Loose Wire:
This blog is in the process of moving. Please point your browser here. All subscribers and RSS feedsters will be transferred automatically.

August 01, 2003
[ News: Man Blames Trojan For Porn, Acquitted ]

   Sophos reports that a British man has been cleared of storing child pornography on his computer after Trojans -- malicious bits of code, a kind of virus -- were found on his computer. The man had been arrested after 172 indecent pictures of children were found on his hard drive (the report doesn't say how). A computer forensics consultant identified 11 Trojan horses on the man's computer, capable of carrying out actions without the user's knowledge or permission. The acquittal follows the case of another British man who was cleared in April under similar circumstances.
 
 
Seems, according to Sophos, that all these images could have been put there by someone remotely. Know anyone who might do that to you? "Some Trojan horses have the ability to take 'remote control' of your PC," explains Graham Cluley, senior technology consultant at Sophos Anti-Virus. "A remote hacker can view what you are doing, take over your keyboard, steal information and even upload files to your computer if they wish. There can be no excuse for home users surfing the internet not to be running up-to-date anti-virus software and a personal firewall to keep their systems protected."

[ News: Sony Goes It Alone, Again ]

 Sony, as usual, is developing its own version of something we thought everyone else had agreed on. This time it's Bluetooth. The New Scientist says that Sony's Interaction Laboratory in Tokyo is working on "point-and-connect" technology, a camera-based system that lets users instantly transfer data from a laptop or handheld computer to a device in close proximity connected to the same wireless network.
 
 
Gaze-Link uses the laptop's camera to read a code displayed on a small sticker attached to each device. Software running on the laptop then automatically locates the device on the network. Hmm. I know Bluetooth is not working great right now, but as more and more devices have it embedded, I believe it may end up working out for us. The only advantage I can see for this technology is when one Bluetooth device won't recognise, or 'find' another, even when it is sitting right in front of you.

[ News: Teens Not Watching TV Shock ]

 It turns out that teens are spending more time online than watching TV, and they may well be doing more than hacking into networks, sending spam and downloading bootleg music files. Go figure. AdAge.com quotes a new survey from Harris Interactive and Teenage Research Unlimited (I can never find anything I want on Harris Interactive, and Teenage Research don't seem to have posted any press release) so I can't link to the original survey), saying that "teens and young adults ages 13 to 24 now spend more time every day on the Internet than they do watching TV."
 
 
During an average week, according to the report, 13- to 24-year-olds spend 16.7 hours online (excluding e-mail); 13.6 hours watching TV; 12 hours listening to the radio; 7.7 hours talking on the phone (including landlines and cell phones); and six hours reading books and magazines to keep up on personal interests. The article also says that "the findings indicate that they approach the Web with an agenda, making search engines their first stop. For example, reports about new fashion trends in print magazines routinely inspire an online search for more information and shopping opportunities".

July 31, 2003
[ News: The Sim Franchise Rolls On ]

 I don't know whether to be excited or appalled at how Electronic Arts have turned the Sim thing into such a money-making business. Purists weren't that enamored of Sim City 4, and my computer is not really powerful enough for it to be fun, and The Sims Online has not been the great follow-up to The Sims that it was expected to be, but you've got to admit EA know how to keep the buzz going. Here's their latest announcement (and note this is an announcement about something that's going to happen two or three months down the track...)
 
 
Electronic Arts have announced plans to release this September the SimCity 4 Deluxe Edition in North America. Players can now make the biggest cities with the most comprehensive and exciting SimCity ever. SimCity 4 Deluxe Edition includes SimCity 4 and the franchise's first expansion pack, SimCity 4 Rush Hour, that focuses on the no.1 most requested feature among fans, transportation. SimCity 4 Rush Hour also is scheduled for release September 2003. The SimCity 4 Deluxe Edition will be available for a suggested retail price of $39.99.
 
