Jeff Schult 8/9/98
Back Orifice: Heheh, heh
Microsoft is officially discounting the threat of the latest hacker program, Back Orifice, and I was initially tempted to do the same. The Cult of the Dead Cow, which takes credit for Back Orifice, has been known to push hacking hype out to a sort of gleeful edge of insanity. As Microsoft says, it looks like anyone practicing general safe computing isnt going to have their PC taken over by some crazed geek.
Back Orifice is an executable program. Smart people dont run unknown executables on their PCs. Even IF your computer was running Back Orifice, it seems, someone would have to want to take you out.
OK, it now seems a little more serious. ISPs are starting to hear complaints from clients, independent security groups are scrambling to find ways to detect and remove the Back Orifice hacker program from infected machines.
The CDC claims the program has been downloaded more than 14,000 times. It potentially allows malicious users to monitor and tamper with computers without the permission or knowledge of their owners.
A Microsoft representative said Friday that the company had nothing further to say on the issue. Meantime, cDc issued a public rebuttal to Microsoft's advisory on the tool, including the company's claim that the program cannot be installed without the user's knowledge. "Thanks to some actual exploits, there are several ways a program could be run on a Windows computer, not only without the user's approval, but without the user's knowledge," the rebuttal read.
In fact, there are ways to get a hostile executable program onto a computer via the web. Should you worry? Myself, I like the CDCs attitude toward what you may find, embodied in the following statement on a members web page:
Warning: "This site may contain explicit descriptions of, or may advocate one or more of the following: nudity, satanism, suicide, sodomy, incest, bestiality, sadomasochism, adultery, murder, morbid violence, bad grammar, or any deviate sexual conduct in a violent context, or the use of illegal drugs or alcohol. But then again, it may not. Who knows."
Microsoft back in Court
Microsoft on Monday is expected to file a motion aimed at dismissing all or key parts of the antitrust lawsuit filed against the software giant by the Justice Department and 20 states.
The plan to file a motion for summary judgment was discussed by Microsoft lawyers at a hearing Friday before District Judge Thomas Penfield Jackson, according to CNet.
Jackson appeared skeptical about the motion. "I'm going to be finding facts here," the judge said. He added that a dismissal request "will not withhold your responsibility of commencing trial on September 8."
The judge has ordered Bill Gates and 16 other top MS officials to testify in depositions before justice department lawyers. He also ordered Microsoft to make available the source code to certain versions of Windows 95 and Windows 98.
The only thing thats really apparent in all this is that MS will never, ever go gently into that good night. If the government says the sky is blue, Microsoft is going to say that the sky is blue only as long as MS is allowed to compete in the marketplace and innovate.
How Many Internet Users?
A company called Nua Internet Surveys is going out on a limb and telling us there are now 130 million Internet users worldwide as of now. More than half -- 70 million -- are in the United States and Canada, but the rest of the world is gaining fast.
The numbers are:
Bear in mind, however, that Nua defines an Internet user as anyone who has accessed the Internet at least once in the last three months. Nua multiplies by three in cases where it only has information on Internet account holders.
Lets face it if you go more than a weekend without checking your email, you dont count. Try dividing by three or more if you want to get the number of people who are on daily.
Why is this important? Internet companies and market research companies latch onto these numbers when they prepare projections of what the market is going to be like, and how much money theyre going to make. This is the information they use to push their stock. If you dont trust these numbers dont trust Internet stocks.
Rolling Stone Doesnt Get It
If companies cant find a way to set up and abide by privacy policies that consumers can live with, theyll have no business complaining when the government steps in and does a ham-handed job of regulating what they can do.
My Annoying Web Moment of the Week came courtesy of Rolling Stone, who decided they could spam me because theyd managed to get my email address from a visit to one of their web sites.
The spam, which started off "Dear Music Lover," informed me that I was going to get two more music newsletters each week unless I wrote them back.
The great thing that really ticked me off is this they didnt even have my email address correct. They had the domain correct, but I run my own domain. I use a couple of different providers and I have different logons. So they got an address that combined a logon name with my domain. It goes to me but I cant LOGON as being from that address in order to remove myself from the list.
Rolling Stone? Unplug em, before they spam again
Jeff Schult and Nicole Chardenet can be reached at jeffbot at this domain.