Please Note: Archived information (e.g. below) may become out of date.
How To Subscribe and
Unsubscribe is at the end of this note.
Mailing List Trouble? See http://www.langa.com/help.txt
Want an easier-to read formatted HTML version? See http://www.langa.com/whats_new.htm
Please email the LangaList to a friend!
(Use this super-fast form!)The LangaList
7-Feb-99
A Free Email Newsletter from Fred Langa About BrowserTune,
HotSpots, Columns, Tips & Tricks, and Other Activities
In This Issue:
Reader Poll Results!
BrowserTune 2000 Update
Special Tip: How to Make Your
Browser Cough Its Cookies!
End of the Intel Era?
Should Microsoft Kill Win9x?
They Just Keep On Coming!
IIS Bug!
Just For Grins
More!
Reader Poll Results
Last week, I asked for your preference about the two different ways I've done recent LangaLists---a full-text version (like this) where you get everything in the email, or a shorter email version that includes links to the full text, which resides on the www.langa.com site.
There were two interesting results: Far, far more people chose the email voting mechanism than the web-based way; I'd expected the opposite.
And the actual tallies were a bit of a surprise, too: Although the web based vote showed a clear 2-to-1 preference for the short email version, the much larger number of votes which came in to the short@langa.com and long@langa.com mailboxes were almost evenly split! There was a slight preference for the shorter version, but not enough to base any decisions on---yet. 8-)
For the moment, I'll continue with this style of LangaList: I'll keep it complete, but I'll also try to keep it from getting too long.
And in the future, I'm looking at ways to offer three different versions: A full text, a short text, and an HMTL-email version. Stay tuned!
And thanks to all the thousands of you who voted!
BrowserTune2000 Update
My jury-duty this month (see the last item in this issue) has put a serious crimp in my schedule, but the demo version of BT2K is coming along very well in the limited time I've had to work on it:
The automated test of BT2K uses JavaScript to provide the automation: Small JavaScripts start and stop the test, determining the run-order of the tests, perform any necessary calculations for you, and even keep score.
It's easy for BT2K to "sniff" to see if a browser supports JavaScript, and if the JavaScript support is enabled. If it is, the tests run normally. If not, you'll get a warning and instructions on how to re-enable JavaScript at least for the duration of the test.
The automated version of BT2K stores each test result in a special temporary cookie: I know many people hate Cookies, so I'm using a special type of Cookie that only lasts as long as the current browser session lasts: Once you close your browser the Cookie self-destructs! (That is, all its data is erased.) This way, you get the benefits of automated scorekeeping without any risk.
I'm also including a way for you to view the BT2K Cookie contents any time you want, right from within the tests, so you can verify for yourself that I'm not trying to store anything in there that they I shouldn't be.
I'm hoping that by being totally "out in the open" about what the Cookies are storing, and by deleting even that harmless information at the end of the tests, BT2K can allay the fears of those who really, truly hate cookies. 8-)
But check out the next item, below:
How To Make Your Browser Cough Its Cookies
Cookies are designed so that Cookies from each web site are stored in a separate file from others: This is one of the ways that helps prevent a web site from reading another's Cookies.
In Cookie jargon that harkens back to the early days of linked hypertext, each site is referred to as a "document" (even if it actually consists of many linked documents). Prosaically, a document's associated Cookie is known as the "document.cookie."
Next time you're on any web site, go to the address or location bar where the URL is shown, and type this where the URL normally goes:
javascript:alert("Cookie is: " + document.cookie)
If you have JavaScript enabled and if the site uses Cookies, then when you hit Enter a small window will open showing you all the information the site you're visiting has collected in its Cookie about you. Often, the information is some weird and cryptic tracking number.
But on many sites---including http://www.langa.com--- the trick above won't show any information at all: That means the site doesn't use Cookies and is storing absolutely no Cookie information whatsoever about you.
Sites with banner ads (www.langa.com has no banner ads) usually store at least some information: They track which ad you've seen so they know when to show a new ad, for example. But banner ads may store information in their own cookies, separate from the main document.cookie itself. To view these, use Explorer and navigate to your \WINDOWS\COOKIES directory for Internet Explorer Cookies, or to \PROGRAM FILES\NETSCAPE\USERS\[yourname]\COOKIE.TXT for Netscape Navigator. You can read the Cookie files with NotePad.
The "cookieEnable" Object in IE vs Navigator
Microsoft allows a site owner to "ask" Internet Explorer if it supports Cookies and if Cookies are enabled.
