US Army switches from NT to MacOS, citing security fears.
Officials went with MacOS because it has no command shell, and does
not support remote log-ins.
By Bob Trott - SAN MATEO
The US Army has switched its Web site from Microsoft 's Windows NT
servers to WebStar servers running Apple Computer's MacOS, according
to the Army. Meanwhile, today a security hole was reported in Microsoft's
Internet Explorer 5.0 browser.
Citing security concerns over NT, the Army made the move in the wake
of an investigation that led to the arrest of a man from Green Bay,
Wisc. who allegedly hacked the Army's home page on June 28.
According to an Army report, the 19-year-old, from a hacker group the
Army identified as Global Hell, changed some of the page's content and
gained access to an unclassified network. Army investigators arrested
the suspect on Aug. 30.
Army officials went with MacOS because it has no command shell, and
does not support remote log-ins. A report from the World Wide Web Consortium,
which gave the MacOS-WebStar setup a clean bill of health on the security
front, also was a factor in the decision.
In recent months, Web crackers have targeted several U.S. government
Web sites, including official sites for the White House, the FBI, and
the U.S. Senate.
For its part, Microsoft has spent considerable time and energy tamping
down security problems with its own products, from NT and other server
software to its Internet Explorer browser.
The most recent case involved Hotmail, Microsoft's Internet e-mail
offering; last week the company agreed to an outside security audit
after it was revealed that anyone could access a Hotmail account without
knowing the user's password.
On Monday, Microsoft said a newly discovered security hole in Explorer
5.0 could allow malicious Webmasters to seize control of a computer
through the browser's ImportExportFavorites feature.
The Web address export feature "should only allow particular types
of files to be written, and only to specific locations on the drive,"
Microsoft said on its Security Advisor site. "However, it is possible
for a web site to invoke this method, bypass this restriction and write
files that could be used to execute system commands."
Microsoft suggested that users disable Explorer's Active Scripting
feature as a work-around. The company is working on a patch.
Officials from Microsoft were not immediately available to discuss
the Army's move.
Cost of Going Wireless
Posted 16 September 1999.
Do remember that the purchase of any computer is only the start of many
payments the typical user will fork out. The cost of technical support
is a huge cost that is often overlooked when purchasing. Another is the
real cost of peripheral:
Dell believes that pent-up demand for wireless networking will drive
sales. The PC maker will initially offer the AiroNet PC Card for around
$400 but has not set a price for the AiroNet's Wireless Access Point,
the device used to connect to the corporate network.
By contrast, Apple's more limited-range AirPort will cost $99 for a
small expansion card that goes inside the notebook and $299 for the
base station. Another difference: Apple has built two antennas into
the lid of the iBook notebook to improve data transfer; the AiroNet
cards are inserted into a PC Card expansion slot, and the antenna protrudes
slightly from the notebook.
Make sure you understand that. The ranges of the two are claimed at 300
feet for the Dell, and 150 feet for the Apple. If you've ever used a cordless
microphone you'll know the value of two antennae. In other words, for
much less cost you'll get better reception, and less cancerous
radiation. Or you could go with Compaq and get a mere 2Mbps. (Apple and
Dell are both using 11Mbps - faster than Ethernet.)
Hoax Y2K Email Fix
Posted 20 September 1999.
By Erich Luening
Staff Writer, CNET News.com
September 20, 1999, 7:45 a.m. PT
Microsoft today warned customers that a series of email messages offering
quick fixes for year 2000-related problems contain virus-infected software
that can wreak havoc on personal computers.
Playing on consumer fears about the Year 2000 technology problem, one
such message, known as the Y2Kcount.exe, falsely appears to be coming
from Support@microsoft.com and has already been maliciously distributed
to Microsoft customers through email, the company said.
Unsuspecting consumers who open the email message and execute the attachment
may cause their computers to be vulnerable to the virus, Microsoft executives
"The Y2K-related email message that claims to come from Microsoft
is a hoax. Consumers should not open the attachment but rather delete
it immediately," Don Jones, director of Year 2000 Readiness at
Microsoft, said in a statement.
