2 posts from November 2008

12-Year-Old’s a Food Critic, and the Chef Loves It

Michael Appleton for The New York Times

David Fishman, on a subsequent visit to the Salumeria Rosi, trying the offerings at the restaurant on the Upper West Side. “Good variety,” he wrote.


By SUSAN DOMINUS - The New York Times
Published: November 16, 2008

Everyone’s a critic, and apparently it’s never too soon to start.

That’s why David Fishman, an Upper West Sider who turned 12 last month, decided to take himself out for dinner one night last week. His parents had called him at home to say they were running late, suggesting that he grab some takeout at the usual hummus place.

Hummus, again? David thought he could do better than that.

He had recently passed by the newly opened Salumeria Rosi, a few blocks from his home, and had been intrigued by the reflective black back wall, the cuts of dried pork hanging from the ceiling, the little jars of cured olives and artichokes adorning the walls. If it was O.K. with his mom (and it turned out it was), he wanted to try that instead.

David aspires to be a food critic — he has some vague notion that he could make a living writing for the Zagat guides — and the new Italian spot on Amsterdam Avenue near 73rd Street seemed worthy of investigation.

That night, Tuesday, turned out to be one of the first that the restaurant was open to the public. David requested a menu, which the hostess handed him, and decided that it was within his budget ($25). Then he asked for a table for one and waited to see what she’d say. A year before, he had been turned away from a half-empty restaurant in Montauk and told that it did not serve children unaccompanied by adults. “I was angry, but I didn’t show it,” he said. “What can you do?”

Grown-up or not, tables were hard to come by that evening — every seat was booked, mostly by friends of the chef and owner, Cesare Casella, the Tuscan impresario behind Maremma in the West Village. Even a boldfaced name dropped by (Tony Danza, who, to the David Fishmans of the world, is just another old fogy). But the hostess decided to squeeze in the Salumeria’s first unaccompanied customer under 4 feet 8, as long as he promised to be out by 8 p.m. It was a deal.

Nobody at the restaurant seemed terribly impressed by Tony Danza, but David Fishman — now that was something. People tried not to stare, but couldn’t help themselves. Where were his parents? Was he enjoying the food? Cash or credit?

Normally passionate for seafood, David ordered a specialty of the restaurant, a prosciutto, as well as what the menu called una insalata di rucola e parmigiano. “Good variety,” he wrote in the leather-bound notebook he brought along, restaurant-critic-like. “Softish jazz music. Seem to enjoy kids but not overly.” In other words, no cloying smiles or insulting offer of grilled cheese.

An Australian couple seated beside him struck up a conversation — he had no idea how much the financial collapse here was affecting the Australian dollar! — and a young couple on the other side of his table insisted, against his polite but firm protestations, on buying him a chocolate mousse. In turn, he recommended that they try the arugula salad.

The kitchen workers were so intrigued by the young adventurous eater that they sent out a bowl of complimentary tripe stew, which he enjoyed, although, he allowed, “It wasn’t my favorite.” He was a little surprised to learn, subsequently, that tripe was prepared stomach lining. His eyes went wide. “Intestines of what?” he asked. (Somehow, that seemed to matter.)

Food is David’s life — well, food and swimming and volunteering and student council and green rooftops (his school, Fieldston, has one). But he really likes food. At 6, he won a competition at the Crumbs Bakery for the best new cupcake concept (David’s Peppermint Patty Cupcake). As a prize, he got a free cupcake every Wednesday for a year — and then, even though he wasn’t technically supposed to, for more than a year after that. Sadly, eventually all the people who worked there were replaced. “Now they don’t know anything about it,” he said.

BUT the young foodie has cultivated a new fan in Chef Casella, a burly man who generally tours his restaurants with a trademark sprig of herb in his pocket. Mr. Casella came over the evening of David’s big night out to extend a greeting, and sent him home with a gift of fine hazelnut spread. Though David was disappointed that the restaurant did not serve gelato, he got points with Mr. Casella for knowing a little something about Italian cuisine.

“He reminded me of me, when I was younger,” said Mr. Casella, who used to drive all over Europe by himself to try the best restaurants. “He is so cool, though — more confident than I am when I eat out by myself.”

Mr. Casella likewise made an impression on David. “He looked like a real meat guy,” David said. Like a butcher? “Like a butcher-slash-guy who would eat a lot of meat,” he clarified.

As independent as David is, he is not allowed to walk around much after dark by himself, so his mom swung by the restaurant to pick him up when he called. Once home, he wrote up the review, Zagat-style, in his private journal, giving the restaurant a 24 out of 25 for food, and a 23 out of 25 for décor.