This follows on the heels of an announcement yesterday that said Electronic Arts plans to release this October The Sims Makin' Magic, a new expansion pack to The Sims, where "Sims are granted magical powers with the ability to cast spells that are playful or deviant". Oh my God. And if that's not enough: The Sims Makin' Magic will be the final edition to The Sims original series and prelude to the highly anticipated launch of The Sims 2.  The expansion pack will be available for the Halloween season and has a suggested retail price of US$29.95.

[ Update: X1 Improvements On Their Way ]

 Further to my posting about X1, the indexing program, X1's chief cook Mark Goodstein says they are promising an update soon that includes:
  • PDF (Acrobat_ and Zip contents indexing.
  • Attachments indexing and display (for Outlook and Eudora).
  • Tighter Outlook integration (responding, moving, etc., from within X1).
  • Some improvements in the interface and performance stuff.
Sounds good. It's good to see new stuff being added so fast.

[ Mail: Is X1 Really A Rat? ]

 A reader wrote the following about X1, an search and indexing program which I reviewed recently:
 
I read your article, liked what I heard, and installed the product.  It is as good as you described. However, I had reason to run PestPatrol, due to some weird behavior against my ZoneAlarm Pro firewall. The run of PestPatrol identified a program named UPX.exe (in the X1 install directory) as a RAT (remote administration tool) or a Trojan in other words.  Their description was:  ?provides an attacker with the capability of remotely controlling a machine via a ??client?? in the attacker?s machine and a ??server?? in the victim?s machine.?
 
I queried their help site (email came back from idealab.com) and the QA person indicated the program was used to unpack the installer file.  He/she also indicated they were aware that Pest Patrol identifies it as a rat.  The email finished with ?But I don?t think that is what is making your system feel under the weather.?
 
No comment about whether it is a rat, just that they knew PestPatrol called it one. I still don?t know if my system behavior was due to X1, but thought their tech support would have strongly denied it if it was not a rat.
 
Here's the response from X1 chief Mark Goodstein:
 
UPX is a benign wrapper program, just like a self-extracting zip file, and we use it to install X1. We will probably move away from it because of this problem, though...  It just happens that some virus writers use UPX to wrap their illicit programs.  Pest Patrol deals with this by classifying anything that uses it as a possible virus carrier (a RAT or Trojan in their terminology).  That's a bit careless on their part -- what they ought to be doing is automatically uncompressing the UPX files and running their virus checker on what's inside.  Then they could give an accurate diagnosis and unclassify the 99.9% of UPX-using programs as trojans.
 
In simple terms -- X1 is NOT a virus, and pest patrol knows this, as it's easy to determine by simply un-UPXing our exe.  Even if Pest Patrol doesn't want to add the proper feature to their product, at least they ought to mark X1 as a non-RAT after they examine it, to put it in a safe category even though it uses UPX.
 
There you go...I hope that's clear enough.

[ Column addon: RFID ]

  Further to my column in today's FEER (subscription required) about the possibilities and pitfalls of Radio Frequency Identification, or RFID, here's the full text of answers from Alan Melling, Symbol Technology's Senior Director, of EPC Solutions.
 
What are the real benefits of this technology? 
 
Without a doubt, the ability to achieve 100 percent real-time asset visibility without the cost of human intervention to perform tracking activities. This visibility and the information it generates translates directly into supply chain efficiencies - such as lower stock-out rates and fewer rush orders - that go directly to both the top and bottom lines of traditional retailers.
 

 
Inventory tracking/retail behaviour/product theft/non-retail fields?
 
Inventory tracking at the pallet and carton level are almost certain to be the applications that "prime the pump" for RFID in retail. There are a lot fewer pallets than individual items, less cost sensitivity - and pallets have no privacy concerns.
 
Once the tags make it to the item level, their primary function will still be for inventory control - quickly detecting that a particular brand of shampoo is out of stock, for example.
 
