For pretty, I decided to try a new color scheme. It shouldn't have the headache potential of black background / white text. Let me know if you have problems with it.

The CBDTPA is the most dangerous law ever considered by Congress with respect to high techology. It requires every computing device or software package to have a digital control module which determines whether you have the right to access any file that you, or your calculator, or your router, or your word processing program requests. Basically, it's computer control legislation written by the owners of the record industry and the mass media. They simply don't care what impact it will have on your ability to use your computer or to high-tech in general as long as your PC or PDA or telephone or computer program you wrote for a high school computer programming class has a program or hardware module grafted onto it which will prevent its being used to pirate music or video.

The easiest way to protest is to go to this protest site and use it to fax your Senator free of charge, you need only add your real name, address, and zip code and hit the send button. However, a phone call is better, see below. Call your local Congressperson and Senator and tell them: "I oppose the Senate bill S2048. Vote for it and I will not only vote against you, but will actively support your opponent and encourage everybody I know to do so."

Be polite, friendly, and firm. This is all you need to say.

While you should read the "for more information" below in case the staffer will ask or at least have it in front of you, unless you've made substantial campaign contributions to the politician, it's unlikely that anyone will care. Spend your time instead encouraging others to contact their elected representatives instead.

For more information, read this Politech mailing list article by Declan McCullagh, Wired News Political Correspondent:

Date Mon, 25 Mar 2002 230002 -0500
To politech@politechbot.com
From Declan McCullagh <declan@well.com>
Subject FC CBDTPA bans everything from two-line BASIC programs to PCs
Mime-Version 1.0 Content-Type text/plain; charset="us-ascii"; format=flowed Sender owner-politech@politechbot.com

Just in case folks haven't figured out how sweeping the Hollings-Feinstein bill, aka CBDTPA is, well, keep reading.

The CBDTPA says that if I were to write and sell this BASIC program...

10 INPUT A$
20 PRINT A$

...after the regulations take effect, I would be guilty of a federal felony. That's up to five years in prison and up to a $500,000 fine. Distributing my two-line application without charging for it, either via handing out floppies or by posting it on a website would be at least a civil offense and, depending on the circumstances, a crime as well.

It's no joke. CBDTPA regulates "any hardware or software that reproduces copyrighted works in digital form." My program above does that, especially if my BASIC interpreter permits arbitrarily long strings.

The business end of the CBDTPA says that "a manufacturer, importer, or seller" of such software cannot "sell, or offer for sale, in interstate commerce, or cause to be transported in, or in a manner affecting, interstate commerce" their code unless it "includes and utilizes standard security technologies that adhere to the security system standards adopted under section 3."

The FCC gets to invent those. But I can't see how my two-line program is going to incorporate such standards. If I'm using C, must I "#include ?" In Perl, will I "use ParseDRMVerify?" If so, who at the FCC will ensure that these modules are available for the languages I'm using? (It is true that folks at the FCC are smarter than the folks in Congress, though that is not saying much. FCC staff will try to make the standards workable. But the CBDTPA gives them -- and the public -- precious little wiggle room.)

By design, programming languages are terribly flexible. The only way to prevent software from removing do-not-copy bits from digital content would be for Congress to ban the programmable PC. And replace it, perhaps, with WebTV television-top boxes.

In case you're curious, the felony penalties kick in when you try to sell your post-ban BASIC program -- not to mention any commercial software -- and perhaps even if you're a free software developer hoping to gain reputation capital from your code.

They say that violators "shall be fined not more than $500,000 or imprisoned for not more than 5 years, or both, for the first offense; and shall be fined not more than $1,000,000 or imprisoned for not more than 10 years, or both, for any subsequent offense." http://www4.law.cornell.edu/uscode/17/1204.html

Yes, this is silly. No, it is probably (I hope) not what senators Hollings and Feinstein and their colleagues intended.Yet it is what the text of the bill says. And this is after the good senators had seven months of correspodnence from computer scientists and industry representatives worried about the scope of the legislation after it was widely circulated in August 2001.

Don't believe me? Read it for yourself

Text of CBDTPA

Politech archive on the CBDTPA
http://www.politechbot.com/cgi-bin/politech.cgi?name=cbdtpa

-Declan

-------------------------------------------------------------------------
POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
Declan McCullagh's photographs are at http://www.mccullagh.org/
To subscribe to Politech http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/
-------------------------------------------------------------------------
end quoted text

If you'd like to know why say, Senator Feinstein of California would co-author such a piece of trash, I can tell you.

From OpenSecrets.org campaign contributions for Dianne Feinstein:
campaign contributions - industry totals
4 TV/Movies/Music..................$214,638
8 Computer Equipment & Services ...$103,016

That's the whole story. A look at the other co-author, Fritz Hollings, check this OpenSecrets link.

You'll probably hear a call to stop buying CDs and videos very, very soon to punish the companies responsible for this legislation. When you do, decide for yourself if having a healthy high-tech sector means you can put off buying that new record or tape for a few months.

URGENT WARNING FOR PGP USERS

URGENT WARNING TO WINDOWS USERS!!!

Would you buy an operating system for your PC which could not be reinstalled on any replacement hard drive you decided to get for it later? Hard drives break. People run out of space and have to get bigger ones. You will have to reinstall your OS sooner or later.

You can not buy computers with Windows 2000 installed that come with a copy of the Windows installation disk anymore. All an OEM can legally package with a W2000 machine is a "software image" of the original install. If you change anything, software, hardware, etc., that image will not install properly. You may lose everything on that machine if you try "restoring" it. I've never seen an image install work properly.

For more information, go to the Infoworld article and the Slashdot article

A quote from the Infoworld article:
"I asked my OEM about what's going to happen if for some reason the pre-installed system files are removed or deleted," wrote one reader. "How is having a 'recovery CD' going to help me when I'm asked to insert my Windows 2000 CD to copy those files? After conferring with Microsoft again, my OEM could only tell me that my concerns were very real ones, but Microsoft just says they know we're not going to like this but this is how it's going to be."

I'm running Windows 95OSR2.5 right now. I may upgrade to Windows 98 2nd Edition. Unless and until MS changes its policy on that, that is the very last Windows Operating System I or any business under my control will ever purchase.

As for buying the W2000 OS full install from software vendors, with those, you get 2 installs. For the next install, one has to call MS corporation and go through multiple levels of voicemenus for the privilege of begging and pleading for a one-time software key from the employee at the other end. The same is true for MS Office 2000. If your productivity and business suffers due to this, MS is not legally liable and you know as well as I do that they do not care.

In other words, if things go extremely wrong with your computer, your ability to get it running again is intentionally held hostage by MS. This is on top of whatever problems it had that caused it to dump the OS or your applications.

Here's a quote from the latest Microsoft press release for the next version of Office. "If customers do not renew or install an upgrade product, they can still open, view and print their existing documents." In other words, your options with the "subscription" version of Office will be ... pay every year, or you won't be able to create new documents in any of your Office applications. Don't expect the subscription version to be all that much cheaper than the current one. DO expect the non-subscription version to be a hell of a lot more expensive than any Office product you've ever seen. And don't be surprised to see Office 11 come out as "subscription only".

Got a MS site license for Windoze? You may get to pay for Windoze twice.

If you're a typical user, if W98 has run out of steam for you, you're best off waiting until a user-friendly distribution of Linux comes out late this year or in early 2001, or buying a Mac. If you have lots of computers to worry about, you need a new operating system that can't be fixed if it breaks by your Help Desk like you need a case of Ebola. If you don't know Linux, either learn it yourself or hire somebody who does, this new MS software policy should cause lots of developers to jump ship, Linux appears to be the only ship to jump to for the Wintel workstation environment. Or consider replacing your platforms with MacIntosh OS platforms if that's where the software you need runs.

Are you buying a new computer?
If you have to stay in Windows, get it with Windows 98 Second Edition, if that vendor can't or won't deliver it that way, find another vendor. Or get it without an operating system (they should charge less for that) and buy / install the operating system yourself. Also note that if you have any DOS programs you rely on, they will NOT run in W2K despite reports that W2K-ME is still DOS-based and their followon product is as well. Personally, I'd miss my DOS LOOKFOR program, it's the only freeware utility I've seen that will do Boolean operator multiple keyword searches supporting AND, OR, and NEAR. I'm also moderately fond of the Q-Edit text editor.

While a backup tape drive will help, there are things that a backup tape won't help you with, for instance if you need to install drivers not part of your last backup that are on W2000 installation disks but not on your backup tape or "recovery disk".

I plan to have more to say about this later.

As for the .NET and "Hailstorm" technologies, Microsoft does not have an exactly outstanding reputation for keeping its own proprietary data secure. Hailstorm means that they'll be the primary online repository for your own personal information. Eventually, their intent is to become the repository for all your personal information. Do you think they will take any greater care of your credit card number? Your medical history?

The other little problem with this is that their flagship products seem to keep turning up the MAJOR SECURITY VULNERABILITY OF THE WEEK. Outlook and Outlook Express are the two biggest security risks on the Internet, even more so than the various Microsoft Web servers and the underlying 9.x/ME/NT/2000/XP operating systems they run on. This is because it's the platform of choice for virus / worm / trojan writers, along with the Microsoft Office and/or Visual Basic modules.

