TEK THOTS


Electronic Newsletter



+-+-+-+ +-+-+-+-+-+
|T|e|k| |T|h|o|t|s|
+-+-+-+ +-+-+-+-+-+


TEK THOTS
Volume 4, Number 3
March 30, 1999
Published irregularly by Scott C. Holstad

=============================================================
Copyright Notice
Copyright (C) 1999  Scott C. Holstad
All enclosed material may be used for non-commercial purposes.
=============================================================

*********************************************************************** 
DISCLAIMER The views and analysis expressed in Tek Thots are the author's own, and do not
in any way reflect the views of EarthLink Network, Inc., the author's employer.
***********************************************************************

CONTENTS

-- News/Editorial
-- PC Thots
-- Web Development Thots
-- This Issue's Software-O-Rama
-- Stock Thots
-- Newbie Thots 
-- Game Thots
-- Privacy/Security Thots


=============================================================

News/Editorial
------------------


* Hello, and welcome to a new issue of Tek Thots.  As I write this, the Melissa virus is
wreaking havoc by sending unseen email messages extrapolated from MS clients around the
world.  Entire networks are failing as a result of the email loads.  Pretty amazing.  
From what I've heard thus far, it sends an attachment.  Whether this is true or not,
again, as I've said before, whenever you get attachments, scan them with an updated
scanner, and even then be careful.  Someone going by the handle of Sky Roket is the
alleged author of the thing, and it appears he used AOL to post it.  The only thing
scarier than this virus to me right now is that MSN is launching broadband trials.  
Scary!  ;)


* You O'Reilly fans (aren't we all?) have to check this site out:
http://www.shmooze.net/~cmv/porn.php3


* Snagged from News.com: Those engineering wizards at Alexa Internet not only include some
of the loveliest ladies on the Internet, but some of the wittiest.  Turns out that when IE
5 users do an Alexa-powered "Show related links" command from the Microsoft home page, the
second option is linux.org.


*	AOL/Sun alliance.  Can we say "acquisition" folks?


*	My buddy, Dennis Poledna, brings us his thots:

Microsoft Phoenix

Raise your hand, or hit Enter, if you were using a personal computer before
Microsoft Windows arrived on the scene. I'm proud of you, o hearty pioneers.
The majority of those using a PC began coming on board when Microsoft put
a GUI on top of the Microsoft Disk Operating System. Everyone who is now
saying that Apple did it first can leave the room. We all stole from Xerox
PARC by the grace of the Xerox corporate folks who were unable to see a
revolution when it was right in front of them.

So what? So I'd bet the ranch that there is a GNU Linux group in Redmond. I'd guess that
it's a small, unpublicized group. I'd guess that it might save Microsoft.

Save Microsoft? Why should a corporation whose stats read like theirs need
saving?

They need to be saved from the installed base of Windows/NT. They need to be saved from
the tens of millions of lines of spaghetti code that is Windows 2000. The installed base
of Windows and NT draws a sharp line around Microsoft innovation to the point where coding
anything that's a real improvement has to be like building an aircraft carrier in a
bottle.

Open source Windows for GNU Linux. Now wouldn't that be fun! And real productivity apps
for Linux - I'd definitely like that. Anyone who says that Applixware or Star Office are
productivity apps - noble efforts that they are - has never tried to produce with either
of them.

Granted, the GNU Linux purists will get their knickers in a twist about being co-opted by
someone whom they regard as the Great Satan but, the rest of us would get a robust,
scalable, usable O/S.

Stay tuned.

Dennis Poledna
defragc@hotmail.com


============================================================

PC Thots
-----------

* Think that Microsoft's announcement of a "reorganization" has nothing to do with the DOJ
breathing down its neck?  Think again.  There are rumors that Microsoft will actually
split into several organizations; we'll have to wait to see....


* If anyone has to wonder why Compaq does so well in the marketplace, I'm a living
example.  My Compaq computer's been a gem and the service I've gotten during a couple of
glitches has been fine, so I've recommended it to others and at least two other people
have bought the computer based upon my recommendation (that I know of).  That's the type
of service companies like Packard Bell NEC should be striving for.