However, the technology can also be used in the store for theft detection and identifying shopping patterns, but consumers will first need to be educated on the benefits TO THEM of the technology when used this way. For example, if RFID could be used to let you know when you pass your favorite brand of peanut butter in the supermarket aisle, and it is on sale, would that perceived as plus? For some consumers yes, and for others no. The key to success will be to put the control where its belongs - in the hands of the consumer.

 
What's your view on privacy concerns about RFID? 
 
Privacy is a very real issue. To a certain extent the fears expressed to date are somewhat overblown - the technology simply does not support doomsday scenarios such as the government scanning the books you just purchased from a truck in the street - the tags just are not capable of it. What is very real, however, is every consumer's right to understand and be comfortable with technologies applied to products they may buy. Everyone involved in the RFID industry understands and respects this - which is why the most popular tags - EPC tags - have an in-built "Kill" command that can and will be used to render them inoperative before they leave the store.
 
Are there issues which have not been addressed?
 
There are many issues that are still in the process of being addressed. Standards need to be finalized, costs need to come down further, reading equipment and systems need to be made more reliable, more RFID software solutions need to be developed, and privacy concerns need to be addressed to name a few. However, with the emergence of a strong new standard for retail and supply chain applications - EPC (Electronic Product Code) - the general tone of converstion has switched from "if" to "when" the technology will make its mark in retail. There is a general sense that the remaining issues are all very solveable, and that it just a matter of time.
 
How do you see the future of this technology?
 
The future of RFID in retail and supply chain applications is a bright one, but one that will perhaps be slower and more incremental in approach than many suppose today. In particular, some have positioned RFID as an immediate "replacement" for bar code. The reality is that it is not designed as a one-for-one bar code replacement - it does more than a bar code, but also costs more than a bar code. The companies that benefit from RFID will be those that successfully integrate RFID and bar code technologies - using each where it is the most cost effective.
 
Almost certainly, the first broad applicatiions of RFID will be in the backroom of stores and distribution centers - on relatively unglamorous items such as pallets, crates, cartons, and plastic containers. Over time it will become more visible on individual items on the retail floor, but this will take time - years - and will require that concerns about privacy are effectively addressed.
 
 

 
 

July 30, 2003
[ News: Your Remote Can Now Make Coffee ]

  It's inevitable, I guess, but your remote now looks more like a PDA than a PDA does. RCA have just released three new "universal learning remotes" which can control multiple components and can implement multiple commands with the SmartMacro? feature. "The new line of RCA LCD remote controls reflects a shift in the remote control business to higher end, fuller featured models," explained David Geise, Vice President, Consumer Solutions, Thomson. "As consumers enhance their current home entertainment setups with more advanced products, they are seeking more sophisticated remotes that are easy to program and these three new models meet these requirements."
 
 
Now, being a guy with a dozen remotes around the house, I can see the advantages of all this. Indeed, the SmartMacro feature, that enables consumers to program a series of events to occur in sequential order -- for example, set up the remote to turn on the TV, set it to input one, turn on the satellite receiver and then set it to a specific channel -- sounds kinda useful. It just seems kinda sad that the device to run our TV is more sophisticated than a computer was about three weeks ago.
 
 
 

[ News: Pssst! Wanna See Some SMS? ]

 A sign of the times? ThreeZee Technology, Inc., a security research firm, has located a bug within the Verizon Wireless Text Messaging system which allows any Tom, Dick or Harry to "easily view mass lists of SMS messages sent to Verizon customers, including the telephone number and the text in the message". Not just that: Tom (or Dick, or Harry) can then use the bug to intercept messages sent to any such phone, as well as the ability to make numerous charges to the customer's phone bill. Yikes.
 
 
This is bad, of course, but it's not a feature of SMS per se, more of the website that Verizon set up to allow folk to send SMS messages to Verizon phones. Still, hopefully Verizon will fix it. No sign so far of any mention of the problem on their website.

[ Mail: MSGTAG "a misuse of email" ]

 For those of you following the discussion about MSGTAG, the service that alerts you to when emails you send are opened by their recipients, Russ Winter responds to MSGTAG's defence of its product. Russ raises some good points.
 
