(A Javascript-enabled browser is required to email me.)
TBTF logo

TBTF for 1997-10-06: Can you dig it

Keith Dawson (dawson dot tbtf at gmail dot com )
Wed, 8 Oct 1997 14:11:43 -0400


Sun sues Microsoft over Java incompatibility

Sun cries fowl after testing IE4's Java implementation; Microsoft says "balderdash"

By now you've heard about the lawsuit [1], [2] filed on 10/7; it was front-page news in the New York Times on 10/8. After testing the Java implementation in Internet Explorer 4.0, Sun filed suit [3] accusing Microsoft of false advertising, trademark infringement, and breach of contract. Microsoft responded aggressively [4], calling Sun's claims "outrageous." IE4's Java lacks two components in its implementation of version 1.1 of the Java SDK, and Sun claims it found about 40 modifications to the Java language, including to its underlying class hierarchy. The changes seem to be mostly in aid of making Java run faster under Microsoft operating systems. The furious spinning by both sides obscures the real dispute, which centers on the exact language of the contract Microsoft signed with Sun in April 1996. Did Microsoft commit to producing only 100% pure Java forevermore? The contract is still confidential although both sides have said they are willing to disclose it publicly.

Note added 1997-10-09: See [4a] for pointers to all recent c|net coverage of the Sun/Microsoft/Java story.

[1] http://www.zdnet.com/pcweek/news/1006/07mwar.html
[2] http://www.news.com/News/Item/0%2C4%2C14986%2C00.html
[3] http://java.sun.com/announcement/index.html
[4] http://www.microsoft.com/msdn/news/java.htm
[4a] http://www.news.com/News/Item/0%2C4%2C15004%2C00.html


IE 4.0: bright spots and shadows

Microsoft broke records for downloads of its eagerly awaited new browser, but a couple of troubling questions have arisen

In the first two days after Microsoft made Internet Explorer 4.0 available, users downloaded 1.2 million copies [5]. At 20 MB a pop, this represents a copy every 6 seconds, or an average download bandwidth equivalent to three T3s. Many more copies were distributed by 20+ mirror sites -- no central figures exist. An additional two hundred thousand left Redmond on CD-ROM, and Microsoft announced a deal with Sony to bundle IE4 on Sony music CDs. (I wonder if, when I buy the latest Fiona Apple CD, Microsoft counts me as a customer on the way to its stated goal of 50% of the browser market?)

In the midst of the enormous popularity of this software a couple of warning flags have appeared (in addition to the questions raised by IE4's swift but deviant Java implementation -- see above). First, IE4 provides a powerful new way for content providers to log user actions. Second, an early survey questions the inherent wisdom of Microsoft's strategy of unifying Net and desktop.

one Channel Definition Format. When you subscribe to push information using IE4's built-in facilities, providers can log your access to their content even if you went through an anonymizing proxy server, and even if your access came from your local cache and not over the Net. IE4's channel definition format [6] includes a feature, LOGTARGET, that allows a Web-site provider to command IE4 to deliver logs of your usage via an HTTP POST or PUT directive. It's not clear whether the provider could include other sites in its channel definition to obtain, for example, logs of your usage of competing services. Below is an extract from Microsoft's site [7] where the LOGTARGET directive is defined.

Note added 1997-10-23: A reader points out that material has been added to the CDF documentation at [7], although it is still identified as "Version 1.0, September 30":
   NOTE: A client can only log page hits for URLs for which a channel is
       authorized. In the absence of future authorization methods, only
       URLs whose path is under the path of either the CDF URL or the URL
       in the HREF attribute of the LOGTARGET element can have page hits
       logged. For example, a CDF file at a URL such as
       http://www.microsoft.com/cdf/example.cdf could not log page hits
       of a URL such as http://www.msn.com/example.htm. 
   Logging Declarations

   Specifies where to upload a client's page-hit log file in Ex-
   tended Log File Format.

       Required. Specifies the URL of where the log file should
       be sent.
       Required. Specifies the HTTP method to be used for sending
       the data. [RFC 1945]
       Specifies which type of page hits should be logged. Page
       hits can be logged for offline (read from local cache)
       or online (read from URL) browsing. The default for this
       attribute is "ALL", which logs both types of hits.
       When the log file is being uploaded, any page hits older
       than PURGETIME will not be reported.


