Phil Zimmermann's PGP is back in the hands of an independent company, after Network Associates agreed to sell the technology it mothballed back in March to a start-up specially created to market PGP.

Jon Callas, the former PGP chief scientist, becomes the CTO of the new company, PGP Corporation. Will Price, former Director of Engineering at NAI, becomes VP of engineering.

The good news is that the Windows XP and Mac OS X versions of version 8.0 of the excellent PGP Desktop, which were ready when Network Associates canned the division, will now ship in the fourth quarter, according to a company statement.

Business News from Wired News - Identity Theft Is Rife in Russia.

Millions of dollars are being lost by expats and local residents in Russia due to skimming and other forms of credit card fraud.

Slashdot | PGP Acquired From NAI.

lowy writes "PGP Corporation, the 'new company with a long history' today announced that it has received $14 Million in funding and acquired the PGP Desktop and Wireless encryption product lines from Network Associates, Inc." --- PGP Corporation issued five press releases today, but we'll forgive it because it actually has products to sell, promises to keep offering a freeware version, and is taking on tech support for existing customers. Also, the email from NAI to its customers follows.

CNET NEWS.COM - New company aims for simpler PGP.

PGP Corp. sets out to do what Network Associates couldn't--entice enterprise customers to buy encryption products based on the PGP algorithm by making them easier to use.

[ ... ]

The deal gives the new company a line of encryption products based on the PGP algorithm, including PGPmail, PGPfile, PGPwireless, PGPkeyserver, for the Windows and Macintosh operating systems. Network Associates will retain some products developed using the PGPsdk encryption software development kit, including McAfee E-Business Server and McAfee Desktop Firewall and VPN Client.

CNET NEWS.COM - Debunking DMCA myths.

Should researchers really be so worried about the much-reviled Digital Millennium Copyright Act?

If you believe the buzz, you'll conclude that programmers, academics and engineers should be scared witless about being sued under the DMCA. In effect for nearly two years, the law sets protections for the codes that are wrapped around certain copyrighted content such as DVDs and electronic books.

An attorney for the Computing Research Association, representing the computer science departments of some 200 universities, claims that "professors are afraid to study information systems or to publish their research." One researcher in the Netherlands announced that, because of the DMCA, he would not reveal his analysis of Intel's digital video system. Edward Felten, a computer scientist at Princeton University, and his colleagues postponed a presentation of their co-authored paper for four months after receiving DMCA threats.

Because some of his co-authors' employers nixed the presentation, Felten's delay is understandable. However, the fears of legal action may not all be justified.

Don't get me wrong. The DMCA is both an egregious law and a brazen power grab by Hollywood, the music industry and software companies. It is probably unconstitutional. It creates unnecessary federal crimes, cedes too much authority to copyright holders, and should be unceremoniously tossed out by the courts. (As a bonus, perhaps we could horsewhip its many fans in Congress.)

Even so, not all execrable laws are equally loathsome. A careful look at the DMCA shows that, far from prohibiting all security research, the law does not regulate as many activities as people seem to believe. And if activists hope to assail a law like the DMCA, they'll be taken more seriously if they know what they're talking about.

CNET NEWS.COM - Linux makes a run for government.

Strong support for the open-source operating system within the government came from a surprising quarter in early 2001 with the release of Security-Enhanced Linux from the National Security Agency, which for decades stymied researchers' and technology companies' efforts to create broadly available strong encryption.

"SE Linux" adds military-strength architecture improvements to Linux, the most obvious security improvement being mandatory access controls, or MACs, based on technology developed by Secure Computing Corp. The Cyberspace Policy Institute plans to also add authentication and key management features to the operating system.

[ ... ]

SE Linux may be the NSA's last direct contribution to open-source security, however. Because of loud criticism, the NSA will have a far less direct role in the creation of more secure versions of open-source software.

"We didn't fully understand the consequences of releasing software under the GPL (General Public License)," said Dick Schafer, deputy director of the NSA. "We received a lot of loud complaints regarding our efforts with SE Linux."

Many complaints criticized the agency for providing the fruits of research to everyone, not just U.S. companies, and thus hurting American business.

While stressing that the agency received a loud chorus of support as well, the chagrined Schafer said that the issue was contentious enough that "we won't be doing anything like that again."

Sources familiar with events said that aggressive Microsoft lobbying efforts have contributed to a halt on any further work. "Microsoft was worried that the NSA's releasing open-source software would compete with American proprietary software," said a source familiar with the complaints against the NSA who asked not to be identified.

