CHAOS MANOR MAIL
Mail 163 July 23 - 29, 2001
CLICK ON THE BLIMP TO SEND MAIL TO ME
FOR THE CURRENT VIEW PAGE CLICK HERE
If you are not paying for this place, click here...
IF YOU SEND MAIL it may be published; if you want it private SAY SO AT THE TOP of the mail. I try to respect confidences, but there is only me, and this is Chaos Manor. If you want a mail address other than the one from which you sent the mail to appear, PUT THAT AT THE END OF THE LETTER as a signature.
I try to answer mail, but mostly I can't get to all of it. I read it all, although not always the instant it comes in. I do have books to write too... I am reminded of H. P. Lovecraft who slowly starved to death while answering fan mail.
Search: type in string and press return.
or the freefind search
If you subscribed:
If you didn't and haven't, why not?
Highlights this week:
Search: type in string and press return.
July 23, 2001
This came over the transom--expect more like it. I got two, with different headers. It had a ".doc.bat" attached, which appears to actually be a .EXE.
I suspect ANOTHER Outlook virus at work. Spread the word, in the non-infecting pass-it-along manner.
>From: "Tyler MacLeod"<email@example.com>
Subject: Gardenscapes - Public Service announcement >
date: Mon, 23 Jul 2001 11:25:57 -0700 >X-Mailer: Microsoft Outlook Express 5.50.4133.2400 > >Content-Type: text/plain; charset=ISO-8859-1 >Content-Disposition: message text >
>Hi! How are you? >
>I send you this file in order to have your advice > >See you later. Thanks
Alex Pournelle, Director, PC and LAN Practice, Tech/Knowledge (www.t-k.com)
I have myself received about fifty copies of this at many different addresses, with many different subjects, the body text remaining more or less as shown but varying slightly; there are many return addresses. I have reported it to SPAMCOP. They keep coming, the latest less than an hour ago. I wouldn't open one of those attachments for anything.
ROLAND reports that this is the SirCam virus. Details are here:
and it is apparently both dangerous and widespread. MY NORTON ANTIVIRUS has detected several incoming viruses, but DID NOT DETECT THIS ONE. I have not been infected since I don't open anything including the mail itself (I view such things in an editor that can't activate anything). I am going to go update Norton and see if that helps.
It does NOT. Norton detects NOTHING although I am pretty sure I have copies of this thing still on my system (I may not). But Norton did not detect it coming in as an attachment although Norton did detect Natividad as an attachment with the present settings.
Mostly DO NOT OPEN mail that looks like that. You don't get infected by just seeing this thing in a preview window; at least not with active-X turned off.
I received an e-mail with the virus stripped out of it and guess who's web site I went to first to look and see if he had an alert posted. If you said jerrypournelle.com you win the prize. Where I work, our Norton Anit-Viurs Corporate Edition caught the:
Sircam@mm.Worm (Norman) virus
and stripped it from the attachment. Which is good, since the person it came from was "firstname.lastname@example.org" and I have a sister-in-law named Gail and just last week bought some eBay items from another person named Gail. So the unsuspecting or unprotected could be hurt badly. Our server is set to check the Symantec site for updates every couple of minutes, so we always have the latest definitions on hand.
Thanks and keep up the good work.
Roger D. Shorney, System Support Analyst Expert Missouri Rehabilitation Center
Interesting that Norton found it for you but not me. I will continue to watch this. I may have deleted all the copies before loading the updated Norton.
I have been getting this virus about five times a day for the past few days from someone called Scott Cardenas (I have no idea who this is). The attachment in this case is called "ep1icons.zip.xxx" with "xxx" being one of several things, including .com, .bat, and a few others. I am attempting to track it back to the server. E-mail replies sent back are kicked back as bad addresses. Odds are he has no idea his machine is pumping this stuff out.
Like you, I was disturbed that Norton did not flag this while the mail was downloading. Obviously, I didn't open the attachment, but when I attempted to copy the attached file to a target folder for analysis (I suspected a virus), Norton then saw it, grabbed it, flagged the virus, and did not let me copy it. I don't know why it didn't see it until then, but even updating to the current definitions does not change this delayed behavior. Interestingly, running a scan of the folder containing my Inbox mail files (and, by extension, the virus-loaded e-mail) also did not return any warnings from Norton. Maybe this is a bug.
