Mail 103 May 29 - June 4, 2000

CHAOS MANOR MAIL

A SELECTION

CLICK ON THE BLIMP TO SEND MAIL TO ME

The current page will always have the name currentmail.html and may be bookmarked. For previous weeks, go to the MAIL HOME PAGE.

FOR THE CURRENT VIEW PAGE CLICK HERE

If you are not paying for this place, click here...

IF YOU SEND MAIL it may be published; if you want it private SAY SO AT THE TOP of the mail. I try to respect confidences, but there is only me, and this is Chaos Manor. If you want a mail address other than the one from which you sent the mail to appear, PUT THAT AT THE END OF THE LETTER as a signature.

I try to answer mail, but mostly I can't get to all of it. I read it all, although not always the instant it comes in. I do have books to write too... I am reminded of H. P. Lovecraft who slowly starved to death while answering fan mail.

Day-by-day...: Monday -- Tuesday -- Wednesday -- Thursday -- Friday -- Saturday -- Sunday

Search this site or the web powered by FreeFind

Site search Web search

If you want to PAY FOR THIS there are problems, but I keep the latest HERE. I'm trying. MY THANKS to all of you who sent money. Some of you went to a lot of trouble to send money from overseas. Thank you! There are also some new payment methods. I am preparing a special (electronic) mailing to all those who paid: there will be a couple of these. I am also toying with the notion of a subscriber section of the page. LET ME KNOW your thoughts.
.; CLICK HERE for a Special Request.; If this seems a lot about paying think of it as the Subscription Drive Nag. You'll see more.
FOR THE CURRENT VIEW PAGE CLICK HERE

Highlights this week:

The Search System: Is It A Worm?
- What it is not
- What it does
Boot from a Zip
Sharing DSL on Windows 98?
- Use LinkSys router
- Using Windows Share
Faraday and cold fusion
Tiresias Font
- Maybe for web PC?
Some reflections on politics from Hairy Red
Fehrenbach and Israeli nukes
The ungluing of No Gun Ri
Identifying your motherboard

Search this site or the web powered by FreeFind

Site search Web search

LAST WEEK

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

TOP

Monday May 29, 2000

MEMORIAL DAY

>> What is it about Internet companies that makes them think they are entitled to 10 minutes of >> my time every time I buy some item? Are they all insane or are only some of them?

They are collecting demographic information for resale. Part of the price you pay for shopping there is in the form of junk mail. You should do what I do.

Lie.

Paul J. Camp College of Computing Georgia Institute of Technology Atlanta, Georgia 30332 404-385-0159

The beauty of the universe consists not only of unity in variety but also of variety in unity.

--Umberto Eco, The Name of the Rose

This brings me to a problem with the search function. It being Memorial Day I can't get hold of the search people to get an answer. It appears it is putting some kind of marker in when you use it, and it isn't telling you that it's doing it. It began with this message from Roland Dobbins:

I was looking on your site to see if any of the digital pictures you'd taken of me in the past had made it onto the site itself (Abbey asked), and so when I searched for my name and started going through the results pages, I was prompted with each new page to download something called 'tracker.exe' to my computer.

I've sent it as an attachment; my advice to you is not to run it yourself, but to look at it with a hex editor and/or talk to Steve Gibson or someone similar about it.

My suspicion is that it's some sort of URL-tracker/counter your search engine people are using to supply demographic data to their advertisers; whatever it is, it's pernicious, and I thought you should know.

I asked Bob Thompson for comments and got:

I just did a freefind search for "dobbins" on your site. Here's the HTML in question:

<a href="http://www.commission-junction.com/track/track.dll?AID=439542&;PID=4453 00&;URL=http%3A%2F%2Fwww%2EImage%2DCatcher%2Enet%2Fworldprints%2Ehtml%3FCJ%2E com">Free Screen Savers</a><img src="http://www.commission-junction.com/banners/tracker.exe?AID=439542&;PID=4 45300&;banner=0.gif" height=1 width=1 border=0>

Note the size of the image, 1X1 pixels. This is a pretty common way of concealing nasties on a web page. I've never encountered this one, because I browse all but trusted web sites with everything disabled in IE.

Bob

I asked for clarification and got:

It's a hidden image that points to that tracker.exe program that Mr. Dobbins found.

My guess is that it's as benign as such things can be, which is to say it is an inexcusable violation of privacy (at least from my point of view), but not something intended to damage your computer.

I think you should send email to freefind.com in your guise as respected computer columnist and ask them what they have to say for themselves before you plaster this all over your column.

At this point I became a bit alarmed and asked both Bob and Roland for their best opinion on what was happening. I got:

These people are using a pointer to an invisible image on the search engine results returned from your site to download a file called tracker.exe to those who are doing the searching. It's 49 bytes in size; I suspect that it's an ActiveX shim used to report on the unfortunate searcher's Web reading habits. The company running the search engine probably send the Web use data back to their banner advertisers or to others who purchase it from them.

Alternately, the freesearch people's Web site has been hacked, and this file is a trojan of indeterminate purpose.

Either way, I suggest that a) you unlink from them immediately, b) find out from them just what this thing is, and c) make use of your bully pulpit to let your readership know about the situation, after you've obtained all the facts.

