CHAOS MANOR MAILA SELECTIONMAIL 89: February 21 - 27, 2000 REFRESH/RELOAD EARLY AND OFTEN! |
|
CLICK ON THE BLIMP TO SEND MAIL TO ME The current page will always have the name currentmail.html and may be bookmarked. For previous weeks, go to the MAIL HOME PAGE. FOR THE CURRENT VIEW PAGE CLICK HERE If you are not paying for this place, click here... IF YOU SEND MAIL it may be published; if you want it private SAY SO AT THE TOP of the mail. I try to respect confidences, but there is only me, and this is Chaos Manor. If you want a mail address other than the one from which you sent the mail to appear, PUT THAT AT THE END OF THE LETTER as a signature. I try to answer mail, but mostly I can't get to all of it. I read it all, although not always the instant it comes in. I do have books to write too... I am reminded of H. P. Lovecraft who slowly starved to death while answering fan mail. Search: type in string and press return.
|
|
If you subscribed: If you didn't and haven't, why not? Highlights this week:
|
This week: | Monday
February 21, 2000
The mail bombing continues, but only on one account, and that not an important one.
|
This week: | Tuesday, February
21, 2000
Dr.
Pournelle, With all the
efforts you put forth to assemble and troubleshoot computers, I though it
might be interesting to hear of an old one still cranking away at my
office, an Everex 486/DX33, obtained in October 1990. It’s still running
the 1987 AMI BIOS and has 16mb ram with a 275mb IDE hard drive. We keep
this old dog to access old backup data from two tape drives, an Everex
DC6250 and a Conner MS4000 SCSI, and to accommodate that annual need for
transferring files from a 5.25" 1.2mb floppy drive. We're still
running DOS 6.22 on this PC with Windows 3.11. The real treat is to use
PC-Tools 8 when mucking about the drive. Three years
ago when moving the tape drives into this PC, I realized I’d forgotten
where the disks were for the backup software for the Everex. Not a good
thing, especially when a search of the usual locations failed to produce
desired results. Fortunately, the Everex web site had a link to legacy
software for this tape drive. The Y2K
issue caused it to display 01/01/1980 but the current date was retained
after it was correctly entered. The truly odd part is the indicated
maximum file date displayed in the program for the Everex tape drive:
12/31/2107. Stan
Fuhrhop smf@absconsultants.com Interesting. I don't offhand equate that date with anything but it probably has some computerish significance... I wrote most of my novels until recently on "Supercow", a Gateway 486 DX2, with Word for Windows 3.0c as I recall. Worked fine. Eventually I swapped for a Celeron in the monk's cell because I wanted faster access to some assets and I like the self-correction features in Word 97 (now 2000); also Franklin Access runs slow on old machines. But good enough is still good enough... There is a great deal on mail bombing and the Spam Attack: From: Chris Morton (chrism@systemcareinc.com) Subj.: Mailbombing Dear Dr. Pournelle: Let me propopose an alternate explanation for why you're being mailbombed. Rather than the culprit, perhaps the purported sender is really a victim. A couple of years ago, I got an email message stating that my "order" for three adult videos had been received, and unless I called one of three numbers, my credit card would be charged for them. I hadn't ordered any adult videos, so naturally I called the numbers but was unable to get through, the number being constantly busy. When I did get through, the recorded message directed me to the police in a town in Florida and something called "Call for Action". In the meantime, I was forced to cancel my credit card because of my inability to contact the supposed billing organization. To make a long story short, "Call for Action" was a television consumer assistance show. Between them and the police I learned that my credit card had not actually been accessed. What had really happened was that a "gentleman" in Florida had gotten into financial difficulties. This had led to him not paying the fees at a marina/boatyard, which in turn repossessed his boats. In retaliation for the repossession, the owner had sent out thousands of email messages similar to the one I received. The phone numbers were in reality the office, cell phone and fax numbers of the boatyard. Having thus brought the operations of the boatyard to a standstill, the owner fled to Switzerland. The financial services company identified in the mailbombing may indeed be guilty. On the other hand, they may be the victim of someone determined to engender hostility toward them for a purpose as yet unknown. Chris Morton Senior Technician/Network Administrator System Care, Inc. chrism@systemcareinc.com Interesting, and quite possibly applicable in my case: I'll be looking into that shortly. I even had the theory at one point that this was some insane effort to get back at a Spammer by REALLY sending out his spam. Surely no one in his right mind would do this and leave a real phone number in the body of the spam. But in case: Greetings, first off, I must say I've been reading your columns since the early 80s, and was sorry to see Byte go poof. Secondly; the correct federal resources to use for your problem is email: uce@ftc.gov the California state legislation involved that addresses this is: California Assembly Bill 1629 (1998) [enacted 9/26/98] (permits ISPs to sue those who send unsolicited commercial messages in violation of an ISP's policy if the sender has actual notice of the policy, possibly including a notice embedded in the e-mail server software, and imposes criminal penalties upon those who cause computer system disruptions by using a false domain name to send messages; as the bill was originally introduced, it would have prohibited unsolicited e-mail advertisements) California Assembly Bill 1676 (1998) [enacted 9/26/98] (requires unsolicited e-mail advertisements to include opt-out instructions with a toll-free telephone number or a valid return address; requires senders to honor opt-out requests; and requires certain e-mail advertisements to contain "ADV:" or "ADV:ADLT" at the beginning of the subject line) its a pity this citizen is not from Washington state, the laws are much harsher. ;) People to meet up with, www.cauce.org have a look, :> hrmmm what else???? The telephone number for the FBI Computer Crime squad in San Francisco is easily found however they will not look at anything with a quantified loss of any less than about $250,000 USD. We have a great deal of experience hunting down spammers who have in the past attacked our clients and I believe that the included information may be useful to you. Warmest regards; - -sr Thanks! Jerry, I think it is time that ISPs gave us the facility to filter mail at the server. You could then have logged into IBM.NET (now owned by AT&;T) and asked it to delete all mail from that address, thus saving you the download pain. I believe that some ISPs have the facility to do this, but not enough. AOL, CompuServe, and the free web-mail providers may have the ability to block certain senders, but this doesn't seem to work in the long term. I understand the real annoyance it gives you in the US for downloading this stuff over a dialup (56k) link, however for those of us in Europe with per minute billing it could be _really_ financially serious! The "cost transfer" could be much more serious at peak rate. Thanks for a great website, regards, James -- James Chamier - james@chamier.co.uk "If a picture says a thousand words, 999 of them you didn't mean to say." Jerry: It won't stop your spam today but anyone in California being spammed by a firm in California can fill out a form on the State Atty. General's web page. If its an obvious scam, they may step in. < http://caag.state.ca.us/piu/mailform.htm > And since the FBI has been following up on DoS attacks, you might try calling them. Ditto for Better Business Bureau in location of firm. One more tip--check the Message-ID fields. If they are all the same, it suggests that the mail server has flipped out and keeps sending. Different IDs means sender is sending multiple copies. Meanwhile, it won't help much but do filter the spam into a special mailbox so you can find the real mail. --Jim (And don't use my e-mail address. These folks haven't e-mailed me yet and I don't want to give them any help!)
