Wednesday, August 31, 2011

Stanley Cup Gets A Giant Dent In St. John's NFLD

The Stanley Cup, visiting Newfoundland and Labrador with Boston Bruin Michael Ryder, was about to be flown by chopper from St. John’s to Bonavista when the unthinkable occurred: the table holding the cup collapsed and it fell to the ground. Though the new dent is sizeable and not very subtle, it’s only another bit of ‘character’ as Ryder explained. Indeed, the Stanley Cup has been through a lot over the years – just take a look at the Top 10 Stanley Cup stories to get a clear idea of the cups history of falls.

Tuesday, August 30, 2011

I heard this from a old friend the other day...

"I'm 77 and I'm Tired"

I'm 77.
Except for brief period in the 50's when I was doing my National Service, I've worked hard since I was 17. Except for some some serious health challenges, I put in 50-hour weeks, and didn't call in sick in nearly 40 years. I made a reasonable salary, but I didn't inherit my job or my income, and I worked to get where I am. Given the economy, it looks as though retirement was a bad idea, and I'm tired. Very tired.

I'm tired of being told that I have to "spread the wealth" to people who don't have my work ethic. I'm tired of being told the government will take the money I earned, by force if necessary, and give it to people too lazy to earn it.

I'm tired of being told that Islam is a "Religion of Peace," when every day I can read dozens of stories of Muslim men killing their sisters, wives and daughters for their family "honour"; of Muslims rioting over some slight offense; of Muslims murdering Christian and Jews because they aren't "believers"; of Muslims burning schools for girls; of Muslims stoning teenage rape victims to death for "adultery"; of Muslims mutilating the genitals of little girls; all in the name of Allah, because the Qur'an and Shari'a law tells them to.

I'm tired of being told that out of "tolerance for other cultures" we must let Saudi Arabia and other Arab countries use our oil money to fund mosques and mandrassa Islamic schools to preach hate in Australia, New Zealand, UK, America and Canada, while no one from these countries are allowed to fund a church, synagogue or religious school in Saudi Arabia or any other Arab country to teach love and tolerance.

I'm tired of being told I must lower my living standard to fight global warming, which no one is allowed to debate.


I'm tired of being told that drug addicts have a disease, and I must help support and treat them, and pay for the damage they do. Did a giant germ rush out of a dark alley, grab them, and stuff white powder up their noses or stick a needle in their arm while they tried to fight it off?

I'm tired of hearing wealthy athletes, entertainers and politicians of all parties talking about innocent mistakes, stupid mistakes or youthful mistakes, when we all know they think their only mistake was getting caught. I'm tired of people with a sense of entitlement, rich or poor.

I'm really tired of people who don't take responsibility for their lives and actions. I'm tired of hearing them blame the government, or discrimination or big-whatever for their problems.

Yes, I'm damn tired. But I'm also glad to be 77.. Because, mostly, I'm not going to have to see the world these people are making. I'm just sorry for my granddaughters and their children.

Friday, August 26, 2011

So Irene is coming to New York this weekend


And the bloggers wife and 2 friends are in New York this weekend , both Manhatten and New Jersey because she loves New York...go figure, bad timing for a trip...

NEW YORK — Evacuations up and down the U.S. East Coast were under way Friday as Hurricane Irene barrelled north from America's southern states and threatened up to 65 million people — that's one in five Americans — who live in the swath that defines the storm's possible trajectories.

As the potential for enormous damage loomed, the White House said U.S President Barack Obama had told aides he would cut short his vacation and return to the U.S. capital.

Obama had, a little more than an hour earlier, warned East Coaster residents to take the threat of the hurricane seriously, and pledged that federal help had already been mobilized.

"All indications point to this being a historic hurricane," he said in the audio address from a farm on the northeastern island of Martha's Vineyard, where his family would remain as scheduled until Saturday morning, while he would leave Friday night.

What's generally considered to be the last "historic" hurricane — Katrina in 2005 — turned into a public-relations nightmare for Obama's predecessor, George W. Bush, as more than 1,800 people died during flooding in New Orleans and amid huge destruction along the Gulf of Mexico coastline east of that city.

Bush faced heavy criticism and was widely accused of failing to deliver a more intense federal response than the one that unfolded.

With Obama's job approval ratings already low because of anger over high unemployment rates and the sluggish economy, the current U.S. president will want to avoid the possibility of similar criticism.

"I think the president simply reached the conclusion that it would be more prudent for him to be in Washington, D.C., and to be at the White House at the end of the day today," White House spokesman Josh Earnest said.

In his address, Obama sought to reassure the public that his administration has done all that is conceivable to prepare for Irene, and urged Americans to do their bit.

"Although we can't predict with perfect certainty the impact of Irene over the next few days, the federal government has spent the better part of last week working closely with officials in communities that could be affected by this storm to see to it that we are prepared," he said.

"So now is the time for residents of these communities, in the hours that remain, to do the same."

Preparations were particularly feverish in New York, America's largest city, where Mayor Mike Bloomberg is keen to cover all bases — especially in the wake of his administration's disastrous response to a snowstorm last winter.

By repeatedly warning that people "might die" if they fail to heed mandatory evacuation orders for low-lying areas near the ocean or other water, Bloomberg has heightened the sense of urgency as the hurricane approaches — even though the newest projected paths of Hurricane Irene have it largely sparing New York as it passes Sunday.

"This is nothing to take lightly," Bloomberg said Friday. "We can joke about this on Monday morning, but until then it is a matter of life and death."

Some 250,000 of New York's nine million people are subject to the mandatory evacuation order whereby they must leave their homes for at least 24 hours and head to shelters or make other arrangements.

Bloomberg said none of the evacuees should fear widespread looting.

"I think you can expect people in New York City to behave and to understand that we're all in this together," he said, suggesting a sharp contrast with the widespread lawlessness that New Orleans suffered during the flooding of that city.

"We do have the world's greatest police department, but I don't know that they're going to be needed to stop that kind of behaviour."

Still, the mayor added, "In the end, what is more important, your life or your belongings?"

The city will come to a near-total halt late Saturday and throughout Sunday as the Metropolitan Transportation Authority shuts down New York's entire bus and subway systems.

