TBTF for 1999-01-04: Blue moons

Keith Dawson (dawson@world.std.com)
Mon, 4 Jan 1999 20:28:11 -0600


TBTF for 1999-01-04: Blue moons

T a s t y B i t s f r o m t h e T e c h n o l o g y F r o n t

Timely news of the bellwethers in computer and communications
technology that will affect electronic commerce -- since 1994

Your Host: Keith Dawson

This issue: < http://tbtf.com/archive/1999-01-04.html >

C o n t e n t s

An offshore view of free US browsers
Cookie privacy flaw affects most browsers
Brazilian Internet strike virus spreading by email
Blue Mountain gets early win in Microsoft suit
US loosens crypto export rules
Open Source quantum computing
Followup: on not linking
Silicon creatures
Blue moons

..An offshore view of free US browsers

Are Microsoft and Netscape colluding in restraint of trade?

Robin Miller's article [1], first published in the Baltimore Sun
last month, suggests that the makers of the Opera browser ought to
get together with the Norwegian government and mount an interna-
tional "dumping" suit against the US govenrment and the two dominant
US browser makers.

> Opera Software has at least as much right to be angry at
> Microsoft and Netscape as American steel and auto producers
> have to be upset by predatory pricing by Asian steel and
> auto companies... I expect Opera Software and the Norwegian
> government to sue Netscape, Microsoft, and the U.S. Govern-
> ment for violating the same treaties and international trade
> principles held so dear by American smokestack industries.

I haven't seen this suggestion circulated widely -- it was carried
on the Politech mailing list and picked up by Andover News [2], for
which Miller sometimes writes -- but if Opera's developers take the
hint you'll see it everywhere.

[1] http://www.g21.net/news7.html
[2] http://www.andovernews.com/cgi-bin/news_column.pl?219

..Cookie privacy flaw affects most browsers

Accepting a cookie from a national TLD considered harmful

Two students and Web consultants in New Zealand, Oliver Lineham
<oliver@lineham.co.nz> and Arun Stephens, have discovered the latest
browser privacy hole, dubbed Cookiemonster [3]. The bug's source is
both flawed implementation of the cookie spec by almost all browser
vendors and a basic hole in the spec itself [4]. Cookiemonster is
exploitable to do bad things, but even if not exploited it wastes
bandwidth and could lead to a loss of private data.

The nut of it is that cookies set by most domains outside of the US
will be returned to many other visited Web sites within that coun-
try, instead of just to the originating Web site (or its peers).
The flaw arises from the cookie spec [4], which defines an inexact
method of counting dots to determine whether a visited site is a
peer of the site that set a cookie. The implementation of most brow-
sers is further flawed, leading to the Cookiemonster.

Lineham's exploit site [3] could serve as a template for other bug
discoverers to follow. It's lucid, thorough, speedy, and cleanly
designed. The bug's demonstration is gentle on visitors and is en-
tirely convincing.

[3] http://www.paradise.net.nz/~glineham/cookiemonster.html
[4] http://www.netscape.com/newsref/std/cookie_spec.html

..Brazilian Internet strike virus spreading by email

Good Times-like message has little ground in fact

TBTF for 1998-11-03 [5] carried word of a strike in Germany by In-
ternet users demanding more reasonable telephone rates. Brazilian
reader Andre Uratsuka Manoel <andre@insite.com.br> sends word of an
email meme that has been spreading in those parts since early Decem-
ber. A "Good Times"-like email message calls for an Internet boycott
on January 13 and asks the recipient to forward it to everyone s/he
knows. The message denounces the allegedly high prices of Internet
access in Brazil (around US $25) in contrast to a supposedly stand-
ard price of US $10 for unlimited access. Manoel writes:

> The claims of the message are mostly false. Brazilian prices
> are not extremely high compared to other countries. US does
> not count as it's a mass market and telecommunications are
> much cheaper in the US. Also there is no such US $10 un-
> limited-time plan as far as I know even there. The Bra-
> zilian market of ISPs is very competitive. There are hun-
> dreds of companies (the something-onlines and something-
> nets) fighting fiercely for about 3 million users.

What's more, Brazil's telecomms infrastructure is well on the way
to robust competition, unlike that of Germany (where the November
strike had little effect) or Spain (where an earlier strike was
credited for some rate relief).

In the US an ISP rate of $10 per month is far from standard. When
AOL went flat-rate they established a $19.95 price point that many
ISPs then matched. Since that time a number have raised prices or
placed limitations on $20 accounts.