I have set the filter to dump this stuff in a separate folder, in case I need it for informing Symantec. I look forward to finding out more about this.
Now that is truly interesting.
And Eric Pobirs notes:
It's called sircam and its existence has been known since early last week. I've gotten several dozen items from a certain species of person: PR types. They're are just about the only sort of person who both has my email address and gets caught by this type of trap.
One of these people appears to have a substantial real estate business attached to another user on his system judging from the material he's unknowingly sending out. This virus is going to have some serious repercussions from this form of Napster's more evil twin.
I made a small mistake. It was not Norton that caught the virus. Our Exchange server is running Antigen from Sybari (http://www.sybari.com/home/). I have two attachments. One is the "gamlapricelist" and is stripped clean with the text (inserted):
"FILE DELETED ------------
Antigen for Exchange removed gamlapricelist.xls.pif since it was found to be infected with Sircam@mm.Worm (Norman) virus."
The other attachment has an ATT file extension and I can not open because I have no file association for that extension. I'm not going to create one just to see if I can open it either. But it was caught and handled by the AV software.
Sorry about the confusion.
Roger D. Shorney, System Support Analyst Expert Missouri Rehabilitation Center
It's important to note that *NIX users are immune to this sort of thing, since there's no ActiveX or WSH nonsense running in their OSes/applications for virii to exploit.
This seems the proper place to add Roland's latest note for LINUX users:
Subject: KIS LKM Linux trojan/zombie
Note that there are no 'default' holes which allow this Trojan to be installed on Linux systems - the attacker has to compromise the root account somehow - or at least be able to execute commands with root permissions - before he has permission to replace /sbin/init with his trojanned version (unless the sysadmin has done something truly stupid with his file permissions):
This is why it's so important for Linux sysadmins to ensure that proper permissions are set on all their binaries; that they use ssh instead of telnet so as to reduce/eliminate the possiblity of password snooping; that they disallow root logins via ssh; that they use 'su -' to become root, thereby preventing malicious system environment variables/preloads from being inherited by root; that they use tools like TripWire ( http://www.tripwire.com ), LIDS ( http://www.lids.org ), grSecurity ( http://www.getrewted.net/download.php ), St. Jude (formerly St. Michael, http://sourceforge.net/projects/stjude/ ), & tcpwrappers ( ftp://ftp.porcupine.org/pub/security/index.html) to protect their systems -before- they get hacked; and that they ensure that all services running on their machines are set up in as secure a manner as possible.
Now for the truly bizarre. Roland sent this:
Subject: Micrososoft's new German ad campaign for XP.
Shortly after I got a message from Robert Bruce Thompson who plans to discuss this on his web page tomorrow. The film clip you can download as part of this, is, well, bizarre.
On another important subject:
Here, with her permission, is my wife's letter to our Senator:
I am a patent attorney and am in favor of intellectual property protection, BUT I am writing to strongly protest the portion of the Millennium Copyright Act (Section 1201) that allowed the criminal arrest by the FBI of Dmitry Sklyarov for his presentation at a scientific conference of information about how to crack Adobe's passwords for ebooks.
The law simply goes too far in prohibiting design-around activities. The ability to design around others' technological advances has always been protected in patent law decisions. The portion of the Millennium Copyright Act that prohibits the use of code-breaking technology will have a chilling effect on the "progress of science and the useful arts," which is the Constitutional basis for intellectual property laws. This is especially true considering the excessively long term of copyright protection.
Dmitry Sklyarov's arrest appears to me to be a heavy-handed attempt by a rich and powerful (and evidently not very technologically adept) company (Adobe) to protect its economic interests by the use of force rather than through the use of brains and technological advancements. The proper response would be for Adobe to come up with a code that can't be cracked. If it is unable to, then it can prosecute those who violate its copyrights by actual copying -- instead of those who make copying possible. (Why haven't all the executives of Xerox been arrested?)
This arrest of a presenter at a scientific conference seems like "thought police" in action.
We must protect freedom of speech and freedom to develop technological advances. Please do what you can.
Thank you, Ellen P. Winner (Greenlee, Winner and Sullivan)
Which seems to express my views quite well.
Subject: Eminently Sensible
I -like- this guy.
which makes the point as well.
|This week:||Tuesday, July
Regarding your problem with 'paste special'...
