Why those two servers, exactly?
This news is not exactly new, but the news may be that it has attracted so little notice. On Sunday 2/15, thieves broke into a Best Internet San Francisco co-location facility, cut a lock off a steel cage, and made off with two 200-pound servers being used to test the Shared Registry System  for the Internet Council of Registrars. CORE is nearly ready to go live with its long-debated evolution of the domain name system, in contrast to the US government's "green paper" solution , which is months from approval and probably years from implementation. According to a c|net account , CORE said its servers were stolen when a CORE worker scheduled to be at the facility called in sick. There was no sign of forced entry into the Best facility. The two Sun Enterprise 450 servers were not the most expensive equipment in the facility, but no other cages were disturbed. Local police are working on the case and the FBI and CERT were notified. Emergent Corp., which is contracted by CORE to operate the SRS, had the system back online on new servers within 30 hours. At the time of the burglary CORE was low-key and sought to dampen speculation. They promised to put up a statement on their Web site, but if they've done so I couldn't find it.
Ganging up on Microsoft
See also TBTF for 1999-08-16, 07-19, 02-15, 02-01, 01-13, 01-04, 1998-12-23, 12-15, 12-07, 11-11, 10-19, more...
This one is going to take a little time
Sun and Microsoft kept their first court date  on 2/26, and U.S. District Judge Ronald Whyte declined to grant Sun an injunction forbidding Microsoft from using the name Java in its products. The judge took the question under advisement. As to when the case might actually be adjudicated, Sun asked for a trial date in April -- of 1999.
Cryptography export policy
See also TBTF for 2000-02-06, 1999-10-05, 08-30, 08-23, 08-16, 07-26, 05-22, 05-08, 04-21, 03-01, 01-26, more...
Two items on crippled crypto
Netscape crypto easily boosted to full strength
An Australian doing business as Fortify.net  is distributing a program for Unix and Win-32 (containing no crypto code) with which anyone can convert their export copy of Netscape Navigator into a US-strength, 128-bit version. Netly News coverage  paints the Feds pacing and gnashing their teeth over the development, which breaks no laws. At the Financial Cryptography conference in Anguilla, attendees ran a contest for the most compact perl code to effect this transformation ("Run this on your export version of netscape 4.04 to enable strong crypto!"). Ian Goldberg, who through his connection with the conference sports the world's coolest email address -- n@ai -- posted a 99-byte essay, only to be trumped by a Russian programmer who shaved it by 15 bytes. The result:
s/(TS:.*?0)/$_=$1;y,a-z, ,;s, $,true,gm;s, 512,2048,;$_/es;
HP has obtained government approval to export systems based on its VerSecure architecture , which uses expiring software tokens to assure that the crypto provided to each user meets local laws. (No shippping products are based on VerSecure, and any such products will be subject to a further government review.) The Commerce Department license allows HP to export VerSecure-based products only to the UK, Germany, France, Denmark, and Australia. HP's system envisions encryption in VerSecure-based hardware -- PCs, servers, cell phones -- only after a token exchange with a "Security Domain Authority" clears the scrambling. Imagine SDAs as networked encryption checkpoints run by approved organizations in each country. Each user would obtain a software token, expiring after one year unless renewed, that controls the strength of encryption and the availability of key-recovery features. Token policies would be based on the local laws prevailing in each country: for example, tokens distributed in France would activate a back door for law enforcement, because French law requires that feature. This Reuters story  quotes a Center for Democracy and Technology spokesman calling VerSecure a "Rube Golberg approach." (Our British cousins would say "Heath Robinson.")
How long before some hacker finds a way around the tokens to allow full-strength, un-escrowed encryption?
Thanks to Matthew D. Healy <healy at seviche dot med dot yale dot edu> for the story suggestion.
Using the Internet as a massively parallel computer
See also TBTF for 2000-03-31, 1999-08-30, 07-19, 01-26, 1998-03-02, 1997-10-27, 09-08, 09-01, 06-23, 01-29, 1996-12-02
OK, you can crack DES. How fast can you crack DES?
RSA has established an ongoing series of challenges  to break messages encrypted with 56-bit DES. Twice a year, on 1/13 and 7/13, the company will post a new challenge and will only pay a winner if the message is decoded faster than it was last time. If the new contest is beaten in less than 25% of the reference time, the winner gets $10K; 50% pays $5K, and 75% $1K. The first DES crack took 140 days on the calendar, but when RSA launched DES Challenge II they set the bar higher and established a reference time of 90 days. On 2/26 the message was decoded after 39 days by an anonymous participant working under the auspices of distributed.net . The secret message was "Many hands make light work." Distributed.net offered thanks to RSA for the implied endorsement.
Consolidations and realigning business models are the order of the day
RCN of Princeton, NJ, known mainly for its plans to wire city centers with fiber, is buying Virginia-based ISP Erol's and Massachusetts-based Ultranet . The acquisitions give RCN 325,000 dialup customers on the eastern seaboard, and should provide rich fields for cross-selling once RCN gets their fiber alight.
Best Internet and Hiway Technologies announced plans to merge . The companies say that one advantage of combining forces will be fail-safe access for their customers: Best (San Francisco) worries about earthquakes and Hiway (Florida) has hurricanes to contend with.
