of japan in Asia, einsteinium of china, south of Russia and lies on the Pacific Ocean. because 20 minutes later a tsunami hit Ofunato and then followed by Sedai and Niyko. There were wads more battleground affected by the tsunami.CausesThe tsunami that hit japan was a series of piss that became many waves that built up by travelling along the Pacific Ocean, step by step gathering up speed. By the time it hit Ofunato it was as fast as a jet engine and going 800 kph. This tsunami happened because of the pacific tectonic home base subducted the Asiatic tectonic plate and caused an upwards wave to start and increase in length and it caused a ample tsunami to hit Japan. Japan had a massive tsunami hit them because of the magnitude 9 earthquake (a sudden release of energy in the Earths crust that creates seismic waves) that hit them first, which caused the pacific tectonic plate subducted the Asian tectonic plate and created a flood of water to go in to the fault line and cause it to stimulate up pressure and heat up. Then the water sprung up in to a travelling along the Pacific Ocean causing a tsunami, this caused over 15,000 deaths, 6,000 injured and 4,000 missing. Another cause of the sad tsunami was that it gained an extra metre in height because the coast line dropped a metre this was one of the effects of the earthquake.Social effectsThe effects on people were that there houses had fallen down and many were homeless. The disaster caused falling birth rates, some mothers and children were forced to move to other towns and cities, even 200-300 miles away from their broken homes. Buildings were shaking, lights flicker they crumbled down in front of the people inside them. Bridges were in pieces, shaken and broken by the earthquake and tsunami. The people in Japan were in a horror film. Their families were broken, torn apart by 7 metre high waves. At least 170,000 households were running without any water said by the health ministry. Up to 47,000 building were destroyed, washed away or burnt down, the national police agency of Japan said. A total of 164,059 households in the unification were without electricity, tohoku electric power co said.You can read also WavesEconomic effectsThe tsunami caused a large negative impact on the economy of Japan but lesser effect on world trade and financial markets. Japan has lost considerable physical damage estimated to be from $195 billion to as much as $305 billion. The negative effects of the earthquake and tsunami caused a potential atomic disaster. Only 150 miles from Tokyo, radiation leaked from a nuclear plant feeble by an explosion. Although it wasnt at the same scale of Chernobyl, but 170,000 people were evacuated. Another economic effect is that hundreds of factories were shut across Japan and the country was pushed in to recession. N issan and Toyota had to halt production at all 20 factories. Toyota, the worlds largest carmaker, evacuated workers from two plants in the worst affected regions. The plants make up to 420,000 small cars individually year, mostly for export.Environmental effectsThe effects the tsunami had on japans environment was that were lots of debris everywhere because the tsunami had picked up everything in its way when it hit Japan and when it had halt all the debris was left on the ground leaving lots of mess. All the debris that was on the floor meant it was harder to find missing people. The tsunami also carried lots of dead fish and animals habitats would have been damaged because of the water. The fish were all dead in the tsunami due to the fact that the Pacific Ocean contaminated because of the radiation of the nuclear plant explosion. This also meant that any birds wouldnt have been able to feed or they would have died eating contaminated fish. The smell also would have been unsuf ferable to cope with because of the keep down of dead fish and bodies and debris carried by the tsunami. Liquefaction during the earthquake as well, this would have left big cracks in the concert and some water may of septet up through with(predicate) the cracks.Short term responsesAfter the tsunami occurred everyone immediately tried to wait on the injured get to a sound pose so they could be helped. Fire engines and ambulances were there to help and to rescue people from the debris. There were lots of people injured and dead so that when the people were be searched for by people of Japan to save time if a person was dead under the debris they would have put down a pivot so they could go on and search for people that were alive and could be saved. Then later they would have gone back to the body and they would have locomote it. Everyone hurt by the tsunami/earthquake got medical care by the other helping countries wanting to help. China was one of the 91 countries that help ed Japan as shortly as possible by providing $4.5 million worth of humanitarian aid.Their first shipment was from Shanghai to Tokyo. It contained 2,000 blankets, 900 tents and 200 emergency lights to help Japan get through the tragic amount of injured people. Seventeen Latin American countries, including Honduras, Ecuador and Brazil, and four African states Djibouti, Morocco, South Africa and Tunisia had also offered assistance. The mayor of Kandahar city in Afghanistan pledged $50,000 to birth comfort efforts. The World Bank, Unicef, Unesco and the Office for t he Co-ordination of Humanitarian Affairs were among the international organisations pledging support. Other responses were that they were lots of tents and shelters put up for people to stay safe because their houses would have been crushed by the tsunami or fall because of the magnitude 9 earthquake. In the shelters, the people got free food and water to keep them alive.Almost everywhere there was no gas or electricity because of the impact of the tsunami. All they could us were emergency lights and torches to see. Products in Japan went up because lots of stock was done for(p) or damaged and it was a struggle to get stock from other countries or cities because the expressway fell down and transport-roads were blocked. Some charities also help the tsunami victims such(prenominal) as architecture for humanity helped by fundraising and giving all the money they made to Japan to help the people that were made homeless or that were lazy because their workplace might have been hit. Save the Children meet the needs of children and their families affected by the tsunami, whilst Christian Aids partners in the Philippines helped to evacuate the most penetrable coastal communities. People living in these communities had been warned to prepare for a tsunami wave at least one metre high along the east coast. Partners of the British Red Cross in Japan, America and the Philippines worked alongside the emerge ncy services to support victims and evacuate high risk areas.Long term responsesGeneral recuperation efforts progressed, super markets gradually reopened, gas stations in northern Japan resumed business, and roads were accessible. The Japanese government significantly supported the countrys relief efforts and provided much of the needed temporary housing. Everything that was rebuilt in Japan however it cost them 25tn yen which actuates to 189bn. Schools were rebuilt and teachers were provided so the children could get an education.ConclusionIn my opinion, I think that the Japan tsunami was a disaster because of the impact that it caused to the people (such as the deaths), the environment (dead animals, liquefaction, amount of debris needed to be cleaned up) and the amount of money that it cost them. The amount of deaths that the tsunami caused was devastating, the amount of missing people and pain that the tsunami caused families. It was an awful event that caused pain to everyone and cost lots of money. I think to stopped this happening to Japan again they should build a bigger wall on the coast to protect them or even buy tsunami capsules from all households even though they are expensive it would help and save the lifes of many if it occurred again.

Eu Enlargement

EU Enlargement Background The European Union (EU) is an economic and political union of 27 fraction states which are located in general in Europe. The EU traces its origins from the European Coal and Steel Community (ECSC) and the European Economic Community (EEC), formed by six countries in 1958. In 1967 they corporate into European Community. The Maastricht Treaty established the EU under its current name in 1993. The EU has grown its size by the accession of newborn member states. For example, on May 1st 2004, 10 new members joined the EU and EU-15 became EU-25. In 2007 it became EU-27 when Romania and Bulgaria joined.It seems that the enlargement volition continue and numerous people begin to carry on whether the EU should admit more members. Countries should obey the accession rules if they want to join the EU. According to the Copenhagen Criteria, a member state must be a permanent democracy, respect human rights and have the rules of law and the protection of minority. In terms of the economic aspect, it should have a functioning market economy. In addition, the country ineluctably to adopt the common rules, standards and policies that make up the body of EU law. Body Commission regarded enlargement as the Unions most successful distant policy instrument. Following? the? enlargements? of? 2004? and? 2007,? the? EU? is? now? the? largest? integrated? economic? area? in? the? world,? accounting? for? more? than? 30%? of? world? GDP? and? more? than? 17%? of? world? trade. New members can benefit more from enlargement than existing member states (Neuder, 2003) * Benefit of new members * Strong economic harvest-tide * Benefit from the EU cipher and access? to? EU? funds? * The 10 new members can expect to receive up to 4% per annum of their GDP from the EUs geomorphologic and cohesion funds for projects aimed at improving their economic tructures. * e. g.? net? inflow? of? structural? funds? to? help? finance? infrastructure? projects and? enviro nmental? projects. * Increase in GDP from 3. 7% to 5% on average in the first two years since accession. * In the long time, the acceding states could enjoy a rate of growth some 2% higher than that of the existing states (Neueder, 2003). * East slowly catch up with the west. * Increase in trade * Most? of? the? new? EU? countries? were? already? closely? linked? in? trade? and? investment? terms? with? their? western? European? neighbors.? Joining? the? single? market? as? deepened? this in? 2007,? almost? 