Roland

and

I'm just not qualified to comment authoritatively on this. When I got your message, I immediately did a search on your site and then examined the HTML source of the page that freefind.com returned. I found that snippet that I sent you, wherein freefind is displaying a invisible image (1 pixel) which is linked to the tracker.exe program on commission-junction.com. I checked www.commission-junction.com and was immediately redirected to www.cj.com, which makes me think that the former web site is used simply to deliver tracker.exe to people who browse freefind.com results pages, and then subsequently to receive tracking data from those whose web browsers have tracker.exe enabled. From looking at the main cj web site, it appears to be just another company like double-click that specializes in tracking people's web usage and reporting it in detail to those who implement it on their sites, and presumably also to those who advertise on the sites.

I know next to nothing about ActiveX, but I suspect Mr. Dobbins is correct that this file is an ActiveX control that is surreptitiously downloaded and installed in the users' browsers for the purpose of tracking their activities on the web. I do my general web browsing with everything disabled in IE, so I never see behavior like this, and would not have noticed it had Mr. Dobbins not pointed it out. My guess is that tracker.exe is the next step in the escalation of the war between those of us who value our privacy and those who are determined to violate it by tracking our activities on the web. Most clueful people now have persistent cookies disabled in their web browsers, which prevents companies like doubleclick from compiling composite profiles of their web wandering. I suspect that tracker.exe allows this company to track our web visits without using cookies.

But all of this is suspicion and supposition on my part. I can't say definitively what's going on. My guess is that one or more of your readers is up on this stuff. Perhaps you should throw it open on your web site and ask your readers what they know about it.

Bob

From Bob Thompson. Roland added:

I can't add anything to the estimable Mr. Thompson's comments, really. I'm not a Web/HTML/ActiveX expert, either.

He has the gist of it, though. Here's the chain of events:

1. Search jerrypournelle.com for something, anything, using IE.

2. When the first result page is returned, your browser is redirected to www.commission- junction.com, and your browser is told to download (and execute, if you don't have your security settings turned high) a file called tracker.exe.

3. Your browser is prompted to repeat the behavior outlined above for every new result page you browse.

This sort of thing happens all the time - it's the lack of any warning/disclaimer which really sets me off. You might want to check your Ts &; Cs for using their service to see if somewhere in there, you gave them permission to do this. Even so, they ought to ask =my= permission to do this, rather than simply trying to download stuff to my machine for their own purposes.

Roland

and that is where matters stand. Does anyone know more? Meanwhile I am making arrangements with atomz to pay for their search engine functions, and I'll be talking to the free find people tomorrow: but I'd like to know more before I talk to them.

Dear Jerry,

TRACKER.EXE is actually a program which is run on the www.commission-junction.com web server. It is surreptitiously activated using an [Unable to display image] tag in an HTML document, with the parameters set following the name of the file. When the web browser attempts to display that web page, it asks the server named "www" in the domain "commission-junction.com" to send the data stored at the location "banners/tracker.exe?AID=439542&;PID=4 45300&;banner=0.gif". What the web server does upon seeing this URL is execute the program stored at "banners/tracker.exe" and pass the parameters "AID=439542&;PID=4 45300&;banner=0.gif" to that program. The program apparently stores the AID and PID values somewhere and sends the file named "0.gif" to the user, which seems to be 49 bytes long. I am quite worried about this technique for capturing data, since it CANNOT be disabled except by turning off the display of all images. Turning off ActiveX and Java support is not enough, since all of the processing is done on the server.

And about ActiveX controls...

ActiveX controls are stored in files with the extensions ".ocx" and sometimes ".dll" and are rarely under 8KB in size. TRACKER.EXE is NOT an ActiveX control.

Robert Ransom

And we have this. So it is apparently safe enough to use, but they are less than candid about what they are doing. I will make arrangements to pay Atomz which returns more useful search results (in my opinion) because it gives context, and doesn't hit us with advertisements.

Dear Jerry,

In your mail page for Memorial Day you have a passage about something called tracker.exe.

The way it is referenced, as a 1 pixel image, allows it to remain invisible when not wanted, but the IMG tag requires the browser to access the SRC URL and attempt to display it (unless you have image loading disabled).

The URL form of the reference is as a CGI call where the parameters (AID, PID and banner) are passed to the program tracker.exe (located in the banners directory) to be run ON THE SERVER at www.commission-junction.com.

Its purpose is unclear to me but it may be that if a site agrees to advertising associated with the return of search results, this is where the banner ads are inserted into the page. It can certainly be used to report to the advertiser each impression from a particular site or of a banner placed. The 1 by 1 image size is probably calculated from the image size of the nominated file when the URL is calculated through the search engine.

The program is not run on your machine. It is not a trojan in the sense of being brought into your safe space under another guise with the ability to directly harm you. All that is sent to your browser is the output of the program, probably the contents of the file 0.gif (as set by the banner parameter).

They would probably be better advised to adjust their code to only return the banner link if there is an advertisement placed there, rather than upset users who do not wish to find strange calls to executable programs being made by their browsers. Alternatively the program which supplies the search results could handle the call before the page is returned and make a simple file reference to the image source file, logging the impression as the page is generated. This would not allow them to ignore those who do disable image loading, unless they counted the image hits directly from the server log, arguably a little harder to engineer.