Though the inclusion of true, spoofable TCP/IP sockets in the XP-consumer versions of the new Microsoft OS may make it the new "biggest security risk on the Net". The soon to be available user-friendly graphic user interface-based DOS (Denial of Service) tools which will rapidly follow mass adoption of XP running on cablemodem and DSL boxes without firewalls may put an practically untraceable attack in the hands of anybody who can point and click. Note that a DOS with spoofed IP addresses is still traceable, but takes a lot more time, a much higher level of expertise, and most important, upstream sysadmin cooperation.. A few years ago, the cooperation could be taken for granted. Now, Earthlink doesn't cooperate with people trying to track down problems originating from Earthlink users. I'll link to the right place on the Steve Gibson website. Suffice it to say that I think that he has probably understated the problem.

Those applications may be what makes IDS (Intrusion Detection Systems) popular as firewall backup for power home users.

Firewalls and Beyond

Do you need a firewall?
If you're viewing this through your personal or home office computer, you do. If you don't want hackers to have free access to your machine when you're online, you want a firewall, i.e. a software package which will check information packets going to and from the Internet to see if they match the set of rules you put in, if they don't, they disappear into the void. If you feel as I do that your computer should only communicate with the outside world when you want it to and that it should only say to the outside world what you want it to say, having a firewall is a good idea.

I changed "probably" want a firewall to definitely, after seeing page after page after page of unusual incidents in my intrusion log files. Note at the time at which I write this, I'm running via dialup. Every technically knowledgable (power user or above) user I know who connects to the Net via dialup is running a firewall.

If anyone tells you that you don't need a firewall for a broadband (DSL, cablemodem, etc.) hookup, you can probably ignore anything else that he has to say on the grounds that this person is a tard. If he tells you that you don't need one for a dialup, that level of ignorance is fairly common, the word hasn't gotten around to most people on this yet.

Is a firewall enough?
For a dialup user or a user connecting via cablemodem who is not running a home or business Webserver, probably. (written 5/18/2001) For a Webserver, probably not. You'll find information on the first intrusion detection system (IDS) I've seen in open source (as in free download) at the end of this section. In the case of a Webserver, you also need to subscribe to the mailing lists that pertain to your OS / server / application software no matter what your choices are and get serious about making sure the patches get installed.

If you're running a business server and providing mail / Web access to company employees, you are also going to have to train your users in at least the simplest level of security practice, i.e. DON'T OPEN UNEXPECTED FILE ATTACHMENTS, how to stop "social engineering" based hacks before they start, etc.

The bad news: in a Windows environment, Microsoft patches may break things already installed or create new vulnerabilities. Unfortunately, I don't see where you have much of a choice short of running a backup test system to test every single MS patch and finding some friendly hackers to try to crack the box.

One of the best solutions I've seen for Windows users (9.x, NT, maybe 2000) is oddly enough, currently free. ZoneAlarm can be downloaded from ZoneLabs. The current version has logging; it automatically stops intrusion attempts and sends the addresses from where the intrusions came along with information on what it was trying to access to a text file you can read from any text editor or word processor. It also rarely crashes, and generally when it does, it can simply be restarted. If you get "failure to connect" problems when trying to download mail and news, add your ISP's mail (usually mail.yourisp.com) and news (usually news.yourisp.com) to the Local Zone in Security - hit the Advanced button.

I recommend using logging mode and check the log every once in a while to find out who and what's been trying to get information out of my machine.

Find out about the commercial version by clicking the button. Disclaimer: I got into their affiliate version, if you buy, I get a sales commission... which suits me, it's a good product that I don't mind endorsing.

Note that most intrusions intercepted via firewall are benign, but many are for simply unknown reasons. One day, my computer running Windows running Windows tried to contact Microsoft.com. I hadn't been to the Microsoft Web site, exchanged e-mail with MS personnel, etc. for months. Why did this happen? I have no idea, but assume that whoever told my software to contact Microsoft didn't have my best interests at heart. If Microsoft wants information out of me, it can send me e-mail and if it strikes me as funny, or the request is accompanied with a large consulting fee, I might give it to them. MS is NOT getting information out of my computer without my permission. The biggest threat to your computer privacy may no longer be individual hackers, well be software companies who would like to extract personal information out of your computer for compiling into databases for sale to the highest bidder. Of course, the immediately dangerous intrusions, i.e. attempts to access your software or personal/business files will also be stopped via firewall, and that's the idea.

Of course, that doesn't mean individuals won't get into the act, the Sircam virus mailed random copies of documents found in the My Documents folder of a Windows C: drive to user addresses found in a MS Address book, cache files, etc. using its own internal SMTP engine. I discovered it when ZoneAlarm requested permission to connect to the Net. It isn't hard to imagine a virus looking for more specific documents and making them available to specific users, say, by encrypting them and posting to a binary newsgroup or IRC conference where only the intended recipient has the key.

One example of this is the Aureate software that sends information to Aureate.com whenever you're online, allegedly including personal information, in a way that bypasses firewalls. Unfortunately, these are generally attached to a variety of useful Web utilities. To unplug the Aureate and a number of other snoop packages from your hard drive, click here for information on the Lavasoft AdAware freeware product. Steve Gibson no longer supports OptOut and recommends this package. If the download page link hasn't been fixed yet, click here. While this doesn't work outside Windows, neither do the utilities. (exception: the Netscape Live Update feature, and I have no clue what to do with that in a Mac/ix environment.) If you can tell me about this, catch me in e-mail.

A firewall plus a cookie-zapper will make sure that the only information a site will get from you (other than your IP address, which is required if you want to read webpages, i.e., the Web site needs to know where to send the page file you asked for, plus a few non-personal items like the kind of Web browser and OS you use) is what you fill out forms to put on a site.

More information on Windows firewalls, a test that will work on Mac, Windows, Unix, and any other platform to show you what your computer will reveal to the outside world on request can be found at Steve Gibson's site. He just put a utility there called "Leaktest" which attempts to contact the Internet through the firewall to simulate the action of malware that contacts its maker without the user's permission, generally for purposes anything but benign. He also comments about how the great majority of personal firewall products fail the test. He also has a general rating table for personal firewalls. Hint: the majority of personal firewall users will be getting some bad news. If you've got one of the loser programs, I recommend strongly that you ditch it (return it to the store if possible for refund) and get one that works. A bad firewall is worse than none. Find this information at here.

Here's where Steve Gibson rates firewalls.

If you access the Net via dialup, you probably should have a firewall, though given that you probably get a "dynamic IP address" that changes every logon from your ISP, you have less to worry about. If you access the Internet via cable modem or xDSL link, you have a static IP that is the same all the time, numerous hackers have scanner software that can check thousands of IPs at a time to see who has an open port through which a cracker can reach out and touch . . . your programs, your personal files, particularly your confidential ones, add programs to your machine you didn't ask for like Back Orifice (remote control) or DDNS attack software like the programs which were used in an attempt to shut down Yahoo and other big commercial sites. This means you MUST have a firewall. This is important enough that you probably should stop reading the page and either download ZoneAlarm for Windows RIGHT NOW or go to a Fast Search and find one. Grab it, install it, and come back here when you're done. This page will be around when you've done this. Don't wait to read the rest of this page, your computer may not last that long.

Tiny Personal Firewall is another well-recommended Windoze firewall utility which allows users to control specific IP addresses and ports instead of giving permission for specific applications. I won't comment from personal experience because I just found out about it and am downloading it shortly. When you get to the page, if you decide to use it, download ALL THE DOCS... it's free for home use, $39.95 for business use. I'd recommend starting with ZoneAlarm, unless you already understand how intrusion attempts work. There were a lot of negative comments on the Cnet site, nearly all from people who expected it to be plug and play and don't even know what an IP address is... apparently installing it and configuring it where you don't know what you are doing can lead to very serious problems.

Certain DSL providers will tell you that you don't need a firewall. I recommend looking for a new provider as soon as you find yourself dissatisfied with your price and service if you hear that from yours, unless you like getting 'good' news from your vendors instead of the truth.

If you've got information on personal MacIntosh firewall products, especially free ones, and especially free ones with technically knowledgable third party product reviews available, please let me know.

Here's a how-to on converting your old 486 machine into a Linux router/firewall. There is also a non-ZDnet tutorial on this somewhere on the Web, try the keywords +Linux +cablemodem +router at any major search engine. Here is information on general Linux security. Slashdot also has a lot on this and other Linux topics.

This might be suitable for a home or small office LAN with cablemodem/xDSL feed. It's a small box with a router / firewall in it, all you'll need to add is cables, one Ethernet card per PC or Mac, and an Ethernet hub. Haven't tried this myself, this is a typical product in this category.

Firewalls on a network / LAN server are another kind of issue, they're your system administrator's problem, your concern, especially if you are a manager, is to make sure there is a correctly configured firewall on the company's Internet connection. If it's runing on a -ix box, you may have firewall software included with whichever -ix (e.g. Linux) distribution you've got. If not, there's plenty on the Net available as freeware, shareware, or shrinkwrap. Do a Websearch. I don't know NT/W2000 well enough to know if either product comes with a firewall, I recommend a Websearch.

I'm not sure if I'm interested in hearing about NT/2000 firewalls. I regard these systems as being accompanied with security risks so profound that even a good firewall may produce dangerous delusions of safety. If you're a NT/2000 sysadmin, I suggest looking into Linux / ix certification programs. In the meantime, go to MS and install all the security patches and read all the security warnings that relate your OS. Then subscribe to a few mailing lists that'll give you the daily new ugly truth about security problems with MS products, including trouble with MS-provided patches.

