DIGITAL CELL PHONE KEYPAD CODE CRACKED, VOICE NEXT?
Bruce Schneier (of Applied Cryptography fame) and others have cracked the
encryption of keypad signals on new digital phones, exposing the
possibility that any keypad presses, including your voice mail PIN and
credit card info, can be descrambled by hackers. In a press release, the
Cellular Telecommunications Industry Association tiptoed around the
problem, noting that the encryption of voice conversation has not been
cracked. Schneier et al reply that the voice encryption technology used
"was broken by the Union Army during the American Civil War.... Digital
cellular voice security can be broken in real time by anyone with a little
bit of budget, expertise, and desire." They also point out that the cell
industry had an opportunity to use stronger encryption, but chose not to.
Read the technical paper and the PR war at the source.
<http://www.counterpane.com/cmea.html>
ANOTHER MICROSOFT NETWORKING BUG EXPOSES PASSWORDS
Browsers running on various flavors of Windows can be tricked into
delivering user IDs and passwords to a rogue network server. Bad guys set
up an SMB server with embedded content in innocuous pages. When your
browser fetches that content, Windows blithely forwards your user name and
network password to the server. Needless to say, the password can be easily
decrypted. The problem is not specific to any one browser, but it is
confined to the Windows platforms. Check out this page for a write-up and a
demo. By the way, the most common password captured by the demo seems to be
"Administrator". Wise up folks, making up good passwords is not rocket
science. <http://www.ee.washington.edu/computing/iebug/>
SHOCKWAVE SECURITY BUG EXPOSES E-MAIL
Comet Hale-Bopp must be a portent of Web security disasters. This site
details the next one - if you're running Netscape with the insanely popular
Shockwave plug-in on any platform, the bad guys can read your e-mail
folders. In addition, no matter which browser you're running, your
corporate intranet could be vulnerable even if located behind a firewall.
Fortunately, a security fix is available.
Problem: <http://www.webcomics.com/shockwave/>
Fix: <http://www.macromedia.com/shockzone/info/security.html>
It's been raining hackers these last couple of weeks. Here's a roundup of
interesting recent hacker attacks. First, we have the hapless Sanford
Wallace, Spamus Maximus Rex of Cyber Promotions, hacked by spam-hating
radicals. Next we have the Well, a paragon of genteel discourse, attacked
by an ill-mannered snooper, kind of like Attila the Hun pillaging Mme. de
Sevigne's salon. Finally, there's what looks like an advanced case of
Internet tapeworm, as a clever password-snatching attack winds its way
through news servers all over the world. Hmmm, Usenet as the colon of the
Internet. Now there's an image to contemplate. You heard it here first,
folks.
Sanford:
<http://www.news.com/News/Item/0,4,8999,00.html>
Well:
<http://www.news.com/News/Item/0,4,8957,00.html>
Usenet:
<http://www.wired.com/news/technology/story/2612.html>
A SMALL, TROUBLING SECURITY SURVEY
To complete this security-oriented Breaking Surf (honest, we didn't plan it
that way; it really must be the comet), you may want to take a look at this
neat piece of work. Dan Farmer, an author of the infamous and highly useful
SATAN security probe, took a little survey recently. He looked at a random
sample of high profile sites such as banks, US federal computers,
newspapers, and online Internet commerce systems, sites you'd think would
have enhanced security. Using mild, non-invasive techniques, he found that
over 60% - let's say that again, over 60% - could be broken into or
destroyed. More shocking, these sites were twice as likely to be insecure
as a random sample of general Internet sites. Dan's paper is quite
entertaining and very accessible to the non-technical reader, so go to it.
NOTE: At press time this site was offline, but the survey was here.
Anybody have info on where it migrated to?
<http://www.trouble.org/survey/>
Hale-Bopp has a tail, is kind of blue, and has a more defined nucleus than
last year's Hayatukake. The Planetary Data System (PDS) site has a lot of
the hard science material dealing with the comet. A bare bones site, it
presents the latest observations in fairly raw form. Meanwhile, NASA has
opened its arms for amateur comet photographers.
