Copy Link
Add to Bookmark
Report
Atari Online News, Etc. Volume 07 Issue 50
Volume 7, Issue 50 Atari Online News, Etc. December 9, 2005
Published and Copyright (c) 1999 - 2005
All Rights Reserved
Atari Online News, Etc.
A-ONE Online Magazine
Dana P. Jacobson, Publisher/Managing Editor
Joseph Mirando, Managing Editor
Rob Mahlert, Associate Editor
Atari Online News, Etc. Staff
Dana P. Jacobson -- Editor
Joe Mirando -- "People Are Talking"
Michael Burkley -- "Unabashed Atariophile"
Albert Dayes -- "CC: Classic Chips"
Rob Mahlert -- Web site
Thomas J. Andrews -- "Keeper of the Flame"
With Contributions by:
Djordje Vukovic
To subscribe to A-ONE, change e-mail addresses, or unsubscribe,
log on to our website at: www.atarinews.org
and click on "Subscriptions".
OR subscribe to A-ONE by sending a message to: dpj@atarinews.org
and your address will be added to the distribution list.
To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE
Please make sure that you include the same address that you used to
subscribe from.
To download A-ONE, set your browser bookmarks to one of the
following sites:
http://people.delphiforums.com/dpj/a-one.htm
http://www.icwhen.com/aone/
http://a1mag.atari.org
Now available:
http://www.atarinews.org
Visit the Atari Advantage Forum on Delphi!
http://forums.delphiforums.com/atari/
=~=~=~=
A-ONE #0750 12/09/05
~ Phishing Is Overblown? ~ People Are Talking! ~ E-Mail Tricks eBay!
~ A Quarter Gets Phished ~ Kazaa Ignoring Order? ~ TeraDesk Updated!
~ Video Games Ban Block! ~ ID Theft Is Overblown? ~ PS3 On for Spring!
~ IE 7 Release Slips! ~ ~ New AOL IM Virus!
-* ICANN Gives .asia Domain OK! *-
-* Sex Is Favorite Newest Domain Name! *-
-* New Spam Scam Invokes Princess Diana Fund! *-
=~=~=~=
->From the Editor's Keyboard "Saying it like it is!"
""""""""""""""""""""""""""
Mercifully, this week is over. Although I put this piece together a day or
two prior to the release date of A-ONE, I can just sense the feeling of
relief now that our "inspection" is over. Hopefully, we'll have received a
"passing grade" and won't have to worry for awhile. This week has been
utter pandemonium! The real only enjoyment that many of us could feel is
watching otherwise rational and intelligent people panic and show signs
total idiocy. The bad part is that the rest of us usually had to deal with
these same people for an entire week! Having anticipated something like
this was going to occur, I was fortunate to have planned to take a vacation
shortly!
And, to add insult to injury, the predicted 3-6 inches of snow as a result
of a Nor'Easter turned out to be over a foot! It took us over 1 1/2 hours
to get home Friday - a normal 15 minute drive. An hour of that was spent
just trying to get out of the hospital lot due to a couple of trucks that
were stuck! And then, we couldn't even get into the driveway until we
cleared the snow out. So, this week's issue is surely to be late hitting
the streets, if I can find the street! And then, I'm gonna sleep the
weekend through!
Until next time...
=~=~=~=
TeraDesk 3.70 Released
Version 3.70 of Tera Desktop (TeraDesk) open-source desktop is available
at:
http://solair.eunet.yu/~vdjole/teradesk.htm
TeraDesk is currently the only open-source desktop available for 16-bit
and 32-bit Atari computers. Developer's goal is to maintain TeraDesk as
a small, simple, fast and reliable desktop, which can run on any TOS-
compatible Atari computer, clone or emulator and which can be be functional
and competitive in the modern multitasking environments and all flavours
and versions of TOS-compatible operating system(s), while keeping, as
much as reasonable, familiarity with the original TOS desktop.
Several new features have been added since the last published version, some
of which have often been asked for by the users (e.g. the 'autoselector').
Also, a number of bugs has been fixed.
Users are advised to read the documentation before running the program ;)
Some features of TeraDesk may not be immediately obvious.
Have fun.
=~=~=~=
PEOPLE ARE TALKING
compiled by Joe Mirando
joe@atarinews.org
Hidi ho friends and neighbors. Well, here we are a slim two weeks from
Christmas, and we're expecting a nor'easter here in.. well, in the
northeast. For those of you who've never heard the term, a nor'easter is
a storm that is created when cold air from the north collides with warm,
moist air from over the ocean. The results are awe-inspiring. There's
nothing like a nor'easter.
Oh sure, there are stronger, nastier storms, but there's something
special about a nor'easter. Maybe I'm just prejudiced because I'm from
the northeast, but since that's my only frame of reference.
So my boots, heavy coat and space-age, moisture-proof, micro-insulated
gloves sit near the door next to the snow shovel and ice scraper. I've
got to tell you, I'm not looking forward to digging out tomorrow.
Well, by the time you read this, I'll probably have recovered from the
muscle aches and whatever else I come up against. So pause for a moment
and say, "Big fat hairy deal. Does he think he's the only one who has to
deal with snow?" <grin>
Well, let's get on with the news, hints, tips and info available from the
UseNet.