There is a Really Cool utility that does this for you and more: Clipmate, shareware (30 day trial) available from www.thornsoft.com . I can't live without it. Not only does it give me a full, configurable, clipboard which remembers my previous entries (and allows me to save frequently used text in special clipboard folders), but it allows all sorts of neat manipulations. Since I cut/paste from netscape to WP all the time, this is invaluable.
If you haven't previously reviewed this inexpensive and very useful product, you should! (Plus the developer does his own email support - very quick turnaround, and helpful.)
PS. Love the column. -- A. Michael Froomkin email@example.com Professor of Law "It's warm here" U. Miami School of Law ,
I have installed it. So far I haven't figured out how to use it: the text window is tiny and although expansion arrows appear at the corners they don't in fact expand the window space. I'm sure it's a matter of learning about it.
Another security notice from RolanD:
Subject: Protecting your PC
Regarding the DefCon Arrest:
I don't think it's going to be quite this easy . . . I surely know it -shouldn't- be . . . since the poor bastard has been locked up, I'd rather see this come to trial and the DMCA thrown out as being unconstitutional.
Which I suspect will happen no matter what, now; Were I he I would sue Adobe for promoting false arrest. But I doubt this is anything like over.
And an intriguing business idea:
Read your Byte column with the Cringely idea of using wireless to allow a DSL-deprived house to tap into a house that is close enough to get DSL. I don't know the maximum number of DSL lines a single customer can pull into one house, but I could see a great moneymaking opportunity here. Get a load of DSL lines put in, and pop a honking big antenna array for wireless connections on top of your house, and start raking it in from deprived neighbors off in the distance. If you live on top of a hill, or in a valley overlooked by many other non-DSL homes, this works great.
Of course, it probably violates about six hundred FCC regulations, but what doesn't?
I certainly don't intend to do that, but feel free...
And on various subjects
A thought occurred to me...
Contrast Rutan's innovation in the aerospace industry to some of the more interesting computer hardware and software ideas bouncing around today. Then magine if Boeing decided to patent "general theory and practical application for generating load bearing forces utilizing shaped surfaces moving through the air"... Sounds crazy but it's about the same as some of the stupid "software patents" being upheld out there.
Maybe instead of shooting the lawyers, we should shoot anyone who starts then loses one of these amazingly brainless lawsuits. Include the masterminds at Adobe who pulled the strings to have a legitimate businessman and computer researcher arrested at a conference. Funny how Adobe is now trying to wash their hands of the whole thing while their victim remains in jail.
Roberta's letter was great, now we just need honorable congressmen who's horizons aren't limited by the next election, and some of them might pay attention to letters instead of dollars. [Weren't Roberta's letter; read again.]
And more on that worm:
Dr. Pournelle, An interesting, if paranoid thread at slashdot on the trojan: http://slashdot.org/comments.pl?sid=mailvirus&threshold=2&commentsort=3&mode=thread&cid=16
"it could be deadly serious to people in the financial services industry. Deals could be made/broken, firms' reputations could be torpedoed, ... Infect enough brokerages and something's bound to show up. Something tells me there's a lot more to this worm's author's motivations than meets the eye, and if the author is caught, we'll learn a lot about what his target was. "
And, lower in the thread: "If you were going to [hack] someone, a virus/worm would be pretty good cover for it. Lots of overworked security admins, lots of garbage in the logs, lots of systems gettting hasty repairs. It would be pretty easy for one little [hack] to be overlooked."
These guys may have something, I've gotten some interesting stuff today. Some from .mil sites...
Kit Case kitcase at home.com
I have got copies from a lot of people. I haven't looked at any of the included files. Perhaps I should...
July 25, 2001
I'll work on this tonight.
July 26, 2001
Jerry: The link is to an LA times story:
that tells us that the web "was devised by a bunch of hippie anarchists who didn't have a strong profit motive" darn those hippies at DARPA anyway. Looks to me like a move is afoot to privatize the web, and make it look more like, say, cable tv: Oh! you want google? Another $10/month please.
And you expected maybe Mrs. Nussbaum?
This site bills itself as "The world's largest international, peer-reviewed encyclopedia." They have a very nice process for peer reviewing, copy editing, and translating articles written by volunteers. The entire site is "open content", which means you can use it for any purpose, including commercial.