PDS: <http://pdssbn.astro.umd.edu/halebopp/>
NASA: <http://comet.hq.nasa.gov/>
NETWORK SOLUTIONS SUED OVER ALLEDGED DOMAIN NAME MONOPOLY
It has taken surprisingly long for someone, anyone, to sue Network
Solutions (NSI) on anti-trust grounds. PGP Media (PGP), the plaintiff,
claims that NSI set up artificial barriers to domain naming competition in
conspiracy with other Internet outfits. PGP wants the court to compel NSI
to add references to PGP nameservers to the root nameserver configuration
files controlled by the NSI. This tactic acknowledges that 95% of the ISPs
out there point only to the NSI root nameserver machines, effectively
locking out of the market any independent domain-name providers who run
their own nameservers.
Press Release: <http://namespace.pgpmedia.coM./ns./pressrelease.html>
Suit: <http://namespace.pgpmedia.coM./ns./litigation_cont.html>
That notorious former New Year's Day, April 1, is coming not unheralded on
the Net. Actually, this page lives year-round, but 'tis the season and all.
advisories best, especially the one you can send from the Internet
Indecency Committee. We also learned that in Scotland, April Fools' lasts
for two days. The second day, called Taily Day, is dedicated to pranks
involving the buttocks: "Taily Day's gift to posterior posterity is the
still-hilarious "Kick Me" sign." <http://www.aprilfools.com/home.htm>
IS THE PRINT INTERVIEW A DYING ART?
RealAudio sure enhances the interviews in "The Revolutionaries", a site
that focuses on how high-tech luminaries have turned inspiration into
innovation in Silicon Valley. For example, you can compare the text of an
interview with Bob Metcalfe, co-inventor of Ethernet and founder of 3Com,
with the recordings. You quickly realize how much personality (intonation,
hesitation, backtracking) is lost when spoken voice becomes prose.
Furthermore, navigation is great: you can jump to a topic in a pulldown
list so you don't have to wade through an entire interview to find what
interests you. Hats off to sponsors San Jose Mercury News and the Tech
Museum of Innovation. <http://www.thetech.org/revolutionaries/>
The Graphics Research Lab (GRL) designed its online development journal to
help you improve your Web site. You can search for a specific term or use
the pull-down menu to hop to a section (such as "marketing" or
"editorial"). You might also like GRL's thoughts on redesigning or
salvaging Web investments. For a look at what not to do, check out the Dead
Web sites list, which features Web pages from companies (some with pitiful
farewell notes) that discovered "the hard way that the Internet is not for
everybody." There are also a forum, a Seminar Gallery, and related links.
<http://www.electric-pages.com/>
PROPHET COMMUNICATIONS CHANGES NAME OF ITS WEB DRAMA
This info came to us, and we just have to share. Prophet has changed the
name of its Internet drama "zoloft" to "zoeye". "The original name 'zoloft'
referred to the drama's setting in lofts sometime in the not-so-distant
future, and the zoo-like atmosphere that often rules the characters lives.
Zoloft also happens to be the name of a popular anti-depressant drug
created by pharmaceuticals giant Pfizer. After being paid an undisclosed
amount of money, Prophet Communications has changed the name to 'zoeye' to
avoid any confusion with Pfizer's psychoactive drug." Coming soon from
Netsurfer, the Web drama "prozac" about a golf pro who happens to be called
Zac. <http://www.spectacle.com/>
ENGLISH, SPELLING, AND ANDREW CARNEGIE
In our last Letters to the Editor, our editor mentioned Andrew Carnegie's
attempt at reforming English spelling. We found a URL that describes that
attempt, which introduced "program" and "catalog". And what a wonderful
segue that makes in introducing our featured
<alt.language.english.spelling.reform> newsgroup, where all sorts of
historical and radical linguists gather to tease out the past and future of
English spelling. <http://www.pbs.org/wgbh/pages/amex/carnegie/peace.html>
Select a fresh image to work on (try a train, the moon, stucco, or red
brick) or change someone else's. Using Java, you can create an image or
borrow one from a Web page and, using an image hose, paste it into your
picture. Critique the work, draw your own with the paint tools, or animate
it by running any saved images in a thread. A good help section saves you
from stumbling around your empty brick wall with an empty spray can. Good
for anyone with doodling time on their hands. <http://ac.rosebud.com/>
This week, we take a crack at "Teach Yourself Java in 21 Days", a
"JavaScript Interactive Course", and "Website Sound", which helps you add a
variety of noises to your Web page.
