TBTF for 8/24/98: Bad moon

Keith Dawson (dawson@world.std.com)
Mon, 24 Aug 1998 17:31:13 -0500


-----BEGIN PGP SIGNED MESSAGE-----

TBTF for 8/24/98: Bad moon

T a s t y B i t s f r o m t h e T e c h n o l o g y F r o n t

Timely news of the bellwethers in computer and communications
technology that will affect electronic commerce -- since 1994

Your Host: Keith Dawson

This issue: < http://www.tbtf.com/archive/08-24-98.html >
________________________________________________________________________

C o n t e n t s

A cautionary tale of Back Orifice
Group bids to hijack Linux
Send out the clowns
Microsoft's Java defense at odds with DoJ statements
President declares national emergency
Sauce for the gander
Followup: HERF guns are troll bait
Indian telecomms market finally opening
Buzzwords and time
Pecking cookies to death
Bad moon on the rise
________________________________________________________________________

..A cautionary tale of Back Orifice

Trojan horses: beware of geeks bearing gifts

After Chris Double <chris @nd.co.nz> read in TBTF for 8/10/98 [1]
about Back Orifice, the Cult of the Dead Cow's Trojan horse in-
trusion program, he stayed alert for signs of infection. Soon he
noticed postings on the newsgroup alt.games.creatures about a
utility purporting to extend the Creatures game -- but users who
downloaded and ran it reported that it didn't do anything. In fact,
what it did was to rip a gaping Back Orifice into their Net-con-
nected Windows 95 machines. Read Chris's war story [2] for a glimpse
into what life is going to be like for system administrators every-
where, starting now.

[1] http://www.tbtf.com/archive/08-10-98.html#s01
[2] http://www.tbtf.com/resource/warstory.html
________________

..Group bids to hijack Linux

Who are these guys?

A group calling itself the Linux Standards Association has set up
shop to cash in on the Linux phenomenon [3]. At first it appeared
that no-one known to the Linux community was involved in the effort,
but it developed that one Michael McLagna is behind it. McLagna's
history and reputation in the Linux community is mixed, to put it
charitably -,see this page [4], put together by Piotr F. Mitros,
for some particulars.

To become a voting member of LSA you have to pay cash -- not exactly
in keeping with Open Source common practice -- and the group's Web
site [5] does not reveal how much. LSA's charter awards to its two
founding members veto power over anything relating to the term
"Standard Linux," which LSA has trademarked.

Community comment on Slashdot [6] is dismissive and/or derisive,
and rightly so.

Lawyers for Linux International have sent LSA a cease-and-desist
letter [7] over the use of the Linux trademark, because of LSA's
stated intention of to charge a fee for branding distributions as
Linux Standard Compliant.

We're going to see more of this as Linux continues to build mo-
mentum and to garner publicity. (Linus Torvalds was recently pho-
tographed for a Forbes Magazine cover.) Let's agree to ignore the
LSA and perhaps they'll sink into the obscurity they so richly
deserve while the actual Linux community continues to go about the
business of building great software.

Thanks to Doug Morris <doug@mhost.com> for details and links.

[3] http://www.news.com/News/Item/Textonly/0,25,25453,00.html?tbtf
[4] http://badragaz.ai.mit.edu/lsa/
[5] http://www.linuxstandards.org/
[6] http://slashdot.org/articles/980818/1247245.shtml
[7] http://www.linux-howto.com/linux.trademark
________________

..Send out the clowns

No circus atmosphere for Microsoft-DoJ depositions

A federal appeals court has issued a stay of Judge Jackson's order
opening the hearings [8]. The court ordered that the depositions
proceed in private, and will schedule hearings on the matter (which
will be moot by the time it is heard).

[8]
http://www.thestandard.net/articles/article_print/0,1454,1444,00.html
________________

..Microsoft's Java defense at odds with DoJ statements

Can't have it both ways

In a sworn statement [9] dated September 4 1998, for an upcoming
hearing in the lawsuit between Sun and Microsoft over Java licen-
sing, Robert Muglia, Microsoft's Senior Vice President of the Ap-
plications and Tools Group, states:

> 2. During the summer and fall of 1995, the Internet was grow-
> ing in importance. Microsoft, which had been focusing on
> the launch and success of Windows 95, had not yet developed
> a comprehensive Internet Strategy. We heard from our custo-
> mers that they wanted Microsoft to support new Internet
> technologies including HTML and Java.