Worth checking out, as a social phenomena if nothing else. The quality of the writing looks quite good although I see that there are still a lot of gaps.
Before you go to much further on looking at the Nupedia link I just sent you, I would recommend reading this article. Fascinating!
-- Talin "I am life's flame, respect my name, Explorati, Inc. my fire is red, my heart is gold. http://www.explorati.com Thy dreams can be, believe in me, http://www.sylvantech.com/~talin if you will let my wings unfold!" -- Heather Alexander
Dear Dr. Pournelle, One of your correspondents wrote of '...an LA times story... that tells us that the web "was devised by a bunch of hippie anarchists who didn't have a strong profit motive" darn those hippies at DARPA anyway.'
I like his sentiments but DARPA didn't invent the World Wide Web. Just one man is credited with that, and he wasn't American, he was an Oxford-educated British engineer. Nor was the organisation for which he worked, though in some ways it does resemble DARPA.
On the other hand, Tim Berners-Lee and his colleagues at the Conseil Européen pour la Récherche Nucleaire, better known as CERN would die laughing to hear themselves called hippie anarchists. As for the lack of a profit motive, before all this began Tim had started his own company - Image Computer Systems - after a long stint in private industry (Plessey) and as a consultant. The closest that web origins got to hippy anarchism would be that the very first implementation was on a NeXT cube which Tim's boss (Mike Sendall) bought for that purpose.
The key question here is the difference between the web and the information utilities made possible by the ARPAnet.
The following ZDnet article shows the scope of new attacks on various websites and the fact that it may be impossible to protect from such attacks, as yet. In the article cited below 350,000 infected computers DDoS attacked the Whitehouse.gov site after being infected by the Code Red worm/virus/trojan/zombie.
The discussions about PC security bring to mind another twist on the issue of security and national infrastructure.
Security measures are rapidly being outstripped by the abilities of hackers to crack them. We, the programming community, need to build better more secure products for the average user. I can personally build seatbelts into a car, but at what effort? If it is not too expensive why not have the manufacturer build it in? Do we need to regulate? Or want to regulate Microsoft, and Linux, the router manufacturers, the ISPs, and etc. now so that the security issues do not threaten in the near future the national infrastructure by lack of built in protections?
Already, smaller ISPs are routinely dumping websites that get hit by DDoS attacks since they impact the ISP internal carrying capacity. See the article in The Register about the Packetstorm website being dropped twice by different ISPs in the last several months at
If DDoS attacks get larger by a factor of only 2 or 3 (as in the ZDnet article listed above) the larger ISPs will start to feel the impact, and thus everyone attached to the net will feel the impact.
I suspect the next war, whether or not the US is directly involved (this could be spill over from a Mideast conflict), will include attacks on US infrastructure. Such an attack probably will include massive DDoS attacks on civilian ISPs, not to mention attacks on military infrastructure. I'll be willing to bet that it will cause the feds to set up a ministry of information or some such policies, that will insist or make mandatory, that software and hardware manufacturers build in certain security measures. An example is in the article on the The Register about security patching by sys. admins. does not work at
it shows that there are not enough commercial resources to update all the machines on the net. How do we do this then?
I would hope that infrastructure security can be improved without government regulation before such attacks become commonplace. What, if anything, can we do to move this along without government intervention? Unfortunately, I do not have a solution. We are talking about the ability of the US to conduct business, transfer information, connect to the rest of the world. The threat has now risen to the level of attacking the health of our economy.
By the way, I and my son are enjoying reading - The Burning City.
And now we got the SirCam -- I have at least 400 of them, some with confidential files attached. I may make use of those...
July 28, 2001
From Dan Spisak:
Well it looks like the folks at CAIDA (www.caida.org) have managed to do a very interesting analysis of the spread of the Code Red worm. The report can be found at:
Watch the Quicktime movie to get a good flashback to what a biological warfare scenario played out looks like, except this is for computers. If anything its almost as damaging in my opinion because our society today relies so heavily on computers for all kinds of things nowadays. Perhaps the most scary aspect of the CAIDA analysis is that home users (in this case represented by the unknown domains plus rr.com and home.com cable modem users) gave the worm its damaging potential. Basically home users need to learn about security RIGHT NOW or vendors need to make their products security aware and intelligent enough for the home user to understand and use. Watching that movie start with 159 infected hosts and explode to 359,000 infected hosts in 14 hours is scary as hell to me. Additionally, this worm would not have spread so quickly had there been proper diversity between computer OSes, however since Microsoft is the dominant OS its quite easy for a single worm to infect a worldwide cross-section of servers out there. Imagine what this worms effect would have been if there was an equal number of MS boxes verses UNIX and Macs? The outcome would have been lessened greatly I feel. Its what farmers do to protect crops from getting wiped out by biological bugs, they plant different variations of crops to help insure a bug can't wipe them all out at once.
