loose|wire

Loose Wire:

This blog is in the process of moving. Please point your browser here. All subscribers and RSS feedsters will be transferred automatically.

October 4, 2003

[ News: Beware QHosts ]

All you need to do to be infected by this virus is visit the homepage of Web hosting provider FortuneCity.com. CNET reports that a malicious program, dubbed QHosts, infects PCs using a recent flaw in Microsoft's Internet Explorer to take control of how computers look up Internet addresses. The program takes advantage of a critical flaw in Internet Explorer , which Microsoft has made an integral part of its Windows operating system. The Trojan horse used a banner ad that the attacker somehow placed there to install the Trojan horse on the user's PC.

The QHosts program then changes the Internet addresses of the computers the infected PC will go to to resolve unknown Web sites and domain names. Known as the domain name service (DNS) servers, such computers are generally operated by a trusted organization, such as an Internet service provider. However, QHosts will send the requests to other servers, which Schmugar believes are likely to be owned by the originator of the Trojan horse.

This raises a few troubling questions, such as: How did the banner ad get there? And what is the purpose of the trojan? Is it just malicious or is it commercially related? We should be told.

-- posted by Jeremy Wagstaff on 10/4/2003 07:03:21 AM | link

[ Software: Grabbing Bits Off The Net ]

I haven't tried this but it sounds a great idea: The Easy Bee is software that automates Web navigation tasks and builds aggregated pages with always up-to-date Web extracts. The Easy Bee lets you create Web agents?Honeybees?that will periodically navigate, extract and aggregate for you any web content, even web pages that require form filling and button clicking. What you end up with is a page of all the bits and pieces from the web that you need, be they newsfeeds, stock quotes or whatever.

-- posted by Jeremy Wagstaff on 10/4/2003 06:53:19 AM | link

October 3, 2003

[ News: When Is A Newspaper Website Not A Newspaper Website? ]

More on disguised branding, this time with newspaper-related sites. Steve Outing points out on Poynter that newspapers are putting up bloglike sites to appeal to the younger crowd, while playing down the site's connections to the owner. Steve cites the Arizona Daily Star's AZNightBuzz, where "there's no indication on the home page that the site is connected to the newspaper, even on the About Us page".

His conclusion: "Newspapers are deciding that the newspaper brand name may actually be a hindrance in attracting the college demographic to their media products -- so they're dispensing with it."

-- posted by Jeremy Wagstaff on 10/3/2003 10:14:33 PM | link

[ News: The Free Version Of Office Is Out ]

The free, open source Office suite, OpenOffice, is now officially into version 1.1, including enhancements such as "revolutionary" XML file format, one-click PDF (Adobe Acrobat) export and Macromedia Flash export for presentations and drawings, according to The Register.

There is is enhanced MS Office file compatibility, accessibility support and a faster load times. Supported languages include English, German, French, Italian, Spanish, Chinese (simplified & traditional), Korean and Japanese. Of course, it's available for Windows, Mac, Linux and Solaris.

-- posted by Jeremy Wagstaff on 10/3/2003 07:42:41 AM | link

[ News: Palm's New Wireless Keyboard ]

On the heels of its launch of fresh handhelds, Palm has launched some new accessories, including a wireless keyboard, multifunction stylus, six cases, a camera card, handheld device protection units and complete accessory kits.

According to UK PR firm M2 Communications the wireless keyboard lets users type using a QWERTY key layout without the need to connect the device to the main unit with wires. Pricing starts at GBP59.99. The stylus costs GBP9.99 and can be used as a writing pen, a laser pointer, a torch and a stylus.

-- posted by Jeremy Wagstaff on 10/3/2003 07:27:47 AM | link

[ News: Tougher Sentences For Hackers? ]

It's about to get tougher for hackers and virus writers, or at least for those who get caught. TechNews.com reports that those convicted will soon will face significantly harsher penalties under new guidelines which focus on the harm caused. Hackers, for example, will face up to a 25 percent increase in their sentences if they hijack e-mail accounts or steal personal data -- including financial and medical records and digital photographs. Convicted virus and worm authors face a 50 percent increase.

While this may be welcome to those who have suffered at the hands of such folk, there are worries. TechNews quotes Internet security experts as saying the number of computer-related prosecutions could rise as federal prosecutors try to tie them into otherwise unrelated crimes. The government reckons not: the piece quotes John G. Malcolm, the Justice Department's computer crimes chief, as saying: "whether they're drug dealers, embezzlers, hackers or software pirates... people who commit crimes use computers more than they used to."

