ONLINE ISSN: 1525-898X
PRINT ISSN: 1525-9366
August 2, 1999
A Curmudgeon's Look at Business and Technology,
Featuring the Stuff You Really Need To Know
Privacy, Security... Fahgeddaboutit: I'm beginning to feel like the Mel Gibson character in the movie Conspiracy Theory. As I reviewed the accumulated news clippings from the past week, a disturbing pattern emerged. It's obvious, at least to me, that there's a full-blown assault underway that threatens both our personal privacy and the integrity of the data stored on our computer systems. I may be paranoid- I'll ask the others in my group therapy session for their opinion- but in the meantime, judge for yourself:
Major PC manufacturers are shipping systems with massive built-in security holes, according to Wired. Since last November, Compaq has been selling Presario PCs with a little utility named SpawnApp buried in its installed Internet applications. The program was intended to assist Compaq's support personnel in handling customer problems over the Internet. But due to the way in which the software was installed, the program can also allow hackers to access, alter or delete any file resident on affected systems. SpawnApp, when properly triggered, can run virtually any program without the user's knowledge. Despite media reports of the potential vulnerability, Compaq is only now considering remediative action. Hewlett-Packard corrected a similar weakness in its Pavilion PC line within a week of its discovery. Still, there are millions of Compaq and HP machines out there with drive-a-truck-through-sized security holes.
The problem's hardware-specific, though, so you don't need to worry about it, right?
Okay, how about the Cnet report that Microsoft has confirmed a security hole in their Office 97 application suite that can allow malicious code to take over users' PC without their knowledge? Microsoft's Jet data access software version 3.51 allows code contained in an Excel 97 worksheet, hidden in a web page or sent via email, to plant viruses, delete data, or read files. Jet is also used in Microsoft's Exchange messaging server and is the default database used by Visual Basic. Microsoft urges everyone to update to Jet 4.0, contained in a file called Microsoft Data Access Components version 2.1, available from the company's web site. You mean Bill didn't call you personally to warn you that your assets were in danger? Shocking!
Okay, so you don't use Excel, you don't have an Internet connection, you don't have a modem; dammit, you don't even have a computer! Your personal financial information is safe, right? Guess again, debenture breath. A June investigation by the Los Angeles Times revealed that many banks routinely hand over to the government all their financial information on all their customers on a quarterly basis. See, the Feds have a marvelous program in place to track deadbeat dads. Every three months, states distribute to the banks in their jurisdictions lists containing the names of individuals who are delinquent in their child support payments. The banks are supposed to look at the state-supplied lists, compare them to their lists of account holders, and turn in any matches. Problem is, it takes money to conduct such extensive searches, and we all know how hard up for cash big banks are, what with hiring extra people to count the money earned from ATM and checking account fees and sponsoring sports stadiums and everything. So, the banks just give the states their entire customer databases and let the states look at everyone's records. The Times noted, "in California, for example, 197 out of 388 reporting financial institutions have simply turned over their customer databases to the state Franchise Tax Board. And that is without even being asked to do so."
As if voluntary disclosure of supposedly private information isn't enough, the administration is considering creating the Federal Intrusion Detection Network (FIDNET), which would monitor government computer systems to detect unauthorized break-in attempts by hackers and, eventually, private-sector systems. Needless to say, the civil libertarians are screaming bloody murder about this one, too.
Wired quoted Peter Neumann, a scientist with SRI International and a consultant to the President's Commission on Critical Infrastructure Protection, who said, "Computer security is an oxymoron - it doesn't exist. It's a joke. There's no way of fixing it short of producing new operating systems."
Maybe the evil government guy Jon Voight portrayed in the motion picture Enemy of the State is right: "Privacy's been dead for 30 years... [t]he only privacy's that's left is the inside of your head." Great. And I can't get the voices in there to shut up.
Those Three Little Words: The media have discovered they can add drama and excitement to their stories just by adding the simple phrase "On The Internet" to their headlines. "Teens See Nudes... On The Internet" sounds much better than "Teens See Nudes... After Discovering Dad's Secret Cache Under The Clothes Hamper In The Bathroom." It all boils down to human nature. People do stupid things everywhere... in their homes, in public libraries, at work... even On The Internet! Last week's mass murder in Atlanta wasn't sordid enough; it got a media spike with the revelation the killer had lost a bundle while engaging in day trading... On The Internet! Would the telephone system get fingered if he had called in his trades? Would public transportation get the rap if he had taken a bus to his broker? Look, the guy was obviously mentally ill, and that's what precipitated the tragedy. When the fine young fellows in white arrive to outfit me in that special sports coat with the sleeves that tie in the back, it'll be due to the natural neurotransmitter imbalance in my brain, not because I write this newsletter... On The Internet! I was nuts long before the Net was invented, and I have the Rite Aid receipts to prove it. (By the way, did you know you can now get your prescriptions refilled... On The Internet!?)
