60. We lost the war. Welcome to the world of tomorrow - Du Chaos Computer Club by  Frank Rieger - Jan 10, 2006

FINGERPRINT scanners, increasingly used for everything from improving security at airports to preventing cellphone theft, can be fooled by fake fingers made of silicone, gelatine and even Play-Doh. Biometrics experts are working on ways to beat the fraudsters, and one of the latest takes a sensuous approach: an "electronic nose" that can distinguish the unique aroma of human skin.

Electronic noses are often used to monitor pollution and to determine whether food is spoilt. They contain a metal oxide film the electrical properties of which change when certain gas molecules pass over it. Different metal oxides react to different gases.

Now Davide Maltoni at the University of Bologna in Italy suggests placing noses inside fingerprint scanners, next to the optical device that images the fingerprint, to detect the volatile molecules exuded by human skin. To test the idea, he used an off-the-shelf electronic nose based on a single metal oxide ...

==============================
60. We lost the war. Welcome to the world of tomorrow - Du Chaos Computer Club by  Frank Rieger - Jan 10, 2006

Source Next Contents

Just right before, everything looked not too bad. We had survived Y2K with barely a scratch. The world’s outlook was mildly optimistic after all. The “New Economy” bubble gave most of us fun things to do and the fleeting hope of plenty of cash not so far down the road. We had won the Clipper-Chip battle, and crypto-regulation as we knew it was a thing of the past. The waves of technology development seemed to work in favor of freedom, most of the time. The future looked like a yellow brick road to a nirvana of endless bandwith, the rule of ideas over matter and dissolving nation states. The big corporations were at our mercy because we knew what the future would look like and we had the technology to built it. Those were the days. Remember them for your grandchildren’s bedtime stories. They will never come back again.

We are now deep inside the other kind of future, the future that we speculated about as a worst case scenario, back then. This is the ugly future, the one we never wanted, the one that we fought to prevent. We failed. Probably it was not even our fault. But we are forced to live in it now.

Democracy is already over

By its very nature the western democracies have become a playground for lobbyists, industry interests and conspiracies that have absolutely no interest in real democracy. The “democracy show” must go on nonetheless. Conveniently, the show consumes the energy of those that might otherwise become dangerous to the status quo. The show provides the necessary excuse when things go wrong and keeps up the illusion of participation. Also, the system provides organized and regulated battleground rules to find out which interest groups and conspiracies have the upper hand for a while. Most of the time it prevents open and violent power struggles that could destabilize everything. So it is in the best interest of most players to keep at least certain elements of the current “democracy show” alive. Even for the more evil conspiracies around, the system is useful as it is. Certainly, the features that could provide unpleasant surprises like direct popular votes on key issues are the least likely to survive in the long run.

Of course, those in power want to minimize the influence of random chaotic outbursts of popular will as much as possible. The real decisions in government are not made by ministers or the parliament. The real power of government rests with the undersecretaries and other high-level, non-elected civil servants who stay while the politicians come and go. Especially in the bureaucracies of the intelligence agencies, the ministry of interior, the military, and other key nodes of power the long-term planning and decision-making is not left to the incompetent mediocre political actors that get elected more or less at random. Long term stability is a highly valued thing in power relations. So even if the politicians of states suddenly start to be hostile to each other, their intelligence agencies will often continue to cooperate and trade telecommunication interception results as if nothing has happened.

Let’s try for a minute to look at the world from the perspective of such an 60-year-old bureaucrat that has access to the key data, the privilege to be paid to think ahead, and the task to prepare the policy for the next decades. What he would see, could look like this : ?

First,

paid manual labor will be eaten away further by technology, even more rapidly than today. Robotics will evolve far enough to kill a sizeable chunk of the remaining low-end manual jobs. Of course, there will be new jobs, servicing the robots, biotech, designing stuff, working on the nanotech developments etc. But these will be few, compared with today, and require higher education. Globalization continues its merciless course and will also export a lot of jobs of the brain-labor type to India and China, as soon as education levels there permit it.

So the western societies will end up with a large percentage of population, at least a third, but possibly half of those in working age, having no real paid work. There are those whose talents are cheaper to be had elsewhere, those who are more inclined to manual labor. Not only the undereducated but all those who simply cannot find a decent job anymore. This part of the population needs to be pacified, either by Disney or by Dictatorship, most probably by both. The unemployment problem severely affects the ability of states to pay for social benefits. At some point it becomes cheaper to put money into repressive police forces and rule by fear than put the money into pay-outs to the unemployed population and buy the social peace. Criminal activities look more interesting when there is no decent job to be had. Violence is the unavoidable consequence of degrading social standards. Universal surveillance might dampen the consequences for those who remain with some wealth to defend. ?