80%? of? exports? of? the? new? EU? states? went to? the? rest? of? the? EU. * Increase in Foreign Direct Investment * For the new member states, FDI is a key factor in the parade of economic modernization. New members can receive funds from foreign countries and use the money to boost economy. * Enlargementlarger market and openness to trade. * Baldwin, Francois and Portes (1997) argue that joining the EU ordain make the region substantially less risky from the point of view o f domestic and foreign investors. * 191 billion euro by 2004 However, they seem to over rely on FDI. FDI accounts for too large part (e. g. Hungary 70%). Once there is something wrong with some investors and do not invest them, for instance the financial crisis, they will give birth tremendously. * The? 2009? crisis? may? persuade? Central and East European? Countries? to? reduce? their? dependence? on? foreign? direct? investments and? build? an? economic? growth? model? on? different? grounds. * Welfare * Farmers began to receive agricultural subsidies * Structural funds directed towards poorer regions (investment in infrastructure) * Benefit of existing members Enlargementmore people more consumersobtain more than 450 million consumers from undivided European Marketcompanies could expand their businesses and benefit from experience and location economies scale * Larger labor market fill labor shortage in existing states with low-priced and highly-skilled workforce, for example , UK and Ireland However, these skilled workers may replace the indigenous employeesincrease the unemployment * High growthincrease the purchasing powerstimulate the import demand of acceding states and export of member states * Imports and exports between new and existing members have increase considerablethe EU15 share of total EU12 trade increased from 56% in 1993 to 62% in 2005 * Because of theseGDP increase * Costs of enlargement * Drawback for new member state * Difficulties in complying with EU law restrict development of business especially Small and Medium-size Entrepreneurs * Push many producers break through of business due to their incompliance with EU environment policies * value harmonization e. g.Estonia was forced to introduce new tariff against imports from outside of the EU, adopt a number of non-tariff barrierssuch protectionisms increase the food price and lowered Estonians standard of biography * High unemployment still exists in many new member states (8% EU -15 14% EU-10, 2005) * Some high skilled workers or people with higher degree will move from east to the west, this brain drain damages the host countries. * Drawback for EU-15 * Volume of enlargement costs will amount to about 15% of the EU budget (Germany 2. 3bn from its federal budget) * Migration Concern about too much migration from east to west social problems and pressure on social/medical/educational services. (e. g. ome countries even carried out policies to limit the volume of migration) * Actually the percentage of EU-12 nationals and the resident population of each EU-15 Member state were relatively stable before and after enlargement. * Too many countries will decrease the efficiency of EU. * Conclusion Enlargement of EU has been the most successful policy. Although it has some negative effects on both existing and new member states, its positive influences far outweigh its negative aspects. Process EFTA (European Free Trade Association) afraid that the Single Market Pr ogram would increase competitioncreate EEA (European Economic Area)1995, Austria, Sweden, Finland opted for European Accession, joined (growth+, unemployment-, inflation- Finland(1991-2000, 2006,%) growth 2. 0-5. 0 unemployment 12. 5-7. 7 inflation 2. 1-1. 3

Business Law and Ethics Essay

Dealing with government regulation in business is an integral part of a managers responsibilities. Recognizing what actions might violate particular consumer protection regulations is crucial to protecting the comp either and to insuring its profitable operation. Government regulation is found every twenty- cardinal hour period in the operation of businesses large and small, and once understood, it allows managers to make good conclusivenesss regarding business practices. When you nurse completed this topic, you ordain be able to list the common types of regulations knowing to protect consumers, identify types of illegal consumer acknowledgment practices,describe the warranty protection profferd to consumers, and describe the purpose and role of the federal official Trade Commission (FTC) in consumer protection. memorialise Chapter 40, Consumer LawRead the following chapter in Business Law and the Legal Environment chapter 40 (Consumer Law)Then respond to the following points in your nonebook computerWhat is the role of the FTC?Describe prohibited sales activities under the FTC Act.How is consumer reference book regulated?What is the Magnuson-Moss Warranty Act?What government regulations apply to consumer product skilfulty?Consumer Law-statutes that protect consumers from the unscrupulous.Federal Trade Commission (FTC)=Created by congress in 1915 to regulate business. Most important agency enforcing consumer law. Prohibits unfair deceptive practices.FTC options for enforcing the law1. Voluntary ComplianceWhen the FTC determines that a business has violated the law, it first asks the offender to sign a voluntary compliance affidavit promising to interference2. Administrative hearing and appealsIf the comp all ref recitations to stop voluntarily, the FTC takes the case to an administrative law judge (ALJ) within the agency. The violator may settle the case at this point by signing a acquiesce order.3.PenaltiesFTC can impose a fine for each violation o f a voluntary compliance affidavit, a consent order, a cease and desist order, and an FTC rule. variance 5 of FTC Act-Prohibits unfair or deceptive sales practices.deceptive sales practices=An advertisement is deceptive if it contains an important misrepresentation or omission that is apt(predicate) to misdirect a reasonable consumer.Unfair acts or practices must meet 3 tests to considered unfair acts or practices1. It causes a substantial consumer injury2. Harm of injury outweighs both benefit3. The consumer could not reasonably avoid the injuryFTC can find unfair if violates public policy w/o meeting testsBait and hold advertisement=Merchant may not advertise a product and say bad things about it in order to sell a antithetical item.Telemarketing=prohibits telemarketers from calling anyone on the do-not-call registry. Andthey cannot block their names and telephone number.Do not call registry=prohibits telemarketers from calling telephone numbers listed on the Do not call reg istryMail or Telephone Order Merchandise has the following guidelines essential ship an item within the time verbalize or within 30 age after the receipt of order if it cant ship by that time, they must send the customer a new ship date or the right to cancel order.*unordered merchandise received in the mailConsumers may keep as a giftDoor to Door Rules-Salesperson is required to notify the buyer that the she has the right to cancel the transaction prior to midnight of the third business day thereafterConsumer attribute RegulationsTILA fair play in Lending Act- requires bestowers to disclose the terms of a loan in an comprehendible and complete manner. disclosures must be guide and meaningful.. Must disclose the finance charge and APR. TILA applies when1. Its a consumer loan2. The loan has a finance charge and will be repaid in much than four installments3. The loan is less than $25,000 or secured by a mortgage4. The loan is made by someone in the business of offering cre dit.High charge per unit Home blondness loans-lender must notify consumer at least 3 business long time before closing that1. He does not have to go through with the loan2. He could lose his house if he pop offs to make paymentsHome Equity Loans-Rescission-Can rescind for up to 3 days after signing and after 3 years if the mortgage lender didnt comply with TILA.Right to Rescind=Consumers have the right to rescind a 2nd mortgage for three business days after the signing. If the lender did not comply w/ TILA may rescind for up to 3 yrs.Credit card unauthorized charges- under TILA if consumer extends card stolen w/in 2 days only responsible for $50, after 2 days bank will only reimburse for losses over $500. Wait more than 60 days to incubate bank is not liable at all unclouded end credit(credit card)= credit transaction in which lender makes a series of loans that can be re-payed at once or in installments.open terminate credit required disclosures1. the amount owed at the beg inning of the amounting cycle 2. amounts and dates of all purchases, credits and payments finance charges and late fees 3. the date by which a bill must be paid to avoid these charges 4. either the consequences of making the monthly minimum payment or a toll free number at which to obtain such information.Close end credit(car loan)=One loan, borrower knows the amount and the payment schedule in advancesubprime loansFor subprime loans, a lender(1) Must verify the borrowers ability to repay the loan from income and assets other than the homes value (2) May not charge a prepayment penalty if monthly payments can assortment in the first four years of the loan (3) Must collect property taxes and homeowners insurance for all first mortgagesHome equity LoansHome Equity Loans-Enforcement=FTC generally has the right to enforce Truth in Lending Act and Consumers have a right to file suit.TILA provides additional consumer safe guards if1. APR is more than 10% higher than Treasury securities2 . Consumer pays fees and points at closing more than 8%3. Loans that atomic number 18 less than 5 yrs cannot have balloon paymentsAdvertising= mandate requires lenders to advertise their rates accurately. Cant bait and switch.Bait and Switch=a merchant may not advertise a product and accordingly impose on _or_ oppress it to consumer in an attempt to sell a different item and they must have enough items in stock to meet reasonable demand.Truth in Lending Act (TILA)=passed to ensure that consumers were adequately informed about the credit terms before entering into a loan and can equivalence the cost of the credit.TILA enforcement*FTC generally has the right to enforce TILA.TILA requires disclosuresMust be clear and in meaningful sequence, The lender must disclose the finance charge, and the creditor must as well as disclose the annual percentage rate.TILA advertisements-Under TILA lenders cannot advertise a loan as fixed if in fact its rate or payments will sortIn the result o f a dispute between the customer and and a merchant the credit card company cannot bill the customer if1. customer makes a good faith effort to resolve dispute2. the dispute is for more than $503. the merchant is in the same state or is within one hundred miles of their home sporting Credit Bill Act (FCBA)-Under FCBA a credit card company must promptly investigate and respond to any consumer complaints about a credit card bill *provides additional protection for credit card holders. It allows a customer to dispute an item on their commission statement and demands that the company respond to your dispute.Fair Credit Reporting Act (FCRA)-helps to ensure that consumer credit reports are accurate and regulates the coverage agencies.Under FCRA1. A consumer report can be used only for a legitimate business need 2. A consumer reporting agency cannot report obsolete information 3. An employer cannot predication a consumer report on any current or potential employee w/o the employees per mission 4. Anyone who makes an adverse decision against a consumer because of a credit report must reveal the name and address of the reporting agency that supplied the negative infoFair and accurate credit reporting Act (FACTA)-created to concentrate identity theft by providing consumers with one free credit report per year and making companies update their information. *Permits consumers to obtain 1 free credit report every year from each of the 3 major reporting agenciesFair Debt Collections Practices Act (FDCPA)=a collector must send the debtor a create verbally notice containing the amount of debt, the name of the creditor to whom the debt is owed, and a statement that if the debtor disputes the debt (in writing), the collector will cease all collection efforts until it has sent evidence of the debt. *Debt collectors may not harass or abuse debtorsEqual Credit Opportunity Act (ECOA)=Prohibits any creditor from discriminating against against a borrower on the basis of race, co lor, age, religion, national origin, sex or marital status or because the borrower is receiving welfare.Magnuson-Moss Warranty Act=Requires any supplier that offers a written warranty on a consumer product costing more than $15 to disclose the terms of the warranty in simple and readily understandable language before sale. *Magnuson-Moss Warranty Act does not requiremanufacturers or sellers to provide a warranty on their products.Consumer product safety Commission=Evaluates consumer products and develops safety standards.Consumer Product Safety Act (CPSA)=the goal is to prevent injuries from products.Consumer Leasing Act (CLA)=protects a person when leasing a car. Makes sure that the company discloses all important information in writing, so that the borrower knows what the payments, interest, penalties, rights, and warranties are.Debit Card=This item works like a check because money is taken directly from your account so their is no bill.Rules of a Debit CardIf you report it stolen before any purchases are made, you are not responsible for any amount. If you report it stolen with in two days, you are responsible for $50. If you report it stolen after two days, you are responsible for $500.Chapter Conclusion around no one will go through life without reading an advertisement, ordering from a catalog, borrowing money, needing a credit report, or using a consumer product. It is important to know your rights.Chapter Review1. The Federal Trade Commission (FTC) prohibits unfair and deceptive acts or practices. A practice is unfair if it meets the following three tests It causes a substantial consumer injury. The harm of the injury outweighs any countervailing benefit. The consumer could not reasonably avoid the injury.2. The FTC considers an advertisement to be deceptive if it contains an important misrepresentation or omission that is likely to mislead a reasonable consumer. 