From the comp.sys.atari.st NewsGroup
====================================
Patrice Mandin asks for help with testing out partition utilities for
ARANYM:
"I am currently writing a HOWTO to configure ARAnyM from scratch. I just
started trying some various hard disk drivers to partition a hard disk
image. I tested HDX (Atari), Cecile and CBHD. At the moment, only Cecile
reaches the end of the operation.
However, I don't have HDDriver (demo does not allow partitioning) neither
SCSI-Tools to do this test. So, if anyone has either of these drivers and
an ARAnyM setup, could he make the test and mail me the result (or post
it there), so I can add it to the HOWTO."
Andy Ball tells Patrice:
"The "Howto" looks like a useful document. I would like to
help out but ARAnyM does not seem to work on NetBSD for some
reason.
I don't have partitioning software, but I should have a text
file somewhere that explains quite clearly the ST partition
format. Armed with this and a disk sector editor it should
be possible to create a partition, or perhaps to write a new
partitioning utility. Let me know if you want me to dig up
the file."
Patrice replies:
"Thanks, but I know the partition root sector. My goal (and the howto's
one) is to explain how to get a workable ARAnyM configuration. Like when
you first boot your Atari (without hard disk driver to boot from a hard
disk), and wonder how to put software on it.
Once you have a hard disk image partitioned and usable from ARAnyM, your
virtual Atari machine is on, waiting for you, and the howto will stop
there.
PS: I also forgot to list the ICD hard disk driver, could someone test
it?"
Jo Anne Coyne asks for help in getting her hard drive to fire up again:
"Hello, Everyone. I have recently moved and my Atari ST won't read the
external hard drive. I'm rusty on the Atari. Do I connect to the
HD(external) "IN" or "OUT" ? The external HD makes noise when I turn it
on, but it doesn't seem to be as loud as before. I've tried installing
an external disk from the Atari options menu, but that didn't work
either. You might say I need a lot of help."
Robert Schaffner tells Jo Anne:
"Connect DMA from Atari to DMA in on hard drive.
First start hard drive, wait 30 sec, start your st."
Phantom writes to tell us that he...
"Recently got a STacy and was wondering if anyone has
taken one of these apart?
I was thinking of putting in a larger internal hard drive.
Are there any problems with taking a STacy apart and
anything I should watch out for?
Also, should I take it apart with the Top Case facing Down or
Up?
And are there any other upgrades one can do to a STacy,
like the TweetyBoard upgrade, TOS 2.06 upgrade, and or
any speed upgrade?
Also, is it possible to replace the Mono LCD Screen with
a Color one?
If one can connect a Color LCD Screen, would TOS reconize
the Color screen automatically and boot up in a Low or Medium
resolution?
I suppose there is no graphics card one could use, unless a
Panther Graphics Adapter would work in one. I have 2
of these adapters and a graphics card to go with one.
If by some way I could get the Panther Adapter connected with
a graphics card, would it then be possible to use a good Color
LCD Screen that supports 640x480 if I could find one that would
fit in place of the stock STacys Mono LCD screen?"
Marc-Anton Kehr tells Phantom:
"Yes, I've taken it apart, on my homepage (link, see below) there's an
article how to put a PAK into the STacy, but it's german only. But you
will find some pictures, where the screws are to disassemble the STacy
without wrecking it.
http://atari.st-katharina-apotheke.de "
Phantom tells Marc-Anton:
"Are the Pak boards still available, if so where and about how much
do they cost?"
Marc-Anton replies:
"On the PAK board is also a TOS 3.06, so you get all in one. Another
solution would be to install a Speeder like Hypercache Turbo+ or
something similar. And a new hard disk is recommended, the original one
is small, loud and slow, but then you have to do some work on the STacy
"SCSI" Controller.
You will find them sometimes on (german) ebay."
Jim DeClercq tells Phantom:
"See page 11 of the BEST catalog, listing both a TOS 2.06
and up switcher board, and the PAK. Yes, they seem to be
available, but to use one with a Stacy you would have to
rack mount it, which sort of defeats the purpose. They
are nice machines, even if you do not have a very strong
lap."
Marc-Anton adds:
"It's only hard the first time you do it.:-)
You have to be very careful when removing the keyboard, because it's
contacted with a little foil that is very, very sensitive. If you
destroy it you have a big problem."
Ronald Hall asks about the serial ports on a MegaSTE:
"Hey guys - I was just playing around with my newly acquired Mega STe. I
was in Xcontrol, diddling with the Serial port CPX. It does show the
extra ports on the Mega STe, but I couldn't get any of them to go past
19.2k. I thought that a couple of those ports used a better chip and
could go much faster than that."
Peter Schneider asks Ronald:
"a TT is able to do 230k4. But a MSTE?"
Mark Duckworth tells Peter:
"They're [the serial ports] the same as on a TT."
Coda tells Mark:
"No its not. The MegaSte's serial port is not reliable above 56k, while
the TT's is solid to 230k. I should know, I spent days testing the
ports on the MegaSte, TT, Falcon and various PC's for a serial
networking project I was working on a few years ago."
