[Previous entry: "Geneva Convention on Saddam?"] [Main Index] [Next entry: ""]

12/15/2003 Archived Entry: "Snooping at WSIS"

Here's all you should need to know about proposals for the UN to control the Internet: at the recent World Summit on the Information Society, attendees were bugged with RFID tags without their knowledge. In the name of "security," of course.

I'm no particular fan of ICANN -- the Internet Corporation for Assigned Names and Numbers, the folks who administer the assignment of domain names. But I'd much rather this be administered by a "private sector" group like ICANN than by a political body. We've seen what the U.S. government has tried to do to the internet in the guise of "protecting children," "controlling spam," and, of course, "national security." And now the feds want to monitor your Internet phone calls.

The UN would be all of that and more, with each tinpot dictator and every disgruntled lobby trying to force their agendas onto the Internet. So much for freedom of speech, freedom of commerce, privacy, and anonymity.

No thanks. I can live with ICANN.

A few security updates: a recent web browser flaw is unusual in that it affects both Internet Explorer and Mozilla (and presumably Netscape). This "URL spoofing" lets a malicious web site or email display a phony URL in the address and status bars. Secunia has a test which shows the problem. According to MozillaZine, "While Mozilla-based browsers ... are immune to the more serious Address Bar spoofing, they appear to be vulnerable to the Status Bar variant...Mozilla users are advised to not rely on the URL displayed in the Status Bar and to check the complete address of the destination page in the Location Bar upon arrival." So be cautious when surfing, especially to untrusted sites. Update: I've just checked my Opera browser, and it doesn't have this bug. Better still, Opera warns you that the URL is suspicious when you click on it.

Thanks to dj for sending us the link to the WeLoveTheSCOInformationMinister web site. Aside from a choice collection of quotes, there's a good set of links along the right side for more information about the SCO/IBM/Linux squabble. And I'm tickled to see that my Nigerian spam parody is included...looks like this item developed some "legs" and is popping up all over the Internet.

Microsoft bash du jour: December started out so well for Microsoft, with microsoft.com running on Microsoft software again, and no security updates. Well, almost no updates. Then, having declared "no fixes" for December, a serious flaw emerged in a previous patch. What to do? Stay with the much-touted monthly update schedule, and risk another Slammer worm, or issue just one teensy little fix off-schedule? I suppose fixing the URL spoofing problem, and the random number bug in Excel 2003, can wait until January.

It brings new meaning to the phrase "Total Cost of Ownership."

Brad

Powered By Greymatter