Today is: Unpredictable Mac

Chris's Unpredictable and Occasional Newsletter

About Unpredictable

BackIssues 2006- 2008
BackIssues 2005
Back Issues 2004
Back Issues 2003
Back Issues 2002
Back Issues 2001


Geek Speak Review





Art Prints



Apple iTunes







< PreviousNext >

CHRIS'S UNPREDICTABLE and OCCASIONAL Newsletter for PC USERS #42, 04/01/02 Trustworthy Computing Issue

Contents Copyright 2002 by Christopher Plummer

I've had it with Oh Ess Ten and Apple's price increases! I'm buying a
Dell and using the greatest OS of all, Windows XP.

"JK,JK." (Just kidding). This is the 'April Fool's Day' issue, but buying
a Windows PC is the only part of it that's a joke. I really TRY to leave
Microsoft alone because I feel sullied by their dark chi. But what a
boring world it would be without Microsoft and its two largest and most
important divisions, LAW and MARKETING.

So this issue is for those who appreciate humor and insight in the
travails of the world's largest predatory monopoly. Enhanced with
fascinating MS trivia, insightful comments, and personal commentary of
questionable merit, and isolated in a separate issue so those of you
affiliated with the Dark Forces of Mordor (I KNOW WHO YOU ARE), can skip it all. Just DON'T MISS the Tips and Special Bonus Keyboard Commands if you use IE!! Now, back by popular demand, I leave Apple alone! ;-)

UPDATES - None to speak of (but be sure to read the Tip - below)
NEWS - It's all news!!
UNPREDICTABLE READER FEEDBACK - Just the usual accolades!
COMMENTARY - Trustworthy Computing
GEEK SPEAK REVIEW - Windows, does Andersen Have a Chance?
Tips - IE Mail Program Confusion Clarified
OCCASIONAL Favorite WEB SITE - Trustworthy Computing
Special Bonus Keyboard Commands - IE Offline Browsing, maybe

Sun Microsystems has sued MS for a BILLION dollars because of the way
they screwed with Java in XP. Let's see, there's Sun, BE, Netscape/AOL,
and gobs of other companies fighting their own private skirmishes with
the monster. But what has become of Frodo and the Fellowship? I guess
we'll have to wait till next December to see 'The Two Towers'.

MSNBC says, "Nyaaa, nyaaa, nyaaa!!" to Rival AOL/Time Warner -
In writing that sets new standards for objective journalism (Not!), MSNBC
reports gleefully through the mouth of the Wall Street Journal that AOL's
email system has flopped for the media giant.


For a more trustworthy take on the issue try:


Maybe managers at AOL/TW will choose a corporate mail system based on
Microsoft products. Then they can enjoy the secure, spam-and-virus-free
benefits of a REAL corporate email system! ;-)

Ziff-Davis warns that 'Web Tunes Sound a Security Alarm'. Windows Media
and RealAudio users could get a WORM from downloaded MP3 files containing
(MS) ActiveX or JavaScript code. No mention of similar issues with
Quicktime. :-)


Just the usual Accolades (Thanks!)

Trustworthy Computing - A Smorgasbord
[Excerpts. Where possible, posted with references and URLs. Most come
from mail list posts to the MacMarines w/o the complete info. - Chris]

Subject: Ashcroft Backed Microsoft Deal
From: "Barry Ritholtz"
Date: Mon, 18 Mar 2002 15:51:59 -0500


Atty Gen Ashcroft Backed Microsoft Deal
E-Mail Details Need for U.S. to 'Focus on Other Things'
By Jonathan Krim

Washington Post Staff Writer
Sunday, March 17, 2002; Page A15

U.S. Attorney General John D. Ashcroft wanted to settle the Microsoft Corp.
antitrust case to allow the government "to focus on other things," according
to an e-mail from an Ashcroft family friend to a leading opponent of a
proposed settlement between the firm and the Justice Department.

Subject: Air Force Warns Microsoft
>From InformationWeek Daily, 3/15/02":
** Air Force Has A Mission For Microsoft

As if Microsoft didn't have enough trouble with the government.
Now an Air Force CIO is taking the vendor--and its competitors,
too--to task, saying they need to step up their efforts to
establish improved security standards.

Coding errors in commercially developed software account for
roughly 80% of successful system intrusions, says Air Force CIO
John Gilligan. And hacks today may be aimed at causing more than
bottom-line damage. "This is no longer an economic issue. This is
clearly a national-security issue," Gilligan says. The cost and
energy the Air Force is expending on dealing with coding flaws
that are found almost every day, and which could create
opportunities for hackers, is taking its toll. It's "rising very
fast--approaching the point where we're spending more money to
find, patch, and fix vulnerabilities than we paid for the
software," he says.

Microsoft doesn't necessarily have worse design problems than
other vendors the Air Force buys products from, such as Cisco
Systems and Oracle, but it's the largest IT supplier for the Air
Force. So it has "the opportunity to show leadership in the
industry," Gilligan says. Microsoft has helped set the right tone
with chairman Bill Gates' internal memo advocating "trustworthy
computing, [but] the key will be, what's the follow through?"

