Even more Junkmail from Bob!

Sunday, January 16, 2000

Important Stuff.

Walt Anderson has an interesting idea. He's planning to renovate the Russian space station Mir and use it for commercial applications. What kind of applications? Tourism, among others. Sign me up!  But it looks like I'll have to wait for the economy fares. The ticket prices are starting out at $25,000,000 to $40,000,000. I think I'd also like to see some live returnees before I go. Anderson has invested $7,000,000 and is supposed to add another $14,000,000 soon. He's forming a partnership with Energiya, the Russian space agency that owns the empty space station. I think Mir needs some serious remodeling. Its last visitors did not give it a 5-star rating.

Sketchy details are in the San Jose Mercury News.

The pictures of today are from Quandary Peak, Colorado. Serge Bigotto and I started up Quandary Peak last week and almost got to the top. It was cold and windy! There was a lot of snow too.

We used show shoes:


Snowshoes distribute your weight over a larger area, keeping you on top of the snow like this:


More Quandary pictures:


Last month Mobil and BP sold some aviation gasoline in Australia. This is normal. The avgas they sold had some (or too much?) ethylene di-amine in it. This is not normal. In fact, it causes corrosion and stops airplane engines. That's bad.

So in Australia, a few thousand airplanes have been grounded. The gasoline corrodes fuel tanks, brass fittings, and some other stuff. They don't have a field test for the ethylene di-amine or the contamination by-products, so all these airplanes that potentially have the bad gas are sitting around waiting to be checked out.

The bad gas came from Mobil's refinery in Victoria. I think someone must be in trouble over this one. Lee Raymond, president and CEO of Exxon Mobil Corporation, said of the fuel problem, "Oh well, it's a lot cheaper than an oil spill."



Piper is coming out with the Malibu Meridian soon that won't have gasoline problems because it has a turbine engine like the TBM-700. They have 4 prototypes flying. At least they did until last week -- now there are three. A guy named Floyd was flying along one at 15,000 feet when engine quit. He landed on I95 with the wheels up. I'm not sure why he didn't glide to an airport. From 15,000' there's almost always an airport within gliding range in Florida. I'm also not sure why he landed with the wheels up on a highway. I imagine he had a good reason -- test pilots are usually very conscious of emergency procedures.

The engine quit because they ran the fuel tank dry. This was intentional. They were checking to see how much "unusable fuel" there is in the fuel system. They had an auxiliary tank installed to take over when the factory tank ran dry. The auxiliary tank didn't work. This was not intentional.

A year ago last July a Cessna Citation flown by a guy named Scott ran out of fuel and landed on highway K96 near Wichita during (or shortly after?) a test flight. They brought in a fuel truck, took off from the highway, and went back to the airport. Maybe that's what test pilots do when they're bored.

The other pictures of today are from Hilton Head, South Carolina. I'm there now with my eldest toddler, Brian. He's playing tennis and I'm wandering around...

        Hilton Head

When you buy something over the internet, you generally pay for it with a credit card. You enter your credit card number and expiration date and then you get something in return, like an airline ticket or a computer or a digital camera. It's almost magic!

I buy quite a bit of stuff on the internet because I'm not much of a traditional shopper, and I can usually get it cheaper on the internet anyway. I bought 3 CDs for Melinda (my youngest kid) for Christmas on the internet, for example. There's no problem using a credit card online because of the strong encryption algorithms in use.

But...  the encryption is only as good as its implementation. Once there was a company whose secrets were being stolen from it's highly secure computer system. They hired a high-dollar consultant to track down their security leak. Finally, after a long time and a lot of dollars, he figured it out. He went into the CEO's office and pointed out someone looking at the CEO's computer screen from a window across the street with binoculars. All the passwords and computer security in the world couldn't prevent that.

I'm not sure if that story's true, but it does make a point -- if you want to break into a computer system, find the easy way. Since people are involved and people make lots of mistakes, this is usually possible. One common way for someone to break into a computer system is to visit the physical office and look around for passwords on paper on and around desks.

