Copy Link
Add to Bookmark
Report
Atari Online News, Etc. Volume 06 Issue 29
Volume 6, Issue 29 Atari Online News, Etc. July 16, 2004
Published and Copyright (c) 1999 - 2004
All Rights Reserved
Atari Online News, Etc.
A-ONE Online Magazine
Dana P. Jacobson, Publisher/Managing Editor
Joseph Mirando, Managing Editor
Rob Mahlert, Associate Editor
Atari Online News, Etc. Staff
Dana P. Jacobson -- Editor
Joe Mirando -- "People Are Talking"
Michael Burkley -- "Unabashed Atariophile"
Albert Dayes -- "CC: Classic Chips"
Rob Mahlert -- Web site
Thomas J. Andrews -- "Keeper of the Flame"
With Contributions by:
Tom Mage
To subscribe to A-ONE, change e-mail addresses, or unsubscribe,
log on to our website at: www.atarinews.org
and click on "Subscriptions".
OR subscribe to A-ONE by sending a message to: dpj@atarinews.org
and your address will be added to the distribution list.
To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE
Please make sure that you include the same address that you used to
subscribe from.
To download A-ONE, set your browser bookmarks to one of the
following sites:
http://people.delphiforums.com/dpj/a-one.htm
http://www.icwhen.com/aone/
http://a1mag.atari.org
Now available:
http://www.atarinews.org
Visit the Atari Advantage Forum on Delphi!
http://forums.delphiforums.com/atari/
=~=~=~=
A-ONE #0629 07/16/04
~ Senate After Phishers! ~ People Are Talking! ~ New Bagle Spreads!
~ Chatting Up The Atari! ~ Homeless Hacker Home! ~ VGS Show Saturday!
~ eBay Flirts With Music ~ Firefox Set For Fall! ~ Napster Suits Stay!
~ MS Shuts Down Spammer! ~ Identity Theft Bill OK ~ Fair Use Bill Gain
-* Windows XP Update In Fall?! *-
-* Online Hacker Shop Gets Shut Down! *-
-* Internet Explorer Slips, Loses Market Share *-
=~=~=~=
->From the Editor's Keyboard "Saying it like it is!"
""""""""""""""""""""""""""
Well, they say that all good things must come to an end. They weren't
kidding! Other than this upcoming weekend, my two weeks vacation is just
about over. Part of this vacation seemed to fly by while other days
lingered (thankfully!). I got quite a bit done, and managed to get in quite
a bit of relaxation - i.e., doing nothing! The gardens have been filled in
with new mulch, finally. I still have quite a bit of mulch left, so I'll
spread it around some trees and whatever to get rid of it. The veggies are
doing well, although the cooler than normal temperatures haven't provided
any kind of growth spurts as is normal with higher temperatures - not that
I'm complaining about the cooler weather! We just about finished the
flooring in the larger of the two new sunrooms that we added last fall.
Amazing how much difference (and easier) the job becomes when you have the
right tools to do the job. I was trying to cut strips of laminate flooring
planks with a reciprocating saw - just too many "wavy" cuts. I finally
broke down and purchased an inexpensive table saw and all of those issues
went away! I hope to have the floor laid down in the smaller of the two
rooms before the weekend arrives. Then all we'll have left to do is put
down the molding and pick up some blinds. Then we'll put the furniture out
there rather than the temporary patio furniture that I'm using now.
The weather overall was pretty good. Last week was warm and sunny, but this
past week has been dreary and wet. At least I was "forced" to get the
indoor projects done - I had no excuse not to do them! Like Joe, my wife
has plenty of "honey-do" stuff for me.
Well, I want to take advantage of what little vacation time I have left to
relax. I still have plenty of cold beer to finish off, and a few more
sunsets to enjoy.
Until next time...
=~=~=~=
Chatting Up the Atari!
Every Tuesday night at 9:00 PM EST a few Atari enthusiasts get together
to talk about anything, everything, and even Atari related items too.
The Weekly Atari Chats have been going on for longer than anyone can
honestly remember. My understanding it all started in the late 1980s on
CompuServe in the Atari Forum. It then moved to The Atari Advantage
Forum on Delphi.com in the late 1990s. About two years ago it moved to
Atarinews.org where it still takes place today.
No fancy web browser or Java application is needed to take part in the
chats. What is needed on your computer is a Telnet client. If you
never used a Telnet clients don't worry it's very simple to use. The
Telnet interface is very basic since in our case it is just a text
interface. For those of you who have been around long enough it is very
similar to connecting to a Bulletin Board System of years ago. You
navigate with keyboard commands there is no graphics used or a mouse
needed. The best part is a Telnet client requires very little computing
resources or requirements besides an Internet connection. So even very
old computers even those from the 80s can join the chat and not be left
out. Also most operating systems in the past 10 years already come with
a Telnet program already installed with the operating system.
To access your telnet client here is a quick list of Operating Systems
and methods of accessing the telnet client.
Windows 3.11 (Windows for WorkGroups) : This is from memory but if you
have TCP/IP installed there should be a Telnet program under the
networking program group.
Windows 9x - XP : Goto START > RUN > Then type in 'TELNET' and press
ENTER. The Telnet client will start. Or type 'TELNET' from the DOS
Prompt.
Apple Mac OS 7 - 9 : There is no built in Telnet client that I am aware
of. There are many free ones available on the Internet. Go to
http://www.download.com and search for 'Telnet'. A Telnet Client that I
have used under Mac OS 9 is the NCSA Telnet program. It is available at
this location : http://archive.ncsa.uiuc.edu/SDG/Software/MacTelnet/
Atari ST : There are no built in Telnet applications for the Atari ST.
Good news is that there are many 3rd party Telnet applications
available. In CAB 2.7 and higher there is an included Telnet
application. Another one is Teli and is available at this location :
http://home.camelot.de/zulu/Teli/
Mac OSX, BeOS, NeXTStep, OpenStep, IRIX, OS/2, and most Linux and Unix
distributions : Just open the Terminal Application Window and type in
'Telnet' and press ENTER or type in 'Telnet atarinews.org' and press
ENTER. The atarinews.org is the address or where you wish to Telnet to.
Amiga and other Operating Systems : You need to scan your hard drive for
'Telnet.*' and see if one is there already. If not go to your favorite
Operating System software web site and download a Telnet Client.
Once you have a Telnet client at your disposal you are now ready to hit
the Chat. Below is a session capture using the Operating System's
command line to call the Telnet program and proceed to the Chat area. A
couple of things to keep in mind about the transcript below was that I
already had a User ID and Password from a previous visit so setting one
up is not shown below. Since this article is in text only I can't do
Bold or Underlining of my responses to what I am typing in at the
prompts will be enclosed in these [] type of brackets.
$ [telnet atarinews.org] Trying 209.181.11.57... Connected to
atarinews.org. Escape character is '^]'.