Jerry, >>> but one moral of the story is that there probably aren't any legitimate email advertising services -- they're ALL spam. Until they have to pay by recipient, that's a fair characteristic. And especially when they try to obfuscate the origin account. Opt-in should be the only way to get automatic mailings from anywhere. The current charade of "opt out" and "excuse us for this once-only mailing you" is insulting rubbish. / Bo -- "Bo Leuf" <bo@leuf.com> Leuf fc3 Consultancy http://www.leuf.com/ And if you go to the DMA and "opt out" YOU WILL GET SPAMMED. I used an address created only for the purpose of opting out, and I GOT SPAM there after I told them I wanted that address "out". I told them all my other addresses, too: big mistake. They all got more spam. I can't prove that since I didn't keep records. But the new address? Come now... As you say, insulting rubbish. The Direct Mail Association is apparently a confederation of mail abusers. Jerry, My guess on the Everex date field is that it uses a signed byte value for the year, with 0 being 1980, and 127 (the largest positive value for a signed byte) being 2107. Meanwhile I, too, created an email address solely for the purpose of opting out of the DMA's spamfest. So far I've received two pieces of spam at that address in just over a week. That's not quite a flood, but it is obvious that people with access to the DMA's database aren't obligated to use it for its purported purpose. Calvin Dodge Thanks.
|
This week: |
Wednesday,
February 23, 2000 I get a lot of good mail, but then once in a while there is something like this: It really makes me sad to read about all your WinXXX install problems. Try a copy of RedHat 6.1. Install is a piece of cake. All the boot stuff is done with scripts. The HOW-TO and FAQ docs are excellent. Write about it!! rich -- rich.gregory@virginia.edu MAE Room 318 / Thornton B211 http://www.people.virginia.edu/~rtg2t Now I don't know precisely why this irritates me, but it does. First, the writer clearly has not the slightest notion of who I am or what I do or what I write about, so why does he care what I write about? He's not going to read it. I presume he has been reading some discussion somewhere that mentioned one of my column, and decided to hare off in the full flush of enthusiasm to fetch the axe. Ah well. I don't know why I got this: There's a lot of wild rumours flying around the Internet today about Aureate, so I thought I'd send you this from the NT Security list. Jonathan Sturm -----Original Message----- From: Gustav Almstrom [mailto:ranma@ALGONET.SE] Sent: Thursday, 24 February 2000 8:04 AM To: win2ksecadvice@LISTSERV.NTSECURITY.NET Subject: Answer from Aureate When I read the post about Aureate spying on "us" I, and probably a lot of other people on this list, did a filesearch on my system. I found a few of the mentioned files. I also took my time to forward the post to Aureate to give them a chance to reply. This is the answer I got from them; Gustav, A variety of false rumors have been started, and we would appreciate your help in finding the source of these rumors so that we can clarify what our technology actually does and put these to rest. As you may already know, what Aureate Media does is work with software companies to make their products advertising supported. Aureate's technology allows for these advertisements to be delivered and displayed within the software products of these software products. The following concerns are those that have been brought to our attention. If you have additional concerns, please do contact us directly. Advert.dll creates a hidden window every time you open your browser This is true, but this happens because of the way that Microsoft Windows networking works. You will find that in running almost any windows program that hidden windows are created as this is how the OS was designed. Advert.dll creates and sends 4 pages of information to Aureate on port 1749 We aren't sure exactly what is being referred to here. The first time someone installs software they are presented with an optional demographic survey (none of the information is required), and this information is sent to us one time (after the survey is completed). Prior to answering these questions, the user is presented with information explaining why we ask these questions and how the answers are used. The information sent is only the information provided. The use of port 1749 is misleading, as again this is something built into the way that Microsoft Windows networking works. Windows will pick a high numbered port (1500+) in a largely random fashion. Again, this is how the OS works. Advert.dll will send your name to Aureate as it is listed in the system registry Completely false. Advert.dll will send your IP address to Aureate Your IP address is sent, again because of the way that Microsoft Windows networking and TCP/IP protocol works. An IP address is obviously required in order to communicate with an internet server in any instance. Advert.dll performs a reverse DNS lookup on your IP address Here again, it is Microsoft Windows networking that does this as part of the OS networking system. Advert.dll creates a process anytime your browser is open. This is true. This process delivers advertisements to a cache on the users PC which are displayed while the software is being run. This works in a similar way to how the browser works, with content and images (including ads) being delivered to a cache on the users PC and then are displayed in the browser window. Advert.dll sends a list of all software listed in your registry Completely false. Advert.dll sends a list of all URL's you click on/visit Completely false. Advert.dll sends a list of all ad banners you click on Completely false. We will of course know when you click on an ad banner that we delivered such that we can send the user to that advertisers web site in the same way that any ad network works. Advert.dll will send all downloads you perform and related information Completely false. Advert.dll will send full time and date stamps of all your actions while you use your browser. Completely false. Advert.dll contains the string "Show me the money! I want to be Mike!" This is true. It's a text string used by the DLL. DLLs contain many text strings which are used by the DLL itself. For example, if a particular program displayed a window which contained the text "Hello World", then the "Hello World" text string would be present inside that DLL. Advpack.dll (and all comments relating to it) Completely false. Advpack.dll is not one of our DLLs. Amcis.dll modifies the following registry keys: (list of keys removed) Amcis.dll will only add itself to the HKEY_CLASSES_ROOT registry key, as does any DLL installed on your system. It simply tells Windows where to find the DLLs your programs use. Amcompat.tlb (and all comments relating to it) Completely false. Amcompat.tlb is not one of our files. Amstream.dll (and all comments relating to it) Completely false. Amstream.dll is not one of our DLLs. If you have any further questions, please don't hesitate to call or write. Thanks, Jeremy ---- Jeremy J. Newton, VP Sales Aureate Media Corporation http://www.aureate.com/ 1916 Old Middlefield Way Mountain View, CA 94043 --- As I said, I have no idea why I got this, or whether it is interesting. It seems a bit odd. I have a great deal of mail urging me to write more books. I won't post it all.
