TBTF for 9/15/97: Bedtime for crypto
T a s t y B i t s f r o m t h e T e c h n o l o g y F r o n t
Timely news of the bellwethers in computer and communications
technology that will affect electronic commerce -- since 1994
Your Host: Keith Dawson
This issue: < http://www.tbtf.com/archive/09-15-97.html >
_________________________________________________________________________
C o n t e n t s
Bedtime for crypto
A ladder out of a sandbox
Netscape gets patent protection for SSL
Mac clones stampede for the exits
A failure to deliver on xDSL
Search bunnies' heaven
Remember home pages?
Exploitation in Net time
Quantum mechanical entanglement of atoms
_________________________________________________________________________
..Bedtime for crypto
Two committees in the House of Representatives dealt sharp blows
to the movement for relaxing Cold War-era restrictions on strong
cryptography. Declan McCullagh's impassioned reportage for the
Netly News [1] was not by any means the most radical voice raised
in reaction. The SAFE bill [2] was gutted first by the Judiciary
Committee and then by the Intelligence Committee. The Commerce
Committee, on which sits the SAFE bill's author Rep. Bob Good-
latte, then brokered a 2-week time-out before the Rules Committee
decides which version of the bill, if any, will be presented to
the full House for a vote. "We've bought some time to try to work
out something that will satisfy the needs of the people who have
supported this legislation," Goodlatte said, somewhat wanly, after
the delay was announced. The forces for crypto liberalization
which in the House have the backing of a majority of representa-
tives, were outmaneuvered and outgunned. Justice Department backers
have succeeded in shifting the locus of debate so far in the direc-
tion of the Surveillance Society that you can barely see the US
Constitution from here.
Read about these developments in the Net press [3],[4],[5],[6] or
see TBTF Threads [7] to trace the saga to date.
[1] http://cgi.pathfinder.com/netly/opinion/0,1042,1385,00.html
[2] http://thomas.loc.gov/cgi-bin/query/z?c105:H.R.695:
[3] http://www.news.com/News/Item/0,4,14180,00.html
[4] http://www.wired.com/news/news/politics/story/6819.html
[5] http://www.zdnet.com/zdnn/content/inwo/0911/inwo0007.html
[6] http://www.nando.net/newsroom/ntn/info/091197/info3_26022_noframes.html
[7] http://www.tbtf.com/threads.html
________________
..A ladder out of a sandbox
A new security-related bug (#13) has been reported in beta versions
of MS Internet Explorer 4.0 on Windows 95 and NT machines [8]. Here
is the exploit page [9]. Microsoft, when contacted about the bug,
replied that the bug had already been found in testing, and fixed.
The bug's discoverer could not yet verify that a fix has been im-
plemented. The bug allows a rogue Java applet to overwrite files
on the user's disk. This clearly should be impossible under Java's
security model, and in fact the fault is not with Java -- it is
in Microsoft's proprietary extensions to Java. (Microsoft denies
this.) See William Blundon's column [10] for a prediction using the
law of unintended consequences. I hope Microsoft engineers read
this piece and take it to heart, and then take it upstairs. Mi-
crosoft's tactic to "embrace and extend" Java -- declaring it not
to be a cross-platform solution and then setting out to fulfill
that prophesy -- must appear to Redmond as an attractive market-
ing solution to a nagging problem. But it is fraught with tech-
nical risk and seems likely to backfire. This bug is the first
solid indication that this is happening. See this summary table
[11] of Microsoft IE-related security bugs and issues reported in
TBTF in 1997. Thanks to Fred K. Barrett <fbarrett@world.std.com>
for the alert.
[8] http://www.techweb.com/wire/news/1997/09/0905bugs.html
[9] http://web.mit.edu/twm/www/expbug2/
[10] http://www.javaworld.com/javaworld/jw-08-1997/jw-08-blundon.html
[11] http://www.tbtf.com/resource/ms-sec-exploits.html
________________
..Netscape gets patent protection for SSL
On 8/12 Netscape was granted US Patent number 5,657,390 [12] for
Secure Socket Layer technology. A poster to the Cryptography mailing
list speculated that the patent is so broadly worded that Netscape
might claim royalties from anyone sending encrypted communications
over an open network, although a challenge could be mounted on the
basis of prior art. There is no hard evidence as to what Netscape's
intentions are for the patent. Thanks for the alert to Rodney Thayer
<rodney@sabletech.com>.
[12] http://patent.womplex.ibm.com/details?patent_number=5657390
________________
..Mac clones stampede for the exits
Motorola dropped out of the business of making MaCOS clones on 9/11
[13], and talked about the sunny prospects for the PowerPC chip be-
yond the market for computers [14]. After the close of the New York
stock exchange the company also announced that its earnings will not
meet expectations, partly due to the $95M cost of backing out of the
Mac clone market. Motorola stock was hammered in after-hours trading.
In separate news, IBM is rumored [15] to be near an announcement that
it will abandon its MacOS licence -- the company never did get around
to producing clones.