Second,

climate change increases the frequency and devastation of natural disasters, creating large scale emergency situations. Depending on geography, large parts of land may become uninhabitable due to draught, flood, fires or plagues. This creates a multitude of unpleasant effects. A large number of people need to move, crop and animal production shrinks, industrial centers and cities may be damaged to the point where abandoning them is the only sensible choice left. The loss of property like non-usable (or non-insurable) real estate will be frightening. The resulting internal migratory pressures towards “safe areas” become a significant problem. Properly trained personal, equipment, and supplies to respond to environmental emergencies are needed standby all the time, eating up scarce government resources. The conscript parts of national armed forces may be formed into disaster relief units as they hang around anyway with no real job to do except securing fossil energy sources abroad and helping out the border police.

Third,

immigration pressure from neighboring regions will raise in all western countries. It looks like the climate disaster will strike worst at first in areas like Africa and Latin America and the economy there is unlikely to cope any better than the western countries with globalization and other problems ahead. So the number of people who want to leave from there to somewhere inhabitable at all costs will rise substantially. The western countries need a certain amount of immigration to fill up their demographic holes but the number of people who want to come will be far higher. Managing a controlled immigration process according to the demographic needs is a nasty task where things can only go wrong most of the time. The nearly unavoidable reaction will be a Fortress Europe : serious border controls and fortifications, frequent and omnipresent internal identity checks, fast and merciless deportation of illegal immigrants, biometrics on every possible corner. Technology for border control can be made quite efficient once ethical hurdles have fallen.

Fourth,

at some point in the next decades the energy crisis will strike with full force. Oil will cost a fortune as production capacities can no longer be extended economically to meet the rising demand. Natural gas and coal will last a bit longer, a nuclear renaissance may dampen the worst of the pains. But the core fact remains : a massive change in energy infrastructure is unavoidable. Whether the transition will be harsh, painful and society-wrecking, or just annoying and expensive depends on how soon before peak oil the investments into new energy systems start on a massive scale as oil becomes to expensive to burn. Procrastination is a sure recipe for disaster. The geo-strategic and military race for the remaining large reserves of oil has already begun and will cost vast resources.

Fifth,

we are on the verge of technology developments that may require draconic restrictions and controls to prevent the total disruption of society. Genetic engineering and other biotechnology as well as nanotechnology (and potentially free energy technologies if they exist) will put immense powers into the hands of skilled and knowledgeable individuals. Given the general raise in paranoia, most people (and for sure those in power) will not continue to trust that common sense will prevent the worst. There will be a tendency of controls that keep this kind of technology in the hands of “trustworthy” corporations or state entities. These controls, of course, need to be enforced, surveillance of the usual suspects must be put in place to get advanced knowledge of potential dangers. Science may no longer be a harmless, self-regulating thing but something that needs to be tightly controlled and regulated, at least in the critical areas. The measures needed to contain a potential global pandemic from the Strange Virus of the Year are just a subset of those needed to contain a nanotech or biotech disaster.

Now what follows from this view of the world ? What changes to society are required to cope with these trends from the viewpoint of our 60-year-old power brokering bureaucrat ?

Strategically it all points to massive investments into internal security. Presenting the problem to the population as a mutually exclusive choice between an uncertain dangerous freedom and an assured survival under the securing umbrella of the trustworthy state becomes more easy the further the various crises develop. The more wealthy parts of the population will certainly require protection from illegal immigrants, criminals, terrorists and implicitly also from the anger of less affluent citizens. And since the current system values rich people more then poor ones, the rich must get their protection. The security industry will certainly be of happy helpful assistance, especially where the state can no longer provide enough protection for the taste of the lucky ones.

Traditional democratic values have been eroded to the point where most people don’t care anymore. So the loss of rights our ancestors fought for not so long ago is at first happily accepted by a majority that can easily be scared into submission. “Terrorism” is the theme of the day, others will follow. And these “themes” can and will be used to mold the western societies into something that has never been seen before : a democratically legitimated police state, ruled by an unaccountable elite with total surveillance, made efficient and largely unobtrusive by modern technology. With the enemy (immigrants, terrorists, climate catastrophe refugees, criminals, the poor, mad scientists, strange diseases) at the gates, the price that needs to be paid for “security” will look acceptable.

