(A Javascript-enabled browser is required to email me.)
TBTF logo

TBTF for 1997-03-09: Power grab in namespace

Keith Dawson (dawson dot tbtf at gmail dot com)
Sun, 9 Mar 1997 18:02:04 -0500


Threads Domain name policy
See also TBTF for
2000-04-19, 03-31, 1999-12-16, 10-05, 08-30, 08-16, 07-26, 07-19, 07-08, 06-14, 05-22, more...

Power grab in namespace

An outfit calling itself the Enhanced Domain Name System met in Atlanta and decided to challenge the IANA directly for the stewardship of Internet namespace. The eDNS's chairman, Karl Denninger <karl at mcs dot net>, then sent letters to the chairmen of the IAHC and the IANA suggesting that both organizations apply for the status of Registration Authorities under eDNS.

The organization proposes to propogate an alternate domain-name service, with the root servers run by itself instead of by IANA. There would be less mechanism and red tape for ISPs who want to issue and develop new top-level domains. A total of six ISPs to date have come out in support of the plan, out of the many thousands worldwide. Another supporter is Image Online Design, the company that recently sued IAHC and IANA over the .web domain [1]. If eDNS gains wide support, the result will be a schism of the Internet's name space. In the worst case identical names could be issued by registries on each side of the divide; users would be able to get to some addresses, but not others, depending on which root DNS their ISP consulted.

See the eDNS home page [2] for details on their point of view. Yahoo carried an eDNS press release [3] apparently verbatim. This TechWire page [4] provides a more balanced view. Beyond these pieces press coverage has been slim to nonexistant. Controversy over eDNS has been boiling furiously for weeks in newsgroups and on the IAHC's discussion list -- for example, this archive [5] lists 750 messages since the first of March.

Neither the IAHC nor the IANA has made any public response to the eDNS push. I called IAHC member Dave Crocker <dcrocker at imc dot org> to ask why. He responded "We've been focusing on doing our job. The fact that some people wish independently to do a similar job is unfortunate but seems to me best left outside of our concern. The marketplace will decide." Crocker said he is quite pleased with the technical quality of the work the IAHC has managed to do, on a volunteer basis and under tight time constraints. He added, "Many people don't perceive the complexity of the problems, so to them [our plans] might look overblown" and the simpler-seeming eDNS scheme might appeal.

Thanks to Marcia Blake <mblake at optocomm dot com> who first alerted me to eDNS.

[1] <http://www.tbtf.com/archive/1997-03-01.html>
[2] <http://www.edns.net/>
[3] <http://biz.yahoo.com/bw/97/03/04/y0007_y00_15.html>
[4] <>
[5] <http://www.iahc.org/iahc-discuss/mail-archive/>


Threads Microsoft security bugs and exploits
See also TBTF for
1999-08-30, 1998-02-02, 01-26, 01-19, 1997-11-17, 11-10, 10-20, 08-11, 06-23, 05-22, 05-08, more...

Microsoft scrambles to close loopholes in software and image

In the last week three students at three American universities discovered three serious security loopholes in Microsoft Internet and desktop software, and, after contacting Microsoft, published three similar Web pages to spread the word and to cement credit for their finds. In each case the bug was discovered by a single student, who then enlisted friends to investigate it and publish the findings.

Discoverer DateSchoolMSIE versionWin95?WinNT?
[6] Paul Greene 2/27 WPI 3.0, 3.01 yes 4.0
[7] David Ross 3/4 UMD 3.0, 3.01, 3.01a no 4.0 with
SP 1 or 2
[8] Chris Rioux 3/7 MIT 3.01 yes no
Note added 1997-06-06: See this table for a summary of all Microsoft security exploits covered by TBTF in 1997.

Microsoft now has a patch [9] available for download that fixes all three bugs.

The WPI bug [6] (also called Cybersnot, after the domain name at which it was published) exploits the surprising fact that a remote machine can directly access and run Windows "Shortcuts" -- .LNK or .URL files. This bug is the most widely dangerous of the three. The second bug [7], called UMD, as demonstrated requires the user to double-click on an icon imbedded in a Web page; this action can run a program on the client machine. Machines in networks behind firewalls are not vulnerable, so the bug affects far fewer machines than the original one. The MIT bug [8] uses .ISP files, yet another flavor of automatically executable objects in the Microsoft environment, this one intended to help users sign up for Internet service. (Per- haps characteristicly, the MIT page sniffs at the weak "exploit" examples developed by UMD.)

