Saturday, January 3, 1970

Ha ha ha ---------- Forwarded message ---------- Date: Tue, 12 Aug 2003 14:48:39 -0400 (EDT) From: destiny To: declan@well.com Subject: "Fair and balanced" To mock Fox News -- and their lawsuit against Al Franken -- a number of web-logs have changed their taglines to "Fair and Balanced." It's in the title bar of cartoonist Tom Tomorrow's ThisModernWorld.com, the well-read Eschaton, and several others. I'm following suit. Fox New's self-description is transparently laughable -- and should apply equally well to the even-more opinionated universe of web-logs. Destiny-land. Fair and balanced. http://destinyland.blogspot.com/ 3:48:22 AM    comment []

Online Streaming of Movie Trailers Halted Trailers Parked Shannon P. Duffy The Legal Intelligencer 08-13-2003 In a significant victory for movie studios, a federal judge has ruled that movie "trailers" are an art form unto themselves and protected by copyright law and therefore cannot be streamed on the Internet without permission. In his 24-page opinion in Video Pipeline v. Buena Vista Home Entertainment Inc., U.S. District Judge Jerome B. Simandle of the District of New Jersey also ruled that the "fair use" doctrine does not protect a company that created its own version of trailers for Disney and Miramax movies after the studios insisted that their trailers be taken off the Internet. "Trailers have become more than advertising material for other products; they have become valuable entertainment content in their own right," Simandle wrote. The plaintiff in the suit, Video Pipeline of Haddonfield, N.J., was seeking a declaratory judgment that its use of existing trailers and creation of its own trailers did not violate copyright law. But Simandle found that trailers, although not separately registered, are nonetheless protected by the movie's copyright, and that all of the defenses Video Pipeline asserted were invalid. 3:34:43 AM    comment []