The following are the best general computer security-oriented mailing lists I've found. The addresses will get you to subscriptions in digest format, that way you get one long message a day instead of 30-50 e-mails. These mailing lists will also point you at the OS / server / application specific mailing lists you'll also need to be reading.

Subscription address for ISN Security News. Read this one cover-to-cover.

Subscription address for the famous Bugtraq mailing list. Advice on this one: scan the table of contents at the beginning of each digest post so you'll only be looking at the posts that relate directly to operating systems and software you're personally responsible for and anything that looks really interesing, Bugtraq runs 60-90K/day... that's 20-30 pages, you are unlikely to have time to read every issue in full.

MS Outlook Express has gotten to the point where you'll probably see a new exploit exploiting YET ANOTHER deficiency in the OE security model every day. (mostly, either executable scripts or buffer overflows) I wrote the previous part of this paragraph last year. The situation has NOT improved, anybody who's running this software despite the warnings deserved to have his system hacked out of existence. Any CIO who mandates its use should be terminated and blacklisted before he can do any more damage to the company.

My reaction to seeing resumes with MCSE unaccompanied by years network experience or certs like Cisco and Novell is "why didn't this idiot learn something useful?".

The next stage beyond firewalls is Intrusion Detection Systems (IDS). These monitor traffic, analyze its behavior via pre-set and user definable rules, and can frequently stop an attack before it can do damage.

"Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modularplugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient."

You can find a freeware / open source IDS for Windows / most unix - BSD - Linux distributions / MacIntosh at the Snort.org site. If you are running your own server and you don't have an IDS, I'd look real hard into the possibility of downloading this one. If you're running a personal computer 24/7 via broadband, you probably should at least think about this, the time is coming when a simple firewall probably will be inadequate even for home users.

New Virus Warnings / virus info

This isn't going to be updated regularly, but there are things Windows users need to know about.

If you get a message like this: "Hi [your "real name"] I received your email and I shall send you a reply ASAP. Till then, take a look at the attached zipped docs." or a file attachment called zipped_files.exe, you are probably a proud owner of worm.explore.zip. Don't open the file. It's a Trojan Horse / worm that will eat important chunks of your hard drive after it mails itself to people in your e-mail address book. Your anti-viral software provider probably already has an update to cover it. In general, do a virus scan on any file / application you get regardless of source with current antiviral software. Regardless of source means scan it no matter where you got it, even if you bought it at your computer store or your best friend apparently sent it to you. if it's an Excel / word processor document, check it with an up-to-date macro scanner. This is probably part of your antiviral, check to be sure. If not, your anti-virus vendor probably has one, look around their site. More information on the virus at the link above.

PrettyPark won't eat your hard drive, it'll just open up an IRC connection up to the worm writer's private IRC channel and. . . "Once there, victims' personal data -- ranging from e-mail address book lists, operating system preferences and registration numbers, passwords, and form data (including stored credit card information) -- can be potentially retrieved from the victim's PC without their knowledge by the virus writer. " This will give you more specific information. The main point is DON'T open a file attachment from somebody you don't know without scaning it first, and if you know that person, scan it anyway.

If you use Microsoft Outlook for E-mail and MS Word 97 or Word 2000 for word processing, beware of the Melissa macro virus. This is activated by your opening a Word document attachment to e-mail. Don't open Word document attachments from e-mail from anyone you don't know. Once your computer is affected, it sends 50 copies of itself to the contents of your e-mail address list. Get your anti-virus software updated to handle Melissa at once and use it to scan all of your incoming file attachments from now on. For more information, go here. This is not a joke, Intel and Microsoft have already been hit with it and had to temporarily shut down company e-mail for that reason.

If you use Windows 9x, keep an eye out for the CIH virus. It can eat both the contents of your flash BIOS (if it isn't write protected, and it should be, check your motherboard manual) and large chunks of your hard drive. For more information, check CIH.The latest version of AVP, Dr Solomon's AV, F-Prot can remove it. And if you get an e-mail warning of an e-mail virus and an attached executable file, DO NOT OPEN THE FILE, even if it's from a friend. Scan it first. Somebody figured out how to get a virus to access the Internet. For more information, click here for an e-mail infector using Eudora and here for something that can post randomly chosen MS Word docs on your hard drive to the Internet using Forte Free Agent. For a virus database, click here.

Finally, if you don't want to be zapped by viruses, scan everything regardless of source. Your e-mail attachments, any files you download via the Web or ftp, Word / Excel / etc. documents, and anything you buy at your computer store. Make sure that you get virus scanner database updates every few weeks, new viruses are coming out every day.

From RISKS Digest:

Date: Sun, 25 Apr 1999 13:13:34 +0100
From: T Bruce Tober <octobersdad@reporters.net>
Subject: You'd think they'd know better...

...or maybe not. I mean, it is Microcrap we're talking about here, viz this
article from Woody's (Woody's Office Watch), and if there's anyone more
pro-Microsoft it's only Bill G himself,:
(Read the complete story http://www.wopr.com/  )

TRUST NO ONE  [...]
Microsoft has in the past released virus infected documents on their web
site and by other means.  WOW has had to publish warnings several times.
Sadly it's happened again.  Anyone visiting
http://www.microsoft.com/uk/business_technology/dns/ecommerce/financial/case.htm
to find out more about MS Exchange and E-commerce got more than they
bargained for when they downloaded any of the case study documents.  All
were infected with W97M/Marker.C virus!  Apparently no-one at Microsoft
checked the documents before making them publicly available [...]

Bruce Tober, <octobersdad@reporters.net>, 
Birmingham, UK, EU +44-121-242-3832 soon at 

Introduction

The Religious Right and the GOP in general are in serious trouble. For more information, click here.

The RIAA v. the rest of the world

"Fascism should more properly be called corporatism because it is the merger of state and corporate power." - Benito Mussolini. (from Encyclopedia Italiana, Giovanni Gentile, editor).

"There has grown up in the minds of certain groups in this country the notion that because a man or corporation has made a profit out of the public for a number of years, the government and the courts are charged with the duty of guaranteeing such profit in the future, even in the face of changing circumstances and contrary public interest. This strange doctrine is not supported by statute nor common law."
- Robert A. Heinlein

No longer true. In order to get this "strange doctrine" turned into law, the RIAA, MPAA, AOL/Time-Warner and other major media companies etc. bought themselves some legislators and got the DMCA (Digital Millenium Copyright Act) passed. Guaranteeing the continued profit of the major intellectual content special interest group regardless of circumstances and against the public interest are the only purposes of the law.

For some perspective about the MP3 / Napster controversy and the record industry claims that it will put musicians out of business, click here. Note that despite record industry claims, CD sales are higher than ever; as the article correctly points out, it's a lot less work to buy a music CD than download the content and burn your own. The real fight is the role of the music industry as we know it in the future of digital music; do they add any value over that which a user can get by going to a musician's site and downloading? What answer there is to this... see above. While I make my own living from intellectual property, a band whose songs are getting traded by Napster free may well be getting sufficient advertising from doing this to make it worthwhile; a person who uses Napster is probably much more likely to go to that band's concerts and buy promotional material. For a mind-numbingly stupid response to this, Metallica as already harassed 326K people for allegedly downloading their songs via Napster... that is probably 326,000 people who will NEVER spend their money on Metallica anything again. Given the demographics (Most Napster users are college age)... this may be their entire younger following. I rather hope so.

The real freedom of speech here issue is . . . do you want to use an Internet where your site content is only what corporations are content to let you have?

An explanation of the current business model of the record industry and how it screws musicians and end users can be found in Music Industry 101 for the musician. It's by Courtney Love, who I never suspected of being bright enough to understand the contracts she signed.

A clueless judge rolled over in favor of the record industry in RIAA v Napster. If you want to comment on this, the RIAA boycott petition is here... or tell your favorite musicians that until the RIAA backs down, you will NOT buy their records. The way things are going, by the time the record industry gets around to a workable music distribution model, people may have gotten used to the idea of not buying CDs from record stores. If this takes the industry down, as I suspect it's going to, it deserves to die. I'm beginning to think this is possible. While the group of people angered over Napster is a very small percentage of the music audience as a whole, it's the demographic that buys the most records. Most people who accumulated the giant record collections did this when they were kids who didn't have to pay rent and had relatively high disposable income. If these people stop buying, while this may not be more than 25% of sales, I suspect that this is the fraction that composes their entire profit margin.

One of the judges who ruled in favor of the record industry was apparently on the payroll of one of the record companies as a legal consultant.

A micropayment per-listen or subscription based model is where I think the industry is going to be going... i.e. $15/month for "all you can eat"... though this may have to wait until broadband access is fairly universal. An intelligent way to set a model like this up is to simply not bother to enforce copyright protection on MP3 and do some real copy-protection work on distribution of full-fidelity CD tracks. It's been possible to make photocopies of fine art images for quite a few years. Nobody bothers busting people who do this, on the basis that anybody can tell a photocopy from the real thing. MP3s are also distinguishable from the real thing, anybody serious about a piece of music will want the real thing. A better analogy: stereo FM radio. Many tracks are played on FM radio. Very few people bother to make their own records with this despite the readily available music source. People predicted that radio would end the music industry. People predicted that cassette tapes would end the music industry. Distribution models changed and the industry came back, but generally with different players every time. While music stores are convenient, neither Sony Music nor Tower are necessary to continuing the ability of musicians to profit from music or for the ability of consumers to buy music. I think that this shakeout has already started and that the RIAA tactics are suicidal not only for them, but for their musicians and for every major music retail chain. If Tower Records had a clue, they would have pushed the RIAA and major record labels to settle with Napster immediately, while there was still a centralized MP3 distribution model that they could deal with. Alternatives were evolving, and the sudden absence of Napster will force them to flourish.