> 3. Microsoft announced its Internet strategy on December 7, 1995.
> At that event, Microsoft outlined an approach where it would
> embrace existing Internet standards and work with the industry
> to drive innovation forward."

This, like the MSNBC timeline reported previously [10], appears to
contradict Microsoft's assertion in the Department of Justice anti-
trust suit that they had intended to integrate browser and OS as
early as 1993.

This item in its entirety was sent to me by Matthew Brookes <matt@-
broadcom.ie>. Matt, I hereby create you the first of the TBTF Ir-
regulars. Arise, go forth, and seek out Tasty Bits from the far-
thest corners of the Net! Will we ever be as big as Dogbert's New
Ruling Class [11] (wonders the Minister for Gratuitously Hyphenating
Monospaced Ascii Text Messages)?

[9] http://www.microsoft.com/presspass/java/8-13bob.htm
[10] http://www.msnbc.com/news/118315.asp
[11] http://www.unitedmedia.com/comics/dilbert/dnrc/
________________

..President declares national emergency

Exporting strong crypto still deemed a clear and present danger

Got your attention with that one, eh? In fact he merely continued in
force a national emergency declared in 1994 [12]. Had he not done so
the 1979 authority under which US exports of cryptographic code are
regulated would have expired. The executive order [13] cites an

> unusual and extraordinary threat to the national security,
> foreign policy, and economy of the United States.

Judging by the estimated $30B in revenue that US firms will lose as
a direct result of these same export regulations, it seems clear that
this executive order itself is the "unusual and extraordinary threat"
to the economy.

[12]
http://www.pub.whitehouse.gov/uri-res/I2R?urn:pdi://oma.eop.gov.us/1994/11/1
4/5.text.1
[13]
http://www.pub.whitehouse.gov/uri-res/I2R?urn:pdi://oma.eop.gov.us/1998/8/14
/3.text.1
________________

..Sauce for the gander

Who deserves communications privacy?

When President Clinton testified before a grand jury last week, his
words and image were well encrypted as they travelled the few blocks
from the White House to the federal court building. The scrambling
setup was handled by the military-run White House communications
team. Mercury News columnist Dan Gilmore draws the obvious parallel
[14]:

> The need to scramble the signal so it was unbreakable was so
> obvious that everyone took it for granted. Yet this is the
> same government that places a much lower value on everyday
> citizens' information.

On the Cryptography list Ron Rivest (the "R" of RSA) wondered, in-
nocently: if there were a legal requirement for key recovery for all
encrypted communications, who would act as trusted third party for
that particular communication?

[14] http://www.mercurycenter.com/columnists/gillmor/docs/dg081898.htm
________________

..Followup: HERF guns are troll bait

Whew, glad I didn't fall for that one

Benjamin Bennett <bbennett@kenan.com> wrote to point out that the
1996 Forbes article [15] cited in TBTF for 8/10/98 [16] has been
thoroughly debunked [17], [18]. It turns out the three hackers and
a security consultant were having a little game of "mock the jour-
nalist" -- you can't build a directed-energy radio-frequency can-
non for $300. Although, as Greg Roelofs <roelofs@prpa.philips.com>
pointed out in an emailed BOTEC, the energetics more or less work
out.

[15] http://www.tbtf.com/archive/08-10-98.html#s07
[16] http://www.forbes.com/asap/6396/hack.htm
[17] http://sun.soci.niu.edu/~crypt/other/kooks.htm
[18] http://cgi.pathfinder.com/netly/article/0,2334,12321,00.html
________________

..Indian telecomms market finally opening

At long last the monopolist supplier braces for competition

I wrote in TBTF for 11/10/97 [19] about the imminent deregulation of
the Indian market for communications services -- reckoning without
the incumbent monopolist, VSNL, which has fought as tenaciously as
any US Baby Bell ever did to preserve its traditional freedom from
competition. Last month the Delhi High Court spoke and now India's
Department of Telecommunications is finally preparing to license
private ISPs [20]. Around 120,000 Indians are online now, up from
40,000 last November, and VSNL thinks that's a pretty decent rate
of growth. Wait till 1,000 local ISPs, as well as BT, MCI, Compu-
serve, and Sprint, are nipping at its fiber.