I have enjoyed reading your columns since I started collecting BYTE long long ago. I remember checking back for an assignment and finding the launch ads for Turbo Pascal in an early issue. And it was your SF that made your name the thing that prompted me to pick up BYTE in the first place. Thanks for your work over the years, and thanks for keeping going with the website now. Keep up the good work with Niven as well.

Regards

Rod Watson

Thanks for the kind words, and the information. At least we know that the trackers aren't tracking us... Just because you're paranoid doesn't mean no one is out to get you...

Dear Jerry, As a programmer I can't think of any useful exe program, or com program for that matter, that could run in 49 bytes. Mr. Dobbins is probably correct about it being some sort of hook function. Glad I'm running linux, using Netscape and playing with Opera. It makes me immune to <i> this particular </i> type of attack. And, since the user that surfs the web has no priveledges outside of it's home directory, I am fairly safe from other attacks. Still, given that the Linux Users are a demographic that these people would probably love to track, I wonder what they are doing to track me. Alex probably remembers the Kinks song "Paranoia" and I'm beginning to understand it. Him too, I imagine.

Just got "Database Nation" from O'Reilly, looks interesting, and scary, and I'm going to start it on Tuesday. I'll try to send you a short report on it when I'm done with it. Shouldn't take long as I read fast and it's thinner than, say, "Burning City".

Hope you can get your water problem fixed without too much expense. Here in Cedar it's so dry we don't use the AC, just open the windows and let the wind work. A little dusty though.

Kit Case kitcase@netutah.com

TOP

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

TOP

Tuesday, May 30, 2000

Subject: why you can't make USB boot devices - requires Windows 95 rel 2 or later OS.

Hence is no market for a boot device that fits the USB cable. USB extensions are currently part of the OS (Windows 95 release 2 and later) - an issue with USB keyboards and mice in a clean boot or trouble shooting situation - so you would need the operating system to boot - hot swap kind of multiple plug and play as USB claims/offers is hard to implement with just a BIOS to recognize devices and install drivers. Further USB is currently a moving target as it speeds up to displace competition e.g. Firewire.

I suspect the increasing fuss over OEM systems shipping with a recovery disc rather than an operating system will lead to some real issues with boot devices as well - <sarcasm mode> a really portable boot device might be opposed by at least one popular OS vendor. </sarcasm mode>

Clark

Thanks. I thought I remembered Microsoft talking about USB boot devices at a WinHec a couple of years ago, but my memory is getting lousy...

One of the problems of this place is that it makes me lazy. I have an internal ZIP in one of my machines, and I could have gone over to experiment with it, but before I could do that:

Jerry, To make an internal ZIP bootable just right click, select the Iomega format icon and check the "make bootable" box and hit start..........!!

Be well, Gene O'Brian

Thanks!

Here's a question for your group that may help you out ... if you're fortunate to get DSL soon.

Hooking DSL to a peer to peer Win 98 SE network. The self help kit shows the wiring, but the signal will not go through the hub. DSL works great if connected to a single computer. GTE will NOT provide any support on this issue -- they don't care if I network, but I'm on my own. Netgear support simply says I need a proxy program.

Can anyone point me in the right direction?

Thanks!

Jim and Cheri Whitlock

In my case I use the Rebel Netwinder Linux box for all this so I never had to try to get Windows to share a connection. I'd worry about security, too. Who knows what needs to be done here?

And for something completely different

Dear Dr. Pournelle, Thought this would be of some interest. I've read Peat, Mallov, and two others circa 1990 on this and have something to add, I think...

here's the link: http://www.feedmag.com/feature/fr341_master.html

... and now, this...

Faraday also had some platinum/electrolysis problems.... In L. Pierce Williams' MICHAEL FARADAY, at the beginning of the second chapter, I think, he describes Faraday being brought a phenomena -- a reaction with "platina" being used as electrodes in an electrolysis experiment where the whole electrode apparatus would "heat to incandescence", then either explode, or melt, or boil off the electrolytic solution and catastrophicly end the experiment. Further experimentation by Faraday demonstrated that then as now, the electrodes would occasionally fail to perform, whether new electrodes from the refiners (Mathy Johnson,I believe he wrote) or electrodes in use which had previously been effective. He developed a technique to replenish the capacity of the electrodes to produce the effect: he would place them in sulfuric acid, and reverse the leads to the electrodes, observing that as the electrodes were "cleaned", the bubbles of gas evolved would, at first be quite large, then as the cleaning process became complete, the bubbles formed would be exceedingly fine, apparently covering the whole surface of the electrode uniformly, and upon removing the electrodes and rinsing them in distilled water, could be again used in the satisfactory performance of the experiment.

Much more in-depth published information on the Faraday Platinum/palladium sulfuric acid-as-electrolyte experiments are available relatively easily in Volume 45 of the Britannica "Great Books" series, and those researchers interested would be greatly benefited to peruse this source prior to even casual experimentation. It has amused me to consider what the reaction would have been had Flieshman/Pons called it "Anomalous Reactions in Catalyzed Deuterium Electrolysis. Edmund Storms, formerly a chemist with Los Alamos, has informed me that electrolysis, itself, is an isochoric reaction, i.e. the energy in is equal to the energy out. Therefore any deviation in that isochoric equation usually has a chemical basis, and the matter of proof then is to determine if there is chemical contamination or reaction which has adulterated the electrolysis experiment's results.