Personally and professionally, I must admit to fundamentally disagreeing with any business or product approach that removes choice and attempts to control my personal activities or business processes. In my opinion, this is successfully achieved by MSGTAG. Users outside of my employ or business do not have a right to any insight in to my business practices therefore, read receipts, with no option to deny a
reply infringe on my personal and professional rights. I also note that one of your "pay" product provides a stealth option, where the recipient has no idea that the email has been tagged by your service, this again, in my view, is beyond reproach, unethical and a deceptive practice for any business.
 
I also note with your own MSGTAG product and service, differing levels of service are catered for by providing differing features. We too have a system of Service Level for many of our clients and services, several of these are offered through email and utilise a public or common email group, as such it is our policy not to issue read receipts. This policy protects our employee's from unwanted, direct contact from general enquiries and in some cases contracted clients. Anonymity to 3rd parties is covered under the Australian and many International Privacy Acts, the fact that we are now not anonymous to the 3rd party (MSGTAG) and we did not provide the email address
to MSGTAG I feel is in breach of this concept. However, we forego this right to the original email sender, as we provided him with the email address, but the fact that we provided him with an email address does not inherently afford him the right to provide such information to any third party without our permission.
 
If, as you say, it is not your policy to block or restrict domain access to your servers, I will be forced to implement other means of blocking your services from being requested from, or accessing our internal networks. Where possible we will also be implementing protection to restrict any activities from your servers accessing our "private" email network. As you have also stated, the fact that we have a domain available on the Internet does mean that it is in the public access domain and as such, those details will be stored within DNS, proxy servers and log-files of varying types. I fail to see how this relates to a "personal" email address, of which is not in the public access domain and does make an individual, personally identifiable. In this case, the fact of registering a domain does inherently mean that this information will be stored and used elsewhere, this also implies, by default, permission to use the domain name in specific methods without any communication with the domain owner, otherwise the domain would not function as intended or wished by the domain owner.
 
In regards to your statement asking that your service be judged on what you are doing, not by what it could do. I personally feel that we have very fairly assessed your service by this criteria, I have not once mentioned the malicious capabilities that both you and I are very well aware of and that must also be of concern to any responsible IT and internet user.
 
In essence, I am sorry to report, I have not been swayed by our communication in any way and still consider your product to be a misuse of email and the facilities afforded by email clients. We shall be treating the MSGTAG services as a common virus or spy-ware application in the future. I might add, that I noticed that your company and application, are apparently associated with several other products and businesses that produce applications to circumvent activities similar to MSGTAG services. I must commend you on such a impressive business development strategy though, not only do you develop and generate the problem for free, but also supply the cure in the way of MailWasher Pro and Benign that is available for download at such a reasonable price.
 
At the end of the day, I am very aware that with profits at risk, and the press coverage being good, that these individual concerns will not be actioned or taken particularly seriously, especially as resolution of these issues would most likely result in reduced profits for Fisher Young and its associated businesses.
 
Again, I thank you for taking the time to consider and reply to our email.
 
Watch this space for more from MSGTAG. Perhaps MSGTAG should consider more of an opt-in approach to its service, whereby a recipient is alerted to the tag, and given the option of blocking it if needs be?

July 29, 2003
[ Mail: MSGTAG Replies ]

Good software always seems to be controversial. That's not to say there's not two sides to the debate: Those who think Plaxo is a scam to get you to give up your private data aren't exactly right, but they may not be exactly wrong, either: time will tell whether it becomes a great service or an intrusive nag. Similarly, another product I've taken to, MSGTAG, has its critics, who say allowing folk to check whether their emails have been opened is an unacceptable invasion of privacy, not least because most folk who receive such 'tagged' emails don't know their email program has just sent a message home advising the sender they've just opened an email. (See a recent email from an outraged user.) All this is true, but it doesn't undermine the idea that in principle, it's a great idea. We would all be a lot more productive -- not to mention safe -- if we knew the emails we were sending out to friends, colleagues, customer service departments, actually reached their intended recipient.