Red Hat Linux release 7.3 (Valhalla) Kernel 2.4.18-18.7.x on an i686
login: [bbs] Password: [bbs] Last login: Tue Nov 19 19:21:54 from
209.115.59.66
Welcome to The AtariNews.Org BBS
This BBS was setup mainly for its chat feature... to give the guys from
the Atari forum on Delphi a place to chat. We'll see how it goes. A
full BBS is obviously overkill but after trying a few web based chat
systems and the Atari web browser having a problem with frames and
refresh headers, this seemed like the next step.
userid ('new' for new user):[me] password [mypassword]
Welcome to the system. Have a look around if you like. On the main
menu, you can select "Talk" for the chat area.
The AtariNews.Org BBS No Board Currently
Selected Enter Command: [Talk]
Interactive Talk Menu No Board Currently
Selected Enter Talk Command: [Chat]
Enter chatid: [Handle]
The AtariNews.Org BBS Chat System -- type /h for Help *** Welcome to
Chat, Handle *** 1 other user(s) present *** 0 other visible room(s) in
use *** Handle has entered room 'main' -->
And now I am in and ready to chat. Typing in '/h' will display all the
help that is available to you in the chat room. It's a good idea to at
least see what's available to you for future use. There are a couple of
issues that may occur for some users depending on your setup at home or
work. If you are behind a firewall or proxy server you may have to
grant permission to be able to Telnet out. If you have any questions or
issues feel free to contact me at fmh@netzero.net and I'll do my best to
answer any questions.
See that was not so tough after all. Now on Tuesday nights if have
nothing else to do swing on by and chat with a few old friends.
=~=~=~=
PEOPLE ARE TALKING
compiled by Joe Mirando
joe@atarinews.org
Hidi ho friends and neighbors. Another week has come and gone, and the
political scene... as well as the weather... is heating up. I'm not
going to talk much about politics this week because, let's face it, if
you aren't paying attention to it on the news these days, you sure as
heck don't want to read about it here. I'll just remind my countrymen
that it's not only a right but a responsibility to vote. It's why the
system works, and why we have the freedoms that we enjoy now. If you
don't vote, you don't get to complain. And if you're like me this idea
will tickle you... Every four years you get a chance to overthrow the
government.
Anyway, that's not what I came to tell ya about. I came to talk about
the UseNet. The UseNet, as you almost certainly know, is where I get the
posts each week for this column. For years now, I've seen a big decline
in the number of messages during the summer months. People's minds turn
to taking care of the lawn and vacations at the shore and things of that
nature during the summer. Posting in the NewsGroups just doesn't compete
well with all of that. So the number of messages each week is low during
the summer. But for the past several years, it's been getting worse.
Back when I started doing this column for STReport, I could count on
hundreds of messages in the NewsGroup even during the summer. This week,
there are a grand total of 52 new messages.
I guess it's not all that unexpected. I mean, when was the last Atari (I
mean actually made by Atari) computer manufactured? Yeah, it's been a
while. Given that fact, I find it kind of amazing that there are any of
us left who have an interest in Atari computers.
I know you've heard me say it before, but I'm going to say it again: My
Atari computers were hell-on-wheels in their day, and even being the
wonders that they were, they still managed to have their own...
personalities... for lack of a better word. I always felt them to be
friendly and willing to help me with what I needed or wanted to do. I
know that there's no real scientific basis for this, but I always...
always enjoyed using an Atari, no matter if it was my first 1040ST,
STacy, STE, MegaSTE, or TT. It was like getting together with an old
friend. You know the kind of thing where you could sit with a buddy for
hours on end and not say more than a few words and yet know that the
time together was well-spent? Well that's the feeling that my STs always
gave me. I really can't explain it other than that, but that's enough
for me.
And I think that might explain why there are still a bunch of us all
around the world who cling to the memory of using our Atari computers...
even if we no longer actually use them all the time. I've still got my
TT set up on my computer desk. Even though it doesn't get daily use
anymore, I haven't the heart to put it away in a closet or sell it. Even
though my wife casts looks at the TT almost daily, I can't bring myself
to get rid of my old friend. Every so often I need a "fix". I simply
have to sit down in front of the TT and just get reacquainted with it.
And yes, it's still like getting together with an old friend. My
"workhorse" machine is much more modern... much faster, much more
storage, has more colors and better resolution, but it still lacks that
indefinable quality that I've categorized as 'personality'. I'm betting
that you have felt the same thing. Even though your mind knows that a
more modern computer is more efficient and all that, your heart on
occasion goes back to the time when computing was simpler. When these
technological marvels were of many different families and languages, not
just one or two. Ah, those were the days, eh?
Even emulators and virtual machines don't fill the bill for me. Yes,
they're a taste of the old days, but a taste is not usually enough. And
I've always been philosophically opposed to doing serious work with an
emulator. In general, if you're going to use a particular machine, I
feel you're better off using an application meant for that machine. Of
course there are a few applications on our old beloved platform that
have no equal in the modern PC world and, in those cases, tough choices
must often be made. To stay with an old hardware platform that will
certainly become harder and harder to maintain as time goes on, or to
"jump ship" and make due with whatever software offering is available
for the "new" hardware. We've all been faced with that choice by now,
and a goodly number of us have chosen to straddle the line between the
old and new, to jump back and forth between what was and what is, to
enjoy the best of both worlds. And that suits my philosophy. Computers
should give us more choices, not less.
Okay, enough of that stuff for this week, eh? Let's get to the news,
hints, tips and info from the UseNet.
From the comp.sys.atari.st NewsGroup
====================================
During a conversation about designing an ethernet card, 'Coda' says:
"No point, there's 2 brand new Ethernet interfaces coming to the Falcon very
soon, and they don't rely on a dodgy ISA based chipset..."
Brian Roland tells Coda:
"Do tell more about it! Something that doesn't choke up the cartridge port
I hope........."
Coda replies:
"No, no cartridge port involved, but I can't say any more than that right
now. Expect an official announcement within the week."
Janez Valent adds:
"Well Nature brothers developed NatNET, a100mbit ethernet card for the
CT60. So if you don't think on that one as well, thats a 3rd project...
It contain 2xUSB ports as well."
Beebee chimes in and posts:
"Well, 2 usb 1.1 12 mb/s if I read the doc correctly.
Well, it's development or it's another possibility????? What about
drivers, do you have details????? What about price, disponibility and so
on..... All details are welcome......"
Coda replies:
"USB 2.0 low (1.5) & and full speed (12mbits)
Nature will be doing the Ethernet drivers, I will be coding the USB stack.
See Rodolphe Czuba's announcement on Nature's behalf. If you're on the
mailing list you should have it by the time you read this.
And there's still more to come ;-) Its gonna be a good year for Atari."
Piotr Mietniowski asks about testing out a hard drive:
"I have just bought a SCSI-2 HDD. This is a Seagate Barracuda 4.3 GB. I
would like to test and check that everything is OK (bad sectors). What
program is the best ?"
Peter Schneider tells Piotr:
"I suggest HDDRUTIL coming with Dr Uwe Seimet's HDDRIVER package."
Jim DeClercq adds:
"The things that go wrong with that model are not detected by a bad sector
test. You might try typing the part number in a search engine window, and
see what some people think of it.