When Microsoft first posted a patch to the WPI bug, an Israeli computer security / antivirus company, EliaShim, saw an opportunity to add value (and get lots of publicity and names for their database). The effect of the Microsoft patch is to warn the user if s/he is about to download a Shortcut. EliaShim has posted a stronger patch that unilaterally prevents the download of a Shortcut. (You can download the patch, called IE-SAFE, here [10] -- but note that EliaShim collects contact information from you before letting you download, a move I consider borderline sleazy.) EliaShim claims that the bug affects not only IE, but also Microsoft's Internet Mail and Internet News applications running on Win 95 and Win NT, a claim which Microsoft doesn't quite deny.

A blizzard of news coverage followed the first bug's announcement: by the morning of 3/4 the story had spread from seven Net news organizations to page 1 of the New York Times, above the fold. Coverage has tailed off rapidly with the drumbeat of new discoveries; the news value of "more of the same" has a perilously short half-life. This is a shame, because the real story is in the pattern. As the UMD discoverer David Ross noted, these bugs all result from the expedited push to integrate the Internet Explorer with the traditional Microsoft desktop. The desktop was designed to be private. Networks aren't private.

[6] <http://www.cybersnot.com/iebug.html>
[7] <http://dec.dorm.umd.edu/iebug.html>
[8] <http://web.mit.edu/crioux/www/ie/index.html>
[9] <http://www.microsoft.com/ie/security/update.htm>
[10] <http://www.eliashim.com/files2.html>


Hackers hit NASA

On Wednesday 3/5, for 30 minutes NASA's home page [11] lookled a mite peculiar. In fact it looked like this [12]. Hackers calling themselves "HAGIS" (also "H4G1S") demanded the release of several well-known imprisoned hackers and threatened an electronic terrorist attack against corporate America. NASA took their server offline for half a day to restore and secure the site.

Thanks to Dan Kohn <dan at teledesic dot com> for the URL [12].

[11] <http://www.nasa.gov/>
[12] <http://www.cdc.net/~x/nasa/nasa.html>


Microsoft buys Intersé

Practicing its penchant for acquiring best-of-breed Internet companies, Microsoft has bought data-mining pioneer Intersé (press release at [13], news at [14]). Intersé's Market Focus website analysis software will be integrated with Microsoft's BackOffice suite. Intersé's people will join the Microsoft internet services business unit, but the press release doesn't say whether they will relocate. Intersé is headquartered in Sunnyvale, CA. I hope Intersé carries on with some form of its Web Trends page [15], a touchstone of browser-wars market share. Note: if your browser is configured to ask you before it accepts a cookie, as mine is, be aware that the Intersé site is a world-class cookie dispenser. You'd expect that, right?

[13] <http://www.microsoft.com/corpinfo/press/1997/Mar97/interspr.htm>
[14] <http://www.news.com/News/Item/0%2C4%2C8430%2C00.html>
[15] <http://www.interse.com/webtrends/>


Threads Quantum computers and quantum physics
See also TBTF for
1999-10-05, 01-04, 1998-11-03, 10-27, 09-14, 03-09, 03-02, 02-23, 1997-11-24, 09-15, 05-22, more...

Hot and cold running randomness

Perhaps for the first time, anyone with an Internet connection can tap a source of true randomness. The creator of HotBits [16], John Walker <kelvin at fourmilab dot ch>, describes it as

an Internet resource that brings genuine random numbers, gen-
erated by a process fundamentally governed by the inherent
uncertainty in the quantum mechanical laws of nature, directly
to your computer... HotBits are generated by timing successive
pairs of radioactive decays... You order up your serving of
HotBits by filling out a [Web] request form... the HotBits
server flashes the random bytes back to you over the Web.
Walker modified an off-the-shelf radiation detector to interface to a PC-compatible serial port, and ran a cable three floors down from his office to a converted 70,000-litre subterranean water cistern with metre-thick concrete walls, where the detector nestles with a 60-microcurie Krypton-85 radiation source.

If you're in the mood for an anti-Microsoft rant of uncommon eloquence, Walker can supply that too [17].

Thanks to Keith Bostic <bostic at bostic dot com> for the word on this delightful service.

[16] <http://www.fourmilab.ch/hotbits/>
[17] <http://www.fourmilab.ch/hotbits/source/hotbits-c.html>


Followup: latency, part 2

TBTF for 1997-03-01 [18]

Here, again from the TidBITS newsletter, is part 2 [19] of Stuart Cheshire's <cheshire at cs dot stanford dot edu> essay on the effects of latency in communication networks. This part explores how bandwidth can be used more efficiently and how it affects a connection's overall latency. These articles were adapted from Cheshire's white paper [20] "Latency and the Quest for Interactivity," commissioned by Volpe Welty Asset Management, L.L.C.