Anyway, for those of you who are interested in hearing MSGTAG's side of the debate, here's their recent response to the letter I mentioned above. Original complaints in purple. I've cut it back a bit.

The sender has no real right to know when and if I read his email, where will this go next...tracking how often the email is open, tracking to whom I on forward the email...the possibilities are endless and tantamount to spying and invasion of privacy.

The MSGTAG read receipt process is not designed to be invasive. We feel that it is more than reasonable for a person to know if and when their mail has been read by the intended recipients. There are many situations where this benefits both the sender and the recipient. If an email hasn't been read before a critical time, a sender can know to contact the recipient to give them the information by another means.

Our view on the subject of mail notification is that at the moment email is an unbalanced exchange. The recipient gets to read the email, but the sender doesn't get to know if they have. If you send something via a courier service, for example, if you refuse to sign for it, you can't open it. If you do sign for it, the sender knows straight away.

With MSGTAG we are trying to make it as fair as possible. There are some services that offer to give out all sorts of information about the recipient, such as how long the email was viewed for, how many times, who it was forwarded to, etc. Though we know how to implement this type of functionality, we have chosen a different path of fixing what we see as a broken process, without making the cure worse than the disease by adding privacy-invading features. The negative "possibilities are endless" for all sorts of technologies: we ask that we are judged by what we do, not by what can be done.

MSGTAG tells the sender only the time a message was first opened. It does not provide the sender with the IP address or geographical location of their recipients, nor does it embed tags into attachments to track forwarding or printing behaviour.

However, I do appreciate that not all Internet users wish to receive MSGTAG tagged emails. We respect the business decisions of companies such as yours that wish to implement firewall or proxy technology to prevent MSGTAG tags from being triggered. Furthermore, we have implemented a system within MSGTAG Status that allows users to disable tagging for certain recipients who have asked not to be tagged.


MSGTAG also collects the recipient's email address, email ID, IP address and email headers without the recipient's authorisation or knowledge.

It is true that we collect the recipient's email address and the email ID - this is provided to us by the sender of the email. As I pointed out in the previous paragraph, we don't collect the recipient's IP address and we don't have access to the header information except for:

The subject line - this is used in the notification email so that users know which e-mail has been read, without it they would only know that one of their emails has been read, but they wouldn't know which one.

The message ID generated by the sender's e-mail client - this is a unique code attached to all emails by most email clients so that the clients can reliably tell e-mails apart. We use it for the same purpose.

The address the e-mail was sent to - we use this for the same reason as the subject line - so the user knows which e-mail the notification is about.

We also record when the tag was added, and when it was triggered so that we can tell the users when it was triggered, and what the elapsed time was. That is all that we collect from the email.

I agree that what we do with the small amount of information we collect is a serious privacy issue. That is why we have a privacy policy publicly posted on our site. There are several prominent links to it, including within the application itself. I refer to the following relevant section of our Privacy Policy:


"MSGTAG facility
The Software uses the MSGTAG service to determine whether an e-mail that has been tagged by the Software has been received by the intended recipient. In order to achieve this, MSGTAG must store the subject, message ID, message recipient, date sent, and MSGTAG account name of the sender for each e-mail tagged by the Software. If tagging is disabled in the application, MSGTAG does not store this information. MSGTAG will not sell, share or rent this information to any other parties."


At present, there is only one person in our organisation who has access to the email addresses used in MSGTAG - a System Administrator. As General Manager of MSGTAG, I do not have access. Tech support staff must ask the system administrator for this information on a case by case basis, in order to address specific problems raised by our customers.

We publicly state what happens to email addresses collected. They are only valuable to spammers. They are not valuable to us, because we abide by our Privacy Policy, and cannot exploit them. It would be commercial suicide for us to misuse the email addresses stored on our servers. The integrity of our brand is more valuable than a list of email addresses. Besides, we hate spam with a passion.