This is very useful. For example, because the automated portion of BT2K will use Cookies to keep track of the test results, I need to ensure that a browser about to take the test can support Cookies and that Cookie support is enabled. If not, the automated tests won't work; the user either needs to use the manual tests, or needs to temporarily re-enable Cookie support so the automated tests can run.
Microsoft makes this easy: I can embed one line of HTML in a page and direct users with Cookies enabled in one direction, and those with Cookies disabled in another. There's no action required on the part of the user; it can be completely automatic. Cool!
In contrast, as far as I can tell, Netscape offers nothing equivalent (I spent hours searching the Netscape site for an answer). The only way to tell if a Netscape browser supports Cookies is actually to try to "set" a Cookie, and then see what happens. Even deep within Netscape's own developer's pages, there's a footnote that says "If you have Cookies disabled, such-and-such will not work...." It's silly: With Microsoft's approach, people with and without Cookies each automatically can see pages customized for them. But with Netscape's method, you need clumsy, manual intervention. Grrrr.
Because of Netscape's lack of support for the "cookieEnabled" navigator object, the automated portions of BT2K will have to open with a manual test to determine Cookie support. Sigh.
Microsoft has made many mistakes, but in some areas, they are (IMHO) clearly ahead of the competition.
They keep coming and coming and coming...
Wow! Lots of you continue to recommend this newsletter to your friends via the easy-to-use, 60-second recommendation form at http://www.langa.com/recommend.htm#2.
It's great to see the subscriber rolls grow! And there's always room for more readers! If you could take just literally one minute and recommend the LangaList to just one friend, I'd really appreciate it.
Thanks!
End of the Intel Era?
Last week, we discussed Intel's announcement that it would embed an individual processor serial number ("PSN") in each P3 and Celeron chip. The 96-bit ID can identify the user's PC to any software that knows how to ask.
Trouble is, the number is potentially vulnerable to hacking, and also could offer a way for site owners to track you with unprecedented precision.
In the informal poll we ran last week on the WINDOWS Magazine web site, the reaction was eye-opening: Out of hundreds of posts, virtually all were vehemently anti-Intel. And in that huge majority, most people swore their next PC purchase would be AMD-based, until and unless Intel either removes the PSN or allows it to be disabled in hardware. One reader suggested the clever idea of resurrecting the old "turbo" switch approach, and placing a simple PSN enable/disable button on the front of every PC. (You can read more on the PSN controversy and see the incredibly angry anti-Intel reader posts at http://bbs.winmag.com/columns/archives/013199/monday/column.asp.)
I was amazed at the absolute vehemence of the reader posts. It's as though the PSN was the last straw for many people: Intel's history of high-prices and other PR fumbles (like the floating-point math bug) seem to have built up a huge reservoir of resentment that's now spilling over. I think we're seeing the start of a strong anti-Intel backlash, analogous to the anti-Microsoft fervor that's changing the Operating Systems landscape.
What's your take? Given that AMD's newest chips are likely to match and maybe even exceed the performance of the P3's, and given the many other CPU alternatives out there, do you think we're seeing the beginning of the end of Intel's dominance? (Note the announcement by Gateway last week that they'd start using AMD chips in some systems.) Has Intel's arrogance---"Here's our idea for security. You have no choice but to take it."---finally caught up with it? Will PSN-equipped PCs be a useful addition in your enterprise, or just another security headache to worry about? Is the software-only approach for disabling the PSN practical, or does it create needless complexity for you? Does "Intel Inside" mean "Big Brother Inside?" Join in the discussion starting Wednesday midday (EST; UT-5) at http://www.informationweek.com/langaletter.
Should Microsoft Kill Windows 9x?
There were many, many press reports last week that possible further delays in NT5/Windows 2000 were causing Microsoft to re-think its long-stated plans to phase out Windows9x and replace it with a desktop OS based on NT.
Microsoft has been schizoid about Win9x for some time. A while back, they started referring to it as their "consumer Windows," despite the fact most business installations of Windows run 9x and not NT.
But in any case, Win98 was supposed to be the end of the line. The next version of the "consumer OS" would be NT-based. In a halfway step, Win98 introduced a new driver model that would be shared between Win98 and future versions of NT. This would help ensure that migration from today's 98 to tomorrow's Windows 2000 would be smooth.
But W2K is already over a year late, and no one I know is betting the farm on Microsoft making its next target release date. As W2K recedes into the future, that leaves the majority of Microsoft OS customers (those running Win9x) in serious need of a refresh or update if only to fix the bugs.