=============================================================

Web Development Thots
-------------------------------


*	From Java World:

Sun extends Java to support XML 

Company seeks to help developers build apps that integrate two technologies 



March 10, 1999 -- Sun Microsystems has announced it is creating an extension for the Java
platform to provide support for the Extensible Markup Language (XML). The company said
this move will make it easier for developers to build applications that integrate the two
technologies.

The extension will take the form of a standard API that will be developed using the Java
Community Process, which takes input from multiple vendors to define Java standards.

XML is used to create documents that are distributed over networks such as the Internet,
and is sometimes seen as a successor to HTML. (For a comprehensive look at XML, see Mark
Johnson's article in this month's issue of JavaWorld, "XML for the absolute beginner".)
While HTML describes only how a document is formatted, XML provides more complete
information about the data, making it a more flexible tool.

Several XML proponents -- including Sun, IBM, and Microsoft -- have already developed
programs that allow applications written in Java to read XML. Sun's goal is to define a
standard that will ensure that those programs, known as "parsers," will all work together,
said Nancy Lee, Sun's senior product manager for XML.

"There are a lot of different implementations out there at the moment. [A common extension
for XML] will benefit enterprises because they'll be able to count on this API to be
stable and secure, and they needn't be concerned about incompatibilities with each vendor
using a proprietary parser," Lee said.

XML also offers a standard format for exchanging data between businesses and could help
lower the cost of developing applications for electronic commerce, supply-chain
management, and other programs that rely on business-to-business communications, Lee said.

"That's the promise of XML, but there's still a lot of work to be done," Lee said. For
starters, vertical industries need to define common vocabularies for the information they
want to exchange, she said.

The extension for XML will provide standard classes to generate and manipulate XML, as
standard extensions should be available for just about every Java platform, Lee said.

"Developers won't need to build these classes themselves, and XML documents won't be as
bulky as they might be because we won't need to include these classes in the application
code," said Anne Thomas, senior consultant at the Patricia Seybold Group in Boston, MA.

Sun has outlined an initial version of the XML extension, which provides basic
functionality, including the capability to read, manipulate, and generate XML-based data
streams and formats, the company said. That version will provide a starting point for the
Java Community Process.

                            --James Niccolai, IDG News Service


=============================================================

This Issue's Software-O-Rama
-------------------------------------

* Conceal's Private Desktop (http://www.signal9.com/cgi-bin/cpd.exe), according to their
Web site, is the first solution on the market to bring privacy management to non-technical
Internet users. Easy to install and easy to use, it runs seamlessly with all desktop
applications and has all the power and robustness required to fully protect connections to
the Internet.

ConSeal Private Desktop works closely with trusted applications, allowing
them to make only the connections required to do what the user needs, and
nothing more. No application, program or applet can communicate with the
network without being first identified by the user as "trusted". ConSeal
Private Desktop keeps network connections private, allowing users to enjoy
the full benefits of the Internet without risk from hackers and cybercriminals. 

Sounds interesting.  Any Tek Thots readers tried this one out yet?  I'd like feedback on this.


=============================================================

Stock Thots
--------------

* Autobytel hit the ground running with their IPO, as could have been expected.  I bought
my car through them in 1996 and their service and only improved since.  The opened at
around 23 and closed at over 40.  Look for it to be a strong stock.


*	Good stocks:  Lucent, AT&T, MindSpring, AOL, Geocities, Yahoo!.
	Bad stocks:  Fonar, SRS Labs, Newport, IDT


=============================================================

Newbie Thots
---------------


* Hit counter.  How do you get 'em on your new Web site, especially if you don't know CGI
programming?  Well, there are a number of sites out there to help you.  Here are several:

	*	http://www.charweb.org/charweb/htmlgroup/counters.htm
	*	http://www.fccc.edu/users/muquit/Count.html
	*	http://www.digits.com/faq.html
	*	http://www.digitmania.holowww.com/
	*	http://members.aol.com/htmlguru/access_counts.html
	*	http://home.earthlink.net/~amp74/index.html
	*	http://counter.bloke.com/
	*	http://www.bcpl.lib.md.us/~sandyste/ezcount.html
	*	http://www.markwelch.com/bannerad/baf_counter.htm
	
