More Junkmail from Bob!
Sunday, May 07, 2000
Important Stuff.
I ALMOST used "ILOVEYOU" for the subject line...
Ludwig
Today in 1824, Beethoven's 9th symphony was performed for the first time. He had been working on it for several years before that. 121 years later on May 7, World War II ended in Europe.
Beethoven used a chorus in the last movement, something new and exciting. The words were a poem by Mr. Schiller:
freude.htm
There was a movie about Beethoven called Immortal Beloved. It was based about some love letters Beethoven had when he died. The movie was wrong -- the true "Immortal Beloved" was Antonie Brentano. Here's her picture:
Brentano.jpg
Here are some details (by a physicist!):
http://www.physics.usyd.edu.au/~simonj/lvb/ib.html
GPS Positions Better
Since midnight Monday, your GPS is 10 times more accurate! They finally started giving all civilian GPS receivers the same accurate data that has been reserved for U.S. military GPS receivers.
In the past, the GPS data for civilians has been fuzzed up a bit to limit the accuracy to about 100 meters horizontally. Now it's good for about 10 meters. (I've seen different numbers for these amounts. I think these are the correct ones, but I could be wrong.) They reserve the right to fuzz up the data again should the need arise, so don't get too dependent on it.
One funny thing about this is that during the Gulf War, they unfuzzed the civilian data but didn't tell anybody. That's because the military ran out of military GPS receivers and they had to pass out civilian GPS's to the army.
This is a good thing for hikers, where a 300 foot error could put you on the wrong side of a river. Airplanes and ships aren't so particular except when they get close to land.
Fly Aeroflot!
The Russian aviation industry is not looking good. In the 1980s there were 135 million passengers per year on Russian airlines. Last year there were 20 million. 8 years ago there were over 1300 active airports in Russia. Today there are 533. Russian aircraft plants have all but stopped producing planes. They used to turn out 2500 aircraft a year, and now they produce only a few dozen -- mostly helicopters and military jets. I was really surprised to learn that there was this much difference.
Blue Light
Gallium Nitride is coming! Gallium nitride LEDs (light emitting diodes) produce a little less light than regular tungsten filament light bulb, but they use 1/10 the electricity and last 100 times longer. They're being used now in some traffic lights, the tail lights of the 2000 Cadillac DeVille, and some lighted billboards like the one on Times Square. It's possible that they could start replacing light bulbs before too long.
Gallium nitride lasers in CD players will be out in a year or so. This should allow about 4 times as much data (movie, music, or computer data) on a disk. I think the format will have to change, though. I'm not sure, but the DVD format may be flexible enough to handle the increased density.
Here's where you can beat the rush and buy your gallium nitride LED today:
http://www.cree.com/
Stock?
Should you buy stock in Cree? I don't know. Their stock history has the typical hype-bubble, so maybe the price is coming down. Take a look at these three 2-year stock histories:
cree.htm
These companies have all been "hot stocks" recently. The price was pretty low for a long time, and then a sharp BIG increase followed by a recent downturn -- it's a big bump at the right side of the 2-year chart. These companies also have either have 3-digit P/E ratios or are losing money.
Learn2.com has 3 of these bumps over the past two years:
ltwo.htm
I really have no clue what any of this means, but it's interesting.
Blue Light Special on Iridium 52!
Motorola and Iridium are stalling on sending the 66 or so satellites into the ocean. They're still looking for buyers...
get your bid in now!
Internet Eavesdroppers
The U.K. has required that all Internet Service Providers provide dedicated connections to the British secret service (MI5) that will enable the secret service to eavesdrop on any internet communication, including email, banking data, and credit card transactions. The British government says that it's just like telephone wiretapping and it won't be used without a warrant. It's supposed to be installed by the end of the year.
The Russian government already has a similar setup in operation. The Russian government says it's just like telephone wiretapping, and they won't use it unless they feel like it.