You may have a good one. I had eight of the things, and learned a lot
about what goes wrong from them. I do wish you luck.
So plug it in and try it. With a proper active termination adaptor, it
will work if it can. But, I would advise current backups."
Sam F. asks for help in re-casing his Falcon:
"I really need help on how to extend the ports in the back of the falcon,
plus the enhanced joystick ports.
That's the main thing that is holding me back. I've already removed the
falcon from it's original case.
Aaarrrgggghhhhh, I need help."
Janez Valant tells Sam:
"... Get male connectors, female connectors and solder wires between, it's
not quantum physics.... or mount motherboard that will touch rear side of
tower and cut a hole in back side...."
Rob Schmersel adds:
"There is no need to solder at all, you can get all (or nearly all)
connectors as a variant to press onto a flatband cable. Perfect for those
not used to soldering. Just have a look at Digikey."
Derryck Croker adds his expertise to the conversation:
"You will want IDC (Insulation Displacement Cable) and the appropriate
number and size of IDC D-way connectors to suit your project. I'd probably
get a length of cable with enough wires for the widest connector and split
it to fit the smaller ones.
Insert the cable into the back of the socket, you can see how the
bifurcated teeth will bite into the cable - then stick it into a vice and
squeeze it up. Job done.
Use a SHARP knife and a straight-edge to cut cable to length and use the
red stripe to identify pin 1 connections."
Sam tries to make sense of it all:
"Let's see if I understand this:
Let's use the printer port as an example.
Let's say I pull a printer port from an AT case. Now, I cut the end of the
cable that attached to the pc mb, and replace that end with a 25 pin male
connector. Then, I just plug that end to the Falcon's printer port and the
female end goes to the back of the pc case. Have I got it right or am I way
off?"
Steve Sweet makes a good point:
"I believe its false economy to reuse crimped connectors, they aren't
expensive, best to buy new. But apart from that point you are spot on."
Didier Méquignon posts this bit of rather exciting news:
"I have compiled Mplayer-1.0pre4 with SDL (thanks to Patrice Mandin for
his work), you can read or convert DVD, today unencrypted (we need the css
support inside Extendos, but I await good news from Roger Burrows). This
archive works on MiNT or MagiC in GEM window or with xbios fullscreen.
Configuration mini CT60-100 or Aranym (?) but we can always convert the
movie into another format (68020-60/FPU). Aniplayer can read DivX ;-)
http://perso.wanadoo.fr/didierm/files/MPlayer-1.0pre4-atari.lzh (3.47 MB)"
Mike Freeman echoes the thoughts of many of us:
"That's awesome news! Way to go, guys! You rule!"
Malcolm Dew-Jones asks a question that's been asked at one time or another
by just about anyone who's owned a STacy:
"I wish to remove the case of a STacy I have been given.
I can get the case part way off, but it appears the cables from the
monitor hold the two parts together. I am guessing I need to remove the
screen first, but how? Does anyone have instructions on removing the case
of a STacy?"
'Bob' tells Malcolm:
"You are correct about the screen. It comes off easily enough when all
connections are pulled. You have to pass all the cables through the
hollow centre of the spring loaded hinge assembly to get the top half
of the stacy off. They just about go through one at a time. I have done
this loads of times, It just needs a methodical approach and care.
I have heard of people that have managed to change the HD without
removing the top but that is like keyhole surgery and is very hard on
the knuckles!"
Malcolm replies:
"OK I appear to be on track (finally).
The screws for the cover are hidden under the label
( /|\ Atari STacy )
(the label just below the monitor screen). I peeled off the label and
stuck it on the body where it won't be in the way next time.
Several of the plastic catches broke, so the lid won't ever again sit
together perfectly, but what the heck.
I haven't got further yet, but it all looks do-able now, thanks."
Well folks, that's it for this week. Tune in again next week, same time,
same station, and be ready to listen to what they are saying when...
PEOPLE ARE TALKING
=~=~=~=
->In This Week's Gaming Section - PlayStation 3 Unwraps In May!
""""""""""""""""""""""""""""" VGS Show This Saturday!
=~=~=~=
->A-ONE's Game Console Industry News - The Latest Gaming News!
""""""""""""""""""""""""""""""""""
Sony to Show Working PlayStation 3 Next May
Sony Corp. expects to show off a working version of its next-generation
PlayStation video game console at a trade show next May, it said on Monday,
increasing pressure on Microsoft Corp. to take the wraps off its Xbox
successor by that time.
Sony's game-business head Ken Kutaragi said the consumer electronics
company plans to unveil the new console at next year's E3, the annual
video-game trade show scheduled to take place from May 18 to 20 in Los
Angeles.
"There has been some talk that development is not going well, but we expect
to have a playable version at E3. We are pushing ahead with that schedule
in mind," Kutaragi told a meeting of developers, suppliers and media.
Kutaragi did not mention a launch date for the new console, expected to be
called the PlayStation 3 or PS3, but company officials said it may follow
a similar timetable to market as its predecessor, the PlayStation 2, which
went on sale in Japan almost a year after it was first displayed.
Analysts said they expected the PS3 to be released for sale to U.S.
consumers sometime in 2006.
"I would still expect a 2006 launch, at this point," said Schwab SoundView
Technology Group analyst Colin Sebastian. "
The PS2 had a head start of about a year on its competitors, Microsoft's
Xbox and Nintendo Co. Ltd.'s GameCube, and has a worldwide installed base
far larger than the other two combined.
Next year's E3 could be the stage for a showdown of new consoles. Nintendo
has already pledged to take the wraps off its new game machine, code-named
"Revolution," at that time.
"The ball is now in Microsoft's court to make the next move," Sebastian
said. "If Sony is going to be showing the PS3 at E3 next year, then
undoubtedly Microsoft and Nintendo will want to be there showing theirs as
well."
Microsoft officials have repeatedly said that the software company's new
game machine, dubbed "Xbox Next" by media, would not be beaten to market
by Sony. There has been speculation that Microsoft could put a more
tangible time frame on the console as soon as this month, when it reports
fiscal 2004 results.
"It looks like Microsoft is fairly advanced at the moment. The company
might have gotten wrong-footed a bit, but it looks like everything is going
to turn up at the same time," said Hiroshi Kamide, analyst at KBC
Securities in Tokyo.
"One thing is for sure: This will change the landscape of the industry
significantly," said Kamide.
Sony's next-generation console will be powered by its "Cell" microprocessor
being developed with International Business Machines Corp. and Toshiba
Corp. as the consumer electronics industry's answer to Intel Corp.'s
Pentium computer processor.
The Cell chip is being billed as 10 times more powerful than conventional
semiconductors, with the ability to shepherd large chunks of information
through a high-speed Internet network.
Kutaragi's comments on the new console formed the buzz of a briefing that
was expected to flag the release of another new Sony game machine,
PlayStation Portable (PSP).
Known as the father of the PlayStation, Kutaragi stood by Sony's target to
offer the PSP - its first handheld game machine - in Japan before year-end
and to launch it in Europe and the United States by March 31.
Some analysts have said those launch dates are unrealistic because of
delays encountered in development, but Kutaragi unveiled an even loftier
goal.