Cooking up the “terrorist threat” by apparently stupid foreign policy and senseless intelligence operations provides a convenient method to get through with the establishment of a democratically legitimized police state. No one cares that car accidents alone kill many more people than terrorists do. The fear of terrorism accelerates the changes in society and provides the means to get the suppression tools required for the coming waves of trouble.

What we call today “anti-terrorism measures” is the long-term planned and conscious preparation of those in power for the kind of world described above.

The Technologies of Oppression

We can imagine most of the surveillance and oppression technology rather well. Blanket CCTV coverage is reality in some cities already. Communication pattern analysis (who talks to whom at what times) is frighteningly effective. Movement pattern recording from cellphones, traffic monitoring systems, and GPS tracking is the next wave that is just beginning. Shopping records (online, credit and rebate cards) are another source of juicy data. The integration of all these data sources into automated behavior pattern analysis currently happens mostly on the dark side.

The key question for establishing an effective surveillance based police state is to keep it low-profile enough that “the ordinary citizen” feels rather protected than threatened, at least until all the pieces are in place to make it permanent. First principle of 21st century police state : All those who “have nothing to hide” should not be bothered unnecessarily. This goal becomes even more complicated as with the increased availability of information on even minor everyday infringements the “moral” pressure to prosecute will rise. Intelligence agencies have always understood that effective work with interception results requires a thorough selection between cases where it is necessary to do something and those (the majority) where it is best to just be silent and enjoy.

Police forces in general (with a few exceptions) on the other hand have the duty to act upon every crime or minor infringement they get knowledge of. Of course, they have a certain amount of discretion already. With access to all the information outlined above, we will end up with a system of selective enforcement. It is impossible to live in a complex society without violating a rule here and there from time to time, often even without noticing it. If all these violations are documented and available for prosecution, the whole fabric of society changes dramatically. The old sign for totalitarian societies - arbitrary prosecution of political enemies - becomes a reality within the framework of democratic rule-of-law states. As long as the people affected can be made looking like the enemy-”theme” of the day, the system can be used to silence opposition effectively. And at some point the switch to open automated prosecution and policing can be made as any resistance to the system is by definition “terrorism”. Development of society comes to a standstill, the rules of the law and order paradise can no longer be violated.

Now disentangling ourselves from the reality tunnel of said 60-year-old bureaucrat, where is hope for freedom, creativity and fun ? To be honest, we need to assume that it will take a couple of decades before the pendulum will swing back into the freedom direction, barring a total breakdown of civilization as we know it. Only when the oppression becomes to burdensome and open, there might be a chance to get back to overall progress of mankind earlier. If the powers that be are able to manage the system smoothly and skillfully, we cannot make any prediction as to when the new dark ages will be over.

So what now ?  ? Move to the mountains, become a gardener or carpenter, search for happiness in communities of like minded people, in isolation from the rest of the world ? The idea has lost its charm for most who ever honestly tried. It may work if you can find eternal happiness in milking cows at five o’clock in the morning. But for the rest of us, the only realistic option is to try to live in, with, and from the world as bad it has become. We need to built our own communities nonetheless, virtual or real ones. The politics & lobby game

So where to put your energy then ? Trying to play the political game, fighting against software patents, surveillance laws, and privacy invasions in parliament and the courts can be the job of a lifetime. It has the advantage that you will win a battle from time to time and can probably slow things down. You may even be able to prevent a gross atrocity here and there. But in the end, the development of technology and the panic level of the general population will chew a lot of your victories for breakfast.

This is not to discount the work and dedication of those of us who fight on this front. But you need to have a lawyers mindset and a very strong frustration tolerance to gain satisfaction from it, and that is not given to everyone. We need the lawyers nonetheless.

Talent and Ethics

Some of us sold their soul, maybe to pay the rent when the bubble bursted and the cool and morally easy jobs became scarce. They sold their head to corporations or the government to built the kind of things we knew perfectly well how to built, that we sometimes discussed as a intellectual game, never intending to make them a reality. Like surveillance infrastructure. Like software to analyze camera images in realtime for movement patterns, faces, license plates. Like data mining to combine vast amounts of information into graphs of relations and behavior. Like interception systems to record and analyze every single phone call, e-mail, click in the web. Means to track every single move of people and things.