I do not usually reprint press releases but for this I will make an exception: FOR IMMEDIATE RELEASE Live Internet Watch in Ireland for Leprechauns on St. Patrick's Day DUBLIN -- February 22, 2000 /Xpress Press/ -- Premier Irish website irelandseye.com invites Internet surfers worldwide to help spot a leprechaun on a live webcam. Web technicians Richard McVeigh and Chris Murphy have set up a video camera connected via a satellite phone to the Internet. The apparatus is located in a 'hide' in a fairy ring in a remote part of County Tipperary, Ireland. The area has a reputation as a haunt for supernatural beings of various types. These include leprechauns, sheeries and pookas. They are regarded as being particularly active in the spring. The watch goes live from dawn (Irish time) on 16 March 2000, the eve of St. Patrick's Day. The fairy ring is a pre-historic earthwork enclosure some 500 feet (170m) in diameter, with an average height of 10ft (3m). It is located in the Glen of Cloongallon, in the townland of Ballyseanrath near Thurles in County Tipperary. The arena is surrounded by hawthorn, ash and blackthorn hedges along with early flowering gorse. The trees ranged around the perimeter are mainly chestnut, with one magnificent specimen of oak. Believed to be over 600 years old, its magical reputation may stem from its providing leprechauns with acorns for their pipes. The tree is thought to have been protected by a skeaghshee or tree spirit. Thus it may well have been saved from the axe in Tudor times, many of its species were felled to build Men O'War for Henry VIII's navy. The oak has been pressed into modern day service - the camera is concealed in a cavity in its trunk, and a branch supports an antenna! In the centre of the ring is a dolmen, a group of six large standing stones topped by an even larger capstone. It is this unusual confluence of enchanted glen, fairy ring, sacred stones and magical tree which gives the team organising the watch a high degree of confidence of a sighting. The team has included a panorama of the area within the ring, and a zooming video allowing visitors a close up view of the standing stones. Unlike the 'Watch' neither of these two features is 'live'. Other facilities include free St. Patrick's day e-cards direct from Ireland, a field guide to aid in the identification of Leprechauns and other Irish fairies, maps of the area and background information on standing stones and tree spirits. The Leprechaun Watch opens to the public on 21 February 2000, and the webcam goes live from 6 am Irish time (1 am EST) on 16th March to 7 pm (2 pm EST) on 19th March 2000. After that date the site will be maintained with captured video and reports from visitors. It is located at http://www.irelandseye.com/leprechaun/ Irelandseye.com is a top quality webzine featuring Irish travel, history, tradition, genealogy and culture. Facilities include a selection of recipes, a random Irish proverb generator and the opportunity to kiss the virtual Blarney Stone. Surfers doing so are granted eternal eloquence (the gift of the gab) and can print out a certificate to prove it. The site was launched in March 1997 and is the home of the Great Irish Ghostwatch. This is a year-round quest for a phantom in a haunted former Irish linen mill in downtown Belfast. The ghostwatch has been running for about eighteen months and has had about two million visitors. Hundreds of sightings have been reported. < http://www.irelandseye.com/ghost/index.shtm > CONTACTS: John Murphy (Publisher) or Claire Skillen (Press Relations) johnmurphy@appletree.ie or claireskillen@appletree.ie Irelandseye.com - the weekly webzine on Irish culture, travel, heritage and tradition The Old Potato Station, 14 Howard Street South, Belfast BT7 1AP, Ireland Phone +44 28 90 243074 Fax +44 28 90 249756 Business hours: M - F 9am - 5.30pm After hours email contact frontdesk@appletree.ie Phone +44 28 90 202824 Interviewees available on request for print, radio and television. We have experience in participating in television interviews via webcam. Note time difference: we are 5 hours ahead of east coast USA, 11 hours behind Sydney Australia, 1 hour behind Paris. The irelandseye.com team consists of Jim Black, Catherine McIlvenna, Chris Murphy, Richard McVeigh and John Murphy. :END You now know all I do. Hi Jerry, DoS client No sooner said than done. A DoS client for Windows is now available, ready to infect your computer at any time. Fortunately, it has to be installed by the user using the usual social engineering techniques, so it is not quite as easy as compromizing a more powerful unix / linux box. Locking yourself up If you feel the need to lock yourself into a room to get some "serious" writing done at the expense of your web site, then you have my vote. Some jobs require unbroken concentration to do productively (like programming). Actually, from the description of all the activities that you do, I wonder how you would be able to sit down and concentrate on only one activity as you seem to enjoy the variety. Could you actually give that up for a week or month without getting sidetracked? Of course, I am patiently waiting for Mamelukes so my vote is obviously for my own self interest. :) On being an 'idiot'... One of the impressions that I got from R.A.Heinlein's writings was that he liked cats. Do you know if this was true? or am I making the classic mistake about believing that the beliefs of the characters actually reflect the beliefs of the author. - Paul pdwalker@quagmyre.com Thanks. Mr. Heinlein was very much a cat person, and always had one. His Santa Cruz place was in the hills, and "used up cats" as he put it. But there was always one there. Because I had a cat Robert proclaimed that when the cats took over the world I would probably be allowed to live even though I liked dogs... Now for some web wanderings: Dear Folks, This is a FYI type of thing. Please feel free to slice it and dice it as you will; use all or none of it as you please. After all - I'm only the vehicle of this information - not the originator. "I do this silly [surfing] so you won't have to." - JHR WebWanderings04 23 February 2000 Another very rewarding Wander. This from Wired News: http://www.wired.com/news/technology/0,1282,34474,00.html Microsoft uses ActiVex to