Keith Dawson on Tue, 2 Feb 1999 11:11:01 +0100 (CET)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> TBTF for 1999-02-01: Squammers


     [original to tbtf@tbtf.com]

-----BEGIN PGP SIGNED MESSAGE-----

TBTF for 1999-02-01: Squammers

    T a s t y   B i t s   f r o m   t h e   T e c h n o l o g y   F r o n t

    Timely news of the bellwethers in computer and communications
    technology that will affect electronic commerce -- since 1994

    Your Host: Keith Dawson

    This issue: < http://tbtf.com/archive/1999-02-01.html >
    ________________________________________________________________________

C o n t e n t s

    CDA-II ruled unconstitutional
    Squammers
    Windows Refund Day
    A new kind of trademark dispute
    Net weather and traffic
    IBM joins Linux International
    Book bots
    Followups
        Intel's Big Brother problems multiply
        Compromised utility package updated
        We can get it for you wholesale
        Becoming a Y2K urban legend
    An interview at the NSA
    Rings
    ________________________________________________________________________

..CDA-II ruled unconstitutional

  Laudable goal, terrible legislation

    The judge hearing the CDA-II (Child Online Protection Act) chal-
    lenge has ruled that the law is unconstitutional [1]. No word yet
    on whether the government will appeal. (Remember, this is a law
    that Janet Reno's Justice Department advised they could not en-
    force.) The judge said

      > Perhaps we do the minors of this country harm if First
      > Amendment protections, which they will with age inherit
      > fully, are chipped away in the name of their protection.

    [1]  http://www.news.com/News/Item/Textonly/0,25,31724,00.html?tbtf
    ____________

..Squammers

  Domain name squatters who spam the InterNIC

    Network Solutions, Inc. has recently been falling behind with reg-
    istration requests. They say [2] that domain-name squatters have
    been bombarding NSI with bogus requests, crashing their servers and
    delaying processing of ordinary business. This activity has been
    going on for some time, but in January it reached a level double
    that of legitimate registrations. Wired's coverage is here [3].
    This is not a story about speculators of domain-name homesteaders
    who put down their money on a bet about the Net's direction. The
    squatters pay nothing, financing their bets with everyone else's
    money; a subset of them, the squammers, additionally throw sand
    in the gears for the rest of us.

    Mailing-list discussion -- see this thread on NANOG [4] for ex-
    ample -- has fleshed out the picture of the squammers. A squatter
    reserves a domain name, perhaps giving a bogus email address and/or
    physical address, and ignores the bill when/if it comes. After 30
    days NSI suspends the name. When another 30 days have passed and no
    payment has arrived NSI releases the name. The original squatter now
    showers the registrar with many (probably automated) requests to
    re-register that name. Thus the name remains tied up and the squam-
    mer never pays a cent. If a buyer wants the name, they ends up pay-
    ing the original NSI bill as well as whatever usurious ransom the
    squammer has been able to negotiate.

    Posters on NANOG are playing the story as yet another example of
    NSI's incompetence [4], and certainly this interpretation is sup-
    portable. One measure NSI has taken to slow the squammers was to
    drop (without announcement) the "initial creation date" and "cur-
    rent status" fields from the information it publicly reports about
    name ownership and status. This will have little impact on squam-
    mers -- surely they know when they registered a name -- but will
    break ISPs' existing procedures and software and inconvenience all
    legitimate users of the name database. NSI's ill-advised policies
    are partly to blame for creating a something-for-nothing opportun-
    ity for squammers, who would vanish into the night if NSI made reg-
    istrants supply two valid DNS servers before reserving a name, and
    particularly if they required a valid credit-card number up front.

    News.com plays one domain-name squatter's story [5] as a tale of a
    little guy against the megacorp. Their reporter appears to have been
    completely bamboozled by Jerry Sumpton [6] of Freeview Listings, who
    lost his bid to extort $13,000 from Avery-Denison Inc. for the names
    avery.net and dennison.net.

    Ian Andrew Bell shoots straighter [7]. He points out that Sumpton
    holds as many as 30,000 domain names: many proper names and many
    words from the dictionary, largely in the .net domain. Sumpton's
    business plan of record -- renting mailboxes at $4.95 per month on,
    e.g., smith.net -- makes no sense if he has to pay over $1M per year
    for the names. It makes sense only if he never pays for a name until
    someone signs up for a mailbox on it, or better yet bids to buy it
    from him. (Note: no evidence suggests that Sumpton is one of the
    squammers; NSI has not made public any results from its attempts to
    trace these miscreants.)