For a discussion of fair usage issues with the DMCA (Digital Millenium Copyright Act), click here. "Unless some exceptions are created, they argue, the entertainment industry will have more control than the Constitution allows. One concern is that this could lead to a pay-per-use world where consumers don't truly own the books, movies and music they purchase.". Or a world where libraries are useless because the new books are coming out in e-book format only and there's no legal way for a library to lend them to patrons. This is the world organizations like the RIAA and MPAA have in mind for you, and what they and their members bought when they bought your Congresspersons and Senators. The whole idea behind copyright is that in exchange for legal protection of a copyright holder's intellectual property, the copyright holder has to allow certain uses of the material. For instance, that quotes of reasonable length for published materials be allowed, etc. Public library use wasn't covered under "fair use" because when the original copyright legislation was written, it simply wasn't possible to make a book or a recording that required a password to unlock or that could be used only by a specific personal computer. With the DMCA changes in intellectual property protection enforced as the authors intended, suddenly, the ability to make "fair usage" of intellectual property gets taken away via technological means any time the publisher pleases. In other words, we are expected to allow corporations to use the government to enforce the legal protection copyright grants them and give nothing in return.

People engaged in reverse engineering are a check on the ability of companies to invade our privacy without our knowledge. By going public with the information they uncover they are able to force companies to change what they are doing lest they face a consumer backlash.

What are they hiding in there?
Companies are hiding a lot of things: their mistakes, security vulnerabilities, privacy violations and trade secrets. . . People engaged in reverse engineering are a check on the ability of companies to invade our privacy without our knowledge. By going public with the information they uncover they are able to force companies to change what they are doing lest they face a consumer backlash."

For current Napster users, Napigator lets users find Napster servers that aren't run by Napster Inc. and therefore are unaffected by Napster's shutdown. Freenet and Gnutella provide a central serverless model, leaving the music industry nobody to sue but end users. <"http://opennap.sourceforge.net/">Opennap is an open source project intended to provide Napster-like functionality for every computer platform, especially -ix environments.

You may have noticed the Amazon Books logo. I figured it would be easier to find books I recommend if there were a way to buy them with a few browser clicks... the site also contains pretty good book reviews in more detail than makes sense for this site. I also get a commission on any books sold this way. It's the least intrusive way to get a little return out of the time and effort I put into this site. Buy if you feel like it, ignore the links otherwise. Or try your public library. Note that books I recommend based on my reading will be named in bold type. Books I recommend based on reports or good experiences with the author's books, etc. will be in regular type, figure you're looking at books I personally intend to read when time and cash allows.

Print / Online Publications

To read my latest MicroTimes Magazine article, click Web Power Tools. Here are a couple of my articles that were published on West Coast Online from my early days on the Internet in 1993-1994, What's Wrong With Skipjack and Net-mail Corner - UUDECODING. The good news is that very few Net users will ever have to know what UUdecoding is again, most of this is taken care of automatically in software. Unfortunately, while the specific technology discussed in the Skipjack article is obsolete, the attempts of Clinton and friends to make privacy in cyberspace illegal have not abated.

What time is it? Here's the answer. You can also find at that link a downloadable utility which will automatically sync your computer clock to the NIST atomic clock server.

If you've ever wondered how "subliminal programming" works, download BRANWASH.ZIP or read (about 20 pages) The Battle For Your Mind online.

If you need my PGP key, go here.

Are you a Tri-Delta (East Contra Costa County public transit) customer? If you've got complaints, send them to Deborah Bass, Marketing Coordinator of Tri-Delta Transit. While your complaints won't do any good, as from my contacts with her, she seems to be a typical arrogant bureaucrat who envisions her role as spin control of the agency's past and current screwups, telling her what you think of her precious organization might do your blood pressure good at her expense. Feel free to be abusive, she deserves it at a personal level and on behalf of her organization. For local Tri-Delta users, did you know that they are the only Bay Area transit agency that doesn't post an elementary thing like what routes are served by each bus stop? Yes, if you go anywhere else in Contra Costa, Alameda, Marin, SF, or San Mateo counties, each bus stop will have a label pasted on the sign telling you which routes stop there. The excuse I got from her as to why we don't was unbelievably lame. Most agencies also put individual stop schedules at all stops in some cases and stops in high-traffic areas in others. The excuse I got from her was equally lame. Rude bus drivers? Let her know. It won't do any good, but you'll have fun working off your anger at her expense. For real change, when the district Board of Trustees shows up on the ballot, vote against anybody whose name comes up "Incumbent".

Georgia Overturns Anti-Sodomy Law.

Do you like having an invisible censor looking over your shoulder whenever you're in a chatroom? Yahoo chat is the place to be.

Want to see the pollution in your local community? The Environmental Defense Fund has a new site called Scorecard... point out on their map(s) where you want and it'll give you a map of what's out there once you get to the city selection that follows the county selector menu. I'm not fond of the user interface, but the information is of interest, especially if one lives in an area among major polluters. (I'm within a few miles of DuPont.)

New users should check out the newuser page, the generic ISP services page, especially if you are viewing this from AOL or Compuserve, and the Websearch page. If you're a parent, try out the Child Safety page in progress.

New users should also check out the Computer Security section of this page. It has information on how to protect your privacy as a computer user. Careful reading of this section may keep yourself from being embarassed or worse, going to jail. Hint: The e-mail you send is NOT private unless you make it private. This section will tell you how.

To underline the point about e-mail not being private, go to Seven Deadly Email Thoughts. You should read this regardless of your experience in cyberspace, part of what you think you know about e-mail privacy probably isn't true.

If you've seen disclaimers like:

> If you are not the named recipient, any review, dissemination,

> distribution or copying of this communication is prohibited.

> If you received this transmission in error, please contact me

> immediately for instructions."

in e-mail signature files, or worse, have one, read this.

If you're a Web site developer, go to the Web developer section of my Websearch page. There are things here you probably need to know.

Fundamentalist Christian / Religious Right Information

It appears like the defunding of the GOP due to Religious Right excesses is in progress. For more information, click here.

And, it looks like the Southern Baptists have declared spiritual war on the Mormons. They've decided to convert them to Christianity. Don't expect the Mormons to react with gratitude.

Here is the best analysis of the Religious Right I've seen in years. The discerning reader should be able to figure out from this just why the big business interests are having acute second thoughts about continuing to support the GOP.

Unfortunately, the big business groups decided to shut up and stay in line in order to get what they think is a "business-friendly" President, though it's difficult to imagine how they could possibly have gotten themselves one more friendly to corporate interests than former President Clinton.

Here is another very good analysis of the Religious Right.

Here's another CAQ link on right-wing think tanks. Hitler had Goebbels, the American political right has tax-free propaganda machines masquerading as sources of legitimate academic inquiry into public policy issues. Unfortunately, there are fundamental problems with science recast as infotainment.

The latest local Religious Right wacky adventure: Poseidon adventure in Sacramento pits Christian group against residents in dispute over statue of Greek god standing in the buff.

The latest wacky adventure of the Religious Right in education, the teaching of "creation science" instead of evolution in science classes in Kansas is is about to end.

Are you a member of the Religious Right? Are you opposed to abortion? Your opposition is based on a gross misinterpretation of the Bible. Click here to find the correct interpretation. At least the only one consistent with the text as written. Enjoy, and feel free to check my analysis against several different Bible translations.

Here's more bad news for Religious Right fanatics. Remember how you've been told that the Founding Fathers were good Christians who were trying to build America into a Christian nation? Click here to find out what the truth is. Hint: you have been lied to. More quotes from the Founding Fathers. Would anybody who said things like that in your church be allowed to continue their membership? I recommend you learn how to think for yourself. What else have they lied to you about?

If you support Internet censorship, you are invited to this page.

And if you conclude from my site content that I'm a friend of Bill Clinton, click here to cure your delusion.

If you're a Limbot and would like to find out what neither Rush nor the mass media is telling you, click the unconventional news link.

NEW

IMPORTANT!
Cheap tape backup.

The most important and repeated advice you'll see is to back up your tapes. This means make a complete copy of everything on your hard drive(s) so if something goes wrong, you can copy it back onto your hard drive (after fixing the problem) or a replacement hard drive (if it can be fixed). Most home / small office users don't think they can afford to. Then, when their hard drive packs it in (figure every 2-3 years... meaning yours may go out as you're reading this, or it may last until you replace the computer) they spend a hell of a lot more buying disk recovery software, paying disk recovery services, or re-entering what they can find of the real important stuff.

"Research has shown that more than 80% of the businesses suffering from catastrophic data loss have gone out of business within 12 months. This is not hard to believe considering the extent computers are relied upon in businesses of all sizes." The name of the research company or URL for the full test of the study isn't sourced at a tape backup storage software company, but I find it very easy to believe. I had my own HD go out on me a few months ago. My tape backup system (A Sony Superstation. Don't buy it, it's obsolete anyway at 6.4 G) went haywire at exactly the same time. The very first time it ever gave me trouble. It refused to recognize the disk volume on the backup tape. Factory support gave me a utility that worked to recover most of the files, but it started catastrophically crashing my HD. They told me that the software app had known problems and they no longer supported it. They told me of a $129 package from the original software vendor that works fine.