Gilligan met last fall with Microsoft execs Rick Belluzzo and
Howard Schmidt (now vice chairman of the federal Critical
Infrastructure Protection Board) to discuss mounting security
problems. The Air Force has instituted more rapid processes for
patching, but it's no easy task to manage 400,000 desktops
running Microsoft software. "We're not leaving Microsoft in a
week or six months," Gilligan says. But if the company doesn't
improve, the Air Force, with roughly a $6 billion IT budget, will
weigh other software options, he says. "Even though Microsoft may
have good functionality in products and the purchase price may be
reasonable, the overall life-cycle cost and vulnerability may
cause us to look at other products." - Sandra Swanson

How NSA access was built into Windows
Duncan Campbell 04.09.1999

Careless mistake reveals subversion of Windows by NSA.

A CARELESS mistake by Microsoft programmers has revealed that
special access codes prepared by the US National Security Agency
have been secretly built into Windows. The NSA access system is
built into every version of the Windows operating system now in
use, except early releases of Windows 95 (and its predecessors).
The discovery comes close on the heels of the revelations
earlier this year that another US software giant, Lotus, had
built an NSA "help information" trapdoor into its Notes system,
and that security functions on other software systems had been
deliberately crippled.

The first discovery of the new NSA access system was made two
years ago by British researcher Dr Nicko van Someren. But it was
only a few weeks ago when a second researcher rediscovered the
access system. With it, he found the evidence linking it to NSA.

Computer security specialists have been aware for two years that
unusual features are contained inside a standard Windows
software "driver" used for security and encryption functions.
The driver, called ADVAPI.DLL, enables and controls a range of
security functions. If you use Windows, you will find it in the
C:\Windows\system directory of your computer.

ADVAPI.DLL works closely with Microsoft Internet Explorer, but
will only run crypographic functions that the US governments
allows Microsoft to export. That information is bad enough news,
from a European point of view. Now, it turns out that ADVAPI
will run special programmes inserted and controlled by NSA. As
yet, no one knows what these programmes are, or what they do.
Dr Nicko van Someren reported at last year's Crypto 98
conference that he had disassembled the ADVADPI driver. He found
it contained two different keys. One was used by Microsoft to
control the cryptographic functions enabled in Windows, in
compliance with US export regulations. But the reason for
building in a second key, or who owned it, remained a mystery.

A second key

Two weeks ago, a US security company came up with conclusive
evidence that the second key belongs to NSA. Like Dr van
Someren, Andrew Fernandez, chief scientist with Cryptonym of
Morrisville, North Carolina, had been probing the presence and
significance of the two keys. Then he checked the latest Service
Pack release for Windows NT4, Service Pack 5. He found that
Microsoft's developers had failed to remove or "strip" the
debugging symbols used to test this software before they
released it. Inside the code were the labels for the two keys.
One was called "KEY". The other was called "NSAKEY".

Fernandes reported his re-discovery of the two CAPI keys, and
theirsecret meaning, to "Advances in Cryptology, Crypto'99"
conference held in Santa Barbara. According to those present at
the conference, Windows developers attending the conference did
not deny that the "NSA" key was built into their software. But
they refused to talk about what the key did, or why it had been
put there without users' knowledge.

Subject: More Windows Security Daymares
From: "Sarge"
Date: Sun, 3 Mar 2002 00:55:17 -0500

If you think the NSA thing was bad look at this. -Sarge


Microsoft Has Hidden Files on Your Computer
of course there are More Things To Know with new windows releases...
Microsoft's Really Hidden Files:
A New Look At Forensics. (v2.5b)

[Don't worry. Be happy. All your personal data is SAFE in the 'Electronic
Wallet' of your MS Passport account. And 'Dot NET' is a good thing too!
Bwa Ha Ha Ha!!]


Microsoft's claim to "Windows" doubted
By Lisa M. Bowman
Staff Writer, CNET
March 18, 2002, 10:45 AM PT

Microsoft suffered a minor legal setback Friday when a federal judge
questioned the software giant's claim on the word "Windows."

In December, Microsoft sued operating-system maker, claiming the
6-month-old company was illegally taking advantage of its Windows trademark
and potentially confusing customers.

However, in a preliminary ruling issued late Friday, U.S. District Judge
John Coughenour said the suit raised "serious questions" about whether the
word "Windows" is entitled to trademark protection.

"Although certainly made a conscious decision to play with fire
by choosing a product and company name that differs by only one letter from
the world's leading computer software program," Coughenour wrote, "one could
just as easily conclude that in 1983 Microsoft made an equally risky
decision to name its product after a term commonly used in the trade to
indicate the windowing capability of a GUI (graphical user interface)."
The judge also refused Microsoft's request to immediately shut down the
Lindows site and stop the smaller company from using the word "Lindows."
Instead, those issues may be decided at trial.