    The handy Domain Surfer site [8] offers the fastest way I've found
    to explore the domain namespace and winkle out homesteaders, spec-
    ulators, and squatters.

    [2]  http://rs.internic.net/customer_advisory.html
    [3]  http://www.wired.com/news/print_version/technology/story/17522.html?wnpg=all
    [4]  http://www.cctec.com/maillists/nanog/current/msg00256.html
    [5]  http://www.news.com/News/Item/Textonly/0,25,21333,00.html?tbtf
    [6]  http://rs.internic.net/cgi-bin/whois?JS1578
    [7]  http://xent.ics.uci.edu/FoRK-archive/jan99/0345.html
    [8]  http://www.domainsurfer.com/
    ____________

..Windows Refund Day

  Ready to demand your money back from Mr. Bill?

    Proponents of non-Microsoft operating systems have declared 15 Feb-
    ruary Windows Refund Day [9] to encourage PC buyers to get cash back
    for the Windows software they have never used. Microsoft's end-user
    license agreement gives purchasers the right to obtain a refund
    from their PC vendor if they've installed an alternative OS such as
    Linux or IBM's OS/2 without having used Windows. The effort was in-
    spired by Geoffrey Bennett's tale [10] of pursuing a refund from
    Toshiba over 4 months, eventually with success. The Windows Refund
    Center [11] features links to other such stories, some without a
    happy ending after two years. On 15 February Linux users in Cali-
    fornia plan to show up on the doorstep of their local Microsoft of-
    fice for their refunds.

    [9]  http://www.wired.com/news/print_version/technology/story/17452.html?wnpg=all
    [10] http://www.netcraft.com.au/geoffrey/toshiba.html
    [11] http://www.linuxmall.com/refund/
    ____________

..A new kind of trademark dispute

  Is a search site that sells keywords diluting copyrights?

    Estee Lauder has filed suit against Excite for selling its trade-
    marked terms "Estee Lauder" and "Origins" to the Fragrance Counter,
    a competitor [12]. Search engines commonly sell keywords to whomever
    is willing to pay, displaying the buyer's ad banners whenever a vis-
    itor searches on one of the keywords. So far no law or court prece-
    dent restricts the search companies from selling whatever they
    please. The Lauder action is being publicized by BannerStake [13],
    which offers a keyword of your choice to 12 search engines and dis-
    plays the banners that they display, if any. I tried the keyword
    "Linux" and found that Excite appears to have sold it to Microsoft.
    Probably last Halloween [14].

    [12] http://www.internetnews.com/IAR/1999/01/2901-lawsuit.html
    [13] http://www.bannerstake.com/
    [14] http://tbtf.com/archive/1998-11-03.html#s02
    ____________

..Net weather and traffic

  Internet tomography and an index of Net health

    The journal Nature carries an article [15] on Net tomography. The
    authors have developed skitter, a "tomography scanning tool" that
    dynamically discovers and depicts global Internet topology and meas-
    ures the performance of specific paths through the Internet. Skitter
    uses ping ICMP packets to develop a diagram of Net connectivity at
    a point in time. Here is a sample interconnectivity diagram [16]
    (194K).

    Another view of the state of Net health is provided by the Internet
    Traffic Report [17], which also uses ping to derive indices of world-
    wide round-trip times and packet loss. Thanks to Tom Parmenter <tom-
    par at world dot std dot com> for pointing out this service.

    [15] http://helix.nature.com/webmatters/tomog.html
    [16] http://helix.nature.com/webmatters/tomfigs/fig1.html
    [17] http://www.internettrafficreport.com/
    ____________

..IBM joins Linux International

  Open source OS's momentum looks unstoppable in the server space

    Following Sun's lead [18], IBM Software Solutions has become a spon-
    soring corporate member of Linux International. Besides these two
    the roster [19] now includes Silicon Graphics and Compaq. Missing for
    the moment is HP, though that company has recently announced that it
    will sell Linux on its NetServer systems and has struck an alliance
    with Linux packager Red Hat [20]. This article [21] discusses recent
    Linux initiatives by HP and SGI.