invade and modify users' computers. Duh! Did anyone think otherwise, in view of their track record? IE4 &; 5 enable this invasion (another of the many reasons IE has been eradicated from my box). If I used IE I'd be really alarmed. If Microsoft can do it - any script kiddie can also use the backdoor. See demo of this http://www.angelfire.com/ab/juan123/iengine.html here. Also an interesting article on the new "WebLogging" (blog) phenomena http://www.wired.com/news/culture/0,1284,34006,00.html here. It would seem that the Daynotes Mob is on the cutting edge of developments. Been there, doing that. Recommended reading for Daynoters &; fans. Some very interesting &; amusing speculation on The 100,000-Mile-High Club http://www.wired.com/news/culture/0,1284,34509,00.html here, on the probability of zero-g human sexual intercourse experiments by astronauts. At worst, it could become an intriguing Urban (Space?) legend. From the Register: this for AMD fans http://www.theregister.co.uk/000223-000020.html here - seems to me that AMD have very well thought out plans for their strategy &; tactics, unlike one of their competitors. The Register's take on the latest MS-DOJ news http://www.theregister.co.uk/000223-000005.html here, (if you are not already brimfull with that topic). From IDG Net, a good review of VMWare and what it does http://www.pcworld.com/pcwtoday/article/0,1510,15430,00.html here. At US$395, it is pricey. OTOH - it does a LOT, some things that would be difficult to impossible without it. And for Steve Forbes &; other NASCAR fans - a NASCAR racing game review http://www.gameproworld.com/gpw/gamepro/article/0,1397,4869,00.html here. Now you chairbound NASCAR fans can get behind the wheel! From CCI News: for the truly offbeat among us, Web Wierdness http://www.randysweb.com/weird/index.htm here. A compendium of links to strange to outright weird sites. Not for truly straight cubes. - XXX - [J.H. Ricketson in San Pablo] culam@micron.net I have not looked into these and normally I wouldn't post something I haven't investigated, but today I am in a tearing hurry. Jerry, I am glad I found your web site. I have been a faithful reader from back in the 80's. I just heard that Amazon (I hope that's right) just got a patent on pushing the [Purchase] button and submitting data for e-commerce transactions... a totally generic activity. I also heard that somebody was given a patent for the simple "patch" used to fix older cobol systems regarding YY dates. I have been to the MIT site for the League for Programming Freedom which covers such things at http://lpf.ai.mit.edu/ and it is sobering. My question is, "Is there ANYBODY at the US patent office with the SLIGHTEST CLUE about what they are doing with respect to software patent issues??" There has got to be an article in there somewhere. What's your take on these issues? Best regards, Robert Geiger -- Robert Geiger, VP Product Development rgeiger@metagenix.com Metagenix, Inc www.metagenix.com 1800 W. Martin Luther King Blvd (919) 490-0034, x19 Durham, NC. 27707 "...looking for a few good programmers who don't know what can't be done!" I fear the answer to your question is "no".
|
This week: |
Thursday,
February 24, 2000
About a zillion things are happening, so it's short shrift time:
Dear Dr. Pournelle: One of your readers says that he "...just heard that Amazon (I hope that's right) just got a patent on pushing the [Purchase] button and submitting data for e-commerce transactions... a totally generic activity. " My understanding is that Amazon is seeking (and now may have obtained, I guess) a patent on "One-Click" purchasing. Since this is one of the major "ease-of-use" features I like them for (and other sites that use it), and since it does seem to be an original contribution to web usage, I see this as less silly than your other correspondent. Whether it is a Good Thing that Amazon will (presumably) now use this as a club to beat other web sites into coughing up license fees and royalties is, of course, a separate issue. Very respectfully, David G.D. Hecht I just read your article, "Why Install Windows 2000?" at byte.com, and was wondering which Sony CD-RW drive you had problems with? I ordered a Sony 8x/4x/32x CD-RW drive (which is supposedly compatible with Windows 2000) just yesterday. Thanks! Jason Those were all driver problems and seem to have been fixed. Anything you get now is not likely to have those difficulties. Do let me know, but my guess is all will be well. Things FLOW here so... There is a technical question at the bottom of all this, but please read through from here. There's a point. I said earlier: "The column takes time, but I am beginning to think that a week to 10 days sealed away every month would get some books done. And perhaps I ought to. It would mean this place gets a different kind of service, of course. The problem is that only I can do what I do. Or at least I like to think that. And there's only one of me...." Maybe it's time to talk to your members about where the online musings are going in the long term. What are your plans? Do you have any? I think you've proven one very interesting thing: what you don't know, your readers do. This could have been postulated before your little experiment, but it's been proven incontrovertibly in dozens of instances over the last several months. Maybe it's time to start having "guest hosts" that can fill in whilst you plug away in the Monk's Cell for your period of isolation. It could be risky, but that's the only way you get really rewarding outcomes, too. I, personally, value your print fiction and non-fiction far more than the evanescent web (although I dig living through your pain vicariously...sorry, it's sick, but it's true...