TBTF for 1999-08-30: Aibo rampant

Keith Dawson (dawson@world.std.com)
Mon, 30 Aug 1999 19:50:47 -0400


-----BEGIN PGP SIGNED MESSAGE-----

TBTF for 1999-08-30: Aibo rampant

T a s t y B i t s f r o m t h e T e c h n o l o g y F r o n t

Timely news of the bellwethers in computer and communications
technology that will affect electronic commerce -- since 1994

Your Host: Keith Dawson

ISSN: 1524-9948

This issue: < http://tbtf.com/archive/1999-08-30.html >
________________________________________________________________________

B e n e f a c t o r s

TBTF is free. If you get value from this publication, please visit
the TBTF Benefactors page < http://tbtf.com/the-benefactors.html >
and consider contributing to its upkeep.
________________________________________________________________________

C o n t e n t s

Researchers factor RSA-155
Court goes against trademark holder in domain-name dispute
ICANN's Santiago meeting
US panel recommends relaxing crypto controls
Windows 2000 DDNS: control battle coming?
Windows Trojans collected
Netscape offers a compact encryption upgrade
Will software patents endanger open-source development?
Ancient software
Jargon Scout
The Luddite Reader
Aibo rampant on a field azure
________________________________________________________________________

..Researchers factor RSA-155

A "hard" 512-bit number falls after 8000 MIPS-years

Since 1991 RSA has sponsored a factoring challenge [1] to encourage
research into the factoring of large numbers. It is the difficulty
of the factoring problem that underlies RSA encryption. The numbers
on RSA's challenge lists are of two types: "random" numbers that may
be easy or hard to factor, and numbers of the type that RSA might
use in devising secure cryptosystems, which are considered hard
to factor.

On 22 August an international group announced [2] that they had
found the prime factors of the largest such "hard" number ever
cracked: RSA-155, a 155-digit (or 512-bit) number. The group was
led by Herman te Reile of CWI, a Dutch mathematics research insti-
tute. Te Reile also led the effort to factor RSA-140, the previous
record-holding "hard number," which had been cracked last February.

Here are RSA-155 and its two 78-digit prime factors, as reported by
the research group.

RSA-155 =
10941 73864 15705 27421 80970 73220 40357 61200 37329 45449
20599 09138 42131 47634 99842 88934 78471 79972 57891 26733
24976 25752 89978 18337 97076 53724 40271 46743 53159 33543
33897

Its prime factors are
102 63959 28297 41105 77205 41965 73991 67590 07165 67808
03806 68033 41933 52179 07113 07779
*
106 60348 83801 68454 82092 72203 60012 87867 92079 58575
98929 15222 70608 23719 30628 08643

Factoring RSA-155 required about 8000 MIPS-years and occupied, as
best I can figure [3], just under half a year in calendar time.
(This makes sense if the team turned to RSA-155 as soon as they
had cracked RSA-140 last February.) As of this writing the claim-
ants have not yet been placed on the RSA Honor Roll list. Send a
blank email to challenge-rsa-honor-roll@rsa.com to receive this
list.

By far the most time-consuming step in the factoring job was
sieving. It is this step that Shamir's TWINKLE [4] would greatly
speed up.

[1] http://www.usatoday.com/life/cyber/tech/ctf974.htm
[2] http://www.rsa.com/rsalabs/html/factoring.html
[3] http://www.interesting-people.org/199908/0070.html
[4] http://tbtf.com/archive/1999-05-08.html#s02
____________

..Court goes against trademark holder in domain-name dispute

A glimmer of light for the little guy

For the first time a federal appeals court has ruled [5] that cor-
porations can't always prevent others from registering domain names
that happen to coincide with their brand names. This ruling marks a
redress that many feel is overdue. Too bad the case in question is
so cloudy. I noted the affair of FreeView Listings vs. Avery Den-
nison in the article "Squammers" [6] last February. The lower court
called FreeView's founder a domain squatter. This is not the clear-
cut case I would wish to see of a large corporation harassing an
individual who has a legitimate reason to use a domain name.

The appeals court's ruling turned on the breadth of recognition for
Avery Dennison's trademark. It prompted one of the lawyers involved
to muse, ad absurdam, that if this ruling holds then only Coca-Cola
and McDonalds might enjoy trademark protection on the Web.

Thanks to Kenneth Adelman <adelman at adelman dot com> for pointing
out this story.

[5] http://www.sjmercury.com/premium/business/docs/trademarks24.htm
[6] http://www.tbtf.com/archive/1999-02-10.html#s02
____________

..ICANN's Santiago meeting

Doing business in the public eye, in relative harmony

Much of the acrimony of the previous Berlin meeting [7] seemed to be
absent at Santiago. ICANN held its decision-making meeting in full
public view (for that fraction of the public that had managed to tra-
vel to Chile, anyway); only some advisory committee meetings were
closed. ICANN's interim chair, Esther Dyson, participated in an on-
line chat session from one of those closed meetings. Its transcript
[8] provides a welcome human sidelight, typos and all, to the august
proceedings.

