|
Please visit the LangaList Home Page Please note: Older issues may contain information that is now out of date. How To
Subscribe and Unsubscribe is at the end of this
note. Mailing List Trouble? See
http://www.langa.com/help.htm Please recommend the LangaList to a friend! (And maybe win $10,000 !) An easier-to read formatted
HTML version of this newsletter is available The
LangaList 2001-10-15 Please visit our sponsors and help keep the LangaList S.E. free!
--- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )--------------
1) More Fine Print FolliesWe first covered the growing trend of vendors abusing the fine print in end-user license agreements (EULAs) at the beginning of the year. At the time, perhaps the most egregious offender was Juno, the giant "free" ISP: In a struggle to survive, it inserted a stealth amendment to its online user agreement that said, in essence, that Juno could install code onto your PC as part of routine software updates; this new software would allow Juno to take over your PC's spare CPU cycles: Juno would make your PC a slave in Juno's distributed network and sell your CPU cycles to other companies. You, the end user, had no control over what Juno's software was or what it did; you had no claim to any benefits or profits Juno realized from using your PC; and if Juno's use of your PC, CPU or bandwidth caused you extra costs or problems--- tough. The catch was that you had actually to read the
online agreement to know all this. Existing Juno customers who just kept using
Juno the way they always had were automatically bound by the new agreement, even
if they never saw it. New users who didn't read the fine print likewise were
automatically included in Juno's scheme. (Full
story:
http://www.byte.com/documents/s=571/byt20010222s0004/ ) As reported by a number of publications, that EULA sounds like something draconian; an overweening attempt by Microsoft to limit criticism of itself and its products. But, although the FP2002 EULA is flawed, I actually think there's less to it than meets the eye. In actuality, there are far worse EULAs out there. In a new InformationWeek column, I'll go through the FrontPage EULA in some detail, and also show you a current EULA that I feel is actually much worse--- one that could theoretically let a vendor charge you almost whatever they want, at any time, without your prior knowledge, and yet you'd be liable for the bill. You see, as we
pointed out at the beginning of the year, reading all relevant EULAs and Terms
Of Service is a major pain, but it's becoming increasingly essential: Unless you
keep your guard way up, you could be opening yourself up for a nasty--- but
perfectly legal--- surprise, courtesy of the fine print. Please check out the new article at See you there! Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 2) Another IE "Dotless IP" Security HoleInternet addresses may be presented in many formats, and some unusual (but legitimate) formats are sometimes used by spammers and malicious hackers as a way to obscure an address--- to "hide in plain sight" through an unusual format. There's an excellent explanatory page at http://www.pc-help.org/obscure.htm that runs through most of the ways an IP address can be obscured. Way back in1998, IE4 had a security problem with "dotless" IP addresses--- the kind of Internet address that appears as one long number rather than the more familiar "dotted quad" format. Although IE4's problems with dotless addresses came to light years ago, and despite the fact that the ways to obscure an address are extremely well-known, the same kind of problem has now been found in IE 5.01, 5.5 and 6. (Sigh.) If a malicious site exploits this problem, your browser can be fooled into treating an external (and possibly hostile) site as if it were part of a local LAN, and thus subject only to your (usually far more lax) "Local" security settings instead of the "Internet" setting that should apply. More info and a patch: Click to email this item to a
friend 3) LiveUpdate: Quis Custodiet Ipsos Custodes?Speaking of security holes, here's one that brings to mind the old Latin phrase (above) that means "Who guards the guards?" or "Who watches the watchmen?" It applies today to Symantec/Norton's LiveUpdate: Ironically, LiveUpdate--- the tool used mainly to keep antivirus software up to date--- may itself contain a security hole by which malicious hackers could load hostile code onto your system. The original report of this problem appears at
http://www.phenoelit.de/stuff/LiveUpdate.txt ,and other sites have since
picked up on it (Example: I searched the Symantec site, but could find no response to the report yet. Stay tuned. Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 4) BrowserTune 2002I was surprised at how much mail I got after suggesting (in the last issue) that you might want to try BrowserTune's "Level Three" tests to see if your browser had active Java support: My assumption was that most of you already knew about BrowserTune. My mistake: I guess many, many of you hadn't seen BrowserTune before! The current version of BrowserTune--- BT2K--- originated on the late, lamented WinMag.Com site. When WinMag shut down, the folks at CMP allowed me to pull the code off their servers (I am BrowserTune's author) and post it on my own site. Some of the BT2K tests did not fare well in the transplantation because they pointed to CMP pages or affiliates that no longer exist, but--- after a ton of work to "de-CMP-ify" the tests--- BT2K reached a point where all the basic tests work fine, and most of the advanced tests do likewise. I debated whether or not to continue re-doing all the current test pages, but, the "guts" of the current BT site comprise just under 10,000 files and pages (9,664, to be exact!), so it's not a simple thing to wade in and start slinging code. Instead, I've been working on an entirely new and streamlined version of BrowserTune--- BT2002--- for some time now, and hope to have it ready for public test fairly soon. Because browsers have become more standardized over the last couple years, this new BT version will focus less on the minutia of browser subsystems, and have more geared to tuning browsers and connection speed. It will, however, retain the elements of BT2K that still are germane to the current crop of browsers. More info to come! Meanwhile: http://www.browsertune.com/ Click to email this item to a
