Volume 5, Issue 14 Atari Online News, Etc. April 4, 2003 Published and Copyright (c) 1999 - 2003 All Rights Reserved Atari Online News, Etc. A-ONE Online Magazine Dana P. Jacobson, Publisher/Managing Editor Joseph Mirando, Managing Editor Rob Mahlert, Associate Editor Atari Online News, Etc. Staff Dana P. Jacobson -- Editor Joe Mirando -- "People Are Talking" Michael Burkley -- "Unabashed Atariophile" Albert Dayes -- "CC: Classic Chips" Rob Mahlert -- Web site Thomas J. Andrews -- "Keeper of the Flame" With Contributions by: To subscribe to A-ONE, change e-mail addresses, or unsubscribe, log on to our website at: www.atarinews.org and click on "Subscriptions". OR subscribe to A-ONE by sending a message to: dpj@atarinews.org and your address will be added to the distribution list. To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE Please make sure that you include the same address that you used to subscribe from. To download A-ONE, set your browser bookmarks to one of the following sites: http://people.delphiforums.com/dpj/a-one.htm http://www.icwhen.com/aone/ http://a1mag.atari.org Now available: http://www.atarinews.org Visit the Atari Advantage Forum on Delphi! http://forums.delphiforums.com/atari/ =~=~=~= A-ONE #0514 04/04/03 ~ No To Web Access Taxes ~ People Are Talking! ~ Spam Battle Rages! ~ File-Swapping Students ~ Sendmail Still Flawed! ~ Cautious Upgrading! ~ Net-Privacy Heats Up! ~ Royalty Rates Proposal ~ MS-Java Appeal On! ~ Microsoft After Google ~ NetZero Now High-Speed ~ Enix, Square Merge! -* PayPal Denies Law Violation! *- -* Most IT Experts Mistrust Microsoft! *- -* Microsoft Approves Some Changes In Windows *- =~=~=~= ->From the Editor's Keyboard "Saying it like it is!" """""""""""""""""""""""""" Leave it me to revel about the terrific improvements in the weather last week! Naturally, that quick glimpse of spring returned to the dreary hold by winter! It actually has snowed a few days this week, and it's predicted that more is on the way. Give us a break! It seems that winter has been held steadfast in the Northeast by a pesky and stubborn weather pattern, not that I'm a self-proclaimed weather expert! I just want to see spring take a solid grasp in this part of the country! My goal with regard to my editorials within these pages is to primarily be light-hearted. After all, we're not the New York Times or the Washington Post. A-ONE is a hobbyist undertaking. We're not prone to getting involved in politics and other topics of truly serious nature. But I find myself less able to focus on the foibles of Microsoft, internet taxes, and the like that we usually cover week to week. These past couple of weeks have been ones that have forced us all to focus on more important world events. As I've mentioned before, I'm neither a hawk nor a dove with regard to world events. The war in Iraq is unfortunate, but I believe something that was necessary to undertake. Many people - myself included - find themselves glued to the television, radio, or internet trying to stay abreast of the news going on overseas. This war has been like no other war in history. Technology has made it possible for news of this war to reach us immediately. Technology has been improved so much that attacks on a major city can be made with minimal collateral damage. Journalists are now embedded with front line troops and providing instant reporting. And other than the likes of idiots like Geraldo Rivera and Peter Arnett, journalists have used extraordinary restraint of giving details that could hurt the war efforts, and our troops - and yet report the news effectively. Does this justify the war? Of course not. But now that we're entrenched in this cause, I want to see it reach its inevitable conclusion. And it's something I feel that I need to express - even if it's in an editorial in a hobbyist magazine dealing with computing technology. Certainly my opinions on this topic have absolutely nothing to do with my Atari roots. And I certainly don't plan to make this a regular subject. At the moment, it's where my thoughts lie. Until next time... =~=~=~= PEOPLE ARE TALKING compiled by Joe Mirando joe@atarinews.org Hidi ho friends and neighbors. We'll get to the news and stuff in just a little bit, but I want to complain about one of my pet peeves for a while. I hope you don't mind, but since I've sort of got you as a captive audience, I'm going to go ahead regardless. Have you noticed recently that the quality of reporter on the evening news is going steadily downhill? I'm not talking about national news, mind you, but the local channel news. I must be getting more and more rigid in my old age, because the sight of one of those hair-gelled, bobble-headed, half-informed, comprehension-deficient stringers makes my blood boil. I can remember back when I was a kid and one of the local stations hired a young woman as a weather forecaster. The state was in an uproar because not only was she a she... she was young and quite pretty. But that was different. She turned out to be pretty good at her job. She had good communication skills, she could relate things to her audience, she even kept a professional air about her when things went wrong. That's something that we don't see a lot of these days. Last week came the straw that broke the camel's back. I don't know about trends in your area, but around here it's become quite fashionable to use the word 'literally' every chance they get. The new reporter, a young blonde that very probably found out in high school that it was easy to get ahead by simply smiling, said something to the effect of, "... that literally blew me away...". Now, the fact that she was still standing within the visual range of the cameraman convinced me that whatever it was had not literally blown her away, but had done so figuratively. Of course, after that one, I noticed it more and more. Whenever a marginal reporter got in front of a camera with a subject that they simply weren't equipped by God or evolution to comprehend, they fell back on "literally". Is this truly what we've come to? Is this how our generation will be remembered? Will future generations hold up this current crop of reporters as an example of what happens when school budgets are continually cut and standards are lowered instead of actually fixing the problem? I certainly hope not. That would literally kill me. Let's get to the news and stuff from the UseNet. From the comp.sys.atari.st NewsGroup ==================================== Jos van de Gruiter asks about hard drives: "I want to put a new SCSI disc in my Mega STe to replace the old 48 MB one. I've read (Atari FAQ) that there was a 1 Gb limit. Is it possible to use 4.5 Gb (it's difficult to get them smaller these days), I know 3.5 Gb will be wasted, but I was wondering if HDDriver would recognize/ see this wasted memory. Also, what is the maximum partition Diamond Edge can manage?" 