(A Javascript-enabled browser is required to email me.)
TBTF logo

TBTF for 1998-02-23: Schmanthrax

Keith Dawson (dawson dot tbtf at gmail dot com )
Wed, 25 Feb 18:46:34 -0400


Contents


Security firms consolidating

Two powerhouses emerge that will pressure niche players in the security market

bul Network Associates acquires Trusted Information Systems

NA [1] can now offer one-stop shopping for virus protection (from McAfee), encryption technology (from PGP), and firewall, intrusion warning, and consulting services (from TIS). One concern expressed on the cryptography mailing list is whether TIS will pull Network Associates back into the key-escrow camp, after NA's last acquisition, PGP Inc., pulled it out [2]. TIS is nine times larger than PGP was and is heavily invested in key-escrow technology. [1] http://www.zdnet.com/intweek/daily/980224g.html
[2] http://www.tbtf.com/archive/1997-12-08.html#s01

bul Cisco acquires Wheelgroup

The Texas company [3] develops software and techniques to detect attempts at intrusion over the Net, and also offers security consulting and systems integration. The deal is worth $124M. Wheelgroup has 75 employees and most of them will stay in San Antonio. I hope Wheelgroup will continue to publish, with NetSolve, its ProWatch Secure intrusion report [4], [5].

[3] http://www.zdnet.com/pcweek/news/0216/19mcisc.html
[4] http://www.tbtf.com/archive/1997-11-24.html#s05
[5] http://www.wheelgroup.com/netrangr/PWS_survey.html

______

FBI feints toward crypto in anthrax scare

The only threat we haven't yet seen blamed on the Net is chemical warfare; just wait

Last week the FBI made headlines by capturing two perpetrators in a plot involving anthrax. Far fewer of the media outlets covered the followup: that the material seized was harmless anthrax vaccine, incapable of infecting anyone with anything. Now the charges have been dropped. Nonetheless, FBI agent James Kallstrom was on the Today show on 2/20 and he took the opportunity to link the Internet and strong cryptography with anthrax, though there was no indication that crypto had anything to do with this story. The FBI was using the same scare tactic as long as two years ago [6]. Bruce Sterling gave a nod to this development in his wrap-up speech [7] at the Computers, Freedom, and Privacy conference in Austin:

I would also point out that this very week the FBI did us the
favor of busting a couple of biowar militia freaks. There's
often some kind of loudly trumpeted FBI action during CFP.
Usually it's a computer bust. This time it's anthrax. You can
take that little chunk of data and make of it what you may.

[6] http://www.hotwired.com/netizen/96/37/special3a.html
[7] http://venus.soci.niu.edu/~cudigest/CUDS10/cud1013

______

A disagreement over terminology

Not everyone concurs that we should all start saying "Open Source Software"

As Netscape takes the idea of free software mainstream, some of its proponents have called for a new name -- Open Source Software -- in order to play better to a corporate audience [8]. Eric Raymond and others stress that Open Source Software is not a new movement, and does not represent a schism in the Free Software community -- it is simply the marketing name for Free Software, a term that has proved stubbornly unintuitive to many outside the developer community. The originator of the idea of free software, Richard Stallman, has argued in favor of keeping the original name [9]. You can follow an exhaustive discussion here [10].

Note added 1998-02-25: Eric S. Raymond sent this note:
There is now an Open Source website which describes the Open Source campaign and collects advocacy resources.

[8] http://www.tbtf.com/archive/1998-02-16.html#s02
[9] http://x8.dejanews.com/getdoc.xp?AN=325...hitnum=9
[10] http://206.150.185.149/slashdot.cgi?mode=article&artnum=751

______

Spammers' backbone

A second Global Technology Marketing Inc. billboard is sighted and dismantled

Another sighting was reported [11] of the backbone network supposedly being put together by veteran spammers Sanford Wallace and Walt Rines. The first billboard site advertising the spammers' backbone was hooted off the Net [12] by anti-spammers. A mirror site existed at this IP address [13], according to ZDNet, but it has been taken down. (Here you can browse the server log [14] recording those who stop by to look around; your own hits will be at the bottom.) According to ZDNet, the site listed prices for dedicated T1 connections for spammers. These undesirables will be paying top dollar for their access -- from $5,900/mo. per T1. The freight for a T1 is normally more like $1500/mo., and can go as low as $600/mo. Panix.com advertises a $1000/mo. T1 in New York City.