MTA officials said that's necessary because wind and flooding projections are deemed certain to provoke accidents. Halting the service also makes it easier to get it up and running again on Monday when, Bloomberg said, the city plans on resuming a "normal" workday.

By law, people who ignore evacuation orders could face a misdemeanour charge that carries up to a $500 fine, but Bloomberg said no one would be prosecuted.

"We're not trying to punish people, we're trying to protect them," he said of the evacuation effort — New York's first-ever mandatory one.

He beseeched people not to attempt to swim in the sea, warning that the "moon is in (the) right place to give high tides" — which in turn, could easily sweep swimmers away.

Bloomberg also urged everyone to remain indoors Sunday to avoid being hit by objects that inevitably will be whipped up by winds projected to exceed 50 kilometres per hour in the city.

"If you can, stay inside on Sunday, it is a good time to catch up or sleep late," he said.

New York Stock Exchange Euronext vowed to resume trading Monday; spokesman Richard Adamonis said Friday there were "contingency plans in place for such events."

Weekend sporting events were cancelled up and down the eastern seaboard after governors of successive eastern states declared states of emergency.

Hurricane Irene poses the biggest threat to the U.S. Northeast since Hurricane Gloria in 1985. The National Hurricane Center said Irene is on a path to make landfall in North Carolina's Outer Banks Saturday, then skirt the East Coast, passing either over or by New York on Sunday, then proceed on to New England.

To co-ordinate responses, Obama spoke Friday with governors and mayors of big cities along the eastern seaboard, White House officials said. He also was briefed by U.S. Homeland Security Secretary Janet Napolitano; Craig Fugate, the Federal Emergency Management Agency administrator; White House chief of staff Bill Daley and other officials.

Obama signed a federal emergency declaration for North Carolina, authorizing the Homeland Security Department and FEMA to co-ordinate disaster response and mobilize resources.

Source
sedwards


Wednesday, August 24, 2011

Ya gotta laugh at this...

Golf Club Sign
Here is an actual sign posted at a golf club in Scotland, UK:
1. BACK STRAIGHT, KNEES BENT, FEET SHOULDER WIDTH APART.
2. FORM A LOOSE GRIP.
3. KEEP YOUR HEAD DOWN!
4. AVOID A QUICK BACK SWING.
5. STAY OUT OF THE WATER.
6. TRY NOT TO HIT ANYONE.
7. IF YOU ARE TAKING TOO LONG, LET OTHERS GO AHEAD OF YOU.
8. DON'T STAND DIRECTLY IN FRONT OF OTHERS.
9. QUIET PLEASE...WHILE OTHERS ARE PREPARING.
10. DON'T TAKE EXTRA STROKES.

WELL DONE.. NOW, FLUSH THE URINAL, GO OUTSIDE, AND TEE OFF

East Coast EarthQuake Shakes People And Monuments



The Washington Monument and several other buildings in the nation’s capital remained closed Wednesday morning as engineers checked for structural problems after an earthquake on Tuesday that caused little damage but shook nerves along much of the East Coast.

The unusual earthquake, centered near the tiny town of Mineral, Va., startled millions of people from Maine to Georgia and disrupted life in some of the nation’s biggest population centers.

Tens of thousands of people were evacuated from office buildings. Cellphone service was strangled as the quake led to disruptions in air traffic, halted trains, jammed roadways and gave some on the West Coast an opportunity to poke fun at Easterners who seemed panicked and uncertain of how to respond. In earthquake-prone areas, people usually are instructed to stay inside to avoid falling debris, but in places where earthquakes are unfamiliar — and in a post-Sept. 11 environment — few argued with evacuation commands.

The United States Geological Survey said the quake struck at 1:51 p.m. It preliminarily measured 5.8 and lasted 20 to 30 seconds. Survey officials reported two small aftershocks, of magnitude 2.8 and 2.2, within 90 minutes of the original jolt. Seismologists, suggesting little cause for further alarm, said the initial quake erupted from an old fault, which, unlike the San Andreas fault in California, normally produces much weaker results.

This quake was notable for its incongruity: it was one of the most powerful to hit the East Coast in decades, and yet it caused little damage. Reports of tremors came from as far north as Sudbury, Ontario, where government offices were closed, and as far south as Alabama.

Thousands of people in Midtown Manhattan were evacuated from their offices and found themselves suddenly sprung on a sunny summer afternoon. Farther downtown, police officers ordered the evacuation of City Hall, sending Mayor Michael R. Bloomberg and his staff scurrying out of the building.

But for all the disruptions and the fleeing of buildings, the quake was, for most people, a curious interruption before life quickly returned to normal. For some it provoked little more than amusement. “Felt a litle wobble here is Astoria, but none of my Scotch fell off the shelf,” a man who identified himself as William Schroeder posted on nytimes.com.

Others were more shaken. “I ran outdoors and found my neighbor calling a friend in Virginia who also felt the profound quake,” Bill Parks of Hummelstown, Pa., said in an e-mail. “This quake was like none I ever experienced in the East in my life and I am 76 years old.”

In Washington, the quake led to quick evacuations of the White House, the Capitol and monuments across the Mall. Some airplanes were left in a temporary hold pattern, and some were diverted to other airports. Amtrak stopped its trains. The Federal Emergency Management Agency asked the public to refrain from talking on cellphones and to use e-mail and text messages instead to relieve the congestion. The epicenter in Mineral is about 84 miles southwest of Washington, and a few miles from a nuclear power plant. Dominion Virginia Power, which owns the plant, said that its units tripped off line automatically as planned and that no damage to the plant had been reported.

Perhaps the most trauma occurred in Mineral itself. The quake stopped everything for hours. Schools closed. Coffee shops shut down. At the Food Lion, on the outskirts, managers shooed reporters away but not before one employee said: “The whole floor was going up and down. It was crazy in there.”

Ben Pirolli, 68, a co-owner of Main Street Plumbing and Electrical, said he was working in the bathroom when the quake hit.

“I was mopping the floor and the next thing you know, everything is falling in on me,” Mr. Pirolli said. “I thought the world was coming to an end.”