“As I left,” he wrote, “I knew that soon enough this would be one of the most ‘hip’ places in the city.” If there was a weak spot, it was the service, in his opinion: 21 out of 25. In his notes, David remarked that the bread service was a little slow.

“I agree,” the chef said when presented with the critique. “We’re working on it.”




Post a comment Tags: food, well done, good lad

Host of Internet Spam Groups Is Cut Off

Spam Drops After Internet Providers Disconnect a California Hosting Firm
By Brian Krebs
washingtonpost.com Staff Writer
Wednesday, November 12, 2008

The volume of junk e-mail sent worldwide dropped drastically today after a Web hosting firm identified by the computer security community as a major host of organizations allegedly engaged in spam activity was taken offline, according to security firms that monitor spam distribution online.

While its gleaming, state-of-the-art, 30-story office tower in downtown San Jose, California hardly looks like the staging ground for what could be called a full-scale cyber crime offensive, security experts have found that a relatively small firm at that location is home to servers that serve as a gateway for a significant portion of the world's junk e-mail.

The servers are operated by McColo Corp, which these experts say has emerged as a major U.S. hosting service for international firms and syndicates that are involved in everything from the remote management of millions of compromised computers to the sale of counterfeit pharmaceuticals and designer goods, fake security products and child pornography via email.

The company's web site was not accessible today, when two Internet providers cut off MoColo's connectivity to the Internet, security experts said. Immediately after McColo was unplugged, security companies charted a precipitous drop in spam volumes worldwide. E-mail security firm IronPort said spam levels fell by roughly 66 percent as of Tuesday evening.

Spamcop.net, another spam watch dog, found a similar decline, from about 40 spam e-mails per second to around 10 per second.  (See their graphic representation here.)

Officials from McColo did not respond to multiple e-mails, phone calls and instant messages left at the contact points listed on the company's Web site. It's not clear what, if anything, U.S. law enforcement is doing about McColo's alleged involvement in the delivery of spam. An FBI spokesman declined to offer a comment for this story. The U.S. Secret Service could not be immediately reached for comment.

Also unclear is the extent to which McColo could be held legally responsible for the activities of the clients for whom it provides hosting services. There is no evidence that McColo has been charged with any crime, and these activities may not violate the law.

Mark Rasch, a former cyber crime prosecutor for the Justice Department and managing director of FTI Consulting in Washington, DC said Web hosting providers are generally not liable for illegal activity carried out on their networks, except in cases involving copyright violations and child pornography.

In the case of child pornography, providers may be held criminally liable if they know about but do nothing to eliminate such content from their servers. For example, in 2001, BuffNET, a large regional service provider in Buffalo, N .Y., pleaded guilty to knowingly providing access to child pornography because the company failed to remove offending Web pages after being alerted to the material.

Rasch said liability in such cases generally hinges on whether the hosting provider is aware of or reasonably should have been aware of the infringing content.

"It's a little bit like a landlord who owns a building and sees people coming in and out of the apartment complex constantly at all hours and not suspecting their may be drug activity going on," Rasch said. "There are certain things that raise red flags, such as the nature, volume, source and destination of the Internet traffic, that can and should raise red flags. And to have so many third parties looking at the volume and content from this Internet provider saying 'This is outrageous,' clearly the people doing the hosting should know that as well."

Global Crossing, a Bermuda-based company with U.S. operations in New Jersey, which was one of the two companies providing Internet connectivity to McColo, declined to discuss the matter, except to say that Global Crossing communicates and cooperates fully with law enforcement, their peers, and security researchers to address malicious activity.

Benny Ng, director of marketing for Hurricane Electric, a Fremont, California company that was the other major Internet provider for McColo, took a much stronger public stance upon receiving information about this investigation from washingtonpost.com.

"We shut them down," Ng said. "We looked into it a bit, saw the size and scope of the problem [washingtonpost.com was] reporting and said 'Holy cow!' Within the hour we had terminated all of our connections to them."

Paul Ferguson, a threat researcher with computer security firm Trend Micro, said despite the apparently unilateral actions by McColo's Internet providers, his opinion is that U.S. authorities should have been examining McColo and its customers for a long time.

"There is damning evidence that [McColo's] activity (allegedly hosting purveyors of spam) has been going on there for way too long, and plenty of people in the security community have gone out of their way to raise awareness about this network, but nobody seems to care," Ferguson said.

Multiple security researchers have recently published data naming McColo as the host for all of the top robot networks or "botnets," which are vast collections of hacked computers that are networked together to blast out spam or attack others online. These include SecureWorks, FireEye and ThreatExpert.