<grin>...), and I would be willing to contribute in some way that would encourage your being able to get back to more of that. I think you might find several in your audience of like mind. Who knows? Maybe it means CM suffers, goes dark for brief periods. But maybe it's time to try and do something else interesting with the very deep network you've built around it. ...cheers...KCL... Intriguing. The devil is in the details, of course. But it's certainly true that we have regular contributors who could handle much of this. Dr. Pournelle: In your Current View daybook entry yesterday, speaking of Robert Heinlein's practice of locking himself away to write for 30 to 90 days a year, you wrote: I have several books to catch up on ... I am beginning to think that a week to 10 days sealed away every month would get some books done. And perhaps I ought to. It would mean this place gets a different kind of service, of course. Understand that I am a hitchhiker -- beer budget and champagne tastes. I check your books out of the county library rather than purchase them. I used to read your BYTE columns when my company subscribed to the magazine, and then on the Web when they put them up electronically. I enjoy your current columns on Intellectual Capital, Byte.com, and of course, your Chaos Manor website. I haven't spent a dime to access all these intellectual riches, so to that extent I am a drone who hasn't contributed anything to support your pursuits. NONETHELESS, I do appreciate your Art no matter how self-deprecating you may be about it. If the price of catching up on those "several books" means short shrift on the Chaos Manor website, so be it. Yeah, we'll miss our daily dose of your struggles with hardware, software. e-mail, and the companies involved in them. You're enough of a techno-geek that we can identify with your struggles -- hell, you're Family at this point! But offsetting the loss of daily updates to your site will be the knowledge that you're engaged in Acts of Creation. Make no mistake about it, I can read Writin' real well, but I couldn't write good Readin' if my life depended on it. You have Stories in your head that need to be set down -- think of them as Children yet unborn. Lots of folks can change a network card or reinstall Windows, but most of us can't write commercially viable fiction. You can -- you must -- write those books, and if it means locking out the ducks (as in nibbled-to-death-by-) for a week a month or two weeks a month, we'll survive. We won't _like_ it, but we'll survive! I know that I am a procrastinator. I will do 15 little tasks to avoid the one big one facing me. It's not my impression that you approach writing in that fashion, but instead that you have the discipline to dedicate the time to your project. IMHO, you need to simplify your life, take care of the big chunks first, and not let the little chunks control your life. Keep up the good work -- maybe just reprioritize it a little! <g> Hank That's what I am trying to do... Jerry, Yesterday you commented about possibly going into seclusion to write books. "The column takes time, but I am beginning to think that a week to 10 days sealed away every month would get some books done. And perhaps I ought to. It would mean this place gets a different kind of service, of course." I would miss the daily sanity fix that your site provides, but I am also a fan of your books. So, I say why not give it a try. However, were you to do so, you might consider taking a list of subjects into seclusion with you. You could do a little "other" writing daily and send it to your site via some kind of one-way pipe. That would keep your site readers from going into withdrawal. Also, I would think that 20 or 30 minutes a day writing on computers or whatever strikes your fancy might clear the brain for prose. (Depends on how your brain works, I suppose.) Anyway, it's just a thought. On computers, I have a little problem and I wondered if any of your readers might know the answer. ... I finally bit the bullet last week and decided to build a new computer. So, off to Akihabara I went with a shopping list. A few hours later I was back home with a box full of parts. The new machine assembled with ease, and, with the exception of a couple of FDISK hiccups, the software went on without a hitch. Without a hitch that is until I decided to get fancy. You see, I want to put two versions of Windows 98 (English and Japanese) on the beast and switch between them with System Commander. However, the second OS refuses to install; it looks on the disk, finds another version of Win 98, and stops. There is probably some trivial trick to this, but nothing I have thought of works. Any ideas? Clyde Wisham Noli Permittere Illegitimi Carborundum. I never tried that one, so I have no idea. This is I suppose a test of the theory that what I don't know some reader will. ________________________________________________________________ The argument that Windows will not supply a suitable base for DDoS attacks now seems to be slightly in error: ---------- Forwarded Message ---------- Subject: SANs NewsBites Vol. 2 Num. 8 Date: Thu, 24 Feb 2000 8:40:53 -0700 (MST) From: The SANS Institute <sans@sans.org> To: SD420361 From: Alan for the SANS NewsBites service Re: February 24 SANS NewsBites SANS/GIAC FLASH! James Madison University has found 160 Windows98 computers infected with the trinoo distributed denial of service Trojan. The news here is that the infection has spread to personal computers. The vast number of PCs connected to the Internet, now able to be used in DDoS attacks, raises the threat level substantially. Please take time today to review the Consensus Roadmap For Defeating Distributed Denial Of Service Attacks at http://www.sans.org/ddos_roadmap.htm . It's a solid call to action, laying out the specific problems and providing prescriptions for solving them. Two of the recommendations need to be implemented immediately. The Roadmap was unveiled on Tuesday at the Partnership for Critical Infrastructure Security meeting with the Secretary of Commerce and three Members of Congress and about 120 corporations in attendance. The Roadmap was created cooperatively by CERT and SANS with the help of a group of distinguished security experts including Bill Cheswick, Dr. Eugene Spafford, Stephen Northcutt, Dave Dittrich, Mudge, Randy Marchany, Eric Cole, and several others. Now it needs your help in identifying effective methods of monitoring and measuring progress in implementing the Roadmap, and even more important, your experience in the implementation process, including tools that you found made it easier and challenges you had to overcome. Email ddos@sans.org . AP ********************************************************************** Tom G. Well, that wasn't used in the recent experiments, but it was always only a question of time. Thanks.