-- posted by Jeremy Wagstaff on 10/3/2003 07:19:52 AM | link

[ The Blurring of Blogging: A Reply ]

Further to my posting about AkibaLive, and my comments that it was a marketing tool masquerading as a blog, here's the owner's reply (I won't post his earlier message, since as he says, it was "fired it off in a state of unexpected agitation"):

Your blog about AkibaLive has an evident tone that we are somehow trying to mislead, or conceal, our identity. That is far from true, and really does reflect a lack of diligence. "AkibaLive is a Dynamism.com blog" is right there on the home page. At every point that we talk about a Dynamism product, for instance, the headphone review, we further state that AkibaLive is a Dynamism blog. If you poked around a bit, these things would be evident. (Douglas Krone)

Now, one very well may dislike the idea of blogs being used for marketing and customer relations. That a strong position with a strong argument to be made. There are plenty of good and reasonable ideas that support that view, but implying we are misleading people is not one of them. Do we really, "conceal their identities to adopt the persona of blogs to peddle their wares?" Is that a responsible statement? Personally, I think a clarification is in order. Of course, it's your blog.

And here's something from one of the editors, Matt:

I recently read your thoughts on the creation of Akibalive.com. As one of the editors of Akibalive I have to say that, while you are of course entitled to your own opinion, I believe you have overlooked what we are trying to accomplish/portray ourselves as. The Akibalive.com site explicitly states that it is a Dynamism.com blog. Also, the products currently being blogged, for the most part, are not products being sold by Dynamism, rather they are products we feel the Dynamism customer base would be interested in. If we post information about an upcoming computer release, someone reading that information gets the facts (release date, specs, etc.). Whether or not there is a person or a company behind the site, the way factual/informative news is presented to an interested reader should not matter. When and if we decide that we want to use Akibalive.com as more of a direct marketing tool for Dynamism?s products, we will make sure there is no confusion that Akibalive and Dynamism are one in the same. For example if you take a look at the Noise Reduction Headset Review (http://www.akibalive.com/archives/000198.html), you will see: Sony MDR-NC20 ($149) and MDR-NC11 ($149) are available from Dynamism (www.dynamism.com). (Dynamism is the parent company of AkibaLive.com.)

Clearly there is no ?marketing gimmick? or concealed identity and by no means do we want there to be.

-- posted by Jeremy Wagstaff on 10/3/2003 06:53:12 AM | link

October 2, 2003

[ News: The End To Our Compression Woes? ]

A Singapore company has just launched what they say is a technology that will change the way which we compress, store and distribute digital content. MatrixView says that, compared to existing compression solutions such as JPEG and MPEG that are based on complex and predictive techniques to eliminate redundant data (JPEG is a widely used format for storing pictures, MPEG for video), its Adaptive Binary Optimisation (ABO) does not eliminate data. "On the contrary, it achieves significantly higher compression ratios by value-adding to data in such a way as to permit superior speed and security without data degradation."

The first product based on the new technology, EchoView, developed by MatrixView, enables ultrasound images to be compressed beyond 30 times compression ratios without any loss of data, meaning doctors can store, retrieve and transmit "diagnostic quality" images to anywhere in the world.

-- posted by Jeremy Wagstaff on 10/2/2003 05:39:03 PM | link

[ Update: The EBay Scam ]

Sydney Low from anti-spam service AlienCamel warns of a new take on the email scam which tries to get you to hand over all your personal details. This one, which has been reported in a couple of places elsewhere, is worth repeating here to show how realistic these things are.

Thought you might want to alert your readers to a very dangerous scam that we've just observed in our Aliencamel.com service. It's a very cleverly constructed email that purports to be from ebay - getting users to reconfirm their details.

The email contains a graphic which is designed to look like "text" with a hyperlink - but is actually a mime part that has a gif. Clicking on the graphic causes you to jump to a web page purportedly from ebay.

It disguises the fake web page using hex encoding of parts of the URL so that when the user opens the web page with a web browser, it apppears to be from scgi.ebay.com, but they don't observe that the real site is at 211.217.224.10 on port 4901. If you click on the email, it sends you to: <scgi.ebay.comindexupdateyourinformationsecure@211.217.224.102:4901/check1/index.htm>

What's unbelievable is that it the scammers attempt to get:

- Your ebay userid and password
- Your name
- Your date of birth
- Your US Social Security number
- Your Credit card number
- Your Expiration date
- Your credit card's verification code
- Your ATM PIN number

This is clearly a very well orchestrated attempt to fraudulently obtain banking information as well as ebay account info. You should alert people to it ASAP.