    [18] http://tbtf.com/archive/1998-05-25.html#s03
    [19] http://www.li.org/sponsors/sponcorp/index.shtml
    [20] http://www.news.com/News/Item/Textonly/0,25,31511,00.html
    [21] http://www.internetnews.com/Reuters/1999/01/2805-linux.html
    ____________

..Book bots

  Two sites comparison-shop the Net booksellers

    You've read about the coming wonderful world of intelligent agents
    that will make Web comparison-shopping a breeze, once the nirvana of
    universal XML arrives to usher in the day. But even now clever folks
    are implementing services to help you compare prices for commodities
    on the Net. Consider books. The free service AddALL [22] will search
    for any book and compare prices, including shipping, across 34 sep-
    arate online bookstores, and display the results in price order in
    the currency of your choice. The search is a little clunky; I find
    it's best find my book first at Amazon or Barnesandnoble and then
    price-shop at AddALL. The site needs a going-over by someone with a
    strong grasp of English syntax, but so what? It's an extremely useful
    labor of love and seems to be under constant improvement.

    A few months back Glenn Fleischman got to musing on how URLs might
    be used like programs, and the result is isbn.nu [23]. You can get
    a price comparison, including shipping charges, for any book by
    feeding its International Standard Book Number to this site as if
    it were a directory name. For example, entering

      http://isbn.nu/0201149370/price

    compares prices for John Hanson Mitchell's "Ceremonial Time: 15,000
    Years on One Square Mile" across 8 online stores. Leave off the
    trailing "/price" and the site takes you to Amazon.com's order page
    for the book. Prefer another store? You can append the name of one
    of 10 other online bookstores from a list on the site.

    [22] http://www.addall.com/
    [23] http://isbn.nu/
    ____________

..Followups

    ..Intel's Big Brother problems multiply

    On 27 January pressure on Intel increased again to scrap its plans
    to include a consumer-identifying serial number in each Pentium III
    [24]. A lawmaker in Arizona has said he will file a bill this week
    making it illegal for any company to manufacture or sell a PC chip
    in that state that features a unique identifying number in the hard-
    ware [25]. Intel runs two chip fabs in Arizona and its CEO, Craig
    Barrett, has a home there. Such a law could have an unintended im-
    pact on Sun Microsystems, whose Sparc chips have for years included
    a serial number to prevent piracy.

    Cryptographer Bruce Schneier has a commentary on ZDNet [26] explain-
    ing in simple terms exactly why Intel's scheme will not work to en-
    hance consumer security or authentication.

    Finally, Dan Kohn passes along a pointer to a FAQ [27] on the Intel
    chip flap, which claims that Intel has not turned off the ID number
    in the hardware at all, as it claims. (The multi-part FAQ begins
    here [28].)

    [24] http://tbtf.com/archive/1999-01-26.html#s03
    [25] http://www.news.com/News/Item/Textonly/0,25,31482,00.html?tbtf
    [26] http://www.zdnet.com/zdnn/stories/comment/0,5859,2194863,00.html
    [27] http://www.zdnet.com/zdhelp/static/p3/p3_3.html
    [28] http://www.zdnet.com/zdhelp/static/p3/p3_1.html
    ____________

    ..Compromised utility package updated

    In the aftermath of the backdooring of ftp.win.tue.nl [29], the author
    of one of the affected utilities, util-linux, has released an updated
    package [30] to the sunsite and tsx-11 software depots. He writes:

      > If you get it from ftp.win.tue.nl (very unwise), check the md5sum:
      >   d98b2a08c4865c14b9aefec3586c685a  util-linux-2.9h.tar.gz

    Contrary to a note I posted at [29] after the email edition went out,
    Hotmail administrators were in fact immediately responsive when not-
    ified about the compromised code at ftp.win.tue.nl that referenced
    two Hotmail drop boxes, according to John R Levine <johnl at iecc dot
    com>, one of the perpetrators of Internet for Dummies.

    [29] http://tbtf.com/archive/1999-01-26.html#s01
    [30] http://www.geek-girl.com/bugtraq/1999_1/0364.html
    ____________

    ..We can get it for you wholesale

    TBTF for 1999-01-13 [31] covered buy.com and its "sell a buck for 85
    cents and make it up on advertising" business model. Now competitor
    Onsale has abandoned retail markups and thrown in its lot with the
    tulip traders [32]. It's a win for consumers in the short term, but
    how will Web merchants endure in this atmosphere of purest helium?

    [31] http://tbtf.com/archive/1999-01-13.html#s05
    [32] http://www.onsale.com/aboutus/ir/pr/pr1199901.htm
    ____________

    ..Becoming a Y2K urban legend

    This note was sent in by faithful TBTF reader Cheryl Stocks <cstock
    at ibm dot net>:

      > I think we have a new urban legend category.