'Jakie' tells Jos: "I played around with this and found the internal Scsi interface could only handle 1gig and one drive it was also very fussy, best bet would be put something like the link inside as there is plenty of room you could then use a big drive and connect more items if needed." Jos replies: "Well, I have an ICD print SCSI interface. Do you say that with that I can use all 4.5 Gb (Just like on my Falcon)?" Jakie tells Jos: "this thread now has me confused, I had always thought it was a 1Gig limit because of the Atari host, my testing was on both a Stacy and Mega ste running their own Tos, if this is the case and you have it maybe using MagicC would help, I have used this but only on a Falcon that will handle big drives anyway." Dr. Uwe Seimet tells Jakie: "Don't let others confuse you. What you say is correct. The 1 GByte capacity limit for SCSI drives connected to the MegaSTE is a limit imposed by the MegaSTE's hardware. With ICD compatible host adapters you can make use of larger drives, without such an adapter you can only access the first GB of a SCSI drive. Note that these limitations do not apply to the TT and Falcon as they have a full-featured SCSI bus. There are also limits with the partition sizes, depending on the TOS version. These limits, however, are independent from the hardware. TOS 1.0x can handle partitions up to 256 MB, TOS 2.0x/3.0x up to 512 MB, TOS 4.0x up to 1 GB. Larger partitions require MagiC or MiNT, which support FAT32 or Linux ext2 file systems." Mike Stepansky asks about emulators: "Now that I have played with STeem emu on a PC, I am wondering which emulator is the most stable, virtually "complete" (or almost there) ST on a PC? I have yet to try STew, Nostalgia, Pacifist, GEMulator, Aranym (sp?), SainT, TOSBOX, Stonx, PowerST, Chimeric (?), Winston (now known as Stew, I think), Echo, Fast....and non-TOS emulator called Hatari. When people say "2600 emulator for PC", people would think "Stella" come to mind. Which ST emulator is popular for WinXP and one for DOS (or whatever)? Finally, how do I connect the classic Atari CX40 joystick in a PC? I have no clue as how to I find adapter for that one? Is there a walkthrough steps on the web? Or doe anyone care to sell a modified CX40 joystick? (does it use serial or parallel or USB?)" David Wade tells Mike: "STEEM for games and MIDI. Gemulator for program development..." Petr Stehlik adds: For program development we launched the ARAnyM project (http://aranym.sf.net/ ) - we think it is better suited for that task thanks to its almost unlimited RAM, perfect graphics capabilities, direct disk access/hostfs access, networking capability and also the JIT compiler for CPU (ARAnyM is thus extremely fast - you can use even GCC for compiling C source code - something that almost nobody does on old Atari computers." Mike adds another requirement to his emulator use: "I just want to use Atari classic CX40 joystick and nothing else. Now, does anyone have (or sell) existing adapter for the CX40 joystick? I want to plug it in and ready to play with ST games running under STeem on a PC. I don't want to make one because I know nothing about electronics and don't know who to find one to build one for me. I am hoping to find a universal adaptor which will allow me to use this CX40 joystick to work on a PC running Stella (2600 emulator), Atari800Win 3.1 (800xl) emulator and also STeem. There's gotta be a way to find one who knows how to make one for me (and for other ST users) and I will PAY for it." Peter tells Mike: "The universal adaptor for CX40 was developed by the Atari800 project. Now you just need STella and STeem to follow it." Tim Anderson adds his thoughts: "I find that Steem is the best one if I want to play games of any kind. Use TOS 1.62 for STe games. I must admit I haven't actually got any games that don't work on it. If you want something a bit more advanced for applications, I find you can't beat Aranym but network support doesn't yet exist for the Windows platform." Edward Baiz asks about a particular ethernet card for use with STinG: "I was wondering if anyone has gotten STing to work through an EtherNet card and a router. Does STing have to have the driver for the card (with STX extension) have to exist before this will happen or is there some other way. I would like to get it working so I can use BNET to talk to my STe so as to be able to back it up using my Hades." Pierre Tonthat tells Edward: "My LAN is Atari only : Falcon and MegaST4. Both have EtherNEC cards and all is linked to a DSL router-modem called Netgear DG814. This router has also a switch (4 RJ45 ports). Works pretty well, but: - when I boot/switch on/use for the first time this router: ~10 seconds for the router to recognize the Atari machine (no DHCP). - sometimes, the DSL connection won't start (> 10 s), I have to reapply the connection parameters in the small website/firmware of the machine. The ROUTER.TAB must be configured to routes the IP addresses to the WAN like this: 192.168.0.0 255.255.255.240 EtherNet 0.0.0.0 0.0.0.0 0.0.0.0 EtherNet 192.168.0.1 Falcon has 192.168.0.2 MegaST has 192.168.0.3 DG814 has 192.168.0.1 I use the official and none-modified ENEC and ENEC3." Kenneth Medin adds: "Yes, the .STX file is in fact a driver for the particular card. If you have a .STX that fits your Ethernet solution _and_ computer you will be OK. Others have to tell what solutions there are for a Hades. David Wade tells Edward that he is... "Not sure which way round the question. If you are using the Cartridge or ASCI adaptors, with ISA cards as per http://hardware.atari.org/ then there are STing drivers included. I use my STE via my Router and it all works fine. If you have DHCP on then you may need to reserve an address for the STE as the STing driver needs static IP. I put some info at http://www.dwade.freeserve.co.uk/atari/main.html " Kenneth Medin asks about using a LaserJet printer with his Atari: "Is anyone using the Laserjet 1200 printer with Atari hardware? I tried today with my Stacy and it did not work at all. With a basic setup the printer did not react at all and the computer acted as if everything got printed. With Iprn parallel accelerator activated the computer did a total freeze and only the reset switch responded. I tried a program written by myself that talks PCL5, A NVDI4 Laserjet 5 driver and standard ASCII printout with Everest. None worked. I then tried a Laserjet 6 printer and all was fine, strange! cables are OK. The Laserjet 1200 claims to be both PCL 5e and PCL 6 compatible. PCL 6 is a new standard that can't be used with Atari's afaik. But PCL 5e should be backwards compatible and therefore work just as well as with a Laserjet 6 printer. As the Iprn auto folder program crashed I suspect the printer is sending something back to the computer using bi-directional parallel comms?" Rod Smith tells Kenneth: "A lot of modern printers do require bidirectional parallel cables with x86 hardware. I don't know how this would interact with an Atari ST, though. It might be worth trying an IEEE-1284 cable; at worst you'll be out a few bucks for the new cable. Before buying a new cable, though, you might try a PostScript driver. The HP LaserJet 1200 is supposed to understand not just PCL 5e and PCL 6 but also PostScript Level 2." Well folks, that's it for this week. Tune in again next week, same time, same station, and be ready to listen to what they are saying when... PEOPLE ARE TALKING =~=~=~= ->In This Week's Gaming Section - Square and Enix Merge! """"""""""""""""""""""""""""" =~=~=~= ->A-ONE's Game Console Industry News - The Latest Gaming News! """""""""""""""""""""""""""""""""" Birth of Square Enix May Rattle Videogame Sector Two Japanese makers of popular videogames merged on Tuesday to form Square Enix Co Ltd, a move that analysts said could shake up an industry faced