Geologists said that the region experiences frequent earthquakes but that they were usually so small that they were hardly noticed. This one was 3.7 miles deep, bigger than is typical, and produced a rumbling that grabbed the attention of millions of people hundreds of miles from the epicenter.

W. Craig Fugate, the FEMA administrator, said in an interview that the agency had spoken with emergency coordinators in states across the Atlantic Seaboard, and that so far there were no reports of injuries or major damage and no requests for federal help

Friday, August 12, 2011

Officer Shoots Man and Phantom Alert Saves Drivers Everyday



The Canadian Press

CALGARY — A police chief is backing an officer who shot and killed a man armed with a screwdriver, saying the public wouldn't want to see a member of the force turn and run "like a scared rabbit."

The man, believed to be in his late 30s, was being chased by the officer on foot in a northeast Calgary neighbourhood early Thursday when he was shot in a backyard.

The 10-year veteran and member of the tactical team fired more than once when the man threatened him and then "aggressively" approached with a screwdriver in his hand, said police Chief Rick Hanson.

"Screwdrivers will kill you just as quickly as a knife," he said at a news conference.

"It's pitch dark. He's between two houses. He doesn't know where the individual went. The suspect made a conscious decision to confront the officer in a way that clearly articulated a decision to do the officer harm.

"I can't think of anybody in this city who would say the police officer should have turned on his tail and ran like a scared rabbit. The reality is these are dangerous people who commit mayhem and havoc in this city and their intention is to do harm."

Hanson said police became aware of two stolen trucks that were being driven erratically in north Calgary. There were reports they were speeding the wrong way on a major road.

There was no pursuit, but a police helicopter kept the trucks under surveillance until a spike belt was laid down. It managed to stop one of the vehicles. Two people jumped into the other truck and fled.

Hanson said two passengers, a male and female, were dropped off and ran in separate directions. The truck was eventually corralled by police vehicles and officers removed the driver with the help of a police dog and a weapon that fires rubber discs.

The backyard shooting happened while officers were searching for the couple. The woman was arrested without incident, but the policeman involved in the shooting had to make a split-second decision when it came to the male, the chief said.

Hanson said the motive behind the joyride is unclear, but he noted the size of the trucks -- Ford F-250s and F-350s.

"Those vehicles are generally stolen because they are used as weapons," Hanson said. "They are used to cause destruction. They're very difficult for police vehicles or officers to disable."

The shooting is under investigation by the Alberta Serious Incident Response Team, which reviews encounters involving police that result in serious injury or death.

Hanson said, as far as he is concerned, the officer acted in a responsible manner.

"I'm proud that we have officers that are out on the road arresting bad guys at 1 o'clock in the morning, especially when the bad guys are people who are putting other innocent people at risk," he said.

"So my job is to say I've reviewed the circumstances leading up to the shooting. I'm satisfied that the officer acted appropriately. I believe that the actions of the officers were what any reasonable person would expect."

The head of the Calgary Police Association said he fully supports the member as well.

"I've spoken with the officer. He's confident that he relied upon his experience and training to respond to this situation," said John Dooks.

"It's always regretful that an officer is forced into this situation where he has to use lethal force, but ... (he) knows in this situation he had no choice."

It was the second fatal police-involved shooting in about two months in Calgary.

In June, an armed man confronted officers who had gone to a home where a woman had called police for help.




Wednesday, August 10, 2011

U.S. Says it Killed Taliban Behind Helicopter Attack

Update

AL-Qa'ida's number two Atiyah abd al-Rahman has been killed in Pakistan, the US says, claiming another "tremendous" blow to the group following the death of Osama bin Laden.


News of Rahman's demise comes as the US gears up to mark the 10th anniversary of al-Qa'ida's most spectacular attack, on September 11, 2001 on landmarks in Washington and New York, which killed nearly 3000 people.

Rahman, a Libyan, was killed in the northwest tribal Waziristan area on August 22 after being heavily involved in directing operations for al-Qa'ida, a senior US official said, without divulging the circumstances of his death.

However, local officials in the region told AFP last week that a US drone strike on August 22 on a vehicle in North Waziristan killed at least four militants. It was not clear if the two incidents were connected.

The senior US official, speaking on condition of anonymity, said the death of Rahman would be deeply felt by al-Qa'ida because the group's new leader Ayman al-Zawahiri had relied on him since US Navy Seals killed bin Laden on May 2.

Start of sidebar. Skip to end of sidebar.
Related Coverage

Killing a blow to terror network The Australian, 1 day ago
Battered al-Qa'ida down but not out The Australian, 2 days ago
Global reach of extremism The Australian, 2 days ago
'100 attacks' - al-Qa'ida's deadly promise Herald Sun, 10 days ago
Al-Qa'ida still growing threat: US The Australian, 19 Aug 2011

End of sidebar. Return to start of sidebar.

Bin Laden also died in Pakistan, in a sprawling house he was holed up in close to a military academy.

The death of Rahman, who had a $1-million bounty on his head and was said to be an explosives expert, represented "a tremendous loss for al-Qa'ida", the senior official said.

"The trove of materials from bin Laden's compound showed clearly that (Rahman) was deeply involved in directing al-Qa'ida's operations even before the raid," the official said.

"He had multiple responsibilities in the organisation and will be very difficult to replace."

Details about Rahman are sketchy and he is not nearly as high profile as bin Laden or Zawahiri.

According to US authorities, Rahman, who was in his late thirties, was appointed personally by bin Laden and was al-Qa'ida's emissary in Iran, recruiting and facilitating talks with other Islamic groups to operate under al-Qa'ida.

He joined bin Laden in Afghanistan as a teenager in the 1980s to fight the Soviet Union.

Rahman's death represents another success for President Barack Obama's intensified and often clandestine operations against al-Qa'ida, particularly in the northwestern tribal regions in Pakistan which Washington says is the group's lair.

In his weekly radio and Internet address today, Obama called on Americans to recreate the national unity that emerged after the September 11 attacks, and noted that "We're taking the fight to al-Qa'ida."

Another senior US official said "news of (Rahman's) demise underscores what (Defence Secretary) Leon Panetta has been saying for some time about al-Qa'ida: it's important to sustain intense pressure on this group of terrorists and thugs.