If I was going to steal a credit card number on the internet I would probably find an easier way than cracking the strong encryption. For example, I might find an airline company's web site that left one of their web pages unsecure. Like Northwest Airlines did a few days ago. The page where people redeem frequent flier miles was left unsecure for one day after some software maintenance. Probably not many credit card numbers were copied, though. I guess the Northwest Air programmers were too busy rescheduling airplanes because of the flight attendant "sick-outs". They had to cancel about 300 flights over the holidays. A judge finally sent the flight attendants back to work.

CD Universe wasn't so lucky. A guy who claims to be an 18-year old Russian who goes by the internet name Maxus Stone broke into the Cybercash computer system and copied about 300,000 credit card numbers and expiration dates. Cybercash is a company that processes credit card charges for internet merchants such as CD Universe. The 300,000 credit card numbers happened to belong to CD Universe customers.

Maxus was asking CD Universe for $100,000 in ransom. They wouldn't pay. So about a week ago he put the credit card numbers up on a web site where anybody could click on a button and get a free random credit card number. About 25,000 card numbers were distributed before the site was taken down. Here's a copy of the web page (sans card numbers) (warning: there might be some naughty words here):


I thought this was kind of funny. Then I got this email yesterday:

"Dear Robert, As a valuable customer of CD Universe, we wanted to alert you to the fact that we have recently become aware that a portion of our customer information has been stolen. Along with several other online merchants, we were the target of a sophisticated hacker. We are taking every conceivable step to make sure the information you have provided to us in the past for ordering online is secure and remains so. However, there is a chance that the loss of such CD Universe customer information could result in fraudulent charges on your credit card. For your safety, we suggest you monitor your credit cards closely over the next few weeks and report any suspicious activity to your credit card company and CD Universe as well. The type of and last four digits of the credit card you have used at CD Universe are listed below this message. We also suggest you change your password by emailing our customer service department at password@cduniverse.com. If you have any questions, please feel free to contact our customer service department at 1.800.231.7937 or questions@cduniverse.com. Our customer service department is open Monday through Friday 9 AM to 10 PM. Once again, I apologize for the inconvenience. We appreciate your business and will do everything we can to help you during this process. Thank you for your patience. Please also feel free to contact me directly at bgreenspan@euniverse.com.  Sincerely, Brad D. Greenspan Chairman, eUniverse / CD Universe"

Whoops! Those CDs for Melinda may end up costing me more than I planned!  I still think it's funny, though. I'm thinking Mr. Greenspan might want some info on computer security so I've added him to the Junkmail list. I am glad he didn't pay the extortion. I have to dispute some of the wording of this letter. The customer information was not stolen, it was just copied. CD Universe still has possession too.

This letter says that I am supposed to change my CD Universe password. I wonder if they just put this in to make me feel more secure, or if someone copied their login records too. I use a total of two or three passwords for all non-financial web sites. If CD Universe gave someone my password, it could also be used at buy.com. I realize that this isn't the most secure way to be, but I'm lazy and credit card companies will refund unauthorized charges.

I suspect this was just something they stuck in the letter. If the passwords were really taken, CD Universe would disable the old ones and email new ones to its customers.

One thing that's a good idea is to keep in mind the level of security when you're using passwords. For a brokerage account, I use a unique password that I use nowhere else. Same for the internet login and email passwords. Passwords for web sites have relatively little risk, so I am not so careful there. If you use the same password at CD Universe and Ameritrade, when someone takes your CD Universe password and tries it on Ameritrade, they can sell all your stock, ask for a check to be sent, and steal it from your mailbox. Or a dozen other expensive things.

Speaking of online trading, I opened a Datek Online account a year or two ago. I tried Ameritrade but at the time they were slow and their software was lousy. Datek has a pretty fast system. But this week I read that their quotes are wrong sometimes, so I checked it out.

On Wednesday (+/- a day) the Datek quote for Sprint was 65 7/16, which was correct, but it showed it was down 42 15/16, which was definitely wrong. The day before, Datek's closing price quote for Sprint was too high by 40 or so. Two other stocks (HWP and IDA) out of the 10 I checked had incorrect prices. I am really surprised they had not fixed this as soon as it was made public. You just can't trust these computer types.