To my knowledge, no one, including, surprisingly, Faraday, has measured if there is a change in the magnetic field strength while these experiments are showing anomalous reactions....

The principle problem at the experiments initially performed at MIT, Texas A&;M, and elsewhere usually involved a lack of repeatable effects as Fleishman and Pons reported, and this was adduced to poor palladium/platinum electrodes, and as the above indicates, it is an old problem, which is, if Faraday's work can be given credence in this instance, "repairable". Incidentally, I think of Faraday whenever I see objections to experimental data and results produced by other than lettered practitioners in a particular field (Not applicable in this modern CF case.). These objections are usually greatest, or at least loudest from those who do have letters in those fields, and the objections usually are not concerned with the facts reported, but on the qualifications of the reporter....

Jim Noblins

TOP

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

TOP

Wednesday, May 31, 2000

Defragging and Restarts Revisited

A common problem with Windows 9x is that the supplied disk defrag programs will restart if it detects disk activity. I don't know if the third party programs are as susceptible -- I use Norton's and haven't had trouble -- but the workaround is obvious: don't let any other program run. I've seen many complicated and potentially dangerous (because error prone) ways to do that. The simplest (IMHO) was suggested in Windows Magazine (http://www.winmag.com/fixes/defrag.htm): put in a registry entry to cause the program to run as part of the boot sequence.

The following file will do that: ==============cut here====================== REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceE x] "Flags"=dword:00000003 "Title"="Defrag at Startup"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnceE x\Defrag] "Cmd"="||DEFRAG.EXE /ALL" ==============cut here======================

This file can be downloaded from the winmag page referenced above or just copied or typed into notepad. Save it with a name like "Defrag at Startup.reg" and put in someplace handy (like the start menu or desktop. To use just double click on the file and then reboot.

It's not difficult to modify the "Cmd" value to run other programs (like VOpt or Norton Speed Disk).

Another way is to run VOPT or Defrag in SAFE MODE. That seems to work fine too. But this is elegant, and thanks.

Incidentally, I ran Diskeeper 5 on an NT system and it REALLY needed it. More on that in the column: there were adventures, as usual...

This can stand for dozens:

I've successfully connected a Linksys DSL/Cable router to a Southwestern Bell DSL line (ethernet modem, not USB modem), and it seems to work fine so far.

It supports PPPoE (?), though that isn't needed in this case, and also provides firewall service. It makes it convenient for my to hook my laptop into it when I visit my parents.

Jerry,

I've just read that one of your readers is trying to share a DSL connection among several PCs. I have a singe user Cable Modem (pretty new here in the UK) and have just purchased a LinkSys BEFSR41 which is a 100megabit Ethernet Switch with integrated Cable/DSL router.

It works really well, the WAN port is upto 10megabit, and there are 4 internal ports, with a fifth to support cascading to another hub/switch. It has an internal DHCP server and performs Network Address Translation (NAT) in a similar way to the Internet Connection Sharing feature in 98SE/Win2K.

The website is at - http://www.linksys.com/

It seems to work well, so far!

Thanks for a most readable website!

cheers,

James

And in fact this is probably the cheapest and most elegant solution.

if you poka around enough on the bitstream site eventually you get to the order fonts page which allows you to order fonts &; some can be downloaded. Granted, it takes poking around, I gather they plan on selling mostly thru resellers, but there is an e-mail order option. As to how to use it, I suspect you install it just like any other true type font and then write your web page in it using whatever authoring program you desire. Maybe my site poking was less oppressive for me because I have a very high speed link. I really wish page designers would quit being cool and be quick and clean instead. RAS

I do too, Actually what you eventually find is a mail link to sales; there's no hint of price. And of course it's silly to use a font most viewers don't have, unless you can distribute it. I've sent email to ask about it. We will see.

For the Tiresias screenfont:

http://www.tiresias.org/fonts/availability_sf.htm

On the bitstream site, it says that to purchase it, you must contact their sales rep: http://www.bitstream.com/products/world/tiresias/index.html

However, on their website it seems to only be available in a development pack for television subtitles. It seems odd that a subtitle developed under a grant specifically to enable the visually impaired to see text on the screen should be so limited in distribution. This is the sort of thing that you would expect to be given away for free, with strong encouragement to use it for all screentext -- web as well as television.

I have asked. We will see. Thanks.

And now for something different. The writer of this, Frank Gasperik, has been in some of our novels, as Mark Czescu in Lucifer's Hammer and Harry Reddington in Footfall.

Hi Jerry;

I was reflecting upon the state of American politics and was struck struck by a revelation.

We can lay the blame for the deplorable candidates that are set before us to the MEDIA and the political partys reactions to the Media.

That any party wants to elect it's candidate(s) is a given, However now the parts are picking their candidates solely on how the MEDIA reacts to the choice.

A good example if this is Bill Clinton. The party Heads KNEW the trail of Bimbos and minor (maybe MAJOR) illegal actions committed while Bill was Governor, but they still ran him... Because the MEDIA report on him was Favourable.