Thinking about what can be done with the results of one’s work is one thing. Refusing to do the job because it could be to the worse of mankind is something completely different. Especially when there is no other good option to earn a living in a mentally stimulating way around. Most projects by itself were justifiable, of course. It was “not that bad” or “no real risk”. Often the excuse was “it is not technical feasible today anyway, it’s too much data to store or make sense from”. Ten years later it is feasible. For sure.

While it certainly would be better when the surveillance industry would die from lack of talent, the more realistic approach is to keep talking to those of us who sold their head. We need to generate a culture that might be compared with the sale of indulgences in the last dark ages : you may be working on the wrong side of the barricade but we would be willing to trade you private moral absolution in exchange for knowledge. Tell us what is happening there, what the capabilities are, what the plans are, which gross scandals have been hidden. To be honest, there is very little what we know about the capabilities of todays dark-side interception systems after the meanwhile slightly antiquated Echelon system had been discovered. All the new stuff that monitors the internet, the current and future use of database profiling, automated CCTV analysis, behavior pattern discovery and so on is only known in very few cases and vague outlines.

We also need to know how the intelligence agencies work today. It is of highest priority to learn how the “we rather use backdoors than waste time cracking your keys”-methods work in practice on a large scale and what backdoors have been intentionally built into or left inside our systems. Building clean systems will be rather difficult, given the multitude of options to produce a backdoor - ranging from operating system and application software to hardware and CPUs that are to complex to fully audit. Open Source does only help in theory, who has the time to really audit all the source anyway...

Of course, the risk of publishing this kind of knowledge is high, especially for those on the dark side. So we need to build structures that can lessen the risk. We need anonymous submission systems for documents, methods to clean out eventual document fingerprinting (both on paper and electronic). And, of course, we need to develop means to identify the inevitable disinformation that will also be fed through these channels to confuse us.

Building technology to preserve the options for change

We are facing a unprecedented onslaught of surveillance technology. The debate whether this may or may not reduce crime or terrorism is not relevant anymore. The de-facto impact on society can already be felt with the content mafia (aka. RIAA) demanding access to all data to preserve their dead business model. We will need to build technology to preserve the freedom of speech, the freedom of thought, the freedom of communication, there is no other long-term solution. Political barriers to total surveillance have a very limited half-life period.

The universal acceptance of electronic communication systems has been a tremendous help for political movements. It has become a bit more difficult and costly to maintain secrets for those in power. Unfortunately, the same problem applies to everybody else. So one thing that we can do to help societies progress along is to provide tools, knowledge and training for secure communications to every political and social movement that shares at least some of our ideals. We should not be too narrow here in choosing our friends, everyone who opposes centralistic power structures and is not geared towards totalitarism should be welcome. Maintaining the political breathing spaces becomes more important than what this space is used for.

Anonymity will become the most precious thing. Encrypting communications is nice and necessary but helps little as long as the communication partners are known. Traffic analysis is the most valuable intelligence tool around. Only by automatically looking at communications and movement patterns, the interesting individuals can be filtered out, those who justify the cost of detailed surveillance. Widespread implementation of anonymity technologies becomes seriously urgent, given the data retention laws that have been passed in the EU. We need opportunistic anonymity the same way we needed opportunistic encryption. Currently, every anonymization technology that has been deployed is instantly overwhelmed with file sharing content. We need solutions for that, preferably with systems that can stand the load, as anonymity loves company and more traffic means less probability of de-anonymization by all kinds of attack.

Closed user groups have already gained momentum in communities that have a heightened awareness and demand for privacy. The darker parts of the hacker community and a lot of the warez trading circles have gone “black” already. Others will follow. The technology to build real-world working closed user groups is not yet there. We have only improvised setups that work under very specific circumstances. Generic, easy to use technology to create fully encrypted closed user groups for all kinds of content with comfortable degrees of anonymity is desperately needed.

Decentralized infrastructure is the needed. The peer-to-peer networks are a good example to see what works and what not. As long as there are centralized elements they can be taken down under one pretext or another. Only true peer-to-peer systems that need as little centralized elements as possible can survive. Interestingly, tactical military networks have the same requirements. We need to borrow from them, the same way they borrow from commercial and open source technology.