San Diego-based, which is headed by former CEO Michael
Robertson, is developing a Linux-based operating system that runs
Windows-based programs.

"We're obviously satisfied with the court's ruling," Robertson said in a
statement. "Our hope is that we can move beyond the courtroom and focus on
our goal of bringing choice back to the PC business."

Microsoft did not immediately respond to requests for comment.

(9/10) Internet Explorer - Chooses Wrong Mail Program?

If you click on an email address in IE and find yourself in some WEIRD
mail program, that is, a mail client that is NOT the one that you expect
to be using, such as the OH ESS Ten 'Mail' app, most likely your Internet
settings were changed.

In OS 9, MULTIPLE Internet settings may cause this issue but that's a
topic TOO DEEP for this article. So we'll ignore it and go for the easy
fix: Go to the Control Panel formerly known as 'Internet Config' - which
we now simply call 'Internet'. Click on the 'Email' tab. At the bottom of
the panel check the item 'Default Email Application'. This should list
your Email client of choice. If it doesn't, fix it! Be sure to save your

In Internet Explorer 5.1,there's no place to tell the program to 'Use
Internet Config' settings. It just does. (This is a good thing.) So be
sure to GET CURRENT with IE. If you're not using the most recent version,
you should be.


In Oh Ess Ten, go to the Email tab of the 'Internet' System Preferences
panel. Make sure that your Mail program of choice is selected as the
'Default Email Reader'.

This should fix the issue for IE in both 9 and X. If it doesn't, you can
check one more thing...

In both Nine and X, you can manually set the email program that responds
to the 'mailto' protocol. Go to IE Preferences. In the Preference panel,
click on 'Network/Protocol Helpers' and scroll down to the 'mailto'
protocol. The column to the right lists your current selection. If it's
not your mail client of choice, click on 'mailto', click on [Change], and
locate your mail program. Close the Preferences panel. Save your changes,
of course. And this should fix it!

[Note: NN used to have a problem like this too. There's an Applescript
floating around that will fix it...]

In case you missed this the last time...not REALLY a website, but
definitely an entertaining search.


Special Bonus Keyboard Commands
(9/10) - Internet Explorer
Hold your breath, this is a good one! Remember I mentioned keeping web
pages in the IE Scrapbook? I explained that you could only keep a single
page and not the pages 'linked' to that page? You can allegedly do this in IE.

[Command] + K - Pops open the 'Favorites' tab (or is it a 'drawer'?),
then it presents you with a Tabbed Dialog for all the options available
for the Favorite that you are adding. We won't cover all the Tabs here.
Skip to the last one, 'Offline'. Put a check in the box for 'Download
site for Offline Browsing'. Then press the [Options] button.

In the 'Options' dialog, you can choose whether you want to download
images, movies, sounds, and links, AND how 'Deep' you want to go, and
whether to download links to other sites as well. And HEED the warning,
this will take time and eat disk space. But you just might like it!!

If you can get this to work. I read the HELP instructions. I did what it
said. I couldn't get it to work. Is this just a facade? Some programmer's
idea of a cool dialog that nobody wrote the code for?? Does it work for
you??? If it does, tell me!



** CHRIS'S UNPREDICTABLE and OCCASIONAL Newsletter for Mac Users **
Oriented towards, but not exclusively for, Mac Users in Beautiful Western
Central New Jersey. Published Whenever - About Whatever!
Non-profit, non-commercial publications may reprint articles if full
credit is given. (Please provide UNPREDICTABLE with a copy.) Others
please contact the editor. Accuracy of articles is UNPREDICTABLE and
not guaranteed. Caveat lector. Publication, product, and company names
may be registered trademarks of their companies.

SEND requests and feedback to < chris AT Unpredictablemac dot com>.

Sample Issue - email with "Sample Unpredictable" in the Subject.
Subscribe - email with "Start Unpredictable" in the Subject.
Unsubscribe - email with "Stop Unpredictable" in the Subject.

Back Issues available to subscribers upon request.
My accountant has advised me to come clean in every issue. Yes, I am a
consultant and am available to HELP YOU on a one-to-one basis. Macintosh
Networking, Internet Connectivity, Desktop Support, Training.
Satisfaction Guaranteed. Oh, and Lotus Notes and Domino Adminstration,
Development, and Support. Interested in help from a long term MAC
Professional? Don't hire some Windows kid who tells you to get rid of
your Mac because HE doesn't GET IT! Send me an email:
< chris AT Unpredictablemac dot com>

TFSB :-)



Apple Logo Contact Me: AIM
All contents copyright 2000-2008 by Christopher Plummer, ZebraTale LLC, except where noted. Accuracy of articles is UNPREDICTABLE and not guaranteed. Unpredictable was published from 2001 to 2008. Although updated occasionally, this is a historical archive - expect dead links. Caveat lector.
Publication, product, and company names may be registered trademarks of their companies. TFSB :-)