UCITA
A few weeks ago in
Junkmail 32 I mentioned that Virginia passed a new law that favors software companies. The week before last, Maryland approved the Uniform Computer Information Transaction Act (UCITA). Delaware is probably next.
Details.
Ice
The polar icecap covers more than just the North Pole. It covers a pretty large area.
Here's the area that's under ice today.
In Canada the ice goes clear down into Hudson Bay. Here's a picture of Hudson Bay on Monday:
Img_4105.jpg
Pictures of Today
What a difference a couple of months makes!
A foggy March 5, 2000:
Img_3291.jpg
The same place, Cinco de Mayo, 2000:
Img_4116.jpg
Another green picture:
Img_4127.jpg
Land Octopus, before and after Spring sprang:
img_3191.jpg
img_4134.jpg
Here's a weird airplane. This was in Iqaluit last weekend, and I never did figure out what it does:
img_4091.jpg
img_4092.jpg
img_4093.jpg
img_4094.jpg
img_4095.jpg
(Is that a towel around Mike's neck?)
Here's another weird airplane. This one was in Thunder Bay last Monday. It lands on water:
img_4110.jpg
The "Love Bug" -- How it Works
That's no virus, it's a WORM. What's the difference? A computer virus is a program that modifies another program by attaching a copy of itself. Then, when you run the modified program you unknowingly run the virus.
A worm, or trojan horse, is a stand-alone program. You have to run it explicitly. Why would anybody intentionally run a program like this? Usually, because someone thinks the program is something else. Like a love note, for example.
Most of the news people are calling this worm a virus, so that's name will likely be used for worms and viruses in the future. So I'll call the Love Bug a virus here even though it's just a collection of zeros and ones.
There are generally two parts to a virus -- replication and payload. The Love Bug runs on Microsoft Outlook. It replicates by emailing itself to everybody in the Outlook address book.
The payload is the part of the virus that actually does something. It might display a funny message on the screen, erase some files, or copy some data.
The Love Bug first copies itself to three files on your hard drive:
windows\system\MSKernel32.vbs
windows\system\LOVE-LETTER-FOR-YOU.TXT.vbs, and
windows\Win32DLL.vbs.
Then it sets a few startup commands so it is executed whenever the machine restarts.
Next, it tries to retrieve the following files over the internet:
www.skyinet.net/~young1s/HJK.../WIN-BUGSFIX.exe
www.skyinet.net/~angelcat/skl.../WIN-BUGSFIX.exe
www.skyinet.net/~koichi/jf6.../WIN-BUGSFIX.exe
www.skyinet.net/~chu/sdg.../WIN-BUGSFIX.exe
The skyinet domain is now offline. The purpose of this was probably to allow dynamic updates of the worm or to email copies of user passwords to someone.
Then the Love Bug overwrites itself into all the jpeg images (.jpg and .jpeg), VB Script files (.vbs and .vbe), and Java Script files (.je and .jse). This essentially makes the image files unusable. The VB Script and maybe the Java Script files will run the Love Bug whenever any of them are double clicked. It also sets each mp2 and mp3 files to be hidden and creates a copy of itself with that file name and a .vbs extension. Then when the user clicks on what is thought to be an MP3 file, it runs the Love Bug again. This happens on all mapped network drives as well as the local hard drives.
If an infected user runs MIRC, copy of the love bug is sent to everyone in the chat room.
Pretty complex, huh? Not really. The author took some parts from other worms and combined them into one. It spread a lot faster than the similar Melissa virus because of two things. First, it sends itself to everyone in the user's address book instead of the first 50 like Melissa did, and second, it says it's a love note which causes lots of people to double click on it.
How bad is it? Not very. It's just that it's in the headlines and politicians don't understand it so they're treating it like a terrorist attack where people get killed. It's not. It's just a relatively simple program.
One thing about this virus is that it's written entirely in VB Script. This means that every recipient of the Love Bug has the source code, and with a little knowledge can modify it and send it on its way to more machines.
How can we protect ourselves against these dastardly deeds? It's easy. (a) Do not run programs that you get as email attachments. (b) Keep a current backup. It's really not a big deal.
