Junkmail from Bob, number 30!

Sunday, March 5, 2000

Important Stuff.


Today's junk mail is mostly about computers and the internet, so some people might find it a bit boring. Feel free to skip down to the pictures. You will not be tested over this material.

Wait a minute... I just read the third line at the top. This is IMPORTANT STUFF!  You should read it anyway!!


Today's Y2K Update!

The $50,000,000 Y2K Crisis Center is still around. Rather than shutting it down and selling millions of dollars worth of computers, all sorts of government agencies are trying to get their hands on it.

Did you know that the Federal Computer Incident Response Capability would like to own the Y2K crisis center? But they're competing with the likes of the Critical Infrastructure Assurance Office and the National Infrastructure Protection Center for this pile of toys.

These sound like pretty strange organizations to me. For example, what does the National Infrastructure Protection Center do?

"Established in February 1998, the NIPC's mission is to serve as the U.S. government's focal point for threat assessment, warning, investigation, and response for threats or attacks against our critical infrastructures. These infrastructures, which include telecommunications, energy, banking and finance, water systems, government operations, and emergency services, are the foundation upon which our industrialized society is based."

I had assumed these were just money pits that politicians use to employ their friends, but I can see from this that society as we know it would break down without the NIPC to protect us. How did we ever manage before 1998?

In all fairness, some of these organizations may do some good, but I intend to make fun of them all since I'm paying for them.


Burglary Tools

Tom Bell started work at VP Projects in Hopkins, Minnesota. VP Projects offered service and training for some machining software called Vista. Tom left VP Projects in September, and the company has since gone out of business. After he left VP Projects, he got Nicole Brelje, a coworker, to reinstate his online account. Then he used a program called L0phtCrack to collect a bunch of user IDs and passwords. He logged onto some people's accounts and read and deleted some email that was originally sent to him.

He got caught. Someone apparently noticed some missing email, then I think they quizzed Nicole about it, and finally seized Tom's computer and checked it over.

Tom and Nicole had worked at Epicor before they went to VP Products. Epicor also sells and services Vista software. Tom went to VP Products first, and while Nicole was still at Epicor she emailed Tom Epicor's customer list. Then Nicole joined Tom at VP Products and they started calling on Epicor's customers. When the police were going through all the files on Tom's computer, they found the email with the Epicor customer list.

Wednesday, Tom and Nicole were charged with felonies -- unauthorized computer access, stealing trade secrets, and computer theft.

Tom was also charged with "possession of burglary or theft tools," specifically a program called L0phtCrack, by county attorney Amy Klobuchar.

This charge is getting some people a bit upset. I don't think it should be a crime to possess certain computer programs. In my opinion that gets a little close to "crimes of the mind" that some countries have.


"No New Internet Taxes"

A few weeks ago President Clinton met with some internet people. He agreed then that there should be no taxes on internet commerce. On Monday President Clinton met with some governors who were in Washington for the National Governors' Association meeting. Now he wants a sales tax on internet commerce. I guess he's already got the campaign contributions from those internet people.

Details:

        http://washingtonpost.com/wp-dyn/articles/A46399-2000Feb28.html


Last Tuesday the House and Senate Judiciary Committees met together. They discussed how "assaults on Web sites could cripple the U.S. economy." Hmm... the economy was crippled a few years ago when hardly anyone used the web?

It's amazing how out-of-touch these people are about the internet. Even if I knew nothing about computers and the internet, I would study up on it before a big meeting like this so I wouldn't appear completely ignorant. (Or I'd keep my mouth shut.) High-powered computer industry people came and talked to them, recommending that the government not pass any new laws.

In the meantime, the President's "Working Group on Unlawful Conduct on the Internet" has been having lots of meetings and is about to get their report ready after several months of unquestionably diligent work. The group, headed by Janet Reno, includes top people from the Bureau of Alcohol, Tobacco, and Firearms, the FBI, the Commerce Department, the Food and Drug Administration, and the Drug Enforcement Agency.

They've sent out a draft report, I guess to be sure it doesn't upset too many people before the final copy is released. It says, "The federal government should take steps to improve online traceability and promote international cooperation to identify Internet users." They say there is a "need for real-time tracing of Internet communications across traditional jurisdictional boundaries, both domestically and internationally."

Currently there are no laws requiring users to identify themselves for internet access or anonymous email service. The report recommends encouraging but not requiring ISP's to collect and keep data on their users so the police will have access to it. This will most likely happen, to some extent, and it will most likely result in some lawsuits about constitutional rights of privacy.

I don't think this is too big a deal, but the technology is available for governments to have snooping software that browses and copies files from people's computers who use the internet. This would be a big deal to me, but I don't think it will happen in the U.S. in any big way.

