From editor@telecom-digest.org Thu Feb 19 20:03:24 2004 Received: (from ptownson@localhost) by massis.lcs.mit.edu (8.11.6p2/8.11.3) id i1K13OM14870; Thu, 19 Feb 2004 20:03:24 -0500 (EST) Date: Thu, 19 Feb 2004 20:03:24 -0500 (EST) From: editor@telecom-digest.org Message-Id: <200402200103.i1K13OM14870@massis.lcs.mit.edu> X-Authentication-Warning: massis.lcs.mit.edu: ptownson set sender to editor@telecom-digest.org using -f To: ptownson Approved: patsnewlist Subject: TELECOM Digest V23 #82 TELECOM Digest Thu, 19 Feb 2004 20:03:00 EST Volume 23 : Issue 82 Inside This Issue: Editor: Patrick A. Townson Plot to Stop Net Telephone (VoIP) Revolution (Charles G Gray) Reliable, Quality Int'l LD Calling Card? (Dr. Joel M. Hoffman) Home Intercom Phone System With Cordless Phone? (Dr. Joel M. Hoffman) Symbol Added to Morse Code (Joe Wineburgh) Re: Distractions While Driving -- And Not Just Cell Phones (Rob) Re: Distractions While Driving -- And Not Just Cell Phones (D Aspinwall) Re: Reliable Means of Determining LEC For Given Phone Number (Tony P.) Re: Reliable Means of Determining LEC For Given Phone Number (Greenberg) Re: Cable Modem Hackers Conquer the Co-ax (Tony P.) Re: Cable Modem Hackers Conquer the Co-ax (sidd@situ.com) Re: Quest to Offer "Naked DSL" (Phil Earnhardt) Re: The Virus Underground (Scott Dorsey) Re: The Virus Underground (Barry Margolin) Nitsuko/NEC 704i and Fax Servers (Forrest Nelson) Money, Money, was Re: Internet Phones, 911 Could Clash (Danny Burstein) Re: Internet Phones, 911 Systems Could Clash (DevilsPGD) Now Preening on the Coffee Table: The TiVo Remote Control (M Solomon) Re: Blogs (Web Logs): What am I Not Getting? (Barry Margolin) Re: A Suspicious Netscape Icon on my DeskTop (Kan Yabumoto) All contents here are copyrighted by Patrick Townson and the individual writers/correspondents. Articles may be used in other journals or newsgroups, provided the writer's name and the Digest are included in the fair use quote. By using -any name or email address- included herein for -any- reason other than responding to an article herein, you agree to pay a hundred dollars to the recipients of the email. =========================== Addresses herein are not to be added to any mailing list, nor to be sold or given away without explicit written consent. Chain letters, viruses, porn, spam, and miscellaneous junk is definitely unwelcome. We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out, but because we do not want the kind of world that results when no one stands against crime. Geoffrey Welsh =========================== See the bottom of this issue for subscription and archive details and the name of our lawyer; other stuff of interest. ---------------------------------------------------------------------- Subject: Adam Thierer on the Plot to Stop Net Telephone (VoIP) Revolution From: Charles G Gray Date: Thu, 19 Feb 2004 07:56:31 -0600 Pat, I'm sure your readers will find the attached item interesting. Regards, Charles G. Gray Senior Lecturer, Telecommunications Oklahoma State University - Tulsa (918)594-8433 Declan McCullagh Sent by: politech-bounces@politechbot.com 02/18/2004 11:14 PM To: declan@well.com Subject: Cato TechKnowledge: The Plan to Stop the VoIP Revolution Reply-To: athierer@cato.org From: Adam Thierer Message-Id: <20040210161250.23DCC34690@mail6.uptilt.com> Date: Tue, 10 Feb 2004 08:12:50 -0800 (PST) The Plot to Stop the Internet Telephone Revolution Issue #73 February 10, 2004 by Adam Thierer and Wayne Crews Much has been written over the past few months about the revolutionary potential of Internet telephony, or voice over Internet protocol (VoIP) service. VoIP would let consumers make phone calls through an Internet connection, largely bypassing traditional circuit-switched wireline telephone networks. In time, some think it might come to completely replace older phone networks. In just a few short years, VoIP has gone from wishful thinking to marketplace reality as numerous companies now plan to deploy such services. This has also led many industry watchers to speak of VoIP as a veritable deregulatory deus ex machina that potentially offers a sudden and unexpected way to escape from the past century's regulatory morass. "Not so fast!" say opponents. That same potential for revolutionary change that excites some, frightens many others. This is an old story, of course. New, "disruptive technologies" are often viewed with suspicion, or even outright hostility, by those who fear they have something to lose by a change in the status quo. But technological revolutions are the healthiest part of a capitalist economy. In a world where "only the paranoid survive," it's good that organizations are forced to stay on their toes, constantly concerned about the impact of new technologies on the old ways of doing business. That's what drives the Schumpeterian "creative destruction" that makes our economy so innovative and prosperous. Often, however, when the fears over technological change reach a fever pitch, certain interests substitute a political response for a market response. For many, adjusting or abandoning an old business model is just not an option they are willing to consider. Instead, they lobby legislators or regulators for protection from the new competitors or technologies. Steamboat operators feared the rise of railroads; butter makers petitioned against margarine as a substitute; television broadcasters sought to delay competition from cable providers; and some small retailers