[c_lug] CAMsoc Update: Vol. 9, No. 11: November-December 2003

Message: < previous - next > : Reply : Subscribe : Cleanse
Home   : December 2003 : Group Archive : Group : All Groups

From: Greg Slade <gslade@...>
Date: Fri, 12 Dec 03 00:14:17 -0800
As usual, the full version, with links, can be found at: http://www.associate.com/camsoc/cu/

Copyright (c) 2003 by Greg Slade

Contents:

Administrivia
News: Spam news roundup, NEC announces printer recall, Virus news roundup, CBN recognises Christian computer games with CyberSeal award, FileMaker launches donation management package, Hacker news roundup, PayPal issues scam warning, Novell buys SuSE.
Coming Events
New or Changed Mailing Lists this Month
Legal Stuff: Mine! All Mine!!!

Administrivia:

I am sending this issue a little more widely than the usual subscription list, because some of the stories are applicable to readers who might not normally get this. If you have not been getting CAMsoc Update, this distribution does not mean that you are now subscribed. (If you do want to subscribe, then write to me.) The stories I believe some people will be particularly interested in are the one-day anti-spam software offer which leads off the spam news roundup, the NEC printer recall, and all of the security-related news in the assorted roundups. (The roundups are a new idea I'm trying this month. There have been so many security-related stories that it seemed wiser to group them by subject matter, rather than having multiple similar stories.) I apologise for the lack of notice on the anti-spam offer. I only got that story today, so I'm staying up past my beddy-byes to get this out in time to give those of you who are involved with U.S. charities a reasonable shot at being able to take advantage of the offer. Also, I have decided to drop the Christian computing industry stockwatch, at least until I find enough companies which are publicly traded to make the stockwatch a reasonable snapshot of the industry as a whole. And, of course, you will have noticed that I have given up on my aim of trying to move the completion of each month's issue earlier each month over the course of this year, and have amalgamated the November and December issues in an attempt to catch up.

News:

"Fry That Spam" Department

Spam filtering software vendor Mailshell Inc. is making a one-day-only offer to U.S.-based charities. On Friday, December 12th, Mailshell is offering one-year subscriptions to its Anti-Spam software to charities with 501(c)(3) status with the Internal Revenue Service. The offer is being made in conjunction with "Spam Prevention Day", which is also marked by free training offered to charities in the San Francisco area. In other antispam news, SpamCop, which had been suffering heavily under "Denial of Service" attacks launched by hackers who are apparently in league with spammers, has been bought by IronPort Systems, which sells networking hardware and mail administration tools and services, including spam-blocking technology using the data collected by SpamCop's free reporting service. Also, at the end of October, the European Union's digital privacy rules came into effect. Under the new rules, companies must obtain explicit permission before sending advertising E-mail, "spyware" is explicitly illegal (rather than annoying), and companies are prohibited from tracking people through their mobile phones. The EU measures contrast strongly with the American CAN-SPAM bill, which has been passed by both houses, and sent to the president for his signature. Under the CAN-SPAM bill, spam is made legal, as long as every piece of spam includes an "opt out" link. However, since bogus "opt out" links have long been a ploy used by unscrupulous spammers to determine which of the addresses in their mailing lists are valid, virtually nobody uses them. Thus, the American bill will open the door to a flood of "legal spam", which the poor recipients will be afraid to opt out of, lest they trigger even more spam. (One version of the American bill directs the FCC to examine the possibility of setting up a "Do Not Spam" list, similar to the wildly popular "Do Not Call" list which went into force earlier this year, but neither version actually puts such a list into force.) Also, Techweb's Security Pipeline offers tips on how to disable the Windows Messenger Service, which some spammers have been using to pop spam messages up on users' desktops. (Note: If you are in a local area network, do not apply this without checking with your IT people first. The service was originally intended to enable system administrators to deliver urgent messages to users. If you have a single computer attached to the Internet, and you have been getting this pop-up spam, then go ahead and shut off the service.) (Hardy, Ian "European Anti-Spam Law Kicks In." InternetWeek. Friday, October 31, 2003. To subscribe: http://update.internetweek.com Published by CMP Media LLC. Keizer, Gregg, "How To Disable Windows Messenger Service." Security Pipeline. November 6, 2003. Published by CMP Media LLC. Spring, Tom, "Spam Slayer: Laws Won't Solve Everything." PC World. Monday, November 10, 2003. Roberts, Paul, "SpamCop Survives Under New Owner." PC World. Wednesday, November 19, 2003. To subscribe: www.pcworld.com/resource/newsletters/subservices.asp Published by PC World Communications, Inc. Keizer, Gregg "Senate OKs Anti-Spam Bill." InternetWeek. Tuesday, November 25, 2003. Gross, Grant, "Federal Antispam Law Nears." PC World. Monday, December 8, 2003. Bergstein, Brian, "Company Promotes Spam-Filtering Software." Excite News. December 11, 2003. SpamCop: spamcop.net. Stop Spam Today Site: www.stopspamtoday.org.)