"This is in direct contravention to the privacy act and the rules governing the collection of personally identifiable information."

We also feel that MSGTAG's email tracking service is not only an invasion of our privacy but is also an infringement of the "Information Access" and "Computer Equipment Access" laws as their service provides "back-flow" traffic, without the recipient's knowledge or consent, directly from their computer software and hardware."

We are unaware of any infringement as per your suggestions. Fisher Young Group takes its obligations and allegations of this nature extremely seriously. If you can provide us with more information about the specific areas of law that are at dispute, we will investigate your concerns thoroughly.


Matthew Miller

Interesting stuff. Let us know how you feel.



[ Note: Getting Your Head Around Spam ]

 This is not new, but worth passing on to those folk that would like to understand spam a bit better. Spam is a pain for all of us, and it's not likely to get better. But the more we understand it, the more we can do something about it. If you think it's just a bunch of sleazy guys who don't know about computers and don't know how much damage they cause, read this. It's a PDF Acrobat file version of the presentation by one John Graham-Cumming, who designed the free POPFile spam filter I use and rave about every chance I get.
 
 
John goes into fascinating detail about the tricks spammers use, which helps us realise a couple of things:
 
1) These spammers are smart, or have smart people working for them;
2) Spamming is not going to go away, and spam filters are going to have to get smarter to keep up;
3) It may be worth splashing out on spam filter software if you're a big company, but if you're an individual, you may well be better off using POPFile and doing what you can to support folk like John, who are as close to the cutting edge of anti-spam design as anyone. (If you really like his work, buy some of his stuff.)

[ Update: New Version of Plaxo ]

 Users of Plaxo, the automated contacts updating software I reviewed a few weeks back, may have noticed some new features popping up in the past couple of days. One is that Plaxo can tell you whether the email you receive is coming from an existing contact or a stranger and whether the information about them in the address book is up-to-date. You can then add the sender to your address book with a single click and request updated contact details from them.
 
 
There's also a new feature that enables users to customize their own personal e-mail footer with current contact information. Since Plaxo updates itself, these new features are already available if you've got Plaxo installed. While a lot of folk think Plaxo's just a spam scam, I've found it surprisingly useful so long as you use it carefully, and don't expect everyone else to use it. It's not for everyone.
 

July 28, 2003
[ Stats: Blowing Bubbles in the Blogosphere ]

 It's not that new an observation but it's worth making again, based on fresh data: blogs -- those bastions of independent guy in underpants with computer publishing -- are just as concentrated as Big Media. These stats from The Truth Laid Bare show that, as Oscar Jnr puts it, "the total average daily traffic of the top 10 sites (109,707 visits) exceeded that of the 671 other sites (102,500 visits)".
 
In effect, the top 10 blogs account for more than 50% of all traffic, while three quarters of the sites monitored, some 660 sites, had fewer than 100 daily visitors over the past week. Ouch. It's not easy to make a splash in blogland.

[ News: Yes! Another Spam Solution ]

  I feel this blog is becoming spamblog. Really. I plough through dozens of press releases every day just to find something good for you guys, and it's all about spam. Here's another one (and it's just the headline): MailFrontier Matador(TM) 3.0 Learns and Adapts to Offer Consistent Maximum Spam Protection Over Time Also Protects Mobile Devices from the Increasing Spam Deluge. Excellent. That at least is interesting, although they'll be really upset when they realise most screens will only read the first half, which will be MailFrontier Matador(TM) 3.0 Learns and Adapts to Offer Consistent Maximum Spam. Anyway, I digress.
 
MailFrontier's new release is "the world's smartest desktop anti-spam solution". It even wheels in a Senator, Arizona's Scott Bundgaard to confirm it, although he does sound a bit like a guy trying out different brans of mouthwash. "I tried other products on the market, but only with MailFrontier Matador was I able to receive my important email and get rid of spam. Now I can avoid unwanted ads for ink cartridges or home mortgages and can focus on emails that are significant to me," said Bundgaard.
 