"Dialing back on al-Qa'ida leadership in Pakistan, especially while they try to regroup after Bin Laden's death, isn't the way to go. For the sake of our national security, they need to be knocked out for good," the official stressed.

The Washington Post cited unnamed officials in July as saying that evidence taken from bin Laden's compound suggested the al-Qa'ida founder was concerned about the impact drone attacks were having on his organisation when he died.

Washington has called Pakistan's semi-autonomous tribal region where Rahman died the global headquarters of al-Qa'ida, where Taliban and other al-Qaida-linked networks plot attacks on NATO forces in Afghanistan.

Bin Laden was killed in his compound in Abbottabad in a daring raid by US special forces soldiers deep into Pakistan, and the soldiers seized large amounts of intelligence about the group's operations.

In July, Panetta said that the "strategic defeat" of al-Qa'ida was "within reach" and that 10-20 key operatives had been targeted in Pakistan, Yemen, Somalia and north Africa.

AFP

August 7th 2011 Taliban Shoot Down U.S. military helicopter


Insurgents shot down a U.S. military helicopter during fighting in eastern Afghanistan, killing 30 Americans, most of them belonging to the same elite Navy SEALs unit that killed Osama bin Laden, as well as seven Afghan commandos, U.S. officials said Saturday. It was the deadliest single loss for American forces in the decade-old war.

The downing was a stinging blow to the lauded, tight-knit SEAL Team 6, months after its crowning achievement. It was also a heavy setback for the U.S.-led coalition as it begins to draw down thousands of combat troops fighting what has become an increasingly costly and unpopular war.

None of the 22 SEAL personnel killed in the crash were part of the team that killed bin Laden in a May raid in Pakistan, but they belonged to the same unit. Their deployment in the raid in which the helicopter crashed would suggest that the target was a high-ranking insurgent figure.

Special operations forces, including the SEALs and others, have been at the forefront in the stepped up strategy of taking out key insurgent leaders in targeted raids, and they will be relied on even more as regular troops pull out. Source

U.S. forces killed the Taliban fighters responsible for shooting down a CH-47 Chinook and killing 30 American service members, the top international commander in Afghanistan announced Wednesday.

An airstrike involving F-16 fighter planes killed multiple militants around midnight Monday, said Gen. John Allen, the commander of the International Security Assistance Force.

In a statement, ISAF officials said the strike occurred early Tuesday and killed both Mullah Mohibullah, a Taliban leader, as well as the insurgent believed to have fired the shot that brought down the Chinook carrying a team of Navy SEALs, other American service members and seven Afghans.

The attack on the Chinook was the worst single incident in a decade of war. But Gen. Allen said the operation that began Friday night was no different from dozens of other raids carried out every night in Afghanistan.

Gen. Allen said the slain service members had been dispatched in the Chinook as a quick-reaction force to pursue Taliban fighters trying to escape as a ground force moved in on the original objective. "There were elements that were escaping, and we committed a force to contain them," Gen. Allen said.

The original ground force was sent in to the Tangi valley to pursue a high-value Taliban leader who ran a network of insurgents. Gen. Allen said that that Taliban leader still hadn't been captured. "We will continue to pursue him," he said.

The SEALs killed in the Chinook's downing were from the Naval Special Warfare Development Group, commonly known as SEAL Team Six, one of the two most elite commando units. But Gen. Allen defended the use of the team for the weekend mission and said using the team to pursue any militants who tried to escape was always part of the original mission.

Gen. Allen said an investigation into the downing of the Chinook, a relatively slow-moving aircraft, had begun. But he said the CH-47 had been used without incident in countless raids over the course of the Afghan war, and he didn't believe it was a mistake to use the aircraft in the operation.

The helicopter was fired on by insurgents armed with assault rifles as it approached its objective, but military officials still believe it was brought down by a rocket-propelled-grenade strike.

After the attack on the Chinook, the military continued to track the insurgents responsible, waiting for an opportunity to strike at them.

"We tracked them and dealt with them in a kinetic strike," Gen. Allen said.

Tuesday, August 9, 2011

One Rough Day...



There I was sitting at the bar staring at my drink when a great huge, trouble-making biker steps up next to me, grabs my drink and gulps it down in one swig.

"Well, whatcha' gonna do about it?" he says, menacingly, as I burst into tears.
"Come on, man," the biker says, "I didn't think you'd CRY. I can`t stand to see a man crying."

"This is the worst day of my life," I say. "I'm a complete failure.
I was late to a meeting and my boss fired me. When I went to the parking lot, I found my car had been stolen and I don't have any insurance. I left my wallet in the cab I took home. I found my wife with another man and then my dog bit me."

"So I came to this bar to work up the courage to put an end to it all, I buy a drink, I drop a capsule in and sit here watching the poison dissolve; then you show up and drink the whole thing! But enough about me, how's your day going?"

Saturday, August 6, 2011

Hackers paradise in las Vegas

Aug 6, 2011 -- Updated 1611 GMT (0011 HKT)

DEF CON: The event that scares hackers

By John D. Sutter, CNN


Las Vegas, Nevada (CNN) -- In the Masquerade wing of the Rio Hotel and Casino in the gambling capital of the world, there's a giant statue of a head hanging over a lobby of slot machines.

The masked figure has two faces and four digital eyes -- clairvoyant blue -- that track back and forth constantly, as if recording the movements of everyone who enters.

That awkwardly self-conscious -- even slightly paranoid -- feeling you get from seeing being watched by that enormous casino head is pretty much a steady-state for most of the hackers who attend the DEF CON hacker event, taking place at the Rio this weekend.

Started 19 years ago as an underground gathering of sometimes-nefarious computer wizards, DEF CON has sprawled into a 15,000-person, four-day convention where anyone with $150 -- in cash only, please, lest these hackers give up their identities -- can learn the latest tricks and trade of computer hacking, lock picking and security breaching.

The aim of the event is to better inform both insiders and everyday people about the risks of operating in our increasingly digital world and to work on solutions. But the practical result of gathering this many highly skilled hackers in one building -- in a Las Vegas casino, no less -- is that everyone here is experiencing some level of terror.