"This News Is Hot" Department

Approximately 170,000 monochrome laser printers sold in Japan by NEC and Hitachi between 1997 and 2001 are being recalled due to safety concerns. The NEC printers affected are mostly in the MultiWriter range. A faulty part in the printers' fixer units could cause overheating, and even lead to fires. NEC is asking owners of the affected models to turn them off when the printers are not in use (such as overnight and on weekends) until the faulty parts are replaced. (Williams, Martin, "NEC Recalls Laser Printers." PC World. Monday, December 8, 2003.)

"Swat That Bug" Department

Computer Associates is one of the largest software companies in the world, but most consumers are blissfully ignorant of its existence, because most of its software isn't aimed at consumer markets. Still CA has jumped on Microsoft's "Protect Your PC" bandwagon, and is offering its eTrust EZ Armor antivirus for free to individual Windows users until the end of next June. In other antivirus news, Microsoft has apparently grown as tired of viruses which cripple businesses which use Microsoft product as the victims themselves. It has started a $5 million fund for offering rewards for information leading to the arrest of virus writers. The first rewards announced are on the heads of the writers of the Blaster and SoBig viruses, this year's two most disruptive and expensive viruses. And, if your geeky friends have gotten didactic when you lump hackers, virus writers, and spammers together in a lump, and condescendingly point out that, while all three animals are annoying, they are separate and distinct from one another, now is your big chance to didact right back. Increasingly, attacks are using multiple strategies. The most recent case is Mimail-L, which is a Mimail variant which implants a "Trojan Horse" program, which in turn enables the hacker to use victims' computers to launch distributed denial of service (DDoS) attacks against anti-spam sites like SpamCop and Spamhaus. So there you have it: virus writers, hackers, and spammers, working hand-in-glove. Villains of a feather flock together. ("Microsoft Offers Reward for Virus Writers." NewsScan Daily. <newsscan@...> 5 November 2003. To subscribe: <newsscan@...> Reference: Warner, Bernhard, "Sources: Microsoft to Place Bounty on Virus Writers." Reuters. Wednesday, 5 November, 2003. Hulme, George "Microsoft Offers $250,000 Bounty To Nail Blaster, SoBig Authors." InternetWeek. Wednesday, November 5, 2003. "Microsoft Puts a Price on the Heads of Virus Writers." NewsScan Daily. <newsscan@...> 6 November 2003. Reference: L.A. Times. 6 November, 2003. [Registration required.] Evers, Joris, "Antivirus Vendor Offers Free Software." PC World. Thursday, November 20, 2003. Computer Associates: www.my-etrust.com/microsoft/. "Fighting the worms of mass destruction." The Economist. November 27, 2003. "New Computer Worm a Friend of Spammers." Edupage. Wednesday, December 3, 2003. <edupage@...> Published by Educause. Internet: <edupage-editors@...> Reference: Warner, Bernhard, "Spammers Unleash E-Mail Worm to Disable Critics." Reuters. Tuesday, December 2, 2003.)