with intensifying rivalries and rising development costs. The marriage of Enix Corp and Square Co Ltd, makers of the smash hit "Dragon Quest (DQ)" and "Final Fantasy (FF)" titles, also will likely plunge the company into the battle being fought by console makers for supremacy in next-generation systems, analysts said. Square Enix agrees, saying it would be a strong candidate to partner console makers in deciding how to shape the business scheme for the next-generation systems. "Not only because of our blockbuster titles, but also because of our know-how in the game business, console makers should naturally know who to pick," Square Enix President Yoichi Wada told Reuters in a recent interview. Videogame hardware makers, Sony Corp, Nintendo Co Ltd, and Microsoft Corp, are all believed to be developing successors to their current consoles, PlayStation 2, GameCube, and Xbox respectively, for launch in 2005-06. Taking part in the development of new systems is important for game makers as they can use the alliance to gather information and to protect their own interests. For console makers, alliances with game makers are also crucial. Sales of Sony's original PlayStation, for example, surged in the mid-1990s when Sony won the FF and DQ titles away from Nintendo's console. Asked whether Square Enix would consider a further alliance to beef up operations, especially abroad, Wada said not likely. "We expect new entrants to join the next-generation game service, which will potentially bring drastic changes to the industry. We need to keep our size at a level where we can stay flexible and focus on creating original content," Wada said. Wada also said the new company will be well placed to battle its rivals because of its streamlined structure. "Our merger will give us immediate benefits, including a cut in costs through the integration of our sales resources and a development alliance," Wada said. The new firm will also have an advantage in online games. Square last year launched an online version of the FF series in Japan and Enix operates an online roll-playing game service for personal computer users in Asia. The pact between the two game makers comes as the industry faces intense competition in a heavily saturated market and soaring development costs due to the increasing technical sophistication of game machines. Analysts said the merger, along with plans by struggling Sega Corp to join up with "pachinko" pinball-style game machine maker Sammy Corp announced in February, may be just the tip of the iceberg. "More mergers will come as ballooning costs will prompt game developers to seek partners to strengthen their financial footing and to get access to information on next-generation consoles," said Kota Nakako, senior analyst at JP Morgan. Tying up their operations has also reduced the vulnerability of Enix and Square, which separately were highly dependent on one title. Wada said the new firm will aim to stabilize earnings by releasing 20 new games annually, including the rotating launch of one new mega hit title. "The merger will benefit the maker of roll-playing games both in the short- and long-term," said Hirokazu Hamamura, president of Enterbrain, a game magazine publisher. "The only risk would be the departure of the development staff, which is not likely to happen since the management is taking extreme caution in implementing any changes," he said. Buy orders from institutional investors who manage index-linked portfolios were behind the stock's surge as the new firm is now worth over 200 billion yen, said Eiji Maeda, senior analyst at Daiwa Institute of Research. "Square Enix is highly competitive compared to its rivals and deserves a higher price-to-earnings ratio than the industry's average of 15," he said, pointing to the near-term target price at 2,400 yen. =~=~=~= A-ONE's Headline News The Latest in Computer Technology News Compiled by: Dana P. Jacobson Most IT Experts Do Not Trust Microsoft Three-fourths of computer software security experts at major companies surveyed by Forrester Research Inc. do not think Microsoft Corp.'s products are secure, the technology research company said on Monday. While 77 percent of respondents in the information technology (IT) field said security was a top concern when using Windows, 89 percent still use the software for sensitive applications, Cambridge, Massachusetts-based Forrester said in a report titled "Can Microsoft Be Secure?" The survey polled 35 software security experts at $1 billion companies. Forrester analyst Laura Koetzle said that "too few firms are taking responsibility for securing their Windows systems." Koetzle said that 40 percent of firms were not planning to make security improvements themselves and that only 59 percent of those who suffered security attacks have made changes to the way they use Microsoft software. Microsoft, the world's largest software maker, launched a company-wide initiative over a year ago to make its software more secure and trustworthy in the face of attacks that targeted the vulnerability and wide reach of its software. "We understand that achieving the goals of Trustworthy Computing will not be an easy task and that it will take several years, perhaps a decade or more before systems are trusted the way we envision," a Microsoft spokesman said in an e-mailed response to the report. "We are working to address existing security concerns, including patch management .... This is only the beginning and we are confident that customers will continue to see additional progress over time." In the most dramatic incidents, such as the Nimda and SQL Slammer worms that exploited holes in Microsoft software, patches were available from the Redmond, Washington-based company well before the attacks happened. In many cases, however, the patches were not implemented by system administrators and engineers. Koetzle noted that while Microsoft's patches for the last nine high-profile Windows security holes predated such attacks by an average of 305 days, too few customers applied the fixes because "administrators lacked both the confidence that a patch won't bring down a production system and the tools and time to validate Microsoft's avalanche of patches." Microsoft argues that it is doing a better job of informing customers about security holes in its software, but many customers are questioning the amount of work needed to implement additional patches and fixes to Microsoft's software. When the SQL Slammer worm, which slowed Web traffic worldwide and shut down automatic teller machines across the United States, hit in January, Microsoft had already provided a security patch that the worm targeted in July of 2002. But because the patch was difficult to install, Microsoft scrambled to create an installation program that would make it easier for companies to implement the patch. "Microsoft must develop new simple, consistent tools for applying patches and mitigating security platform risks," Koetzle said. Koetzle also said that IT professionals should work more closely with Microsoft and companies that write software for Windows to make sure computer systems are more secure, instead of blaming Microsoft for security breaches. Microsoft OKs Minor Changes in Windows Microsoft Corp. has agreed to a government request for minor changes in its Windows operating system to make it easier for consumers to