(A Javascript-enabled browser is required to email me.)
TBTF logo

TBTF for 1997-09-15: Bedtime for crypto

Keith Dawson (dawson dot tbtf at gmail dot com)
Tue, 16 Sep 1997 23:41:37 -0400


Threads Cryptography export policy
See also TBTF for
2000-02-06, 1999-10-05, 08-30, 08-23, 08-16, 07-26, 05-22, 05-08, 04-21, 03-01, 01-26, more...

Bedtime for crypto

Two committees in the House of Representatives dealt sharp blows to the movement for relaxing Cold War-era restrictions on strong cryptography. Declan McCullagh's impassioned reportage for the Netly News [1] was not by any means the most radical voice raised in reaction. The SAFE bill [2] was gutted first by the Judiciary Committee [3] and then by the Intelligence Committee [4]. The Commerce Committee, on which sits the SAFE bill's author Rep. Bob Goodlatte, then brokered a 2-week time-out before the Rules Committee decides which version of the bill, if any, will be presented to the full House for a vote. "We've bought some time to try to work out something that will satisfy the needs of the people who have supported this legislation," Goodlatte said, somewhat wanly, after the delay was announced. The forces for crypto liberalization, which in the House have the backing of a majority of representatives, were outmaneuvered and outgunned. Justice Department backers have succeeded in shifting the locus of debate so far in the direction of the Surveillance Society that you can barely see the US Constitution from here.

Read about these developments in the Net press [5], [6] or see TBTF Threads [7] to trace the saga to date.

[1] http://cgi.pathfinder.com/netly/opinion/0,1042,1385,00.html
[2] http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.695:
[3] http://www.news.com/News/Item/0,4,14180,00.html
[4] http://www.wired.com/news/news/politics/story/6819.html
[5] http://www.zdnet.com/zdnn/content/inwo/0911/inwo0007.html
[6] http://www.nando.net/newsroom/ntn/info/091197/info3_26022_noframes.html
[7] http://www.tbtf.com/threads.html

Threads Java and JavaScript security
See also TBTF for
1997-09-15, 08-11, 07-21, 07-14, 1996-03-17, 03-10, 02-27, 02-19

A ladder out of a sandbox

A new security-related bug (#13) has been reported in beta versions of MS Internet Explorer 4.0 on Windows 95 and NT machines [8]. Here is the exploit page [9]. Microsoft, when contacted about the bug, replied that the bug had already been found in testing, and fixed. The bug's discoverer could not yet verify that a fix has been implemented. The bug allows a rogue Java applet to overwrite files on the user's disk. This clearly should be impossible under Java's security model, and in fact the fault is not with Java -- it is in Microsoft's proprietary extensions to Java. (Microsoft denies this.) See William Blundon's column [10] for a prediction using the law of unintended consequences. I hope Microsoft engineers read this piece and take it to heart, and then take it upstairs. Microsoft's tactic to "embrace and extend" Java -- declaring it not to be a cross-platform solution and then setting out to fulfill that prophesy -- must appear to Redmond as an attractive marketing solution to a nagging problem. But it is fraught with technical risk and seems likely to backfire. This bug is the first solid indication that this is happening. See this summary table [11] of Microsoft IE-related security bugs and issues reported in TBTF in 1997. Thanks to Fred K. Barrett <fbarrett at world dot std dot com> for the alert.

[8] http://www.techweb.com/wire/news/1997/09/0905bugs.html
[9] http://web.mit.edu/twm/www/expbug2/
[10] http://www.javaworld.com/javaworld/jw-08-1997/jw-08-blundon.html
[11] http://www.tbtf.com/resource/ms-sec-exploits.html


Netscape gets patent protection for SSL

On 8/12 Netscape was granted US Patent number 5,657,390 [12] for Secure Socket Layer technology. A poster to the Cryptography mailing list speculated that the patent is so broadly worded that Netscape might claim royalties from anyone sending encrypted communications over an open network, although a challenge could be mounted on the basis of prior art. There is no hard evidence as to what Netscape's intentions are for the patent. Thanks for the alert to Rodney Thayer <rodney at sabletech dot com>.