This ICANN page [9] provides a bare listing of all of the resolu-
tions acted upon at Santiago. Today's NY Times coverage [10] (free
registration and cookies required) stresses the persistent complaint
that ICANN's process to date has taken most of its input from large
commercial organizations and governments, to the exclusion of not-
for-profit entities and individual Netizens.

At Santiago ICANN initiated the process of gathering a broad-based,
representative membership of at least 5,000 individuals, which will
elect half of ICANN's board members next year.

ICANN's other significant action was to approve draft rules to limit
cyber-squatting. In conciliation to individual domain-name owners,
ICANN directed a sub-panel to add new language protecting individuals
and others from losing legitimately registered domain names to large
companies.

[7] http://tbtf.com/archive/1999-06-14.html#s04
[8] http://chat.abcnews.go.com/chat/chat.dll?Chat?room=e_dyson
[9] http://www.icann.org/santiago/santiago-resolutions.htm
[10] http://www.nytimes.com/library/tech/99/08/biztech/articles/30ican.html
____________

..US panel recommends relaxing crypto controls

Don't hold your breath

Each time the Clinton administration asks a panel of experts to go
off and ponder directions for cryptography export policy, they
tend to come back with a recommendation to relax the rules. This
time it was the President's Export Council Subcommittee on Encryp-
tion advising that the administration back off restrictions of hard-
ware and software exports to friendly countries [11]. The panel's
report, called Liberalization 2000 [12], also recommends that indus-
tries building critical infrastructure, such as power, water, and
telecomms, be allowed free use of unbreakable encryption. Given the
recent evidence of administration sentiment -- the FIDNET [13] and
CESA [14] proposals -- I wouldn't count on seeing even these modest
and sensible recommendations implemented.

[11] http://www.wired.com/news/print_version/politics/story/21471.html?wnpg=all
[12] http://www.cs.georgetown.edu/~denning/crypto/lib2000.html
[13] http://tbtf.com/archive/1999-08-16.html#s05
[14] http://tbtf.com/archive/1999-08-23.html#s01
____________

..Windows 2000 DDNS: control battle coming?

Slashdot is the Mystery Science Theater 3000 of the Web

This ZDnet story [15], commented upon at Slashdot [16], warns of up-
coming strife and turf battles in corporate IT departments as Win-
dows 2000 is introduced. The reason is that W2K supports Dynamic DNS
(DDNS) for name resolution in its Active Directory service, not the
static DNS offered by many Unix systems. The ZDnet coverage errs by
implying that DDNS is not even implemented, let alone in service, on
Unix systems -- in fact many Unices, including Linux, support stable
and tested DDNS implementations. ZDnet's prophesied battle looms be-
cause once W2K systems are added to the mix in IT shops, then W2K
will demand to be the root of the naming service, displacing Unix.
The ZDnet reporter talked to sources at a large aerospace shop --
unnamed, but fingered in the Slashdot discussion as Boeing -- at
which Unix and Windows administration functions are performed by
separate groups. One Slashdot poster points out that in a rational-
ly run organization, with jobs defined by function and not by oper-
ating system, no conflict would occur. As a final coda to the ZDnet
story, a poster opines that any article covering Windows 2000 and
featuring a link at the bottom for "Windows 2000 prices," as this
one does, isn't journalism -- it's an infomercial.

[15] http://www.zdnet.com/pcweek/stories/news/0,4153,1016137,00.html
[16] http://slashdot.org/article.pl?sid=99/08/28/1336258
____________

..Windows Trojans collected

How can I crack thee? Let me count the ways

Richard Smith, prolific spotter and exposer of security holes, has
posted a simple page [17] listing many of the recently discovered
ways that bad guys can do you in using ActiveX controls and Outlook
on your Win98 system. Last week Smith demonstrated the problems at
the 8th Usenix Security Conference [18]. Microsoft has developed
fixes for most of the holes and rolled them forward into Windows
2000 development, but there are millions of vulnerable systems on
desktops worldwide. Most of their owners will never download and
apply the security fixes.