Here is the most cogent explanation [16] I have found of why Apple's
actions make sense. Short form: imagine that the Macintosh has never
been a personal computer -- rather, a workstation -- and the econo-
mics of cloning work differently than in the mass PC market.
[13] http://www.news.com/News/Item/0,4,14152,00.html
[14] http://www.news.com/News/Item/0,4,14045,00.html
[15] http://www.news.com/News/Item/0,4,14159,00.html
[16] http://www.stepwise.com/Articles/Editorial/TheCloneWars.html
________________
..A failure to deliver on xDSL
US West, the regional phone company reported in TBTF for 1/21/97 [18]
to be readying a road rollout of ADSL technology, is failing to de-
liver on the plan, according to an exclusive story [19] in Interac-
tive Week. Initially the company planned to provide customers in 14
cities with asymmetric digital subscriber line technology, for Inter-
net access at speeds up to 1.5 Mbit/sec. The trial is being delayed
and scaled back to two cities after a shuffle of CEOs at US West.
This development reinforces my belief that the most appropriate
agents to deliver xDSL to the home are ISPs, not phone companies.
[18] http://www.tbtf.com/archive/01-21-97.html#s01
[19] http://www.zdnet.com/intweek/daily/970909f.html
________________
..Search bunnies' heaven
After the most recent TBTF note on Alta Vista's shifting indexing
policies [20], David Brake <derb@well.com>, webmaster of the New
Scientist's online incarnation [21], sent a note pointing out enough
research to sate even the most search-addled Web denizen. His own
article on the controversy over Alta Vista limitations [22] goes
considerably deeper than mine did. And his article "A Webmaster
Searches" [23] describes his own techniques for using search en-
gines, with concrete examples. Finally, Brake points out the ulti-
mate search-bunny site: Danny Sullivan's Search Engine Watch [24].
[20] http://www.tbtf.com/archive/08-11-97.html#Tavs
[21] http://www.newscientist.com/
[22] http://www.keysites.com/keysites/networld/lost.html
[23] http://www.newscientist.com/keysites/voice/voice.html
[24] http://searchenginewatch.com/size.htm
________________
..Remember home pages?
Pamela O'Connell <personalweb.guide@miningco.com> writes about personal
home pages for the Mining Company. Now, home pages fell off the "Wired"
side of the Tired/Wired list some time ago, but still the subject de-
serves respect: personal home pages have always been at the core of the
Web's promise of many-to-many publishing. Last May O'Connell reported
on the only survey results [25] then available on the prevalance of home
pages, from Find/SVP. Last week she updated these results with a new
study [26] from NFO Research; her article is titled "Market researchers
aren't exactly falling over each other studying the homepage phenome-
non." Both studies, and O'Connell's own researches, indicate that some-
thing over 50% of active Web users either maintain a personal page,
or plan to, or at least look favorably on the idea.
[25] http://personalweb.miningco.com/library/weekly/aa051297.htm
[26] http://personalweb.miningco.com/library/weekly/aa090897.htm
________________
..Exploitation in Net time
By the day of Princess Diana's funeral, 9/6/97, the following domains
had been registered, as uncovered by Brian Reid <reid@pa.dec.com> and
forwarded by Nina Eppes <eppes@orion.ENET.dec.com>.
DIANAGOODBYE.COM 25th Frame Interactive
DIANA-DODI.COM 786 Consultation Services
DIANAS-REMEMBRANCE.COM Apex Communications
DIANA-MEMORIAL.NET Blah
DIANA-MEMORIAL-FUND.COM Computeach College
DIANA-MEMORIAL-FUND.NET Computeach College
DIANA-MEMORIAL-FUND.ORG Computeach College
DIANAMEMORIAL.NET Computeach College
DIANAMEMORIALFUND.NET Computeach College
DIANA1961-1997.COM Cordiant InterWeb Technologies
DIANA61-97.COM Information Architecture
DIANAISDEAD.COM Information Architecture
DIANADEAD.COM Interactive Consulting, Inc.