"We've come to the point when there is a PlayStation for almost every
television. It's our dream for there to be a PSP for every person,"
Kutaragi told reporters after the briefing.
=~=~=~=
->A-ONE Gaming Online - Online Users Growl & Purr!
"""""""""""""""""""
Atari and Classic Show July 17 - Free Admission
In Lombard Illinois.
Visit the VGS website: http://avc.atari-users.net/Events/FestVGS.html
For more information about Video Game Summit contact Daniel Iacovelli at
AtariVideoClub@yahoo.com
The 2004 Video Game Summit is being held on July 17th, 2004 from 9am to 6pm
at the Lombard Inn and Suites hotel (Heron Point Building) formerly the
Quality Inn and suites hotel 645 West North Avenue, Lombard, IL.
I'll have a table there with some interesting items, boxed virtual boy,
some other boxed systems. Might bring a Best Electronics Waterworld "proto"
Will be selling AND trading, so check my "wish list". Feel free to post if
you are coming, I'd be interested to know.
Thanks,
Tom
=~=~=~=
A-ONE's Headline News
The Latest in Computer Technology News
Compiled by: Dana P. Jacobson
Microsoft Windows Update Set for August, After Delay
A major update to Windows XP, offering security enhancements and better
stability, will be available for download and on CD-ROMs from August, two
months after its originally scheduled date, Microsoft Corp. said on Monday.
The world's largest software maker had originally aimed to release the
update, called Service Pack 2, in June.
Mike Nash, Microsoft vice president for security, said that his group
needed more time to ensure that the update was stable and would work with
other programs when installed on personal computers running Windows XP, the
latest version of the operating system found on more than 90 percent of the
world's PCs.
Redmond, Washington-based Microsoft has made it a top priority to improve
the security and reliability of its software, after Chairman Bill Gates
launched its "Trustworthy Computing" initiative in a companywide memo in
early 2002.
"We will be proactive in having enterprise move to Windows XP and Service
Pack 2," Nash said, adding that new computers sold from this fall would
start to feature Windows with Service Pack 2 already installed.
Major worms, such as Blaster and MyDoom, have exploited flaws in Windows,
causing computers to crash and putting them at risk of data loss,
highlighting the challenge that Microsoft has in making its flagship
product more secure.
The update will be available to customers for free over the Internet and
can also be installed with CD-ROMs. Service Pack 2 for Windows XP Home
Edition will be about 70 megabytes and the update for Windows XP
Professional will be about 92 megabytes, Nash said.
EBay Flirts With Digital Music Downloads
Online auction giant eBay Inc. will allow some customers to buy and sell
digital music files as part of a pilot program that could piggyback on the
success of Apple Computer Inc.'s iTunes service.
San Jose, Calif.-based eBay said an unspecified number of "preapproved"
users could conduct digital music transactions in eBay's new "Digital
Downloads" category for the next 180 days. Executives will then determine
whether to formally enter the market.
"We don't want to blow this out of proportion - this is a pilot program to
see if there's even any demand," said eBay spokesman Hani Durzy. "Much of
what happens on eBay happens because the community takes us there, and this
is essentially giving the community a way to see if we should create this
new venue."
The experiment, announced this week in a posting on eBay's Web site,
reverses a longstanding policy at the world's largest auction company.
For years, eBay included digital music on its list of forbidden
merchandise, along with human corpses, weapons and drugs. The company still
forbids most digital downloads, including software, video delivered through
peer-to-peer file-sharing communities and e-books.
Customer service representatives will monitor eBay's fledging music site
and try to ensure that the sellers own copyrights to the songs.
EBay's venture comes the same week that Cupertino, Calif.-based Apple
announced that 100 million songs had been sold at its iTunes Music Store.
Internet Explorer Slips, Loses Market Share
Microsoft's Internet Explorer is losing some of its extraordinary
popularity as it becomes increasingly clear there is a downside to
integration with the Windows operating system.
The Web browser, which accompanies the Windows OS on 96 percent of the
world's PCs, has lost a slight share of its market dominance.
To be exact, the market share for Explorer has dropped by more than a
percentage point from 95.48 percent to 94.42 percent, according to San
Diego-based research firm WebSideStory. The decline could be an indication
of a crack in Explorer's armor.
The security problems suddenly cropping up with Microsoft's browser - along
with the recommendations from the U.S. Computer Emergency Readiness Team
that users switch to another browser - apparently are taking a toll.
Microsoft has been wrapping up its antitrust lawsuits with states, which
largely revolved around its insistence that Explorer must remain integrated
with the Windows operating system. Microsoft had its way. Some industry
experts say its settlement with the U.S. government and the states has been
a slap on the wrist in view of the fact that Explorer enjoys a virtual
monopoly.
But the browser has been difficult to upgrade. It is not nimble, and that
has allowed competitors like Mozilla to shine. "The integration of Explorer
with Windows now seems like a high price to pay," said Mitchell Baker,
President of the Mozilla Foundation. "What I'm excited about is that
Mozilla is getting known," she told NewsFactor.
Mozilla is the open-source browser and e-mail client based on the old
Netscape product. The Foundation does not keep track of all the free
downloads that occur and how people use the browser. But the buzz around
Mozilla definitely is heightened these days, Baker says.
"We're in the middle of a change that we haven't seen before," she
observes. "We're pretty close to the product, and we've been getting review
after review that it's better than Explorer."
Still, real change in the market share will come through enterprise
adoption, which remains a challenge for Mozilla. In shops that run Linux,
Mozilla appears to be the browser of choice in offerings from Red Hat, SuSE
and Debian.
But Microsoft Windows Server clients might suffer through the security
risks of Explorer for a while longer, in hopes that Microsoft can tighten
up. Mozilla does not integrate tightly into Microsoft's business-software
system, but that may not matter if Microsoft cannot put an end to the
vulnerabilities in the browser the company went to war to preserve.
Firefox 1.0 Set For September
The Mozilla Foundation on Tuesday set September as the release date for its
free open-source Firefox browser.
Firefox, which has been collecting accolades from users and analysts -
especially as recommendations mount to switch from Microsoft's
vulnerability-plagued Internet Explorer - is currently in beta, but is
shooting for final by Sept. 14, said Mozilla's Ben Goodger in a revised
roadmap posted to the organization's site.
"While we may slip past this, we want to set that date so that it gives us
a near term goal to target," Goodger wrote. A release candidate - more than
beta and a step closer to final - will post next month, Goodger added.
Firefox is currently in beta version 0.9, which released last month, and
runs on Windows, Linux, and Mac OS X platforms.
The browser can be downloaded from the Mozilla Web site.
Senate Bill Targets 'Phishers'
Internet scam artists who use fake Web sites to dupe people into revealing
sensitive financial information could face up to five years in jail and
forced to pay $250,000 in fines under a bill introduced late last week in
the Senate.
The legislation, introduced last Friday, is designed to fight "phishing,"
one of the newest and most dangerous forms of online fraud.