[17] http://www.tiac.net/users/smiths/acctroj/index.htm
[18] http://www.wired.com/news/print_version/business/story/21442.html?wnpg=all
____________

..Netscape offers a compact encryption upgrade

Little, but late

A 36K download will allow US users of Netscape's international
(crippled) encryption to upgrade their browsers for 128-bit secur-
ity [19]. This is a fine idea and long overdue -- previously, effect-
ing this security upgrade from Netscape required a 12-MB download.
But Netscape has made the tiny upgrade available only through their
SmartUpdate package as far as I can see -- you can't download the
upgrade as a standalone file. Before visiting this page [20] you must
enable Java, cookies, and SmartUpdate. I was unwilling to try this
as I already have 128-bit encryption in Communicator 4.6 and don't
trust SmartUpgrade not to mess things up. But that's just me; go
ahead and try it. You'll need to attest to US citizenship or perma-
nent residency. Anyone who does the upgrade, please write to me
about the experience.

Alan Braggins <armb at ncipher dot com> wrote to remind me that a
year and a half ago TBTF covered [21] Fortify [22], an international-
ly available alternative for upgrading international Netscape for
strong crypto.

[19] http://www.internetnews.com/prod-news/article/0,1087,9_189471,00.html
[20] http://cgi.netscape.com/cgi-bin/su/intro.cgi
[21] http://www.tbtf.com/archive/1998-03-02.html.html#s03
[22] http://www.fortify.net/
____________

..Will software patents endanger open-source development?

Dubious software and Net patents are getting more ink

The accelerating rate at which the US patent office has been
granting patents for software algorithms and, lately, business
methods has recently caught the attention of the mainstream press.
(TBTF readers have been hearing about this issue for four years.)
This CNN coverage [23] plows the now-familiar ground neatly. This
report in the Linux Journal [24] stresses the danger such a carpet-
bombing of dubious patents could cause for open source development
projects. The Linux Journal article also features an excellent set
of links for further reading on the subject. See especially this
report [25] by longtime PTO critic Greg Aharonian of software pat-
ents issued in 1998, and historically.

[23] http://www.cnn.com/TECH/computing/9908/24/patents.idg/index.html
[24] http://linuxjournal.com:8080/articles/currents/003.html
[25] http://www.flora.org/flora.comnet-www/1334
____________

..Ancient software

Xanadu emerges from its stately pleasure dome

In July 1999, software pioneer Dan Bricklin released [26] a 1981
version of VisiCalc, the seminal spreadsheet he co-invented, for
free download from the Web. (It's 27K!) Bricklin's action initiated
an ongoing parade of releases of classic software by the luminaries
of the early history of software development. I've posted a summary
[27] of these releases with URLs where you can pick up these software
artifacts. The latest classic to become publicly available is Xanadu
[28], Ted Nelson's near-mythic attempt to create a globe-spanning
system of hypertexts. The Xanadu code, which had never been seen
before outside the circle of its developers, has now been released
in an open-source format. But the Xanadu release seems to be consid-
erably rougher than the open source state-of-the-art: one early
downloader, Lindsay Marshall, commented succinctly in his Web log
[29]: "Nothing works, no documentation."

[26] http://www.bricklin.com/history/vcexecutable.htm
[27] http;//tbtf.com/resource/antique-sw.html
[28] http://www.udanax.com/
[29] http://catless.ncl.ac.uk/Lindsay/weblog/latest.html
____________

..Jargon Scout

Want to be hipper-than-thou? Blog a vortal

Jargon Scout [30] is an irregular TBTF feature that aims to give you
advance warning -- preferably before Wired Magazine picks it up --
of jargon that is just about ready to hatch into the Net's language.
Our latest offerings:

Blog: 1.) n. A Web log. 2.) vi. To run a Web log.

First spotted on the Eatonweb [31] blog, er, Web log on 1999-08-25,
though Eatonweb's proprietor Brigitte says the coinage is due to
our very own TBTF Irregular Peter Merholz <peterme at peterme dot
com> [32]. Seems he decided one fine day that "Web log" ought to be
pronounced "wee-blog." Here is Peterme's recollection of the coin-
age:

> My "wee-blog" announcement has been on my page for a while. I
> don't know when I coined it, but this attribution [33] dates
> it to before May 23, 1999. It got contracted to "blog" after
> that in email to and from friends.

The verb to blog seems to me to be intransitive. That is, Brigitte
doesn't blog eatonweb, she simply blogs. A Web tool has arisen to
aid in the endeavors of wannabe bloggers; it is, of course, blog-
ger.com [34].

Vortal: n. A vertical portal.

"Portals" have been the biggest rage since "push" (remember push?),
starting in the consumer space as Yahoo broadened its search en-
gine into an Internet destination and gateway, and everybody from
MSN to the Grace L. Ferguson Airline (And Storm Door Company) de-
clared that they were a portal, too. Except, as usual on the Net,
no-one could figure out how to make money from them. Vertical por-
tals emerged early this year as destination sites for specialized
communities -- e.g., buyers of scientific supplies -- spread out
to include other content of interest to their target audiences.
Vortals make sense: it's not hard to explain how they help the
bottom line. Then there are intranet enterprise portals, but we
won't go there.