Mark replies:
"The chips are the same, what is different is how much CPU overhead is
needed. The 16Mhz 68000 is not able to PHYSICALLY sustain these speeds
the the serial ports are. An accelerated MegaSTE would run at full
throttle."
Coda provides some info that I didn't know:
"You seriously underestimate the power of an 8mhz 68k. The problem with
the MSTE's serial port is that the chips ARE NOT the same. Although
they are pin and signal compatible, they are entirely different
revisions of the same chip. If you lift a SCC from a TT and place it in
the MSTE then voila, 230K."
Mark Bedingfield asks about software for TOS-switching:
"Does anyone recall the name of the software for loading alternative TOS
roms into ram? Looking for a software alternative to replace TOS 4.02 on
my older Falcon, with 4.04. 14 meg of ram so plenty of space."
Earle Atkinson tells Mark:
"I use selos.prg to load 2.6 into memory on my 1040ste. You can get the
tos images from the steem site."
'Xor' adds:
"http://members.tripod.com/~piters/atari/tosload.htm
thats the link for seltos, Im not positive it works with 4.02 but I don't
see why it shouldn't."
Mark checks and tells Xor that it...
"Doesn't look like it supports 512k roms.
Oh well, worth a try. Would have been interesting trying to set up the
NVRAM mind you."
Well folks, that's it for this week. I know it's short, but the traffic
in the NewsGroup is really pretty slow these days. Let's hope that
things pick up soon.
C'mon back next week and see whether things have picked up any on the
UseNet... and if I've finished digging out from under all the snow.
'Till then, keep your ears open so that you'll hear what they are saying
when...
PEOPLE ARE TALKING
=~=~=~=
->In This Week's Gaming Section - Video Game Ban Blocked!
""""""""""""""""""""""""""""" Sony Says Spring for PS3!
=~=~=~=
->A-ONE's Game Console Industry News - The Latest Gaming News!
""""""""""""""""""""""""""""""""""
Sony Says PS3 Still on Track for Spring Launch
Sony Corp. on Thursday said it remained on track to roll out its
PlayStation 3 game console by spring 2006 despite industry speculation that
the scheduled launch could face delays.
The timing of the release of Sony's updated PlayStation console has become
a matter of speculation in the $25 billion video game industry and among
the studios, hardware makers and other companies looking to handicap the
battle over next-generation DVD technology.
A spokesman for Sony, the No. 1 provider of game consoles, said it was
still targeting a spring 2006 launch for the PS3, which is key to
maintaining its lead in the game console market against Microsoft Corp.,
which recently launched its competing Xbox 360 console.
Larry Probst, chief executive of the No. 1 video game publisher Electronic
Arts Inc.<ERTS.O>, said last week that he believed Sony's console would not
be available until fall 2006.
The PS3 also is central to Sony's push of Blu-ray, its next-generation DVD
technology, against a rival DVD format known as HD DVD, created by a
Toshiba Corp-led group.
Billions of dollars are at stake in the DVD format war as movie studios and
electronics makers gear up for a technology change they hope will send
consumers back to buy new players and discs that will play high-definition
pictures.
Failure to reach a unified front has paved the way for a standards war
between Blu-ray and HD DVD, reminiscent of the VHS-Betamax clash decades
ago, which confused buyers and turned into an expensive loss for many
companies.
Many industry insiders have expected that splashy launch of Sony's PS3
console to give Blu-ray an edge and deliver a huge base of players for
Hollywood studios looking to sell compatible DVDs.
A spokeswoman for the Blu-ray consortium said the group was still on track
for a spring 2006 launch, indicating other manufacturers would be rolling
out Blu-ray players at that time. "When Blu-ray launches next spring, there
will be both hardware and content," she said.
Rival HD DVD, which is supported by Microsoft and Toshiba, is planning to
roll out hardware and software in the spring 2006. Any delay in the launch
of PS3 would be seen as a plus for HD DVD.
"The PS3 was touted as being the first high volume Blu-ray player. You want
to have an installed base of players if you put out the movies," said
Richard Doherty, analyst with Envisioneering, an industry research firm.
Said Mark Knox, a spokesman for the HD DVD camp: "It's not going to be much
of a battle until both sides are actually on the field and we have a
sneaking suspicion that that won't be for quite a while."
Court Blocks Illinois Video Game Sales Regulation
A federal judge in Illinois has blocked a pair of laws that would have made
it illegal to sell or rent violent or sexually explicit video games to
minors, finding that the laws violate free speech rights.
The ruling comes amid an increasingly bitter battle over the content in
video games, which in the United States comprise a $10 billion industry
that rivals the box office of Hollywood movies.
The decision applied to two Illinois laws which had been slated to go into
effect on January 1 that would have imposed fines on retailers for
violations.
U.S. District Judge Matthew Kennelly on Friday issued a permanent
injunction blocking the restrictions, saying they would have a "chilling
effect" on the creation and distribution of video games.
The judge sided with the Entertainment Software Association, the Video
Software Dealers Association and the Illinois Retail Merchants Association,
industry groups that had challenged the laws on constitutional grounds.