The rogue email message has circulated widely in Brazil and has been
the subject of radio and press coverage. Here is a recent column [6]
from Maria Ercilia, a respected Brazilian Net columnist. If one can
trust the translation that results from feeding [6] to the Babelfish
[7], she appears to puncture the tenets of the strike call as Manoel
has done. Nonetheless, if you need to download anything from a Bra-
zilian site, then January 13 might be a good day to do it.

[5] http://tbtf.com/archive/1998-11-03.html#s01
[6] http://www.uol.com.br/internet/netvox/nvox221298.htm
[7] http://babelfish.altavista.digital.com/cgi-bin/translate?

..Blue Mountain gets early win in Microsoft suit

Redmond ordered to stop filtering greeting cards as spam

A California judge has issued a temporary restraining order against
the software giant in a case brought by Blue Mountain Arts, a pur-
veyor of online greeting cards [8] and one of the more heavily traf-
ficked sites on the Web. Blue Mountain noticed that the email client
bundled with the latest beta version of Internet Explorer, Outlook
Express, blocked Blue Mountain's greeting notifications as spam. The
company became suspicious because Microsoft had just announced its
own competing greeting-card service as part of msn.com. Blue Moun-
tain's cards were also blocked for at least a few days from custom-
ers of WebTV, another Microsoft property. Blue Mountain's direct ap-
peals to Microsoft yielded no satisfaction and the company went to

The small company's suspicions are understandable in light of all
that has come out about Microsoft's business practices. But Redmond
argued that this time it wasn't behaving anti-competitively, and its
point was bolstered by the fact that its own msn.com greeting cards
were blocked in the same way. (The reported WebTV blockage was nei-
ther confirmed nor explained.) The judge ordered Microsoft to assist
Blue Mountain in modifying its greeting cards so they pass through
the Outlook Express spam filter. Microsoft must also warn consumers
of the email client's blocking action.

Thanks to Rob Mayhew <wizworks@istar.ca>, who was the first of sev-
eral readers to suggest covering this story.

[8] http://www2.bluemountain.com/home/ImportantNotice.html?122198

..US loosens crypto export rules

But they're still stricter than Wassenaar limits

On the last day of 1998 the Commerce Department released new reg-
ulations [9] (79K) implementing the looser guidelines for crypto
exports announced in September. Here is news.com's story on the
announcement [10]. US vendors of data-scrambling software can now
sell strong crypto to foreign subsidiaries of U.S. companies in the
fields of insurance, health and medicine, and online commerce, after
a one-time review by the Commerce Department. See this list [11] of
the 44 approved countries for such exports. Privacy advocates have
criticized [12] the new regulations as favoring large corporations
but doing nothing for ordinary citizens or non-commercial users such
as human-rights groups.

[9] http://jya.com/bxa123198.txt
[10] http://www.news.com/News/Item/Textonly/0,25,30414,00.html?tbtf
[11] http://www.bxa.doc.gov/factsheets/EncCountryList.htm
[12] http://andovernews.com/cgi-bin/news_story.pl?108205

..Open Source quantum computing

OpenQubit sets up shop to marry two hot buzzwords

Robert Chin <qin@laya.com> and compatriots have unveiled the Open-
Qubit site [13] to anchor a collaborative effort aimed at developing
a simulation API for a quantum computer. So far 64 people have
signed on [14] to help or at least to kibbitz. The site is holding a
logo contest [15] -- the interim logo owes perhaps too much to
QuickTime. If you have any interest in the development of quantum
computation, put OpenQubit on your bookmark list, along with the
mothership [16].

[13] http://www.openqubit.org/
[14] http://www.openqubit.org/about_people.shtml
[15] http://www.openqubit.org/spec_contest.shtml
[16] http://www.qubit.org/

..Followup: on not linking

Two ways to pull Web content without linking it

The article on the legal aspects of linking in TBTF for 1998-12-15
[17] drew a few replies worth sharing. First, from John Robert Lo-
Verso <john@loverso.southborough.ma.us> [18]:

> The "linking" issue interests me, partially because I think
> it is all legal nonsense. See, for instance, my "daily com-
> ics" page at [19]. This is generated automatically, by min-
> ing the comics pages provided elsewhere. I don't copy the
> images, I just find the location of the images and include
> that URL in an <img> tag. I justify this as legal by this
> statement:

> Important Note On The Content Provided Here

> There is no content provided here. There are no copies of
> images or comics here. These are all just pointers to
> other web resources. If you see images below, it is be-
> cause you've instructed your Web browser to fetch those
> resources. That is not my doing.

And David Coppit <coppit@cs.virginia.edu> [20] writes to point out
his Daily Update tool [21], which yanks Web content and integrates
it into your own page.