[19] http://www.tbtf.com/archive/11-10-97.html#s08
[20] http://www.techweb.com/wire/story/TWB19980818S0002?ls=twb_text
________________

..Buzzwords and time

But what's the half-life of sites like this?

TechNet has a nifty summary [21] of the half-life of the buzzwords
that sweep over the Net media in ever-shortening waves: Community
begets Push yields to Portal, which may be elbowed aside by Post-
Content Transactive Agents.

[21]
http://www.techweb.com/internet/news/features/1998/08/buzzwords.html
________________

..Pecking cookies to death

Can a little Perl script spell the End of User Tracking As We
Know It?

In response to the recent TBTF article Tracking users by the tens
of millions [22], John Carter <ece@dwaf-hri.pwv.gov.za> sent this
little Perl of a script [23] for Linux users troubled by cookies.
Carter writes:

"If builders built like programmers wrote, then the first wood-
pecker to come along would destroy all civilization." I forget
who wrote that, but here is my cookiepecker [6]. It gently
scrambles your cookie file, and then you can listen for the
distant sound of crashing web servers. Works on netscape on
linux using perl 5.

[22] http://www.tbtf.com/archive/08-17-98.html#s03
[23] http://www.tbtf.com/resource/cookiepecker.pl
________________

..Bad moon on the rise

Project Znamya (Banner) will put a second moon in the sky

A Russian-led consortium [24] plans to deploy a space mirror later
this year in a proof-of-concept for technology to banish night
from the frozen Siberian Arctic. On November 9 people across the
northern hemisphere will see a space mirror 5 to 10 times brighter
than the full moon tracking across their night skies. Cosmonauts
aboard Mir will be able to point the reflected light by remote
control at cities of their choosing. Here are maps of Mir-Znamya
passes over

- London and Frankfurt [25]
- Vancouver and Seattle [26]
- Calgary, Winnipeg, and upper Michigan [27]

Not everyone is wild about the prospect of huge orbiting mirrors
brightening night on Earth [28]; among the most vocal opponents
are astronomers and environmentalists. Thanks to Keith Bostic
<nev@bostic.com> for the forward, and the title.

[24] http://www.energialtd.com/znamya.htm
[25] http://www.energialtd.com/znam3.htm
[26] http://www.energialtd.com/znam8.htm
[27] http://www.energialtd.com/znam7.htm
[28] http://www.toysatellite.com.au/news/altnews/201/02.html
________________________________________________________________________

N o t e s

> This week's TBTF title comes from a song by 3 Dog Night, frequently
misheard as "There's a Bathroom on the Right." See the Archive of
Misheard Lyrics [29] for thousands more.

[29] http://www.kissthisguy.com/

> A BOTEC is a back-of-the-envelope calculation.
________________________________________________________________________

S o u r c e s

> For a complete list of TBTF's (mostly email) sources, see
http://www.tbtf.com/sources.html .
________________________________________________________________________

TBTF home and archive at http://www.tbtf.com/ . To subscribe send
the message "subscribe" to tbtf-request@world.std.com. TBTF is
Copyright 1994-1998 by Keith Dawson, <dawson@world.std.com>. Com-
mercial use prohibited. For non-commercial purposes please forward,
post, and link as you see fit.
_______________________________________________
Keith Dawson dawson@world.std.com
Layer of ash separates morning and evening milk.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5

iQCVAwUBNeHowWAMawgf2iXRAQGDWgQA14D360Bmpoz60huhrI3ci62nGfqUlxaq
xTm4wQcBzLHhkDJK+yG2hendtdsOcx4lqb1Qm4tZzl+TWo/lDlFC1y5lyEuz90Y9
eNpk2GpcjlpalABkjyBoJ0bz3j8pTNiWrnm91yMk0SjhNOhgGa3z3J9mrrAjvZSG
72GMPRrOpEs=
=PmLB
-----END PGP SIGNATURE-----