DIANAFOREVER.COM Lady Di Memorial
DIANALIVES.COM Lady Di Memorial
DIANATRIBUTES.COM Megatronix (UK)
DIANAMEMORIAL.COM PRINCESS DIANA MEMORIAL
DIANAMEMORIAL.ORG PRINCESS DIANA MEMORIAL SITE
DIANA-MEMORIAL.COM Princess Di Memorial
DIANA-PRINCESSOFWALES.COM Princess Di Memorial
DIANA-PRINCESSOFHEARTS.ORG Domain Sales
DIANA-PRINCESSOFHEARTS.COM Domain Sales
DIANA-PRINCESSOFWALES.NET Domain Sales
DIANA-QUEENOFHEARTS.NET Domain Sales
DIANA-QUEENOFHEARTS.ORG Domain Sales
DIANAPEOPLESPRINCESS.COM Domain Sales
DIANAPRINCESSOFHEARTS.ORG Domain Sales
DIANAPRINCESSOFHEARTS.COM Domain Sales
DIANAPRINCESSOFWALES.NET Domain Sales
DIANAQUEENOFHEARTS.ORG Domain Sales
DIANASFOUNDATION.ORG Domain Sales
DIANA-1961TO1997.COM mesu
DIANA-61TO97.COM mesu
DIANA-QUEENOFHEARTS.COM mesu
DIANAPRINCESSOFWALES.COM mesu
DIANATHEQUEENOFHEARTS.COM ohanessian
DIANA-PRICESSOFWALES.COM tagadaboomboom
DIANA-PRINCESSOFWALES.ORG tagadaboomboom
DIANAMEMORIALFUND.COM tagadaboomboom
DIANAMEMORIALFUND.ORG tagadaboomboom
PRINCESSDIANA-OFWALES.COM Cyber Tiger Inc
PRINCESSDIANAOFWALES.NET Cyber Tiger Inc
PRINCESSDIANAOFWALES.ORG Cyber Tiger Inc
PRINCESSDIANAOFWALES.COM Information Architecture
PRINCESSDIANADEAD.COM Interactive Consulting, Inc.
PRINCESSDIANAS.COM Martin Eng
PRINCESSDIANA.COM Naughtya Page
DIANAMEMORIAL.COM PRINCESS DIANA MEMORIAL
DIANAMEMORIAL.ORG PRINCESS DIANA MEMORIAL SITE
PRINCESSDIANA-DEAD.COM Princess Di Memorial
PRINCESSDIANA-DEAD.NET Princess Di Memorial
PRINCESSDIANA-ONLINE.NET Princess Di Memorial
PRINCESSDIANA-ONLINE.COM Princess Di Memorial
PRINCESSDIANADEAD.NET Princess Di Memorial
PRINCESSDIANAONLINE.COM Princess Di Memorial
DIANA-MEMORIAL.COM Princess Di Memorial
________________
..Quantum mechanical entanglement of atoms
Entanglement is a phenomenon unique to quantum physics. It involves
a relationship (a "superposition of states") between the possible
quantum states of two entities such that when the possible states
of one entity collapse to a single state (as a result of suddenly
imposed boundary conditions, such as a measurement), a similar and
related collapse occurs in the possible states of the entangled
entity no matter how far away it is located. It is one of those
aspects of quantum mechanics difficult to reconcile with our cur-
rent general view of reality. In the past, evidence of quantum
mechanical entanglement has been restricted to elementary parti-
cles such as protons, electrons, and photons. Now researchers
using highly excited rubidium atoms have shown quantum mechanical
entanglement at the level of atoms. The experimental apparatus pro-
duces two entangled atoms, one atom in a ground state and the other
in an execited state, physically separated so that the entanglement
is non-local. When a measurement is made on one atom (e.g. the atom
in a ground state) the other atom instantaneously presents itself
in the excited state. The result of the second atom's wave function
collapse is determined by the result of the first collapse. Before
long quantum mechanical entanglement may be demonstrated for mole-
cules and perhaps even larger entities. This work was done by E.
Hegley et. al, and published in Phys. Rev. Lett. 79:1 (1997). I
found a mention in Science Week (which, alas, no longer does retro-
push for free) at [27].
[27] http://users.aol.com/sciweek/sw970905.txt
_________________________________________________________________________
N o t e s
> Today's TBTF title comes from a screwball comedy made at the start of
the acting career of a future President of the United States. Ronald
Reagan was consistently upstaged by his co-star, a chimpanzee, in
Bedtime for Bonzo.
> There will be a brief pause before this week's issue of TBTF appears
on the Web. Apologies for any inconvenience.
_________________________________________________________________________
S o u r c e s
> For a complete list of TBTF's (mostly email) sources, see
< http://www.tbtf.com/sources.html >.
_________________________________________________________________________
TBTF home and archive at < http://www.tbtf.com/ >. To subscribe
send the message "subscribe" to tbtf-request@world.std.com. TBTF
is Copyright 1994-1997 by Keith Dawson, < dawson@world.std.com >.
Commercial use prohibited. For non-commercial purposes please
forward, post, and link as you see fit.
_______________________________________________
Keith Dawson dawson@world.std.com
Layer of ash separates morning and evening milk.
-----BEGIN PGP SIGNATURE-----
Version: 2.6
iQCVAwUBNB1QwGAMawgf2iXRAQHtBAP9EkKkJL1PlgLYtF9ZF2uZn5f+XylXw8rO
vjQwSUZfyoqenIw7CW2u3EDBi9rFMIppfFyqzP16bwTdWC5RZYZUoEv9VluDq6b2
xC+EpoD+WnuRQ37lSGV0RCr3GoyMI/mzpNsj3vyDhV6c979bZGfOjE5KDonr4ph8
c5zSnB16HR4=
=gwKO
-----END PGP SIGNATURE-----