The judge said that there was no evidence presented to support the view
that playing violent video games has a lasting effect on aggressive
thoughts and behavior. He also said the definition of "sexually explicit"
was vague.
"The public itself has an interest in ensuring that the plaintiffs' First
Amendment rights are protected to ensure the availability of various forms
of expression, including video games, to the broader society," Kennelly
said.
Illinois Gov. Rod Blagojevich has vowed to appeal the decision, saying,
"This battle is not over."
Bills aimed at restricting sales of violent games to minors are the latest
effort in a long campaign by critics and some parent groups to limit access
to games with adult content.
The controversy reached a new pitch this summer when game publisher
Take-Two Interactive Software Inc. pulled its blockbuster title "Grand
Theft Auto: San Andreas" from store shelves following complaints over the
discovery of hidden sex scenes.
But the video game industry has won most of the early court battles over
proposed and pending legislation.
In early November, a federal judge granted a preliminary injunction
preventing the state of Michigan from enforcing a law aimed at banning
sales of violent video games to minors.
Courts already have blocked similar legislation in Washington State, the
city of Indianapolis and St. Louis County in Missouri, finding that the
laws violated free speech guarantees in the U.S. Constitution.
Meanwhile, California Gov. Arnold Schwarzenegger, who once starred in
violent movies like "The Terminator," in October signed into law a measure
restricting the sale and rental of "ultra-violent" video games to minors.
Video game industry groups have challenged that law.
U.S. Sen. Hillary Clinton has said she will introduce federal legislation
restricting violent game sales when Congress reconvenes in the coming days.
=~=~=~=
A-ONE's Headline News
The Latest in Computer Technology News
Compiled by: Dana P. Jacobson
ICANN Gives Tentative OK on '.asia' Domain
The quasi-governmental organization that oversees the Internet has
tentatively approved a ".asia" Web domain to unify the Asia-Pacific
community, but the group has delayed a decision on whether to move forward
with a ".xxx" zone for pornography sites.
At its annual meeting this past weekend in Vancouver, British Columbia, the
Internet Corporation for Assigned Names and Numbers took up several topics
related to the global administration of the Internet, which has become a
heated topic because the U.S. has insisted on maintaining oversight.
The new ".asia." domain would supplement suffixes available for individual
countries, such as ".cn" for China and ".jp" for Japan. ICANN earlier
approved ".eu" for the European Union; registrations for that begin
Wednesday.
Registrations for English-language names in ".asia" could begin six months
after ICANN grants final approval. But first, ICANN and the DotAsia
Organization Ltd. will have to spend weeks or months ironing out contract
details. The DotAsia group, which consists of domain name operators in
Asian countries, also plans to explore permitting site addressess in Asian
languages.
Separately, ICANN delegates discussed methods for allowing new Web
addresses to be created in Chinese, Arabic, Cyrillic and other alphabets
instead of the Latin script used in English. The technical tweaks required
are complicated, but a test run is expected to begin shortly, ICANN
spokesman Andrew Robertson said.
On more contentious topics, however, ICANN put off decisions.
Before the meeting began last week, discussion of a voluntary ".xxx."
domain for adult entertainment sites was removed from the agenda.
The idea has been floated by ICM Registry Inc. of Jupiter, Fla., which
argues that such a domain would help the $12 billion online porn industry
clean up. Those using the domain, which ICM would administer, would have
to agree not to deploy such trickery as spam and malicious software
programs.
Anti-porn advocates, however, counter that sites would be free to keep
their current ".com" address, in effect making porn more easily accessible
by creating yet another channel to house it. Many porn sites also object,
fearing that such a domain would help governments filter their content.
ICANN's president, Paul Twomey, said the delay in a ".xxx" decision was
largely procedural. The multigovernmental committee that weighs in on
ICANN's international issues needed more time to review newly submitted
documents, he said. Members also wanted to ensure that the proposed
technical rules in ".xxx" could stick, he added.
Twomey said a decision on ".xxx" would likely come in the first few months
of 2006.
"There is controversy with this application," he acknowledged, but added
that the decision "is not a foregone conclusion with the board at all."
There was no action yet on a dispute over the relationship between ICANN
and VeriSign Inc. - which runs the main database for the ".com" and ".net"
slices of the Internet.
Under a proposed contract renewal with ICANN, VeriSign could raise prices
for ".com" names by 7 percent a year beginning in 2007, an increase that
could generate $17 million for VeriSign in the first year. The deal also
would increase a separate per-name fee to fund ICANN's operations.
Two lawsuits have been filed attacking the relationship, accusing VeriSign
and ICANN of price-fixing and other anticompetitive practices.
The controversy provoked vocal debate at the ICANN meeting, leading the
group's chairman, Vint Cerf, to extend until Wednesday a deadline for
interested parties to submit comments on the proposed ICANN-VeriSign deal.
ICANN is due to complete a report back to VeriSign by Sunday.
Discontent over the United States' control of the Internet's root servers
- the computers that act as the Internet's master traffic cops - has been
growing. Pakistan and other countries have sought a takeover of that system
by an international body such as the United Nations.
Negotiators at a U.N. summit in Tunisia last month tried to address such
demands by creating an open-ended international forum in which
international Internet issues could be aired, though the forum would have
no binding authority.