use software from rival companies to browse Web pages, listen to music and send instant messages. Windows will now have a more prominent icon for a program that allows customers to make such changes. It also will include instructions describing exactly how to make those changes, people familiar with the decision said Thursday. Microsoft developed the program under its antitrust agreement with the Justice Department. The program, known as "Set Program Access and Defaults," lets consumers specify which company's software is routinely used for activities such as sending e-mails and instant messages, Web surfing and listening to music or watching movies. The placement change for the icon would save consumers a single mouse-click and make it visible each time a user clicks the Windows "start" button. The icon presently is located on a sub-menu one level deep. The program and other changes sought by the Justice Department were included last year as part of a package of updates, known as a service pack, for Microsoft's latest versions of Windows. It was unclear whether this latest change will be made as part of an upcoming service pack expected later this year. A spokesman for Microsoft, Jim Desler, said the company was "working cooperatively with the Justice Department to take its feedback, and we expect to make changes from time to time that reflect that feedback." The Justice Department declined to comment on specific changes it sought. "The antitrust division is continuing its efforts in enforcing compliance with the consent decree," spokeswoman Gina Talamona said. "The division works constructively with Microsoft to address issues that arise in this process." EBay Says PayPal Didn't Violate Law EBay Inc. said Monday that federal prosecutors in Missouri claim the company's PayPal operation violated a part of the Patriot Act by facilitating illegal gambling. As a result, PayPal might have to forfeit money it received from gabling sites, and it also might be subject to criminal liability, EBay said in its annual report filed with the Securities and Exchange Commission. EBay said Monday the U.S. Attorney's Office for the Eastern District of Missouri offered a complete settlement of all possible claims and charges covering a purported amount of earnings plus interest that PayPal derived from online gambling merchants from October 26, 2001, to July 31, 2002. The filing didn't provide information on the amount of earnings claimed in the letter. EBay, which is based in San Jose, Calif., said PayPal acted in good faith and believes that it didn't violate the USA Patriot Act. The company said PayPal calculated that the amount of its earnings from online gaming activities was less than what was asserted in the U.S. Attorney's letter. In October, Internet auctioneer EBay completed its $1.4 billion acquisition of PayPal Inc., giving it control of a top player in the Internet-payments market. EBay said it would be harmed by negative publicity, costs of litigation and the diversion of management time if the investigation were to lead to a civil or criminal charge. The company also said any finding of a civil or criminal violation, or potentially any settlement, could hurt PayPal's ability to obtain, maintain or renew money transmitter licenses in jurisdictions where such licenses are required, which would materially harm eBay's business. Beginning in July 2002, PayPal provided documents and information related to its services to online gambling merchants, in response to a federal grand jury subpoena issued at the request of the U.S. Attorney for the Eastern District of Missouri. Lawmakers Say 'No' to Internet Access Taxes Several lawmakers said Monday they would seek to make permanent a ban on Internet access taxes, hoping to sidestep the more controversial question of whether Internet sales should be taxed. Democratic Sen. Ron Wyden and Rep. Chris Cox, a Republican, said they would try to make the existing ban permanent before it expires in November, and Republican Rep. Chris Cannon said his committee would start work on the bill this week. "I think it's important to move this immediately," said Cannon, who chairs the House of Representatives subcommittee on commercial and administrative law. The moratorium, first passed in 1998, prohibits "multiple and discriminatory" taxes on Internet traffic. That means states, counties or other jurisdictions may not tax Internet access fees or Internet traffic. It does not address online sales taxes, currently prohibited under a 1992 Supreme Court decision that forbids states from taxing catalog, telephone and other "remote" sales. Cash-strapped state governments say they will lose an important source of revenue if they are not allowed to tax online sales, while online retailers like Amazon.com Inc say they can not possibly comply with the estimated 7,500 taxing jurisdictions nationwide. Various studies estimate that Internet sales deprived states of between $2.5 billion and $13.3 billion of sales taxes they would otherwise have collected in 2001. But some retailers like Target Corp and Wal-Mart Stores Inc have begun voluntarily collecting sales taxes from their Web sites, based on the customers' locations. States and other advocates of online sales taxes have sought to link passage of a permanent ban on access taxes with a new law giving them the right to impose sales taxes on the Web. But the three lawmakers sought to put distance between their proposal and the sales-tax issue, saying Congress could consider the two separately. "We hope (states) will be clear in their purpose, because then there's no way they can hijack this debate," Cannon said. "We want to get this out of the way now." A spokeswoman for a coalition of "bricks and mortar" retailers that backs online sales taxes said she did not object to making the ban permanent, but that it would not satisfy the concerns of states and retailers. "We believe that this moratorium does nothing to address the real issue, which is the collection of sales taxes," said Nicole Rowe, spokeswoman for the E-Fairness Coalition. Ban On E-Commerce Taxes Likely To Be Extended Anti-tax advocates sympathetic to the interests - and pocketbooks - of Internet service providers went head to head with tax administrators at a congressional hearing Tuesday over legislation that would permanently ban local and state governments from taxing Internet access. Congress has already enacted the 1998 Internet Tax Freedom Act, which was reauthorized for two years in 2001 and renamed the Internet Tax Nondiscrimination Act. The goal each time was to shelter a budding industry from local and regional taxes. Former Virginia Gov. James Gilmor, in endorsing the legislation, noted that the Internet and PCs have empowered individuals as citizens in a democracy, as consumers, and as entrepreneurs in unprecedented fashion. "America can embrace these positive developments and promote more of it by keeping taxes and regulatory burdens on Internet access to a minimum, or it can thwart them by taxing Internet access," he testified before the House Judiciary Committee's Subcommittee on Commercial and Administrative Law. But "the fledgling-industry argument is no longer relevant," said Harley Duncan, the executive director of the Federation of Tax Administrators. "Electronic commerce is becoming a mature and important part of the U.S. and