In a typical phishing scheme, a scammer sends out an e-mail message
disguised to look like an official notice from a respectable business such
as a bank or online store. The message tells recipients that their account
information has lapsed and prompts them to click on a link to enter it
again. Users then are carried to a counterfeit Web page where they are
prompted to enter credit card numbers or other private data, unwittingly
handing their information over to the thieves.
Phishing threatens the integrity of secure shopping on the Internet and
could hurt electronic commerce, said the bill's sponsor, Sen. Patrick Leahy
(D-Vt.). "If you can't trust where you are on the Web, you are less likely
to use it for commerce and communications," Leahy said in a statement
released on Friday.
Phishing scammers already violate a host of identity theft and fraud laws,
but prosecuting them under those statutes can be challenging, said Rich
Phillips, a Leahy aide. To charge scammers now, law enforcers need to prove
that a victim suffered measurable losses. By the time they do that, he
said, the scammer has often disappeared.
Phishing victims lost $1.2 billion to identity theft-related fraud between
April 2003 and April 2004, and were three times more likely than the
average American to have their identities stolen, according to an online
survey of 5,000 people conducted in May by Stamford, Conn.-based firm
Gartner Research.
"The Internet's becoming a very dangerous place to conduct financial
business unless you're willing to scrutinize your activities very closely,"
said Gartner Vice President Avivah Litan.
The Anti-Phishing Working Group, a group of Internet service providers,
banks and other companies that suffer because of phishing, identified more
than 1,000 different scams in May, said the group's chairman, David Jevans.
The average phishing attempt will reach between 50,000 and 1 million e-mail
in-boxes, he added.
Visa USA, whose logo and Web site are often duplicated by scammers,
launched an anti-phishing educational campaign earlier this month with the
Treasury Department, the FTC, Call for Action and the Better Business
Bureau.
The FTC has filed several fraud cases against suspected phishers. Top
commission officials have spoken out against phishing but the FTC has not
taken a stance on Leahy's legislation, said spokeswoman Claudia Bourne
Farrell.
Phillips said that Leahy is hopeful that Congress will approve the bill,
but acknowledged that it might not get a vote because before Congress
adjourns because of the busy election year schedule.
Bush Signs Identity Theft Bill
President Bush signed a tough new identity theft bill into law today,
legislation passed by Congress in response to evidence that the problem is
growing rapidly as more Americans use the Internet to shop and manage their
personal finances.
The Identity Theft Penalty Enhancement Act adds two years to prison
sentences for criminals convicted of using stolen credit card numbers and
other personal data to commit crimes. Violators who use that data to commit
"terrorist offenses" would get five extra years.
"Like other forms of stealing, identity theft leaves the victim poorer and
feeling terribly violated," Bush said today at a White House signing
ceremony. "The criminal can quickly damage a person's lifelong effort to
build a good credit rating."
Rep. John Carter (R-Texas), the bill's sponsor, said the signing is "one of
the shots taken in a battle that we've got to win."
"It's a crime that we need to address and address seriously both for the
protection of the credit of American citizens and for the protection of
homeland security," Carter said.
Identity theft topped the list of consumer fraud complaints to the Federal
Trade Commission in 2003, accounting for more than half of all the
complaints tracked by the agency. The FTC recorded 214,905 cases of
identity theft in 2003, up from 161,836 in 2002.
In a report published last September, the FTC estimated that identity theft
claimed 9.9 million victims in 2002, costing businesses and consumers $53
billion. The report, based on a telephone survey of more than 4,000 adults,
estimated that as many as 27.3 million Americans fell victim to identity
theft in the last five years.
Phishing victims alone lost $1.2 billion to identity theft-related fraud
between April 2003 and April 2004, and were three times more likely than
the average American to have their identities stolen, according to an
online survey of 5,000 people conducted in May by Stamford, Conn.-based
firm Gartner Research. One of the newest, most virulent forms of ID theft
on the Internet, "phishing" scams involve online thieves who dupe consumers
into entering personal data on counterfeit banking and e-commerce Web
sites.
The law will make it more likely that thieves are prosecuted, said Betsy
Broder, assistant director for the Federal Trade Commission's Division of
Planning and Information. "A prosecutor is less likely to bring a case if
they're not going to get any serious jail time when the get a conviction,"
Broder said.
"There's a reality in how prosecutors do their business and that reality is
that they're going to take the cases that are easiest to prove and carry
the most weight," said Carter, a former county judge. "Identity theft was
basically being ignored."
The new law could help ferret out larger criminal enterprises because
identity thieves often work in groups, said Jim Vaules, vice president and
fraud expert at Dayton, Ohio-based archival firm LexisNexis.
"These are networks and often you only have one small tentacle of it in
courtroom," Vaules said. "If [prosecutors] have a tool that changes the
sentencing guidelines from probation to a prison sentence, it could have
significant results in people cooperating with the government and exposing
larger parts of the criminal network."
The law also orders the U.S. Sentencing Commission to consider increasing
the penalties for employees who steal sensitive data from their own
companies.
Michael Wolfe, the co-founder of Vontu Inc., a San Francisco Calif.-based
security software company that focuses on preventing internal fraud, said
this is an important focus of the law. He said Congress may have to pass
legislation requiring companies to take basic steps to protect consumers'
personal data.
Microsoft Shuts Down Spammer
Microsoft has won an almost $4 million verdict against a California man for
trademark infringement, false advertising, and "cybersquatting" stemming
from a spam campaign to distribute a desktop toolbar program on recipients'
Windows desktops.
Daniel Khoshnood of Canoga Park, California, was ordered to pay $3.95
million after the U.S. District Court for the Central District of
California found in favor of Microsoft in the civil case. Microsoft filed
the civil charges in June 2003, after receiving a flood of spam on its MSN
and Hotmail e-mail services from Khoshnood. The e-mail messages claimed to
offer a toolbar that, once installed, would automatically update
recipients' Windows systems with security patches, Microsoft says in a
statement.
Microsoft filed the suit before passage of the Federal CAN-SPAM Act, which
has already drawn several prosecutions.
Microsoft won a summary judgment against Khoshnood and his companies,
Pointcom and Joshuathan Investments, in January. That judgment ordered
Khoshnood to stop using Microsoft's trademarks and name, refrain from
spamming, and pay damages and legal fees, according to a court document.
In an e-mail statement, Microsoft hails the judgment as another victory in
its antispam initiative, begun in 2003. "Targeted enforcement activity is
beginning to have a tangible, negative financial impact on spammers and is
changing the economics of spam," the company said.
According to Microsoft, the company has filed 60 lawsuits in the United
States against spammers in the United States and other countries. Of those
cases, Microsoft so far has settled four, won six by default, had one
summary judgment, and had one case dismissed.
The company has been awarded $54 million in judgments from spammers, five
of whom were among the top ten known spammers, Microsoft says.
Homeless Hacker Gets Sent Home
Adrian Lamo, who gained a reputation as the "homeless hacker" for his
itinerant lifestyle, will be considerably easier to find - at least for the
next several months. Lamo was sentenced this week to six months of home
confinement after pleading guilty in January to charges that he broke into
the internal computer network of The New York Times.
