Thursday, September 18, 2003


New National CyberSecurity Team In Place  

U.S. Names New Cybersecurity Team and Czar

WASHINGTON (UPI) -- The Department of Homeland Security Monday rolled out a new initiative aimed at shortening the response time to cyberattacks like worms and viruses, and named the new cybersecurity czar who will oversee it. The U.S. Computer Emergency Response Team is a partnership between the department and a federally funded computer security center at Carnegie Mellon University in Pittsburgh.

The launch comes after computer users all over the world were struck by two self-replicating programs, or "worms," that exploited a security hole in the Windows operating system. According to evidence at a congressional hearing last week, the Sobig and Loveboat worms caused several billion dollars worth of damage in repair costs and lost productivity.

At a breakfast for software executives, Homeland Security Infrastructure chief Robert Liscouski named Amit Yoran, a vice president of Symantec, who make the widely used anti-virus software Norton, to head up the department's new National Cyber Security Division and oversee the partnership with Carnegie Mellon. Yoran, who had previously worked as the Pentagon's network security manager, has a good reputation in the industry. "He is very highly regarded," Will Rodger of the Computer and Communications Industry Association told United Press International.

It's good to see that the government realizes that there IS a threat. The FBI has been doing a pretty good job nailing virus/worm authors. Let's hope it only gets better.

Wednesday, September 17, 2003


New York Schools Get $51.2 Million From Gates  

New York Schools Get $51.2 Million From Gates: "New York Schools Get $51.2 Million From Gates

n the largest single private donation ever to benefit the New York City public schools, Bill Gates, the chairman of Microsoft, announced $51.2 million in grants today to create small public high schools.
The gift, from the Bill and Melinda Gates Foundation, will be directed to seven nonprofit groups to create 67 theme-based schools as part of a continuing effort by the city to break up large, failing high schools in favor of programs with fewer than 500 students.
At a ceremony this morning at Morris High School in the Bronx, Mr. Gates awkwardly shared the stage with an old nemesis, Schools Chancellor Joel I. Klein, a former federal prosecutor who led the government's antitrust prosecution of Microsoft.
'I'm glad we're working on the same team,' Mr. Gates said, drawing laughs, after being asked about his previous dealings with Mr. Klein."

Well, never let it be said that Gates doesn't have a sense of humor. After all, the Windows handling of buffer overruns is one of the oldest jokes around...

Monday, September 15, 2003


EULA's: The Insanity Continues  

The following tale overwhelms me. It points up the lengths that software companies will go to in order to protect their intellectual property. It's an End User License Agreement (EULA). Or, in this case maybe, a SEULA (SUPER End User License Agreement)? Or a EUSA (End User Stupid Agreement)? For, as I'll show, any End User who agrees to this thing has to be a few bits short of a byte.

The product and the company are called X1. They're based in California, which once again earns its reputation as the home of DisneyLand and La-La Land.

The first thing that made me sit up and take notice was that the thing wanted to use the Windows online installer to download and run the actual setup routine. Personally, I don't even like to let MICROSOFT run this thing. If a hacker got is fingers into it, your whole system security is toast. And the way it works doesn't let you check the thing, OR the software it installs, for viruses/Trojans/worms. Being a software junkie and a risk-taker from way back, I let the thing bring down the install. Phew! Dodged THAT bullet! No signs of a virus.

Then the REAL attack on my system began! I got through the usual 'Duh, where do you want to put this thing' and got hit smack in the face by their EULA. I know that it's fashionable to simply click through these things and go your merry way, unphazed by the idea of being sued for tromping on some giant software company's toes, but have you noticed that the first 261 of the RIAA's victims are NOT laughing? The EULA is no longer something we can afford to ignore. Ask for the opinion of that poor New York City mom, who had to shell out $2,000 for the actions of her not-yet-teenage daughter. But I doubt if you want to hear that many dirty words from a formerly nice person.

So, I started a quick read through the EULA, expecting the usual crap about destroying the copies of the software if you ever sell or give away your licensed copy and about promising on a stack of bibles not to do bad things like make illegal copies, etc. Imagine my shock when I read things that stop just a hair short of mortgaging your immortal soul to the leeches who want to sell you a 'license' to use their software (maybe).

Unfortunately, if the terms of the EULA are followed to the letter, there won't be any distribution of the thing, except through X1. Frankly, if people followed the EULA, there might be a few people using the program, but they couldn't tell you about it. It's not allowed. There is more arrant stupidity written into the EULA, but I cut out the usual legal drivel and just give you the most pungent quotes-

1) "X1 is not obligated to provide maintenance, support, or updates to you for the Software."

2) " Except as expressly permitted herein, you may not make or distribute copies of the X1 Pro Software or electronically transfer the X1 Pro Software from one computer to another or over a network."

3) "You may not access any third party software made available in connection with or through the Software without the presence and execution of the Software."

4) "You may not view documents using any third party software made available in connection with or through the Software other than from within the Software."

5) " You agree to keep the Software strictly confidential, and not to disclose the Software to anyone."


There you have it. Especially note that they try not only to handcuff you with regards to their own software, but to put chains on your use of OTHER PEOPLE'S SOFTWARE. I'm sure that they think this is okay, but if *I* were a software developer, the last thing in the world I'd do was write anything that might qualify as a third-party add-on to X1. Who wants to write an add-on for a program that no-one in their right mind would install? Bad enough that they don't have to support their program if they don't feel like it. But they obviously don't want anyone else to support it, either.

I advise that you stay away, FAR away, fromthis software and anything else put out by X1.

Crackdown May Send Music Traders Into Software Underground  

Crackdown May Send Music Traders Into Software Underground: "Crackdown May Send Music Traders Into Software Underground

ome people may well be intimidated by the 261 lawsuits that the music industry has filed against Internet users it says are illegally sharing songs.
But hundreds of software developers are racing to create new systems, or modify existing ones, to let people continue to swap music — hidden from the prying eyes of the Recording Industry Association of America, or from any other investigators.

'With the R.I.A.A. trying to scare users around the world, the developer community is pumping up to create networks which are safer and more anonymous,' said Pablo Soto, a developer in Madrid who designed the software for two file-sharing systems, Blubster and Piolet.
Some experts wonder if the industry's efforts will create more trouble for it than ever. 'The R.I.A.A. is breeding antibiotic-resistant bacteria,' said Clay Shirky, a software developer who teaches new media at New York University. "

Well, I think we can pretty well guarantee that ANYTHING the RIAA does right now is going to cause them trouble. Except, of course, the things that would work. The sad part is that the RIAA thinks that their current actions will A) stop music piracy, and B) keep more money flowing into their pockets than would be the case if they lowered the price of CD's and cooperated in selling music (also at reasonable prices) over the net.

I still recommend to people that they look at my earlier blog for the URL to the RIAA membership list and take apporpriate action (or NON-action).

This page is powered by Blogger. Isn't yours?