<http://www.netsurf.com/nsd/books/book.03.10.html>
Not that we like to flack for the competition, but the KIDS Report (Kids
Investigating and Discovering Sites) is a great publication, sort of an NSD
for the K-12 crowd. Researched and written by students in Boulder, Colo.
and Madison, Wis., KIDS seeks and reports on sites of interest and use to
school kids. Clear, straightforward reviews coupled with student-centered
selection criteria make the report a great resource for teacher and pupil
alike. Students assemble the KIDS Report every two to three weeks, often
focusing on a single theme such as ancient civilizations or native
Americans. The report is available via e-mail or at a Web site that
features current and archived issues as well as information on selection
criteria. To subscribe, e-mail mailto:listserv@lists.internic.net with
"subscribe kids Yourfirstname Yourlastname" in the body of the message. All
in all, definitely A+ work.
<http://wwwscout.cs.wisc.edu/scout/KIDS/index.html>
HYPER-HYPERLINKED NET NOVEL EXAMINES TUBE PASSENGERS
This hyperlinked book by Geoff Ryman, about the passengers of a London Tube
train, relies on your curiosity about the peripheral others in your life.
While "nothing much happens in this novel", it offers extensive insight
into the hundreds of passengers on one train. Take Ms. Danni Jarret, whose
black T-shirt shows Pooh buggering Piglet and whose diary shocks a sneaky
neighbor. At first, we're told her outward appearance, then we get some
facts of life (literally), and finally, we're omnisciently told what she's
thinking. All characters are interlinked with another - from Danni we can
click to Miss Flora McCardie, the sneaky neighbor. The concept is
intriguing and comes off well. <http://www.ryman-novel.com/>
City Pages gives you alternative news and arts with help from the
FutureSplash plug-in. "War of the Future", a quick, chilling rehash of a
scenario in The Economist, is a sampler you'd never find in USA Today or on
your local evening news. Nor would you likely find "Walgreen's celebrates
Black History Month with fade cream" in the mainstream. Home voting,
JonBenet Ramsey, toast, local news on the Net, restaurant (Minneapolis-St.
Paul) and movie reviews - the range of topics is wide and au courant.
Navigation is a piece of cake, although some will find the small text a bit
hard to read. Many of the classifieds are risque, but they're not in your
face, so that shouldn't keep you away. <http://www.citypages.com/>
Road 'n Grime bills itself as an e-zine for the on- and off-road mountain
bike aficionado, though mistaking it for a humor magazine aimed at
masochists would be an understandable error. While the zine does sport a
few articles by writers, the guts of the mag and the real entertainment can
be found in reader feedback sections such as "Scrap Metal: Top 1,001 ways
to turn your bike into worthless scrap metal", and "Wipeout: serious
damage, tell us how it happened to you". The stories are painful but often
hilarious, though they may cause the rational to think twice before
becoming an avid mountain biker. If, however, mud and blood course through
your veins and you think bike tools and hardware are objets d'art (Road 'n
Grime does), this is the trail for you. <http://roadngrime.bc.ca/>
Newsworthy tidbits
in lines of five, seven, five.
Easy to digest.
<http://www.onix.com/steelyda/headline.htm>
If you want to keep up-to-the-moment tabs on what's happening in Russia,
Russian Story is definitely the place to be. The service offers current
copies (in Acrobat PDF format) of several Russian newspapers, including
Pravda and Argumenty i Facty, which, according to the venerable Guiness
Book of World Records, is the largest circulation newspaper in the world.
Of course, you have to be able to read Russian but if that's not a problem,
the site is probably the next best thing to a news kiosk in Moscow.
<http://www.russianstory.com/>
Check it out, ladies: The Field Guide to North American Males provides a
powerful taxonomy to help you win the battle of the sexes. Boy families are
artsy; gainfully employed; athletic; and casual. The families are divided
into species. For example, the casual boy is either a Pathological Don Juan
(Emptyus veeum) or Slacker Boy Toy (Sluttus virum). Get the lowdown on
plumage, habitat, feeding habits, sexual and agonistic displays, courtship
behavior, mating rituals and mating calls. The site exists to stump for the
book of the same name, but stands on its own merit.
<http://www.fieldguide.com/>
B. Elwin Sherman churns out Sherman's March weekly on whatever subject,
mundane or outlandish, strikes his fancy. Subjects tackled in the past have
included cloning and a Dave Barry-ish dissertation on how some southern
states have started importing trash and raising taxes to pay for their
recycling efforts. Load your sarcasm plug-in and join the march.