[11] http://www.zdnet.com/intweek/daily/980220a.html
[12] http://www.tbtf.com/archive/1998-01-26.html#s06
[13] http://198.78.83.10/
[14] http://198.78.83.10/stats/access_log

______

Another national domain-name registry: .cc

The fifth country domain opens the doors, but its NIC isn't ready for prime time

The Cocos (Keeling) Islands, country code .cc, seem to be open for business registering domain names. I have not seen any publicity or news releases about the service. The registration site [15] is sublimely minimalist: it contains, as far as I can see, five pages and no useful information. A form is provided for you to search for your desired .cc name, and another (secure) form to register it with a credit card number. The Submit button does not actually register anything; instead it simply sends email to someone somewhere, while you wait to be contacted regarding your application.

I've added .cc to the TBTF Guide to Non-US Domain Name Registries [16], but I wouldn't recommend rushing to register there just yet -- not until the proprietors reveal a good deal more about who they are and what they're about. The top page says: "Our friendly staff and personnel are working to make this site extremely friendly for our alliance members and patrons." Well, they've got a long old way to go.

The Cocos Islands [17] total 14 square km and have a population of 670 (predominantly Malay on Home Island and Australian on West Island). No serial publications emerged from the territory in 1995 through 1997 [18]. The islands boast 50 species of birds [19]. Outsiders visit mainly for the snorkeling [20]. The islands were discovered by Westerners in 1609 and were uninhabited until 1827, when Captain John Clunies Ross brought several boats of Malays and established coconut plantations [21]. In 1886 Queen Victoria granted the islands to George Clunies Ross and his heirs in perpetuity. At some point a Clunies Ross declared himself king of the islands, but everyone outside ignored this, and the islands were administered as a British colony from Singapore until 1955, when they became Australian territory. In 1993 Australia purchased all of the Clunies Ross holdings except the mansion on Home Island; John Clunies Ross was still resident there in 1996 [22]. John's daughter Joy runs a shipping business from Australia to the island [23]. The Clunies Ross name seems to be widely known in Australia; one Ian Clunies Ross distinguished himself in the last century as a veterinarian and now a science prize is awarded in his name. A number of Australian towns feature a Clunies Ross street. Among the papers in the National Library of Australia is an unpublished manuscript titled "Cocos: a history of the Clunies Ross Family" [24].

Thanks to Alex Shnitman <lexsh at linux dot org dot il> for the pointer to the Cocos registry.

Note added 1998-02-28: Slightly straighter history from Information Please [42]:
Discovered in 1609 by Capt. William Keeling of the East India Company, the Cocos were settled in 1826 by Alexander Hare, an Englishman. A second settlement was founded in 1827 by John Clunies-Ross, a Scottish seaman, who landed with a boatload of Malay sailors.

[15] http://nic.cc/
[16] http://www.tbtf.com/resource/nics-non-us.html
[17] http://www.emulateme.com/images/Cocos.gif
[18] http://www.issn.org/cck.html
[19] http://cygnus.uwa.edu.au/~austecol/cocos.html
[20] http://www.bs.ac.cowan.edu.au/IOTO/IOTO_COCOS/NK_Is.htm
[21] http://www.aa.gov.au/AA_WWW/FactSheets/FS103.html
[22] http://www.bs.ac.cowan.edu.au/IOTO/IOTO_COCOS/Home_Is.htm
[23] http://web3.asia1.com.sg/timesnet/data/cna/docs/cna1742.html
[24] http://www.nla.gov.au/1/ms/find_aids/8604.html
[24a] http://www.infoplease.com:80/dynaweb/ip/encyc/@Generic__BookTextView/344313?DwebQuery=Cocos+Keeling#1

______

AnyWho puts a reverse phone book on the Net

And personal privacy slips a bit more

If you live in the US and your phone number is listed, visit this site [25] and type in your number. AT&T's AnyWho will return your name and address. Is your street name linked? If so, click to see names and numbers for all of your neighbors. Want a map to your house? It's one click away. (Like all such maps I've seen, based on an Etak database, the correspondence of street address with map location can be wildly wrong.) The street proximity search will not show unlisted numbers, 800- or 888- numbers, or "distinctive ring" alternate numbers.

AnyWho is not the first reverse phone book on the Net -- 555-1212 has that distinction [26] -- but it is the most feature-rich. It has a "sounds like" match for last name lookups. It lets you edit or delete your entry, and requires confirmation by a telephone call from the phone number in question. And it combines white and yellow pages -- 90M and 10M listings respectively -- though their output remains separate. When you ask for a street proximity listing for a business listing, you see only other businesses.