As many as eight different versions of the malicious email message
are thought to be in circulation.
The Redmond, Washington-based software giant advises those looking
to make certain their computers are ready for the Y2K date rollover
to use the legitimate tools available at Microsoft's Y2K Web site, or
the Microsoft Year 2000 Resource CD.
Microsoft said if it does send email messages to its customers regarding
Y2K updates or security patches, it is solely to inform them that they
are available and will only provide links to the Microsoft download
sites. The company never attaches the software itself to the respective
Moral: Think before you execute.
G4 vs Merced
Posted 21 September 1999.
So how do the two stack up? I quote from an unashamedly Mac-centric web
Intel "Merced" processor, ... will run existing 32-bit applications
and operating systems inefficiently, be approximately the size of a
pack of cigarettes (!), require intensive cooling systems, and cost
several times more than the G4.
Also, even Intel's generally overly-optimistic advance estimates place
Merced at "up to" 800MHz by mid-2000. The G4 should be shipping
in volume at 800MHz+ by that time with SOI processes that render it
smaller, much cooler and more power-efficient, and of course significantly
faster. Also by that time, Motorola plans to make at least one major
revision to the G4, introducing a new, high-speed/on-chip L2 cache and
larger backside Level 3 caches. These alone will boost the G4's performance
in common applications dramatically.
Is there a fireman in the house? Wintel's house of cards appears to
SOI stands for Silicon On Insulator, FYI.
They Copy Here, They Copy There
Posted 23 September 1999.
Announcing from Vodafone a couple of really funky Prepay phones from
The Bosh 509 available in Blue Kiwi or Royal Citrus. These phones are
at the fantastic price of only $249.00 inc GST and come bundled with:
$100 worth of calls.
Free Caller ID
Free 24 hour 7day helpline
and they receive text messages free.
Note that the iBook from Apple
is available in Blueberry and Tangerine.
MS OS Living in the Past
Posted 28 September 1999.
Quotes from a CNET news article dated 20 July 1999. Emphasis added.
"This is not terribly surprising," said Dwight Davis, an
analyst with Summit Strategies. "Many people noted at the time
that Windows 98 wasn't a stunningly different operating system, to put
it kindly. There was no real major reason to shift over to Windows
98 if they were already on Windows 95."
Microsoft, for its part, contends that such comparisons in market share
are invalid because of the midyear release of Windows 98. "This
is not an apples-to-apples comparison," a company spokesperson
said. "This is five months of sales compared to a full year for
... Microsoft's Windows 3.11 operating system, released in 1992, still
shipped 1.3 million units last year, according to Kusnetzky.
Computer makers are the first to note that they ship more systems to
corporate customers with Windows 95 than Window 98. The majority favor
Window 95 OSR2, the most recent upgrade to the original release.
"There was a lag there initially after Windows 98's release
where there was no interest at all, but that has all started to
change," Edwards said. "We're seeing greater uptake of Windows
98 as customers find it to be more stable and manageable than Windows
Monthly MS Security Scare
Posted 30 September 1999.
Microsoft combats another IE 5 bug
By Erich Luening
Staff Writer, CNET News.com
September 29, 1999, 8:10 a.m. PT
Microsoft continues to battle security problems in Internet Explorer
5.0 that make computers vulnerable to attack by malicious Web site operators.
The latest security issue involves an IE 5 feature called "download
behavior" that allows a Web page to download files for use in client-side
By design, a Web site should be able to download files that reside
in its domain, preventing client-side code from exposing files on the
user's machine. The problem is that a server-side redirect can be used
to bypass this restriction, enabling a malicious Web site operator to
read an unsuspecting user's local files, according to Microsoft.
As a result of the problem, text files from the user's disk, or local
Web server, may be read and then sent to an arbitrary server on the
Internet, allowing the user's files to be "stolen," according
to Bulgarian programmer Georgi Guninski, who has been credited with
discovering numerous security holes in Microsoft and America Online's
"This vulnerability would chiefly affect workstations that are
connected to the Internet," Microsoft said in a security alert
The company said it is working on a patch for the problem. "As
an immediate measure, customers can prevent the download behavior function
from operating by disabling ActiveScripting," according to the
The security hole is the latest in a series of bugs plaguing the software
giant's IE browser.