   <LOGTARGET HREF="http://www.foosports.com/logging"
       Method="POST" SCOPE="OFFLINE">
       <PURGETIME HOUR="12"/>

Thanks to Jamie McCarthy <jamie at voyager dot net> for the first forward of information on this troubling feature.

two Do users want integration? C|net performed a survey [8] asking users whether or not they think Web/desktop integration is a good idea. 59% said no. One user commented:

I just wanted a browser! What does wanting to look at
Web pages with the latest tech have to do with changing
my (somewhat) perfectly working Windows? I like my
apartment just fine, thank you. I don't care if my stereo
thinks it'd be more convenient if my toilet flushed

[5] http://www.nando.net/nt/info/index_t.html
[6] http://www.microsoft.com/standards/cdf-f.htm
[7] http://www.microsoft.com/standards/cdf.htm#Logging
[8] http://www.news.com/News/Item/0%2C4%2C14901%2C00.html


House of Representatives scrutinizes domain naming

Another Congressional committee steps into the middle of a technical / political Internet issue, and much American flag-waving transpires

The House Science Committee held hearings on DNS reform on 9/25 and 9/30. Larry Irving, representing the Commerce Department, testified that Commerce will release its DNS recommendations by 11/1, based on input collected over the summer [9]. Irving implied that the recommendations will not be entirely consistent with the IAHC plan, now being moved forward by the interim Policy Oversight Committee -- the one approach to DNS reform shaped by substantial input from outside the US. The Science Committee's chairman, Chip Pickering, expressed a desire to keep Internet governance within the United States [10]:

American taxpayers, companies, and government built the
Internet. This is something uniquely American.

What would it mean to subject the necessarily centralized, transnational functions of Internet governance to US laws? A preview is offered by a dispute involving Libya [11], which came into the public eye during the second day of hearings on 9/30. Jon Postel, a US citizen who operates the International Assigned Numbers Agency under charter from the Federal Networking Council, granted the request of an applicant for authority to subdivide the national domain .LY (Libya). The US has applied unilateral sanctions against Libya, and it is illegal for any US citizen to engage in or to encourage commerce with that north African country. Congressmen fumed about Postel's action and the Treasury Department is reported to be investigating [11]. National interference of this kind is inevitable if one country's government controls inherently transnational resources such as top-level domain names.

The last word has yet to be spoken on US government involvement in domain naming. A staffer on the House Commerce Committee said that that body may try to wrest jurisdiction over the domain issue away from Pickering's Science Committee [10], on the grounds that domain names belong to the commercial realm.

[9] http://www.tbtf.com/archive/1997-08-25.html
[10] http://www.wired.com/news/news/politics/story/7427.html
[11] http://www.msnbc.com/news/113761.asp


Caching problems are coming to light

Large ISPs and corporate firewalls have long made local copies of popular Web pages; here's the downside

Lauren Weinstein calls attention to the problems caused by the caching of Web pages in the current issue of the Privacy Forum Digest (I read it on Phil Agre's Red Rock Eater News Service [12]). Many large ISPs and corporate firewalls make local copies of popular Web pages in order to speed performance and reduce load on long-haul networks. The practice is not new but we're only beginning to see analyses of the tradeoffs that caching imposes: pages of dubious currency, static snapshots of dynamically generated pages, copyright questions, and inaccurate reporting of hit rates to Web sites. A New York Times article today singled out the latter problem in introducing MatchLogic [13], a firm that claims to have a fix for undercounted Web ad impressions. The company's research indicates that on average, ad banners are being viewed at a rate 76% higher than current estimates; and that for some popular Web pages the disparity rises above 570%.

[12] http://commons.utopia.usweb.com/cgi-bin/nph-mailings.cgi/rre/Shadows.in...
[13] http://www.matchlogic.com/


Verdict: incomplete

Close but no Fields Medal: a claimed breakthrough in NP-completeness doesn't withstand scrutiny
Note added 1997-10-09: Jon Callas <jon at merrymeet dot com> picks the nit of the week with the retro-push edition of TBTF, in which the above subhead read "Close but no Nobel."

Actually, there's no Nobel for mathematics. The highest prize for math is the Fields Medal.

Legend has it that the reason there's no Nobel in math is because the Sweedish mathematician Mittag-Leffler had an affair with Nobel's wife. The Nobel people people deny it, Mittag-Leffler's people deny it (there's a Mittag-Leffler institute in Sweeden), but it's prime math gossip.

Fans of computational theory may have become exercised recently by a claim to a possible breakthrough in NP-completeness. The term denotes problems long believed to be intractibly difficult: any class of problems proved to be NP-complete will have members whose solution requires exponential time to compute. (For a quick refresher on NP-completeness, see [14] and following slides. I fear that these university lecture notes will be of no help to the math-impaired. Four examples of NP-complete problems are given at [15].)

Jonathan Hayward <jhayward at students dot uiuc dot edu> posted a note to cryptography and security newsgroups on 10/19; it was carried in RISKS for 1997-10-01 [16]:

I now have what I believe to be a polynomial time solution
to an NP-complete problem (specifically, satisfying a proposi-
tional formula expressed in terms of parentheses, variables,
negations, and conjunctions)... My algorithm, if correct,
may have substantial implications for cryptography and con-
sequently security issues... This program produces correct
output for small formulas that I am able to manually verify,
and it had an execution time on a formula of 100 variables
of less than a minute. (Compare with brute force, which on
a supercomputer capable of 1 billion elementary operations
per second would take longer than the age of the universe.)