international economy. In our estimation, there has been no showing that the purchase or supply of Internet-access services in the states that tax the services has been adversely affected. Neither has there been a showing of an undue compliance burden on Internet service providers that would justify the pre-emption. Continuing the pre-emption simply provides a special position for this particular communications medium." If Congress reauthorizes the ban, it should be for just five more years, said Duncan, whose association represents tax administrators from the states, as well as New York City and Washington, D.C. And jurisdictions that already tax Net access should be allowed to continue assessing levies, he said. Gilmor, who once led a congressional advisory panel on E-commerce, said Congress twice banned such levies. "These 'grandfathered' states faced a choice," he said. "They could either reverse their hasty decisions to tax Internet service or they could wait to see if Congress might change its mind." Some states did just that, Gilmor says: Texas eliminated its tax on Internet access priced below $25 a month, and Connecticut opted to phase out its tax on Internet access all together. Washington state repealed the local tax on Internet access that the city of Tacoma had imposed. Still, nine states collect an estimated $50 million a year in Internet-access taxes. Gilmor and others worry that allowing local and state governments to tax Internet access could replicate the problem they say confronts the telecom industry: a maze of overlapping and disparate taxes. "Just saying it doesn't make it so," Duncan countered. Net-access taxes are simple use taxes, like those levied on other services, he said. Most telecom taxes are a result of complex decisions made by state utility boards that regulate phone services. Jack Kemp, a former congressman and GOP presidential candidate, suggested that Congress go beyond banning Internet-access taxes and take steps to limit the ability of states to collect taxes on purchases made online. In fact, a consortium of states created a program known as the Streamlined Sales Tax Project to do just that. "The central issue in the Internet tax debate is not fairness as the NGA [National Governors Association] and some others would have us believe; it is taxation without representation," Kemp said. "States have been trying for more than three decades to tax people and businesses that are located out of state because politicians are acutely aware nonresidents can't vote them out of office." He said some states see online taxation as a way to help them balance their budgets. "But, as we have seen, economic growth, not new forms of taxation, is the key to solving budget shortfalls." Duncan contends that states, for the most part, aren't looking to Net-access taxes to balance their budgets. "While states have had to determine the manner in which existing taxes should be applied to Internet services and electronic commerce," he said, "there was no headlong rush to devise new schemes of taxation that in some fashion targeted the electronic-commerce industry." The bill has the backing of the Bush administration and is expected to be approved. Thus, Duncan is trying to tighten definitions so that ISPs, for instance, can't bundle Net access with other services that would normally be subjected to taxation in order to avoid any levy. Music Industry, Webcasters Agree on Royalty Rate An association representing Webcasters and a music industry trade group on Thursday submitted a proposal to federal authorities covering royalty rates for Internet music broadcasts for 2003 and 2004. The Digital Media Association and the Recording Industry Association of America filed the proposal with the U.S. Copyright Office, which will publish it soon for public comment. The RIAA and the Webcasting industry have been at odds in the past over how much should be paid in royalties to stream music over the Internet, with Webcasters arguing that the rates favored by the RIAA would put them out of business. In a statement, the DMA's executive director, Jonathan Potter, said "the agreement is a temporary Band-Aid that avoids millions of dollars of legal fees associated with a broken arbitration process." Potter was referring to the Copyright Arbitration Royalty Panel, the Copyright Office's process for determining disputed royalties. The CARP system, as it is referred to, has been widely criticized and legislation is pending before Congress to reform it. An arbitration panel set a royalty rate for Webcasts of music in February 2002 but that decision was rejected by the Librarian of Congress in May 2002. RIAA Sues Students for File-Swapping The Recording Industry Association of America has sued four university students who allegedly ran file-sharing networks on their school's local networks. The students, two at the Rensselaer Polytechnic Institute and one each at Princeton University and Michigan Technological University, operated "local area Napster networks," the RIAA said in a statement Thursday. File-swapping pioneer Napster was shut down by the entertainment industry two years ago. The RIAA had previously identified campuses as a hotbed of music piracy, but the lawsuits are the first the organization has filed against students. Before, the RIAA's legal fire was aimed mostly at companies offering file-swapping software such as Kazaa and Morpheus. According to the RIAA, the students operated Napster-like networks "designed to enable widespread music thievery." The students allegedly used software called Flatlan, Phynd, and Direct Connect to index files on the campus network and process search requests, according to the RIAA. In addition to setting up the networks, the RIAA accuses the students of making available hundreds, in some cases thousands, of copyright protected works on the networks. The answer to file sharing is not lawsuits, but making file sharing legal while artists get paid, Fred von Lohmann, senior staff attorney with the Electronic Frontier Foundation said in a comment posted on the civil liberty organization's Web site. The lawsuits are an example of how the music industry is treating music fans like criminals, Lohmann said in the statement. Napster indexed files and facilitated searches and downloads. The campus file swapping networks are different, because access is available on campus only, not to all Internet users. Last year, the RIAA sent a letter to 2,300 college presidents, urging the schools to tell their students to respect copyrights when using the universities' networks. The industry is stepping up its antipiracy campaign in going after the biggest individual file sharers. In January a federal judge ordered Verizon Internet Services to turn over the name of an individual music downloader to the RIAA. That ruling is being appealed. The RIAA and other entertainment industry organizations have been battling online piracy in court for years. They compare online sharing of copyright protected music, movies, and software to shoplifting. Net-Privacy Activists Bemoan Anti-Terror Agenda As long-haired computer programmers and bearded civil liberties advocates gathered in a hotel ballroom on Wednesday, it was the clean-shaven Army guards at the train station across the street who evidently dominated the agenda. Past sessions of the Computers, Freedom and