Lamo, 23, also was sentenced to two years of probation and ordered to pay
more than $64,900 in restitution, after he hacked into The New York Times'
internal computer network, accessed and modified confidential databases,
and used the paper's LexisNexis account to conduct research, according to
a spokesperson for the U.S. Attorney's Office for the Southern District of
New York.
In an appearance in Manhattan federal court in January before Judge Naomi
Reice Buchwald, Lamo acknowledged hacking into the Times' network in
February 2002 and accessing a database containing personal information on
more than 3000 individuals who contributed editorials to the paper's Op-Ed
page.
Lamo also acknowledged setting up user accounts through the Times account
with the LexisNexis online information service, which Lamo used for more
than 3000 searches over a three-month period, according to information
provided by the U.S. Attorney's Office.
Lamo faced a statutory maximum of up to five years in prison and a fine of
$250,000 for his crimes, according to a statement by the U.S. Attorney's
Office at the time of his conviction. The restitution includes $18,500 to
cover the cost of the LexisNexis searches, says Sean Hecker, Lamo's
attorney. The Times initially estimated those costs at about $300,000.
During his probation, Lamo will have restricted access to computers and
e-mail and will be monitored by probation officers, Hecker says.
Lamo, a California resident, will live at his parents' home in Sacramento,
California, during the home detention. He will be allowed to leave home to
attend school but probably will have to wear a monitoring bracelet that
tracks his movements throughout the detention period.
Lamo gained notoriety long before hacking The New York Times for his
rootless life on the streets of San Francisco and for his skill in
penetrating the networks of high-profile companies such as Yahoo,
Microsoft, and Worldcom.
Lamo confessed to the Times break-in during an interview with
Securityfocus.com, a computer security news Web site, in February 2002.
That confession prompted an internal investigation by the Times that
uncovered evidence of Lamo's activities, and resulted in a case being
opened by the U.S. Federal Bureau of Investigation.
Before turning himself in to authorities in Sacramento, Lamo spent a number
of days in hiding after the government issued a warrant for his arrest in
September 2003.
"I think the sentence is fair and just and the resolution is a good one.
Adrian is looking forward to putting all this behind him," Hecker says.
Another New Bagle Variant Spreads
Antivirus software companies began warning e-mail users this week that the
persistent Bagle virus has re-emerged in a new version, Bagle.AF or
Beagle.AB.
The virus comes in the form of a password-protected.zip file and has the
password included in the message body as plain text or within an image.
According to antivirus company F-Secure of Helsinki, Bagle.AF has quite
similar functionality to Bagle.Z, which appears to indicate that the author
of Bagle.AF had Bagle.Z's source code.
The first Bagle virus, which spreads throughout the Internet via infected
e-mail messages and by targeting machines running Microsoft's Windows
operating system, was discovered in January.
Since then it has continually been popping up with new variants, and given
a plethora of names by the various antivirus companies. In March, a
variant - with three names: Bagle.U, W32/Bagle.n@MM, and W32/Beagle.m@MM -
struck the Internet and foiled users with a small bitmap image to escape
detection by antivirus programs.
F-Secure upgraded Bagle.AF to its "Radar Level 2" alert early Friday
morning after receiving several samples of it from infected users in North
America and Europe, according to Mikko Hyppönen, the director of
antivirus research at F-Secure.
"The beginning of the outbreak looked pretty bad, as the initial burst of
infections was big and worldwide," Hyppönen says in an e-mail response
to questions. "However, since then the amount of infections has leveled out
and we don't expect this to become any bigger problem. It seems that the
virus was seeded much more aggressively than some of the other recent Bagle
variants."
Trend Micro, based in Tokyo, rated the risk from the Bagel variant as
"medium," though it says the damage and distribution potentials of the
virus are high.
McAfee, in Santa Clara, California, raised its risk assessment to
"medium-on-watch" and warned it had the potential of being upgraded to a
high-risk threat. The company says, that as of late Thursday, it had
received over 100 reports of the virus, most of which came from the U.S.
Symantec upgraded its warning on what it is calling W32.Beagle.AB@mm to a
"Level 3" after it received 66 submissions of infections from customers, 17
of those being from corporate customers.
Fair Use Bill Gains Ground
A bill protecting so-called "fair use" rights will get a serious hearing in
the U.S. Congress. That's the prediction from advocates on both sides of a
debate over whether the U.S. Digital Millennium Copyright Act tramples
consumer rights.
With the support of Representative Joe Barton (R-Texas), named chairman of
the House Energy and Commerce Committee in February, the 18-month-old
Digital Media Consumers' Rights Act should eventually pass through
Congress, predicts Michael Petricone, vice president for technology policy
at the Consumer Electronics Association trade group.
Petricone and three others advocates on both sides of the issue debated the
anticircumvention provisions of the DMCA in front of congressional staffers
at a Congressional Internet Caucus event this week. The DMCA outlaws most
attempts to circumvent copy protection on digital content, as well as
devices primarily used to infringe copyright.
Opponents of the DMCA's anticircumvention provisions, including Barton and
Digital Media Consumers' Rights Act sponsor Representative Rich Boucher
(D-Virginia), argue the DMCA goes too far in making it illegal for
consumers to break copy protections in an attempt to exercise their legal
fair use rights, such as making backup copies of DVDs or excerpting a DVD
or CD in a school report.
"I think there is a growing consensus the DMCA went too far," Petricone
says. "We are quite confident [Boucher's bill] will pass. It may be now, it
may be later."
With Barton's support, the Boucher bill could find some traction in
Congress, adds David Green, vice president and counsel for the Motion
Picture Association of America, which opposes the proposed change to the
DMCA. Green says he hopes debates like the one this week will convince
lawmakers that the Boucher bill isn't needed.
Boucher's bill would "put a hole in the ship," Green says, by allowing the
creation of devices or technologies that have significant
copyright-infringing uses. The explosion of digital content available in
the last six years is due to the protections of the DMCA, he says.
"What's the pressing need here?" Green asks. "Do we see people out there
who say, 'I must back up my DVDs because I buy them and they disappear
immediately'?"
But Petricone and Fred von Lohmann, senior intellectual property lawyer for
the Electronic Frontier Foundation, argue that the DMCA turns copyright law
on its head by outlawing most technologies that can have other uses in
addition to violating copyright, instead of allowing those technologies, as
older copyright law did.
While the DMCA has done little to stop large-scale copyright thieves, it
has kept consumers from making personal copies of DVDs or CDs, halted some
cybersecurity research, and discouraged consumer electronics vendors from
introducing new products, von Lohmann says.
"Federal laws should strive to not do more harm than good," von Lohmann
adds. "[The DMCA] hasn't stopped the pirates--in fact, it hasn't even
slowed the pirates down."
But Green and Jonathan Zuck, president of the Association for Competitive
Technology, note that the DMCA allows exemptions for activities such as
research, and the U.S. Copyright Office has the power to review the DMCA
every three years and make exemptions to the anticircumvention provisions.
The DMCA creates a strong framework for protecting digital copyrights, Zuck
says. Boucher's bill "statutorily creates an excuse for infringement," he
says.