Note added 1998-02-27: Ian Douglas <iandoug at lia dot net> sent the following.
FWIW, we in South Africa (and no doubt France too) have had a similar service for years, albeit not on the Net (yet). It is on Beltel, which is based on France's MiniTel, and run by our telephone company. You can dial in via modem and do directory lookups, reverse lookups, and get street listings too. Unlisted numbers are kept unlisted and secure. Odd how no one thinks phone books are invasions of privacy, but put them on the net, then all hell breaks loose.

[25] http://www.anywho.com:81/telq.html
[26] http://www.555-1212.com/whte_us.htm

______

Two places at once

Techniques developed for manufacturable quantum chips

Researchers at Sandia Labs have developed techniques for producing quantum transistors in bulk circuits using conventional semiconductor vapor deposition techniques [27]. These are the first tunneling transistors created in a process that could scale outside of the laboratory. The quantum transistors operate up to 10 times faster than conventional ones and consume far less power. In addition, the devices embody three states -- on, off, and tunneling -- as opposed to a conventional transistor's two, so a quantum IC could do the same work as a conventional one with 2/3 the components. The technology is 5 to 10 years from commercialization; one wrinkle that has to be worked out is how to bring the components up to room temperature from near absolute zero, where they operate today.

For perspective, here is a story [28] from the forefront of conventional chip production, where incremental improvements in photoresist and photomask technology promise a reduction in path size from .25 microns down to 0.08 microns, with no expensive changes to existing processes.

[27] http://www.sjmercury.com/business/center/quantm021898.htm
[28] http://www1.sjmercury.com/business/center/chips022598.htm

______

Not anywhere at all

Visualizing cyberspace

Cyberspace is not about geography. When William Gibson coined the term in his 1984 novel "Neuromancer" [29] he invented a visual analog for the Net, which he called a "consensual hallucination." No such single visualization has emerged, but not for want of researchers poking at the problem. Martin Dodge at the City University of London has collected illustrations from the best visualizations of cyberspace [30] and categorized them as Conceptual, Geographic, ISP Maps, Info Spaces, etc. Thanks to Gregory Alan Bolcer <gbolcer at gambetta dot ics dot uci dot edu> for the pointer.

[29] http://www.powells.com/cgi-bin/partner?partner_id=23196&cgi=search/search&searchtype=isbn&searchfor=0441000681
[30] http://www.cybergeography.org/atlas/atlas.html

______

Intuit's Quicken 98 requires Internet Explorer

An oblique addition to the TBTF Exclusionary Hall of Shame

This is not a Web site requiring IE, but rather a vendor taking Microsoft up on its tempting offer of Web browsing integrated into its product for "free." The 32-bit version of Quicken 98 requires IE 3 (which comes bundled with it) or a later version installed on your system in order to access its Financial Institution List Web page. Other Quicken 98 features such as local Web pages (InsuMarket, Mortgage, etc.) and Market Watch don't work unless you're using Internet Explorer. It's not clear whether IE must be your preferred browser, or merely installed on your system, for Quicken 98 to work. This item came from a posting on the I-WinSoft mailing list, which should eventually be archived here [31], though it's not there yet. Thanks to Rob Faulds <rfaulds at avici dot com> for the alert.

Note added 1998-02-26: Tim Wright <timw at sequent dot com> sends some historical details that diminish the blame owing to Intuit by shifting it to Netscape. Wright also confirms that IE need not be your preferred browser, it merely has to be installed.
Quicken wanted to use Netscape, but at the time Netscape was being incredibly anal about not "unbundling" Navigator. Their attitude was "you take all of Communicator, or nothing." Rather than be held to ransom like this, Intuit ran to the "open" arms of Microsoft. They felt they had to "Webify" Quicken (I'm not convinced that this is an improvement over the previous version, but we'll let that pass), and we can blame Netscape for this mess as much as Intuit. Netscape seems to have learned their lesson rather late once again.

[31] http://www2.hevanet.com/audettemedia/I-WinSoft/archives/054.htm

______

The dangers of embedded content

Let mail be mail, and the Web will take care of itself

An anonymous poster to the cypherpunks list described [32] how his online psuedonym was "auto-outed" by Netscape's mail reader:

They sent a message to my off-site address (along with those
of other critics about whom they wanted to know more). It was
an HTML message with an embedded IMG tag. When Netscape saw
that IMG tag, it happily connected to [the] "customer" track-
ing server, and downloaded the keyed graphic. My boss just let
me see the log he got... showing clearly that my workstation
read the message.

This message [33] posted to the North American Network Operators Group list outlines another evil use for embedded graphics in a text/html mail message.

The moral: if you value your privacy, use a mail reader that doesn't automatically process HTML, connect to image servers, accept cookies, or run JavaScripts.