still fight to keep large chain stores like Wal-Mart out of local communities. It should come as no surprise, therefore, that this process is playing itself out today in the debate over Internet phone calls. The issue at hand involves the regulatory classification or treatment of Internet telephone service. VoIP is something new; it does not fit neatly into the Byzantine regulatory taxonomy the FCC has established for older communications services. Its opponents want to open the door for regulation of this new service by needlessly subjecting it to the full force of traditional telecom regulations. In what would be viewed by most people as a silly squabble over semantics, volumes of paper are currently being filed at the FCC over the question of whether VoIP should be classified as a "telecommunications service" or something else, such as an "information service." Incredibly, in an era in which we should be mapping out the abolition of the FCC altogether, such definitions make a world of difference to the development of a new service. Because of the haphazard manner in which communications law has developed over the past 70 years, there exist distinct regulatory paradigms for telecom, cable, broadcasting, and wireless service. Internet-based applications do not fit into any of these categories, especially since providers in each of those old sectors can provide online services using different technological platforms or delivery mechanisms. But if VoIP comes to be regulated under one of these archaic classification schemes, especially the "telecom services" paradigm, it could be strangled while still in the cradle by a bewildering batch of federal and state regulations. Consequently, in the filings and public statements made by the various interest groups that have lined up to oppose a regulation-free VoIP environment, several recurring themes have been cited to justify its classification as a "telecom service": The potential loss of state and local telecom taxes; the need to collect universal service fees and subsidies; access for the disabled; public safety requirements such as "E911;" and the need for various other "consumer protections." For example, citing such concerns, a number of state regulators have raised a big stink about VoIP, but really they're just worried about losing some of their regulatory turf and power. Of much greater concern is the recent intervention of the law enforcement community, led by the Federal Bureau of Investigation, the Department of Justice, and the Drug Enforcement Administration, which have jointly asked the FCC to assure that wiretap and monitoring capabilities easily apply to the new technology. Apparently the law enforcement agencies oppose telecommunications deregulation because it means they won't be able to spy on us quite as easily. As Jim Harper, founder of Privacilla.org, put it, "The law enforcement cart is coming before the civil society horse. The communications infrastructure is being created with eavesdropping in mind before there is any evidence of [the need for] it, plus with VoIP it won't work anyway as the criminals will use offshore VoIP or open source VoIP, rather than ... any of the major carriers." A wiretap-ready Internet that enables the sort of online surveillance that the FBI, DOJ, and DEA desire will be a costly proposition, requiring expensive equipment upgrades and ongoing regulation of this dynamic sector. Moreover, the scheme would likely entail heavy FCC involvement in the regulation of Internet telephony in the future. In one sense, what all these diverse parties, from the old hidebound state regulators to the FBI, are really saying is that unless VoIP providers can learn to "play the game" exactly the same way old telecom companies did, they should not, effectively, be allowed to provide service at all. Stated differently, this new technology must be pigeonholed into old regulatory classification schemes and regulatory paradigms of the past; it must not be allowed to breathe the free air of an unregulated communications marketplace. After all, if VoIP was allowed to develop in a relatively free, unregulated environment, just think of the horrors that might befall our society! We might make cheap phone calls or something. Adam Thierer (athierer@cato.org) is director of telecommunications studies and Wayne Crews (wcrews@cato.org) is the director of technology studies at the Cato Institute in Washington, D.C. at the Cato Institute in Washington, D.C. (www.cato.org/tech). They are the authors of What's Yours Is Mine: Open Access and the Rise of Infrastructure Socialism. To subscribe, or see For a list of all previous TechKnowledge articles, visit http://www.cato.org/tech/tk-index.html. [][]Cato Institute ------------------------------ Date: Thu, 19 Feb 2004 14:12:53 GMT From: joel@exc.com (Dr. Joel M. Hoffman) Subject: Reliable, Quality Int'l LD Calling Card? Organization: Excelsior Computer Services I'm looking for a quality int'l LD calling card. I'm currently using Accudial, which is very convenient and cheap, but overseas calls almost always have a long delay, making real conversation impossible. Can someone recommend a quality LD calling card, one that will give me the good connections I've becomed used to in the past few years? Many thanks. -Joel ------------------------------ Date: Thu, 19 Feb 2004 14:15:15 GMT From: joel@exc.com (Dr. Joel M. Hoffman) Subject: home intercom phone system with cordless phone? Organization: Excelsior