Week in review: Tech loses a loved one

The gadget world lost one of its most visible and respected journalists this week with the death of James Kim.

Kim, a senior editor at CNET, was found dead Wednesday after being lost in a remote part of southern Oregon for 11 days. An autopsy determined that Kim died of exposure with hypothermia.

Kim left his family's stranded car Saturday morning searching for help and never returned. He apparently traveled in a 10-mile circle and was found less than a mile, separated by a sheer cliff, from where his family's station wagon got stuck in the snow. Officers said there was no way to determine whether he was trying to return to his starting point or if he became disoriented.

Kim's wife and two young daughters were found alive and well Monday after surviving more than a week stranded in the wilderness. Kati Kim suffered frostbite on two toes, but will not lose those toes.

More than 100 individuals were involved with the search, which was focused on the Big Windy Creek drainage area, about 30 miles northwest of Grants Pass. At various times, efforts involved helicopters, rafts floating down the Rogue River, Sno-Cats, four-wheel-drive vehicles and dozens of searchers on foot.

"I am choked up. This is a very sad story about a great man. My heart is with his family and him."
-- CNET News.com reader

A commercial satellite-imagery company even rerouted one of its satellites to fly over the Oregon wilderness where rescue crews were searching for Kim.

Kim was a respected expert on cutting-edge digital devices, an owner of a trendy clothing store and a lover of the futuristic-sounding music known as electronica.

Yet, according to friends, most of Kim's life revolved around old-fashioned values: sacrifice, friendship and family. Those who knew him say they aren't surprised that Kim, in the last act of his life, demonstrated the ultimate expression of devotion to his wife and daughters.

The outpouring of concern and condolences for the family set records for the number of postings to the CNET News.com TalkBack forum.

"I am choked up. This is a very sad story about a great man," wrote one reader to the forum. "My heart is with his family and him."

CNET News.com has created a page for those wishing to share their thoughts and condolences with the Kim family.

The search for the Kim family illustrates how important cell phone technology has become as a public safety tool. While other technologies such as global positioning system, or GPS, navigation may help people find their way out of trouble, it does little to help when people are stranded on the side of the road like the Kims were.

Tracking devices that send beacons to rescuers could be helpful, but they are used mostly by wilderness backpackers and backcountry skiers. Few people carry them on road trips. And even though satellite-based tracking technology exists, even fewer people are likely to consent to having their whereabouts tracked on a daily basis in the off chance that they might get lost on a backcountry road.

A little privacy
Cell phones can also be used to spy on you. The FBI appears to have begun using a novel form of electronic surveillance in criminal investigations: remotely activating a mobile phone's microphone and using it to eavesdrop on nearby conversations.

The technique is called a "roving bug," and was approved by top U.S. Department of Justice officials for use against members of a New York organized crime family who were wary of conventional surveillance techniques such as tailing a suspect or wiretapping him.

Nextel cell phones owned by two alleged mobsters, John Ardito and his attorney, Peter Peluso, were used by the FBI to listen in on nearby conversations. The surveillance technique came to light in an opinion published this week by U.S. District Judge Lewis Kaplan. He ruled that the "roving bug" was legal because federal wiretapping law is broad enough to permit eavesdropping even on conversations that take place near a suspect's cell phone.

In another spying case, the California Attorney General's Office said Hewlett-Packard will pay $14.5 million to settle civil complaints related to the company's now infamous spy scandal. As part of the settlement, which was first reported by CNET News.com on Wednesday, HP will "finance a new law enforcement fund to fight violations of privacy and intellectual property rights" and adopt corporate governance reforms.

Attorney General Bill Lockyer said that the new fund will help ensure that when businesses cross the legal line they will be held accountable. He also applauded the company.

The case is separate from the felony criminal charges that have been brought against five individuals involved in HP's spying campaign.

Before politicians go home for the year at the end of the week, the U.S. Senate may vote to generally prohibit telephone "pretexting," the stealthy and usually fraudulent investigative technique made famous by the HP spying campaign.

U.S. Senate Majority Leader Bill Frist is using a procedure known as "hotlining," which would allow an already approved House of Representatives bill targeting pretexting to clear the Senate without debate and head to the president's desk to be signed into law. If no senators raise objections, the bill could be added to the Senate calendar and approved with a batch of other noncontentious items as soon as Thursday, a Republican leadership aide said.

Fixing a hole
A malicious video on MySpace.com pages changes people's profiles when played, embeds itself and adds links to fraudulent Web sites. The video is a rigged QuickTime file that exploits a MySpace vulnerability and support for JavaScript in Apple Computer's embedded media player, Web security firm Websense said in an alert.

When played by a MySpace user, the video adds itself to the user's MySpace page and replaces the links on the user's profile with links to phishing Web sites, Websense said. Phishing sites are fraudulent sites that attempt to trick people into giving up sensitive information such as log-in credentials.

MySpace wants Apple to update its QuickTime media player software so it can't be used in attacks on the social-networking site. Apple is working on a QuickTime fix, but has a temporary solution available Tuesday, company spokeswoman Lynn Fox said in an e-mail.

Meanwhile, a yet-to-be-patched security hole in multiple versions of Word is being exploited in cyberattacks. The attacks are "limited," according to a Microsoft security advisory. The software maker said it is developing a security update that addresses the vulnerability.

The vulnerability is similar to previous so-called zero-day flaws that have hit Office applications in recent months. An attacker could rig a Word file in such a way that he would gain complete control over a vulnerable PC when the file is opened, Microsoft said in its advisory

For those who want to stay informed of zero-day flaws, eEye Digital Security has launched a Web site that tracks publicly released security bugs that don't have an official patch.

Also of note
Yahoo's chief operating officer and the head of its entertainment group are leaving as part of a major reorganization...A seemingly phantom White House panel charged with overseeing privacy and civil-liberties issues made its public debut, but it didn't quite receive the warm welcome it may have liked...Microsoft says it expects to sell more than 1 million Zune music players by the end of June.