	
=============================================================


Game Thots
---------------

* I've been enjoying a new game out there, one which was heavily anticipated:  Sid Meyer's
Alpha Centauri.  I was going to write a review until I came across one which is probably
better - and far more in-depth -- than the one I would have done, so here it is, thanks to
Tom Chick and Gamecenter.com:



Civilization II is arguably one of the best games ever created for the PC. So it's not
surprising that expectations are sky-high for Sid Meier's Alpha Centauri, the latest title
from Civ II developers Meier and Brian Reynolds. But given the reputation of these auteurs
of the gaming world, it's also not surprising that they've lived up to the prerelease
hype. Indeed, in many ways Alpha Centauri exceeds its expectations. It's easily one of the
best turn-based strategy games you'll ever play.

Civ II in Space? Alpha Centauri's basic mechanics are almost identical to the Civilization
games. If this were a first-person shooter, you'd say it uses the Civilization II engine.
The unit building is very much like Simtex's Master of Orion games. The basic theme--rival
factions struggling to colonize an unruly planet--recalls Sierra's Outpost (fortunately,
the similarities to that half-baked mess stop right there).

However, it's important to realize that Alpha Centauri is not so much something new as it
is something extremely well done. The inevitable complaints that the game is just like
Civilization II are tantamount to saying Half-Life is just like Doom in a missile silo,
Diablo just like Nethack with graphics, and Grim Fandango just like Zork with pretty
pictures. These comparisons all miss the point that game design is often a matter of
refining and twisting the genres we love and letting us rediscover them as if they were
new.

Just as Half-Life wasn't diminished by its skillful incorporation of other games'
elements, Alpha Centauri isn't less of a game for bringing together some tried-and-true
turn-based strategy conventions: resource production, city management, diplomacy,
population morale, technological advances, military units, and so on. But a laundry list
of the game's features doesn't do it justice.

Suffice it to say, the usual suspects are all present, accounted for, and nicely polished
(with the exception of a few clunky interface snags and some obtuse technology names). The
subtle twists and innovations that may not be apparent at first are what really make Alpha
Centauri special.

Each game of Civilization evolved as you discovered new units and governments, stretching
and shattering paradigms as you played. A Chariot trumped a Phalanx and was, in turn,
trumped by a Musketeer. The change from Despotism to Monarchy led to your first spurt of
growth; Monarchy was, in turn, eventually replaced by Fundamentalism for military conquest
or Democracy for economic prosperity. It was clear-cut and by the numbers. Alpha Centauri,
on the other hand, takes a modular, do-it-yourself approach to paradigms. You build your
own units from the pieces you discover through technology. The combat model encourages a
combined arms approach in which the best armies will have varying units that complement
each other. Similarly, you cobble together your own form of government from a grid of
social choices. Whereas Civilization funneled progress through a handful of historical
trappings, Alpha Centauri is like Legos for strategy gamers. It is truly a tinker's
delight.

One of the game's greatest achievements is that its open architecture doesn't sacrifice
flavor. This easily could have been a generic sci-fi milieu. Instead, it's a story that
features eight distinct players: seven Factions and one Planet. The Factions are today's
ideologies (the communist, the corporate free-marketer, the environmentalist, the
religious fanatic, and so on). This gives the game an accessibility often missing from sci
fi, in which evil empires, noble rebellions, and scaly aliens are a dime a dozen. The
battle of some Blurg Empire with some Galactic Alliance is far less compelling than the
battle of U.N. peacekeepers with China's former chairman Yang. Advances are introduced
with literary quotes from sources as diverse as Nietzsche, Melville, and Dickens. Alpha
Centauri places things we know in an unfamiliar world.

The seven Factions all have specific strengths and weaknesses, calling for different
styles of play. They also have very definite personalities when played by the computer.
Unlike Civilization's rather bland Gandhis and Napoleons (who'd just as soon nuke you as
offer tribute), Alpha Centauri's players are distinct and memorable, led by vivid
personalities. In fact, I must confess that in spite of her bad haircut, I'm strangely
attracted to one such personality, Sister Miriam--never mind, I probably shouldn't go
there.