friend 5) HotSpotsIn light of the above, let me also tell you about HotSpots, another site that also used to appear on the WinMag.Com site, but that I'm now running independently (http://www.browsertune.com/flanga/hotspots.htm ). It's a site whose simple mission is to bring you "Every Day, The Best, Most Interesting, Most Useful, and Strangest Sites the Web Has To Offer!" For example, during the last weeks, the Hotspots page has offered these links: It's such a boring name. Maybe this would help me keep my desk clean. Weird to see this. Nice online tech museum. Nice site design--- good utility, too. Sometimes, empty minds are mistaken for open ones. AstaLaVista, baby. Would you trust this? Websites that read your body language? Merciless--- but fun. Unlike the original, no coins needed. Making XP More Secure Got GPS? Sounds like *this* web page... If you're not a regular Hotspots visitor, you're missing a lot. That's why thousands of people actually have the HotSpots page set as their home page, so every day, at log-on, they automatically get to see "The Best, Most Interesting, Most Useful, and Strangest Sites the Web Has To Offer!" Check it out at http://www.browsertune.com/flanga/hotspots.htm ! Click to email this item to a
friend 6) Thanks!Thanks to thousands of you, the LangaList has become one of the five most-recommended "Computing & Internet" web sites, according to the folks at Recommend-It! It's a great feeling to know that this newsletter (and Langa.Com) is useful enough for many, many of you to have suggested it to friends and colleagues. And, as a way of saying "Thanks!" there are two
prizes you can win simply for making a recommendation. For example, if you use
the Recommend-It service, you can win $10,000 (full details also available via
this link): Or, win a no-strings $30 Gift Certificate for any
item at Amazon.Com--- books, software, hardware, kitchenware, toys... and more.
To have a shot at winning, just use the following link to recommend the
LangaList to a friend. Your friend just may find a new source of useful
information; I just may gain a new subscriber; and you just may win a $30 Gift
Certificate! (Full details also available via this link): Either way, thank you again, and good luck!
Click to email this item to a friend 7) InCtrl Puts You In Control
Indeed, InCtrl is now up to version 5 and runs under Win9x, ME, NT4 and
Win2K. It's available at You use InCtrl to take a "snapshot" of your system settings before and after
you install new software, and then can use the tool to see exactly what changed.
In this way, it's similar to tools like Norton's "Registry Tracker," except that
InCtrl is free. If you're an intermediate-level user or above, you should find it quite useful. Thanks, Henrik! Click to email this item to a
friend 8) They Loaded The CodeDo you have a home page or website? (It doesn't matter what size.) Please click over to http://www.langa.com/code.htm , and maybe you can join the hundreds and hundreds of LangaList readers who have "Loaded the Code!" (If you've already "Loaded The Code" and are wondering if your site will appear here or on the Langa.Com web site, please see http://www.langa.com/link.txt ) Speaking of which: Here's another eclectic sample of reader sites--- some professional, some very personal: View A Randomly-Chosen Reader Site Manually Browse All Posted-to-Date Sites
Starting At All You Ever Wanted To Know About Chat... Cutter's Place (female woodcarver) LAKEWOOD PRODUCTIONS Las Vegas Hotels Unusual Metal Sculpture NY, Toronto, London Theaters (strange formatting, good info) "ESP and practical spirituality" Airjet's Homepage Cyber-Shopper Edit-Pros Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 9) *Much* Faster "Shields Up!" SiteLong-time readers know I've discussed Steve Gibson's excellent "Shields Up!
site many times ( Frequent contributor Bronson Elliott was first to sound the alert about a new, much-faster version of the site that went live just a few days ago:
Check it out. --- Bronson C. Elliott Thanks, Bronson! Indeed, the site now finishes the tests in a fraction of the time it used to take. Gibson's site, along with the security tools at http://www.dslreports.com , remain my top-two picks when I want to perform a quick (and free!) security scan of any system I've been working on. Click to email this item to a
friend 10) Just For GrinsReader Claudia Slate sends along this list of "New TV Shows Inspired By The Internet." The list apparently was originally written by one "Dawny-Ray."
Click to email this item to a
friend --- ( Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------( the above is an advertisement )-------------- 11) Plus! Edition Highlights:
Today's LangaList Plus! Edition contains all ten items above, plus about 30% more content including: Information on a new update to ZoneAlarm (no, not version 3.0--- yet); a way you can manually adjust Outlook's Junk Mail filters via an external file, so Outlook won't discard mail you really want to see (or so it will trash mail you *don't* want to see!); and a way you can prevent individual Autoexec commands from displaying anything on your screen, for privacy. Plus! Edition info: http://www.langa.com/plus.htm Click to email this item to a
friend See you next issue!
Best, Please recommend the LangaList to a friend! (And maybe win $10,000!I) An easier-to read formatted HTML version is available in the "Current Issue" section of http://www.langa.com. (The HTML version of each issue normally is available by 9AM EST [UT-5] of the issue date.) All past LangaList issues are also available at the Langa.Com site. UNSUBSCRIBE: From the same email account
you used to sign up with), send an email to |
|
|
Please visit the LangaList Home Page
|