Insiders say there's no place on Earth where you're more likely to get hacked.

"You're on the most hostile network in the world. If you can perform business here, you can do it anywhere," said Brian Markus, referring to the public Wi-Fi network at DEF CON, which veterans know to steer clear of.

Unlike at other tech events, which tend to focus on Facebook-like concepts such as "sharing" and "connecting," DEF CON is all about who can stay the most private, and therefore, who will remain the most secure in this digital war zone.

Those who don't are shamed into doing so.

Markus, for example, sits in a dark room in the Rio's conference center watching Internet traffic. When he sees a password fly across the connection, which is often, he posts part of it, along with the user's log-in name and the site he or she was using, on a large projection screen, which he calls the "Wall of Sheep."

Within an hour of watching for passwords on Friday morning, his team from Aries Security had racked up 10 half-shaded passwords. (The team, and others, can see the full passwords and usernames, but they choose to protect the victims by only displaying the first three characters of each password. Kind of them, huh?)

So, how does one avoid the "Wall of Sheep"?

Markus suggests scrambling your Internet connection.

There are several free services that will do this, including OpenVPN and Ace VPN. That way, if someone like him is "sniffing" the Wi-Fi connection you're using, they won't be able to see exactly what you're up to.

Another method: Type in "https" instead of "http" in your browser bar. That puts you on a more secure version of many major websites.

Plenty of people, however, are subjected to more sophisticated hacks.

Dan Kaminsky, one of the world's most notable do-gooder hackers, said he had his personal passwords, e-mails and instant messages with a girlfriend dumped out into the public domain at a previous DEF CON event.

"If you walk onto a battlefield, you might get shot," he said.

People still try to dodge the bullets, though.

As he darted through a mob of black-T-shirt-wearing convention attendees, Eli, better known by his hacker handle "Dead Addict," told me how much he hates crowds.

Not only is there the social anxiety, there's also the chance someone with an RFID reader and an antenna in their backpack could swipe your credit card info right out of your pocket.

The readers are the size of an old Walkman and, with a proper antenna, can grab data right off of credit cards that use quick-swipe technology (you can tell if you have one of these cards by looking for a little radio-wave symbol).

Eli, who started hacking in his teens and stopped breaking into corporate sites after all of his friends got arrested for doing the same thing, carries a metal-lined wallet to block this attack.

Other DEF CON veterans said they purchase junk computers they can throw away after the convention because they figure they're going to get infected. Eli says he just leaves the laptop at home.

Most of the attendees carry cash. No one uses the ATMs after an incident in 2009 in which someone rolled a fake ATM machine into the event, according to Wired, and apparently used it to collect credit card information instead of dispensing money.

There's also the anonymity of it all. Some hackers only go by their handles. Others don't want digital records they attended the event, which does not require attendees to register or give their real names.

I got an e-mail warning me about some of these security idiosyncrasies before I got on a plane for Vegas. Written by a DEF CON spokeswoman, and reprinted with her permission, the note was full of jaw-dropping advice:

Hi John,

Great talking with you!

You are about to enter one the most hostile environments in the world. Here are some safety tips to keep in mind ...

- Your hotel key card can be scanned by touch, so keep it deep in your wallet.

- Do not use the ATM machines anywhere near either conference. Bring cash and a low balance credit card with just enough to get you through the week.

- Turn off Fire Sharing, Bluetooth and Wi-Fi on all devices. Don't use the Wi-Fi network unless you are a security expert; we have wired lines for you to use.

- Don't accept gifts, unless you know the person very well - a USB device for instance.

- Make sure you have strong passwords on ALL your devices. Don't send passwords "in the clear," make sure they are encrypted. Change your passwords immediately after leaving Vegas.

- Don't leave a device out of sight, even for a moment.

- People are watching you at all times, especially if you are new to the scene.

- Talk quietly. Conduct confidential phone calls off site ...

That is it for now.

For now?

After seeing that, I left my credit cards, debit card and company laptop in my hotel room -- hidden, of course, since I'm on this newly paranoid kick. I kept my iPhone on "airplane" mode for most of Friday, turning it on only to send a couple texts.

I was particularly concerned about this phone hacking stuff, so I asked Austin Steed, another security researcher-slash-hacker about that.

He said mischievous hackers can install their own cell phone towers to intercept your calls before passing them on to the real mobile carrier. These "man-in-the-middle attacks," he said, let hackers eavesdrop, but they can also alter the conversation you're having, without your knowledge.

"You send a text saying 'I love you,' and he (the hacker) says, 'I want to break up with you.'" Or worse than that, Markus said, you could be doing business -- maybe the hacker would change "sell it all" to "buy it all," with potentially huge ramifications.

The hackers who attend DEF CON -- now in their thirties instead of their teens as they were at the start of the hacker movement -- hope, in a strange way, that by teaching people about hacking they will make the tech world safer.

DEF CON is their playground of sorts. Many of the hacks aren't necessarily malicious. They are people toying around just to see what's possible.

If they don't do it, then the really bad guys will, they say. There are sessions on cracking Google, PayPal, Apple -- even cars and prison cells.

DEF CON attendees can also learn how to pick locks. On Friday, 17-year-old Cherry Rose de los Reyes picked her first lock while her dad, Roselito, an IT professional, watched admiringly.

"I think I got it," she said, turning a key she had reverse-engineered.

"There, now I don't have to pay Home Depot no more!" her dad said with a laugh.

Some parents might cringe at a dad helping his teenage daughter learn a skill that could be used for breaking and entering. But Roselito de los Reyes says they'd be missing the point.

It's not about breaking the lock, he said, it's about learning the lock can be broken.

"If you educate them not to have a false sense of security just because you have a lock, then being able to open a lock might teach them to use a barbell on the door at home."

So maybe there's a point to the paranoia after all.

Friday, August 5, 2011

Hackers Take $1 Billion a Year as Banks Blame Clients for Crime

Hackers Take $1 Billion a Year as Banks Blame Clients for Crime


Cybercrooks’ Victims

Valiena Allison, chief operating officer of Experi-metal poses in Sterling Heights, Michigan. Photographer: Aly Darin via Bloomberg

Valiena Allison got a call from her bank on a busy morning two years ago about a wire transfer from her company’s account. She told the managers she hadn’t approved the transfer. The problem was, her computer had.

