(A Javascript-enabled browser is required to email me.)
TBTF logo

TBTF for 1998-06-29: White on rice

Keith Dawson ( dawson dot tbtf at gmail dot com )
Mon, 29 Jun 23:44:42 -0400


Russia may force ISPs to tip Big Brother

Proposed law would let KGB successor listen in on all Russian Internet traffic

In Russia, one of the inheritor agencies of the KGB is preparing a law that would require ISPs to enable surreptitious monitoring of all Internet traffic without a court order. The Federal Security Service (FSB) wants to force ISPs to install -- possibly at their own expense -- equipment and bandwidth at least equal to that used for their commercial services, with a data channel leading directly to an FSB outpost.

Here is an English-language rendering of the current state of the FSB proposal [1].

According to Alexander Gagin, editor-in-chief of the Russian magazine Internet, the threatened measure is being opposed by a group of Internet activists including ISPs, journalists, and members of Parliament.

Gagin notes that surreptitious monitoring of the Russian telephone system on a wide scale is already feasible. In this the Russian eavesdroppers are ahead of their US counterparts. At the insistence of the FBI four years ago Congress passed the Communications Assistance for Law Enforcement Act [2] requiring telephone companies to build in back doors for federal wiretapping. The FBI dragged its feet for years about providing the mandated statement of their capacity requirements. They finally did so last January [3]. The phone companies, complaining that the law unfairly shifts wiretapping costs to them, have found enough friends in Congress to get a bill filed [4] pushing back the implementation deadline by 2 years, to 2000.

No one in the US, even in the FBI, has ever suggested warrantless monitoring of Internet traffic on the breathtaking scale contemplated by the Russian proposal.

[1] http://www.ice.ru/libertarium/sorm/sormdocengl.html
[2] http://www.epic.org/privacy/wiretap/
[3] http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.3321.IH:
[4] http://www.fbi.gov/calea/calea1.htm


The first lawsuit over Siliconia

Tempers are fraying on the Silicon Prairie

For 2-1/2 years TBTF's Siliconia page [5] has been tracking the growing and mutating business of regions denominating themselves Silicon something, hoping for a spillover from the glow of Silicon Valley. Over this time I have watched the Siliconia phenomenon grow from a mild regional joke, enjoyed in a growing number of locales around the world (each one smugly congratulating itself on its originality), to a serious matter of big-business, big-budget regional branding.

At this writing I have collected 51 Siliconia associated with 72 different geographical locations worldwide. As you might guess from these numbers, some Siliconia are claimed by more than one region. The record-holder is Silicon Prairie, for which I had tracked seven separate geographical claims.

Now the first lawsuit is being threatened.

I received a note from the president of Silicon Prairie Interactive Network in Oklahoma. The organization has registered siliconprairie.org [6]. This organization is threatened with a suit by the Silicon Prairie Technology Association of Kansas City, Missouri, which hangs out at silicon-prairie.org [7].

C'mon, fellas, lighten up. You're far from the first to have claimed a Prairie name, or even to have trademarked one. (The Iowa outfit has been using the name since 1982, and the Chicago Tribune -- owners of siliconprairie.com and silicon-prairie.com -- has been known to bluster in the past over rights to this name.) This Silicon Prairie ought to be big enough for all of you.

[5] http://www.tbtf.com/siliconia.html
[6] http://www.siliconprairie.org/
[7] http://www.silicon-prairie.org/


Threads Domain name policy
See also TBTF for
2000-04-19, 03-31, 1999-12-16, 10-05, 08-30, 08-16, 07-26, 07-19, 07-08, 06-14, 05-22, more...

Cyberspace Constitutional Conventions in July

The scramble to define Internet governance begins, in exclusivity

Following the US government's abdication of decision-making in the issuance of domain names [8], the Commercial Internet Exchange has invited [9] 82 companies, organizations, and experts to a conclave on the subject in Reston, Virginia. It's called "Toward an Internet Assigned Numbers Entity: Charter Stakeholders Workshop." Invitees include the IANA, CORE, the Internet Society, AOL, PSINet, AT&T, and Disney Online, as well as organizations like the American Bar Association and the American Intellectual Property Law Association. Boston University Law professor Tamar Frankel will lead the workshop.