Computer Services In light of the dicussion about a home phone system (2-4 lines, a half-dozen extensions, perhaps) that offers intercom connections between any two phones, I'm wondering: Is there such a system that will work with a cordless phone? The idea is that the cordless phone could be one of the stations. Thanks. -Joel ------------------------------ From: Joe Wineburgh Subject: Symbol Added to Morse Code Date: Thu, 19 Feb 2004 09:53:16 -0500 http://www.cjonline.com/stories/021704/pag_morsecode.shtml The Associated Press Morse code is entering the 21st century -- or at least the late 20th. The 160-year-old communication system now has a new character to denote the "@" symbol used in e-mail addresses. In December, the International Telecommunications Union, which oversees the entire frequency spectrum, from amateur radio to satellites, voted to add the new character. The new sign, which will be known as a "commat," consists of the signals for "A" (dot-dash) and "C" (dash-dot-dash-dot), with no space between them. The new sign is the first in at least several decades, and possibly much longer. Among ITU officials and Morse code aficionados, no one could remember any other addition. "It's a pretty big deal," said Paul Rinaldo, chief technical officer for the American Radio Relay League, the national association for amateur radio operators. "There certainly hasn't been any change since before World War II." The change will allow ham radio operators to exchange e-mails more easily. That is because -- in an irony of the digital age -- they often use Morse to initiate conversations over the Internet. "People trade their e-mail addresses a lot," said Nick Yocanovich, a Morse code enthusiast who lives in Arnold, Md. Morse code uses two audible electrical signals -- short "dots" and slightly longer "dashes" -- to form letters, numbers and punctuation marks. Created in the 1830s by Samuel F.B. Morse, who invented the telegraph, the electronic signaling system spread across the world, and until the past few decades, it was used widely by the public, industry and government. "It was the beginning of the Information Age," said Gary Fowlie, Chief of Media Relations and Public Information for the ITU, which has its headquarters in Geneva, Switzerland. When Morse died in 1872, more than 650,000 miles of telegraph wire circled the globe. By the early 20th century, Morse messages were being sent wirelessly, via radio. Perhaps the most famous Morse communication is the international distress signal S-O-S. It consists of three dots, three dashes, and three more dots. But with the proliferation of digital communications technologies such as cell phones, satellites and the Internet, Morse code has lost its pre-eminent place in global communications. "There's really no reason to use it anymore," said Robert Colburn, research coordinator for the History Center of the Institute of Electrical and Electronics Engineers. Today it's largely the province of ham radio operators, including 700,000 in the United States. While not all of them communicate regularly in Morse, almost all are familiar with it. Some ham operators wouldn't mind more changes to spice up the language. While Morse code has a period, a question mark, and even a semicolon, it offers no simple way to articulate excitement. "I was hoping they'd add a character for the exclamation point," said Yocanovich, who is active in the International Morse Preservation Society. "It expresses an emotion that's difficult to get across any other way." ------------------------------ From: rob51166@yahoo.com (Rob) Subject: Re: Distractions While Driving -- And Not Just Cell Phones Date: 19 Feb 2004 10:29:51 -0800 Organization: http://groups.google.com Carl Moore wrote in message news:: > I take it a suggested common denominator in police reports about > traffic accidents would be to note any driver distraction which had a > part in the accident. I was in a minor accident myself last month > when, on a 2-lane road, an oncoming driver (who later admitted to > reaching down for his gloves) drifted into my lane and hit the left > side of a rented car I was driving. We did get an officer to the > scene and he got the story about the gloves and the drifting into my > lane, and that other driver was cited. > Some time ago, I noted a news story from Pennsylvania about the > governor of that state asking police to note on their reports (using > "remarks" if no special cell-phone category was available) any > cell-phone use which contributed to an accident. > By the way, the accident I was in was in New York state, the same > state where I had rented that car. It was posted in the car-rental > office (and seen by me on a sign as I drove into NY state a year > earlier on Interstate 81) that it is illegal in NY state to use a > handheld phone while driving (I don't have it in front of me what > emergency exception might exist). But I occasionally saw drivers > using handheld phones anyway in NY state. Drivers are now banned from using a cellphone while driving, unless they have an automatic handsfree headset or speaker. It's an on-the-spot fine of GBP30, or if the driver chooses to go to court it can be up to GBP1000 plus court costs. ------------------------------ From: Doug Aspinwall Subject: Re: Distractions While Driving -- And Not Just Cell Phones Date: Thu, 19 Feb 2004 17:47:07 -0500 Organization: None whatsoever (just ask my wife) Steven J Sobol wrote in message news:telecom23.81.13@telecom-digest.org: > Carl Moore wrote: >> earlier on Interstate 81) that it is illegal in NY state to use a >> handheld phone while driving (I don't have it in front of me what >> emergency exception might exist). But I occasionally saw drivers >> using handheld phones anyway in NY state. > It's illegal to use a cell phone without handsfree in NYS, if I recall > correctly. But only without a handsfree - with handsfree it's still > legal. > JustThe.net Internet & New Media Services, Apple Valley, CA > Steven J. Sobol, Geek In Charge / 888.480.4NET (4638) /sjsobol@JustThe.net > PGP: C57E 8B25 F994 D6D0 5F6B B961 EA08 9410 E3AE 35ED Check out www.cellular-news.com/car_bans/ New York is currently the only state to ban hand-held cell phones while driving without using a hands-free device. Several states have tried to pass a similar ban for the general public, but they have not passed. Several states have bans for bus drivers and/or school bus drivers. Doug Aspinwall Near Dover, DE (the only state capital without a commercial airport) [TELECOM Digest Editor's Note: Could someone please tell me in a convincing way what is the difference between a motorist who exercises reasonable caution most of the time but talks on a cell phone and a police officer chasing someone at 100 miles per hour on a busy highway while talking into a microphone on a police radio? Both of them are 'distracted' are they not? PAT] ------------------------------ From: Tony P. Subject: Re: Reliable Means of Determining LEC For Given Phone Number? Organization: ATCC Date: Thu, 19 Feb 2004 05:43:19 GMT In article , no@spam.com says: > Does anyone know of a reliable means of determining the servicing > LEC for a given phone number? > I'm trying to find a reliable means of determining what is the > servicing LEC for any given phone number. Right now this is limited to > only needing to work for CA. USA phone numbers. Using the various > resources (LERG, and other similar databases) I can get down to what > the operating Company is for a given NPA/NXX but with Thousand Number > (block) Pooling, and porting of numbers, there are over lapping > NPA/NXXs for various providers, and while the operating company for a > given NPA/NXX maybe SBC (Pacific Bell) the line may in fact be > serviced by Verizon (GTE). > So far I'm at a loss as to how to reliably perform, what in an ideal > world, would be a simple search. http://www.telcodata.us/telco.html For example, keying in my NPA/NXX (401/621) if I click on the switch info link I get (Even if the zip code is wrong, it should be 02903 and the post office that serves 02903 is right in back of the CO.): Number of results: 51 Information on PRVDRIWADS2: State: RI English Name: CLLI: PRVDRIWADS2 Switch Type: Northern Telecom DMS100 (Digital) Host Host CLLI (if remote): Status: () LATA: NO LATA KNOWN (999) Exchanges Served: 51 Building CLLI: PRVDRIWA (See DSLReports information on this wirecenter) Street Address: 234 WASHINGTON ST PROVIDENCE, RI 2905 Tandem: SS7 Point Code: List of served exchanges: 401-222 401-224 401-243 401-272 401-273 401- 274 401-276 401-277 401-278 401-282 401-290 401-331 401-332 401-350 401- 351 401-370 401-421 401-444 401-452 401-453 401-454 401-455 401-456 401- 457 401-458 401-459 401-460 401-478 401-482 401-521 401-525 401-528 401- 544 401-553 401-563 401-564 401-572 401-574 401-575 401-588 401-598 401- 621 401-751 401-752 401-776 401-831 401-861 401-863 401-865 401-867 401- 868 List of served ratecenters: PROVIDENCE,RI List of carriers on switch: VERIZON NEW ENGLAND INC. (9102) WEBLINK WIRELESS, INC. (6385) List of other switches in building: PRVDRIWADS2 PRVDRIWAHAA PRVDRIWADS1 PRVDRIWAXSY prvdriwax1y PRVDRIWAX7Y PRVDRIWA06T PRVDRIWAOMD PRVDRIWAXWY PRVDRIWADS4 ------------------------------ From: richgr@panix.com (Rich Greenberg) Subject: Re: Reliable Means of Determining LEC For Given Phone Number? Date: 19 Feb 2004 16:48:36 -0500 Organization: Organized? Me? In article , JL wrote: > Does anyone know of a reliable means of determining the servicing > LEC for a given phone number? > I'm trying to find a reliable means of determining what is the > servicing LEC for any given phone number. Right now this is limited to > only needing to work for CA. USA phone numbers. Using the various > resources (LERG, and other similar databases) I can get down to what > the operating Company is for a given NPA/NXX but with Thousand Number > (block) Pooling, and porting of numbers, there are over lapping > NPA/NXXs for various providers, and while the operating company for a > given NPA/NXX maybe SBC (Pacific Bell) the line may in fact be > serviced by Verizon (GTE). Take a look at: http://www.telcodata.us/telco.html Rich Greenberg Work: Rich.Greenberg atsign worldspan.com + 1 770 563 6656 N6LRT Marietta, GA, USA Play: richgr atsign panix.com + 1 770 321 6507 Eastern time zone. I speak for myself & my dogs only. VM'er since CP-67 Canines:Val(Chinook,CGC,TT), Red & Shasta(Husky,(RIP)) Owner:Chinook-L Atlanta Siberian Husky Rescue. www.panix.com/~richgr/ Asst Owner:Sibernet-L ------------------------------ From: Tony P. Subject: Re: Cable Modem Hackers Conquer the Co-ax Organization: ATCC Date: Thu, 19 Feb 2004 19:08:33 GMT In article , none@none.com says: > On Wed, 11 Feb 2004 20:21:07 -0500, Monty Solomon > wrote: >> By Kevin Poulsen, SecurityFocus >> A small and diverse band of hobbyists steeped in the obscure languages >> of embedded systems has released its own custom firmware for a popular >> brand of