[12] http://patent.womplex.ibm.com/details?patent_number=5657390


Mac clones stampede for the exits

Motorola dropped out of the business of making MaCOS clones on 9/11 [13], and talked about the sunny prospects for the PowerPC chip beyond the market for computers [14]. After the close of the New York stock exchange the company also announced that its earnings will not meet expectations, partly due to the $95M cost of backing out of the Mac clone market. Motorola stock was hammered in after-hours trading. In separate news, IBM is rumored [15] to be near an announcement that it will abandon its MacOS licence -- the company never did get around to producing clones.

Here is the most cogent explanation [16] I have found of why Apple's actions make sense. Short form: imagine that the Macintosh has never been a personal computer -- rather, a workstation -- and the economics of cloning work differently than in the mass PC market.

[13] http://www.news.com/News/Item/0,4,14152,00.html
[14] http://www.news.com/News/Item/0,4,14045,00.html
[15] http://www.news.com/News/Item/0,4,14159,00.html
[16] http://www.stepwise.com/Articles/Editorial/TheCloneWars.html


A failure to deliver on xDSL

US West, the regional phone company reported in TBTF for 1997-01-21 [17] to be readying a rollout of ADSL technology, is failing to deliver on the plan, according to an exclusive story [18] in Interactive Week. Initially the company planned to provide customers in 14 cities with asymmetric digital subscriber line technology, for Internet access at speeds up to 1.5 Mbit/sec. The trial is being delayed and scaled back to two cities after a shuffle of CEOs at US West. This development reinforces my belief that the most appropriate agents to deliver xDSL to the home are ISPs, not phone companies.

[17] http://www.tbtf.com/archive/1997-01-21.html#s01
[18] http://www.zdnet.com/intweek/daily/970909f.html


Search bunnies' heaven

After the most recent TBTF note on Alta Vista's shifting indexing policies [19], David Brake <derb at well dot com>, webmaster of the New Scientist's online incarnation [20], sent a note pointing out enough research to sate even the most search-addled Web denizen. His own article on the controversy over Alta Vista limitations [21] goes considerably deeper than mine did. And his article "A Webmaster Searches" [22] describes his own techniques for using search engines, with concrete examples. Finally, Brake points out the ultimate search-bunny site: Danny Sullivan's Search Engine Watch [23].

[19] http://www.tbtf.com/archive/1997-08-11.html#Tavs
[20] http://www.newscientist.com/
[21] http://www.keysites.com/keysites/networld/lost.html
[22] http://www.newscientist.com/keysites/voice/voice.html
[23] http://searchenginewatch.com/size.htm


Remember home pages?

Pamela O'Connell <personalweb.guide at miningco dot com> does: she writes about personal home pages for the Mining Company. Now, home pages fell off the "Wired" side of the Tired/Wired list some time ago, but still the subject deserves respect: personal home pages have always been at the core of the Web's promise of many-to-many publishing. Last May O'Connell reported on the only survey results [24] then available on the prevalance of home pages, from Find/SVP. Last week she updated these results with a new study [25] from NFO Research; her article is titled "Market researchers aren't exactly falling over each other studying the homepage phenomenon." Both studies, and O'Connell's own researches, indicate that something over 50% of active Web users either maintain a personal page, or plan to, or at least look favorably on the idea.

[24] http://personalweb.miningco.com/library/weekly/aa051297.htm
[25] http://personalweb.miningco.com/library/weekly/aa090897.htm