Thanks, Syd. Definitely these scams are getting better. My advice: never trust any email that asks you to do anything, unless it's to call your mother more often.

-- posted by Jeremy Wagstaff on 10/2/2003 03:21:16 PM | link

[ News: Microsoft Realises Patches Don't Work Shock ]

From the About Time Dept comes news that Microsoft realises the whole 'issue a patch to cover a hole, knowing only a few people actually download it' approach may be, er, flawed. CNET reports that Microsoft plans next week to outline a new security effort focused on what the company calls "securing the perimeter". Details are thin, but appear to involve a deeper relationship with firewall providers.

Watch this space. My tupennies' worth: The Windows Update process, where your computer tells you what's new and what needs downloading, is actually not bad. But the wordings of the messages are too nerdy, and there's no easy way to compare what you have installed on your computer to the most salient threats. Tell the user what the problem is and what needs fixing. Give the patches names or numbers we can understand. Oh, and write better software.

-- posted by Jeremy Wagstaff on 10/2/2003 06:50:51 AM | link

[ News: Wanna Get Rich? Sell Porn ]

Online porn is big. Really big. According to figures collected by CyberAtlas:

Growth rate of 1,800% in five years: 14 million pornography-related webpages in 1998 to roughly 260 million in 2003. An additional 28 million pages during the month of July alone.
Nearly all (90 percent) of kids aged 8-16 have viewed porn online, mostly while doing homework.
Internet pornography accounts for $2.5 billion of the $57 billion worldwide market.
There are 4.2 million porn Web sites ? 12 percent of the total amount of sites ? allowing access to 72 million worldwide visitors annually.
One-quarter of total daily search engine requests, or 68 million, are for pornographic material.
Daily pornographic e-mails: 2.5 billion.
Average daily porn e-mails per user: 4.5.
Monthly peer-to-peer porn downloads 1.5 billion.
Men accessing porn at work 20%.
Women accessing porn at work 13%.
Adults admitting to Internet sex addiction 10%.

There is another side to this. A lot technological innovation on the web has been spearheaded by porn sites. Not always good innovation -- pop up windows, for example -- but there has been good stuff: online credit card usage, for example. My worry is less that there's a lot of porn around, but that it uses more intrusive techniques to propagate. As one reader recently pointed out, if you're an upright, traditional citizen, opening your email these days can be an unnerving and unpleasant experience. Porn online must be fenced off, as it is in the high street, so that it doesn't offend and scare away ordinary folk from the Internet.

-- posted by Jeremy Wagstaff on 10/2/2003 06:27:55 AM | link

[ News: Where Online Chat Is Going ]

It's now pretty clear where this Instant Messaging thing is going, and why Yahoo and Microsoft have suddenly started blocking third parties from piggybacking their services. Microsoft have announced a hook-up with news agency and financial data transporter Reuters allowing users of the Messenger network to chat with the 50,000 members of Reuters own internal network (used mainly by traders).

The idea, of course, is that the (alleged; probably much smaller) 100 million MSN users can go straight to their broker through a secure chat window. Or, as ENTnews puts it: "In theory, the combination could allow logged, real-time communications among traders and their clients. What better medium than IM for messages like "Buy!" or "Sell!" that can be immediately acknowledged by a broker?"

Expect to see more of this among the big boys. Yahoo are probably next up. This is not going to help ICQ users, for example, to chat with Yahoo Messenger users, but it is likely to make IM software more secure. Companies like Reuters are not going to allow instant messaging near their networks if it also brings viruses, hacking or can be easily eavesdropped.

-- posted by Jeremy Wagstaff on 10/2/2003 06:08:33 AM | link

October 1, 2003

[ News: That File Is Not Dead, It's Just AWOL ]

From the guys who make the excellent Diskeeper ("set and forget") defragmenter software comes an interesting utility that "allows a user to retrieve and recover those files that belong to him without special configuration by the System Administrator". There's a home version too. I haven't tried it but if Diskeeper is anything to go by, it's worth a try.

In other words, delete a file on your network and you're not altogether done for. Undelete 4.0 is now in field testing; previous versions are available for $49.95 for the Workstation and $29.95 for the Home edition. Purchasers will be upgraded to the latest version of Undelete if purchased within 90 days of release.

-- posted by Jeremy Wagstaff on 10/1/2003 10:48:46 PM | link

[ News: The Virus Forecast: Yucky ]

Virus writers are getting smarter. It's official. The latest bi-annual Internet Security Threat Report from Symantec found that 64 per cent of all new attacks targeted vulnerabilities less than one year old. The Blaster worm, for example, appeared only 26 days after the vulnerability it exploited was announced, according to The Register.