Note added 1998-02-27: Dr. Anton Nossik <anton at cityline dot ru> sent a note detailing earlier extensive coverage and discussion in Russian media on the dangers of mail readers that automatically interpret HTML. I have posted it here [33a].

[32] http://infinity.nus.sg/cypherpunks/dir.archive-98.02.12-98.02.18/0367.html
[33] http://www.merit.edu/mail.archives/html/nanog/msg03896.html
[33a] http://www.tbtf.com/resource/mail-html-ru.html

______

Bus plunges

Where the new media meet the old

Modern communications media are killing off the newspapers, right? Well, maybe. In some ways they're working in symbiosis. One of the longer-running mailing lists I know of, its origins deep in the 1980s, is BONG BULL, the bulletin of the Burned-Out Newspapercreatures Guild. It's also one of the most hysterical. The latest weekly issue brought news of this peculiar Web site run by a newspaper editor in New York:

Before computers brought us type-stretchers, fillers were a
major part of newspapers' contribution to lore, and the Bus
Plunge was a favorite subject. For that reason, and not be-
cause anyone enjoys reading about 47 pilgrims going into a
ravine, there is a Bus Plunge website [34] (FAQ at [35] for
the frequently asked questions directed at the producers,
among them "What the hell's the matter with you?"). The col-
lection includes drunk-driver plunges, ferry mishaps, pilgrim
plunges, and other categories.
[34] http://www.busplunge.org/
[35] http://www.busplunge.org/faq.html

______

Quick bits

A maze of twisty little items, all different

bul Justice Department subpoenas ISPs

In a further broadening of the Justice Department's probe of Microsoft, the Feds have requested information from ISPs including EarthLink, AOL, Sprint, and MCI [36]. Presumably Justice wants to know about the deals the ISPs did with Microsoft: advertising (e.g., real estate on the Windows 95 desktop) in exchange for bundling Internet Explorer, and perhaps agreeing not to tell customers there is any other browser option.

[36] http://www.news.com/News/Item/Textonly/0,25,19349,00.html?pfv

bul Mozilla.org opens its doors

Netscape has launched [37] the organization and Web page [38] that will coordinate its relations with outside developers once it releases source code for Communicator 5 on 3/31. The group plans to work with outside developers' resources such as Openscape [39].

[37] http://biz.yahoo.com/prnews/980223/ca_netscap_1.html
[38] http://www.mozilla.org/
[39] http://www.openscape.org/

bul Pioneer Awards go to Stallman, Torvalds, Simons

Each year at the CFP conference the Electronic Freedom Foundation, a CFP sponsor, announces the winner(s) of its Pioneer Awards [40]. This year the awards went to the two people most responsible for the free software movement, Richard Stallman and Linus Torvalds. The third honoree was Barbara Simons, long-time expert in technology policy for the ACM and co-founder of the UC Berkeley Computer Science department. News.com gave the story the barest mention [41], and omitted Simons altogether.

[40] http://www.eff.org/pioneer.html
[41] http://www.news.com/News/Item/Textonly/0,25,19346,00.html?pfv


Notes

bul This week's TBTF title bows to a verbal mannerism of Yiddish origin expressing derision or dismissal: say a word, then repeat it (on a falling cadence) with its initial consonant replaced by "schm." I would be unsurprised to learn that a similar construction occurs in other languages.

Ramakrishnan Sundaram <rsundaram at poboxes dot com> writes to inform us that Hindi, India's official and most widely spoken language, has a similar construction. The "schm" equivalent is not a fixed syllable, however; it varies depending on the speaker. An example would be "movie shoovie."

Joshua Yeidel <yeidel at wsu dot edu> points out that Leo Rosten was the person most responsible for popularizing this Yiddishism (among others) in America, in books such as The Joys of Yiddish [42]. A famous example is "Cancer, schmancer. As long as you have your health..."

[42] http://www.powells.com/cgi-bin/partner?partner_id=23196&cgi=search/search&searchtype=isbn&searchfor=067172813X


Sources

bul For a complete list of TBTF's (mostly email) sources, see http://www.tbtf.com/sources.html.

bul BONG: To subscribe, email listserv@netcom.com with message: subscribe bong-l .


TBTF home and archive at http://www.tbtf.com/ . To subscribe send
the message "subscribe" to tbtf-request@world.std.com. TBTF is
Copyright 1994-1998 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com-
mercial use prohibited. For non-commercial purposes please forward,
post, and link as you see fit.
_______________________________________________
Keith Dawson    dawson dot tbtf at gmail dot com
Layer of ash separates morning and evening milk.

space ______