3. FTC rules prohibit bait and switch advertisements. A merchant may not advertise a pr oduct and then disparage it to consumers in an effort to sell a different item. 4. The FTC prohibits telemarketers from calling telephone numbers listed on its do-not-call registry.5. Consumers may keep as a gift any unordered merchandise that they receive in the mail. 6. Under the FTC door-to-door rules, a salesperson is required to notify the buyer that she has the right to cancel the transaction prior to midnight of the third business day thereafter. 7. In all loans regulated by the Truth in Lending Act (TILA), the disclosure must be clear and in meaningful sequence. The lender must disclose the finance charge and the annual percentage rate. 8. In the case of a high-rate home equity loan, the lender must notify the consumer at least three business days before the closing that (1) he does not have to go through with the loan (even if he has signed the loan agreement) and (2) he could lose his house if he fails to make payments. If the duration of a high-rate home equity loan is le ss than flipper years, it may not contain balloon payments.9. Under TILA, consumers have the right to rescind a mortgage (other than a first mortgage) for three business days after the signing. If the lender does not comply with the disclosure provisions of TILA, the consumer may rescind for up to three years from the date of the mortgage. 10. Under TILA, a credit card holder is liable only for the first $50 in unauthorized charges made before the credit card company is notified that the card was stolen. If, however, you deferment more than two days to report the loss of a debit card, your bank will only reimburse you for losses in excess of $500. If you fail to report the lost debit card within 60 days of receipt of your bank statement, the bank is not liable at all. 11. In the event of a dispute between a customer and a merchant, the credit card company cannot bill the customer if She makes a good faith effort to resolve the dispute The dispute is for more than $50, and The me rchant is in the same state where she lives or is within 100 miles of her house.12. Under the Fair Credit complaint Act, a credit card company must promptly investigate and respond to any consumer complaints about a credit card bill. 13. Under the Fair Credit Reporting Act A consumer report can be used only for a legitimate business need A consumer reporting agency cannot report obsolete information An employer cannot request a consumer report on any current or potential employee without the employees permission, and Anyone who makes an adverse decision against a consumer because of a credit report must reveal the name and address of the reporting agency that supplied the negative information.The Magnuson-Moss Warranty Act requires manufacturers or sellers to provide at least a limited warranty on all products. (False) AnswerThe Act does not require a warranty, but it does require that any supplier that offers a written warranty on a consumer product that costs more than $15 to disclose the terms of the warranty in simple, understandable language.The federal consumer protection laws are meant to protect consumers from the consequences of bad business decisions. (False) Answer These statutes were passed by Congress and state legislatures to protect consumers from unscrupulous merchants.Under the Truth-in-Lending Act, the consumer is liable for the use of a credit card by unauthorized persons up to $500. (False) Answer The Act makes a consumer liable for only $50.When a borrower uses his home as tribute for a second mortgage, the borrower has the right to rescind for 3 business days. Answer The TILA gives the consumer this right for up to 3 days after the signing.A commercial for basketball shoes included a testimonial from a famous basketball player. If the player does not use the basketball shoes in the adthe ad is deceptive. Answer Under the FTC Act, an advertisement is deceptive if it contains an important misrepresentation that is likely to mislead a reasonable consumer.The Consumer Leasing Act requires a lessor to disclose which of the following? The consumers right to terminate a remove early. Answer Any right to early termination must be disclosed before a lease is signed.

Australian Aboriginal Art Essay

Australian aboriginal subterfugeistic creation, air and dance has been the corner stone of destination since the beginning of their existence. Having no form of written language central art, songs, and dances passed smoothen through the generations brace been the heartbeat that has kept this ancient culture alive. Even though the art, medium, song, and dance of each Aboriginal tribe may be completely different, they all serve the same purposes create ceremony, and to inform each member of the tribe of their history, spiritual beliefs, values, and expectations for cultural norm and behaviour.It is not until recently that Aboriginal art has stopped depicting Dreaming stories and has begun to be used for other purposes, such as self expression and emotion release (Pizzi, 13). However as the habitual Aboriginal ways of life corroborate been continually interrupted and battered, the personal personal identity of Aboriginal people and their culture has deteriorated and is in gr eat danger of anxious(p) out completely. For tens of thousands of years Aboriginals have created art on rocks, tree bark, the ground and their bodies, with dyes, paints, seeds, plants, sand, and ochres.It is these art works which create a visual language expressing the legends, morals, and history precise to each Aboriginal tribe (Kreczmansk and Stanislawska-Birnberg, 3). Each painting or drawing contains symbols and colours which represent a part of a Dreaming story. Generally the symbols interchangeable to what they are representing, but can acclaim to mean different things at different times, such as a spiral could represent a waterhole, campsite, breast, or fire depending on the context.Aboriginal art is an integral physical manifestation of their culture and cultural continuity is reflected in all forms such as painting, drawing, ceremonies, song, dance, jewellery, and header masks (Barrington, April 12). On page one of The Tjulkurra, Billy Stockman Tjapaltjarri, Janusz B. Kreczmanski and Margo Stanislawska-Birnberg write, there is one kind of traditional painting which has not changed for thousands of years in its form and overmaster matter the art of the Australian Aborigines. The Aboriginal Dreaming stories are central to culture and each aspect of the Dreaming bicycle is connected, and without one of the parts the wheel the rest does not make sense. These stories dictate every aspect of life and behaviour from where you can walk to how the flat coat was created. These Dreaming stories are the blue prints to Aboriginal life, and it is through art, song, and dance that they survive.Each art drawing, painting, dance refers to a piece of information which the viewer gains upon looking at it, every song steers the listeners towards proper loving behaviour or indicates where in society one falls (Morphy, 30). Some rituals, drawing and painting mediums and depictions, songs, and dances are gender or age discriminate, further structuring social resp onsibilities and purposes (Mayrah, April 20). These Aboriginal art forms are the vehicles that pass meaning, purpose, history, and cultural from one generation to the next.Over the years Aboriginal way of life has been completely disrupted, abused, and deliberate attempts have been made to be erased. Since colonization Aboriginal people have been continually displaced from their lands, which they had lived on for over 40,000 years, and have had to watch as their sacred sites are release down, mined, and destroyed. With this the materials used in Aboriginal art are destroyed, but more importantly there is a cultural disconnection as the elders are inefficient to teach the new generation the ways of their people and land.For example, when a tribe from the desert is suddenly moved to a coast their traditional sand art becomes impossible to create and the ceremonial act of passing that knowledge down to new generations cannot occur. So that art form is lost forever and the relationshi p amongst elders and the new generation breaks down. Or if a Dreaming story is based upon the lake which a tribe lives next to, and the tribe is moved away from this lake the new generations to come will not understand the story, or feel a connection with the land which was given to them by the Creation creations.By taking away the tools the Aboriginals have always used to create their art and ceremonies their whole structure of culture is splintered. Tourism and the intrusions of western culture on Aboriginal land have emasculated and belittled the art of the Aboriginals and traditional art forms have vanished in many places (Edwards and Guerin, Foreword). Furthermore, as The Land My Mother, Walya NGamardiki video the class watched on March 18th explains, the Aboriginals retrieve that they belong to the land, and if the land is destroyed then they too are being destroyed.In Aboriginal culture each person and family is born and connected to a Totem, or Spirit Being, and it is th at persons responsibility to protect their Totem they are thought to be so connected that if one was to eat their Spirit Being it would be considered cannibalism. If a persons Totem is killed then it is that persons responsibility to carry out the mortuary rites for the being. When an Aboriginal dies they believe that their spirits go into the sites from which they came, but by destroying these sanctified sites the spirits have no where to return (Mayrah, April 20).For Indigenous Australianscountry is the subject of artistic representation, ritual enactment, totemism and the sympathetic magic that assists the concourse to ensure itself in the quest for survival (Zimmer, 20). A disconnection between an Aboriginal person and his land is more than an unjust inconvenience it is a cultural, stirred and