Symantec's study paints a picture of a rise in more sophisticated and faster spreading worms, and the increased use by virus writers of new vectors for infection (such as P2P networks and IM applications), The Register says. Symantec reports that the increasing prevalence of blended threats, which use a combination of malicious code and vulnerabilities to launch a cyber attack, remains one of the most significant security issues companies face this year.

The future? Symantec expects to see greater worm propagation resulting in overloads to network hardware, crippling network traffic, and seriously preventing both individuals and businesses from using the Internet. Told ya.

-- posted by Jeremy Wagstaff on 10/1/2003 07:30:50 PM | link

[ Update: The New Palms. They're Out ]

As threatened, Palm have released new models: the Tungsten T3 handheld, "for the most demanding professionals who need a best-in-class colour and wireless handheld", the Palm Tungsten E handheld, for "cost-conscious professionals who need premium power and performance".

The Tungsten T3 handheld is Palm?s first device that supports a ultra high-resolution colour screen in landscape, as well as the typical portrait mode. The screen display is 50 percent larger than on any previous Palm branded device, and the new soft input screen area provides a virtual Graffiti 2 writing area. Palm claim "faster Bluetooth setup embedded in the handheld, a wireless communications suite, fast 400MHz XScale processor, 64MB of RAM1 and superior office and multimedia capabilities".

The Tungsten E handheld features 32MB of RAM2, a crisp high-resolution colour display, updated core applications, multimedia software and expandability through cards or add-on accessories. It retains the classic Tungsten appearance, with its compact, leek modern form and improved 5-way navigator for one-handed navigation.

-- posted by Jeremy Wagstaff on 10/1/2003 07:13:45 PM | link

[ Mail: Integrity and the Blogger ]

Further to my earlier posting about marketing masquerading as blogs, here's some mail from Brooklyn reader Sam Bailey:

it's an interesting phenomenon - I wondered when this would happen. but is this any different than the steady flow of promotional catalogs designed to look like magazines? or for that matter the companies that are paid to post positive messages about a product on bulletin boards/usenet/chatrooms/etc? your point that integrity of view and individualism are both key components of blogs is a good one; that said the same freedom of expression allowed by not having an editor will eventually mean less scrupulous folk will insert their own commercial agenda just as happened in the past...it's a little tough to determine integrity of view without an external vote of confidence - say, for instance, the fact that the blogger writes for a major magazine? or else someone else you trust vouching for the blogger.

as I'm sure you know even before web browsers came into existence the commercialization of the internet was an issue. at least we can look forward to spoof sites of these blogs just as there are spoof sites for nearly every other internet phenomenon (my favorite is YETI@Home - http://www.phobe.com/yeti/ ). and I'm sure that if the blogs get too commercial a new form will develop.

Good points. I believe that in most cases blogs have risen or fallen based on their inherent credibility or lack of it. Anyone can spot a fake over time, and blogs, if nothing else, exist in the dimension of time. (Whatever that means!) This also raises an issue that's concerning me at the moment: the boundaries and limits for journalists and company employees in their blogs. Recent dismissals of a Bloomberg journalist apparently for blogging raise some troubling questions about the rights of individual expression outside the office. Anyone got anything on this?

-- posted by Jeremy Wagstaff on 10/1/2003 12:25:45 PM | link

[ News: AkibaLive And The Future Of Blogging ]

At first glance AkibaLive looks like a cool new blog on Japanese gadgets. But it's not. It's a marketing gimmick by Dynamism.com, "the leading U.S. retailer of next-generation electronics from Japan and around the globe". The press release says it all: "Retailers have yet to leverage the targeted, personal impact blogging has on consumers," it quotes Douglas Krone, founder and CEO of Dynamism.com, as saying. "The collaborative nature of this technology makes blogs ideal for customer relations, and promotional and advertising initiatives. It's a smart way to attract and provide value for the technophiles that make up our business."

Well, yes. Nothing wrong with this, except that the blog looks and feels like an independent blog. If you didn't know about Dynamism, you might think it was just that. Does this mean that blogs are going to be hijacked by marketing types who conceal their identities to adopt the persona of blogs to peddle their wares? Should they be allowed to? I believe the power of blogs lie in their determined individualism and integrity of view. I don't think they should be pure marketing tools. Thoughts, anyone?