Somewhat Ambiguous: Reportedly, the marketing slogan Microsoft has selected for the next interim release of Windows is "It Just Works", which indicates the software giant is either honest or clueless. Especially if one places the emphasis on the word "just". Some of the alternatives to the word "just", suggested by Microsoft Word's thesaurus, include: It Scarcely Works; It Hardly Works; It Slightly Works; and It Barely Works. And they say there's no truth in advertising. Our suggestion: It Just Works... On The Internet!
Things You Never New Existed: is the title of the Johnson Smith Company's mail order catalog. The Bradenton, Florida based outfit (941-747-2356) is a great source for novelty t-shirts. The newest additions include "You're The Reason I'm Medicated", "Do They Ever Shut Up On Your Planet?", "Evil Shouldn't Look This Good", "You're Just Jealous That The Voices Talk To Me", and "Your Village Called. Their Idiot Is Missing." Other items for sale include: an electric rat in a trap; official 1994 World Series baseballs (there was no '94 Series due to the strike, but they made the balls, anyway); replica championship wrestling belts; secret leg wallets; magic tricks; masks and costumes; and an array of books and videos on such topics as amazing lost technologies, UFOs, and computer hacking secrets. See the Y2K section for information on their "Millennium Bomb" book. Surprising postscript: Johnson Smith is not On The Internet! Maybe they know something we don't.
Quotes of the Week:
"I bought a 600 MHz Pentium II so I could reboot Windows faster."-Unknown
"It has become appallingly obvious that our technology has exceeded our humanity."-Albert Einstein
"Re-engineering is like performing an appendectomy on yourself. It hurts quite a bit, you might not know exactly how to do it, and there's a good chance you won't survive it."-Scott Adams
"If you don't know where you're going, when you get there you'll be lost."-Yogi Berra
"Meetings are an addictive, highly self-indulgent activity that corporations and other large organizations habitually engage in only because they cannot actually masturbate."-Dave Barry
The KGB Random Quotations Generator has nearly 2,900 entries and is frequently updated. Visit it online at http://www.kgbreport.com/kgbquote.shtml.
Trivia: The confetti-like paper fragments punched out of computer cards or paper tape are called chad. There are a couple theories surrounding the origin of the term. Our favorite: there was a fellow named Chadless who invented a keypunch machine that didn't generate paper waste. Instead of completely punching out holes in the cards, it cut u-shaped tabs which, when folded back, created a computer-readable hole. So, if the Chadless keypunch didn't produce waste, the stuff the other keypunches did generate should be called, logically, chad. This week's question: what television series ends its ten year run this Sunday, August 8? First correct answer gets a KGB Consulting mousepad. We ran out of 1999 KGB Consulting tetradecagon pop-up calendars, but we received a call from the supplier that the Y2K editions (featuring lovely shore birds, by the way), are being shipped, provided the second credit card company doesn't decline payment like the first one did. Keep your fingers crossed.
Miscellany: An April survey of 1,546 adults by the Pew Research Center revealed 69% of Americans think the rise of the Internet is a change for the better, while only 36% harbor similar feelings for Viagra. The gender of those surveyed was not revealed, but you can do your own extrapolation... Martha Stewart Living Omnimedia filed with the SEC to raise up to $100 million in an initial public offering. The company did not specify the number of shares it would sell or set a price for them. They must be doing okay, though; disclosure documents revealed Martha made $4.8 million in salary and bonuses last year. That's a lot of lemon zesting... The new U.S. Census form will allow people to write in their ethnicities instead of having to pick one category and ignore others to which they may also belong. I plan on writing in "American"... Anyone else see the irony in the failure of NASA's Deep Space 1 probe to photograph the asteroid it intercepted last week? The asteroid's name: Braille. On the plus side, NASA was able to crash a lunar orbiting satellite into the Moon last Saturday in a search for surface water. None was found, which means Pennsylvania Governor Thomas Ridge will issue an edict forbidding car washing and garden watering on the lunar surface. (Sorry... inside joke there for our PA readers.)
Useless Web Sites of the Week: Feeling anti-social? Vicious? Want to relieve pent-up stress... On The Internet!? Visit http://www.riponsomeone.com/, a site that allows you to send e-mails containing animations of a computer-generated teen performing virtual moons, middle finger salutes and crotch grabs. Look at http://members.tripod.com/~davodd/play/renodance/ for a different take on the US Attorney General. Our obligatory Star Trek reference of the week: see Captain Kirk do the Macarena at http://www.cs.newpaltz.edu/~ludwig95/kirk/kirk.html. Want to tick off the ASPCA members in your office? Look at http://www.amused.com/fish.html. Want to really tick them off? Try http://www.joecartoon.com/reddot/gerbil.html. Want them to chase you through the office with sharp objects? Then http://www.joecartoon.com/reddot/blender.html is for you. Finally, if you can't stay up to watch the weekly Wednesday camel videos on ABC's World News Now, you need http://meded.med.uci.edu/~dalvarez/cgi/camel/hump.cgi.