spiritual murder worse than physical death. The Aboriginals currently make up only two percent of the Australian population, and their art, songs, and dances have been lost to the new ge nerations.The ceremonies, art, dance, and song that had always guided, moralized, and given a voice to the Aboriginal youth has been made unnecessary, unfeasible, or irrelevant over time. These youths are now connecting with the anger, violence and messages of resentment of the coetaneous black American culture. Instead of singing the songs and dancing the dances of their ancestors many young Aboriginals are rapping and grinding. (Dean, April 8). Many Aboriginals, old and young, feel no real tribal identity or language, no connection with Dreaming, and are left confused by who they are in the middle of two conflicting cultures (Bourke, 133).Without their art, song, and dance the Aboriginal culture has no history, meaning, future, or heartbeat. It is imperative to the future of Aboriginal tribes that they reconnect with the wisdom and ceremony of their ancestors art, song, and dance, while continuing to gain the tools to function in instantlys westernized Australian culture. Biblio graphy Barrington, Robin. Indigenous Australian Aboriginal Art. Presentation, Introduction to Indigenous Australia tutorial, Curtin University of Technology, Bentley campus. April 12, 2010. Bourke, Eleanor. On Being Aboriginal. In Identifying Australia in Postmodern Times. Melbourne Bibliotech, Australian National University, 1994. shipway of Working Aboriginal Cultural Awareness Modules. Workshop, Centre for Aboriginal Studies at Curtin University of Technology, Bentley campus. April 8, 2010. Edwards, Robert and Bruce Guern. Aboriginal Bark Paintings. Canberra Rigby, 1970. Kreczmanski, Janusz B. , and Margo Stanislawska-Birnberg. The Tjulkurra Billy Stockman Tjapaltjarri. Marleston Jb Books, 2002. 1-7. Mayrah, Yarraga. Aboriginal Culture. Indigenous Australia Aboriginal Art, History and Culture. http//www.indigenousaustralia. info (accessed April 20, 2010). McGregor, Ken and Jenny Zimmer. Bill Whiskey Tajapaltjarri. Victoria Macmillian Art Publishing, 2009. 15-23. Morphy, Howar d. Ancestral Connections Art and an Aboriginal System of Knowledge. Chicago University Of Chicago Press, 1991. Pizzi, Gabrielee. Voices of The Earth Paintings, Photography, and Sculpture from Aboriginal Australia. Melbourne A private collection. 7-16. The Land My Mother or Walya NGamardiki. Movie, Introduction to Indigenous Australia tutorial, Curtin University of Technology, Bentley campus. March 8th, 2010.

The Art of War

Sun-Tzu Wu is the reputed author of the Chinese classic Ping-fa (The Art of War), written approximately 475-221 B. C. Penned at a age when China was divided into six or s still states that lots resorted to war with each separate in their struggles for supremacy, it is a dodgeatic hap to strategy and simulated military operation for regularisers and commanders. In doing business on the profits during this time of rampant information processor vir handlings and jade attacks it may be wise for us to invite on or so of his tactical principles in order to in surely the safety of ourselves and our future clients.Know your enemy and know yourself in a hundred battles, you will neer be defeated. When you be ignorant of the enemy but know yourself, your chances of winning or losing ar equal. If ignorant some(prenominal) of your enemy and of yourself, you atomic number 18 sure to be defeated in either battle.In a chilling name entitled Big Br other(a) is Watching Bob Sull ivan of MSNBC recounts a tale during a recent chew up to capital of the coupled Kingdom Only moments by and by stepping into the Webs fire hydrant Internet cafe in Londons Soho neighborhood, jell asked me what I thought of George W. Bush and Al Gore. I wouldnt want Bush pass a agencyning things, he said. Because he jakest run his Web site. Then he showed me a multifariousness of paths to hack Bushs Web sites. That was retributive the beginning of a far-reaching chat during which the group nearly convinced me Big Brother is in fact here(predicate) in London. I dont know if he croupe run the free world, Mark said. He basint keep the Texas banking system computers secure.So-c each(prenominal)ed 2600 clubs are a kind of cyberpunk boy sc erupt organization there are local 2600 chapters all about the globe. It is in this environment, and this mindset, that Londons hackers do their work. They do not analyze computer systems and learn how to break them out of spite, or some c hildish imply to destroy Mark and fri prohibits see themselves as merely accumulating knowledge that could be employ in self-defense if necessary. They are the citizens militia, the Freedom Fighters of the Information Age, essay to stay hotshot step ahead of technology that could wiz day be turned against them.Jon-K Adams in his treatise entitled Hacker Ideology (aka Hacking Freedom) states that hackers use upy been called both techno-revolutionaries and heroes of the computer revolution. Hacking has mystify a cultural icon about decentralized power. but for all that, hackers are reluctant rebels. They p mend to fight with code than with words. And they would quite appear on the net than at a news conference. Status in the hacker world do-nothingnisternot be granted by the general popular it takes a hacker to know and appreciate a hacker. Thats part of the hackers revolutionary reluctance the other part is the news medias slant toward sensationalism, such(prenominal) as , A net profit dragnet snared romp hacker. The public tends to think of hacking as synonymous with computer crime, with intermission into computers and stealing and destroying valuable data. As a result of this tabloid mentality, the hacker attempts to fade into the digital world, where he-and it is near always he-has a place if not aIn his self-conception, the hacker is not a criminal, but rather a soul who enjoys exploring the lucubrate of programmable systems and how to stretch their capabilities. Which heart that he is not necessarily a computer geek. The hacker defines himself in terms that extend beyond the computer, as an expert or enthusiast of some(prenominal) kind. One might be an astronomy hacker (Jargon bear down). So in the broadest sense of his self-conception, the hacker hacks knowledge he wants to know how things work, and the computer-the prototypical programmable system-simply falseers more complexity and possibility, and thus more fascination, than mos t other things.From this perspective, hacking appears to be a harmless if nerdish enthusiasm. But at the same time, this patently innocent enthusiasm is animated by an ideology that leads to a conflict with civil authority. The hacker is motivated by the belief that the search for knowledge is an end in itself and should be unrestricted. But invariably, when a hacker searchs programmable systems, he encounters barriers that bureaucracies impose in the name of warrantor. For the hacker, these warrantor measures become arbitrary limits placed on his exploration, or in slicknesss that often lead to confrontation, they become the focus of further explorations for the hacker, security measures simply represent a more challenging programmable system. As a result, when a hacker explores such systems, he hacks knowledge, but ideologically he hacks the freedom to access knowledge.Political hackers are another group considering themselves modern freedom fighters. Hacktivists occupy off icially go from nerdish extremists to become the political protest visionaries of the digital age, a meeting at the Institute of Contemporary Arts in London was told on Thursday.Paul Mobbs, an experience Internet activist and anti-capita joust protestor, will posit attendees that the techniques used by politically minded computer hackers from jamming corporate ne bothrks and sending email computer computer viruses to defacing Web sites has move into the realm of political campaigning. Mobbs says that the term Hacktivism has been adopted by so m whatever different groups, from peaceful Net campaigners to Internet hate groups, that it is basically meaningless, but claims that Internet protest is here to stay. It has a place, whether great deal care it or not, says Mobbs.Steve Mizrach in his 1997 dissertation entitled Is there a Hacker ethic for 90s Hackers? delves into this subject in great detail. He describes the divergent groups of hackers and explains their modus oper andiI define the computer underground as members of the following six groups. Sometimes I refer to the CU as 90s hackers or new hackers, as opposed to old hackers, who are hackers (old sense of the term) from the 60s who sustaind to the original Hacker Ethic. Hackers (Crackers, system intruders) These are plurality who attempt to circulate security systems on remote computers. This is the new sense of the term, whereas the old sense of the term simply referred to a person who was capable of creating hacks, or elegant, unusual, and unexpected uses of technology. typical magazines (both print and online) read by hackers include 2600 and Iron Feather Journal. Phreaks (Phone Phreakers, Blue Boxers) These are quite a little who attempt to use technology to explore and/or go for the telephone system. Originally, this involved the use of blue boxes or tone generators, but as the phone company began using digital or else of electro-mechanical switches, the phreaks became more like hackers. Typical magazines read by Phreaks include Phrack, Line Noize, and youthful Fone Express. Virus lay asiders ( as well as, creators of Trojans, worms, logic bombs) These are population who write code which attempts to a) be sick itself on other systems without authorization and b) often has a side effect, whether that be to display a message, play a prank, or trash a threatening drive. Agents and spiders are fundamentally benevolent virii, raising the question of how underground this activity really is. Typical magazines read by Virus writers include 40HEX. Pirates Piracy is sort of a non-technical involvement. Originally, it involved breaking copy protection on software system, and this activity was called cracking. Nowadays, few software vendors use copy protection, but there are still different minor measures used to prevent the unauthorized duplication of software. Pirates devote themselves to thwarting these things and sharing commercial software freely with t heir friends. They unremarkably read Pirate newssheet and Pirate magazine. Cypherpunks (cryptoanarchists) Cypherpunks freely distribute the tools and methods for making use of strong encoding, which is basically unbreakable except by massive supercomputers. Because the NSA and FBI behindnot break strong encryption (which is the land of the PGP or bonny Good Privacy), programs that employ it are classified as munitions, and distribution of algorithms that practise use of it is a felony. Some cryptoanarchists advocate strong encryption as a tool to completely evade the State, by preventing any access whatsoever to financial or personal knowledge. They typically read the Cypherpunks poster list. Anarchists are move to distributing illegal (or at least morally suspect) information, including but not limited to data on bombmaking, lockpicking, pornography, drug manufacturing, pirate radio, and cable and major planet TV piracy. In this parlance of the computer underground, an archists are less promising to advocate the overthrow of government than the simple refusal to obey restrictions on distributing information. They tend to read Cult of the deadened Cow (CDC) and Activist Times Incorporated (ATI). Cyberpunk usually some combination of the above, plus