But consider a country where the government has tight control on the people. They could require a certain program to run when a computer is accessing the internet. This might be a program that is actually used to dialup and connect. If a government investigator then wanted to see what Mike Webster has on his computer, all she would have to do is wait until Mike logs on, and then activate the snooping program. She could check out Mike's directories and copy any files that looked suspicious.

If there was a good reason, the investigator could turn on a feature to save keystrokes and mouse clicks. This would make it easy to access Mike's encrypted files. Some companies are doing this now with Investigator 2.0 and similar products. You can download a 30-day trial here:

        http://download.cnet.com/downloads/0-10105-100-915937.html

There's nothing hard about this. But a lot of people in the U.S. are quite sensitive about their privacy, so I don't see the U.S. government doing this any time soon. I think it will be happening in some countries before long, if it's not already.


Speaking of Privacy...

A banner ad is one of the advertisements you see on a web page, like this one:

        banner.htm

DoubleClick is a company that sells banner ads. Rather than having to call up hundreds of web sites that you want to put your ad on, you can go to DoubleClick and pay them to place your ad. You pay by the number of times your ad is displayed on someone's computer, an "impression."

DoubleClick has ads at several hundred large web sites. At each of these sites, they save a cookie onto your computer. Then they can track your web viewing habits and display ads that you're likely to be interested in. Any time you visit a web site that has one of their banner ads, it logs your visit into their database. They don't really know who you are, they just know that user "cbf4c26d" has gone here and here and here on the web, and that this makes you a live target for certain types of ads.

Check out your own computer. There's a good chance you've got a DoubleClick cookie on it. Check c:\windows\cookies and looked for a file named something like username@doubleclick.txt. I just checked and there are two DoubleClick cookies on my computer:  anyuser@doubleclick[1].txt, bob@doubleclick[2].txt and bob@doubleclick[3].txt. (I just changed some numbers in them to keep DoubleClick on their toes.)

On the AltaVista search engine they check to see what you're searching for and log this information into DoubleClick's database. I just tried searching for "spark plug" on AltaVista. The banner ad on the results page was about gambling somewhere. Then I tried searching for "Dilbert." This time the banner ad was something about optimizing my computer.

This is all pretty harmless because you're anonymous. DoubleClick only knows that someone is browsing these places and searching for these items, but not who. BUT, they've recently decided to get some databases with the "who" information and merge them with the browsing habits database. Then they planned to make this information available to advertisers or whoever else would pay for it.

I said "planned" instead of "plan." They caught so much flak from privacy advocates, various politicians, and several internet groups over this plan that Kevin O'Conner, DoubleClick Boss, changed his mind. Kevin said, "It is clear from these discussions that I made a mistake by planning to merge names with anonymous user activity across Web sites..."  I'm sure he just felt bad about invading privacy, but some cynics think DoubleClick's 30% stock drop in less than a month might have had something to do with his about-face.

Here is DoubleClick's press release.  It's kind of unusual for the CEO of a public to say "I made a mistake" in public. I bet his lawyers didn't like that.

        http://www.doubleclick.com/company_info/press_kit/pr.00.03.02.htm


Palm Tops

The stock market is not rational. Palm Computing was wholly owned by 3Com. 3Com is a big company. 3Com sold less than 5% of Palm Computing in an Initial Public Offering this week.

Now, Palm Computing is worth 45 billion dollars on the stock market, and 3Com is worth only 28 billion dollars. This makes no sense. 3Com owns 95% of Palm Computing, but they're worth a little over half as much.

How could this happen? I guess people are betting that there's enough publicity and hype over the Palm Computing stock that the price will go way up. Maybe people who buy it either don't look at the fundamentals or they realize they'll have to dump the stock sometime. I'm pretty baffled about it.


A Notebook on Every Desk

The Governor of Maine is trying to get the state to buy every seventh grader a new notebook computer. Maybe he thought it wasn't likely to get through the legislature and was just announcing it for campaign purposes. On Friday Bill Clinton came out in favor of it and made a big deal out of it, so maybe they'll get some federal money and make it happen. The reason Clinton's involved is because "they" just came out with a "study" that shows poor minorities aren't using computers as much as everybody else. It will cost $50,000,000. Hey, that was the price of the Y2K Crisis Center... I know where they can get the money!

        http://www.state.me.us/governor/news/index.html


Online Brokers Confused?

A few weeks ago when the denial of service attacks happened on Yahoo and other web sites, the online broker Datek Online said they were hit by the hackers too. Now they say it was their own hardware problem. Oops!

