News from Anguilla
Please feel free to contribute to, reply to or (Heaven forbid) correct any item in these newsletters. Send an e-mail to: email@example.com Your input will be discretely disseminated.
Latest News from Anguilla....
... continues to be dominated by the political developments. These are best (and most ably) illustrated by the three Front page headlines from "The Anguillian" on its weekly issue dated 21 January 2000:"Hair's Breadth From British Action"
"The British Government was determined to bring to an end the deteriorating political situation in Anguilla, whichever way the High Court had ruled in the recent constitutional case. This was revealed in similar letters to [the] Chief Minister ... and Speaker of The House of Assembly ... from Baroness Patricia Scotland of Asthal Q.C., Minister responsible for the Overseas Territories ... brought to Anguilla last week by the Head of the Overseas Territories Department of the Foreign & Commonwealth Office in London....which set out certain terms to which the Chief Minister and The Speaker were requested to agree within one week". The article continues by saying that Baroness advised The Speaker (the full text is disclosed in the paper) that should judgement to have gone against him, he was expected to allow the House to meet and transact business as soon as possible; if it ruled for him, the best thing would be for the House to be dissolved and a general election be held immediately. She warned that if the terms were not accepted by each party she would have no alternative but to instruct the Governor to dissolve the House of Assembly and organise a general election immediately. As reported in the last issue, this luckily did not happen - the Chief Minister asked The Governor to dissolve the House after coming "first runner-up" in the case.
"Governor Harris Speaks His Mind"
The Governor leaves the diplomatic service in a week's time; Anguilla was his last posting. He said that the British have never been hard taskmasters as far as Anguilla is concerned and that he was listening to the rhetoric that was starting as a consequence of the election with such talk of "colonial yoke" and "slavery and atrocities", which he dismissed as pure nonsense. He advises Anguillians that, should they want independence from the U.K., they should grab it. If they want the present mutual relationship to continue, they should grab that opportunity too, by ensuring that whichever administration emerges from the elections co-operated with the British Government. He continued: "If Britain is to retain its constitutional relationship with Anguilla it will require it has a certain modicum of power because ultimately it will pick up the tab for what happens; and it has a right to insist that the size of that tab is something over which it has a little control.... We are not going to be some kind of a milch cow that you run to and ask for money when you like .. It hasn't worked that way for years". At the end of his 3-year term, he expresses disappointment with his work here: "I would be foolish if I said I had a successful tour of duty, speaking professionally .. I haven't found it possible, for reasons which do not need explaining, to work closely with the Government of Anguilla any more than my predecessors found it easy to work with this particular Government. Indeed I would say that it has been a waste of my professional time"."CM: God Said To Me, 'Sir, Dissolve the House of Assembly' ".
Speaking at his weekly press conference on 14 January, Mt. Hughes said that if he had received the letter [from Baroness Scotland] the day before judgement was read [there was a travel hitch which delayed the arrival of the emissary]"The whole world would have heard about what I would have said about the British conspiracy in Anguilla... It so happened that the decision was given before [the emissary] arrived....If I had got that letter before, then it could be said that Hubert did it under pressure and he was ordered to do it. God, in his wisdom, told me: 'Take no other advice. Go forward, Sir, and give the Governor notice to dissolve the House of Assembly immediately', and I did so."Comment: It is refreshing to know that, by addressing Chief Minister Hughes as "Sir", even the Almighty knows his place in the pantheon and the cosmic scale of things! This should not surprise us though. As Hurricane Lenny approached in November, amid the reassuring exhortations in radio addresses from officials such as the Governor, the Chief Minister was able to refute the mumbo-jumbo put out by the experts on The Weather Channel as to why the system was approaching the area. He had been told (presumably by God) that it was coming as a divine punishment because of the ungodly ways of Anguillians, some of whom did not go to church too often, and the tendency of St. Maarten to admit cruise ships with gay passengers. And, it has to be said, not everyone disagreed with him!....
Regardless of the result of the election it will be good for Anguilla. For the first time in a year we will have a Government operating as Governments do elsewhere, with a majority in the legislature and a mandate from the electorate. A bright, golden future beckons.
Apologies to all Lunatics!