Privacy conference have tackled government technology policies, including encoded communications and online privacy. But participants said anti-terrorism efforts appear to be the top concern this year. "You can have as much security as you want. It's just a question of what you are willing to give up for it in return," said computer security expert Bruce Schneier. From weakened wiretap laws to airline passenger-screening programs that check bank records and other personal data, domestic security efforts have shifted the agenda, said conference organizer Barry Steinhardt, with the heightened military presence around the city only the most visible change. "New York has, to some degree, the feel of an armed camp," Steinhardt, associate director of the American Civil Liberties Union, said in welcoming conference attendees. Speakers questioned what impact security efforts will have on personal liberties and whether those efforts would be effective at preventing attacks. Every government dollar devoted to anti-terror efforts is a dollar not spent fighting crime, disease or other threats, they said. At the same time, private businesses could use security as an excuse to further their own agendas - prohibiting sports fans from bringing coolers into a baseball stadium, for example. The new efforts will inevitably lead to abuses of power if unchecked, speakers said. "Privacy-invasive measures being developed right now would have been considered unthinkable a few years ago in Western countries," said George Radwanski, the Canadian government's privacy commissioner. "What we are confronting is a permanent redefinition of our societies." The conference covers a range of topics - from the growing use of video surveillance cameras in public spaces to the potential abuses of embedded radio frequency chips by retailers to thwart theft. While the conference has included national intelligence and Department of Justice officials in the past, this year there were few government representatives listed on the program. Most officials had declined to participate, Steinhardt said, saying they were occupied with other matters. Analysts from conservative think tanks like the Heritage Foundation stepped in to defend surveillance programs like the Defense Department's Total Information Awareness "data mining" effort, but they found few allies either on the podium or in the audience. As a result many discussions took the form of motivational pep talks rather than no-holds-barred debate. "We have a heavy burden on us here. We are fighting, in our way, an asymmetrical war," said Jim Dempsey, executive director of the nonprofit Center for Democracy and Technology. Dempsey said privacy advocates need to renew their old alliance with the business community, which in the 1980s sought to limit government access to their customer lists and purchase records, and reach out to Arab-Americans and immigrant communities facing increased surveillance. Security fears reduced attendance even among committed computer civil-liberties activists, several organizers said. Some potential participants stayed at home, citing fears of traveling during wartime. "In prior years, people were caught up in all the ways technology could fix social problems. What we are seeing now, with focus on security, is that technology is fixing things, but in the wrong direction," said Robert Guerra, an international human rights campaigner from Canada and one of the conference organizers. Among the scheduled events is a panel that will seek to expose "Stupid Security" technologies that fail to accomplish their stated goals, as well as the distribution on Thursday of Privacy International's "George Orwell Awards" - mock prizes for the biggest violators of citizen and consumer privacy rights among government officials and corporations as judged by a panel of privacy rights advocates. Court to Hear Microsoft Bid to Reverse Java Ruling Lawyers for Microsoft Corp. will be back in court on Thursday hoping to convince an appeals court to reverse an order forcing the company to carry Sun Microsystems Inc.'s Java programming language in the Windows operating system. A three-judge panel in Richmond, Va. will hear arguments from Microsoft and Sun over whether it should uphold a Java "must-carry" order imposed by a lower court judge in December. Microsoft is hoping to persuade the judges at the U.S. Court of Appeals for the Fourth Circuit that the "must-carry" order is "unprecedented, unnecessary and doesn't serve the public interest," Microsoft spokesman Jim Desler said. "We're going to make the point that this hasn't been done before," Desler said. At issue is a preliminary injunction issued by U.S. District Judge J. Frederick Motz in Baltimore, who has been assigned cases arising from the landmark government antitrust suit filed in 1998. The injunction is designed to remedy Microsoft's past antitrust violations and level the playing field between Java and Microsoft's .NET Web service software. The antitrust lawsuit filed by Sun, which is based in Santa Clara, California, charges that Microsoft has tried to sabotage Sun's Java software, which can run on a variety of operating systems, not just Windows. In his Dec. 23 ruling, Motz concluded that Sun had a good chance of winning its case against Microsoft. Without the injunction, Motz said, the contest between Java and .NET could "tip" in favor of .NET because of Microsoft's past misdeeds. Java is designed to run on a variety of operating systems, not just Windows. In its lawsuit, Sun charges Microsoft tried to sabotage Sun's Java software by a series of actions, most recently dropping it from Windows XP, which was introduced last year. The appeals court has put the district court's injunction on hold until it has a chance to rule on Microsoft's appeal. In a brief filed with the appeals court in March, Microsoft told the appeals court that the injunction would hurt both Microsoft and consumers. The company said there was no proof that Sun was in danger of "immediate, irreparable harm." A spokeswoman for Sun declined comment on the upcoming hearing. In its own brief filed with the appeals court, Sun defended Motz's ruling, and one of the company's lawyers called it a "thorough, well-reasoned decision." Andrew Gavil, an antitrust law professor, at Howard University in Washington, D.C., said the success of Microsoft's appeal will probably hinge on whether the judges believe the benefit to Sun from Motz's ruling is outweighed by the harm to Microsoft. Gavil said Microsoft's arguments could get a good reception among the Richmond appeals judges, who have a reputation for being one of the more conservative U.S. appeals courts. "It is not perceived as a place that is friendly to plaintiffs," Gavil said. "They might not like a case that is so invasive of a corporation's prerogatives." The judges may also be more receptive to Microsoft's argument that monetary damages would be enough to rectify the company's misdeeds, Gavil said. In addition to the injunction, Sun's lawsuit is also seeking at least $1 billion in damages. "They might be more skeptical of claims that damages are going to be inadequate," Gavil said. A settlement of the government suit was endorsed by U.S. District Judge Colleen Kollar-Kotelly in November, although Massachusetts and West Virginia are appealing. NetZero Launches High-Speed Dial-Up