In hopes of following up on that deal, ICANN's board sought to enhance the
role of the same governmental advisory committee involved in the ".xxx"
decision. But the steps announced in Vancouver are rather bureaucratic,
with a "joint working group" established to improve communication and
collaboration between the global governance committee and the rest of
ICANN.
'Sex' is Favorite in Newest Top Domain
Sex.eu was the most sought-after domain name using the European Union's own
top-level domain on the opening day for registrations. According to data
supplied by EURid, the body responsible for registering.eu domain names,
sex.eu received the highest number of applications.
The next most popular request was hotel.eu, followed by travel.eu, jobs.eu,
hotels.eu., casino.eu, poker.eu, golf.eu, business.eu, and music.eu.
Porn.eu was in 11th place.
The first day of registering applications for the.eu domain name was a
major success with EURid receiving more than 100,000 requests for
application. The E.U.-wide registry received 45,000 requests in the first
20 minutes of opening its Web site to applications.
The majority of applications were for national trademarks with more than
70,000 requests, followed by E.U.-wide trademarks at 21,455.
German organizations lodged the highest number of requests for registration
with nearly 35,000 applications, followed by France and the Netherlands.
U.K-based organizations submitted more than 10,000 applications.
The numbers may even be higher than the early applicants for the.us domain
when it became available three years ago.
Starting Wednesday, trademark holders and public bodies are also applying
for registrations. From February 7, holders of "prior rights," such as
company or business names, will be able to apply for.eu domain names. From
April 7 next year, all citizens or organization based in the E.U. will be
able to apply.
To deter cybersquatting, applications submitted before April 7 will be
examined to ensure that those applying actually own the rights to the name,
brand or trademark for which they are applying.
Registration will be handled by more than 700 registrars across the E.U.'s
25 member countries.
During the sunrise period, EURid will charge trademark holders $53 and
public bodies $41 for applications. Other rights' holders will be charged
$100. After April 7, applications to EURid will cost a??10. Applicants will
also have to pay registrar fees.
Online Content Cannot Remain Free?
European publishers warned Tuesday that they cannot keep allowing Internet
search engines such as Google Inc. to make money from their content.
"The new models of Google and others reverse the traditional
permission-based copyright model of content trading that we have built up
over the years," said Francisco Pinto Balsemao, the head of the European
Publishers Council, in prepared remarks for a speech at a Brussels
conference.
His stance backs French news agency AFP, which is suing Google for pulling
together photos and story excerpts from thousands of news Web sites.
"It is fascinating to see how these companies 'help themselves' to
copyright-protected material, build up their own business models around
what they have collected, and parasitically, earn advertising revenue off
the back of other people's content," he said.
"This is unlikely to be sustainable for publishers in the longer term."
The news section of Google's Web site doesn't display ads. But the Mountain
View, Calif.-based company depends on visitors clicking on ads in other
parts of its Web site to generate a substantial portion of its revenue,
which totaled $4.2 billion through the first nine months of this year.
Responding to Balsemao's remarks, Google spokesman Steve Langdon said:
"Search engines do not reproduce content. They help users find content by
pointing to where it exists on the Web." Google removes Web sites from its
news index if a publisher doesn't want the content listed, Langdon said.
Balsemao said consumers were drawn online by free content but this needed
to change, he said.
"The value of content must be understood by consumers so that new business
models can evolve. Industry must have legal certainty and the confidence
that their intellectual property will be protected.
Balsemao said that good quality content produced by professionals would be
the "gold content" for new media.
Last March, Agence France-Presse claimed the "Google News" service
infringed on AFP's copyrights by reproducing information from the Web sites
of subscribers of the Paris-based news wholesaler.
It is seeking at least $17.5 million (14.85 million euros) in damages. AFP
says Google is breaking rules on the "fair use" of copyright material
because its news site looks similar to the one seen by AFP subscribers.
Google News, which debuted in 2002, scans some 4,500 news outlets and
highlights the top stories under common categories such as world and
sports.
Many stories carry a small image, or thumbnail, along with the headline and
the first sentence or two. Visitors can click on the headline to read the
full story at the source Web site.
Yahoo Inc. has a similar service, though it uses human editors and pays
some news sources, including AFP and The Associated Press, for rights.
Phony E-Mail Tricks eBay
A sophisticated phishing attack has proven so successful, it has tricked
eBay's own fraud investigations team into endorsing it as legitimate,
according to an independent security consultant who reported the attack to
eBay.
In late November, Richi Jennings received a fraudulent e-mail message
containing the subject line "Christmas is Coming on ebay.co.uk." Offering
him "great tips for successful Christmas selling," the message directed him
to the Web site ebaychristmas.net, which then asked Jennings to enter his
eBay user name and password, as well as the name and password for his
e-mail account.
Jennings reported the site to eBay on November 25, and four days later he
got a note back from the company's investigations team claiming that the
e-mail message was, in fact, "an official e-mail message sent to you on
behalf of e-Bay."
Jennings was dumfounded. He immediately wrote back to eBay pointing out
that the Web site being used was clearly fraudulent, but his e-mail went
unanswered.
