Wednesday, April 9, 2008

Local Websites And People Behind Them

BEFORE the days of the printing press, town squares served as the main forum for exchanging community news and gossip. Now comes the virtual town square.

Across the United States, citizen bloggers and deep-pocketed entrepreneurs are creating town-specific, and even neighborhood-specific, Web sites where the public can read and contribute items too small or too fleeting for weekly newspapers. Suburban towns across the greater New York area are joining in, giving residents a new way to avoid traffic snags, find a lost dog or just vent about a local hot-button issue.

"It replaces the guy from 200 years ago who rang the bell in town," said Chris Marengo, a lawyer in Pleasantville, N.Y., who visits www.Pleasantville.AmericanTowns.com every few days to stay abreast of local events. "It's as provincial as it gets."

Mr. Marengo lost his girlfriend's miniature schnauzer, Chip, in a September rainstorm, and posted news about it on the Pleasantville site. Within 24 hours, he had heard from two people who had seen the dog. Ultimately Chip was corralled by someone who had seen a "missing dog" flier on a telephone pole. "But the site definitely got the word around," Mr. Marengo said.

Pleasantville is one of thousands of municipalities on the AmericanTowns service, which is based in Fairfield, Conn. Like other community-oriented sites, AmericanTowns offers users the chance to post information free, to bolster postings by site editors.

Jim Maglione, the company's co-president, said the Pleasantville site is like those of Huntington, N.Y., and Wilton, Conn., in that the information on the site is almost entirely from users. In addition to listing information about lost pets, users post scheduled meetings of religious and community organizations, suggestions for family activities and links to news from local papers, among other things. Community organizations can also create their own Web pages on the site for free.

In December, Mr. Maglione said, AmericanTowns vastly expanded the number of communities it serves, to cover about half of the country's municipalities, and next month he expects to begin allowing users to post photos. With that feature, Mr. Maglione said, he expects more users to post breaking news items along the lines of those featured on WestportNow.com, which has gained national attention in the emerging realm of so-called citizen journalism.

That site, founded in 2003 by Gordon F. Joseloff, a veteran journalist who is now Westport's first selectman, is more concerned with covering town events than with offering a community calendar or service postings. Mr. Joseloff, who stepped back from his duties as chief writer for the Web site when he was elected to his post in Westport in 2005, said he created the site "because the town wasn't being covered in real time."

"We'd like people to hear sirens or see traffic jams and go to WestportNow to see what happened," Mr. Joseloff said. "Before this, there was a lot that happened in Westport that didn't see the light of day."

The site is a more of a news organization than most town-specific sites in that it employs a full-time professional journalist, Jennifer Connic, who used to cover Westport as a newspaper reporter for The Hour of Norwalk. In addition to writing for the Web site and taking photographs, she edits articles and photos contributed by readers.

Alongside features about the best trick-or-treating neighborhoods, the site offers breaking news about accidents, power failures and police reports shortly after they happen, and items about home and building teardowns before they happen.

Such a hard-news bent puts Mr. Joseloff in a tricky ethical position, since he signs Ms. Connic's paychecks, and she covers his actions as town leader. "By the Society of Professional Journalists' rules am I in conflict of interest?" Mr. Joseloff asked. "I plead guilty, but it's a service to the town, and I'll let the readers judge whether it's objective."

Readership is growing, he said, with between 5,000 and 7,000 visitors clicking on the site daily. Advertising revenues are also increasing, he said. Although the site still loses money, Mr. Joseloff said he hoped to develop similar sites elsewhere in Fairfield County.

Another high-profile regional entry in what is also called the hyperlocal journalism movement is Baristanet (www.baristanetnj.com), which focuses mostly on Montclair, N.J. The site, which has operated since early 2004, is unlike WestportNow in that roughly 75 percent of its contributions come from readers.

According to Liz George, a co-owner of the site, Baristanet can attract more than 10,000 visitors on peak days, like the day when the site posted pictures and breaking news of a high-speed police chase through Montclair, Glen Ridge and Bloomfield in November.

"There's a hunger for people wanting to know what's going on, and that's not being met by the local paper," Ms. George said. "The paper has a site, but it's not updated as frequently, and it's not as interactive. We publish stories, and all the readers can comment."

Indeed, Ms. George said some of the more compelling information on the site can come from the running dialogue that often accompanies controversial articles. At times those comments are sprinkled with profanity, she said. "Some people are annoyed by that, but there are a lot of people who come to the site because it can get nasty at times," she said. "It's like reality TV."

Like reality TV, the site sometimes shines an uncomfortably close spotlight on its subjects — in this case, issues that may not make the local newspaper. For instance, Ms. George said the site wrote last fall about referees "being abused by soccer parents."

"Normally you'd talk about it with a girlfriend at the coffee shop, but someone sent it to us because they knew we'd publish it," Ms. George added. "It makes people a little wary, I think. It keeps people honest."

For Martta Rose, a public relations executive from Verona, N.J., who has read Baristanet since 2004, the site is both an outlet for her own conservative commentary and a source of important community information.

Last fall, Ms. Rose was at work in Manhattan when she clicked to Baristanet and found news about a traffic jam in northern New Jersey.

"I took a later bus, and the problem was cleared up by that time," Ms. Rose said. "And I got to work a little longer."