|
This week: |
Friday,
February 25, 2000
I'm dictating this letter using IBM's new ViaVoice software. I don't know if you have ever played around with the system, but the new version, version 7, is a HUGE improvement. I'm not used to dictating very much, so it's still quite a bit slower than writing for me. But I would think that somebody like yourself dealing in many thousands of words a day would find this system to be immensely valuable. In the column recently you've been bemoaning the fact that you don't have as much time as you would like to do everything you need to do. Perhaps using dictation software could ease that bind for you. It's not perfect, but it is certainly getting close to being " good enough ". The version of ViaVoice that I have is the Web version, and allows you to navigate when you surf using voice recognition commands. This is certainly a convenience, and I think that once I get used to the system that it will save time. The best thing about using ViaVoice during Web navigation is that it understands hyper links. All you have to do to select the link is read it out loud. The program also has some " smarts " regarding such commands as back and favorites. I'm still in the training process, so I am not certain how well it will do in the long run. Anyway, it's a fascinating program, and may be useful too. I'm not going to make any corrections in this paragraph, say you can see what kind of accuracy you can expect. I will even training the program for an hour to so far. Even when it doesn't know what I'm saying, it does it best to make sense of what it hears. I don't know if this global accuracy is good enough for you? Unfortunately you can't get somebody else to do the training for you, because it needs to learn your voice and way of speaking. The word " global " before should have been level of. Probably the hardest thing about learning how to use the program is learning all the precise commands for punctuation and other important commands. Well, progress is definitely being made, and the program only cost 80 bucks. It seems to me within two or three years we will have voice recognition that really is more than good enough. All the best- Tim Loeb I have experimented with Dragon which seems to recognize my accents better, but I find that even when it works I can type faster than I can dictate, and writing is different from talking. I'm going to continue experimenting with voice stuff, but I have to say that I may just be too set in my ways. We'll see. I do like the little Dragon pocket sound recorder that reads into the system and ends up as text. That is a wonderful thing for photo journalism. To Clyde Wisham, your reader whose mail of Feb 24 describes his wish to dual-boot English and Japanese Windows 98: Ohayo Gozaimas, Clyde-san: Assuming that Japanese Win 98 doesn't do something unforeseen, the trivial trick you are looking for I believe runs thus. 1. Partition your hard drive(s) into equal halves (or however you want) using FDISK. If you have already installed Win 98, do a DEFRAG first of course. 2. Install (if you haven't done so already) the English version in Half 1. Write down which drive (C: = "Drive 0", D: = "Drive 1") and primary partition (1, 2, 3, or 4 --probably 1) you've installed English Win 98 in. 3. Install a "placeholder instance" of MS-DOS in Half 2, where you want Japanese Win 98 to go. Hint: just format the partition with the FORMAT /S switch, to produce instances of io.sys, msdos.sys, and command.com there. System Commander Deluxe will construe this, as soon as you reboot, as a freshly installed OS and will automatically create a menu entry for it --note: I know this works with MS-DOS 6.22, I haven't tried it with MS-DOS 7. Before you reboot, though, also create, in the placeholder-DOS root directory, config.sys and autoexec.bat files with HIMEM.SYS, EMM386.EXE, MSCDEX.EXE and the necessary real-mode drivers for your CD reader. Use ATTRIB -h -r -s and Edit MSDOS.SYS to make sure that msdos.sys contains a "BootGUI=0" (not "BootGUI=1") line, then ATTRIB +h +r +s to restore its hidden, read-only, and system attributes. It is probably a good idea to put a SMARTDRV line in autoexec.bat. All told, you'll want to copy HIMEM.SYS, EMM386.EXE, MSCDEX.EXE and SMARTDRV.EXE to this placeholder root directory along with your CD-reader's real-mode driver(s), and incorporate references to them in config.sys and autoexec.bat. Your placeholder CONFIG.SYS would be: DOS=UMB,HIGH,AUTO DEVICE=\HIMEM.SYS /TESTMEM:OFF /V DEVICE=\EMM386.EXE NOEMS X=B000-CBFF L=1024 /Y=\EMM386.EXE D=128 /V rem You would substitute your own CD reader's real-mode driver(s) rem in the following two lines (I have a Teac): DEVICE=\TEAC_CDI.SYS DEVICE=\TEAC_CHG.SYS /D:TEAC-CHG SHELL=\COMMAND.COM C:\ /P /E:512 SET TEMP=\ SET TMP=\ ...and AUTOEXEC.BAT would read rem change /L:F to /L:{one drive higher than the one you rem are booting from} and make it reference YOUR real-mode rem driver for the CD reader, not MINE: \MSCDEX.EXE /D:TEAC-CHG /L:F /M:2 /S /E /V \SMARTDRV.EXE A+ B+ C+ D+ 4. Reboot. At the System Commander Deluxe menu, arrow-key (if necessary) to the placeholder DOS selection and hit Alt-S for Setup. Hit L for "Local Special Options Menu". You will see "Primary partitions visible on Drive...". Arrow down to that and follow the given procedures to render the English Win 98 partition(s) invisible to the placeholder DOS OS. Then escape out, boot, and reboot to the placeholder DOS OS and proceed with the probrem-free instarration of Japanese Win 98. Doquay ikki mas ka? M. Praeger http://msnhomepages.talkcity.com/ProtectionFault/rimdancer/index.html --- And: It's all in the partitioning. You (usually) shouldn't try to put more than one OS in a partition, though I have also used System Commander, and know that it allows this. But in keeping with the KISS principle, do it kind of like this (assuming one HD in the system): - Set up a primary BUT NOT ACTIVE partition for OS #1, using say 25% of disk space. - Ditto for OS #2. - Set up an extended partition for apps/data, creating whatever drive letters in it that you fancy. - Set partition #1 ACTIVE, then reboot to a floppy, format C:, and install OS #1. - When that's complete, reboot to a floppy, run FDISK, and set partition #2 active. Reboot to the floppy, format the new C:, and install OS #2. Whichever primary partition is not active is hidden from the active primary partition, but both can see the extended partition. - Install System Commander or other boot-switcher if desired. This would be more complicated for more than two primary partitions using only FDISK, but not impossible. Partition Magic, on the other hand, makes it childishly simple--the planning is much the harder part then. I just used it to set up partitions for W2Kpro, W2Kserver, W98se, and Linux. No problems at all. Could've done it with FDISK, but thankfully didn't have to. Pete Moore systems engineer pmoore@entrecs.com I think it's true: there's probably nothing my readers collectively don't know. Hurrah. Roland sends this with the subject: How to detect and remove Trinoo for Win32 http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=TROJ_TRINOO And more on DDoS from Roland: If the sites in question had a) installed up-to-date virus-checkers on their systems, b) installed email virus-scanners on their email systems, c) locked-down Windows using something like SMS, and d) educated their users about the hazards of running executables sent via email, they wouldn'tve been infected. I never claimed DDoS tools wouldn't make it onto Windows boxes. What I said was that it was far more difficult to get them installed on Windows boxes than on unsecured *NIX, and I stand by that statement. I can hack an unsecured *NIX box and install things without depending upon people to open email, etc. - so, if I'm making optimal use of my time, I'm going after the easier target, yes? Dr. Pournelle, Have you heard anything about the
"Echelon System"? I know the French are in an uproar over it. Actually I have barely heard about it. Some information came around that I didn't have time to read. Perhaps I should. If you pretend to know everything you have to look into stuff. But for the moment, no, I have heard nothing.