Separately, the Internet Society has called an Internet Summit for July 24-25 in Geneva, Swizerland [10]. Characterized as a discussion of the structure and roles of the "New IANA," the meeting leverages the attendance at the Internet Society's eighth annual meeting in Geneva, and is expected to attract representatives from 120 countries.

Some in the Internet community have decried the stealth with which these meetings were set up. Einar Stefferud disclosed a June 16 email message [11] documenting a conference call in which 19 participants settled the framework for the above two meetings; Declan McCullagh published it to his politech list. Did you hear about these meetings -- were you invited? Neither was I. So far the process has not exactly been a model of open self-governance.

[8] http://www.tbtf.com/archive/1998-06-08.html#s01
[9] http://www.techweb.com/wire/story/domnam/TWB19980611S0017
[10] http://www.isoc.org/isoc/media/releases/980616pr.shtml
[11] http://www.tbtf.com/resource/con-call-stef.txt


White on rice

NSA declassifies the algorithms behind the Clipper chip, and cryptographers worldwide are all over it

On June 23 the Department of Defense announced that the NSA had declassified the algorithms used in the Fortezza PC card and in the earlier, abandoned, Clipper chip. The Skipjack and Kea (Key Exchange) algorithms were posted to the National Institute of Standards and Technology site [12] in PDF format. Cryptography researchers quickly rendered the information into HTML form [13] (this link loads 350K) and set about implementing the algorithms. Within 24 hours of the announcement three separate implementations had been posted to the Cryptography list (examples at [14] and [15]). Within 28 hours tuned implementations had appeared and people were running timing tests. At 48 hours an Israeli group, Biham et al., published an initial analysis [16] along with their own reference implementation.

[12] http://csrc.nist.gov/encryption/skipjack-kea.htm
[13] http://jya.com/skipjack-spec.htm
[14] http://www.cl.cam.ac.uk/~mgk25/download/skipjack.tar.gz
[15] http://www.systemics.com/~iang/SKIPJACK.java
[16] http://www.cs.technion.ac.il/~biham/Reports/SkipJack/


The flaws of key recovery

Cryptographers' criticisms unaddressed by governments

The cryptographers who released a report [17] last year on the unknowns and risks in implementing a key recovery infrastructure have updated the report 12 months later [18]. They state:

Its essential finding remains unchanged and substantively unchallenged: The deployment of key recovery systems designed to facilitate surreptitious government access to encrypted data and communications introduces substantial risks and costs.
The US government doesn't even seem to be trying anymore to defend its current policy of export restrictions and required key escrow for strong crypto. In mid-April Commerce secretary William Daley called the policy a failure [19]. An Administration policy spokesman, Robert Litt, was recently ridiculed for admitting in an open congressional hearing that he had never read the National Research Council's seminal report "Cryptography's Role in Securing the Information Society" [20]. And last week the Administration's elite commission chartered to develop a Federal standard key-recovery infrastructure admitted failure, after two years, and disbanded [21].

[17] http://www.cdt.org/crypto/risks98/
[18] http://www.crypto.com/key_study/
[19] http://www.news.com/News/Item/Textonly/0,25,21120,00.html?tbtf
[20] http://www.replay.com/mirror/nrc/
[21] http://jya.com/gak-fails.htm


Password spamming

The dark side of companies sharing data on users

Salon started this fire [22]: it carried Andrew Leonard's story of the disturbing apparent spam sent to 35,000 Ad Age subscribers by a company unknown to them, theGlobe.com. The spam informed them they had a mailbox on theGlobe, and showed them in plain text their user name and password. The password in question was the one from their Ad Age account. The whole ugly affair turns out to have been a bit of technological clumsiness by theGlobe, with whom Ad Age had contracted to build a "community" for its users. The story broke, and was picked up by traditional media including the NY Times, just as the FTC announced its damning findings on Web privacy practices [23]. In a last-minute attempt to ward of government regulation, trade groups sent a letter to the President before the FTC report went out [24]. Maybe that letter did the trick. The Commerce Department announced last Wednesday [25] that the administration is giving the industry more time to get its privacy act together. "They've had 20 years to practice self-regulation and have yet to come up with anything moderately useful," said David Banisar, an attorney with the Washington-based Electronic Privacy Information Center. "It's hard to imagine in the next few days some miracle will occur."