Reports by Joe Stewart, director of malware research for Atlanta-based SecureWorks, said that these known botnets: Mega-D, Srizbi, Pushdo, Rustock and Warezov, "have their master servers hosted at McColo."

Stewart said he has complained to McColo several times about botnets operating out of the company's servers, and each time, he said, the company claimed it was addressing the problem. But according to Stewart, they did so by just moving the offending Web sites to a different section of their network.

"McColo runs a service that offers its clients quite a bit more protection from takedowns than the average Web host," Stewart said. "If they get abuse complaints they will try to appease whoever is complaining, but the end result is usually they just end up moving their Internet addresses around."

Collectively, these botnets appear to be responsible for sending roughly 75 percent of all spam each day, according to the latest stats from Marshal, a security company in the United Kingdom that tracks botnet activity.

Vincent Hanna, a researcher for the anti-spam group Spamhaus.org, said Spamhaus sees roughly 1.5 million computers infected with either Srizbi or Rustock sending spam over an average one-week timeframe.

Hanna said McColo has for years hosted botnet and other suspicious activity, and that it has a reputation as one of the most dependable players in the so-called "bulletproof hosting" business, which are Web servers that will remain online regardless of complaints.

"These are serious issues, almost all relating to the very core of spammer infrastructure," he said.

Researchers have found that on any given day, about half of all spam sent through the top botnets are ads for male enhancement products and other knockoff designer drugs, with a fair number of the online pharmacy sites linked in spam messages that were hosted at McColo.

Last month, the Federal Trade Commission convinced a U.S. district court to seize the assets of an international spam network selling counterfeit prescription drugs, a network Spamhaus identified as the largest "spam gang" in the world. The spammers allegedly used the Mega-D botnet, which is capable of sending 10 billion e-mail messages each day.

Jart Armin, a private security researcher who documented the activity at McColo in a report published today, said McColo is currently hosting at least 40 different child pornography Web sites or sites that collect payment for the illicit content -- and that traffic analysis showed that one of the sites garnered between 15,000 and 25,000 visitors each day.

Ian Amit, director of security research for Aladdin Knowledge Systems, an Israeli security intelligence firm, said cyber criminals have for many months used servers at McColo to manage Web sites that push out new versions of the "Torpig," or "Sinowal" Trojan horse program, which is widely considered one of the stealthiest and most sophisticated families of malicious software in existence today.

In October, RSA FraudAction Research Lab learned a single cyber crime group has used the Torpig Trojan to steal more than a half million bank, credit and debit card accounts from infected PCs over the past two-and-a-half years.

Amit said he found that recent Torpig attacks were being coordinated out of a Web server in Florida, which in turn was controlled by a VPN server running at McColo. Aladdin's findings were mirrored by those of researchers at iDefense, a security firm in Sterling, Virginia.

"We traced back the management connections, and found that the criminals were logged into the attack server in Florida using connections from McColo," Amit said.

Over the past year, media attention paid to Internet service providers and hosting companies that were profiting from cyber crime activity forced two of the most notorious networks underground or off the Web entirely.

Late last year, stories published by washingtonpost.com and elsewhere about criminal activity and child pornography at the St. Petersburg based Russian Business Network (RBN) caused the hosting company's upstream Internet providers to cease routing traffic for the company. The same thing happened in September, when upstream Internet providers pulled the plug on Northern California based Intercage following media reports about the level of cyber-crime activity emanating from its network.

But some security experts worry that if major Internet providers similarly shun McColo, it will only make the criminals and their activities harder to track and to block. Stewart, of SecureWorks, notes that in the case of the RBN, the company's clients didn't really go away, but instead simply dispersed their operations to less concentrated areas of the Internet.

"Everything will just be more spread out and harder to mitigate," Stewart said. "We rather like knowing where the bad activity is coming from, so protecting our networks is easier."

Jon Praed, founder of the Internet Law Group in Arlington, Virginia., and an attorney who has pursued spammers in cases filed by some of the nation's largest ISPs, said many security companies do not want safe havens to go away because it merely forces those companies to work harder to find the cyber-crime intelligence that powers their businesses. What's more, he said, if enough Internet providers begin severing ties with known sources of illegal activity, the cyber-criminal groups will be increasingly forced into a smaller number of areas on the Internet, ultimately increasing their costs and making them easier to isolate, identify and block.

"Good network providers are going to have to step up and separate themselves from these providers who are increasingly depedent on criminal operations," Praed said. "The fact that McColo, a virtual den of iniquity, is able to survive into 2008 in the United States is a willful sign that we haven't yet begun the job of driving these operations to places where we can begin to curtail their existence."

Post a comment Tags: spam, internets