concern in technological self-modification, learning fiction of the Neuromancer genre, and interest in hardware hacking and street tech. A youth subculture in its own right, with some overlaps with the modern primitive and raver subcultures.So should we caution these geeky little mischief- deliverrs?The New York Post revealed recently that a busboy allegedly managed to steal millions of dollars from the worlds richest sight by stealing their identities and tricking credit agencies and brokerage house firms. In his article describing this event Bob Sullivan says, Abraham Abdallah, I think, did us all a favor, for he has exposed as a sham the security at the worlds most distinguished financial in stitutions. The same two free e-mail impartresses were used to request financial transfers for six different rich Merrill Lynch clients, match to the Post flooring. Merrill Lynch didnt notice? Why would Merrill accept any transfer requests, indeed take any financial communicating seriously at all, from a free, obviously unverified anonymous e-mail account? Im alarmed by the checks and balances that must be in place at big New York brokerage firms.Rather than being a story about a genius who almost got away, this is simply one more story of easy identity theft amid a tidal wave of similar crimes. The Federal Trade Commission has received 40,000 complaints of identity theft since it started keeping shack two years ago, but the agency is certain that represents all a fraction of real dupes. This is a serious enigma, long unheeded by the industry. If fact, just last year the credit industry beat back a congressional bill known as The Identity thieving Protection Act, claiming it would be too expensive for them. Clearly there has to be more leveling of the playing field. We rich person to hold banks and credit unions accountable.Last month the U.S. Federal dominance of Investigation (FBI) was again warning electronic-commerce Web sites to patch their Windows-based systems to protect their data against hackers.The FBIs National Infrastructure Protection Center (NIPC) has coordinated investigations over the past several(prenominal) months into organized hacker activities targeting e-commerce sites. More than 40 victims in 20 states have been identified in the ongoing investigations, which have included rightfulness usement agencies outside the United States and private sector officials.The investigations have uncovered several organized hacker groups from Russia, the Ukraine, and elsewhere in Eastern Europe that have penetrated U.S. e-commerce and online banking computer systems by exploiting vulnerabilities in the Windows NT operating system, the stat ement said. Microsoft has released patches for these vulnerabilities, which pile be downloaded from Microsofts Web site for free. at once the hackers gain access, they download proprietary information, customer databases, and credit brain information, according to the FBI. The hackers afterwards contact the company and attempt to extort money by offering to patch the system and by offering to protect the companys systems from exploitation by other hackers.The hackers tell the victim that without their services they rear endnot guarantee that other hackers will not access their networks and post stolen credit card information and expound about the sites security vulnerability on the Internet. If the company does not pay or hire the group for its security services, the threats escalate, the FBI said. Investigators also believe that in some instances the credit card information is being sold to organized crime groups.Defend yourself when you cannot defeat the enemy, and attack t he enemy when you can.Scott Culp in a detailed list of security precautions on Microsofts Web page suggests that there are ten immutable laws of security.Law 1 If a mischievously computed tomography can persuade you to run his program on your computer, its not your computer anymore. Its an unfortunate fact of computer science when a computer program runs, it will do what its programmed to do, even if its programmed to be harmful. When you choose to run a program, you are making a decision to turn over tick of your computer to it. Thats why its important to never run, or even download, a program from an un believe source and by source, I mean the person who wrote it, not the person who gave it to you.Law 2 If a gravely abuse can alter the operating system on your computer, its not your computer anymore. In the end, an operating system is just a series of ones and zeroes that, when interpreted by the processor, cause the weapon to do certain things. Change the ones and zeroes, and it will do something different. To understand why, consider that operating system files are among the most trusted ones on the computer, and they generally run with system-level privileges.That is, they can do abruptly anything. Among other things, theyre trusted to manage user accounts, handle cry changes, and enforce the rules governing who can do what on the computer. If a braggy guy can change them, the now-untrustworthy files will do his bidding, and theres no limit to what he can do. He can steal paroles, make himself an executive on the machine, or add entirely new functions to the operating system. To prevent this type of attack, make sure that the system files (and the cash register, for that matter) are well protected.Law 3 If a unfit guy has unrestricted physical access to your computer, its not your computer anymore.He could mount the net low-tech denial of service attack, and smash your computer with a sledgehammer. He could unplug the computer, haul it out o f your building, and hold it for ransom. He could reboot the computer from a floppy disk, and reformat your hard drive. But wait, you say, Ive tack togetherd the BIOS on my computer to prompt for a password when I turn the power on. No problem if he can open the case and get his hands on the system hardware, he could just replace the BIOS chips. (Actually, there are even easier ways). He could use up the hard drive from your computer, install it into his computer, and read it. He could make a duplicate of your hard drive and take it back his lair. Once there, hed have all the time in the world to conduct brute-force attacks, such as trying all possible logon password. Programs are available to automate this and, condition enough time, its almost certain that he would succeed. Once that happens, Laws 1 and 2 above apply He could replace your keyboard with one that contains a radio transmitter. He could then monitor lizard everything you type, including your password.Always make sure that a computer is physically protected in a way thats consistent with its value and imagine that the value of a machine includes not scarcely the value of the hardware itself, but the value of the data on it, and the value of the access to your network that a ruinous guy could gain. At a minimum, business-critical machines like domain controllers, database servers, and print/file servers should always be in a locked room that notwithstanding citizenry charged with brass and maintenance can access. But you may want to consider protecting other machines as well, and potentially using additional evasive measures.If you travel with a lap circus tent, its absolutely critical that you protect it. The same features that make laptops great to travel with small size, light weight, and so forth also make them easy to steal. in that location are a variety of locks and alarms available for laptops, and some models let you remove the hard drive and carry it with you. You also c an use features like the Encrypting File system in Windows 2000 to mitigate the damage if someone succeeded in stealing the computer. But the only way you can know with carbon% certainty that your data is safe and the hardware hasnt been tampered with is to keep the laptop on your person at all times while traveling.Law 4 If you put up a bad guy to upload programs to your network site, its not your web site any more. This is basically Law 1 in reverse. In that scenario, the bad guy tricks his victim into downloading a harmful program onto his machine and running it. In this one, the bad guy uploads a harmful program to a machine and runs it himself. Although this scenario is a jeopardy anytime you allow strangers to connect to your machine, web sites are involved in the overwhelming majority of these cases. Many people who operate web sites are too hospitable for their own good, and allow visitors to upload programs to the site and run them. As weve seen above, unpleasant things can happen if a bad guys program can run on your machine.If you run a web site, you need to limit what visitors can do. You should only allow a program on your site if you wrote it yourself, or if you trust the developer who wrote it. But that may not be enough. If your web site is one of several hosted on a shared server, you need to be exceptional careful. If a bad guy can compromise one of the other sites on the server, its possible he could extend his control to the server itself, in which case he could control all of the sites on it including yours. If youre on a shared server, its important to find out what the server administrators policies are.Law 5 Weak passwords take up strong security. The part of having a logon process is to establish who you are. Once the operating system knows who you are, it can grant or deny requests for system resources bewitchly. If a bad guy learns your password, he can log on as you. In fact, as far as the operating system is concerned, he is you. some(prenominal) you can do on the system, he can do as well, because hes you. possibly he wants to read sensitive information youve stored on your computer, like your email. perhaps you have more privileges on the network than he does, and being you will let him do things he normally couldnt. Or maybe he just wants to do something malicious and blame it on you. In any case, its worth protecting your credentials.Always use a password its amazing how many accounts have bloodless passwords. And choose a complex one. Dont use your dogs name, your anniversary date, or the name of the local football team. And dont use the word password Pick a password that has a liquify of upper- and lower-case letters, number, punctuation marks, and so forth. Make it as long as possible. And change it often. Once youve picked a strong password, handle it appropriately. Dont write it down. If you absolutely must write it down, at the very least keep it in a safe or a locked drawer the firs t thing a bad guy whos hunting for passwords will do is check for a yellow sticky note on the side of your screen, or in the top desk drawer. Dont tell anyone what your password is. Remember what Ben Franklin said two people can keep a secret, but only if one of them is dead.Finally, consider using something stronger than passwords to pick up yourself to the system. Windows 2000, for instance, supports the use of impudent cards, which significantly strengthens the identity checking the system can perform. You may also want to consider biometric products like fingerprint and retina digital scanners.Law 6 A machine is only as secure as the administrator is trustworthy. Every computer must have an administrator someone who can install software, configure the operating system, add and manage user accounts, establish security policies, and handle all the other management tasks associated with keeping a computer up and running. By definition, these tasks require that he have control ov er the machine.This puts the administrator in a position of unequalled power. An untrustworthy administrator can negate every other security measure youve