On Monday, an eBay spokesperson confirmed that the e-mail message was
indeed part of a fraud, but she could not explain why it had initially been
identified as legitimate.
"I don't know the answer to that," said spokesperson Amanda Pires. "I'm
assuming right now it was just an error."
From their initial response, it appeared that eBay's investigators did not
take his concerns seriously, Jennings said.
"They never actually used the word idiot, but I felt like they were calling
me an idiot," he said. He believes that the e-mail message in question bore
such a close resemblance to a legitimate eBay message that the company's
investigators were simply tricked by the scam.
Pires said that eBay had, in fact, been working to take down the phishing
site since November 8, weeks before Jennings even contacted the company.
Both Jennings and eBay agreed that the phony Web site has been set up in
such a way that it is extremely difficult to shut it down. The Web site's
server software is being hosted on a variety of different PCs that appear
to have been taken over by malicious "bot" software. Whenever eBay succeeds
in getting one of these servers shut down, a new one pops up to take its
place, Pires said.
"This is one of the cleverest [phishing attacks] I've seen in a while,"
Jennings said.
EBay has also been trying to shut down the Web site by working with the
Internet registrar that was used to acquire the ebaychristmas.net domain,
Pires said. Despite these efforts, however, the site has remained
operational.
That registrar, which does business under the name Joker.com, has the power
to shut down the scam Web site, Jennings said. "If they were taking their
responsibilities seriously, the site would have been shut down weeks ago,"
he said.
EBay's gaffe shows how hard it has become to keep track of fraudsters, said
Rich Miller, an analyst with Internet services vendor Netcraft.
Netcraft, which offers a free antiphishing toolbar of its own, classified
more than 8,000 phishing sites in the month of November, Miller said. "It's
very had to keep straight what is legitimate and what's not," he said.
As for Richi Jennings, though he doesn't have high regard for eBay's
investigators, he's willing to give them the benefit of the doubt. It's
possible, he said, that the company was simply overwhelmed with questions
about a legitimate e-mail message that closely resembled the scam, and then
made the mistake of assuming he was writing about the same thing.
"Hopefully this was a false negative in a sea of correct answers," Jennings
said.
Study Says 1 in 4 Get Phony E-Mails
About one in four Internet users is hit with e-mail scams every month that
try to lure sensitive personal information from unsuspecting consumers, a
study says.
Of those receiving the phony e-mails, most thought they might be from
legitimate companies - seven in 10, or 70 percent, were fooled by the
e-mails, said the report.
The study released Wednesday by America Online and the National Cyber
Security Alliance looked at Internet security and "phishing scams."
Phishing refers to e-mails that appear to come from banks or other trusted
businesses and are used to induce recipients to verify their accounts by
typing personal details, such as credit card information, into a Web site
disguised to appear legitimate.
"What's happening is that more and more people are actually engaging in
transactions online that would generate e-mail traffic that the scammers
are copycatting," said Tatiana Platt, senior vice president at AOL.
The study found nearly three-quarters of those surveyed, 74 percent, use
their computers for sensitive transactions such as banking, stock trading
or reviewing medical information. That leaves phishers with a good chunk
of Internet users to target, Platt said.
Platt said too many people still don't have adequate computer security to
guard against viruses, hackers and other threats. The study found
81 percent of home PCs lacked at least one of three critical protections -
updated antivirus software, spyware protection and a secure firewall.
The researchers conducted in-home interviews with more than 350 Internet
users nationwide. The researchers also reviewed the e-mails received by
those households.
The Federal Trade Commission has several tips to keep from getting hooked
by phishers:
_If you get an e-mail asking for personal information, call the company
directly or type in the company's correct Web address. Do not click on the
link provided in the e-mail.
_Use antivirus software and a firewall. This can protect a user from
accepting unwanted files that could harm a computer or track a consumer's
Internet activities.
_Don't e-mail personal or financial information.
Fears Over Identity Theft Overblown
A new study suggests consumers whose credit cards are lost or stolen or
whose personal information is accidentally compromised face little risk of
becoming victims of identity theft.
The analysis, released late on Wednesday, also found that even in the most
dangerous data breaches - where thieves access social security numbers and
other sensitive information on consumers they have deliberately targeted -
only about 1 in 1,000 victims had their identities stolen.
ID Analytics, the San Diego, California-based fraud detection company that
performed the analysis, said it looked at four recent data breaches
involving a total of 500,000 consumers. It declined to provide the names of
the companies involved in the breaches, but Mike Cook, ID Analytics
co-founder, said one of them was a top five U.S. bank.
After six months of study, comparing compromised information against credit
applications, ID Analytics said it discovered something counterintuitive:
The smaller the breach, the greater the likelihood the information was
subsequently used by fraudsters to hijack the identity of victims.
"If you're in a breach of 100, 200 or 250 names, there's a pretty high
probability that you're identity is going to be used," said Mike Cook, ID
Analytics' co-founder.
"The reason for that is if you look at how long it takes a fraudster to use
an identity, they can roughly use 100 to 250 in a year. But as the size of
the breach grows, it drops off pretty drastically."