[18] <http://www.tbtf.com/archive/1997-03-01.html>
[19] <http://www.tidbits.com/tb-issues/TidBITS-368.html#lnk4>
[20] <http://rescomp.stanford.edu/~cheshire/papers/LatencyQuest.html>


Threads Open source software and the Linux OS
See also TBTF for
1999-08-16, 05-22, 03-26, 02-15, 02-01, 1998-11-17, 11-11, 11-03, 10-27, 10-12, 08-31, more...

Linus moves ten time zones west

Or is that fourteen east? Linus Tovalds, the creator of Linux, has left his native Finland for Santa Clara, CA, where he will join a start-up chip design company called Transmeta. (They have a domain name but not yet a Web page.)


Jargon Scout: idsurfing

Jargon Scout is an irregular TBTF feature that exposes and proposes terminology that is on the cusp of being born into the Net's lexicon.

By now you may have heard the term egosurfing, which appeared in Wired's Jargon Watch column some months ago. Egosurfing is the act of feeding your own name to the search engines and visiting the resulting hits. I'd like to propose a related term that rises from a deeper stratum. Idsurfing is the practice of pulling search-engine hits from your own Web site's referrer log file and feeding the successful query strings to a browser. In its aggrevated form, which we can call extreme idsurfing, you watch the log with the Unix command tail -f and backtrack your visitors' clickstreams in real time. Don't have immediate access to your logs? Then pay a visit to Magellan's Search Voyeur page [21], which displays a random selection of the strings the search engine's visitors feed it, refreshed every 20 seconds. (What a great venue for changing advertising.) You can click on a string that interests you to reissue the same search for yourself.

[21] <http://voyeur.mckinley.com/voyeur.cgi>


Threads Email spam and antispam tactics
See also TBTF for
2000-07-20, 1999-07-19, 1998-11-17, 07-27, 03-30, 02-09, 01-12, 1997-11-24, 10-20, 09-29, 09-22, more...


Spam is about to get more annoying. This harbinger from Lloyd Wood <L.Wood at ieee dot org> was carried on Glen McCready's 0xdeadbeef mailing list.

It's the first multi-lingual european junk mail I've ever
received; so personalised they're hoping that you at least
speak one of the languages in their email.

Once the hip-to-the-net-compared-to-much-of-the-rest-of-Europe
Netherlanders and the French start using spamming programs,
I'm looking forward to seeing the entire email-using popula-
tion of the north american continent being spammed with junk-
mail for services they don't want in countries they've never
heard of, written in languages they can't even read.

Revenge will be so sweet.

As a special favor to the spammers, I have placed their message [22] on the TBTF archive without permission.

[22] <http://www.tbtf.com/resource/eurospam.html>


bul The Siliconia page was named a Tech 10 site for March 1997. The Tech 10, sponsored by the Tech Museum of Innovation in Silicon Valley, is "a Web site for students, teachers, members and parents to get monthly reviews for the 10 best technology sites of the Web." Winners must be "focused on technology and innovation, relevant and understandable to a middle-school audience, and fun and engaging." Hey, thanks. If you visit their page <http://www.thetech.org/hyper/tech10/>, note that it loads a total footprint of 194K, which will take 2 minutes over a 14.4 KBaud link.


bul For a complete list of TBTF's (mostly email) sources, see http://www.tbtf.com/sources.html>.

bul E.Commerce Today -- this commercial publication provided background information for some of the pieces in this issue of TBTF. For com- plete subscription details see <../resource/E.CT.txt>.

bul TidBITS -- mail listserv@ricevm1.rice.edu with no subject and with message: subscribe TidBITS Your Name . Web home at <http://www.ctidbits.com>. Web archive at <http://www.tidbits.com/tb-issues/default.html>.

bul 0xdeadbeef -- mail 0xdeadbeef-request@substance.abuse.blackdown.org without subject and with message: subscribe .

TBTF home and archive at <http://www.tbtf.com/>. To subscribe
send the message "subscribe" to tbtf-request@world.std.com. TBTF is
Copyright 1994-1997 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com-
mercial use prohibited. For non-commercial purposes please forward,
post, and link as you see fit.
Keith Dawson    dawson dot tbtf at gmail dot com
Layer of ash separates morning and evening milk.



Copyright © 1994-2017 by Keith Dawson. Commercial use prohibited. May be excerpted, mailed, posted, or linked for non-commercial purposes.