That, coupled with reports of behind-the-scenes moves at Microsoft to reassemble a Win9X programming team, led to speculation that perhaps Microsoft would issue one more version of 9x, perhaps calling it "Windows 2000 Consumer Edition." That hypothetical version might include all the patches and bug fixes already being assembled for a Win98 Service Pack, plus new items such as IE5.
Or, Microsoft might simply stall on developing a successor to Win98, and simply release a Service Pack for Win98 and let it go at that. (Two versions of such a Service Pack are currently in beta.)
It's a murky picture, but WinMag Tech Editor Scott Finnie neatly summarizes what's going on in this story: http://content.techweb.com/winmag//news/1999/0201/0202a.htm .
What's your take, and what do you want? Do you agree with Microsoft designation of Win9x as a "consumer" product? Do you use it in your business? Should Microsoft simply refresh Win98 with a service pack? If so, should it be on a CD, or would you prefer to download it via Windows Update? Should Microsoft let Windows 9x go through one more major iteration before switching to the NT-base, or should it break with the past (and all of Win9x's legacy problems) and move to the NT base as soon as possible? Join in the discussion starting around midday (EST; UT-5) on Monday Feb 8 1999 at http://www.winmag.com !
IIS Bug
If you or someone in your company is running Microsoft Internet Information Server 3.0 and 4.0, there's a security hole you should know about:
It's called the "Malformed FTP List Request Vulnerability." Malicious persons who have login FTP access to your server (including guess accounts) can cause trouble by causing an internal buffer to overrun: A bad "List" command could either crash the server, or even cause an executable to run.
Neither is a high-probability proposition, but why take a chance? If you or your company is running Microsoft Internet Information Server 3.0 and 4.0, check out http://support.microsoft.com/support/kb/articles/q188/3/48.asp for information on a patch that closes this security hole.
Just for Grins
Ah, New Hampshire. 8-) I've been back here just about a year, and have really enjoyed becoming reacquainted with clean air, clean water, great views, and abundant wildlife. (A small herd of deer has been in our vicinity. I went out to get the mail the other day and encountered a deer about 20 feet from my back door. I'm not sure which of us was more startled!)
NH has long prided itself on doing things its own way. Jury duty is one. The way it's handled here, you're sworn in at the start of a month and are on duty all month. The County Clerk says that when you're called, it's virtually certain you'll sit on one or two cases during the month, with some people serving on three or even four juries! Most people don't have to go in every day (most trials are short), but the possibility is there.
Although I'm a "sole proprietor" and could have pled hardship, I do believe in the system and didn't try to get out. So this month (Feb) is rather majorly messed up for me, and some projects---like BrowserTune 2000--- are progressing more slowly than I'd planned.
But on the bright side, I get the lordly sum of $20 per day for my jury service. (I wonder when the last time was they adjusted that pay scale!)
In local high-tech news, most of the State's major agencies have declared themselves Y2K compliant; a good thing. In some ways, it's not a surprise because---believe it or not---New Hampshire has a greater percentage of its workforce in high-tech than any other state in the US! This is at odds with the sleepy, rural redneck image NH has in the media, but it's true.
However, some parts of that media image are hard to shake. When the local papers ran out of Y2K scare stories involving the Government agencies, they looked further afield: It turns out the local gravestone makers have a Y2K problem because many gravestones are pre-engraved with "19-", and because the standard templates don't leave enough room for all the fat zeros on "2000." Supposedly, a gravestone supply house is developing a special font so the "2000" will fit properly.
And no, I'm not making this up!
See you next issue!
Best,
(fred@langa.com)
(P.S. Please email the LangaList to a friend!
Use this super-fast form!)An easier-to read formatted HTML version is available in the "what's new" section of http://www.langa.com. All past LangaList issues are also available via the same link.
Why are you getting this newsletter? There are only two ways to get on the list (direct email request or via the WinMag mail list signup page) so if you're getting this newsletter; your name came to me through one of those channels.
SUBSCRIBE (it's free!): Send email to subscribe-langalist@lyris.dundee.net
UNSUBSCRIBE: Send email to unsubscribe-langalist@lyris.dundee.net
LIST TROUBLE? HAVE QUESTIONS? NEED HELP? See http://www.langa.com/help.txt
This newsletter is a free service of Langa Consulting LLC and is Copyright © 199
9 Langa Consulting LLC. All rights reserved.Please Note: Archived information (e.g. below) may become out of date.