Petricone disagrees, saying the DMCA has discouraged consumer electronics
vendors from introducing new products for fear of getting sued.
"What you call defining a framework, we call creating an endless cycle of
litigation," he says to Zuck. "Business people are very risk adverse. The
question they ask their lawyers about a new product is not, 'Can we win a
lawsuit?' but, 'Are we going to get sued?'"
Cheap Copies Are A Risky Bargain
Windows XP for fifty dollars? Yes, it is too good to be true; in fact, it's
so good it's criminal. A growing number of online piracy operations are
selling cheap copies of software, calling them "backup" copies in an
attempt to circumvent copyright law.
"This is probably the fastest-growing means of pirating software; it's
becoming a serious problem," says Keith Kupferschmid, the Software and
Information Industry Association's vice president of intellectual property
policy and enforcement.
While the wording of the copyright law provides no actual legal shield for
these software resellers, the commerce sites have proliferated. From
October 2003 through May 2004, the SIIA tracked 163 operations that purport
to sell CDs of backup versions of software. Two-thirds of the domain names
were registered within the previous eight months.
Copyright law permits "the owner of a copy of a computer program to
make...another copy." This is the language the sites' proprietors claim
allows them to make copies of various software products and sell them to
consumers who already own a license of the software. But nothing indicates
the sellers verify that their customers already have a license for the
software for which they seek a "backup copy." The buyers are actually
seeking software on the cheap, industry groups say.
Most backup sites also offer pirated service packs and updates for the
applications they sell, in an attempt to bypass any need for legitimate
license agreement with the software publisher, according to the SIIA.
"The copyright law is being misused to disguise software piracy,"
Kupferschmid says. The SIIA has been actively monitoring backup sites for
the past 14 months.
The Business Software Alliance, a software manufacturers' advocacy group,
has sued some of the sites for copyright violation and piracy. However,
many of the sites originate overseas and are difficult to prosecute.
The Department of Justice declines to comment on any ongoing investigations
of the backup sites, although it too has sued pirates in the past.
Backup sites are often nondescript, yet appear respectable enough in design
so as not to arouse suspicion. Web shoppers might be willing to provide a
credit card number without much worry - especially if they're tempted by the
low price of the software.
The sites do, however, make it clear that none of the retail packaging and
literature is shipped with the copies, and that the software cannot be
registered with the company that published it. Software vendors note that
this is a clue to its illegitimacy.
Some backup sites not only provide the specific application, but also a
serial number or crack (a small application that deactivates the software's
copyright protection mechanism), according to the SIIA.
One thing you will not see on many of these sites is a phone number to
contact the seller. A proper privacy statement is likely to be missing as
well.
A recent study by the BSA shows surprisingly high levels of pirated
software in the United States and around the world. Researchers find 36
percent of the software installed on computers worldwide in 2003 was
pirated, representing a loss of nearly $29 billion to the industry. The
study finds 22 percent of software used in the United States is pirated.
The backup copy scheme is just one of many forms of piracy that have
contributed to those numbers, the BSA says. Another emerging piracy scheme
is the so-called OEM sites, which also sell cheap software copies with no
packaging or product literature.
"Original equipment manufacturer" copies are the discs you get when you buy
a new computer - CD copies of the various software applications already
preloaded onto the machine.
Software publishers send these copies to computer distributors expressly
for distribution with new hardware. Kupferschmid says distributors often
end up with a surplus of these CDs, and some break the copyright by selling
the CDs either to other distributors or to OEM sites.
By doing so, the OEM site is not overtly violating the criminal law, but is
clearly violating the OEM contract between the software publisher and the
hardware distributor. The contract stipulates the OEM software is not to be
sold independent of the hardware it's installed on.
New Trojan Horse Travels By Spam
Antivirus and e-mail security companies are sending out warnings about a
new Trojan horse program that they claim is being mass-distributed on the
Internet through spam.
The program, called Backdoor-CGT, is a new form of a Trojan horse installed
after e-mail recipients using Microsoft Outlook follow a Web link embedded
in an e-mail message. The Trojan horse is believed to have infected
thousands of systems on the Internet since appearing early Tuesday, even
though antivirus software and up-to-date versions of Outlook are immune to
attack, according to Maksym Schipka, senior antivirus researcher at
MessageLabs in the U.K.
MessageLabs received more than 3600 e-mail messages with links to the
Trojan horse during a two-hour period early Tuesday, the result of a
massive and uncharacteristic spam distribution more than ten times what is
normal for such a program, Schipka says. Trojan horse programs give remote
attackers access to or control over machines on which they run, and often
run unnoticed by computer users, or pose as legitimate software
applications.
The Backdoor-CGT Trojan uses a "multistage" attack to place malicious code
on victims' computers. After clicking on an e-mail link embedded in the
spam message, victims go to a series of Web sites, each of which carries
out one stage in the attack. The attack takes advantage of a now-patched
flaw in Outlook called the "IFRAME" exploit to hide the Web site
redirections from the user and silently download and install the
Backdoor-CGT program, Schipka says.
Once installed, Backdoor-CGT selects a communications port at random and
opens it, creating a back door on infected systems that is used to
communicate with a server on the Internet supposedly controlled by those
behind the attacks. The Web site used by the compromised machines is
registered in the.biz Web domain to an individual in the Czech Republic and
was still online, though slowed by heavy traffic, on Tuesday, he says.
Antivirus product vendor McAfee has also released an advisory about the
new Trojan program, also known as "SS." The company has updated its virus
definition files to detect the new Trojan program. However, McAfee's
Tuesday bulletin rates the virus "low," indicating it does not pose a great
threat to either home or business users.
Other antivirus companies did not immediately respond to requests for
information about Backdoor-CGT. It is not clear whether other companies
are aware of it, or whether other antivirus software programs can spot the
new malicious program.
However, before the Trojan program can be downloaded and installed, the
attackers try to place a common version of another program, called a
"dropper," that antivirus programs can spot, thwarting infections, Schipka
adds.
Microsoft Outlook users are advised to apply the latest software patch for
the product to prevent infection, he says.
File-Sharing Thrives as Net Users Find New Outlets
Internet users download twice as many films, games and music as they did a
year ago, despite a big crackdown on the activity, according to a study on
Tuesday.
Better broadband Internet connections and compression technologies mean
larger files can be downloaded more rapidly, creating as big a piracy
headache for movie studios as for music labels.
Each day, the equivalent of roughly three billion songs or five million
movies zips between computers, according to the study by Cambridge,
England-based technology firm CacheLogic.
It estimates Internet users around the globe freely exchange a staggering
10 petabytes - or 10 million gigabytes - of data, much of it in the form of
copyright-protected songs, movies, software and video games.
The rogue exchanges continue to dwarf the nascent market for legitimate
music downloads ushered in by the likes of Apple Computer's iTunes.
The popularity of file-sharing is costing the largest Internet service
providers $10 million per year each in bandwidth and network maintenance
costs, CacheLogic said.
In the light of its findings, the company also questioned the wisdom of the
music industry's crackdown on file-sharers.