The Republicans do no better. The better candidate to run this year would have been George W's Brother. Again, the Party heads KNEW of what the press would dig up about George W however they STILL supported his bid for office.

Along this vein, there has been no Overt support for Alan Keys by the Republicans and the MEDIA has done what it can to class Keys as an OREO. The MEDIA has made as sure as they could that Key's message of financial responsibility and PERSONAL RESPONSIBILITY never got heard. So much for Racial Equality in the MEDIA.

Jerry, the Media has done everything it can to ignore the Libertarian Party and denigrate it where it can't ignore it. Should one wonder why?

Thank you for your time,

Frank Gasperik

The "OBVIOUS" hides many things that people don't look at.

This is very much on target, and I don't know what one does about it. In my day, party workers picked party candidates; you became a part of the party structure by work. I started as a precinct walker and in a year I was a District Leader. We moved to California and I became County Chairman almost instantly, largely because there were these party faction fights, and my wife and I happened to be able to get along with both sides: she was Co-Chairman. She was leader of one faction, I of the other, and we were about the only place where the two parts communicated.

But in those days, parties nominated their candidates, and it wasn't a big sweep primary that decided it. Now, the system is set up to favor those who can get media attention early -- or else who have enough money to buy media, early. And what party officials know isn't important.

I don't think the system is stable.

On that line, Aleta sends this:

Jerry, thought you'd get a smile from these examples... Aleta

DEMOCRACY: Three wolves and a sheep deciding on what's for dinner.

REPUBLIC: where the sheep get to vote on which sheep the wolves will have for dinner.

CONSTITUTIONAL REPUBLIC: where eating sheep is expressly forbidden, and the sheep are armed.

Which is a bit over simplified, but it has some merit...

TOP

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

TOP

Thursday, June 1, 2000

From: Sean Long (seanlong@micron.net)

Subj: DSL and peer to peer network access

Dr. Pournelle,

In response to your reader's question about hooking a win9x lan to a single DSL line, I have one solution that may work. Apologies in advance for the length.

Win98SE Internet Connection Sharing (ICS) allows one windows computer to act as a router/gateway for the rest of the LAN. There is at least one trick to getting it all to work however.

The critical issue is that the gateway computer MUST be set up with the ip address 192.160.0.1. No other ip address will work even though it shouldn't matter, so this is apparently something microsoft has hard-coded in for no apparent reason. In any case, the setup will go something like this:

The gateway computer must have 2 network devices installed, in this case one network adaptor hooked up to the DSL connection, and one network adaptor plugged into the LAN hub. I personally use a modem and one network card because I have a dialup connection instead of DSL. Make SURE both adaptors work normally (ie. the gateway can use the DSL connection as well as the LAN) then install Win98SE ICS. You'll notice that you will need to set up two ip addresses, one for each network card. Your ISP will probably dynamically allocate the one for your DSL connection, and you should manually set the other network adaptor to 192.168.0.1. If you don't do this, ICS may work intermittantly or not at all.

Each client computer needs to be set up with it's own ip address (either via DHCP from the gateway or manually as 192.168.0.x), the gateway must be set to 192.168.0.1, and DNS needs to be enabled and set to 192.168.0.1. I do everything manually, but I accidentally forgot to set my laptop up properly once, and while it configured itself via DHCP, it wasn't where I expected it to be on the LAN and it took a few minutes to sort itself out before the internet was visible. If the gateway machine's ICS adaptor is set to 192.168.0.1, computers on the LAN will probably get set to the 192.168.0 subnet but even that isn't guaranteed. There are registry keys that can be edited to force certain subnets, but manually setting the ip addresses may be easier than digging those keys out of the microsoft technical support database.

Win98SE ICS can be turned on and off, and while each client can see the internet, the clients are completely invisible to the rest of the world because the gateway computer is performing it's NAT (Network Address Translation) duties and filtering/relaying the packets as required. The only computer visible to the world is the gateway computer. A decent network security program would be a good idea on that computer especially if you plan on hosting any services on the gateway (like ftp, http, etc), but the clients should be safe and untouchable.

This is probably the easiest and cheapest way I've found to give a whole LAN access to the internet. It isn't particularly robust and if the gateway computer gets busy sometimes the clients may have some latency problems, but those problems are very small unless you expect to play real time internet multiplayer games over that connection. If that is the case (as it is for me), the solution is to temporarily turn off ICS and use the gateway itself as the gaming rig. Doing that solved all connection hiccoughs I saw when ICS had been enabled.

I have found that the occasional program won't work properly over the ICS connection (napster wouldn't work when run on a client but worked fine on the gateway), so this may not be the ideal solution for everyone. You will also want to disable file and print sharing on the adaptor used for the DSL connection, otherwise your entire LAN's shared resources will be visible. That can be a rather bad security risk. Fortunately windows seems to detect this and may provide a warning.

As a final note, the client computers on the LAN do not need to be windows boxes to work with ICS. I have 3 linux machines that access the internet through my win98SE ICS gateway, and since they're safely behind the gateway I don't have to worry too much about securing them from attacks. As far as I know, the gateway is simply unable to pass or route attacks to specific computers on the LAN.