Design stuff with surveillance abuse in mind is the next logical step. A lot of us are involved into designing and implementing systems that can be abused for surveillance purposes. Be it webshop systems, databases, RFID systems, communication systems, or ordinary Blog servers, we need to design things as safe as possible against later abuse of collected data or interception. Often there is considerable freedom to design within the limits of our day jobs. We need to use this freedom to build systems in a way that they collect as little data as possible, use encryption and provide anonymity as much as possible. We need to create a culture around that. A system design needs to be viewed by our peers only as “good” if it adheres to these criteria. Of course, it may be hard to sacrifice the personal power that comes with access to juicy data. But keep in mind, you will not have this job forever and whoever takes over the system is most likely not as privacy-minded as you are. Limiting the amount of data gathered on people doing everyday transactions and communication is an absolute must if you are a serious hacker. There are many good things that can be done with RFID. For instance making recycling of goods easier and more effective by storing the material composition and hints about the manufacturing process in tags attached to electronic gadgets. But to be able to harness the good potential of technologies like this, the system needs to limit or prevent the downside as much as possible, by design, not as an afterthought.

Do not compromise your friends with stupidity or ignorance will be even more essential. We are all used to the minor fuckups of encrypted mail being forwarded unencrypted, being careless about other peoples data traces or bragging with knowledge obtained in confidence. This is no longer possible. We are facing an enemy that is euphemistically called “Global Observer” in research papers. This is meant literally. You can no longer rely on information or communication being “overlooked” or “hidden in the noise”. Everything is on file. Forever. And it can and will be used against you. And your “innocent” slip-up five years back might compromise someone you like.

Keep silent and enjoy or publish immediately may become the new mantra for security researchers. Submitting security problems to the manufacturers provides the intelligence agencies with a long period in which they can and will use the problem to attack systems and implant backdoors. It is well known that backdoors are the way around encryption and that all big manufacturers have an agreement with the respective intelligence agencies of their countries to hand over valuable “0 day” exploit data as soon as they get them. During the months or even years it takes them to issue a fix, the agencies can use the 0 day and do not risk exposure. If an intrusion gets detected by accident, no one will suspect foul play, as the problem will be fixed later by the manufacturer. So if you discover problems, publish at least enough information to enable people to detect an intrusion before submitting to the manufacturer.

Most important : have fun ! The eavesdropping people must be laughed about as their job is silly, boring, and ethically the worst thing to earn money with, sort of blackmail and robbing grandmas on the street. We need to develop a “lets have fun confusing their systems”-culture that plays with the inherent imperfections, loopholes, systematic problems, and interpretation errors that are inevitable with large scale surveillance. Artists are the right company for this kind of approach. We need a subculture of “In your face, peeping tom”. Exposing surveillance in the most humiliating and degrading manner, giving people something to laugh about must be the goal. Also, this prevents us from becoming frustrated and tired. If there is no fun in beating the system, we will get tired of it and they will win. So let’s be flexible, creative and funny, not angry, ideologic and stiff-necked.

For instance, biometrics will be more widely deployed at airports for passenger processing and electronic access control, as the technology provides an opportunity to reduce labour costs while at the same time maintaining, or even potentially increasing, security capabilities.

By 2014, the European homeland security technologies market (comprising biometrics, screening, RFID, unmanned aerial vehicles (UAV) and closed circuit television (CCTV) technologies) is set to amass nearly EUR874.0 million.

Airports are expected to display significant demand for identification/authentication and screening technologies from 2005-2014. Seaports will exhibit notable uptake of screening technologies and particularly, tracking technologies. Borders will generate the lowest level of demand for screening technologies in the first half of 2005-2014. However, the overall border demand will increase in the second half of this period, spurred on by the growing importance of UAVs.

The need to improve air travel security and facilitate economical and effective air passenger processing will promote the uptake of security technologies, especially biometrics. The passage of key legislation along with standardisation efforts by industry associations are expected to provide further impetus to the biometrics market. Most EU national governments have already begun biometric procurement programmes, with companies receiving several sizeable contracts for biometric technologies.

Government receptivity is playing a central role in the more widespread implementation of biometric systems. At the same time, the establishment of standards and safeguards is supporting public awareness and acceptance of biometric technologies. Even as the biometric industry undergoes significant changes over the next ten years, manufacturers of RFID will benefit from their expanded use at European seaports.