Here is the results of me tracking down all the attempts by Code Red worms to infect my Linux box running Apache (In chronological order all on July 19th):
Data Quick - San Francisco, CA 08:42:55 Dialup User - Orlando, FL 09:29:54 Shaw Cablemodem User - Calgary, Alberta, Canada 09:48:50 Internet Photonics Inc - Holmdel, NJ 10:11:13 CAIS Internet - Mclean, VA 10:15:01 DSL End User - St. Louis, MO - SW Bell 10:17:27 Some Business - Perugia, Italy 10:39:30 Zheng Zhou Railway Telecommunications - Near Shanghai, China 11:40:24 Cassie Memorial - Boulder, CO 11:48:46 Contract Data - Myrtle Beach, SC 11:55:48 DSL End User - Miami, FL - Bellsouth 13:40:27 Extranet site for Institue of Geography at Agostini - Agostini, Italy 13:53:30 Shipping Company (I think) - Amsterdam, Neatherlands 14:02:34 Local ISP - Corpus Christi, TX 14:25:09 Password Protected Sybari Software site - East Northpoint, NY 14:34:11 Webkorner Internet Services - Charlotte, NC 14:56:17 Business DSL User - Bethesda, MD 15:00:59 DSL End User - Atlanta, GA 15:04:38 Cablemodem End User - Edmonton, Alberta, Cananda - Videon Cable 15:21:09 Peking University - Beijing, CHina 15:56:10 Horsholm Traelasthandle - Denmark 16:07:30 Transperfect Translations - New York, NY 16:17:40 Fachhochschule Koeln - Koeln, Germany 16:43:10 Verio COlocation Server - Dallas, TX 16:51:11 China United Telecommunications Corp. - Lygang City, Jiangsu Province, China 04:32:37 (July 20th)
Casual browsing of these hits showed about 30% no longer up and pinging (probably down getting patched or cleaned), 20% were sites still up and running and the rest had webpages saying "Under Construction". Right, I bet they are under contruction. :)
This will only get worse unless end users get educated or we make security easier for end users to understand and apprciate.
Downright fascinating. Thanks.
Glad to hear your Ricochet system is up and running. I tested one of their slower (28K) systems (we don't have 128K in DC yet) and was impressed.
>When that system went down and I was thrown back to 53K at best, I seriously contemplated leaving computer journalism and going back to fiction full time.
Don't do it! I confess I haven't read your fiction in years (out of the habit of reading SF and, in fact, mostly read non-fiction now), but I'm addicted to your column, which I've read for years, although I mourn the loss of the print Byte.
>The problem is that the phone lines are old, and because of the Communications Act of 1996 there is absolutely no incentive for Pacific Bell to invest in upgrading those phone lines. In an effort to keep the evil Telco's from exploiting their monopoly on copper wire to homes, the Congress, in its infinite failure to understand, mandated that the Telco has to allow "competition": Telco must rent out its lines to competitors at quite low rates. This means that if Pacific Bell invested in a new switch in downtown Studio City, Earthlink and others would get most of the benefits and Pac Bell would be stuck with paying for facilities they can't make a profit from. Guess what?
Don't buy the hype! I cover this issue for a living, and that's hardly a full picture of the situation. The TCA did not require interconnection, resale and unbundled network elements for nothing. In return, it let the Bells (century-old government-supported monopolies) into the long-distance market, which is worth billions to them. The Bells agreed to the deal. In NY and Texas, for example, the first states in which the Bells got into long distance, they are cleaning up -- and the increasing weakness of AT&T, WorldCom and other long-distance carriers mean the Bells, with their marketing advantage through control of the local loop, are going to clean up up increasingly quickly. The latest estimate is that Verizon alone will have 7 percent of the national long-distance market by 2006, increasing rapidly after that.