      > I read your story "Report of a very Confucian incentive is a
      > joke" [33] recently, and got a chuckle from it. Today my hus-
      > band said "Did you hear that British Air is going to require
      > 40% of its executives to be in the air at midnight, New Year's
      > Eve, this year?"

    [33] http://tbtf.com/archive/1999-01-26.html#s11
    ____________

..An interview at the NSA

  "Good Will Hunting" missed the mark

    A long-time reader sent this account [34] of a recent job interview
    at the US National Security Agency. My informant was not offered a
    job but came away impressed with the professionalism, seriousness,
    and collegial atmosphere at the agency, but. Here's an excerpt on
    the agency's training program for new hires.

      > The first interview is with the mathematician who is head of
      > the training program, which lasts three years. The program
      > starts with a quick review of algebra and then launches into
      > crypto stuff, and it's full-time for months at a time, two
      > hours of lecture and six hours of study every day, in a big
      > classroom with forty other newly hired mathematicians, some
      > just out of college, some PhD's.

    [34] http://tbtf.com/resource/NSA-interview.html
    ____________

..Rings

  A pretender to the ring-world throne

    Last November GeoCities bought Starseed [35], the inventor of the
    WebRing [36]. A WebRing collects many Web sites on a similar topic
    (e.g., fan sites for a particular music group) and stitches them
    into a circular structure. From any ring member you can move ahead
    or back in the ring or jump to the ring's head. Starseed's imple-
    mentation of this novel navigation system is highly structured,
    with Ring Members (individual sites), Ring Masters, and a central
    Ring Server (Starseed's) to enable navigation. At the time of its
    purchase by GeoCities, Starseed had attracted 66,000 "affinity
    groups" to join in rings; in all 900,000 Web sites participated.

    Now that Yahoo has announced plans to acquire GeoCities [37] it will
    be the lord of the rings.

    But don't count out the pretender to the throne: Bomis [38], whose
    hands-off technology runs rings around any site without requiring
    the intervention, or even the knowledge, of its Webmaster. Bomis's
    lightweight approach to ring construction wraps ringed Web sites
    within frames; an Escape button allows the visitor to jump out of
    the ring context and back to the unframed site at any point.

    The Bomis maintainers strut a subversively cheeky attitude. See for
    example their FAQ page [39], and don't miss the infrequently asked
    questions [40]. They don't tell us what, if anything, "Bomis" means,
    but they provide a page where you can guess [41], one chance in
    65,340.

    [35] http://www.news.com/News/Item/Textonly/0,25,28639,00.html?tbtf
    [36] http://www.webring.com/
    [37] http://www.news.com/News/Item/Textonly/0,25,31582,00.html?tbtf
    [38] http://www.bomis.com/
    [39] http://www.bomis.com/bomis_faq.html
    [40] http://www.bomis.com/ifaq.html
    [41] http://www.bomis.com/whatisbomis.html
    ________________________________________________________________________

S o u r c e s

> For a complete list of TBTF's (mostly email) sources, see
    http://tbtf.com/sources.html .
    ________________________________________________________________________

    TBTF home and archive at http://tbtf.com/ . To (un)subscribe send
    the message "(un)subscribe" to tbtf-request@tbtf.com. TBTF is Copy-
    right 1994-1999 by Keith Dawson, <dawson@world.std.com>. Commercial
    use prohibited. For non-commercial purposes please forward, post,
    and link as you see fit.
    _______________________________________________
    Keith Dawson               dawson@world.std.com
    Layer of ash separates morning and evening milk.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5

iQCVAwUBNrZ1HmAMawgf2iXRAQGQCAP9GyFJcTtItcV4nSk5Ek773ct2gee7Z+za
CLp4IkkYejrP3pnom0n3D6Cebvv+CLV9DsncjPkicR7Zb7diKMahkCRg1k9h4UoV
6wTKd3GbdK+KFp1RWA6LggpHjqtmC21aVSuMST9AHvDtn5lESYLYHmRSADgMOMQ3
LsjqegIo/cg=
=8309
-----END PGP SIGNATURE-----
---
#  distributed via nettime-l : no commercial use without permission
#  <nettime> is a closed moderated mailinglist for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@desk.nl and "info nettime-l" in the msg body
#  URL: http://www.desk.nl/~nettime/  contact: nettime-owner@desk.nl