THE VIEW FROM CHAOS MANOR View 247 March 3 - 9, 2003 |
||
FOR BOOKS OF THE MONTH 1994-Present Click HERE Last Week's View Next Week's View
This is a day book. It's not all that well edited. I try to keep this up daily, but sometimes I can't. I'll keep trying. See also the monthly COMPUTING AT CHAOS MANOR column, 4,000 - 7,000 words, depending. (Older columns here.) For more on what this page is about, please go to the VIEW PAGE. If you have never read the explanatory material on that page, please do so. If you got here through a link that didn't take you to the front page of this site, click here for a better explanation of what we're trying to do here. If you are not paying for this place, click here... For Previous Weeks of the View, SEE VIEW HOME PAGE Search: type in string and press return. |
||
If you have no idea what you are doing here, see the What is this place?, which tries to make order of chaos. If you intend to send MAIL to me, see the INSTRUCTIONS.
If you subscribed: If you didn't and haven't, why not? For the BYTE story, click here.
The freefind search remains:
|
This week: | Monday
March 3, 2003
Have returned from adventures in San Diego. Flying trip down Sunday on train, return by way of grand daughter's music class Monday. We're here, the dog hasn't entirely destroyed the house, and I have some puppy pictures as well as a couple of grand daughter shots, which I will inflict on you when I get settled back in. It's column time. And we have this warning: Subject: Send Mail Could be used for DOS Attacks. Jerry, One of your other readers may have forwarded this already, but I thought your audience would be interested. http://www.msnbc.com/news/ Thanks for all you make available to us. Sincerely, Don Howard A discussion of this Sendmail exploit begins over in mail. And I have this mail: I thought this entry from the Urban Legends Reference Pages might interest you: http://www.snopes.com/computer/virus/friend.htm Here is likely the greeting card you may be sending out. Charles Boos Evanston, IL Once again: I have never sent anyone a greeting card, and I have not been foolish enough to allow this company or any other to install its software on my system; and in fact I run Ad-Aware and other sniffers fairly frequently so I can be sure I don't have anything that sends spam and "greetings" to everyone in my address book. The "greeting card" that my readers get purportedly from me is using faked return address. However, it is worth your while to go read the warning at the URL above. And Roland has unearthed this: Subject: Did Beria kill Stalin? http://news.bbc.co.uk/2/hi/europe/2793501.stm Roland Dobbins Which is a question some in the intelligence business asked at the time. I have heard many speculations ever since. This article give some of the arguments.
|
This week: | Tuesday, March
4, 2003
Subject: Critical sendmail vuln, fix Please post ASAP: https://gtoc.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 -Roland Dobbins
Seen on a poster in an Anti_war Demonstration: WAR HAS NEVER SOLVED ANYTHING except for ending slavery, fascism, and communism... Roland sends this note: http://www.scifi.com/battlestar/intro/index.html
|
This week: |
Wednesday, March
5, 2003
Column time. There's a lot of mail. If you are wondering where the EarthLink Adventure story went, see tomorrow's view.
|
This week: |
Thursday,
March 6, 2003 The war comes closer. Like the Juggernaut it is no longer a creation of men, and it is unstoppable. One can say that Saddam Hussein is a good candidate for our attention provided that we concede the US interest in affairs that far from our border. But the question remains: is he the worst? If not, who's next? Much of this comes from Clinton's haste to get us involved in the territorial disputes in the Balkans. And from our rush to find a new mission for NATO once the collapse of the Soviet Union made the entangling alliance obsolete. Dare I say that not getting into entangling alliances, and avoiding being involved in the territorial disputes of Europe, are not really the formula of "isolationism" whatever that is? But we have a New World Order to create, and I suppose we ought to get on with it. One thing is obvious: without space assets, our Special Operations Forces on horseback wouldn't have a lot more military effectiveness than a similar number of 7th Cavalry under George Armstrong Custer. Whether we are to be a Republic or an Empire, we had best get on with the job of protecting our space assets. We had an interesting experience with EarthLink and my wife's account, and I wrote it up last night; an hour ago I got a call from an EarthLink executive, and I've taken the whole thing off the site for a couple of reasons. First, while I doubt you will get this level of support, at least there are people there who care enough to straighten out the problem. Second, the account is very old, and was a special account: the problem Roberta's account had wouldn't be likely for anyone else. Third, the discovery of what happened was as enlightening to the EarthLink people as to me. For instance: back in November there was a trivial charge due to access to an 800 number. It's possible that we actually incurred that charge, although it's highly unlikely, since Roberta didn't go to COMDEX this year, and the only direct dialing machine we have dials local numbers and doesn't have so far as I can tell an 800 backup number to call; doesn't even KNOW the 800 number. But because the charge was trivial, it wasn't billed. Then in January was another charge of just over ten dollars. That was billed in February with a due date of March 15. BUT: there had been this long "overdue" charge, overdue because