To Hell With Y2K...What About Today?? Major computer outages and failures occur on a daily basis, and life goes on. At least Y2K is a known problem. Some recent incidents that blindsided the computer dependent:
Mother Nature's Reboot: The Pittsburgh area was nailed by a thunderstorm of historic proportions last Wednesday, and we never saw it coming. Sure, the National Weather Service had issued its daily heat wave weasel forecast, which admitted the possibility of "isolated thunderstorms due to moist and unstable atmospheric conditions". But even the meteorologists were stunned by the speed with which the storms developed over Ohio and raced southeast. KGB's backyard weather station recorded 3.59 inches of rain during the three-hour event, which exceeded the total rainfall we had received for all of June and July. The storm caused the temperature to plummet 23 degrees, from 88.1 to 65.1, in about a half hour. Then another inch of rain fell in a smaller storm that passed through early Thursday morning. Thousands of trees were knocked down, blocking roads and damaging utility lines. Flash floods and backed up sewer lines rendered several major arteries inaccessible. Most of the South Hills area of Pittsburgh had no water for half a day and hospitals pressed their disaster response plans into operation. Over 122,000 electrical customers were affected as a result of the storm, and about 5,000 were still without service on Saturday morning. The continuing heat wave was also responsible for widespread sporadic outages Friday as temperature damaged transmission lines and near record power demands wreaked havoc with the storm-impaired system. Finally, additional thunderstorms on Saturday night knocked out power to another 6,000 homes. What's our point? Despite major failures and widespread damage to the area's infrastructure, the totally unexpected disruption was mostly an inconvenience, albeit a major one. Civilization did not end. Although they were without electricity, water or access to transportation, there were no reports of people grabbing their children and firearms and hiding in their cellars. Just keep this in mind as Y2K approaches.
But On The Other Hand: We reproduce without comment the following Johnson Smith Company catalog entry for its "Millennium Bomb" book: "Y2K Conspiracy? Hold on to your hairpieces, folks! What a ride this is! Betcha you don't have the foggiest about the true purpose of the Y2K "crisis". Emmy Award winning (really!) author, Tim Swartz, astounds you with paranoid scenarios. Is the military-industrial complex creating a phony "national emergency" to suspend the Constitution, raise taxes and raid your bank accounts? Are the leaders of a clandestine group plotting to create an all-powerful planetary regime? Or is it the beginning of the final phase of an alien takeover of the entire planet? We're not suggesting you run for the hills, but it sure (well, probably) beats watching Japanese monster movies at 3am. 150 amazing pages."
More Hysteria: A week after the Gartner Group issued a warning that unscrupulous contract programmers hired to correct Y2K problems could have added secret "trap doors" into systems, Michael Vatis, director of the FBI's National Infrastructure Protection Center, issued a warning that unscrupulous contract programmers hired to correct Y2K problems could have added secret "trap doors" into systems. Right on top of things, aren't you, Mike? Listen guys, the Y2K connection is just a smokescreen. Programmers have been hiding trap doors in software since the creation of computers. AP noted that an unidentified New York bank that hired overseas Indian contractors to repair its software discovered in 1996 that one of the programmers had added code to transfer money to his own account. The cynic in me wonders if companies are using the Y2K connection as a way to cover their butts - and collect insurance money - if a bunch of programmers disappear from Manhattan after the first of the year and set up their own island kingdom in the South Pacific.
Bunkering Down: In a move of Strangelovean dimensions, the government is setting up a Y2K Information Coordination Center, to be constructed at a cost of $40 million, in a former Secret Service bunker near the White House. The center will open shop this Halloween and shut down in June 2000, provided western civilization is still around.
If You Don't Want Us, Just Say So: I send complimentary copies of KGB Report to various media outlets in the vain hope someone in a position of authority will spot my obvious talent and give me a real writing job with a big salary that will allow me to stay in my basement office and generate banalities in my underwear. Unrealistic, you suggest? Perhaps, but as Jane Wagner notes, "delusions of grandeur make me feel a lot better about myself." Goal number two: I hope you find the information interesting and/or amusing. If you fall into category (c), None of the above, I don't want you to have to go to all that effort throwing the envelope away every week. Let me know at firstname.lastname@example.org, or drop me a line at the address in the masthead. Sure, the rejection might set my treatments back a week or two, but my Blue Cross doesn't run out until September 1.