Hayward posted the algorithm to Usenet and made it available on the Web. When I wrote to him yesterday asking if he had received any feedback on the claimed discovery, he replied:

The algorithm has good average-case performance, but is
exponential in the worst case. It would have been a
breakthrough 15 years ago, but now is a replication of
discoveries already made.

[14] http://www.csee.usf.edu/~maurer/npcompl/tsld014.htm
[15] http://www.cs.dartmouth.edu/~jaa/CS49.97W/NP/np/np.html
[16] http://catless.ncl.ac.uk/Risks/19.40.html#subj8


Can you dig it?

The centralized Call Before you Dig registry gets a Web page

All US states have laws that require construction crews to notify utility companies in advance before digging in the vicinity of underground pipes, cables, etc. An outfit called the Dig Safe System, Inc., funded by utility companies, provides centralized information on the location of buried infrastructure; a single nationwide toll-free number (888-258-0808) links together all the regional Dig Safe resources. With underground fiber-optic cable increasingly at risk from rampaging construction equipment [17], AT&T has set up a Web site [18] to help implant the Call Before you Dig message deep in the brainstem of backhoe operators everywhere. The site tries to make digging safety fun -- its intended audience seems to be a construction foreman with a multimedia PC, Web access, fat pipes, and the mind of a six-year-old.

Sign up to win free, fun, and useful stuff... videos, pens,
key chains, work gloves... Don't miss the multimedia journey
of Farmer Cliff... colorfully presented using Shockwave tech-
nology. ("Howdy. Wanna hear 'bout my cow?")

[17] http://www.tbtf.com/archive/1997-08-04.html
[18] http://www.att.com/b4udig/


Funny but no

When good things happen to bad greeting cards

Today's contender for the most apposite use of the Web is Shoebox Greetings, which likes to call itself "a tiny little division of Hallmark." This site [19] saves from oblivion the outtakes of the Shoebox creative staff -- the gags that might have been a little too peculiar [20], or a little too offensive [21], for the countenance of a wholesome, family-oriented publisher of greeting cards. Thanks to Nina Eppes <nina.eppes at digital dot com> for the pointer.

[19] http://www.shoebox.com/funny/funny.asp
[20] http://www.shoebox.com/funny/card.asp?date=090897&card=3
[21] http://www.shoebox.com/funny/card.asp?date=092997&card=3


Jargon Scout: the preternaturally wired

Quick, give me a term for people who years ago installed a T1 line at home

Jargon Scout is an irregular TBTF feature that aims to give you advance warning -- preferably before Wired Magazine picks it up -- of jargon that is just about ready to hatch into the Net's language. Jargon Scout also invites your collusion in inventing the jargon du jour, in those cases in which the concept emerges before its concensus denomination.

What should we call those folks who, long before the availability of cable modems or even nailed-down ISDN lines, convinced the phone company to run a dedicated wire into their house -- 56 Kbps frame relay or T1 -- for full-time Net connectivity at a fixed IP address? Ippies , that's what, according to Adam Engst and Geoff Duncan.


A fable

Alice encounters a kingdom whose citizens can export wheels only if they have four sides

We'll close on a whimsical note: the fable ([23], alternate at [24]) of a kingdom that wants to limit the export of wheels for reasons of easier law enforcement, though the neighboring lands all have them, and so declares that only square wheels can be manufactured for sale abroad. Any resemblance to laws restricting crypto export is purely intentional. The fable appeared on the Cypherpunks mailing list last summer; the author is unknown.

[23] http://www.research.megasoft.com/deschall/archive/199705/0182.html
[24] http://www.haven.boston.ma.us/~benji/wheels.html


bul For a complete list of TBTF's (mostly email) sources, see http://www.tbtf.com/sources.html.

none Red Rock Eater News Service -- mail rre-request@weber.ucsd.edu without subject and with message: subscribe . Chronological archive at http://commons.utopia.usweb.com/cgi-bin/nph-mailings.cgi/rre/.

none RISKS -- read the newsgroup comp.risks or mail risks-request@csl.sri.com without subject and with message: subscribe . Archive at http://catless.ncl.ac.uk/Risks/.

TBTF home and archive at http://www.tbtf.com/ . To subscribe send
the message "subscribe" to tbtf-request@world.std.com. TBTF is
Copyright 1994-1997 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com-
mercial use prohibited. For non-commercial purposes please forward,
post, and link as you see fit.
Keith Dawson    dawson dot tbtf at gmail dot com
Layer of ash separates morning and evening milk.