As Allison, chief executive officer of Sterling Heights, Michigan-based Experi-Metal Inc., was to learn, her company computer was approving other transfers as she spoke. During hours of frantic phone calls with her bank, Allison, 45, was unable to stop this cybercrime in progress as transfer followed transfer. By day’s end, $5.2 million was gone.

She turned to her bank, a branch of Comerica Inc. (CMA), to help recover the money for her metal-products firm. It got all but $561,000 of the funds. Then came the surprise: the bank said the loss was Experi-Metal’s problem because it had allowed Allison’s computer to be infected by the hackers.

“At the end of the day, the fraud department at Comerica said: ‘What’s wrong with you? How could you let this happen?’” Allison said.

In increments of a few thousand dollars to a few million per theft, cybercrooks are stealing as much as $1 billion a year from small and mid-sized bank accounts in the U.S. and Europe like Experi-Metal, according to Don Jackson, a security expert at Dell SecureWorks. And account holders are the big losers.

‘Losing More Now’

“I think they’re losing more now than to the James Gang and Bonnie and Clyde and the rest of the famous gangs combined,” said U.S. Senator Sheldon Whitehouse, a Rhode Island Democrat who chaired a Select Committee on Intelligence task force on U.S. cybersecurity in 2010.

Organized criminal gangs, operating mostly out of Eastern Europe, target small companies, school districts and local governments that maintain fat commercial bank accounts protected by rudimentary security measures at community or regional banks. The accounts typically aren’t covered by insurance as individual accounts are.

“If everyone knew their money was at risk in small and medium-sized banks, they would move their accounts to JPMorgan Chase,” said James Woodhill, a venture capitalist who is leading an effort to get smaller banks to upgrade anti-fraud security for their online banking programs.

JPMorgan Chase & Co. (JPM), the second-largest U.S. bank, is the only major U.S. bank that insures commercial deposits against the type of hacking that plagues smaller banks, Woodhill said.

“Chase has invested substantially in fraud prevention and detection capabilities for our clients,” Patrick Linehan, a JPMorgan spokesman, said in an e-mail. “If there is fraud on an account, we work with our clients on a case-by-case basis.”

Smaller Banks

Smaller banks as well as many of the victims tend not to make the thefts public, according to interviews with the customers and experts such as Woodhill. As the threat becomes better known, small-business customers and other target entities may shift their business to large, national banks, which can better absorb the losses to maintain customer relations and which have better security policies to protect clients from such crimes.

“It’s frightening for small businesses because they have no clue about this,” said Avivah Litan, an analyst at Stamford, Connecticut-based Gartner Inc., which does computer analysis. “They just don’t have any clue, and everyone expects their bank to protect them. Businesses are not equipped to deal with this problem, and banks are barely equipped.”

Customers used to being made whole when they are victims of credit-card fraud or ATM thefts have had to sue small and medium-size banks to recover losses after being blamed by their branches for permitting the crime, as Allison was.

Law Enforcement

The traditional help of law enforcement hasn’t been there either for such customers. In the heyday of bank robberies in the 1930s, the FBI became famous for Tommy-gun shootouts with the bad guys, who were put on the Most Wanted list. In most cases, the identities of the John Dillingers and Pretty Boy Floyds of the 21st Century aren’t known because of online anonymity, and the bureau doesn’t disclose statistics on how much these cybercrooks are stealing.

Victims in the last two years have ranged from Green Ford Sales, a car dealership in Abilene,Kansas, to Golden State Bridge Inc., a construction company in California wine country. No need to use a mask or gun. These criminals can steal millions from the comfort of their homes dressed in their pajamas.

The crime profits can be staggering and the risks minimal. Jackson, the security expert, said three sophisticated gangs each haul in at least $100 million a year. That dwarfs the $43 million taken in all conventional bank heists in the U.S. last year, from stick-ups to burglaries, according to the FBI.

A $100 Million Hit

“A $100 million hit on a bank or a series of banks,” Whitehouse said. “That’s a pretty big bank robbery. And it doesn’t even make the press. It just trickles through in FBI tip sheets.”

To law enforcement officials, cybercrime is a new priority. Both the Federal Bureau of Investigation and the U.S. Secret Service, which has jurisdiction over financial crimes, have boosted manpower to combat computer-enabled robberies and have formed partnerships with foreign law-enforcement agencies.

Those efforts have been swamped by the explosion in e- commerce, said Chris Swecker, a former FBI assistant director who advises companies on cybersecurity. As millions of customers have shifted online, criminals have followed, their hacking tools and nimble criminal organizations racing ahead of old- school law enforcement models.

“Through cybercrime, transnational criminal organizations pose a significant threat to financial and trust systems,” including banking, stock markets and credit-card services, according to a National Security Council report issued in July.

National Security Threat

Cybercrime has risen to the level of a national security threat, according to the report, citing a “critical shortage of investigators with the knowledge and expertise to analyze the ever increasing amounts of potential digital evidence.”

The banking industry’s reluctance to confront this problem head-on has allowed criminals to reinvest some of their booty to create better, more effective malicious software, known as malware, according to Woodhill.

Malware is what hurt Earl Goossen, business manager for Green Ford Sales, when he logged on to the company’s payroll account at First Bank Kansas at 7:45 a.m. central standard time on Nov. 3, 2010. Just two days earlier he’d used his computer to arrange for the bank to send out the $63,000 payroll to employee accounts. Everything went smoothly at first. Goossen responded to a follow-up e-mail request from First Bank Kansas to okay the payroll, just as he did on the 1st and 15th of every month.

Malicious Software

Unbeknownst to Goossen, malicious software had infected the computer with a so-called worm, which had the ability to grab passwords, user names and credit-card data.

Some malware allows hackers thousands of miles away to take remote control of machines it infects, as if they were sitting at the keyboard. This malware is affordable and easy to obtain. A basic version sells for less than $5,000, Jackson said. Many models, licensed like commercial software from Microsoft Corp. and Adobe Systems Inc., even come with tech support, he said.