A study conducted earlier this year by Javelin Strategy and Research, which
mirrored the methodology of an earlier Federal Trade Commission study,
found that 9.3 million Americans said they had been victimized by identity
thieves during the preceding 12 months.
ID Analytics said it discovered that identity thieves have a hard time
using a stolen credit cards to hijack the identity of cardholders because
the cards are usually quickly canceled - and because piecing together an
identity based on the information on the card is hard work. Not one of the
card breaches it studied resulted in a subsequent identity takeover.
While the findings will provide some comfort to consumers whose credit
cards are lost or lifted or whose sensitive information is compromised
when, for instance, a laptop is stolen, as recently happened at
Chicago-based Boeing Co., some of ID Analytics' suggestions could be
controversial.
The company suggests, for instance, that companies shouldn't always notify
consumers of data breaches because they may be unnecessarily alarming
people who stand little chance of being victimized.
That's likely to rankle consumer watchdogs, who are pushing Congress to
enact a law, sponsored by Sen. Arlen Specter (news, bio, voting record),
Republican of Pennsylvania, and Sen. Patrick Leahy (news, bio, voting
record), Democrat of Vermont, that requires companies to implement tough
data security standards and to notify consumers, law enforcement and
credit-reporting agencies whenever there's a breach.
"As far as notifications, we think there are certain instances where
businesses might want to notify consumers and certain instances where they
might not to inform them," said Cook.
"For instance, if they lose data, and they don't know where it is, we think
too many notices may not be a good thing. They should probably monitor that
and spend dollars on consumers who are actually harmed, rather than
spending dollars on 10 million consumers" most of whom won't be affected.
Kazaa Owners Accused of Ignoring Order
Australian record companies on Tuesday accused owners of the popular Kazaa
file-sharing software of ignoring a court order to install filters aimed at
curbing music piracy by Kazaa users.
But Sharman Networks, which owns Kazaa, said they had complied with the
order by preventing people in Australia downloading the latest version of
the popular software.
"We have complied with the order," said Sharman spokeswoman Julie Fenwick.
"We have closed down access to getting the current version in Australia ...
if a user already has it on his computer, he will see warnings."
The moves were the latest in a long-running legal battle by the Australian
record industry to shut down Kazaa, which it accuses of music piracy on a
massive scale.
Industry lawyers claim Kazaa users download up to 3 billion files each
month, freely exchanging songs, music and television programs without
paying royalties to the copyright owners.
Federal Court judge Murray Wilcox last week gave Sharman until Tuesday to
develop a new version of its Kazaa Media Desktop software with a filtering
system built in which was to include 3,000 so-called keywords, most likely
the names of popular recording artists.
Any searches containing those keywords would be blocked by the filter, in
a move aimed at stopping Kazaa users from swapping their copyrighted
material. Wilcox also told Sharman to use dialogue boxes to urge Kazaa
users to download the new software.
Instead, when users log onto the http://www.Kazaa.com site in Australia,
they are greeted by a page carrying a warning in red letters which says:
"The download of the Kazaa Media Desktop by users in Australia is not
permitted."
Australian users who try to download the software are prohibited from doing
so.
In a statement, Stephen Peach, chief executive of ARIA, the Australian
recording industry association, criticized the move.
"Sharman has thumbed its nose at the court. They were given a chance to do
the right thing and they've ruined it," Peach said in a statement. "They
cannot be trusted to even take the simplest steps towards complying with
the court's orders and again have shown they intend to do nothing about the
illegal activities occurring on a massive scale on their system."
Record company lawyers now are expected to return to court to claim Sharman
is breaching the order and to demand action.
"It is apparent that they never had any intention of applying filters, the
bare minimum they needed to continue to operate the system," Peach said.
"Their response is an insult to the court, the public and all artists whose
work is being illegally traded on the system."
But Sharman insisted it was taking steps necessary to meet the court's
orders to prevent Kazaa users from breaching copyright.
"The judgment pertained to authorization of copyright in Australia,"
Sharman said in a statement. "All activity that could be deemed as
authorizing has stopped so as to comply with the court orders, pending the
imminent appeal in February."
Spam Scam Invokes Princess Diana
Antivirus experts have warned users to beware of a spam e-mail campaign
that promises a sizable grant from The Diana, Princess of Wales Memorial
Fund.
The fraudulent e-mail messages say the recipient has been selected to
receive a grant of 2.6 million British pounds (about $4.5 million in U.S.
funds) grant and should contact the organization. However, the e-mail
messages do not come from the memorial fund, which was founded in September
1997 soon after Diana's death.
The spam is unusual in the sense that it uses the name of a real charitable
fund, plus the name of an actual employee there, according to a warning
from security vendor Sophos.
"This is not one that will look phishy," said Carole Theriault, a security
consultant with Sophos. "They've obviously done their research before they
put it out."
The memorial fund has also issued a warning on its Web site.
Some of the messages contain links to Web sites asking for bank account
details, and in some messages recipients are directed to wire funds by
Western Union to certain people, the warning said.
The fund has received almost daily calls asking about the legitimacy of the
e-mail, and some people are known to have gone through the first few stages
of trying to collect a claim before stopping, said Therese Lyras, press and
communications coordinator for the fund.