Even with all that, I still figure I got 99% of my files back except for a missing 10 days when I hadn't gotten around to an incremental backup. If I'd lost that info, I'd unquestionably be out of business as a writer and an inventor. Since drives smaller than 20G are no longer of practical use, to read about the Sony Superstation and videocassete backups click here.

For current tape backup problems, go to Onstream and check into their "ADR" tape drives. Their price range is currently $299 (internal 30GB IDE) to $699 (50GB internal SCSI-2). Capacities claimed are double uncompressed native format. 30GB cartridges. are about $30. Yes, they're back in business. I'm figuring their 30G drives at about 22G real-world capacity, making it about right for an average sized workstation. Remember to buy the cleaning cartridge.

Another and very possibly a superior alternative is the Ecrix tape drive systems based on their VXA technology. They use a packet switching and error correction technology comparable to the one used to get files through the Internet intact. One of their public demos involves putting a recorded tape into a cup of hot coffee, rinsing it in distilled water, and recovering all the files. The 33/66G (real world - 40G or a little more) tape drives are about $900 each, they've got an autoloader / tape library system available for about $4500 good for 10 of these tapes.

Or read my 8wire article on backup storage which covers the most interesting of the current alternatives up to multi-terabyte DVD-RAM systems

Yes, that certainly is a commercial banner ad. I'll just say that I actually think it's worth the trouble to put a free banner up on my site to improve the odds of my winning a monthly drawing in which the prize is . . . an Ecrix VXA tape drive and software.

It's probably the most interesting of the new generation tape technologies, including the LTO technology from various vendors.

For small to medium sized network systems (up to 14,000G) I'll have an article linked here soon with what you should be looking for. Yes, I wrote it. The best large scale solution appears to be a DVD-RAM based tape library. You can find out why from the article.

This page will probably be broken down into a set of pages soon... at 8 pages, it's time. By the way, the broken links WILL be fixed sooner or later.

Find out how to run Q-Edit out of a Windows window. Q-Edit is a programmers' text editor which I find useful to tweak html files, it supports functions like move column you won't find in a word processor, and its search and replace is rather more flexible than you'll find in just about anything else.

The most interesting news I've heard in a VERY long time can be found here. While it's a long way from test tube to FDA approval, I think the researchers are indeed on the right track. This will be the first of a long line of advances, I think. To carry speculation past where Wired was willing to go... this by itself might be enough to take a human lifespan out 50 years or more, there's no reason to believe that the technique as described is limited to a 40% extension of cellular life.

You can find out about the FBI's most current attempt to spy on the whole US population on this page. You can find out about the FDIC attempt to turn your bank into your watchdog, reporting to the Feds anything that looks "suspicious" to them here.

Here's a text-in-file search utility for DOS. It supports Boolean searches and will search the files in an entire directory tree (including root) if you ask it to. LOOKFOR.COM Note: It won't work if you used doublespace on your HD... It can be made to work straight out of Win3.1 with the creation of a modified DOS prompt .PIF file, I don't know if the PIF will work in Win95.

Need a reason to be glad you don't live in Concord, California? Try this. A local union of police officers doing outside fundraising for their local PAC (Political Action Committee) leads me to wonder just what business contributors get for their money. Remember, you can't have a police state without the police. For an online listing of contributors to Concord city council elections, click Concord political money. As a non-resident of Concord, I find this of interest as an example of cyberspace-based local political organization.

Found some old anti-Barney stuff on the hard drive, what's available at this time are stories about the killing of the Purple Fiend, Deathzone Barney, Day of the Barney, and some proposed Barney products you won't find on the market yet. The first stories are bloody and gruesome, and fun. The products list you'll probably find amusing.

The rest of the page...

The Clinton clowns have done it again. They INSIST on being able to read our e-mail and whatever else we send through the Net. For more information, click the Big Brother Inside logo.

Are you a technotype, particularly a Web "creative talent" (writer, editor, site developer) thinking of signing on with Systems Integration Solutions? You might check this local page first discussing a recent experience I had with them.

Tired of paying for a public school system that isn't working and appears to be run by idiots? It's time to do something drastic. While the last California voucher initiative was basically intended as a giveaway of public funds to the upper-middle class and rich folk with kids already in private school, there's a better way to do a voucher system in a way which should harm no one except bad teachers and public school administrators and bad schools. Check my School Voucher page. In the meantime, I strongly favor the charter school initiative that's in the process of qualifying for the California ballot. While it won't privatize the schools, it will decentralize control to parents and teachers, which is a step in the right direction. The Littleton incident underscores the need for more choice in education. It should be a wakeup call to everyone that "one size fits all" public education isn't working for the bright, creative minority. Speaking from my experiences in the 1960s with it, it never really did.

WARNING

If you use PGP, generate a 2K key for yourself immediately and start using it instead of your 1K or smaller key. There's reason to believe that the shorter keys may be compromised. A group called Blacknet broke a 384 bit key using a specialized factoring technique a year or so ago using a network of workstations a hell of a lot less powerful than the networked supercomputers the National Security Agency is known to possess. Another group has created a networked screensaver for the purpose of cracking DES encrypted files, this technique could be adapted to go after PGP. While the NSA or comparable foriegn intel agencies probably can't crack PGP at this point, better safe than sorry.

In the DOS version, I think the command is:
pgp -kg 2048
or something like that.

In the Windows/Mac version, check the menu items related to generation of key pairs.

While the 1K keys may be compromised, the 2K keys will probably be secure for the next several years. Sorry about the blink tag but this is really important. As for RSA algorithm crypto uses in Netscape (https 'secure' and document transmission) I believe the 128 bit US version is only proof against the typical hacker, but that's probably adequate to protect credit card transactions and other things https sites are used for, make sure your browser supports it if you plan to buy over the Net. If you're outside the US, a version of Netscape that supports 128 bit encryption that was modified outside the US is available.

Here is a drastically revised version of a newspaper article I wrote a couple of years ago. It's about the generic packages of services virtually all Internet Service Providers and online services provide for Internet users. It includes info on how to find an ISP. (IMPORTANT if you read this from aol!) I call it Generic ISP Services.

People Finding

Sometimes, you need to be able to invade the privacy of others, by tracking them down when they don't want to be found, or they don't know you want to find them. This page will show you where to find the resources used by skip-tracers and private detectives. Go here. I just added information giving some of the main yellow/white pages sites, including one that has a reverse-directory. (input phone number, get back name and address.

My anticyberstalking page may help keep this from happening to you.

---

Interesting miscellaneous stuff

For automated translation, go to Babelfish. The translation is not of especially great quality, but it's better than nothing, and it's free.

Portions of the world's largest collection of pre-WWII cartoon animation have been placed online here. Check it out sometime when you've got lots of time, I only had a quick glance. I'll be back.

Robert Anton Wilson finally has his own Web site. To see what he's been doing lately, check http://rawilson.com. I've read some of his books, such as the Illuminatus Trilogy, you can get more information about the book click here. I've also read Cosmic Trigger, find out more here.

Tired of e-mail spam? You CAN do something about it. For more info, click here.

If you are a Webmaster who hates spam, check out a unique anti-spam approach here. I think you'll want to link to this yourself.

To find out how a message got to you via the Internet, you can find out in detail here.

If you just want to hang out with Fascists in search of the Final Solution, look up Hate Sites.

For interesting, civilized, intelligent discussions, check out Electric Minds. The good news is that you can post there without getting spammed. The bad news is that it allows the use of psuedonyms picked in real time. Just starting to look at the place. . . looks good.

The best Web Bible search engine I've seen, including citation and keyword search, multiple translations accessible via point and click, and other useful things is The WWW Bible Gateway. If someone is thumping a Bible at you, knowing what the book actually says can be useful, and this site's search engine will be more powerful than that of the person you're arguing with. However, I'm looking for something heavier, if you know of an online Interlinear, please catch me in e-mail.

If you want Kelley Blue Book information on used car prices, go to their site.

Military Base Information

Everyone talks about Internet weather... but no one does anything about it. Wondering why it's taking so long to access a site? While usually, it's the server you're trying to access, sometimes the Net is the problem. Internet Weather Reports tell you how long it takes to physically access a particular area. You can find Internet Weather reports at the Internet Weather Report site and at MIDS in graphics format.

A set of interesting computer-related links can be found here. There are also other things worth looking at elsewhere on this site.

Cooking and Fun Foods

If you came in here via link or previous bookmark, Cooking and Fun Foods is now on a separate page.

---

Cockroaches-The Final Solution

Looking for a final solution to cockroach problems? The preparation of boric acid known as Roach-Prufe, actually is as good as the manufacturer says it is. When I'm living in an apartment, my place is generally pretty much roach-free. My neighbors are the ones who are calling the manager about getting exterminators in. The stuff is also pretty non-toxic, I've heard it's toxicity compared to common table salt, i.e., don't eat it by the pound. Scatter it in a perimeter around the outer walls of your apartment, and another perimeter around your kitchen, don't forget doorways. The backs of cabinets, etc. Figure out how a roach might get into your place and make sure it picks up a little blue powder along the way. You can get it at hardware stores and in the hardware section of some larger stores. It takes a week or two to work, but you'll start seeing dead roaches within a day or so after application. If you've got pets and people with allergies to insecticides around your place, this can save you lots of trouble. Note that I am not connected in any way with CopperBrite, the manufacturer of Roach-Prufe.