|
This week: | Saturday,
February 26, 2000
Subject: Win2000 device manager wizard Jerry, Surely you know by now that the pointy hat the Microsoft wizard wears is actually a dunce-cap! Cheers! Ellen V. Coen Director of Database Services Pensions &; Investments Well, I hadn't thought of it that way... (She refers of course to my problems with the networking wizard, as detailed in my last column...) Jerry, I think that this is a good article on the difficulty of measuring GDP in an economy with the Web and Moore's Law: http://econ161.berkeley.edu/TotW/encyclopedia.html --Erich Excellent indeed. You have to read it all to see where he's going, but the lead is itself interesting: the story of the Chinese Treasure Fleet can't be told often enough. The Chinese Empire voluntarily dismantled its explorations that might have led to the settlement of half the world by Chinese; and an econometric that shows no addition to GDP for many economic activities is surely wrong. Well reasoned. Thanks for the pointer. Jerry, Your log page (at the bottom of "Current View") misspells PCI a couple of times. I thought you'd want to hear that from a friend first, instead of a flamer. BTW, I don't "hate" Amazon, but I don't care for their patenting one-click buying. And now that they've gotten a patent on their "affiliates" process, I'm doubly uninterested in buying from them. Sigh ... your obedient servant, Calvin Dodge Thanks. Comes of hastily publishing log notes coupled with memory problem. Lately if I don't write it down I forget it. I thought PSI was right at the time, but of course it's PCI. I do recall wondering if it were right at the time. When you get to the point that you can't recall PCI vs PSI you wonder if you can still think, but in fact so far as I can see my reasoning is still good, but much slower; and I get details confused like PSI for PCI. Well, getting older beats heck out of the alternatives... I wanted to set up an associates situation with Barnes and Noble, and interestingly, although Amazon doesn't forbid that, B&;N say you gotta be theirs exclusive, or did when I looked into it last summer. Otherwise I'd set up both links. I got about $3000 last year from Amazon for recommending books through this site (they've just send me the IRS forms) which while not the Earth is not trivial either. Ah well, one does the best one can... Jerry - I recently installed Windows 2000 on the machine I use as a communications and local web (peer to peer) server. I decided to do this principally for the additional reliability I hope to get over using Win 98 - we'll see. Anyway . . . my problem is finding a modem (or at least modem drivers) that will work. I called 3COM (U.S. Robotics) and they recommended their model #5610. Tech support told me that the drivers on the floppy would work. I tried that and no luck. I next went to the 3COM web site and downloaded drivers that were listed as working with Win 2000 - still no joy. I note that you are using Win 2000 with success. Do you have drivers that work or do you route everything through LINUX? If you have a suggestion it would sure be appreciated. Thanks and love your column - I've been reading it since the old Byte magazine days. John F. Gothard John@Gothard.com Well, nowadays everything goes through the NetWinder, but prior to it I had a US Robotics 56K Courier, standard external, attached to the serial port on Princess when she was NT and then after we installed Windows 2000. As I recall we just used the standard drivers in Windows 2000; I don't remember that I needed the US Robotics disk at all. It worked for months. Try installing and letting Windows 2000 pick the driver. I forward this without comment, for the perusal of those still concerned about Windows boxes being used for DDoS. -------- Original Message -------- Subject: Re: Fwd: [cfgeeks] TOOLS FOR VANDALS Shawn McMahon wrote: > > It is not only possible to launch an attack like this from home user's PCs, > "rewted" by amateurs, but it looks like a part of this was indeed done that > way. This was run past us at GIAC a few weeks back. AFAIK, these are the "facts" that are known so far: This has only been found at one site in the wild (James Madison University) All systems are Windows 95 and 98 There have been 16 confirmed infections, with a potential for 149 total (port scanned but not yet checked) All systems checked so far are running BackOrifice It is assumed that BO was used to load &; config the DoS tool The method of infection with BO is unknown, but is guessed to be an e-mail attachment All infected systems had no/outdated virus checking software (thus nothing caught BO) The DoS tool is named "service.exe" and is 23145 bytes in length It is launched via HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run The DoS tool listens on udp port 34555 Simple Nomad is about to make a post to Bugtraq that contains a complete analysis of the tool including detection using netcat, how to clean, password used, etc. Rather than steal his thunder I'll refer people there for more info. So while its possible to use cable &; DSL Windows systems for this attack, no one has found one as of yet. > This mess is gonna suck to clean up. Thanks, Microsoft, for all your > help. Too bad you were helping the wrong effing side... Hummm. Not about to go down the "MS vs. Unix" road except to say it happened on Linux &; Solaris first. Its already a mess that sucks to clean up. ;) Cheers, Chris -- ************************************** cbrenton@sover.net * Multiprotocol Network Design &; Troubleshooting http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet * Mastering Network Security http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet It is certainly a mess: and my advice is still to make sure YOUR system can't be used as part of the zombie army... In answer to Clyde Wisham's problem, the Nihongo-Computing mailing list provides extensive discussion and solutions to many problems about running Japanese-language operating systems and software. Information about subscribing to the mailing list may be found at: http://www.msdi.co.jp:81/public/info/nihongo-computing/ dbernat Thanks! I wrote to you before on the Echelon issue. Thought I'd cover some points again, since you are likely to get a ton of mail on it. By way of qualifications, I spent 25 years in Intel at the CIA, NSA and one other agency that must remain nameless, in very deep Black projects. Many of those years were as the Information Systems Manager for the projects I worked on, requiring access to many projects simultaneously. Although compartmentation (the byword in those projects, which is the method for isolating information within the environment) is very high, we had some information support systems that crossed boundaries, and communicated between locations. I was involved in those, to a very high level. Throughout my years with those projects, we had very stringent rules that built up about surveillance. None of the agencies I worked with were allowed to monitor activity within the