Netscape, smarting from competition with Microsoft, is floating a balloon about becoming a CSP (commerce service provider)  -- that is, hosting commerce sites for customers of their back-end software. Such talk is not going down well with Netscape's ISP and CSP customers, and first returns from the analyst community aren't entirely positive either. Representative quote: "It baffles me. It sounds like a desperate move."
It's only a test, but it's Ka band and it's broadband
Teledesic is the company planning to ring the world with satellites to make T1-or-better Internet access available at any point on the surface . On 2/18 they launched an experimental satellite named "T1" ; the news was blacked out until 2/26. T1 is not a prototype of the satellites Teledesic is planning, it's merely a test bed operating in the Ka band (28.6 - 29.1 GHz) at E1 speeds (2.048 MBPS). Teledesic officially won the right to Ka frequencies last November . T1 was put into orbit by a Pegasus rocket, launched from underneath an airborne L-1011. The service planned when Teledesic goes live, by the end of 2002, will be 2 MBPS upstream and 64 MBPS down.
Getting our entertainment where we can find it
These low-earth-orbit satellites will enable worldwide phone services beginning this year. Fifty-one are presently in orbit. It turns out that the satellites' antennas catch the sun and cause "flares"  visible from the ground. For minutes at a time the satellites brighten from magnitude 6 (binoculars required) to magnitude -2 or even -4 (brighter than Venus). This useful page provided by the German Space Operations Centre  will calculate for you the next seven Iridium flares visible from your location. (Their initial mission was to calculate and display appearances of the Mir satellite.) First you need to say exactly where on earth you are. Using the Census Bureau's Tiger Mapping Service  you can pinpoint a spot in the US to 4 decimal places of latitude and longitude, or within about 50 feet. Start at this atlas of place names  for rough coordinates that you can feed to the Tiger for refinement.
The Great Internet Mersenne Prime Search ferrets out M-37
The largest prime number now known is 2^23021377 - 1. It was discovered by Roland Clarkson, one of 4,000 current participants in GIMPS , using a Pentium box running code written by George Woltman (who is mersenne.org). This is the first Mersenne prime discovered using Scott Kurowski's Internet software and server , which coordinates the large number of volunteer computers. When last we visited GIMPS (see TBTF for 1997-09-08 ), the previous record-holder, M-36, had just been uncovered. This new Mersenne prime is only a tiny bit larger, relatively speaking, at 909,526 digits vs. 895,932. You can download the number itself  from mersenne.org. This file is, of course, about a megabyte in size.
Quantum computers and quantum physics
See also TBTF for 1999-10-05, 01-04, 1998-11-03, 10-27, 09-14, 03-09, 03-02, 02-23, 1997-11-24, 09-15, 05-22, more...
Half-looking at particles being waves
Researchers at the Weizmann Institute have demonstrated , and controlled, one of the strange everyday home truths of the quantum world -- that the act of observing something perturbs it. In this case, what is perturbed is the tendency of electrons to act like waves. The Israeli researchers have produced a tunable sensor that can watch which of two openings electrons go through. When the sensor is fully "alert," each electron provably goes through one opening or the other. When the sensor is not "looking," electrons go through both openings in a wavelike way and interfere on the other side. Such control over this basic quantum phenomenon could be important to devices built of quantum parts, for example the chips described in TBTF tor 1998-02-23 . Thanks for the story suggestion to Eliyahu Skoczylas <eliyahu at photonet dot com>.
If they think you're technical, go crude
This page  reports the latest results of Alta Vista searches counting Web pages that make assertions such as "MacOS sucks" or "Unix rules." Right now Unix is way ahead in the Sucks/Rules ratio, and Linux is far ahead of Windows. This page , in contrast, dispenses with any pretense of fairness or sampling and baldly asserts that all operating systems suck.
When the power goes out for a week (and counting) in an El Nino summer
Peter Gutmann (who outed Microsoft's naked emperor of security -- see TBTF for 1998-01-26 ) is writing an ongoing account  of the anguish Auckland, New Zealand is going through after losing all power to the central city. Four cables all failed. Gutman is unsparing in his gaze at the recent practices of the power company, Mercury Energy, which has spent $300M on a failed attempted takeover of a rival energy company while eliminating excess capacity and waste of the sort that we might have referred to, in an ealier and less enlightened age, as safety margins. Some excerpts:
The city of Auckland has... four 110kV cables feeding the central business district... The suspicion is that the El Nino summer has dried out and heated the ground so that vibration and ground movement (shrinkage) have damaged the cables.
Mercury ran an emergency feed for several miles over a string of poles, which had hardly been completed when the second cable failed. They then tried to force a full load over the remaining cables by management will-power alone, which unfortunately wasn't enough to overcome the basic laws of physics, and everything which was left failed as well.
I think I'll join the class action suits; the fact that the university machines are down means that I've had to use tin to read news for nearly a week, that's got to be worth several hundred thousand dollars compensation for mental anguish.
Q -- How many Aucklanders does it take to change a lightbulb?
A -- Does it matter?
TBTF home and archive at http://www.tbtf.com/ . To subscribe send the message "subscribe" to email@example.com. TBTF is Copyright 1994-1998 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com- mercial use prohibited. For non-commercial purposes please forward, post, and link as you see fit. _______________________________________________ Keith Dawson dawson dot tbtf at gmail dot com Layer of ash separates morning and evening milk.