Since it's a mechanical insecticide (either kills by forming an indigestible ball in the stomach or abrading through the exoskeleton... i.e. death by a million paper cuts) insects don't get immune to it. The powder works until it picks up enough moisture that is no longer a fine, clinging dust, that's when you put down another application. (that's a few months or so, unless one is in a really humid area)

I recommend the brand-name product, the generic formulations of boric acid don't seem to work particularly well.

---

Computer Security

Information on viruses can be found on my newuser page virus section.

For up to date news on computer security problems, interesting and dangerous computer failures, etc., bookmark the Usenet newsgroup comp.risks.

If you're running Microsoft Internet Explorer, go to the Microsoft MS Explorer Security Page RIGHT NOW. You'll want to download the latest security patches for your program. Before you find out what holes they fix the hard way.

You can find an excellent short primer on computer security and common problems at the CERT Coordination Center Tech Tips from the military version of CERT.

The U.S. government has created a searchable index of computer vulnerabilities called ICAT that is publicly available athere. Think of it as a vulnerability metasearch engine with access to security problems, patches, workarounds.

This is for sysadmins and people running their own personal / company Net servers ONLY. However, your convincing your ISP to run it if available would be a good thing for everyone. Virtual private network software is now available to run on Linux which will secure your transmissions while they are in transit between any two Linux servers running it no matter how many nodes are on the relay chain or who is trying to snoop. E-mail, telnet, ftp file transfers. It's free and it sounds workable, and is the best way to insure user privacy. The more nodes that run it, the more useful it is, it has to be installed at both ends. For a general article on it, go to the Wired News article, or direct to the Free Swan Project site.

Note: to do personal / small business peer-to-peer VPNs, the current releases of PGP also contain VPN software. article on it

Privacy in E-mail - How to Get It!

Your e-mail is NOT private, that your system administrators or criminal, government, or corporate hackers can read it at any time, you can get the PGP privacy protection program freeware for DOS,linux,Win 95,Win NT,Mac Sys 7.5+ at the sites below.

People who have never used PGP should first download and print the PGP Quick Start page. So far, everybody I know who's downloaded and installed PGP at my personal recommendation has had major trouble using it for its intended purpose. This is despite the fact that once one understands the concepts behind the program, this software is extremely easy to use. This Quick Start Guide is a step by step description I wrote of what one has to do to get PGP to make keys, send out keys, encrypt and decrypt mail and file attachments.

URGENT WARNING FOR PGP USERS

If you are using a version of PGP past 2.6.2, you need to upgrade RIGHT NOW, a serious bug has been found. The CERT Advisory is here. In short, a stealth key can be implanted in a portion of the older PGP public key that could result in your messages being encrypted to both the user you intended and one you didn't. The new bug-fixed version is version 6.5.8 . You can get the freeware at PGPI.com. If you have the commercial product, go to Network Associates for upgrade information.

I don't have any loss of confidence in PGP due to this and neither should you. One major bug in 9 years is an excellent record. Their prompt admission that there was indeed a problem and that they were working on it, and their 2 day turnaround on the new version with the bugfix is as good as it gets in the field of software.

PGP International, PGP freeware. This takes you directly to the download page, there's more here than there is on the US commercial PGP site. You can also get a voice-chat security program will make your voice conversations over the Net private.

Get the commercial version at the PGP Inc. site. If you're planning to use it for business applications, this is the one you should get. It will work with the freeware versions.

You can get my current PGP key (12/06/2002) here. For people still using version 2.6.2, get my v2.6.2 key at the same link. If and only if you have my oldest PGP key, get the key revocation certificate for that key here. Let me know if you have problems with either.

Were you thinking about using the well-known SANS Institute for training sysadmins? Think about the words "identity theft".

Here's a choice quote by the head of the SANS Institute: "hardly black and white, says Alan Paller, who heads the SANS Institute, which hosts classes for network administrators. Companies that have leaked data need to fulfill their contractual obligations with credit card companies, Paller said, but hes not convinced the victims need to know. In fact, it may accomplish little other than making people worry, he said..

More at the URL.

Do you want your sysadmins trained by someone apparently never heard of identity theft?

Did you know that your ISP can keep a log of your Websurfing? To find out for yourself if this is going on, click here and follow the instructions.

The FBI's latest bad idea is called "Carnivore". It's a black box installed by an ISP and its connection to the Internet backbone whose alleged purpose is to make it possible to collect information on an individual user's e-mail. It does this by scanning every single data packet exchanged by that ISP to/from the Internet. Note that any legitimate law enforcement purpose can be fulfilled by going to an ISP with a warrant and ordering that all e-mail, etc. to and from the person who the warrant is about be stored and forwarded from the ISP to the FBI. This kind of authority actually is required for law enforcement to work in an environment where criminals are trying to do business on the Net just like everybody else. There is no legal or technological rationalization possible for scanning all an ISP's traffic to intercept communication to/from a single user out of hundreds or at the high end, tens of millions of users. One person stupid enough to try to justify this is David Coursey in a ZDnews column. Anybody who doesn't know that any sysadmin at an ISP can set up the monitoring required for legitimate law enforcement against a user with a few commands at the command line or a few mouse clicks has no business writing for a technology Website. The scary thing about this is that if I remember correctly, he's been described as an industry analyst. Perhaps this explains what kind of person would advise investors who bought into the companies that actually deserved to take a hammering during the NASDAQ high-tech crash. For news coverage of Carnivore written by functioning human beings, click "a href="http://news.cnet.com/news/0-1005-204-2257522.html">here.

The basic lesson of Carnivore is a simple one. Government can not be trusted to protect or even respect your privacy. PGP (see above) and secure Web site (https/shttp) based crypto is the way to go, even with Carnivore, it's conceded that all an entity monitoring a SSL transaction can determine who the user is and which site was connected to.

For other hints on protecting your privacy, go to the newuser page privacy section.

Jeffrey Rosen has made a cogent argument made that unintended side-effects of sexual harassment legislation and administrative regulation combined with new software technologies are resulting in the destruction of the very concept of personal privacy. As a woman, do you feel any safer because of this? Was Monica Lewinsky's privacy respected? Was the President's? What are your chances of keeping your sex life or the content of your e-mail, however intimate or personal, private if government or the news media want to splash it all over the news? What happened to the idea that your private life was your business and nobody else's? Read Part One and Part Two of the article.

For computer hacking / security-related humor, check out the digicrime site. While the site is humorous, the threats discussed at this site are completely real. Warning: if it says that clicking a link will crash your computer or do other odd things with it, THEY ARE PROBABLY NOT KIDDING. I have yet to see anything there that can cause permanent damage, this isn't an accident. Go there, you'll learn something and have fun doing it.

The Manhattan Cyber Project site may wind up almost as funny as the Digicrime site, but unintentionally so. It's a corporate - academic project to determine just how big the hacker-cracker problem really is. The most amusing part is that it depends on corporate competitors sharing the truth with each other about their respective cracking experiences. I mean what's done to them, not what they are paying hackers to do to each other. Check the main site Warroom Research to see a description of the introduction of military - spook idiom into ordinary online functionality. In fairness, there's always the chance they may come up with something useful.

Unrestricted Warfare in future conlicts!) by Qiao Liang and Wang Xiangsui of the Chinese People's Liberation Army on the nature of future warfare. I suggest taking it seriously, the front of any kind of low-intensity warfare may be as close as your firewall. Even script kiddies can do an awesome amount of damage to an unprepared system. Military script kiddies, trained in military facilities. Real foriegn hackers. Requires Adobe Acrobat Reader, but that comes with any current generation browser. This doesn't merely cover cyberwar, they make the interesting point that no one form of warfare is likely to dominate in the future, cyberwar is just another option among a group of options ranging from script viruses to bombs, guns, missiles, nukes, biowar, etc. There are certain interesting resemblances between this and similar articles I've seen on military sites, particularly the US military service futurist sites. See also the USAF Final Report 2025 Home Page. The main differences are in point of view. "Hacking into websites, targeting financial institutions, terrorism, using the media, and conducting urban warfare are among the methods proposed. In the Zhongguo Qingnian Bao interview, Qiao was quoted as stating that "the first rule of unrestricted warfare is that there are no rules, with nothing forbidden." Elaborating on this idea, he asserted that strong countries would not use the same approach against weak countries because "strong countries make the rules while rising ones break them and exploit loopholes . . .The United States breaks [UN rules] and makes new ones when these rules don't suit [its purposes], but it has to observe its own rules or the whole world will not trust it." (review by FBIS editor)

Asymmetric Warfare, the Evolution and Devolution of Terrorism; The Coming Challenge For Emergency and National Security Forces discusses counter-strategies.

Chinese Information War Theory and Practice

Here's THE MESH AND THE NET - Speculations on Armed Conflict In a Time of Free Silicon from National Defense University. Just started reading it. The following can be considered an early draft, this and the above paragraphs will probably be split into a separate section.

This doesn't mean I recommend that anti-terrorist efforts by law enforcement or other agencies be given a blank check to attack either our bank accounts or our civil liberties. We will soon come to a choice. If we choose to "let government do it all" we will get to pay much higher taxes for larger police forces, more and bigger swat teams, and we'll have to let government have access to our computers, our communications, our bank accounts whenever there's a legitimate need, or more likely, whenever some law enforcement clerk has a whim, doesn't like you, or got bribed by a competitor or a terrorist to get information on you. Or a politician wants to suppress your kind of dissent and suggests that a law enforcement agency or IRS should take a special interest in you. (Hint: Nixon. Second hint: Clinton.) The problems here are that it gives terrorists two of the main things they want. If we give our government everything they ask for to deal with the "terrorist threat" we simply will no longer have a free country, and it'll mean that unarmed citizens will only have the option of calling the police about a terrorist strike in progress, after which we will get to stand by and be helpless witnesses or participants in mass slaughter. All social "lockdown" measures can accomplish is to increase the efficiency of law enforcement. Anyone who thinks that the government is asking us to do this because they really want to protect individual citizens like you and me has no business in an adult public policy discussion on the basis of total ignorance of even recent history.