I first saw the term "vortal" in this Technology Post story [35].

[30] http;//tbtf.com/jargon-scout.html
[31] http://www.eatonweb.com/weblog/index.shtml
[32] http://www.peterme.com/
[33] http://www.bradlands.com/archive/arc_050199.html
[34] http://www.blogger.com/
[35] http://www.technologypost.com/internet/DAILY/19990825111011150.asp?Section=Main
____________

..The Luddite Reader

Where the well-read technophobe surfs

This site [36] features reviews of books, movies, and music appealing
to technology's rejectors. Any competent marketer must ask: what
were they thinking in choosing the Web as a medium to reach this par-
ticular niche? The site is not without humor. Its visitor counter is
stuck on 404 and links to the 404 Research Lab [37]. TLR is a produc-
tion of Fairhill & Company, an "information technology and historic
preservation consulting firm" [sic] located in Denver, CO. Thanks to
alert reader <jtmcc att uswest dot net> for the cite.

[36] http://www.ludditereader.com/
[37] http://www.plinko.net/404/area404.asp
____________

..Aibo rampant on a field azure

We don't need no steenkin' Three Laws

Aibo, the robot dog from Japan [38], is beginning to penetrate West-
ern cultural consciousness. Bonwit Teller seems to have bought it-
self one of the 2000 Aibos that were sold in the US (at $2250 re-
tail), or perhaps its ad agency did. A TBTF Irregular and self-
described boutique guerrilla spotted Aibo in Bonwit ads for high-
end women's clothing, by three different designers, in three dif-
ferent fashion magazines. In one the model holds the robot dog on
one arm; in another the robot romps at her feet.

Here is a review [39] by John Wharton <jwharton at netcom dot com>,
an early Aibo adopter [sic]. It was carried on Dave Farber's inter-
esting People list. Wharton is struck by (what he takes to be) Jap-
anese attitudes toward pets showing through in the product and its
documentation; he finds the cultural contrast jarring.

Last word [40] on Aibo goes to James "Kibo" Parry <kibo at world dot
std dot com>, who was a net.god before you were born. This posting
appeared last April on alt.religion.kibology (natch).

: >The gleaming metallic puppy-sized robot is named Aibo,

: AAAAA...AAAII...IIIIIEEE...EEEE!!!! [my elision: kd]

: > the Japanese word for partner. The first two letters of the
: > name also refer to "artificial intelligence."

: And the last three letters of the name refer to a lawsuit.

[38] http://www.world.sony.com/robot/top.html
[39] http://www.interesting-people.org/199908/0041.html
[40] http://x48.deja.com/getdoc.xp?AN=476927575.1&CONTEXT=935449038.1646198837&hitnum=0
________________________________________________________________________

N o t e s

> Yes, I read all about Amazon.com's Purchase Circles brouhaha, thanks.
Didn't think it was all that significant.

> The Grace L. Ferguson Airline (And Storm Door Company) was an early
invention of the comedian Bob Newhart [41]. His routine [42] is
prescient. Penned decades before US airline deregulation, it per-
fectly captures the mean-spiritedness and the sheer terror of budget
air travel. Captain: "Have any of you passengers ever been to Hawaii
before? You have, sir? It's kind of... kidney-shaped, isn't it?"

[41] http://www.amazon.com/exec/obidos/ts/music-glance/B0000062TF/tbtf/
[42] http://www.amazon.com/exec/obidos/eras/B0000062TF001002/tbtf/
________________________________________________________________________

S o u r c e s

> For a complete list of TBTF's email and Web sources, see
http://tbtf.com/sources.html .
________________________________________________________________________

TBTF home and archive at http://tbtf.com/ . To (un)subscribe send
the message "(un)subscribe" to tbtf-request@tbtf.com. TBTF is Copy-
right 1994-1999 by Keith Dawson, <dawson@world.std.com>. Commercial
use prohibited. For non-commercial purposes please forward, post,
and link as you see fit.
_______________________________________________
Keith Dawson dawson@world.std.com
Layer of ash separates morning and evening milk.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5

iQCVAwUBN8sYpmAMawgf2iXRAQHUSQP/Wrgyo1wA7Enook0h+IwmeLzBn2qBvQLG
xz/Gdz8FVfDVNrCOulW3BTQf8rXKxL44bGMmaG7mlr+23Nkcf5x+9PpkUi5P7erm
aGeeB4ZUn/wLIm2GKXteRpmNkeC59ei4cMbI+PuOLdrF+6l1N/MSGT2qfJC919wW
jI9dgwrq/LY=
=ZcQg
-----END PGP SIGNATURE-----