Sean Long

----- Original Message ----- From: Bill Roellich To: Jerry Pournelle Sent: Wednesday, May 31, 2000 10:13 AM Subject: One method for using WIN98SE in a peer to peer LAN sharing an Internet connection.

Dear Sir,

The following steps will produce one variant of a WIN98SE peer to peer LAN sharing a DSL connection. Please note the tacit assumption that a full time internet connection exists. Some broadband solutions require launching a proprietary application to get connected to the internet. If this is the case then it should reside on the "server". 1. Install two NICS of different manufacture in your WIN98SE "server". WIN9X programs have difficulty distinguishing between identical cards. 2. Hook up one of your NICS to the DSL or other Broadband Internet Connection. Hook the other NIC to the Output side of the HUB. Hook your other machines to the remaining Output connectors. For this installation you will not use the Input(uplink)side of the Hub. 3. Install Internet Connection Sharing from the WIN98SE source files on your "server" i.e. Start, settings, Control panel, add/remove programs, internet tools, and tic Internet Connection Sharing etc. 4. When prompted to make the floppy, go ahead but you will not need it for your other machines. In fact, do not install the floppy in any of your client machines. 5. Make sure all of your WIN9X machines are in the same workgroup and all have unique names. 6. Further make sure that TCP/IP is installed on all machines and that TCP/IP settings for the NIC's are DHCP for all your client machines. 7. When everything is up and running check Internet connectivity from all machines by pinging www.yahooo.com from a DOS prompt. They still have ICMP enabled so you should get legitimate replies.

This is a broad outline and may require other tweaking of bindings, disabling file sharing, etc. on the "server" machine.

Best Regards, William L.(Bill) Roellich

Hi Jerry:

I do just that. Buy I do not use 98 SE since there are not enough configuration options built in.

Instead I use Wingate Pro version 3. There are also cheaper versions available. In the pro version you can open and close ports, services , etc. It basically is a firewall and sharing program. It can be a DHCP server but I assign the IP address manually.

Http, telnet, ftp, etc all work fine from multiple machines going through the Wingate server and to the DSL connection. In addition, I have BlackIce defender running on the server as an additional layer of protection and Zone Alarm on the client machines for even more protection. It all works great with no noticeable speed degradation from the clients.

By the way, the Wingate server is only an old AMD 120Mhz 586 with 36 Mb Ram running Win98 first edition with the security updates!

Bruce :-) Bruce W. Edwards, CISA, CIA I.S. Auditor and collectibles fanatic www.QuasarComics.com

Thanks for definitive answers.

TOP

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

TOP

Friday, June 2, 2000

Dear Dr. Pournelle,

Fehrenbach and Korea.

I first read Fehrenbach in 1981 when I reported to the 2ID in Korea as an infantry 2LT. My company commander had made it required reading for all company officers and senior NCOs. You are correct. It's the best that's ever been done or ever will be done about the Korean War. People ought to read it to see how the next war ELSEWHERE (not in Korea) will probably open up.

Even before Fehrenbach I had had an earlier, home spun version of it. One of my platoon sergeants in the mid 1970s was a Korean War vet. "Squirrel" described his experience as a 17 y/o rifleman in the 24th ID, first in Japan and then in Korea in 1950.

Japan was a joy. Plenty of half day schedules, plenty of training holidays, every man with his own houseboy and also girl if desired. Louis Johnson has caught much of the flack for that. Interesting how MacArthur has escaped all responsibility for the complete lack of preparedness in his occupation divisions.

Then the 24th ID was tossed into Korea.

The day by day detail was depressing: His rifle company melted from 160 men to 35 in about a month. The day the company mess truck was blown up. The disguised infiltrators with weapons hidden in stick "A Frame" peasant backpacks. The apathy and abulia that set in among many. Untrained, poorly condtioned, under equipped troops. Everything leading to a sheer loss of willpower which led to the obvious, death. That's the wartime equivalent of basic training stress cards.

Israeli Nukes.

I recently did some research into Israeli nukes. The 'story' to date about Israel's nuclear capability is still full of holes. The questions of warhead design and testing are just ignored. Over three decades there has been a steady dribble of information about Dimona and its capacity, Pennsylvania uranium thefts, and other fissionable material acquistions.

There is zero information about the twin problems of warhead design and testing. The Israelis aren't known to have conducted any tests, aside from the possible south Indian ocean event. This gap seems not to provoke serious thought among those writing on this subject (that I've seen). Yet the Israelis are credited with at least two different warheads. One for a gravity bomb and one for the Jericho missiles.

Supposedly a state of about 2 million circa the late 1950s set out to develop a nuclear capability and has since constructed 50-200 warheads to at least two different designs without ever having tested them. While it was doing this it was also subsidizing a mass immigration and sustaining a conventional military force of 20% of the population.

A program of the size Israel is reputedly conducting has proven to be a massive effort for states 8 - 400 times the size. Then to top it off, this miniscule state supposedly has made this massive investment without the extensive testing program every other nuclear state has always found necessary. So I don't find the story as it currently stands persuasive.

When one looks at the available information there seems to be only two really viable conclusions:

1. Israel is running a huge bluff about having any nukes at all.

2. Israel acquired fission materials, proven warhead designs and possibly completed warheads from an external source, probably the U.S.A.