There are certainly trade-offs (speed of DSL rollout for regulation/deregulation of the new DSL/fiber network elements) to consider, and I've reluctantly come to support some elements of a bill "Tauzin-Dingell," (H.R. 1542), now in Congress, which would free new DSL-network elements from some regulation. But if they want no regulation, they should not be allowed to use their government-created market dominance to corner markets outside the one in which that dominance was granted them. They're sitting on a century of profits from that monopoly.
In re: DSL in Studio City, if they told you that, it's baloney. I talk to these people every day, and they're building out DSL to profitable areas like that as fast as they can and only blaming competition for their slowness. The Bells sat on DSL for 10 years, because they were afraid it would cut into their T-1 (dedicated private line) profits, only rolling it out when competition (cable and DSL competitors) forced them to. Now they're trying to make up for lost time, at least in high-density areas. Also, they're hoping to use the lack of DSL in some areas as a political hammer to argue for full deregulation before opening their networks fully.
Below I include a screed I got on the subject today from a contact at AT&T (of course, the Bells' main opponent in such matters, so factor that in).
As always, I enjoy reading your trials and tribulations. You go through it so we don't have to.
---- Paul Coe Clark III Columnist/Online Editor The Net Economy Ziff-Davis Media (202) 408-6887 www.theneteconomy.com
Folks, Just wanted to pass along more evidence that the Bells are deploying DSL aggressively -- despite what they tell the Hill when lobbying for Tauzin-Dingell. The obvious question for the Bells is why do you need an incentive to deploy broadband when you clearly are doing so already? The Wall St. numbers don't lie. Below is an excerpt from SBC's release from this morning, followed by CNET News' early coverage. Jim
Second-quarter highlights include:
-- Data: SBC's total data revenues of $2.2 billion represents 21.5 percent of SBC's total second-quarter wireline revenues, up from 13.7 percent just two years ago. Demand continues to be steady for high-capacity transport that frequently is used to carry advanced, bandwidth-hungry applications. For example, revenue from SBC's advanced Internet-based and network integration services, used primarily by large businesses, increased 42.3 percent during the second quarter. DSL service was available to 23 million customer locations, or more than 55 percent of the company's metropolitan-area wireline customer locations, up from 14.7 million locations a year ago. Total DSL sales and installations were in line with the two previous quarters, net additions of 83,000 during the quarter were reduced by independent Internet Service Providers that resold SBC's DSL service ceasing operations, and by database reconciliations. Excluding the impact of ISP failures and the database reconciliations, net DSL additions for the quarter would have totaled approximately 170,000.
>From CNET News coverage of SBC earnings:
"The company's strong suit was its digital subscriber line business. SBC saw 28 percent growth in its data revenue to $2.2 billion and reported more than 1 million customers in service at the end of the quarter. That puts the company well ahead of its competition."
The fellow who owns the ISP I consult for had a file in his "My Documents" folder entitled "Passwords.doc"... Guess which file SirCam grabbed (after he was infected) and sent out to various people in his address book? So of course we had the fun of changing passwords on the various servers HE had access to.
He immediately went out and purchased NAV2001, and it found SirCam, but the only way he even knew he was infected was one of the recipients alerted him, and attached a copy of the transmitted document. Fun.
You should see some of the files I have got from law firms and PR outfits...
Does the average Windows 2000 (non-corporate) user log in with admin privileges? Most definitely. Is this a fault of the OS? No. It's easy to configure. It's easy to secure. It's relatively easy to protect.
Will the average Unix user log in as a non-root user when Unix is widespread? It's harder to configure. It's more difficult to secure. It takes a professional to reasonably protect the system.
I think there is a strong argument here that the wide spread adoption of Unix in it's current form could kill it for the long term -- i.e.: it's not ready for Joe user or Aunt May and it would loose the "reputation" of being secure which it has gained by forcing competence on it's administrators.
A competent Windows 2000 administrator can make the average W2K install as secure as the average Unix installation. There is no substitute for competent administration. The home user does not want to perform administrative tasks.
I would like to get a discussion going on this, but not from Seattle with this connection. When I get home... (See below)
More DMCA Madness:
------- Roland Dobbins
The hilarious part is that most of those people thought Pat Schroeder was their friend...