taken. He can change the permissions on the machine, modify the system security policies, install malicious software, add bogus users, or do any of a million other things. He can subvert virtually any protective measure in the operating system, because he controls it. Worst of all, he can cover his principals. If you have an untrustworthy administrator, you have absolutely no security.When hiring a system administrator, cognise the position of trust that administrators occupy, and only hire people who warrant that trust. Call his references, and ask them about his previous work record, especially with regard to any security incidents at previous employers. If appropriate for your organization, you may also consider fetching a step that banks and other security-conscious companies do, and require that your administrators pass a complete background check at hiring time, and at periodic intervals afterward. Whatever criteria you select, apply them across the board. Dont give anyone administrative privileges on your network unless theyve been vetted and this includes temporary employees and contractors, too.Next, take steps to help keep honest people honest. Use sign-in/sign-out sheets to track whos been in the server room. (You do have a server room with a locked door, right? If not, re-read Law 3). Implement a two person rule when installing or upgrading software. Diversify management tasks as much as possible, as a way of minimizing how much power any one administrator has. Also, dont use the Administrator account instead, give each administrator a separate account with administrative privileges, so you can tell whos doing what. Finally, consider taking steps to make it more difficult for a rogue administrator to cover his tracks. For instance, store audit data on write-only media, or house System As aud it data on System B, and make sure that the two systems have different administrators. The more accountable your administrators are, the less likely you are to have problems.Law 7 Encrypted data is only as secure as the decryption key. Suppose you installed the biggest, strongest, most secure lock in the world on your front door, but you put the key under the front door mat. It wouldnt really matter how strong the lock is, would it? The critical factor would be the abject way the key was protected, because if a burglar could find it, hed have everything he needed to open the lock. Encrypted data works the same way no matter how strong the cryptoalgorithm is, the data is only as safe as the key that can decrypt it.Many operating systems and cryptographic software products give you an pick to store cryptographic keys on the computer. The advantage is convenience you dont have to handle the key but it comes at the cost of security. The keys are usually obfuscated (that is, hidden ), and some of the befuddlement methods are quite good. But in the end, no matter how well-hidden the key is, if its on the machine it can be found. It has to be after all, the software can find it, so a sufficiently-motivated bad guy could find it, too. Whenever possible, use offline storage for keys. If the key is a word or phrase, take it. If not, export it to a floppy disk, make a backup copy, and store the copies in separate, secure locations.Law 8 An out of date virus scanner is only marginally break than no virus scanner at all. Virus scanners work by comparing the data on your computer against a collection of virus signatures. Each signature is characteristic of a particular virus, and when the scanner finds data in a file, email, or elsewhere that matches the signature, it concludes that its found a virus. However, a virus scanner can only scan for the viruses it knows about. Its vital that you keep your virus scanners signature file up to date, as new viruses are creat ed every day.The problem existently goes a bit deeper than this, though. Typically, a new virus will do the greatest amount of damage during the early stages of its life, scarce because few people will be able to detect it. Once word gets around that a new virus is on the loose and people update their virus signatures, the spread of the virus falls off drastically. The key is to get ahead of the curve, and have updated signature files on your machine before the virus hits.Virtually every maker of anti-virus software provides a way to get free updated signature files from their web site. In fact, many have push services, in which theyll send recounting every time a new signature file is released. Use these services. Also, keep the virus scanner itself that is, the scanning software updated as well. Virus writers periodically develop new techniques that require that the scanners change how they do their work.Law 9 Absolute anonymity isnt practical, in real life or on the web. all (a) human interaction involves exchanging data of some kind. If someone weaves enough of that data together, they can identify you. Think about all the information that a person can glean in just a short conversation with you. In one glance, they can gauge your height, weight, and approximate age. Your vehemence will plausibly tell them what country youre from, and may even tell them what region of the country. If you talk about anything other than the weather, youll probably tell them something about your family, your interests, where you live, and what you do for a living. It doesnt take long for someone to collect enough information to figure out who you are. If you crave absolute anonymity, your best bet is to live in a countermine and shun all human contact.The same thing is true of the Internet. If you visit a web site, the owner can, if hes sufficiently motivated, find out who you are. After all, the ones and zeroes that make up the web session have be able to find their w ay to the right place, and that place is your computer. There are a lot of measures you can take to disguise the bits, and the more of them you use, the more thoroughly the bits will be disguised. For instance, you could use network address translation to mask your actual IP address, subscribe to an anonymizing service that launders the bits by relaying them from one end of the ether to the other, use a different ISP account for different purposes, surf certain sites only from public kiosks, and so on. All of these make it more difficult to determine who you are, but none of them make it impossible. Do you know for certain who operates the anonymizing service? Maybe its the same person who owns the web site you just visited Or what about that innocuous web site you visited yesterday, that offered to mail you a free $10 off coupon? Maybe the owner is willing to share information with other web site owners. If so, the second web site owner may be able to agree the information from th e two sites and determine who you are.Does this mean that covert on the web is a lost cause? Not at all. What it means is that the best way to protect your privacy on the Internet is the same as the way you protect your privacy in normal life with your behavior. Read the privacy statements on the web sites you visit, and only do business with ones whose practices you agree with. If youre worried about cookies, disable them. Most importantly, avoid indiscriminate web surfing recognize that just as most cities have a bad side of town thats best avoided, the Internet does too. But if its complete and conglomeration anonymity you want, better start looking for that cave.The Art of WarSun-Tzu Wu is the reputed author of the Chinese classic Ping-fa (The Art of War), written approximately 475-221 B. C. Penned at a time when China was divided into six or seven states that often resorted to war with each other in their struggles for supremacy, it is a systematic guide to strategy and ta ctics for rulers and commanders. In doing business on the Internet during this time of rampant computer viruses and hacker attacks it may be wise for us to follow some of his tactical principles in order to insure the safety of ourselves and our future clients.Know your enemy and know yourself in a hundred battles, you will never be defeated. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are sure to be defeated in every battle.In a chilling article entitled Big Brother is Watching Bob Sullivan of MSNBC recounts a tale during a recent visit to London Only moments after stepping into the Webshack Internet cafe in Londons Soho neighborhood, Mark asked me what I thought of George W. Bush and Al Gore. I wouldnt want Bush running things, he said. Because he cant run his Web site. Then he showed me a variety of ways to hack Bushs Web sites. That was just the beginning of a far-reaching chat during which the group nearly convinced me Big Brother is in fact here in London. I dont know if he can run the free world, Mark said. He cant keep the Texas banking system computers secure.So-called 2600 clubs are a kind of hacker boy scout organization there are local 2600 chapters all around the globe. It is in this environment, and this mindset, that Londons hackers do their work. They do not analyze computer systems and learn how to break them out of spite, or some childish need to destroy Mark and friends see themselves as merely accumulating knowledge that could be used in self-defense if necessary. They are the citizens militia, the Freedom Fighters of the Information Age, trying to stay one step ahead of technology that could one day be turned against them.Jon-K Adams in his treatise entitled Hacker Ideology (aka Hacking Freedom) states that hackers have been called both techno-revolutionaries and heroes of the computer revolution. Hacking has become a cultural icon a bout decentralized power. But for all that, hackers are reluctant rebels. They prefer to fight with code than with words. And they would rather appear on the net than at a news conference. Status in the hacker world cannot be granted by the general public it takes a hacker to know and appreciate a hacker. Thats part of the hackers revolutionary reluctance the other part is the news medias slant toward sensationalism, such as, A cyberspace dragnet snared fugitive hacker. The public tends to think of hacking as synonymous with computer crime, with breaking into computers and stealing and destroying valuable data. As a result of this tabloid mentality, the hacker attempts to fade into the digital world, where he-and it is almost always he-has a place if not aIn his self-conception, the hacker is not a criminal, but rather a person who enjoys exploring the details of programmable systems and how to stretch their capabilities. Which means that he is not necessarily a computer geek. The h acker defines himself in terms that extend beyond the computer, as an expert or enthusiast of any kind. One might be an astronomy hacker (Jargon File). So in the broadest sense of his self-conception, the hacker hacks knowledge he wants to know how things work, and the computer-the prototypical programmable system-simply offers more complexity and possibility, and thus more fascination, than most other things.From this perspective, hacking appears to be a harmless if nerdish enthusiasm. But at the same time, this seemingly innocent enthusiasm is animated by an ideology that leads to a conflict with civil authority. The hacker is motivated by the belief that the search for knowledge is an end in itself and should be unrestricted. But invariably, when a hacker explores programmable systems, he encounters barriers that bureaucracies impose in the name of security. For the hacker, these security measures become arbitrary limits placed on his exploration, or in cases that often lead to c onfrontation, they become the focus of further explorations for the