United Online has revved up its NetZero Internet access offerings, rolling out Tuesday a high-speed version of its dial-up service that uses compression and caching technologies for speedier surfing. NetZero HiSpeed is aimed at dial-up users who want faster access and aren't prepared to pay for broadband or who don't have it available in their areas. HiSpeed includes the company's Platinum Internet service and is priced at $14.95 monthly. HiSpeed requires a small software download, which the company says can increase Web surfing speed by up to five times the normal dial-up rate. The software compresses text and graphics on a Web page before it is sent; it also caches elements of sites that users visit. This eliminates the need to reload data when a user returns to a site, according to the Internet service provider. It's one of the first major new ventures from United Online, created by the merger of free ISPs NetZero and Juno Online in 2001. United Online is also marketing high-speed Internet services over Comcast cable lines, available first in Nashville and Indianapolis. United Online's new dial-up service comes on the heels of a similar service launched by rival EarthLink last week. EarthLink's speedy service, dubbed EarthLink Plus, is priced at $28.95 monthly and includes priority technical support, eight e-mail inboxes, and 10MB of Web space. Both companies gained compression and caching technologies from partners to accelerate their dial-up offerings. NetZero licensed technologies from SlipStream Data, while EarthLink is powering its Plus offering with Propel Software's Web accelerator. The Internet access providers' foray into high-speed dial-up speaks to the still large majority of Internet users who have not yet adopted broadband service. Microsoft Says to Take Aim at Google Microsoft Corp., the world's No. 1 software maker, on Wednesday said it is taking aim at privately held Google Inc., the Web-search company that's so popular its name is used as a verb. "We do view Google more and more as a competitor. We believe that we can provide consumers with a better product and a better user experience. That's something that we're actively looking at doing," Bob Visse, director of marketing for Microsoft's MSN Internet services division, said. Visse said the company was making some significant investments in developing a better search engine. But the company has not offered specific plans. Microsoft would not be the first Web portal provider to step into the Web search segment. Last month, Internet media company Yahoo Inc. closed its $235 million purchase of Internet-search company Inktomi Corp. Microsoft has said its been searching for ways to capitalize on its various technologies, for example data retrieval and analysis, by entering new markets. It has also targeted security software. Google, the No. 1 Web-search provider, has become so pervasive that it is not uncommon for people to refer to searching the Internet as "googling." A Google representative could not be immediately reached for comment. Google has been seen as a top IPO candidate despite a lagging economy, but a company co-founder recently told attendees at a high-tech conference that going public is not on the front burner for the Silicon Valley company. Sendmail Flaw Puts Systems at Risk, Again Systems running Sendmail are at risk of hacker attacks because of a flaw in the way the commonly used e-mail server software handles long e-mail addresses, experts warned Saturday. This second serious bug announced this month has some Sendmail users looking for alternatives. Sendmail does not adequately check the length of e-mail addresses. An e-mail message with a specially crafted address can trigger a stack overflow, potentially allowing an attacker to gain control of a vulnerable Sendmail server, the CERT Coordination Center warned in an advisory Saturday. Sendmail servers that aren't directly connected to the Internet are also at risk, since the vulnerability is triggered by the contents of a malicious e-mail message that can be handed on from server to server, CERT said. Many vendors distribute vulnerable versions of Sendmail and users should check with their vendors for a security patch, CERT said. Sendmail is the most commonly used MTA (mail transfer agent) and handles the majority of all Internet e-mail traffic. Sendmail and the Sendmail Consortium urge users of their versions to upgrade to Sendmail 8.12.9 or apply a patch, they said in a joint advisory Saturday. The Sendmail Consortium develops an open source version of Sendmail that is distributed with both free and commercial operating systems. Sendmail sells a commercial product based on the open source Sendmail software. The problem affects all versions of Sendmail Pro, all versions of open source Sendmail prior to 8.12.9, and several versions of Sendmail Switch and Sendmail for NT, according to CERT. The e-mail address parser flaw is the second "critical" bug in Sendmail announced and patched this month. The earlier vulnerability occurred because of an error in a function that checks whether addresses in the e-mail message header are valid. This could also allow an attacker to take over a Sendmail server, experts said. Some users have had it with Sendmail, according to postings on the topic on "News for nerds" Web site Slashdot.org. "This is the straw that breaks the camel's back. I'm changing to another MTA," writes one user. "Sendmail: The IIS of Open Source," writes another, referring to Microsoft's Internet Information Server Web server software, which has had its share of security issues. However, other forum postings criticize qmail and Postfix, two Sendmail alternatives, and point out that this latest Sendmail flaw is likely difficult to exploit. CERT said it successfully exploited the flaw to knock the Sendmail server offline and that it is possible to execute code on some systems by exploiting this flaw. Anti-Spam Technologies That Work When AOL announced earlier this month that it had blocked a record 1 billion spam messages from cluttering users' inboxes during a single day, company CEO Jon Miller said the company was succeeding in "can[ning] the spam." But AOL stopped short of saying it had quelled the spam epidemic - or even claiming a near-perfect record. With billions of messages issued each day from far-flung locales like Russia or Zambia, promising low-rate credit cards, university degrees or an endless supply of Viagra, that would be folly. After all, spam has metastasized as more and more companies have begun doing business on the Internet. Enterprises in particular are desperate to find ways to eradicate spam from their networks. However, choosing the right set of spam-fighting solutions is a tricky - and by no means foolproof - exercise in experimentation. J.P. Gownder, a Yankee Group senior analyst covering the small and medium business strategies space, told NewsFactor that a surfeit of spam presents major problems for businesses. Most obviously, it leads to loss of productivity as end users waste time deleting messages from their e-mail inboxes. It also taxes IT network administrators by tying up bandwidth and storage resources. In addition, spam puts companies at risk for liability. When employees receive what Chris Kraft, director of product marketing at anti-spam software provider Pure Message, described as "virtual Hustler and other porno or offensive content," businesses may find themselves accountable for contributing to a hostile work environment. To top it off, spam heightens network security risks because viruses frequently "piggyback" on messages downloaded to end users' computers, according to Gownder. And Kraft told NewsFactor that spam e-mails themselves are often scams and frauds that use social engineering tactics on unsuspecting employees. A spam message "may be mimicking as PayPal, asking for the recipient's username and password for security purposes," he said. "Or it may ask the end user to download a piece of software [in the attachment] that can turn their desktops into an open mail relay." According to Gownder, the variety of technological methods that exist for dealing with spam can be sorted into a few different categories. Both whitelists and blacklists work according to similar principles. Whitelists are set up to accept e-mail only from domain names and addresses that are placed on a list. Blacklists work on the opposite principle, barring certain e-mail addresses and domains. "The problem with blacklists is that they work only for an entire domain or for a specific address," Gownder noted. "[Barring a domain like] Hotmail.com might cause you to miss good e-mails. Meanwhile, spammers tend to use sophisticated programs that dynamically change the name part of the e-mail address over and over." More dynamic technologies also are available for blocking spam. These approaches typically are used in combination with each other or with the aforementioned blacklisting and whitelisting techniques. "Rules-based or heuristic engines are software programs that say, 'If an e-mail behaves in a certain way, it's probably spam,'" Gownder explained. And Ed Trujillo, president of Contact Plus Corporation, told NewsFactor that his company's flagship application, Spam Buster, uses what he called "pattern matching" to weed out spam. "We check for certain sequences, different character sets such as Korean or Russian, and build dynamically from that," Trujillo said. "We can then, for example, block out dot-suffixes of certain countries" from which an enterprise does not expect to receive correspondence. One of the most intriguing technologies is known as the "Honey Pot" or "Spam Trap." Gownder described it as a type of hunter-gatherer method in which an anti-spam vendor sends out decoy e-mail addresses that almost instantaneously attract spam. "They then distribute the origin of those spam e-mail accounts all across their network," he explained, enabling clients to set up rules that block spammers' access to end users' inboxes. In the end, however, Gownder warned that no method is foolproof. "Inherently, none of them can address the spam problem because they may filter out legitimate messages if they're using an algorithm to figure out what constitutes spam," he said. "On the other hand, if they're identifying something that is definitely spam, the spammers can get around it by dynamically changing the origin addresses." Fortunately, he added, enterprises can achieve reasonable success in canning spam by taking a layered approach and combining several methods in an intelligent way. If this sounds like an expensive and complex undertaking, it is. But it is vital to quell the spam flood so that employees can focus on the bottom line, rather than on deleting unwanted mail for the two-hundredth time. Caution Urged on Software Upgrades It's spring, and things are popping up all over, including software upgrades. Take time to smell the flowers, but also take time to think it over before you spring for "new and improved" software. In the early days of personal computing, annual upgrades of software actually added important functionality that wasn't present in earlier versions because: 1. We didn't know how to do that, or 2. we knew how, but the hardware to accomplish it could only be had with a Department of Defense-sized budget. Since Windows 95 and its successors lurched onto the scene, that has been pretty much no longer the case. For most of us, a word processor or spreadsheet program purchased five years ago will still provide all the functionality we need. This is a problem for the software industry. If you're selling pants, for example, you can look forward to the day when the last pair you sold gets ragged enough for spousal confiscation and the customer returns. Software, on the other hand, doesn't wear out. If the version of Word that came bundled with your computer a few years ago still churns out your monthly letter to Mom and stores the notes for the Great American Novel you're going to write someday, there's absolutely no reason to shell out for Word 2003 (or 2004, 5, whatever). Yes, the upgrades will have new bells and whistles and be able to go through more hoops. But for most of us, that's kind of like a mid-life crisis sports car that will roar up to 150 miles per hour. The car can drive that fast, but the driver knows the old reflexes will barely handle 70. All that said, there are still reasons to upgrade software. If it's free, as in the almost-weekly Windows updates, go for it. But make a backup copy of key data first. While some updates of Windows XP Home have improved performance, or at least caused no harm, others have been vivid reminders of the truism "If it ain't broke, don't fix it." Give special consideration to computer security upgrades for browsers, particularly if you have an always-on broadband Internet connection. Other upgrades to consider are those that address things you do all the time, but make them easier. But it's got to be lots easier before it gets worth the potential expense. With the great increase in the availability of digital cameras, for example, photo-editing and printing software has added all sorts of gimmicks and twists, the latest being organization of photos into "albums" that are then burned onto a CD. Which, if you're into that, is great, but everything I need to do with a digital photo is still handled by an ancient copy of Adobe PhotoDeluxe 2.0. Any software upgrade that would require a hardware upgrade to function should generate second, third and fourth thoughts before a purse or wallet is breached. Most of us use our personal computers for Internet access, word processing and family finances, and if those shores are being handled adequately now, hang on to your cash. =~=~=~= Atari Online News, Etc. is a weekly publication covering the entire Atari community. Reprint permission is granted, unless otherwise noted at the beginning of any article, to Atari user groups and not for profit publications only under the following terms: articles must remain unedited and include the issue number and author at the top of each article reprinted. Other reprints granted upon approval of request. Send requests to: dpj@atarinews.org No issue of Atari Online News, Etc. may be included on any commercial media, nor uploaded or transmitted to any commercial online service or internet site, in whole or in part, by any agent or means, without the expressed consent or permission from the Publisher or Editor of Atari Online News, Etc. Opinions presented herein are those of the individual authors and do not necessarily reflect those of the staff, or of the publishers. All material herein is believed to be accurate at the time of publishing.