Anyway, on to the product. MailFrontier Matador 3.0, it turns out, "monitors incoming email, analyzing each message to learn more about specific patterns and vocabulary that define good email and bad email for each individual. The software creates an eProfile -- a custom rule set -- for each individual user, which adapts over time." Matador also, interestingly, will "filter incoming email before it gets downloaded to a wireless device" which does sound useful.
 
MailFrontier Matador is a desktop application that sells for $29.95. This includes spam signature file updates, product upgrades, and email support for one year at no additional charge. MailFrontier Matador is available for users of Microsoft(R) Outlook(R) (2000 and 2002) and users of Outlook Express(R) (5.0/5.5/6.0), and Hotmail, MSN, and IMAP, when used through Outlook Express. To download a free trial please go to http://www.mailfrontier.com/ .
 
 

[ News: Another Spam Solution. No Really ]

 From the I'm Not Sure I Understand This Press Release Dept here's another spam solution, just in case you thought there weren't any more. Challenge/Response is a technique used to prevent spam by challenging folk who send an email to you to confirm they are human by responding. I.e: you send an email to me, my spam filter sends a challenge to you, you respond to that, your first email gets through. Easy enough. But Mailblocks, Inc. today reckon that with the new release of its Web-based
Challenge/Response 2.0 ($10 a year and up), they've come up with a major innovation: cutting out the challenge bit.
 
 
Now of course I could be getting this all wrong and Mailblocks, please put me right here), but the press release quotes Phil Goldman, Mailblocks' CEO as saying, "We continue to innovate in all areas of our email service, but our most recent release concentrates on removing the greatest perceived barrier to widespread consumer adoption of Challenge/Response - the Challenge itself." In this version, new senders to Mailblocks' subscribers will only be challenged once, then, unless they go bad and start sending spam, they won't be challenged again.
 
E, I thought that was how it worked anyway. I'm no great fan of Challenge/Response (why inconvenience people who are trying to contact you?), preferring good Bayesian filters, which, you'll be delighted to know, are 99.25% accurate. I haven't seen spam in weeks. I kinda miss it (kidding. Don't spam me). Anyway, back to Mailblocks. Maybe what they're saying is that if you get accepted by any Mailblocks customer, you're automatically OK with all the other Mailblocks user. That's not a bad idea. But how many folk out there are using Mailblocks? The other option seems to be to fill out Challenge to be universally approved to send to all Mailblocks' customers by going to
 http://about.mailblocks.com/trustme.html. I can't see folk queuing up to do that, to be honest.
 
Maybe I just love my free Bayesian Filters too much, but what's the point of farming out spam filtering when you can do it yourself so much better for free, and not upset your friends by challenging them?

[ News: Cracking a Password is Fast ]

Now your Microsoft Windows password can be cracked in 13.6 seconds, a vast improvement over the slow and tedious 101 seconds it took previously. An improved cryptanalytic method uses large amounts of memory--in this case, 1.4 GB--to speed its cracking of
keys, says Security Wire Digest.

I won't bore you with how they did it. But the bottom line is that this attack doesn't pose any practical threat, since only an administrator would be able to encryped password to conduct the attack, and users can resist by using passwords that contain more than just letters and numbers.


[ Hardware: A Computer For the Price of a Pedicure ]

If you're cheap, skint, or just like buying stuff that doesn't cost very much, check out the $169 Lindows WebStation. The Lindows WebStation is "the first ultra-affordable, 'unbreakable' computer designed specifically for Web work." Just plug it into a broadband connection and you're off. Apparently it's idiot proof too: "It's literally impossible to destroy the system configuration or settings, making the WebStation the ideal computer for many situations."