I have an account at Datek and I've been having a lot of problems with their software bugs, some of them kind of serious. Once I bought some stock. The price was changed to $4500 a share somehow, which caused my account balance to go a few million dollars negative. This was fixed in a few minutes, but I didn't like it all, at the time. Stock quotes are regularly wrong, and when I download my account data into Quicken, it says I bought or sold the wrong company about one time out of ten. I think I'll try Ameritrade.

National Discount Brokers also claimed to be the victim of the hacker attacks. Thursday they said "Never mind, it was our own software incompatibility."

I wonder why these don't make the headlines like the original claims.


Coolio Gets Caught

There's a 17-year old guy in New Hampshire named Dennis Moran. Last November 14th and 17th he defaced the web site http://www.dare.com, along with a couple of others. Now the Los Angeles Police Department is planning to press charges against him for it, apparently because the FBI believes he's involved in the big DoS attacks on Yahoo and others a few weeks ago.

Thousands of defaced web sites (4,836) are listed on attrition.org's site, including his. Take a look at last November's list of defaced sites:

        http://www.attrition.org/mirror/attrition/1999-11.html

It looks like he might have been singled out on this. Why not chase down all the others? There are a lot more than "Coolio's" three sites here. Here's the news story:

        http://www.msnbc.com/news/377102.asp#BODY


The Unauthorized Site

Most companies have former employees, and many have former employees who are not so happy with their former employer. As a result, former employees are setting up web sites to tell "their side of the story." Some of them have proven to be quite popular with employees, and some have even gathered a following from outside the company. Take a look at the McDonalds-bashing site, for example:

        http://www.mcspotlight.org/help.html

You can find sites like this for a lot of companies. Some are pretty funny.

Students have gotten into the act, too. If a student feels slighted or maybe just doesn't like a teacher, it's a simple matter for a web site to appear expressing the student's point of view for the whole world to see. This has been the cause of a few lawsuits lately. Here's one back in 1998:

        http://www.nyt.com/library/tech/98/08/circuits/articles/13cens.html

... and here's one from last month:

        http://www.nyt.com/library/tech/00/03/cyber/cyberlaw/03law.html

I guess as long as the content is legal, there's not much anybody can do about someone expressing an opinion on a web site.


Napster

There's a popular program called Napster. With Napster, you can share MP3 files with thousands of other individuals on the internet. The problem is that a lot of these are songs copied from music CDs, which happen to be copyrighted.

This is getting pretty big, even though it's only been around about 10 months. According to the San Francisco Chronicle, "Hundreds of thousands of college students are using Napster, searching from a virtual library of millions of MP3-formatted songs stored on one another's computer hard drives."

Over 100 universities have banned Napster from their networks, mostly because Napster users eat up a lot of bandwidth, although some say it's to prevent copyright violations. And, as you might expect, record companies have now sued Napster.

I just ran Napster, and right now there are 611,192 songs available for me to download. Even though a lot of them are duplicates, it's amazing. It keeps the songs that I download in a library that's shared with everyone else who's logged into Napster. They can download mine and I can download theirs.

I just did a search for "Uneasy Rider." There are 18 copies available for me to download. But there's only one piece by Bruckner and 18 by Mussorgsky. I guess classical music is not quite as popular with the Napster crowd.

You can get yours at http://www.napster.com, at least for a while.


Get your college degree in Computer Gaming and UC Irvine!

        http://www.zdnet.com/zdnn/stories/news/0,4586,2455068,00.html


Finally, the pictures of today!

Some foggy photos I took yesterday:

        Img_3287.jpg

        Img_3290.jpg

        Img_3291.jpg

        Img_3294.jpg

Here is a picture of the planet Neptune taken by Voyager 2 in 1989:

        neptune2.jpg

Here are some big clouds (on Neptune), about 30 miles high:

        neptune3.jpg

And last but not least:  Saturn, from the dark side. Voyager 1 took this one in 1980:

        saturn.jpg


(¢) 2000, No rights deserved. I put a new motherboard in my computer yesterday, and it has locked up a few times. If anything in here offends you, it is Intel's fault. If you find any mistakes, it is Intel's fault. Any unauthorized copying of this Junkmail is Intel's fault.

If you would like to add yourself, your friends, your neighbors, or Hillary Clinton to the Junkmail list, go to

        http://xpda.com/junkmail

You can read past issues here too, although if you have that much time on your hands you might be unemployed.

If you would like to stop receiving Junkmail, you can (1) turn off your computer and leave it off, (2) replace the www.dare.org web site with the Junkmail web site, or (3) send the GAO $140 for the Y2K Crisis Center and use it to mount a DoS attack against upperspace.com.