by Constantine von Hoffman

When Nerds Strike Back: Geeks Vote Out SOPA Supporters

Opinion
Nov 08, 20125 mins
CybercrimePrivacySecurity

Three members of Congress who supported the much-maligned privacy act lost in the last election, while a candidate attacked for playing World of Warcraft won -- likely because of that attack. Also a roundup of other IT security stories from the past week.

Three members of Congress – all from California — who supported the much-derided SOPA anti-piracy bill lost their seats this week.

Mary Bono Mack, a Republican, lost to Democrat Raul Ruiz. Mack entered congress when she was appointed to finish the term of her late husband, Rep. Sony Bono (a very underappreciated songwriter, FYI). Ms. Bono had previously earned the enmity of the Geek-Americans when she successfully led the fight to pass the Sonny Bono Copyright Extension Act. The bill, also known as the Disney Will Do Anything Not To Let Go of Mickey Act, retroactively extended copyright terms by 20 years, ensuring that no new works would fall into the public domain before 2018.

Rep. Howard Berman (D-CA) lost to another SOPA supporter Rep. Brad Sherman (D-CA). The two fought a vote to the death thanks to California’s “open primary” system in which all candidates compete in a single primary with the top two going on to the general election, regardless of party. Berman and Sherman — great name for a comedy act — had to go mano-a-mano because of redistricting.

The third Representative to be defeated was Joe Baca (D-CA), a seven-term congressman. He was whupped by another Democrat, State Senator Negrete McLeod, by a 56 percent to 44 percent margin. Sadly, I used up all the amusing comments about this sort of thing in the previous paragraphs.

One other race was shaped by a get out the Nerd effort this year. That was the showdown for a Maine state senate seat between Democrat Colleen Lachowicz and incumbent GOP Sen. Tom Martin. Lachowicz, as I’m sure you recall, is the first openly Orc person ever elected to office in the U.S.

The Maine GOP – without Sen. Martin’s approval — decided to make an issue of Lachowicz’s identity during the race. They brought up her part-time work as an assassin in World of Warcraft and some of the saltier things she had said in the course of her work in an attempt to besmirch her. All it did was strengthen her.

As Bangor Daily News writer Undercover Porcupine noted:

To Senator Martin’s credit, he refused to touch the low personal attacks and wished to remain strictly on the issues. By sticking on the high road, this enough should have saved him. The negative campaigning by his party however, didn’t help. Not that it necessarily crippled him, but it strengthened his opponent greatly.

So let this be a warning if you are running for office: Do not slight the nerdish ones. Don’t forget they played a pivotal role in the downfall of Sen. John McCain in the ’08 election. One of McCain’s aides made the mistake of dismissively referring to “the pro-Obama Dungeons & Dragons crowd.” There was no saving throw for the senator’s campaign after that.

Also in the news this week:

Researcher finds critical vulnerabilities in Sophos antivirus product

(NetworkWorld) Security researcher Tavis Ormandy discovered critical vulnerabilities in the antivirus product developed by U.K.-based security firm Sophos and advised organizations to avoid using the product on critical systems unless the vendor improves its product development, quality assurance and security response practices. Ormandy, who works as an information security engineer at Google, disclosed details about the vulnerabilities he found in a research paper entitled “Sophail: Applied attacks against Sophos Antivirus” that was published on Monday. Ormandy noted that the research was performed in his spare time and that the views expressed in the paper are his own and not those of his employer.

Siemens Industrial Software Targeted By Stuxnet is Still Full of Holes

(CIO) Software made by Siemens and targeted by the Stuxnet malware is still full of other dangerous vulnerabilities, according to Russian researchers whose presentation at the Defcon security conference earlier this year was cancelled following a request from the company.

Experts Warn of Zero-Day Exploit for Adobe Reader

(KrebsOnSecurity) Software vendor Adobe says it is investigating claims that instructions for exploiting a previously unknown critical security hole in the latest versions of its widely-used PDF Reader software are being sold in the cybercriminal underground. The finding comes from malware analysts at Moscow-based forensics firm Group-IB, who say they’ve discovered that a new exploit capable of compromising the security of computers running Adobe X and XI  (Adobe Reader 10 and 11) is being sold in the underground for up to $50,000.

Gaping hole in Google service exposes thousands to ID theft

 (TheRegister) A security flaw accessible via Google’s UK motor insurance aggregator Google Compare has potentially exposed vast numbers of drivers to identity theft. The vulnerability, the existence of which has been verified by The Register, made it possible for comprehensive personal details – including names, addresses, phone numbers and job – to be harvested at will.

Smart meters not so clever about privacy, researchers find

(NetworkWorld) Researchers at the University of South Carolina have discovered that some types of electricity meter are broadcasting unencrypted information that, with the right software, would enable eavesdroppers to determine whether you’re at home. The meters, called AMR (automatic meter reading) in the utility industry, are a first-generation smart meter technology and they are installed in one third of American homes and businesses. 

Vupen claims ‘remote code execution’ on Windows 8

(NetworkWorld) Vupen, a security company in the business of selling zero-day vulnerabilities, said Friday that it has found a way to bypass security mechanisms on Windows 8 and execute code via a Web page. Vupen Chief Executive Chaouki Bekrar said in an email that the company’s researchers had found “multiple vulnerabilities” in Windows 8 and Internet Explorer 10, the latest version of Microsoft’s operating system and Web browser.