For companies keen to leverage emergent growth opportunities in the European homeland security market, a prospective pitfall that must be avoided is to use the US homeland security experience as a template for entering the European market. The EU market is unique, in terms of both overall security requirements and security funding.

"The level of funding, the number of stakeholders, the identification of decision-makers and the selection of strategic partnerships: all these, and more, are necessary to prevent failure in this expanding market," explains Mr. Buker. "Without a true understanding of the hurdles that they need to overcome, market participants will struggle to achieve competitive success."

As the market expands, small industry participants are likely to be taken over by different types of industry participants that, in turn, are likely to be acquired by other companies that may not have existing expertise in the homeland security market, but are looking to gain a foothold in this lucrative industry.

Strategic partnerships and alliances with regional leaders will advance the prospects of potential market participants. Moreover, an in-depth understanding of the regional market along with its particular business idiosyncrasies will advance revenues in the long term.

If you are interested in a virtual brochure, which provides manufacturers, end-users, and other industry participants an overview of the latest analysis of the European Homeland Security - A Market opportunity analysis (B447), then send an e-mail to Srividhya Parthasarathy, Corporate Communications, at sparthasarathy@frost.com with the following information: your full name, company name, title, telephone number, fax number and e-mail address. Upon receipt of the above information, an overview will be sent to you via e-mail.

Background

Frost & Sullivan, a global growth consulting company, has been partnering with clients to support the development of innovative strategies for more than 40 years. The company's industry expertise integrates growth consulting, growth partnership services and corporate management training to identify and develop opportunities. Frost & Sullivan serves an extensive clientele that includes Global 1000 companies, emerging companies, and the investment community, by providing comprehensive industry coverage that reflects a unique global perspective and combines ongoing analysis of markets, technologies, econometrics, and demographics.

===================
62. Press Release - Former META Group Analyst Mike Rothman Launches Security Incite - Jan 10, 2006

Source Next Contents

New analyst firm unveils 2006 views on information security and provides businesses with thought-provoking analysis.

Source Next Contents

Under the BPA award ORC will provide certified credentialing for identity management solutions to federal, state and local governments. In connection with an agreement between ORC and Wave, Wave expects ORC to provide federal government authorized Access Certificates for Electronic Services (ACES) capability, in combination with Wave's Embassy(R) Trust Suite secure software technology for use with compliant public key infrastructures. The terms upon which Wave will participate in the project are subject to the completion of a subcontract to be entered into between Wave and ORC.

The BPA recognizes ORC as a fully operational ACES and Shared Services Provider (SSP) as well as a provider of Homeland Security Presidential Directive (HSPD-12) products and services. Further, the BPA also recognizes the ORC team as the only provider of Personnel Identity Verification (PIV) ready solutions for HSPD-12 products and services. The combined products of ORC and Wave offer HSPD-12 ready solutions for both "logical" and "physical" security.

"ORC is working with Wave to make trusted computing solutions embedded with External Certificate Authority (ECA) and ACES digital certificates available to all branches of government," said Daniel Turissini, president of ORC. "The combination of Wave's Embassy software technology integrated with ORC's Trusted Third Party services provides another tool to ensure high levels of Information Assurance technologies in the ongoing efforts to protect personal information within the federal government."

"Authenticating a computer user into a network by using methods more secure than passwords is a continuing effort for network administrators within government and enterprises," said Steven Sprague, president and CEO, Wave Systems. "With the ORC ACES BPA, government administrators will now have easy access to Class 3 PKI certificates that can be used within a Trusted Computing-based framework: a network of personal computers secured by industry standard Trusted Platform Modules and Wave's powerful and secure software technology."

jLock provides Java developers a robust, scalable solution to the fine-grain access control requirements of business applications. jLock supports the standard JAAS APIs while allowing support for ACL-list, role-based, rules-based and entitlement-based access policies. jLock also supports the ability to securely communicate and establish the login context of the original user on the server side of a distributed application. User and access policy management tools remove the burden of embedding access policy and allow policy to be developed, managed, evolved and audited without modification to the business logic.

The open source plans includes the JAAS implementation, the iLock Security Center Service and the standard edition of the jLock Administrative tools. This complete offering provides a scalable implementation of JAAS with graphical Identity Management of Users, Groups and Roles.

2AB will continue to offer and support the jLock Power Edition product. Current commercial licensees of jLock will be provided access to the source immediately. General availability of the open source version is planned before the end of 1st quarter.