The worm on Goossen’s machine allowed thieves to log onto the website of the auto dealer’s bank using Goossen’s credentials and set up a second payroll batch for the usual amount for nine non-existent employees. The additional payroll was sent out overnight by First Bank.

The software allowed the hackers to grab Goossen’s e-mail password and banking details. All they had to do was change the notification e-mail address to a name under their control.

Gun-Toting Robbers

When an amount like Green Ford’s $63,000 is taken from a bank by gun-toting robbers, the FBI would typically dispatch special agents to cordon off the crime scene and interview witnesses. No agents arrived in Abilene on Nov. 4, and no one at the company was ever interviewed by the bureau about the theft.

Green Ford’s owner, Lease Duckwall, filled out a report with local police, who don’t have a cybercrime unit. The Kansas Bureau of Investigation examined his computer and found nothing of use. Frustrated, Duckwall turned detective, interviewing bank employees, victims of similar crimes and whoever knew anything about cybertheft. In the end, the trail went cold.

Representatives of the FBI and the Secret Service insist they are not overwhelmed.

“I don’t think it’s right to conclude that because there are not a lot of arrests that law enforcement is not doing its job,” said Gordon Snow, the FBI’s assistant director of the cyber division.

Fighting Cybercrime

The FBI and Secret Service have increased the number of agents dedicated to fighting cybercrime. Last September, as part of “Operation Trident Beach,” U.S. prosecutors inManhattan arrested a gang of money mules in connection with a wide-ranging cyberfraud ring that had stolen $70 million from banks and tried to grab another $150 million in the U.S. and Western Europe. No ringleader was arrested, even though five were questioned by police in Ukraine, according to the FBI.

The inability to put handcuffs on suspects in Eastern Europe is a source of frustration for law enforcement, according to representatives of the FBI and Secret Service.

“We can’t let that stop us from continuing to move forward,” said Pablo Martinez, who heads the cybercrime unit at the Secret Service. “You have to go after every target.”

Mules, used by hackers as cutouts, are an obvious target, even the unwitting ones. When thieves stole the money from Duckwall’s dealership, some of the money first went to Shawn Young’s account in upstate New York. Young thought it was a legitimate transaction -- at first.

Assistant Manager

Young, 35, was officially an assistant manager for R.E. Company Back Office. He got his job in October through a Careerbuilder website ad that said an Australian office services company was looking to expand into New York state. He was selected to scout locations in the Binghamton area. It did seem odd his new employer never asked for his Social Security number, he said in an interview.

Part of his job was to transfer payments made by some of the company’s U.S.-based clients to various programmers. He corresponded with his boss, Samantha Simons, exclusively through the company’s intranet site.

At 8:45 a.m. on Nov. 3, Young got his first payment-related assignment. He logged into the R.E. Company Back Office intranet site and learned from his supervisors that $4,975 had been deposited into his account at M&T Bank in Endicott, New York. The sender was Green Ford Sales.

Act Quickly

His boss said he could keep $145 of the money if he acted quickly. Within 10 minutes, he withdrew the funds and drove to the closest Western Union Co. (WU) office, a few miles away. Young pulled into the Western Union parking lot and his cell phone rang. It was a manager from the M&T Bank branch where he’d made the withdrawal. She said the bank had discovered the wire transfer wasn’t authorized. It was only then that Young realized something might be wrong, he said.

On his way back the bank, his phone rang again. It was Simons, calling from a Syracuse telephone area code to see if there was a problem with the transfer. Young, who had never spoken with his boss, told her he’d been asked to return the funds. In a matter-of-fact manner, Simons said OK and hung up, he said.

After learning from his bank that the wire transfer from Green Ford had been unauthorized, Young tried to log into the R.E. Company Bank Office website, but his access had been terminated.

“I was lucky I did not send the money,” Young said. “I dodged a bullet there.”

Christine Palmer wasn’t as fortunate. In February, the single mother from New Britain, Connecticut who moonlights as the manager of a band, Enemy Remains, applied for a position advertised on Careerbuilder.com.

Flexible Gig

A woman named “Jennifer” from CS Office Services called to say she had the job, a flexible gig that paid by the assignment and required her to help process transactions.

On March 3, after a few weeks of online training, Palmer woke up to find that $98,000 had been deposited into her account at Bank of America Corp. (BAC) An e-mail instructed her to withdraw $9,000 in cash and wire it to three individuals in the Ukraine via Western Union.

Then, Palmer was to transfer the rest of the funds to a Ukrainian bank account. As a fee, Palmer could keep $1,800 of the total. Before she’d completed the wire transfer, a man with an Eastern European accent called, urging her to speed things up.

“He sounded very concerned, which made me think I was going to lose my job,” Palmer said.

Stolen Funds

It wasn’t until a few days later, when Charlotte, North Carolina-based Bank of America halted the wire transfer and told her the funds had been stolen, that Palmer realized CS Office Services didn’t really exist, and that her employers were part of a criminal scheme.

Bank of America closed Palmer’s account and told her she was responsible for paying back the $9,000 she’d wired overseas.

Palmer said she no longer looks for jobs advertised on web sites.

Unwitting money mules aren’t the only ones to have gotten wake-up calls in the new world of bank cybercrime. Customers sometimes find their friendly bank has become an adversary, quoting the fine print of account contracts about who is responsible for what.

On May 7, 2009, cyberthieves hacked into the bank account of Patco Construction Inc., based in Sanford, Maine, and initiated a series of wire transfers totaling $56,594. Some transfers bounced back, causing Ocean Bank to send owner Mark Patterson a routine return notice via the U.S. Postal Service.

Transfer Money

Over the next several days, the crooks continued to transfer money out of Patco’s account, removing almost $500,000 before Patterson received the mailed letter from Ocean Bank. The bank eventually recovered a portion of the transfers, leaving Patco with a loss of $345,444, according to Patterson.

Patterson said Ocean Bank rebuffed his attempts to reach a settlement, so in January 2010 he sued. He argued the bank should have done a better job monitoring the company’s bank account. Ocean Bank argued that its protections were “commercially reasonable,” in keeping with general guidance issued by the U.S. banking industry in 2005.