Guninski reported a similar hole in IE in August. Microsoft patched
yet another hole in IE's armor around the same time.
I've said it before and I'll say it again. Just say "no" to
using Microsoft's buggy $oftware, until MS can clearly demonstrate their
software poses no security risk.
Follow the Leader
Posted 6 October 1999.
All around the world, computer makers are waking up to the fact that
Apple is selling the incredibly colourful iMacs like hotcakes. One example
new article from CNet highlights Compaq:
Compaq gets sleek, colorful designs
By Joe Wilcox
Staff Writer, CNET News.com
October 5, 1999, 4:00 a.m. PT
The word from above at Compaq Computer is make it cool.
Taking a cue from Apple's success with the iMac and Sony's with its
Vaio portables, Compaq will unveil two new products today ... that emphasize
color and design...
Compaq's shift toward style, which comes down as an edict from new
CEO Michael Capellas, underscores a booming trend among PC manufacturers
to give their products distinctive personalities through size, shape,
and hue -- rather than simply beat each other up over performance and
"It's come down from our new CEO Michael Capellas that we must
make cool products, with passion behind them, and connection to the
Internet," said Trey Litel, Compaq's marketing manager of Internet
services for U.S. consumer products.
"We're realizing the consumer is really responding to design,
similar to the way the car industry developed," Litel said. "We're
so obsessed with clock speeds and such -- we're missing the point. We
need to differentiate on design."
Coincidentally, Apple is expected to unveil new iMacs today.
The Houston, Texas-based company, of course, is not the first company
to play the design card. Apple's iMac, and G3 desktops with color accents,
have been the basis for a financial and marketing reversal for the company...
More are on the way. Dell will later this fall release a small, curved
Pentium III computer, code-named the Webster. Custom-colored cases that
come with company logos, university mascots, or other artwork also likely,
executives at Dell have said. Executives at other companies also hint
that further variations on the theme are coming.
The magnetic blue colored slimline PC, which will sell for $1,999,
is a departure from Compaq's current line of overstuffed Presario PCs.
The Presario 305 is available in a lighter iridescent blue than the
3550. It comes with a 333-MHz Celeron processor, 11.3-inch TFT screen,
64-MB of RAM, and 4.3-GB hard drive, for $2,199.
This Month's Security Warning
Posted 13 October 1999.
Yes, once again MS is warning users of IE5 to be careful because of MS's
Microsoft admits browser security hole
By Paul Festa
Staff Writer, CNET News.com
October 12, 1999, 8:05 a.m. PT
Microsoft today acknowledged a security problem with its Web browser
that could let a malicious Web site operator rifle through visitors'
Like many browser security problems, this one has to do with scripting
VBScript and JScript [which] give the visiting computer a "script"
to follow, instructing it to launch a new window or scroll text across
For security reasons, browsers typically restrict the kinds of things
a Web site can do with scripts. But in this case, Microsoft's Internet
Explorer 5.0 browser fails to restrict scripts when they are executed
from ... frames. The command at issue here is the "document.execCommand,"
according to Microsoft.
In a security alert, Microsoft said it was working on a patch that
would implement tighter security checks within frames. The patch is
not yet available.
Pending a fix, Microsoft is recommending that users disable Active
Scripting in IE 5's Internet Zone, a categorization within the
browser's security system that includes most Web sites. Users should
add sites they trust not to execute malicious content on their computers
to the Trusted Zone, Microsoft said, adding that Microsoft should be
among these sites if users want to download the patch when it becomes
Microsoft stressed that someone exploiting this attack could only read
files, not change or delete them.
Trust Microsoft? Ha! Trust the Microsoft site? It's the only site my
brother found which repeatedly crashed his computer (a PC). He had to
buy a whole new computer to fix that problem.