cable modem, along with a technique for loading it -- a >> development that's already made life easier for uncappers and service >> squatters, and threatens to topple long-held assumptions about the >> privacy of cable modem communications. >> The program, called Sigma, was released in its final version last >> month, and has reportedly been downloaded 350 to 400 times a day ever >> since. It's designed to be flashed into the non-volatile memory of >> certain models of Motorola's Surfboard line, where it runs in parallel >> with the device's normal functionality. It gives users almost complete >> control of their cable modem -- a privilege previously reserved for >> the service provider. >> The project is the work of a gang of coders called TCNiSO. With about >> ten active members worldwide, the group is supported by contributions >> from the uncapping community -- speed-hungry Internet users who rely >> on TCNiSO's research and free hackware to surmount the bandwidth caps >> imposed by service providers, usually in violation of their service >> agreement, if not the law. To them, Sigma is a delight, because it >> makes it simple to change the modem's configuration file -- the key to >> uncapping, and, on some systems, to getting free anonymous service >> using "unregistered" modems. "I've known TCNiSO for two years now and >> I've done a lot of things with their techniques," wrote a Canadian >> uncapper in an e-mail interview. "Sigma is the greatest one I've >> seen." >> http://www.securityfocus.com/news/7977 > One of the things that has me concerned and hope others is what was > listed in the article. That cable modem traffic is pinged or actually > "Routed" off other cable modems, so that traffic can be handled more > effectively as a huge LAN > My questions is: > 1) Where is the security for traffic on this network? > 2) Why has the cable modem services industry not taken a lead to > encrypt or block access of traffic not deemed for a particular router > off-limits, so that it can be shared with another user??? 1) Baseline Privacy 1.0 -- not exactly the most secure of them. It encrypts the TCP/IP stream from the headend to the cable modem. Kind of obvious that this group has defeated Baseline 1.0. 2) Because the cable companies are in it for one thing and one thing only. To earn as much as they possibly can in an environment that while not a monopoly is closer to an oligopoly. > Jeremy supercommodore@maildotcom > [TELECOM Digest Editor's Note: Although I do not know the particulars > of this, I do know that Mr. Mike Flood, the general manager of Cable > One, here in Independence told me 'that was all taken care of recently' > when I asked him 'what prevents everyone on the cable from showing up > in my Network Neighborhood, and the other way around.' I am sorry to > say I did not understand his sort of technical explanation. Maybe some > of you could explain it to me in simple words. Its not a problem with > DSL, since everyone goes to the central office on their own pair. But > with a cable strung around, what *does* prevent us from being each > other's Neighbor for spy purposes, etc. Anyone? PAT] The thing about cable vs. DSL is that the cable coming into your home is a shared medium. On the cable side it looks like one big Ethernet LAN even using CDMA/CD. DSL as you've correctly stated, isn't a shared medium at the subscriber side. But at the DSLAM, of course it's shared. When I had the @Home service my machines IP address was hijacked by someone else. Went to use my machine one day and found I couldn't get on no matter what I did. Diagnostics said everything on my end was working fine. Called Cox and they figured it out. ------------------------------ Subject: Re: Cable Modem Hackers Conquer the Co-ax From: sidd@situ.com Date: Thu, 19 Feb 2004 21:02:03 GMT Organization: Road Runner High Speed Online http://www.rr.com > [TELECOM Digest Editor's Note: Although I do not know the particulars > of this, I do know that Mr. Mike Flood, the general manager of Cable > One, here in Independence told me 'that was all taken care of recently' > when I asked him 'what prevents everyone on the cable from showing up > in my Network Neighborhood, and the other way around.' I am sorry to > say I did not understand his sort of technical explanation. Maybe some > of you could explain it to me in simple words. Its not a problem with > DSL, since everyone goes to the central office on their own pair. But > with a cable strung around, what *does* prevent us from being each > other's Neighbor for spy purposes, etc. Anyone? PAT] They probably block the ports that the Microsoft Network protocols use. ------------------------------ From: Phil Earnhardt Subject: Re: Quest to Offer "Naked DSL" Date: 19 Feb 2004 13:21:26 -0800 Organization: Newsguy News Service [http://newsguy.com] In article , Phil Earnhardt says: > I've been unable to find any details on this service: if the $33 > includes an ISP, if you are really getting "unlimited" services on the > 1.5Mbps pipe, etc. I contacted Qwest customer service today and asked about the service. The agent knew about the service, but had no details. I asked the salesman when they would have details. He said that the service will be available on 3/1/04 but did not know when pricing and service details would be available. --phil ------------------------------ From: kludge@panix.com (Scott Dorsey) Subject: Re: The Virus Underground Date: 19 Feb 2004 16:34:54 -0500 Organization: Former