U.S. borders. That is specifically the purview of the FBI. There were very strict rules about procedures to follow when it was discovered that our intelligence gathering had involved a U.S. Citizen. Aside from the fact that the rather ridiculous popular definition of Echelon has it monitoring every phone, cell phone, modem, and fax communication in the U.S., just the scope of trying to accomplish this activity is huge. There are systems out there that monitor communications of various sorts, for various reasons. Ally or not, any conversations by foreign countries are susceptible to being monitored, for obvious reasons. For example, Israel jerks us around all the time, and although they help us on several issues, sometimes I seriously question if we aren't getting royally screwed in that deal. Consequently, they monitor us, we monitor them, and we both know it, and the same goes for all other countries. The CIA and NSA don't have the resources or desire to monitor every communication between every individual. They are concerned with specific hostile individuals, countries and groups (terrorists, druggies, arms merchants, figures that operate in the shadow worlds). They have defined targets, and your average citizen is NOT going to be a target. For example, some bored analyst is not going to decide to begin monitoring Joe Brown across the street, he simply doesn't have the time, inclination or authority. It's paranoia bordering on the insane to believe this is going on. One of the missions I remember when I was in the Navy was monitoring high speed Morse (400CPS) traffic. It was years ago, and I won't go into details, but it was a lot of financial and business traffic between locations, transmitted on HF radio, along with ship-to-ship communications. We didn't forward info that was purely U.S. based. In fact, in all the projects I worked on, part of the standing orders for those who were responsible for determining mission focus was related how to handle intercepts involving U.S. citizens, and when gathering Intel of various types, targets within the U.S. were specifically prohibited, other than at test bed sites for determining accuracy of our intercept method (specific approval was required for those, also). The F.B.I. has the authority to target internally to the U.S., but they have to follow the law. Not having ever been associated with them, I can't answer as to their methods, but for them to get information from us required a whole series of approvals that made the road difficult to go down, and it was pretty rare to ever see it happen. So, my closing statement is, although the technology to do what is the popular belief isn't available today, it probably will be someday. After you gather it, you have to analyze and distill it. That's another issue of technology and personnel. Finally, you have to have someone care enough to look at it. Which takes us back to the first point, why gather it if you won't use it? Why dedicate a great deal of resources (which are limited, despite everyone's belief of unlimited budgets) to gathering and analyzing useless info? Believe me, we always had more than enough to do as it was. Now I guess we sit and wait for the flames.... Tracy >From an ex-Intel type, now peacefully reposing in the country, far from the madding crowds. Thanks. Having been in that orbit a couple of times -- I managed to locate an undiscovered Soviet missile base using fairly classical if tedious analytical techniques -- I can agree. But the technology gets better and the ethics get worse, and... Hi Jerry - I just spent another hour online trying to make a simple purchase. Yeesh.... Everyone says that e-commerce is the next big thing, and internet start-ups have stock values that jump to ridiculous heights overnight. All around us we're being told that someday soon we'll do all of our shopping online from the comfort of our homes and offices. Yet every time I try to actually buy something online I come away wondering if the entire NASDAQ isn't poised on the edge of disaster. I'm convinced that many of these companies will never, ever have a repeat customer. In some cases I wonder how they ever managed to sell to ANY customers! Last month I set out to find a copy of John Brunner's "Stand on Zanzibar". I worked through a half dozen book retailers, and finally found that Barnes and Noble had it in stock. It said so, right on the screen: "Ships next day". I figured that their web server must be somehow connected to their stock database, and could be trusted. After all - what's the point in putting stock info on the order page if you don't know that the book is, in fact, in stock? At the same time I ordered a second Heinlein book. The Heinlein showed up as promised, but a few days later I received an email to tell me that the Brunner book was back ordered and would be shipped in a few days. Two weeks later I logged onto their web site to find out what was happening. I confirmed that the book still hadn't been shipped, and also discovered that the shipping charges they listed there were not the same as the shipping charges that were quoted on their web site. Then I looked at the original confirmation email from the order and found a THIRD set of shipping charges. I'm still not sure which of the three they charged me. All of which goes to say I'm not likely to be back to B&;N very soon. Of course, at least they'll sell to me. I'm still amazed how many companies on the web only sell in the US. And how hard they work to hide the secret that they have decided to cut themselves off from the growing market called "The Rest Of The World". One of the reasons I like shopping for hardware on the web is because it can be much faster than driving or phoning around town. However if I have to waste twenty minutes digging through help files to find out if they'll ship to that exotic wasteland called "Canada" then there seems to be little point. I wish that companies that won't sell outside the US would say so right up front and save me time. Anyhow, tonight I wanted to buy a bigger hard drive for my laptop. I found it, at a reasonable price, and decided to buy it. I jumped to the vendor help pages first to see if they would sell to me in this far off foreign land. I now know that they will ship to Canada, but "are not doing foreign sales at this time". At which point I gave up. More and more I'm convinced that the "Internet economy" is a house of cards, and we're headed for the next big crash. If these companies don't have bricks and mortar, and don't have customer service, then what on earth will keep them alive? Barry PS If I go to Amazon and try to buy your latest book can you promise that I'll really be able to do so?? Barry Rueger &; Victoria Fenner Bagatelle Communications &; Management ( http://www.synapse.net/~rueger/ I can only say that I ordered The Burning City from Amazon a couple of weeks ago and it was sent the day they got it in; I got it two days later; and I have not seen my authors copies from the publisher...
|
This week: | Sunday,
|