-- posted by Jeremy Wagstaff on 10/1/2003 06:42:54 AM | link

[ Update: Some Positive Thoughts on MusicMatch ]

A positive early review of Musicmatch's new online music store, from Paul Thurrott of WinInfo Update. "Musicmatch Downloads also has some unique advantages over competing services, such as higher-quality downloadable songs," he says. Musicmatch Downloads currently offers more than 200,000 songs for download, and the company says that more than 500,000 songs will be available by the end of the year. Like the competition, the Musicmatch service doesn't require a subscription fee.

(I can never find WinInfo stories on the website, so to read stories like this, it's best to subscribe to their newsletter.)

-- posted by Jeremy Wagstaff on 10/1/2003 06:34:05 AM | link

[ News: Beware The Spugged ]

A few folk have written in to my column asking how they can fight back at spammers. Here's one tale that offers hope. Wired reports the saga of graphic artist Andy Markley who found himself the victim of a major spammer who sent thousands of spam messages carefully crafted to appear as if they had originated from Markley's domain. His ISPs didn't help, so he took matters into his own hands, tracking down the spammer and getting him booted off his ISP.

Read it, and learn that a) your own ISP is usually not your friend and b) think twice before you send angry emails off to people who send you spam. They may have been mugged by a spammer. (Or what I shall call 'spugged'. Wonder if it catches on?)

-- posted by Jeremy Wagstaff on 10/1/2003 06:29:35 AM | link

[ News: That Warm Fuzzy Feeling Could Be A Base Station ]

More on the health effects of handphones, this time for 3G: Reuters quotes a Dutch government study that found users exposed to base station signals "felt tingling sensations, got headaches and felt nauseous". There was no negative impact from signals for current -- i.e. GSM -- mobile networks.

The kicker: cognitive functions such as memory and response times were boosted by both 3G signals and the current signals, the study found. It said people became more alert when they were exposed to both. The study differed from most previous ones which measured the impact of cellphones held close to the head, causing high fields of radiation close to the ear and warming of the brain. This one used lower a dose of radiation to mimic base station signals rather than handsets.

-- posted by Jeremy Wagstaff on 10/1/2003 06:21:11 AM | link

September 30, 2003

[ News: The Power Of The Net ]

Pointed out by my old friend Robin Lubbock, here's an excellent essay by Dan Gillmor on the self-righting Internet community, where one bad turn is usually overwritten by several good ones. He makes some sharp comments on the VeriSign 'domain-stealing' controversy, which I haven't touched on in this blog. The bottom line: there are some pretty awful people out there, but they usually get drowned out by the decent folk. Long may it last.

-- posted by Jeremy Wagstaff on 9/30/2003 09:20:39 AM | link

September 29, 2003

[ News: Another Online Music Store ]

Riding on the success of Apple's iTunes, Musicmatch has announced its own digital song-selling business, according to CNET. The service has access to songs from five major labels and more than 30 independents, with pricing set at 99 cents per song and $9.99 for most albums.

Customers can play tracks on up to three PCs simultaneously and transfer them to Windows Media-supported music players. Songs can be burned to CDs, but a given playlist may be burned no more than five times.

-- posted by Jeremy Wagstaff on 9/29/2003 10:20:54 PM | link

[ Software: Seriously Useful Freebie ]

A wonderful innovation with Opera's browser was the mouse gesture, where you could, for example, return to a previous page by holding down the mouse button and moving the mouse a little to the left. Intuitive and seriously time-saving. Now Internet Explorers have the same feature, courtesy of a bit of freeware (software you don't have to pay for) from UnH Solutions.

Easy Go Back is an Internet Explorer add-on that works with every program based on Internet Explorer, e.g. MSN Explorer, Avant Browser, HTML Help (chm-files), Microsoft Document Explorer, etc.

-- posted by Jeremy Wagstaff on 9/29/2003 11:53:25 AM | link

[ Update: More On The Spiral of Evil ]

Spammers may be using viruses to attack their enemies. Further to my column on how virus writers and spammers may be in cahoots to deliver spam, The Register reports that anti-spam activists have produced fresh evidence that recent assaults -- called Distributed Denial of Service attacks, or DDoS, -- on their websites have been enabled by the infamous Sobig worm.

Two anti-spam services, Monkeys.com and the Compu.Net "block list", have already closed in the past week.

Spamhaus has been under constant "extremely heavy" DDoS attack since early July, and they believe the attack against his site and others originates from Windows machines infected with the Sobig worm, controlled by spammers over IRC networks.

What's interesting is that, if properly investigated, this may help prove the link between (some) spammers and (some) virus writers. And, of course, get them off the streets and in jail.

-- posted by Jeremy Wagstaff on 9/29/2003 07:15:05 AM | link