This would leave Dimona as a partial or full Potemkin Village designed to camouflage the true source of their nuclear capability. The same would apply to the Israeli technician photographs published in the United Kingdom in the 1980s and other leakages over time.

I personally favor Door #2 as the most logical explaination.

Mark A. Gallmeier

Interesting. Fehrenbach's book explains the unreadiness of the entire army, ot just the occupation divisions, I think. It is certainly a book every officer should read about once every five years.

I have no data regarding the Israeli weapons programs, but I would be astonished if the US knows a great deal about weapons designs that remains unknown to Israel, for the obvious reason that the US has always been a major target of Israeli espionage, and US counterintelligence has not always been vigorous in countering Israeli efforts. In 1940 when there was a mortal threat to Britain, British intelligence had no difficulty obtaining most US military industrial secrets. When a friendly country with many emotional and family ties to the US is in danger, it's not surprising that neutrality acts aren't vigorously enforced. (All of which makes the Liberty incidident even more galling.)

Hi, Jerry;

There's another interesting opinion piece on the alleged No Gun Ri massacre in the Washington Times (my brother at Georgetown calls it "Washingland"):

http://www.washtimes.com/op-ed/ed-column-20006218038.htm

Turns out that not only was Ed Daily, the primary source for the claim that the army ordered its troops to open fire on the civilians (which would be a war crime), never at No Gun Ri, only joining that unit after the supposed massacre took place, and not only was did he never receive the Distinguished Service Cross or other decorations or a battlefield commission, as he claimed, and not only was he never a Korean POW (as he also claimed), but that two other supposed eyewitnesses were also demonstrably elsewhere when the supposed incident occurred.

The story, for which AP took home a Pulitzer, is falling apart.

In addition, of the seven remaining witnesses, five now dispute that they were accurately quoted or taken out of context by AP; two still maintain that the incident happened -- but instead of ten GIs supposedly confessing to being war criminals, there now are two who claim only to have shot at refugees (but cannot claim they ever heard an order to do so), five who claim the story was grossly misunderstood by AP, and three who have been proven liars (including both of those who claimed actually to have heard /an order from an officer,/ without which there is no war crime).

AP, however, sticks by its story. What else can they do? --

Dafydd ab Hugh

Never attribute to stupidity what can satisfactorily be explained by malice. The truly powerful are rarely stupid.

I don't doubt that some troopers shot some civilians. I don't even doubt that some officers ordered troops to fire on civilians getting too close to US troops; there are well documented incidents, but in the only case I know anything about warning shots were fired and warnings issued and there was almost no time for a decision. The systematic murders described in the original AP story were supposedly done in cold blood on orders from on high, and I never did believe those. But as you say, what else can AP do at this point.

Jerry,

The Tiresias font seems to share a number of similarities in look and purpose with Trebuchet MS, which has been included with Windows and IE for a few years now. It's also a free download below. I use it for all email communications (where text clarity is important) and anywhere else it makes sense, since to me it seems to be the most readable screen font around.

"Trebuchet MS, designed by Vincent Connare in 1996, is a humanist sans serif designed for easy screen readability. Trebuchet takes its inspiration from the sans serifs of the 1930s which had large x heights and round features intended to promote readability on signs."

http://www.microsoft.com/typography/fontpack/default.htm?fname=%20&;fsize=

Thanks. I find that Trebuchet is in FrontPage and I have put your letter in that text. I usually use Arial for that. Comments from readers welcome.

Jerry,

>So now we know, but it (Bitstream Tiresias) doesn't do us any good since using it on web page isn't going to help anyone out there. Ah well.

It may not be helping people surfing with a PC. However ... If the market for set-top boxes does pick up steam lots of people are going to view sites on low resolution screeens. And if WAP phones live up to to the hype everybody is going to be surfing on 2-by-4 screens.

So maybe it is not a font to simply shrug off.

Regards, Svenson.

A fine utility to try is ctbios available at

http://www.ping.be/bios/numbers.shtml

The website in general is a great resource for motherboards, bios and the like.

Regards,

�`��`��`��`��

Kerry M. Liles kerryl@allinson-ross.com Allinson-Ross Corporation

Thanks! It is a great place, and I have downloaded the ID program. Thanks for telling me about it.

Dr. Pournelle,

Why would you want to change your font? Serif fonts are much more readable. Since your site is information-oriented (i.e. mostly text), readability should be a prime concern.

Of course, if you must change, I vote for Arial.

BTW, I was going to send this to you anyway:

http://www.lineone.net/express/00/05/31/news/n2140mars-d.html

Having read your interview with Mr. Niven online yesterday, I think you'll find this machine preferable to activating Olympus Mons.

-- John Alexander Web Developer, Faculty Resource Center The University of Alabama johnalex@bama.ua.edu

Actually, I have never contemplated changing from Times Roman for the default text (but of course viewers may set whatever default they like); it's the various quote and emphasis fonts I've thought about. Mostly, when I ran across the discussion of readability on the Tiresias page I became curious. Apparently it is not universally agreed that for on-screen text serif is preferable to sans serif so far as readability be concerned. My preference is for Times Roman, but apparently there's some controversy over all that.

Zubrin has counted on making oxygen from Martian atmosphere as part of his Mars Now program, and I never doubted you could build such machines, but I suspect it would take a LOT of them to terraform a planet.