hacker, security measures simply represent a more challenging programmable system. As a result, when a hacker explores such systems, he hacks knowledge, but ideologically he hacks the freedom to access knowledge.Political hackers are another group considering themselves modern freedom fighters. Hacktivists have officially moved from nerdish extremists to become the political protest visionaries of the digital age, a meeting at the Institute of Contemporary Arts in London was told on Thursday.Paul Mobbs, an experienced Internet activist and anti-capitalist protestor, will tell attendees that the techniques used by politically minded computer hackers from jamming corporate networks and sending email viruses to defacing Web sites has moved into the realm of political campaigning. Mobbs says that the term Hacktivism has been adopted by so many different groups, from peaceful Net campaigners to Internet hate groups, th at it is essentially meaningless, but claims that Internet protest is here to stay. It has a place, whether people like it or not, says Mobbs.Steve Mizrach in his 1997 dissertation entitled Is there a Hacker Ethic for 90s Hackers? delves into this subject in great detail. He describes the divergent groups of hackers and explains their modus operandiI define the computer underground as members of the following six groups. Sometimes I refer to the CU as 90s hackers or new hackers, as opposed to old hackers, who are hackers (old sense of the term) from the 60s who subscribed to the original Hacker Ethic. Hackers (Crackers, system intruders) These are people who attempt to penetrate security systems on remote computers. This is the new sense of the term, whereas the old sense of the term simply referred to a person who was capable of creating hacks, or elegant, unusual, and unexpected uses of technology. Typical magazines (both print and online) read by hackers include 2600 and Iron Fe ather Journal. Phreaks (Phone Phreakers, Blue Boxers) These are people who attempt to use technology to explore and/or control the telephone system. Originally, this involved the use of blue boxes or tone generators, but as the phone company began using digital instead of electro-mechanical switches, the phreaks became more like hackers. Typical magazines read by Phreaks include Phrack, Line Noize, and New Fone Express. Virus writers (also, creators of Trojans, worms, logic bombs) These are people who write code which attempts to a) reproduce itself on other systems without authorization and b) often has a side effect, whether that be to display a message, play a prank, or trash a hard drive. Agents and spiders are essentially benevolent virii, raising the question of how underground this activity really is. Typical magazines read by Virus writers include 40HEX. Pirates Piracy is sort of a non-technical matter. Originally, it involved breaking copy protection on software, and thi s activity was called cracking. Nowadays, few software vendors use copy protection, but there are still various minor measures used to prevent the unauthorized duplication of software. Pirates devote themselves to thwarting these things and sharing commercial software freely with their friends. They usually read Pirate Newsletter and Pirate magazine. Cypherpunks (cryptoanarchists) Cypherpunks freely distribute the tools and methods for making use of strong encryption, which is basically unbreakable except by massive supercomputers. Because the NSA and FBI cannot break strong encryption (which is the basis of the PGP or Pretty Good Privacy), programs that employ it are classified as munitions, and distribution of algorithms that make use of it is a felony. Some cryptoanarchists advocate strong encryption as a tool to completely evade the State, by preventing any access whatsoever to financial or personal information. They typically read the Cypherpunks mailing list. Anarchists are committed to distributing illegal (or at least morally suspect) information, including but not limited to data on bombmaking, lockpicking, pornography, drug manufacturing, pirate radio, and cable and satellite TV piracy. In this parlance of the computer underground, anarchists are less likely to advocate the overthrow of government than the simple refusal to obey restrictions on distributing information. They tend to read Cult of the Dead Cow (CDC) and Activist Times Incorporated (ATI). Cyberpunk usually some combination of the above, plus interest in technological self-modification, science fiction of the Neuromancer genre, and interest in hardware hacking and street tech. A youth subculture in its own right, with some overlaps with the modern primitive and raver subcultures.So should we fear these geeky little mischief-makers?The New York Post revealed recently that a busboy allegedly managed to steal millions of dollars from the worlds richest people by stealing their identities and tricking credit agencies and brokerage firms. In his article describing this event Bob Sullivan says, Abraham Abdallah, I think, did us all a favor, for he has exposed as a sham the security at the worlds most important financial institutions. The same two free e-mail addresses were used to request financial transfers for six different wealthy Merrill Lynch clients, according to the Post story. Merrill Lynch didnt notice? Why would Merrill accept any transfer requests, indeed take any financial communication seriously at all, from a free, obviously unverified anonymous e-mail account? Im alarmed by the checks and balances that must be in place at big New York brokerage firms.Rather than being a story about a genius who almost got away, this is simply one more story of easy identity theft amid a tidal wave of similar crimes. The Federal Trade Commission has received 40,000 complaints of identity theft since it started keeping track two years ago, but the agency is certain that r epresents only a fraction of real victims. This is a serious problem, long ignored by the industry. If fact, just last year the credit industry beat back a congressional bill known as The Identity Theft Protection Act, claiming it would be too expensive for them. Clearly there has to be more leveling of the playing field. We have to hold banks and credit unions accountable.Last month the U.S. Federal Bureau of Investigation (FBI) was again warning electronic-commerce Web sites to patch their Windows-based systems to protect their data against hackers.The FBIs National Infrastructure Protection Center (NIPC) has coordinated investigations over the past several months into organized hacker activities targeting e-commerce sites. More than 40 victims in 20 states have been identified in the ongoing investigations, which have included law enforcement agencies outside the United States and private sector officials.The investigations have uncovered several organized hacker groups from Russ ia, the Ukraine, and elsewhere in Eastern Europe that have penetrated U.S. e-commerce and online banking computer systems by exploiting vulnerabilities in the Windows NT operating system, the statement said. Microsoft has released patches for these vulnerabilities, which can be downloaded from Microsofts Web site for free.Once the hackers gain access, they download proprietary information, customer databases, and credit card information, according to the FBI. The hackers subsequently contact the company and attempt to extort money by offering to patch the system and by offering to protect the companys systems from exploitation by other hackers.The hackers tell the victim that without their services they cannot guarantee that other hackers will not access their networks and post stolen credit card information and details about the sites security vulnerability on the Internet. If the company does not pay or hire the group for its security services, the threats escalate, the FBI said. Investigators also believe that in some instances the credit card information is being sold to organized crime groups.Defend yourself when you cannot defeat the enemy, and attack the enemy when you can.Scott Culp in a detailed list of security precautions on Microsofts Web page suggests that there are ten immutable laws of security.Law 1 If a bad guy can persuade you to run his program on your computer, its not your computer anymore. Its an unfortunate fact of computer science when a computer program runs, it will do what its programmed to do, even if its programmed to be harmful. When you choose to run a program, you are making a decision to turn over control of your computer to it. Thats why its important to never run, or even download, a program from an untrusted source and by source, I mean the person who wrote it, not the person who gave it to you.Law 2 If a bad guy can alter the operating system on your computer, its not your computer anymore. In the end, an operating system is just a series of ones and zeroes that, when interpreted by the processor, cause the machine to do certain things. Change the ones and zeroes, and it will do something different. To understand why, consider that operating system files are among the most trusted ones on the computer, and they generally run with system-level privileges.That is, they can do absolutely anything. Among other things, theyre trusted to manage user accounts, handle password changes, and enforce the rules governing who can do what on the computer. If a bad guy can change them, the now-untrustworthy files will do his bidding, and theres no limit to what he can do. He can steal passwords, make himself an administrator on the machine, or add entirely new functions to the operating system. To prevent this type of attack, make sure that the system files (and the registry, for that matter) are well protected.Law 3 If a bad guy has unrestricted physical access to your computer, its not your computer anymore.He co uld mount the ultimate low-tech denial of service attack, and smash your computer with a sledgehammer. He could unplug the computer, haul it out of your building, and hold it for ransom. He could boot the computer from a floppy disk, and reformat your hard drive. But wait, you say, Ive configured the BIOS on my computer to prompt for a password when I turn the power on. No problem if he can open the case and get his hands on the system hardware, he could just replace the BIOS chips. (Actually, there are even easier ways). He could remove the hard drive from your computer, install it into his computer, and read it. He could make a duplicate of your hard drive and take it back his lair. Once there, hed have all the time in the world to conduct brute-force attacks, such as trying every possible logon password. Programs are available to automate this and, given enough time, its almost certain that he would succeed. Once that happens, Laws 1 and 2 above apply He could replace your keybo ard with one that contains a radio transmitter. He could then monitor everything you type, including your password.Always make sure that a computer is physically protected in a way thats consistent with its value and remember that the value of a machine includes not only the value of the hardware itself, but the value of the data on it, and the value of the access to your network that a bad guy could gain. At a minimum, business-critical machines like domain controllers, database servers, and print/file servers should always be in a locked room that only people charged with administration and maintenance can access. But you may want to consider protecting other machines as well, and potentially using additional protective measures.If you travel with a laptop, its absolutely critical that you protect it. The same features that make laptops great to travel with