[22] http://www.salonmagazine.com/21st/feature/1998/06/03feature.html
[23] http://www.news.com/News/Item/Textonly/0,25,22775,00.html?tbtf
[24] http://www.news.com/News/Item/Textonly/0,25,22762,00.html?tbtf
[25] http://www.mercurycenter.com/business/tech/docs/013402.htm


Threads Open source software and the Linux OS
See also TBTF for
1999-08-16, 05-22, 03-26, 02-15, 02-01, 1998-11-17, 11-11, 11-03, 10-27, 10-12, 08-31, more...

Windows 98 rollout greeted by the Linux faithful

Silicon Valley Linux Users Group grabs the spotlight

On June 24, the night when Windows 98 went on sale at midnight, some 60 Linux fans met [26] in the parking lot of Fry's, a Silicon Valley electronics and software retailer, to educate the buying public to the existence of a free, non-crashing alternative to Windows. There and at CompUSA they handed out 500 Linux CD-ROMs (for free of course). Credit for the idea (only 9 hours ahead of the Fry's opening) goes to Sam Ockman [28]. Thanks to Rick Moen for the pointer.

[26] http://hugin.imat.com/svlug/
[28] http://hugin.imat.com/svlug/linx03.jpg


Threads Ganging up on Microsoft
See also TBTF for
1999-08-16, 07-19, 02-15, 02-01, 01-13, 01-04, 1998-12-23, 12-15, 12-07, 11-11, 10-19, more...

Koreans upset over Microsoft move

We get market share the old-fashioned way: we buy it

Microsoft made a deal [29] with the Hangul & Computer Co., whose word processing program is used on 80% of PCs in Korea. Hangul agreed to abandon its product in exchange for a $20 million investment, leaving the field to the Korean-language version of Word, which has a market share below 10% at present. This brazen corporate imperialism has struck a raw nerve among the Korean public -- sensitized by the inflow of foreign capital following the country's currency crisis -- and has also attracted the attention of Korea's fair trade agency.

[29] http://www.newslinx.com/News/cg-061898d.html


Word macro virus breaks new ground

This virus will post your infected document to alt.sex.stories under the title "Important Monica Lewinsky Info"

The new virus WM/PolyPoster silently posts infected documents to popular, if risqué, Usenet newsgroups [30]. Here is a detailed description of its operation [31]. Besides potentially causing the document owner embarassment or commercial harm, this tactic threatens to turn Usenet into a Hot Zone of virulent macro infectivity. Anyone who reads a netnews article carrying a Word document infected with WM/PolyPoster is primed to catch the infection themselves. Data Fellows, the virus's discoverers, say that their anti-virus software already detects and disables WM/PolyPoster. It's not clear whether the company has made details available to other virus hunters.

[30] http://www.datafellows.com/news/pr/eng/fsav/19980618.htm
[31] http://www.datafellows.com/v-descs/agent.htm


Followup: Are we having a monopoly yet?

Can you indeed buy a PC without Windows?

TBTF for 1998-06-08 [32] noted a Ralph Nader-inspired survey of computer makers that turned up none willing to sell a PC without Windows 95 installed -- or to refund any money if the Microsoft software was returned. Several readers wrote to point out a slashdot.org discussion [33] indicating that Dell Computer had announced the intention to do both of these things.

It's an unconfirmed rumor, folks.

The people who called Dell uniformly got told that there was no such program. No-one has produced a URL at Dell stating that such a policy exists.

This earlier slashdot.org discussion [34] did, however, turn up a number of small local dealers willing to sell bare machines or to pre-install an OS not from Microsoft. In addition these Web merchants were spotted:

Indelible Blue [35] offers machines preloaded with your choice of OS/2 and Windows 95/NT, as well as the ability to custom order a machine with OS/2, Windows 95/NT, and/or Linux.

Zenon Computers [36] not only offers no-OS as an option (Windows 95 is $108.30 more), it's the default option on their Web ordering form. Furthermore, this has been the case since at least March 21, when I ordered my system. That was well before the lawsuit.

[32] http://www.tbtf.com/archive/1998-06-08.html#s03
[33] http://slashdot.org/articles/980606138248.shtml
[35] http://www.indelible-blue.com/
[36] http://www.zenontech.com/


Wireless local loop

A way around the local dinosaurs

An Israeli company, TelesciCOM [37], has developed a product they call Wireless DSL that allows wireless broadband data transfer at speeds rivaling fixed-line connections: up to 10 Mbits/sec. The company claims that any telecom operator or ISP can offer cheap phone and data services with an investment of about $100 per user. Up to 18,000 users can send and receive high-speed data from a single TelesciCOM radio base station. The technology is proprietary, based on patented algorithms to overcome airwave interference in the 1- to 38-GHz range.