"No one has contacted us to say they have actually sent money," she said.
New Virus Spreads by Chatting with You
Instant-messaging users beware. A new strain of pernicious messaging bots
attacking the AOL instant-messenger network gives users the sense that they
are chatting with a buddy when in fact they are being infected with a
virus.
IMlogic, a company specializing in instant-messaging security, has issued
a warning about the new IM.Myspace04.AIM worm.
The worm sends out messages that read "look at my new picture" or "why are
you trying to send me a file?" Following these messages, you are sent a
hyperlink to the uploadsend.com domain, a free file-hosting site, to dupe
you into downloading and installing the file.
After infecting you, the bot will send new messages to addresses included
in your buddy or contact list. These messages appear to be sent by you and
encourage the recipient to spread the bot by downloading the same malware.
The person originally infected has no idea and no way to tell that the worm
is sending out messages on his or her behalf. If recipients respond to the
message from an infected user, the bot sends a message that includes, "lol
no its not its [sic] a virus."
"Administrators are encouraged to educate their employees about the dangers
of social engineering," the IMlogic threat report noted. "Also, they should
ensure they have the latest updates from their antivirus provider."
While bot attacks via messaging systems are nothing new, industry analysts
are concerned that this new variety of messaging worm with its chatty
capabilities will enable hackers and those with malicious intent to spread
viruses more effectively. Savvy or not, computer users are more likely to
open a message or click on a link that appears to have been sent from a
friend.
"I'd compare this to e-mail worms that spoof the sender," said Carole
Theriault, senior security consultant at Sophos. "If an e-mail that had the
e-mail address of a friend of yours in the sender field was sent to you
saying 'check this out!' you might be tempted to click on the link. It is
the same psychological trick being used here."
Security experts say that the best defense against all types of viruses and
worms is to make certain that home computers as well as business computers
have updated antivirus software.
That includes installing any security patches for both applications and the
operating system, Theriault said. She also recommends turning off any
unnecessary "bells and whistles."
"What's difficult about these bots is that once someone has third-party
access to your computer, they can upload or download anything," said
Theriault. "They can change the viruses on your machine so it's really
difficult for security companies to say look out for this particular think
or line of code because they can always be changed."
Instant message users might also want to consider establishing a protocol
or method of greeting with their friends, said Rob Ayoub, a Frost &
Sullivan analyst. That way, when instant-message users receive a message
supposedly from a friend saying "click on this link," they will at least
know to be suspicious.
IE 7 Release Apparently Slips
The next prerelease version of Microsoft Internet Explorer 7 for Windows
XP browser has been pushed into early next year, the company's IE team has
said.
According to a posting on IEBlog, the Microsoft blog for its IE team, the
company will post "an updated prerelease build of IE 7 for Windows XP
publicly - no MSDN membership required [for download] - during the first
calendar quarter of 2006." The posting was written by Dean Hachamovitch,
product line manager for IE at Microsoft.
In the posting, Hachamovitch said the IE team has had numerous requests for
another build of IE 7 for Windows XP, and has a new build available now for
users of the internal Microsoft corporate network.
The company is planning the upcoming public preview because "we want to
make sure that everyone has an opportunity to try a pre-release version of
IE 7 and tell us how it works with their Web sites, their applications,
their add-ons and how they use the Web overall," he wrote.
Hachamovitch did not respond to an e-mail request for an interview
Wednesday.
Microsoft released the first pre-release of IE 7 for XP, a beta version,
along with the first beta of Windows Vista in July. Windows Vista is the
next version of the Windows client OS; it is expected to be generally
available toward the end of 2006.
Microsoft has said in published reports that it planned to have second
betas of both Windows Vista and IE 7 before the end of the year. However,
last week Amitabh Srivastava, corporate vice president of the Windows Core
Operating System Development division, said that another beta of Windows
Vista would not be available until early 2006.
On Wednesday John Hipsher, a spokesperson for Microsoft through its public
relations firm Waggener Edstrom, said the company had not previously
specified a time frame for another IE 7 for XP prerelease. He would not
clarify if the next pre-release build of IE 7 for XP mentioned on the
IEBlog is another beta release, saying only via e-mail that it is an
"updated, or refreshed, version of the IE 7 for Windows XP beta 1 code that
was delivered in July."
Microsoft has said it plans to release IE 7 for XP before the release of
Windows Vista, which also will ship with IE 7.
=~=~=~=
Atari Online News, Etc. is a weekly publication covering the entire
Atari community. Reprint permission is granted, unless otherwise noted
at the beginning of any article, to Atari user groups and not for
profit publications only under the following terms: articles must
remain unedited and include the issue number and author at the top of
each article reprinted. Other reprints granted upon approval of
request. Send requests to: dpj@atarinews.org
No issue of Atari Online News, Etc. may be included on any commercial
media, nor uploaded or transmitted to any commercial online service or
internet site, in whole or in part, by any agent or means, without
the expressed consent or permission from the Publisher or Editor of
Atari Online News, Etc.
Opinions presented herein are those of the individual authors and do
not necessarily reflect those of the staff, or of the publishers. All
material herein is believed to be accurate at the time of publishing.