By casting the Planet itself as a character, Reynolds and Meier have an ideal
framework for the avenging Mother Nature model that made Civilization a favorite
game of environmentalists everywhere. If you choose to pillage the Planet (a
perfectly viable choice in gameplay terms), you'll have to contend with this
eighth character. If, however, you coddle and accommodate her, she'll end up
becoming a valuable ally. Part of the fun is watching how this evolves in the
context of the endgame. 

For Citizens and Transcends Alike
Alpha Centauri builds slowly, allowing new players to gradually sink into the
game; but there are new options for automation that streamline the gameplay
for anyone who doesn't want to micromanage base development and
terraforming. On the opposite end of the spectrum, the game parameters are
laid bare in text files, so advanced gamers can tweak the basic mechanics to
effectively create a whole new game. For those somewhere in between, a
comprehensive scenario builder lets you make maps, set victory conditions,
limit which factions play, and so on. 

In testing the AI, I was pleasantly surprised to see the computer could adapt to
a Waterworld scenario I made, which forced emphasis on naval and air units.
Unfortunately, the AI is rather weak when it comes to effectively combining
units into an efficient fighting force; it tends to trickle out units. Also, the
adequate manual is missing a much-needed index, but context-sensitive online
help makes up nicely for this. 

As a multiplayer game, Alpha Centauri is currently evolving. The developers at
Firaxis promise an imminent patch to add hot-seat and play-by-email support.
Hopefully, some nasty lockups during LAN games will be addressed as well.
But ultimately, multiplayer support is just a bonus. Even if it were a
single-player-only game, Sid Meier's Alpha Centauri would still be deeply
satisfying because it brings the familiar mechanics of our favorite strategy
games to a whole new level and a whole new world. 


=============================================================

Privacy/Security Thots
---------------------------

* Finally, after 4 and 1/2 years in prison awaiting his actual trial, Kevin Mitnik reached
a plea bargain with the Feds.  Go to the 2600 site for more info, but what's disturbingly
consistent with this whole case is he continues to get screwed by the Feds.  They've now
defied a Federal court order allowing him access to a laptop which he had been using to
prepare his case.  As the DA said, "he doesn't need it anymore."  Kevin's guilty; of that,
there's no real dispute.  But, hardened criminals spend 2-3 years in the Pen for hard
crimes, and Kevin's in prison for over 4 years simply awaiting a trial for hacking?  
Seems rather spurious to me.....


*	Hacked Sites courtesy 2600
 	JUST HACKED: 
      www.anuies.mx 
      www.baraka.org 
      nmimc1.med.navy.mil 
      tuxedo.jpl.nasa.gov 
      www.sindec.gov.ve


*	To snag the evil Melissa macro:

THE SIMPLE SOLUTION: Use the options in Word97. With this option, Word can
warn you when a document is opened that has a macro in it. You are given the
option to look at the document without the macros or to allow the macros to
run. To check or correct your settings do the following:

1. Open Microsoft Word. 
2. From the Tools menu, Select Options....
3. Select the General tab.
4. Make sure the check box by Macro virus protection is checked.
5. Click the OK button at the bottom.
6. Close Microsoft Word.

If you happen to open a file that contains a macro, a dialog box will
appear. If you are certain the file does not contain a virus, click the
Enable Macros button. If there is a shadow of a doubt, click the Disable
Macros button.

As always, use updated virus scanners....


*	The L0pht recently released info on another NT bug:

Microsoft Windows NT 4.0 implements a system-wide cache of file-mapping objects for the
purpose of loading system dynamic link libraries (DLLs) as quickly as possible. These
cache objects, located in the system's internal object namespace, are created with
permissions such that the 'Everyone' group has full con trol over them. Hence, it is
possible to delete these cache objects and replace them with others that point to
different DLLs.