The Digital Millennia Copyright Act is dangerous. Apparently they intend to make it more so.
July 29, 2001
From: Steve Setzer Subject: Dan Spisak, Chris Smith and security
The bio-diversity analogy only extends so far. In particular, bio-diversity protects against attacks when nature is the one generating (through the fragile mechanism of mutation) new attackers. In the digital world, there may be far more Windows virus writers than Mac virus writers, but even a few Mac virus writers can cause a lot of damage.
Combine Apple's emphasis on application scripting with the new UNIX-based Apple Mac OS X, and the possibilities for email-borne, virally-initiated DDoS attacks are frightening.
UNIX is secure when appropriately secured. By the end of the year, Apple's OS will be the most widely deployed UNIX in the world, and huge numbers of the machines will be on full-time Internet connections in schools and small businesses (neither of which are noted for security savvy). The combination scares me.
Chris Smith is right. Microsoft and Apple, and the Linux distros, had better start taking steps right now to lock their systems down against such infection. The problem is one of incentive. Security makes systems slower and more difficult to use. It's also difficult to sell as a feature. I'm afraid we'll end up with regulation by default because I don't see the market incentive for OS vendors. I mean, if security were all that important, far more people would run OpenBSD than do.
> This prevents users from attaching an external antenna or a power > amplifier, which is good; but it also limits the ways you can connect > Ricochet to your system. In my case, the choices are USB or serial > port.
FYI, the PCMCIA Ricochet cards work fine under Linux as well (I've been using one since January). Older kernels have a serial driver bug that prevents the card from functioning properly, but I understand that newer kernels (since 2.4.4 or 2.4.5) have included a patch I wrote which fixes this problem. You can see my page below for details. Thanks for taking the time to let people know about Ricochet. I'd love for this ting to catch on in a bigger way. I've been happily using it as my only Internet connection in downtown Manhattan. Take care!
Gregory Pomerantz http://pages.nyu.edu/~gmp216
It's unclear who sent this to me:
Ed Vulliamy in New York Sunday July 29, 2001 The Observer
The United States is exploring the development of a 'space-bomber' which could destroy targets on the other side of the world within 30 minutes. As part of a weapons modernisation strategy personally directed by Defence Secretary Donald Rumsfeld, the Pentagon is drawing up plans for a 'sub-orbital vehicle' launched like a spacecraft, which Rumsfeld describes as 'valuable for conducting rapid global strikes'. The craft - which would set the scene for a new generation of stratospheric warfare - would be able to drop precision bombs from a height of 60 miles, flying at 15 times the speed and 10 times the height of America's current bomber fleet. It is unclear whether it would be manned.
Dear Dr. Pournelle,
It might be amusing, for those attachments you received from PR and law firms which are Word documents, to look at the revision histories within them...
Here's a related article:
-- It doesn't get any easier, you just go faster. -- Greg LeMond
Thought I might point out this article on the ExtremeTech page (sorry about the length of the URL)
about the (perhaps) imminent demise of the Be Operating System. It’s the usual case: Without significant number of major applications written for BeOS, there won’t be many users of BeOS, and without many users of BeOS, developers won’t write major apps for BeOS, and so on and on. The same thing obtains for OS/2 and Linux and most any "alternative" operating system.
The faithful, of course, will flame in about how great and superior and cool is BeOS, and how if we just believe, its superiority will be revealed to us, and BeOS will live forever and smite Microsoft. Haven't you heard exactly the same stuff for OS/2 and Linux?
It seems to escape the flamers that the purpose of an operating system is to provide an environment for applications. Their hatred of Microsoft seems to blind them.
Wasn’t it you who told how, when IBM would sell developers OS/2 SDKs for about $500 apiece, Microsoft would positively push boxes of Windows SDKs into the hands of the very same developers?
-- Bob, firstname.lastname@example.org on 29/07/2001
> A competent Windows 2000 administrator can make the average > W2K install as secure as the average Unix installation.
Hmmmm ... events compel me to conclude that:
1) that statement is not _quite_ accurate, or 2) Microsoft has trouble getting competent Windows administrators
given the "Code Red" infection of some "Windows Update" servers.
Calvin Dodge (who was very grateful to be running Apache after seeing Code Red probes from all over in our web log)