"One Sore Thumb Up" Department

The Christian Broadcasting Network has instituted an award program to recognise "Excellence in Christian Game Production." Award-winning developers are entitled to display the CBN CyberSeal as a sign of having been recognised for excellence. (CyberSeal Site: cbn.com/games/ChristianVideoGames.asp.)

"Throw Out That Shoebox" Department

Recently, FileMaker, Inc. has been making available vertical market applications based on FileMaker's database technology. The latest such application is called FileMaker Donations, a donation and fundraising management application for non-profit organisations. Like the other offerings in FileMaker's line, FileMaker Donations can be purchased with a full version of FileMaker 6, or can run on an existing copy. FileMaker has also launched a web site for non-profit organisations. According to FileMaker, donations to U.S. charities declined in 2002, the first time charitable contributions have decreased in 12 years. Product manager John Dasher says that, "With more organizations competing for a piece of a smaller pie, charities and other non-profits need the best tools for making their fund raising initiatives more productive both for short term success and for strengthening long term donor relationships." The application offers features such as donor networking, volunteer management, and communication management. Unfortunately, FileMaker Donations is only available within North America. (Watt, Peggy, "New Software Add-Ons Enhance, Extend." PC World. Monday, November 10, 2003. )

"Shut de Doh" Department

If you have been listening to what the computer security community has been saying about the risks of a technological monoculture, and have switched you operating system, or at least you web browser, you may be feeling a little smug when you read reports about the latest security hole discovered in Microsoft products. Before you crow too much, you might just want to make sure that you have applied the security patches for the products you use. In the past month, Apple has revealed that versions of OS/X prior to 10.3 (the newest version) contain unpatched security vulnerabilities, and Opera Software has had to patch vulnerabilities in its web browser. If you are using Opera version 7.0 to 7.22, you should upgrade to version 7.23 immediately. Also, a security hole has been found in the Linux kernel which allows a user with an account on a system to gain root access. The flaw is present in versions of the Linux 2.4 kernel prior to 2.4.23. All of which is not to say that Microsoft has licked all of its problems. The most recent hole to be found allows hackers to spoof the URL of the web site which a user looks at with Internet Explorer, giving more credence to "phishing" attacks, which use social engineering to get victims to reveal information which the con artist can then use to obtain money by assuming the identity of the victim. (Hulme, George V., "Security Flaws Make Macs Vulnerable To Attacks." InformationWeek. Thursday, October 30, 2003. To subscribe: update.internetweek.com Sayer, Peter, "Opera Patches Browser Flaws." PC World. Tuesday, November 25, 2003. "Opera Patches Linux, Windows Vulnerabilities." InternetWeek. Tuesday, November 25, 2003. MacMillan, Robert, "Serious Linux Security Flaw Found." PC World. Tuesday, December 2, 2003. Cowley, Stacy, "Powerful Flaw Found in IE." PC World. Wednesday, December 10, 2003.)

"Go Phish" Department

One scam which has been going the rounds recently is official-looking messages claiming to be from PayPal, and requesting that victims go to the PayPal site to confirm a few details (including, of course, their PayPal password.) My mother has received several of these "phishing" messages. The situation has gotten so bad that PayPal has issued a warning, pointing out that PayPal messages always come addressed with users' first and last names. Considering that my mother keeps getting offers to enlarge a certain anatomical part she doesn't have, and I keep getting offers to enlarge certain anatomical parts I don't have, it seems that the vast majority of scammers are unlikely to pass the simple test of knowing users' names if they can't even get their genders correct. (On the other hand, as P.T. Barnum is reputed to have said, "There's a sucker born every minute.") PayPal has also put up a page of tips for users to protect their accounts. (PayPal: https://www.paypal.com/security.)