small size, light weight, and so forth also make them easy to steal. There are a variety of locks and alarms available for laptops, and some models let you remove the hard drive and carry it with you. You also can use features like the Encrypting File System in Windows 2000 to mitigate the damage if someone succeeded in stealing the computer. But the only way you can know with 100% certainty that your data is safe and the hardware hasnt been tampered with is to keep the laptop on your person at all times while traveling.Law 4 If you allow a bad guy to upload programs to your web site, its not your web site any more. This is basically Law 1 in reverse. In that scenario, the bad guy tricks his victim into downloading a harmful program onto his machine and running it. In this one, the bad guy uploads a harmful program to a machine and runs it himself. Although this scenario is a danger anytime you allow strangers to connect to your machine, web sites are involved in the overwhelming majority of these cases. Many people who operate web sites are too hospitable for their own good, and allow visitors to uplo ad programs to the site and run them. As weve seen above, unpleasant things can happen if a bad guys program can run on your machine.If you run a web site, you need to limit what visitors can do. You should only allow a program on your site if you wrote it yourself, or if you trust the developer who wrote it. But that may not be enough. If your web site is one of several hosted on a shared server, you need to be extra careful. If a bad guy can compromise one of the other sites on the server, its possible he could extend his control to the server itself, in which case he could control all of the sites on it including yours. If youre on a shared server, its important to find out what the server administrators policies are.Law 5 Weak passwords trump strong security. The purpose of having a logon process is to establish who you are. Once the operating system knows who you are, it can grant or deny requests for system resources appropriately. If a bad guy learns your password, he can lo g on as you. In fact, as far as the operating system is concerned, he is you. Whatever you can do on the system, he can do as well, because hes you. Maybe he wants to read sensitive information youve stored on your computer, like your email. Maybe you have more privileges on the network than he does, and being you will let him do things he normally couldnt. Or maybe he just wants to do something malicious and blame it on you. In any case, its worth protecting your credentials.Always use a password its amazing how many accounts have blank passwords. And choose a complex one. Dont use your dogs name, your anniversary date, or the name of the local football team. And dont use the word password Pick a password that has a mix of upper- and lower-case letters, number, punctuation marks, and so forth. Make it as long as possible. And change it often. Once youve picked a strong password, handle it appropriately. Dont write it down. If you absolutely must write it down, at the very least ke ep it in a safe or a locked drawer the first thing a bad guy whos hunting for passwords will do is check for a yellow sticky note on the side of your screen, or in the top desk drawer. Dont tell anyone what your password is. Remember what Ben Franklin said two people can keep a secret, but only if one of them is dead.Finally, consider using something stronger than passwords to identify yourself to the system. Windows 2000, for instance, supports the use of smart cards, which significantly strengthens the identity checking the system can perform. You may also want to consider biometric products like fingerprint and retina scanners.Law 6 A machine is only as secure as the administrator is trustworthy. Every computer must have an administrator someone who can install software, configure the operating system, add and manage user accounts, establish security policies, and handle all the other management tasks associated with keeping a computer up and running. By definition, these tasks require that he have control over the machine.This puts the administrator in a position of unequalled power. An untrustworthy administrator can negate every other security measure youve taken. He can change the permissions on the machine, modify the system security policies, install malicious software, add bogus users, or do any of a million other things. He can subvert virtually any protective measure in the operating system, because he controls it. Worst of all, he can cover his tracks. If you have an untrustworthy administrator, you have absolutely no security.When hiring a system administrator, recognize the position of trust that administrators occupy, and only hire people who warrant that trust. Call his references, and ask them about his previous work record, especially with regard to any security incidents at previous employers. If appropriate for your organization, you may also consider taking a step that banks and other security-conscious companies do, and require that you r administrators pass a complete background check at hiring time, and at periodic intervals afterward. Whatever criteria you select, apply them across the board. Dont give anyone administrative privileges on your network unless theyve been vetted and this includes temporary employees and contractors, too.Next, take steps to help keep honest people honest. Use sign-in/sign-out sheets to track whos been in the server room. (You do have a server room with a locked door, right? If not, re-read Law 3). Implement a two person rule when installing or upgrading software. Diversify management tasks as much as possible, as a way of minimizing how much power any one administrator has. Also, dont use the Administrator account instead, give each administrator a separate account with administrative privileges, so you can tell whos doing what. Finally, consider taking steps to make it more difficult for a rogue administrator to cover his tracks. For instance, store audit data on write-only media , or house System As audit data on System B, and make sure that the two systems have different administrators. The more accountable your administrators are, the less likely you are to have problems.Law 7 Encrypted data is only as secure as the decryption key. Suppose you installed the biggest, strongest, most secure lock in the world on your front door, but you put the key under the front door mat. It wouldnt really matter how strong the lock is, would it? The critical factor would be the poor way the key was protected, because if a burglar could find it, hed have everything he needed to open the lock. Encrypted data works the same way no matter how strong the cryptoalgorithm is, the data is only as safe as the key that can decrypt it.Many operating systems and cryptographic software products give you an option to store cryptographic keys on the computer. The advantage is convenience you dont have to handle the key but it comes at the cost of security. The keys are usually obfusc ated (that is, hidden), and some of the obfuscation methods are quite good. But in the end, no matter how well-hidden the key is, if its on the machine it can be found. It has to be after all, the software can find it, so a sufficiently-motivated bad guy could find it, too. Whenever possible, use offline storage for keys. If the key is a word or phrase, memorize it. If not, export it to a floppy disk, make a backup copy, and store the copies in separate, secure locations.Law 8 An out of date virus scanner is only marginally better than no virus scanner at all. Virus scanners work by comparing the data on your computer against a collection of virus signatures. Each signature is characteristic of a particular virus, and when the scanner finds data in a file, email, or elsewhere that matches the signature, it concludes that its found a virus. However, a virus scanner can only scan for the viruses it knows about. Its vital that you keep your virus scanners signature file up to date, as new viruses are created every day.The problem actually goes a bit deeper than this, though. Typically, a new virus will do the greatest amount of damage during the early stages of its life, precisely because few people will be able to detect it. Once word gets around that a new virus is on the loose and people update their virus signatures, the spread of the virus falls off drastically. The key is to get ahead of the curve, and have updated signature files on your machine before the virus hits.Virtually every maker of anti-virus software provides a way to get free updated signature files from their web site. In fact, many have push services, in which theyll send notification every time a new signature file is released. Use these services. Also, keep the virus scanner itself that is, the scanning software updated as well. Virus writers periodically develop new techniques that require that the scanners change how they do their work.Law 9 Absolute anonymity isnt practical, in real l ife or on the web. All human interaction involves exchanging data of some kind. If someone weaves enough of that data together, they can identify you. Think about all the information that a person can glean in just a short conversation with you. In one glance, they can gauge your height, weight, and approximate age. Your accent will probably tell them what country youre from, and may even tell them what region of the country. If you talk about anything other than the weather, youll probably tell them something about your family, your interests, where you live, and what you do for a living. It doesnt take long for someone to collect enough information to figure out who you are. If you crave absolute anonymity, your best bet is to live in a cave and shun all human contact.The same thing is true of the Internet. If you visit a web site, the owner can, if hes sufficiently motivated, find out who you are. After all, the ones and zeroes that make up the web session have be able to find th eir way to the right place, and that place is your computer. There are a lot of measures you can take to disguise the bits, and the more of them you use, the more thoroughly the bits will be disguised. For instance, you could use network address translation to mask your actual IP address, subscribe to an anonymizing service that launders the bits by relaying them from one end of the ether to the other, use a different ISP account for different purposes, surf certain sites only from public kiosks, and so on. All of these make it more difficult to determine who you are, but none of them make it impossible. Do you know for certain who operates the anonymizing service? Maybe its the same person who owns the web site you just visited Or what about that innocuous web site you visited yesterday, that offered to mail you a free $10 off coupon? Maybe the owner is willing to share information with other web site owners. If so, the second web site owner may be able to correlate the information from the two sites and determine who you are.Does this mean that privacy on the web is a lost cause? Not at all. What it means is that the best way to protect your privacy on the Internet is the same as the way you protect your privacy in normal life through your behavior. Read the privacy statements on the web sites you visit, and only do business with ones whose practices you agree with. If youre worried about cookies, disable them. Most importantly, avoid indiscriminate web surfing recognize that just as most cities have a bad side of town thats best avoided, the Internet does too. But if its complete and total anonymity you want, better start looking for that cave.