When processes are created, the loader maps/loads the loading executable's imported DLLs
into the process space. If there is a DLL cache object available, it is simply mapped into
the process space, rather than going to the disk. Hence, there is an exploitable
condition, when a low-privilege user replaces a DLL in the cache with a trojan DLL,
followed by a high-privelege account launching a process. The high priveleged process will
map in the trojan DLL and execute code on behalf of the low privelege user.

For full details, visit: http://www.l0pht.com/advisories.html


*	From JED:


New 8K Aerostat Surveillance System Unveiled 

Thirty-knot winds greeted Lockheed Martin's new commercial-off-the-shelf aerostat
surveillance system during its recent demonstration at the Association of the US Army's
symposium last month in Orlando, FL. The Lockheed Martin Tactical Defense Systems (Akron,
OH) booth featured a 5x8-ft. screen that displayed live footage of the surrounding area
from the aerostat via its electro-optical (EO) camera, its most-often-used surveillance
sensor. The camera demonstrated its capability by monitoring a launch from the Kennedy
Space Center (Cape Canaveral, FL), including the rocket's first-stage separation. "We
[also] successfully showed linkage through the aerostat from ground vehicles with remote
cameras, to our booth," said a source at Lockheed Martin.

The aerostat system consists of an 8,000-cubic-foot (8K) Class IV-shaped envelope and its
36-foot-long trailer. The trailer is separated into three sections: sleeping quarters for
the crew; a complete TV studio, including all the monitoring equipment associated with the
aerostat's various payloads; and the service bay, which contains the launch-and-retrieve
winch/tether system, repair center, power generator, and the golf cart used to remotely
maneuver the aerostat during launch, recovery and relocation.

The aerostat's radar systems provide coverage to a 30-km radius, capable of monitoring
troop, equipment, aircraft and vehicle movements. A 725-mm EO camera provides visual area
surveillance to a distance of over 10 km. EO/infrared laser ranger/designators and
electronic support measures can also be carried aloft. Directional and omnidirectional
antennas can relay communications to a line-of-sight distance of up to 70 km.

The aerostat system is designed to be a quick-deployment, long-term complement to UAVs and
satellite reconnaissance. The system gives area commanders continuous, real-time knowledge
of troop activities in the theater, allowing for quick decisions to be made without
waiting for satellite imagery to be interpreted or UAV payloads to be recovered or
received.

The 8K system is also intended for deployment in urban areas, where its IR abilities will
aid in the location and observation of both friendly and hostile personnel in city
streets. It is also being offered for anti-terrorism and peacekeeping duties. The system's
trailer fits into the cargo hold of a transport aircraft, and is pulled to its deployment
point by a standard dual-axle pickup truck. Once on site, a two-person crew can deploy or
recover the system in less than two hours, making for a mobile command center that can
move as troops advance. The aerostat can carry payloads up to 180 lb. to an altitude of
1,000 ft. using low-pressure, lighter-than-air gases. Information thus gathered is then
relayed to the operations section of the trailer via a fiber-optic tether.

"It [has] reasonably low vulnerability, because of the low-pressure gases. You can shoot a
bunch of holes in it and eventually in one or more hours you bring it down, patch the
holes and send it up again," stated the source.

Lockheed Martin produces the system with its partner TetherCam, Inc. (Ottawa, Ontario,
Canada). TetherCam provides the system to commercial customers; Lockheed Martin offers the
system, and its specialized payloads, to military and government customers.  Lockheed
Martin produces and services a variety of aerostats, including the four 420K aerostats
currently deployed - with six more slated to enter service - by the US Air Force along the
nation's southern border and coastline.



=============================================================

SUBSCRIPTION INFO

To Subscribe:  Send email to sch@well.com.  In the subject line, write "subscribe tek
thots."  In the message area, write your email address.

To Unsubscribe: :  Send email to sch@well.com.  In the subject line, write "unsubscribe
tek thots."  In the message area, write your email address.


At this point and until further notice, the email list will be handled manually.

=============================================================

Online versions of this electronic newsletter will be archived at:
http://www.well.com/user/sch/tekthots.html.


Copyright (C) 1999  Scott C. Holstad
ASCII Tek Thots logo courtesy Teri Osato



Click on to return to Tek Thots.