If you relied on the piece in our last issue, which quoted our local expert on matters astronomical, you would have gazed in vain at 8.00 p.m. EST (9.00 p.m. island time) for the lunar eclipse. I know, I did! What seems to have happened was that she mis-read the runes on the message sent to her, and the time that she had down for the Full Moon (11.40 p.m.) should have been that of the eclipse. Apart from that, the critical second sentence in her report was correct in every detail - well at least the full-stop was in the right place! GIGO. By the time that I realised what had happened (minutes after 9.00 in Anguilla), after having gone back to the web, it was too late to let anyone know. Anyway it was a bonus for those who were travelling locally in the wee hours because there was little cloud locally. One cynic observed, "If you've seen one eclipse, you've seen them all". All the same it was nice to see the stars, usually outshone at the time of the Full Moon, make a spectacular comeback, if only for a short time. It was just like going to a Planetarium, but cheaper, nearer and without anyone coughing or sneezing!
This issue's "how to avoid being the victim of a scam" article
A subscriber, who I've known for a few years, this week received an invitation on his "Excite" message-board to participate in an investment club run by "Le Club Prive [last letter has an acute accent] S.A.", run from The Netherlands. Their Website is at: http://www.lcpmembers.com/jag-dreamer. I suggest that you have a look at it (as in "look but don't touch") so that you can see what is being offered; we can use this as a textbook example. Our subscriber printed the message but deleted the file, but kindly faxed the printed version over.
The fax said that some of the vehicles available in the "backroom" are:
Also you get European bank account with a debit card that has no daily limit and can be used at any ATM in the world; Private e-mail address; full access to "insider" information via chat rooms; monthly newsletter; etc. etc.
You may have noticed that inclusion in their programme requires a payment by Western Union of US$1495.
Well, the web-site looked nice but the whole thing certainly smelled scammy. For one thing, this payment by Western Union means that you can't do a credit card charge-back. For another, their references to opportunities using "insider" information, while playing on avarice, also implies (if true) that laws are being broken. On the other hand, when looking at these rates of return, it is easy to reflect how some brokers are making small fortunes on investments for their clients (but it is amazing how, like casino players, everyone talks about how much they are ahead while never fessing up to their lemons; the laws of gravity seem to have been suspended). I needed some second opinions so I went for them.
After taking down some keywords from their website, I looked at back issues of "Offshore Alert" as well as newsletters put out by I.T.I Management's Roy Bouchier in The Bahamas. Alas, this outfit was just too new for these publications. A contemporary, from another office, looked at the site and was struck by the reference to payments for recruiting others (or referrals), so it had aspects of a pyramid/MLM/Ponzi scheme. Then David Marchant, of "Offshore Alert" replied:
And Anguilla's Director of Financial Services, John Lawrence, chipped in with:
All of which goes to show that the only sure-fire way to double your money in the short-term is to fold it in half.
That little item of plastic, which spends most of its time resting in your wallet or purse may be living a double-life. Consider these 3 items.
The first is from the front page of a recent issue of "The Daily Herald", a sub-regional newspaper published in St. Maarten; the other two are e-zine submissions, one from a subscriber (who doubles as my son).
The "Herald" item is from memory - our copy of that issue is now enjoying retirement down at the Corito dump (sorry, landfill site).
The gist of it was that as a result of co-operation between the police authorities in the U.S. and St. Maarten, a recently opened jewellery store, in the heart of Philipsburg, has been abruptly shut down and the owners/operators are being charged with fraud. The allegation is that the store was merely a front for a credit card racket: real cardholder information had been imprinted on to bogus cards (magnetic strip and all) shipped in from Panama; lots of charges had materialised in this way at the store which had relatively few bona fide transactions in the duration.
The next two concern encryption, a fascinating subject in itself, which we'll be looking at (in the context of the protection of privacy) in a subsequent edition. As you are no doubt aware, one of the tacit assumptions surrounding the viability of the booming e-commerce is that a credit card holder's card information remains confidential; for this reason, the credit card information is encrypted (or scrambled) and the information holders have encryption keys, apparently random gibberish of letters numbers and characters. So that the card information cannot be compromised while in cyberspace. Well, that is the theory ...
The first can be accessed at: here and was authored/posted by Doug Brown, of Inter@ctive Week on Mon, 10 Jan 2000 10:37:14 GMT
Encryption keys vulnerable, researchers warn
Hackers can break into servers and steal encryption keys
Researchers at an English company announced Wednesday that they found a way to pluck from Web servers "keys" that provide access to private data stored on servers, such as credit-card numbers.
The revelation that hackers can break into servers and steal encryption keys could have repercussions throughout the electronic commerce landscape. Companies have long struggled with ensuring customers' privacy in the face of increasing hacker ingenuity, but encryption keys were generally believed to dwell in a safe haven.
