In This Issue:
Virus News
AOL Cookie Rumor. If you have not heard it yet, you probably will soon: a rumor is moving through the net that purports to come from an AOL software developer saying he’s discovered a new “cookie” in the next version of the AOL software. This cookie is supposed to search through your hard disk and report the findings back to the company for some nefarious purpose.
It’s a hoax. As with all such hoaxes the main theme is built around technobabble and adds detail well beyond what would be necessary for a real warning (this one even goes into personal detail about the person supposedly doing the analysis).
General Security
Data Recovery. Your data has been called for in court and you really don’t want it seen in court so you erase the disk. Are you safe? Don’t bet on it.
Ignoring the fact that you’ve just committed an illegal act (destroying evidence) the fact that data are written to a disk as binary bits on magnetic media means it is often possible to recover the data by analysis of the media.
At its simplest, when you erase a file only the directory pointer to the file is erased along with the first element in the file allocation table being marked available so future disk writes can use the space. The data remains on the disk. So, if you just erased the file using the DEL command then you really have not deleted the file; just pointers to it. At this stage the data can frequently be recovered using fairly simple tools you can purchase at any software store.
If, after deleting the file, you attempt to overwrite the data it still may be able to be recovered using sophisticated analysis techniques. Ontrack Data International, Inc. has performed disk analysis in a number of court cases and recovered enough data to obtain convictions. A company was accused of using sexually explicit games on office PCs and deleted the programs after being accused. Ontrack found traces of the files and the company lost. In an embezzlement case Ontrack found files an employee deleted after being told not to. They have also stopped a software piracy ring which used a company’s server for distribution.
Data recovery is becoming big business. [Note: This article was written Saturday, 11 Oct and C|Net, in the show I watched on the following day, did extensive coverage on this subject; mentioning Ontrack and showing their labs.]
Netscape. If you have downloaded an early version of Netscape’s new Communicator browser or suite you might want to update to the latest version. Early versions have some bugs in the JavaScript implementation. One of these creates an opportunity for a malicious web designer to install a “tracker” applet in the form of an invisible window that steals information from your main window and sends it back to the malicious site. The latest upgrade is supposed to fix this problem.
Encryption. The SAFE bill described in the last newsletter safely made it out of the House Commerce Committee without the Oxley/Manton amendment which would have effectively gutted the safety of encryption. But, you can be certain that will not be the last time the encryption backdoor issue surfaces. Keep a close watch.
General Information
Spam. We all get spam (unwanted advertising E-mail in this case). What should you do about it? Generally, you should just try to build E-mail filters and hit the delete key for those messages that make it through the filters.
But, you say, most of the spam messages have some sort of remove mechanism. Why not just use it? Basically, because the remove instructions generally don’t work. They are either fake addresses or addresses that actually collect information. Stop to think for a moment: what’s the best way to validate a list of addresses? Of course, you get responses from those addresses. So, when you respond to spam, even a negative response, you’ve validated the fact that your address is, in fact, active. That’s a goldmine for marketers.
In a related way, it would appear that marketers now have yet another way to validate E-mail addresses. They send what appear to be personal notes hoping you will respond in some way. The notes are usually just innocuous and from reasonable-sounding addresses (but, of course, not addresses you recognize). It’s really easy to get caught up in messages like that and jot down a quick response and send it off. Be a bit more careful. If you don’t recognize the address and/or the message is not signed by someone you know just ignore it. If it is someone you know they’ll get back to you with a more detailed message you will recognize. When you then respond, refer them to this newsletter as an excuse if you need to.
Early Year 2000 Problem. Do you run Mentor Graphics on a Hewlett-Packard Apollo Domain workstation? If so beware. At exactly 14:59 Greenwich Mean Time on November 2nd the real-time clock will increment so that the 32nd bit is set. Some computer operations treat this bit as a negative number indicator which will place the file system at risk for date operations that treat the number in this way. Mentor says only a small number of people are at risk (the system is old); but if you are one of those check with Mentor for fixes to the problem. (HP is supposed to have a patch available but Mentor is reported to say that patch does not apply to early versions of the software. Check if you are not absolutely certain.)
The Euro.With year 2000 (Y2K) problems making most of the news you may not have noticed that another worldwide computer problem is on the horizon a year sooner. Current plans call for the European Community to introduce a single currency unit, the Euro, on 1 January 1999. Physical currency will remain as it is for three more years (when Euro money will then replace the 13 billion notes and 76 billion coins in circulation). But, everything financial other than the notes will change at the start of 1999.
Not generally understood by the public, the Euro problem could be in some ways worse than the Y2K problem. With Y2K one has to fix code that already exists to add support for four-digit years. The basic logic remains the same. The Euro problem requires additional modules to perform currency conversions. Adding modules to legacy code can be a serious problem and for those systems affected the cost of the change could actually be more than fixing Y2K problem. There are far more concerns than just adding another currency conversion to your software (e.g., statistical analysis in a currency with no historical database behind it).
And, you have a year less time to work on this one!