"If at First You Don't Succeed" Department

The last time any company tried to go head-to-head against Microsoft was some years back, when Novell acquired WordPerfect, Borland's Quattro Pro spreadsheet, and Digital Research's DR-DOS, among other software, so they they could offer a full suite of alternatives, from operating system to networking to applications. As it happens, Novell had barely put their strategy in place before they blinked, and ended up selling the pieces they had acquired for a fraction of what they had paid to acquire them. Apparently, Novell is ready to go another round, because they have announced that they are buying Linux vendor SuSE. At the same time, Red Hat, long time leader in the Linux market, is dropping support for its free Linux distribution, asking people to switch either to its Enterprise Linux product, or to Fedora. Support for Red Hat Linux versions 8.0 and earlier will stop at the end of this month, and support for version 9 will end on April 30th. The inexpensive boxed versions of Red Hat Linux will no longer be available through stores. Enterprise Linux starts at $179.00, and the price goes up according to the size of the installation. I don't anticipate much of an outcry over the change. The market is full of people offering different Linux distributions, and people not willing to pay Red Hat's price will simply migrate to other distributions. (Including SuSE, which has a strong following in Europe, but less of a presence in the North American market. Of course, since SuSE has long been a sponsor of User Friendly, one of my favourite comics, I'm all for it.) In related news, a judge in Utah has ordered The SCO Group to reveal the UNIX source code which it claims has been copied into Linux in violation of copyright within 30 days. If The SCO Group doesn't manage to get the ruling overturned before the deadline, then we should all know next month whether SCO's case is based on nothing but smoke and mirrors (as seems likely), or whether they can actually point to code developed by SCO after SCO released the UNIX codebase as open source, and which has subsequently been included in Linux. (Rooney, Paula "Novell And Red Hat Poised For Linux Battle." InternetWeek. Tuesday, November 4, 2003. Legard, David, "Customers asked to move to paid Enterprise Linux products." PC World. Tuesday, November 5, 2003. "Novell's Linux Acquisition Gets Thumbs Up From Industry." NewsScan Daily. <newsscan@...> 6 November 2003. To subscribe: <newsscan@...> Published by NewsScan Inc., Telephone: 1-770-704-7517. <editors@...> Reference: Shankland, Stephen, "Industry cheers Novell's Linux buy." C|Net News.com, November 5, 2003. Rooney, Paula "Court Orders SCO To Show Code Within 30 Days." InternetWeek. Monday, December 8, 2003.)

Coming Events:

January 29, 2004. Worship Technology Workshop. Taylor University, Upland, MI. Day-long workshop on using presentation technologies in worship with keynote speaker Dr. Quentin Schultze, author of Internet For Christians, prior to the International Symposium on Worship and the Arts. www.calvin.edu/worship/sympos/seminar_descriptions.htm#technology
 
June 4-7, 2004. 15th Anniversary ICCM (International Conference on Computers and Missions.) Taylor University, Upland, IN. www.iccm.org
 
ACS calendar of events: http://www.acshome.com/it/calendar/Index.asp
 
Camp Logos schedule: http://www.logos.com/training/regional.asp

New or Changed Mailing Lists This Month

Mailing List	                  Description
                               Server
CHRISTIANFANTASYSCIENCEFICTION	Christian fans of fantasy and science fiction
                     	         Christianfantasysciencefiction-subscribe@...
OMEGASF	                       Christian science fiction writers group
                               omegasf-subscribe@...

Legal Stuff:

CAMsoc Update is a newsletter on computing in general, and Christian computing specifically. The contents are copyright (c) 2003 by Greg Slade, and may not be reprinted nor copied in any form without prior written permission from the author.


Greg Slade                              www.associate.com/camsoc/greg/
gslade@...                       www.associate.com/camsoc/
People are more violently opposed to fur than leather because it's
easier to harass rich women than motorcycle gangs.