S E R V E R   S I D E
View current page
...more recent posts

About the only story that could rival that huge javascript hole in IE for pure explosive power, is this one: Microsoft is trying to force Slashdot to remove certain reader postings that supposedly violate their copyright under the DMCA (which is the very evil Digital Millennium Copyright Act.) Talk about opening a can of worms. I almost wonder if they did this to divert attention from the javascript blunder. Read all about it here including the full text of the letter from microsoft lawyers, and the initial slashdot response (which cleverly reminds them that internet service providers - like, oh I don't know, let's say HOTMAIL - are not responsible for their users content. If microsoft was responsible for everything on hotmail (which every law dodging, warez trading, black hat in the world uses as a throwaway mailbox for all sorts of nefarious deeds) Bill Gates would be going to jail for a long time.) Anyway, the noise from this one is going to be huge. Admittedly, one or two of the many posts in question actually did contain the entire text of some microsoft copyrighted materials, but the question is still open about whether Slashdot (now Andover.net) is responsible for all the reader posted content on their system. And the rest of the posts microsoft is asking to have removed are clearly legal (they are mostly links to other copies of the copyrighted material, and link are legal no matter what they point to as 2600 proved in their fight against the MPAA over decss - how's that for tightly packed insider news?) For slashdot this must be like a cake of gold falling from heaven into their laps. "Just make sure you spell our name right" is all they really needed to reply. All ready this story is spreading like wild fire across the net (and the document in question has been mirrored at dozens of sites.) And, who knows, maybe slashdot can fight this one through to the eventual defeat and repeal of the DMCA itself ?!!?! Talk about David slaying Goliath (even when David is worth a couple hundred million,) this is going to be great for slashdot. I caught the story about an hour ago, and their were 520 reader comments. I just checked back and it's way over 800. Go, you geeky freedom fighters.
- jim 5-11-2000 9:56 pm [link] [add a comment]

Oh boy, I don't know where to start. What an afternoon. I thought the morning was kind of slow, but here we go. First, a massive security hold was found in Microsoft Internet Explorer running on Windows systems (both 95 and 98 confirmed, still waiting to hear about NT and 2000.) Basically this hole lets a hostile web site view your cookies. This is not a problem with cookies (which some people like to say are unsecure) but with Microsofts implementation of javascript. If you are using IE on Windows, and you don't want other people to know where you go on the web, you should immediately turn off javascript. (On IE for the mac this is done in the edit menu by selecting preferences, and then choosing 'web content' (which is under WEB BROWSER on the left) and then deselecting enable scripting? in the Active Content section. If windows is different, someone please clue me in. Note: javascript is not java and has nothing to do with java - although you might want to turn that off too.) "Who cares" you ask? Well, dismissing the obvious oceans of porn that of course nobody ever looks at, what about your on line brokerage account? What about all your accounts that remember your password (like this one?) What about your account on the gay and lesbian alliance site that you didn't want your evil employer to know about? All of these things are stored as cookies on your machine, and only you should have access to them. Javascript is very good at keeping hostile website's code from gaining any sort of access to your machine (outside of that codes sandbox.) Microsoft's is unfortunately not so good. But everybody makes mistakes, the real test of their ethics will be how long it takes them to patch this. (If it were an open source program there would already be several patches available to solve this problem.) The clock is ticking Redmond...
- jim 5-11-2000 9:19 pm [link] [add a comment]

Here's the code from the ILOVEYOU visual basic worm/trojan horse. (Well, I can't prove that this is it, but since I believe cam and he says this is it... I actually received zero copies of it, or I would have caught a version myself. Visual basic looks worse than Perl! (Although granted, the line breaks got mangled on this version.)
- jim 5-11-2000 7:56 pm [link] [3 comments]

bump
- jim 5-11-2000 4:18 pm [link] [add a comment]

And I thought legos were cool when I was a kid. Now they have those computer controlled robot legos (called Mindstorm,) and I just heard about the plans forLego world digital movie studio. Too cool. I'd love to see what Steve's nephew would make with this thing (or even what Steve would make with it.)
- jim 5-11-2000 2:37 pm [link] [add a comment]

Here I go again. I just can't help it. Not enough time to really do anything more, but I still want to note all these cool but basically unimportant tech stories. Oh well. For now this is what it is.
- jim 5-11-2000 2:30 pm [link] [add a comment]