Exploitation in Net time

By the day of Princess Diana's funeral, 1997-09-06, the following domains had been registered, as uncovered by Brian Reid <reid at pa dot dec dot com> and forwarded by Nina Eppes <eppes at orion dot ENET dot dec dot com>.
                DIANAGOODBYE.COM   25th Frame Interactive
                  DIANA-DODI.COM   786 Consultation Services
          DIANAS-REMEMBRANCE.COM   Apex Communications
              DIANA-MEMORIAL.NET   Blah
         DIANA-MEMORIAL-FUND.COM   Computeach College
         DIANA-MEMORIAL-FUND.NET   Computeach College
         DIANA-MEMORIAL-FUND.ORG   Computeach College
               DIANAMEMORIAL.NET   Computeach College
           DIANAMEMORIALFUND.NET   Computeach College
              DIANA1961-1997.COM   Cordiant InterWeb Technologies
                  DIANA61-97.COM   Information Architecture
                 DIANAISDEAD.COM   Information Architecture
                   DIANADEAD.COM   Interactive Consulting, Inc.
                DIANAFOREVER.COM   Lady Di Memorial
                  DIANALIVES.COM   Lady Di Memorial
               DIANATRIBUTES.COM   Megatronix (UK)
              DIANA-MEMORIAL.COM   Princess Di Memorial
       DIANA-PRINCESSOFWALES.COM   Princess Di Memorial
         DIANA-QUEENOFHEARTS.NET   Domain Sales
         DIANA-QUEENOFHEARTS.ORG   Domain Sales
          DIANAQUEENOFHEARTS.ORG   Domain Sales
            DIANASFOUNDATION.ORG   Domain Sales
            DIANA-1961TO1997.COM   mesu
                DIANA-61TO97.COM   mesu
        DIANA-PRICESSOFWALES.COM   tagadaboomboom
       DIANA-PRINCESSOFWALES.ORG   tagadaboomboom
           DIANAMEMORIALFUND.COM   tagadaboomboom
           DIANAMEMORIALFUND.ORG   tagadaboomboom
        PRINCESSDIANAOFWALES.COM   Information Architecture
           PRINCESSDIANADEAD.COM   Interactive Consulting, Inc.
              PRINCESSDIANAS.COM   Martin Eng
               PRINCESSDIANA.COM   Naughtya Page
          PRINCESSDIANA-DEAD.COM   Princess Di Memorial
          PRINCESSDIANA-DEAD.NET   Princess Di Memorial
        PRINCESSDIANA-ONLINE.NET   Princess Di Memorial
        PRINCESSDIANA-ONLINE.COM   Princess Di Memorial
           PRINCESSDIANADEAD.NET   Princess Di Memorial
         PRINCESSDIANAONLINE.COM   Princess Di Memorial
              DIANA-MEMORIAL.COM   Princess Di Memorial
Threads Quantum computers and quantum physics
See also TBTF for
1999-10-05, 01-04, 1998-11-03, 10-27, 09-14, 03-09, 03-02, 02-23, 1997-11-24, 09-15, 05-22, more...

Quantum mechanical entanglement of atoms

Entanglement is a phenomenon unique to quantum physics. It involves a relationship (a "superposition of states") between the possible quantum states of two entities such that when the possible states of one entity collapse to a single state (as a result of suddenly imposed boundary conditions, such as a measurement), a similar and related collapse occurs in the possible states of the entangled entity no matter how far away it is located. It is one of those aspects of quantum mechanics difficult to reconcile with our current general view of reality. In the past, evidence of quantum mechanical entanglement has been restricted to elementary particles such as protons, electrons, and photons. Now researchers using highly excited rubidium atoms have shown quantum mechanical entanglement at the level of atoms. The experimental apparatus produces two entangled atoms, one atom in a ground state and the other in an execited state, physically separated so that the entanglement is non-local. When a measurement is made on one atom (e.g. the atom in a ground state) the other atom instantaneously presents itself in the excited state. The result of the second atom's wave function collapse is determined by the result of the first collapse. Before long quantum mechanical entanglement may be demonstrated for molecules and perhaps even larger entities. This work was done by E. Hegley et. al, and published in Phys. Rev. Lett. 79:1 (1997). I found a mention in Science Week (which, alas, no longer does retropush for free) at [26].

[26] http://users.aol.com/sciweek/sw970905.txt


bul Today's TBTF title comes from a screwball comedy made at the start of the acting career of a future President of the United States. Ronald Reagan was consistently upstaged by his co-star, a chimpanzee, in Bedtime for Bonzo.


bul For a complete list of TBTF's (mostly email) sources, see http://www.tbtf.com/sources.html.

TBTF home and archive at http://www.tbtf.com/ . To subscribe send
the message "subscribe" to tbtf-request@world.std.com. TBTF is
Copyright 1994-1997 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com-
mercial use prohibited. For non-commercial purposes please forward,
post, and link as you see fit.
Keith Dawson    dawson dot tbtf at gmail dot com
Layer of ash separates morning and evening milk.



Copyright © 1994-2017 by Keith Dawson. Commercial use prohibited. May be excerpted, mailed, posted, or linked for non-commercial purposes.