No law enforcement organization or set of organizations can protect us all short of deputizing practically everybody. While this actually might be a practical solution, i.e. making the "different" rules for law enforcement apply to almost everyone, it sort of nullifies the point of social control measures.

The other choice is to whenever possible, take responsiblity for our own protection. This means government issuing concealed weapons permits to everyone who doesn't have a police / mental health record. This means that the government needs to start encouraging businesses and private individuals to start using "best practices" computer security, even if it interferes with what law enforcement wants. This probably eventually means firearms and unarmed combat training in the public schools, teaching on personal computer security (firewalls, anti-virals, good practices) as well as integrating training on self-defense against biological warfare into health classes. Doing the last should be extremely easy, and might even result in health classes full of awake students for a change. This means junking the "gun-free" zone laws at/around public schools and a new policy where teachers and adminstrators are encouraged to carry guns on campus. When will we be hit with a terrorist nuke or a biowar attack? Good question. I expect to see one or more within my lifetime. These paragraphs are to allow people who believe in freedom to have a constructive response to our leaders who are going to demand that our society be locked down in order to prevent future terrorist attacks. If my recommendations are implemented, people will still die, but in fewer numbers.

Most important, terrorists will be looking for safer countries to terrorize where they don't have to figure on many angry citizens shooting back within seconds of their opening fire no matter where they try it. If this ever happens, a terrorist in the unfortunate position of needing a safe place to operate should probably try Australia or the UK.

For what's probably a more useful look at security, check out the Defcon site discussing the Defcon Hacker Convention in Las Vegas, where hackers, corporate / military / government computer security people, media types, and a horde of less describable people get together to talk shop every year. On it is convention info, links to the obvious, and a ftp site.

Hacking / Anarchy files - WARNING/DISCLAIMER

A personal warning about hacker / "anarchy" files. Some of the information is useful. Some is EXTREMELY dangerous. There are no tags to tell you which are which. If you screw up with the information found in some of the files, you will go to jail or you will get permanently dead or possibly both. Nor should there be, as what might be moderately safe for me to try might result in you turning your neighborhood into a smoking crater. If you're stupid enough to try that, your neighbors probably would be missed by someone. If you've got doubts as to your ability to do what these files describe safely, don't even think about trying them. The main interest a reasonable person will take in the less legitimate looking information linked to here is in making sure these interesting things do NOT happen to you or your business.

While it is quite true that using these files, you can do a "cookbook" approach to cracking and other usually anti-social activities, the problem with the "cookbook" approach is that you can produce disasters for yourself even bigger than you had intended for your targets. Unless you know the principles on which "cracking" programs are based and the environment in which they are supposed to be used, use them and you're in for a heap o' trouble. The word hackers use for people who can run software to crack sites but don't understand the basic principles is "script kiddies". Don't be one.

Examples: if you try running a unix "crack" program on your ISP and it's running WinNT. . . if you ask your sysadmin for help, you'll be lucky if you ONLY lose your account. As for cookbook chemistry. . . even the most reliable stuff whose origin is military/CIA about "field-expedient" explosives (try your Federal bookstore) presuppose that a certain percentage of the INTENDED users, i.e. ones with military training will blow themselves to bits. This is called "acceptable risk" "fortunes of war" and the results often come home in body bags.Your odds aren't quite as good.

Many of the "hacker" tools have completely legitimate uses by system administrators. In general, a hacker tool is for the purpose of doing things in a software environment that the manufacturer specs say aren't supposed to be done. Sometimes, doing these things is necessary or convenient for network troubleshooting / debugging for people who know exactly what they are using and why. SATAN is a very good way to find out how vulnerable one's own network is, and in fact, was developed for that specific reason. Even Back Orifice could be an extremely useful tool for sysadmins to allow remote operation of a network user workstation. The fact that a sysadmin or technician has a collection of software of this type probably means that the user is competent and concientious, not that he's an EVIL SYSTEM "HACKER" TYPE.

l0pht.com

Cult of the Dead Cow

2600 Magazine

Chaos Computer Club

Phrack

Toxyn

!Hispahack

Pulhas

Usenet newsgroup alt.2600

Usenet newsgroup alt.hacher

More Security Links:

Axent Technologies,

Computer Security Institute,

National Computer Security Association

Rootshell

And check out this site. While it's labeled "hacker" it contains some stuff that power users and sysadmins will find interesting. Check out the rest of the site which has nothing to do with this page, it's worth seeing.

If "spy-tech" interests you, check out THIS site. You can check out some excellent technical info on RF bugging technology they sent me right here.

Here is a discussion of perimeter alarm sensors. It's detailed and complete. This is a manufacturer document on geophones.

_

Virus Hoaxes

Have you gotten an e-mail warning about a deadly virus which will destroy your computer if you open the e-mail with the title listed? Examples include "Good Times" "Win a Holiday" etc. These messages are "viral hoaxes". If you pass the phony warning on, you've been bitten and so has the recipient. At least check out a warning before you pass it along. A fairly current listing of fake virus warnings can be found at Hoaxbusters at the Lawrence Livermore National Laboratories site. You can get more information about fake viruses at here.

It used to be that the only way anything you get through e-mail can hurt you is if you opened file attachments, e.g. computer programs, formatted text documents, etc. THOSE you should check via virus scanner, for more info on virus scanners, go to my new users page.

The combination of Windows 98 and MS Outlook Express will support automatically executable e-mail files. While this can be turned off in the program and scripting can be disabled in the OS, buffer overflow exploits and other methods have been found to make ugly surprises possible without opening e-mail. The problem is a very bad Outlook Express security model. Nearly all the e-mail virus and other major alerts you've heard about lately pertain exclusively to Outlook Express, or take their most malignant form (mailing themselves to OE address books) in OE. While I'll probably upgrade to Win98-2E, I'm not using Outlook Express for e-mail. While separate e-mail programs such as Eudora which I'm using support automatically executable e-mail, this option can be turned OFF and that's what you should do as well. If you haven't gotten the point, I recommend that you dump MS Outlook Express NOW for a safer program. It appears that at this point, this means any non-Microsoft mail product. Address book conversion utilities from MS Outlook Express to whatever you decide to use are generally available. I'm not so sure about mail filters, but you're probably better off printing out the filter files and reentering into the new software manually if you can't find a conversion utility.

I'm going to stop reporting MS Outlook / Outlook Express problems on this page. It's gotten to the "MAJOR SECURITY PROBLEM OF THE WEEK" point. Last week's was ANOTHER buffer overflow exploit where it no longer takes opening a infected file to hose your machine, all it takes now is opening an infected piece of mail. A patch is available on the MS site. If you run MS mail products, you deserve to get hammered. If this choice is dictated from above, find a smarter employer. This one is worth reporting: Join MSN, become a spammer. It uses YOUR Outlook/Outlook Express address book to mail "invitations to join MSN" with your personal endorsement attached to everybody in your address book. First company I know of that puts a spamTrojan into its software. "it's not a bug, it's a feature".

Microsoft Antitrust Case

On the MS antitrust case, Jim Warren's column does an analysis of Judge Jackson's decision.

• Part 1
• Part 2
• Part 3

It appears he decided as he did because he did understand MS anti-competitive tactics with a clarity matched by almost nobody in either the mass media or worse, in the computer press. Note that he was appointed by Reagan because he was and is known as a conservative and pro-businsee judge. Why didn't this case get fast-tracked to the Supreme Court as Judge Jackson requested? Apparently, Justice Rehnquist's son is a legal counsel for Microsoft. If he gets away with it, we've got a new way to bribe anybody on the Supreme Court. Just hire one of their kids and pay them far more than the market rate. I may have to apologize for my previous remarks about MS lack of innovation. This is pretty original. I would have made an under the counter deal to hire justices after their retirement as trustees of one of the Gates or MS foundations, i.e. a highly paid position at which nobody expects the employee to show up. Of course, so is building a spam generator into e-mail software that runs without the owner's informed consent. _

Year 2000 (Y2K) Problems

While Y2K didn't turn out to be a disaster, the fact that it generally didn't does not mean disaster has been permanently abolished. To learn how to prepare for earthquakes, etc. click here. Read it carefully. The job or business you save may be your own. Or, it may simply save your ass. This text was left here to support anyone who came here via the old Y2K link which leads here.

General Computer Links:

I see Win95/98 as a very elaborate DOS shell. So you can avoid this shell game and boot to DOS 7 when you need to, check this out.

For interesting ways to really optimize Windows 98, go to 98Lite and try either their freeware or shareware Internet Explorer removal package. Yes, it works. Yes, it helps. No, I won't accept liability for its failure, particularly if it turns your computer into a miniature black hole and your neighborhood goes into the void. But it's worth looking into.