It's pretty funny to look at the reactions from this.
Napster users: It's a conspiracy by the recording industry to destroy MP3 files.
The FBI: We need more money to combat this kind of thing. Send Cash.
Senators: We're going to pass tough legislation to protect you from this. Send cash and vote for us.
George W. Bush: Al Gore is behind this. He invented the internet. Send cash and vote for me.
Justice Department: That's what you get for using a Microsoft product. Send Microsoft's cash.
Bill Clinton: What happened to all my pictures?!!!
OK, I'll admit I did "paraphrase" some of these.
The Love Bug -- My Opinion
And now, my opinion on all of this. Are the politicians over-reacting again? I think so. You can already go to jail for years for spreading a virus. In some cases you get more jail time for a computer virus than for robbery. It is extremely easy to avoid getting a computer virus. In fact, with the Love Bug, you have to explicitly run it in order for it to do any damage. It seems to me that if I run the Love Bug and it sends it to 147 people in my address book, I am guilty of spreading it. It's not quite as bad as writing the original code, but I am at fault.
At any rate, there already severe laws against intentionally spreading viruses, and I don't think we need any new ones.
It's possible that the author was just playing around with it and it accidentally "got away". Someone's email address is left in the source code, after all. If it was an intentionally criminal act, why would they do that? Here are the first two lines of the Love Bug program:
rem barok -loveletter(vbe) <i hate go to school>
rem by: spyder / ispyder@mail.com / @GRAMMERSoft Group /
These are comments, supposedly showing who wrote it. It could be misdirection, of course.
But the scary part is that I might be playing around with this program tomorrow just for fun, and to learn about it. For example, I could change this line:
elseif(ext="jpg") or (ext="jpeg") then
to this:
elseif(ext="exe") then
This would cause the Love Bug to overwrite all the programs on the hard drive, requiring Windows to be reinstalled -- more time-consuming that restoring .jpg files. Or I could change it to this, overwriting all document files:
elseif(ext="doc") or (ext="txt") then
Then if I inadvertently clicked send, or maybe had my computer connected to the internet when I thought it wasn't, the new Love Bug could be sent accidentally to everyone in my address book. Or I might send it to Mike for a joke and he could accidentally let it out into the "wild".
I could spend 1 minute playing around on my own computer in my own home, and end up spending years in jail for it. That scares me. That's why I don't like all the politicians on TV shouting, "Hang 'em High!" Most of them don't have a clue what's going on with this.
What about the original author? There's not one. The guy who "wrote" the Love Bug just combined parts from 4 other worm programs that have been posted on the internet. These each probably contains borrowed code from others, and so on. It did not require a whole lot of effort.
So what's the solution, if it's so easy to write and send out one of these programs? DO NOT DOUBLE CLICK ON PROGRAMS ATTACHED TO EMAIL!!! It's that simple. That will solve this problem.
Also, keep a current backup. Most people I know rarely backup their home computers. You can buy a CDR drive that will copy data to a write-once or re-writeable CDR for around $200. The CDR media costs less than a dollar per disk now. It's standard, you can use it for other things, and it's simple to use.
If people did these two things, the Love Bug would not have been a problem. I see this as self-inflicted data loss, as opposed to someone breaking into a computer system.
And finally, Upperspace Corporation has a new home! Yeah, I know. We just moved. It was fun, so we moved again! Unfortunately (or fortunately if you're on a modem and tired of downloading pictures), I didn't take any pictures of the new building. Maybe next week...
(@) 2020, All sprites reserved. Unauthorized copying and distribution of Junkmail is authorized. To sign up yourself, someone you know, or someone you'd like to know for Junkmail, go to
http://xpda.com/junkmail
You can read other Junkmails there too, in case you missed one. If you would like to stop receiving junkmail, double-click on the attached file named LOVE-LETTER-FOR-YOU.TXT.vbs. You can email comments, questions, criticisms, or the local weather to me at
bob@xpda.com.
G'day!