"One of the biggest myths put forth by the music industry - that they are
winning the war on file-sharing - is simply wrong," said Andrew Parker,
co-founder of CacheLogic.
"It's a case of displacement," he added. "Users are just moving to new
networks."
Music industry trade body the International Federation of the Phonographic
Industry (IFPI) defended the legal strategy, saying its own research shows
the number of illicit music files on the Internet dipped by 100 million
between January and June.
"It hasn't been dramatic, but the number of infringing files has fallen
from 900 million to 800 million," an IFPI spokesman said, adding the rise
in volume cited by CacheLogic may be down to the increase in film and
spoofed song files now online.
When the music industry began suing the most prolific song-swappers last
September, a number of them switched from the most popular peer-to-peer
(P2P) networks such as Kazaa to a host of upstarts to shake off the
dragnet.
Today, the likes of Bit Torrent and eDonkey have become the P2P networks
of choice, particularly for European and Asian file-sharers, CacheLogic
said.
The face of file-sharing has changed too. The vast majority of files
passing through P2P networks now exceeds 100 megabytes, meaning Internet
users are as likely to download larger movie, software and game files as
they are the smaller song files.
"It's all about video now," Parker said.
Online Hacker Shop Shuts Down
An online shop that was selling the source code for two computer programs
has abruptly suspended its operations, citing a "redesign" of its "business
model."
The Source Code Club opened its doors on Monday, using an e-mail posting
to an online discussion group to advertise the availability of source code
and design documents for two products: the Dragon intrusion detection
system (IDS) software from Enterasys Networks and peer-to-peer server and
client software from Napster, now owned by Roxio. By Thursday, the group's
Web page displayed a message saying the Club had ceased operations due to
"fears our customers faced."
The group used a Web page with an address in the Ukraine to advertise its
wares, saying it was selling "corporate intel(ligence)" to its customers,
along with other, unnamed, services, according to a message posted to the
Full-Disclosure mailing list by a group or individual using the name "Larry
Hobbles."
The group offered the Enterasys Dragon IDS 6.1 source code for $16,000 and
the Napster code for $10,000, according Kevin Flanagan, an Enterasys
spokesperson.
On Thursday, the Club's Web site was renamed the "former SCC page," with
the group
saying it plans to re-emerge, but that it needed to change its
business model to ease customers' fears.
"Selling corporate secrets is... very tricky, and we believe it is an area
that we can conquer," the statement reads.
Enterasys is working with the U.S. Federal Bureau of Investigation to
investigate the Club's claims, but company representatives are still not
convinced that its product source code was stolen, Flanagan says.
Even if the theft did occur, the company is confident that the code was
obtained from "media" such as a computer hard drive or CD, rather than the
company's network, Flanagan says.
That opinion is based on a structural analysis of the source code files
exhibited on the Club's Web site, he says.
Flanagan could not say how media containing the source code might have
leaked, citing an ongoing criminal investigation, but says it is
theoretically possible a company developer copied it onto a CD or other
portable media "for convenience," even though the company prohibits such
copying.
Dragon IDS 6.1 is around one year old, and customers who upgraded to
Versions 6.2 and 6.3 were protected, because significant differences in the
later versions make it difficult to carry out attacks on the upgrades using
the 6.1 code as a model, he says.
Enterasys did not contact "Larry Hobbles" or the Source Code Club. Instead,
the company turned directly to law enforcement, Flanagan says.
He declines to speculate on why the Web page was offline, saying only that
"people who are doing overtly illegal things have lots of reasons to
disappear."
The company will continue to pursue the source code theft, as well as any
Source Code Customers who want to benefit from the alleged theft, he says.
Enterasys and Roxio are just the latest companies to contend with the
alleged theft of intellectual property from shadowy online criminals.
In May, Cisco Systems confirmed that it was working with the FBI to
investigate source code file thefts from the company's Internetwork
Operating System after IOS source code files were posted on a Russian Web
site, a small piece of what was said to be more than 800 MB of code.
In February, Microsoft said it was investigating a source code leak from
the Windows NT and Windows 2000 operating systems to P-to-P file sharing
networks.
Judge Denies Motion to Dismiss Napster Case
A federal judge in San Francisco on Wednesday denied motions to dismiss
lawsuits claiming past Napster investors like Bertelsmann AG and venture
capital firm Hummer Winblad kept the song-swap site going, costing the
music industry $17 billion in lost sales.
In her ruling on Wednesday, U.S. District Judge Marilyn Patel, who issued
an injunction against the original Napster in 2000, permitted the case to
proceed through its discovery phase, saying the plaintiffs, including music
publishers, songwriters and record labels, had the right to try to prove
their allegations.
Napster went bankrupt in 2002 and was bought by software firm Roxio Inc.,
which relaunched it as a pay-for-use service last year. Roxio was not named
in these latest cases.
But Napster's renegade past is the focus of the suits that claim that
German media company Bertelsmann's $90 million investment in Napster in
2000 kept it operating eight months longer than it would have otherwise.
In addition to the Bertelsmann case, Vivendi Universal's Universal Music
and EMI Group Plc also sued Hummer Winblad, claiming the venture capital
firm's $15 million investment and installation of a chief executive at
Napster in 2000 also promoted piracy.
"Plaintiffs' allegations that defendants exercised full operational control
over Napster during periods in which Napster remained a conduit for
infringing activity may be wholly unfounded. ... Regardless, such questions
must be left for resolution upon motions for summary judgment or at trial,"
Patel wrote in her 14-page ruling.
In response, Bruce Rich, a lawyer for Bertelsmann, said, "Our position
remains that those allegations are not factually true and will be disproven
through the discovery process.
"And at the end of the process, we anticipate seeking summary dismissal of
the lawsuit as this opinion invites us to do at the appropriate time," Rich
added.
Record label EMI applauded the decision.
"We are pleased with Judge Patel's decision today. EMI stands firm in its
belief that we have a strong case," said Jeanne Meyer, a spokeswoman for
EMI Group Plc.
"By investing both millions of dollars and management resources in Napster,
which was an illegal enterprise built on the unlawful distribution of
copyrighted works, Bertelsmann and Hummer Winblad enabled and encouraged
the wholesale theft of copyrighted music," she said.
Attorneys for Hummer Winblad were unavailable for comment. A lawyer for
music publishers was also not available.
=~=~=~=
Atari Online News, Etc. is a weekly publication covering the entire
Atari community. Reprint permission is granted, unless otherwise noted
at the beginning of any article, to Atari user groups and not for
profit publications only under the following terms: articles must
remain unedited and include the issue number and author at the top of
each article reprinted. Other reprints granted upon approval of
request. Send requests to: dpj@atarinews.org
No issue of Atari Online News, Etc. may be included on any commercial
media, nor uploaded or transmitted to any commercial online service or
internet site, in whole or in part, by any agent or means, without
the expressed consent or permission from the Publisher or Editor of
Atari Online News, Etc.
Opinions presented herein are those of the individual authors and do
not necessarily reflect those of the staff, or of the publishers. All
material herein is believed to be accurate at the time of publishing.