About 2AB:

2AB is a provider of Access Management Solutions for Distributed Business(SM). Providing standards-based tools that make access management simple to understand and easy to use by business developers is a key goal of their access management products. 2AB's products enable customers to meet the fine-grain access control requirements of federal privacy and confidentiality legislation while maintaining consistent, auditable access control policy across an enterprise that includes diverse technology. Founded in 1997, 2AB is privately held and headquartered in Shelby County, Alabama. For more information, please see http://www.2ab.com.
==========================

65. Press Release - (Euronext Brussels) - Supercom announces the award of a tender for a biometric passport issuing and control system for a western European country  - Jan 10, 2006

"Our customers require secure authentication in a wide range of environments," said Matthew Gerber, senior vice president of product line management for Itronix. "Itronix is committed to the semi-rugged computing market and will continue to add new capabilities such as fingerprint authentication solutions to enhance the GoBook product line's security, durability and mobility."

"We are pleased to work with Itronix, which has demonstrated leadership in the rugged notebook market," said Greg Goelz, VP of marketing, UPEK. "They have innovated mobile computing by successfully delivering a notebook that meets a high level of durability, mobility and security standards."

About UPEK

UPEK, Inc., the global leader in biometric fingerprint security solutions, offers integrated end-to-end solutions including comprehensive design & integration services to the world's leading consumer and industrial products companies. UPEK solutions enable the strongest fingerprint authentication security available, packaged for high user convenience and rapid integration into existing products and network architectures.

UPEK biometric security products enable a wide range of applications including password replacement for PCs and applications, centralized management for corporate network security, secure mobile transactions, protection of portable data, identity verification for government and military applications, and physical access control.

Headquartered in Scottsdale, Ariz., NetEdge Devices will offer its TA7000 family of data collection devices as a private label solution to software application development companies, systems integration providers and value-added resellers. The TA7000 device tracks time and attendance information, which can be easily integrated into a company's human resources system including payroll. The device can also serve as the front end interface for other corporate systems, such as employee self services, enterprise resource planning (ERP), manufacturing resource planning (MRP), and security/access control.

Unlike most devices currently on the market, the TA7000 data collection series has a truly open architecture that enables OEM partners to fully control, develop and integrate their own proprietary applications into the device.

"Since we unveiled our time clock series this summer, we have received a significant amount of interest from our resellers and partners who are seeking a private label relationship," said Thomas Bednarik, president and chief executive officer of Time America. "By forming the NetEdge subsidiary, we are creating a separate focus for the TA7000 series in order to target a diversified number of prospective industries."

Jon Weiss, vice president of business development for Time America, will lead the NetEdge business alliance and OEM program. With more than 18 years of experience in marketing enterprise resource planning (ERP), and manufacturing and warehouse solutions, Mr. Weiss will be responsible for the sales of NetEdge products to the OEM channel.

Commenting on the abilities of the TA7000 series, Mr. Weiss said: "Not only does the TA7000 line meet traditional time and attendance inputs, but it also serves as a kiosk for workers without computers to access Employee Self Services such as schedules and benefit accruals via a color touch screen using fingerprint biometrics for security."

About NetEdge Devices, LLC

A wholly owned subsidiary of Time America, Inc. (OTCBB:TMAM), NetEdge Devices manufactures, markets and sells a series of technologically advanced data collection devices that increase operational efficiency and decrease cost in labor management practices within corporations and organizations. For more information on NetEdge Devices or the TA7000 terminal series, please contact Jon Weiss at jonw@netedgedevices.com or visit the Company website at www.netedgedevices.com.

About Time America, Inc.

Time America, Inc. has been a leader in providing innovative workforce management since 1988. Our software and data collection solutions enable companies to transform employee time and labor data into information that improves payroll processing and workforce productivity. The Deloitte Technology Fast 500 has honored Time America as one of the 500 fastest growing technology companies in North America. For more information, please visit the Time America Web site at www.timeamerica.com.

THE Edinburgh branch of the British Computer Society is to host a debate on the technologies behind the Government's plans for identity cards.

The trade-off between security and privacy as a result of new biometric technology - which identifies features particular to an individual - will be explored by speaker Gavan Duffy, of IT firm The Generics Group.

The talk takes place at the Royal Pharmaceutical Society on York Place at 6.30pm tomorrow.