If you are planning to upgrade to Win98, read this first. It'll probably be OK in a few months. (written 7/18/1998)(6/1/1999) It still has stability problems.)(written 1/2/2001 - It STILL has stability problems, I've been running it for 14 months. As does its successors. I'm planning to move to Linux full time in a few months. (7/08/2002) Make that 3Q-4Q 2002... waiting a bit longer for better Office compatibility and some more graphics apps to come out. But I can't think of a single good reason to switch to XP... even with my machine upgraded to be fast enough for it.)

Actually, I wound up not making the switch until September 2004. The good news is that while the problems with 98SE were never actually fixed, running in Linux emulation, they don't matter any more.

If you'd like a free full scale C++ compiler (DOS, so you can learn how to program, download BC++ 5.5 from Borland - there's a free download edition, command line tools only, i.e. it runs from DOS. Given that if you want to learn C on Unix, you'll be doing this from a unix command line instead, this is no big deal; if you can't function at a command line, you are not ready to learn programming. Remember to get the TurboDebugger as well. (same URL)You'll have to register onsite to get it.

Linux

Since the following before the horizontal line a few paragraphs below was written, I've become a full-time Linux user, using Win4Lin to run a Windows emulation for the legacy Windows software (Office 97, PaintShopPro, Corel Draw I still use, generally because there are no Linux replacements yet that do everything I need to do in order to make a living. Oddly enough, at this point, I'm making a living writing how-to pieces on . . . Linux.

I use the Fedora Core (the community version of Red Hat) Linux distribution, by and large, everything I don't do with legacy Windows apps I do in Linux. What I get from Linux is stability and general immunity to Windows malware. I'll just say I can watch any multimedia a Windows or Mac user can, my Web browser is Opera for Linux, and I do most of my word processing in the Linux version of Textmaker, I back up both to a mirror drive and to compressed DVD-R archives, and I'm actually rather happy with my setup. To find out how I did these things, go to my Linux tutorials at Techbuilder.

Regarding Win4Lin, the Win4Lin 9.x product is something of a headache to set up, but works extremely well. The Win4Lin Pro version as of this writing (10/2005) has serious problems, e.g. no shared Linux-Windows clipboard (i.e. what's the difference between this and dual boot?) and I can't recommend it. Win4Lin 9.x requires a kernel patch to allow upgrading main Linux system that it runs over, and Win4Lin Inc. promises but as of now, doesn't provide it, expecting the user to do her own kernel patching. If either Pro or 9.x aren't fixed, my next emulator upgrade will probably by to VMware.

---

Note: I'm aware of Open Office and Lycoris Linux, I just haven't had time to update this section yet. I'm also aware of the CodeWeavers utilities for running MS Office 97/2000 and Netscape Windows plugins on Linux... and I recommend that the prospective Linux user check into them carefully. (revised 10/2005 - VERY carefully, don't buy it until you know the Windows apps you need run with it.

Though this isn't for the average consumer or many businesses quite yet (I expect a user-friendly distribution out in the next few months) consider linux. It still has user interface and installation issues, it has a DOS-like command line that even a novice user will have to use occasionally. It is stable, powerful, it's the most common OS used in network and ISP servers along with the Apache Web server. It is also free of charge, though if it is purchased as a CDROM distribution, the disk with installation package, the applications distributed as part of the OS, and is often distributed with an office suite (word processor, spreadsheet, terminal, database, presentation manager, and maybe a browser) for prices in the $30-90 range. The available suites are StarDivision and Applixware. I've seen them compared to MS Works and to MS Office. Both are nominally compatible with MS Office applications, though not necessarily with the latest file formats. Some formatting informaton may be lost, and macros are not transportable. Given that file compatibility is a sometime thing even with different MS Office applications and between platforms, this isn't always a problem. If you insist on paying for a PC style unix, BSDI. You will get better hand-holding for what you will pay them.

Here are MS Office file conversion utilities for Linux formats.

If you need other reasons for considering linux, see what Microsoft employees on NT and here and unix vs. NT white paper or the US Navy ship that was run on NT and had to be towed home. These mostly apply to servers. "Due to the potential for system failure, many IS organizations shied away from using Windows NT in mission-critical application environments." Netscape is available for Linux and reputedly runs faster even on older machines than it or Microsoft Internet Explorer runs on newer Pentium computers. Download it from Netscape. The Opera Web browser (the one I use) is being ported to the Linux environment. The beta is available now.Oracle is being ported or may be available, by the time you see this, support for Linux by Sybase has been announced. Most of Microsoft's major competitors have announced some level of support for Linux, including IBM, which has even ported Linux to thelr S/390 mainframes.

For a description of current uses for linux for the general and corporate environment at the workstation level, try this San Francisco Chronicle article Wrestling for Desktop Dominance. For discussion of installation of Linux, try Installing Linux is Tricky from the same paper. Quotes: "Burlington Coat Factory . . . is installing 1250 Linux systems" "The office of the Kern County Superintendent of Schools. . ." For an organization to convert to Linux, in general, the users must be primarily communicating via formatted documents with each other and via e-mail and text files in most other cases so that MS Office applications compatibility are irrelevant most of the time, though VMWare may make running a normal (unlike WINE emulator) Windows in a virtual machine environment workable. If you're thinking of using an emulator on your primary machine, make certain that your important applications will run properly on it (do more than make sure the program loads) and there are alternatives for less important programs in the native OS you're trying to migrate to.

At the free level, one can request support from other Linux users and developers at comp.software.os.linux Usenet newsgroup. There are also options for paid support by the hour or by service contract. Red Hat offers it, as to several other organizations. (I'll get them here later)

zdnet Linux resource pointers.

Slashdot regularly has lots of coverage on linux OS, applications, books, vendors, programming, etc.

For those who need Windows emulators, there's or the more hardware dependent VMware. It appears to be faster and stabler than WINE. If I remember correctly, linux versions are downloadable there.

You can download the Corel Word Perfect beta there for free personal use, and they are planning to have a complete applications suite

PC Guide is a reference describing the internal workings of a PC (Wintel platform) in sufficient detail to allow knowledgeable users to make changes. Wish I'd known about this years ago. They also sell a CDROM.

There's also some good info here on upgrading motherboards. The format at this site is unusual, it's actual chapters from various books from that publisher relating to various aspects of repair / maintenance of PCs. Judging from what I saw on that link, some of these books might be worth buying. Personally, I'd rather have a book next to me than a printout from a Web site if I'm working on PC hardware for the first time.

For interesting reviews of PC hardware and tweaks and tricks (e.g. how to run a processor faster than its rating), try Tom's Hardware. There's some especially good info on K6 motherboards which support AGP, etc.

Need help in deciphering file extensions used in the Wintel environment? Go to the File Extensions page. I personally have set all of my directory display utilities, Windows Explorer, My PowerDesk, and X-Files (I almost never use Windows Explorer) to display file extensions. If one is deleting files, it is a hell of a lot safer to know just what one is deleting. That's what file extensions are supposed to tell you, and Microsoft's attempt to conceal them from the user by setting the Explorer, etc. defaults to not display them is a disservice to the user.

Here's more specific information on overclocking, e.g. how to run an Intel Celeron 366 MHz chip at 500 MHz. Note that due to peculiarities of the Celeron, the experimenters are claiming better performance than a 500 MHz conventionally used Pentium II.

If you missed the other links, for a start on learning y2k (year 2000) problems, click here.

Looks like a lot of things seemingly out of the dim past are coming back. . . like mainframes. If you're building a monster web site where you have reason to expect tens of thousands of people connected at a time, the mainframe may be the logical solution. If you've got a corporate database already on a mainframe, this article will tell you how to get it on the Web without porting it to another operating system. The mainframe. Now forget the word "mainframe". Think real big database / transaction / web server that requires specialized people to run it.

An interesting alternative to this is Cisco Director at the Cisco site. It serves as a front end to do load-balancing over up to several hundred inexpensive smaller servers, i.e. Wintel clones. Some of your favorite Web sites use it.

For the ugly truth about Windows NT in a high-volume environment, click Microsoft internal NT user problems and here and especially MS Terraserver foulup, in a Computerworld story where Microsoft fired up a Web site with a terabyte's worth of satellite photos, bragging about how it would show "the tremendous scalability" of Windows NT and its SQL Server database companion. The overwhelmed TerraServer site crashed and burned right after opening. unix vs. NT white paper.

Check John Walker's site out if you're seriously into computers and innovative technology. If you have trouble getting in or it's running slow, try the mirror site.

If you want to find out what the old days of computing were like, click here. Also recommended is the book "Hackers".

A glossary for telco acronyms can be found here.

---

Random Choices

Patent related information: US Patent Office, the site now includes full-text search capability. You can also do patent searches of patents issued from 1971 to present, at IBM's searchable patent database. Since the search engines are slightly different, you might be well advised to search on both. If you're into making technology, you'll probably want this.

For an irreverent look at new tech, try Street Tech, a "computer hardware and consumer electronics review and discussion site". "Our goal is to rant about the stuff that sucks and rave about what doesn't."

Historical information on Colossus, the first (predating ENIAC) more or less general purpose / more or less programmable computer. Check the links.

If you like what you see here, click http://mindit.netmind.com/proxy/http://www.ecis.com/~alizard/index1.html">here and click the appropriate place on the menu bar over this site you are about to see. Note that I have absolutely nothing to do with Netmind than as a person who's used it for years and found it satisfactory, the menu bar is theirs, not mine.

After you fill out the site registration, it will automatically let you know when this page changes. Since Web sites tend to change at random intervals, URL-Minder is a good way to let you know about new content to save you the trouble of clicking on a site and finding nothing new. This page is updated infrequently enough to make this wort