In May, a federal magistrate judge in Portland, Maine, found for Ocean Bank, now known as People’s United Bank, a unit of Bridgeport, Connecticut-based People’s United Financial Inc. (PBCT)

U.S. District Judge D. Brock Hornby in Portland affirmed the magistrate’s decision today.

Infuriated

The magistrate’s ruling infuriated Woodhill, who co-founded Authentify, a cybersecurity firm, in 1999. He is trying to change the law governing liability in hacking cases.

“I can’t fathom how one could consider a security procedure that makes it easy for people to steal money from school districts, churches and small businesses to be commercially reasonable,” Woodhill said.

Woodhill faulted banks for downplaying or hiding the scope of bank heists, a posture he attributes to fear of undermining confidence in an online banking system that saves financial institutions tens of millions of dollars a year in transactions that don’t have to be processed by a human teller.

Last year, Woodhill came to the rescue of Karen McCarthy, whose marketing firm was victimized by hackers in February 2010. McCarthy, who made one wire transfer on the same day every month, for $1,000, noticed a problem with her computer on Feb. 10. The screen had turned blue and appeared frozen, while other computers in her firm seemed to function normally.

McCarthy’s Plans

In the weeks leading up to the frozen-screen episode, McCarthy had reached an agreement to sell her firm, Little & King. She’d bought out her lease, sold her office equipment and supplies and was preparing to join the new company as an employee, leaving behind the worries of business ownership.

After her computer froze, she printed out statements from Toronto Dominion Bank in preparation for the sale of her company. Over the Feb. 13-15 Presidents Day weekend, she couldn’t figure out discrepancies between recent bank statements and the amount in her company’s checking account. Finally, on the Monday evening, a national holiday, she checked her online banking account and saw five unauthorized wire transfers.

She called TD Bank in a panic. Because of the holiday, she was told no one was available. The next morning she marched into her TD Bank branch, in Massapequa, New York, and asked an assistant manager for help.

Calls Not Returned

At first the manager told her the bank would get her money back, she said. Once it became clear the funds were stolen, the bank stopped returning her calls, McCarthy said.

The theft derailed the sale of McCarthy’s company, forcing her to raid her children’s college funds for needed cash. Of the $164,000 stripped from her account, TD Bank recovered almost $95,000, leaving her about $70,000 in the hole -- and without an office or equipment, she said.

When she learned TD Bank was to hold a fraud-prevention seminar on May 13, 2010, in Burlington, Vermont, she hopped on a plane and slipped into the meeting. During the morning presentation, when an expert in wire transactions was talking about ways that small businesses could protect themselves from the dangers posed by cybercriminals, McCarthy raised her hand.

Why wasn’t TD Bank doing a better job protecting its small- business clients, she asked. How had TD Bank allowed $164,000 to be wired out of her account even though she hardly every made wire transfers? As the speaker tried to respond, McCarthy kept peppering him with questions about his bank’s responsibilities to its clients.

Let’s Talk Outside

Two bank representatives, including TD Bank’s head of corporate security and investigations, walked over to McCarthy’s table and suggested they continue the subject outside. McCarthy told the head of security it was good to meet him finally, since she’d been calling him for weeks following the robbery and had never gotten through.

Jennifer Morneau, a spokeswoman for TD Bank, confirmed that there was such an incident involving a “woman from Long Island” at one of its anti-fraud seminars, and didn’t have any further information.

“We constantly monitor and assess the security of our systems,” Morneau said in an e-mailed statement. “We also believe that educating our customers is one of the best ways to help them defend against online fraud and identity theft, because even the best security measures can only prevent fraud if customers are also vigilant about employing the necessary safeguards to protect their information.”

Anti-Bank Website

With Woodhill’s support, McCarthy started a website she calls www.yourmoneyisnotsafeinthebank.org and has organized other cybercrime small-business victims across the country. In industry presentations, Woodhill uses her as an example in describing what’s wrong with online banking and the current rules governing the commercial accounts of small businesses.

“If every small-business account holder in America knew what Karen McCarthy had gone through, there would be a run on the banks,” he said.

Last year Woodhill supported a proposed law, introduced by U.S. Senator Chuck Schumer, a New York Democrat, that would have extended protections enjoyed by individual bank depositors to publicly funded entities such as school districts and town governments. Congress adjourned before any vote was taken.

Woodhill is now pushing for a federal law that would require regional and community banks to warn their commercial clients explicitly of the dangers of cyber fraud. He’s hired former Louisiana congressman Billy Tauzin, a Democrat turned Republican who chaired the House Energy & Commerce committee, to represent him.

Bank Opposition

The American Banking Association has opposed attempts to extend cyberfraud protection from depositors to small-business clients. Until recently, the association’s position has prevailed.

Then came the Experi-Metal lawsuit brought by Valiena Allison against Dallas-based Comerica. In June, U.S. District Judge Patrick J. Duggan ruled in Detroit in favor of Allison and Experi-Metal, agreeing Comerica’s response to the fraud didn’t meet standards of good faith and fair dealing. Comerica agreed to pay Allison almost the entire amount stolen.

Other cybercrime victims have taken note of this precedent, said Brian Krebs, who has written about the Little & King case and other cyberthefts on his blog (www.krebsonsecurity.com).

Village View, an escrow company based in Redondo Beach, California, that was robbed of $465,558 by cyberthieves in March of 2010, sued Professional Business Bank just two weeks after the Experi-Metal decision.

Bank Attitudes

The last thing community banks want is to be at odds with their clients, said Doug Johnson, a senior policy analyst for the American Bankers Association.

“Banks don’t like to sue their customers and customers don’t like to sue their banks,” he said. “When disputes occur, it’s best to try to work together for an appropriate result.”

Woodhill said the banking industry is behind the curve on this matter, just as it was in 1978 when it opposed the Electronic Funds Transfer Act, which protects consumer bank deposits from fraud.

“That’s one of the biggest favors Congress ever did for banks, even though they were against it,” he said. “Banks truly do not understand what their own interests are. Corporate lobbyists only play defense.”


Amazon