TBTF for 1997-09-22: Allez Java
Keith Dawson (dawson dot tbtf at gmail dot com)
Tue, 23 Sep 1997 22:12:37 -0400
Cryptography export policy
See also TBTF for
Fallout from the House crypto debacle
are that the Commerce Committee of the US House of
Representatives is likely to vote in favor of unprecedented
restrictions on Americans' right to be left alone. The so-called Oxley
to the SAFE bill, which started out attempting to
ease encryption export rules, would require Internet technology to
enable immediate access to plaintext
for any Net message, without
to the sender.
This ZDNet coverage
gives an introduction of some of the
technical objections raised last week to the Oxley amendment. Here are
some more recent ones.
- Voices from England
 and Europe
 refuted this
approach to encryption. An article in Communications Week
claims that the European Commission will refuse
to endorse key recovery in a report to be issued on 1997-10-01.
- 28 law professors detailed
 why the proposed law would be
- 65 companies and organizations signed a letter
 to the House
Commerce Committee opposing Oxley or any similar legislation.
The Congressional Budget Office issued an analysis
 of the
costs of a key-recovery infrastructure; the top estimate was $2
billion per year. CBO requested expert input into its estimates
(thanks to Rodney Thayer <rodney at sabletech dot com> for the first
word on this). Here is some of what the CBO got.
- Donale Eastlake and others estimated upwards of several
hundred billion dollars
- William Allen Simpson estimated that Oxley would slow all data
transmission on the Internet by 3 to 8 times, and in addition
would require the construction of a secure infrastructure as
large again as today's Internet for the transmission and
storage of users' keys.
- Perry Metzger noted: "The cost to industry of implementing
[Oxley] and... to the government of running it is only the tip
of the iceberg. The cost to the economy [of] criminal activity
that cryptography would normally stop cannot possibly be
- The last word goes to cryptographer Bruce Schneier: "Law
enforcement needs to deal with technology. So, no more wiretaps.
Big deal. [FBI Director] Freeh needs to deal with that fact."
Email spam and antispam tactics
See also TBTF for
AGIS Internet jettisons the spammers
Apex Global Internet Services Inc. had tried unilaterally to work
a truce in the spam wars -- it hosted spammers, including the most
notorious of them all, Sanford Wallace's Cyber Promotions, while
sponsoring a trade association of "responsible" spammers: the
Internet E-Mail Marketing Council. Last Wednewday the ISP kicked
them all out 
It shut down the accounts of three spam
companies and ejected the IEMMC representstive from his office on
the AGIS site. The reasons for the ouster are not clear but may
involve protacted ping-flood attacks directed against CyberPromo.
(Wallace claims that AGIS stopped blocking ping floods a week
before.) This handy page
Randy Benn keeps up-to-date with news accounts from the spam wars.
For the first time since the launch of HotBot, a new player in the
search-engine game bids to index the entire Web. Northern Light
a startup in Cambridge, MA, introduces a new technique -- folders
generated on the fly -- to organize and present search results. The
company offers searches of off-Web content such as journals,
magazines, how-to guides, and reference works. Searching the "Special
Collections" is free for now but the company will soon start charging;
Web searches will remain free. Wired gives a good summary
of Northern Light's story.
The ascent of XML
The Autumn 1997 number of the World Wide Web Journal
a special issue on XML. One of its articles is available on the Web
now in pre-copyright form
. If you don't know about XML, an
evolutionary development from the tradition of SGML and HTML, you
probably should; you'll find a graceful introduction in "The Evolution
of Web Documents: The Ascent of XML," by Dan Connolly, Rohit Khare,
and Adam Rifkin
Utility reveals Win 95 passwords
PC Week notes
the appearance of a new utility that can reveal
passwords stored in the Windows 95 password list on a local machine.
The tool is called Revelation
and it's a free download from
SnadBoy Software. The utility does not rely on decryption; it simply
grabs and displays data from a Windows 95 software buffer. SnadBoy
positions Revelation as a convenience tool for those who have
forgotten a password that they asked Windows 95 to remember for them.
Its potential for abuse is scary, but fortuately Revelation can't be
used over a network; it must be run from the keyboard attached to a
Note added 1997-09-24:
A reader points out that this download is 1.23 MB, not 15 KB as stated
in the email edition.
Businesses based on domain names
See also TBTF for
Profiting from typos
Data Art Corp. 
a New York Internet consulting company, has hit
on the idea of registering domain names that are slight misspellings
of well-known company or site names. Examples are:
Data Art registered at least 256 such names in the first week in
August. Perhaps they intend to sell the names to people who want to
benefit from "accidental" advertising; meanwhile Data Art is using
the names themselves to this end. Visit a plausible URL constructed
from any of the names and you get an advertisement and an invitation
to contact the company. (The HTML title of each such page is "typo.")
This inventive domain-name wangle was uncovered by Noah Friedman
<friedman at splode dot com> and forwarded by glen mccready
<glen at qnx dot com>.
Daniel Bernstein, the professor who recently won a narrow ruling
in his challenge
to US cryptography export restrictions,
acquired a new email address courtesy of the Tonga registry
Robert Harley <Robert.Harley at inria dot fr> received a message from
Bernstein at his new address and gave public voice to the severe
case of email envy inspired by
Voting with their feet
At a recent Microsoft developers' conference in Paris the topic
turned to Java. Microsoft spokesmen began disparaging the
Sun-developed cross-platform language and talking up the Microsoft
alternatives. To the presenters' astonishment, the audience of 1200
developers disrupted the presentation with boos and calls of "Go
Java": Allez Java!
They began walking out of the room -- first in a trickle and
then in a flood. At the end only 50 remained in the audience. This
of the debacle, penned by an unnamed attendee (a Sun employee),
was forwarded by Keith Bostic .
Note added 1997-09-25:
It looks as if this account is exaggerated. At the request of a reader,
the IDG international news service spoke to developers who attended the
Paris conference and
came away with this summary of the affair: "A few people booed (the Sun
author being one of them) and a few people left." Thanks to
Mark Gibbs <mgibbs at gibbs dot com> for the correction. The IDG
article is now online a
TBTF home and archive at http://www.tbtf.com/ . To subscribe send
the message "subscribe" to firstname.lastname@example.org. TBTF is
Copyright 1994-1997 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Com-
mercial use prohibited. For non-commercial purposes please forward,
post, and link as you see fit.
Keith Dawson dawson dot tbtf at gmail dot com
Layer of ash separates morning and evening milk.
Copyright © 1994-2019 by
Commercial use prohibited. May be excerpted, mailed,
posted, or linked for non-commercial purposes.