trivial and thus never billed. But that made the whole thing "overdue", and so came a threatening email that said they had been billing me since November, and if I didn't pay the $14.04 they would cut off my service as of March 19. Of course they had not billed me since November, and the only bill I had was due on March 15, several day from now. Clearly this is a business software error that needs fixing, and they're going to fix it. The story gets complicated in that as I said I doubt you would get the level of concern and support they are giving me, but at the same time, you wouldn't have the problem I had since it was the nature of the account -- active since the founding of EarthLink -- compounded with the changing of some billing and records software that cause the problem in the first place. And I do think the incident has been mutually beneficial to EarthLink/Mindspring and to me, and the problem seems to be taken care of. So all's well. This warning from Bob Thompson: There's another PayPal scam making the rounds. This one comes via email and asks you to provide details of your PayPal account and bank account. If you receive such a message, verify its validity with PayPal directly before you take any action. -- Robert Bruce Thompson thompson@ttgnet.com http://www.ttgnet.com/thisweek.html http://forums.ttgnet.com/ikonboard.cgi As a general rule, don't tell nobody your passwords or bank account numbers. If they can convince you that they have a legitimate reason to get you to tell them, be sure you are talking to the people you think you are talking to. In general, PayPals will HAVE that information; why do they want you to give it to them again? And if they do come up with a reason, be sure it's PayPals you are talking to...
|
This week: |
Friday,
March 07, 2003 The scam that asks for financial information is also aimed at Earthlink users. We got one yesterday. THE FOLLOWING IS A SCAM AND IF YOU GET IT DO NOT GIVE ANY INFORMATION. IT HAS NOTHING TO DO WITH EARTHLINK: From: EarthLink [mailto:billing@earthlink.net] Dear EarthLink User, We regret to inform you, but due to a recent system flush, the billing/personal information for your account is temporaly unavailable, and we need to verify your identity. In order to continue using your EarthLink account and keeping it active, you must provide us with your full information within 24 hours of recieving this e-mail. To re-enter your account information and keep your account active, This page is 100% Secure using EarthLink's SSL Technology with 128-Bit Encryption. Sincerely, Note the spelling errors. Note also that this cannot be a secure link they are pointing you to. Don't give these people any information. It's a SCAM. Unfortunately my entirely coincidental experience with EarthLink billing department kept me from recognizing this for what it was until this morning. We had other unfortunate coincidences. No, we didn't bite on this and we gave no one any information, but this kind of thing is getting common.
|
This week: | Saturday,
March 8, 2003 There was a temporary problem at the web site host that prevented access to this page, but clearly it's fixed now. I have fixed the following. Thanks to all who responded. Does anyone remember offhand how to change the default name of a computer's owner and organization? I know it's relatively simple but I forgot what it is. Also, is there any easy way to find out what that name is? That is: I have a machine that doesn't know it belongs to me, and so when I install new software I have to type in my name and organization each time. I'd as soon change that, but I forgot how. One reader said "Go to Control Panel/Performance and Maintenance/system and click on the "Computer Name" Tab," but that takes you to the computer's name on the network. I am trying to change the machine's owner and organization, so that when I install new stuff the machine already knows who it belongs to. It's a registry key, and I expect I can find it if I look hard enough, but someone will know...
Well, I found it. Open RegEdit and search for RegOwner. The default setting is "Your Name" and "Your Company Name". I should have known this but I didn't. I just got this from a Navy lifeline group associated with Phil's former ship:
Message: 1 Date: Wed, 05 Mar 2003 06:06:39
-0000 SUBJECT: NACEC.org Website.
This was sent by the support group for a US Navy ship. According to Snopes http://www.snopes.com/rumors/nacec.asp it is in error. I am still looking for something official from Navy sources; the support groups for a ship are run by the families of sailors, and aren't entirely official. All I really know is that the warning has been sent to us by families of US Navy sailors on active duty. Whether they have better or worse sources than Snopes I don't know. I have found Snopes not 100% reliable when it comes to judgment calls involving political viewpoints different from theirs. As I said in the previous mailing, I have no data beyond the email from the ship's Lifeline group. It's certainly possible they are overly cautious., and NAEC.org on its web site has an impressive list of credentials, as well as a rather snippy tone. http://www.nacec.org/DODMemoMain.html I suppose that tone is understandable, but I also note that they now say that their flashmail "no longer" requires social security numbers, which implies that at one time it did; doubtless one of the reasons for suspicion. In any event, I don't have any misgivings about be safe rather than sorry in instances like this. On that score: Snopes says, rather imperiously, that "overzealousness can be just as harmful as laxity." In my judgment that depends on the overzeal and what measures are taken.