Now people who lost money on the stock market are suing Datek, claiming they wouldn't have lost the money if they'd had accurate quotes. This is in spite of the fact that when you get a Datek account, as with other online accounts, you have to sign something saying that the online quotes might be wrong and that's OK with you. It IS a major blunder at any rate.

The internet is a good place to get stock tips. However, internet stock tips are no better than TV stock tips or newspaper stock tips or horse racing tips. Internet stock tips are different, though, because things happen so fast on the internet.

Day traders are people who buy and sell stock, typically holding it for a few days or one day or less. That's why they're called "day traders," NOT because they admire Sandra Day O'Conner as is so commonly assumed.

When good news comes out about a company, the stock price typically goes up. If a day trader is really on top of things and reads the news first, she can buy the stock before most of the rest of the world before the price goes up all the way. Then she can sell it in a few minutes after it's gone up and make a profit. It may be only 2 or 5 percent, but if you do this a few times a day you'll make some money.

Day traders get into chat rooms where they exchange the new news and help one another. So if I wanted to sell some stock, I could go into a stock chat room and tell them some fake "hot news" on my stock. Then, when the others started buying, it would drive the price up and I could sell for a profit. I could even make a fake web page with some legitimate looking news on it.

Someone actually did this last year. They told everyone in a stock chat room that there was some news on a company, and provided a link to the Bloomberg news article. Except the link really went to a private page that LOOKED like Bloomberg. The stock went up over 50%. The funny thing is, after it was exposed and everyone knew it was a fake, the stock stayed up 10% over its original price!

On a thinly traded microcap stock, one where not many people buy and sell, it doesn't take too much to drive the price up or down 20% or more. I can hype the stock of a small company in a chat room, people will buy it, drive the price up, and I'll be a hero. It's a self-fulfilling prophecy. It's also illegal. The problem is that the price will come down in a few days and the people left holding the stock will lose out.

What's the difference between promoting a stock in a chat room and doing it on TV like all the "experts" do? Not much, UNLESS you are selling the stock you're telling others to buy, or if you're making money by hyping the stock.

Since it's easier to get into a chat room than Wall Street Week in Review, there's been more abuse in chat rooms lately. The SEC has figured this out so they're hiring 50 or 60 new people to investigate internet stock fraud like this.

I might also add that most day traders (I've read 70% and 80%) end up losing money. You're better off working for a living. In fact, you're better off playing Everquest for a living -- at least then you break even.

More companies are getting into the DVD lawsuit business! You can get some background info in Junkmail 13. Friday, some big film companies sued the operators of 3 web sites. 2 still are active with DeCSS online. The "evil corporations" are Buena Vista Pictures, Metro-Goldwyn-Mayer, Paramount Pictures, Sony Pictures Entertainment, Twentieth Century Fox Film, Universal Studios, and Warner Bros. Here are the complaints, if you like boring legal stuff:

        http://www.mpaa.org/dvd/Connecticut Claim.htm
        http://www.mpaa.org/dvd/New York Claim.htm

In view of AOL's impending merger with Time-Warner, and Warner's suing people over DeCSS, I felt obliged to put DeCSS onto AOL.


It's funny that I could not upload DeCSS.zip, even under a different name, until I put it inside another zip file. AOL has some kind of filter that blocks that specific file. That's interesting. Remember, don't download any 4-gigabyte movies with this software.

Here are 2 of the 3 sites being sued:


Maybe AOL will be added to the list now?

The state of Texas is on top of things. They're still warning us about the impending Y2K catastrophes:


OK, maybe I exxagerated a bit. But it IS history now.

One more picture of today:  The Rosette Nebula, just about 3000 light-years northeast of Locust Grove.


(e) 1900 All rights undeserved. Any unauthorized copying of this "work," whether electronic or otherwise, is expressly uninhibited. If you are new to Junkmail and are particularly warped, you can see other Junkmails at http://xpda.com/junkmail. If you want to sign up anybody else to receive future Junkmails, friends and enemies alike, you can do that at this web site also. If you would like to stop receiving Junkmail, email 1,000 euros to me, change your email address, or contact George W. Bush and tell him to vote for Jeb.