[17] http://tbtf.com/archive/1998-12-15.html#s05
[18] http://surf.to/loverso/
[19] http://www.schooner.com/~loverso/daily-comics.html
[20] http://www.cs.virginia.edu/~dwc3q/
[21] http://www.cs.virginia.edu/~dwc3q/code/DailyUpdate/index.html

..Silicon creatures

They might explain why your server pages are a bit too active

Some chaps at Florida State University with too much time on their
hands offer us the Silicon Zoo [22]: a collection of photomicrographs
of the little drawings and doodles with which chip designers adorn
their creations. Here's how they did it [23]. The Zoo offers 35 trib-
utes lovingly engraved in silicon at the micron level including:

- a guitar-strumming T Rex [24]
- a herd of buffalo [25]
- a wedding announcement [26]
- a hummingbird [27]

[22] http://micro.magnet.fsu.edu/creatures/index.html
[23] http://micro.magnet.fsu.edu/seminoles/index.html
[24] http://micro.magnet.fsu.edu/creatures/pages/guitarrex.html
[25] http://micro.magnet.fsu.edu/creatures/pages/buffalo.html
[26] http://micro.magnet.fsu.edu/creatures/pages/wedding.html
[27] http://micro.magnet.fsu.edu/creatures/pages/bird.html

..Blue moons

More than you ever wanted to know about lunar chronology and

In 1999 January and March will each enjoy two full moons, and Feb-
ruary will have none at all. This happens far more rarely than once
in a blue moon, as the second full moon in a month is called. Ac-
cording to the Blue Moon page [28], blue moons are governed (to a
first order) by the 19-year Metonic cycle of lunar phases. Over one
Metonic cycle there are 235 lunar months (236 full moons) and 228
calendar months. So "once in a blue moon" amounts to about 8 times
in 228, or 3.5 per cent. (228 calendar months differs from 235 lu-
nar months by about 2 hours. Then there are leap years to consider.
Plumb exhaustive detail at [29] and [30]; calculate blue moons for any
year at [31].) February last lacked a full moon two Metonic cycles
ago, in 1961, and will miss one again on the next cycle in 2018. The
last time a moonless February was surrounded by blue moons in
January and March was in 1915.

We conclude with an enumeration of the common names for the year's
full moons, synthesized from a variety of sources [32], [33], [34].

Algonquin/ English/ neo-Pagan Other
colonial medieval

Jan Old Wolf Ice Moon After Yule
Feb Hunger Storm Snow
Mar Crust Chaste Death Sap; Crow; Lenten
Apr Pink Seed Awakening Grass; Egg
May Flower Hare Grass Planting; Milk
Jun Rose Dyan Planting Strawberry; Flower
Jul Buck Mead Rose Hay; Thunder
Aug Sturgeon Corn Lightening Grain; Dog Days
Sep Harvest Barley Harvest Fruit
Oct Hunter's Blood Blood
Nov Beaver Snow Tree Frosty
Dec Cold Oak Long Night Moon Before Yule

[28] http://www.obliquity.com/astro/bluemoon.html
[29] http://www.obliquity.com/astro/blue2.html
[30] http://www.obliquity.com/astro/blue3.html
[31] http://www.obliquity.com/cgi-bin/bluemoon.cgi
[32] http://www.cnn.com/TECH/space/9901/02/rare.moons.ap/
[33] http://milkyway.iol.it/psc/fullmoons.html
[34] http://soiroom.hyperchat.com/moons/moonpage.html

N o t e s

> TBTF has finally adopted an unambiguous and sort-friendly date term-
inology based on ISO 8601 [35]. ("And about time!" the readers cry.
Thanks to Dan Kohn <dan@teledesic.com> for the final push.) I have
reworked all the internal links on tbtf.com -- please write me if
you find problems in this area. But feel less compelled to tell me
about broken external links: the older the issue the less the com-
pulsion. The links work on the date of publication and I make an
effort to keep them alive for weeks more, but inevitably linkrot
[36] sets in over time.

[35] http://www.saqqara.demon.co.uk/datefmt.htm
[36] http://whatis.com/linkrot.htm

S o u r c e s

> For a complete list of TBTF's (mostly email) sources, see
http://tbtf.com/sources.html .

TBTF home and archive at http://tbtf.com/ . To (un)subscribe send the
message "(un)subscribe" to tbtf-request@tbtf.com. TBTF is Copyright
1994-1999 by Keith Dawson, <dawson@world.std.com>. Commercial use pro-
hibited. For non-commercial purposes please forward, post, and link as
you see fit.
Keith Dawson dawson@world.std.com
Layer of ash separates morning and evening milk.

Version: PGP for Personal Privacy 5.5