Overzealousness that results in someone going to jail or being shot ore even missing an airplane is quite different from overzealousness that warns people to be suspicious about those asking for social security numbers and other personal data. The NACEC site says that checking them out would "would have been a very simple task. One that a high school student could have accomplished in about 5-10 minutes by checking us out through the Minnesota State Attorney Generals web site or perhaps through their school or public library." For reasons not entirely clear to me, Snopes quotes them as saying as the NACEC noted, "a high school student could have accomplished in about 5-10 minutes by checking us out through the Minnesota Secretary of State's web site or perhaps through their school or public library"). Since I haven't tried checking with either the Attorney General or the Secretary of State, and I am not sure that a military officer's wife is going to have a lot of time going to a school or public library to look up credentials (or that she could do it in 5-10 minutes for that matter), I can't say which is the best way to verify NACEC's bona fides. But then later NACEC says the warning wasn't a good faith error at all, but rather "For this reason, I believe the memo was not really intended to be an Alert to a potential threat, but rather a direct attack by one or more individuals within ACERT using ACERT's official and respected DOD channels in an attempt to discredit and damage the integrity of this organization, myself as founder, and our many hard working volunteers, many of whom are military family members." which makes me wonder if the Navy support group hasn't wandered into some kind of bureaucratic rivalry buzz saw. I have no idea of what NACEC is, or what salaries (if any at all) are paid to its executives; I do know that non-profits can be quite profitable for those who work for them (Elizabeth Dole was probably paid more to head the Red Cross than she now gets as a US Senator). Note I don't say that the salaries and perks are undeserved, or even that NACEC pays any; but as a general proposition, working for a non-profit is not always itself an act of charity, and the rivalry for fund raising can get pretty stiff. Nor am I aware of what ACERT is, which is apparently a government agency responsible for generating the warning in the first place. Me, as I said earlier, I'd rather be safe than sorry. Just for the moment my son is no longer out in the Gulf, but the crews he trained are. I don't at all mind being safe rather than sorry; if that's overzealousness, ok, I am overzealous. In any event this has generated two mailings to subscribers, and this stuff here, and it's quite enough. And see mail for a comment by a senior retired Navy officer. For another subject and something interesting see SCO vs IBM...
|
This week: | Sunday,
March 9, 2003 I have mail wanting me to be outraged over the USAF Academy allegations; and of course there are editorials ready to condemn everyone. Many of those editorials, though, are from people who will use any stick to beat anyone in the military, and who profess horror over "the rapists who will soon have control of nuclear weapons" and the like. That sort of rhetoric doesn't inspire confidence. Some of the stories I hear are certainly horror stories, and look to be stories of abuse of power. But mostly I see unquestioning acceptance of the charges, and lots of outrage, and chants about "fifty! Fifty!" But what I don't know is who done what to whom, when, and when it was reported. The accounts I have seen have precious little in the way of specifics. And I don't understand why the senior leadership of the Air Force seems less than eager to get to the bottom of this if everything is as represented by those calling for the dismissal of everyone including the USAF Chief of Staff. Moreover, many of the reports jump quickly from reports of rape to reports of expulsions for other reasons, and instantly assume that the command staff of the Academy is completely wrong, and the expelled cadets are entirely truthful. One story is about a male cadet who apparently was hazed beyond permitted limits, complained many times, got some seniors disciplined, but was himself expelled for excessive demerits. I can well understand that every bit of that may be true: he may have been the victim of a lot of harassment for the same reasons that ultimately got him expelled. And perhaps not, but you won't find out by talking to him and no one else. Some of the rape stories sound a bit similar: she says rape, he says consensual, but when these various events happened, who reported them to whom, and the rest are not given in the stories. When a female former cadet says she was expelled for being raped, one would think that would make headlines the day it happened, and I would not assume that older officers would automatically have more sympathy for the men involved than for a young woman claiming to have been abused. I could be wrong, but I don't know. I do start with the premise that most senior officers are honest and competent and unwilling to throw their careers into a rat hole by covering up abuses. I also know that things have changed in the Academies, and "We will not lie, cheat, or steal, nor tolerate among us those who do" seems to have been watered down a lot in the latter part of the last century. How much so I don't know. I don't know what level of offense consensual sex among cadets would be now that the academies are integrated, or how serious consenting to sex would be for a female cadet. I do know that either party lying about it must still be an honor offense. I also know that many learned professors are telling their female students that all sex is rape, nothing is or can be consensual. We do live in interesting times. There is mail on this.
Entire Site Copyright 1998, 1999, 2000, 2001, 2002, 2003 by Jerry E. Pournelle. All rights reserved. |