<http://www.neponset.com/shermans_march/>
A THINKING MAN'S THOUGHTS ON THE BRAIN
William Calvin is a prodigious author with a keen intellect, a refreshingly
forthright and pragmatic style, and a sense of humor. His site (see NSD
1.15), which indexes all his work on the brain and evolution, is fast and
well laid out. One of his most famous and popular collections of essays
(and a personal favorite of our editor), "The Throwing Madonna", is now
available online in full-text and summary forms for personal use. Calvin is
one of the brightest and most enjoyable thinkers of our time and this book,
and his site, reflect that.
<http://weber.u.washington.edu/~wcalvin/bk2/bk2.htm>
You don't need to speak German to enjoy Die Virtuelle Mumie. Heck, we know
only enough to figure that must mean "The Virtual Mummy" - beyond that
we're clueless. From what we can tell, a few German researchers took one
sharp-looking mummy and shoved her (OK, we figured that out too) into some
medical imaging equipment to undertake some digital dissection of her head.
The outcome is a set of unique QuickTime VR images of said mummy. You can
peel away the wrappings and peer inside the skull, rotate it this way and
that, slice bits off. If you happen to read German, all the better. Drop us
a line and tell us what's going on here beside the cool QuickTime.
<http://www.uke.uni-hamburg.de/Institutes/IMDM/IDV/Projects/Mumie/mumie.html>
NOVA UNEARTHS THE PYRAMIDS OF GIZA
Join the Public Broadcasting Station's celebrated scientific series on a
fascinating journey to ancient Egypt. With maps, broadcast transcripts, and
a detailed tour in text and photo, you can follow recent excavations and
learn more about the pyramids of Khufu, Khafre, and more. Even better for
us, it's in English. <http://www.pbs.org/nova/pyramid/>
The online Monterey Bay Aquarium offers an adventure for those fascinated
by things of a nautical nature. From sea otters to jellyfish to deep sea
fishes, the Web site provides glimpses into the world beyond the sand -
literally. Check out the Kelp Cam. There are links to their ongoing
research, and details if you want to pay a visit in person (recommended).
If you've already visited and are considering a return, check out the
What's New section, which describes current and upcoming events at the
acquarium and around the Monterey area. <http://www.mbayaq.org/>
WHAT'S ADORABLE, FURRY, AND LOVES BAMBOO?
Panda lovers will want to bookmark this. The CyberPanda Web page supplies
the latest news about giant pandas, including updates on the mating of
pandas in captivity. You can also check out a gift shop just filled with
panda paraphernalia, such as postcards, posters, and photos. Get details on
the "Bamboo Award", view the panda gallery and panda album, and lend your
support to the "Living Planet Campaign". There's also a Live Chat link
where you can visit with other panda pals, and a section for Panda
Sightings. You can even test your knowledge with the Panda quizzes.
<http://www.cyberpanda.com/>
Yep, Fred. This is one of the more interesting bits of software to come our
way in quite a while. Doom and Quake owe not a little of their success to
the state-of-the-art graphics engine created by iD Software. Fred aims to
be the equivalent for the Java online game crowd, and even this early
incarnation is impressive. Fred's a prototype for a networked, 3-D,
first-person game implemented entirely in Java, and dang if it doesn't work
quite well. There are limitations, like problems implementing textures and
small window sizes, but undoubtedly these will be overcome as Java
performance improves. In the meantime, see for yourself.
<http://langevin.usc.edu/Fred/>
Netsurfer Digest Home Page: http://www.netsurf.com/nsd/index.html
Netsurfer Digest FTP Site: ftp://ftp.netsurf.com/pub/nsd/
Subscribe WWW form: http://www.netsurf.com/nsd/subscribe.html
Subscribe E-mail: nsdigest-request@netsurf.com
Include one of the following commands in the BODY of the
message:
HTML Format version: subscribe nsdigest-html
Plain ASCII version: subscribe nsdigest-text
Unsubscribe and other FAQ info: http://www.netsurf.com/nsd/ndfaq.html
Submission of Newsworthy Items: pressrm@netsurf.com
Letters to the Editor: editor@netsurf.com
Advertiser and Sponsor inquiries to: sales@netsurf.com
Netsurfer Communications: http://www.netsurf.com/
General Information: info@netsurf.com
Letters to the editor may be printed unless you explicitly tell us not to.
Writers and Netsurfers
NETSURFER DIGEST © 1997 Netsurfer Communications, Inc.
All rights reserved.
NETSURFER DIGEST is a trademark of Netsurfer Communications, Inc.