"It's a pretty big deal," said Tom Hopcroft, president of the Massachusetts Electronic Commerce Association. "Currently, people feel that their keys for credit-card numbers are pretty safe, because they are on a server with a lot of other data, where they might be hard to find."
In light of the discovery that encryption keys are readily open to attack, companies must find ways to prevent their discovery, Hopcroft added. "The loss of consumer confidence could cripple the phenomenal growth of electronic commerce," he said. "A lot of that [growth] is because we don't have a fear of giving out our credit-card numbers over the Internet."
Alex Van Someren, president of nCipher in Cambridge, England, said the discovery of a method for retrieving encryption keys revolves around research conducted by his brother Nicko, chief technology officer and co-founder of nCipher, and Adi Shamir of the Weizmann Institute in Israel, co-inventor of the RSA encryption system, the base for much current encryption technology.
The researchers published their initial findings at the Financial Cryptography '99 conference in February 1999. [Editorial note: this has taken place every year in Anguilla]. The research, Alex Van Someren said, laid a theoretical framework for an encryption key retrieval method.
Now, he said, the researchers have demonstrated a concrete method for finding and stealing encryption keys from servers.
The technology centers on this: There is a general assumption that encryption keys will be impossible to find because they are buried in servers crowded with similar strings of code. What the researchers discovered, however, is that encryption keys are more random than other data stored in servers. To find the encryption key, one need only search for abnormally random data.
Hopcroft compared the method to classic Cold War tactics.
"The United States developed quieter and quieter submarines, but they made them so quiet it was quieter than the ambient noise around them," he said. "So the Soviets could search for quiet spots."
The problem could be particularly nettlesome for smaller companies, because many of them run their Web businesses on servers shared by other companies.
All a hacker would have to do, Hopcroft said, is set up an account with an Internet service provider hosting a company's Web site, "go into that server and root around looking for the keys of other companies. With [the key] there is no way for me to be distinguished from a legitimate business owner."
Van Someren said nCipher decided to go after encryption keys because "we make products that redress these problems." The company offers a hardware solution to the problem of encryption-key security.
Van Someren noted that it's possible that others - hackers, in particular - already have discovered the path to the once-hidden encryption keys. "We haven't seen any evidence of real attacks occurring, but if it were to occur, there would not necessarily be any trace left behind that it had occurred," he said.
Peter Neumann, a computer security researcher at SRI International in Menlo Park, California, said the discovery stands as just one more demonstration of "how flaky our infrastructure is."
"Every operating system can be broken into one way or another, and the servers aren't an exception," he added. "We need a great deal more security than we have at the moment as we enter into electronic commerce. And the bottom line is we should be a little bit more cautious about depending upon cryptography as the answer to all of our problems, because it isn't. It's very difficult to embed it properly into a system."
Bruce Schneier, a world-renowned cryptography expert and chief technology officer at Counterpane Internet Security in San Jose, echoed Neumann.
"Security vulnerabilities are inevitable, because of the complexity of the product, the rush to market, all of these things," he said. "So the vulnerabilities, we see them every week. The only solution is to build security processes that take into account the fallibility of the products."
Of the nCipher discovery, he said: "Let's say we fix this one. We're not magically better. We've fixed one little thing."
And an even more recent article:
US: Hacker forces recall of Amex cards
In one of the most widespread security breaches yet reported by at internet retailer, American Express and Discover are replacing all the credit card numbers of their customers who have shopped at CDUniverse, a US music retailer.
This follows claims by a hacker known as "Maxus" that he had broken into the web site, stolen records of credit card transactions and published thousands of the account numbers on the internet. The hacker is reported to have attempted to extort $100,000 from eUniverse, owner of CDUniverse in return for the credit card data. In a statement last week, the company said that it had refused to pay and referred the case to the FBI.
The incident highlights the security challenges faced by internet retailers, and could help to reawaken consumer concerns about the security of online shopping that had largely been laid to rest before last year's record Christmas online shopping season.
We'll be discussing the implications of this with the routine encryption of e-mail in an upcoming issue. For now, we'll all have to start looking at our monthly statements with an even keener eye and a very sharp-toothed comb!
Needless to say, readers of this newsletter are encouraged to subscribe to the original source of all articles. Details can be provided if you do not have them.
And Finally - Something On The Light Side:
This is a quiz which consists of four questions that tell you
whether or not you are qualified to be a professional.