The MS Blaster worm raises many questions. http://www.washingtonpost.com/wp-dyn/articles/A52050-2003Aug12.html?referrer=email THE END OF E-MAIL VIRUSES--AND ANTIVIRUS APPS By Robert Vamosi SECURITY: The MSBlast worm that wreaked havoc last week signals a sea change in the virus world. E-mail viruses are on their way out, says Robert, and so are antivirus solutions as we know them today. http://ct.com.com/click?q=19-BL90I2rQgeS0M19Pzuq9zmNiRXdX Thanks to Declan: According to a Wired (http://www.wired.com/news/infostructure/0,1377,59994,00.html) story today, Microsoft is confused why these worms continue plaguing users when the company's made great effort to improve the patch delivery process. Microsoft says it's working with federal law enforcement to find out who's behind the dastardly deed that's giving the software monopoly yet another embarrassing black eye in the media. This is a typical Microsoft response full of proactive sound of fury, but signifying nothing helpful. And the media's full of reporting about the pervasiveness of MSBlaster and what people can do to protect themselves against this "latest" cyber-threat. Yet Microsoft says third-party software accounts for (http://www.zdnet.com.au/newstech/security/story/0,2000048600,20277185,00.ht m)>half of all Windows crashes. Funny, it also blamed the competing DR-DOS for Windows 3.1 crashes in an (http://news.com.com/2100-1001-225129.html) attempt to get people to buy MS-DOS back in the 1980s. (It was later discovered that Microsoft had engineered false error messages to trick users into buying MS-DOS.) It also said Internet Explorer couldn't be removed from Windows 95 without crippling the operating system, and was proven wrong by enterprising researchers. So Microsoft's track record for veracity isn't exactly stellar when it comes to its products and business practices. But, few if any are mentioning the real issues here: MSBlaster's ability to affect practically all versions of Windows shows that despite Microsoft's marketing flacks, there is still significant code shared between all versions of Windows. Anyone who thinks DOS is dead, or Windows XP's code internals have little in-common with Windows NT 4 should think again. MSBlaster proves it. Is there a link between MS Blaster and the east coast blackout? >Date: Tue, 19 Aug 2003 09:53:56 -0700 >From: jm@jmason.org (Justin Mason) >Subject: Could W32.Blaster have caused the blackout? >Sender: jm@jmason.org >To: dave@farber.net > >Thanks to Dave > >There's an article from Heise Security in Germany at [1], which raises some interesting questions about whether W32.Blaster could be to blame for the blackout. Some translated points are at [2] -- quote: ... it becomes a bit more likely if one considers what the authors of that article found out: > > - The Niagara Mohawk power grid which seemed to got overloaded first is owned by National Grid USA. > - National Grid is listed as an important customer of Northern > Dynamic who call themselves the "OPC Experts". > - OPC is an acronym for OLE for Process Control and is used for communications between control systems. > - OPC is based on DCOM, exactly that Windows technology attacked by W32.Blaster. > - One symptom of a W32.Blaster attack is that a crashing DCOM service (not only under Windows), often taking down the whole server. > > One usage of OPC is the coupling of so-called SCADA (Supervisory Control and Data Acquisition) systems. Among other things is SCADA used in powerplants and grids to exchange data between some central instance and external measuring units. And for some reason did the monitoring system which should prevent snowball effects like the one on thursday from happening. >> So the questions the authors of the article have are: >> - For which processes does National Grid utilise OPC? > - Were there any problems regarding OPC when the power went down? > - If yes, were they related to W32.Blaster? >1. http://www.heise.de/newsticker/data/ju-15.08.03-001/ >2. http://msquadrat.de/archive/03/08/16/02 Thanks to SANS --Blaster Worm Code Flawed (12/15/16 August 2003) A flaw in the code of the Blaster worm may be Microsoft's "saving grace." The code instructs computers still infected with Blaster to begin a denial-of-service attack against Microsoft's patch site; however, the address in the code is incorrect. While Microsoft had routinely redirected visitors who made that same error to the correct site, the company has disabled that feature in an effort to stave off the attack. Many experts feel that while Blaster was not well written or conceived, future worms that exploit the vulnerability could be more powerful and dangerous. http://www.infoworld.com/article/03/08/12/HNmoreworms_1.html http://www.miami.com/mld/miamiherald/business/6545246.htm?template=contentModules/printstory.jsp http://www.computerworld.com/printthis/2003/0,4814,84077,00.html http://zdnet.com.com/2102-1105_2-5064433.html?tag=printthis [Editor's Note (Schultz): Both Mr. Coope and Mr. Toulouse are missing the main point here. I suppose they can debate the merits (or lack thereof) of the specific mechanisms of Microsoft's patch management program all they want; the real issue is that there are so many security vulnerabilities in Microsoft products that the IT community is so overwhelmed that it has chosen a path of least resistance, accepting an inferior solution (namely, Windows Update) or, worse yet, allowing vulnerabilities to go unpatched, as in the case of the many systems that succumbed to MSBlaster.] --Blaster Variants and the RpcSpybot Trojan are Spreading (13/14 August 2003) Two variants of the Blaster worm, Blaster.B and Blaster.C have been detected in Asia. Because of their similarity to the original worm, anti-virus scanners should detect them. In addition, a Trojan named RpcSpybot-A that exploits the same Windows vulnerability that Blaster exploits has been spreading. RpcSpybot creates a backdoor on systems it infects. http://www.pcworld.com/news/article/0,aid,112002,00.asp http://www.theregister.co.uk/content/56/32326.html --Worm's Publicity May Raise Security Awareness (14 August 2003) Some in the security community have pointed out there is a "silver lining" to the Blaster worm; incidents like Blaster and Code Red raise awareness of the need to address computer security. Because of the immense publicity Blaster has generated, home users are more likely to visit Microsoft's windows Update (http://windowsupdate.microsoft.com) and download patches. http://www.securityfocus.com/news/6728 Editors' Note (Multiple): This has not been true of previous worms and it is not likely to be true of Blaster.] --Blaster Hits Scandinavian Bank (15 August 2003) Blaster wormed its way into servers at all 440 offices of Scandinavia's Nordea bank; the bank was forced to close at least 70 of its branches in Finland. http://www.helsinki-hs.net/news.asp?id=20030815IE4 http://www.silicon.com/news/500013/1/5618.html --Blaster Infected Unprotected PC Within Minutes (13 August 2003) In an effort to gauge how fast computers were becoming infected with Blaster, a security company put an "unprotected" PC on the Internet. At one point, the machine became infected in 5 1/2 minutes; later in the day, it took only 27 seconds. Among the entities hit by Blaster are the Maryland Motor Vehicle Administration, the Federal Reserve Bank of Atlanta (GA) and German automaker BMW. http://newsvote.bbc.co.uk/mpapps/pagetools/print/news.bbc.co.uk/2/hi/technology/3147147.stm --Blaster Emphasizes Patching Problems (12 August 2003) The rapid spread of the Blaster worm highlights the problems inherent in the present state of patching methods. Home users are less likely than business users to patch their computers. Still, companies need time to test patches before installing them, which itself can be a time-consuming process. Patching needs to be part of a more in-depth security plan that includes securing internal networks in addition to perimeter defense. http://news.com.com/2102-1002_3-5062832.html?tag=ni_print London -- Computer systems across London came to a halt on Friday trying to deal with the vast number of e-mails being spread by the destructive Sobig-F computer virus. Several firms were forced to suspend e-mail service to deal with the backlog of messages containing the virus, while British Telecom's high-speed Internet service for business users crashed, leaving customers unable to access the Internet. Experts confirmed that London is the worst affected European city due to the large number of computers in the capital. The virus doubled its progress overnight, with about 22.5 million infected e-mails spotted by one anti-virus company. http://makeashorterlink.com/?A2F631CA5 > 3:33:42 AM    comment []

© Copyright 2003 Noel D. Humphreys.