Slashdot | Did MS Lobbying Stop NSA Work On SELinux?

inquisitive points to this CNET story on how George Wash Univ. may help Linux gain certification under the Common Criteria, certification required for software to be used in some sensitive government roles. In the same story, though, is an interesting quote from another effort at bringing GPL'd software to the public sector: --- "'We didn't fully understand the consequences of releasing software under the GPL (General Public License),' said Dick Schafer, deputy director of the NSA. 'We received a lot of loud complaints regarding our efforts with SE Linux.'" Sources familiar with events said that aggressive Microsoft lobbying efforts have contributed to a halt on any further work. 'Microsoft was worried that the NSA's releasing open-source software would compete with American proprietary software,' said a source familiar with the complaints against the NSA who asked not to be identified."

Slashdot | Securing Fiber Using Light Polarization.

screenbert writes: "A new and novel way of communicating over fiber optics is being developed by physicists supported by the Office of Naval Research. Rather than using the amplitude and frequency of electromagnetic waves, they're using the polarization of the wave to carry the signal. Such a method offers a novel and elegant method of secure communication over fiber optic lines. This press release has more information. Of course I always thought that fiber was always pretty secure anyway since it's a lot harder to tap than copper."

Slashdot | Your Rights Online - The Continuing Rise of E-Mail Marketing

Mark Cantrell writes: "Yahoo is running a story from Reuters Internet Report that says that companies like Doubleclick are becoming more popular with online businesses because of the low price they charge. $25 for 1000 people spammed is the example given. They do mention that there is a threat that spam may get out of hand, however. May get? Obviously they haven't seen my mailbox or Usenet lately. My favorite quote from the article: 'I think spam is becoming a problem,' Bluefly's Seiff said. 'Any time you get clutter in your mailboxes, it is not beneficial to e-mail marketers like us.'" --- The article touches on true spam, but mostly talks about the much more benign stuff lumped under "direct marketing," like reminder updates from stores you cleared to send it to you.

Slashdot | DVD Region Encoding on Verge of Collapse?

Spudley writes "It seems like the infamous Region Encoding system used by DVD manufacturers to prevent us buying disks from overseas is about to collapse - due to widespread flaunting of the system. This article on the BBC doesn't go into much technical detail, but does include an interview with a company that manufactures DVD players ("You can find codes for more or less all brands of DVD player including ours") and some speculation on the future." --- It always seemed like an idea destined to fail.

New York Times - free registration required Web Retailers Try to Get Personal.

E-commerce companies are now starting to reverse that pattern, by monitoring their customers' surfing patterns, and engaging them in an online chat when the time is right. Many sites have for years offered online chat for customers who click on the customer service or help button, but this trend, while in its infancy, promises to turn chat into something that adds revenue, instead of costs, to the company.

Microsoft, MyFamily.com and others are proceeding slowly with such initiatives, a testament to the many pitfalls awaiting Web sites that do this wrong. Chief among them, of course, is the risk that sites will startle customers who are confronted with an online representative who has been monitoring their browsing.

The Independent Online - Librarians air concerns over USA Patriot Act found via Library Stuff.

As a group, librarians are not known for being overly emotional or prone to hyperbole. So when a regional association of librarians gathers to voice its concerns over the erosion of civil liberties and the destruction of historical documents, it might be wise for the rest of us to sit up and take notice.

There was certainly no lack of fodder for discussion at this year's meeting of the Pacific Northwest Library Association (PNLA), held Aug. 7 at the Holiday Inn-Parkside in Missoula. Among the most pressing business they addressed is the role of librarians in the wake of the USA Patriot Act, a sweeping piece of national security legislation passed by Congress last year in the wake of the Sept. 11 attacks.

Deborah Schlesinger, director of Lewis and Clark Library in Helena, said that she is deeply concerned with her role as a librarian under the USA Patriot Act, specifically, about being an accomplice in the violation of Americans' civil liberties.

"The Patriot Act is so broad of breadth and has so few of the traditional checks and balances that we have come to expect with civil liberties in this country," Schlesinger said. "The FBI had to get a subpoena before. We have a Montana Confidentiality of Library Records statute which says we may give up library records based upon a duly constituted subpoena, which would have to be signed by a judge and which is public information. This new Patriot Act does not require subpoenas. It requires search warrants, and there's no disputing the search warrant. They just come in and search."

Schlesinger said that she is also uneasy about the gag order that accompanies such search warrants under the new federal law.

"With the gag order, if I'm served with a search warrant, I can't tell anybody about it," she said. "If we're not allowed to talk about what has been requested of us, there's no chance for people to get enraged by what has been done."