Other wireless local loop products are under development. TelesciCOM kindly reproduces this independent review [38], which is somewhat downbeat on the prime-time readiness of this technology. It says of the offered solutions -- from TelesciCOM, Ericsson, and Floware [39] -- that all are based on nonstandard technology and that none is yet available commercially.

[37] http://www.TelesciCOM.co.il/
[38] http://www.TelesciCOM.co.il/tdcp1.html
[39] http://www.floware.com/index4.html


Terraserver launches and stumbles

It's hard to plan effectively for a flash crowd

Microsoft has launched Terraserver [40], the service (noted in TBTF for 1998-04-20 [41]) that delivers US government aerial photographs and Russian satellite images over the Web. Microsoft calls Terraserver the largest database on the Web, and while the claim is debatable, at 1.01 million MB Terraserver is undeniably Godzillan. The site is intended to show off the enterprise scalability of Microsoft's SQL Server database product, running on an 8-processor Alpha, but its launch has been something of an embarassment [42]. The site, designed for a million hits per day, sunk beneath an onslaught of 8M hits in its first hours. It still performs erratically, frequently producing VBScript errors instead of photographs. Microsoft says that the problem is entirely due to an insufficiency of Web servers fronting the database. When they get it straightened away, do go visit [40]. It's nifty to be able to click down from a world map to a photo of your own driveway.

[40] http://terraserver.microsoft.com/
[41] http://www.tbtf.com/archive/1998-04-20.html#s06
[42] http://www.zdnet.com/pcweek/news/0622/26mterr.html


Quick bits

A little twisty maze of items, all different

bul Journal of Internet Banking and Commerce

JIBC [43] is a free quarterly publication delivered by Web or email. Beginning in June 1998 JIBC will carry recent TBTF excerpts in its "Best of..." feature. The current issue [44] spotlights an article [45] by longtime TBTF subscriber Samuel Cadogan on the genesis and effects of the French ban on all domestic uses of unescrowed strong crypto:

The consequences of [France's] virtual ban on encryption are above all economic... it prevents the creation of a truly secure and interoperable pan-European Internet infrastructure.
[43] http://www.arraydev.com/commerce/jibc/
[44] http://www.ARRAYdev.com/commerce/jibc/current.htm
[45] http://www.ARRAYdev.com/commerce/jibc/9806-19.htm

bul MIT to clone Media Lab in Dublin

MIT plans to spend $250M to recreate its successful Cambridge experiment, the Media Lab, on foreign soil [46]. Over 10 years the campus is expected to grow to 40 academic and research staff, 160 graduate students, and 160 undergraduates -- about the same scale as the Cambridge lab. Current Media Lab staff will be encouraged to spend significant time in Dublin over the next 5 years. Thanks to Rob Harley for noting this story.

[46] http://www.sunday-times.co.uk/news/pages/...

bul Physics: the rules

In this elegant site [47] Erik Max Francis lays down the laws of physics. Also the rules, principles, effects, paradoxes, limits, constants, experiments, and thought-experiments, along with a few conjectures and a wild surmise or two; all organized, alphabetized, and thoroughly cross-referenced. Ever wonder who Schroedinger's Cat [48] was, or Maxwell's Demon [49]? Everything I looked for on the site I found on the first try.

[47] http://www.alcyone.com/max/physics/laws/index.html
[48] http://www.alcyone.com/max/physics/laws/s.html#Schroedinger's_cat
[49] http://www.alcyone.com/max/physics/laws/m.html#Maxwell's_demon


bul For a complete list of TBTF's (mostly email) sources, see http://www.tbtf.com/sources.html.

TBTF home and archive at http://www.tbtf.com/ . To subscribe send
the message "subscribe" to tbtf-request@world.std.com. TBTF is
Copyright 1994-1998 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com-
mercial use prohibited. For non-commercial purposes please forward,
post, and link as you see fit.
Keith Dawson    dawson dot tbtf at gmail dot com
Layer of ash separates morning and evening milk.



Copyright © 1994-2017 by Keith Dawson. Commercial use prohibited. May be excerpted, mailed, posted, or linked for non-commercial purposes.