Now that everyone has downloaded QuickTime for the Dune preview, might I suggest a visit to:

http://www.lordoftherings.net/

And much thanks to Mr. Dobbins, as usual!

Steve Setzer

Fair warning: the movie parts of this can take a LONG time to download...

For what it's worth, Trebuchet is more readable than Arial -- cleaner.

For a similar reason I prefer Century Schoolbook for serif. Although that is not optimal for screens, I like the "lighter" impression it gives. Georgia is otherwise recommended as an optimized screen serif.

Overall, however, truetype kerning sucks.

/ Bo

-- "Bo Leuf" <bo@leuf.com> Leuf fc3 Consultancy http://www.leuf.com/

Well, since others are voting....

Please DON'T use Arial for large blocks of text. I will never forgive Wired magazine for setting most of their body text in a sans-serif font. I think most people are wired to find serifs easier on the eyes. Sans-serif is (or should be) for headings and subheads.

Setting mail in Arial does set it apart as clearly "not yours", but I think judicious use of colour and/or indenting could do that as well. I find the arial a bit large for taste. A monospace font might be more traditional, although we seem to be tending more and more towards a populace that has never read email from a text-mode client.

-- Kjell

TOP

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

TOP

Saturday, June 3, 2000

This pretty well sums it up on fonts:

It appears that the debate over fonts will crop up everywhere sooner or later. I am a technical writer and have to produce both printed any online material. The general consensus in the research that I've read is that sans-serif fonts (Arial, Helvetica, Trebuchet) are easier to read on-screen. Serif fonts (such as Times New Roman) are more readable for printed material, where the effective resolution is higher (usually at least 600 dpi) and the serifs help the eye run from character to character. But at the typpical monitor resolution of 96 dpi, a sans serif font will usually be more readable.

You also have to make a distinction between readability (large blocks of text), where serif fonts are generally better and legibility (short blocks of text, such as signs or headlines), where san-serif fonts are usually preferable. Again, this often depends how the text will be viewed.

Of course, the online reader can always set the default font to his or her own choice; mine happens to be Verdanna.

BTW, I just finished Starswarm and enjoyed it a lot. It reminded me a lot of the Heinlein juveniles I read during my youth. I'm going to hang on to it and pass it along to my son in a year or two. He's 10 and it's a bit of stretch for him now, but it won't be long.

Regards Keith -- Keith Soltys ksoltys@home.com http://members.home.com/ksoltys/

That certainly seems to sum it up well. I think I'll just go on doing as I have done. Thanks for the kind words. Anyone who hasn't read Starswarm should...

Re your missing the end of the clip you were watching when that helpful little popup appeared.... you might see if the clip is in your browser cache somewhere. Frequently I've been able to find and save things from there that were only intended for one-time viewing.

James Meader

I actually looked, but I didn't look too hard. I'd got nearly all the film anyway. Thanks.

TOP

This week:

Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Sunday

TOP

Sunday, June 4, 2000

Jerry,

Don't understand your problem exactly, as I have never had anything remotely as horrific with Quicktime. I get the "There is an new version available..." message, but I have been able to dismiss it and continue. I watched the LOTR trailer (over a T1, admittedly, but from behind a firewall) and had no problems.

As for the trailer disappearing, welcome to streaming media. Real does it much worse than Quicktime, in my limited experience. My Real experience is limited because it rarely connects from behind the firewall, or even over a dialup. When the site gives me a choice I pick QT. To save the .mov file go to Edit\Prefs\Browser Plugins and check Save Movies In Disk Cache. You then have to go (after downloading) to whatever directory your browser is set to use for caching and copy the .mov file to another location. Make sure your browser cache disk space is set large enough to contain the entire movie (I have mine set to 25MB). OK, it is a convoluted, lengthy and stupid process. But you can do it. I have yet to hear of a way to save streaming Real files. If there is one, I would love to know how.

The Pro version of QT may have the capability to save streaming files but I haven't paid for it, as the free version is Good Enough for what I need.

Finally, the trailer looks great, but there is nothing in the last bit that you have to download the entire thing again for.

Hope your weather is good and you are feeling well. It is bright, sunny, and (relatively) hot here in Anchorage. Yesterday I was at Birchwood Shooters Park at the annual Alaska Youth Firearms Safety Education Day and had sun, heat, and a good time. Today it is sunny, hot and I am indoors at work looking out.

Scott

Weather's fine, and I don't really care that much about the trailer. It does look as if they're doing it right.

From: Stephen M. St. Onge saintonge@hotmail.com

Subject: Isreali Nukes?

Dear Jerry:

I've been thinking about Mark A. Gallmeier's letter, and find myself rejecting his reasoning.

I've done a bit of research on the Manhattan project in recent years, and there are several fairly obvious extensions of their research that would enable you to test bombs without full scale explosions. Remember, very few U.S. nuclear weapons tests ever failed.

Also, remember that the countries KNOWN to have nukes tested the bombs in part to announce that they were in the club.

I wouldn't be surprised if the Israelis have acquired a lot of information through espionage, especially given the laxness of U.S. security but I doubt that espionage or testing are necessary, at least for fission bombs.

Best, St. Onge

TOP