users of Netcom shell (1989-2000) Nick Landsberg wrote: > As I recall, it wasn't the "DBUG" command that did it, it was a buffer > overflow (does that sound familiar, don't we ever learn?) that caused > a portion of memory to be overwritten with a very carefully crafted > piece of machine code which then went and fetched the rest of the > worm. (My memory could be faulty on this last variation.) Because > this was binary code, it would only work on specific one specific Unix > variant which was most prevalent at the time, 4.3 BSD I think. (Does > this also sound familiar? Pick the most prevalent OS to go out > after?) As I recall, the Morris worm did different exploits on different machines. I know it did take advantage of DBUG when it was available, but it also did a buffer overrun trick. I _think_ the buffer overrun only worked on the vax ... the Morris worm infected both the vax and Sun-3 machines. > It was Gene Spafford of Purdue who was instrumental in finding out > what it did and how it did it, although I presume many others were > also involved. At the time, he was Gene Spafford of Georgia Tech. > As you said Barry, the internet was a very trusting community in those > days, and the Morris worm should have been a wake-up call to us all. It was a wake up call to everyone who was on the internet back then. But remember, those were the days when Microsoft was saying the internet was irrelevant. Microsoft has long had real problems playing with others in the same sandbox, and they persistently, repeatedly, constantly implement features with no thought whatsoever to security. I mean, the whole notion of automatically executing a .exe file in a mail message being read? What EVER possessed anyone to think that was a good idea? We won't even talk about some of the serious design issues in Microsoft networking. Most of these problems have been patched around, but there is only so much patching around you can do with a fundamentally flawed system. >> Microsoft had the opportunity to learn from our early experiences, but >> did they really take advantage of it? It seems not, since allowing >> the mail reader to execute active code in messages is not much >> different from the sendmail vulnerability that we plugged 15 years >> ago. To extend my analogy, Windows seems like a suburbanite driving >> into a ghetto and leaving his sports car unlocked and unattended; we >> shouldn't be surprised if it gets stripped or taken for a joy-ride. Microsoft did not learn from the early experiences of internet users, and in fact they went out of their way to avoid listening to them. When Microsoft produced an SMTP server that was in violation of RFC822, Eric Allman talked to the designers about integration issues and he was told "We're Microsoft. We don't follow standards, we make them." That sort of attitude is precisely why Microsoft is having all of these problems. --scott "C'est un Nagra. C'est suisse, et tres, tres precis." ------------------------------ From: Barry Margolin Subject: Re: The Virus Underground Organization: Looking for work Date: Thu, 19 Feb 2004 17:05:38 -0500 In article , Nick Landsberg wrote: > As I recall, it wasn't the "DBUG" command that did it, it was a buffer > overflow (does that sound familiar, don't we ever learn?) that caused > a portion of memory to be overwritten with a very carefully crafted > piece of machine code which then went and fetched the rest of the > worm. (My memory could be faulty on this last variation.) Because > this was binary code, it would only work on specific one specific Unix > variant which was most prevalent at the time, 4.3 BSD I think. (Does > this also sound familiar? Pick the most prevalent OS to go out > after?) As with some modern worms, the Morris Worm had multiple entry vectors. It did exploit a buffer overflow, but that was in fingerd, not sendmail. Barry Margolin, barmar@alum.mit.edu Arlington, MA ------------------------------ From: Forrest Nelson Subject: Nitsuko/NEC 704i and Fax Servers Date: Thu, 19 Feb 2004 14:22:00 -0800 Does anyone have experience with configuring a 704i to integrate with fax servers preferably using extensions that can out-pulse the called extension number after the fax board answers. Thanks, J. Forrest Nelson, RCDD Affiliated Engineers NW, Inc. (AEI) mailto:jfnelson@aeieng.com e-mail http://www.aeieng.com web 206-256-0800 phone 206-256-0423 fax ------------------------------ From: Danny Burstein Subject: Money, Money, was Re: Internet Phones, 911 Systems Could Clash Date: Thu, 19 Feb 2004 05:48:13 UTC Organization: PANIX Public Access Internet and UNIX, NYC In Monty Solomon writes: > ST. PAUL (AP) -- The rising popularity of Internet telephones could > undermine the finances of the state's 911 systems while endangering > some users because the new technology doesn't alway mesh with the old > emergency system. > So-called Internet telephony's popularity worries Jim Beutelspacher, > manager of the statewide 911 program for the Department of Public > Safety, because it doesn't pay a 40-cent-per-month tax for each new > subscriber. Aside from the bigger issue that "911 centers" should (in my opinion, that is -- rational folk can disagree with this a bit) be supported the same way other government business is, namely through the general tax levy, there's a very specific point here: In audit after audit in NYS (and others, although being from NY it's the one I'm most familiar with) it turns out that any so-called "911 surcharge" is simply