It includes a "complete, Microsoft-compatible Office Suite making it possible to open, edit, save, and email Microsoft Word, Microsoft Excel and Microsoft PowerPoint files without additional software!" Needless to say, the gadget works on Lindows, a Linux version of Windows (and nothing to do with Microsoft despite the name). So don't expect too much. it doesn't have a hard drive, so boots from a CD. Oh, and bring your own monitor.


about loose wire
musings, snippets, grievances and links on personal technology by dow jones columnist jeremy wagstaff. I want to hear from users -- technology-related stories, complaints, thoughts, ideas, brickbats -- so please email me

my columns appear in
The Far Eastern Economic Review and
The Wall Street Journal Online.
both are owned by Dow Jones.

see below for subscription links -- sorry, but the columns are only available to subscribers.

companies, PR agencies etc, please send relevant news, pitches, product review requests here. happy to hear from you, but I stress the word 'relevant'.

best of
Nigerian love affair
Old lady loose on the web
Terms for the rest of us
My wild night with Deep Purple

subscribe
Enter your email address below to subscribe to loose wire blog items as they appear. Email me if you have problems signing up.


powered by Bloglet
syndication
this site is available as an RSS feed: RSS feed (right click on the icon and copy the link, then paste into a newsreader)
search loose wire blog

powered by FreeFind
archives
11/25/2001 - 12/02/2001 / 12/02/2001 - 12/09/2001 / 12/23/2001 - 12/30/2001 / 01/06/2002 - 01/13/2002 / 01/27/2002 - 02/03/2002 / 02/24/2002 - 03/03/2002 / 03/10/2002 - 03/17/2002 / 03/17/2002 - 03/24/2002 / 04/21/2002 - 04/28/2002 / 04/28/2002 - 05/05/2002 / 05/12/2002 - 05/19/2002 / 05/19/2002 - 05/26/2002 / 06/30/2002 - 07/07/2002 / 07/21/2002 - 07/28/2002 / 07/28/2002 - 08/04/2002 / 10/13/2002 - 10/20/2002 / 10/27/2002 - 11/03/2002 / 11/03/2002 - 11/10/2002 / 12/08/2002 - 12/15/2002 / 01/12/2003 - 01/19/2003 / 03/09/2003 - 03/16/2003 / 03/16/2003 - 03/23/2003 / 03/23/2003 - 03/30/2003 / 03/30/2003 - 04/06/2003 / 04/13/2003 - 04/20/2003 / 04/20/2003 - 04/27/2003 / 05/04/2003 - 05/11/2003 / 05/11/2003 - 05/18/2003 / 05/18/2003 - 05/25/2003 / 05/25/2003 - 06/01/2003 / 06/01/2003 - 06/08/2003 / 06/08/2003 - 06/15/2003 / 06/15/2003 - 06/22/2003 / 06/22/2003 - 06/29/2003 / 06/29/2003 - 07/06/2003 / 07/06/2003 - 07/13/2003 / 07/13/2003 - 07/20/2003 / 07/20/2003 - 07/27/2003 / 07/27/2003 - 08/03/2003 / 08/03/2003 - 08/10/2003 / 08/10/2003 - 08/17/2003 / 08/17/2003 - 08/24/2003 / 08/24/2003 - 08/31/2003 / 08/31/2003 - 09/07/2003 / 09/07/2003 - 09/14/2003 / 09/14/2003 - 09/21/2003 / 09/21/2003 - 09/28/2003 / 09/28/2003 - 10/05/2003 / 10/05/2003 - 10/12/2003 / 10/19/2003 - 10/26/2003 / 10/26/2003 - 11/02/2003 / 11/02/2003 - 11/09/2003 / 11/09/2003 - 11/16/2003 / 11/16/2003 - 11/23/2003 / 11/23/2003 - 11/30/2003 / 11/30/2003 - 12/07/2003 / 12/07/2003 - 12/14/2003 / 12/14/2003 - 12/21/2003 / 12/21/2003 - 12/28/2003 / 12/28/2003 - 01/04/2004 / 01/04/2004 - 01/11/2004 /