NYTimes.Com

Can Hair Test Be Defeated

Monday, April 7, 2008

UCLA: 800,000 records hacked

Ah, college. A time to learn, make friends, and discover your identity. Or if you go to UCLA, a time to have your identity stolen. Up until late last month, University of California at Los Angeles administrators have now confessed, a hacker has been accessing records of as many as 800,000 current, former, and prospective students; faculty members; and staff.

This is a big deal, because unlike past incidents where records containing sensitive data were merely lost or misplaced, UCLA network administrators found evidence that the hacker was actively accessing records. If you've had any affiliation with UCLA - even by applying to the school, check out the FTC's guidelines for dealing with identity theft.

Here's why this happened - and why it won't be the last identity-theft incident to come around. Also, I'm posting a copy of UCLA's notice to those affected.

Universities have notoriously bad computer security. Why? To preserve academic freedom, network administrators put minimal restrictions on network activity. And that's a good thing - Google (GOOG) started out as a Stanford University research project, and had Stanford's sysadmins been stricter, Google might never have gotten off the ground. But IT personnel need to separate loose, free-flowing academic networks from the record-keeping systems used to administer the campus, and put those official systems behind tight firewalls.Tight state-government budgets and bureaucratic purchasing procedures pretty much guarantee that public institutions are always going to be behind the times in the latest security software and hardware - and it only takes one unpatched bug to create a hole a hacker can exploit.Colleges need to have sensitive information like social-security numbers to process loan applications and pay student workers. But that SSN ends up being used as an identifier for other purposes, merely out of convenience. University systems like Kansas State only recently instituted a policy calling for the discontinuation of use of the SSN as a student identifier. But until more schools create, and more importantly, implement, such policies, social-security numbers are going to be scattered across all kinds of college IT systems, creating tempting targets.

This is going to get expensive for UCLA. Ohio University spent $77,000 dealing with a data breach a quarter the size of UCLA's. That doesn't even count the cost of lost donations from outraged alumni, of course.

Here's the letter from UCLA acting chancellor Norman Abrams:

----- Forwarded Message ----
From: "Norman Abrams, Acting Chancellor, UCLA"
Sent: Tuesday, December 12, 2006 8:22:28 AM
Subject: UCLA Warns of Unauthorized Access to Restricted Database

December 12, 2006

Dear Friend,

UCLA computer administrators have discovered that a restricted campus database containing certain personal information has been illegally accessed by a sophisticated computer hacker. This database contains certain personal information about UCLA's current and some former students, faculty and staff, some student applicants and some parents of students or applicants who applied for financial aid. The database also includes current and some former faculty and staff at the University of California, Merced, and current and some former employees of the University of California Office of the President, for which UCLA does administrative processing.

I regret having to inform you that your name is in the database. While we are uncertain whether your personal information was actually obtained, we know that the hacker sought and retrieved some Social Security numbers. Therefore, I want to bring this situation to your attention and urge you to take actions to minimize your potential risk of identity theft. I emphasize that we have no evidence that personal information has been misused.

The information stored on the affected database includes names and Social Security numbers, dates of birth, home addresses and contact information. It does not include driver's license numbers or credit card or banking information.

Only designated users whose jobs require working with the restricted data are given passwords to access this database. However, an unauthorized person exploited a previously undetected software flaw and fraudulently accessed the database between October 2005 and November 2006. When UCLA discovered this activity on Nov. 21, 2006, computer security staff immediately blocked all access to Social Security numbers and began an emergency investigation. While UCLA currently utilizes sophisticated information security measures to protect this database, several measures that were already under way have been accelerated.

In addition, UCLA has notified the FBI, which is conducting its own investigation. We began notifying those individuals in the affected database as soon as possible after determining that personal data was accessed and after we retrieved individual contact information.

As a precaution, I recommend that you place a fraud alert on your consumer credit file. By doing so, you let creditors know to watch for unusual or suspicious activity, such as someone attempting to open a new credit card account in your name. You may also wish to consider placing a security freeze on your accounts by writing to the credit bureaus. A security freeze means that your credit history cannot be seen by potential creditors, insurance companies or employers doing background checks unless you give consent. For details on how to take these steps, please visit http://www.identityalert.ucla.edu/what_you_can_do.htm.

Extensive information on steps to protect against personal identity theft and fraud are on the Web site of the California Office of Privacy Protection, a division of the state Department of Consumer Affairs, http://www.privacy.ca.gov .

Information also is available on a Web site we have established, http://www.identityalert.ucla.edu . The site includes additional information on this situation, further suggestions for monitoring your credit and links to state and federal resources. If you have questions about this incident and its implications, you may call our toll-free number, (877) 533-8082.

Please be aware that dishonest people falsely identifying themselves as UCLA representatives might contact you and offer assistance. I want to assure you that UCLA will not contact you by phone, e-mail or any other method to ask you for personal information. I strongly urge you not to release any personal information in response to inquiries of this nature.

We have a responsibility to safeguard personal information, an obligation that we take very seriously.

I deeply regret any concern or inconvenience this incident may cause you.

Sincerely,
Norman Abrams, Acting Chancellor

This is an automated message regarding the recent identity alert at UCLA. We're sorry, but we are unable to respond to emails. Please do not reply to this email. If you have questions or concerns and would like to speak with someone, please call (877) 533-8082. For additional information and steps to take, please go to the dedicated website at http://www.identityalert.ucla.edu
Source - Business 2.0

O casual caf� data