absorbed into the general gov't revenue/expense stream In fact, just yesterday (18-Feb) the NYS Comptroller realased yet another report. The details aren't yet up on his webpage [a], but quoting from a typical news report: "E-911 surcharge on cell phones helps state pay its bills Updated: 2/18/2004 11:05 PM By: News 10 Now Staff A report released Wednesday by the State Comptroller's Office said New York is diverting revenue intended for improving emergency 911 services to the state's general fund. http://news10now.com/content/all_news/?ArID=10875&SecID=83 [a] it'll be at: http://www.osc.state.ny.us probably in a day or two. _____________________________________________________ Knowledge may be power, but communications is the key dannyb@panix.com [to foil spammers, my address has been double rot-13 encoded] [TELECOM Digest Editor's Note: What's so unusual about government squandering and mis-appropriating the money they were given (or rather, took from us under various false pretenses? Do you remember how, prior to the various state lotteries we were told the money would be used to support the schools? Now the lottery money just goes into general revenue and the schools are in the same miserable condition they always were. Oh, and the taxes on alcohol and cigarettes: going to be used to help fight alcoholism and tobacco addiction, right? Oh, and have you heard about the infamous tobacco settlement that R.J. Reynolds and the others signed? Gonna be used to pay for hospital for cancer patients, right? The states have squandered that money so badly -- everything *but* medical treatment -- now R.J. Reynolds has petitioned the court saying since the states are not living up to their promises to use the money as dictated, the tobacco companies should not have to pay it either. Never, never expect the governments to keep up their end of deals they made. The only thing that matters is the federal program which I call 'no servants left behind' ... a takeoff on Bush's 'no child left behind'. PAT] ------------------------------ From: DevilsPGD Subject: Re: Internet Phones, 911 Systems Could Clash Organization: EasyNews, UseNet made Easy! Date: Thu, 19 Feb 2004 07:51:56 GMT In message <> Monty Solomon did ramble: > Last fiscal year, a 33-cent 911 fee generated $20.8 million. The > higher fee this year is expected to bring in $25.4 million, mainly to > pay for connections to public safety call centers, Beutelspacher said. > But if more people drop their regular telephone service in favor of > tax-free Internet calling, the financial underpinnings of 911 will be > weakened, he said. > The problems have been noted within the industry, but it's expected to > become a bigger issue as more people turn to Internet telephony > because it can be cheaper than regular telephone service. But presumably as more and more people get phone lines incapable of dialing 911, the costs for operating 911 should drop as well, no? The nice thing about standards, there is enough for everyone to have their own. ------------------------------ Date: Thu, 19 Feb 2004 01:07:22 -0500 From: Monty Solomon Subject: Now Preening on the Coffee Table: The TiVo Remote Control By KATIE HAFNER TO most home viewers, remote controls may seem like ancillary sidekicks to the main attraction that is the television, DVD player or digital video recorder. Yet in some ways the remote has become the centerpiece of home entertainment: so many functions have been relegated to this slip of an object that if it is lost, you may find yourself unable to do so much as call up a menu for watching the movie you popped into the DVD player. But if the remote control is a linchpin, it is also often an inscrutable one. A typical remote may have some 40 buttons, with functions that are hard to divine. Often the labels - "toggle," "planner" and the like - are no help. The device can feel like an afterthought, thrown together without any planning at all. Increasingly, however, electronics companies are recognizing that building an easy-to-use remote control is an important and challenging task. To improve the remote, they are deploying teams of experienced industrial designers who focus on the product for months -- and reaching out to consumers for advice. In 1998, design engineers at TiVo , the Silicon Valley company that helped introduce the digital video recorder to the world, set out to produce a distinctive remote control. The result was a textbook blend of complexity and ease of use. http://www.nytimes.com/2004/02/19/technology/circuits/19remo.html ------------------------------ From: Barry Margolin Subject: Re: Blogs (web logs): What am I Not Getting? Organization: Looking for work Date: Thu, 19 Feb 2004 01:41:23 -0500 In article , jmayson@nyx.net wrote: > And in all honesty I don't want people to know what I'm thinking. Yet that's precisely what you were doing when you posted your message to this list, isn't it? > I'm just curious why people blog. Are there any, for the lack of a > better term, practical blogs out there? I don't blog, either, but I assume it's for the same reasons that people participate in newsgroups or mailing lists, and in earlier times logged into BBSes. They're all just variations on the same theme, aren't they? People like to communicate about their interests. Or is there something different about blogs that makes you think they require further explanation? Barry Margolin, barmar@alum.mit.edu Arlington, MA ------------------------------ From: tech@xxcopy.com (Kan Yabumoto) Subject: Re: A Suspicious Netscape Icon on my DeskTop Date: 18 Feb 2004 23:37:03 -0800 Organization: http://groups.google.com jbl wrote in message news:: > In , tech@xxcopy.com (Kan Yabumoto) > wrote: >> BTW, the Netscape icon that mysteriously appered on my Desktop is a >> link to the following sign-up form: >> https://register.isp.netscape.com/default.jsp?promo=NS_2_6_2_2003_12_6 >> The brief description of the service can be viewed from: >> http://www.getnetscape.com/index.adp?promo=NS_2_7_7_2003_10_2 > These sound like "legitimate" netscape pointers, as opposed to some > phisher or malware supplier. Thank you for your response. I had no doubt that the icon was pointing to a "legitimate" site which is the real Netscape site. But, I had a strong suspicion that the funny rearrangement of the icons on my Desktop (that does not happen very often on an XP system) was not just a coincidence. I did not put the icon there. It was "planted" by some software (either as a result of some aggressive web page that I visited, or some other mechanism that I don't know). > Do you have automatic netscape updating turned on? No. I do not have Netscape (I suppose you mean Netscape's browser, "Navigator" -- I used to used it before Microsoft came out with IE -- many years ago). To come to think of it, I have the Mozilla browser that I use every now and then (in order to read some web page whose hard-coded extremely small font size makes it impossible to read). But, I assume Mozilla is independent from Netscape (Mozilla seems to have components from Netscape) and I still do not believe Mozilla has a feature which exhibit such a strange behavior. > (Or might you have accidentally clicked 'yes' when it put up > a box asking you if you wanted to update your netscape?[1]) It is a remote possibility (but, I have not knowingly done such a thing). [1] I have a problem with software that does this kind of thing. If I'm clicking and/or typing fast, some box will pop up, intercept my next "enter" keypress and disappear before I get a chance to realize that something is there, much less read what it says. I agree. The problem of many such pop-up windows is that they abruptly steal the screen input-focus from my current window in such a way that my regular typing-activity is interrupted. Since no one else has responded to my question, this is probably not a wide-spread experience which is shared by many other users (I suspected my original theory even more after I did some research and found out that Netscape had been renewing their effort in the ISP business during the past 6 weeks). I may have to accept your hypothesis that it could have been my inadvertent input (response to some popup/dialog) ... Anyway, regardless of how the icon was placed on my Desktop, what Netscape is offering to the visitors to the web site seems such a lousy deal I started to question Netscape's business "ethics" (not just what they offer as an ISP, but the way they want to promote their business). Kan ------------------------------ TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of networks such as Compuserve and America On Line, Yahoo Groups, and other forums. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Patrick Townson. All the contents of the Digest are compilation-copyrighted. You may reprint articles in some other media on an occasional basis, but please attribute my work and that of the original author. Contact information: Patrick Townson/TELECOM Digest Post Office Box 50 Independence, KS 67301 Phone: 620-330-6774 Fax 1: 775-255-9970 Fax 2: 530-309-7234 Fax 3: 208-692-5145 Email: editor@telecom-digest.org Subscribe: telecom-subscribe@telecom-digest.org Unsubscribe:telecom-unsubscribe@telecom-digest.org This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the second oldest e-zine/ mailing list on the internet in any category! URL information: http://telecom-digest.org Anonymous FTP: mirror.lcs.mit.edu/telecom-archives/archives/ (or use our mirror site: ftp.epix.net/pub/telecom-archives) Email <==> FTP: telecom-archives@telecom-digest.org Send a simple, one line note to that automated address for a help file on how to use the automatic retrieval system for archives files. You can get desired files in email. ************************************************************************* * TELECOM Digest is partially funded by a grant from * * Judith Oppenheimer, President of ICB Inc. and purveyor of accurate * * 800 & Dot Com News, Intelligence, Analysis, and Consulting. * * http://ICBTollFree.com, http://1800TheExpert.com * * Views expressed herein should not be construed as representing * * views of Judith Oppenheimer or ICB Inc. * ************************************************************************* ICB Toll Free News. Contact information is not sold, rented or leased. One click a day feeds a person a meal. Go to http://www.thehungersite.com Copyright 2003 ICB, Inc. and TELECOM Digest. All rights reserved. Our attorney is Bill Levant, of Blue Bell, PA. --------------------------------------------------------------- Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of fifty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. If you donate at least fifty dollars per year we will send you our two-CD set of the entire Telecom Archives; this is every word published in this Digest since our beginning in 1981. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. End of TELECOM Digest V23 #82 *****************************